IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
I encountered this race condition while working on TEST-13-NSPAWN.varlinkctl.sh.
The long-running machine's init script sometimes does not have time to start and
register signals. As result, occasiounally failed tests.
(cherry picked from commit e826a8bed4)
Various tests skip themselves when running in a container so make
sure the test runs in a virtual machine so we get full coverage.
(cherry picked from commit f4faac2073)
Force means force, we skip checks with PID1 for existing units, but
then bail out with EEXIST if the files are actually there. Overwrite
everything instead.
(cherry picked from commit 1e2d1a7202)
In some cases (SUSE Tumbleweed) this is needed as a library (libz) is
not in the default path, so it fails to run.
(cherry picked from commit 1e17e48b96)
Let's disable KVM if TEST_NO_KVM=1 is set but let's not specify anything
if it's not set so the QemuKvm= setting from mkosi.conf is used.
(cherry picked from commit c8e7cfeddc)
When running unprivileged, checking /proc/1/root doesn't work because
it requires privileges. Instead, let's add an environment variable so
the process that chroot's can tell (systemd) subprocesses whether
they're running in a chroot or not.
(cherry picked from commit 2701c2f67d)
When unit_need_daemon_reload() calls unit_find_dropin_paths() to check
for new drop-in configs, the manager's unit path cache is used to limit
which directories are considered. If a new drop-in directory is created,
it may not be in the unit path cache, and hence unit_need_daemon_reload()
may return false, despite a new drop-in being present. However, if a
unit path cache is not given to unit_file_find_dropin_paths() at all,
then it behaves as if the target path was found in the unit path cache.
So, to fix this, adapt unit_find_dropin_paths() to take a boolean
argument indicating whether or not to pass along the unit path cache.
Set this to false in unit_need_daemon_reload().
Fixes#31752
(cherry picked from commit 82c482d573)
When creating a user, check if the requested group name matches a user
name in the queue. If that matched user name is also going to be a group
name, then use it for the new user too. In other words, allow the
following:
u foo -
u bar -:foo
when both foo and bar are new users.
Fixes#33547
(cherry picked from commit 18a8f03e51)
This fixes the following assertion:
===
SYSTEMD_LOG_LEVEL=debug systemctl --user -H foo --boot-loader-entry=help
Assertion 'transport != BUS_TRANSPORT_REMOTE || runtime_scope == RUNTIME_SCOPE_SYSTEM' failed at src/shared/bus-util.c:284, function bus_connect_transport(). Ignoring.
Failed to connect to bus: Operation not supported
===
Fixes a bug introduced by 97af80c5a7.
Fixes#33661.
Fixes oss-fuzz#70153.
(cherry picked from commit 1056457d11)
Running the following commands:
# mkdir -p /var/lib/pcrlock.d/123-empty.pcrlock.d
# /usr/lib/systemd/systemd-pcrlock predict --pcr=1+2+3+4+5+16
Will result in:
...
Floating point exception
Running the following commands:
# mkdir -p /var/lib/pcrlock.d/123-empty.pcrlock.d
# /usr/lib/systemd/systemd-pcrlock make-policy --pcr=1+2+3+4+5+16
Will result to this (partial) log:
...
Predicted future PCRs in 133us.
[]
...
Written policy digest 0000000000000000000000000000000000000000000000000000000000000000 to NV index 0x1921da6
...
So, add missing checks to handle gracefully cases where there's no variant
inside the component.
Signed-off-by: Arnaud Patard <arnaud.patard@collabora.com>
(cherry picked from commit e7a93e7521)
Rebuilding the integration test every time is very slow. Let's
introduce a way to iterate on an integration test without rebuilding
the image every time. By making a btrfs snapshot before we run the
integration test, we can then systemctl soft-reboot after running
the test to restore the rootfs to a pristine state before running
the test again.
As /run/nextroot will get nuked on reboot or soft-reboot, we introduce
a tmpfiles snippet to make sure it is recreated every (soft-)reboot
and adapt the existing tests to deal with this new symlink.
(cherry picked from commit af153e36ae)
TEST_SHELL can be used to get a shell in the integration test
environment without actually immediately starting the test.
