]> git.ipfire.org Git - thirdparty/systemd.git/log
thirdparty/systemd.git
2 years agostub: uniformly process "measured" flags
Lennart Poettering [Wed, 26 Jun 2024 10:13:45 +0000 (12:13 +0200)] 
stub: uniformly process "measured" flags

Always pass the pointer through so that the functions combine the flags
directly, instead of doing that in the caller.

2 years agostub: split out function that determines main cmdline
Lennart Poettering [Wed, 26 Jun 2024 10:11:46 +0000 (12:11 +0200)] 
stub: split out function that determines main cmdline

2 years agostub: normalize error handling when looking for PE sections
Lennart Poettering [Wed, 26 Jun 2024 10:05:04 +0000 (12:05 +0200)] 
stub: normalize error handling when looking for PE sections

2 years agostub: slightly reorder things
Lennart Poettering [Wed, 26 Jun 2024 10:02:06 +0000 (12:02 +0200)] 
stub: slightly reorder things

Let's do the section measurement first, before we use any data of it.

Let's bring up the boot splash next, so that it covers anything else we
might do.

2 years agostub: split out code that displays boot splash
Lennart Poettering [Wed, 26 Jun 2024 10:00:46 +0000 (12:00 +0200)] 
stub: split out code that displays boot splash

2 years agostub: split out code that loads all addons from disk into function of its own
Lennart Poettering [Wed, 26 Jun 2024 09:58:17 +0000 (11:58 +0200)] 
stub: split out code that loads all addons from disk into function of its own

2 years agostub: merge separate lists for addon cmdlines/devicetrees into one
Lennart Poettering [Wed, 26 Jun 2024 09:36:03 +0000 (11:36 +0200)] 
stub: merge separate lists for addon cmdlines/devicetrees into one

Instead of keeping the lists for the global and per-UKI addons separate
throughout, just merge them. We apply them in the same order after all.

2 years agostub: don't make up errors
Lennart Poettering [Wed, 26 Jun 2024 09:21:26 +0000 (11:21 +0200)] 
stub: don't make up errors

2 years agostub: add DevicetreeAddon structure
Lennart Poettering [Wed, 26 Jun 2024 09:18:51 +0000 (11:18 +0200)] 
stub: add DevicetreeAddon structure

Instead of keeping three parallel arrays of dt base, dt size and dt
filename, just introduce a proper structure and use an array of that,
greatly simplifying DT handling.

2 years agostub: split out call that loads embedded device tree
Lennart Poettering [Wed, 26 Jun 2024 08:48:49 +0000 (10:48 +0200)] 
stub: split out call that loads embedded device tree

2 years agostub: split out code that sets EFI vars indicating measured PCRs
Lennart Poettering [Wed, 26 Jun 2024 08:39:22 +0000 (10:39 +0200)] 
stub: split out code that sets EFI vars indicating measured PCRs

2 years agostub: move initialization of kernel iovec to the end, where it's used
Lennart Poettering [Wed, 26 Jun 2024 08:37:29 +0000 (10:37 +0200)] 
stub: move initialization of kernel iovec to the end, where it's used

2 years agostub: split out code that finds embedded initrds
Lennart Poettering [Wed, 26 Jun 2024 08:34:09 +0000 (10:34 +0200)] 
stub: split out code that finds embedded initrds

2 years agostub: split out code that generates embedded initrds
Lennart Poettering [Wed, 26 Jun 2024 08:31:23 +0000 (10:31 +0200)] 
stub: split out code that generates embedded initrds

2 years agostub: split out calls that generate sidecar initrds
Lennart Poettering [Wed, 26 Jun 2024 08:25:25 +0000 (10:25 +0200)] 
stub: split out calls that generate sidecar initrds

2 years agostub: rework initrd handling around "struct iovec"
Lennart Poettering [Wed, 26 Jun 2024 08:20:26 +0000 (10:20 +0200)] 
stub: rework initrd handling around "struct iovec"

Let's maintain an array of "struct iovec" for the initrds. It becomes a
ton easier and shorter to process/combine the various initrds then.

