* 7948d79b63 upgpkg: 257.5-1: new upstream release
* d9badad1d4 drop use of deprecated nscd meson option
* af071243cf upgpkg: 257.4-1: new upstream release
shared/cred-util: Ensure TPM code is used with HAVE_TPM2 guards
Building with no TPM2 we end up with following error
/usr/include/x86_64-linux-gnu/bits/string_fortified.h:29:10: note: in a call to built-in function ‘__builtin___memcpy_chk’
In function ‘memcpy’,
inlined from ‘encrypt_credential_and_warn’ at ../git/src/shared/creds-util.c:1091:17:
/usr/include/x86_64-linux-gnu/bits/string_fortified.h:29:10: error: argument 2 null where non-null expected [-Werror=nonnull]
29 | return __builtin___memcpy_chk (__dest, __src, __len,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
30 | __glibc_objsize0 (__dest));
| ~~~~~~~~~~~~~~~~~~~~~~~~~~
/usr/include/x86_64-linux-gnu/bits/string_fortified.h:29:10: note: in a call to built-in function ‘__builtin___memcpy_chk’
cc1: some warnings being treated as errors 29 | return __builtin___memcpy_chk (__dest, __src, __len,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
30 | __glibc_objsize0 (__dest));
| ~~~~~~~~~~~~~~~~~~~~~~~~~~
This is because code referencing tpm2 data structures is still used while the
initialization of the function has been compiled out since its conditional on HAVE_TPM2
We add needed guards in places where it is missing to fix this problem
When compiling in systems which do not have gcc installed
(like a musl+llvm system) the forced linkage "-lgcc" is
stopping it to compile. As when compiler is clang it do not
need to link explicitelly to gcc I've modified meson to only
link to gcc library when compiler is gcc.
Add support for creating HSR/PRP interfaces. HSR (High-availability Seamless
Redundancy) and PRP (Parallel Redundancy Protocol) are two protocols that
provide seamless failover against failure of any single network component. They
are both implemented by the "hsr" kernel driver.
udev-spawn: search executed command in build directory (#36985)
This makes pin_callout_binary() optionally provides the path of the pinned
binary, and makes it used in udev-spawn.c, to allow easy debugging of
program invocations requested by RUN{program} and friends.
Mike Yuan [Mon, 24 Mar 2025 18:46:46 +0000 (19:46 +0100)]
core/cgroup: drop extraneous CGRuntime check in unit_get_memory_available()
Currently, for units whose CGRuntime is not allocated just yet, e.g.
inactive ones, MemoryAvailable fails to account for their MemoryMax/High
settings. Let's remove the CGRuntime check hence. The call to
unit_get_memory_accounting() would certainly fail, but it doesn't matter,
since 'current' is initially set to 0 anyways.
Mike Yuan [Wed, 2 Apr 2025 19:08:48 +0000 (21:08 +0200)]
mkosi: update debian commit reference
* 4643263123 Add NEWS entry to warn about network connectivity loss due to mDNS, and workaround
* c995755707 Update changelog for 257.4-9 release
* 5e2ba1a045 resolved: break mDNS, remove conflict with avahi
* 6cf6fa39b4 Update changelog for 257.4-8 release
* 5067878f3a reintroduce systemd-resolved, with conflict on avahi-daemon
* 60c0d67e45 d/rules: drop nscd meson option
* 542de2ed44 Install new files for upstream CI
* 1e9b0e30da d/t/boot-and-services: skip gdm3 test in nested LXD run
* 4142fb487b systemd.preinst: fix shellcheck warnings
* 7879441e78 systemd.preinst: do not use systemctl
* 1d5ba16cf0 Update changelog for 257.4-7 release
* ddd3438e04 autopkgtest: re-enable integration tests
* 98698b582f autopkgtest: fix debugging leftover
* f62660777f Backport patches to fix integration tests skipping
* b7308013af autopkgtest: when nested tests-in-lxd skips don't fail outer run
* d5e96c6e56 Update changelog for 257.4-6 release
* 2493e2ffc7 Add Lintian override for 'unknown-field Protected'
* e27ebff834 d/control: fix systemd-boot and systemd-boot-tools descriptions
* 705fff1663 systemd: conflict with dracut on arm64
* 7e92bc39e9 Update changelog for 257.4-5 release
* 7638a4dcc1 autopkgtest: fix unit-tests for upstream CI
* 83a6bbe55a Add missing dh-exec shbang to d/systemd-tests.install
* 11b82593a5 Update changelog for 257.4-4 release
* f221a72abd Drop systemd-nspawn on arm64
* b8ecb66d05 Drop systemd-resolved package
* 560cde98d7 Move leftover resolved files to its own package
* fc2758d02d autopkgtest: drop versioning constraints on tzdata
* b2b7c59141 autopkgtest: remove workaround for 'meson compiile mkosi' and use 'mkosi -f' instead to avoid slow rebuilds
* 17e11869b5 systemd.postinst: add markers for janitor removals
