Gerd Hoffmann [Tue, 19 Mar 2024 13:49:51 +0000 (14:49 +0100)]
sd-boot: add support for support enrolling dbx
usage:
(1) get latest revocation list for your architecture
from https://uefi.org/revocationlistfile
(2) copy the file to $ESP/loader/keys/$name/dbx.auth
Luca Boccassi [Wed, 20 Mar 2024 12:55:02 +0000 (12:55 +0000)]
test: delete private images on clean-again
Private images are not reused, they are unique to tests, so delete them
as they take a lot of disk space, and we are starting to run in /var/tmp
space issues on the Ubuntu CI
If one of the cursor option is specified, we first seek to the cursor position.
So, the current position may be out of the time range specified by --until,
and we need to verify the timestamp of the current position.
sd-device: use strdup_to() and rename output param
device_open_from_devnum() returns two things: the devname via
an output param, and the fd via the return value. Rename the param
to signal that it's not the only return channel.
I didn't know that this helper existed… It is very similar to strdup_to_full(),
but all callers can actually be replaced by strdup_to(), which has more fitting
semantics.
basic/socket-util: use strdup_to() in sockaddr_pretty()
The function was written to support ret==NULL, but the only caller always
passes ret, and sockaddr_pretty() also requires ret to be set, so that
half-implemented code wasn't very useful.
basic/fileio: use strdup_to_full() in read_stripped_line()
The return value of read_stripped_line() is changed. Before we'd return the
number of characters read, but that number was not meaningful after we called
strstrip(). So just return 0 if nothing was read (EOF), and 1 if something was
read (not EOF). All the callers were only checking for <0 or ==0.
It's a bit ugly to have both strdup_to() and strdup_to_full(). I initially
started with one variant, but then in some functions we want the additional
info, while in many other places, having 1 instead of 0 causes the return
value of whole chains of functions to be changed. It *probably* wouldn't cause
any difference, but there is at least of bunch of tests that would need to be
updated, so in the end it seems to have the two variants.
The output param is first to match free_and_strdup() and other similar
functions.
Jan Macku [Wed, 20 Mar 2024 11:37:18 +0000 (12:37 +0100)]
ci(freezer): update `devel-freezer` GHA to `v1.1.0`
The new version of `devel-freezer` GitHub Action adds support for milestones, labels, and more. Now, when the `rc` tag is published, it won't post a development freeze comment on PRs included in the next milestone.
This commit also sets a delay of the 20s for PR validation to give some time for updating labels and milestones on submitted PRs.
basic/missing_*.h: add asserts that the values are as expected
It's great that we provide fallback values, but if we got one of those wrong,
it could be a long time before anyone noticed. So let's add asserts that the
our internal defines actually match the official ones, when the latter are
available.
I did not add '#include "macro.h"' to missing_{audit,capability}, because
those are processed by an awk script that would need additional include
directories and could be confused by the additional lines. We don't include
those headers standalone anyway, so this is not necessary anyway.
Gerd Hoffmann [Mon, 18 Mar 2024 16:04:22 +0000 (17:04 +0100)]
kernel-install: fix uki-copy deinstall
For "kernel-install remove ..." only the kernel version is passed, not
the kernel image. So auto-detecting KERNEL_INSTALL_IMAGE_TYPE and
setting KERNEL_INSTALL_LAYOUT does not work for uninstall.
The 90-uki-copy.install plugin must consider this and *not* exit early
for the "remove" command, otherwise $BOOT_ROOT will be filled with stale
kernel images.
NamespaceId is inconsistent with our general spelling rules which say that
capitalization of acronyms should not be changed when they are concatenated in
CapitalizedCamelCase strings. But NamespaceId was added in f2ef8b28a5266a0070b0cb8b6375e418a5300975, before v249, so it's too late to
change it. OTOH, NamespaceNSID cannot really be spelled in any other way.
"NamespaceNsid" would be quite bad. So let's just ignore the inconsistency in
naming, this seems to be the least bad option.
Naming is always a matter of preference, and the old name would certainly work,
but I think the new one has the following advantages:
- A verb is better than a noun.
- The name more similar to "the competition", i.e. 'sudo', 'pkexec', 'runas',
'doas', which generally include an action verb.
- The connection between 'systemd-run' and 'run0' is more obvious.
There has been no release yet with the old name, so we can rename without
caring for backwards compatibility.
units: add one more equivalency of '-' in '_' on kernel cmdline
c0aeff4b999318d4da48328fff0ea93c8c457ace added this in one unit file, but the
same problem occurs here. (There are no other files where this would apply.)
I think we should solve this systematically somehow, but it's not clear how to
do that, so until we have that better solution, let's apply the manual solution
so that our units work as expected.
