]> git.ipfire.org Git - thirdparty/systemd.git/commit
projects / thirdparty / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2c751f3) | patch
sysext: Get verity user certs from given --root=
authorKai Lueke <kailuke@microsoft.com>
Thu, 27 Nov 2025 08:49:15 +0000 (17:49 +0900)
committerYu Watanabe <watanabe.yu+github@gmail.com>
Sun, 4 Jan 2026 21:53:50 +0000 (06:53 +0900)
commitfd8a1deb0b17f040ca14c5d3c293dffdb7024ceb
tree39b471ffa427df6f49461373dcc6a9f597069fa4tree | snapshot
parent2c751f342064ddbddade852c26ea8978a2a70bcecommit | diff
sysext: Get verity user certs from given --root=

The verity user certs weren't looked up in the given --root= for
systemd-sysext which made it fail to set up extensions with a strict
image policy.
Look up verity user certs from inside the --root= when we operate on
images in it. The main use case where this matters is when the initrd
sets up the extensions for the final system and thus systemd-sysext
should do the same thing as it would do in the final system.
src/core/namespace.c diff | blob | blame | history
src/machine/image-dbus.c diff | blob | blame | history
src/machine/machined-varlink.c diff | blob | blame | history
src/mountfsd/mountwork.c diff | blob | blame | history
src/portable/portabled-image-bus.c diff | blob | blame | history
src/shared/discover-image.c diff | blob | blame | history
src/shared/discover-image.h diff | blob | blame | history
src/shared/dissect-image.c diff | blob | blame | history
src/shared/dissect-image.h diff | blob | blame | history
src/sysext/sysext.c diff | blob | blame | history
test/units/TEST-50-DISSECT.sysext.sh diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.