summaryrefslogtreecommitdiffstats
path: root/src (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
| * | watchdog: reset last ping timestamp when opening watchdogLennart Poettering2024-05-291-0/+2
| | | | | | | | | | | | | | | | | | When we open a watchdog fresh we have never pinged it, hence reset the ping timestamp explicitly, so that it is not only reset the first time we open the device, but all times.
| * | watchdog: normalize how we name watchdog related callsLennart Poettering2024-05-291-20/+20
| |/ | | | | | | | | Let's put the "watchdog" always as prefix in the name, and not as suffix or the middle. Just for reasons of naming hygiene
* | exec-util: make sure to close all fds for invoked generatorsLennart Poettering2024-05-291-1/+1
| | | | | | | | | | We should really have set O_CLOEXEC for all our fds, but better be safe than sorry.
* | exec-util: use the stdio array of safe_fork_full() where appropriateLennart Poettering2024-05-291-11/+19
| |
* | generator-setup: use RET_GATHER()Lennart Poettering2024-05-291-9/+3
|/
* bpf: add helper to translate kernel error codes from libbpfLuca Boccassi2024-05-297-11/+32
| | | | | | | | | | libbpf returns error codes from the kernel unmodified, and we don't understand them so non-fatal ones are handled as hard errors. Add a translation helper, and start by translating 524 to EOPNOTSUPP, which is returned when nsresourced tries to use LSM BPF hooks that are not implemented on a given arch (in this case, arm64 is misssing trampolines). Fixes https://github.com/systemd/systemd/issues/32170
* Merge pull request #33066 from YHNdnzj/logind-lingerLuca Boccassi2024-05-282-4/+10
|\ | | | | logind-user: check linger file in user_wants_service_manager too
| * logind-user: check linger file in user_wants_service_manager tooMike Yuan2024-05-281-1/+4
| | | | | | | | | | | | Follow-up for 5099a50d4398e190387d204f5df81cc176bd33e2 Fixes #33005
| * logind-user: add missing assertion for user_check_linger_fileMike Yuan2024-05-282-3/+6
| | | | | | | | Also make the function take const User*
* | tmpfiles: improve warning message and use O_NOCTTYChristian Göttsche2024-05-281-2/+2
|/ | | | | | | | Mention in the warning message for a failed open on a to be removed file why systemd-tmpfiles tried to open it. Also open the file with the O_NOCTTY flag, since it should never become the controlling terminal.
* Merge pull request #33057 from poettering/partscan-no-partLuca Boccassi2024-05-282-0/+42
|\ | | | | blockdev-util: for partition block devices partition scanning is always off
| * test: add superficial test for partscan testLennart Poettering2024-05-281-0/+37
| |
| * blockdev-util: partition block devices never have partition scanning enabledLennart Poettering2024-05-281-0/+5
| |
* | Merge pull request #33063 from keszybz/wiki-linksLuca Boccassi2024-05-281-1/+1
|\ \ | | | | | | Update wiki links
| * | various: update links to usr-mergeZbigniew Jędrzejewski-Szmek2024-05-281-1/+1
| |/
* | Merge pull request #33008 from fbuihuu/optionally-link-ssh-dropinsZbigniew Jędrzejewski-Szmek2024-05-282-8/+12
|\ \ | | | | | | Optionally link ssh dropins
| * | meson: don't put a symlink pointing to '20-systemd-userdb.conf' in /etc in ↵Franck Bui2024-05-271-4/+6
| | | | | | | | | | | | | | | | | | | | | all cases It's only needed on distros where sshd doesn't support drop-ins in /usr, which is not the case on SUSE.
| * | meson: don't put a symlink pointing to '20-systemd-ssh-proxy.conf' in /etc ↵Franck Bui2024-05-271-4/+6
| | | | | | | | | | | | | | | | | | | | | | | | in all cases On distros like SUSE where ssh config dropins in /usr are supported, there's no need for a symlink in /etc/ssh/ssh_config.d/ that points to the dropin installed somewhere in /usr (that is not reachable by ssh).