2 years agostub: split out code that finds the uname among PE sections
Lennart Poettering [Wed, 26 Jun 2024 07:27:28 +0000 (09:27 +0200)] 
stub: split out code that finds the uname among PE sections

2 years agostub: split out code that appends smbios command line
Lennart Poettering [Wed, 26 Jun 2024 07:20:54 +0000 (09:20 +0200)] 
stub: split out code that appends smbios command line

2 years agostub: split out code that measures our own PE sections
Lennart Poettering [Tue, 25 Jun 2024 20:49:24 +0000 (22:49 +0200)] 
stub: split out code that measures our own PE sections

2 years agostub: split out random seed part out of run()
Lennart Poettering [Tue, 25 Jun 2024 20:45:57 +0000 (22:45 +0200)] 
stub: split out random seed part out of run()

2 years agoefi: introduce PeSectionVector structure, and use it for referencing PE sections
Lennart Poettering [Mon, 24 Jun 2024 15:52:10 +0000 (17:52 +0200)] 
efi: introduce PeSectionVector structure, and use it for referencing PE sections

2 years agope: use more correct section name comparison function
Lennart Poettering [Mon, 24 Jun 2024 15:50:34 +0000 (17:50 +0200)] 
pe: use more correct section name comparison function

we should only compare up to 8 chars

2 years agope: tighten validity checks of DOS and PE headers
Lennart Poettering [Mon, 24 Jun 2024 15:40:32 +0000 (17:40 +0200)] 
pe: tighten validity checks of DOS and PE headers

Let's make sure we validate that the DOS/PE header offsets are actually
reasonable, and do not cause overflows when added to the base addresses.

(This shouldn're really be a problem URL, since the DOS header offset is
16bit only, but let's be extra careful with this)

2 years agope: be more careful when loading PE section list into memory
Lennart Poettering [Mon, 24 Jun 2024 13:25:07 +0000 (15:25 +0200)] 
pe: be more careful when loading PE section list into memory

Let's put a limit on how much memory we'll allocate for the section. And
let's add a safety overflow check.

(This is more a theoretic than a real problem, since on all PE archs
NumberOfSections is 16bit only.)

2 years agoutil: make file_read() 64bit offset safe
Lennart Poettering [Wed, 26 Jun 2024 13:43:28 +0000 (15:43 +0200)] 
util: make file_read() 64bit offset safe

File offsets in UEFI are 64bit on all archs, hence let's use that typo
too, and not create artificial confusion around types.

2 years agomkosi: switch opensuse to devel branch 33495/head
Luca Boccassi [Wed, 26 Jun 2024 14:52:23 +0000 (15:52 +0100)] 
mkosi: switch opensuse to devel branch

The factory branch seems to have been reset to 9 years ago, switch
to devel

2 years agomkosi: use new standalone-shutdown package for debian's exitrd
Luca Boccassi [Wed, 26 Jun 2024 14:21:33 +0000 (15:21 +0100)] 
mkosi: use new standalone-shutdown package for debian's exitrd

2 years agoman/capsule@.service: the capsule user is prefixed with "c-" rather than "p_"
Mike Yuan [Wed, 26 Jun 2024 14:47:48 +0000 (16:47 +0200)] 
man/capsule@.service: the capsule user is prefixed with "c-" rather than "p_"

2 years agomkosi: bump to latest commit
Luca Boccassi [Wed, 26 Jun 2024 14:21:14 +0000 (15:21 +0100)] 
mkosi: bump to latest commit

2 years agoman/capsule@.service.xml: fix typo
Carlo Teubner [Wed, 26 Jun 2024 14:39:53 +0000 (15:39 +0100)] 
man/capsule@.service.xml: fix typo

2 years agoiovec-util: make "struct iovec" and some helpers also available in EFI mode
Lennart Poettering [Wed, 26 Jun 2024 08:17:26 +0000 (10:17 +0200)] 
iovec-util: make "struct iovec" and some helpers also available in EFI mode

The construct is a POSIX invention, but it's just so useful, let's also
define it in EFI mode, so that we can use similar constructs in EFI mode
and userspace.

