IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
When running interactively, let's connect the test unit directly
to the console. This enables adding "bash" anywhere within an
integration test to get a shell within the test environment.
(cherry picked from commit fe7413d1955bbf0f8fe869543c423025a22a4671)
(cherry picked from commit 4c18caaa750c638cefaba06999ebf17c9c53b6a5)
As soon as we start running a test, we want pid 1 to stop showing
status messages so let's tell pid 1 to stop showing status messages.
(cherry picked from commit 070de658a9f2bf48d26035ddbe861f79dfff2be4)
(cherry picked from commit b629b7100e83e2382be12869cb672c53e1ebe8e3)
Also pull in getty-pre.target via Wants= so it actually gets pulled
into the transaction.
(cherry picked from commit 854a8c21d00e070bffd0c754812b29c5a4acd324)
(cherry picked from commit 3e474451a85028e930bfd5a71144fe4888db10fd)
Let's only compare flags that can be set by userspace and not all flags.
Fixes a bug introduced by 7027cdbd79c26d5a8890759a37d70165c8aeb214 (v256).
Fixes#36544
(cherry picked from commit 9fd25fd3ce4012e737688f0f1f3400c3e21c99f7)
(cherry picked from commit edfb2eb497716f2f56096569ad91f2ec4682be62)
If we use TCP fastopen to connect to a DNS server via TCP, and it
responds really quickly between our connection attempt and our immediate
check back, then we have not identified the peer yet, and will not be
able to use the peer metadata to fill in our packet info.
Let's fix that, and simply not read from the socket until identification
is complete.
Fixes: #34956
(cherry picked from commit facc9439a76b4c3a5c273c71bd7a676e4c74778c)
(cherry picked from commit 11da52785c978369e4cd92e67e5017a436404340)
Import thew new key from https://data.iana.org/root-anchors/root-anchors.xml.
The old one remains valid, as per provided data.
Fixes: #36260
(cherry picked from commit 8113361e82eea2741290f7117034d356acb3ab4d)
(cherry picked from commit 961e351061b2366889c8af1feae522f8f4123f5d)
The values assigned to 'r' were never used, and overwritten by the next
call of read_line_full().
Fixes CID#1548043 and CID#1548064.
(cherry picked from commit 00575cfd696a2a335decb66580727fafd3c152aa)
(cherry picked from commit 244790adfa626fbdbaf8cebec2f1b4759b12456b)
This is a kind of paranoia, as memeqzero() does not read anyting if
length is zero. But, strictly speaking C language does not allow such,
and Coverity warn about that.
Fixes CID#1561177.
(cherry picked from commit 6529ab0b066c93a6b8a8bf24b999d67e67a261f5)
(cherry picked from commit 73986494b65acd5eb68b889d0b8966f72f55bbb3)
The test expects _not_ to find the patterns but the run_and_grep would
still print 'FAIL:' message. Use the dedicated -n option that inverts
the semantics cleaner than shell's !.
(cherry picked from commit c4b75966075e01d39556a87caa778eb63d96d6f6)
(cherry picked from commit f45b42ea5d7055f0fdd5bfe548bde3b73a0c2051)
In various scenarios we invoke containers with access to the kernel
keyring blocked. Let's make sure we can handle this properly: when the
invocation ID is stored in in the kernel keyring and we try to read it
and get EPERM we should handle it gracefully, like EOPNOTSUPP.
(cherry picked from commit f2e38b01e052ebd50eaf98763bd9709e880c0a75)
(cherry picked from commit a2abc3b8ecef41dea432d39ff19cb66c6aa3baa9)
Fixes a bug in 7eeda1da90c79ba420a6d82c1d9589b23048d79f (v256).
(cherry picked from commit 914d1ec171eb0e27ced472aed2d05eae19b265da)
(cherry picked from commit ee7e9ac11c0644c7e5332c927bb83c5e55985c89)
Fixes a bug in b5a07e524e42d2594174ca1a5b72aa4fdb9af94c (v250).
(cherry picked from commit 91421f8379b66316f937d56c60c2e782b7a79eca)
(cherry picked from commit 349012c4935c49bde6bb7bc6daa8e4a783657338)
When using UEFI with bhyve it behaves similarly to qemu, and provides
a product_uuid. Use it if found, just like with qemu.
