IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
When a late error occurs in sd-executor, the cleanup-on-close of the
context structs happen, but at that time all FDs might have already
been closed via close_all_fds(), so a double-close happens. This
can be seen when DynamicUser is enabled, with a non-existing
WorkingDirectory.
Invalidate the FDs in the context structs if close_all_fds succeeds.
Next release of mkosi will not use subdirectories under the cache
and build directory by default anymore, so let's make sure we already
start creating those ourselves.
Add EINVAL to the list of ignored errnos, since acl_from_text() returns
EINVAL if it can't translate the given string.
~# cat /tmp/tmpfiles-test.conf
a+ /tmp/foo - - - - default:group:foo:rwx
~# build/systemd-tmpfiles /tmp/tmpfiles-test.conf --create --graceful
Failed to parse ACL "default:group:foo:rwx", ignoring: Invalid argument
Resolves: #29742
Let's prefix it with a common prefix, and make sure the names are all
singular and the string table actually matches the names.
No change in behavour, just some rafactoring to make this enum a bit
less special, and make it follow our usual coding style more closely.
The extra space was actually screwing up deserialization:
~# systemd-run --wait --pipe -p SocketBindAllow=any true
Running as unit: run-u167.service
Finished with result: exit-code
Main processes terminated with: code=exited/status=234
Service runtime: 1ms
CPU time consumed: 0
~# journalctl -b -p err
...
Oct 27 16:39:15 arch systemd-executor[5983]: Failed to deserialize: Invalid argument
Let's not do that by default and introduce a simple wrapper which
inserts the space after each item only when necessary.
Prompted by #29705
Note that x-systemd.wanted-by= and x-systemd.required-by= are not
dropped, since we ignore them because they are unnecessary rather
than unapplicable.
After logind receives the SIGRTMIN signal from the kernel, it will execute
manager_vt_switch---session_leave_vt---session_device_pause_all,The device
permissions of the session are removed here;under normal circumstances, the
tty value read from /sys/class/tty/tty0/active changes and switchesto a new
session,give the new session resume device permissions.
But under abnormal circumstances (such as switching quickly on a device using
wayland; and sometimes the kernel will suddenly send a SIGRTMIN signal, but
nothing changes),In these cases, logind does not give session resume device
permission, causing the device to have a black screen and suspended animation.
Setting nofail for /usr mount doesn't make sense because without /usr we
can't really boot. However, having the flag set might cause races in
initrd where we could try to switchroot into rootfs before /usr is
actually mounted. Let's just ignore it so that we always have proper
mount unit ordering for /sysroot/usr mount.
This implements the DHCPv4 equivalent of the DHCPv6 Rapid Commit option,
enabling a lease to be selected in an accelerated 2-message exchange
instead of the typical 4-message exchange.
We use it for more than just pipe() arrays. For example also for
socketpair(). Hence let's give it a generic name.
Also add EBADF_TRIPLET to mirror this for things like
stdin/stdout/stderr arrays, which we use a bunch of times.
When a mount is gracefully skipped (e.g.: BindReadOnlyPaths=-/nonexistent)
we still post-process it, like making it read-only. Except if nothing
has been mounted, the mount point will be made read-only for no reason.
Track when mounts are skipped and avoid post-processing.
One day we'll switch all of this to the new mount api and do these
operations atomically or not at all.
Fixes https://github.com/systemd/systemd/issues/29725
On rpm-ostree distributions such as Fedora SilverBlue /mnt
(and other well known paths) will be a symlink to a location
under /var. The fstab generator emits correct output in this
case, however, the data does not match the expected output
stored in the source tree.
Rather than trying to adapt the test data, just skip this
single test scenario when we see /mnt is a symlink.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
The systemd-tmpfiles binary will report a fatal error if /tmp is not owned
either by root, or by the current user:
Detected unsafe path transition /tmp (owned by nobody) →
/tmp/test-systemd-tmpfiles.a8qc6n18 (owned by berrange)
during canonicalization of
tmp/test-systemd-tmpfiles.a8qc6n18/test-content.7chd7rdi
When doing development inside a 'toolbox' container (which is required
on a Fedora SilverBlue distro), /tmp is owned by 'nobody', because it
has been passed through from the host and host UID 0 gets mapped to
UID 65536 by usernamespaces. This triggers the unsafe path transition
error message.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
On rpm-ostree distributions like Fedora SilverBlue /home (and various
other well known locations) are symlinks to somewhere beneath /var.
The path_is_encrypted() method uses O_NOFOLLOW and as a result will
return ELOOP on /home. This causes test-blockdev-util to abort.
Add ELOOP to the ignorable set of errnos for testing.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
If `--tpm2-public-key=` is not specified, but `tpm2-pcr-public-key.pem` exists
in /{etc,run,usr/lib}/systemd/, the default PCR 11 is not being set.
Fixes 9e437994