| Commit message (Collapse) | Author | Files | Lines |
|---|
|
We can break if KEYCTL_READ return value is equal to our buffer size.
From keyctl(2):
On a successful return, the return value is always the total size of
the payload data. To determine whether the buffer was of sufficient
size, check to see that the return value is less than or equal to the
value supplied in arg4.
|
|
Follow-up for 0d588deae21234c9a9d64d9eddbcbe7da5c9a39d.
In that commit the output got moved a 2 chars to the right, hence make
sure to also shift the cgroup tree to the right, so that it gets
properly aligned under the cgroup path again.
|
|
cryptsetup introduced optional locking scheme that should serialize
unlocking keyslots which use memory hard key derivation
function (argon2). Using the serialization should prevent OOM situation
in early boot while unlocking encrypted volumes.
|
|
If the zeroth and first argv[] element on the same we don't need to
generate the "@" syntax for ExecStart= and friends.
|
|
|
|
|
|
If udevd receives an exit signal, it releases its reference on the udev
monitor in manager_exit(). If at this time a worker is hanging, and if
the event timeout for this worker expires before udevd exits, udevd
crashes in on_sigchld()->udev_monitor_send_device(), because the monitor
has already been freed.
Fix this by testing the validity of manager->monitor in on_sigchld().
|
|
This reverts commit 5db454b8031c58a743cc4ee3d5d1dd01dcff17e8.
See https://github.com/systemd/systemd/issues/14128
|
|
EOF is defined to -1, hence on platforms that have "char" unsigned we
can't compare it as-is, except if we accept an implicit cast. let's make
it an explicit cast, acknowledging the issue.
Fixes: #14118
|
|
|
|
anycast or nat (#14148)
Also, if Type=multicast and scope is not set, then assume Scope=link.
Fixes #14122.
|
|
OnTimezoneChange=
|
|
|
|
Let's bypass /proc if we can.
|
|
Let's bypass /proc if we can.
|
|
systemd.nspawn(5) contained a partial repeat of the stuff that is now in the
dedicated man page. Let's just refer to that.
While at it, do s/searched/searched for/ where appropriate and reword some
sentences for brevity.
|
|
|
|
The original PR was submitted with CPUSetCpus and CPUSetMems, which was later
changed to AllowedCPUs and AllowedMemmoryNodes everywhere (including the parser
used by systemd-run), but not in the parser for unit files.
Since we already released -rc1, let's keep support for the old names. I think
we can remove it in a release or two if anyone remembers to do that.
Fixes #14126. Follow-up for 047f5d63d7a1ab75073f8485e2f9b550d25b0772.
|
|
Fixes: https://github.com/systemd/systemd/issues/14116
|
|
|
|
Resolves #14137. Error introduced in 337b733449924860eb71190e6eff95729909ede6.
|
|
In those two pages, we need to include individual entries with xi:include to
merge the list less-variables.xml with the other entries, which is obviously
error prone. All variables are supported in both tools so add them.
|
|
See inline comments. Fixes #13752.
|
|
Fixes #14127.
|
|
This commit fix the accelerometer orientation on the Jumper EZpad
Go tablet.
The tablet does not have its product name filled in dmi table, make
the match string a bit generic. Here we assume that the use of a
KIOX000A + bios-vendor + chassis-type combo is unique enough to
match the currently available product in Jumper's x86 tablet series.
For future reference, as in 2019, the tablet has a dmialias of:
dmi:bvnAmericanMegatrendsInc.:bvrZB-BI-11.6-SF133AR200-059-J \
:bd05/21/2019:svnjumper:pnEZpad:pvrTobefilledbyO.E.M.:rvnTob \
efilledbyO.E.M.:rnTobefilledbyO.E.M.:rvrTobefilledbyO.E.M.:c \
vnTobefilledbyO.E.M.:ct31:cvrTobefilledbyO.E.M.:
|
|
|
|
Fixes: systemd-tmpfiles-clean.timer: Refusing to start, unit
systemd-tmpfiles-clean.service to trigger not loaded.
|
|
I see we log this during every boot, even though it is a routine expected event:
Nov 12 14:50:01 krowka systemd[1]: systemd-journald.service: Service has no hold-off time (RestartSec=0), scheduling restart.
(and for other services too). Let's downgrade this to debug level.
https://bugzilla.redhat.com/show_bug.cgi?id=1614871
|
|
|
|
|
|
concurrent connections
Use the official glibc API for determining this parameter. In most other
cases in our tree it's better to go directly for RLIMIT_NOFILE since
it's semantically what we want, but for this case it appears more
appropriate to use the friendlier, shorter, explicit API.
|
|
We want to use this code in NSS modules, and we never know the execution
environment we are run in there, hence let's move our fds up to ensure
we won't step into dangerous fd territory.
This is similar to how we already do it in sd-bus for client connection
fds.
|
|
|
|
No functional change.
|
|
Before, we'd unref from machine_stop_unit, still keeping the unit name around,
and only forget the name later, when garbage collecting. If we didn't call
manager_stop_unit(), then we wouldn't do the unref. Let's unref at the same
point where we do garbage collection, so that it is always true that
iff we have the name generated with AddRef=1, then have a reference to the unit,
and as soon as we forget the name, we drop the reference.
This should fix the issue when repeated systemd-nspawn --register=yes fails
with "scope already exists" error.
Incidentally, this fixes an error in the code path where r was used instead of q.
|
|
It is called from only one place, and we can make things simpler by calculating the
necessary stuff directly in the function. No functional change.
|
|
Having this function which is called only from one place in a separate file
makes the code harder to follow. In preparation for subsequent changes, let's
make it static.
|
|
Without out at least a debug log line it is hard to figure out when something
goes wrong.
Reduce scope of a variable while at it.
|
|
|
|
|
|
|
|
|
|
|
|
Some options would appear twice in the index, e.g. --collect= and
--collect. Some man pages use one form, some the other, and the argument
might be mandatory for some commands but not others. Anyway, let's display
them as one entry, to reduce the total number of items listed.
|
|
When wrong element types are used, directives are sometimes placed in the wrong
section. Also, strip part of text starting with "'", which is used in a few
places and which is displayed improperly in the index.
|
|
We nowadays prefer positive options over negative.
|
|
|
|
variable gracefully
Apparently some firmwares don't allow us to write this token, and refuse
it with EINVAL. We should normally consider that a fatal error, but not
really in the case of "bootctl random-seed" when called from the
systemd-boot-system-token.service since it's called as "best effort"
service after boot on various systems, and hence we shouldn't fail
loudly.
Similar, when we cannot find the ESP don't fail either, since there are
systems (arch install ISOs) that carry a boot loader capable of the
random seed logic but don't mount it after boot.
Fixes: #13603
|
|
|
|
|
