1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-25 01:34:28 +03:00
Commit Graph

73112 Commits

Author SHA1 Message Date
Mike Yuan
3cb7fc5fcb
man/systemd.journal-fields: add missing OBJECT_SYSTEMD_INVOCATION_ID 2024-04-25 01:12:27 +08:00
Mike Yuan
6cb8286aa3
journald-server: drop spuriously doubled '=' for OBJECT_SYSTEMD_INVOCATION_ID 2024-04-25 00:56:04 +08:00
Zbigniew Jędrzejewski-Szmek
c2e6ed612a
Merge pull request #32447 from keszybz/test-taint
core: drop unused param, move taint calculation to separate file
2024-04-24 18:09:57 +02:00
Luca Boccassi
2d0c95f2b2 ci: remove packages.microsoft.com
It is not needed, it publishes things like dotnet, and it is often
broken, so just remove the sources
2024-04-24 18:07:52 +02:00
Lennart Poettering
f6519d47a7 manager: port user lookup fd serialization to serialize_fd_many() 2024-04-24 17:34:42 +02:00
Lennart Poettering
c3ab362dad manager: comprehensively mark manager_dispatch_user_lookup_fd() as static
The prototype was static, but the implementation was not. Make both
static, this is otherwise too confusing. (This doesn't actually change
anything, since the prototype decides about this anyway, but it makes
things easier to read.)
2024-04-24 17:33:51 +02:00
Lennart Poettering
fbe8f6928e capability-util: avoid thread_local
While stracing PID1's forking off of children I noticed that every
single forked off child reads cap_last_cap from procfs. That value is a
kernel constant, hence we can save a lot of work if we'd cache it.

Thing is, we actually do cache it, in a thread_local cache field. This
means that the forked off processes (which are considered new threads)
will have to re-query it, even though we already know the result.

Hence, let's get rid of the thread_local stuff (given that the value is
going to be the same for all threads anyway, and we pretty much have a
single thread only anyway). Use an C11 atomic_int instead, which ensures
the value is either initialized or not initialized, but we don't need to
be concerned of partial initialization.

This makes the cap_last_cap reading go away in the children, as strace
shows (since cap_last_cap() is already called by PID 1 before
fork()ing, anyway).
2024-04-24 17:33:38 +02:00
Mike Yuan
98cf76a4cc cryptenroll: fix typo (close parenthesis out of nowhere)
Follow-up for 8518f4a814
2024-04-24 17:32:56 +02:00
Lennart Poettering
1a6dceeca2 manager: use startswith() return value 2024-04-24 16:58:12 +02:00
Lennart Poettering
3a7bb5c99c manager: use proper unicode arrow in dump 2024-04-24 16:15:53 +02:00
Zbigniew Jędrzejewski-Szmek
2a6b4d872d core/taint: make short_uid_range() not take a path
As requested in review.
2024-04-24 15:17:49 +02:00
Zbigniew Jędrzejewski-Szmek
d851637ca6 core: drop unused param, move taint calculation to separate file
Follow-up for 2b28dfe6e6.

I also considered moving the function to src/basic, but since it's only used by
the manager, it doesn't seem useful.
2024-04-24 15:17:49 +02:00
Lennart Poettering
07296542d6 exec-invoke: correct dont_close[] size
THis needs 15 entries as far as I can count, not just 14.

Follow-up for: 5686391b00

Sniff.
2024-04-24 15:09:28 +02:00
Daan De Meyer
82e00a3f62
Merge pull request #32449 from DaanDeMeyer/mkosi
Various mkosi fixes
2024-04-24 12:11:11 +02:00
Daan De Meyer
2c139de254 mkosi: Add attr
Required for messing around with xattrs in integration tests.
2024-04-24 12:09:12 +02:00
Daan De Meyer
ab7253e1ec mkosi: Add nvme-cli
The nvme command is needed for TEST-84-STORAGETM.
2024-04-24 11:02:48 +02:00
Richard Maw
fab270d73e mkosi: Add psmisc to opensuse for killall 2024-04-24 11:01:45 +02:00
Richard Maw
f744ccd5fe mkosi: Add psmisc to debian-ubuntu for killall 2024-04-24 11:01:45 +02:00
Richard Maw
bad25450b8 mkosi: Add psmisc to arch for killall 2024-04-24 11:01:45 +02:00
Richard Maw
2fd849016b test: Shut down tests on crash
If an assert in systemd fails it can't shut down normally.

