| Commit message (Collapse) | Author | Files | Lines |
|---|
|
This reverts commit 837773add465bd0a0d1f598203d297cf0129468b.
The original issue #27287 is fixed by #28123. Let's
reintroduce the test for systemd-update-utmp.
|
|
session_leave_vt may be called after the VT device was hung up, which
will cause vt_release to fail with -EIO. This is known to cause an issue
with GNOME 44 on Fedora where gdm-session-worker sometimes freezes when
trying to switch to VT 1 after a `loginctl terminate-user` operation.
Fix this by reopening the VT in session_leave_vt if we get an -EIO.
|
|
|
|
This partially reverts 3c1eee5beda642707037b189481c3c30d1668da7.
I thought that it is not necessary, but
https://mesonbuild.com/Reference-manual_functions.html#vcs_tag says:
> This method returns a custom_tgt should be used to signal dependencies if
> other targets use the file outputted by this.
>
> For example, if you generate a header with this and want to use that in a
> build target, you must add the return value to the sources of that build
> target. Without that, Meson will not know the order in which to build the
> targets.
We can use version_h directly, since we already have it.
Hopefully fixes https://github.com/systemd/systemd/issues/28994.
|
|
Workaround for https://github.com/systemd/systemd/issues/28990
Introduced by https://github.com/systemd/systemd/pull/28932 but CI was
green there. Add a workaround to get the CI back in shape while it is
being investigated.
|
|
built-in
There's really no point in first extracting a command line from an UKI
to just pass it unmodified to the UKI. In particular as this is
systematically ignored in SecureBoot is enabled.
Let's drop this, so that unless the user actually edits the cmdline we
pass nothing to the invoked kernel.
Note that this low-key is a compat break, since the passed cmdline gets
measured. However, in the interest of minimized the difference between
systems with and without sd-boot to behave the same i think we should
suppress the command line anyway.
|
|
Chronyd and similar time services, when using PTP devices, may need
the BindsTo/After directives to ensure the devices are available
before starting. Tag PTP devices with systemd to allow for wider
adoption.
Signed-off-by: Chris Patterson <cpatterson@microsoft.com>
|
|
Previously, DHCP_STATE_STOPPED and DHCP_STATE_INIT are both handled as
not-running. Moreover, previously after sd_dhcp_client_start() is
called, the client still in INIT state (and thus handled as not-running)
even if its internal timer event sources are initialized.
Let's make only STOPPED state handled as not-running, and make the
client initially in STOPPED state.
Prompted by #28896.
|
|
See documentation at: https://manpages.debian.org/testing/pkgconf/pkg.m4.7.en.html
Without this the macro was not always correctly resolved so the correct command was not used in the rest of the snippet.
|
|
Fixes #28928.
|
|
or else it would output 'Unknown config setting [UKI] SecureBootCerificate=' or just an error outright if not overrode.
|
|
It was added to make sure that the version tag was built early
enough. Now that we use vcs_tag, meson should take care of building
it early enough.
|
|
Let's also use vcs_tag() when we're doing a non-git build. In those scenarios,
the build would normally be done just once in a given copy, so doing an extra
call does not matter. We can save a few lines of meson config.
The special path was added in 064b8e2c99ceb348c515353cc5c7d7bd05c49fcb, with
the justifaction that vcs_tag() is slow and -Dversion-tag=foo can be used to
fix the version tag and speed up partial rebuilds. I think the justification
for this is weak: having an accurate version tag is particularly useful when
developing the code. Shaving of a fraction of a second at the cost of having to
manually update the version seems iffy.
Secondly, with vcs_tag() we can be pretty sure that meson will build the
version file first and that it'll be available to all build steps. Because we
didn't use version tag, we had to manually specify the dependency on version.h
in various places. It seems nicer to use vcs_tag() and not have to deal with
this problem at all.
Finally, the savings in time seem much smaller than back when
064b8e2c99ceb348c515353cc5c7d7bd05c49fcb was made. It reported a change
from 94 ms to 521 ms. But now the difference seems to be about 50 ms:
Before this patch:
$ time ninja -C build
ninja: Entering directory `build'
ninja: no work to do.
ninja -C build 0.04s user 0.02s system 97% cpu 0.057 total
ninja -C build 0.03s user 0.01s system 97% cpu 0.049 total
ninja -C build 0.03s user 0.02s system 96% cpu 0.051 total
ninja -C build 0.03s user 0.01s system 96% cpu 0.049 total
ninja -C build 0.03s user 0.01s system 97% cpu 0.046 total
With the two patches in this PR:
systemd-stable [drop-versiondep] time ninja -C build
ninja: Entering directory `build'
[1/669] Generating version.h with a custom command
ninja -C build 0.08s user 0.03s system 98% cpu 0.106 total
ninja -C build 0.08s user 0.03s system 98% cpu 0.104 total
ninja -C build 0.09s user 0.02s system 98% cpu 0.116 total
ninja -C build 0.08s user 0.02s system 97% cpu 0.108 total
Overall, I think the tiny time savings are not worth the complexity.
|
|
Updated T11/Juno Tab 2.
|
|
The use of vcs_tag was dropped in #28567, which results in builds having
stale version information once new commit are made.
