1
0
mirror of https://github.com/systemd/systemd.git synced 2025-01-25 10:04:04 +03:00

69948 Commits

Author SHA1 Message Date
David Tardon
810a5895e6 man: update udev.conf man page 2024-01-12 05:12:44 +09:00
David Tardon
09dd8e77fc udev: factor out config parser call into function
... which is then called from both places. This makes sure that the
configuration is parsed by udevd and other tools in exactly the same
way.
2024-01-12 05:12:42 +09:00
David Tardon
a1c7dc7d16 udev-util: drop unused function 2024-01-12 05:11:18 +09:00
David Tardon
07f5e35fe7 udev-util: use config. parser to parse udev.conf 2024-01-12 05:11:14 +09:00
David Tardon
343c8514c1 udevd: use config. parser to parse udev.conf
This adds support for the usual config. file hierarchy (including
dropins).

Fixes #30460.
2024-01-12 05:08:18 +09:00
David Tardon
5656cdfeea conf-parser: generalize config_parse_config_file() 2024-01-11 13:24:32 +09:00
Luca Boccassi
90043781ba
Merge pull request #30743 from bluca/coverity
Assorted coverity fixes
2024-01-05 09:27:21 +01:00
Luca Boccassi
08b099a005
Merge pull request #30774 from mrc0mmand/test-tweaks
test: install correct kpartx udev rules (again) and dump cores of sanitized binaries
2024-01-05 09:26:42 +01:00
Luca Boccassi
6a80e22766
Merge pull request #30759 from mrc0mmand/resolved-followup
resolve: initialize `r` during OOM
2024-01-05 09:26:19 +01:00
Sergei Zhmylev
25aa35d465 journalctl: add --exclude-identifier option 2024-01-04 23:21:39 +01:00
Lennart Poettering
42301b6d96 creds-util: automatically append NUL byte to decrypted creds
Both as safety net and as convenience feature of a string is contained
in the credential
2024-01-04 22:57:04 +01:00
Lennart Poettering
6d78dc2827 creds: rename "tpm2-absent" encryption to "null" encryption
This is what it is after all: encryption with a NULL key. This is more
descriptive, but also relevant since we want to use this kind of
credentials in a different context soon: for carrying pcrlock data into
a UKI. In that case we don#t want encryption, since the pcrlock data is
intended to help unlocking secrets, hence should not be a secret itself.

This only changes the code labels and the way this is labelled in the
output. We retain compat with the old name.
2024-01-04 22:56:48 +01:00
Lennart Poettering
01ae684782 find-esp: adjust parameter indentating to our usual coding style 2024-01-04 22:56:33 +01:00
Lennart Poettering
489f67b4d8 logind: use unlink_and_free() at once more place 2024-01-04 22:56:20 +01:00
Lennart Poettering
bd334c0ebb json: drop redundant check
The same check is done exactly one line later, because this is one of
the things that json_variant_is_regular() checks.

As per: fa9a6db478 (r1441792019)
2024-01-04 22:55:42 +01:00
Lennart Poettering
86e62e9e02
Merge pull request #30749 from poettering/tmpfiles-verb-fix
tmpfiles: correctly apply globbing when cleaning 'x' lines
2024-01-04 22:55:23 +01:00
Lennart Poettering
a1e5800a27
Merge pull request #30758 from YHNdnzj/vpick-not-ptr
vpick: trivial follow-up
2024-01-04 22:54:41 +01:00
Frantisek Sumsal
96e4c62698 ci: build with -O2 and -Wmaybe-uninitialized
According to the comment in meson.build this should be a supported
configuration, so let's test it in the CI as well.
2024-01-04 21:27:10 +01:00
Frantisek Sumsal
0a87b83497 shared: initialize a couple of values explicitly
As gcc has trouble figuring this itself with -O2 and -Wmaybe-initialized.
2024-01-04 20:57:03 +01:00
Frantisek Sumsal
5169f8cfd5 resolve: initialize r during OOM
Otherwise we'd use some garbage value in the error path.

