1
0
mirror of https://github.com/systemd/systemd.git synced 2025-01-10 05:18:17 +03:00
Commit Graph

66629 Commits

Author SHA1 Message Date
Yu Watanabe
c25aa6c8ac network-generator: make network file generated from ip=dhcp matches only physical interfaces
Otherwise, it also matches later created virtual devices, and that
breaks networks generated and managed by container management services,
like docker.

Closes #28626.
2023-08-03 02:51:53 +09:00
Yu Watanabe
8d580dde76 meson: fix name of test-network-generator
As the test executable is named based on the first source file.
2023-08-03 02:21:50 +09:00
Jan Janssen
e80037b10f boot: Make file info size a constant 2023-08-02 16:22:42 +02:00
Jan Janssen
66fd078ba8 boot: Fix boot counting for XBOOTLDR entries
We were passing the dir handle for the ESP to
config_entry_bump_counters(), which will obviously fail if the entry
actually resides on the XBOOTLDR partition.

Fixes: #28637
2023-08-02 16:06:57 +02:00
Jan Janssen
8f30a066ff bless-boot: Actually return successfully
$ journalctl -u systemd-bless-boot.service
systemd[1]: Starting Mark the Current Boot Loader Entry as Good...
systemd-bless-boot[536]: Marked boot as 'good'. (Boot attempt counter is at 2.)
systemd-bless-boot[536]: Can't find boot counter source file for '/loader/entries/arch.conf': Device or resource busy
systemd[1]: Finished Mark the Current Boot Loader Entry as Good.
2023-08-02 15:16:33 +02:00
Luca Boccassi
6639ac474e
Merge pull request #28623 from yuwata/udev-builtin-net_id-cleanups
udev: several cleanups for net_id builtin (part 4)
2023-08-01 22:09:32 +01:00
Luca Boccassi
39f4ef2592
Merge pull request #28630 from fbuihuu/update-testsuite-for-opensuse
Update testsuite for opensuse
2023-08-01 22:08:52 +01:00
Daan De Meyer
2d9b3468b2 sysupdate: Move fdisk partition flags helpers to fdisk-util.c 2023-08-01 22:32:38 +02:00
Daan De Meyer
821d0cf0dc repart: Rename partition_exclude/defer() to partition_type_exclude/defer() 2023-08-01 22:32:38 +02:00
dependabot[bot]
f3d812baf7 build(deps): bump systemd/mkosi
Bumps [systemd/mkosi](https://github.com/systemd/mkosi) from 5866c0ff3b36d350c943016e5a3b115f7a95d37f to c6dd95b6eae0386579071cbf44fd838ce28b7237.
- [Release notes](https://github.com/systemd/mkosi/releases)
- [Changelog](https://github.com/systemd/mkosi/blob/main/NEWS.md)
- [Commits](5866c0ff3b...c6dd95b6ea)

---
updated-dependencies:
- dependency-name: systemd/mkosi
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-08-01 20:27:17 +00:00
Daan De Meyer
d713104abe ukify: Only run systemd-measure after adding all sections
We were running systemd-measure before adding the sbat section,
let's fix that.

Also make sure we only pass --linux to systemd-measure once instead
of twice.
2023-08-01 21:11:15 +01:00
Franck Bui
33ce0a8992 test: install systemd-homed for openSUSE
This new sub-package has been recently introduced.
2023-08-01 19:40:38 +02:00
Franck Bui
ba0ff9fc0f test: console fonts are located in /usr/share on openSUSE 2023-08-01 19:38:13 +02:00
Yu Watanabe
46f0a4e7ac test: skip tests earlier when we do not have enough privileges
Hopefully fixes #28624.
2023-08-02 02:36:52 +09:00
Daan De Meyer
54c3326066
Merge pull request #28620 from yuwata/meson-use-template-part5
meson: use template to declare executables (part 5)
2023-08-01 18:10:52 +02:00
Yu Watanabe
82cb5f2ad1 udev-builtin-net_id: first parse USB or BCMA identifier, then parse PCI properties
Previously, we first generate names based on the PCI slot and ACPI
onboard index, and then append an identifier based on USB or BCMA bus
if it exists in between the PCI bus and the interface.

However, if there exists USB or BCMA bus, the name based on the
ACPI onboard index is not used.

So, let's invert the order; first generate USB or BCMA identifier if the
bus exists, then prepend the name with the PCI slot identifier.

