* 7de88c66bd Do not mark symlinks as %ghost
* 92c16c1dab Let systemd-{sysusers,shared} conflict with older systemd
* ed6b885327 Version 257.6
* 5a53eac13c Package pcrlock files together with systemd-pcrlock
* 2192e86112 Move mount.ddi symlinks to -container subpackage
* 451184cbea Revert "Disable freezing of user sessions"
* f6af46db12 Backport adb/fastboot udev rules (BZ#2356537)
* f6b814cc0f Backport CI fix
* d304477023 Version 257.5
* 2dc224ae5d Update systemd to version 257.6 / rev 448 via SR 1281804
* 15818e66dd Update systemd to version 257.5 / rev 447 via SR 1278063
* 2480ac89f0 Update 000product to rev 4383
* c381cdada8 update 2025-04-11 16:42
* bb036b2b8e Update systemd to version 257.4 / rev 444 via SR 1252776
* 55ae12d80b Update systemd to version 257.3 / rev 443 via SR 1249841
* a7fcf45b77 Update systemd to version 257.3 / rev 442 via SR 1247443
* 15cb472aeb upgpkg: 257.6-1: new upstream release
* 1c11767e01 upgpkg: 257.5-3: backlight: Drop support for actual_brightness
* 489e88099e upgpkg: 257.5-2: fast-forward to current v257-stable
Yu Watanabe [Mon, 16 Jun 2025 08:55:11 +0000 (17:55 +0900)]
manager: also restart stub listner on reload
Previously, the extra stub listners were stopped but new ones were not
started. Also, the main stub listners were not restarted, hence the
new settings were not applied. This fixes the above two issues.
Note, to fix the issue, we need to keep CAP_NET_BIND_SERVICE capability
to make it allow to bind stub listner later.
Yu Watanabe [Mon, 16 Jun 2025 08:51:49 +0000 (17:51 +0900)]
resolve: several cleanups for manager_dispatch_reload_signal()
- set defaults after all existing configs and setups cleared,
- mention failures are ignored in log messages,
- drop one redundant log message,
- do not return negative errno but exit event loop on critical failure.
Yu Watanabe [Mon, 16 Jun 2025 07:42:38 +0000 (16:42 +0900)]
network/tunnel: rename Ip6TnlMode to TunnelMode
This also makes ip6tnl can be created without specifying Mode= setting,
as the kernel accepts new-link netlink message without the
IFLA_IPTUN_PROTO attribute.
No effective functional change, just refactoring and preparation for
later change.
nsresourced: make sure "tun" driver is properly loaded and accessible
We need access to /dev/net/tun, hence make sure we can actually see
/dev/. Also make sure the module is properly loaded before we operate,
given that we run with limit caps. But then again give the CAP_NET_ADMIN
cap, since we need to configure the network tap/tun devices.
Yu Watanabe [Thu, 12 Jun 2025 09:25:54 +0000 (18:25 +0900)]
udev/rules.d: import hwdb before calling net_id builtin
The commit cdcb1eeeb883b2ecb3992865f458f874900ddb87 adds
ID_NET_NAME_INCLUDE_DOMAIN property support in net_id builtin.
The property is basically set through hwdb. However, previously hwdb was
imported after calling net_id builtin, hence when net_id is called, the
property was never set.
This makes hwdb is imported before calling net_id builtin, so that the
property is set when net_id is called if hwdb has an entry about that
for the interface.
Yu Watanabe [Fri, 13 Jun 2025 08:12:19 +0000 (17:12 +0900)]
network/dhcpv4: add ability to use BOOTP (#34888)
BOOTP can be used to sign a static IP to clients. Instead of using the
four message exchange, and Option 53 (DHCP Message Type) there is only a
two message exchange.
Add the following network option to enable BOOTP:
[DHCPv4]
BOOTP=yes
This will allow a two message request / reply sequence that doesn't
require DHCP message types.
Colin Foster [Wed, 30 Oct 2024 01:50:58 +0000 (20:50 -0500)]
sd-dhcp-client: add ability to support bootp
BOOTP can be used to sign a static IP to clients. Instead of using the
four message exchange, and Option 53 (DHCP Message Type) there is only a
two message exchange. This adds the support for this exchange.
Yu Watanabe [Wed, 11 Jun 2025 09:05:46 +0000 (18:05 +0900)]
network: also check ID_NET_MANAGED_BY property on reconfigure
Previously, the property was checked only when an uevent is received,
so even if an interface has ID_NET_MANAGED_BY property, the interface
will be configured by networkd when reconfiguration is triggered e.g.
when interface state is changed.