../src/resolve/resolved-dns-query.c: In function ‘dns_query_accept’:
../src/resolve/resolved-dns-query.c:944:27: error: ‘r’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
  944 |         q->answer_errno = -r;
      |                           ^~
cc1: all warnings being treated as errors

Follow-up for 9ca133e97a0.
2024-01-04 20:56:21 +01:00
Frantisek Sumsal
91da9458f8 test: allow sanitized binaries to dump a core
If a binary built with ASan crashes for a reason unrelated to ASan
stuff, we're left with pretty much nothing, as there is neither an ASan
trace nor a coredump. Let's make this slightly more debug-able by
allowing such binaries to dump a core, but without the huge shadow map
(we should be actually fine by just setting disable_coredump=0, since
use_madv_dontdump defaults to true, but let's play it safe and not
potentially dump a 16+ TB core file).
2024-01-04 20:36:25 +01:00
Frantisek Sumsal
7eb234fe2b test: install correct kpartx udev rules on Ubuntu
Follow-up for 519f0074cf.
2024-01-04 20:28:37 +01:00
Luca Boccassi
81a183800f tmpfiles: add --purge switch
Any file/directory created by a tmpfiles.d will be deleted. Useful for
purge/factory reset patterns.
2024-01-04 17:36:43 +01:00
Mike Yuan
1f233020dc
shared/vpick: don't say "ptr" for TAKE_PICK_RESULT (struct) 2024-01-04 23:35:37 +08:00
Mike Yuan
657febec97
vpick-tool: sort includes 2024-01-04 23:35:13 +08:00
Lennart Poettering
115d6abf87
Merge pull request #30744 from poettering/logind-trivial-tweaks
logind: 3 trivial cleanups
2024-01-04 16:02:20 +01:00
Lennart Poettering
20604ff219 logind: do TTY idle logic only for sessions marked as "tty"
Otherwise things might be weird, because background sessions might
become "idle", wich doesn#t really make much sense.

This shouldn't change much in 99% of the cases, but slightly corrects
behaviour as it ensures only "primary"/"foreground" sessions get the
idle logic, i.e. where a user exists that could actually make it
non-idle.
2024-01-04 15:40:27 +01:00
Lennart Poettering
c16167ea10 update TODO 2024-01-04 15:32:14 +01:00
Lennart Poettering
e20bfa5005 logind: don't make idle action timer accuracy more coarse than timeout
If we allow the timer accuracy to grow larger then the timeout itself
things are very confusing, because people might set a 1s time-out and we
turn that into 30s.

Hence, let's just cut off the 30s accuracy to the time-out itself, so
that we stay close to what users configured.
2024-01-04 23:29:09 +09:00
Yu Watanabe
4855d82348
Merge pull request #30739 from poettering/pam-util-many
pam-util: add pam_get_item_many() to shorten some code
2024-01-04 23:28:34 +09:00
Lennart Poettering
0e80e355b2 homed: when empty username is passed to bus calls, operate on client's UID 2024-01-04 23:28:02 +09:00
Lennart Poettering
cc943ab86e homed: fix home_count_bad_authentication() counting
We want to cover not only regular bad password entries, but also bad
recovery key entries. Hence let's move the list of errors into the
function, and add more.
2024-01-04 23:26:49 +09:00
Lennart Poettering
28b42199d0 homed: tone down log message about bad passwords a bit
We usually start out out authentication cycles with an "empty" password
attempt, to give homed the chance to authenticated via any plugged in
tokens. Hence frequently the first attempt will just fail, which is no
reason to complain about.
2024-01-04 23:26:38 +09:00
Yu Watanabe
7903567cb7
Merge pull request #30610 from YHNdnzj/logind-serialize-pidref
logind: serialize session leader pidfd to fdstore
2024-01-04 23:25:18 +09:00
Yu Watanabe
18c4c5d84f network/route: make the route section invalid when an invalid MTUBytes= is specified
We usually set the invalid flag for a section if a setting in the section has
an invalid value. Let's also do the same thing for MTUBytes= in [Route].
2024-01-04 23:18:28 +09:00
Lennart Poettering
96fc8cab2a
Merge pull request #30578 from bluca/polkit-varlink
varlink: add glue to allow authenticating varlink connections via polkit
2024-01-04 15:15:45 +01:00
Frantisek Sumsal
25cb4c1d53 update-man-rules: skip over standard-conf.xml
bc6fdcbf5d switched its doctype to refentry, so the script started
picking it up and complaining that it's missing required stuff. Since
this file is only included from other man pages, let's skip it when
putting together a list of valid targets.