By default it freezes. For interactive runs we want the crash shell
to enable further debugging, but during test runs we want it to exit
without having to wait for the test timeout.

By deactivating the crash shell, enabling reboot, and configuring qemu
so that it shuts down instead of rebooting we can shut down instead.

Because by default UEFI will enroll keys and then reboot
we also have to set --qemu-firmware-variables=custom
so it doesn't need to auto-enroll.

Because mkosi has to handle not receiving an EXIT_STATUS notification
it falls back to the exit code of qemu, which in the case of reboot
would be 0, we also override the success exit status to 123
and check that we got that as an exit code from mkosi.
2024-04-24 11:01:45 +02:00
Richard Maw
796cf1b483 test: document when writable /usr overlays may be needed 2024-04-24 11:01:45 +02:00
Richard Maw
0bc1e9592e mkosi: Update to latest 2024-04-24 11:01:35 +02:00
Yu Watanabe
d3a4b78b03
Merge pull request #32424 from yuwata/network-radv-cleanups
network/radv: further cleanups
2024-04-24 17:51:47 +09:00
Frantisek Sumsal
8dd4e2b2a9
Merge pull request #32443 from weblate/weblate-systemd-main
Translations update from Fedora Weblate
2024-04-24 10:23:09 +02:00
Luca Boccassi
c75c8a38b8 man: document service types that record ExecMainHandoverTimestamp
Follow-up for 93cb78aee2
2024-04-24 07:55:37 +02:00
Temuri Doghonadze
fc82ac9864 po: Translated using Weblate (Georgian)
Currently translated at 100.0% (233 of 233 strings)

Co-authored-by: Temuri Doghonadze <temuri.doghonadze@gmail.com>
Translate-URL: https://translate.fedoraproject.org/projects/systemd/main/ka/
Translation: systemd/main
2024-04-24 07:43:37 +02:00
Yuri Chornoivan
95d04e8d2b po: Translated using Weblate (Ukrainian)
Currently translated at 100.0% (233 of 233 strings)

Co-authored-by: Yuri Chornoivan <yurchor@ukr.net>
Translate-URL: https://translate.fedoraproject.org/projects/systemd/main/uk/
Translation: systemd/main
2024-04-24 07:43:37 +02:00
Oğuz Ersen
e8fe5f82fb po: Translated using Weblate (Turkish)
Currently translated at 100.0% (233 of 233 strings)

Co-authored-by: Oğuz Ersen <oguz@ersen.moe>
Translate-URL: https://translate.fedoraproject.org/projects/systemd/main/tr/
Translation: systemd/main
2024-04-24 07:43:37 +02:00
Luna Jernberg
10f8b45c52 po: Translated using Weblate (Swedish)
Currently translated at 100.0% (233 of 233 strings)

Co-authored-by: Luna Jernberg <bittin@reimu.nl>
Translate-URL: https://translate.fedoraproject.org/projects/systemd/main/sv/
Translation: systemd/main
2024-04-24 07:43:37 +02:00
Yu Watanabe
6fe51dc50c network/radv: merge two boolean flags for prefix into one 2024-04-24 12:26:25 +09:00
Yu Watanabe
c7c56724a5 sd-radv: use in6_addr_prefix_intersect() 2024-04-24 12:22:05 +09:00
Yu Watanabe
21ae0b4b3c in-addr-util: introduce in{4,6}_addr_prefix_intersect() 2024-04-24 12:22:05 +09:00
Yu Watanabe
9dc2503539 sd-radv: allow to send multiple routes or prefix64 that have intersection with others
I cannot find any RFC that states we should not send multiple route
prefix or pref64 options that have intersection with others.
Moreover, each route prefix option has preference field, thus, user may
want to send e.g. a prefix with the normal preference, and another sub
prefix with the high preference. Previously, such configuration was
prohibited. Let's allow that now.
2024-04-24 12:22:05 +09:00
Yu Watanabe
96dd66eddf sd-radv: send RA on update in caller side
As the caller may want to update multiple prefixes and friends.
Let's not automatically announce on update in library side.

