1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2025-03-13 12:58:20 +03:00

60917 Commits

Author SHA1 Message Date
Luca Boccassi
61f5710d0b packit: remove ukify handling
added in v253
v252.5
2023-01-26 09:12:21 +01:00
Daan De Meyer
4dc37994e2 test-execute: Skip when /sys is read-only
The test depends on /sys being writable, so let's skip it when /sys
is read-only.

(cherry picked from commit 34b5977015a557840988e825ac116a7f09d0be75)
2023-01-26 09:12:21 +01:00
Michael Biebl
9605a45763 test: skip firstboot --prompt-keymap check if keymaps are missing
Fixes: #26165
(cherry picked from commit d173c9ebb07bd08f3814e0c496759e343c3dcbf4)
2023-01-26 09:12:21 +01:00
Frantisek Sumsal
8f84df0da3 partition: fix build with newer linux/btrfs.h uapi header
linux/btrfs.h needs  to be included after sys/mount.h, as since [0]
linux/btrfs.h includes linux/fs.h causing build errors:

```
In file included from /usr/include/linux/fs.h:19,
                 from ../src/basic/linux/btrfs.h:29,
                 from ../src/partition/growfs.c:6:
/usr/include/sys/mount.h:35:3: error: expected identifier before numeric constant
   35 |   MS_RDONLY = 1,                /* Mount read-only.  */
      |   ^~~~~~~~~
[1222/2169] Compiling C object systemd-creds.p/src_creds_creds.c.o
ninja: build stopped: subcommand failed.
```

See: https://github.com/systemd/systemd/issues/8507

[0] a28135303a

(cherry picked from commit ed614f17fc9f3876b2178db949df42a2605f6895)
2023-01-26 09:12:21 +01:00
Frantisek Sumsal
240513ceca basic/linux: update linux uapi headers
IPPROTO_L2TP was moved from linux/l2tp.h to linux/in.h [0], so let's
reflect that change to fix build with newer kernels:

```
In file included from ../src/libsystemd/sd-netlink/netlink-types-genl.c:10:
../src/basic/linux/l2tp.h:16: error: "IPPROTO_L2TP" redefined [-Werror]
   16 | #define IPPROTO_L2TP            115
      |
In file included from ../src/libsystemd/sd-netlink/netlink-types-genl.c:3:
/usr/include/netinet/in.h:85: note: this is the location of the previous definition
   85 | #define IPPROTO_L2TP            IPPROTO_L2TP
      |
cc1: all warnings being treated as errors
```

When at it, update the rest of the headers we ship as well.

[0] 65b32f801b

(cherry picked from commit a95ff98ec40edad2825c824a186f44454120cf1f)
2023-01-26 09:12:21 +01:00
Nick Rosbrook
9b42646b22 test: handle Debian's /etc/default/locale in testsuite-74.firstboot.sh
This handles a Debian-specific quirk where /etc/default/locale is used
instead of /etc/locale.conf. There is currently special handling for
this in testsuite-73.sh, so the quirk should be handled here too for
consistency.

(cherry picked from commit bb59fdc1e3a7119f3680d309147020fce9bf67b5)
2023-01-26 09:12:21 +01:00
Frantisek Sumsal
97ebe90879 test: cover some interactive/error paths in firstboot
(cherry picked from commit dbd8dbdfc1d440c44714edcfa513b697f39f4fed)
2023-01-26 09:12:21 +01:00
Frantisek Sumsal
ddc1898ebd test: re-enable skipped systemd-firstboot --locale-messages= test
Since the original issue should be resolved by #25253.

(cherry picked from commit 59377dbef288bff2e9df1254f9cbccd3c7d726a5)
2023-01-26 09:12:21 +01:00
Nick Rosbrook
07e4787106 test: make sure mount point exists in testsuite-64.sh
(cherry picked from commit 84e5b9225d12f8a1a7d414ef01f97fcd6881c14f)
2023-01-26 09:12:21 +01:00
Callum Farmer
953e5fc093 boot: Use objcopy with arm64
Binutils 2.38 added support for efi-app-aarch64
Still use binary mode if we have an older objcopy
Add check for incompatible gnu-efi crt0 containing the header section
which gets added by objcopy and if used results in duplicate header
and subsequently a broken binary

Signed-off-by: Callum Farmer <gmbr3@opensuse.org>
(cherry picked from commit 9c100c4e709e1a063578cad1b6b3cdbf7de48610)
2023-01-26 09:12:21 +01:00
Zbigniew Jędrzejewski-Szmek
34157bba08 sleep: fix memleak
Those hashmaps are created anew in each iteration of the loop. The
leak wasn't really a problem, because the loop is bounded and the
hashmaps were not huge, but it's nicer to be correct.

