1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-23 21:35:11 +03:00
Commit Graph

70836 Commits

Author SHA1 Message Date
Luca Boccassi
0a8264080a repart: support OpenSSL engines/providers for signing
The provider API which is new requires providers, which are not
widely available and don't work very well yet, so also use a
fallback with the legacy engine API.
2024-02-09 15:11:25 +00:00
Luca Boccassi
dba0afa14e openssl: add helper to load key from provider/engine
It's not the literal private key, but EVP_PKEY becomes a reference
to the engine/provider that OpenSSL knows how to use later
2024-02-09 14:36:10 +00:00
Luca Boccassi
c505275476
Merge pull request #31243 from YHNdnzj/systemctl-disable-now-template
systemctl: support disable/mask --now with unit template
2024-02-09 14:29:50 +00:00
Luca Boccassi
9131b93590
Merge pull request #31224 from mrc0mmand/packit-bpftool-workaround
packit: temporarily build systemd without BPF stuff
2024-02-09 13:48:13 +00:00
Luca Boccassi
6e7134ad95
Merge pull request #31264 from poettering/sysext-help
sysext: tweaks to the systemd-sysext/systemd-confext --help text
2024-02-09 13:46:28 +00:00
Daan De Meyer
317cb6f9b5 Install pacman in Arch Linux image
We install apt and dnf in the other images as well, so lets be
consistent and install pacman in the Arch image as well.
2024-02-09 12:41:54 +00:00
Frantisek Sumsal
e7a52b1b33 test: adjust test-path to fail gracefully with the new pidfd_spawn stuff
Since 2e106312e2 the test unit fails with 'resources' result instead of
'exit-code', which the test didn't account for when running unprivileged.

Before 2e106312e2:
$ /root/systemd/build/test-path
Failed to start transient scope unit: Interactive authentication required.
Couldn't allocate a scope unit for this test, proceeding without.
...
-.slice: Failed to enable/disable controllers on cgroup /user.slice/user-1000.slice/session-1.scope, ignoring: Permission denied
app.slice: Failed to create cgroup /user.slice/user-1000.slice/session-1.scope/app.slice: Permission denied
-.slice: Failed to enable/disable controllers on cgroup /user.slice/user-1000.slice/session-1.scope, ignoring: Permission denied
app.slice: Failed to create cgroup /user.slice/user-1000.slice/session-1.scope/app.slice: Permission denied
...
line 151: path-exists.path: state = running; result = success (left: 29986250)
line 151: path-exists.service: state = start; result = success
path-exists.service: Main process exited, code=exited, status=219/CGROUP
path-exists.service: Failed with result 'exit-code'.
line 151: path-exists.path: state = running; result = success (left: 29985948)
line 151: path-exists.service: state = failed; result = exit-code
Failed to start service path-exists.service, aborting test: failed/exit-code

After 2e106312e2:
$ /root/systemd/build/test-path
Failed to start transient scope unit: Interactive authentication required.
Couldn't allocate a scope unit for this test, proceeding without.
...
-.slice: Failed to enable/disable controllers on cgroup /user.slice/user-1000.slice/session-1.scope, ignoring: Permission denied
app.slice: Failed to create cgroup /user.slice/user-1000.slice/session-1.scope/app.slice: Permission denied
-.slice: Failed to enable/disable controllers on cgroup /user.slice/user-1000.slice/session-1.scope, ignoring: Permission denied
app.slice: Failed to create cgroup /user.slice/user-1000.slice/session-1.scope/app.slice: Permission denied
path-exists.service: Failed to spawn executor: No such file or directory
path-exists.service: Failed to spawn 'start' task: No such file or directory
path-exists.service: Failed with result 'resources'.
2024-02-09 12:50:21 +01:00
Frantisek Sumsal
8a0ec8852c packit: temporarily build systemd without BPF stuff
The kernel-tools meta-package was retired in Rawhide, but its
replacement has not landed, yet. Until that happens, let's build without
the bpf-framework stuff.
2024-02-09 12:50:21 +01:00
Daan De Meyer
7bf52f5d1c Add systemd.default_debug_tty=
Let's allow configuring the debug tty independently of enabling/disabling
the debug shell. This allows mkosi to configure the correct tty while
leaving enabling/disabling the debug tty to the user.
2024-02-09 11:47:53 +01:00
Frantisek Sumsal
c078f4af6b semaphore: temporarily pin autopkgtest to v5.32
The latest commit (ATTOW) [0] calls adduser with --logmsglevel, which is
not a valid flag for adduser on Ubuntu Focal/Jammy.

