summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* sd-dhcp6-client: ignore IAs whose IAID do not match client's IAIDv247.10Yu Watanabe2021-10-294-42/+63
| | | | | | But do not refuse whole message. (cherry picked from commit 469fd57f181e2a8d93f01662418ca998e1239ea5)
* meson.build: change operator combining bools from + to andDan Streetman2021-10-291-1/+1
| | | | | | | | | | | upstream meson stopped allowing combining boolean with the plus operator, and now requires using the logical and operator reference: https://github.com/mesonbuild/meson/commit/43302d3296baff6aeaf8e03f5d701b0402e37a6c Fixes: #20632 (cherry picked from commit c29537f39e4f413a6cbfe9669fa121bdd6d8b36f)
* Drop bundled copy of linux/if_arp.hZbigniew Jędrzejewski-Szmek2021-10-122-166/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | As far as I can see, we use this to get a list of ARPHRD_* defines (used in particular for Type= in .link files). If we drop our copy, and build against old kernel headers, the user will have a shorter list of types available. This seems OK, and I don't think it's worth carrying our own version of this file just to have newest possible entries. 7c5b9952c4f6e2b72f90edbe439982528b7cf223 recently updated this file, but we'd have to update it every time the kernel adds new entries. But if we look at the failure carefully: src/basic/arphrd-from-name.gperf:65:16: error: ‘ARPHRD_MCTP’ undeclared (first use in this function); did you mean ‘ARPHRD_FCPP’? 65 | MCTP, ARPHRD_MCTP | ^~ | ARPHRD_FCPP we see that the list we were generating was from the system headers, so it was only as good as the system headers anyway, without the newer entries in our bundled copy, if there were any. So let's make things simpler by always using system headers. And if somebody wants to fix things so that we always have the newest list, then we should just generate and store the converted list, not the full header. (cherry picked from commit e7f46ee3ae1cc66a94b293957721d68dc09d7449)
* basic/linux: Sync if_arp.h with Linux 5.14Chris Packham2021-10-121-0/+1
| | | | | | | | ARPHRD_MCTP was added in 5.14. Sync if_arp.h to pick up the definition Fixes #20694 (cherry picked from commit 7c5b9952c4f6e2b72f90edbe439982528b7cf223)
* journal,network,timesync: fix segfault on 32bit timeval/timespec systemsYu Watanabe2021-10-123-4/+9
| | | | | | Fixes #20741. (cherry picked from commit f782eee68aea996c68b8cfeba5f288dae7fc876f)
* timesync: check cmsg lengthYu Watanabe2021-10-121-0/+2
| | | | (cherry picked from commit 37df6d9b8d3a8b34bec5346766ab8093c0f0fc26)
* socket-util: introduce CMSG_SPACE_TIMEVAL/TIMESPEC macro to support ↵Yu Watanabe2021-10-124-3/+25
| | | | | | | | additional 64bit timeval or timespec Fixes #20482 and #20564. (cherry picked from commit 9365e296fe281da45797af89a97627e872fc019d)
* icmp6: drop unnecessary assertionYu Watanabe2021-10-121-1/+0
| | | | | | Follow-up for 3691bcf3c5eebdcca5b4f1c51c745441c57a6cd1. (cherry picked from commit 6da22a2fa592cc908d26c732b537d8b4fc004280)
* timesync: fix wrong type for receiving timestamp in nanosecondsYu Watanabe2021-10-122-1/+3
| | | | (cherry picked from commit 6f96bdc58746b1698bf8b3430a6c638f8949daec)
* network: fix wrong flag: manage_foreign_routes -> manage_foreign_rulesYu Watanabe2021-10-121-1/+1