(cherry picked from commit de5d8b40eda84cfd546c9d969a191ce4615e6375)
2023-01-26 09:12:21 +01:00
Zbigniew Jędrzejewski-Szmek
224f912cba sleep: reduce double logging and improve messages and comments a bit
read_battery_capacity_percentage() was already logging, but with a slightly
different wording.

More could be done, I just touched the most noticable places. Especially
in debug messages, it is much more useful to be direct about what couldn't
be accessed or parsed, instead of providing "descriptive names" which are
not useful to the user at all, who then needs to read the code to figure out
what was the actual property name.

(cherry picked from commit 099810a65b8d7e7e83098edff144643b77011a85)
2023-01-26 09:12:21 +01:00
Zbigniew Jędrzejewski-Szmek
5c94225d0c sleep: do not abort if we try to query capacity of missing battery
Fixes #25584.

From the issue:
Assertion 'capacity >= 0' failed at src/shared/sleep-config.c:58, function PTR_TO_CAPACITY(). Aborting.

(gdb) bt

The problem is that PTR_TO_CAPACITY(hashmap_get(last_capacity, battery_name))
will abort if it's called with a name not present in the hashmap. We want to
skip the device silently in this case instead.

(cherry picked from commit 7ebbe4a5ce431a2bf03066ec85513c693836550b)
2023-01-26 09:12:21 +01:00
Luca Boccassi
786b7a7208 core: ensure init.scope is realized after drop-ins have been loaded
If we add a drop-in for init.scope (e.g.: to set some memory limit),
it will be loaded long after the cgroup has already been realized.
Do it again when creating the special unit.

(cherry picked from commit 020b2e41ea776cff73392da8084a0725b590d245)
2023-01-26 09:12:21 +01:00
Frantisek Sumsal
c2fef536d5 test: bump the container spawn timeout to 60s
As 30s might be not enough on busy systems (and we already bumped the
reboot timeout from 30s to 60s for this reason).

(cherry picked from commit d932022ddfe021b1c49ffaf4d7dfe4093656f0c5)
2023-01-26 09:12:21 +01:00
Frantisek Sumsal
e4ed752f23 test: bump the client-side timeout in sd-bus as well
Since c78d18215b D-Bus services now have 60s to start, but the client
side (sd-bus) still waits only for 25s before giving up:

```
[  226.196380] testsuite-71.sh[556]: + assert_in 'Static hostname: H' ''
[  226.332965] testsuite-71.sh[576]: + set +ex
[  226.332965] testsuite-71.sh[576]: FAIL: 'Static hostname: H' not found in:
[  228.910782] sh[577]: + systemctl poweroff --no-block
[  232.255584] hostnamectl[565]: Failed to query system properties: Connection timed out
[  236.827514] systemd[1]: end.service: Consumed 2.131s CPU time.
[  237.476969] dbus-daemon[566]: [system] Successfully activated service 'org.freedesktop.hostname1'
[  237.516308] systemd[1]: system-modprobe.slice: Consumed 1.533s CPU time.
[  237.794635] systemd[1]: testsuite-71.service: Main process exited, code=exited, status=1/FAILURE
[  237.818469] systemd[1]: testsuite-71.service: Failed with result 'exit-code'.
[  237.931415] systemd[1]: Failed to start testsuite-71.service.
[  238.000833] systemd[1]: testsuite-71.service: Consumed 5.651s CPU time.
[  238.181030] systemd[1]: Reached target testsuite.target.
```

Let's override the timeout in sd-bus as well to mitigate this.

Follow-up to c78d18215b3e5b0f0896ddb1d0d72c666b5e830b.

