mirror of
https://github.com/systemd/systemd.git
synced 2024-12-22 17:35:35 +03:00
Merge pull request #15520 from mrc0mmand/various-codebase-improvements
tree-wide: various codebase improvements
This commit is contained in:
commit
2807b68019
6
NEWS
6
NEWS
@ -995,7 +995,7 @@ CHANGES WITH 243:
|
||||
space if there are multiple devices with the highest priority.
|
||||
|
||||
* /etc/crypttab support has learnt a new keyfile-timeout= per-device
|
||||
option that permits selecting the timout how long to wait for a
|
||||
option that permits selecting the timeout how long to wait for a
|
||||
device with an encryption key before asking for the password.
|
||||
|
||||
* IOWeight= has learnt to properly set the IO weight when using the
|
||||
@ -3520,7 +3520,7 @@ CHANGES WITH 233:
|
||||
that is removed when the container dies. Specifically, if the source
|
||||
directory is specified as empty string this mechanism is selected. An
|
||||
example usage is --overlay=+/var::/var, which creates an overlay
|
||||
mount based on the original /var contained in the image, overlayed
|
||||
mount based on the original /var contained in the image, overlaid
|
||||
with a temporary directory in the host's /var/tmp. This way changes
|
||||
to /var are automatically flushed when the container shuts down.
|
||||
|
||||
@ -6507,7 +6507,7 @@ CHANGES WITH 217:
|
||||
* Calendar time specifications in .timer units now also
|
||||
understand the strings "semi-annually", "quarterly" and
|
||||
"minutely" as shortcuts (in addition to the preexisting
|
||||
"anually", "hourly", ...).
|
||||
"annually", "hourly", ...).
|
||||
|
||||
* systemd-tmpfiles will now correctly create files in /dev
|
||||
at boot which are marked for creation only at boot. It is
|
||||
|
10
TODO
10
TODO
@ -43,7 +43,7 @@ Features:
|
||||
* systemd-gpt-auto should probably set x-systemd.growfs on the mounts it
|
||||
creates
|
||||
|
||||
* homed/userdb: distuingish passwords and recovery keys in the records, since
|
||||
* homed/userdb: distinguish passwords and recovery keys in the records, since
|
||||
we probably want to use different PBKDF algorithms/settings for them:
|
||||
passwords have low entropy but recovery keys should have good entropy key
|
||||
hence we can make them quicker to work.
|
||||
@ -66,7 +66,7 @@ Features:
|
||||
systemd-makefs.service instead.
|
||||
|
||||
* socket units: allow creating a udev monitor socket with ListenDevices= or so,
|
||||
with matches, then actviate app thorugh that passing socket oveer
|
||||
with matches, then activate app through that passing socket over
|
||||
|
||||
* unify on openssl:
|
||||
- port sd_id128_get_machine_app_specific() over from khash
|
||||
@ -90,11 +90,11 @@ Features:
|
||||
that the device paths stay the same, regardless if crypto is used or not.
|
||||
|
||||
* systemd-repart: by default generate minimized partition tables (i.e. tables
|
||||
that only covere the space actually used, excluding any free space at the
|
||||
that only cover the space actually used, excluding any free space at the
|
||||
end), in order to maximize dd'ability. Requires libfdisk work, see
|
||||
https://github.com/karelzak/util-linux/issues/907
|
||||
|
||||
* systemd-repart: optionally, allow specifiying a path to initialize new
|
||||
* systemd-repart: optionally, allow specifying a path to initialize new
|
||||
partitions from, i.e. an fs image file or a source device node. This would
|
||||
then turn systemd-repart into a simple installer: with a few .repart files
|
||||
you could replicate the host system on another device. a full installer would
|
||||
@ -230,7 +230,7 @@ Features:
|
||||
systemd --user is shut down.
|
||||
- logind: maybe keep a "busy fd" as long as there's a non-released session around or the user@.service
|
||||
- maybe make automatic, read-only, time-based reflink-copies of LUKS disk images (think: time machine)
|
||||
- distuingish destroy / remove (i.e. currently we can unregister a user, unregister+remove their home directory, but not just remove their home directory)
|
||||
- distinguish destroy / remove (i.e. currently we can unregister a user, unregister+remove their home directory, but not just remove their home directory)
|
||||
- in systemd's PAMName= logic: query passwords with ssh-askpassword, so that we can make "loginctl set-linger" mode work
|
||||
- fingerprint authentication, pattern authentication, …
|
||||
- make sure "classic" user records can also be managed by homed
|
||||
|
@ -1,6 +1,18 @@
|
||||
@@
|
||||
/* Avoid running this transformation on the strempty function itself */
|
||||
position p : script:python() { p[0].current_element != "strempty" };
|
||||
/* Avoid running this transformation on the strempty function itself and
|
||||
* on the "make_expression" macro in src/libsystemd/sd-bus/bus-convenience.c.
