]> git.ipfire.org Git - thirdparty/systemd.git/log
thirdparty/systemd.git
7 months agomeson: enable -Werror=flex-array-member-not-at-end 36993/head
Yu Watanabe [Thu, 3 Apr 2025 16:18:48 +0000 (01:18 +0900)] 
meson: enable -Werror=flex-array-member-not-at-end

7 months agoethtool: do not embed struct with flexible array into another struct
Yu Watanabe [Thu, 3 Apr 2025 16:17:36 +0000 (01:17 +0900)] 
ethtool: do not embed struct with flexible array into another struct

To allow compile ethtool-util.c with -Werror=flex-array-member-not-at-end.

7 months agosbsign: rename WIN_CERTIFICATE -> WIN_CERTIFICATE_HEADER and drop trailing flexible...
Yu Watanabe [Thu, 3 Apr 2025 16:15:19 +0000 (01:15 +0900)] 
sbsign: rename WIN_CERTIFICATE -> WIN_CERTIFICATE_HEADER and drop trailing flexible array

To allow building sbsign with -Werror=flex-array-member-not-at-end.

7 months agoboot: allow building sd-boot with -Werror=flex-array-member-not-at-end
Yu Watanabe [Thu, 3 Apr 2025 16:14:10 +0000 (01:14 +0900)] 
boot: allow building sd-boot with -Werror=flex-array-member-not-at-end

7 months agodhcp: split out DHCP_MESSAGE_HEADER_DEFINITION to allow building test-dhcp-server...
Yu Watanabe [Thu, 3 Apr 2025 16:12:54 +0000 (01:12 +0900)] 
dhcp: split out DHCP_MESSAGE_HEADER_DEFINITION to allow building test-dhcp-server.c with -Werror=flex-array-member-not-at-end

7 months agogpt-auto-generator: fix memory leak
Antonio Alvarez Feijoo [Fri, 4 Apr 2025 09:18:18 +0000 (11:18 +0200)] 
gpt-auto-generator: fix memory leak

Follow-up for 74cfd0921c01c464b79548467e909e577bfc25ac

7 months agopo: Translated using Weblate (Spanish)
Javier Francisco [Thu, 3 Apr 2025 22:43:38 +0000 (22:43 +0000)] 
po: Translated using Weblate (Spanish)

Currently translated at 100.0% (257 of 257 strings)

Co-authored-by: Javier Francisco <fserrador@gmail.com>
Translate-URL: https://translate.fedoraproject.org/projects/systemd/main/es/
Translation: systemd/main

7 months agomkosi: Fix arch build script version sed expression
Daan De Meyer [Thu, 3 Apr 2025 20:44:32 +0000 (22:44 +0200)] 
mkosi: Fix arch build script version sed expression

Yours truly got rid of the _tag variable in the Arch Linux PKGBUILD
a while ago, so actually adapt the build script to that by changing
the pkgver= variable instead.

7 months agotest logind restart with different classes
Matteo Croce [Thu, 3 Apr 2025 10:57:37 +0000 (12:57 +0200)] 
test logind restart with different classes

Test logind restart with every possible value of XDG_SESSION_CLASS

7 months agoTwo more mkosi updates (#36992)
Daan De Meyer [Thu, 3 Apr 2025 16:56:59 +0000 (18:56 +0200)] 
Two more mkosi updates (#36992)

7 months agomkosi: update fedora commit reference 36992/head
Daan De Meyer [Thu, 3 Apr 2025 14:38:31 +0000 (16:38 +0200)] 
mkosi: update fedora commit reference

08ce156d74 fmf: Run mkosi genkey before mkosi summary
1126a7c6b8 Download commit archives via full sha instead of short one
cc473d807f fmf: Check out mkosi to some directory in /var/tmp

7 months agodocs: Make sure we run mkosi genkey before everything else
Daan De Meyer [Thu, 3 Apr 2025 14:37:56 +0000 (16:37 +0200)] 
docs: Make sure we run mkosi genkey before everything else

Otherwise other commands might fail saying the keys don't exist
yet.

