IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
We need to normalize/validate the path (i.e. first column) of
tmpfiles.d/ lines before we start using the path, otherwise we'll use it
before it's known to be good. This matters since for some line types the
path is mangled into the argument column (i.e. sevents column), and we
should only do that once we know it's in a good state.
I don't see where it would ever be a good thing that file copies done
via tmpfiles.d/ C lines cause the tmpfiles operation to fail if their
source happens to be missing. It's a problem if we can't set up the
destination properly (which is the job of systemd-tmpfiles after all),
but if the source is simply missing (NB: setting up the source is the job of
of the rules writer) this shouldn't be a problem.
This is useful for copying stuff into place if it happens to exist. For
example, if systemd-stub passes additional data into the initrd's
/.extra/ directory, we can copy it into a better place (e.g. /run/) with
this, where it will survive the initrd→host transition.
This mirrors behaviour of the recently added "^" line modifier which may
be used source "w" lines from credentials – there two the behaviour is
to simply skip the line if the source is missing.
I possess a machine with ')' in its BIOS version string, which will
cause the current parser to mistake it as the closing ')' of the
smbios-fields() expression.
Let's make sure we always fo for the last, not the first ')', hence.
getopt allows non-ambiguous abbreviations, so backwards-compat is maintained, and
people can use --kill-who (or even shorter abbreviations). English is flexible,
so in common speach people would use both forms, even if "whom" is technically
more correct. The advantage of using the longer form in the code is that we
effectively allow both forms, so we stop punishing people who DTGCT¹, but still
allow people to use the spoken form if they prefer.
1. Do the gramatically correct thing
Some packages were removed from the OpenSUSE build, which broke the
unit tests. Add them back.
Fixes: 37d35150cb ("mkosi: Ensure we build all features/components in mkosi")
It's still failing in Ubuntu:
● isc-dhcp-server.service loaded failed failed ISC DHCP IPv4 server
● isc-dhcp-server6.service loaded failed failed ISC DHCP IPv6 server
Just disable them via the kernel command line masking.
Previously the field "_SYSTEM_CONTEXT" knew he values "initrd" + "main". Let's change
this to "_RUNTIME_SCOPE" and "initrd" + "system".
Why? The sysext logic has a very similar concept of "scopes", declaring
whether a sysext image is intended for the initrd or the main system.
Let's thus use the same naming for both.
sysext's extension-release files hence know SYSEXT_SCOPE=initrd|system,
and the journal messages know _RUNTIME_SCOPE=initrd|system, which makes
this reasonably systematic.
Follow-up for: cae8edd93c
(This is not an API break, since no version with this commit has ever
been released.)
Otherwise we might never hit the trigger limit and wait indefinitely.
Found when trying to run the test on an EC2 xen machine without a nested
virt in CentOS CI (in preparations for some ... unforseseen consequences).
As the subsequent call of on_post() will call it if necessary.
This also drop unnecessary call of event_source_disable() for killing
idle workers, as the event source is disabled in event_queue_start().
If udevd receives a uevent for a locked block device, then the event
is requeued. However, the queued event will be processed only when at
least one sd_event_source is processed. Hence, if udevd has no event
under processing, or receives no new uevent, etc., then the requeued
event will be never processed.
Follow-up for 400e3d21f8.
Fixes#24439.
systemd-growfs currently requires that udev ran first to work (because
/dev/block/ symlinks must exist) but that is not what happens when
we're not using initrd and systemd is PID1.
If the delta specified is INT64_MIN, and we negate that we'd end up at
INT64_MAX+1 which is outside of the int64_t type. Hence let's treat this
case specifically to avoid unintended overflows.
There might be (embedded) systems that get never updated (things like
e.g. entertainment systems of trains, for example) and where the adjustment of
the system clock (introduced by b10abe4bba) would
do the wrong thing even if the difference between the systemd build time and
the rtc is 15 years or more.
This patch allows disabling the adjustment by setting
'clock-valid-range-usec-max' meson option to 0 or to a negative value.
Let's no bother with reading return value of libselinux API calls into
r, if the actual error is in errno anyway.
Let's remove one unnecessary strdup()
Let's rename a return parameter ret_xyz
The check of u==UID_NOBODY is just a register comparison, but
synthesize_nobody() requires a system call, so let's invert the order in the
condition. Since most calls into this module are not for nobody, we should
save one syscall in the common case.
We have fairly nice error messages for specific operations, but only at debug
level. Instead, we'd print a fairly useless generic message:
Before:
Failed to write files: Invalid argument
After:
Failed to add existing group "users" to temporary group file: Invalid argument
Fixes#10241.
/bin/sh as a shell is punishing. There is no good reason to make
the occasional root login unpleasant.
Since /bin/sh is usually /bin/bash in compat mode, i.e. if one is
available, the other will be too, /bin/bash is almost as good as a default.
But to avoid a regression in the situation where /bin/bash (or
DEFAULT_USER_SHELL) is not installed, we check with access() and fall back
to /bin/sh. This should make this change in behaviour less risky.
(FWIW, e.g. Fedora/RHEL use /bin/bash as default for root.)
This is a follow-up of sorts for 53350c7bba,
which added the default-user-shell option, but most likely with the idea
of using /bin/bash less ;)
Fixes#24369.
We'd warn that "-" and "/sbin/nologin" are different, even even though
"/sbin/nologin" is the default we'd use. So let's stop warning in all cases
where the config would lead to the same file, also under different paths,
or when both shells are nologin shells.
The general idea is to avoid warnings when sysusers config is moved between
packages (and not exactly the same), or when it is generated from some template
and the details change in an unimportant way.
We try to chase symlinks. This means that on unmerged-usr systems we'll find
that e.g. /usr/bin/bash and /bin/bash are equivalent if the basic fs structure
is already in place (bash doesn't actually have to be installed, enough that
the /bin symlink exists). I think this is a good result: after all, /bin/bash
and /usr/bin/bash *may* be different things on an unmerged-usr system.
Fixes#24215.
When some transient unit setting is received over D-Bus, we write it it to a
transient unit file. We escape backslashes and specifiers. For most settings
this is enough, because most settings only do parsing and interpolation of
specifiers. When systemd-run is called (or something equivalent that gives us a
command strv), we write ExecStart=, but when reading it, we not only do parsing
and interpolation of specifiers, but also split on semicolons and do variable
substitution. This results in an ugly situation where the commandline is
interpolated twice, once on the caller side, and once in the manager.
I think we need to treat this as a bug: current behaviour seems to be an
accident of implementation and hard to explain in a reasonable way. If we
*were* doing specifier expansion, then it'd be somewhat reasonable so say that
"the commandline is handled the same as ExecStart=". But since we explicitly
prevent specifier expansion, we best we could say is "the commandline has some
subset of features of ExecStart=". I think this is not useful, and unexpected
by users. Since most people use use a shell to call systemd-run, one level of
variable expansion is already done on the caller side, and having to take into
account another level of expansion (with slightly different rules), creates a
big mental overhead when the commandline needs to include a dollar character or
such. Not doing any expansion is much cleaner and easier to explain or use.
Thus I think it's better to change behaviour here, even though in principle
some people could be relying on current behaviour. I think it's more likely
that nobody noticed, because people generally don't use systemd-run for
complicated commandlines.
Thus this commit adds an additional mode of escaping that prevents variable
explansion and other elements of ExecStart= syntax. I looked over all the
places where unit_escape_setting() is called, and I think that only two need to
be changed to use the new flag.
Fixes#23631.