|
||||
* As Coccinelle's Location object doesn't support macro "detection", use
|
||||
* a pretty horrifying combo of specifying a file and a special "something_else"
|
||||
* position element, which is, apparently, the default value of
|
||||
* "current_element" before it's set (according to the source code), thus
|
||||
* matching any "top level" position, including macros. Let's hope we never
|
||||
* introduce a function called "something_else"...
|
||||
*/
|
||||
position p : script:python() {
|
||||
not (p[0].current_element == "strempty" or
|
||||
(p[0].file == "src/libsystemd/sd-bus/bus-convenience.c" and
|
||||
p[0].current_element == "something_else"))
|
||||
};
|
||||
expression s;
|
||||
@@
|
||||
(
|
||||
|
@ -95,7 +95,7 @@ Note that the `$BOOT` partition is not supposed to be exclusive territory of
|
||||
this specification. This specification only defines semantics of the `/loader/`
|
||||
directory inside the file system (see below), but it doesn't intend to define
|
||||
ownership of the whole file system exclusively. Boot loaders, firmware, and
|
||||
other software implementating this specification may choose to place other
|
||||
other software implementing this specification may choose to place other
|
||||
files and directories in the same file system. For example, boot loaders that
|
||||
implement this specification might install their own boot code into the `$BOOT`
|
||||
partition. On systems where `$BOOT` is the ESP this is a particularly common
|
||||
|
@ -39,7 +39,7 @@ The purpose of this grouping is to assign different priorities to the
|
||||
applications.
|
||||
This could e.g. mean reserving memory to session processes,
|
||||
preferentially killing background tasks in out-of-memory situations
|
||||
or assinging different memory/CPU/IO priorities to ensure that the session
|
||||
or assigning different memory/CPU/IO priorities to ensure that the session
|
||||
runs smoothly under load.
|
||||
|
||||
TODO: Will there be a default to place units into e.g. `apps.slice` by default
|
||||
|
@ -147,7 +147,7 @@ directory-based storage mechanisms (`directory`, `subvolume` and `fscrypt`)
|
||||
this is a bind mount, in case of `cifs` this is a CIFS network mount, and in
|
||||
case of the LUKS2 backend a regular block device mount of the file system
|
||||
contained in the LUKS2 image. By requiring a mount for all cases (even for
|
||||
those that already are a directory) a clear logic is defined to distuingish
|
||||
those that already are a directory) a clear logic is defined to distinguish
|
||||
active and inactive home directories, so that the directories become
|
||||
inaccessible under their regular path the instant they are
|
||||
deactivated. Moreover, the `nosuid`, `nodev` and `noexec` flags configured in
|
||||
|
@ -95,7 +95,7 @@ services are listening there, that have special relevance:
|
||||
2. `io.systemd.Multiplexer` → This service multiplexes client queries to all
|
||||
other running services. It's supposed to simplify client development: in
|
||||
order to look up or enumerate user/group records it's sufficient to talk to
|
||||
one service instead of all of them in parallel. Note that it is not availabe
|
||||
one service instead of all of them in parallel. Note that it is not available
|
||||
during earliest boot and final shutdown phases, hence for programs running
|
||||
in that context it is preferable to implement the parallel lookup
|
||||
themselves.
|
||||
|
@ -157,7 +157,7 @@ it creates ambiguity in traditional `chown` syntax (which is still accepted
|
||||
today) that uses it to separate user and group names in the command's
|
||||
parameter: without consulting the user/group databases it is not possible to
|
||||
determine if a `chown` invocation would change just the owning user or both the
|
||||
owning user and group. It also allows embeddeding `@` (which is confusing to
|
||||
owning user and group. It also allows embedding `@` (which is confusing to
|
||||
MTAs).