(cherry picked from commit e0cbb739113b9e2fbb67b27099430c351f03315c)
2023-01-26 09:12:21 +01:00
Michael Biebl
1c325f6d7f test: fix TEST-73-LOCALE on Debian
Fix incorrection assumption about the Debian patch being buggy and
actually making TEST-73-LOCALE fail on Debian.

```
 # localectl set-locale LANG=C.UTF-8
 # cat /etc/default/locale
 LANG=C.UTF-8
```

(cherry picked from commit a4bc35740a052d0c69269f44d81f350dd7930b69)
2023-01-26 09:12:21 +01:00
Zbigniew Jędrzejewski-Szmek
905705b280 shared/install: rework an assert to appease gcc-13
With the previous form, gcc is confused and thinks that .type might be unset.

Fixes #26118.

(cherry picked from commit 8f5d716a71f1dfe50a2902a3ee3334b83c76d805)
2023-01-26 09:12:21 +01:00
Zbigniew Jędrzejewski-Szmek
9a9c5ca26f shared/install: rework InstallChange to always have .path set
We would set .path in all cases except INSTALL_CHANGE_AUXILIARY_FAILED, where
we would just just .source. This special case is just not worth it, because
we can't easily assert that .path is set. Let's remove this special case to
help the compiler know that .path is actually set.

Avoids a warning with gcc-13.0.1-0.1.fc38.x86_64.

(cherry picked from commit 4a4af850b3551aff9bc39e5af5ccf3b876fc50ed)
2023-01-26 09:12:21 +01:00
Yu Watanabe
728f083257 test-unit-name: fix fd leak
Fixes an issue reported at https://github.com/systemd/systemd/issues/22576#issuecomment-1396774385.

(cherry picked from commit 36f73b6c67afd9c826e612b751ea8f9249da7985)
2023-01-26 09:12:21 +01:00
Yu Watanabe
f6af7a4190 test-ndisc: fix memleak and fd leak
Fixes issues reported at #22576.

(cherry picked from commit 86d82cb8885afaac374225b945b2efc2a013cb7e)
2023-01-26 09:12:21 +01:00
Michal Koutný
80e8340ec4 core: mount namespaces: Remove auxiliary bind mounts directory after unit termination
Unit that requires its own mount namespace creates a temporary directory
to implement dynamic bind mounts (org.freedesktop.systemd1.Manager.BindMountUnit).
However, this directory is never removed and they will accumulate for
each unique unit (e.g. templated units of systemd-coredump@).

Attach the auxiliary runtime directory existence to lifetime of other
"runtime" only per-unit directories.

(cherry picked from commit b9f976fb45635e09cd709dbedd0afb03d4b73c05)
2023-01-26 09:12:21 +01:00
Yu Watanabe
f2d84ca5f1 network: do not enter failed state when received an invalid RA
Fixes the issue reported at https://github.com/systemd/systemd/issues/25891#issuecomment-1368509262.

(cherry picked from commit 5908d864250c7456de4bab169fbcb6cbf85888de)
2023-01-26 09:12:21 +01:00
Yu Watanabe
efc4cbaa7f test-network: reprocess the loopback network interface
Fixes the issue reported at https://github.com/systemd/systemd-centos-ci/pull/585#issuecomment-1385537641.

(cherry picked from commit df0a741cdd7549ca8ceb4a3acf294dd7bf87a2c1)
2023-01-26 09:12:21 +01:00
Frantisek Sumsal
1710948120 test: bump D-Bus service start timeout if we run without accel
The default (25s) doesn't seem to be enough in some cases (especially
in VMs without acceleration), causing spurious timeouts:

