IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
By default mount(8), umount(8), swapon(8) and swapoff(8) should run with
with the SMACK label inherited from systemd rather than the default one
meant for services.
Fixes: aa5ae9711ef3cd0c69b7fcfbd65bca05fb704a8a
Follow-up-for: 20bbf5ee4c6c80599a91e7a4b7474e931a27db4a
(cherry picked from commit 8144537a81c7a815af3d4c63cd8545ee17b2715d)
This makes networkd process all queued remove requests when a
terminating or restarting signal is received. Otherwise, e.g. DHCPv4
address will not be removed on stop, especially when
KeepConfiguration=no.
Fixes a bug introduced by 85a6f300c14d75d161cbfdb3eaf5af9594400ecd and
its subsequent commits.
Fixes#34837.
Co-authored-by: Will Fancher <elvishjerricco@gmail.com>
(cherry picked from commit db68e990467ffea2b6655e4726856ca7eb32b38d)
Users will generally know what a qrcode is, so let's not treat them as dumb and
explain that it can be scanned. OTOH, we should say what the qrcode contains
and it is useful to give a hint why the users would want to scan it. Reword
messages accordingly.
(Also, don't say "to your phone", when somebody might be using a stolen phone,
or something else then a phone.)
(cherry picked from commit 10faa40ba781cf499258a3b37de02dd643822dc6)
People know what a qrcode is. We don't need to tell them to scan it.
Instead, we should say what the code contains.
While at it, rename "stream" to "f" in line with the usual style.
(cherry picked from commit abf1cae0a75ca07f09afbb4eaa9f11fc429b1d02)
Print the times in seconds in the tooltip to remove the need to count
and trying to follow the lines in the svg diagram in order to see at
what times these events happen.
(cherry picked from commit f172dfddde3379319ee3a02666a7ecf11a5711f4)
Otherwise, with recent additions, the MAINPIDFDID= generated by
systemd-notify would mismatch with overridden MAINPID=.
(cherry picked from commit c3ecb747f1e35f609f15fc94ad4d5e5ca0bda4a2)
When invoked on a running system, bsod would not print the qrcode.
The check for "color support" on stdout is pointless, since we're not
printing to stdout but to a terminal fd that is opened separately.
(cherry picked from commit 5a64c86936477ecea5cc1fb8dbc79faf522cf370)
The journal handles multi-line messages nicely, and they are easier
to read. Drop the recycling symbol, there is no circular process here,
we go from a to b and never back to a again.
(cherry picked from commit bb56c27fc81da2777cd7064a0b88ca011eced509)
We would need to use pure if the funtion was getting pointers and
dereferencing them. But sd128_t is a structure and those functions
only access the parameters of the call.
(cherry picked from commit dc32b09b70c9bb20821df92ac82ace83d8a968e2)
The default definition to add is `-D__loongarch64__`, which is not searched in [bpf_tracing.h](09b9e83102/src/bpf_tracing.h (L68))
This may avoid `error: Must specify a BPF target arch via __TARGET_ARCH_xxx` in loongarch64
Signed-off-by: Zhou Qiankang <wszqkzqk@qq.com>
(cherry picked from commit 85d0aff84c83182875bc564e295978efd76ab905)
Fixes a bug introduced by baf3fdec27f0b3a1f3d39c7def2a778824cbee51.
This also adds several assertions at the beginning of the function.
Fixes#34899.
(cherry picked from commit 5dc0668802cd07cdca2dc5bda52cc1e63b57f145)
When PAMName= is set this should be enough to go through our entire user
changing story, so that PAM is definitely run, and environment variables
definitely pulled in and so on.
Previously, it would happen that under some circumstances we might no do
this when transitioning from root to root itself even though PAM was
enabled.
Fixes: #34682
(cherry picked from commit e4b4d9cc7adf245950e8676be0e0f4a813069500)
Call setup_smack() also when only fallback_smack_process_label is set.
Fixes: 75689fb2d41f
(cherry picked from commit 20bbf5ee4c6c80599a91e7a4b7474e931a27db4a)
The links moved to the legacy dataset so they won't be available by
default, so stop using them and just use the city ones instead
(cherry picked from commit aa077884c13769ae3bd6aa98978b4ac9e64b5365)
The encoded fqdn in this option must be properly terminated. We will
soon validate that this field is correctly encoded, so correct it in the
test.
(cherry picked from commit 2d9822b634680f1be1d20920aceddac76de110eb)
If VirtualSize > SizeOfRawData, measure extra zeros to take into
account the extra zeros also measured by the stub.
(cherry picked from commit b53f2d5ed8ad0e537e9086daf84f9c2bf69fb72b)
let's make sure we undo any pollution of the label compression hash
table.
