1
0
mirror of https://github.com/systemd/systemd.git synced 2025-01-05 13:18:06 +03:00
Commit Graph

78192 Commits

Author SHA1 Message Date
Yu Watanabe
290a507f7c network/nexthop: ignore foreign nexthops when ManageForeignNextHops=no 2024-12-11 11:21:14 +09:00
Yu Watanabe
724a296b4f network/nexthop: drop outdated comment and add one debugging log
All NextHop objects are managed by Manager since
352eba2e49.
2024-12-11 11:21:14 +09:00
Yu Watanabe
96fef18ca6 network/ndisc: unref Route objects that depend on the nexthop
No functional change, as when this function is called, the set will be
freed and contained Route objects will be unref()ed anyway soon later
by nexthop_detach() -> nexthop_free().
Even though, when the routes are forgotten from the Manager, then it is
not necessary to keep them by the nexthop. Let's unref earlier.
2024-12-11 11:21:14 +09:00
Yu Watanabe
1168489cd4 network/ndisc: constify several arguments and add several assertions
Follow-up for 0f8afaf94d.

No functional change, just for safety.
2024-12-11 11:21:14 +09:00
Yu Watanabe
b5f2d7a1ec network/nexthop: do not share NextHop.nexthops and NextHop.routes with duplicated object
Otherwise, these may be freed twice.
But, fortunately, when this function is called, both are NULL.
So, this should not change any behavior. But for safety.
2024-12-11 11:21:14 +09:00
Yu Watanabe
00b363bb81 network: drop outdated comment
All Route objects are managed by Manager since
8d01e44c1f.
2024-12-11 11:21:14 +09:00
Yu Watanabe
5c9da83004 journalctl: allow to dump generated key in json format
Closes #35503.
2024-12-11 11:18:06 +09:00
Yu Watanabe
a5b2973850 journalctl: honor --quiet with --setup-keys
Closes #35504.
2024-12-11 11:18:05 +09:00
Yu Watanabe
77064620d7 Revert "coredumpctl: Don't treat no coredumps as failure"
This reverts commit dfe79b9ed2.
2024-12-11 11:14:37 +09:00
Yu Watanabe
94930ff674
bus-creds/time-util: use first_word() and skip_leading_chars() more (#35421)
Prompted by
https://github.com/systemd/systemd/pull/35403#discussion_r1863855098
2024-12-11 10:42:34 +09:00
Yu Watanabe
627d1a9ac1
core: Add ProtectHostname=private (#35447)
This PR allows an option for systemd exec units to enable UTS namespaces
but not restrict changing hostname via seccomp. Thus, units can change
hostname without affecting the host. This is useful for OS-like
containers running as units where they should have freedom to change
their container hostname if they want, but not the host's hostname.

Fixes: #30348
2024-12-11 10:17:25 +09:00
Yu Watanabe
17e6e4d6b6 tree-wide: replace ANSI_XYZ with ansi_xyz()
Continuation of f0484e096c.
2024-12-11 10:11:53 +09:00
Daan De Meyer
dfe79b9ed2 coredumpctl: Don't treat no coredumps as failure
Having to deal with a process that fails or doesn't fail depending on
whether there are coredumps or not is incredibly annoying for users.
2024-12-10 21:03:20 +01:00
Samuel Dionne-Riel
67f8ddc967 boot: Fix typo in looking_for_dtbauto
Signed-off-by: Samuel Dionne-Riel <samuel@dionne-riel.com>
2024-12-10 20:59:18 +01:00
davjav
5b66f3df16 test: mount unit with credential
Verify mount unit credential file is present.
2024-12-10 20:57:20 +01:00
davjav
6577cf1ba9 Add credential support for mount units
Add EXEC_SETUP_CREDENTIALS flag to allow using credentials with mount units.
Fixes: https://github.com/systemd/systemd/issues/23535
2024-12-10 20:57:20 +01:00
Ryan Wilson
219a6dbbf3 core: Fix time namespace in RestrictNamespaces=
RestrictNamespaces= would accept "time" but would not actually apply
seccomp filters e.g. systemd-run -p RestrictNamespaces=time unshare -T true
should fail but it succeeded.