2 years agomacro: move PTR_TO_SIZE() macros to fundamental
Lennart Poettering [Mon, 24 Jun 2024 14:08:50 +0000 (16:08 +0200)] 
macro: move PTR_TO_SIZE() macros to fundamental

2 years agomacro: also move FOREACH_ARRAY()/FOREACH_ELEMENT() to fundamental
Lennart Poettering [Mon, 24 Jun 2024 13:54:47 +0000 (15:54 +0200)] 
macro: also move FOREACH_ARRAY()/FOREACH_ELEMENT() to fundamental

This is also very useful in EFI code.

2 years agomacro: move sizeof_field() macro into src/fundamental/
Lennart Poettering [Mon, 24 Jun 2024 13:52:00 +0000 (15:52 +0200)] 
macro: move sizeof_field() macro into src/fundamental/

Let's make this macro available for our EFI code too.

2 years agodocs: Add section to HACKING.md on distribution packages
Daan De Meyer [Wed, 26 Jun 2024 13:35:30 +0000 (15:35 +0200)] 
docs: Add section to HACKING.md on distribution packages

2 years agopolkit: allow non-local users to block sleep and shutdown 33491/head
Zbigniew Jędrzejewski-Szmek [Wed, 26 Jun 2024 10:27:10 +0000 (12:27 +0200)] 
polkit: allow non-local users to block sleep and shutdown

We already had 'auth_admin_keep' for org.freedesktop.login1.reboot and similar
actions. If a user is allowed to perform an action, I think they should be
allowed to _block_ the same action. Guarding this by auth_admin follows the
general principle of not allowing fully unprivileged users to have too much say
over the machine.

2 years agoinhibit: add --no-ask-password option and allow interactive polkit auth
Zbigniew Jędrzejewski-Szmek [Wed, 26 Jun 2024 10:21:05 +0000 (12:21 +0200)] 
inhibit: add --no-ask-password option and allow interactive polkit auth

It seems entirely reasonable to make a policy which e.g. allows block operations
for interactive users after authentication. The tool should support this, so that
more complicated local policies can be used.

Related to https://github.com/systemd/systemd/pull/30307.

2 years agoRename spawn-ask-password-agent.c to just ask-password-agent.c
Zbigniew Jędrzejewski-Szmek [Wed, 26 Jun 2024 10:07:36 +0000 (12:07 +0200)] 
Rename spawn-ask-password-agent.c to just ask-password-agent.c

The functions in the file were *not* using the spawn prefix,
and the prefix seems completely unnecessary.

2 years agoRename spawn-polkit-agent.c to just polkit-agent.c
Zbigniew Jędrzejewski-Szmek [Wed, 26 Jun 2024 10:07:36 +0000 (12:07 +0200)] 
Rename spawn-polkit-agent.c to just polkit-agent.c

The functions in the file were *not* using the spawn prefix,
and the prefix seems completely unnecessary.

2 years agoman: Add %q specifier to repart.d, sysusers.d 33338/head
Matthias Lisin [Wed, 26 Jun 2024 02:13:09 +0000 (04:13 +0200)] 
man: Add %q specifier to repart.d, sysusers.d

2 years agotmpfiles: use common macro for a set of specifiers
Matthias Lisin [Wed, 26 Jun 2024 02:12:42 +0000 (04:12 +0200)] 
tmpfiles: use common macro for a set of specifiers

This adds %q, %A and %M specifiers to tmpfiles:
- %A and %M were previously added to tmpfiles.d man page, but not to specifier_table
- %q is added via COMMON_SYSTEM_SPECIFIERS

2 years agoimport-generator: open up NotifyAccess for varlinkctl
Mike Yuan [Tue, 25 Jun 2024 12:50:11 +0000 (14:50 +0200)] 
import-generator: open up NotifyAccess for varlinkctl

So that it can report errors through VARLINKERROR=.