7 months agotimedate: Use timestamp_is_set() more
Daan De Meyer [Thu, 3 Apr 2025 11:48:27 +0000 (13:48 +0200)] 
timedate: Use timestamp_is_set() more

Aside from just being cleaner, this also solves bogus compiler warnings
we're seeing when building on CentOS Stream 9 (-Wmaybe-uninitialized)

7 months agomkosi: Point ssh key and certificate to top level dir as well (#36989)
Daan De Meyer [Thu, 3 Apr 2025 13:34:44 +0000 (15:34 +0200)] 
mkosi: Point ssh key and certificate to top level dir as well (#36989)

7 months agomkosi: Switch to KernelInitrdModules= 36989/head
Daan De Meyer [Thu, 3 Apr 2025 12:52:52 +0000 (14:52 +0200)] 
mkosi: Switch to KernelInitrdModules=

No change in behavior, just switching to the new setting implemented
by @keszybz.

7 months agomkosi: Pass through NO_SYNC to tools and subimages as well
Daan De Meyer [Thu, 3 Apr 2025 12:51:48 +0000 (14:51 +0200)] 
mkosi: Pass through NO_SYNC to tools and subimages as well

The tools tree now invokes mkosi.sync, so we have to pass through
NO_SYNC as well.

7 months agomkosi: Point ssh key and certificate to top level dir as well
Daan De Meyer [Thu, 3 Apr 2025 12:38:28 +0000 (14:38 +0200)] 
mkosi: Point ssh key and certificate to top level dir as well

Follow up for 342d21ef19391fdb7fc41548ad48f5b1e7423943

7 months agomkosi: Fix ExtraSearchPaths= for build directory
Daan De Meyer [Thu, 3 Apr 2025 12:07:52 +0000 (14:07 +0200)] 
mkosi: Fix ExtraSearchPaths= for build directory

follow up for 342d21ef19391fdb7fc41548ad48f5b1e7423943

7 months agoudev: new "image_dissect" builtin that can be used to generate symlinks based on...
Lennart Poettering [Thu, 3 Apr 2025 11:32:11 +0000 (13:32 +0200)] 
udev: new "image_dissect" builtin that can be used to generate symlinks based on partition designators (#36631)

This replaces #36209 and implements this via a new builtin, rather than
by shelling out to systemd-dissect.

Replaces: #36209
Replaces: #28894
Fixes: #34319
Fixes: #33453
Fixes: #27897
Fixes: #18035
7 months agobuild-path: make invoke_callout_binary() honour $PATH as last resort
Lennart Poettering [Wed, 26 Mar 2025 15:15:25 +0000 (11:15 -0400)] 
build-path: make invoke_callout_binary() honour $PATH as last resort

If we cannot find the callout we need in the build dir let's look for it
in $PATH as last resort.

This makes invoke_callout_binary() usable for all binaries we install
into $PATH (as opposed to /usr/lib/systemd), but has no effect
on callout binaries specified with full path.

This is useful, since we soon want to invoke journalctl as a callout.

7 months agogenerator: two minor tweaks to fsck code (#36970)
Yu Watanabe [Thu, 3 Apr 2025 10:19:54 +0000 (19:19 +0900)] 
generator: two minor tweaks to fsck code (#36970)

7 months agomkosi: Move all mkosi configuration into mkosi/ subdirectory (#36954)
Daan De Meyer [Thu, 3 Apr 2025 10:18:47 +0000 (12:18 +0200)] 
mkosi: Move all mkosi configuration into mkosi/ subdirectory (#36954)

7 months agotwo udev blkid builtin tweaks (#36968)
Yu Watanabe [Thu, 3 Apr 2025 09:44:56 +0000 (18:44 +0900)] 
two udev blkid builtin tweaks (#36968)

Fixes: #34319
7 months agotest: add a new unit test, src/test/test-binfmt-util.c
ZIHCO [Thu, 3 Apr 2025 01:50:12 +0000 (02:50 +0100)] 
test: add a new unit test, src/test/test-binfmt-util.c

7 months agoupdate TODO 36631/head
Lennart Poettering [Fri, 14 Mar 2025 15:13:20 +0000 (16:13 +0100)] 
update TODO

7 months agoman: document new gpt-auto-generator features
Lennart Poettering [Thu, 20 Mar 2025 21:51:04 +0000 (22:51 +0100)] 
man: document new gpt-auto-generator features

7 months agogpt-auto-generator: write fsck override unit to "middle" generator dir
Lennart Poettering [Thu, 20 Mar 2025 09:34:42 +0000 (10:34 +0100)] 
gpt-auto-generator: write fsck override unit to "middle" generator dir

We generally let gpt-auto-generator write to the "late" generator dir,
so that the explicit fstab-generator can write to the "middle" one. And
I think we should leave it that way. But we also want to override the
generic systemd-fsck-root.service service potentially, and if we'd do
that in the "late" generator dir, it would be pointless, since that's
ordered *after* the static version hence would never be taken into
consdiration.

