IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Fix wrong condition test in manager_etc_hosts_lookup(), which caused it to
return an IPv4 answer when an IPv6 question was asked, and vice versa.
Also only return success if we actually found any A or AAAA record.
In systemd-resolved.service(8), point out that /etc/hosts mappings only
affect address-type lookups, not other types.
The test case currently disables DNSSEC in resolved, as there is a bug
where "-t MX" fails due to "DNSSEC validation failed" even after
"downgrading to non-DNSSEC mode". This should be dropped once that bug
gets fixed.
Fixes#4801
active_slave:
Specifies the new active slave for modes that support it
(active-backup, balance-alb and balance-tlb).
primary slave:
systemd-networks currently lacks the capability to set the primary slave
in an
active-backup bonding. This is necessary if you prefer one interface
over the
other. A common example is a eth0-wlan0 bonding on a laptop where you'd
want to
switch to the wired connection whenever it's available.
Fixes: #2837
Since nspawn looks for them, importd now downloads them, and mkosi
generates them, let's make sure they also processed correctly on all
machined operations.
Handle properly if /etc is a symlink (i.e. make sure we don't follow the
symlink outside the image). Also follow /etc/resolv.conf if it is a
symlink, and use the resolved path when creating a mount point and
mounting (as both of these operations follow symlinks and rally
shouldn't).
Handle more types of read-only errors as debug-level issues.
verity block devices have two backing devices: the data partition and
the hash partition. Previously the gpt auto-discovery logic would refuse
working on devices with multiple backing devices, losen this up a bit,
to permit them as long as the backing devices are all located on the
same physical media.
This adds a generator and a small service that will look for "roothash="
on the kernel command line and use it for setting up a very partition
for the root device.
This provides similar functionality to nspawn's existing --roothash=
switch.
Change the gpt auto discovery generator to use the same dissector as
nspawn and the rest of the tools. This removes the separate dissector
code that the generator previously had and unifies the relevant code.
In preparation for reusing the image dissector in the GPT auto-discovery
logic, only optionally fail the dissection when we can't identify a root
partition.
In the GPT auto-discovery we are completely fine with any kind of root,
given that we run when it is already mounted and all we do is find some
additional auxiliary partitions on the same disk.
This adds support for a new kernel command line option "systemd.volatile=" that
provides the same functionality that systemd-nspawn's --volatile= switch
provides, but for host systems (i.e. systems booting with a kernel).
It takes the same parameter and has the same effect.
In order to implement systemd.volatile=yes a new service
systemd-volatile-root.service is introduced that only runs in the initrd and
rearranges the root directory as needed to become a tmpfs instance. Note that
systemd.volatile=state is implemented different: it simply generates a
var.mount unit file that is part of the normal boot and has no effect on the
initrd execution.
The way this is implemented ensures that other explicit configuration for /var
can always override the effect of these options. Specifically, the var.mount
unit is generated in the "late" generator directory, so that it only is in
effect if nothing else overrides it.
Let's follow symlinks before invoking mount() on arbitrary paths, so that we
won't get confused if directories are prepared with absolute symlinks.
Use FOREACH_STRING() instead of NULSTR_FOREACH() as it is more readable.
Don't use snprintf() for concatenating strings, let chase_symlinks() to that.
Replace homegrown mount check with path_is_mount_point(). Also, change the
behaviour when we encounter this: instead of unmounting the old mount point,
simply leave it around and don't replace it, so that initrds can mount stuff
there with different settings than we would apply. This is in-line with how we
handle automatic mounts in nspawn for example.
Use umount_recursive() instead of a simple umount2() for unmounting the old
root, so that we actually cover really all mounts, not just the top-level one.
This changes journald to not write to /var/log/journal until it received
SIGUSR1 for the first time, thus having been requested to flush the runtime
journal to disk.
This makes the journal work nicer with systems which have the root file system
writable early, but still need to rearrange /var before journald should start
writing and creating files to it, for example because ACLs need to be applied
first, or because /var is to be mounted from another file system, NFS or tmpfs
(as is the case for systemd.volatile=state).
Before this change we required setupts with /var split out to mount the root
disk read-only early on, and ship an /etc/fstab that remounted it writable only
after having placed /var at the right place. But even that was racy for various
preparations as journald might end up accessing the file system before it was
entirely set up, as soon as it was writable.
With this change we make scheduling when to start writing to /var/log/journal
explicit. This means persistent mode now requires
systemd-journal-flush.service in the mix to work, as otherwise journald would
never write to the directory.
See: #1397
This was broken by 19caffac75 which remounted the
root directory to MS_SHARED before applying the volatile mount logic. This
broke things as MS_MOVE is incompatible with MS_SHARED directory trees, and we
need MS_MOVE in the volatile mount logic to rearrange the directory tree.
Simply swap the order here, apply the volatile logic before we switch to
MS_SHARED.
This improves kernel command line parsing in a number of ways:
a) An kernel option "foo_bar=xyz" is now considered equivalent to
"foo-bar-xyz", i.e. when comparing kernel command line option names "-" and
"_" are now considered equivalent (this only applies to the option names
though, not the option values!). Most of our kernel options used "-" as word
separator in kernel command line options so far, but some used "_". With
this change, which was a source of confusion for users (well, at least of
one user: myself, I just couldn't remember that it's systemd.debug-shell,
not systemd.debug_shell). Considering both as equivalent is inspired how
modern kernel module loading normalizes all kernel module names to use
underscores now too.
b) All options previously using a dash for separating words in kernel command
line options now use an underscore instead, in all documentation and in
code. Since a) has been implemented this should not create any compatibility
problems, but normalizes our documentation and our code.
c) All kernel command line options which take booleans (or are boolean-like)
have been reworked so that "foobar" (without argument) is now equivalent to
"foobar=1" (but not "foobar=0"), thus normalizing the handling of our
boolean arguments. Specifically this means systemd.debug-shell and
systemd_debug_shell=1 are now entirely equivalent.
d) All kernel command line options which take an argument, and where no
argument is specified will now result in a log message. e.g. passing just
"systemd.unit" will no result in a complain that it needs an argument. This
is implemented in the proc_cmdline_missing_value() function.
e) There's now a call proc_cmdline_get_bool() similar to proc_cmdline_get_key()
that parses booleans (following the logic explained in c).
f) The proc_cmdline_parse() call's boolean argument has been replaced by a new
flags argument that takes a common set of bits with proc_cmdline_get_key().
g) All kernel command line APIs now begin with the same "proc_cmdline_" prefix.
h) There are now tests for much of this. Yay!
Check if the parsed seconds value fits in an integer *after*
multiplying by USEC_PER_SEC, otherwise a large value can trigger
modulo by zero during normalization.
- linux does not accept prefixes for SLAAC unequal to 64 bits: http://lxr.free-electrons.com/source/net/ipv6/addrconf.c#L2741
- when networkd tries export such a route to the kernel it will get -EINVAL and
set the whole device into a failed state.
- this patch will make networkd ignore such prefixes for SLAAC,
but process other informations which may contain other prefixes.
- Note that rfc4862 does not forbid prefix length != 64 bit
"sushell" is a Fedora-specific concept, shipped as part of
"initscripts". We shouldn't actively search for it if we can avoid it.
Hence, lets now default to /bin/sh as debug shell on all systems, and
permit Fedora to override that for their RPMs via --with-debug-shell= at
configure time.
This is useful for reusing the dissector logic in the gpt-auto-discovery logic:
there we really don't want to use MBR or naked file systems as root device.
