1
0
mirror of https://github.com/systemd/systemd.git synced 2025-01-25 10:04:04 +03:00

71574 Commits

Author SHA1 Message Date
Yu Watanabe
630023e2e4 TODO: fix typo
Follow-up for 666a348d1c98873c55115924751e6f2d3bdb7435.
2024-02-28 11:46:21 +09:00
Yu Watanabe
c4047829bb test-network: fix typo
Follow-up for a663ddc04e43a9234e00e47aed98bf2bbeb1573a.
2024-02-28 11:44:20 +09:00
Yu Watanabe
25413fbfc7 sd-ndisc: ignore Router Advertisement messages sent by the same interface 2024-02-28 11:40:50 +09:00
Yu Watanabe
c34cb1d645 sd-ndisc: use ICMP6Packet and ndisc_option_parse() 2024-02-28 11:37:36 +09:00
Yu Watanabe
45edf75c61 sd-ndisc: introduce ndisc_option_parse() helper function 2024-02-28 11:26:52 +09:00
Yu Watanabe
07db3ac66c icmp6-packet: introduce ICMP6Packet and several relevant functions 2024-02-28 11:26:39 +09:00
Luca Boccassi
d6e98b3d16 semaphore: set upstream build profile and set default branch to debian/master
Leave TEST_UPSTREAM=1 for now in case we switch branches via the hook
2024-02-28 01:08:57 +00:00
Luca Boccassi
4117a0d5e6 semaphore: enable backports to get new dependencies
Required due to building with debian/master branch
2024-02-28 01:08:57 +00:00
Luca Boccassi
132f785429 test/README: document how to add a new empty release to the PPA to migrate the CI to a new version 2024-02-28 01:08:57 +00:00
Luca Boccassi
f6387e7e3f test/README: update ubuntu IRC channel for CI help 2024-02-28 01:08:57 +00:00
Luca Boccassi
8040fa55a1 install: fix compiler warning about empty directive argument
On ppc64el with gcc 13.2 on Ubuntu 24.04:

3s In file included from ../src/basic/macro.h:386,
483s                  from ../src/basic/alloc-util.h:10,
483s                  from ../src/shared/install.c:12:
483s ../src/shared/install.c: In function ‘install_changes_dump’:
483s ../src/shared/install.c:432:64: error: ‘%s’ directive argument is null [-Werror=format-overflow=]
483s   432 |                         err = log_error_errno(changes[i].type, "Failed to %s unit, unit %s does not exist.",
483s       |                                                                ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
483s ../src/shared/install.c:432:75: note: format string is defined here
483s   432 |                         err = log_error_errno(changes[i].type, "Failed to %s unit, unit %s does not exist.",
2024-02-28 01:08:56 +00:00
Luca Boccassi
47c2a6e958
Merge pull request #31515 from keszybz/small-cleanups-after-review-of-stable-batch
Small cleanups after review of stable batch
2024-02-27 20:07:18 +00:00
Luca Boccassi
5b0addafab
Merge pull request #31442 from YHNdnzj/towards-cgroup-v1-deprecation
core: refuse cgroupv1 unless SYSTEMD_CGROUP_ENABLE_LEGACY_FORCE
2024-02-27 19:21:35 +00:00
Štěpán Němec
0f1a5ecc1a tmpfiles.d: avoid deprecated, undocumented syntax (s/F/f+/)
Fixes: eccebf4b0dcb ("systemd-tmpfiles: deprecate F for f+")
2024-02-27 19:21:06 +00:00
Antonio Alvarez Feijoo
532de87f74 core: remove duplicate serialization of cpu_sched_reset_on_fork
`c->cpu_sched_reset_on_fork` is serialized using
`exec-context-cpu-sched-reset-on-fork` and
`exec-context-cpu-scheduling-reset-on-fork`. Let's keep only the second one, to
serialize the value only if `cpu_sched_set` is true.
2024-02-27 19:20:44 +00:00
Jan Engelhardt
4094130b6f test: drop route from test-functions
I do not see `route` being exercised anywhere else, everything seems
to be on `ip route` already.
2024-02-27 17:51:56 +00:00
Zbigniew Jędrzejewski-Szmek
f7364e1a51 shared/pam-util: fix awkward tense in log message 2024-02-27 18:32:51 +01:00
Zbigniew Jędrzejewski-Szmek
2dc65c32b2 virt: wrap comment, add missing punctuation 2024-02-27 18:32:21 +01:00
Zbigniew Jędrzejewski-Szmek
3e6b040bec man/sd_bus_service_reconnect.c: normalize whitespace
For man pages, we generally indent with 2 spaces and wrap to ~80 columns.
2024-02-27 18:15:51 +01:00
Štěpán Němec
c959e17823 man, shell-completion: fix a few typos/language issues 2024-02-27 16:57:33 +00:00
Lennart Poettering
b96df6fa09 bootspec: don't complain about valid loader.conf settings
Let's not complain about various valid loader.conf settings we more
recently added. At the same time let's remove the half-assed userspace
parsers for the fields we actually do support but don't actually really
care about in userspace. There's really no point in storing strings away
that we are not using at all, hence just don#t.

