IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Some of the log message stricts used proper uppercasing, others didn't.
Fix that to make it uniform.
(cherry picked from commit 620a03f669a9075f2d78c2fcf7db45f7046481bc)
This might have the effect that some DNS server or search domain
disappears, hence rewrite the relevant files.
See: #27543
(cherry picked from commit 562f7bde8872b4fd03db11bf25c9dd294fd2c186)
Limits should be enforced, but not in a way real setups collide with
them.
There have been multiple reports that current limits are too low, hence
raise them 8x.
Fixes: #24852
(cherry picked from commit af7674f4ad30e83efc84f04c45f01e6eff137702)
Previously, GREEDY_REALLOC_APPEND would compile perfectly fine and cause
subtle memory corruption if the caller messes up the type they're passing
in (i.e. by forgetting to pass-by-reference when appending a Type* to an
array of Type*). Now this will lead to compilation failure
(cherry picked from commit fafc3c2d5c7fae6bad0f6dc51611ae9390589ade)
Various archs do not know the "io port" concept, hence check for the
"iomem" configuration, too.
Fixes: #34800
(cherry picked from commit 9da582984b632a75f562a304ff96dd1043281430)
Otherwise, journal check in testcase_mount_ratelimit() may fail and we
need to wait 2 minutes.
(cherry picked from commit 73970cdcd1cebe49a2858ce016c0cd4ce6037b2e)
../src/resolve/resolved-bus.c: In function ‘call_link_method’:
../src/resolve/resolved-bus.c:1769:16: warning: ‘l’ may be used uninitialized [-Wmaybe-uninitialized]
1769 | return handler(message, l, error);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~
../src/resolve/resolved-bus.c:1755:15: note: ‘l’ was declared here
1755 | Link *l;
| ^
../src/resolve/resolved-bus.c: In function ‘bus_method_get_link’:
../src/resolve/resolved-bus.c:1828:13: warning: ‘l’ may be used uninitialized [-Wmaybe-uninitialized]
1828 | p = link_bus_path(l);
| ^~~~~~~~~~~~~~~~
../src/resolve/resolved-bus.c:1816:15: note: ‘l’ was declared here
1816 | Link *l;
| ^
(cherry picked from commit 5f911aca8434b4163514019fcb4c1c967a50617c)
Even optarg is erased, copied string was not erased.
Let's erase the copied key for safety.
(cherry picked from commit d0ad4e88d4e6b5e312c359a6505125f7e088f3e3)
'Default Memory Pressure Duration' field in oomctl, which can be configured
with DefaultMemoryPressureDurationSec= in oomd.conf, is a global config.
Let's check it earlier.
This also drops unnecessary cleanup at the beginning.
(cherry picked from commit 23fb9b63cd12f2040419dbc846d7a87e5193935c)
Fedora and friends has a drop-in config for the settings in
/usr/lib/systemd/user/slice.d/ . Hence, settings in the main .slice may be
overridden. Let's set below in a drop-in with higher decimal prefix.
Also, rename override.conf -> 99-managed-oom-preference.conf for the same reason.
(cherry picked from commit 1473836a1e3c528221439e3b0ce90e729b31adb3)
Fixes a regression caused by 84ebe6f01381c21b88e37e856956c9c9ee6781d6 (v250).
Fixes#34773.
(cherry picked from commit 77bbd9f1bd2b01bcb2a49ed42c6dc06613532bcf)
Ensure that we always attempt to mount the `ESP` partition to `/boot`
when there is no `XBOOTLDR` partition.
Fixes an issue when booting without a `XBOOTLDR` partition and an empty
root partition, since it would mount the `ESP` partition to `/efi/`
unconditionally causing boot entries to not be under `/boot/` as
recommended by the Boot Loader Specification.
(cherry picked from commit 28dbee46d5bfdcfa601e80e248dbde22b8d65664)
Do not fail if the directory is missing entirely, other than just empty
Follow-up for 00f546e25e8
Follow-up for 5e79dd96a88
Follow-up for 622efc544dc
(cherry picked from commit e1efa9d8044a7564844b8d599eda4b59eb1152e9)
If the vpick directory is configured to be ignored if missing, do not
fail and just skip ahead.
Follow-up for 5e79dd96a88
Follow-up for 622efc544dc
(cherry picked from commit 00f546e25e8e46e5e289e1f2fc2ed3dcc6999223)
Since the root directory was being suppressed to NULL, the subsequent
check would erroneously think that no working directory was specified.
This caused the default working directory to be applied instead.
