IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Now, ubuntu-24.04 has mold-2.30.0+dfsg-1build1 .
See https://packages.ubuntu.com/noble/mold .
(cherry picked from commit f85213e8f65969b7bf0cf198ee2ac2fc014aaf5d)
This makes sure all kernel log messages are logged to the console.
This should be helpful during shutdown to detect possible issues with
journald when the logs can't be written to the journal itself anymore
but are written to kmsg.
(cherry picked from commit 8f51cf69814fc59be0ee4a1a18e8cd068559409f)
We want to make sure the integration tests that don't require qemu
can run successfully both in an nspawn container and in a qemu VM.
So let's add one more knob TEST_PREFER_QEMU=1 to run jobs that normally
require nspawn in qemu instead.
Running these tests in qemu is also possible by not running as root but
that's very implicit so we add an explicit knob instead to make it explicit
that we want to run these in qemu instead of nspawn.
(cherry picked from commit e022e73e3fede1a8d7800a6ca87291ca4075681b)
TEST-64-UDEV-STORAGE is invoked with the subtest appended, so TEST_SKIP=TEST-64-UDEV-STORAGE
does not work. Fix it by using TEST_SKIP as a partial match.
Follow-up for ddc91af4eaa32511f92c83b2c24d9cc0425fd5f5
(cherry picked from commit 8f4bbd096b27344c65998fafbad9c059ece52146)
The TEST-64-UDEV-STORAGE tests fail before we even start the test.
Let's set show_status=error to get more information when those failures
happen.
(cherry picked from commit 7560a5393a7d8708f35d956d50934014f5595478)
This patch initially also changed the configuration, but that'll be done in a
different way, so all that remains is the syntax change.
An array is nicer because the array definition can have inline comments and
doesn't use continuation symbols which are easy to mess up in edits.
(cherry picked from commit f5292d63af833ad583bb707f21b9f336c024a1d7)
Also
- use ASSERT_XYZ() macros,
- log tzname[] on failure.
(cherry picked from commit 3f1d499964abb6a4c0141d7ea8f852829880adff)
(cherry picked from commit 11d70500171ca6dbbad8ecf9b1cf0d29e1d6d1ed)
The issue is directly triggered by tzdata-2024b, where the setting of timezone
started to fail and the tests stopped passing. But those timestamps in 1/1/1970
appear to have some problems already before:
$ sudo date -s 'Thu 1970-01-01 13:00:01 WET'
Thu Jan 1 03:00:01 PM EET 1970
$ sudo date -s 'Thu 1970-01-01 12:00:01 WET'
date: cannot set date: Invalid argument
Thu Jan 1 02:00:01 PM EET 1970
$ rpm -q tzdata
tzdata-2024a-9.fc41.noarch
The same issue appears with other timezones. So move the first timestamp one
day forward to avoid the issue.
After the previous problem is solved, we also get the problem already seen
previously where the roundtrip returns a time that is off by one hour:
@86401000000 → Fri 1970-01-02 00:00:01 WET → @82801000000 → Thu 1970-01-01 23:00:01 WET
Assertion 'x / USEC_PER_SEC == y / USEC_PER_SEC' failed at src/test/test-time-util.c:415, function test_format_timestamp_impl(). Aborting.
Extend the override to suppress this.
(cherry picked from commit 3cf362f6f57b7d0b5f6b86a49316303b0dda7599)
Fixes#22575, as suggested by poettering in #35514.
Intended as a workaround for some buggy routers, which refuse to send empty
replies. If systemd-resolved starts two DnsTransactions, one for A and one
for AAAA, and the domain in question has no AAAA entry, then the server will
send a reply for A and no reply for AAAA. Correct behavior for the server would
be to send an empty reply for AAAA.
systemd-resolved would previously keep retrying the AAAA transaction, and
eventually timeout the whole query, returning an error to the caller.
Now, if the server replies to one query and not another, we cut short the
timeout and return the partial result. Returning the partial result allows
the rest of the system to keep working. It matches how e.g. glibc libnss_dns
behaves.
(cherry picked from commit 0da73fab56506ff1e4f8e59c167d27961f0fbf33)
(cherry picked from commit 1748265915e09120d75766baaa4516b2779140eb)
If a specified unit does not exist, then it is definitely not masked.
Fixes#35632.