[  174.297658] dbus-daemon[647]: [system] Activating via systemd: service name='org.freedesktop.hostname1' unit='dbus-org.freedesktop.hostname1.service' requested by ':1.0' (uid=0 pid=645 comm="hostnamectl " label="kernel")
[  184.202313] systemd[1]: systemd-update-utmp-runlevel.service: Consumed 1.253s CPU time.
[  197.335422] systemd[1]: Started dbus.service.
[  199.211468] testsuite-71.sh[639]: + assert_in 'Static hostname: H' ''
[  199.347192] dbus-daemon[647]: [system] Failed to activate service 'org.freedesktop.hostname1': timed out (service_start_timeout=25000ms)
[  199.394879] testsuite-71.sh[657]: + set +ex
[  199.438918] testsuite-71.sh[657]: FAIL: 'Static hostname: H' not found in:
[  200.966006] systemd-logind[631]: Watching system buttons on /dev/input/event0 (Power Button)
[  201.008178] systemd-logind[631]: Watching system buttons on /dev/input/event1 (AT Translated Set 2 keyboard)
[  201.034106] systemd-logind[631]: New seat seat0.
[  201.238267] sh[658]: + systemctl poweroff --no-block
[  201.329890] systemd[1]: Starting systemd-hostnamed.service...
[  202.156622] systemd[1]: systemd-update-utmp-runlevel.service: Deactivated successfully.
[  204.818913] hostnamectl[645]: Failed to query system properties: Connection timed out
[  205.195583] systemd[1]: testsuite-71.service: Main process exited, code=exited, status=1/FAILURE
[  205.227237] systemd[1]: testsuite-71.service: Failed with result 'exit-code'.
[  205.712780] systemd[1]: Failed to start testsuite-71.service.

(cherry picked from commit c78d18215b3e5b0f0896ddb1d0d72c666b5e830b)
2023-01-26 09:12:21 +01:00
Yu Watanabe
a674a398e7 sd-dhcp-client: gracefully handle invalid ether type client ID
Currently, sd-dhcp-server accepts spurious client IDs, then the leases
exposed by networkd may be invalid. Let's make networkctl gracefully
show such leases.

Fixes #25984.

(cherry picked from commit 841dfd3dc0dd370a21f190a5b7b870db1c95f7e6)
2023-01-26 09:12:21 +01:00
Yu Watanabe
b10b9770d5 network: fix memleak
Fixes a bug introduced by af2aea8bb64b0dc42ecbe5549216eb567681a803.

Fixes #25883 and #25891.

(cherry picked from commit 303dfa73b389e8f6dc58954e867c21724c1446f7)
2023-01-26 09:12:21 +01:00
David Tardon
25e30725d7 mount: handle bind mount of file with non-existing target
When the target (Where=) of a mount does not exist, systemd tries to
create it. But previously, it'd always been created as a directory. That
doesn't work if one wants to bind-mount a file to a target that doesn't
exist.

Fixes: #17184
(cherry picked from commit 218cfe23354397ded28ac898f82b52724f48dae7)
2023-01-26 09:12:21 +01:00
Alberto Planas
78ffc39f9e creds-util: merge the TPM2 detection for initrd
This patch merge the TPM2 detection paths when we are inside and outside
an initrd.

Signed-off-by: Alberto Planas <aplanas@suse.com>
(cherry picked from commit e37dfcec528b43e203d198f978f9eaa87787c762)
2023-01-26 09:12:21 +01:00
Alberto Planas
4f420958f9 creds-util: do not try TPM2 if there is not support
During the credentials encryption, if systemd it is compiled with TPM2
support, it will try to use it depending on the key flags passed.

The current code only checks if the system has a functional TPM2 if the
case of the INITRD flag.

This patch do a similar check in the case that it is outside initrd (but
still automatic).

Signed-off-by: Alberto Planas <aplanas@suse.com>
(cherry picked from commit e653a194e490fae7d166f40762c334006d592051)
2023-01-26 09:12:21 +01:00
Alberto Planas
432ec5a654 creds-util: check for CAP_DAC_READ_SEARCH
In make_credential_host_secret, the credential.secret file is generated
first as a temporary anonymous file that is later instantiated with
linkat(2).  This system call requires CAP_DAC_READ_SEARCH capability
when the flag AT_EMPTY_PATH is used.

This patch check if the capability is effective, and if not uses the
alternative codepath for creating named temporary files.

Non-root users can now create per-user credentials with:

  export SYSTEMD_CREDENTIAL_SECRET=$HOME/.config/systemd/credential.secret
  systemd-creds setup

Signed-off-by: Alberto Planas <aplanas@suse.com>
(cherry picked from commit 1615578f2792fdeecaf65606861bd3db9eb949c3)
2023-01-26 09:12:21 +01:00
Mike Yuan
49804cfb71 gpt-auto: harden ESP/XBOOTLDR mounts with "noexec,nosuid,nodev"
When these partitions are probed by gpt-auto,
they will always be hardened with such options.