Hence clean this up: keep writing to the late dir for everything,
except for the fsck stuff.

7 months agoveritysetup: when we fail to unlock a disk with the root hash signature logic, retry...
Lennart Poettering [Thu, 20 Mar 2025 13:35:50 +0000 (14:35 +0100)] 
veritysetup: when we fail to unlock a disk with the root hash signature logic, retry without

Currently, there's no nice way to get a key into the dm-verity kernel
keyring unless recompiling the kernel, or enabling SB or buying into
shim. Neither sounds particularly attractive.

hence provide a reasonable fallback: if unlocking with signed roothash
doesn#t work, just try without. maybe the kernel policy allows this,
maybe not. It's worth a try.

7 months agodissect-image: move extension release arguments of verity_dissect_and_mount() into...
Lennart Poettering [Tue, 18 Mar 2025 21:24:00 +0000 (22:24 +0100)] 
dissect-image: move extension release arguments of verity_dissect_and_mount() into a structure

7 months agoman: document image filters
Lennart Poettering [Thu, 20 Mar 2025 16:15:41 +0000 (17:15 +0100)] 
man: document image filters

7 months agogpt-auto-generator: parse systemd.image_filter= from kernel cmdline
Lennart Poettering [Thu, 20 Mar 2025 16:23:52 +0000 (17:23 +0100)] 
gpt-auto-generator: parse systemd.image_filter= from kernel cmdline

7 months agobuiltin-dissect_image: add support for image filters
Lennart Poettering [Thu, 20 Mar 2025 09:36:46 +0000 (10:36 +0100)] 
builtin-dissect_image: add support for image filters

7 months agodissect-tool: expose image filtering via new --image-filter= parameter
Lennart Poettering [Wed, 19 Mar 2025 08:09:16 +0000 (09:09 +0100)] 
dissect-tool: expose image filtering via new --image-filter= parameter

7 months agodissect-image: add a concept for "filtering" partitions we dissect
Lennart Poettering [Tue, 18 Mar 2025 15:46:27 +0000 (16:46 +0100)] 
dissect-image: add a concept for "filtering" partitions we dissect

DDIs may contain multiple versions of the same OS, or even multiple
OSes. Hence it makes sense to not just pick the "newest", whatever that
might be, but only partitions associated with specific images, or in a
specific version.

Let's a concept for such filtering: a per-designator glob expression
that can be applied to the partition label string, and can be used for
such filtering.

Usecase: when picking UKI belonging to OS image X in version Y, make
sure we only pick a /usr/ partition belonging to X in version Y, and a
root and home partition belonging to X in any version.

This only adds the basic infrastructure, but doesn't actually expose it
anywhere.

7 months agoveritysetup: optionally pick up roothash/roothashsig from udev device db entry
Lennart Poettering [Tue, 18 Mar 2025 11:51:04 +0000 (12:51 +0100)] 
veritysetup: optionally pick up roothash/roothashsig from udev device db entry

7 months agogpt-auto-generator: add support for setting up verity partitions automatically
Lennart Poettering [Mon, 17 Mar 2025 20:38:12 +0000 (21:38 +0100)] 
gpt-auto-generator: add support for setting up verity partitions automatically

So far the gpt-auto-generator would only cover unprotected and encrypted
partitions. Teach it handling of verity too.

7 months agogpt-auto-generator: add support for mount.usr=dissect
Lennart Poettering [Mon, 17 Mar 2025 16:01:49 +0000 (17:01 +0100)] 
gpt-auto-generator: add support for mount.usr=dissect

So far, we did not support auto-discovery the /usr/ partition at boot.
Change that: on explicit request (i.e. mount.usr=dissect) automatically
discover the /usr/ partition based on our usual dissection logic.

7 months agogenerator: add root=off to explicitly turn search for rootfs off
Lennart Poettering [Fri, 14 Mar 2025 14:57:03 +0000 (15:57 +0100)] 
generator: add root=off to explicitly turn search for rootfs off

This is useful when booting into storage target mode, where we do not
want to enter a root fs, we just want to stay forever in the initrd,
and hence there's value in not even generating and jobs to find the
rootfs

7 months agogpt-auto-generator: optionally, set up root fs via dissection logic
Lennart Poettering [Fri, 14 Mar 2025 14:44:50 +0000 (15:44 +0100)] 
gpt-auto-generator: optionally, set up root fs via dissection logic

This introduces root=dissect, which is a lot like root=gpt-auto, but
uses the image dissection logic to find the root partition. It's also
based on the GPT efi var telling us about the root disk, but instead of
just picking some suitable root disk manually it uses the dissection
logic.