Fixes: #31487
2024-02-27 16:57:19 +00:00
Jan Macku
c1631d4e49 ci(labeler): add rule for shell-completion label 2024-02-27 15:26:45 +00:00
Frantisek Sumsal
cc48d93870 test: use socat in unidirectional mode
By default socat open a separate r/w channel for each specified address,
and terminates the connection after .5s from receiving EOF on _either_
side. And since one side of that connection is an empty stdin, we reach
that EOF pretty quickly. Let's avoid this by using socat in
"reversed unidirectional" mode, where the first address is used only for
writing, and the second one is used only for reading.

Addresses:
  - https://github.com/systemd/systemd/issues/31500
  - https://github.com/systemd/systemd/issues/31493

Follow-up for 3456c89ac26.
2024-02-27 15:24:23 +00:00
Mike Yuan
6b19d5f021
NEWS: announce cgroup v1 deprecation 2024-02-27 23:10:50 +08:00
Mike Yuan
31323f21bb
meson: drop default-hierarchy= option, always use unified 2024-02-27 23:10:49 +08:00
Mike Yuan
f2512de82d
core: refuse cgroupv1 unless SYSTEMD_CGROUP_ENABLE_LEGACY_FORCE
Also, add a 30s sleep even if cgroup v1 is forced.

Closes #30852
2024-02-27 23:10:49 +08:00
Mike Yuan
f4f3efa4d7
shared/cgroup-setup: introduce cg_is_legacy_force_enabled 2024-02-27 23:08:59 +08:00
Mike Yuan
fbc8d90bd5
shared/mount-setup: split out mount_cgroup_legacy_controllers 2024-02-27 23:03:43 +08:00
Mike Yuan
72a9f4fa45
shared/mount-setup: minor modernization 2024-02-27 23:03:43 +08:00
Mike Yuan
821333263c
core/cgroup: remove obsolete TODO 2024-02-27 23:03:42 +08:00
Mike Yuan
62b5bd3c8a
core: mark JoinControllers= as DISABLED_LEGACY rather than _CONFIGURATION
Follow-up for 143fadf369a18449464956206226761e49be1928
2024-02-27 23:03:39 +08:00
Jan Macku
464b03d23c ci(lint): temporarily disable ShellCheck for bash-completion
This commit should be reverted once bash completion is in better shape when it comes to ShellCheck.
2024-02-27 15:41:28 +01:00
Jan Macku
f8457290c4 fix(SC2148): add ShellCheck directive to bash completion scripts 2024-02-27 15:41:28 +01:00
Jan Macku
b2e0caf882 ci(lint): exclude zsh completion from ShellCheck
zsh is not supported by ShellCheck
2024-02-27 15:41:28 +01:00
Štěpán Němec
da9e1f8322 zsh/_journalctl: complete -g, --case-sensitive, 'help' (pseudo-)facility 2024-02-27 13:50:15 +00:00
Lennart Poettering
666a348d1c update TODO 2024-02-27 14:40:31 +01:00
Yu Watanabe
2706065514 sysext: fix typo 2024-02-27 13:28:02 +09:00
Luca Boccassi
e5191faf44
Merge pull request #31000 from flatcar-hub/krnowak/mutable-overlays
systemd-sysext: Implement optional mutability for extensions
2024-02-26 16:17:11 +00:00
Luca Boccassi
86401d9c4c
Merge pull request #31458 from poettering/vmspawn-ptyfwd
vmspawn: implement TTY logic via ptyfwd
2024-02-26 15:44:50 +00:00
Luca Boccassi
26d85d9ee7
Merge pull request #31480 from rpigott/dnssec-maxwork
