Add SBAT support, when -Dsbat-distro value is specified. One can use
-Dsbat-distro=auto for autodetection of all sbat options. Many meson configure
options added to customize SBAT CSV values, but sensible defaults are auto
detected by default. SBAT support is required if shim v15+ is used to load
systemd-boot binary or kernel.efi (Type II BootLoaderSpec).
When we are queried for membership lists on a system that has exactly
zero, then we'll return ESRCH immediately instead of at EOF. Which is
OK, but we need to handle this in various places, and not get confused
by it.
user-util: add generic definition for special password hash values in /etc/passwd + /etc/shadow
Let's add three defines for the 3 special cases of passwords.
Some of our tools used different values for the "locked"/"invalid" case,
let's settle on using "!*" which means the password is both locked *and*
invalid.
Other tools like to use "!!" for this case, which however is less than
ideal I think, since the this could also be a considered an entry with
an empty password, that can be enabled again by unlocking it twice.
howl [Tue, 4 May 2021 09:20:23 +0000 (11:20 +0200)]
Unify pn81H3 and cvrLenovoideapadD330-10IGM
D330-10IGM has been added due the fact that 81H3 and 81MD product name belongs to the same product version. So the fact is that now that we know 81MD has the same transformation matrix that the 81H3 we can just use the product version and get rid the product name.
Signed-off-by: David Santamaría Rogado <howl.nsp@gmail.com>
If ":" was the last char in the string, we would call access() on ".../drivers/", which
would pass. It probably doesn't matter, but let's reject this anyway.
Not only we would duplicate unknown input on the stack, we would do it
over and over. So let's first check that the input has reasonable length,
but also allocate just one fixed size buffer.
The ID_FFADO environment variable comes from external FFADO project.
Now we have comprehensive and self-contained rules instead of it.
Let's remove it.
hwdb: ieee1394-unit-function: add entry for AV/C device with vendor unique command set
In IEC 61883-1:1998, we can see some values for AV/C device with vendor
unique command set in IEC 61883-1:1998. Current udev rule handles it
for video. However it brings an issue that the functions in AV/C device
are not distinguished just by the content of configuration ROM.
In former commit, hardware database was added to describe function type
of unit in the node, then udev rules are added to utilize the database.
However, we have an request to obsolete existent udev rules by putting
enough entries to the database. It should be done carefully.
This commit adds entry into hardware database just for backward
compatibility. The entry can match to some node and unit unexpectedly.
Therefore this commit modifies existent entries to invalidate the effect
from added entry.
hwdb: ieee1394-unit-function: add entry for AV/C device with generic AV/C command set
Typical node of AV/C device has standard content of configuration ROM.
This is defined in documentation of 1394 Trading Association.
* Configuration ROM for AV/C Devices 1.0 (Dec. 12, 2000, 1394 Trading
Association, TA Document 1999027)
However, it brings an issue that the functions in AV/C device are not
distinguished just by the content of configuration ROM.
In former commit, hardware database was added to describe function type
of unit in the node, then udev rules are added to utilize the database.
However, we have an request to obsolete existent udev rules by putting
enough entries to the database. It should be done carefully.
This commit adds entry into hardware database just for backward
compatibility. The entry can match to some node and unit unexpectedly.
Therefore this commit modifies existent entries to invalidate the effect
from added entry.
hwdb: ieee1394-unit-function: remove entry for Cool Stream iSweet
IIDC specification describes configuration ROM without model field, thus
it's not possible to match any entry with vendor ID and model ID.
Current entry for Cool Stream iSweet can match any node and unit of
IIDC.
This commit removes the entry. I note that this model uses Texus
Instruments MC680-DCC as all-in-one chipset for video function in
IEEE 1394 bus.
hwdb: ieee1394-unit-function: add entries for Point Grey cameras
Point Grey Research, inc. shipped cameras to support IIDC, however some
of them are necessarily compliant to IIDC specification in terms of the
value of software version field in unit directory of configuration ROM.
Instrumentation & Industrial Digital Camera (IIDC) specifications are
defined by 1394 Trading Association for camera device in IEEE 1394 bus.