This also fixes a case where CI builds would have no version information
because they are checked out without any tags for git-describe to use.
Additionally, use `--git-dir` now, as that particular issues seems to
have been fixed by now.
|
|
Follow-up for 9269296df05a724c6b121bcbb0b420c8b4088f2f
|
|
Implements: https://datatracker.ietf.org/doc/html/rfc8781
```
[IPv6PREF64Prefix]
Prefix=2003:da8:1:0::/64
ValidLifetimeSec=30m
Frame 16: 126 bytes on wire (1008 bits), 126 bytes captured (1008 bits) on interface veth99, id 0
Ethernet II, Src: 06:c7:41:95:1d:7f (06:c7:41:95:1d:7f), Dst: IPv6mcast_01 (33:33:00:00:00:01)
Internet Protocol Version 6, Src: fe80::4c7:41ff:fe95:1d7f, Dst: ff02::1
Internet Control Message Protocol v6
Type: Router Advertisement (134)
Code: 0
Checksum: 0x0ca0 [correct]
[Checksum Status: Good]
Cur hop limit: 0
Flags: 0x00, Prf (Default Router Preference): Medium
Router lifetime (s): 1800
Reachable time (ms): 0
Retrans timer (ms): 0
ICMPv6 Option (Source link-layer address : 06:c7:41:95:1d:7f)
ICMPv6 Option (Prefix information : 2002:da8:1::/64)
ICMPv6 Option (PREF64 Option)
Type: PREF64 Option (38)
Length: 2 (16 bytes)
0000 0111 0000 1... = Scaled Lifetime: 225
.... .... .... .001 = PLC (Prefix Length Code): 64 bits prefix length (0x1)
Prefix: 64:ff9b::
```
|
|
We might inherit a max rlim value that's larger than the kernel's
maximum (nr_open). This will cause setrlimit() to fail as the given
maximum is larger than the kernel's maximum. To get around this,
let's limit the max rlim we pass to rlimit() to the value of nr_open.
Should fix #28965
|
|
We set FORK_CLOSE_ALL_FDS, so we should also set FORK_REOPEN_LOG to
reopen the log in the child process so we don't miss any logging
messages.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
As these are not macros, they should be lowercase.
|
|
|
|
Follow-up for 2f091b1b49543aade4aad9ec3b35b3665abac3e7.
Fixes #28844.
|
|
|
|
This way we can use it at other places too, not just when dissecting
images.
|
|
We often free an array of things. Let's create a common helper for this,
and port some potential users over. (Not all, too lazy for that for
now).
|
|
I always found it confusing that most of our TPM related definitions are
in tpm2-util.h, but the PCR names in tpm-pcr.h, without the "2". Let's
fix that and make this systematic, in particular as the definitions in
the file all start with TPM2_ already.
No code flow changes, just some renaming.
|
|
The UKI sections have little to do with the PCRs, hence give them their
own header.
|
|
We so far maintained two places for symboic names for PCRs. One in
tpm2-util.h and one in tpm-pcr.h.
Let's unify this into one, i.e. move the full list from tpm2-util.h into
tpm-pcr.h, replacing the short list placed so far there.
Systematically prefix the definitions with TPM2_ or tpm2_, to follow how
we do this for all other defines in this context.
No change in behaviour, just unification of tables.
|
|
Let's a "b" helper for json_variant_set_field() that combines
json_build() with json_variant_set_field(), similar to the
json_variant_merge_objectb(), json_variant_append_arrayb().
|
|
json_append() is a useful wrapper around json_variant_merge(). However,
I think the naming sould be cleaned up a bit of both functions.
I thinker "merge" is the better word than "append", since it does
decidedly more than just append: it replaces existing fields of the same
name, hence "merge" sounds more appropriate. This is as opposed to the
similar operations for arrays, where no such override logic is applied
and we really just append, hence those functions are called "append"
already.
To make clearer that "merge" is about objects, and "append" about
arrays, also include "object" in the name.
Also, include "json_variant" in the name, like we do for almost all
other functions in the JSON API that take a JSON object as primary
input, and hence are kinda object methods.
Finally, let's follow the logic that helpers that combine json_build()
with some other operation get suffixed with "b" like we already have in
some cases.
Hence:
json_variant_merge() → json_variant_merge_object()
json_append() → json_variant_merge_objectb()
This mirrors nicely the existing:
json_variant_append_array()
json_vairant_append_arrayb()
This also drops the variant of json_append() that takes a va_arg
parameter (i.e. json_appendv()). We have no user of that so far, and
given the nature as a helper function only I don#t see that happening,
and if it happens after all it's trivial to bring back.
|
|
|
