journalctl: tighten rules on parsing namespace journal dir suffixes
The dot must follow the machine ID immediately, let's check for that.
Also, I think it's generally better to parse the machine ID and then
comparing it, instead of comparing the string representation. That's
more in line how we usually do it, as we parse 128bit IDs generally
case-insensitively.
udevadm-control: check if control command really specified
Previously, 'udevadm control' only checked the number of the arguments.
So, if only `--timeout` is specified, it spuriously did nothing and succeeded.
This makes the command request at least one control command.
units: order repart after systemd-tpm2-setup-early.service
This mimics what we do for systemd-cryptsetup@.service (see
src/shared/generator.c), and makes sense since repart might lock up the
root volume against a TPM, which ideally has its SRK already set up by
then.
More importantly though, this ensures that we ordered correctly after
tpm2.target (which systemd-tpm2-setup-early.service has a dependency
on), for systems where the TPM drivers are not compiled into the kernel.
* fix error
* remove options that are no longer supported
* add missing options
* stop completion if an option `--help` or `--version` is supplied
[[[
zjs: a note for the reader:
zshcompsys(1) in the section about optspecs in _arguments says:
> Each of the forms above may be preceded by a list in parentheses of option names and argument num‐
> bers. If the given option is on the command line, the options and arguments indicated in parentheses
> will not be offered. For example, ‘(-two -three 1)-one:...' completes the option ‘-one'; if this ap‐
> pears on the command line, the options -two and -three and the first ordinary argument will not be
> completed after it. ‘(-foo):...' specifies an ordinary argument completion; -foo will not be com‐
> pleted if that argument is already present.
>
> Other items may appear in the list of excluded options to indicate various other items that should
> not be applied when the current specification is matched: a single star (\*) for the rest arguments
> (i.e. a specification of the form ‘\*:...'); a colon (:) for all normal (non-option-) arguments; and a
> hyphen (-) for all options. For example, if ‘(\*)' appears before an option and the option appears on
> the command line, the list of remaining arguments (those shown in the above table beginning with
> ‘\*:') will not be completed.
The intended effect of the change is to remove irrelevant completion matches from the completion.
As it breaks relative links to other pages. For example, the
BOOT_LOADER_INTERFACE page has a relative link to
AUTOMATIC_BOOT_ASSESSMENT. With a slash in the page's permalink, that
link leads to:
We have various tools that log directly to the console, as well as
pid1 which logs directly to the console when running in a container.
Let's make sure that we don't log debug messages to the console by
default, but keep the behavior when running in CI.
mkosi just learned to do natively what we currently do with environment
variables and a postinst script, so let's update to the latest version
and start using the new settings instead.
Mike Yuan [Sat, 13 Apr 2024 14:42:22 +0000 (22:42 +0800)]
core/execute: also check cg_is_threaded for clone3()
Prompted by #32259
We already have this check in exec_invoke(), i.e. child.
But if CLONE_INTO_CGROUP is used, the failure would
occur on parent's side, so do the check there too.
fuzz: check that resource records are serialized successfully
It shouldn't fail at that point.
It's prompted by the "Structure needs cleaning" thing that keeps popping
up in various places like
https://github.com/systemd/systemd/pull/30952#discussion_r1553181309 and
https://github.com/systemd/systemd/issues/31708.
test: add instructions on how to run Coverity locally
This requires a Coverity license, so the usefulness of the instructions
is somewhat limited, but at least I won't have to re-discover everything
from scratch when I need to debug something Coverity-related again in the
future.
meson: do not fail build with newer kernel headers
systemd-255 is failing a build with the latest kernel headers… Let's downgrade
this warning, because it's fine if there's a file system we don't know about
and it makes thing less brittle if we don't treat this as a hard error.
(I initially conditionalized this on BUILD_MODE, but I don't think we need a
hard error there either. A warning will be noticed and fixed.)
From RFC 4861 section 6.3.4:
> Note, however, that a Prefix Information option with the on-link flag
> set to zero conveys no information concerning on-link determination and
> MUST NOT be interpreted to mean that addresses covered by the prefix
> are off-link.
So, we should not drop previously configured routes when receieved a RA
with Prefix Information option without on-link flag.
projects / thirdparty / systemd.git / log