IIDC2 specifications are defined by joint working group between Japan
Industrial Imaging Association (JIIA) and 1394 Trade Association as
bus-independent specification.
This commit adds entries for the specifications to remove existent udev
rules. Supported specifications are listed below:
* 1394-based Digital Camera Specification Version 1.04 (Aug. 9, 1996,
1394 Trading Association)
* 1394-based Digital Camera Specification Version 1.20 (Jul. 23, 1998,
1394 Trading Association)
* IIDC Digital Camera Control Specification Ver.1.30 (Jul. 25, 2000,
1394 Trading Association)
* IIDC Digital Camera Control Specification Ver.1.31 (Feb. 2, 2004,
1394 Trading Association, TA Document 2003017)
* IIDC Digital Camera Control Specification Ver.1.32 (Jul. 24, 2008,
1394 Trading Association, Document number 2007009)
* IIDC2 Digital Camera Control Specification Ver.1.0.0 (Jan 26th, 2012,
1394 Trading Association, TS2011001)
* IIDC2 Digital Camera Control Specification Ver.1.1.0 (May 19th, 2015,
1394 Trading Association, TS2015001)
hwdb: ieee1394-unit-function: add entries for Digital Everywhere FloppyDTV and FireDTV
Linux kernel has firedtv kernel module as driver for Digital Everywhere
FloppyDTV and FireDTV. Although this driver works without any help of
userspace application, it's better to add entries to hardware database
for developer's convenience.
Zbigniew Jędrzejewski-Szmek points that current entries are against the
convention of indentation. It should be indented by one space instead of
two.
This commit fixes current entries according to it.
Reported-by: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> Fixes: 1b6d9a05b14a ("hwdb: add database entries for models with ASICs in BeBoB solution") Fixes: 0db0564e957f ("hwdb: add database entries for models with Fireworks board module") Fixes: 38338b302cb0 ("hwdb: add database entries for models with OXFW970/971 ASICs") Fixes: c0d8b61f9385 ("hwdb: add database entries for models based on DICE ASICs with TCAT specification") Fixes: a774b5099bce ("hwdb: add database entries for models based on DICE ASICs specialized to M-Audio") Fixes: ff1cb7b9393a ("hwdb: add database entries for models based on DICE ASICs specialized to Weiss Engineering") Fixes: 6f44dddbe20a ("hwdb: add database entries for models based on DICE ASICs specialized by Loud Technologies") Fixes: 49ed0aad525b ("hwdb: add database entries for models based on DICE ASICs specialized by Harman Music Group") Fixes: effbb4024b8b ("hwdb: add database entries for models based on DICE ASICs specialized by Solid State Logic") Fixes: 4aaa093b5fb6 ("hwdb: add database entries for models of Digidesign Digi 00x family") Fixes: c489e7f9d3c4 ("hwdb: add database entries for Tascam FireWire series") Fixes: 650b8967a57b ("hwdb: add database entries for MOTU FireWire series") Fixes: 51e9242b9b91 ("hwdb: add database entries for RME Fireface series") Fixes: a90a6a9ae9f8 ("hwdb: add database entries for Yamaha mLAN 2nd generation") Fixes: 41f2d0d393a4 ("hwdb: add database entries for Yamaha mLAN 3rd generation") Fixes: 1d2ee962922f ("hwdb: add database entries for Focusrite Liquid Mix series") Fixes: 0c20543835d6 ("hwdb: add database entries for TC Electronic PowerCore FireWire series") Fixes: 8b4b76dc5021 ("hwdb: add database entry for node with single unit with video function") Fixes: 12dd2404bee8 ("hwdb: add database entries for node with multiple units") Fixes: dece0357e1c8 ("hwdb: add database entries for node with single unit for multiple functions") Signed-off-by: Takashi Sakamoto <o-takashi@sakamocchi.jp>
hwdb: fix parser to execute test for ieee1394-unit-function with no argument
When given no arguments, hwdb parser script seeks test target files by
glob pattern. Although I added a new file for IEEE 1394 unit functions,
the file is excluded as test target due to the pattern.
This commit fixes it.
