IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
The ptrace capability was only necessary to detect virtualizations
environments. Since we changed the logic to determine this to not
require priviliges, there's no need to carry the CAP_SYS_PTRACE
capability anymore.
I am getting
"Error calling EVIOCSKEYCODE (scan code 0xc022d, key code 418): Invalid
argument", the error message does not tell on which specific device the
problem is, add that info.
Instead of accessing /proc/1/environ directly, trying to read the
$container variable from it, let's make PID 1 save the contents of that
variable to /run/systemd/container. This allows us to detect containers
without the need for CAP_SYS_PTRACE, which allows us to drop it from a
number of daemons and from the file capabilities of systemd-detect-virt.
Also, don't consider chroot a container technology anymore. After all,
we don't consider file system namespaces container technology anymore,
and hence chroot() should be considered a container even less.
It is almost always incorrect to allow DHCP or other sources of
transient host names to override an explicitly configured static host
name.
This commit changes things so that if a static host name is set, this
will override the transient host name (eg: provided via DHCP). Transient
host names can still be used to provide host names for machines that have
not been explicitly configured with a static host name.
The exception to this rule is if the static host name is set to
"localhost". In those cases we act as if no
static host name has been explicitly set.
As discussed elsewhere, systemd may want to have an fd based ownership
of the transient name. That part is not included in this commit.
Both systemd-analyze and systemd-run only access org.freedesktop.systemd1
on the bus. This patch allows using systemd-run --user and systemd-analyze
--user even if the user session's bus is not properly integrated with the
systemd user unit.
https://bugs.freedesktop.org/show_bug.cgi?id=79252 and other reports...
Re-apply the keymaps when "udevadm trigger" is called. Hooking into
"add" only would just remove all keymap content from the udev database
instead of applying the new config.
nspawn and the container child use eventfd to wait and notify each other
that they are ready so the container setup can be completed.
However in its current form the wait/notify event ignore errors that
may especially affect the child (container).
On errors the child will jump to the "child_fail" label and terminate
with _exit(EXIT_FAILURE) without notifying the parent. Since the eventfd
is created without the "EFD_NONBLOCK" flag, this leaves the parent
blocking on the eventfd_read() call. The container can also be killed
at any moment before execv() and the parent will not receive
notifications.
We can fix this by using cheap mechanisms, the new high level eventfd
API and handle SIGCHLD signals:
* Keep the cheap eventfd and EFD_NONBLOCK flag.
* Introduce eventfd states for parent and child to sync.
Child notifies parent with EVENTFD_CHILD_SUCCEEDED on success or
EVENTFD_CHILD_FAILED on failure and before _exit(). This prevents the
parent from waiting on an event that will never come.
* If the child is killed before execv() or before notifying the parent,
we install a NOP handler for SIGCHLD which will interrupt blocking calls
with EINTR. This gives a chance to the parent to call wait() and
terminate in main().
* If there are no errors, parent will block SIGCHLD, restore default
handler and notify child which will do execv(), then parent will pass
control to process_pty() to do its magic.
This was exposed in part by:
https://bugs.freedesktop.org/show_bug.cgi?id=76193
Reported-by: Tobias Hunger tobias.hunger@gmail.com
Move the container wait logic into its own wait_for_container() function
and add two status codes: CONTAINER_TERMINATED or CONTAINER_REBOOTED.
The status will be stored in its argument, this way we handle:
a) Return negative on failures.
b) Return zero on success and set the status to either
CONTAINER_REBOOTED or CONTAINER_TERMINATED.
These status codes are used to terminate nspawn or loop again in case of
CONTAINER_REBOOTED.
There was this code:
if (to_path_len > 0)
memcpy(p, to_path, to_path_len);
That didn't add the terminating zero, so the resulting string was
corrupt if this code path was taken.
Using strcpy() instead of memcpy() solves this issue, and also
simplifies the code.
Previously there was special handling for shortening "../../" to
"../..", but that has now been replaced by a path_kill_slashes() call,
which also makes the result prettier in case the input contains
redundant slashes that would otherwise be copied to the result.
Create initial stamp file with compiled-in time to prevent bootups
with clocks in the future from storing invalid timestamps.
At shutdown, only update the timestamp if we got an authoritative
time to store.
Djalal Harouni <tixxdz@opendz.org>:
There is also this one genrated by LTO, IMO it's a false positive since
we do *check* for "lease" but the code is not consistent since in that
code path, "lease" is initialized to NULL in other places, except for
this one:
src/resolve/resolved-manager.c: In function 'manager_update_resolv_conf':
src/libsystemd-network/sd-dhcp-lease.c:67:18: warning: 'lease' may be used uninitialized in this function [-Wmaybe-uninitialized]
if (lease->dns_size) {
^
src/network/sd-network.c:146:24: note: 'lease' was declared here
sd_dhcp_lease *lease;
^
This undoes part of commit e6a4a517be.
Instead of removing the error message about non-empty journal bind mount
directories, simply downgrade the message to a warning and proceed.