|
||||
|
||||
## Common Core
|
||||
|
@ -170,7 +170,7 @@ emergency.service | | |
|
||||
user units. For non-graphical sessions, <filename>default.target</filename> is used. Whenever the user
|
||||
logs into a graphical session, the login manager will start the
|
||||
<filename>graphical-session.target</filename> target that is used to pull in units required for the
|
||||
grahpical session. A number of targets (shown on the right side) are started when specific hardware is
|
||||
graphical session. A number of targets (shown on the right side) are started when specific hardware is
|
||||
available to the user.</para>
|
||||
|
||||
<programlisting>
|
||||
|
@ -50,7 +50,7 @@
|
||||
<listitem><para>An individual LUKS2 encrypted loopback file for a user, stored in
|
||||
<filename>/home/*.home</filename>. At login the file system contained in this files is mounted, after
|
||||
the LUKS2 encrypted volume has been attached. The user's password is identical to the encryption
|
||||
passphrase of the LUKS2 volume. Access to data without preceeding user authentication is thus not
|
||||
passphrase of the LUKS2 volume. Access to data without preceding user authentication is thus not
|
||||
possible, even for the system administrator. This storage mechanism provides the strongest data
|
||||
security and is thus recommended.</para></listitem>
|
||||
|
||||
@ -267,7 +267,7 @@
|
||||
matching the user in name and numeric UID/GID. Thus any groups listed here must be registered
|
||||
independently, for example with <citerefentry
|
||||
project='man-pages'><refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum></citerefentry>. If
|
||||
non-existant groups that are listed there are ignored. This option may be used more than once, in
|
||||
non-existent groups that are listed there are ignored. This option may be used more than once, in
|
||||
which case all specified group lists are combined.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
@ -467,7 +467,7 @@
|
||||
project='man-pages'><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></citerefentry> or a
|
||||
similar tool. Use <option>--rlimit=LIMIT_NPROC=</option> to place a limit on the tasks actually
|
||||
running under the UID of the user, thus excluding any child processes that might have changed user
|
||||
identity. This controls the <varname>TasksMax=</varname> settting of the per-user systemd slice unit
|
||||
identity. This controls the <varname>TasksMax=</varname> setting of the per-user systemd slice unit
|
||||
<filename>user-$UID.slice</filename>. See
|
||||
<citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>
|
||||
for further details.</para></listitem>
|
||||
@ -707,7 +707,7 @@
|
||||
<varlistentry>
|
||||
<term><command>passwd</command> <replaceable>USER</replaceable></term>
|
||||
|
||||
<listitem><para>Change the password of the specified home direcory/user account.</para></listitem>
|
||||
<listitem><para>Change the password of the specified home directory/user account.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
|
@ -631,7 +631,7 @@
|
||||
<varlistentry>
|
||||
<term><option>--case-sensitive<optional>=BOOLEAN</optional></option></term>
|
||||
|
||||
<listitem><para>Make pattern matching case sensitive or case insenstive.</para>
|
||||
<listitem><para>Make pattern matching case sensitive or case insensitive.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
|
@ -70,7 +70,7 @@
|
||||
|
||||
<para>Turning this option on by default is highly recommended for all sessions, but only if the
|
||||
service managing these sessions correctly implements the aforementioned re-authentication. Note that
|
||||
the re-authentication must take place from a component runing outside of the user's context, so that
|
||||
the re-authentication must take place from a component running outside of the user's context, so that
|
||||
it does not require access to the user's home directory for operation. Traditionally, most desktop
|
||||
environments do not implement screen locking this way, and need to be updated
|
||||
accordingly.</para></listitem>
|
||||
|
@ -194,7 +194,7 @@
|
||||
|
||||
<listitem><para>When set to <literal>1</literal>, this device automatically
|
||||
generates a new and independent seat, which is named after the path of the
|
||||
device. This is set for specialized USB hubs like the Plugable devices, which when
|
||||
device. This is set for specialized USB hubs like the Pluggable devices, which when
|
||||
plugged in should create a hotplug seat without further configuration.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
@ -50,7 +50,7 @@
|
||||
<refsect1>
|
||||
<title>Return Value</title>
|
||||
|
||||
<para>On success, theis functions return 0 or a positive integer. On failure, it returns a
|
||||
<para>On success, this functions return 0 or a positive integer. On failure, it returns a
|
||||
negative errno-style error code.</para>
|
||||
|
||||
<refsect2>
|
||||
|
@ -86,7 +86,7 @@
|
||||
|
||||
<para>The <function>SD_HWDB_FOREACH_PROPERTY</function> macro combines
|
||||
<function>sd_hwdb_seek()</function> and <function>sd_hwdb_enumerate()</function>. No error handling is
|
||||
performed and interation simply stops on error. See the example below.</para>
|
||||