With this change, we can drop Names struct, and each naming logic
becomes self-consistent.
2023-08-02 00:00:32 +09:00
Yu Watanabe
415ade00aa udev-builtin-net_id: split out names_pci_onboard_label() from dev_pci_onboard()
Then call it only when it is necessary. The label is used only when the
interface is directly connected to the PCI bus, and it does not have the
SR-IOV feature (or the naming based on SR-IOV is disabled).
2023-08-01 23:35:34 +09:00
Yu Watanabe
f831aef509 udev-builtin-net_id: drop redundant copy of BCMA identifier in names_bcma()
Then, this makes names based on the BCMA and PCI identifiers in
names_bcma().

No functional change, just refactoring.
2023-08-01 23:35:34 +09:00
Yu Watanabe
d3523818e8 udev-builtin-net_id: split out get_bcma_specifier() from names_bcma()
This contains redundant copy of BCMA identifier, but that will be
dropped in the next commit.

No functional change, just refactoring and preparation for later
commits.
2023-08-01 23:35:34 +09:00
Yu Watanabe
f7ae5d1857 udev-builtin-net_id: drop redundant copy of USB identifier in names_usb()
This makes the names based on the USB identifier (and possibly with PCI
specifier) built in names_usb()

No functional change, just refactoring.
2023-08-01 23:35:34 +09:00
Yu Watanabe
045fb967a7 udeb-builtin-net_id: split out get_usb_specifier() from names_usb()
This contains redundant copy of USB identifier, but that will be
dropped in the next commit.

No functional change, just refactoring and preparation for later
commits.
2023-08-01 23:35:34 +09:00
Yu Watanabe
baab0a61dd
Merge pull request #28619 from yuwata/udev-builtin-net_id-cleanups-part3
udev: several cleanups and fixlets for net_id builtin (part 3)
2023-08-01 23:35:03 +09:00
Luca Boccassi
241dbc6e99
Merge pull request #28423 from dvdhrm/pr/memfd
basic/memfd: untangle historic `sealed` property
2023-08-01 15:33:24 +01:00
Daan De Meyer
05cae4cf8e
Merge pull request #28621 from DaanDeMeyer/repart-fix
Revert https://github.com/systemd/systemd/pull/28556
2023-08-01 16:32:35 +02:00
dependabot[bot]
1ce2075fde build(deps): bump actions/labeler from 4.2.0 to 4.3.0
Bumps [actions/labeler](https://github.com/actions/labeler) from 4.2.0 to 4.3.0.
- [Release notes](https://github.com/actions/labeler/releases)
- [Commits](0967ca812e...ac9175f8a1)

---
updated-dependencies:
- dependency-name: actions/labeler
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-08-01 14:18:15 +00:00
dependabot[bot]
8fa2da7ad1 build(deps): bump meson from 1.1.1 to 1.2.0 in /.github/workflows
Bumps [meson](https://github.com/mesonbuild/meson) from 1.1.1 to 1.2.0.
- [Release notes](https://github.com/mesonbuild/meson/releases)
- [Commits](https://github.com/mesonbuild/meson/compare/1.1.1...1.2.0)