(cherry picked from commit b58b00e4c33474505009c8118d6cfdf29a2c6cb1)
(cherry picked from commit 48b404d546e6cb6d32d9cb346bbd43760311790b)
Noticed while looking at #35641
(cherry picked from commit 0543b02cf8211353c0bb1065e09614f551944a41)
(cherry picked from commit b5dc1922f9bd0a64cf17be8c503baba58bf5ba82)
Due to a BTRFS issue in kernel 6.12 (and backported in Ubuntu to 6.8)
there's a warning triggered by some tests, and it then causes a panic.
The BTRFS issue has a patch but it is not available in any distro yet,
so disable panic_on_warn until it reaches Arch and Ubuntu Noble. Bugs
have been filed.
(cherry picked from commit 930d65ccca8193a8cb635099c55852b677f5d58a)
(cherry picked from commit 72ef5ac211b1d578dfd7630301d8c2bb73439819)
For some reasons, another session logind-test-user may be started.
===
Dec 13 07:04:16 systemd-logind[2140]: Got message type=method_call ... member=CreateSessionWithPIDFD ...
(snip)
Dec 13 07:04:16 systemd-logind[2140]: New session 15 of user logind-test-user.
Dec 13 07:04:16 systemd-logind[2140]: VT changed to 2
Dec 13 07:04:16 systemd-logind[2140]: rfkill: Found udev node /dev/rfkill for seat seat0
Dec 13 07:04:16 systemd-logind[2140]: udmabuf: Found udev node /dev/udmabuf for seat seat0
Dec 13 07:04:16 systemd-logind[2140]: Found static node /dev/snd/timer for seat seat0
Dec 13 07:04:16 systemd-logind[2140]: Found static node /dev/snd/seq for seat seat0
Dec 13 07:04:16 systemd-logind[2140]: Changing ACLs at /dev/snd/timer for seat seat0 (uid 0→4712 add)
Dec 13 07:04:16 systemd-logind[2140]: Changing ACLs at /dev/rfkill for seat seat0 (uid 0→4712 add)
Dec 13 07:04:16 systemd-logind[2140]: Changing ACLs at /dev/udmabuf for seat seat0 (uid 0→4712 add)
Dec 13 07:04:16 systemd-logind[2140]: Changing ACLs at /dev/snd/seq for seat seat0 (uid 0→4712 add)
Dec 13 07:04:16 systemd[1]: user-4712.slice: Changed dead -> active
Dec 13 07:04:16 systemd[1]: user-4712.slice: Job 5951 user-4712.slice/start finished, result=done
Dec 13 07:04:16 systemd[1]: Created slice user-4712.slice.
Dec 13 07:04:16 systemd-logind[2140]: Electing new display for user logind-test-user
Dec 13 07:04:16 systemd-logind[2140]: Choosing session 15 in preference to -
(snip)
Dec 13 07:04:16 systemd-logind[2140]: Got message type=method_call ... member=CreateSessionWithPIDFD ...
(snip)
Dec 13 07:04:16 systemd-logind[2140]: New session 16 of user logind-test-user.
Dec 13 07:04:16 systemd-logind[2140]: Electing new display for user logind-test-user
Dec 13 07:04:16 systemd-logind[2140]: Ignoring session 16
===
Let's track only session for the user with tty, which we explicitly created.
Fixes#35597.
(cherry picked from commit 26f65dc0c76f59eb3896014346652885c493ae71)
(cherry picked from commit d23133ef7914a63df4a79864d0b2170a790ddd60)
This is nothing interesting to warn about. Also use the symbolic
constant name when testing for this condition.
(cherry picked from commit e803e95760be87588533f9affd76db6ad0b5fac8)
(cherry picked from commit 0cddbebfbeedd3f71037d988dc91b6fb9f9b281f)
/tmp/autopkgtest.L6NPL0/build.doZ/src/mkosi.conf.d/10-debian-ubuntu/mkosi.conf.d/network.conf: Setting WithNetwork should be configured in [Build], not [Content]
(cherry picked from commit 301c159ce526933d048b9fd02ad7e2adfb4a6c58)
(cherry picked from commit 6186c2735bdd922cb5287be8586bdae1a5736c89)
This reverts commit e19cae12ff2e832ce7d79aa483e1aa27ed0ea1f4.
(cherry picked from commit 7406e0a3afafc1e1c994a88a4e988e94177e5550)
(cherry picked from commit 61e321c452309b6686b345ff3be363d37dfb21d6)
When semaphore is overloaded tests can take more than 1hr, bump
timeout
(cherry picked from commit 1855064d4eb95abe6909a93f72bee46658dad36b)
(cherry picked from commit 96b9fe831f888a0e9772a33acc752ebb822357b9)
We printed:
systemd-tmpfiles[705]: /usr/lib/tmpfiles.d/20-systemd-shell-extra.conf:10: Unknown modifiers in command 'L$'.
systemd-tmpfiles[705]: /usr/lib/tmpfiles.d/systemd-network.conf:10: Unknown modifiers in command 'd$'.
systemd-tmpfiles[705]: /usr/lib/tmpfiles.d/systemd-network.conf:11: Unknown modifiers in command 'd$'.
