1
0
mirror of https://github.com/systemd/systemd.git synced 2025-01-12 13:18:14 +03:00
Commit Graph

72560 Commits

Author SHA1 Message Date
Yu Watanabe
d05487ef95
Merge pull request #32272 from DaanDeMeyer/volatile
mkosi: various improvements
2024-04-15 04:34:56 +09:00
Daan De Meyer
659cf9191c mkosi: Remove outdated comment 2024-04-14 19:59:21 +02:00
Daan De Meyer
8630fb6041 mkosi: Don't log debug logs to console
We have various tools that log directly to the console, as well as
pid1 which logs directly to the console when running in a container.
Let's make sure that we don't log debug messages to the console by
default, but keep the behavior when running in CI.
2024-04-14 19:59:10 +02:00
Daan De Meyer
9c5216bb9d mkosi: Use new volatile package settings
mkosi just learned to do natively what we currently do with environment
variables and a postinst script, so let's update to the latest version
and start using the new settings instead.
2024-04-14 19:53:43 +02:00
Daan De Meyer
962f9d6fb4 mkosi: Update to latest 2024-04-14 19:53:09 +02:00
Yu Watanabe
ae9fd433d6
Merge pull request #32194 from henryli001/lihl/add-defaultUseDomains-config
network: add mechanism to configure default UseDomains= setting
2024-04-14 13:40:06 +09:00
Henry Li
fb57300743 network: add mechanism to configure default UseDomains= setting, update man page and add test 2024-04-13 16:54:31 -07:00
Ole Peder Brandtzæg
712514416e man: remove PrivateMounts= from list of other settings in its own description
The diff looks bigger, but that's only because it seemed fitting to
reformat the paragraph now that the list is shorter.
2024-04-14 08:04:12 +09:00
Yu Watanabe
bffc1a28d5
Merge pull request #32257 from yuwata/tree-wide-trivial-style-fixes
tree-wide: trivial style and typo fixes
2024-04-13 08:02:18 +09:00
Sam Leonard
af49ea3371 vmspawn: check firmware target architecture
Fixes issue #32026 by only finding firmwares which explicitly support
the native architecture.
2024-04-13 05:48:05 +09:00
Yu Watanabe
7f5c82aaf3 tree-wide: insert missing space after comma 2024-04-13 05:44:04 +09:00
Yu Watanabe
b2da2296ff journal: drop thousands separator in comment 2024-04-13 05:43:37 +09:00
Yu Watanabe
6d3024369e home: wrap long line 2024-04-13 05:42:21 +09:00
Yu Watanabe
c133387f7e homectl: realign table 2024-04-13 05:41:46 +09:00
Yu Watanabe
4dbcda1cca network/ndisc: fix typo
Follow-up for e42a74803a.
2024-04-13 05:21:42 +09:00
Yu Watanabe
bf4c90caed core: fix typo
Follow-up for 21b366121f.
2024-04-13 05:20:05 +09:00
Evgeny Vereshchagin
af6e984109 fuzz: check that resource records are serialized successfully
It shouldn't fail at that point.

It's prompted by the "Structure needs cleaning" thing that keeps popping
up in various places like
https://github.com/systemd/systemd/pull/30952#discussion_r1553181309 and
https://github.com/systemd/systemd/issues/31708.
2024-04-13 05:18:12 +09:00
Yu Watanabe
87bbcb26c8
Merge pull request #32255 from YHNdnzj/strextendf
shared/killall: minor modernization
2024-04-13 05:10:20 +09:00
Yu Watanabe
976c4b38c5
Merge pull request #32256 from YHNdnzj/network-close-and-replace
sd-dhcp-server: use close_and_replace (avoid fd leak)
2024-04-13 05:09:36 +09:00
Mike Yuan
d2198b3206
sd-dhcp-server: use close_and_replace (avoid fd leak)
Follow-up for 11b88419ae