This commit actually enables time namespace seccomp filtering.
2024-12-10 20:55:26 +01:00
Lennart Poettering
641714cb30 discover-image: extend r/o check on images via path
If we have no path, let's check the parent's path.
2024-12-10 20:53:56 +01:00
Mike Yuan
f0e8db76ca
basic/user-util: modernize getgroups_alloc() a bit
- Make sure ret is initialized if we return >= 0
- Reduce variable scope
2024-12-10 20:51:14 +01:00
Mike Yuan
8112df6bef
basic/user-util: use FOREACH_ARRAY at one more place 2024-12-10 20:51:14 +01:00
Mike Yuan
5dfccccce9
basic/time-util: modernize parse_time() a bit 2024-12-10 20:50:36 +01:00
Mike Yuan
2cdfe75689
sd-bus/bus-creds: use first_word() where appropriate 2024-12-10 20:50:36 +01:00
Mike Yuan
d6010533df
sd-bus/bus-creds: use proper NULL instead of 0 2024-12-10 20:50:36 +01:00
Mike Yuan
77b40b4f60 units/initrd-parse-etc.service: replace systemctl start with OnSuccess= 2024-12-10 20:50:09 +01:00
Yu Watanabe
c576ba7182 journald: extend STDOUT_STREAMS_MAX to 64k
Closes #35390.
2024-12-10 20:49:42 +01:00
Nils K
e76d83d100
core: improve finding OnSuccess=/OnFailure= dependent (#35468)
Previously if one service specified the same unit as their
success and failure handler we bailed out of resolving the triggering unit
even though it is still unique.
2024-12-10 20:48:09 +01:00
Lennart Poettering
e82677aa07 tree-wide: fd_get_path() already understands AT_FDCWD natively 2024-12-10 20:46:30 +01:00
Luca Boccassi
92acb89735 Revert "test: skip TEST-13-NSPAWN.nspawn/machined, TEST-86-MULTI-PROFILE-UKI and TEST-07-PID1.private-pids.sh"
The release is done, re-enable the skipped flaky tests for main.

This reverts commit ab828def6d.
2024-12-10 19:31:18 +00:00
Luca Boccassi
9df1ca63fb NEWS: add placeholder for v258 2024-12-10 19:31:07 +00:00
Luca Boccassi
8c56f0bc9a meson: update version to 258~devel 2024-12-10 19:30:06 +00:00
Luca Boccassi
70bae7648f Finalize NEWS and meson.version for v257 2024-12-10 19:23:45 +00:00
Luca Boccassi
97eccc4850
Chores for v257 (#35525) 2024-12-10 19:21:43 +00:00
Yu Watanabe
edd0a3c5e9 copy: do not try to copy zero size data
Hopefully fixes the following sanitizer issue:
===
[ 3754.797377] systemd-journald[776]: ../src/src/shared/copy.c:463:37: runtime error: variable length array bound evaluates to non-positive value 0
[ 3755.101713] systemd-journald[776]: Received SIGTERM from PID 1 (systemd).
[ 3755.124580] systemd-journald[776]: Journal stopped
Found 1 sanitizer issues (0 internal, 0 asan, 0 ubsan, 0 msan).
===
2024-12-10 19:20:50 +00:00
Yu Watanabe
a33813e9e9 TEST-07-PID: wait for sleep command being executed by sd-executor
Hopefully fixes #35528.
2024-12-10 19:19:54 +00:00
Luca Boccassi
29d1f4dbd0
sd-varlink: add function to configure server object info (#35519) 2024-12-10 15:26:24 +00:00
Luca Boccassi
9e5e1cf6ca NEWS: update list of contributors 2024-12-10 15:18:39 +00:00
Luca Boccassi
0d740f4bc0 Update hwdb
ninja -C build update-hwdb
2024-12-10 15:18:39 +00:00
Luca Boccassi
ab828def6d test: skip TEST-13-NSPAWN.nspawn/machined, TEST-86-MULTI-PROFILE-UKI and TEST-07-PID1.private-pids.sh
These new tests are flaky, so disable them temporarily, until after
the release, to avoid pushing out new flakiness to consumers. They
will be re-enabled immediately after.
2024-12-10 15:18:39 +00:00
Luca Boccassi
b8a34813b0 test: add TEST_SKIP_SUBTESTS/TEST_SKIP_TESTCASES
Inverse of the TEST_MATCH_SUBTEST/TEST_MATCH_TESTCASE variables
2024-12-10 15:18:39 +00:00
Luca Boccassi
18d2d10c17
Cryptenroll pager and tweaks (#35517) 2024-12-10 14:07:26 +00:00
Luca Boccassi
491b9a8575 test: use mkdir -p in TEST-25-IMPORT
[   15.896174] TEST-25-IMPORT.sh[473]: + mkdir /var/tmp/scratch
[   15.902524] TEST-25-IMPORT.sh[519]: mkdir: cannot create directory ‘/var/tmp/scratch’: File exists