performed and iteration simply stops on error. See the example below.</para>
|
||||
</refsect1>
|
||||
|
||||
<refsect1>
|
||||
|
@ -66,7 +66,7 @@
|
||||
file. This function caches the machine ID internally to make retrieving the machine ID a cheap operation. This ID
|
||||
may be used wherever a unique identifier for the local system is needed. However, it is recommended to use this ID
|
||||
as-is only in trusted environments. In untrusted environments it is recommended to derive an application specific
|
||||
ID from this machine ID, in an irreversable (cryptographically secure) way. To make this easy
|
||||
ID from this machine ID, in an irreversible (cryptographically secure) way. To make this easy
|
||||
<function>sd_id128_get_machine_app_specific()</function> is provided, see below.</para>
|
||||
|
||||
<para><function>sd_id128_get_machine_app_specific()</function> is similar to
|
||||
|
@ -1634,7 +1634,7 @@ RestrictNamespaces=~cgroup net</programlisting>
|
||||
points of the file system namespace created for each process of this unit. Other file system namespacing unit
|
||||
settings (see the discussion in <varname>PrivateMounts=</varname> above) will implicitly disable mount and
|
||||
unmount propagation from the unit's processes towards the host by changing the propagation setting of all mount
|
||||
points in the unit's file system namepace to <option>slave</option> first. Setting this option to
|
||||
points in the unit's file system namespace to <option>slave</option> first. Setting this option to
|
||||
<option>shared</option> does not reestablish propagation in that case.</para>
|
||||
|
||||
<para>If not set – but file system namespaces are enabled through another file system namespace unit setting –
|
||||
|
@ -622,7 +622,7 @@
|
||||
trigger the start of the DHCPv6 client if the relevant flags are set in the RA data, or if no
|
||||
routers are found on the link. The default is to disable RA reception for bridge devices or when IP
|
||||
forwarding is enabled, and to enable it otherwise. Cannot be enabled on bond devices and when link
|
||||
local adressing is disabled.</para>
|
||||
local addressing is disabled.</para>
|
||||
|
||||
<para>Further settings for the IPv6 RA support may be configured in the
|
||||
<literal>[IPv6AcceptRA]</literal> section, see below.</para>
|
||||
@ -1625,7 +1625,7 @@
|
||||
<varlistentry>
|
||||
<term><varname>SendDecline=</varname></term>
|
||||
<listitem>
|
||||
<para>A boolen. When <literal>true</literal>, DHCPv4 clients receives IP address from DHCP server.
|
||||
<para>A boolean. When <literal>true</literal>, DHCPv4 clients receives IP address from DHCP server.
|
||||
After new IP is received, DHCPv4 performs IPv4 Duplicate Address Detection. If duplicate use of IP is detected
|
||||
the DHCPv4 client rejects the IP by sending a DHCPDECLINE packet DHCP clients try to obtain an IP address again.
|
||||
See <ulink url="https://tools.ietf.org/html/rfc5227">RFC 5224</ulink>.
|
||||
|
@ -199,7 +199,7 @@
|
||||
option is used without <varname>RemainAfterExit=</varname> the service will never enter
|
||||
<literal>active</literal> unit state, but directly transition from <literal>activating</literal>
|
||||
to <literal>deactivating</literal> or <literal>dead</literal> since no process is configured that
|
||||
shall run continously. In particular this means that after a service of this type ran (and which
|
||||
shall run continuously. In particular this means that after a service of this type ran (and which
|
||||
has <varname>RemainAfterExit=</varname> not set) it will not show up as started afterwards, but
|
||||
as dead.</para></listitem>
|
||||
|
||||
@ -568,7 +568,7 @@
|
||||
|
||||
<para>If a service of <varname>Type=notify</varname> sends <literal>EXTEND_TIMEOUT_USEC=…</literal>, this may cause
|
||||
the start time to be extended beyond <varname>TimeoutStartSec=</varname>. The first receipt of this message
|
||||
must occur before <varname>TimeoutStartSec=</varname> is exceeded, and once the start time has exended beyond
|
||||
must occur before <varname>TimeoutStartSec=</varname> is exceeded, and once the start time has extended beyond
|
||||
<varname>TimeoutStartSec=</varname>, the service manager will allow the service to continue to start, provided
|
||||
the service repeats <literal>EXTEND_TIMEOUT_USEC=…</literal> within the interval specified until the service
|
||||
startup status is finished by <literal>READY=1</literal>. (see
|
||||
@ -595,7 +595,7 @@
|
||||
|
||||
<para>If a service of <varname>Type=notify</varname> sends <literal>EXTEND_TIMEOUT_USEC=…</literal>, this may cause
|
||||
the stop time to be extended beyond <varname>TimeoutStopSec=</varname>. The first receipt of this message
|
||||
must occur before <varname>TimeoutStopSec=</varname> is exceeded, and once the stop time has exended beyond
|
||||
must occur before <varname>TimeoutStopSec=</varname> is exceeded, and once the stop time has extended beyond
|
||||
<varname>TimeoutStopSec=</varname>, the service manager will allow the service to continue to stop, provided
|
||||
the service repeats <literal>EXTEND_TIMEOUT_USEC=…</literal> within the interval specified, or terminates itself
|
||||
(see <citerefentry><refentrytitle>sd_notify</refentrytitle><manvolnum>3</manvolnum></citerefentry>).