2 years agomkosi: update fedora commit reference
Daan De Meyer [Tue, 25 Jun 2024 14:34:28 +0000 (16:34 +0200)] 
mkosi: update fedora commit reference

8153d9b0f9 Revert "Remove tmpfiles snippet for /home and /srv"
a76669ee22 Remove tmpfiles snippet for /home and /srv
b3e1d52cb4 Soft-disable tmpfiles --purge until a good use case comes up
4a29ab3f3b Version 256.1
ebf352d292 disable auto-features when bootstrapping
1ae0516ae7 Version 256
b32641170e Restore patch to drop varlink method call
421f0041b3 Version 256~rc4
65d9b49791 Fix typo
c56891fb68 Drop sysusers.d/basic.conf
69472997b9 Renumber sources and make order more consistent

2 years agomkosi: update debian commit reference
Daan De Meyer [Tue, 25 Jun 2024 14:18:02 +0000 (16:18 +0200)] 
mkosi: update debian commit reference

3b4368d4b8 d/not-installed: fix shutdown.standalone path
2de05155e8 Update changelog for 256.1-2 release
cd98bcef06 autopkgtest: add dependency on libcryptsetup-dev in unit-tests suite
e220ce22f1 Bump breaks/replaces to conflicts for DEP17

2 years agoMerge pull request #33451 from yuwata/core-exec-use-write
Luca Boccassi [Tue, 25 Jun 2024 12:44:21 +0000 (14:44 +0200)] 
Merge pull request #33451 from yuwata/core-exec-use-write

core: use write() instead of send()

2 years agoMerge pull request #33450 from yuwata/network-ndisc-do-not-override-static-routes
Luca Boccassi [Tue, 25 Jun 2024 12:40:06 +0000 (14:40 +0200)] 
Merge pull request #33450 from yuwata/network-ndisc-do-not-override-static-routes

network/NDisc: do not override static routes

2 years agoMerge pull request #33003 from poettering/repart-progress
Lennart Poettering [Tue, 25 Jun 2024 12:08:04 +0000 (14:08 +0200)] 
Merge pull request #33003 from poettering/repart-progress

repart: draw progress bar during CopyBlocks= operation and other tweaks

2 years agoMerge pull request #33078 from poettering/import-generator
Lennart Poettering [Tue, 25 Jun 2024 12:07:46 +0000 (14:07 +0200)] 
Merge pull request #33078 from poettering/import-generator

importd: add import generator

2 years agonetwork/ndisc: fix spurious log messages
Yu Watanabe [Tue, 25 Jun 2024 07:33:15 +0000 (16:33 +0900)] 
network/ndisc: fix spurious log messages

- Fix swapped arguments:

Before:
veth99: Prefix 'in deny list' is 2002:da8:1::/64, ignoring
After:
veth99: Prefix '2002:da8:1::/64' is in deny list, ignoring.

- Drop unnecessary DEBUG_LOGGING.

2 years agomkosi: add support for TEST_SAVE_JOURNAL to integration test wrapper
Luca Boccassi [Mon, 24 Jun 2024 14:20:11 +0000 (15:20 +0100)] 
mkosi: add support for TEST_SAVE_JOURNAL to integration test wrapper

Same variable and values as supported by the shell suite

2 years agoci: add small test case for /dev/urandom as source for CopyBlocks= 33003/head
Lennart Poettering [Tue, 25 Jun 2024 08:24:47 +0000 (10:24 +0200)] 
ci: add small test case for /dev/urandom as source for CopyBlocks=

2 years agorepart: show progress bar when initializing partition via CopyBlocks=
Lennart Poettering [Fri, 24 May 2024 12:00:21 +0000 (14:00 +0200)] 
repart: show progress bar when initializing partition via CopyBlocks=

This might take a while, hence make it pretty.

2 years agorepart: allow reading from char device for CopyBlocks=
Lennart Poettering [Fri, 24 May 2024 11:57:56 +0000 (13:57 +0200)] 
repart: allow reading from char device for CopyBlocks=

Sometimes it is useful to allow initializing a partition with randomized
data, hence allow reading from a char device as source for CopyBlocks=

2 years agorepart: make prefix argument to clear_progress_bar() optional
Lennart Poettering [Fri, 24 May 2024 11:56:47 +0000 (13:56 +0200)] 
repart: make prefix argument to clear_progress_bar() optional

In this case, let's try to override the whole line, not just the first
few chars.

