IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Often the fds that shall stay around in the child shall be passed
to a process over execve(), hence add an option to explicitly disable
O_CLOEXEC on them in the child.
On a read-only filesystem creating /root/.ssh might fail, but that's ok.
Do not fail the run, as this is only needed to add the credential, which
is a separate step.
In my understanding user group "3" (aka "sys") is kept for historical reasons
but not really useful these days. That's probably explained why this group
isn't defined on openSUSE.
Hence let's drop reference to this user group, this shouldn't lessen the
revelance of the test since SupplementaryGroups= is still tested with 2 other
groups.
This adds an additional name check when cross-matching new group
entries against existing users, which allows coalescing entries
matching both ID and name.
It provides a small idempotence enhancement when creating groups
in cases where matching user entries are in place. By fine-tuning
the conflict detection logic, this avoids picking up new random
IDs and correctly prefers configuration values instead.
After 479da1107a0d4e2f7ef5cd938512b87a0e45f180, the usb_id builtin
command does not set ID_SERIAL if ID_BUS is already set.
Before the commit, all properties set based on pci bus were overwritten
by the usb_id, hence now it is sufficient setting them only when ID_BUS is
not set yet.
Fixes#25238.
In the Xen case, it's the hypervisor which manages kexec. We thus
have to ask it whether a kernel is loaded, instead of relying on
/sys/kernel/kexec_loaded.
Also, fix a race condition introduced by d16684fe13:
```
[ 16.904218] H testsuite-26.sh[394]: + systemd-run --unit failed.service /bin/false
[ 16.964783] H systemd[845]: failed.service: Executing: /bin/false
[ 16.965062] H systemd[1]: Started failed.service.
[ 16.965462] H testsuite-26.sh[844]: Running as unit: failed.service
[ 16.966390] H testsuite-26.sh[394]: + systemctl is-failed failed.service
[ 16.977970] H testsuite-26.sh[846]: active
[ 16.978403] H systemd[1]: failed.service: Main process exited, code=exited, status=1/FAILURE
[ 16.978478] H systemd[1]: failed.service: Failed with result 'exit-code'.
```
If another bound interface (dummy98) will be removed before that dummy99
is processed by udevd, then removing dummy98 in the next step makes the
target interface (test1) bring down.
Follow-up for 3e2f7c46da528775f90c521e4cf22c2f61f82a81.
Many long-running services will reload configuration and therefore
credentials on reload. Therefore its useful if a service reload will
also update credentials.
Tested in https://github.com/numtide/systemd-vaultd/pull/12
Using fsopen()/fsconfig(), we can check if hidepid/subset are supported to
avoid the noisy logs from the kernel if they aren't supported. This works
on centos/redhat 8 as well since they've backported fsopen()/fsconfig().
Instead of succeeding when either the firmware reports a TPM device
or we find a TPM device, let's check that the firmware reports a TPM
device and the TPM subsystem is enabled in the kernel.
To check whether the subsystem enabled, we check if the relevant
subdirectory in /sys exists at all.
