1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-22 17:35:35 +03:00
Commit Graph

77977 Commits

Author SHA1 Message Date
Lennart Poettering
4d09f976f6 analyze: add missing --mask option to --help text
Follow-up for: 3e7a029c28
2024-12-11 10:32:38 +01:00
Lennart Poettering
7167bee6c6 analyze: tab fix 2024-12-11 10:32:38 +01:00
Yu Watanabe
b83847eb13
network: optionally bring up interface before joining bridge (#34438)
Closes #34247.
2024-12-11 18:16:34 +09:00
Yu Watanabe
f8bfe16b06 journalctl: do not override explicitly specified -b or -n with -e or -k
Fixes #35248.
2024-12-11 18:12:13 +09:00
Yu Watanabe
c577fe65f3 systemctl: downgrade log level of ECONNREFUSED from system dbus.service
To suppress log message when 'systemctl poweroff' or friends invoked in
rescue shell, which does not have dbus.service.
2024-12-11 18:08:26 +09:00
Yu Watanabe
2dfde4b8f8 network: optionally bring up interface before joining bridge
Closes #34247.
2024-12-11 11:23:48 +09:00
Yu Watanabe
2bb7fe554f network: introduce link_up_now()
This is currently not used. Preparation for later commit.
2024-12-11 11:23:48 +09:00
Yu Watanabe
77064620d7 Revert "coredumpctl: Don't treat no coredumps as failure"
This reverts commit dfe79b9ed2.
2024-12-11 11:14:37 +09:00
Yu Watanabe
94930ff674
bus-creds/time-util: use first_word() and skip_leading_chars() more (#35421)
Prompted by
https://github.com/systemd/systemd/pull/35403#discussion_r1863855098
2024-12-11 10:42:34 +09:00
Yu Watanabe
627d1a9ac1
core: Add ProtectHostname=private (#35447)
This PR allows an option for systemd exec units to enable UTS namespaces
but not restrict changing hostname via seccomp. Thus, units can change
hostname without affecting the host. This is useful for OS-like
containers running as units where they should have freedom to change
their container hostname if they want, but not the host's hostname.

Fixes: #30348
2024-12-11 10:17:25 +09:00
Yu Watanabe
17e6e4d6b6 tree-wide: replace ANSI_XYZ with ansi_xyz()
Continuation of f0484e096c.
2024-12-11 10:11:53 +09:00
Daan De Meyer
dfe79b9ed2 coredumpctl: Don't treat no coredumps as failure
Having to deal with a process that fails or doesn't fail depending on
whether there are coredumps or not is incredibly annoying for users.
2024-12-10 21:03:20 +01:00
Samuel Dionne-Riel
67f8ddc967 boot: Fix typo in looking_for_dtbauto
Signed-off-by: Samuel Dionne-Riel <samuel@dionne-riel.com>
2024-12-10 20:59:18 +01:00
Ryan Wilson
219a6dbbf3 core: Fix time namespace in RestrictNamespaces=
RestrictNamespaces= would accept "time" but would not actually apply
seccomp filters e.g. systemd-run -p RestrictNamespaces=time unshare -T true
should fail but it succeeded.