| | | | | | Fixes a bug in d94dfe7053d49fa62c4bfc07b7f3fc2227c10aff. (cherry picked from commit 771a36439e955906290afc16a6fb3b10401892cf)
* man: update description for ManageForeignRoutes=Yu Watanabe2021-09-021-4/+7
| | | | (cherry picked from commit 3fe23a96d66e82ff8b08e6573093e391d62f5bd1)
* network: introduce ManageForeignRoutingPolicyRules= boolean setting in ↵Yu Watanabe2021-09-026-5/+23
| | | | | | | | | | | | | | | networkd.conf The commit 0b81225e5791f660506f7db0ab88078cf296b771 makes that networkd remove all foreign rules except those with "proto kernel". But, in some situation, people may want to manage routing policy rules with other tools, e.g. 'ip' command. To support such the situation, this introduce ManageForeignRoutingPolicyRules= boolean setting. Closes #19106. (cherry picked from commit d94dfe7053d49fa62c4bfc07b7f3fc2227c10aff)
* sd-netlink: always append new bridge FDB entriesv247.9Yu Watanabe2021-08-061-2/+6
| | | | | | | | | | This partially reverts 192a9d95ea3e058afd824d38a9cea16ad0a84a57 (#19432). Fixes #20305. (cherry picked from commit 74c1ab841fbad9d4f237c819577fcd1d46a072b6) (cherry picked from commit 38388b95d71b7701922f90854ce568f74e11ed12) (cherry picked from commit 2e27dd58a85c3e8bd9d0e7ff200a2e07f422743df)
* mkosi: openSUSE update --bootable=no dependenciesMichal Koutný2021-08-061-0/+1
| | | | | | | | | Since we can build --bootable=no images without dracut->systemd, we need to add systemd runtime dependencies explicitely. (cherry picked from commit f2bb8857cd093eb9bd5e1dad6fb996a0a4463556) (cherry picked from commit 731a4d9cd6bf471d22b6ac637e49dcd477a92ac6) (cherry picked from commit 103dfac36b938ce12d33b6379758197e86a262d45)
* man: describe veritysetup command syntaxZbigniew Jędrzejewski-Szmek2021-08-062-1/+48
| | | | | | | | It makes it easier to diagnose what the generated units actually do. (cherry picked from commit d53285d551d883bb9f097eca0942e8c585e33470) (cherry picked from commit 3cd5be0e2952548aea9b1cda7985e5bc1b65f4e2) (cherry picked from commit 4c02e269003adbf364dd21d9806c178147bc16367)
* veritysetup: print help for --help/-h/helpZbigniew Jędrzejewski-Szmek2021-08-061-1/+4
| | | | | | | | | In general our commands print help on --help, but here this would trigger the error that two arguments are needed. Let's make this more user-friendly. (cherry picked from commit 5d5e43cc33637a12f743f17294cfbd3ede08a1b3) (cherry picked from commit 8d9471cbca46115e6411b78abc5bc67390940cf1) (cherry picked from commit e5715ab1c75a1b80c1a9a30f7d353b5fd09a93f2a)
* Use correct `<poll.h>` includeDavid Seifert2021-08-062-2/+2
| | | | | | | | * `<sys/poll.h>` is not specified in POSIX (cherry picked from commit 2b6c0bb2a341c95223ce672249e43c743b03d78c) (cherry picked from commit c15fc774d59c486adb81c7eb07fe58b2b3db86da) (cherry picked from commit 5c9236971acc52455df51226996fbe71ecedc2f6f)
* Use correct `<fcntl.h>` includeDavid Seifert2021-08-061-1/+1
| | | | | | | | * `<sys/fcntl.h>` is not specified in POSIX (cherry picked from commit f8d54f7810aeea5ff27a5db03e1aab7ea54c8268) (cherry picked from commit d57080b6229b45802fed997bd53add0df4c7ec00) (cherry picked from commit 43498df87dbf3cfca2198bdb0cbd832be1ff4738d)
* test: correctly detect ASan on s390xFrantisek Sumsal2021-08-061-1/+1