Fixes: #33671
(cherry picked from commit 360105f1e748148ba17bdb3f47525f01aba4127f)
Currently, when comparing two DNS names when storing them in a
hashtable, and the DNS names are not actually valid we'll compare the
error codes.
This is not very smart however, since this means two invalid DNS names
that happen to be equally "invalid" will be considered identical, even
if their strings are entirely different.
Let's find a better solution for this niche case: let's simple compare
the domains as strings.
This matters in case of DNS label compression: if we already added added
an invalid DNS name into the label compression hash table, and lookup
any other invalid DNS name, this lookup will likely return what the
earlier one already returned, and that's confusing.
(cherry picked from commit 8ed2c62d46f93c2117d65a908c316a381073af16)
Previously a full packet was cached only if the CD bit was set, but this
no longer corresponds to the cases where bypass is enabled.
Update the cache to retain a full packet in the cases where it might
actually be useful.
(cherry picked from commit fa02d04ee9a4787c2c39032185b6fe3e7146b26b)
This is useful for a validating resolver to indicate to a non-validating
resolver when checking was disabled for the query. This matches the
behavior of the major public resovlers in response to queries with CD bu
tnot DO set.
(cherry picked from commit 36074e01499ea4fc89a0c642cef83bd650014e5a)
Following 13e15dae9f0b, resolved does not forward the AD bit for bypass
queries, but resolved also didn't do it's own validation, making these
replies appear to never be authentic. We should enable validation for
bypass queries.
Let's disable our own validation when processing a +cd query, and also
ensure that it skips the cache so that we don't accidentally fail to
return inauthentic replies from upstream.
Previously, when we had a bypass transaction without cd, a cached,
authenticated, reply with cd could be served, leaving the cd bit
erroneously set in the reply. Only reply with a CD bit if the client
requested it.
Fixes: 13e15dae9f0b (resolved: clear the AD bit for bypass packets)
(cherry picked from commit 008f23b7c5f255e48c71c3b4da74a85448667817)
As per spec image builders can create a local /etc/os-release
with per-image IDs, so modify that one instead of the original
one in /usr/lib. For example we do this when we build debian
unstable images in mkosi.
(cherry picked from commit 2f6fe4e1131d39fcafa9e00a7902919efb5361e1)
Some of the log message stricts used proper uppercasing, others didn't.
Fix that to make it uniform.
(cherry picked from commit 620a03f669a9075f2d78c2fcf7db45f7046481bc)
This might have the effect that some DNS server or search domain
disappears, hence rewrite the relevant files.
See: #27543
(cherry picked from commit 562f7bde8872b4fd03db11bf25c9dd294fd2c186)
Limits should be enforced, but not in a way real setups collide with
them.
There have been multiple reports that current limits are too low, hence
raise them 8x.
Fixes: #24852
(cherry picked from commit af7674f4ad30e83efc84f04c45f01e6eff137702)
Previously, GREEDY_REALLOC_APPEND would compile perfectly fine and cause
subtle memory corruption if the caller messes up the type they're passing
in (i.e. by forgetting to pass-by-reference when appending a Type* to an
array of Type*). Now this will lead to compilation failure
(cherry picked from commit fafc3c2d5c7fae6bad0f6dc51611ae9390589ade)
Various archs do not know the "io port" concept, hence check for the
"iomem" configuration, too.
Fixes: #34800
(cherry picked from commit 9da582984b632a75f562a304ff96dd1043281430)
Otherwise, journal check in testcase_mount_ratelimit() may fail and we
need to wait 2 minutes.
(cherry picked from commit 73970cdcd1cebe49a2858ce016c0cd4ce6037b2e)
../src/resolve/resolved-bus.c: In function ‘call_link_method’:
../src/resolve/resolved-bus.c:1769:16: warning: ‘l’ may be used uninitialized [-Wmaybe-uninitialized]
1769 | return handler(message, l, error);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~
../src/resolve/resolved-bus.c:1755:15: note: ‘l’ was declared here
1755 | Link *l;
| ^
../src/resolve/resolved-bus.c: In function ‘bus_method_get_link’:
../src/resolve/resolved-bus.c:1828:13: warning: ‘l’ may be used uninitialized [-Wmaybe-uninitialized]
1828 | p = link_bus_path(l);
| ^~~~~~~~~~~~~~~~
../src/resolve/resolved-bus.c:1816:15: note: ‘l’ was declared here
1816 | Link *l;
| ^
(cherry picked from commit 5f911aca8434b4163514019fcb4c1c967a50617c)
Even optarg is erased, copied string was not erased.
Let's erase the copied key for safety.
(cherry picked from commit d0ad4e88d4e6b5e312c359a6505125f7e088f3e3)