https://github.com/systemd/systemd/actions/runs/12248114409/job/34167155679?pr=35520
2024-12-10 13:51:53 +00:00
Zbigniew Jędrzejewski-Szmek
40b4fd35d1
Update syscall tables (#35520) 2024-12-10 12:21:01 +01:00
Sebastian Gross
f0484e096c hostnamectl: respect SYSTEMD_COLORS
Instead of the wrapper functions the color defines where used directly.
This was especially a problem for ANSI_HIGHLIGHT_YELLOW which is not
legible at all for light themes such as solarized. The 16 color palette
fallback can be set to a sane yellow or orange on that matter but it was
not used though `SYSTEMD_COLORS=16` was set.

Use the proper wrapper functions and let the right color be selected the
way other components do it already.
2024-12-10 11:03:19 +01:00
Zbigniew Jędrzejewski-Szmek
da64932dc7 cryptsetup: add debug message 2024-12-10 10:58:58 +01:00
Zbigniew Jędrzejewski-Szmek
7b2ebd7040 cryptenroll: show which devices support "hmac secret"
We'd silently skip devices which don't have the feature in the list.
This looked wrong esp. if no devices were suitable. Instead, list them
and show which ones are usable.

$ build/systemd-cryptenroll --fido2-device=list
PATH          MANUFACTURER PRODUCT                HMAC SECRET
/dev/hidraw7  Yubico       YubiKey OTP+FIDO+CCID  ✓
/dev/hidraw10 Yubico       Security Key by Yubico ✗
/dev/hidraw5  Yubico       Security Key by Yubico ✗
/dev/hidraw9  Yubico       Yubikey 4 OTP+U2F+CCID ✗
2024-12-10 10:58:58 +01:00
Zbigniew Jędrzejewski-Szmek
516a80b284 sd-varlink: modernize pointer style in function signatures 2024-12-10 10:51:56 +01:00
Zbigniew Jędrzejewski-Szmek
fd409ff0e0 various: set info on varlink server object
The values that were previously hardcoded in sd-varlink.c are now defined
in new varlink_set_info_systemd() and that function is called everywhere
where we create a server.
2024-12-10 10:51:56 +01:00
Zbigniew Jędrzejewski-Szmek
29f63c67b0 sd-varlink: add sd_varlink_server_set_info
Fixes https://github.com/systemd/systemd/issues/35508.

As reported in the bug, the values were hardcoded for the systemd project.
https://varlink.org/Service lists vendor, product, version, url, and interfaces
as the mandatory parameters, so add an interface to set the first four. The
last field is set automatically based on the registered interfaces as before.

If the values are not filled in, we return empty strings. With NULL,
'varlinkctl info' would say:
  (string):1:25: Object field 'vendor' has wrong type null, expected string.
2024-12-10 10:43:14 +01:00
Yu Watanabe
053cbabce7
mkosi: several improvements for running with sanitizers (#35480) 2024-12-10 13:35:22 +09:00
Yu Watanabe
fb35d775a7 seccomp-util: add getxattrat and friends
The new syscalls are added in kernel-6.13:
6140be90ec
2024-12-10 11:16:44 +09:00