|
||||
@ -624,7 +624,7 @@
|
||||
<para>If a service of <varname>Type=notify</varname> handles <constant>SIGABRT</constant> itself (instead of relying
|
||||
on the kernel to write a core dump) it can send <literal>EXTEND_TIMEOUT_USEC=…</literal> to
|
||||
extended the abort time beyond <varname>TimeoutAbortSec=</varname>. The first receipt of this message
|
||||
must occur before <varname>TimeoutAbortSec=</varname> is exceeded, and once the abort time has exended beyond
|
||||
must occur before <varname>TimeoutAbortSec=</varname> is exceeded, and once the abort time has extended beyond
|
||||
<varname>TimeoutAbortSec=</varname>, the service manager will allow the service to continue to abort, provided
|
||||
the service repeats <literal>EXTEND_TIMEOUT_USEC=…</literal> within the interval specified, or terminates itself
|
||||
(see <citerefentry><refentrytitle>sd_notify</refentrytitle><manvolnum>3</manvolnum></citerefentry>).
|
||||
@ -650,7 +650,7 @@
|
||||
|
||||
<para>If a service of <varname>Type=notify</varname> sends <literal>EXTEND_TIMEOUT_USEC=…</literal>, this may cause
|
||||
the runtime to be extended beyond <varname>RuntimeMaxSec=</varname>. The first receipt of this message
|
||||
must occur before <varname>RuntimeMaxSec=</varname> is exceeded, and once the runtime has exended beyond
|
||||
must occur before <varname>RuntimeMaxSec=</varname> is exceeded, and once the runtime has extended beyond
|
||||
<varname>RuntimeMaxSec=</varname>, the service manager will allow the service to continue to run, provided
|
||||
the service repeats <literal>EXTEND_TIMEOUT_USEC=…</literal> within the interval specified until the service
|
||||
shutdown is achieved by <literal>STOPPING=1</literal> (or termination). (see
|
||||
|
@ -1,4 +1,4 @@
|
||||
# Make sure noone can read the files we generate but us
|
||||
# Make sure no one can read the files we generate but us
|
||||
umask 077
|
||||
|
||||
# Destroy any old key on the Yubikey (careful!)
|
||||
@ -40,7 +40,7 @@ shred -u plaintext.bin plaintext.base64
|
||||
rm pubkey.pem
|
||||
|
||||
# Test: Let's run systemd-cryptsetup to test if this all worked. The option string should contain the full
|
||||
# PKCS#11 URI we have in the clipboard, it tells the tool how to decypher the encrypted LUKS key.
|
||||
# PKCS#11 URI we have in the clipboard, it tells the tool how to decipher the encrypted LUKS key.
|
||||
sudo systemd-cryptsetup attach mytest /dev/sdXn /etc/encrypted-luks-key.bin 'pkcs11-uri=pkcs11:…'