(cherry picked from commit 113c159ba9c4e8052ae162e12faba28b102a90d0)
(cherry picked from commit 4cdaff292c8918511b88d9a05a4111c366702c3c)
fido2_generate_hmac_hash() sets req->keyring to "fido2-pin" when
calling ask_password_auto(), suggesting that a key by this name
can be read from the kernel keyring. But the keyring is never
opened because the ASK_PASSWORD_ACCEPT_CACHED flag is not set.
Set ASK_PASSWORD_ACCEPT_CACHED to allow automated / scripted
setup of encrypted volumes with FIDO2. If the PIN turns out to
be invalid, clear ASK_PASSWORD_ACCEPT_CACHED to avoid retrying
and possible lockout.
(cherry picked from commit 505c2f21377019c058de16aa9e2d8db005e97e6f)
(cherry picked from commit f2054b8aee28a09767d9bfb976167ce288152d5d)
All dbus programs have to be up-to-date for update-dbus-docs to
produce the expected output, so add the missing dependency.
(cherry picked from commit 461bd9277a69833a534518c263d00443f2f6fbf4)
(cherry picked from commit cd727da491f0715995f06f3ad7e6e2ec2ab2e44a)
Follow-up for 3bd28bf721dc70722ff1c675026ed0b44ad968a3
SERVICE_RELOAD_SIGNAL state can only be reached via explicit reload jobs,
and we have a clear distinction between that and plain RELOADING=1
notifications, the latter of which is issued by clients doing reload
outside of our job engine. I.e. upon SERVICE_RELOAD_SIGNAL + RELOADING=1
we don't propagate reload jobs again, since that's done during transaction
construction stage already. The handling of combined RELOADING=1 + READY=1
so far is bogus however, as it tries to propagate duplicate reload jobs.
Amend this by following the logic for standalone RELOADING=1.
(cherry picked from commit c337a1301f2de4105fc8023e45db20238c6a895a)
(cherry picked from commit aef4adde624246b074082db8b4c1d446e13f85ca)
There is a typo passing flags to `install_file()`, if `IMPORT_READ_ONLY` is set,
`IMPORT_SYNC` is never checked.
(cherry picked from commit 5d2d0c055b1ec68d4fc5d4ec85390fc427171ff3)
(cherry picked from commit 6d3621d38ee85bce79931612d6b63d6539274ea8)
When hardlink recreation is requested, it creates temporary files that
will be deleted once the context is destroyed. The deletion
(potentially) updates the directory's timestamps, so it's crucial that
the deletion happens before the directory timestamps are restored when
`COPY_RESTORE_DIRECTORY_TIMESTAMPS` is requested.
(cherry picked from commit b66291444b8d4022ce68121af8e6f99d29ebefd0)
(cherry picked from commit 9e2ba7eb050fcfd9c13f5212c7df9c82cd44cef5)
Let's get rid of the configure script for this use case by just
implementing the necessary logic in integration-test-wrapper.py.
We need to get rid of our usage of configure scripts to allow enabling
the History= setting.
(cherry picked from commit 2db2cb3034e71600d25ab1c181f692265d3833fe)
(cherry picked from commit 985b2e78682887dd47f1358567341dc84c5ae40b)
mkfs.erofs is extremely verbose and will log every single file added
to the filesystem, which is a lot of them when building a rootfs.
(cherry picked from commit 323213cfea8b78d44f63b8a83f74fbd1f79f1775)
(cherry picked from commit b92ea51d000e69d032b0a8cf80bf2714a95e69c2)
It does not work on oss-fuzz for some reasons. See #11018.
(cherry picked from commit 0656b3a083b48a2cccb90ee1f7fed949d9283b76)
(cherry picked from commit 16c3e3eac0864d9707b4eac018edcf6c88e754da)
In 256, the machined interface is only accessible to root, yet the
socket is world readable/writable. This prevents tools from detecting
whether the socket is usable or not. Let's stricten the permissions
to more clearly indicate that the varlink interface is only accessible
to the root user.
Stream sockets are stream sockets, i.e. they won#t give us the full data
right-away, we must buffer locally and read until we hit EOF. Hence do
so.
moreover, make sure to close the fd once we are done, otherwise the
sender might block on us.