| | | | | | | | | | | | | | | | | | | | | | s390x uses BRAS(L) instead of CALL(Q), e.g.: ``` 1009528: c0 e5 ff ff f8 a0 brasl %r14,1008668 <__asan_report_load1@plt> 10095f0: c0 e5 ff ff ea ec brasl %r14,1006bc8 <__asan_stack_malloc_4@plt> 10097f8: c0 e5 ff ff f8 f8 brasl %r14,10089e8 <__asan_report_load8@plt> ``` x86_64 for reference: ``` 4011f3: e8 48 fe ff ff callq 401040 <__asan_report_load1@plt> 401227: e8 24 fe ff ff callq 401050 <__asan_report_load8@plt> 401251: e8 da fd ff ff callq 401030 <__asan_init@plt> ``` (cherry picked from commit 8bf79f05532162d19fe6ee211297cff81b4f9874) (cherry picked from commit 5a6a08284d7ca89218d9e9ccfe44fce8898ef6bf) (cherry picked from commit 365ed29af67a511c1a1bc427a54bbfe69a3ebc96b)
* systemctl: allow set-property to be called with a glob patternZbigniew Jędrzejewski-Szmek2021-08-061-20/+33
| | | | | | | | | | We call "systemctl set-property … Markers=+needs-restart" and this should also work for globs, e.g. "user@*.service" or "syncthing@*.service". https://bugzilla.redhat.com/show_bug.cgi?id=1986258 (cherry picked from commit 23a0ffa59f9cb26c4b016c9fd1a3a70da2607f61) (cherry picked from commit 2d7cda87690baacb98941b7653cae67a749571ef) (cherry picked from commit f7d310092c1aa26344ba959e6902b167b961e8fe4)
* seccomp: move sched_getaffinity() from @system-service to @defaultLennart Poettering2021-08-061-1/+1
| | | | | | | | | | | | | | | | | | See: https://github.com/systemd/systemd/pull/20191#issuecomment-881982739 In general, we shouldn't blanket move syscalls like this into @default, given that glibc actually does have fallbacks, afaics. However, as long as the syscalls are "read-only" and thus benign, I figure it's a safe thing to do. But we should probably stick to a "if in doubt, don't" rule, and put these syscalls in @system-service as default, but not into @default. I think in the real world @system-service is the sensible group people should use, and not @default actually. (cherry picked from commit 7df660e45682af5c40a236abe1bdc5ddcf3b3533) (cherry picked from commit ee8564940b527cef6e643e6e41b6f0b5df375a37) (cherry picked from commit bcdec4e0fc1744461d535091298d5da5b369ace0c)
* seccomp: drop getrandom() from @system-serviceLennart Poettering2021-08-061-1/+0
| | | | | | | | | | | | It's included in @default now, since 14f4b1b568907350d023d1429c1aa4aaa8925f22, and since @system-service pulls that in we can drop it from @system-service. Follow-up for #20191 (cherry picked from commit 67347f37407489a68e12da8f75b78ae1d1168de9) (cherry picked from commit 3eb4dc295ae9b853450e4823c8be7dbf8ccdbd43) (cherry picked from commit cbae9c99952f2a422b7fc1112406f25e8cd9fdb5e)
* networkd: Include linux/netdevice.h headerKhem Raj2021-08-061-0/+1
| | | | | | | | | | | | This header provides definitions for NET_NAME_UNKNOWN ånd NET_NAME_ENUM Fixes build issue found with non-glibc systems ../git/src/network/networkd-link.c:1203:52: error: 'NET_NAME_UNKNOWN' undeclared (first use in this function) Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 2a0d07d6a0d5be63c6c10cb0789412f584858ec1) (cherry picked from commit 369b2066e93e9a11fdfd3eb6fc7402ecd55fc7bd) (cherry picked from commit 18535f62c126f38c7128c54780bcfd52eaa3461bc)
* man: Fix incorrect EFI vendor UUID (last missing nibble)ratijas2021-08-061-1/+1
| | | | | | (cherry picked from commit d2e84b601805ae89cf8cb1b383b30c7c97cac73d) (cherry picked from commit 595d9965bb07c1f96e159d5be31504972c9d0754) (cherry picked from commit aa7f0febcd1b2d444aabf11fd8b1ee885e36675ec)
