1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-22 17:35:35 +03:00
Commit Graph

74902 Commits

Author SHA1 Message Date
Michal Koutný
00dfa7964b core/cgroup: Apply IODevice*= directives in configured order
Different device paths may resolve to same device node
(lookup_block_device()), e.g.
        IOReadBandwidthMax=/dev/sda1 18879
        IOReadBandwidthMax=/dev/sda2 18878
where both partitions resolve to /dev/sda and when these values are
applied (they are associated with original paths, i.e. as if applied for
different device) in the order from io_device_limits.

The parsing code prepends, so they end up in reverse order wrt config
file. Switch the direction so that the order of application matches the
order of configuration -- i.e. semantics in all other unit file
directives.

Apply same change to all directives that use per-device lists. (The
question whether partitions should be resolved to base device is
independent.)

And apply the changes equally to DBus properties write handlers.

Fixes #34126

(cherry picked from commit 0fa0dfa044)
2024-10-08 16:39:12 +01:00
Ivan Shapovalov
1a08b86723 core/cgroup: cache IO accounting data when pruning a cgroup
When removing a cgroup in unit_prune_cgroup(), read IO metrics to cache
them similar to the existing treatment of the CPU and memory usage data.

Note that we do not do this for the IP metrics as the firewall objects
are only destroyed in unit_free() and thus stay alive long enough to
be read out directly by all interested parties.

Fixes #26988.

(cherry picked from commit 17bbdefd8c)
2024-10-08 16:39:12 +01:00
Ivan Shapovalov
a0d60f5621 core/cgroup: drop allow_cache parameter in unit_get_io_accounting()
The name of the parameter is misleading and it does not save us much
work because it is not used during regular unit property queries.
It is only used during unit_log_resources(), and the cgroup is already
dead by that point so it won't be read anyway.

(cherry picked from commit a0020ad84b)
2024-10-08 16:39:12 +01:00
Zbigniew Jędrzejewski-Szmek
2cd8079efa man: say that SYSEXT_SCOPE=initrd also applies to exitrds
We generally do _not_ want the same sysexts to be loaded in both initrd and
exitrd phases. The environment is completely different and it's unlikely that
the same code can be useful in both places. Nevertheless, it can be useful in
_some_ cases, for example when the sysexts contains debugging tools.

I think we don't need to differentiate between initrds and exitrds through
SYSEXT_SCOPE, because the two types are made available in completely different
locations and loaded through a different mechanism, with very little chance of
an initrd being loaded as an exitrd without an explicit admin action (or the
other way around). So let's not complicate our code or definitions by an
explicit "exitrd" sysext designator, but just clarify that "initrd" also
encompasses exitrds in this context.

(cherry picked from commit 7352a0093f)
2024-10-08 16:39:12 +01:00
Zbigniew Jędrzejewski-Szmek
b78f99e71b man: slightly enhance docs about "exitrd" and remove TODO entry for it
The concept is fairly well established and present in our docs in various
places.

Say that the exitrd is also marked by the presence of /etc/initrd-release.

(cherry picked from commit ace26a511f)
2024-10-08 16:39:12 +01:00
Daan De Meyer
08cf1c5ce5 repart: Add a log message when we're about to fsync().
(cherry picked from commit f3b8e81f54)
2024-10-08 16:39:12 +01:00
Daan De Meyer
abd6cd1b69 mkosi: Add missing SPDX line
(cherry picked from commit 80d4ea4457)
2024-10-08 16:39:12 +01:00
Daan De Meyer
1ade483044 mkosi: Add back support for running clangd within mkosi
This allows hacking on systemd without installing any build
dependencies except mkosi on the host machine.

(cherry picked from commit 6d862a9dc0)
2024-10-08 16:39:12 +01:00
Mike Yuan
528cd7dc84 machined: fix bogus error check for machine_link()
(cherry picked from commit 533c20ca5b)
2024-10-08 16:39:12 +01:00
Daan De Meyer
efd5e357d7 Add an extra debug log to dissect_image()
(cherry picked from commit 0121b84e41)
2024-10-08 16:39:12 +01:00
Zbigniew Jędrzejewski-Szmek
bf64e901e4 mkosi: bump mkosi MinimumVersion
dbff64ddf0 bumped the hash to
a commit after 24.3, so let's tell the users that 25~devel is
the minimum required.