...
There's a lot of additional characters here make the message harder to parse. We know
that the command is a word without any whitespace, so quoting isn't really necessary.
Change this to:
... unknown modifiers in command: L$
(cherry picked from commit 390bab53923eea822ac525d0e4aa4b7f86d8cd92)
(cherry picked from commit 3efa9e717f047bc4e51f6b1130468bdd6e004fdc)
Initialize the start of the system-wide idle time with the time logind was
initialized and not with the start of the Unix epoch. This means that systemd
will not repport a unreasonable long idle time (around 54 years at the time of
writing this), especially at in the early boot, while no login manager session,
e.g,. gdm, had a chance to provide a more accurate start of the idle period.
Fixes#35163
(cherry picked from commit 718b31138b9a93f262259f297ad6b521454decc6)
(cherry picked from commit 9d36809256c6d92c6d8358769479ad2c2b695664)
Otherwise --help/--version/etc which exit immediately will do pointless work
(cherry picked from commit 60d23b7f4ae26d934e5748d30bb7ae956f3ad83d)
(cherry picked from commit 29cdad871ea5febb64336b43f08aab5ac15ab4cb)
This is handy for debugging.
(cherry picked from commit 91713841491d0d4775566ed59f621f0f9a2413b5)
(cherry picked from commit bcf740e4a3caa32b3a920512833b68fc6d530125)
This is an interesting event. Let's log about it.
(cherry picked from commit 11ee1bab60abde67cd0edc470c93c1afe10d975d)
(cherry picked from commit c189ecc7fe5039d98bbb448ab45ab0fa3842b3a3)
CentOS CIs are disabled after ead814a0b0f64c572282b9e27a0a995893f10cf0.
(cherry picked from commit 1fe583861feb5796fa0be937dc7f4c2ce07bcde5)
(cherry picked from commit 3b6b819a289feb76774e7c73654b3f4197181986)
semaphore CI runs are always very close to the limit of 1hr, and often
time out when it's particularly oversubscribed.
Skip some low-value test cases to shorten the runtime.
(cherry picked from commit e19cae12ff2e832ce7d79aa483e1aa27ed0ea1f4)
(cherry picked from commit e768cf55b19caec6c8936050b245f398aba8b884)
In the example from systemd-measure(1), do not bind to PCR 7 in
addition to the PCR policy.
As long as this is still done by default, see #35280.
(cherry picked from commit 693038fce47a819c5eebeb4fce39c9ac991acf84)
(cherry picked from commit 926f5ab6bf0e3541106e6a6f95af4cbdec50582b)
Otherwise it doesn't hold that VLANs 100-400 are allowed (because 201-299 are disallowed).
(cherry picked from commit ae2f3af63962ba6e2f67cfce07c9fee61722e30e)
(cherry picked from commit 9fad72cc52bdec7f44337b1e48c23ee15fc08d77)
Document the fact that read-only properties may not have the flag
SD_BUS_VTABLE_UNPRIVILEGED as that is not obvious especially given the
flag is accepted for writable properties.
Based on the check in `add_object_vtable_internal` called by
`sd_bus_add_object_vtable` (as of the current tip of the main branch
f7f5ba019206cacd486b0892fec76f70f525e04d):
case _SD_BUS_VTABLE_PROPERTY: {
[...]
if ([...] ||
[...]
(v->flags & SD_BUS_VTABLE_UNPRIVILEGED && v->type == _SD_BUS_VTABLE_PROPERTY)) {
r = -EINVAL;
goto fail;
}
(where `_SD_BUS_VTABLE_PROPERTY` means read-only property whereas
`_SD_BUS_VTABLE_WRITABLE_PROPERTY` maps to writable property).
This was implemented in the commit
adacb9575a09981fcf11279f2f661e3fc21e58ff ("bus: introduce "trusted" bus
concept and encode access control in object vtables") where
`SD_BUS_VTABLE_UNPRIVILEGED` was introduced:
Writable properties are also subject to SD_BUS_VTABLE_UNPRIVILEGED
and SD_BUS_VTABLE_CAPABILITY() for controlling write access to them.