* malloc() uses getrandom nowCristian Rodríguez2021-08-061-0/+1
| | | | | | | | glibc master uses getrandom in malloc since https://sourceware.org/git/?p=glibc.git;a=commit;h=fc859c304898a5ec72e0ba5269ed136ed0ea10e1 , getrandom should be in the default set so to avoid all non trivial programs to fallback to a PRNG. (cherry picked from commit 14f4b1b568907350d023d1429c1aa4aaa8925f22) (cherry picked from commit 1253d18af7449814bc882506b0fe3770311b3bc0) (cherry picked from commit 381149c6e265a4e44cfe2bbba6a3cae2782874bd9)
* machined-varlink: fix double freeDavid Tardon2021-08-021-1/+1
| | | | | | | Fixes: #18599 (cherry picked from commit feac9a1d1bf3f59adaa85f58b655ec01a111a29a) (cherry picked from commit 1600b38cd2029533547f8c3d4abfa12911ca0630) (cherry picked from commit 7f143dada7c0c9e230d4037043e213268c9b85f0)
* basic/unit-name: do not use strdupa() on a pathv247.8Zbigniew Jędrzejewski-Szmek2021-07-201-8/+5
| | | | | | | | | | | | | | | | | | | | | | | The path may have unbounded length, for example through a fuse mount. CVE-2021-33910: attacked controlled alloca() leads to crash in systemd and ultimately a kernel panic. Systemd parses the content of /proc/self/mountinfo and each mountpoint is passed to mount_setup_unit(), which calls unit_name_path_escape() underneath. A local attacker who is able to mount a filesystem with a very long path can crash systemd and the whole system. https://bugzilla.redhat.com/show_bug.cgi?id=1970887 The resulting string length is bounded by UNIT_NAME_MAX, which is 256. But we can't easily check the length after simplification before doing the simplification, which in turns uses a copy of the string we can write to. So we can't reject paths that are too long before doing the duplication. Hence the most obvious solution is to switch back to strdup(), as before 7410616cd9dbbec97cf98d75324da5cda2b2f7a2. (cherry picked from commit 441e0115646d54f080e5c3bb0ba477c892861ab9) (cherry picked from commit 764b74113e36ac5219a4b82a05f311b5a92136ce) (cherry picked from commit 4a1c5f34bd3e1daed4490e9d97918e504d19733b)
* shell-completion/zsh/_systemd-run: Fix completion of command names and argumentsduament2021-07-201-1/+2
| | | | | | (cherry picked from commit 3f49d1faf59acaa85aa5ad502c39b1a601d58d26) (cherry picked from commit b511a441f3277750e68a14d8d7e6649c4f182b86) (cherry picked from commit cb5564aea24d6d92716bdd0c06d1a2d7b91a1c71)
* shared/format-table: allocate buffer of sufficient sizeZbigniew Jędrzejewski-Szmek2021-07-201-2/+2
| | | | | | (cherry picked from commit 6dc57047ff0f1f9e98938ffb172dae06e6868b94) (cherry picked from commit e6407ca25852dadec355df2e6fdc92d1f189bceb) (cherry picked from commit d442b879abac5bcaf7756e53e304fd0ade36d49d)
* systemctl: show error when help for unknown unit is requestedZbigniew Jędrzejewski-Szmek2021-07-201-1/+1
| | | | | | | | | | | | | | | | Fixes #20189. We would only log at debug level and return failure, which looks like a noop for the user. ('help' accepts multiple arguments and will show multiple concatenated man pages in that case. Actually, it will also show multiple concatenated man pages if the Documentation= setting lists multiple pages. I don't think it's very terribly useful, but, meh, I don't think we can do much better. If a user requests a help for a two services, one known and one unknown, there'll now be a line in the output. It's not very user friendly, but not exactly wrong too.) (cherry picked from commit 75312ada5324d8adae3f3a0ed97f0acfc8b8bde5) (cherry picked from commit 486412ad3bba4f1306597302cf66cc4858126243) (cherry picked from commit ee0cf3ef6f522ee084ed987593f55c6c32097619)
