Daan De Meyer [Fri, 2 Aug 2024 14:25:03 +0000 (16:25 +0200)]
test: Add a way to quickly iterate on an integration test
Rebuilding the integration test every time is very slow. Let's
introduce a way to iterate on an integration test without rebuilding
the image every time. By making a btrfs snapshot before we run the
integration test, we can then systemctl soft-reboot after running
the test to restore the rootfs to a pristine state before running
the test again.
As /run/nextroot will get nuked on reboot or soft-reboot, we introduce
a tmpfiles snippet to make sure it is recreated every (soft-)reboot
and adapt the existing tests to deal with this new symlink.
Daan De Meyer [Fri, 2 Aug 2024 14:22:37 +0000 (16:22 +0200)]
mkosi: Enable Autologin= again on Debian
Debian uses /usr/bin/login from the shadow package instead of util-linux
which doesn't support credentials. Let's enable autologin the old
fashioned way for now.
Daan De Meyer [Fri, 2 Aug 2024 13:18:45 +0000 (15:18 +0200)]
docs: Update upgrade commands in HACKING.md
- Add the required options to make the package managers non interactive
- Use apt-get instead of apt
- Remove --reinstall from apt-get command so we only install newer packages
- Add --needed to pacman command so we only install newer packages
Yu Watanabe [Mon, 5 Aug 2024 05:18:21 +0000 (14:18 +0900)]
journal: set flushed flag even if we fail to open runtime journals
As at this stage, a persistent journal file has been already opened, and
saved seqnum has been reset, and any later journal entries will be stored
to the file. Hence we should not open the runtime journal file by
server_system_journal_open() again.
Yu Watanabe [Mon, 5 Aug 2024 05:56:11 +0000 (14:56 +0900)]
journal: do not rotate journal when MaxRetentionSec= is set
The setting is about vacuuming archived journal files. It is not
necessary to rotate the current journal. Note, journal file rotation is
controlled by MaxFileSec=.
Luca Boccassi [Sat, 3 Aug 2024 23:00:05 +0000 (00:00 +0100)]
base-filesystem: do not attempt to create a /lib64 -> /usr/lib/<tuple> symlink
In multi-arch distributions (debian and derivatives) multiarch tuples under
/usr/lib are used, such as /usr/lib/x86_64-linux-gnu/ but the /lib64 symlink
should never point there, it should always point to /usr/lib64, as that's
how they are set up by distribution-specific tools.
Daan De Meyer [Sat, 3 Aug 2024 18:10:54 +0000 (20:10 +0200)]
meson: Use -fstrict-flex-arrays=3
Let's explicitly pass the value to -fstrict-flex-arrays. This does
not change behavior but it does (selfishly) make my error not bug
out with an error saying -fstrict-flex-arrays does not exist.
Mike Yuan [Thu, 1 Aug 2024 00:23:14 +0000 (02:23 +0200)]
core/service: actually allow to "hurry up" auto restarts
unit_start() advertises that start requests don't get suppressed,
so that it could be used to manually speed up auto restarts.
However, service_start() so far rejected this, stating that
clients should issue restart request in order to trigger
BindsTo=/OnFailure=.
That seems to be a red herring though, because for a long time
the service states between auto-restarts were buggy (#27594).
With the introduction of RestartMode=direct, the behavior
is sane again and customizable, hence I see no reason to refuse
this anymore. Whether those deps are triggered solely depends
on RestartMode= now.
Plus, filter out some intermediate states that should never
be seen in service_start().
The s390x platform provides confidential VMs using the "Secure Execution"
technology, which is also referred to as "Protected Virtualization" or
just "prot virt" in Linux / QEMU.
This can be detected through a simple sysfs attribute.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
confidential-virt: split caching of CVM detection into separate method
We have different impls of detect_confidential_virtualization per
architecture. The detection is cached in the x86_64 impl, and as we
add support for more targets, we want to use caching for all. It thus
makes sense to split caching out into an architecture independent
method.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Mike Yuan [Tue, 30 Jul 2024 20:43:49 +0000 (22:43 +0200)]
cgroup-util: clean up cg_kill() and friends, completely split out cg_kill_kernel_sigkill()
cg_kill_kernel_sigkill() has a narrow use case, and currently
no code really reaches that branch. Let's detach it from
cg_kill_recursive() hence, and call it explicitly later
where appropriate.
Mike Yuan [Tue, 30 Jul 2024 20:29:00 +0000 (22:29 +0200)]
cgroup-util: drop unused cg_rmdir()
When removing a cgroup, we always want to eliminate subcgroups
first, i.e. use cg_trim(). And cg_rmdir() (along with
CGROUP_REMOVE flag) is simply unused. Kill it.
Ronan Pigott [Thu, 1 Aug 2024 17:59:12 +0000 (10:59 -0700)]
resolved: don't treat conn reset as packet loss
tcp reset / icmp port-unreachable are markedly different conditions than
packet loss. It doesn't make much sense to retry in this case. It's
actually not clear if there is any benefit at all retrying tcp
connections, which were presumably already retried as necessary by the
tcp stack.
Yu Watanabe [Mon, 27 May 2024 03:22:30 +0000 (12:22 +0900)]
sd-device-monitor: expose low-level functions
To make it work without sd-event.
Prompted by recent chat:
> Hey all!
> reading man libudev, it says to use sd-device instead now. I've read that
> APIs header file and it seems it no longer has an equivalent to libudev's
> udev_monitor_get_fd, which AFAICT means I have to use sd-event to watch
> for events I'm interested in. I know I can "embed" sd-event in other event
> loops I might already have, but that seems overkill when I'm only interested
> in this one type of event and don't need sd-event for anything else.
Yu Watanabe [Mon, 27 May 2024 03:05:24 +0000 (12:05 +0900)]
udev: manage only socket address of device monitor
Previously, the main process of systemd-udevd manages worker process
with their sd_device_monitor object to save the destination address.
Let's save only destination address, and drop worker's sd_device_monitor
object.
Yu Watanabe [Mon, 27 May 2024 01:43:54 +0000 (10:43 +0900)]
sd-device-monitor: bind socket in device_monitor_new_full()
Previously, device_monitor_enable_receiving() does
- update filter,
- bind socket.
But, binding socket can be done in when the socket is opened.
Let's remove device_monitor_enable_receiving() and bind the socket in
device_monitor_new_full().
Luca Boccassi [Thu, 1 Aug 2024 19:44:11 +0000 (20:44 +0100)]
os-release: break RELEASE_TYPE into paragraphs and clarify about rolling stable releases
Arch and Tumbleweed do not do EOLs but are still stable, so clarify the paragraph.
Also break the entry in paragraphs, to make it more readable when rendered.
Luca Boccassi [Thu, 1 Aug 2024 19:35:57 +0000 (20:35 +0100)]
os-release: change RELEASE_TYPE value from 'pre-release' to 'development'
The point was made on https://lists.debian.org/debian-ctte/2024/08/msg00005.html
that 'pre-release sounds' like an RC candidate, ie, something that will change
very slightly in the released version. But this is not necessarily the case
for example at the beginnig of a Fedora Rawhide or Debian Testing release cycle,
so change it to a more generic 'development'
projects / thirdparty / systemd.git / log