* 581a5994f5 Handle new tmp mount on upgrade in preinst rather than postinst
* 58f6a4f689 d/control: only conflict against opensysusers << 0.7.3-4.1~
* 6dee609537 userdb: fix wildcard matching
* cf722bcd44 systemd-container: use more wildcards to install files
* 2339308f43 userdbd: use wildcard to install units
* a663f671bd Add myself to Uploaders
* 4a5bef9a48 Install new files
* c529659001 Drop systemd-cgroups-agent with upstream profile
* 970061c678 d/rules: add TODO reminder to drop Ubuntu-specific workaround
* 88fc574439 systemd-boot: do case-insensitive parsing of efibootmgr output
* eecb9466e0 Update tzdata-legacy version constraint for new bookworm-p-u tzdata version
* 5d9570efad Update changelog for 257.4-3 release
* 614efde487 Fix versioned breaks/replaces for sd-boot-tools
Currently translated at 100.0% (257 of 257 strings)
Co-authored-by: Javier Francisco <fserrador@gmail.com>
Translate-URL: https://translate.fedoraproject.org/projects/systemd/main/es/
Translation: systemd/main
mkosi: Fix arch build script version sed expression
Yours truly got rid of the _tag variable in the Arch Linux PKGBUILD
a while ago, so actually adapt the build script to that by changing
the pkgver= variable instead.
* 08ce156d74 fmf: Run mkosi genkey before mkosi summary
* 1126a7c6b8 Download commit archives via full sha instead of short one
* cc473d807f fmf: Check out mkosi to some directory in /var/tmp
build-path: make invoke_callout_binary() honour $PATH as last resort
If we cannot find the callout we need in the build dir let's look for it
in $PATH as last resort.
This makes invoke_callout_binary() usable for all binaries we install
into $PATH (as opposed to /usr/lib/systemd), but has no effect
on callout binaries specified with full path.
This is useful, since we soon want to invoke journalctl as a callout.
gpt-auto-generator: write fsck override unit to "middle" generator dir
We generally let gpt-auto-generator write to the "late" generator dir,
so that the explicit fstab-generator can write to the "middle" one. And
I think we should leave it that way. But we also want to override the
generic systemd-fsck-root.service service potentially, and if we'd do
that in the "late" generator dir, it would be pointless, since that's
ordered *after* the static version hence would never be taken into
consdiration.
Hence clean this up: keep writing to the late dir for everything,
except for the fsck stuff.
veritysetup: when we fail to unlock a disk with the root hash signature logic, retry without
Currently, there's no nice way to get a key into the dm-verity kernel
keyring unless recompiling the kernel, or enabling SB or buying into
shim. Neither sounds particularly attractive.
hence provide a reasonable fallback: if unlocking with signed roothash
doesn#t work, just try without. maybe the kernel policy allows this,
maybe not. It's worth a try.
dissect-image: add a concept for "filtering" partitions we dissect
DDIs may contain multiple versions of the same OS, or even multiple
OSes. Hence it makes sense to not just pick the "newest", whatever that
might be, but only partitions associated with specific images, or in a
specific version.
Let's a concept for such filtering: a per-designator glob expression
that can be applied to the partition label string, and can be used for
such filtering.
Usecase: when picking UKI belonging to OS image X in version Y, make
sure we only pick a /usr/ partition belonging to X in version Y, and a
root and home partition belonging to X in any version.
This only adds the basic infrastructure, but doesn't actually expose it
anywhere.
gpt-auto-generator: add support for mount.usr=dissect
So far, we did not support auto-discovery the /usr/ partition at boot.
Change that: on explicit request (i.e. mount.usr=dissect) automatically
discover the /usr/ partition based on our usual dissection logic.
generator: add root=off to explicitly turn search for rootfs off
This is useful when booting into storage target mode, where we do not
want to enter a root fs, we just want to stay forever in the initrd,
and hence there's value in not even generating and jobs to find the
rootfs
gpt-auto-generator: optionally, set up root fs via dissection logic
This introduces root=dissect, which is a lot like root=gpt-auto, but
uses the image dissection logic to find the root partition. It's also
based on the GPT efi var telling us about the root disk, but instead of
just picking some suitable root disk manually it uses the dissection
logic.