Fixes: 7713f3fc6a2 ("hwdb: add parser grammar for IEEE 1394 unit function list") Signed-off-by: Takashi Sakamoto <o-takashi@sakamocchi.jp>
The function returns non-negative UnitNameFlags on success, and negative
errno on error. In the past we kept the return type as int because of those
negative return values. But nowadays _UNIT_NAME_INVALID == -EINVAL. And if
we tried to actually return something that doesn't fit in the return type,
the compiler would throw an error. By changing to the "real" return type,
we allow the debugger to use symbolic representation for the variables.
"systemd-testsuite" gets in the way when grepping for "testsuite-*.sh".
Also, the name doesn't matter for anything, so let's just use something
very short to save space.
meson: don't fail if latest tag's commit is signed
Today this is v248 with 938bdfc0fa737d86eb3ecc70506e11e5f740e0dc, which,
if you don't know about the github webflow key fails to configure with
meson.build:724:8: ERROR: String "gpg: Signature made Tue 30 Mar 2021 22:59:02 CEST\ngpg: using RSA key 4AEE18F83AFDEB23\ngpg: Can't check signature: No public key\n1617137942\n" cannot be converted to int
or, if you do, with
meson.build:724:8: ERROR: String 'gpg: Signature made Tue 30 Mar 2021 22:59:02 CEST\ngpg: using RSA key 4AEE18F83AFDEB23\ngpg: Good signature from "GitHub (web-flow commit signing) <noreply@github.com>" [unknown]\ngpg: WARNING: This key is not certified with a trusted signature!\ngpg: There is no indication that the signature belongs to the owner.\nPrimary key fingerprint: 5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23\n1617137942\n' cannot be converted to int
basic/unit-file: fix detection of instance aliases
We had the following scenario:
under /etc/systemd/system/
- foo@.service
- bar@tty12.service → foo@tty12.service
- multi-user.target.wants/foo@tty12.service
Existing code did not "know" that foo@tty12.service has alias bar@tty12.service:
$ systemctl show -P Names foo@tty12.service
foo@tty12.service
Since multi-user.target is always loaded, we would load foo@tty12.service.
When trying to load bar@tty12.service, it would (correctly) detect that
bar@tty12.service is an alias for foo@tty12.service, and try to merge the
bar@tty12.service unit into the foo@tty12.service. This would fail, because
foo@tty12.service was already loaded, and only about-to-be-loaded units can
be merged.
With the patch we consider bar@tty12.service an alias of foo@tty12.service
immediately, so the issue does not occur:
$ systemctl show -P Names foo@tty12.service
foo@tty12.service bar@tty12.service
Fixes #19409.
This turned in a bigger rewrite. The logic add "the main name and all aliases"
was implemented twice, slightly different in both cases. I split that part out
to a new function. The result about the same length, but hopefully a bit easier
to read.
Logging output is also improved a bit. Some left-over debug logs have been
removed or cleaned up.
This is a fairly big change, but (with the addition in the following commit),
we have pretty good coverage of this logic.
basic/io-util: invert return value from IOVEC_INCREMENT()
We would try to return a value that could be nonzero only if the kernel
reported writing more bytes than we gave to it, hopefully a rare occurence.
Instead, assert that this doesn't happen.
Instead, return true if we got to the end of the iovec array. The caller
can use this information to know that the whole iovec array was written.
This allows one loop to be dropped in write_to_syslog().
Also drop _unlikely_: this function is called with very short arrays, and
it *is* likely that we trigger this condition. Let's just let the compiler
generate normal code without giving it a potentially false hint.
manager: emit a message when we fail to create manager because /run is not set up
$ SYSTEMD_LOG_LEVEL=debug build/systemd --test --user
...
Failed to lookup RuntimeDirectory path: No such device or address <---- this line is new
Failed to allocate manager object: No such device or address
We would fail and only say "Failed to allocate manager object: ENODEV" which is
not entirely self-explanatory. Let's add a better log message.
test: properly catch tests error with no /testok or empty /failed
When editing this function in 7bf20e48bd7d641a39a14a7feb749b7e8, I couldn't
decide whether to initialize ret at the top and only reset it on success, or
whether to assign a value in each branch. In the end I did neither ;( So if the
test finished without creating any of the result files, we would echo a
message, but return "success".