(cherry picked from commit 3a157e7cb4)
2024-10-08 16:39:12 +01:00
Yu Watanabe
06eb9b1482 sd-ipv4acd: fix assertion triggered when an ARP received in STARTED state
When a network is busy, an ARP may be received before the timer event
source triggered first time.

Fixes #34489.

(cherry picked from commit 146b44d0a0)
2024-10-08 16:39:12 +01:00
Mike Yuan
d7ae71b9c1 boot: use INC_SAFE where appropriate
(cherry picked from commit 48837c6500)
2024-10-08 16:39:12 +01:00
Mike Yuan
7884db1b93 tmpfiles: ERRNO_IS_NOINFO -> _IS_NEG_, correct negative errno checks
(cherry picked from commit 755877f20a)
2024-10-08 16:39:12 +01:00
cvlc12
f535bbea13 man: update PCR and Secure Boot key names and paths
(cherry picked from commit dbf5b09de4)
2024-10-08 16:39:12 +01:00
Yu Watanabe
308c93c51f test: add tests for seccomp_suppress_sync()
(cherry picked from commit c07e10628b)
2024-10-08 16:39:12 +01:00
Yu Watanabe
4bbd6f589a seccomp-util: pass negative fds as is to fsync() and friends
Closes #34478.

Co-authored-by: Mike Yuan <me@yhndnzj.com>
(cherry picked from commit 144fbbac23)
2024-10-08 16:39:12 +01:00
Daan De Meyer
3f313d0d49 test: Run TEST-74-AUX-UTILS in virtual machine
Various tests skip themselves when running in a container so make
sure the test runs in a virtual machine so we get full coverage.

(cherry picked from commit f4faac2073)
2024-10-08 16:39:12 +01:00
Yu Watanabe
84d5d3af9d man: fix typo
Follow-up for 8aee931e7a.

(cherry picked from commit 07e6a111c0)
2024-10-08 16:39:12 +01:00
Daan De Meyer
e365f6edf8 ci: Don't add testuser to wheel and systemd-journal groups
This breaks TEST-74-AUX-UTILS when run in a VM as the user gets access
to journal files that the test expects it can't access.

(cherry picked from commit 1d5b4317cd)
2024-09-25 21:27:25 +02:00
Daan De Meyer
f457acb663 mkosi: Stop applying device groups patch on Arch
It stopped applying so let's stop applying it to make CI green again.

(cherry picked from commit cf94f513f0)
2024-09-25 21:27:25 +02:00
Daan De Meyer
d1f09ff4cd mkosi: Disable makepkg PKGBUILD linting using the newly added environment variable
(cherry picked from commit 27a8a29e32)
2024-09-25 21:27:25 +02:00
Zbigniew Jędrzejewski-Szmek
c1fd422f2c mkosi: supress error messages from git
When updating, I get a message like:
fatal: Not a valid object name a67221c3f0d0b81b9b5b3230a71d09044342f1a4^{commit}

The failure here is expected, it just means that an update is
necessary, so suppress output.

(cherry picked from commit 3f922abe49)
2024-09-25 21:27:25 +02:00
Daan De Meyer
d64193a2a6 boot: Make initrd_prepare() semantically equivalent to combine_initrds()
Currently, trying to boot images with type 1 entries generated by mkosi
with qemu freezes in the kernel EFI stub. I'm not going to pretend I
understand what's going on, but when I reported a similar problem with
UKIs, the fix was to rework the code in combine_initrds() in the stub
to behave like it does today. It seems that same fix was never applied
to systemd-boot's combine_initrds() function, so let's do that now to
fix the freezes I've been seeing trying to boot images with type 1 entries
in qemu.

(cherry picked from commit f8fa4222c9)
2024-09-15 20:16:51 +02:00
Luca Boccassi
2552348da2 portable: ensure PORTABLE_FORCE_ATTACH works even when there is a leftover unit
Force means force, we skip checks with PID1 for existing units, but
then bail out with EEXIST if the files are actually there. Overwrite
everything instead.