|
||||
|
||||
# If that worked, let's now add the same line persistently to /etc/crypttab, for the future.
|
||||
|
@ -1201,7 +1201,7 @@ static VOID config_entry_parse_tries(
|
||||
}
|
||||
|
||||
new_factor = factor * 10;
|
||||
if (new_factor < factor) /* overflow chck */
|
||||
if (new_factor < factor) /* overflow check */
|
||||
return;
|
||||
|
||||
factor = new_factor;
|
||||
|
@ -1061,7 +1061,7 @@ int bus_foreach_bus(
|
||||
/* Send to all direct buses, unconditionally */
|
||||
SET_FOREACH(b, m->private_buses, i) {
|
||||
|
||||
/* Don't bother with enqueing these messages to clients that haven't started yet */
|
||||
/* Don't bother with enqueuing these messages to clients that haven't started yet */
|
||||
if (sd_bus_is_ready(b) <= 0)
|
||||
continue;
|
||||
|
||||
|
@ -2566,7 +2566,7 @@ static bool insist_on_sandboxing(
|
||||
assert(n_bind_mounts == 0 || bind_mounts);
|
||||
|
||||
/* Checks whether we need to insist on fs namespacing. i.e. whether we have settings configured that
|
||||
* would alter the view on the file system beyond making things read-only or invisble, i.e. would
|
||||
* would alter the view on the file system beyond making things read-only or invisible, i.e. would
|
||||
* rearrange stuff in a way we cannot ignore gracefully. */
|
||||
|
||||
if (context->n_temporary_filesystems > 0)
|
||||
|
@ -2860,13 +2860,13 @@ bool unit_job_is_applicable(Unit *u, JobType j) {
|
||||
case JOB_START:
|
||||
case JOB_NOP:
|
||||
/* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not
|
||||
* startable by us but may appear due to external events, and it thus makes sense to permit enqueing
|
||||
* startable by us but may appear due to external events, and it thus makes sense to permit enqueuing
|
||||
* jobs for it. */
|
||||
return true;
|
||||
|
||||
case JOB_STOP:
|
||||
/* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to
|
||||
* external events), hence it makes no sense to permit enqueing such a request either. */
|
||||
* external events), hence it makes no sense to permit enqueuing such a request either. */
|
||||
return !u->perpetual;
|
||||
|
||||
case JOB_RESTART:
|
||||
|
@ -1521,7 +1521,7 @@ static int home_may_change_password(
|
||||
|
||||
r = user_record_test_password_change_required(h->record);
|
||||
if (IN_SET(r, -EKEYREVOKED, -EOWNERDEAD, -EKEYEXPIRED))
|
||||
return 0; /* expired in some form, but chaning is allowed */
|
||||
return 0; /* expired in some form, but changing is allowed */
|
||||
if (IN_SET(r, -EKEYREJECTED, -EROFS))
|
||||
return sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Expiration settings of account %s do not allow changing of password.", h->user_name);
|
||||
if (r < 0)
|
||||
|
@ -1038,10 +1038,9 @@ static int home_remove(UserRecord *h) {
|
||||
|
||||
if (deleted)
|
||||
log_info("Everything completed.");
|
||||
else {
|
||||
log_notice("Nothing to remove.");
|
||||
return -EALREADY;
|
||||
}
|
||||
else
|
||||
return log_notice_errno(SYNTHETIC_ERRNO(EALREADY),
|
||||
"Nothing to remove.");
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
@ -351,7 +351,7 @@ static int help(void) {
|
||||
" -p --priority=RANGE Show entries with the specified priority\n"
|
||||
" --facility=FACILITY... Show entries with the specified facilities\n"
|
||||
" -g --grep=PATTERN Show entries with MESSAGE matching PATTERN\n"
|
||||
" --case-sensitive[=BOOL] Force case sensitive or insenstive matching\n"
|
||||
" --case-sensitive[=BOOL] Force case sensitive or insensitive matching\n"
|
||||
" -e --pager-end Immediately jump to the end in the pager\n"
|
||||
" -f --follow Follow the journal\n"
|
||||
" -n --lines[=INTEGER] Number of journal entries to show\n"
|
||||
|
@ -141,8 +141,8 @@ int sd_dhcp_lease_get_servers(
|
||||
return (int) lease->smtp_server_size;