This is a big step forward, since it means we can actually make
use of the image policy logic for the root fs too.
Previously if we found a verity signature partition in an image, and the
image policy required "verity" (but did not allow "signature") we'd
refuse the image. This is of course unnecessarily strict: if "verity" is
allowed, we can make use of the verity data, and ignore the signature
data.
hence, relax the rules here: when we pick up a partition and want to
test it against the policy, always consider all "weaker" uses too, maybe
they are allowed if the "stronger" users isn't.
dissect-image: guess verity root hash from the resources we found
When dissecting an image, let's make use of the Verity data even if we
got told no root hash explicitly: we can simply determine it by
concatenating the data partition uuid with the verity partition uuid.
Of course, on first thought this doesn't really add much: if the root
hash is not pinned from somewhere, this does not guarantee trust in
the image.
However, this is very useful for attestation: if we have the root hash
we can measure it before mounting things, even if we don't actually
authenticate it.
Hence, at best this helps us with attestation, at worst it doesn't improve
security but certainly doesn't hurt it.
dissect-image: rework how we determine that we are ready to do verity/verity-sig
Previously, if during early enumeration of the partition table we
figured out we have a verity + verity-sig partition, we determined we are
"ready" to do verity/verity-sig, as reported by the "verity_ready" and
"verity_ready_sig" fields of DissectedImage.
Let's rework this: only determine we are ready in case the VeritySettings
structure is fully populated. Mark verity-sig/verity only as ready once
we actually *load* the verity sig metadata from the special partition.
This is conceptually more correct, as we consider things "ready" only if
we actually have all data for it loaded. It's also preparation for a
later commit that guesses the verity root hash based on what we discover.
udev-builtin-blkid: look for ESP/XBOOTLDR only in initrd; afterwards just look at /
So far the gpt-auto symlinks would point to:
1. the disk the ESP/XBOOTLDR is located on
2. or to a loopback device whose filename field is set to "rootdisk"
or "rootdisk.raw"
This makes sense in the initrd. But once we transition to the host this
is quite confusing, since the symlinks might point to a different place
than what we actually ended up transitioning too: the actual backing
device of the root file system might be different from what gpt-auto
found.
Let's clean this up: let's avoid any ambiguities here: let's extend the
rules above with one more rule:
3. if we left the initrd, we'll make gpt-auto point to the selected
root file system, if it otherwise would have been a candidate.
Or in other words, the ID_PART_GPT_AUTO_ROOT_DISK=1 udev property now
always makes sense: in the initrd it points to the future root disk, and
on the host to the actual root disk.
test: Be smarter about detecting the mkosi configuration directory
Instead of always looking up two directories from the
test/integration-tests/meson.build file, let's search in up to 4
parent directories from the given meson project source root. This
allows us to just pass in meson.project_source_root() to
integration-test-wrapper.py instead of having to pass in a fixed
relative offset from the current meson file.
It'll also allow us to install the integration tests and mkosi
configuration in the future without breaking the standalone
integrationt tests functionality;
udev-builtin-blkid: look for ESP/XBOOTLDR only in initrd; afterwards just look at /
So far the gpt-auto symlinks would point to:
1. the disk the ESP/XBOOTLDR is located on
2. or to a loopback device whose filename field is set to "rootdisk"
or "rootdisk.raw"
This makes sense in the initrd. But once we transition to the host this
is quite confusing, since the symlinks might point to a different place
than what we actually ended up transitioning too: the actual backing
device of the root file system might be different from what gpt-auto
found.
Let's clean this up: let's avoid any ambiguities here: let's extend the
rules above with one more rule:
3. if we left the initrd, we'll make gpt-auto point to the selected
root file system, if it otherwise would have been a candidate.
Or in other words, the ID_PART_GPT_AUTO_ROOT_DISK=1 udev property now
always makes sense: in the initrd it points to the future root disk, and
on the host to the actual root disk.
mkosi: Move all mkosi configuration into mkosi/ subdirectory
Now that mkosi can automatically pick up its main configuration from
a mkosi/ subdirectory if it exists and there is no configuration in the
top level directory, let's make use of it to reduce the amount of clutter
in the top level directory of the repository.
This will also make it easier to install the mkosi configuration files as
part of the testing packages later on.
* b17e5d64a1 Don't try to modify mkosi.repart config if mkosi conf is in subdir
* e2b2ea3776 fmf: Use mkosi/mkosi.local.conf if the mkosi/ directory exists
projects / thirdparty / systemd.git / log