(cherry picked from commit 1e2d1a7202)
2024-09-11 13:19:25 +02:00
Luca Boccassi
a2c84836ef test: mount ld.so.cache in minimal nspawn container if present
In some cases (SUSE Tumbleweed) this is needed as a library (libz) is
not in the default path, so it fails to run.

(cherry picked from commit 1e17e48b96)
2024-09-11 13:19:25 +02:00
Luca Boccassi
230f5613c9 meson: bump version to 256.6 2024-09-10 17:02:09 +02:00
Luca Boccassi
f13e3a93d7 hwdb: update to main@{2024-09-10}
git restore -s origin/main hwdb.d/ test/hwdb.d
2024-09-10 17:01:26 +02:00
Daan De Meyer
f64ee10e4e mkosi: Add back accidentally removed .gdbinit file
(cherry picked from commit b811b9addf)
2024-09-10 14:56:05 +02:00
Luca Boccassi
dd577dde5e mkosi: use util-linux's autologin
login is now from util-linux so credentials are supported.
It also needs to be pulled in as it's Protected: yes rather than
Essential: yes.

Keep the old setting for Ubuntu as that still uses login from shadow.

(cherry picked from commit ec54029017)
2024-09-10 14:56:05 +02:00
Daan De Meyer
37e130e203 mkosi: Don't create sanitizer wrappers for every mkfs binary
mksquashfs for some reason ends up in nss_systemd and mkfs.btrfs
links against libudev. The others don't need a sanitizer wrapper
script.

(cherry picked from commit 67b240f6b0)
2024-09-10 14:56:05 +02:00
dependabot[bot]
4fe2c97477 build(deps): bump systemd/mkosi
Bumps [systemd/mkosi](https://github.com/systemd/mkosi) from 8c2f828701a1bdb3dc9b80d6f2ab979f0430a6b8 to 31b4e756c1484c302435653da5d3b9bdfae38518.
- [Release notes](https://github.com/systemd/mkosi/releases)
- [Changelog](https://github.com/systemd/mkosi/blob/main/NEWS.md)
- [Commits](8c2f828701...31b4e756c1)

---
updated-dependencies:
- dependency-name: systemd/mkosi
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
(cherry picked from commit 0333969a40)
2024-09-10 14:56:05 +02:00
Daan De Meyer
5d48558f4b mkosi: Use apt patterns to install dependencies on Debian/Ubuntu
Instead of parsing the human readable output of apt-cache, let's
use apt patterns to figure out the dependencies.

We also filter out virtual packages as apt will fail and say we need
to install an implementation of the virtual package even if a package
that provides the virtual package is already installed.

(cherry picked from commit 89c579788d)
2024-09-10 14:56:05 +02:00
Daan De Meyer
e6feb4fa90 mkosi: Make systemd package filtering more robust
Let's not just filter everything with systemd in the name, but instead
use the same list of volatile packages that we install to do the
filtering.

(cherry picked from commit 70ecdbfa23)
2024-09-10 14:56:05 +02:00
Daan De Meyer
65d59fbd1c mkosi: Include noarch in dnf repoquery architectures
ukify is noarch so we should include noarch to get all results.

(cherry picked from commit 3e09a3eac2)
2024-09-10 14:56:05 +02:00
Yu Watanabe
0d0c5bff92 mkosi: fix typo
Follow-up for 7205fc7dc3.

(cherry picked from commit f38aac5e01)
2024-09-10 14:56:05 +02:00
Daan De Meyer
23a60e89e7 mkosi: Switch back to src.opensuse.org for opensuse spec
Supposedly they're never going to rewrite their git history again
so let's give src.opensuse.org another try given that code.opensuse.org
is down again.

(cherry picked from commit ffd76bdd97)
2024-09-10 14:56:05 +02:00
Daan De Meyer
a24fe6af45 mkosi: update fedora commit reference
* a67221c3f0 Always build ukify package
* abb115a905 Do not use patch to modify systemd-user pam config file
* 196ec98228 Drop %upstream conditionalization for patches

(cherry picked from commit e921a8ad67)
2024-09-10 14:56:05 +02:00
Daan De Meyer
0c314a93ff mkosi: Don't fetch remote if the commit to check out already exists
If the commit we're about to check out already exists in the local
repository, don't fetch from the remote repository.