Unique-Usman [Fri, 15 Mar 2024 22:34:11 +0000 (04:04 +0530)]
Add a set of assertion macros to tests.h
(ASSERT_OK(), ASSERT_EQ(), ASSERT_GE(), ASSERT_LE()) that log the failed condition before crashing and convert test-gpt.c test file to use them
Yu Watanabe [Wed, 13 Mar 2024 17:28:06 +0000 (02:28 +0900)]
unit/network: use ProtectSystem=strict again
Now, networkd accesses the state directory through the file descriptor
passed from systemd-networkd-persistent-storage.service.
Hence, the networkd itself does not need to access the state directory
through its path, and we can use more stronger mode for ProtectSystem=.
Yu Watanabe [Fri, 15 Mar 2024 15:55:10 +0000 (00:55 +0900)]
network/varlink: pass file descriptor of state directory with SetPersistentStorage method
The state directory is owned by systemd-networkd-persistent-storage.service,
at least technically. Let's not directly access the storage through the path,
but through the fd.
Ronan Pigott [Mon, 18 Mar 2024 20:05:07 +0000 (13:05 -0700)]
resolved: request DS with DNSKEY
When validating, when we lookup a DNSKEY for validation we will almost
certainly need the corresponding DS to complete the chain of trust.
Let's go ahead and request it right away so that we don't have to wait
in this common case.
Ronan Pigott [Mon, 18 Mar 2024 01:02:22 +0000 (18:02 -0700)]
resolved: don't request the SOA for every dns label
When validating insecure delegations we don't actually need to request
the SOA for every single dns label. We need the DS records for the zone,
and we can seek them by querying for DS directly (in case we are at a
zone cut) and then following the SOA referrals or the parent name until
we have found a chain of trust.
Extra transactions and roundtrips, especially transactions for RRs that
aren't actually needed to validate and therefore aren't likely to be in
the recursive resolver's own cache are a big slowdown during validation.
Consequently, this change results in an enourmous speed up in validating
most names from our own cold-cache (10x or more), by eliminating a large
number of superfluous dnssec transactions.
Adrian Vovk [Thu, 14 Mar 2024 21:11:36 +0000 (17:11 -0400)]
homed: Minor function name cleanup
It's not actually a dbus method, just function that all the various dbus
methods end up calling to update the user record. So rename it to
reflect as such
Daan De Meyer [Mon, 18 Mar 2024 15:20:00 +0000 (16:20 +0100)]
mkosi: Install python3-pefile in OpenSUSE image
ukify is part of systemd-experimental on OpenSUSE and not its own
package. Because the OpenSUSE systemd maintainers do not want to
introduce a python dependency for systemd-experimental, we have to
install python3-pefile manually to make sure ukify works properly.
Nick Rosbrook [Fri, 15 Mar 2024 19:14:05 +0000 (15:14 -0400)]
shared/install: correctly install alias for units outside search path
Currently, if a unit file is enabled from outside of the search path,
and that unit has an alias, then the symlink ends up pointing outside of
the search path too. For example:
$ systemctl enable /tmp/a.service
Created symlink /etc/systemd/system/a.service → /tmp/a.service.
Created symlink /etc/systemd/system/b.service → /tmp/a.service.
Created symlink /etc/systemd/system/multi-user.target.wants/a.service → /tmp/a.service.
This then means the alias is treated as a separate unit:
$ systemctl start a.service
$ sudo systemctl status a
● a.service
Loaded: loaded (/etc/systemd/system/a.service; enabled; preset: enabled)
Active: active (running) since Fri 2024-03-15 15:17:49 EDT; 9s ago
Main PID: 769593 (sleep)
Tasks: 1 (limit: 18898)
Memory: 220.0K
CPU: 5ms
CGroup: /system.slice/a.service
└─769593 sleep infinity
Mar 15 15:17:49 six systemd[1]: Started a.service.
$ sudo systemctl status b
○ b.service
Loaded: loaded (/etc/systemd/system/b.service; alias)
Active: inactive (dead)
To fix this, make sure the alias uses a target that is inside the search
path. Since the unit file itself is outside of the search path, a
symlink inside the search path will have been created already. Hence,
just point the alias symlink to that recently created symlink.
Ronan Pigott [Fri, 15 Mar 2024 20:52:30 +0000 (13:52 -0700)]
resolved: wait to gc transactions if they might still give an answer
In some cases when a query completes there are still pending
transactions that are no longer useful to answer the query. But if this
query is repeated in the future and we don't have the answers cached,
we're going to ask and ignore the answer again.
Instead of purging these superfluous transactions, let's wait and see if
they produce an answer, since we already asked the question, and use it
to fill our cache.
projects / thirdparty / systemd.git / log
