Daan De Meyer [Thu, 29 Jun 2023 11:35:03 +0000 (13:35 +0200)]
mkosi: Enable Incremental= mode by default
Since mkosi is now smart enough to drop the caches when the list of
packages changes, let's enable Incremental= mode by default to ensure
a good experience for anyone new to hacking on systemd with mkosi.
Yuxiang Zhu [Thu, 29 Jun 2023 10:11:52 +0000 (18:11 +0800)]
network: Add `IgnoreDdontFragment=` option for Fragmentation control (#28131)
From `ip-link(8)`:
> [no]ignore-df - enables/disables IPv4 DF
suppression on this tunnel. Normally datagrams
that exceed the MTU will be fragmented; the
presence of the DF flag inhibits this, resulting
instead in an ICMP Unreachable (Fragmentation
Required) message. Enabling this attribute causes
the DF flag to be ignored.
If this option is enabled for a GRE/GRETAP tunnel, the `DF` flag in the outer IP header
will not inherit the inner IP header's `DF` flag.
This is useful to transfer packets that exceed the MTU of the underlay
network.
- add reference to initrd-battery-check.service in man page, and move
its section from 1 to 8,
- add link to man page in help message,
- introduce ERRNO_IS_NO_PLYMOUTH(),
- propagate error in battery_check_send_plymouth_message(),
- rename battery_check_send_plymouth_message() -> plymouth_send_message(),
- return earlier when the first battery level check passed to reduce
indentation,
- fix potential use of invalid fd on battery restored,
- do not use emoji for /dev/console,
- add simple test (mostly for coverity),
Yu Watanabe [Mon, 26 Jun 2023 19:53:13 +0000 (04:53 +0900)]
meson: first try dependency(), then fallback to find_library()
This also drops the fallback for libacl, libcap, libcrypt, and libgcrypt,
as recent Ubuntu (at least, 20.04 LTS and newer) and Debian (at least, buster
and newer) have relevant .pc files.
execute: add support for XDG_STATE_HOME for placing service state data in --user mode
This adds support for the new XDG_STATE_HOME env var that was added to
the xdg basedir spec. Previously, because the basedir spec didn't know
the concept we'd alias the backing dir for StateDirectory= to the one
for ConfigurationDirectory= when runnin in --user mode. With this change
we'll make separate. This brings us various benefits, such as proper
"systemctl clean" support, where we can clear service state separately
from service configuration, now in user mode too.
This does not come without complications: retaining compatibility with
older setups is difficult, because we cannot possibly identitfy which
files in existing populated config dirs are actually "state" and which
one are true" configuration.
Hence let's deal with this pragmatically: if we detect that a service
that has both dirs configured only has the configuration dir existing,
then symlink the state dir to the configuration dir to retain
compatibility.
This is not great, but it's the only somewhat reasonable way out I can
see.
execude: include RuntimeScope field in ExecParameters
Let's decouple execute.c a bit from the Manager object, let's pass the
runtime scope (i.e. the enum that discern invocation for user or system
context) as part of ExecParameters. This makes the scope available in
various functions without having to pass the Manager object in.
string-util: pass ANSI sequences through unchanged
Cutting off in the middle may leave the terminal in a bad state, breaking
further output. But we don't know what a given ANSI sequence does, e.g.
ANSI_NORMAL should not be skipped. But it is also nice to keep various
sequences intact, so that if we had part of the string in blue, and we cut out
the beginning of the blue part, we still want to keep the remainder in color.
So let's just pass them through, stripping out the characters that take up
actual space.
Also, use memcpy_safe as we may end up copying zero bytes when ellipsizing at
the start/end of a string.
Fixes: #24502
This also fixes an ugliness where we would ellipsize string with ANSI
sequences too much, leading to output that was narrower on screen than the
requested length:
It just gives names for things generally just handled as numeric
indexes, hence drop the type name, and make the enum anonymous. Nothing
is using the type name anyway.
env-file: when resolving env vars in command lines, collect list of unset/invalid ones
When resolving environment variables we currently silently resolve unset
and invalid environment variables to empty strings. Let's do this
slightly less silently: log about unset and invalid env vars, but still
resolve them to an empty string.
Luca Boccassi [Fri, 16 Jun 2023 23:07:32 +0000 (00:07 +0100)]
TEST-55-OOMD: use 'stress' to create high pressure
The test fails on my machine, running Debian stable, because
testsuite-55-testbloat.service just swaps and never goes over the
limit, so it's not killed. Use 'stress' instead which seems to be
able to overwhelm the swap too.
test-gunicode: add new test to show that unichar_iswide() is borked
I discovered this while looking at the tests with wide characters in the next
patch. It's something to fix, but not directly relevant to the issue of
skipping ANSI in ellipsization. We will generate output that is wider than
expected in some cases, but wide characters are used very rarely so this isn't
such a big problem.
execute: don't honour PrivateNetwork() if we lack CAP_NET_ADMIN
Somehow the Linux kernel allows us to allocate a network namespace if we
possess CAP_SYS_ADMIN but doesn't allow us to configure it, unless we
also have CAP_NET_ADMIN.
Taking that into consideration let's avoid allocating a network
namespace we cannot even configure "lo" in.
This is common case if nspawn is invoked without userns and without
netns, because in that case it will have CAP_SYS_ADMIN but no
CAP_NET_ADMIN.
This also takes down a notch the messages about the automatic
downgrading. These have been LOG_WARNING so far, and I downgraded them
to LOG_NOTICE, since in an environment where CAP_NET_ADMIN is not
available this is really not something to be concerned about, but still
noticable. With that it's still more priorized than regular LOG_INFO.
projects / thirdparty / systemd.git / log