* | | socket-util: use GREEDY_REALLOC_APPEND where appropriateMike Yuan2024-05-281-5/+1
| | | | | | | | | | | | | | | Also, previously GREEDY_REALLOC was used improperly, causing the fds_array to be leaked when realloc() fails.
* | | machined: downgrade warning if we cannot drop ref to systemd unit if ↵Lennart Poettering2024-05-281-2/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | disconnected from bus if machined exits while a machine is still running, we'll issue the UnrefUnit() call on the unit. This quite likely will fail if during shutdown the bus connection is already down. But that's no reason to warn at all, since the ref count will implicitly be dropped if our side disappears from the bus. Hence, downgrade to LOG_DEBUG in case of connection problems.
* | | Merge pull request #33052 from yuwata/missing-loopLuca Boccassi2024-05-281-2/+2
|\ \ \ | |_|/ |/| | Fixlets for missing_loop.h
| * | missing_loop.h: fix LOOP_SET_STATUS_SETTABLE_FLAGSYu Watanabe2024-05-281-1/+1
| | | | | | | | | | | | | | | | | | See https://github.com/torvalds/linux/blob/v6.10-rc1/include/uapi/linux/loop.h Fixes a bug in b3fe33ff52ece458a5b990a4a68d59aef7cae10b.
| * | missing_loop: fix potential compile-time assertionYu Watanabe2024-05-281-1/+1
| | | | | | | | | | | | Fixes a bug introduced by 4d6437d33c45c3d31497f2e3bd8d415f775546b8.
* | | test: suppress logs generated by journal testsYu Watanabe2024-05-281-13/+13
|/ / | | | | | | | | | | Note, journal_file_dump() is only used by tests. Closes #33035.
* | cryptsetup: mention correct action in log messageDaniel Winzen2024-05-271-1/+1
| |
* | Merge pull request #33028 from yuwata/blockdev-utilLuca Boccassi2024-05-271-15/+43
|\ \ | | | | | | blockdev-util: also check loop/partscan sysattr
| * | blockdev-util: also check loop/partscan sysattrYu Watanabe2024-05-271-7/+26
| | | | | | | | | | | | | | | | | | With https://github.com/torvalds/linux/commit/b9684a71fca793213378dd410cd11675d973eaa1 (v5.19), we cannot check partition scanning is enabled for a loopback block device without checking the attribute.
| * | blockdev-util: also check newer value of GENHD_FL_NO_PART flagYu Watanabe2024-05-271-8/+17
| | | | | | | | | | | | | | | | | | With https://github.com/torvalds/linux/commit/430cc5d3ab4d0ba0bd011cfbb0035e46ba92920c, the value of GENHD_FL_NO_PART, previously named as GENHD_FL_NO_PART_SCAN, is changed from 0x0200 to 0x0004. So, we need to check both flags.
* | | executor: check for all permission related errnos when setting up IPC namespaceLuca Boccassi2024-05-271-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | Denials from AppArmor are raised as EACCES, so EPERM is not enough. Do the same check as PrivateNetwork above. Fixes https://github.com/systemd/systemd/issues/31037 Related to 06384eb3c5044f632f50304a0210a402460f1189
* | | Merge pull request #33013 from yuwata/journal-flushDaan De Meyer2024-05-271-13/+32
|\ \ \ | | | | | | | | journal: several fixlets for flushing runtime journal
| * | | journald: always unset flushed flag when the runtime journal is openedYu Watanabe2024-05-251-6/+15
| | | | | | | | | | | | | | | | | | | | | | | | If the runtime journal is opened, we will anyway write journal entries to the runtime journal, even if the persistent journal is writable. Hence, we need to flush the runtime journal file later.
| * | | journald: log removal of runtime journal directoriesYu Watanabe2024-05-251-3/+12
| | | |
| * | | journald: close runtime journal earlierYu Watanabe2024-05-251-4/+5
| | | | | | | | | | | | | | | | | | | | Then, we can use SD_JOURNAL_ASSUME_IMMUTABLE flag, and the performance of reading runtime journal should be improved.
