IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
These are not actually needed or installed, so delete them from the
build directory, so that inside an image one can do:
apt install --reinstall /work/build/*.deb
Follow-up for 690a85b1d4e794af62bca6d1ea530ffc530ee58c
(cherry picked from commit ce513c6c6cfbb52dd4736f8074b61d2dfdb2417d)
With the latest mkosi, mkosi -t none can be used to rerun the build
script without messing with a previously built image. This allows
one to run "mkosi -t disk -f qemu" in one terminal to build and boot
an image in qemu and then run "mkosi -t none" in another terminal to
rebuild the packages. If one then has "RuntimeBuildSources=yes" set
in their mkosi configuration, the build directory is mounted into the
virtual machine, which means that one can then run "dnf upgrade
/work/build/*.rpm" from within the VM to install the new packages.
This allows for quickly iterating on changes without having to rebuild
the image all the time.
We'll probably want to document this at some point, but let's start
with making it possible by copying the built packages to the build directory.
(cherry picked from commit 690a85b1d4e794af62bca6d1ea530ffc530ee58c)
Currently if git merge-base fails we'll hide the error and exit with
exit status 0. Let's make we only exit early if git merge-base exits
with 1 which indicates the current commit is not on the target branch.
Any other error is considered fatal.
(cherry picked from commit 2fe6ad5a64bca187712708d41269091c91500a35)
The timestamp is not in CLOCK_MONOTONIC, but CLOCK_BOOTTIME,
while header monotonic timestamp is in CLOCK_MONOTONIC. Hence, we cannot
adjust timestamp by comparing with header monotonic timestamp and
_SOURCE_MONOTONIC_TIMESTAMP field.
Fixes a regression caused by affde1d7e79a634ee6053dbd4a57b3b51b74c170.
Fixes#33293.
(cherry picked from commit 144498e7e6efe2d90981cb14e3ed462a70a955c6)
Also, make contrast between --remove and --purge clearer: one deletes
files marked for deletion, the other deletes files marked for creation.
(cherry picked from commit 69d76823ce6e9c307184946ed55b207eb728e625)
Also, extend the man page explanation substantially, matching more
closely what --create says.
Fixes: #33349
(cherry picked from commit 41064a3c97c9a53c97bbe8a1de799a82c4374a2d)
If a symlink is leftover, still allow cleaning it up via 'disable'. This
happens when a unit is stopped and removed, but not disabled, and a reload
has already happened. At that point, cleaning up the old symlinks becomes
impossible through the APIs, and needs to be done manually. Always allow
cleaning up symlinks, if they exist, by only erroring out if there is an
OOM.
Follow-up for f31f10a6207efc9ae9e0b1f73975b5b610914017
(cherry picked from commit 5163c9b1e56293b1bb2803420613c5b374570892)
Booting a guest with secure boot is broken in Azure due to a hypervisor
bug. Disable it for now. Given there's no option, need to edit
the configuration on the fly.
(cherry picked from commit bdd0b45bfd7190bb8eb50c71ff6f50a80d6e6e52)
mkosi will prefer UEFI if the architecture supports it, but fallback
to 'linux' if it doesn't.
(cherry picked from commit 80468db8fa21ffd07dc2f28c656eeaf8f0292367)
Same as the old integration test suite, allow skipping tests that
require qemu.
ppc64el's vsock support doesn't appear to work, so we'll skip it,
as it is already done in the legacy framework.
(cherry picked from commit 464d182b3e470e4163ca376145539a537a6e43a2)
The shell integration suite allows to manually deselect KVM, so
suppor the same env var for the same purpose in python.
(cherry picked from commit 7d2701e7d1d0a7194026dd371071df6e63f59a82)
We want to keep various logic here instead of mkosi, so drop the
temporary comment
(cherry picked from commit 626518ecd5e7b0c0c708ba53d7eb62934506ed54)
Ubuntu disables them by default in Noble, ship a sysctl to turn them back on
so that tests can use them
(cherry picked from commit 4cfcde024f34b3e5f682364d4e0c6185ef07d467)
Historically, systemd-tmpfiles was designed to manager temporary
files, but nowadays it has become a generic tool for managing
all kinds of files. To avoid user confusion, let's remove "temporary"
from the tool's description.
As discussed in #33349
(cherry picked from commit b5c8cc0a3b8e4e2fea0539d6420a76b524ea5735)
Mention that by default, /home is managed by tmpfiles.d/home.conf, and
recommend that users run systemd-tmpfiles --dry-run --purge first to
see exactly what will be removed.
(cherry picked from commit 9ebcac3b5125a8b0b11f371731ea167cd4684adc)
SHA384 is pretty much the bank we actually *want* to use, since it's
faster to calculate than SHA256, hence at the very least, start
considering.
(cherry picked from commit acaca5ab250a51be6ba07768bee80bf0f7b462fa)
In some recent PRs (e.g. #32628) I started to systematically name return
parameters that shall only be initialized on failure (because they carry
additional error meta information, such as the line/column number of
parse failures or so). Let's make this official in the coding style.