Fixes #32252
2024-04-13 02:48:52 +08:00
Mike Yuan
3c321488bc
sd-dhcp-server: check dir_fd with assert_return 2024-04-13 02:48:52 +08:00
Mike Yuan
bbfb9edc66
shared/killall: minor modernization 2024-04-13 02:35:01 +08:00
Mike Yuan
dbbc86ffbd
string-util: correct comment in strextendf_with_separator 2024-04-13 02:35:01 +08:00
Sam Leonard
edd85c8414 vmspawn: add --discard-disk= to control handling of disk discard requests
Fixes issue #32024, using --discard-disk=yes will enable handling of disk
discarding requests, saving space for long running VMs as desired.
2024-04-12 20:32:38 +02:00
Frantisek Sumsal
844af666ed test: add instructions on how to run Coverity locally
This requires a Coverity license, so the usefulness of the instructions
is somewhat limited, but at least I won't have to re-discover everything
from scratch when I need to debug something Coverity-related again in the
future.
2024-04-12 14:42:00 +02:00
Sam Leonard
0f85622950 vmspawn: update parse_boolean to parse_boolean_argument 2024-04-12 13:26:36 +01:00
Antonio Alvarez Feijoo
126928de76 bus-polkit: fix return value for varlink_allow_interactive_authentication()
Follow-up for d04c1a1c8e
2024-04-12 13:26:22 +01:00
Zbigniew Jędrzejewski-Szmek
c71b50179e meson: do not fail build with newer kernel headers
systemd-255 is failing a build with the latest kernel headers… Let's downgrade
this warning, because it's fine if there's a file system we don't know about
and it makes thing less brittle if we don't treat this as a hard error.

(I initially conditionalized this on BUILD_MODE, but I don't think we need a
hard error there either. A warning will be noticed and fixed.)
2024-04-12 11:44:58 +01:00
Yu Watanabe
296afa8477 ndisc-option: also ignore Prefix Information option with multicast address
Fixes https://github.com/systemd/systemd/pull/32215#issuecomment-2049624693
2024-04-12 10:34:12 +01:00
Daan De Meyer
dd63f00c64
Merge pull request #32240 from yuwata/network-ndisc-fix-on-link-prefix
network/ndisc: fixlets for on-link prefix
2024-04-12 08:46:34 +02:00
Yu Watanabe
b263362254 network/ndisc: drop onlink prefix when valid lifetime is zero
Replaces 155d7a2c04.
2024-04-12 06:12:03 +09:00
Yu Watanabe
9f368d9eb2 network/ndisc: do nothing for existing routes if on-link flag is zero
This effectively reverts commit 155d7a2c04.

From RFC 4861 section 6.3.4:
> Note, however, that a Prefix Information option with the on-link flag
> set to zero conveys no information concerning on-link determination and
> MUST NOT be interpreted to mean that addresses covered by the prefix
> are off-link.

So, we should not drop previously configured routes when receieved a RA
with Prefix Information option without on-link flag.

Closes #28435.
2024-04-12 06:12:03 +09:00
Ronan Pigott
3a768db480 resolved: use NULL to represent an empty answer 2024-04-12 06:10:51 +09:00
Sam Leonard
657be6bdc7 vmspawn: enabled free page reporting in qemu by default
Fixes issue #32025, I saw no reason not to enable this by default so I
added it to the initial qemu cmdline.
2024-04-12 06:10:25 +09:00
Yu Watanabe
f87a606e10
Merge pull request #32213 from yuwata/network-ndisc-redirect-fix-sender-address-verification
network/ndisc: fix sender address verification of Redirect message
2024-04-12 06:09:44 +09:00
Ludwig Nussel
e7705e2191 nsresourced: don't redefine of bpf_rdonly_cast
bpf_rdonly_cast() was introduced in libbpf commit 688879f together with
the definition of a bpf_core_cast macro. So use that one to avoid
defining a prototype for bpf_rdonly_cast;
2024-04-12 05:55:27 +09:00
Yu Watanabe
bffa1c4889 sd-ndisc-redirect: fix verification of target address
See RFC 4861 section 8.1.
2024-04-12 04:59:42 +09:00
Yu Watanabe
9944629eee network/ndisc: fix verification of sender of Redirect message
The sender must be the first-hop router of the destination. Previously,
we only accepted Redirect messages whose sender is the current default
router with the highest priority.