See also: https://github.com/systemd/systemd/issues/25776#issuecomment-1364115711

Closes #25776

(cherry picked from commit d708293d436516823e0e4bfb02c54365820fd8c6)
2023-01-26 09:12:21 +01:00
Yu Watanabe
89e86ad8df busctl: fix introspecting DBus properties
Follow-up for f2f7785d7a47ffa48ac929648794e1288509ddd8.

Fixes #26033.

(cherry picked from commit 2cbb171d20a07ec0a25296f167b0385de102d74e)
2023-01-26 09:12:21 +01:00
Frantisek Sumsal
4ac9f178ea test: explicitly create the /etc/init.d directory
On RHEL/CentOS/Fedora this directory is provided by the chkconfig or
initscripts package, which might not be installed:

testsuite-26.sh[1225]: + [[ -x /usr/lib/systemd/system-generators/systemd-sysv-generator ]]
testsuite-26.sh[1225]: + cat
testsuite-26.sh[2330]: /usr/lib/systemd/tests/testdata/units/testsuite-26.sh: line 299: /etc/init.d/issue-24990: No such file or directory

Follow-up to 5f882cc3ab32636d9242effb2cefad20d92d2ec2.

(cherry picked from commit 7fcf0fab078ed92a4f6c3c3658c0a9dfd67c9601)
2023-01-26 09:12:21 +01:00
Yu Watanabe
33e6d13381 network/l2tp: parse address or address type from correct string
Fixes a bug introduced by 8b49ee2dcda04f8147650f7d9fb93662caf3ea2e.

Fixes #26011.

(cherry picked from commit bf4a5ac804d85a1e8df8226e8595219aa6fdafae)
2023-01-26 09:12:21 +01:00
Yu Watanabe
b215afc58d network/l2tp: fix error code in log message
(cherry picked from commit 4da53043a618b557f3c0c8ccef81c537c4ad1e18)
2023-01-26 09:12:21 +01:00
Frantisek Sumsal
14f573175a import: use CURLOPT_PROTOCOLS_STR with libcurl >= 7.85.0
CURLOPT_PROTOCOLS [0] was deprecated in libcurl 7.85.0 with
CURLOPT_PROTOCOLS_STR [1] as a replacement, causing build warnings/errors:

../build/src/import/curl-util.c: In function ‘curl_glue_make’:
../build/src/import/curl-util.c:255:9: error: ‘CURLOPT_PROTOCOLS’ is deprecated: since 7.85.0. Use CURLOPT_PROTOCOLS_STR [-Werror=deprecated-declarations]
  255 |         if (curl_easy_setopt(c, CURLOPT_PROTOCOLS, CURLPROTO_HTTP|CURLPROTO_HTTPS|CURLPROTO_FILE) != CURLE_OK)
      |         ^~
In file included from ../build/src/import/curl-util.h:4,
                 from ../build/src/import/curl-util.c:6:
/usr/include/curl/curl.h:1749:3: note: declared here
 1749 |   CURLOPTDEPRECATED(CURLOPT_PROTOCOLS, CURLOPTTYPE_LONG, 181,
      |   ^~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors

Since there's no grace period between the two symbols, let's resort
to a light if-def-ery to resolve this.

[0] https://curl.se/libcurl/c/CURLOPT_PROTOCOLS.html
[1] https://curl.se/libcurl/c/CURLOPT_PROTOCOLS_STR.html

(cherry picked from commit e61a4c0b7c79eabbe4eb50ff2e663734fde769f0)
2023-01-26 09:12:21 +01:00
Frantisek Sumsal
4ab37502b3 import: use CURLINFO_SCHEME instead of CURLINFO_PROTOCOL
CURLINFO_PROTOCOL has been deprecated in curl 7.85.0 causing compilation
warnings/errors:

