1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-22 17:35:35 +03:00
Commit Graph

71788 Commits

Author SHA1 Message Date
Zbigniew Jędrzejewski-Szmek
4fd9ed3e41 units/systemd-machine-id-commit: retitle
Our docs say that the Description should be capitalized.
Also, change "commit" to "save" to make this more accessible.
2024-03-14 10:26:45 +01:00
Zbigniew Jędrzejewski-Szmek
3719dcb0bc units: retitle systemd-pcrextend.{service,socket}, change TPM2→TPM
I was looking at the logs in some bug and saw this:

Mar 13 15:55:12 fedora systemd[1]: systemd-pcrmachine.service - TPM2 PCR Machine ID Measurement was skipped because of an unmet condition check (ConditionSecurity=measured-uki).
Mar 13 15:55:12 fedora systemd[1]: Starting systemd-remount-fs.service - Remount Root and Kernel File Systems...
Mar 13 15:55:12 fedora systemd[1]: systemd-tpm2-setup-early.service - TPM2 SRK Setup (Early) was skipped because of an unmet condition check (ConditionSecurity=measured-uki).

This is overly technical, for most units we don't provide this level of
detail about the implementation. So retitle the units to be more accessible.

Also, the fact that it's a v. 2 of the TPM is not that important. We don't
support TPM 1.2, but computers without TPM v2 are getting rare. For other
units we don't advertise the version of hardware, and let's not do this here,
to reduce some complexity.
2024-03-14 10:26:45 +01:00
Yu Watanabe
af02814a85 ptyfwd: fix typo
Follow-up for d0aa368c85.
2024-03-14 17:40:26 +09:00
Yu Watanabe
fcaa510597 TODO: fix typo
Follow-up for 54b0e05ed0.
2024-03-14 17:39:12 +09:00
Yu Watanabe
f03caa0d3e stat-util: fix typo
Follow-up for 7cff2b79f0.
2024-03-14 17:37:50 +09:00
Zbigniew Jędrzejewski-Szmek
478dc50266
Merge pull request #31771 from keszybz/meson-make-partial-builds-great-again
Meson make partial builds work again
2024-03-14 08:23:04 +01:00
Luca Boccassi
823ef2675d
Merge pull request #31761 from CodethinkLabs/vmspawn/bug_fixes
vmspawn: fix two minor bugs
2024-03-13 23:37:50 +00:00
Mike Yuan
1ea275f119 core/cgroup: introduce MemoryZSwapWriteback setting
Added in
501a06fe8e
2024-03-13 23:36:25 +00:00
Daan De Meyer
49fc22f46c
Merge pull request #31758 from DaanDeMeyer/kvm
mkosi: Enable KVM
2024-03-14 00:16:43 +01:00
Luca Boccassi
8e35076101
Merge pull request #31584 from yuwata/sd-ndisc-option-parser-cleanups
sd-ndisc: rewrite option parser
2024-03-13 23:06:50 +00:00
Daan De Meyer
e399efea79 mkosi: Enable KVM
Since https://github.blog/2024-01-17-github-hosted-runners-double-the-power-for-open-source/,
it seems that KVM is supported on GA runners, so let's explicitly
enable it to make sure it is used.

We update mkosi to latest and set QemuFirmware=uefi to disable
secure boot which crashes qemu until https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2038777
is fixed.
2024-03-13 23:45:11 +01:00
Daan De Meyer
d1c29b517a mkosi: Allow booting without secure boot
Don't fail if SecureBoot is not enabled. Instead, only execute
the secure boot related checks if secure boot is actually enabled.
2024-03-13 23:42:34 +01:00
Daan De Meyer
d6e8137716 boot: Only use io.systemd.boot.kernel-cmdline-extra for type 1 images
Otherwise the cmdline is duplicated for UKIs.
2024-03-13 23:42:34 +01:00
dependabot[bot]
a17ae1f8d5 build(deps): bump github/codeql-action from 3.24.6 to 3.24.7
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.6 to 3.24.7.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](8a470fddaf...3ab4101902)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-13 23:16:19 +01:00
dependabot[bot]
748b7be948 build(deps): bump pkg/debian from 49132a8 to 5451923
Bumps pkg/debian from `49132a8` to `5451923`.

