IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
The mode switch from any to pin is currently done in create_session().
However, if no (pinning) session is created before (or after) linger
is disabled, the user will not be gc'd after that. Therefore, also
perform the mode switch when linger is being disabled.
(cherry picked from commit 1df981a74a)
Prompted by #33650
Previously, if a user manually starts user@.service (which is
something we support), we'd track it as 'manager' session.
However, since user_get_state() ignores all non-pinning sessions,
if lingering is not enabled, the user state would always be
reported as 'closing', which is spurious.
Let's instead take gc_mode into consideration, and ignore
non-pinning sessions only if USER_GC_BY_PIN.
(cherry picked from commit 56f4ab2906)
They might not be readable to the unprivileged user running the tests
and it shouldn't really matter what is used. OTOH, we need a real kernel
because we look at the header.
(cherry picked from commit 987f4bce93)
ESC c is a (vaguely defined) "reset to initial state" ANSI sequence.
Many terminals clear the screen in this case, but that's a bit drastic I
think for most resets.
ESC c was added to the reset logic in
00bc83a275 (i.e. very recently), and I
don't think the effect was clear at that time.
Let's keep the ESC c in place however when we actually want to clear the
screen. Hence move it from reset_terminal_fd() into vt_disallocate().
Fixes: #33689
(cherry picked from commit 841eb9c186)
We've been getting some integration test failures due to timeouts
on finding the root partition device. Let's bump the default device
timeout a little to see if it mitigates these failures.
(cherry picked from commit 70510bf282)
Let's keep the stable version at the version of the previous release
until we do a new stable release. Unlike the main branch, there's no
need to immediately bump the version to the next version as the only
reason we do that in the main branch is to make sure the version from
the main branch sorts higher than any stable releases for the previous
version. This does not apply for stable releases and so we can safely
keep the old version in meson.version until we do a new stable release.
Every commit in systemd-stable can be considered stable since CI has
to pass for every merge to stable and we don't do any RC releases or
extra testing when doing a new stable release. So let's reflect that
in the versioning by dropping the "~devel" suffix from meson.version.
This allows distributions to do releases from arbitrary commits in
systemd-stable without ending up with ~devel in their versions.
CentOS Stream 10 has a newer util-linux which means the terminal
gets correctly resized to the size specified by mkosi. This is a
much nicer experience than CentOS Stream 9 where you're stuck on
80x24 so let's make CentOS Stream 10 the default release to build.
(cherry picked from commit 773f2e9633)
Let's document in detail how to build the integration test image and run
the integration tests without building systemd. To streamline the process,
we stop automatically using binaries from build/ when invoking mkosi directly
and don't automatically use a tools tree anymore if systemd on the host is too
old. Instead, we document these options in HACKING.md and change the mkosi meson
target to automatically use the current build directory as an extra binary search
path for mkosi.
(cherry picked from commit d279ec4a50)
In mkosi.images/system/mkosi.conf, we configure the certificate as
an extra tree so it's available inside the image. However, we pick up
the certificate from the top level repository directory and not from the
build directory where it is generated by the genkey meson target.
We currently have no way to access the build directory that mkosi was
invoked from when parsing the configuration file. Thus we have no way to
specify the correct location to the certificate when it's located in the
build directory.
For now, let's look for the key and certificate in the top level repository
root directory and drop the genkey target.
We don't have to change the Github Actions CI because it already runs genkey
manually before the image build (which is something we forgot to remove when
introducing the genkey target and is the reason this didn't cause issues before).
(cherry picked from commit b00f44c3cf)
We already have selinux=0 in the default kernel command line so
enforcing=0 is redundant. Instead, pass in enforcing=0 when we
enable selinux in TEST-06-SELINUX.
(cherry picked from commit f5c44df929)
It doesn't get pulled in as a dependency anyway and kernel command
line space is precious so let's remove apparmor=0 as it's a noop
anyway.
(cherry picked from commit 5319be5f0c)
* fix: update docs since the default config uses a setting only available in v23
* fix: update docs to only refer to installing from the mkosi repo
(cherry picked from commit cb2d6214ca)
$SYSTEMD_REPART_OVERRIDE_FSTYPE is too invasive. Often you want to
override the fstype only for a specific designator, so let's support
that as well.
(cherry picked from commit 90a255779d)
Let's make things a little more consistent and build the initrd
explicitly as a subimage as well instead of relying on mkosi building
it as part of the main image build.
