IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
don't let the devices to be announced just as model "Linux". Let's instead
propagate the underlying block device's model. Also do something
reasonably smart for the serial and firmware version fields.
Before, handling of global properties (set on systemd-udevd by `udevadm
control -p FOO=foo`) was inconsistent. They were honored in ENV matches,
but not in any assignment. This meant that any use of $env{FOO} (where
FOO was a global property) expanded to an empty string.
Fixup for e87dec82be:
I misunderstood the format. It's actually CBOR, i.e. some binary format.
When trying to show show text we would first check if it's valid UTF-8,
so we would handle this gracefully, i.e. emit a warning and not print
the contents.
The TPM2 tests that genreate an RSA primary key are fast on vtpms, but
very slow on physical TPMs, simply because TPMs aren't precisely fast
devices. It makes sense to keep the tests around however. Hence hide the
test behind the "slow test" logic by default – but only if we run on
physical hw, and keep them in place on VMs (where we'd expect a vtpm, if
any).
The test-tpm2 test multiplexes a bunch of tests from a single
entrypoint test that creates the TPM2 connection. This means we only get
the nice log output which test we are looking for once for the
entrypoint.
Let's add a macro that allows it to nicely generate it for the inner
tests too and use it.
Let's add a new "plymouth-util.c" module with helpers for talking to
plymouth. We so far had three places for this, let's unify the code
doing this a bit.
The meson summary logic checks for ENABLE_* and HAVE_*, but we used a define
with no prefix. Let's make it ENABLE_… for consistency with other config
options. Obviously this also fixes the summary output.
The only way this could be called with an invalid value would be if
somebody forgot to initialize unit type. In such cases, it's better to
fail hard immediately.
Those functions take a pointer to a timestamp and return a timestamp pointer,
so the reader would be justified to think that those are just getters. Rename
them to avoid confusion.
There are draft proposals to embed SBOM metadata in the .sbom section of PE
binaries [1], in the coSWID XML format. Some details of how this is actually
implemented might change, but it seems very likely that both section name and
it being text will stay. Let's show the section as text to make such binaries
easier to inspect. ([1] recommends using 'objcopy -j .sbom' which isn't
particularly readable.) Once there's more standarization of the actual
format, we can add pretty-printing and/or syntax highlighting.
[1] https://uefi.org/blog/firmware-sbom-proposal
[2] https://www.ietf.org/archive/id/draft-ietf-sacm-coswid-21.html
The details of formatting are copied from mkosi. This results in the following:
usage:
ukify build [--linux=LINUX] [--initrd=INITRD] [options…]
ukify genkey [options…]
ukify inspect FILE… [options…]
Build and sign Unified Kernel Images
options:
--version show program's version number and exit
...
I put "[options…]" at the end, because that's what one would generally do
with long options like "--cmdline" and others.
Loading the SELinux DB on every invocation can be slow and
takes 2ms-10ms, so do not initialize it unconditionally, but
wait for the first use. On a mkosi Fedora rawhide image, this
cuts the number of loads in half.