[0] 9c033b3db4
2024-02-09 11:18:25 +01:00
Yu Watanabe
6a32108812 man: add missing "=" after setting name
Follow-up for b93bf1bf9f.
2024-02-09 19:03:56 +09:00
Frantisek Sumsal
8632590278
Merge pull request #31230 from mrc0mmand/test-seccomp
process-util: use only the least significant byte from personality()
2024-02-09 10:39:23 +01:00
Yu Watanabe
15875f524f README: update link to CentOS CI 2024-02-09 18:08:58 +09:00
Yu Watanabe
d2eb27eb7b man: fix typo
Follow-up for 631cf7f004.
2024-02-09 17:49:48 +09:00
Lennart Poettering
00d0f58443 sysext: output an appropriate blurb for the mode we are executed in 2024-02-09 09:41:33 +01:00
Lennart Poettering
82d371eeaf sysext: point to the right man page for the mode we are invoked in 2024-02-09 09:41:26 +01:00
Lennart Poettering
457a74b3d0 sysext: rename "directory_name" field to "full_identifier"
So the field contains simply the full name of the command being invoked,
hence rename the field to match the contents, and to mirror the
"short_identifier" field.

Interestingly, the field is apparently not actually used by anything
though! But we are not going to remove it, since a follow-up commit will
start making use of it.
2024-02-09 09:41:19 +01:00
Lennart Poettering
97b944c23a sysext: fix --help indenting/line breaking
Let's make sure there's an empty line after the explanatory text like we
usually do it, and do not indent the 2nd line more than the 1st
2024-02-09 09:40:45 +01:00
Yu Watanabe
9e95c0e495
Merge pull request #31172 from yuwata/network-bond-port
network: do not bring down bonding port on reconfigure
2024-02-09 17:32:29 +09:00
Yu Watanabe
2686855b93
Merge pull request #31247 from yuwata/network-make-reload-bus-method-synchronous
network: make Reload bus method synchronous
2024-02-09 17:32:07 +09:00
Mike Yuan
f9c76997db
systemctl: allow --now only if not install_client_side() 2024-02-09 16:18:53 +08:00
Mike Yuan
1baa0415ae
systemctl: support disable/mask --now with unit template
Closes #15620
Replaces #28240
2024-02-09 16:18:44 +08:00
Mike Yuan
8749b09390
basic/unit-name: introduce unit_name_replace_instance_full
that optionally accepts a globbed instance
2024-02-09 16:17:59 +08:00
Mike Yuan
f27d595d7e
systemctl-util: some modernizations 2024-02-09 16:10:43 +08:00
Mike Yuan
09d7952a67
basic/unit-name: include param name in function prototype 2024-02-09 16:10:41 +08:00
Yu Watanabe
4bc771d061 test: drop unnecessary sleep
Now, 'Reload' dbus method is synchronous. It is not necessary to wait
for link enter configuring state.
2024-02-09 14:25:54 +09:00
Yu Watanabe
1e869a5de9 network: make Reload bus method synchronous
Prompted by https://github.com/systemd/systemd/pull/30085#discussion_r1401534107.

Note, like Reconfigure bus method, even reconfiguration for an interface is
triggered by Reload method, the method only wait for the link enters
configuring state (or unmanaged state if no matching .network file exists).
Users still need to invoke systemd-networkd-wait-online if it is
necessary to wait for the interface enters configured state after Reload
medhod.
2024-02-09 14:25:54 +09:00
Yu Watanabe
2bb1d3c108 test-network: add test case for issue #31165 2024-02-09 14:15:17 +09:00
Yu Watanabe
c3e12de0a6 network: do not bring down a bonding port interface when it is already joined
Follow-up for 9f913d37a0.