(cherry picked from commit 7811864b08393eda5ff92145ea2776180d9b28ee)
Let's skip udev device scanning when activating a LUKS volume in
systemd-repart as we don't depend on any udev symlinks and don't
expect anything except repart to access the volume.
Suggested by https://github.com/systemd/systemd/issues/33129#issuecomment-2143390941.
(cherry picked from commit 726fc7ae696510b04c24810f691d34f5d20529d6)
Let's dump a list of skipped tests and logs from failed tests at the end
of TEST-02-UNITTEST to make debugging fails in CI slightly less painful.
(cherry picked from commit 2ac0e52f29eb5f0040882fc46bcfa369893577f3)
crypt_reencrypt() is deprecated, so let's look for and prefer
crypt_reencrypt_run() if it is available.
(cherry picked from commit b99b2941276a74878a23470b36c75b0c21dbdd4a)
This check introduced in 91adc4db33f6 is intended to spare us from
encountering broken resolver behavior we don't want to deal with.
However if we aren't validating we more than likely don't know the state
of the upstream resolver's support for dnssec. Let's let clients try
these queries if they want.
This brings the behavior of sd-resolved in-line with previouly stated
change in the meaning of DNSSEC=no, which now means "don't validate"
rather than "don't validate, because the upstream resolver is declared to
be dnssec-unaware".
Fixes: 9c47b334445a ("resolved: enable DNS proxy mode if client wants DNSSEC")
(cherry picked from commit 364c948707afa097f6ad177b61c2b51a86c0089a)
The TPM might be password/pin protected for various reasons even if
there is no SRK yet. Let's handle those cases gracefully instead of
failing the unit as it is enabled by default.
(cherry picked from commit d6518003f8ebbfb6f85dbf227736ae05b0961199)
This allows us to reserve a bunch of capacity ahead of time,
improving the performance of hwdb significantly thanks to not
having to reallocate so many times.
Before:
```
$ sudo time valgrind --leak-check=full ./systemd-hwdb update
==113297== Memcheck, a memory error detector
==113297== Copyright (C) 2002-2024, and GNU GPL'd, by Julian Seward et al.
==113297== Using Valgrind-3.23.0 and LibVEX; rerun with -h for copyright info
==113297== Command: ./systemd-hwdb update
==113297==
==113297==
==113297== HEAP SUMMARY:
==113297== in use at exit: 0 bytes in 0 blocks
==113297== total heap usage: 1,412,640 allocs, 1,412,640 frees, 117,920,009,195 bytes allocated
==113297==
==113297== All heap blocks were freed -- no leaks are possible
==113297==
==113297== For lists of detected and suppressed errors, rerun with: -s
==113297== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)
132.44user 21.15system 2:35.61elapsed 98%CPU (0avgtext+0avgdata 228560maxresident)k
0inputs+25296outputs (0major+6886930minor)pagefaults 0swaps
```
After:
```
$ sudo time valgrind --leak-check=full ./systemd-hwdb update
==112572== Memcheck, a memory error detector
==112572== Copyright (C) 2002-2024, and GNU GPL'd, by Julian Seward et al.
==112572== Using Valgrind-3.23.0 and LibVEX; rerun with -h for copyright info
==112572== Command: ./systemd-hwdb update
==112572==
==112572==
==112572== HEAP SUMMARY:
==112572== in use at exit: 0 bytes in 0 blocks
==112572== total heap usage: 1,320,113 allocs, 1,320,113 frees, 70,614,501 bytes allocated
==112572==
==112572== All heap blocks were freed -- no leaks are possible
==112572==
==112572== For lists of detected and suppressed errors, rerun with: -s
==112572== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)
21.94user 0.19system 0:22.23elapsed 99%CPU (0avgtext+0avgdata 229876maxresident)k
0inputs+25264outputs (0major+57275minor)pagefaults 0swaps
```
Co-authored-by: Yu Watanabe <watanabe.yu+github@gmail.com>
(cherry picked from commit 621b10fe2c3203c537996e84c7c89b0ff994ad93)
As per the suggestion in https://github.com/systemd/systemd/issues/33242.
This reduces the number of /dev/ttySXX device units generated in
mkosi from 32 to 4.
(cherry picked from commit dc38f9addd04c34d1fd743efc407bdebb3573d05)
I do not think this is necessary, but all other places in
libsystemd-network we clear buffer before receive. Without this,
Coverity warns about use-of-uninitialized-values.
Let's silence Coverity.
Closes CID#1469721.
(cherry picked from commit 40f9fa0af4c3094d93e833e62f7e301cd453da62)
And while we are at it, ongoing PK authorizations are also a reason to
block exit on idle.
(cherry picked from commit ac908152b3b43a49f793d225c075423422cd3e33)
Section "Description" didn't actually say what systemd does. And we had a giant
"Concepts" section that actually described units types and other details about
them. So let's move the basic description of functionality to "Description" and
rename the following section to "Units".
The link to the Original Design Document is moved to "See Also", it is of
historical interest mostly at this point.
The only actual change is that when talking about API filesystems, /dev is also
mentioned. (I think /sys+/proc+/dev are the canonical set and should be always
listed on one breath.)
(cherry picked from commit f11aaf7dfb295de429b1567282b19caaba036bba)
