IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
While at it, rephrase the output a bit. Before this commit, if
the pid doesn't exist, we output something hard to interpret -
"Failed to get unit for ourselves".
This is similar to #30183 but focusses on the status output rather than
the log output.
Since the status output always goes to a TTY we don't have to
conditionalize things on isatty().
Fixes: #30184
This make them recognized by file managers and stuff. Maybe one day we
should properly register mime types in the "vnd." namespace with IANA,
but I am too lazy to deal with the bureaucracy for that, hence let's
stick with the x. namespace for now.
This defines confext/sysext DDIs as subtype of:
https://www.iana.org/assignments/media-types/application/vnd.efi.img
Which is what everyone appears to use for raw disk images, in particular
if they contain a GPT partition table.
sshd now supports config file drop-ins, hence let's install one to hook
up "userdb ssh-authorized-keys", so that things just work.
We put the drop-in relatively early, so that other drop-ins generally
will override this.
Ideally sshd would support such drop-ins in /usr/ rather than /etc/, but
let's take what we can get. It's not that sshd's upstream was
particularly open to weird ideas from Linux people.
This adds a new ProtectSystem= setting that mirrors the option of the
same of services, but in a more restrictive way. If enabled will remount
/usr/ to read-only, very early at boot. Takes a special value "auto"
(which is the default) which is equivalent to true in the initrd, and
false otherwise.
Unlike the per-service option we don't support full/strict modes, but
the door is open to eventually support that too if it makes sense. It's
not entirely trivial though as we have very little mounted this early,
and hence the mechanism might not apply 1:1. Hence in this PR is a
conservative first step.
My primary goal with this is to lock down initrds a bit, since they
conceptually are mostly immutable, but they are unpacked into a mutable
tmpfs. let's tighten the screws a bit on that, and at least make /usr/
immutable.
This is particularly nice on USIs (i.e. Unified System Images, that pack
a whole OS into a UKI without transitioning out of it), such as
diskomator.
We have two mechanisms that remove old coredumps: systemd-coredump has
parameters based on disk use / remaining disk free, and systemd-tmpfiles does
cleanup based on time. The first mechanism should prevent us from using too much
disk space in case something is crashing continuously or there are very large
core files.
The limit of 3 days makes it likely that the core file will be gone by the time
the admin looks at the issue. E.g. if something crashes on Friday, the coredump
would likely be gone before people are back on Monday to look at it.
Follow-up for 9e615117dab5ede72eec22bf6369e0138f9dace5
We'll typically send signals to all remaining processes in the following
cases:
1. pid1 (in initrd) when transitioning from initrd to sysroot: SIGTERM
2. pid1 (in sysroot) before transitioning back to initrd (exitrd): SIGTERM + SIGKILL
3. systemd-shutdown (in exitrd): SIGTERM + SIGKILL
'warn_rootfs' is set to true only when we're not in initrd and we're
sending SIGKILL, which means the second case. So, we want to emit the
warning when the root of the storage daemon IS the same as that of pid1,
rather than the other way around.
The condition is spuriously reversed in the offending commit.
When calling loginctl {seat,session}-status without arguments, show a nicer
error message in case there's no suitable session/seat attached to the calling
tty.
Before:
~# loginctl seat-status
Could not get properties: Unknown object '/org/freedesktop/login1/seat/auto'.
~# systemd-run -q -t loginctl seat-status
Could not get properties: Unknown object '/org/freedesktop/login1/seat/auto'.
~# systemd-run -q -t loginctl session-status
Could not get properties: Unknown object '/org/freedesktop/login1/session/auto'.
After:
~# build/loginctl seat-status
Failed to get path for seat 'auto': Session '1' has no seat.
~# systemd-run -q -t build/loginctl seat-status
Failed to get path for seat 'auto': Caller does not belong to any known session and doesn't own any suitable session.
~# systemd-run -q -t build/loginctl session-status
Failed to get path for session 'auto': Caller does not belong to any known session and doesn't own any suitable session.
Resolves: #25199
Otherwise, repart won't calculate the minimal size of the partition
automatically and things will fail once the partitions exceed the
minimal partition size (10M).
The idea is that genkey is called with either
--secureboot-private-key= + --secureboot-certificate=, and then it
writes those, or with --pcr-private-key + optionally --pcr-public-key
and then it writes those, or both. But when called with no arguments
whatsover, it did nothing.
There is no implicit value for any of those parameters as input (unlike in
mkosi), so we also don't want to have implicit values when used as output.
But we shouldn't return success if no work was done, this is quite confusing.
Before:
$ python src/ukify/ukify.py genkey --secureboot-private-key=sb2.key --secureboot-certificate=sb2.cert --secureboot-certificate-validity=111
Traceback (most recent call last):
File "/home/zbyszek/src/systemd-work/src/ukify/ukify.py", line 1660, in <module>
main()
File "/home/zbyszek/src/systemd-work/src/ukify/ukify.py", line 1652, in main
generate_keys(opts)
File "/home/zbyszek/src/systemd-work/src/ukify/ukify.py", line 943, in generate_keys
key_pem, cert_pem = generate_key_cert_pair(
^^^^^^^^^^^^^^^^^^^^^^^
File "/home/zbyszek/src/systemd-work/src/ukify/ukify.py", line 891, in generate_key_cert_pair
now + ONE_DAY * valid_days
~~~~~~~~^~~~~~~~~~~~
TypeError: can't multiply sequence by non-int of type 'datetime.timedelta'
Now:
$ python src/ukify/ukify.py genkey --secureboot-private-key=sb2.key --secureboot-certificate=sb2.cert --secureboot-certificate-validity=111
Writing SecureBoot private key to sb2.key
Writing SecureBoot certificate to sb2.cert
The new code is also clearer.
If /run/nextroot/ has been set up, use it, even if the inodes are
the same. It could be a verity device that is reused, but with
different sub-mounts or other differences. Or the same / tmpfs with
different /usr/ mounts. If it was explicitly set up we should use it.
Use the new helper to check that the mount IDs are also the same,
not just the inodes.