Resolves: #30715
Follow-up for: bc6fdcbf5d
2024-01-04 15:02:28 +01:00
Lennart Poettering
7b223bdb6b
Merge pull request #30736 from YHNdnzj/loginctl-self
man/loginctl: some improvements
2024-01-04 15:02:05 +01:00
Lennart Poettering
72bbd740a0 homed: add missing bus call to homed access policy 2024-01-04 15:01:51 +01:00
Lennart Poettering
3d010bc53d pam_systemd: drop unnecessary strempty() of 'tty' variable
This probably predates our introduction of streq_ptr(). Let's drop this
now however, as we actually want this to be NULL, further down, and
handle that just fine. In particular as all the special cases we have
explicitly set this to NULL anyway.

No real change in behaviour, just some normalization of handling.
2024-01-04 15:01:38 +01:00
Lennart Poettering
9cb3204f43 tmpfiles: 'x' takes globs, hence clean it with globbing 2024-01-04 14:58:40 +01:00
Lennart Poettering
d88b65f66d tmpfiles: always list tmpfiles line types in same order
otherwise it just gets too confusing to follow.
2024-01-04 14:57:59 +01:00
Luca Boccassi
1323a222d2 sd-dhcp-client: add assert_not_reached in switch case
Tell static analysis that r is always initialised

Follow-up for 1809132064d2fd3479e316b615cd05698984852c

CID#1533109
2024-01-04 14:30:20 +01:00
Luca Boccassi
5af0f171f9 udev: add upper bound of 5 hours to SYSTEMD_UDEV_EXTRA_TIMEOUT_SEC=
Follow-up for b16c6076cb334c9da9602d4bafbf60381d6d630e

CID#1533111
2024-01-04 14:30:20 +01:00
Luca Boccassi
43108bf87a dissect: add assert to guide static analysis
CID#1533112
2024-01-04 14:30:20 +01:00
Luca Boccassi
c658ad79f0 core: add an assert to guide static analysis
Follow-up for 4fb0d2dc140c9a2c01c236d2a8dc09a44157e896

CID#1533110
2024-01-04 14:30:20 +01:00
Lennart Poettering
5863f1da42 execute: make sure Type=exec and PAMName= work together
If PAMName= is used we'll spawn a PAM session for the service, and leave
a process around that closes the PAM session eventually. That process
must close the "exec_fd" that we use to implement Type=exec. After all
the logic relies on the fact that execve() will implicitly close the
exec_fd, and the EOF seen on it is hence indication for the service
manager that execve() has worked. But if we keep an fd open in the PAM
service process, then this is not going to work.

Hence close the fd explicitly so that it definitely doesn't stay pinned
in the child.
2024-01-04 21:03:51 +08:00
Alberto Planas
59fe7e6ef1 Fix typo in verb_make_policy explanation
Signed-off-by: Alberto Planas <aplanas@suse.com>
2024-01-04 13:46:04 +01:00
Mike Yuan
17b1c60ccd
Merge pull request #30725 from YHNdnzj/string-util
string-util,strv: follow-ups
2024-01-04 20:34:41 +08:00
Yu Watanabe
f475584ebf network/netdev: call done() per netdev kind before freeing netdev name or so
Otherwise, log_netdev_xyz() does not provide netdev name if it is called
in done(). It is hard to debug.

This should not change any effective behavior, at least with the current
implementation of done() per netdev kind.
2024-01-04 20:34:14 +08:00