---
updated-dependencies:
- dependency-name: pkg/debian
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-13 20:18:08 +01:00
dependabot[bot]
e065f1c41b build(deps): bump actions/checkout from 4.1.1 to 4.1.2
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.1 to 4.1.2.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](b4ffde65f4...9bb56186c3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-13 20:15:20 +01:00
dependabot[bot]
660efa717c build(deps): bump meson from 1.3.2 to 1.4.0 in /.github/workflows
Bumps [meson](https://github.com/mesonbuild/meson) from 1.3.2 to 1.4.0.
- [Release notes](https://github.com/mesonbuild/meson/releases)
- [Commits](https://github.com/mesonbuild/meson/compare/1.3.2...1.4.0)

---
updated-dependencies:
- dependency-name: meson
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-13 19:26:52 +01:00
dependabot[bot]
9daa5b2a96 build(deps): bump softprops/action-gh-release from 1 to 2
Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release) from 1 to 2.
- [Release notes](https://github.com/softprops/action-gh-release/releases)
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md)
- [Commits](de2c0eb89a...9d7c94cfd0)

---
updated-dependencies:
- dependency-name: softprops/action-gh-release
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-13 19:26:03 +01:00
Zbigniew Jędrzejewski-Szmek
d5dd917a02 meson: always use vcs_tag
The branch with configure_file() was broken: meson doesn't know that
this file is a prerequisite for other targets, so partial rebuilds were broken.
Easy reproducer:
  git mv .git{,.no}
  touch meson build && ninja -C build src/basic/libbasic.a
  rm build/version.h
  ninja -C build src/basic/libbasic.a

Using vcs_tag() also in that case makes meson always build the file.

(Combined with the issue fixed in previous commit, I was encountering
failed builds quite often.)

Fixes 3f6ce3d4f0.
2024-03-13 18:40:57 +01:00
Zbigniew Jędrzejewski-Szmek
9e11979765 meson: .git can also be a file
With git-worktree, .git is just a file that specifies where
the parent git directory is. All the git information is available
in a git worktree, so it should be treated the same as a checkout
with a .git directory.
2024-03-13 18:37:41 +01:00
Daan De Meyer
e307bebc03
Merge pull request #31673 from DaanDeMeyer/mkosi
mkosi: Introduce packaging sources as submodules
2024-03-13 17:48:00 +01:00
Sam Leonard
4364a542e3
vmspawn: fix FD passing logic 2024-03-13 15:32:08 +00:00
Sam Leonard
002243ea64
vmspawn: prefix extra kernel-cmdline-extra with -smbios 2024-03-13 15:31:52 +00:00
Daan De Meyer
ffc2773804 units: Bump various oneshot unit timeouts to 90s
In mkosi, we've been having CI failures caused by
systemd-machine-id-commit.service timing out. Let's bump the timeout
for it and systemd-rfkill.service to 90s which we also use for other
oneshot services to avoid transient failures on slower systems.
2024-03-14 00:10:48 +09:00
Evgeny Vereshchagin
a96b4557cb fuzz: make sure DHCP client leases are loaded successfully
Now that fa3357b9e8 is merged the fuzz
target should no longer crash there.
2024-03-14 00:10:08 +09:00
Daan De Meyer
191097abb6 mkosi: Drop leftover mkosi.kernel.config
The rest of the kernel build infra for mkosi was already removed a
long time ago, but we forgot to remove this config file. Let's drop
it now as well;
2024-03-13 15:04:56 +00:00
sharad3001
e0cd8a1bdf
udev: add assert for EVENT_RESULT_EXIT_STATUS_BASE (#31710)
EVENT_RESULT_EXIT_STATUS_BASE and EVENT_RESULT_SUCCESS has the same value.
Code updated to add assert statement for EVENT_RESULT_EXIT_STATUS_BASE.
2024-03-13 22:25:22 +09:00
Yu Watanabe
cac8e820d6 network/varlink: return StorageReadOnly error
Addresses https://github.com/systemd/systemd/pull/30021#discussion_r1521595855.
2024-03-13 21:49:12 +09:00
AKHIL KUMAR
8cbc701ded networkctl.c : call 'assert_not_reached' where appropriate
networkctl.c : call 'assert_not_reached' where appropriate
2024-03-13 21:46:05 +09:00
Mike Yuan
9c16c8a177 networkd-manager: drop spurious return
Follow-up for f90eb08627
2024-03-13 21:44:33 +09:00
Mike Yuan
dd48b6c38f
Merge pull request #31746 from yuwata/network-unit-hide-boot-and-efi
unit: do not trigger automount for /boot and/or /efi
2024-03-13 20:40:07 +08:00
Luca Boccassi
8fb8c037b3
Merge pull request #31729 from aafeijoo-suse/logind-cleanups
logind: coding style cleanups
2024-03-13 11:27:35 +00:00
Lennart Poettering
b7ab1fe5ba
Merge pull request #31733 from poettering/polkit-more-flags
add two more flags to polkit client wrapper
2024-03-13 12:11:27 +01:00
Daan De Meyer
37bd860c22 mkosi: Introduce packaging sources as submodules
By always cloning the latest branch commit, we can't bisect properly
using mkosi as when bisecting wildly different packaging sources will
be used compared to when the commit was merged. By using submodules, we
track individual commits which means when bisecting the same packaging
sources will be used.