(cherry picked from commit c5730846fe)
2024-09-10 14:56:05 +02:00
Daan De Meyer
ff409b84b6 mkosi: Always specify _sourcedir as an absolute path
A relative path is not supported by rpm so let's make sure we specify
it as an absolute path.

(cherry picked from commit 71acb00c28)
2024-09-10 14:56:05 +02:00
Daan De Meyer
41235e2717 mkosi: Don't apply distribution specific patches
rpm upstream is going to imply --noprep when running with --build-in-place so let's do the same on older
versions of rpm (e0925ad6e3)

Also, to keep things consistent between distros, run with --noprepare
on Arch Linux as well (we already skip patches on Debian/Ubuntu).

To keep things working on Arch, we apply the one downstream patch
manually ourselves.

(cherry picked from commit 00a2a67d81)
2024-09-10 14:56:05 +02:00
Daan De Meyer
f193dbac8b mkosi: Stop using git commit timestamps for package releases
This prevents bisecting to figure out which commit broke something
as when going backwards the git commit timestamp will be older meaning
package managers will refuse to upgrade to the "older" version. Let's
make sure the release is always newer by using the current date unless
$SOURCE_DATE_EPOCH is set.

(cherry picked from commit caf5eb586a)
2024-09-10 14:56:05 +02:00
Daan De Meyer
31ce8677e9 mkosi: update fedora commit reference
* 28076e6232 Only make python3-pillow Recommends on Fedora
* a9807c4486 Do not require grubby on CentOS Stream 9
* d38cacfd3a Version 256.5
* 38291e13c1 Disable integration of userdb in sshd
* 53118d2112 Backport patch to only read /proc/cmdline when not in container
* 903e8e0f88 Backport upstream patch to try more initrd variants in 90-loaderentry.install
* b29a66006c Version 256.4
* 1cdae03391 Update tmpfiles --destroy-data patch
* 4fd4ef72a6 Upload sources
* 3c3772150d Version 256.3

(cherry picked from commit 92c22e02c1)
2024-09-10 14:56:05 +02:00
Daan De Meyer
b8526eb0a4 mkosi: update opensuse commit reference
* 2866762da8 Update systemd to version 256.4 / rev 429 via SR 1192932

(cherry picked from commit 051fddfc41)
2024-09-10 14:56:05 +02:00
Daan De Meyer
033c3a020b mkosi: update arch commit reference
* ea5f086275 handle uncommon license
* 43e43faab8 upgpkg: 256.5-1: new upstream release
* 7f4443062f Provide /etc/cryptsetup-keys.d/
* 262a14b8e5 upgpkg: 256.4-1: new upstream release
* 1aff4eb5f6 upgpkg: 256.3-1: new upstream release

(cherry picked from commit caf984def5)
2024-09-10 14:56:05 +02:00
Daan De Meyer
2725b5c01f mkosi: Update to latest
(cherry picked from commit dbff64ddf0)
2024-09-10 14:56:05 +02:00
Daan De Meyer
145f581e88 mkosi: Update to latest
Should fix the Fedora Rawhide CI failure.

(cherry picked from commit f134a79ff8)
2024-09-10 14:56:05 +02:00
Daan De Meyer
cfc3c113f7 mkosi: Update to latest
(cherry picked from commit 2dc99fdadb)
2024-09-10 14:56:05 +02:00
Daan De Meyer
07b2d49089 mkosi: Improve formatting
(cherry picked from commit bc07b026f0)
2024-09-10 14:56:05 +02:00
dependabot[bot]
da76d7c4f5 build(deps): bump systemd/mkosi
Bumps [systemd/mkosi](https://github.com/systemd/mkosi) from 4eba736412c702bbbe2c6d4a58a92fa977219249 to 63fc1fde5b1aac1abf07ac499068c2b62263dafb.
- [Release notes](https://github.com/systemd/mkosi/releases)
- [Changelog](https://github.com/systemd/mkosi/blob/main/NEWS.md)
- [Commits](4eba736412...63fc1fde5b)

---
updated-dependencies:
- dependency-name: systemd/mkosi
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
(cherry picked from commit 5186b40c6f)
2024-09-10 14:56:05 +02:00