Fixes #31165.
2024-02-09 14:15:17 +09:00
Yu Watanabe
a140eaf16a network: fix typo
Follow-up for baa95d2274.
2024-02-09 14:15:17 +09:00
Yu Watanabe
bbcd088031
Merge pull request #31177 from yuwata/network-ndisc-on-link-zero
network/ndisc: drop onlink prefix route when on-link flag is zero
2024-02-09 14:03:32 +09:00
mille-feuille
baa90b4b81 detect-virt: fix Google Compute Engine support
Follow-up for 9b0688f491
2024-02-09 12:12:33 +09:00
Zbigniew Jędrzejewski-Szmek
56afff50b9 preset: enable homed sidecar services
As described in https://github.com/systemd/systemd/issues/31235, the preset
state for systemd-homed-activate.service was unclear. On the one hand, we have
a preset with 'enable systemd-homed.service', and systemd-homed.service has
'Also=systemd-homed-activate.service systemd-homed-firstboot.service', so
'preset systemd-homed.service' would also enable those two services, but
'preset systemd-homed-activate.service' would disable it, because the presets
don't say it is enabled. It seems that this configuration is internally
inconsistent. As described in the issue, maybe systemctl should be smarter
here, or warn about such configs. Either way, let's make our config consistent.

Follow-up for d1f6e01e47 and
3ccadbce33.
2024-02-08 22:44:00 +00:00
Luca Boccassi
82047a6aa7 portable: add --copy=mixed to copy images and link profiles
This new mode copies resources provided by the client, so that they
remain available for inspect/detach even if the original images are
deleted, but symlinks the profile as that is owned by the OS, so that
updates are automatically applied.
2024-02-08 21:11:26 +00:00
Zbigniew Jędrzejewski-Szmek
eb47031694 man: mention that preset-all is performed during early boot
The intro of systemd-firstboot is rewritten to make it clearer how it fits into
the big picture. Systemd does some machine-id and presets and
systemd-firstboot.service is used to interactively fill in the blanks.

Closes #22225.
2024-02-08 20:36:44 +01:00
Antonio Alvarez Feijoo
316918640f creds: fix typo 2024-02-08 19:48:49 +01:00
Lennart Poettering
9d99f1686a
Merge pull request #30766 from polarina/cryptenroll-tpm2-unlock
cryptenroll: Add support for unlocking through TPM2 enrollments
2024-02-08 17:41:03 +01:00
Sam Leonard
710dcce13f nspawn: add missing OOM check on gethostname_malloc() 2024-02-08 16:05:31 +01:00
Sam Leonard
2978e540e4 vmspawn: remove extraneous log_info 2024-02-08 16:04:42 +01:00
Sam Leonard
1ad9752260 vmspawn: fix incorrect handling of -M in getopt_long 2024-02-08 16:04:42 +01:00
Sam Leonard
a759d3239d vmspawn: fix incorrect mention of container 2024-02-08 16:04:42 +01:00
Yu Watanabe
738ad08b0d copy: do not ignore chattr_flags and friends passed to copy_file_atomic_full()
Fixes a bug introduced by 427d9c34e6.
2024-02-08 22:06:16 +09:00
Yu Watanabe
8334b1c762
Merge pull request #31245 from yuwata/network-ndisc-adjust-log-messages
network/ndisc: slightly update log messages
2024-02-08 22:05:55 +09:00
Yu Watanabe
e2382ef005 wait-online: split out get_state_range()
Follow-up for 2d70878162.

After the conversion from FOREACH_POINTER() to FOREACH_ARGUMENT(),
the iterator is never set to POINTER_MAX.
2024-02-08 16:59:04 +08:00
Sludge
02c127b344 hwdb: add resolution setting for GAOMON S620 2024-02-08 13:12:10 +09:00
Yu Watanabe
1847a544af dissect-image: fix typo
Follow-up for b387778c5b.
2024-02-08 11:37:20 +09:00
Yu Watanabe
5ac0345329 nspawn: fix typo
Follow-up for f94025a136.
2024-02-08 11:36:08 +09:00
Yu Watanabe
d9b8acda2a test: fix typo
Follow-up for 38a80ba108 and
a39d8396a9.
2024-02-08 11:34:36 +09:00
Yu Watanabe
155d7a2c04 network/ndisc: drop onlink prefix route when on-link flag is zero
Fixes #28435.
2024-02-08 11:30:19 +09:00
Yu Watanabe
a8b0b84822 network/ndisc: fix use-of-uninitialized-value on failure path
Fixes a bug in f44eebd1ba.

Also slightly adjust log message.
2024-02-08 11:30:07 +09:00