Karel Zak [Mon, 9 Mar 2026 11:18:20 +0000 (12:18 +0100)]
Merge branch 'patch-27' of https://github.com/mariobl/util-linux
* 'patch-27' of https://github.com/mariobl/util-linux:
Put file types in namei.1.adoc in a table structure
Convert code blocks into tables
Remove backticks from table in terminal-colors.d.5.adoc
Karel Zak [Mon, 9 Mar 2026 11:04:44 +0000 (12:04 +0100)]
lslogins: fix broken GROUP column output
The condition on COL_GROUP incorrectly checked `!grp->gr_name`
instead of `!user->group`. This caused the GROUP column to always
be empty because when gr_name is non-NULL (normal case) the
assignment was skipped, and when gr_name is NULL, xstrdup() would
crash.
Fixes: https://github.com/util-linux/util-linux/issues/4097 Fixes: 52a6e45bfe5ddee1fed20f2f4f7542cac6bf13c9 Signed-off-by: Karel Zak <kzak@redhat.com>
Karel Zak [Mon, 9 Mar 2026 10:25:58 +0000 (11:25 +0100)]
pam_lastlog2: add -lpam to Makemodule.am
If we don't add this, we don't actually link with PAM; compare the
before and after of pam_lastlog2.so -- without -lpam it does not list
libpam.so.0 as a NEEDED dependency.
Signed-off-by: Morgan Jones <me@numin.it> Signed-off-by: Karel Zak <kzak@redhat.com>
terminal-colors.d: (man) do not show 'type' as an optional part
That is: remove the square brackets from around 'type' in the synopsis.
Also, do not give the impression that a leading dot by itself is fine
before the 'type'. That is: a dot is required only when 'name' and/or
'@term' is present.
Also, do not colorize the square brackets as if they were part of the
placeholders. (And use ++double plus++ passthroughs for the opening
square brackets, to prevent asciidoctor from misinterpreting them.)
Indent the list of file types, for clarity.
And correct or improve some wordings, and remove an inconvenient
blank line in an example.
Karel Zak [Thu, 5 Mar 2026 08:35:54 +0000 (09:35 +0100)]
Merge branch 'PR/portability-hurd' of https://github.com/karelzak/util-linux-work
* 'PR/portability-hurd' of https://github.com/karelzak/util-linux-work:
agetty: simplify USE_SYSTEMD ifdef in output_special_char
agetty: introduce USE_NETLINK to separate netlink from reload
agetty: guard netlink-related code with AGETTY_RELOAD
libblkid: guard loop device code with __linux__ in cache
build-sys: move shells.c to common (non-Linux) sources
build-sys: move netlink sources from libcommon to agetty
Karel Zak [Tue, 3 Mar 2026 09:56:38 +0000 (10:56 +0100)]
lsmem: apply --sysroot prefix to all sysfs paths
Tests fail on architectures where /sys/module/memory_hotplug/parameters/
memmap_on_memory does not exist (e.g., loong64), because lsmem reads
from the real /sys instead of the --sysroot directory.
- Route memmap_on_memory read through ul_path API with a local handler
in print_summary(), so --sysroot prefix is respected.
- Apply --sysroot prefix to sysmemconfig (/sys/firmware/memory) before
the memory0 existence check.
Calling printf is not signal safe and in general there are too many
branches in alarm_intr for what it's used for.
Check the signal flag outside of the handler and print messages when
needed. Also, disable the alarm and reset the signal handling when it's
not needed anymore.
Karel Zak [Tue, 3 Mar 2026 11:34:43 +0000 (12:34 +0100)]
agetty: simplify USE_SYSTEMD ifdef in output_special_char
Remove unnecessary duplicate #ifdef USE_SYSTEMD around the else
branch for utmpx-based user counting. Use the same pattern as
USE_NETLINK where the else and opening brace are split across the
endif boundary.
Karel Zak [Tue, 3 Mar 2026 11:30:34 +0000 (12:30 +0100)]
agetty: introduce USE_NETLINK to separate netlink from reload
The netlink functionality (network address display in issue file)
and the reload mechanism (inotify-based) are separate features that
shared the same AGETTY_RELOAD ifdef guard. Additionally, the netlink
code in output_special_char() used a different guard
(#if defined(RTMGRP_IPV4_IFADDR) && defined(RTMGRP_IPV6_IFADDR))
creating inconsistency.
Introduce USE_NETLINK, defined when AGETTY_RELOAD is enabled and
the required RTMGRP constants are available. Use it consistently
for all netlink-specific code (nl field, helper functions, socket
handling, escape sequences \4, \6, \a, \A).
Keep AGETTY_RELOAD for the inotify/reload mechanism only.