(cherry picked from commit dd1c01b20f)
Since, at least the old framework, checks for the presence of the file
at the end and marks the whole test as skipped if it exists.
Resolves: systemd/systemd-centos-ci#728
(cherry picked from commit 4d1fbe53c1)
On Fedora the sshd-session binary is under /usr/libexec/openssh/ so
cover this path as well in the old framework.
Follow-up for aaa7b36bd1.
(cherry picked from commit ce2344bbee)
We document that when multiple credentials of the same name are found,
we use the first one found so let's actually implement that behavior.
(cherry picked from commit 3de13e6148)
Remove an early return that prevents --prompt-root-password or
--prompt-root-shell and systemd.firstboot=off using credentials. In that case,
arg_prompt_root_password and arg_prompt_root_shell will be false, but the
prompt helpers still need to be called to read the credentials. Furthermore, if
only the root shell has been set, don't overwrite the root password.
(cherry picked from commit 35bc4c3424)
If /etc/passwd and/or /etc/shadow exist but don't have an existing root entry,
one needs to be added. Previously this only worked if the files didn't exist.
(cherry picked from commit 2319154a6b)
Although locked and empty passwords in /etc/passwd are treated the same, in all
other cases the entry is configured to read the password from /etc/shadow.
(cherry picked from commit 5088de9daa)
It means: a) user cannot be created, something's wrong in the
test environment -> fail the test; b) user already exists, we shall not
continue and delete (foreign) user.
(cherry picked from commit 3e6e3e6d40)
TEST-46-HOMED fails on ext4 because the filesystem is deemed to small
for activation by cryptsetup. Let's bump the minimal filesystem size for
ext4 a bit to be in the same ballpark as ext4 and btrfs to avoid weird
errors due to impossibly small filesystems.
Also use U64_MB while we're touching this.
(cherry picked from commit ae07feb401)
There are multiple subtests, just move them around into functions
(leveraging the testcase_* convention) to make space for new related
subtests.
(cherry picked from commit 4f0541dc59)
This allows mkosi to combine fstab.extra with its own fstab.extra so
that it doesn't override the one we pass for the test.
(cherry picked from commit ebe17e3f9e)
We don't need to allow non-root, and the policy needs to specify destination
and interface too, to narrow it down
Follow-up for 7b5c38a91d
(cherry picked from commit a4c436c9d8)
Follow-up for 19a44dfe45
If a drop-in is set from upper level, e.g. global unit_type.d/,
even if a unit is masked, its dropin_paths would still be partially
populated. However, unit_need_daemon_reload() would always
compare u->dropin_paths with empty strv in case of masked units,
resulting in it always returning true. Instead, let's ignore
dropins entirely here.
Fixes#33672
(cherry picked from commit 11b3775f51)
On Debian and derivatives writing calls to localed are blocked as other
tools are used to change settings, override that policy for the tests
(cherry picked from commit 7b5c38a91d)
I don't know why yet, but TEST-73-LOCALE can take more than 10
minutes. Until we figure out why, let's give it a higher priority
so it doesn't bottleneck the test run.
(cherry picked from commit 14963ea90d)
Otherwise fixfiles will try to relabel it which could potentially
lead to disaster. We also change the recommendation in HACKING.md
to set the default so that TEST-06-SELINUX can override it.
(cherry picked from commit 575f954b5d)
Let's document in detail how to build the integration test image and run
the integration tests without building systemd. To streamline the process,
we stop automatically using binaries from build/ when invoking mkosi directly
and don't automatically use a tools tree anymore if systemd on the host is too
old. Instead, we document these options in HACKING.md and change the mkosi meson
target to automatically use the current build directory as an extra binary search
path for mkosi.
(cherry picked from commit d279ec4a50)
We already have selinux=0 in the default kernel command line so
enforcing=0 is redundant. Instead, pass in enforcing=0 when we
enable selinux in TEST-06-SELINUX.
(cherry picked from commit f5c44df929)
Let's make sure we don't load libnss_systemd.so from bash as the
necessary environment variables aren't set to make that work when
we're running with sanitizers enabled.
We can't add a sanitizer wrapper for bash as the wrapper runs using
bash so you end up in a loop.
(cherry picked from commit 5ac0dc70ff)