We drop the opensuse initrd postinst script as we don't use erofs by
default anymore. We can always reintroduce it again later if needed.
(cherry picked from commit 68ee977114)
Let's make sure we don't load libnss_systemd.so from bash as the
necessary environment variables aren't set to make that work when
we're running with sanitizers enabled.
We can't add a sanitizer wrapper for bash as the wrapper runs using
bash so you end up in a loop.
(cherry picked from commit 5ac0dc70ff)
We use -fdebug-prefix-map= because debugedit doesn't work for us (for
a currently unknown reason since it's the most obtuse code I've ever
had the pleasure of reading). With all the unique macros enabled, the
destination directory we pass to -fdebug-prefix-map= includes the package
release. The release is either the timestamp of the current commit or
the current time if the working tree is dirty. This means it generally
changes every time we rerun the build script. However, meson only reads
compiler arguments the first time it is invoked or if --wipe is specified.
This means that on a rerun -fdebug-prefix-map= will be configured wrong
and the build will fail.
Let's prevent this from happening by disabling the unique debug source
names by overriding the --unique-debug-src-base option that is passed to
find-debuginfo.sh by rpm via the _find_debuginfo_opts macro.
(cherry picked from commit 88221219a3)
We switch to the c10s-sig-hyperscale branch of the spec repository
as it will receive all the latest changes the earliest before they
end up in the c9s-sig-hyperscale branch.
(cherry picked from commit 8b32cc79ec)
This allows us to add CI for CentOS Stream 10 as EPEL 10 doesn't
exist yet and won't exist for quite some time.
CentOS Stream 10 will be enabled later as soon as
https://issues.redhat.com/browse/RHEL-46604 is resolved.
(cherry picked from commit 0e4a7ab6d5)
We want the exitrd image to be built with the latest systemd as well.
As the exitrd image is built as part of mkosi.images, and all subimages
are built before the main image, this implies the packages must be built
as a subimage in mkosi.images/ as well. So we introduce the build image and
move all logic related to building distribution packages there.
This also has the nice side effect of slimming down the main image as the
build dependencies are not installed into the main image anymore. It also
makes sure the packages are built in a "clean" chroot without any of the
other packages which we install in the main image available.
(cherry picked from commit 7205fc7dc3)
* a3524fc837 Use a more precise Recommends for libkxbcommon
* 980ede8c0f Drop machined revert
* d569018a92 Rebuilt for the bin-sbin merge
* 8881fa94ee Version 256.2
* 1cc4f83002 Link systemd-executor statically
* 0319e62d9c Update dracut workaround
* c96f54de22 Fix ELN build
* 3f68c5d802 Only exclude dracut conflicts on non-fedora on upstream builds
* 7db154308b Conditionalize dracut Conflicts more
(cherry picked from commit 72a8f508e5)
* 8c025c3bdf Accepting request 1184267 from Base:System
|\
| * 735f8c4ba4 - Import commit 5a8eadd0c021758337a020c423f25a353bdb9b3c (merge of v255.8) For a complete list of changes, visit: 603cd1d4d8...5a8eadd0c0 - Drop 5003-Revert-run-pass-the-pty-slave-fd-to-transient-servic.patch as v255.8 contains the workaround (commit 639c922ede9485) for the broken commit 28459ba1f4.
* | 37853fecc3 Accepting request 1183029 from Base:System
|/
* 638de11012 - Don't automatically clean unmodified config files up (bsc#1226415)
* 369c023c24 reorder one more time...
* ffa9f0ac80 reorder the runtime deps of the testsuite package so the format_spec_file thingy stop screwing up the spec file...
* 12c1190a79 fix rev 1529: the devel packages are really needed by the testsuite script to install the dlopened libs into the image
* ca8e7f54ce - systemd.spec: move a misplaced %endif in the testsuite sub-package.
* b7944f5b14 - Merge systemd-coredump back into the main package (bsc#1091684)
* 3fa0dea84a - Don't pull the devel packages in when installing the testsuite package.
(cherry picked from commit eb6f177ae4)
- Stop installing the policy in the initramfs as it's not really
supported anyway (https://github.com/fedora-selinux/selinux-policy/issues/2221)
- Stop relabeling on first boot and prefer to do it at image build time
- Disable mkosi relabeling by default but enable it in CI
- Build image as root in CI so the SELinux relabeling works properly
(cherry picked from commit dedd712dd9)
