-Og still causes a lot of "<optimized out>" in GDB so let's use -O0
instead and disable FORTIFY_SOURCE as it doesn't work without
optimizations enabled.
mkosi: Set up -ffile-prefix-map= correctly when building debuginfo packages
This makes sure that the debuginfo files contain source files pointing
to the source files shipped by the debugsource package.
Normally this should be done automatically by rpm invoking debugedit
but for some unknown reason debugedit refuses to rewrite the source
files in our binaries.
Given that debugedit is completely undebugable (does not generate any
logs at all, and its source code is ridiculously obtuse), let's set
-ffile-prefix-map= when building instead which achieves the same
effect.
This allows building debug packages by setting WITH_DEBUG=1. This
slows down the build a lot so it's opt in. We don't yet install
these but can do so in a future commit.
The entire build environment is ephemeral anyway so everything is
cleaned regardless. By specifying --noclean, we make debugging
easier as the rpm build root can be inspected when using --debug-shell.
- We have ssh-generator now, so need for mkosi's Ssh= option anymore.
- By enabling RuntimeBuildSources= by default, we don't need the gdb
config file in the image anymore, since the build and source
directories will be mounted at the expected locations.
journalctl: tighten rules on parsing namespace journal dir suffixes
The dot must follow the machine ID immediately, let's check for that.
Also, I think it's generally better to parse the machine ID and then
comparing it, instead of comparing the string representation. That's
more in line how we usually do it, as we parse 128bit IDs generally
case-insensitively.
udevadm-control: check if control command really specified
Previously, 'udevadm control' only checked the number of the arguments.
So, if only `--timeout` is specified, it spuriously did nothing and succeeded.
This makes the command request at least one control command.
units: order repart after systemd-tpm2-setup-early.service
This mimics what we do for systemd-cryptsetup@.service (see
src/shared/generator.c), and makes sense since repart might lock up the
root volume against a TPM, which ideally has its SRK already set up by
then.
More importantly though, this ensures that we ordered correctly after
tpm2.target (which systemd-tpm2-setup-early.service has a dependency
on), for systems where the TPM drivers are not compiled into the kernel.
* fix error
* remove options that are no longer supported
* add missing options
* stop completion if an option `--help` or `--version` is supplied
[[[
zjs: a note for the reader:
zshcompsys(1) in the section about optspecs in _arguments says:
> Each of the forms above may be preceded by a list in parentheses of option names and argument num‐
> bers. If the given option is on the command line, the options and arguments indicated in parentheses
> will not be offered. For example, ‘(-two -three 1)-one:...' completes the option ‘-one'; if this ap‐
> pears on the command line, the options -two and -three and the first ordinary argument will not be
> completed after it. ‘(-foo):...' specifies an ordinary argument completion; -foo will not be com‐
> pleted if that argument is already present.
>
> Other items may appear in the list of excluded options to indicate various other items that should
> not be applied when the current specification is matched: a single star (\*) for the rest arguments
> (i.e. a specification of the form ‘\*:...'); a colon (:) for all normal (non-option-) arguments; and a
> hyphen (-) for all options. For example, if ‘(\*)' appears before an option and the option appears on
> the command line, the list of remaining arguments (those shown in the above table beginning with
> ‘\*:') will not be completed.
The intended effect of the change is to remove irrelevant completion matches from the completion.
As it breaks relative links to other pages. For example, the
BOOT_LOADER_INTERFACE page has a relative link to
AUTOMATIC_BOOT_ASSESSMENT. With a slash in the page's permalink, that
link leads to:
We have various tools that log directly to the console, as well as
pid1 which logs directly to the console when running in a container.
Let's make sure that we don't log debug messages to the console by
default, but keep the behavior when running in CI.
mkosi just learned to do natively what we currently do with environment
variables and a postinst script, so let's update to the latest version
and start using the new settings instead.
Mike Yuan [Sat, 13 Apr 2024 14:42:22 +0000 (22:42 +0800)]
core/execute: also check cg_is_threaded for clone3()
Prompted by #32259
We already have this check in exec_invoke(), i.e. child.
But if CLONE_INTO_CGROUP is used, the failure would
occur on parent's side, so do the check there too.
fuzz: check that resource records are serialized successfully
It shouldn't fail at that point.
It's prompted by the "Structure needs cleaning" thing that keeps popping
up in various places like
https://github.com/systemd/systemd/pull/30952#discussion_r1553181309 and
https://github.com/systemd/systemd/issues/31708.
projects / thirdparty / systemd.git / log
