1
0
mirror of https://github.com/systemd/systemd.git synced 2024-10-30 23:21:22 +03:00
Commit Graph

60169 Commits

Author SHA1 Message Date
Daan De Meyer
e3a1cd9e98
Merge pull request #24746 from DaanDeMeyer/repart-split
repart: Add --split option to generate split artifacts
2022-09-22 19:09:12 +02:00
Lennart Poettering
7dad781102 update TODO 2022-09-22 16:57:58 +02:00
Lennart Poettering
1a9c67a98a measure: clarify we actually try to calculate for all four banks by default 2022-09-22 16:56:57 +02:00
Lennart Poettering
a434e25f52 measure: make --public-key= optional if "sign" is called
We can derive the public key from the private key, so let's do that, to
make things a bit easier.
2022-09-22 16:55:56 +02:00
Lennart Poettering
6ca0016398 measure: allow pre-calculating PCR values for multiple boot phases 2022-09-22 16:54:48 +02:00
Lennart Poettering
40f1856791 units: add pcrphase units 2022-09-22 16:53:34 +02:00
Lennart Poettering
708d752479 boot: add new pcrphase tool to measure barrier strings into PCR 11 2022-09-22 16:52:06 +02:00
Lennart Poettering
c5bf1f85cb tpm2-util: add helper for determining enabled/used PCR banks 2022-09-22 16:50:53 +02:00
Lennart Poettering
59fafaee5d tpm2-util: split out code that checks if bank has 24 pcrs into helper function of its own
Just some refactoring, not change in behaviour.
2022-09-22 16:49:47 +02:00
Lennart Poettering
1421943a71 tpm2-util: pick up Esys_PCR_Extend() symbol too 2022-09-22 16:48:11 +02:00
Zbigniew Jędrzejewski-Szmek
28f619d174
Merge pull request #24781 from DaanDeMeyer/link-remove-check
systemctl: Remove check that linked unit files must contain a "/"
2022-09-22 15:38:16 +02:00
Daan De Meyer
4cee83331c repart: Add --split option to generate split artifacts
For use with sysupdate or other systemd tooling, it's useful to be
able to generate split artifacts from disk images, where each
partition is written to a separate file. Let's support this with
a --split switch for repart and a SplitName= configuration option.

--split enables split artifacts generation, and SplitName= configures
for which partition to generate split artifacts, and which suffix to
add to the split artifact name.

For SplitName=, we add support for some extra specifiers, more specifically
the partition Type UUID and the partition UUID.
2022-09-22 15:10:03 +02:00
Daan De Meyer
1e58a0a82c shared: Add GPT_PARTITION_TYPE_UUID_TO_STRING_HARDER() 2022-09-22 14:54:55 +02:00
Daan De Meyer
7b52dc7f4d shared: Add specifier_uint64() 2022-09-22 14:52:37 +02:00
Daan De Meyer
eff69daa69 systemctl: Fix style nit 2022-09-22 14:42:00 +02:00
Lennart Poettering
fecc447766 run: make --working-directory= work for --scope too
This sounds like a more user-friendly alternative to #24780
2022-09-22 14:22:21 +02:00
Lennart Poettering
c7b5ea6955 Revert "systemd-run: refuse --working-directory option with --scope"
This reverts commit 780c805537.
2022-09-22 14:19:10 +02:00
Lennart Poettering
add0c9b8bf
Merge pull request #24768 from keszybz/table-not-available-2
Adjust table n/a text in more places
2022-09-22 14:17:40 +02:00
Daan De Meyer
74235f6d08 shared: Add specifier_id128() and specifier_uuid() 2022-09-22 14:16:57 +02:00
Luca Boccassi
e5a2977c9a
Merge pull request #24620 from poettering/measure-tweaks
measure: some tweaks
2022-09-22 12:53:48 +01:00
Frantisek Sumsal
c03896235d README: drop the LGTM badge 2022-09-22 13:47:49 +02:00
Daan De Meyer
445d29766a systemctl: Improve link directory separator error message
Let's suggest users try ./<filename> when they encounter this error.
2022-09-22 11:57:51 +02:00
Zbigniew Jędrzejewski-Szmek
29ca430865 shared/format-table: use empty_string instead of hardcoding "-" for invalid values
As requested in https://github.com/systemd/systemd/pull/24708#discussion_r973607866.
2022-09-22 10:16:30 +02:00
Zbigniew Jędrzejewski-Szmek
c8b62cf600 shared/format-table: use enum instead of Table.empty_string
All users were setting this to some static string (usually "-"), so let's
simplify things by not doing strdup, but instead limiting callers to a fixed
set of values. In preparation for the next commit, the function is renamed from
"empty" to "replacement", because it'll be used for more than empty fields. I
didn't do the whole string-table setup, because it's all used internally in one
file and this way we can immediately assert if an invalid value is passed in.