../build/src/import/pull-job.c: In function ‘pull_job_curl_on_finished’:
../build/src/import/pull-job.c:142:9: error: ‘CURLINFO_PROTOCOL’ is deprecated: since 7.85.0. Use CURLINFO_SCHEME [-Werror=deprecated-declarations]
  142 |         code = curl_easy_getinfo(curl, CURLINFO_PROTOCOL, &protocol);
      |         ^~~~
In file included from ../build/src/import/curl-util.h:4,
                 from ../build/src/import/pull-job.h:6,
                 from ../build/src/import/pull-common.h:7,
                 from ../build/src/import/pull-job.c:16:
/usr/include/curl/curl.h:2896:3: note: declared here
 2896 |   CURLINFO_PROTOCOL    CURL_DEPRECATED(7.85.0, "Use CURLINFO_SCHEME")
      |   ^~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors

Since both CURLINFO_SCHEME and CURLINFO_PROTOCOL were introduced in
the same curl version (7.52.0 [0][1]) we don't have to worry about
backwards compatibility.

[0] https://curl.se/libcurl/c/CURLINFO_SCHEME.html
[1] https://curl.se/libcurl/c/CURLINFO_PROTOCOL.html

(cherry picked from commit 2285c462ebb0b5d9a7043719a4f0d684a5dc37c2)
2023-01-26 09:12:21 +01:00
Lennart Poettering
4dabf90526 nspawn: guard acl_free() with a NULL check
Inspired by #25957 there's one other place where we don't guard
acl_free() calls with a NULL check.

Fix that.

(cherry picked from commit 34680637e838415204850f77c93ca6ca219abaf1)
2023-01-26 09:12:21 +01:00
Sam James
a11a949c43 tmpfiles: avoid null free() for acl attributes
When built with ACL support, we might be processing a tmpfiles
entry where there's no cause for us to call parse_acls_from_arg,
then we get to the end of parse_line without having ever populated
i.{acl_access, acl_default}.

Then we pass a null pointer into acl_free().

From UBSAN w/ GCC 13.0.0_pre20230101:
```
$ systemd-tmpfiles --clean
/var/tmp/portage/sys-apps/acl-2.3.1-r1/work/acl-2.3.1/libacl/acl_free.c:44:14: runtime error: applying non-zero offset 18446744073709551608 to null pointer
    #0 0x7f65d868b482 in acl_free /var/tmp/portage/sys-apps/acl-2.3.1-r1/work/acl-2.3.1/libacl/acl_free.c:44
    #1 0x55fe7e592249 in item_free_contents ../systemd-9999/src/tmpfiles/tmpfiles.c:2855
    #2 0x55fe7e5a347a in parse_line ../systemd-9999/src/tmpfiles/tmpfiles.c:3158
    #3 0x55fe7e5a347a in read_config_file ../systemd-9999/src/tmpfiles/tmpfiles.c:3897
    #4 0x55fe7e590c61 in read_config_files ../systemd-9999/src/tmpfiles/tmpfiles.c:3985
    #5 0x55fe7e590c61 in run ../systemd-9999/src/tmpfiles/tmpfiles.c:4157
    #6 0x55fe7e590c61 in main ../systemd-9999/src/tmpfiles/tmpfiles.c:4218
    #7 0x7f65d7ebe289  (/usr/lib64/libc.so.6+0x23289)
    #8 0x7f65d7ebe344 in __libc_start_main (/usr/lib64/libc.so.6+0x23344)
    #9 0x55fe7e591900 in _start (/usr/bin/systemd-tmpfiles+0x11900)
```

(cherry picked from commit 9f804ab04d566ff745849e1c4ced680a0447cf76)
2023-01-26 09:12:21 +01:00
Lennart Poettering
9769d84fe5 sd-event: don't mistake USEC_INFINITY passed in for overflow
Let's pass USEC_INFINITY from sd_event_source_set_time_relative() to
sd_event_source_set_time() instead of raising EOVERFLOW.

We should raise EOVERFLOW only if your addition fails, but not if the
input already is USEC_INFINITY, since it's an entirely valid operation
to have an infinite time-out, and we should support that.