Karel Zak [Tue, 3 Mar 2026 11:00:43 +0000 (12:00 +0100)]
agetty: guard netlink-related code with AGETTY_RELOAD
The struct issue nl field and related helper functions use types
and headers (netaddrq.h, linux/netlink.h) that are only available
when AGETTY_RELOAD is defined. Guard the .nl.fd initializations
in main() and show_issue(), and wrap the netlink helper functions
(print_iface_best, print_addrq_bestofall, dump_iface_good,
dump_iface_all) with #ifdef AGETTY_RELOAD.
This fixes compilation on systems without inotify/netlink support
(e.g., GNU/Hurd).
Co-authored-by: Samuel Thibault <samuel.thibault@aquilenet.fr> Signed-off-by: Karel Zak <kzak@redhat.com>
Karel Zak [Tue, 3 Mar 2026 10:42:55 +0000 (11:42 +0100)]
libblkid: guard loop device code with __linux__ in cache
The is_loopdev() and loopdev_has_backing_file() functions from
loopdev.h are Linux-specific. Guard the loop device cache cleanup
in blkid_gc_cache() with __linux__ to allow compilation on
non-Linux systems like GNU/Hurd.
Co-authored-by: Samuel Thibault <samuel.thibault@aquilenet.fr> Signed-off-by: Karel Zak <kzak@redhat.com>
Karel Zak [Tue, 3 Mar 2026 10:41:50 +0000 (11:41 +0100)]
build-sys: move shells.c to common (non-Linux) sources
shells.c uses POSIX setusershell()/getusershell()/endusershell()
which are available on non-Linux systems (e.g., GNU/Hurd). Move it
from the Linux-only section to common libcommon sources.
The meson build already had shells.c in common sources, so only
the autotools build needed fixing.
Co-authored-by: Samuel Thibault <samuel.thibault@aquilenet.fr> Signed-off-by: Karel Zak <kzak@redhat.com>
Karel Zak [Tue, 3 Mar 2026 10:39:14 +0000 (11:39 +0100)]
build-sys: move netlink sources from libcommon to agetty
The netlink and netaddrq sources use Linux-specific headers
(linux/netlink.h, linux/rtnetlink.h) and cannot be compiled on
non-Linux systems like GNU/Hurd.
Move them out of libcommon and link directly into agetty (the only
user), following the same pattern as plymouth-ctrl.c. Also move the
corresponding test programs to the Linux-only section.
Co-authored-by: Samuel Thibault <samuel.thibault@aquilenet.fr> Signed-off-by: Karel Zak <kzak@redhat.com>
Karel Zak [Mon, 2 Mar 2026 11:52:48 +0000 (12:52 +0100)]
Merge branch 'pager_git' of https://github.com/stoeckmann/util-linux
* 'pager_git' of https://github.com/stoeckmann/util-linux:
lib/pager: Drop less workaround
lib/pager: Add LV support
lib/pager: Do not overwrite LESS environment var
libblkid: (probe) Account for IO bias when retrieving buffer from parent
The 'off' variable gets aligned to 'pr->io_size'. However when
delegating to the parent prober, the value for 'off' from the original
function parameter needs to be used.
Undo the bias before calling into the parent prober.
Fixes: 8a534253bc52 ("libblkid: (probe) read data in chunks") Closes: https://github.com/util-linux/util-linux/issues/4078 Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
lib/fileeq: Check arithmetic in ul_fileeq_set_size
Make sure that arithmetics do not overflow data types. Such overflows
could occur with large hardlink options or on 32 bit systems with large
files (due to size_t usage).
If possible, reduce sizes so operations can continue successfully.
Karel Zak [Thu, 26 Feb 2026 10:27:48 +0000 (11:27 +0100)]
tools/checkconfig: strip C comments before macro extraction
Strip C/C++ comments (// line comments, single-line /* */ and
multi-line /* */ blocks) before extracting HAVE_ and ENABLE_ macros.
This avoids false positives from macros mentioned in comments, e.g.
"when HAVE_PIDFD_* ..." in include/pidfd-utils.h.
Karel Zak [Thu, 26 Feb 2026 09:39:08 +0000 (10:39 +0100)]
tools: git-version-bump, accept X.Y-devel version on master branch
Allow "X.Y-devel" as a valid version format, restricted to the master
branch only. Release versions (X.Y, X.Y.Z, X.Y-rcN, X.Y.Z-rcN) still
require a stable/vX.Y branch.
lib/fileeq: Handle large files on 32 bit correctly
The size_t iterator in ul_fileeq could overflow on 32 bit systems with
large file support. If this happens, the intro array is erroneously
overwritten, which could lead to false positive matches later on.
The iterator is checked against a size_t limit in get_digest, which is a
safe operation on 32 and 64 bit architectures.
Karel Zak [Wed, 25 Feb 2026 10:01:02 +0000 (11:01 +0100)]
hexdump: sanitize fiemap ioctl output
Cap fm_mapped_extents to FIEMAP_EXTENTS_BATCH after each ioctl() call
to prevent potential out-of-bounds access if the kernel returns more
extents than requested.