This commit actually enables time namespace seccomp filtering.
2024-12-10 20:55:26 +01:00
Lennart Poettering
641714cb30 discover-image: extend r/o check on images via path
If we have no path, let's check the parent's path.
2024-12-10 20:53:56 +01:00
Mike Yuan
5dfccccce9
basic/time-util: modernize parse_time() a bit 2024-12-10 20:50:36 +01:00
Mike Yuan
2cdfe75689
sd-bus/bus-creds: use first_word() where appropriate 2024-12-10 20:50:36 +01:00
Mike Yuan
d6010533df
sd-bus/bus-creds: use proper NULL instead of 0 2024-12-10 20:50:36 +01:00
Mike Yuan
77b40b4f60 units/initrd-parse-etc.service: replace systemctl start with OnSuccess= 2024-12-10 20:50:09 +01:00
Yu Watanabe
c576ba7182 journald: extend STDOUT_STREAMS_MAX to 64k
Closes #35390.
2024-12-10 20:49:42 +01:00
Nils K
e76d83d100
core: improve finding OnSuccess=/OnFailure= dependent (#35468)
Previously if one service specified the same unit as their
success and failure handler we bailed out of resolving the triggering unit
even though it is still unique.
2024-12-10 20:48:09 +01:00
Lennart Poettering
e82677aa07 tree-wide: fd_get_path() already understands AT_FDCWD natively 2024-12-10 20:46:30 +01:00
Luca Boccassi
92acb89735 Revert "test: skip TEST-13-NSPAWN.nspawn/machined, TEST-86-MULTI-PROFILE-UKI and TEST-07-PID1.private-pids.sh"
The release is done, re-enable the skipped flaky tests for main.

This reverts commit ab828def6d.
2024-12-10 19:31:18 +00:00
Luca Boccassi
9df1ca63fb NEWS: add placeholder for v258 2024-12-10 19:31:07 +00:00
Luca Boccassi
8c56f0bc9a meson: update version to 258~devel 2024-12-10 19:30:06 +00:00
Luca Boccassi
70bae7648f Finalize NEWS and meson.version for v257 2024-12-10 19:23:45 +00:00
Luca Boccassi
97eccc4850
Chores for v257 (#35525) 2024-12-10 19:21:43 +00:00
Yu Watanabe
edd0a3c5e9 copy: do not try to copy zero size data
Hopefully fixes the following sanitizer issue:
===
[ 3754.797377] systemd-journald[776]: ../src/src/shared/copy.c:463:37: runtime error: variable length array bound evaluates to non-positive value 0
[ 3755.101713] systemd-journald[776]: Received SIGTERM from PID 1 (systemd).
[ 3755.124580] systemd-journald[776]: Journal stopped
Found 1 sanitizer issues (0 internal, 0 asan, 0 ubsan, 0 msan).
===
2024-12-10 19:20:50 +00:00
Yu Watanabe
a33813e9e9 TEST-07-PID: wait for sleep command being executed by sd-executor
Hopefully fixes #35528.
2024-12-10 19:19:54 +00:00
Luca Boccassi
29d1f4dbd0
sd-varlink: add function to configure server object info (#35519) 2024-12-10 15:26:24 +00:00
Luca Boccassi
9e5e1cf6ca NEWS: update list of contributors 2024-12-10 15:18:39 +00:00
Luca Boccassi
0d740f4bc0 Update hwdb
ninja -C build update-hwdb
2024-12-10 15:18:39 +00:00
Luca Boccassi
ab828def6d test: skip TEST-13-NSPAWN.nspawn/machined, TEST-86-MULTI-PROFILE-UKI and TEST-07-PID1.private-pids.sh
These new tests are flaky, so disable them temporarily, until after
the release, to avoid pushing out new flakiness to consumers. They
will be re-enabled immediately after.
2024-12-10 15:18:39 +00:00
Luca Boccassi
b8a34813b0 test: add TEST_SKIP_SUBTESTS/TEST_SKIP_TESTCASES
Inverse of the TEST_MATCH_SUBTEST/TEST_MATCH_TESTCASE variables
2024-12-10 15:18:39 +00:00
Luca Boccassi
18d2d10c17
Cryptenroll pager and tweaks (#35517) 2024-12-10 14:07:26 +00:00
Luca Boccassi
491b9a8575 test: use mkdir -p in TEST-25-IMPORT
[   15.896174] TEST-25-IMPORT.sh[473]: + mkdir /var/tmp/scratch
[   15.902524] TEST-25-IMPORT.sh[519]: mkdir: cannot create directory ‘/var/tmp/scratch’: File exists

https://github.com/systemd/systemd/actions/runs/12248114409/job/34167155679?pr=35520
2024-12-10 13:51:53 +00:00
Zbigniew Jędrzejewski-Szmek
40b4fd35d1
Update syscall tables (#35520) 2024-12-10 12:21:01 +01:00
Sebastian Gross
f0484e096c hostnamectl: respect SYSTEMD_COLORS
Instead of the wrapper functions the color defines where used directly.
This was especially a problem for ANSI_HIGHLIGHT_YELLOW which is not
legible at all for light themes such as solarized. The 16 color palette
fallback can be set to a sane yellow or orange on that matter but it was
not used though `SYSTEMD_COLORS=16` was set.

