Note, previously, we set 1 second if the time value is zero.
But the adjustment is dropped now, as for the lifetime we have explicit
check that the message has non-zero lifetime, and for T1 and T2 we have
better adjustment in client_set_lease_timeouts().
This splits sd_dhcp6_lease_get_address() into small pieces,
and introduce FOREACH_DHCP6_ADDRESS() macro.
Also, the lifetimes provided by _get_address_lifetime() are now in usec,
and _get_address_lifetime_timestamp() provides timestamp.
Otherwise, sd_journal_previous() -> real_journal_next(DIRECTION_UP) ->
next_beyond_location() wrongly handles that previously we hit EOF of
the file, and returns 0 without finding a matching entry.
Let's replace the "compat" module in our proposed nsswitch.conf
configuration with "files", since it is not 1995 anymore.
Fedora and other distros have deprecated and removed NIS support a while
back. While others still retain some support I am not sure we should
advertise it in our examples. Downstream can of course still use
"compat" instead of "files" if they want to, but let's not confuse
people who don't care about NIS anymore with this.
Also, bring the nsswitch.conf snippet in README in line with what our
man pages say.
Also see: https://fedoraproject.org/wiki/Changes/retire_NIS_user_space_utils
Valentin David [Tue, 19 Sep 2023 18:31:04 +0000 (20:31 +0200)]
dissect: Accept signature for usr+usr-verity+usr-verity-sig images
An image with usr+usr-verity+usr-verity-sig without sidecar files would not be
detected as signed because it would looke for root-verity-sig instead. Because
dissect was not able to detect it, it also made /usr sysexts using an usr
partition to not be mounted with verity.
Also adds a brief paragraph about initrd transitions. (Plymouth really
should start using the fdstore for pinning DRM objects, and stop trying
to survive the initrd→host transition)
This compares two PidRef structures via the pid_t field. Ideally we'd do
a stricter comparison here, that is safe towards PID reuse, but so far
the pidfd API lacks suitable mechanisms for that, hence do the best we
can do.
DTBs can map and assign arbitrary memory ranges. The kernel refuses
to load one from the dtb= kernel command line parameter when secure
boot is enabled, as it's not safe. Let's do the same for type 1
entries, as they are unverified.
This only affects arm64 and riscv64, firmwares do not support DTB
on x86.
scope: only stop watching processes when we go down
Let's not stop watching processes on every scope state change. This
corrects behaviour when a scope is being enqueued and hasn't started
yet, but has processes associated to it already. previously, if we'd doa
full PID 1 reload we'd stop watching those pids. With this change we'll
continue watching them in that case, and only stop watching them when
the scope unit really shuts down after first being up.
We only need a separate mount namespace if we're operating on a
btrfs block device so let's make sure we only unshare the mount
namespace if that's the case.
boot: use separate SBAT project names for stub and boot
The implementations are not 100% overlapping, so use different identifiers, so
that revocations can be done independently. e.g.: a bug that affects only
sd-boot won't necessarily cause old UKIs to be revoked.
This calculates the physical offset of a file on btrfs,
similar to what FIEMAP does on other filesystems.
The implementation should generally be kept in sync with
btrfs-progs' inspect-internal map-swapfile command:
https://github.com/kdave/btrfs-progs/blob/92d04d4780886a9850716e5529f1dace97779931/cmds/inspect.c#L1516
where we got strong feedback that, for 'switched' layout setups
like Russian, US English should be the *first* layout and the
native layout the *second* one. This is how anaconda and, as of
recently, gnome-initial-setup configure such cases - but that
means, if we try to use localed to convert these configurations
using kbd-model-map, we get the wrong result (we get "us" as the
console layout). See also:
Adam Williamson [Fri, 15 Sep 2023 22:35:36 +0000 (15:35 -0700)]
find_legacy_keymap: fix empty variant matching
We should give a match bonus if the X context variant is empty
and the xvariant column in kbd-model-map is "-" (which means
none). Currently, we don't, which means that if you call this
on a context with layouts bg,us and no variant, you get the
console layout bg_pho-utf8 instead of bg_bds-utf8 (because both
score the same, and the bg_pho-utf8 row comes first). You should
get bg_bds-utf8 in this case.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
As I noticed a lot of missing information when trying to implement checking
for missing info. I reimplemented the version information script to be more
robust, and here is the result.
core: port unit_main_pid() + unit_control_pid() to PidRef and drop unit_kill_common()
This ports over unit_main_pid() + unit_control_pid() to return PidRef*
pointers (which also means the underlying UnitVTable function pointers
are changed accordingly).