Reported-by: Coverity Scan Signed-off-by: Karel Zak <kzak@redhat.com>
Karel Zak [Wed, 25 Feb 2026 09:47:09 +0000 (10:47 +0100)]
dmesg: add bounds checking to parse_kmsg_timestamp()
Add 'end' pointer parameter to parse_kmsg_timestamp() to validate
buffer boundaries, consistent with parse_syslog_timestamp(),
parse_faclev(), parse_callerid(), and skip_item().
Also remove misleading "for debug messages" comment from the
null-termination in print_kmsg() -- the null-termination is required
for correctness.
Originally reported by Coverity (CID 501581, STRING_NULL). The
Coverity report itself is not valid (the buffer is properly
null-terminated before parsing), but the code was inconsistent --
parse_kmsg_timestamp() was the only parser without bounds checking.
Karel Zak [Wed, 25 Feb 2026 09:21:56 +0000 (10:21 +0100)]
libblkid: fix integer overflows in HFS+ offset calculations
Two 32-bit multiplications using on-disk values can overflow:
- leaf_node_head (uint32_t) * leaf_node_size (uint16_t) used to
calculate leaf_block; overflow produces a wrong block number,
causing reads from incorrect offsets.
- embed_first_block (uint16_t) * alloc_block_size (uint32_t) used to
calculate the embedded HFS+ volume offset; overflow truncates the
result, again causing reads from wrong offsets.
Fix by widening leaf_block and off to uint64_t and casting
multiplication operands. Bogus results from crafted images are then
safely rejected by blkid_probe_get_buffer() bounds checking and
the extent loop exhaustion.
Karel Zak [Wed, 25 Feb 2026 09:14:43 +0000 (10:14 +0100)]
libblkid: fix integer overflow in linux_raid checksum size
The checksum size calculation uses on-disk max_dev (uint32_t) multiplied
by sizeof(dev_roles[0]). On 32-bit systems, this overflows size_t,
resulting in a truncated buffer and checksum computed over wrong data,
potentially allowing crafted images to bypass validation.
Fix by computing in uint64_t. Note that blkid_probe_get_buffer() has
a hardcoded 8 MiB limit, so unreasonably large (but non-overflowed)
values are still safely rejected.
Karel Zak [Wed, 25 Feb 2026 08:58:32 +0000 (09:58 +0100)]
libblkid: fix integer overflow in nvidia_raid size check
The size validation `le32_to_cpu(nv->size) * 4 != NVIDIA_SUPERBLOCK_SIZE`
is subject to 32-bit unsigned integer overflow. A crafted value like
0x4000001E overflows when multiplied by 4, wrapping to 120 and passing
the check. The checksum loop then iterates ~1 billion times, reading
far beyond the 120-byte buffer.
Fix by comparing against the expected count directly without
multiplication. Also add a buffer size parameter to
nvraid_verify_checksum() as defense-in-depth against oversized reads.
Karel Zak [Wed, 25 Feb 2026 08:02:05 +0000 (09:02 +0100)]
Merge branch 'lsfd--socknetns-for-tuntap' of https://github.com/masatake/util-linux
* 'lsfd--socknetns-for-tuntap' of https://github.com/masatake/util-linux:
lsfd: fill SOCK.NETNS column for tuntap
lsfd: load the information of the network namespace behind a tun device
lsfd: (refactor) call ioctl(TUNGETDEVNETNS) from target_fd related methods
lsfd: add stubs of target_fd related methods to cdev_class
tests: (lsfd::*) revise the way to use "$?"
tests: (lsns::*) revise the way to use "$?"
Karel Zak [Wed, 25 Feb 2026 07:55:42 +0000 (08:55 +0100)]
fsck.cramfs: fix off-by-one heap write in do_symlink()
In do_symlink(), the decompressed symlink target is NUL-terminated by
writing outbuffer[size] = 0. The outbuffer is allocated as blksize * 2
bytes, but uncompress_block() can return up to blksize * 2, so when
size == blksize * 2 the NUL write lands one byte past the heap
allocation. Allocating one extra byte ensures the NUL terminator stays
within bounds. The stream.avail_out value remains blksize * 2, so
decompression behavior is unchanged.
Reported-by: Pavel Kohout, Aisle Research, www.aisle.com Signed-off-by: Karel Zak <kzak@redhat.com>
Masatake YAMATO [Wed, 4 Feb 2026 21:14:52 +0000 (06:14 +0900)]
lsfd: fill SOCK.NETNS column for tuntap
There are two network namespaces associated with a file descriptor
opening /dev/net/tun.
One is the device network namespace (devnetns). A tun/tap file
descriptor is associated with a network device, and the devnetns
is the namespace in which that device exists. lsfd already provides
this information via the TUN.DEVNETNS column.
