1
0
mirror of https://github.com/systemd/systemd.git synced 2024-10-30 06:25:37 +03:00
Commit Graph

59865 Commits

Author SHA1 Message Date
Yu Watanabe
d3fcb73678 test-50-dissect: do not fail test on cleanup
These paths are read-only mount points. Hence, we cannot remove the
contents.
2022-09-17 21:36:18 +09:00
Yu Watanabe
759b4b4a2a test-50-dissect: check mount destination instead of mount source
And rebreak long lines.

This should take no effective change, just refactoring.
2022-09-17 21:36:18 +09:00
Zbigniew Jędrzejewski-Szmek
15b3f7e309
Merge pull request #24670 from keszybz/early-boot-ordering
Early boot ordering
2022-09-17 13:26:51 +02:00
Daan De Meyer
9bf36477bf
Merge pull request #24703 from yuwata/dissect-image-verity-partition-make-fail
dissect-image: make verity_partition() actually fail when all attempts of activation failed
2022-09-17 09:57:20 +02:00
Yu Watanabe
ee3455cf11 fd-util: rename CLOSE_AND_REPLACE() -> close_and_replace()
We have free_and_replace() and friends, they are all named with lower
letters, even they are macros, not functions.
For consistency, let's rename CLOSE_AND_REPLACE() with lower letters.

This also mekes the macro used more places.
2022-09-17 09:54:41 +02:00
Yu Watanabe
9972e6d6ed dissect-image: make verity_partition() actually fail when all attempts of activation failed 2022-09-17 05:18:25 +09:00
Yu Watanabe
ad361a50fb dissect-image: split out verity_timeout()
To make verity_partition() shorten. No functional changes, just
refactoring.
2022-09-17 05:18:25 +09:00
Yu Watanabe
cb19517490 man: explicitly document that "reboot -f" is different from "systemctl reboot -f"
Closes #24696.
2022-09-17 05:15:36 +09:00
Lennart Poettering
c941b65075 nspawn: fix two error strings 2022-09-17 05:15:02 +09:00
Dan Streetman
137d162c42 add CAP_LINUX_IMMUTABLE to systemd-machined, so it can handle machinectl read-only requests
Without this, the 'machinectl read-only ...' command always fails.
2022-09-16 19:50:52 +01:00
Yu Watanabe
dd35a61caf sd-netlink: unexport sd-netlink
This effectively reverts 84e1001541.

The sd-netlink library has several issues, and we should not export it
without solving them. See issues #24258 and #24124.
2022-09-17 01:31:57 +09:00
Yu Watanabe
54ee1cd69d
Merge pull request #24692 from yuwata/dissect-image-fix-memleak
dissect-image: fix memleak
2022-09-17 01:31:32 +09:00
Lennart Poettering
d52e1c81b9 update TODO
Seeding RNG via SMBIOS is bad idea, since often measurement of SMBIOS
tables is used for TPM policies, under the assumption SMBIOS remains
static after a certain point.
2022-09-16 16:24:56 +01:00
Lennart Poettering
c5be1ceb08 tmpfiles: let's suffix path to dirs with '/' also in log messages 2022-09-17 00:20:24 +09:00
Lennart Poettering
0af7e6ee73 tmpfiles: drop redundant forward declarations 2022-09-17 00:20:10 +09:00
Yu Watanabe
ab8e6464b5
Merge pull request #24664 from yuwata/watchdog
watchdog: open /dev/watchdog0 only if it exists
2022-09-17 00:18:53 +09:00
Yu Watanabe
e99b370ccb
Merge pull request #24688 from yuwata/watchdog-dbus-properties-follow-ups
pid1: follow-ups for watchdog DBus properties
2022-09-17 00:18:05 +09:00
Daniel Braunwarth
43deb1a8dc journalctl: respect --quiet flag during file concistency verification
Fixes #24563.
2022-09-17 00:17:47 +09:00
Yu Watanabe
e9fe11090e
Merge pull request #24685 from yuwata/uid-range
uid-range: several cleanups
2022-09-17 00:16:07 +09:00
Yu Watanabe
5bf5013fc9 dissect-image: handle all non-negative return values as success
No functional changes, just coding syle update.
2022-09-16 23:11:09 +09:00
Yu Watanabe
041e2edac8 dissect-image: fix memleak on failure 2022-09-16 23:11:09 +09:00
Yu Watanabe
a6b7ebaafa watchdog: use /dev/watchdog0 only if it exists
Fixes #24661.
2022-09-16 22:34:37 +09:00
Lennart Poettering
72a773775d update TODO 2022-09-16 13:57:05 +01:00
Yu Watanabe
3e911a0d0e pid1: drop redundant DBus properties
Follow-up for 10f3f4ed01.