(cherry picked from commit 862c68a914ab4561d83875e58e05dcf65cb4a551)
The systemd rpms we try to install in packit have /usr/bin/bash and
/usr/bin/python3 as dependencies which breaks dnf5 because mkosi
doesn't download filelists metadata and
https://bugzilla.redhat.com/show_bug.cgi?id=2263771 is still not fixed
almost a year after being reported.
(cherry picked from commit 8a9b989cba75810406b0c881bcabe03c27fa47e5)
(cherry picked from commit ef6f0afb544c38e71824412012f657aeb5780d1a)
Fixes packit test
TEST-74-AUX-UTILS.sh[1104]: + script -ec 'networkctl edit --runtime "$NETWORK_NAME"' /dev/null
TEST-74-AUX-UTILS.sh[1154]: .//usr/lib/systemd/tests/testdata/units/TEST-74-AUX-UTILS.networkctl.sh: line 53: script: command not found
(cherry picked from commit 01b45354559b2fc651441b6b0025ae28daddd06e)
(cherry picked from commit f0d596d9db52d683a1a27323e79e1f901efee357)
To build rawhide images we might need more recent tools from rawhide
itself. While Arch would generally be up-to-date enough as well, it
doesn't provide the selinux tools so we use Fedora Rawhide instead.
(cherry picked from commit 948bca0418be5cf6b6dc1c2c006095fec166b926)
While this is obvious if you spend a few minutes thinking about how
D-Bus signals work (in this case, they are broadcast from a system
service, so cannot apply to a specific user/session/seat), it’s a bit
easy to overlook this while putting code together which uses the login1
D-Bus API, so it’s helpful to point this hazard out specifically in the
docs.
The signals can only be emitted on the canonical objects. The
convenience objects are useful for method calls, as the calling context
can be used to dereference ‘self’ and ‘auto’, but this can’t work for
signals.
Signed-off-by: Philip Withnall <pwithnall@gnome.org>
(cherry picked from commit 82b32b997c51e259ddf66a0ec6bd7631b0ea781d)
(cherry picked from commit afc6244bb1accde277359e3aa7b1976cc96080cf)
Signed-off-by: Philip Withnall <pwithnall@gnome.org>
(cherry picked from commit 5fe4edd3fccd2a14ec3488daeac80ddb33bc71db)
(cherry picked from commit 8ef9fdf79bfa852898a569a9032faa1dafe8c6c1)
The script runs the binaries which try to find the internal libs via /proc/self/exe due
to glibc's RPATH resolution and fail:
/var/cache/src/systemd/tools/dbus_exporter.py interfaces
/var/cache/src/systemd/build/systemd
/var/cache/src/systemd/build/systemd-homed
/var/cache/src/systemd/build/systemd-hostnamed
/var/cache/src/systemd/build/systemd-importd
/var/cache/src/systemd/build/systemd-localed
/var/cache/src/systemd/build/systemd-logind
/var/cache/src/systemd/build/systemd-machined
/var/cache/src/systemd/build/systemd-networkd
/var/cache/src/systemd/build/systemd-oomd
/var/cache/src/systemd/build/systemd-portabled
/var/cache/src/systemd/build/systemd-resolved
/var/cache/src/systemd/build/systemd-sysupdated
/var/cache/src/systemd/build/systemd-timedated
execve("/var/cache/src/systemd/build/systemd", ["/var/cache/src/systemd/build/sys"..., "--bus-introspect", "list"], 0x7ffc7ab68600 /* 20 vars */) = 0
brk(NULL) = 0x56265bf70000
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f56ced7f000
readlinkat(AT_FDCWD, "/proc/self/exe", 0x7ffedeaa7a90, 4096) = -1 ENOENT (No such file or directory)
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=20293, ...}) = 0
mmap(NULL, 20293, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f56ced7a000
close(3) = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/glibc-hwcaps/x86-64-v4/libsystemd-core-258.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/lib/x86_64-linux-gnu/glibc-hwcaps/x86-64-v4/", 0x7ffedeaa80b0, 0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/glibc-hwcaps/x86-64-v3/libsystemd-core-258.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/lib/x86_64-linux-gnu/glibc-hwcaps/x86-64-v3/", 0x7ffedeaa80b0, 0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/glibc-hwcaps/x86-64-v2/libsystemd-core-258.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/lib/x86_64-linux-gnu/glibc-hwcaps/x86-64-v2/", 0x7ffedeaa80b0, 0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libsystemd-core-258.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/lib/x86_64-linux-gnu/", {st_mode=S_IFDIR|0755, st_size=19312, ...}, 0) = 0