Use the proper wrapper functions and let the right color be selected the
way other components do it already.
2024-12-10 11:03:19 +01:00
Zbigniew Jędrzejewski-Szmek
da64932dc7 cryptsetup: add debug message 2024-12-10 10:58:58 +01:00
Zbigniew Jędrzejewski-Szmek
7b2ebd7040 cryptenroll: show which devices support "hmac secret"
We'd silently skip devices which don't have the feature in the list.
This looked wrong esp. if no devices were suitable. Instead, list them
and show which ones are usable.

$ build/systemd-cryptenroll --fido2-device=list
PATH          MANUFACTURER PRODUCT                HMAC SECRET
/dev/hidraw7  Yubico       YubiKey OTP+FIDO+CCID  ✓
/dev/hidraw10 Yubico       Security Key by Yubico ✗
/dev/hidraw5  Yubico       Security Key by Yubico ✗
/dev/hidraw9  Yubico       Yubikey 4 OTP+U2F+CCID ✗
2024-12-10 10:58:58 +01:00
Zbigniew Jędrzejewski-Szmek
516a80b284 sd-varlink: modernize pointer style in function signatures 2024-12-10 10:51:56 +01:00
Zbigniew Jędrzejewski-Szmek
fd409ff0e0 various: set info on varlink server object
The values that were previously hardcoded in sd-varlink.c are now defined
in new varlink_set_info_systemd() and that function is called everywhere
where we create a server.
2024-12-10 10:51:56 +01:00
Zbigniew Jędrzejewski-Szmek
29f63c67b0 sd-varlink: add sd_varlink_server_set_info
Fixes https://github.com/systemd/systemd/issues/35508.

As reported in the bug, the values were hardcoded for the systemd project.
https://varlink.org/Service lists vendor, product, version, url, and interfaces
as the mandatory parameters, so add an interface to set the first four. The
last field is set automatically based on the registered interfaces as before.

If the values are not filled in, we return empty strings. With NULL,
'varlinkctl info' would say:
  (string):1:25: Object field 'vendor' has wrong type null, expected string.
2024-12-10 10:43:14 +01:00
Yu Watanabe
053cbabce7
mkosi: several improvements for running with sanitizers (#35480) 2024-12-10 13:35:22 +09:00
Yu Watanabe
fb35d775a7 seccomp-util: add getxattrat and friends
The new syscalls are added in kernel-6.13:
6140be90ec
2024-12-10 11:16:44 +09:00
Yu Watanabe
896b53ef4e basic: update syscall tables 2024-12-10 11:15:48 +09:00
Yu Watanabe
d2d006cc8c test: use systemd-asan-env environment file at more places 2024-12-10 11:01:53 +09:00
Yu Watanabe
456727b5d4 test-network: check status of networkd after everything cleared on tear down
Otherwise, if networkd is failed, e.g. .network files that triggered the
failure will remain, and the next test case will start with previous
.network files. So, most subsequent test will fail.
2024-12-10 11:01:53 +09:00
Yu Watanabe
91ef65784e mkosi/sanitizers: add more ASAN options
This adds the following three options:
- detect_invalid_pointer_pairs=2
- handle_ioctl=1
- print_cmdline=1

Note, these options were used in the CentOS CI job.
2024-12-10 11:01:53 +09:00
Yu Watanabe
1bdb9e808f test: extract sanitizer reports from journal 2024-12-10 11:01:48 +09:00