Some callers were (void)ing the error, others were ignoring it, and others
propagating. It's nicer to remove the boilerplate.
2022-09-22 10:16:05 +02:00
Joost Heitbrink
780c805537 systemd-run: refuse --working-directory option with --scope
systemd-run's man page says the following about the working directory of
the process:

"If a command is run as transient scope unit, it will be executed
by systemd-run itself as parent process and will thus inherit the
execution environment of the caller."

This means working directory assignment does not work, as evidenced by
the following invocation:
```bash
$ systemd-run --scope --property=WorkingDirectory=/tmp/ bash -c 'echo $(pwd)'
Unknown assignment: WorkingDirectory=/tmp/
```

However, using the shorthand switch --working-directory silently ignores
this instead of giving a similar error.
```bash
systemd-run --scope --user --working-directory=/tmp/ bash -c 'echo $(pwd)'
Running scope as unit: run-r19cc32e744e64285814dbf2204637a2b.scope
/home/test/projects/systemd
```

This commit fixes this by explicitly generating an error instead of
silently ignoring the switch:
```bash
$ systemd-run --scope --working-directory=/tmp/ bash -c 'echo $(pwd)'
--working-directory is not supported in --scope mode.
```
2022-09-22 08:12:08 +09:00
Joost Heitbrink
63ed97efc3 man: don't mention Socket files in Scope man page 2022-09-22 08:09:05 +09:00
Lennart Poettering
4d0d34b4e7
Merge pull request #24709 from keszybz/partition-table-constants
Expose various GPT UUIDs as public contants and link them up in docs
2022-09-21 20:07:21 +02:00
Lennart Poettering
df4bed3f92
Merge pull request #24753 from DaanDeMeyer/repart-squashfs
repart: Add squashfs support
2022-09-21 19:49:10 +02:00
Edson Juliano Drosdeck
e65b02f831
Fix inverted rotation in the Positivo DUO #24769 (#24770)
hwdb: Fix  inverted rotation in the Positivo DUO 

Fixes: #24769
2022-09-21 19:46:42 +02:00
Lennart Poettering
64650de778 stub: fix conditionalization of initrd assembly
We forgot to conditionalize this on pcrsig/pcrpkey too. So if you have
ne creds or sysext configured we actually wouldn't pass pcrsig/pcrpkey
along. Let's fix that.
2022-09-21 19:43:48 +02:00
Zbigniew Jędrzejewski-Szmek
ed1cf1d970 sd-gpt: adjust comments and use UINT64_C() 2022-09-21 15:30:32 +02:00
Zbigniew Jędrzejewski-Szmek
da7dfd8ef5 docs/DPS: use the SD_GPT_* constants here too 2022-09-21 15:30:31 +02:00
Zbigniew Jędrzejewski-Szmek
5515f2169c networkctl: use "-" for empty fields
This looks nicer. Some fields were already using "-" as fallback, e.g. Speed,
so this makes things more consistent too.
2022-09-21 14:48:28 +02:00
Zbigniew Jędrzejewski-Szmek
639405b934 hostnamectl,localectl: use "(unset)" in empty fields
"n/a" is more ambiguous: not available or not set or maybe we didn't check it.
Let's just say directly that the field is not set.
2022-09-21 14:48:28 +02:00
Daan De Meyer
95bfd3cd50 repart: Add squashfs support
To make this work, we have to set up everything in a temporary
directory tree that we can pass to mksquashfs as a single directory.

To make the most common scenario more efficient, we skip the temporary
setup directory if we only get a single source tree destined to root
in the squashfs filesystem.
2022-09-21 14:16:13 +02:00
Daan De Meyer
92f95ae707
Merge pull request #24751 from medhefgo/stub-x86
stub: Several fixes
2022-09-21 11:12:59 +02:00
Daan De Meyer
7f55ad775d shared: Add squashfs support to make_filesystem()
The caveat is that the caller has to provide a source directory
to initialize the squashfs filesystem from.
2022-09-21 10:50:16 +02:00
Daan De Meyer
0178ee6779
Merge pull request #24522 from yuwata/core-device-drop-nonexistent-devlink-unit
core/device: drop nonexistent devlink units
2022-09-21 10:30:51 +02:00
наб
2084cbdc2f kernel-install.8: fix -h/-v ordering in SYNOPSIS 2022-09-21 16:40:46 +09:00
наб
3a79a037da kernel-install/90-loaderentry: fix chown 2022-09-21 16:40:17 +09:00
Yu Watanabe
fb227a3de1 test-17-udev: test that device units for nonexistent devlink are removed
For issue #24518.
2022-09-21 05:58:40 +09:00
Yu Watanabe
ede0fe0271 test-64-storage: add test for renaming lvm volume 2022-09-21 05:58:40 +09:00
Yu Watanabe
9c126b2c92 test-64-udev-storage: check device units 2022-09-21 05:58:40 +09:00
Yu Watanabe
a4cb8afb8f core/device: check that no unit is ready and not simultaneously
This should not happen, just for safety.
2022-09-21 05:58:40 +09:00
Yu Watanabe
c352110adc core/device: refuse alias with ".." 2022-09-21 05:58:40 +09:00
Yu Watanabe
4228306b9d core/device: always update existing devlink or alias units on uevent
Previously, existing device units for devlinks or aliases were not
removed unless the main device unit is removed. This makes all existing
device units for devlinks and aliases are checked if they are still
required, and remove if not necessary anymore.