|
||||
|
||||
default:
|
||||
log_debug("Uknown DHCP lease info item %d.", what);
|
||||
return -ENXIO;
|
||||
return log_debug_errno(SYNTHETIC_ERRNO(ENXIO),
|
||||
"Unknown DHCP lease info item %d.", what);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -1162,8 +1162,8 @@ int sd_dhcp_server_set_servers(
|
||||
break;
|
||||
|
||||
default:
|
||||
log_debug("Uknown DHCP lease info item %d.", what);
|
||||
return -ENXIO;
|
||||
return log_debug_errno(SYNTHETIC_ERRNO(ENXIO),
|
||||
"Unknown DHCP lease info item %d.", what);
|
||||
}
|
||||
|
||||
if (*n_a == n_addresses &&
|
||||
|
@ -106,7 +106,7 @@ _public_ struct udev *udev_unref(struct udev *udev) {
|
||||
assert(udev->n_ref > 0);
|
||||
udev->n_ref--;
|
||||
if (udev->n_ref > 0)
|
||||
/* This is different from our convetion, but let's keep backward
|
||||
/* This is different from our convention, but let's keep backward
|
||||
* compatibility. So, do not use DEFINE_PUBLIC_TRIVIAL_UNREF_FUNC()
|
||||
* macro to define this function. */
|
||||
return udev;
|
||||
|
@ -128,7 +128,7 @@ static int link_push_uplink_to_dhcp_server(
|
||||
break;
|
||||
|
||||
default:
|
||||
assert_not_reached("Uknown DHCP lease info item");
|
||||
assert_not_reached("Unknown DHCP lease info item");
|
||||
}
|
||||
|
||||
char **a;
|
||||
|
@ -51,7 +51,7 @@
|
||||
* cgrouspv1 crap: kernel, kernelTCP, swapiness, disableOOMKiller, swap, devices, leafWeight
|
||||
* general: it shouldn't leak lower level abstractions this obviously
|
||||
* unmanagable cgroups stuff: realtimeRuntime/realtimePeriod
|
||||
* needs to say what happense when some option is not specified, i.e. which defautls apply
|
||||
* needs to say what happense when some option is not specified, i.e. which defaults apply
|
||||
* no architecture? no personality?
|
||||
* seccomp example and logic is simply broken: there's no constant "SCMP_ACT_ERRNO".
|
||||
* spec should say what to do with unknown props
|
||||
|
@ -151,7 +151,7 @@ int bind_remount_recursive_with_mountinfo(
|
||||
* operation). If it isn't we first make it one. Afterwards we apply MS_BIND|MS_RDONLY (or remove MS_RDONLY) to
|
||||
* all submounts we can access, too. When mounts are stacked on the same mount point we only care for each
|
||||
* individual "top-level" mount on each point, as we cannot influence/access the underlying mounts anyway. We
|
||||
* do not have any effect on future submounts that might get propagated, they migt be writable. This includes
|
||||
* do not have any effect on future submounts that might get propagated, they might be writable. This includes
|
||||
* future submounts that have been triggered via autofs.
|
||||
*
|
||||
* If the "blacklist" parameter is specified it may contain a list of subtrees to exclude from the
|
||||
|
@ -1334,7 +1334,7 @@ int varlink_invoke(Varlink *v, const char *method, JsonVariant *parameters) {
|
||||
if (v->state == VARLINK_DISCONNECTED)
|
||||
return -ENOTCONN;
|
||||
|
||||
/* We allow enqueing multiple method calls at once! */
|
||||
/* We allow enqueuing multiple method calls at once! */
|
||||
if (!IN_SET(v->state, VARLINK_IDLE_CLIENT, VARLINK_AWAITING_REPLY))
|
||||
return -EBUSY;
|
||||
|
||||
|
@ -124,7 +124,7 @@ usec_t watchdog_runtime_wait(void) {
|
||||
if (!timestamp_is_set(watchdog_timeout))
|
||||
return USEC_INFINITY;
|
||||
|
||||
/* Sleep half the watchdog timeout since the last succesful ping at most */
|
||||
/* Sleep half the watchdog timeout since the last successful ping at most */
|
||||
if (timestamp_is_set(watchdog_last_ping)) {
|
||||
ntime = now(clock_boottime_or_monotonic());
|
||||
assert(ntime >= watchdog_last_ping);
|
||||
|
@ -30,7 +30,7 @@
|
||||
|
||||
_SD_BEGIN_DECLARATIONS;
|
||||
|
||||
/* Neightbor Discovery Options, RFC 4861, Section 4.6 and