We already have RuntimeWatchdogUSec or friends. Let's not introduce
redundant properties.

Also, drop the const qualifier for WatchdogLastPingTimestamp, as they
are actually not constant.
2022-09-16 21:53:28 +09:00
Yu Watanabe
9341f41801 watchdog: explicitly initialize global variable
No functional change, as they were implicitly initialized with zero.
2022-09-16 21:48:39 +09:00
Yu Watanabe
269073fda6 test: add tests for uid_range_coalesce() 2022-09-16 21:11:19 +09:00
Yu Watanabe
8dcc66cefc uid-range: tie up number and array of uid range entries
This renames UidRange -> UidRangeEntry, and reintroduces UidRange which
contains the array of UidRangeEntry and its size.
No fucntional changes, just refactoring.
2022-09-16 20:56:58 +09:00
Yu Watanabe
6cc6cd9289 uid-range: make uid_range_intersect() take two UidRange objects
No functional changes, just refactoring.
2022-09-16 20:52:47 +09:00
Yu Watanabe
f6c13f9f95 uid-range: optimize to load uid_map file
If uid_map contains many lines, then the previous logic takes O(n^2 log n),
This makes O(n log n).
2022-09-16 20:52:36 +09:00
Yu Watanabe
b5739767da uid-range: escape from loop earlier
The array of uid range entries are already sorted. Hence, if x and y are
does not have intersection, then the remaining entries neither have
intersection with x.
2022-09-16 20:50:00 +09:00
Yu Watanabe
34eeba475d uid-range: sort uid range entries in uid_range_coalesce()
As the logic in uid_range_coalesce() assumes the array of entries are
already sorted.
No functional changes, just refactoring.
2022-09-16 20:49:55 +09:00
Yu Watanabe
7cf337c50f uid-range: use parse_uid_range() 2022-09-16 20:48:53 +09:00
Yu Watanabe
fb76e6a710 userdbctl: fix arrow direction 2022-09-16 20:48:53 +09:00
Yu Watanabe
3498609f08 userdbctl: do not show meaningless boundaries when no uid range available 2022-09-16 20:48:53 +09:00
Yu Watanabe
f91c23f785 sd-device-monitor: do not trigger assertion when uid_map is not empty
Follow-up for c0aa23cf1e.
2022-09-16 13:05:51 +02:00
drosdeck
05d5db01b7 Fix Positivo DUO k116 key toggle touchpad 2022-09-16 08:23:52 +09:00
Yu Watanabe
8cfde28b61 update TODO 2022-09-16 04:18:58 +09:00
David Edmundson
8c0a6a96fe xdg-autostart-service: expand tilde in Exec lines
In typical desktop file parsing it is expected that "~" expands to a
home directory.

Users may write an autostart file with "Exec=myCoolService
~/.someSpecialConfig" which worked before the systemd migration.
2022-09-16 03:43:17 +09:00
Yu Watanabe
f562abe296 unit: drop ProtectClock=yes from systemd-udevd.service
This partially reverts cabc1c6d7a.

The setting ProtectClock= implies DeviceAllow=, which is not suitable
for udevd. Although we are slowly removing cgropsv1 support, but
DeviceAllow= with cgroupsv1 is necessarily racy, and reloading PID1
during the early boot process may cause issues like #24668.

Let's disable ProtectClock= for udevd. And, if necessary, let's
explicitly drop CAP_SYS_TIME and CAP_WAKE_ALARM (and possibly others)
by using CapabilityBoundingSet= later.