2 years agoupdate TODO 33078/head
Lennart Poettering [Sat, 11 May 2024 15:02:26 +0000 (17:02 +0200)] 
update TODO

2 years agoci: add test for importd varlink interface + import generator
Lennart Poettering [Mon, 27 May 2024 17:05:48 +0000 (19:05 +0200)] 
ci: add test for importd varlink interface + import generator

2 years agoimport: add generator that synthesizes download jobs from kernel cmdline
Lennart Poettering [Tue, 25 Jun 2024 07:55:16 +0000 (09:55 +0200)] 
import: add generator that synthesizes download jobs from kernel cmdline

2 years agoimportd: allow activation in early boot, and make it socket activatable
Lennart Poettering [Wed, 8 May 2024 09:11:43 +0000 (11:11 +0200)] 
importd: allow activation in early boot, and make it socket activatable

Previously, importd was only accessible via D-Bus, which required it to
be a late boot service. Now that we have Varlink we can rearrange things
to become early-boot activated, just after the image directories are
mounted.

This will later allow us to have generator that auto-downloads images on
boot.

2 years agoimportd: add simple varlink API
Lennart Poettering [Wed, 8 May 2024 08:42:48 +0000 (10:42 +0200)] 
importd: add simple varlink API

For now, let's just support Pull() and ListTransfers(), but this is just
a start.

2 years agoimport: add generic enum for choosing between tar + raw downloads
Lennart Poettering [Sat, 11 May 2024 12:00:25 +0000 (14:00 +0200)] 
import: add generic enum for choosing between tar + raw downloads

2 years agovarlink: add varlink_many_*() helpers that send messages to a set of connections...
Lennart Poettering [Wed, 29 May 2024 07:33:27 +0000 (09:33 +0200)] 
varlink: add varlink_many_*() helpers that send messages to a set of connections at once

If we have a Varlink interface that allows man subscribers to the same
source of events we typically want to notify all of them at once with
the same message.

Let's add some helpers for this purpose: varlink_many_*() can be used to
send messages, similar to the corresponding varlink_*() calls, but they
take a Set of Varlink objects and we issue the operation on every
connection once.

This ports over one existing case where this is beneficial, but the main
user for this is supposed to be importd later.

2 years agoMerge pull request #33461 from poettering/boot-measured-flag-rework
Lennart Poettering [Tue, 25 Jun 2024 07:48:38 +0000 (09:48 +0200)] 
Merge pull request #33461 from poettering/boot-measured-flag-rework

stub: rework how we combine the "measured" flags in sd-stub

2 years agorun: move condition inside set_window_title() 33370/head
Mantas Mikulėnas [Wed, 19 Jun 2024 06:23:03 +0000 (09:23 +0300)] 
run: move condition inside set_window_title()

2 years agonspawn, vmspawn: honor the new window title switch
Mantas Mikulėnas [Mon, 17 Jun 2024 11:22:51 +0000 (14:22 +0300)] 
nspawn, vmspawn: honor the new window title switch

2 years agorun: add environment variable to prevent the setting of terminal title
Mantas Mikulėnas [Mon, 17 Jun 2024 09:41:56 +0000 (12:41 +0300)] 
run: add environment variable to prevent the setting of terminal title

This goes together with the existing SYSTEMD_TINT_BACKGROUND.

Closes https://github.com/systemd/systemd/issues/33301

2 years agoMerge pull request #33454 from YHNdnzj/user-service-working-dir-relax
Luca Boccassi [Mon, 24 Jun 2024 22:48:37 +0000 (00:48 +0200)] 
Merge pull request #33454 from YHNdnzj/user-service-working-dir-relax

core: verify WorkingDirectory= is outside of API VFS only under mount namespacing

2 years agostub: fix reporting of dtb measurement 33461/head
Lennart Poettering [Mon, 24 Jun 2024 10:52:57 +0000 (12:52 +0200)] 
stub: fix reporting of dtb measurement

Let's properly return the measurement flag tristate, rather than a
boolean. Otherwise we'll mistake "nothing to measure" as "not measured",
which are two different things, and means we'll miscombine the flag
later, claiming to userspace that we measured no dtb data even if there
was.

