IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Encrypted /var is skipped because meson's limitations make per test
images not really feasible and we can't encrypt /var by default because
it slows down the image build too much.
Co-authored-by: Richard Maw <richard.maw@codethink.co.uk>
While containers often have their host0 network provided by veth when
the container runtime is privileged, unprivileged containers tend to
have their network provided via slirp4netns or pasta. These tools use a
tun interface rather than a veth interface and systemd should still set
configure such networks.
We should have different .network files for the veth and tun use cases
as there may arise a need to configure them differently. We should not
rename 80-container-host0.network as that would cause existing drop-ins
to no longer apply.
Closes: #32095
Fixes: f139393dd2 ("network: use Kind= instead of Driver=")
Signed-off-by: Helmut Grohne <helmut@subdivi.de>
For manager test runs, the generator output paths are located in
/tmp, which means that if we mount a private /tmp for generators,
we lose all the generated units (actually the generators will just
fail because the directories don't exist, but if they did exist,
we'd still lose all the units).
Let's avoid the problem by skipping the private /tmp for manager
test runs. This also avoids any possible privilege issues with
mounting a private /tmp that might happen in this scenario.
Currently, during soft-reboot, some services may survive,
but their associated credential mounts are dropped.
Let's instead preserve them, as discussed.
Follow-up for 3c0a1b1e70
Before this commit, DefaultDependencies=no is set in
mount_add_extras(). However, when generating mount units
from /proc/self/mountinfo, we don't have a unit in memory
yet, and mount_setup_new_unit() doesn't call into
mount_add_extras().
Fixes#32838
Locking of the tty device and then /dev/console was added to synchronize
vconsole-setup with other writers to the console. But it turns out that often
the locking doesn't work and we carved out various cases where we ignore
failure:
- lack of permissions (in the user manager)
- missing device node
It turns out that there's at least one more failure mode: we get -EIO when the
console is (mis-)configured to point to an invalid device. E.g. in
rhbug#2273069 the reporter has a VM in Proxmox without a virtual console
configured and has 'console=tty console=ttyS0' on the kernel cmdline. I
couldn't reproduce this under libvirt, but failure with EIO has been reported
by at least four users in #30501.
Note that in systemd-vconsole-setup we report this is a hard failure, while
in the manager, we only do a debug line. So it's possible that the failure
also occured there, causing the rest of the setup of the tty to be skipped
without further notice.
Ignore the locking failure, since there's just too many ways it can fail. If we
proceed without a lock, we're back to the situation before we started locking,
which wasn't too bad. OTOH, skipping setup of the console is problematic for
users, and it seems better to try to do the setup without locking.
Fixes https://github.com/systemd/systemd/issues/30501,
https://bugzilla.redhat.com/show_bug.cgi?id=2273069.
This adds a testsuite unit to run systemd-networkd-tests.py. This is
mkosi only for now as python is not available in the images set up
by the bash framework. We give the test a lower priority as it takes
a while to run so we want to start it as soon as possible.