Fixes #24518.
2022-09-21 05:58:37 +09:00
Frantisek Sumsal
761b1d8314 test: don't overwrite existing $QEMU_OPTIONS 2022-09-20 22:40:02 +02:00
Daan De Meyer
06d6ea1b16 mkosi: Set ExtraSearchPaths=build/ by default
When hacking on systemd, let's have mkosi prefer executables from
the build directory over the system ones.
2022-09-20 21:59:00 +02:00
Lennart Poettering
0026791f2e
Merge pull request #24521 from poettering/boot-loader-spec-dollar-boot-fix
boot loader spec fixes
2022-09-20 21:51:22 +02:00
Lennart Poettering
0b81e47e80 boot-loader-spec: undo redefinition of $BOOT
In 53c26db4da the meaning of $BOOT was
redefined. I think that's quite problematic, since the concept is
implemented in code and interface of bootctl. Thus, I think we should
stick to the original definition, which is: "where to *place* boot menu
entries" (as opposed to "where to *read* boot menu entries from").

The aforementioned change was done to address two things afaiu:

1. it focussed on a $BOOT as the single place to put boot entries in,
   instead of mentioning that both ESP and $BOOT are expected to be
   the source

2. it mentioned the /loader/ dir (as location for boot loader resources)
   itself as part of the spec, which however only really makes sense in
   the ESP. /loader/entries/ otoh makes sense in either the ESP or
   $BOOT.

With this rework I try to address these two issues differently:

1. I intend to make clear the $BOOT is the "primary" place to put stuff
   in, and is what should be mounted to /boot/.

2. The ESP (if different from $BOOT) is listed as "secondary" source to
   read from, and is what should be mounted to /efi/. NB we now make the
   distinction between "where to put" (which is single partition) and
   "where to read from".

3. This drops any reference of the /loader/ dir witout the /entries/
   suffix. Only the full /loader/entries/ dir (and its companion file
   /loader/entries.srel) are now mentioned. Thus isolated /loader/
   directory hence becomes irrelevant in the spec, and the fact that
   sd-boot maintains some files there (and only in the ESP) is kept out
   of the spec, because it is irrelevant to other boot loaders.

4. It puts back the suggestion to mount $BOOT to /boot/ and the ESP to
   /efi/ (and suggests adding a symlink or bind mount if both are the
   same partition). Why? Because the dirs are semantically unrelated:
   it's OK and common to have and ESP but no $BOOT, hence putting ESP
   inside of a useless, non-existing "ghost" dir /boot/ makes little
   sense. More importantly though, because these partitions are
   typically backed by VFAT we want to maintain them as an autofs, with
   a short idle delay, so that the file systems are unmounted (and thus
   fully clean) at almost all times. This doesn't work if they are
   nested within each other, as the establishment of the inner autofs
   would pin the outer one, making the excercise useless. Now I don't
   think the spec should mention autofs (since that is an implementation
   detail), but it should arrange things so that this specific, very
   efficient, safe and robust implementation can be implemented.

The net result should be easy from an OS perspective:

1. *Put* boot loader entries in /boot/, always.

2. *Read* boot loader entries from both /boot/ and /efi/ -- if these are distinct.

3. The only things we define in the spec are /loader/entries/*.conf and
   /EFI/Linux/*.efi in these two partitions (well, and the companion
   file /loader/entries.srel

4. /efi/ and /boot/ because not nested can be autofs.

5. bootctl code and interface (in particular --esp-path= and
   --boot-path=) match the spec again. `bootctl -x` and `bootctl -p`
   will now print the path to $BOOT and ESP again, matching the concepts
   in the spec again.

From the sd-boot perspective things are equally easy:

1. Read boot enrties from ESP and XBOOTLDR.

2. Maintain boot loader config/other resources in ESP only.

And that's it.

Fixes: #24247
2022-09-20 21:49:58 +02:00