This is a big step forward, since it means we can actually make
use of the image policy logic for the root fs too.

7 months agodissect-image: relax image policy logic a bit
Lennart Poettering [Fri, 14 Mar 2025 11:01:17 +0000 (12:01 +0100)] 
dissect-image: relax image policy logic a bit

Previously if we found a verity signature partition in an image, and the
image policy required "verity" (but did not allow "signature") we'd
refuse the image. This is of course unnecessarily strict: if "verity" is
allowed, we can make use of the verity data, and ignore the signature
data.

hence, relax the rules here: when we pick up a partition and want to
test it against the policy, always consider all "weaker" uses too, maybe
they are allowed if the "stronger" users isn't.

7 months agodissect-image: guess verity root hash from the resources we found
Lennart Poettering [Fri, 14 Mar 2025 10:57:34 +0000 (11:57 +0100)] 
dissect-image: guess verity root hash from the resources we found

When dissecting an image, let's make use of the Verity data even if we
got told no root hash explicitly: we can simply determine it by
concatenating the data partition uuid with the verity partition uuid.

Of course, on first thought this doesn't really add much: if the root
hash is not pinned from somewhere, this does not guarantee trust in
the image.

However, this is very useful for attestation: if we have the root hash
we can measure it before mounting things, even if we don't actually
authenticate it.

Hence, at best this helps us with attestation, at worst it doesn't improve
security but certainly doesn't hurt it.

7 months agodissect-image: rework how we determine that we are ready to do verity/verity-sig
Lennart Poettering [Fri, 14 Mar 2025 10:46:38 +0000 (11:46 +0100)] 
dissect-image: rework how we determine that we are ready to do verity/verity-sig

Previously, if during early enumeration of the partition table we
figured out we have a verity + verity-sig partition, we determined we are
"ready" to do verity/verity-sig, as reported by the "verity_ready" and
"verity_ready_sig" fields of DissectedImage.

Let's rework this: only determine we are ready in case the VeritySettings
structure is fully populated. Mark verity-sig/verity only as ready once
we actually *load* the verity sig metadata from the special partition.

This is conceptually more correct, as we consider things "ready" only if
we actually have all data for it loaded. It's also preparation for a
later commit that guesses the verity root hash based on what we discover.

7 months agoudev: add dissect_image builtin
Lennart Poettering [Wed, 5 Mar 2025 16:42:33 +0000 (17:42 +0100)] 
udev: add dissect_image builtin

Fixes: #33453 #27897 #18035
7 months agoudev-builtin-blkid: skip GPT dissection unless we actually have partition support
Lennart Poettering [Fri, 14 Mar 2025 15:13:48 +0000 (16:13 +0100)] 
udev-builtin-blkid: skip GPT dissection unless we actually have partition support

7 months agoudev-builtin-blkid: look for ESP/XBOOTLDR only in initrd; afterwards just look at /
Lennart Poettering [Thu, 13 Mar 2025 21:03:04 +0000 (22:03 +0100)] 
udev-builtin-blkid: look for ESP/XBOOTLDR only in initrd; afterwards just look at /

So far the gpt-auto symlinks would point to:

   1. the disk the ESP/XBOOTLDR is located on
   2. or to a loopback device whose filename field is set to "rootdisk"
      or "rootdisk.raw"

This makes sense in the initrd. But once we transition to the host this
is quite confusing, since the symlinks might point to a different place
than what we actually ended up transitioning too: the actual backing
device of the root file system might be different from what gpt-auto
found.

Let's clean this up: let's avoid any ambiguities here: let's extend the
rules above with one more rule:

   3. if we left the initrd, we'll make gpt-auto point to the selected
      root file system, if it otherwise would have been a candidate.

Or in other words, the ID_PART_GPT_AUTO_ROOT_DISK=1 udev property now
always makes sense: in the initrd it points to the future root disk, and
on the host to the actual root disk.

Fixes: #34319
7 months agogenerator: downgrade complaint about trying to fsck a non-block device 36970/head
Lennart Poettering [Thu, 20 Mar 2025 09:36:20 +0000 (10:36 +0100)] 
generator: downgrade complaint about trying to fsck a non-block device

7 months agogenerator: also suppress fsck early if we are adding a bind mount
Lennart Poettering [Thu, 20 Mar 2025 09:33:56 +0000 (10:33 +0100)] 
generator: also suppress fsck early if we are adding a bind mount

There's no point in "fscking a bind mount". Let's not do it hence.