openat(AT_FDCWD, "/usr/lib/x86_64-linux-gnu/glibc-hwcaps/x86-64-v4/libsystemd-core-258.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/usr/lib/x86_64-linux-gnu/glibc-hwcaps/x86-64-v4/", 0x7ffedeaa80b0, 0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/usr/lib/x86_64-linux-gnu/glibc-hwcaps/x86-64-v3/libsystemd-core-258.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/usr/lib/x86_64-linux-gnu/glibc-hwcaps/x86-64-v3/", 0x7ffedeaa80b0, 0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/usr/lib/x86_64-linux-gnu/glibc-hwcaps/x86-64-v2/libsystemd-core-258.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/usr/lib/x86_64-linux-gnu/glibc-hwcaps/x86-64-v2/", 0x7ffedeaa80b0, 0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/usr/lib/x86_64-linux-gnu/libsystemd-core-258.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/usr/lib/x86_64-linux-gnu/", {st_mode=S_IFDIR|0755, st_size=19312, ...}, 0) = 0
openat(AT_FDCWD, "/lib/glibc-hwcaps/x86-64-v4/libsystemd-core-258.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/lib/glibc-hwcaps/x86-64-v4/", 0x7ffedeaa80b0, 0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/glibc-hwcaps/x86-64-v3/libsystemd-core-258.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/lib/glibc-hwcaps/x86-64-v3/", 0x7ffedeaa80b0, 0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/glibc-hwcaps/x86-64-v2/libsystemd-core-258.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/lib/glibc-hwcaps/x86-64-v2/", 0x7ffedeaa80b0, 0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/libsystemd-core-258.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/lib/", {st_mode=S_IFDIR|0755, st_size=642, ...}, 0) = 0
openat(AT_FDCWD, "/usr/lib/glibc-hwcaps/x86-64-v4/libsystemd-core-258.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/usr/lib/glibc-hwcaps/x86-64-v4/", 0x7ffedeaa80b0, 0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/usr/lib/glibc-hwcaps/x86-64-v3/libsystemd-core-258.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/usr/lib/glibc-hwcaps/x86-64-v3/", 0x7ffedeaa80b0, 0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/usr/lib/glibc-hwcaps/x86-64-v2/libsystemd-core-258.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/usr/lib/glibc-hwcaps/x86-64-v2/", 0x7ffedeaa80b0, 0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/usr/lib/libsystemd-core-258.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/usr/lib/", {st_mode=S_IFDIR|0755, st_size=642, ...}, 0) = 0
writev(2, [{iov_base="/var/cache/src/systemd/build/sys"..., iov_len=36},
{iov_base=": ", iov_len=2},
{iov_base="error while loading shared libra"..., iov_len=36},
{iov_base=": ", iov_len=2},
{iov_base="libsystemd-core-258.so", iov_len=22},
{iov_base=": ", iov_len=2},
{iov_base="cannot open shared object file", iov_len=30},
{iov_base=": ", iov_len=2},
{iov_base="No such file or directory", iov_len=25},
{iov_base="\n", iov_len=1}],
10/var/cache/src/systemd/build/systemd: error while loading shared libraries: libsystemd-core-258.so: cannot open shared object file: No such file or directory
) = 158
(cherry picked from commit c6a932fd0db5bfcc523d0a57351b906bce2955cd)
(cherry picked from commit 8b84cad890a0dbc73ad8d0d2f73c303bf56b0eb1)
Follow-up for a05255981ba5b04f1cf54ea656fbce1dfd9c3a68
Follow-up for 3e0a3a0259324b4c40a9a62c8506fe683cd0273b
(cherry picked from commit 6a6d4c3f3c123a1cbb6770f1cae8c130a48333e1)
(cherry picked from commit 769997ee17d64cf0cecd9db20ebe0af1f69dc23d)
We want to be able to capture stdout for json and such, so convert
all remaining logging to stderr.