We use git submodules as dependabot has support for automatically making
PRs to update git submodules. This commit also includes the necessary
dependabot configuration to enable this.

We make ubuntu/debian use the same submodule instead of adding the debian
packaging sources twice by introducing a new $PKG_SUBDIR environment variable
and using it instead of $DISTRIBUTION.
2024-03-13 12:07:49 +01:00
Daan De Meyer
d008a9cfad mkosi: Remove some leftover shell debugging 2024-03-13 12:07:09 +01:00
Daan De Meyer
4cc17467a1 mkosi: Use same pkg/ subdirectory for debian and ubuntu
Instead of cloning the same repository twice, let's make sure we
use the same directory for both debian/ubuntu.
2024-03-13 12:07:09 +01:00
Lennart Poettering
54b0e05ed0 update TODO 2024-03-13 11:21:25 +01:00
Lennart Poettering
c89d067f12 update TODO 2024-03-13 11:17:02 +01:00
Lennart Poettering
91180a1eec polkit: add another flag that controls how to treat the PK absent case
Typically if PK is not present we want to treat this as "denied". But
sometimes it makes sense to treat this case as "allowed".

In particular the combination POLKIT_ALWAYS_QUERY and
POLKIT_DEFAULT_ALLOW makes a lot of sense: it means we can enable PK
logic for actions where we so far bypassed the checks for root. With the
new combination we can have a default policy of allowing some operation
but still provide an effective hook to disable it.

Also add some debug logging about PK operations and results as they are ongoing.
2024-03-13 10:43:44 +01:00
Lennart Poettering
f5a12ceaed polkit: add new POLKIT_ALWAYS_QUERY flag
When this flag is set we'll disable the local shortcut that skips polkit
checks for clients that are privileged, and assumes they are
authenticated.

Or in other words: if this flag is set, we'll query PK not matter what,
regardless if it's root we talk about or any other user.
2024-03-13 10:42:27 +01:00
Lennart Poettering
b9632ec42f polkit: allow checking if we already acquired some action
This adds a new helper that basically just wraps
async_polkit_query_have_action() and allows calling this without
actually triggering a PK authentication operation: it just checks if we
aleady have acquired an action or not.
2024-03-13 10:42:13 +01:00
Lennart Poettering
95db87ffed
Merge pull request #31731 from poettering/stat-is-set
stat-util: add explicit helpers for checking if stat/statx is initialized
2024-03-13 10:37:15 +01:00
SidhuRupinder
7d08e23558
local-addresses: call 'assert_not_reached' where appropriate (#31728)
Added code for calling the 'assert_not_reached' function as the value of the 'family' parameter must be either 'AF_INET' or 'AF_INET6'.
2024-03-13 13:16:46 +08:00
Mike Yuan
a793133963
Merge pull request #31727 from YHNdnzj/homed-followup
data-fd-util: some cleanups
2024-03-13 13:10:34 +08:00
Yu Watanabe
9ca04752cb sd-ndisc-router: adjust function names and type of returned value
- prefix length and preference should be fit in uint8_t, and actually
  the kernel and networkd uses uint8_t to store them.
- captive portal is now stored as a NUL-terminated string. Hence, it
  is not necessary to also provide its length.
2024-03-13 12:32:52 +09:00
Yu Watanabe
b43c2221f6 sd-ndisc-router: introduce sd_ndisc_router_get_sender_mac()
The Router Advertisement option can take the MAC address of the sender.
Let's introduce a function to get it from the parsed options.
2024-03-13 12:32:52 +09:00
Yu Watanabe
0216c67269 ndisc-option: drop unused function 2024-03-13 12:32:52 +09:00
Yu Watanabe
c0edd6b3b3 sd-ndisc-router: use ndisc_parse_options() and friends to parse Router Advertisement 2024-03-13 12:32:52 +09:00
Yu Watanabe
a163404cc8 ndisc-option: introduce generic NDisc option parser
It is not used in this commit, but will be used for parsing NDisc
options in Router Advertisement message and friends.

The parser does mostly equivalent to what currently we do in
sd-ndisc-router.c. Several notable differences are:
- also perse source and target link-layer address,
- refuse multiple captive portals,
- check if the captive portal is in safe characters, as previously we
  checked that in networkd-ndisc.c,
- dedup prefixes, routes, and pref64,
- limit the total number of options, for safety.
2024-03-13 12:32:37 +09:00
Yu Watanabe
dd6bbb3027 sd-ndisc: rename ndisc-protocol.[ch] -> ndisc-option.[ch] 2024-03-13 10:55:48 +09:00