IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
The only reason to have these split up is to be able to build extension
images that use the base image as a base tree and install extra packages.
Until we have such a use case, let's merge the base and system images to
simplify things a bit.
We keep the mkosi.images/ directory to not cause too many conflicts with
the integration tests PR.
We normally expect sd-resolved only to return the validated subset of a
validated response. In some cases we give up on validating, because we
have enough information already to conclude the answer is bogus.
Let's be sure to always reply with only the validated subset in these
cases too, so that we don't return bogus answers and confuse primitive
clients that won't see the SERVFAIL rcode.
Fixes a bug introduced in e44f06065bf20e8d0e4adacff61350ebd36f299e: it was
supposed to be a refactoring, but unfortunately FOREACH_ARRAY is implemented
using a for loop, so when the 'goto finish' was replaced by 'break', it only
broke the inner loop, leading to a infinite loop.
Today listen file descriptors created by socket unit don't get passed to
commands in Exec{Start,Stop}{Pre,Post}= socket options.
This prevents ExecXYZ= commands from accessing the created socket FDs to do
any kind of system setup which involves the socket but is not covered by
existing socket unit options.
One concrete example is to insert a socket FD into a BPF map capable of
holding socket references, such as BPF sockmap/sockhash [1] or
reuseport_sockarray [2]. Or, similarly, send the file descriptor with
SCM_RIGHTS to another process, which has access to a BPF map for storing
sockets.
To unblock this use case, pass ListenXYZ= file descriptors to ExecXYZ=
commands as listen FDs [4]. As an exception, ExecStartPre= command does not
inherit any file descriptors because it gets invoked before the listen FDs
are created.
This new behavior can potentially break existing configurations. Commands
invoked from ExecXYZ= might not expect to inherit file descriptors through
sd_listen_fds protocol.
To prevent breakage, add a new socket unit parameter,
PassFileDescriptorsToExec=, to control whether ExecXYZ= programs inherit
listen FDs.
[1] https://docs.kernel.org/bpf/map_sockmap.html
[2] https://lore.kernel.org/r/20180808075917.3009181-1-kafai@fb.com
[3] https://man.archlinux.org/man/socket.7#SO_INCOMING_CPU
[4] https://www.freedesktop.org/software/systemd/man/latest/sd_listen_fds.html
And rename it to id128_get_boot_for_machine().
This also splits out id128_get_boot() from sd_id128_get_boot(), and
make id128_get_boot_for_machine() use it.
- split it into small pieces to reduce indentation,
- return earlier if no filter specified,
- use journal_add_matchf() and journal_add_match_pair(),
chase_and_stat(), is_symlink(), and sd_device_new_from_devname(),
- replace sd_device_get_devname() + stat() with sd_device_get_devnum(),
- refuse to install filter by path with --root, --image, or --machine
at least now, as previously it has not worked anyway.
- add missing assertions,
- use set_ensure_consume() and strv_consume(),
- use string_hash_ops_free and _cleanup_set_free_,
- use strv_fnmatch_full(),
- replace unused counter with a boolean flag,
- return earlier if no unit filtering is requested.
Drop connections and caches and reload config from files, to allow
for low-interruptions updates, and hook up to the usual SIGHUP and
ExecReload=. Mark servers and services configured directly via D-Bus
so that they can be kept around, and only the configuration file
settings are dropped and reloaded.
Fixes https://github.com/systemd/systemd/issues/17503
Fixes https://github.com/systemd/systemd/issues/20604