The other is the socket network namespace (socknetns). A tun/tap
file descriptor is also associated with a socket, and the socknetns
is the namespace in which that socket was created. lsfd already
has the SOCK.NETNS column for reporting this information, but it
was not filled for file descriptors opening /dev/net/tun.
Masatake YAMATO [Wed, 4 Feb 2026 20:42:16 +0000 (05:42 +0900)]
lsfd: (refactor) call ioctl(TUNGETDEVNETNS) from target_fd related methods
In the original code, the attach_xinfo method of the cdev_tun_ops
struct called the ioctl. The attach_xinfo method retrieved the fd
passing to the ioctl by calling call_with_foreign_fd utility function.
In the last commit, we added the target_fd related methods in
cdev_tun_ops struct. The caller side of the target_fd related methods
calls call_with_foreign_fd.
We can reduce the code calling call_with_foreign_fd by moving the code
calling ioctl from the attach_xinfo method to the target_fd related
methods.
Karel Zak [Tue, 24 Feb 2026 08:54:12 +0000 (09:54 +0100)]
man pages: consolidate libsmartcols environment variables
Introduce man-common/env-smartcols.adoc to describe all libsmartcols
environment variables (LIBSMARTCOLS_DEBUG, LIBSMARTCOLS_DEBUG_PADDING,
LIBSMARTCOLS_JSON) in one place.
Replace duplicated LIBSMARTCOLS_DEBUG descriptions in cfdisk, fdisk,
sfdisk, findmnt, lsblk, and column man pages with an include of the
new common file.
Addresses: https://github.com/util-linux/util-linux/issues/3971 Signed-off-by: Karel Zak <kzak@redhat.com>
Karel Zak [Tue, 24 Feb 2026 11:41:39 +0000 (12:41 +0100)]
libblkid: iso9660: validate root directory to reduce false positives
The CD001 magic signature at 32KB offset can match file data content
on other filesystems (e.g. an .iso file stored on XFS whose data
blocks happen to land at the device offset where blkid looks for the
ISO 9660 Primary Volume Descriptor). This causes blkid to report
ambivalent results for a device that has only one real filesystem.
Add validation of the root directory record from the PVD: read the
root directory extent and verify that the first entry is a valid "."
self-reference (file_id_len == 1, file_id == 0x00, extent location
pointing back to itself). This check reliably rejects false positive
CD001 signatures because the root directory LBA from the PVD points
to a different location on the device that contains unrelated data.
Addresses: https://github.com/util-linux/util-linux/issues/4031 Signed-off-by: Karel Zak <kzak@redhat.com>
Karel Zak [Tue, 24 Feb 2026 08:38:09 +0000 (09:38 +0100)]
Merge branch 'feat/3971_compact_json_and_jsonl_support' of https://github.com/echoechoin/util-linux
* 'feat/3971_compact_json_and_jsonl_support' of https://github.com/echoechoin/util-linux:
jsonwrt: simplify ul_jsonwrt_empty() and add comments for COMPACT format
column: using switch-case replaces if-else
column: add JSON compact format output subtest.
column: add JSON LINES format output subtest.
column: introduce LIBSMARTCOLS_JSON environment argument
jsonwrt: support Compact JSON format output
libsmartcols: support JSON Lines format output
Karel Zak [Tue, 24 Feb 2026 08:13:15 +0000 (09:13 +0100)]
Merge branch 'libblkid_fix_cache_garbage_collection' of https://github.com/cgoesche/util-linux-fork
* 'libblkid_fix_cache_garbage_collection' of https://github.com/cgoesche/util-linux-fork:
blkid: add --garbage-collect test
libblkid: remove empty loop devices from cache when garbage collecting
Wilfred Mallawa [Mon, 23 Feb 2026 23:43:29 +0000 (09:43 +1000)]
blkzone: add more checks when printing zone write_pointer
The zone write pointer is also invalid for READONLY and OFFLINE zones, so
handle such cases appropriately by not displaying a write pointer for
READONLY and OFFLINE zones.
Signed-off-by: Wilfred Mallawa <wilfred.mallawa@wdc.com> Fixes: b032247f48 ("blkzone: don't show wptr when zones are full")
Accessing pager_process.pid from within a signal handler is, by strict C
language interpretation, not signal safe.
Wait for all children (and thus for pager_process.pid as well) instead.
The current users dmesg and fdisk have no further children so this is a
good compromise here.
The signal handler is used for SIGINT, SIGHUP, SIGTERM, SIGQUIT. From a
terminal perspective, these are normally intercepted by the child, not
the parent.
Since wait_for_pager is never reached by a signal handler anymore, a
regular err() call is now possible. Just make sure that no exit function
handler could ever loop endlessly.
projects / thirdparty / util-linux.git / log