But there was bigger confusion with /failed: some tests create it empty, some
don't. I think we may want to do away pre-creation of /failed completely, and
assume the test failed unless /testok is found. But I'm leaving that for later
rework. For now let's just make sure we report return success only if /testok
or /skipped is found.
Ryan Hendrickson [Fri, 30 Apr 2021 16:47:10 +0000 (12:47 -0400)]
core: apply LogLevelMax to messages about units
This commit applies the filtering imposed by LogLevelMax on a unit's
processes to messages logged by PID1 about the unit as well.
The target use case for this feature is a service that runs on a timer
many times an hour, where the system administrator decides that writing
a generic success message to the journal every few minutes or seconds
adds no diagnostic value and isn't worth the clutter or disk I/O.
Debian has now been updated to patch the issue, so SemaphoreCI should
no longer fail. The fix has also been backported to the affected
stable branches.
Basically the same scenario as in a33e2692e162671f0d97856ad2f49a2620a1ec10, where `awk` exits as soon
as it finds a match, thus sending SIGPIPE to `ldd` if it's not fast
enough. That, in combination with `set -o pipefail` causes random &
unexpected fails, like:
```
No journal files were found.
-rw-r----- 1 root root 16777216 Apr 30 10:31
/var/tmp/TEST-01-BASIC_sanitizers-nspawn/system.journal
TEST-01-BASIC RUN: Basic systemd setup [OK]
systemd is not linked against the ASan DSO
gcc does this by default, for clang compile with -shared-libasan
make: *** [Makefile:2: clean-again] Error 1
make: Leaving directory '/build/test/TEST-01-BASIC'
```
Use BIOS characteristics to distinguish EC2 bare-metal from VMs
DMI vendor information fields do not provide enough information for us to
distinguish between Amazon EC2 virtual machines and bare-metal instances.
SMBIOS provides a BIOS Information
table (https://www.dmtf.org/sites/default/files/standards/documents/DSP0134_3.4.0.pdf
Ch. 7) that provides a field to indicate that the current machine is a virtual
machine. On EC2 virtual machine instances, this field is set, while bare-metal
instances leave this unset, so we inspect the field via the kernel's
/sys/firemware/dmi/entries interface.
Bertrand Jacquin [Sun, 11 Oct 2020 20:25:00 +0000 (21:25 +0100)]
virt: detect Amazon EC2 Nitro instance
Amazon EC2 Nitro hypervisor is technically based on KVM[1], which
systemd-detect-virt identify propely from CPUID. However the lack of
CPUID on aarch64 (A1, T4 instance type) prevents a correct
identification, impacting hostnamectl and systemd-random-seed. Instead
it's possible to identify virtualization from DMI vendor ID.
Prior to this commit:
# hostnamectl
Static hostname: n/a
Transient hostname: ip-10-97-8-12
Icon name: computer
Machine ID: 8e3772fbcfa3dd6f330a12ff5df5a63b
Boot ID: b7b7e2fe0079448db664839df59f9817
Operating System: Gentoo/Linux
Kernel: Linux 5.4.69-longterm
Architecture: arm64
After this commit:
# hostnamectl
Static hostname: n/a
Transient hostname: ip-10-97-8-12
Icon name: computer-vm
Chassis: vm
Machine ID: 8e3772fbcfa3dd6f330a12ff5df5a63b
Boot ID: bd04da57084e41078f20541101867113
Virtualization: amazon
Operating System: Gentoo/Linux
Kernel: Linux 5.4.69-longterm
Architecture: arm64
Yu Watanabe [Sun, 7 Mar 2021 06:35:33 +0000 (15:35 +0900)]
udev,sd_device: also save map from device ID to watch handle in /run/udev/watch
Previously, watch handle is saved in the udev databse. But in most cases,
the handle saved in the database is not updated. Especially, when udevd
is restarted, the inotify watch is restarted, but the database is not
updated.
Moreover, it is not necessary to save watch handle in the database, as
the handle is only take a effect during udevd is running, and the value
is meaningless when udevd is restarted.
So, this makes the opposite map from device ID to watch handle is saved
in /run/udev/watch as a symbolic link, and the handle not saved in the
database anymore.
projects / thirdparty / systemd.git / log