This then uses te functions to simplify the unit_kill() call, by
avoiding the kill() vtable indirection and instead just suing
unit_main_pid() and unit_control_pid() directly.
core: add new "PollLimit" settings to .socket units
This adds a new "PollLimit" pair of settings to .socket units, very
similar to existing "TriggerLimit" logic. The differences are:
* PollLimit focusses on the polling on the sockets, and pauses that
temporarily if a ratelimit on that is reached. TriggerLimit otoh
focusses on the triggering effect of socket units, and stops
triggering once the ratelimit is hit.
* While the trigger limit being hit is an action that causes the socket
unit to fail the polling limit being reached will just temporarily
disable polling on the socket fd, and it is resumed once the ratelimit
interval is over.
* When a socket unit operates on multiple socket fds (e,g, ListenStream=
on both some ipv6 and an ipv4 address or so). Then the PollLimit will
be specific to each fd, while the trigger limit is specific to the
whole unit.
Implementation-wise this is mostly a wrapper around sd-event's
sd_event_source_set_ratelimit(), which exposes the desired behaviour
directly.
Usecase for all of this: socket services which when overloaded with
connections should just slow down reception of it, but not fail
persistently.
logind: slightly tweak error message about not enough swap for hibernation
Let's tweak the message if not enough swap is around slightly: systems
might have plenty swap backed by incompatible storage (specifically:
swap files on btrfs), but we (currently) do not support hibernating to
that.
Hence let's say *suitable* swap space and talk about *compatibility* of
backing storage.
Hopefully this will make things a bit clearer to users.
As pointed out in the review, all this applies to the user services too, so are
not managed by the "init system", but by the more generic "service manager".
Also:
- use oxford comma
- change "employ" to "use" in various places
- change "the init system forwards messages to syslog" to "are forwarded to
syslog". This is done by systemd-journald, so really there is no forwarding,
because systemd-journald just writes them to a file in the common setup,
so let's use the passive form to avoid specifying who does this.
This conceptually reverts e95acdfe1d3a790e18617bb992a712b34f41800d,
but the actual contents of the script are taken from the command invocation
in meson with all the updates that happened in the meantime.
One small change is that I replaced () by {}: this avoids one subprocess spawn.
People were worried about the cost of vcs_tag(), and this microoptimization may
help a bit. I measured the speed on machine, and noop rebuilds are still about
100–120 ms.
The logic is entirely moved to the script. This makes the meson config simpler
and also makes it easier to use it externally.
The script is needed for in-place rpm builds, see README.build-in-place.md [1],
where it is invoked from the spec file to determine the project version.
vimrc: explicitly set shiftwidth for the C file type
If you start editing a shell script and then open a buffer with a C
file, the shiftwidth set by the previous autocommand for the sh file
type would not be reset to the original (global) 8ch. Let's fix this by
explicitly setting the shiftwidth in the C file type autocommand as
well.
man: drop duplicate .uname documentation, add .sbat documentation
This fixes the PE section documentation in the systemd-stub man page:
for some reason .uname was listed twice, and .sbat was still missing.
Address that.
Also, let's reorder things to to match the "canonical" ordering we also
use for measurement in sd-stub. The order makes sense and there's really
no reason to depart from that here.
network: allow to configure multiple IPv6 null addresses with different prefix length
Previously, even if a .network file contains multiple IPv6 null
addresses with different prefix length, only the first setting is applied,
as the remainings are deduped in network_drop_invalid_addresses().
Even though the kernel allows us to change the prefix length of an existing
IPv6 address, we cannot safely change the prefix length of an address
that is originally requested as a null address, as the prefix of the
address may conflict with other addresses if we change it.
We already prohibit to change the prefix length of an existing IPv6
address that is originally requested as a null address. So, we can
safely allow to configure multiple IPv6 addresses from null addresses by
relaxing the dedup logic. The dedup is govern by the hash_ops. This adds
a special handling for IPv6 null addresses.