Fixes #24668.
2022-09-16 03:41:29 +09:00
j00512545
365c2885f0 fix typo in log 2022-09-15 17:46:04 +02:00
Zbigniew Jędrzejewski-Szmek
89c4dc52b3 units: drop path to executable in $PATH
We don't have it other places, so let's make things a bit simpler.
2022-09-15 14:59:11 +02:00
Zbigniew Jędrzejewski-Szmek
5b5ec138c6 units: make sure that initrd-switch-root.service pulls in .target
Normally we queue initrd-switch-root.target/isolate, which pulls in the
service via Wants= in the .target unit file. But if the service is instead
started directly, there may be nothing pulling in the target. Let's make
sure that the reference exists.
2022-09-15 14:59:11 +02:00
Zbigniew Jędrzejewski-Szmek
3449814b8b units: add dependency ordering for emergency.service conflicts
If we want to stop those services which would compete for access to
the console, we need to have an ordering so that they are actually
stopped before the other things starts, not asynchronously.
2022-09-15 14:59:11 +02:00
Zbigniew Jędrzejewski-Szmek
7c0e2b5559 units: add ordering dependencies on initrd-switch-root.target
For shutdown, we queue shutdown.target/start, so in every unit which should be
stopped *before* shutdown, we need both Conflicts and an ordering dependency
with shutdown.target (either Before= or After= would work, because stop jobs
are always ordered before start jobs).

For initrd transition, we queue initrd-switch-root.service/isolate. This
automatically creates a /stop job for every running unit without
IgnoreOnIsolate. But no ordering dependency is created, unless the unit has a
(possibly transitive) ordering dependency on initrd-switch-root.service.
Since most units must stop before the transition, we should add the ordering
dependency. It is nicer to use Before=initrd-switch-root.target for this.
initrd-switch-root.target is ordered before initrd-switch-root.service, so
the effect it the same when both are in a transaction.

Fixes #23745.

To also cover the case where somebody is emergency mode in the initrd and
queues initrd-switch-root.service/start (not isolate), also add
Conflicts=initrd-switch-root.target, so various units are stopped properly.
This extends 2525682565 to cover all the other
services that are touched. It could be consider "operator error", but it's
easy to make and it's nicer if we can make this more foolproof.
2022-09-15 14:59:11 +02:00
Zbigniew Jędrzejewski-Szmek
d5fd07cdee units/systemd-network-generator.service: add forgotten ordering for shutdown 2022-09-15 14:59:11 +02:00
Zbigniew Jędrzejewski-Szmek
9810e41942 units: reorder/split unit dependency blocks
The block is reordered and split to have:
  1. description + documentation
  2. (optionally) conditions
  3. all the dependencies
I think it's easier to read the units this way.
Also, the Conflicts+Before is seperated out to separate lines.
The ordering dependency is "fake", because it could just as well be
After=, we are adding it to force ordering wrt. shutdown.target, and
it plays a different role than the other Before=, which are about a
real ordering on boot.
2022-09-15 14:59:11 +02:00
Yu Watanabe
88ffd21014 test-date: do not fail even on ~50 years later
Fixes #16181.
2022-09-15 13:48:55 +01:00
Yu Watanabe
a900274915 test-seccomp: support systems that sched_setscheduler() is already limited
Fixes #17078.
2022-09-15 13:47:17 +01:00
Heinrich Schuchardt
132c73b57a meson: add libatomic dependency
Building with GCC 12.2 and binutils 2.39 fails on riscv64 Ubuntu Kinetic
with:

FAILED: systemd-oomd
/usr/bin/ld: systemd-oomd.p/src_oom_oomd-util.c.o:
in function `oomd_cgroup_context_acquire':
build/../src/oom/oomd-util.c:415:
undefined reference to `__atomic_exchange_1'

We have to link with -latomic.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-09-15 13:44:11 +01:00
Antonio Alvarez Feijoo
82ff978d0b bash-completion: add missing options to systemd-cryptenroll 2022-09-15 13:40:23 +01:00