* | | | Merge pull request #33016 from YHNdnzj/transient-working-dirYu Watanabe2024-05-275-37/+62
|\ \ \ \ | |_|/ / |/| | | core: several cleanups/fixes for WorkingDirectory= handling
| * | | core: introduce unit_verify_contextsMike Yuan2024-05-263-2/+25
| | | | | | | | | | | | | | | | | | | | Refuse WorkingDirectory=~ both in that and exec_invoke() when dynamic user is used.
| * | | core/unit: don't set missing_ok if WorkingDirectory=~ is explicitly requestedMike Yuan2024-05-261-6/+4
| | | |
| * | | core/exec-invoke: add a comment that acquire_home uses result from ↵Mike Yuan2024-05-261-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | get_fixed_user Prompted by https://github.com/systemd/systemd/pull/33016#discussion_r1614848067
| * | | core/exec-invoke: drop unused param for acquire_home, prefix out param with ret_Mike Yuan2024-05-261-5/+5
| | | |
| * | | core/dbus-execute: don't trigger assertion if WorkingDirectory="" or "-"Mike Yuan2024-05-261-23/+26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Follow-up for 14631951cea807de2d482a430841c604c2040718 Before this commit, if WorkingDirectory= is empty or literally "-", 'simplified' is not populated, resulting in the ASSERT_PTR in unit_write_settingf() below getting triggered. Also, do not accept "-", so that the parser is consistent with load-fragment.c Fixes #33015
| * | | core/dbus-execute: use correct char for representing WorkingDirectory=homeMike Yuan2024-05-261-1/+1
| | | |
| * | | core/load-fragment: also clear missing_ok when WorkingDirectory=""Mike Yuan2024-05-261-0/+1
| | | |
* | | | run: also show a pretty string for main exit status, if anyMike Yuan2024-05-261-6/+7
| | | | | | | | | | | | | | | | This brings output on par with unit_log_process_exit().
* | | | blockdev-util: "partscan" sysattr now directly shows the enabled stateMike Yuan2024-05-261-3/+11
|/ / / | | | | | | | | | See also: https://lore.kernel.org/r/20240502130033.1958492-3-hch@lst.de
* | | cryptenroll: upgrade log level of critical failureYu Watanabe2024-05-251-1/+1
| | |
* | | cryptenroll: do not pass an empty pcrlock policyYu Watanabe2024-05-251-0/+2
| | | | | | | | | | | | | | | | | | | | | Otherwise, tpm2_uneal() -> tpm2_build_sealing_policy() -> tpm2_deserialize() will trigger assertion. Prompted by #33017.
* | | cryptsetup: use TPM2_FLAGS_USE_PCRLOCK at one more placeYu Watanabe2024-05-251-1/+1
|/ / | | | | | | Follow-up for 404aea7815595c1324947ed7f2a7502b17d3cc01.
* | machine-id-setup: update commentYu Watanabe2024-05-241-2/+2
| | | | | | | | | | | | | | | | If an initrd has an empty or uninitialized /etc/machine-id file, then PID1 write a valid machine ID. So, the logic is important only on soft-reboot. Let's mention that explicitly. Follow-up for 16718dcf78a90faf8c5f53d7bf63e3575bc78be7.
* | machine-id-setup: use isempty() instead of empty_or_root()Yu Watanabe2024-05-241-2/+2
|/ | | | | | | | | | This effectively reverts ba540e9f1c29b430ac916918410c27171d14ab95. https://github.com/systemd/systemd/pull/32915#discussion_r1608258136 > In many cases we allow --root=/ as a mechanism for forcing an "offline" mode, > while still operating on the root dir. if we do the getenv_for_pid() thing > below I'd claim this is very much an "online" operation, and hence --root=/ > should really disable that.
* Merge pull request #32994 from keszybz/kernel-install-parsingLuca Boccassi2024-05-246-77/+110
|\ | | | | Improve parsing of kernel/install.conf
| * shared/conf-parser: do not print "(null)" as section nameZbigniew Jędrzejewski-Szmek2024-05-231-1/+5
| | | | | | | | | | | | | | | | | | Before: /etc/kernel/install.conf:6: Unknown key name 'asdf' in section '(null)', ignoring. After: /etc/kernel/install.conf:6: Unknown key 'asdf', ignoring. Also make the message a bit better.
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-18 20:06:33 +0100