7 months agotest: Be smarter about detecting the mkosi configuration directory 36954/head
Daan De Meyer [Wed, 2 Apr 2025 16:15:04 +0000 (18:15 +0200)] 
test: Be smarter about detecting the mkosi configuration directory

Instead of always looking up two directories from the
test/integration-tests/meson.build file, let's search in up to 4
parent directories from the given meson project source root. This
allows us to just pass in meson.project_source_root() to
integration-test-wrapper.py instead of having to pass in a fixed
relative offset from the current meson file.

It'll also allow us to install the integration tests and mkosi
configuration in the future without breaking the standalone
integrationt tests functionality;

7 months agoudev-builtin-blkid: skip GPT dissection unless we actually have partition support 36968/head
Lennart Poettering [Fri, 14 Mar 2025 15:13:48 +0000 (16:13 +0100)] 
udev-builtin-blkid: skip GPT dissection unless we actually have partition support

7 months agoudev-builtin-blkid: look for ESP/XBOOTLDR only in initrd; afterwards just look at /
Lennart Poettering [Thu, 13 Mar 2025 21:03:04 +0000 (22:03 +0100)] 
udev-builtin-blkid: look for ESP/XBOOTLDR only in initrd; afterwards just look at /

So far the gpt-auto symlinks would point to:

   1. the disk the ESP/XBOOTLDR is located on
   2. or to a loopback device whose filename field is set to "rootdisk"
      or "rootdisk.raw"

This makes sense in the initrd. But once we transition to the host this
is quite confusing, since the symlinks might point to a different place
than what we actually ended up transitioning too: the actual backing
device of the root file system might be different from what gpt-auto
found.

Let's clean this up: let's avoid any ambiguities here: let's extend the
rules above with one more rule:

   3. if we left the initrd, we'll make gpt-auto point to the selected
      root file system, if it otherwise would have been a candidate.

Or in other words, the ID_PART_GPT_AUTO_ROOT_DISK=1 udev property now
always makes sense: in the initrd it points to the future root disk, and
on the host to the actual root disk.

Fixes: #34319
7 months agomkosi: Move all mkosi configuration into mkosi/ subdirectory
Daan De Meyer [Wed, 2 Apr 2025 12:27:45 +0000 (14:27 +0200)] 
mkosi: Move all mkosi configuration into mkosi/ subdirectory

Now that mkosi can automatically pick up its main configuration from
a mkosi/ subdirectory if it exists and there is no configuration in the
top level directory, let's make use of it  to reduce the amount of clutter
in the top level directory of the repository.

This will also make it easier to install the mkosi configuration files as
part of the testing packages later on.

7 months agomkosi: update fedora commit reference
Daan De Meyer [Thu, 3 Apr 2025 07:59:13 +0000 (09:59 +0200)] 
mkosi: update fedora commit reference

b17e5d64a1 Don't try to modify mkosi.repart config if mkosi conf is in subdir
e2b2ea3776 fmf: Use mkosi/mkosi.local.conf if the mkosi/ directory exists

7 months agomkosi: Update to latest
Daan De Meyer [Wed, 2 Apr 2025 13:27:24 +0000 (15:27 +0200)] 
mkosi: Update to latest

7 months agotest: wait for the device node symlink being created
Yu Watanabe [Thu, 3 Apr 2025 03:04:11 +0000 (12:04 +0900)] 
test: wait for the device node symlink being created

Follow-up for 6e003d18bbf5e9f55c08b25d80b138b3a98d5f26.

Hopefully fixes the following failure:
```
[   50.650939] TEST-87-AUX-UTILS-VM.sh[3637]: + mkdir -p /tmp/validatefs-test.mount/somewhere/else
[   50.652499] TEST-87-AUX-UTILS-VM.sh[3637]: + mount /dev/disk/by-label/qnurx /tmp/validatefs-test.mount/somewhere/else
[   50.660885] /dev/disk/by-label/qnurx: Can't lookup blockdev
[   50.654964] TEST-87-AUX-UTILS-VM.sh[3731]: mount: /tmp/validatefs-test.mount/somewhere/else: special device /dev/disk/by-label/qnurx does not exist.
```

7 months agotest: Use test.service template for all integration tests (#36979)
Yu Watanabe [Thu, 3 Apr 2025 03:11:49 +0000 (12:11 +0900)] 
test: Use test.service template for all integration tests (#36979)

Instead of having some tests have their own unit, let's make
test.service.in generic enough so that it works for all integration
tests.

