| Commit message (Collapse) | Author | Files | Lines |
|---|
|
varlink_dispatch() returns > 0 if it already replied to the method call,
hence this is reason to return from the handler function, and not
proceed.
|
|
|
|
This effectively reverts 9175002864d8876f375e0df089d142d239282528.
The retrans time field in RA message is for neighbor solicitation,
and the commit d4c8de21a07d015f2f2c787e0735be5e4d02fb3c makes the value
assigned to the correct sysctl property.
Let's deprecate the option, and drop the redundant functions.
|
|
|
|
Follow-up for 31323f21bb0ae7c712f43500c42997c91a6d20bf.
The code is correct, but let's silence Coverity.
Closes CID#1534787.
|
|
|
|
Takes a list of CPU indices or ranges separated by either whitespace or commas. Alternatively,
takes the special value "all" in which will include all available CPUs in the mask.
CPU ranges are specified by the lower and upper CPU indices separated by a dash (e.g. "2-6").
This option may be specified more than once, in which case the specified CPU affinity masks are merged.
If an empty string is assigned, the mask is reset, all assignments prior to this will have no effect.
Defaults to unset and RPS CPU list is unchanged. To disable RPS when it was previously enabled, use the
special value "disable".
Currently, this will set CPU mask to all `rx` queue of matched device (if it has multiple queues).
The `/sys/class/net/<dev>/queues/rx-<n>/rps_cpus` only accept cpu bitmap mask in hexadecimal.
Fix: #30323
|
|
Follow-up for 666a348d1c98873c55115924751e6f2d3bdb7435.
|
|
Follow-up for a663ddc04e43a9234e00e47aed98bf2bbeb1573a.
|
|
Leave TEST_UPSTREAM=1 for now in case we switch branches via the hook
|
|
Required due to building with debian/master branch
|
|
the CI to a new version
|
|
|
|
On ppc64el with gcc 13.2 on Ubuntu 24.04:
3s In file included from ../src/basic/macro.h:386,
483s from ../src/basic/alloc-util.h:10,
483s from ../src/shared/install.c:12:
483s ../src/shared/install.c: In function ‘install_changes_dump’:
483s ../src/shared/install.c:432:64: error: ‘%s’ directive argument is null [-Werror=format-overflow=]
483s 432 | err = log_error_errno(changes[i].type, "Failed to %s unit, unit %s does not exist.",
483s | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
483s ../src/shared/install.c:432:75: note: format string is defined here
483s 432 | err = log_error_errno(changes[i].type, "Failed to %s unit, unit %s does not exist.",
|
|
Fixes: eccebf4b0dcb ("systemd-tmpfiles: deprecate F for f+")
|
|
`c->cpu_sched_reset_on_fork` is serialized using
`exec-context-cpu-sched-reset-on-fork` and
`exec-context-cpu-scheduling-reset-on-fork`. Let's keep only the second one, to
serialize the value only if `cpu_sched_set` is true.
|
|
I do not see `route` being exercised anywhere else, everything seems
to be on `ip route` already.
|
|
|
|
|
|
For man pages, we generally indent with 2 spaces and wrap to ~80 columns.
|
|
|
|
Let's not complain about various valid loader.conf settings we more
recently added. At the same time let's remove the half-assed userspace
parsers for the fields we actually do support but don't actually really
care about in userspace. There's really no point in storing strings away
that we are not using at all, hence just don#t.
Fixes: #31487
|
|
|
|
By default socat open a separate r/w channel for each specified address,
and terminates the connection after .5s from receiving EOF on _either_
side. And since one side of that connection is an empty stdin, we reach
that EOF pretty quickly. Let's avoid this by using socat in
"reversed unidirectional" mode, where the first address is used only for
writing, and the second one is used only for reading.
Addresses:
- https://github.com/systemd/systemd/issues/31500
- https://github.com/systemd/systemd/issues/31493
Follow-up for 3456c89ac26.
|
|
|
|
|
|
Also, add a 30s sleep even if cgroup v1 is forced.
Closes #30852
|
|
|
|
|
|
|
|
|
|
Follow-up for 143fadf369a18449464956206226761e49be1928
|
|
This commit should be reverted once bash completion is in better shape when it comes to ShellCheck.
|
|
|
|
zsh is not supported by ShellCheck
|
|
|
|
|
|
|
|
Fixes #31485.
|
|
The hotkey only works in interactive mode hence don't mislead users
about it.
|
|
Let's make systemd-nspawn use our own ptyfwd logic to handle the TTY by
default.
This adds a new setting --console=, inspired by nspawn's setting of the
same name. If --console=interactive= is used, then we'll do the TTY
dance on our own via ptyfwd, and thus get tinting, our usual hotkey
handling and similar.
Since qemu's own console is useful too, let's keep it around via
--console=native.
FInally, replace the --qemu-gui switch by --console=gui.
|
|
|
|
|
|
These settings are leated to sd-ndisc and Neighbor Discovery protocol.
Let's use more suitable name.
|
|
|
|
GIT_VERSION isn't actually available so use VERSION_TAG instead which
is available.
|
|
According to RFC9267, the 2500 value is not helpful, and in fact it can
be harmful to permit a large number of iterations. Combined with limits
on the number of signature validations, I expect this will mitigate the
impact of maliciously crafted domains designed to cause excessive
cryptographic work.
|
|
It has been demonstrated that tolerating an unbounded number of dnssec
signature validations is a bad idea. It is easy for a maliciously
crafted DNS reply to contain as many keytag collisions as desired,
causing us to iterate every dnskey and signature combination in vain.
The solution is to impose a maximum number of validations we will
tolerate. While collisions are not hard to craft, I still expect they
are unlikely in the wild so it should be safe to pick fairly small
values.
Here two limits are imposed: one on the maximum number of invalid
signatures encountered per rrset, and another on the total number of
validations performed per transaction.
|
|
|
|
|