2 years agostub: unify how we combine 'measured' flags
Lennart Poettering [Mon, 24 Jun 2024 10:44:32 +0000 (12:44 +0200)] 
stub: unify how we combine 'measured' flags

We have the same non-trivial ternary op expression at various places,
let's unify it in one call, to make this easier to read and remove
duplication.

2 years agouefi: drop redundant local variable
Lennart Poettering [Mon, 24 Jun 2024 15:38:29 +0000 (17:38 +0200)] 
uefi: drop redundant local variable

2 years agouefi: drop ill-placed empty line
Lennart Poettering [Mon, 24 Jun 2024 10:52:38 +0000 (12:52 +0200)] 
uefi: drop ill-placed empty line

Let's not place empty lines between function calls and their immediate
error handling.

2 years agologin: Add a new SecureAttentionKey dbus signal when Ctrl+Alt+Shift+Esc is pressed
nerdopolis [Tue, 12 Mar 2024 02:09:07 +0000 (22:09 -0400)] 
login: Add a new SecureAttentionKey dbus signal when Ctrl+Alt+Shift+Esc is pressed

2 years agotest-execute: add a test case for issue #33299 33451/head
Yu Watanabe [Sun, 23 Jun 2024 06:52:53 +0000 (15:52 +0900)] 
test-execute: add a test case for issue #33299

2 years agocore: do not filter out write() if required in the very late stage
Yu Watanabe [Mon, 24 Jun 2024 20:10:04 +0000 (05:10 +0900)] 
core: do not filter out write() if required in the very late stage

Before 12001b1bf067339db089d52e08fd0b4c6a9945df, write() is required for
if Type=exec. However, with the previous commit, now write() is also used
for sending handoff timestamp. Let's allow write() if necessary.

Fixes a regression caused by 12001b1bf067339db089d52e08fd0b4c6a9945df.
Fixes #33299.

2 years agocore: use write() to send handoff timestamp
Yu Watanabe [Sun, 23 Jun 2024 06:15:30 +0000 (15:15 +0900)] 
core: use write() to send handoff timestamp

Before 12001b1bf067339db089d52e08fd0b4c6a9945df, the timestamp is sent
with write(), but the commit made the timestamp sent by send(), and
causes regressin #33299.

Note the invocation will still fail if write() is filtered by seccomp.
But, that is an old issue since Type=exec is introduced
(5686391b006ee82d8a4559067ad9818e3e631247).

Partially fixes a regression caused by 12001b1bf067339db089d52e08fd0b4c6a9945df.
Partially fixes #33299.

2 years agoseccomp-util: split out seccomp_filter_set_add_by_name()
Yu Watanabe [Mon, 24 Jun 2024 20:08:17 +0000 (05:08 +0900)] 
seccomp-util: split out seccomp_filter_set_add_by_name()

2 years agoMerge pull request #33042 from poettering/machined-unpriv
Luca Boccassi [Mon, 24 Jun 2024 18:45:37 +0000 (20:45 +0200)] 
Merge pull request #33042 from poettering/machined-unpriv

machined: unprivileged machine registration

2 years agoMerge pull request #33000 from poettering/ssh-proxy-machine
Luca Boccassi [Mon, 24 Jun 2024 18:35:07 +0000 (20:35 +0200)] 
Merge pull request #33000 from poettering/ssh-proxy-machine

systemd-ssh-proxy: look for VSOCK CIDs in machined

2 years agoMerge pull request #33466 from YHNdnzj/open-file-graceful-log
Yu Watanabe [Mon, 24 Jun 2024 18:26:04 +0000 (03:26 +0900)] 
Merge pull request #33466 from YHNdnzj/open-file-graceful-log

core/exec-invoke: clean up OpenFile= logging

2 years agoFix typo in CAP_BPF description (#33464)
Eugeny Shcheglov [Mon, 24 Jun 2024 18:23:50 +0000 (21:23 +0300)] 
Fix typo in CAP_BPF description (#33464)

description_good and description_bad are mixed up. Disabling CAP_BPF results in the inability to load BPF, not the other way around.