Yu Watanabe [Wed, 11 Jun 2025 04:02:27 +0000 (13:02 +0900)]
login: drop unnecessary dependency to libacl
With c960ca2be1cfd183675df581f049a0c022c1c802, logind does not handle
ACL anymore, but triggers events for udevd and udevd updates ACL.
Hence, libacl is not necessary for logind.
Luca Boccassi [Tue, 10 Jun 2025 22:07:26 +0000 (23:07 +0100)]
add parameter to specify hash alg used for PKCS#1 signature in PKCS#7 creation (#37794)
The pkcs7_new() function currently uses the hash algorithm from the X509
certificate's signature, but the content signature may use a different
hash algorithm. This adds a parameter to allow specifying what hash
algorithm the content signature generation used.
Dan Streetman [Fri, 6 Jun 2025 16:31:40 +0000 (12:31 -0400)]
openssl: add hash_algorithm parameter to pkcs7_new()
The pkcs7_new() function currently uses the hash algorithm from the X509
certificate's signature, but the content signature may use a different hash
algorithm. This adds a parameter to allow specifying what hash algorithm the
content signature generation used.
Daniel Foster [Mon, 26 May 2025 15:08:38 +0000 (01:08 +1000)]
socket-activate: add --now option
Add a --now option that starts the program instantly, instead of waiting for a
connection on the socket. This is useful, for instance, when developing:
Say I have a Rust, socket-activated web service. I can test it with:
systemd-socket-activate -l 8080 --fdname=http cargo run
However this delays running the service (which potentially involves compilation)
to when I try to connect to it, which wastes time. Since it delays compilation,
I also don't see any warning or errors in the code until it gets a connection
either.
The name's now a bit of a misnomer, since starting the service immediately isn't
really socket activation, but oh well ¯\_(ツ)_/⁻
Daniel Foster [Mon, 26 May 2025 14:29:13 +0000 (00:29 +1000)]
socket-activate: validate more argument combinations earlier in runtime
Check user configuration errors and warnings (e.g. more than one socket passed
with --inetd) earlier in runtime. There's no reason not to do this, and it means
invalid configuration will be reported to the user earlier.
Also let the user know that --fdname= has no effect with --inetd.
Yu Watanabe [Sat, 7 Jun 2025 19:19:46 +0000 (04:19 +0900)]
meson: update generating lists
- config.h is not necessary when generating lists, hence drop it.
- linux/audit.h and libaudit.h are included by missing_audit.h,
hence not necessary to include them explicitly.
Yu Watanabe [Mon, 9 Jun 2025 04:59:39 +0000 (13:59 +0900)]
include: net/if.h requires features.h
The header uses __THROW, which is defined in features.h, to make the
header self-consistent.
Note, src/basic/include/sys/mount.h also uses __THROW, and includes
features.h.
Yu Watanabe [Mon, 9 Jun 2025 00:43:52 +0000 (09:43 +0900)]
journal: use poll.h rather than sys/poll.h
This does not change anything, as poll.h is a one-line wrapper of sys/poll.h.
Note that man pages e.g. poll(2) indicate to include poll.h rather than sys/poll.h.
So, let's use poll.h.
Yu Watanabe [Sun, 8 Jun 2025 20:11:01 +0000 (05:11 +0900)]
utmp-wtmp: replace _PATH_WTMPX -> WTMPX_FILE
_PATH_WTMPX is a kind of internal definition in glibc, and
WTMPX_FILE should be an exposed definition. Both are same,
let's use WTMPX_FILE.
Note, for utmp, we use UTMPX_FILE, rather than _PATH_UTMPX.
Let's use consistent macros.
Yu Watanabe [Sun, 8 Jun 2025 23:33:36 +0000 (08:33 +0900)]
forward: also include paths.h
It provides several important constants, especially _PATH_BSHELL, which
is used in PID1, executor, and run. The header has been included
indirectly through e.g. libmount.h, mntent.h, utmpx.h, and so on.
Let's explicitly include it in forward.h, as libmount.h and friends that
includes paths.h are irrelevant to _PATH_BSHELL, and we may easily fail
to build when code is touched.
The header is not heavy, hence should not hurt anything.
Yu Watanabe [Sun, 8 Jun 2025 01:04:45 +0000 (10:04 +0900)]
libcrypt-util: include random-util.h
Necessary for crypto_random_bytes(), which is used in the branch that
HAVE_CRYPT_GENSALT_RA is false. Unfortunately, our CIs tested only the
other branch.
projects / thirdparty / systemd.git / log