(cherry picked from commit cf4deeaf1e822ade5c1fbbe2584b23a2d0988439)
(cherry picked from commit 3110d46f4a7b6a41c9d6fc6a9f65cf7058bb4001)
Updating footer to reflect current year: 2025
(cherry picked from commit 1bcb739f080a56ab578129d9a87e061d92059eb5)
(cherry picked from commit 81486f3af7074151e6f8e4e594b80bd78c7a718e)
Signed-off-by: Louis Sautier <sautier.louis@gmail.com>
(cherry picked from commit 24af6a0d0afcce3268ff60b7fea2f203cd820985)
(cherry picked from commit 8566cb5cc1dff334008b3ee0608f401cf8954186)
The header starts with 'zstd', not 'zstd22':
$ ukify build --linux vmlinuz-6.13+unreleased-cloud-arm64 --initrd /boot/initrd.img-6.12.12-amd64 --output uki
Kernel version not specified, starting autodetection 😖.
Real-Mode Kernel Header magic not found
+ readelf --notes vmlinuz-6.13+unreleased-cloud-arm64
readelf: Error: Not an ELF file - it has the wrong magic bytes at the start
Traceback (most recent call last):
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 2510, in <module>
main()
~~~~^^
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 2499, in main
make_uki(opts)
~~~~~~~~^^^^^^
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 1328, in make_uki
opts.uname = Uname.scrape(linux, opts=opts)
~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 384, in scrape
version = func(filename, opts=opts)
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 374, in scrape_generic
text = maybe_decompress(filename)
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 221, in maybe_decompress
return get_zboot_kernel(f)
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 201, in get_zboot_kernel
raise NotImplementedError(f'unknown compressed type: {comp_type!r}')
NotImplementedError: unknown compressed type: b'zstd\x00\x00'
(cherry picked from commit a6d51ae582c863c01c581f1e31492910d53b0427)
(cherry picked from commit 9b9a8d7e5468a847b8deaa8ce79402872a2c1dd5)
The zstd library does not support stream decompression, and it
requires the zstd header to contain extra metadata, that the kernel
build does not append:
$ file -k vmlinuz-6.13+unreleased-cloud-arm64
vmlinuz-6.13+unreleased-cloud-arm64: PE32+ executable (EFI application) Aarch64 (stripped to external PDB), for MS Windows, 2 sections\012- data
$ ukify build --linux vmlinuz-6.13+unreleased-cloud-arm64 --initrd /boot/initrd.img-6.12.12-amd64 --output uki
Kernel version not specified, starting autodetection 😖.
Real-Mode Kernel Header magic not found
+ readelf --notes vmlinuz-6.13+unreleased-cloud-arm64
readelf: Error: Not an ELF file - it has the wrong magic bytes at the start
Traceback (most recent call last):
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 2508, in <module>
main()
~~~~^^
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 2497, in main
make_uki(opts)
~~~~~~~~^^^^^^
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 1326, in make_uki
opts.uname = Uname.scrape(linux, opts=opts)
~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 382, in scrape
version = func(filename, opts=opts)
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 372, in scrape_generic
text = maybe_decompress(filename)
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 219, in maybe_decompress
return get_zboot_kernel(f)
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 199, in get_zboot_kernel
return cast(bytes, zstd.uncompress(f.read(size)))
~~~~~~~~~~~~~~~^^^^^^^^^^^^^^
zstd.Error: Input data invalid or missing content size in frame header.
This appears to be by design:
https://github.com/sergey-dryabzhinsky/python-zstd/issues/53
Switch to python3-zstandard, which works.
(cherry picked from commit fbc6fecf1adbd34bd541c04d04ceef2695caa80a)
(cherry picked from commit 77fc49891a162dae56b1e2cc3112a8c26516f656)
UKIs should generally not be compressed since the kernel image and
initrd in them will already be compressed so let's remove the compression
suffix from the examples in the sysupdate manpage.
(cherry picked from commit 5ca1865ad95a10b744321d21293587ed1d446ee6)
(cherry picked from commit 9440a08ccce6c5ebb5091a38dd709737a4ae22b9)