2 years agohwdb: fix keyboard of RedmiBook Pro 15 2022 (#33465)
oldherl [Mon, 24 Jun 2024 18:22:37 +0000 (04:22 +1000)] 
hwdb: fix keyboard of RedmiBook Pro 15 2022 (#33465)

Fix two problems of the keyboard of RedmiBook Pro 15 2022.
- Enter key in the main area was mapped to KP_Enter.
- When Fn is locked (to use F1-F12 without pressing Fn),
  Right Ctrl was mapped to Menu. Keeping it as Right Ctrl is more useful.

2 years agotest-network: check if static routes not overridden by NDisc routes 33450/head
Yu Watanabe [Sun, 23 Jun 2024 05:37:01 +0000 (14:37 +0900)] 
test-network: check if static routes not overridden by NDisc routes

2 years agonetwork/ndisc: do not remove static routes when received RA with zero lifetime
Yu Watanabe [Mon, 24 Jun 2024 07:20:27 +0000 (16:20 +0900)] 
network/ndisc: do not remove static routes when received RA with zero lifetime

Similar to the previous commit, but for preventing from removing static
routes on receiving RA with zero lifetime.

Fixes a regresson caused by 479d3e1994a2e4ff7070dc2a0cb1615af7120b0c.
Fixes #33346.

2 years agonetwork/ndisc: do not override conflicting static routes
Yu Watanabe [Sun, 23 Jun 2024 05:36:08 +0000 (14:36 +0900)] 
network/ndisc: do not override conflicting static routes

We have already ignored conflicting address configurations requested by
NDisc protocol. See ndisc_request_address().
Let's follow the same rule for routes. That is, if there are conflicting
static routes configured or requested, do not override them by NDisc.

Also, swap the order of checking existing route and existing request.

Fixes a regression caused by 972f1d17ab461a51142a142609dd3ec50bae8440.
Prompted by #33346.

2 years agocore/exec-invoke: clean up OpenFile= logging 33466/head
Mike Yuan [Mon, 24 Jun 2024 16:30:00 +0000 (18:30 +0200)] 
core/exec-invoke: clean up OpenFile= logging

Make collect_open_file_fds() the only logging function,
and downgrade various usual errors to debug level
if OPENFILE_GRACEFUL is set.

Fixes #33458

2 years agocore/exec-invoke: reopen OpenFile= fds with O_NOCTTY
Mike Yuan [Mon, 24 Jun 2024 16:26:15 +0000 (18:26 +0200)] 
core/exec-invoke: reopen OpenFile= fds with O_NOCTTY

2 years agouefi: emphasize a bit that EV_IPL event logs is the past, EV_EVENT_TAG the future
Lennart Poettering [Mon, 24 Jun 2024 10:18:03 +0000 (12:18 +0200)] 
uefi: emphasize a bit that EV_IPL event logs is the past, EV_EVENT_TAG the future

2 years agocore: verify WorkingDirectory= is outside of API VFS only under mount namespacing 33454/head
Mike Yuan [Sun, 23 Jun 2024 16:12:33 +0000 (18:12 +0200)] 
core: verify WorkingDirectory= is outside of API VFS only under mount namespacing

The purpose of the check is to prevent leaking API VFS fds
from host into a mount namespace/container. When mountns
is not used at all, the check is pointless and causes
inconvenience. E.g. file managers might need to be spawned
under those directories, and they surely won't run in mountns.