See RFC 4861 section 8.1 for more details.

Fixes #31981.
2024-04-12 04:59:42 +09:00
Yu Watanabe
f76814757d network/ndisc: split out ndisc_redirect_verify_sender()
No functional change, preparation for later commits.
2024-04-12 04:59:42 +09:00
Yu Watanabe
d9688518ff network/ndisc: drop ndisc_request_redirect_route()
It is now called by only ndisc_redirect_handler(), and the check in
ndisc_request_redirect_route() is redundant and already done by
ndisc_redirect_verify_sender().

No functional change, just refactoring.
2024-04-12 04:59:42 +09:00
Yu Watanabe
ef6495ebb2 network/ndisc: redirect routes do not have lifetime
Hence, ndisc_router_update_redirect() does nothing. Let's remove it.
Also, ndisc_request_route() does not set lifetime for the route, it is
not necessary to set the third argument.
2024-04-12 04:59:42 +09:00
Yu Watanabe
33cab1d4ef network/ndisc: introduce ndisc_request_router_route()
Then, make ndisc_request_route() generic and usable for configuring
routes based on both Router Advertisement and Redirect messages.

Note, ndisc_request_router() never set lifetime, so the dropped comment
in ndisc_request_redirect_route() is wrong.

No functional change, just refactoring.
2024-04-12 04:59:42 +09:00
Yu Watanabe
2e73aa507b network/ndisc: do not set per-route MTU and hop limit
Setting MTU announced in RA message to routes is problematic, as the
value may be larger than the device MTU (IFLA_MTU), and in such case the
route cannot be used.

These two properties are now set per-interface, and gracefully handled
such invalid cases. Hence not necessary to set them to each route.

Follow-up for #32195.
2024-04-12 04:59:38 +09:00
Antonio Alvarez Feijoo
3ec49af973 journal-remote: fix two minor memory leaks 2024-04-12 02:37:25 +08:00
Frantisek Sumsal
fc49bf6041
Merge pull request #32228 from mrc0mmand/more-test-tweaks
A couple of follow-ups for #32189
2024-04-11 20:35:27 +02:00
Frantisek Sumsal
6d13aacaac test: make sd-journal-gatewayd tests even more debug-able
Unfortunately bfd30e8af6 is not enough and the test fails, that still
occasionally occur, don't provide enough information to see what's
wrong. Let's rework the test a little to improve this, namely:

  - redirect curl's output into a temporary file instead of piping it
    directly into the "check" expression; that way we can simply dump
    the temporary file when the test fails, providing potentially
    crucial information. We don't want to always dump everything to
    stdout, as some of the tests request an entire system journal (note
    that shell redirection instead of `curl -o file` is used
    intentionally, so the output file is always nuked first)
  - by dropping the pipes in curl commands we can re-enable pipefail
  - also, split some very long commands to multiple lines to (slightly)
    improve readability

Follow-up for bfd30e8af6.
2024-04-11 14:42:45 +02:00
Luca Boccassi
947143e897
Merge pull request #32215 from yuwata/network-ndisc-address-lifetime
network/ndisc: fix assignment of valid lifetime
2024-04-11 12:16:31 +01:00
Ludwig Nussel
aadbe55925 creds: allow null when decrypting
pcrlock writes a credential file using null key. Make sure systemd-creds
can show the file
2024-04-11 12:15:32 +01:00
Daan De Meyer
eff0a82534
Merge pull request #32216 from DaanDeMeyer/fix
journal-remote: Use sd_event_set_signal_exit()
2024-04-11 13:01:46 +02:00
Luca Boccassi
a6f0f20eb3 README.md: link bug bounty program 2024-04-11 12:58:53 +02:00