(cherry picked from commit ef8591951aefccb668201f24aa481aa6cda834da)
2023-01-26 09:12:21 +01:00
Jan Janssen
295bb34f9a bootctl: Fix NULL pointer dereference
Fixes: #25952
(cherry picked from commit 6e689dc6eedea558df3d98da4477d58432d2d29c)
2023-01-26 09:12:21 +01:00
Lennart Poettering
a0532ffd2f resolved: disable SO_BINDTOIFINDEX hack for localhost IP addresses
Fixes: #23010
(cherry picked from commit 5f9041afec65ce88c8b2a2ca3f6d14802ac01a56)
2023-01-26 09:12:21 +01:00
Ludwig Nussel
8ec0142c13 kernel-install: run depmod only if writeable
(cherry picked from commit dd003f1621967f114a6a808bb1f729386dc3a154)
2023-01-26 09:12:21 +01:00
Benjamin Tissoires
e52b71dd0c virt: fix container detection
Commit 1b86c7c59ecc ("virt: make virtualization enum a named type")
made the conversion from `if (!r)` to `if (v != VIRTUALIZATION_NONE)`.

However, the initial test was meaning "if r is null", IOW "if r IS
`VIRTUALIZATION_NONE`).

The test is wrong and this can lead to false detection of the container
environment (when calling `systemctl exit`).

For example, https://gitlab.freedesktop.org/whot/libevdev/-/jobs/34207974
is calling `systemctl exit 0`, and systemd terminates with the exit code
`130`.

Fixing that typo makes `systemctl exit 0` returns `0`.

Fixes: 1b86c7c59ecc26efdf278f5c1c4430346021cd38.
(cherry picked from commit a91078bc57950c9b0c19fd25fb2e802409695304)
2023-01-26 09:12:21 +01:00
Lennart Poettering
c01cdcfb8a resolvectl: remove duplicate ':' from output
The second argument to dump_list() actually ends up in a TABLE_FIELD
cell now, where we implicitly append a ":". Hence drop it from the
strings.

Follow-up for: 37a50123fac050c7ccde4afcf3f37ee77aad012c

(cherry picked from commit ef503f1cec53f654780591adee6e3e223b575f56)
2023-01-26 09:12:21 +01:00
Lennart Poettering
c2deca7e17 efi: skip Read() calls with zero sizes
Let's avoid calling Read() with zero-sized buffer, to avoid needless firmware
quirkiness.

See: #25911
(cherry picked from commit fd1fec534e70891c1fe49779221d93236d8c5ac2)
2023-01-26 09:12:21 +01:00
Lennart Poettering
a3ceaf0f1d resolved: downgrade inability to send varlink reply error message
Previously, if a client disconnected after sending a lookup request but
before waiting for the reply we'd log at LOG_ERR level. That's
confusing, since it's entirely OK for the client to lose interest.

Hence, let's downgrade to debug level.

Fixes: #25892
(cherry picked from commit 40557509be084f27d48bc5fc51286a664b96942e)
2023-01-26 09:12:21 +01:00
Jan Janssen
7374efb0ac Revert "boot: Use EFI_BOOT_MANAGER_POLICY_PROTOCOL to connect console devices"
This reverts commit b99bf5811850afdb2502ba37251c48348da63c82.

It seems that using this protocol on some firmwares to forcibly
initialize console devices may break handles (already opened file
handles and the device handle itself) that we rely on to access the
boot filesystem, making it impossible to load the selected entry.

It might be possible to get a new handle by querying for the device
handle by using its device path after calling into this protocol, but
this is untested. The firmware might also be so buggy that accessing
devices after using this protocol is impossible.

It seems prudent to revert this for now until some reliable way is found
to initialize console devices without introducing huge boot delays. Any
users on firmware where console devices cannot be accessed would have to
rely on disabling fastboot.

Fixes: #25737, #25846
(cherry picked from commit f151abb0e5fa4f820109eb0541bfdcba319d2b92)
2023-01-26 09:12:21 +01:00
Cristian Rodríguez
e78a1489a8 libsystemd-network: FTBS in c2x mode
cannot pass false as argument because function wants a pointer to bool
instead, use NULL instead

(cherry picked from commit 2cc697d7400446a7ea823bc38061501cd85b046a)
2023-01-26 09:12:21 +01:00