IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
NEWS for `219` references `machinectl list-images` to describe the introduced clone feature - this looks like a copy'n'paste problem.
Use `machinectl clone` instead.
This imports most of http://www.freedesktop.org/wiki/Software/systemd/SystemUpdates/
to turn it into a man page. Similarly for the man page about generators,
this will make it easier to keep up-to-date, keep a history of changes,
and make it more discoverable for end-users.
The attribute was removed in commit c047507 in the clang repository as it
was never properly implemented anyway. Avoid using the attribute with
clang because it generates a ton of annoying warnings.
We called sendfile with 16kb (a.k.a. COPY_BUFFER_SIZE) as the maximum
number of bytes to copy. This seems rather inefficient, especially with
large files. Instead, call sendfile with a "large" maximum.
What "large" max means is a bit tricky: current file offset + max
must fit in loff_t. This means that as we call sendfile more than once,
we have to lower the max size.
With this patch, test-copy calls sendfile twice, e.g.:
sendfile(4, 3, NULL, 9223372036854775807) = 738760
sendfile(4, 3, NULL, 9223372036854037047) = 0
The second call is necessary to determine EOF.
I started looking into adding copy_file_range support, and discovered
that we can improve the way we call sendfile:
- sendfile(2) man page is missing an important bit: the number of bytes to
copy cannot be too big (SSIZE_MAX actually), and the description of EINVAL
return code does not mention this either,
- our implementation works but calls sendfile over and over with a small
size, which seems suboptimal.
First add a test which (under strace) can be used to see current behaviour.
It was added in 2.6.39, and causes an assertion to fail when running in mock
hosted on 2.6.23-based RHEL-6:
Assertion 'clock_gettime(map_clock_id(clock_id), &ts) == 0' failed at systemd/src/basic/time-util.c:70, function now(). Aborting.
Since glibc is moving away from implicitly including sys/sysmacros.h
all the time via sys/types.h, include the header directly in more
places. This seems to cover most makedev/major/minor usage.
lldp_start_timer() was only called during sd_lldp_get_neighbors().
Ensure that the timer is (re-)started when a new neighbor appears.
Otherwise, the timer is not started when relying on the events alone.
Fixes: 34437b4f9c
In some cases we do not have a udev device when setting up a unit
(certainly the code gracefully handles this). However, we do
then go on to compare the path via path_equal which will assert
if a null value is passed in.
See https://bugs.mageia.org/show_bug.cgi?id=17766
Not sure if this is the correct fix, but it avoids the crash
Simply avoid the trouble and use a void* if the define
is missing. We lose type safety, but who cares.
sigaction(2) says that siginfo_t requires _POSIX_C_SOURCE >= 199309L,
but we can be a bit more generous and use the same define
as /usr/include/signal.h.
Currently socket_address_listen() calls mac_selinux_bind() to bind a UNIX
socket and checks its return value and errno for EADDRINUSE. This is not
correct. When there's an SELinux context change made for the new socket,
bind() is not the last function called in mac_selinux_bind(). In that
case the last call is setfscreatecon() from libselinux which can change
errno as it uses access() to check if /proc/thread-self is available.
It fails on kernels before 3.17 and errno is set to ENOENT.
It's safe to check only the return value at it's set to -errno.
If the user specifies an selinux_apifs_context all content created in
the container including /dev/console should use this label.
Currently when this uses the default label it gets labeled user_devpts_t,
which would require us to write a policy allowing container processes to
manage user_devpts_t. This means that an escaped process would be allowed
to attack all users terminals as well as other container terminals. Changing
the label to match the apifs_context, means the processes would only be allowed
to manage their specific tty.
This change fixes a problem preventing RKT containers from working with systemd-nspawn.