Currently, only prefix is updated during running. Hence, this does not
change any effective behavior.
2024-04-24 12:22:05 +09:00
Yu Watanabe
956709a28f
Merge pull request #32438 from YHNdnzj/taint-cleanup
core/manager: clean up taint strings
2024-04-24 11:44:06 +09:00
Mike Yuan
844863c61e
core/manager: add unmerged-bin taint 2024-04-24 08:43:08 +08:00
Mike Yuan
ea81442892
core/manager: rearrange taint tags 2024-04-24 08:40:25 +08:00
Mike Yuan
2b28dfe6e6
core/manager: drop obsolete cgroup taint string
Wwe can't boot on systems without cgroup anyway
(even cgroup v1 will be gone pretty soon).
2024-04-24 08:39:29 +08:00
Mike Yuan
21f8e749a1
mount-setup: use mount_verbose_full where appropriate 2024-04-24 08:39:26 +08:00
Luca Boccassi
5e1124b510
Merge pull request #32437 from keszybz/notify-fixups-split-out
Two fixups for sd-notify split out from #32093
2024-04-23 19:36:53 +02:00
Luca Boccassi
e1e81c0920
Merge pull request #32434 from poettering/cryptenroll-prefer-var
cryptenroll: prefer looking at /var/ instead of /
2024-04-23 18:45:43 +02:00
Simon Fowler
557c04a382 Add self-contained Python sd_notify example.
This complements the existing C example.
2024-04-23 17:03:01 +02:00
Antonio Alvarez Feijoo
8ebfef5c96 sysext: do not return 0 if unmerge() fails in the refresh() function.
Actually, return the result of `unmerge()` if it is called in the `refresh()`
function.

Fixes 8662fcbcf1
2024-04-23 16:15:55 +02:00
Zbigniew Jędrzejewski-Szmek
a4acc2528f
Merge pull request #32435 from YHNdnzj/followup
Some follow-ups for recent PRs
2024-04-23 15:47:57 +02:00
Lennart Poettering
6645dc053d update NEWS 2024-04-23 15:23:44 +02:00
Lennart Poettering
cd4eda525d cryptenroll: use [] in --help text to indicate block device argument is now optional 2024-04-23 15:23:44 +02:00
Lennart Poettering
8518f4a814 cryptenroll: default to block device backing /var/ rather than /
With 1df4b21abd we started to default to
enrolling into the LUKS device backing the root fs if none was specified
(and no wipe operation is used). This changes to look for /var/ instead.

On most systems /var/ is going to be on the root fs, hence this change
is with little effect.

However, on systems where / and /var/ is separate it makes more sense to
default to /var/ because that's where the persistent and variable data
is placed (i.e.  where LUKS should be used) while / doesn't really have
to be variable, could as well be immutable, or ephemeral. Hence /var/
should be a safer default.

Or to say this differently: I think it makes sense to support systems
with /var/ being on / well. I also think it makes sense to support
systems with them being separate, and /var/ being variable and
persistent. But any other kind of system I find much less interesting to
support, and in that case people should just specify the device name.

Also, while we are at it, tighten the checks a bit, insist on a dm-crypt
+ LUKS superblock before continuing.

And finally, let's print a short message indicating the device we
operate on.
2024-04-23 15:23:44 +02:00
Yu Watanabe
bd0ec61ae3 journal: do not rotate unrelated journal files when full or corrupted
When we fail to add an entry to a journal file, typically when the file
is full or corrupted, it is not necessary to rotate other journal files.

Not only that's unnecessary, rotating all journal files allows
unprivileged users to wipe system or other user's journals by writing
many journal entries to their own user journal file.

Let's rotate all journal files only when
- it is really requested by a privileged user (e.g. by journalctl --rotate), or
- the system time jumps backwards.
And, otherwise rotate only the journal file we are currently writing.
2024-04-23 15:13:05 +02:00
Daan De Meyer
00bc83a275 core: Limit terminal reset using ANSI sequences to /dev/console
Doing this in reset_terminal_fd() is a bit too invasive, see
https://github.com/systemd/systemd/pull/32406#issuecomment-2070923583.

Let's only do this for /dev/console so that we work around weird firmwares
disabling line-wrapping, but avoid messing too much with other things.

While we're at it, let's handle more than just line wrapping, and do a
more general reset of stuff to get the terminal into a sane state.
2024-04-23 15:05:50 +02:00
Mike Yuan
66ec03061a
network: suggest using "networkctl edit" instead of copying manually 2024-04-23 20:02:19 +08:00