Note however that read access is unrestricted, as PropertiesChanged
messages might send out the values anyway as an unrestricted
broadcast.
(cherry picked from commit 3ca09aa4dd57327989eceb1298754601046ac041)
(cherry picked from commit cd727031a4daafe19f491df360c512433562f469)
In Arch the hostname binary is in a different package
Follow-up for cf48bde7aea52b18ac3fa218d3f60fd3d533ef66
(cherry picked from commit 446d737cba3652a9f3dbd07cea9cb4082350b241)
(cherry picked from commit e1659133e79d20799a0841f3099f921957743691)
To reproduce, as an unprivileged user start a docker container and build
and run the unit tests inside it:
$ docker run --rm -ti debian:bookworm bash
...
/* test_close_all_fds */
Successfully forked off '(caf-plain)' as PID 10496.
Skipping PR_SET_MM, as we don't have privileges.
(caf-plain) succeeded.
Failed to fork off '(caf-noproc)': Operation not permitted
Assertion 'r >= 0' failed at src/test/test-fd-util.c:392, function test_close_all_fds(). Aborting.
Partially fixes#35552
(cherry picked from commit 630a2e7ee195ca96e102acac8df67a278a879124)
(cherry picked from commit 5573ac7d9c52bed8d38480788b02639ede3881fc)
have ambient caps: yes
Capabilities:cap_chown,cap_dac_override,cap_fowner,cap_fsetid,cap_kill,cap_setgid,cap_setuid,cap_setpcap,cap_net_bind_service,cap_net_raw,cap_sys_chroot,cap_mknod,cap_audit_write,cap_setfcap=ep
Failed to drop auxiliary groups list: Operation not permitted
Failed to change group ID: Operation not permitted
Capabilities:cap_dac_override,cap_net_raw=ep
Capabilities:cap_dac_override=ep
Successfully forked off '(getambient)' as PID 12505.
Skipping PR_SET_MM, as we don't have privileges.
Ambient capability cap_linux_immutable requested but missing from bounding set, suppressing automatically.
Assertion 'x < 0 || FLAGS_SET(c, UINT64_C(1) << CAP_LINUX_IMMUTABLE)' failed at src/test/test-capability.c:273, function test_capability_get_ambient(). Aborting.
(getambient) terminated by signal ABRT.
src/test/test-capability.c:258: Assertion failed: expected "r" to succeed, but got error: Protocol error
Partially fixes#35552
(cherry picked from commit 058a07635f3ff70cc99943dcf4f2a079bc9c28b9)
(cherry picked from commit d80ab6aed678ed89327d86ced9fedd24b5baccd3)
TEST-75-RESOLVED fails on Ubuntu autopkgtest due to this warning from
knot:
notice: config, policy 'auto_rollover_nsec3' depends on default nsec3-salt-length=8, since version 3.5 the default becomes 0
Explicitly set nsec3-salt-length=8 to silence.
(cherry picked from commit 59e5108fb4e61957cb40bb15ac7966d085d13af2)
(cherry picked from commit 1b945fb1a727f85be9230e43d2fdaf78d2567946)
I forgot to do this before tagging. Let's still do this, for two reasons:
- packagers can easily include the patch if they haven't built yet,
- doing the bump reduces the chances of somebody doing an off-by-one bump
for the next release.
This tmpfiles.d wants to write to sysfs, which is read-only in containers,
so systemd-tmpfiles --create fails in TEST-22-TMPFILES when ran in nspawn
if the selinux policy package is instealled. Mask it, as it's not our
config file, we don't need it in the test.
(cherry picked from commit 6fd3496cfd0d28808b5489ee87f826c2130f5f0b)
Add the `arm_fadvise64_64` syscall to the allow_list, in addition
to the existing `fadvise64` and `fadvise64_64` syscalls, as this is
the syscall actually defined for `arm` architecture. Adding it fixes
the syscall being rejected in arm32 containers.
Fixes#35194
(cherry picked from commit 7fd70a532681c0ea4cd6ff04d1a7950dae3efc8c)
We usually want to use "extended booleans" for cases like this, i.e.
that "off", "no" and "0" can be used interchangably for turning
something off.
(cherry picked from commit 62f3e2f84aa3413081fc1c1e1c3074fc9aeedbc9)
Otherwise the root inode will typically have what mkdtemp sets up, which
is something like 0700, which is weird and somewhat broken when trying
to look into containers from unpriv users.
(cherry picked from commit c18a1024643809c8f28799900af4e6202623f934)