resolved: limit the number of signature validations in a transaction
2024-02-26 12:26:36 +00:00
Yu Watanabe
7036d472d0 network: fix use-after-free in {address,route}_remove_and_cancel()
Fixes #31485.
2024-02-26 11:02:13 +00:00
Lennart Poettering
b4679016f3 nspawn: hide ^] hint unless we are interactive mode
The hotkey only works in interactive mode hence don't mislead users
about it.
2024-02-26 11:55:11 +01:00
Lennart Poettering
795ec90cda vmspawn: use our own ptyfwd code for the console of a VM
Let's make systemd-nspawn use our own ptyfwd logic to handle the TTY by
default.

This adds a new setting --console=, inspired by nspawn's setting of the
same name. If --console=interactive= is used, then we'll do the TTY
dance on our own via ptyfwd, and thus get tinting, our usual hotkey
handling and similar.

Since qemu's own console is useful too, let's keep it around via
--console=native.

FInally, replace the --qemu-gui switch by --console=gui.
2024-02-26 11:54:37 +01:00
Lennart Poettering
2f7f08005b pretty-print: make tinting a bit less aggressive 2024-02-26 11:54:31 +01:00
Lennart Poettering
2537407075 run: use sd_event_set_signal_exit() at one more place 2024-02-26 11:53:31 +01:00
Yu Watanabe
52672db3f8 network/ndisc: rename Network.ipv6_accept_ra -> Network.ndisc
These settings are leated to sd-ndisc and Neighbor Discovery protocol.
Let's use more suitable name.
2024-02-26 11:38:57 +01:00
Alexander Zavyalov
e66c7eb6db Fix: Chuwi UBook X (CWI535) screen rotation matrix 2024-02-26 11:38:15 +01:00
Daan De Meyer
b9aa59080e ukify: Use VERSION_TAG instead of GIT_VERSION
GIT_VERSION isn't actually available so use VERSION_TAG instead which
is available.
2024-02-26 11:37:40 +01:00
Ronan Pigott
eba291124b resolved: reduce the maximum nsec3 iterations to 100
According to RFC9267, the 2500 value is not helpful, and in fact it can
be harmful to permit a large number of iterations. Combined with limits
on the number of signature validations, I expect this will mitigate the
impact of maliciously crafted domains designed to cause excessive
cryptographic work.
2024-02-26 01:55:57 -07:00
Ronan Pigott
67d0ce8843 resolved: limit the number of signature validations in a transaction
It has been demonstrated that tolerating an unbounded number of dnssec
signature validations is a bad idea. It is easy for a maliciously
crafted DNS reply to contain as many keytag collisions as desired,
causing us to iterate every dnskey and signature combination in vain.

The solution is to impose a maximum number of validations we will
tolerate. While collisions are not hard to craft, I still expect they
are unlikely in the wild so it should be safe to pick fairly small
values.

Here two limits are imposed: one on the maximum number of invalid
signatures encountered per rrset, and another on the total number of
validations performed per transaction.
2024-02-26 01:55:57 -07:00