7 months agotest: set timeout for udevadm settle/wait/lock
Yu Watanabe [Wed, 2 Apr 2025 16:48:19 +0000 (01:48 +0900)] 
test: set timeout for udevadm settle/wait/lock

Otherwise, if a test in a spurious state, it consumes quite long time.
Let's fail earlier in such case.

This also drops an unnecessary calls of 'udevadm settle' in
testcase_nvme_basic() of TEST-64-UDEV-STORAGE.

7 months agoTwo trivial cleanups (#36980)
Yu Watanabe [Wed, 2 Apr 2025 23:56:46 +0000 (08:56 +0900)] 
Two trivial cleanups (#36980)

7 months agotest logind restart
Matteo Croce [Wed, 2 Apr 2025 19:18:45 +0000 (21:18 +0200)] 
test logind restart

Add a simple check which ensures that a user service survives
a logind restart.

7 months agodissect-image: after probing file systems, we still have the chance to not use a...
Lennart Poettering [Fri, 14 Mar 2025 10:45:20 +0000 (11:45 +0100)] 
dissect-image: after probing file systems, we still have the chance to not use a partition

Just because we found something we should still allow it to not be used,
hence include UNUSED in the found flags.

7 months agohwdb/keyboard: Map FN key on TUXEDO NB02 devices
Werner Sembach [Wed, 2 Apr 2025 16:47:12 +0000 (18:47 +0200)] 
hwdb/keyboard: Map FN key on TUXEDO NB02 devices

Map the FN key of TUXEDO NB02 devices that produces a scancode unrecognized by
the Linux kernel.

Signed-off-by: Werner Sembach <wse@tuxedocomputers.com>
7 months agotree-wide: replace unsigned int -> unsigned, long int -> long 36980/head
Yu Watanabe [Wed, 2 Apr 2025 20:48:59 +0000 (05:48 +0900)] 
tree-wide: replace unsigned int -> unsigned, long int -> long

7 months agomemfd-util: make memfd_add/get_seals() static
Yu Watanabe [Wed, 2 Apr 2025 20:36:25 +0000 (05:36 +0900)] 
memfd-util: make memfd_add/get_seals() static

7 months agotest: Use test.service template for all integration tests 36979/head
Daan De Meyer [Wed, 2 Apr 2025 19:58:59 +0000 (21:58 +0200)] 
test: Use test.service template for all integration tests

Instead of having some tests have their own unit, let's make
test.service.in generic enough so that it works for all integration
tests.

7 months agorules: split out gpt-root rules from 99-systemd.rules
Lennart Poettering [Wed, 5 Mar 2025 15:24:32 +0000 (16:24 +0100)] 
rules: split out gpt-root rules from 99-systemd.rules

All other rules in 99-systemd.rules are pretty much concerned about
SYSTEMD_READY=1 and tagging devices the service manager shall track. But
the gpt-root symlink is different, and it makes sense independently of
the service manager. Hence give it a separate file.

This introduces indentation for inner sections skipped via GOTO=. The
rules parser supports that. In order to make this more readable, let's
maybe make use of this.

7 months agojournald: two minor tweaks (#36966)
Yu Watanabe [Wed, 2 Apr 2025 19:31:55 +0000 (04:31 +0900)] 
journald: two minor tweaks (#36966)

7 months agojournald: split out varlink code into .c/.h file and add varlink documentation to...
Yu Watanabe [Wed, 2 Apr 2025 19:31:15 +0000 (04:31 +0900)] 
journald: split out varlink code into .c/.h file and add varlink documentation to it (#36965)

No real code changes.

7 months agopo: Translated using Weblate (Chinese (Simplified) (zh_CN))
z z [Wed, 2 Apr 2025 18:31:03 +0000 (18:31 +0000)] 
po: Translated using Weblate (Chinese (Simplified) (zh_CN))

Currently translated at 99.2% (255 of 257 strings)

Co-authored-by: z z <3397542367@qq.com>
Translate-URL: https://translate.fedoraproject.org/projects/systemd/main/zh_CN/
Translation: systemd/main

7 months agosd_journal_get_cursor() tweaks (#36964)
Yu Watanabe [Wed, 2 Apr 2025 19:11:35 +0000 (04:11 +0900)] 
sd_journal_get_cursor() tweaks (#36964)

7 months agoprioq: minor tweaks (#36963)
Yu Watanabe [Wed, 2 Apr 2025 19:10:10 +0000 (04:10 +0900)] 
prioq: minor tweaks (#36963)