---
updated-dependencies:
- dependency-name: meson
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-08-01 14:16:16 +00:00
Daan De Meyer
86320e626c Revert "repart: Allow combining CopyBlocks= and CopyFiles="
This reverts commit dea0dc7ba2.
2023-08-01 15:12:24 +02:00
Daan De Meyer
7e81a84448 Revert "repart: Add --oem and OEM="
This reverts commit 47c7805579.
2023-08-01 15:10:24 +02:00
Daan De Meyer
e2e20b6d3c Revert "units: Import all repart credentials in systemd-repart.service"
This reverts commit ed6b99dbf1.
2023-08-01 15:10:02 +02:00
Yu Watanabe
87e7979de4 meson: move declarations of kernel-install and sulogin-shell 2023-08-01 21:37:31 +09:00
Yu Watanabe
7be6a143da meson: move declarations of networkd and friends 2023-08-01 21:37:31 +09:00
Yu Watanabe
eb51c09d13 meson: move declarations of modules-load, nspawn, update-done, and update-utmp 2023-08-01 21:37:31 +09:00
Yu Watanabe
5371c26933 meson: move declarations of socket-proxy, udevadm, quotacheck, and shutdown 2023-08-01 21:37:31 +09:00
Yu Watanabe
6fab49e4ff meson: move declarations of hwdb, sysusers, and tmpfiles 2023-08-01 21:37:31 +09:00
Yu Watanabe
5c707c8cdb meson: move declarations of busctl, stdio-bridge, and run 2023-08-01 21:37:31 +09:00
Yu Watanabe
9f907d305f meson: move declarations of cgls, cgtop, initctl, and systemd-mount 2023-08-01 21:37:31 +09:00
Yu Watanabe
cb9356254a meson: move declarations of ask-password and friends 2023-08-01 21:37:31 +09:00
Yu Watanabe
5660e68d65 udev-builtin-net_id: fix potential buffer overflow 2023-08-01 21:34:12 +09:00
Yu Watanabe
a1008b2dab udev-builtin-net_id: various coding style cleanups 2023-08-01 21:34:12 +09:00
Yu Watanabe
64d2358397 udev-builtin-net_id: introduce device_is_stacked() helper function
Then, we can drop LinkInfo struct.
No functional change, just refactoring.
2023-08-01 21:34:12 +09:00
Yu Watanabe
dc999c0346 udev-builtin-net_id: drop unused arguments 2023-08-01 21:34:12 +09:00
Yu Watanabe
e581074b9a
Merge pull request #28611 from yuwata/meson-use-template
meson: use template (part 4)
2023-08-01 21:32:48 +09:00
David Tardon
1a572fd08f core: free the strings in the set in other places too
Follow-up for #28551.
2023-08-01 20:53:19 +09:00
Yu Watanabe
6840ee10e4
Merge pull request #28609 from yuwata/udev-builtin-net_id-cleanups-part2
udev: several cleanups and fixes for net_id builtin (part2)
2023-08-01 20:52:47 +09:00
Curtis Klein
902ea119e2 watchdog: Allow the watchdog to be disabled at runtime
manager_{get|set|override}_watchdog check the validity of the new
timeout or the overridden timeout values using timestamp_is_set which
does not recognize "0" as a valid value. However since f16890f, "0"
indicates a disabled watchdog and so is a value we should be able to
configure in order to disable the watchdog. A value of USEC_INFINITY is
considered a no-op. The behavior should be the same for all watchdog
timeout configurations (runtime, pretimeout, and shutdown).
2023-08-01 11:41:54 +01:00
dependabot[bot]
d8c7d6d4fe build(deps): bump github/codeql-action from 2.20.1 to 2.21.2
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.20.1 to 2.21.2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](f6e388ebf0...0ba4244466)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-08-01 10:14:58 +00:00
David Rheinsberg
6968841056 basic/memfd: fix memfd_map() seal test
Private mappings are required when F_SEAL_WRITE is set on a memfd,
because otherwise you could end up with writable mappings through
mprotect() and other calls. This is a limitation of the kernel
implementation, and might be lifted by future extensions.

Regardless, the current code tests for the full `is_sealed()` before
using MAP_PRIVATE. This might end up using MAP_SHARED for write-sealed
memfds, which will be refused by the kernel.

Fix this and make memfd_map() check for exactly `F_SEAL_WRITE`.
2023-08-01 10:14:50 +02:00
David Rheinsberg
4d90300371 basic/memfd: add fcntl() wrappers
Add wrappers around GET/ADD_SEALS to allow future use outside of the
current `memfd_get/set_sealed()` helpers.
2023-08-01 10:14:49 +02:00
David Rheinsberg
e1007a928a basic/memfd: reduce default seals to historic set
Rather than always setting all seals, make `memfd_set_seals()` employ
the original set of seals, that is: SEAL+GROW+SHRINK+WRITE

Historically, the memfd code was used with the out-of-tree memfd
patches, which merely supported a single seal ("SEALED", which
effectively was GROW+SHRINK+WRITE). When the code was adapted to the
upstream memfd seals, it was extended to the full seal set. With more
and more seals being added upstream, this because more problematic. In
particular, it is unclear what the function really is meant to achieve.

Instead of just adding all seals, the function is returned to its
original purpose: seal the memfd so futher modifications to its content
are prevented.
2023-08-01 10:13:51 +02:00
David Rheinsberg
d268b22b25 basic/memfd: drop test for F_SEAL_SEAL
With `F_SEAL_SEAL` a memfd can disable further sealing operations,
effectively sealing the set of seals. Testing for it ensures that no
further seals can be added, it never prevents seals from being dropped,
since seals cannot be dropped, ever.

Now testing for `F_SEAL_SEAL` makes sense if you want to ensure that
some seals are *not* set. That is, you either test for the entire set of
seals to match a local set, or you verify that a specific seal is not
set. Neither is what we are doing, so it feels wrong requiring it to be
set.

By dropping the requirement for `F_SEAL_SEAL`, the same FD can be shared
with other entities while retaining the ability to further restrict the
set of seals later on (e.g., being able to mark a region as executable
later on, and then adding `F_SEAL_EXEC`).
2023-08-01 10:13:46 +02:00