(cherry picked from commit 0054a2acc3894e45171806bd64887211820b8eaf)
Follow-up for f963f8953daeab03b892616ce0c65f7572932187 and
1536b7b2d00819615bf8eba194de7ccd20c3689f.
(cherry picked from commit 8fead9c9e46e5f71ae6f6b038ff7f72c5a13b663)
As another device may be created with the same device node while udevd
is processing the remove event of the previous owner of the device node.
This also adds comment why we skip watching device node on remove.
(cherry picked from commit e8df18c9e171c87aebb2df8ac3bdd8f116236892)
This is a new syscall provided by the kernel used to implement faster
uprobes. It's not supposed to be called by userspace, but only by kernel
generated uprobe code.
It should be fine to allow this, as the kernel authenticates the
invocation itself, and we shouldn't break compat with things.
Note that this allowlisting is not sufficient to make ureprobe() work.
libseccomp must be tought the syscall too, but this can happen
independently.
Fixes: #34615
(cherry picked from commit d693c483a2bb3eae490fd78d68fc16d0a731fee2)
When building unprivileged, the testuser home directory ends up
owned by root:root because mkosi can't chown directories to other
owners when running unprivileged. So let's fix up the testuser
ownership on first boot with tmpfiles instead.
(cherry picked from commit 0d0ecaab000cf2768a3edf1e73119bf2fce952b0)
Add a note to the service-file naming scheme that reminds developers
that those names might be aliases. Hence, when parsing such unit names,
the entire name-array of a unit must be parsed, rather than just the
unit ID.
The service-name of existing applications might be already part of their
API. Hence, not all applications can switch the service ID to this new
naming scheme, but can provide suitable aliases. Document this behavior.
(cherry picked from commit b3b7cf8b7c35df14c6eb4f79da1a241dc0aa8c7e)
The <RANDOM> part is optional in the naming scheme of application units.
However, this is only true for service files. Scope units must include
the <RANDOM> part, otherwise it would be impossible to parse:
The schema would be:
`app[-<launcher>]-<ApplicationID>[-<RANDOM>].scope`
in which case a two-part name would be impossible to parse, since it is
unclear whether the launcher of the random bit where omitted.
(cherry picked from commit cbaebf811e6edb79279f72950b2d63189be314d3)
This effectively reverts 37d15cd132f3a8a0bf42fb252c1604e804171ff2.
The offending commit wrongly assumed that the second READY=1
notification is for system scope only, but it also serves the purpose
of flushing out previous STATUS= containing user unit job status.
(cherry picked from commit da81a108653e2ef19102698dbc0184bd18b084d9)
The annotation about omittance is meant to be about the `RANDOM` string.
However, the current formatting makes it look like the entire naming
scheme is optional. Fix this.
(cherry picked from commit 5697bce82b1b37602255ac12e4a8f4a12305dc03)
We don't support split /usr/ anymore. Hence fix the paths. This
apparently matters because of PK validating the binary path.
Fixes: #34712
(cherry picked from commit c28a13b5afcf021191494bfa565c55b784dc08fa)
The documentation claimed that ExecStartPre=/ExecStartPost= accepts
multiple command lines, in contrast to ExecStart=. This is half an
untruth, because ExecStart= allows that too – as long as Type=oneshot is
set.
Hence, reword this a bit, and do not emphasize the contrast.
Prompted by: #34570
(cherry picked from commit c3069a6bfb454a0e02607ad21b5badf9847fe11a)
This change makes it possible for repart to create dm-verity hash
partitions for a custom amount of protected data. When the property
`SizeMaxBytes=` is specified for a dm-verity data partition, the size
of the corresponding hash partition is set to accommodate hash data
for this maximum size, rather than the actual contents its data
sibling. However, the contained hash data continues to be generated
from said sibling.
(cherry picked from commit d3032e651e2131c47d276e3fbdcbdf9fc51c8ef9)
In mount_load_proc_self_mountinfo(), device_found_node() is synchronously called
during the traversal of mountinfo entries. When there are a large number of
mount points, and the device types are not significantly different, this results
in excessive time consumption during device discovery, causing a performance
bottleneck. This issue is particularly prominent on servers with a large number
of cores in IDC.
This patch decouples device discovery from the mountinfo traversal process,
avoiding redundant device operations. As a result, it significantly improves
performance, especially in environments with numerous mount points.
Signed-off-by: Chen Guanqiao <chen.chenchacha@foxmail.com>
(cherry picked from commit 00ad3f02275b507a753495ace5e5f84cb38b604d)