7 months agosd-event: don't consider no pending IO event a programming error in sd_event_source_g...
Lennart Poettering [Tue, 25 Mar 2025 20:43:15 +0000 (16:43 -0400)] 
sd-event: don't consider no pending IO event a programming error in sd_event_source_get_io_revents()

7 months agovarlink: add common helper that refuse method calls from unpriv clients
Lennart Poettering [Wed, 26 Mar 2025 16:34:34 +0000 (12:34 -0400)] 
varlink: add common helper that refuse method calls from unpriv clients

7 months agoSeveral cleanups for rc-local-generator (#36953)
Yu Watanabe [Wed, 2 Apr 2025 19:05:45 +0000 (04:05 +0900)] 
Several cleanups for rc-local-generator (#36953)

7 months agotest: Unset JOURNAL_STREAM for integration test units
Daan De Meyer [Wed, 2 Apr 2025 18:43:41 +0000 (20:43 +0200)] 
test: Unset JOURNAL_STREAM for integration test units

We use StandardOutput=journal+console for integration test units
to make sure the output from the test ends up on both the serial
console and in the journal. Unfortunately this only works for
messages written to stdout/stderr of the test service. All journal
messages logged by systemd tools will only end up in the journal and
not on the serial console. This makes test failures harder to debug
than needed because developers have to fetch the journal to figure
out the actual error that was logged by any systemd tool that failed
when invoked from the integration test script.

To fix this, let's unset $JOURNAL_STREAM for the integration test
units. This forces all output to go through stdout, which will make
journald forward it to the console and save it in the journal.

7 months agologind: utmp fix (#36958)
Yu Watanabe [Wed, 2 Apr 2025 17:41:26 +0000 (02:41 +0900)] 
logind: utmp fix (#36958)

Fixes: #36930
7 months agoudevdm: use PidRef at one more place (#36959)
Yu Watanabe [Wed, 2 Apr 2025 17:26:42 +0000 (02:26 +0900)] 
udevdm: use PidRef at one more place (#36959)

7 months agotree-wide: pass -EBADF to device_monitor_new_full()
Yu Watanabe [Wed, 2 Apr 2025 14:34:29 +0000 (23:34 +0900)] 
tree-wide: pass -EBADF to device_monitor_new_full()

Prompted by https://github.com/systemd/systemd/pull/36922#discussion_r2024940885.

7 months agoudev: use notify socket to send message from worker processes to manager process...
Yu Watanabe [Wed, 2 Apr 2025 17:09:36 +0000 (02:09 +0900)] 
udev: use notify socket to send message from worker processes to manager process (#36922)

This replaces home-grown notification method from worker processes to
manager process with sd-notify. Then, we can reuse many library
functions commonly used by many components.
Hopefully, this does not change any effective functionalities.

7 months agosome selinux modernizations (#36955)
Yu Watanabe [Wed, 2 Apr 2025 16:30:03 +0000 (01:30 +0900)] 
some selinux modernizations (#36955)

7 months agoudev: introduce rm_rf_safep() and modernize udev_watch_restore() (#36923)
Yu Watanabe [Wed, 2 Apr 2025 16:28:34 +0000 (01:28 +0900)] 
udev: introduce rm_rf_safep() and modernize udev_watch_restore() (#36923)

7 months agotest: converted unittest in src/test/test-mkdir.c to use new ASSERT_OK() macros and...
victor-ok [Tue, 1 Apr 2025 23:13:46 +0000 (00:13 +0100)] 
test: converted unittest in src/test/test-mkdir.c to use new ASSERT_OK() macros and friends

7 months agojournald: do not schedule idle timer if our event loop is dying 36966/head
Lennart Poettering [Tue, 25 Mar 2025 20:45:16 +0000 (16:45 -0400)] 
journald: do not schedule idle timer if our event loop is dying

7 months agojournald: rename stdout_stream_destroy() → stdout_stream_terminate()
Lennart Poettering [Tue, 25 Mar 2025 20:44:30 +0000 (16:44 -0400)] 
journald: rename stdout_stream_destroy() → stdout_stream_terminate()

7 months agojournald: document Varlink interface 36965/head
Lennart Poettering [Tue, 25 Mar 2025 16:07:36 +0000 (12:07 -0400)] 
journald: document Varlink interface

7 months agojournald: split out varlink code into a separate .c file
Lennart Poettering [Tue, 25 Mar 2025 15:57:44 +0000 (11:57 -0400)] 
journald: split out varlink code into a separate .c file

No actual code changes just splitting out code.