|
||||
/* Neighbor Discovery Options, RFC 4861, Section 4.6 and
|
||||
* https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml#icmpv6-parameters-5 */
|
||||
enum {
|
||||
SD_NDISC_OPTION_SOURCE_LL_ADDRESS = 1,
|
||||
|
@ -1058,7 +1058,8 @@ static void verify_one(
|
||||
r = unit_file_verify_alias(i, alias, &alias2);
|
||||
log_info_errno(r, "alias %s ← %s: %d/%m (expected %d)%s%s%s",
|
||||
i->name, alias, r, expected,
|
||||
alias2 ? " [" : "", alias2 ?: "", alias2 ? "]" : "");
|
||||
alias2 ? " [" : "", strempty(alias2),
|
||||
alias2 ? "]" : "");
|
||||
assert(r == expected);
|
||||
|
||||
/* This is is test for "instance propagation". This propagation matters mostly for WantedBy= and
|
||||
|
@ -30,7 +30,7 @@ static void test_proc_cmdline_override(void) {
|
||||
log_info("/* %s */", __func__);
|
||||
|
||||
assert_se(putenv((char*) "SYSTEMD_PROC_CMDLINE=foo_bar=quux wuff-piep=tuet zumm some_arg_with_space='foo bar' and_one_more=\"zzz aaa\"") == 0);
|
||||
assert_se(putenv((char*) "SYSTEMD_EFI_OPTIONS=differnt") == 0);
|
||||
assert_se(putenv((char*) "SYSTEMD_EFI_OPTIONS=different") == 0);
|
||||
|
||||
/* First test if the overrides for /proc/cmdline still work */
|
||||
_cleanup_free_ char *line = NULL, *value = NULL;
|
||||
|
@ -1,6 +1,6 @@
|
||||
#!/usr/bin/env bash
|
||||
set -e
|
||||
TEST_DESCRIPTION="Test that KillMode=mixed does not leave left over proccesses with ExecStopPost="
|
||||
TEST_DESCRIPTION="Test that KillMode=mixed does not leave left over processes with ExecStopPost="
|
||||
. $TEST_BASE_DIR/test-functions
|
||||
|
||||
do_test "$@" 47
|
||||
|
@ -119,13 +119,13 @@ machinectl remove scratch4
|
||||
! test -f /var/lib/machines/scratch4
|
||||
! machinectl image-status scratch4
|
||||
|
||||
# Test import-tar hypen/stdin pipe behavior
|
||||
# Test import-tar hyphen/stdin pipe behavior
|
||||
cat /var/tmp/scratch.tar.gz | machinectl import-tar - scratch5
|
||||
test -d /var/lib/machines/scratch5
|
||||
machinectl image-status scratch5
|
||||
diff -r /var/tmp/scratch/ /var/lib/machines/scratch5
|
||||
|
||||
# Test export-tar hypen/stdout pipe behavior
|
||||
# Test export-tar hyphen/stdout pipe behavior
|
||||
mkdir -p /var/tmp/extract
|
||||
machinectl export-tar scratch5 - | tar xvf - -C /var/tmp/extract/
|
||||
diff -r /var/tmp/scratch/ /var/tmp/extract/
|
||||
|
@ -163,7 +163,7 @@ TEMPLATE = '''\
|
||||
<refsect1>
|
||||
<title>D-Bus interfaces</title>
|
||||
|
||||
<para>Interaces exposed over D-Bus.</para>
|
||||
<para>Interfaces exposed over D-Bus.</para>
|
||||
|
||||
<variablelist id='dbus-interface' />
|
||||
</refsect1>
|
||||
|
@ -279,7 +279,7 @@ def process(page):
|
||||
subst_output(xml, pl)
|
||||
|
||||
out_text = etree.tostring(xml, encoding='unicode')
|
||||
# massage format to avoid some lxml whitespace handling idiosyncracies
|
||||
# massage format to avoid some lxml whitespace handling idiosyncrasies
|
||||
# https://bugs.launchpad.net/lxml/+bug/526799
|
||||
out_text = (src[:src.find('<refentryinfo')] +
|
||||
out_text[out_text.find('<refentryinfo'):] +
|
||||
|
@ -36,7 +36,7 @@ else
|
||||
FUZZIT_BRANCH="PR-${TRAVIS_PULL_REQUEST}"
|
||||
fi
|
||||
|
||||
# Because we want Fuzzit to run on every pull-request and Travis/Azure doesnt support encrypted keys
|
||||
# Because we want Fuzzit to run on every pull-request and Travis/Azure doesn't support encrypted keys
|
||||
# on pull-request we use a write-only key which is ok for now. maybe there will be a better solution in the future
|
||||
export FUZZIT_API_KEY=af6992074353998676713818cc6435ef4a750439932dab58b51e9354d6742c54d740a3cd9fc1fc001db82f51734a24bc
|
||||
FUZZIT_ADDITIONAL_FILES="./out/src/shared/libsystemd-shared-*.so"
|
||||
|
Loading…
Reference in New Issue
Block a user