Suggested in https://github.com/systemd/systemd/pull/33454#issuecomment-2186351467
Fixes #33361

2 years agocore/load-fragment: use ASSERT_PTR where appropriate
Mike Yuan [Sun, 23 Jun 2024 16:29:29 +0000 (18:29 +0200)] 
core/load-fragment: use ASSERT_PTR where appropriate

2 years agoMerge pull request #33401 from yuwata/journal-revert-source-boottime-timestamp
Mike Yuan [Mon, 24 Jun 2024 13:34:16 +0000 (15:34 +0200)] 
Merge pull request #33401 from yuwata/journal-revert-source-boottime-timestamp

journal: partially revert recent changes

2 years agoMerge pull request #33456 from yuwata/terminal-util
Mike Yuan [Mon, 24 Jun 2024 13:29:36 +0000 (15:29 +0200)] 
Merge pull request #33456 from yuwata/terminal-util

terminal-util: use colon as separator for specifying color

2 years agovmspawn: define QEMU_MACHINE_TYPE for loongarch64
Robin Lee [Mon, 24 Jun 2024 05:48:32 +0000 (13:48 +0800)] 
vmspawn: define QEMU_MACHINE_TYPE for loongarch64

Use ["virt"](https://www.qemu.org/docs/master/system/loongarch/virt.html) as a commonly used generic platform on loongarch64.

2 years agoterminal-util: several cleanups for ColorMode 33456/head
Yu Watanabe [Sun, 23 Jun 2024 19:18:04 +0000 (04:18 +0900)] 
terminal-util: several cleanups for ColorMode

- introduce or rename usual enum values _MAX and _INVALID,
- introduce and use string table lookup functions,
- split out implementation of get_color_mode() to _impl(),
- add tests for get_color_mode().

2 years agoterminal-util: merge COLOR_ON with COLOR_24BIT
Yu Watanabe [Sun, 23 Jun 2024 19:12:45 +0000 (04:12 +0900)] 
terminal-util: merge COLOR_ON with COLOR_24BIT

Currently, we assume that there is no restriction on coloring when
COLOR_24BIT. Let's merge the two values.

Follow-up for a5efbf468c96190c9562bc8121eda32310dfd112.

2 years agoterminal-util: use colon as separator for specifying color
Yu Watanabe [Mon, 24 Jun 2024 08:55:17 +0000 (17:55 +0900)] 
terminal-util: use colon as separator for specifying color

Then, terminal will safely ignore unsupported features, like colored
underline.

Fixes a regression caused by 891abc9cf1d3d7afd7b740b4077551dcfb5f8e16.
Fixes https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074073.
Fixes #33449.

2 years agoMerge pull request #33452 from bluca/repart_pkg
Luca Boccassi [Sun, 23 Jun 2024 12:19:30 +0000 (13:19 +0100)] 
Merge pull request #33452 from bluca/repart_pkg

mkosi: install new split-out systemd packages

2 years agomkosi: bump Debian Salsa commit to latest 33452/head
Luca Boccassi [Sun, 23 Jun 2024 09:20:27 +0000 (10:20 +0100)] 
mkosi: bump Debian Salsa commit to latest

2 years agomkosi: install new split-out systemd packages
Luca Boccassi [Sun, 23 Jun 2024 09:10:26 +0000 (10:10 +0100)] 
mkosi: install new split-out systemd packages

repart and cryptsetup tools were moved out of the main package
to reduce dependencies.

2 years agobus-unit-util: add PrivateTmpEx to bus_append_execute_property()
Mike Yuan [Sat, 22 Jun 2024 10:28:08 +0000 (12:28 +0200)] 
bus-unit-util: add PrivateTmpEx to bus_append_execute_property()

Follow-up for 9d50d053f327e5471a514bc36487bfc3358c15d8

2 years agohwdb: Fix Logitech G915 TKL (Bluetooth) appearing as a mouse
Stuart Hayhurst [Sat, 22 Jun 2024 19:25:21 +0000 (20:25 +0100)] 
hwdb: Fix Logitech G915 TKL (Bluetooth) appearing as a mouse

2 years agoman: fix double is typo in systemd-tmpfiles
Diego Viola [Sat, 22 Jun 2024 02:46:32 +0000 (23:46 -0300)] 
man: fix double is typo in systemd-tmpfiles

Signed-off-by: Diego Viola <diego.viola@gmail.com>