7 months agosd-journal: document relevant sd_journal_get_cursor() error codes 36964/head
Lennart Poettering [Mon, 24 Mar 2025 10:54:00 +0000 (06:54 -0400)] 
sd-journal: document relevant sd_journal_get_cursor() error codes

7 months agosd-journal: make return parameter to sd_journal_get_cursor() optional
Lennart Poettering [Mon, 24 Mar 2025 10:54:30 +0000 (06:54 -0400)] 
sd-journal: make return parameter to sd_journal_get_cursor() optional

7 months agoprioq: add some minor overflow checking assert()s 36963/head
Lennart Poettering [Wed, 26 Mar 2025 15:19:05 +0000 (11:19 -0400)] 
prioq: add some minor overflow checking assert()s

7 months agoprioq: invalidate index pointers on removal
Lennart Poettering [Wed, 26 Mar 2025 15:18:40 +0000 (11:18 -0400)] 
prioq: invalidate index pointers on removal

7 months agomeson: rename RC_LOCAL_PATH -> SYSTEM_SYSVRCLOCAL_PATH 36953/head
Yu Watanabe [Wed, 2 Apr 2025 13:10:29 +0000 (22:10 +0900)] 
meson: rename RC_LOCAL_PATH -> SYSTEM_SYSVRCLOCAL_PATH

No functional change, but just for emphasizing that this is for
SysV compatibility.

7 months agomeson: disable rc-local-generator when an empty string is specified to rc-local=...
Yu Watanabe [Wed, 2 Apr 2025 13:09:12 +0000 (22:09 +0900)] 
meson: disable rc-local-generator when an empty string is specified to rc-local= meson option

In such case, the generator is meaningless. Let's kill it.

7 months agocore: delegate mountns implicitly when any of pidns/cgns/netns is in use, clean up...
Yu Watanabe [Wed, 2 Apr 2025 15:15:33 +0000 (00:15 +0900)] 
core: delegate mountns implicitly when any of pidns/cgns/netns is in use, clean up private cgroupfs mount (#36892)

Fixes #36952

7 months agologind: save logind session information to disk once we acquired it via utmp 36958/head
Lennart Poettering [Wed, 2 Apr 2025 14:46:25 +0000 (16:46 +0200)] 
logind: save logind session information to disk once we acquired it via utmp

Fixes: #36930
7 months agologind: split utmp related code into logind-utmp.[ch]
Lennart Poettering [Wed, 2 Apr 2025 14:42:40 +0000 (16:42 +0200)] 
logind: split utmp related code into logind-utmp.[ch]

No real changes, just moving of code around.

7 months agoudevadm-lock: use PidRef 36959/head
Yu Watanabe [Wed, 2 Apr 2025 14:16:05 +0000 (23:16 +0900)] 
udevadm-lock: use PidRef

7 months agoprocess-util: make wait_for_terminate() as trivial wrapper of its PidRef version
Yu Watanabe [Wed, 2 Apr 2025 15:08:07 +0000 (00:08 +0900)] 
process-util: make wait_for_terminate() as trivial wrapper of its PidRef version

7 months agoprocess-util: add pidref-based version of wait_for_terminate_and_check()
Lennart Poettering [Sun, 23 Mar 2025 22:35:36 +0000 (18:35 -0400)] 
process-util: add pidref-based version of wait_for_terminate_and_check()

7 months agoudev-manager: use PidRef for managing worker processes 36922/head
Yu Watanabe [Mon, 31 Mar 2025 20:05:40 +0000 (05:05 +0900)] 
udev-manager: use PidRef for managing worker processes

7 months agoudev: use sd_notify to communicate between worker and manager processes
Yu Watanabe [Thu, 20 Mar 2025 08:50:05 +0000 (17:50 +0900)] 
udev: use sd_notify to communicate between worker and manager processes

Let's replace home-grown notification from worker to manager process
with sd_notify.

7 months agoudev: split out error code assignment and move them to udev-error.c
Yu Watanabe [Thu, 20 Mar 2025 08:28:28 +0000 (17:28 +0900)] 
udev: split out error code assignment and move them to udev-error.c

No functional change, just refactoring and preparation for later change.

7 months agoudev-manager: broadcast event in event_requeue() on failure
Yu Watanabe [Thu, 20 Mar 2025 09:14:29 +0000 (18:14 +0900)] 
udev-manager: broadcast event in event_requeue() on failure

Also, send the actual error code rather than ETIMEDOUT.