* hostnamed: correct variable with errno in fallback_chassisJan Palus2021-07-201-4/+4
| | | | | | | | | fixes assertion failure on arm: systemd-hostnamed[642]: Assertion '(_error) != 0' failed at src/hostname/hostnamed.c:207, function fallback_chassis(). Aborting. (cherry picked from commit 105a4245ff13d588e1e848e8ee3cffd6185bd0ae) (cherry picked from commit 4a44597bdd725f504ebd520b0deef7797dc46daa)
* NEWS: add old entry about Type=etherZbigniew Jędrzejewski-Szmek2021-07-201-0/+5
| | | | | | | | | | Apparently it's an important feature for some folks: https://utcc.utoronto.ca/\~cks/space/blog/linux/NetworkdMACMatchesWidely. I think we considered this more of a bugfix, but it's somewhere on the border. Let's add this it's easier to discover. (cherry picked from commit 88b2a95064675c5f86648053cf124265f5289095) (cherry picked from commit 3cb75aecc0a5facf2e057ea56d2334ebd3ee2761)
* tmpfiles: fix borked assertZbigniew Jędrzejewski-Szmek2021-07-201-4/+4
| | | | | | | | | | | | | It seems that fd_set_perms() is always called after checking that fd >= 0 (also when called as action() in glob_item_recursively()), so it seems that the assertion really came from fd==0. Fixes #20140. Also three other similar cases are updated. (cherry picked from commit b4b0f87c6275dde32769c2e75231caa1d4c21f9b) (cherry picked from commit 1dcecfc50b6c4db3b76b81765403f84c06ecf225)
* udev: Fix by-uuid symlink for ubifs volumesTrent Piepho2021-07-201-1/+1
| | | | | | | | | | | | | | | | ubifs volumes have a UUID and the built-in blkid is able to determine it. The disk/by-uuid symlink isn't created because ubifs volumes are not on block devices but on SUBSYSTEM="ubi" devices. See #20071. Allow ubi subsystem devices to be processed by the persistent storage rules too. The kernel device name matching already allows ubi* to pass. The existing rules are sufficient to create the link. The links look like other by-uuid symlinks, for example: /dev/disk/by-uuid/9a136158-585b-4ba4-9b70-cbaf2cf78a1c -> ../../ubi0_1 (cherry picked from commit 21ac7884e9c1684d091d893254bcbe4b83740e9f) (cherry picked from commit 15bd27b06c67e94541e3376d3d482f4f849f5aff)
* Revert "rules: ubi mtd - add link to named partitions"Lennart Poettering2021-07-202-6/+0
| | | | | | | | | | | This reverts commit 7f1e9c806b6915e8020cf3706dc87e1cd37bc2fa, PR #6750 Apparently the rule change never worked, see #20071. Fixes #20071 (cherry picked from commit 4b6bc397b454f79006481c1e8507d85c5bfd2e9a) (cherry picked from commit 7e558b501783757f63b9c93edce43239a5178611)
* core: add comment explaining event source deallocationZbigniew Jędrzejewski-Szmek2021-07-201-5/+5
| | | | | | | | Followup for bc989831e6. The original reproducer still works w/o the unref, and doesn't work with this change. (cherry picked from commit 13bb1ffb912cacea4041910e38674e0984ac5772) (cherry picked from commit d82da0f04f6ebe7044f4c33b9067c17c909a8d5d)
* core: add default descriptions for slicesZbigniew Jędrzejewski-Szmek2021-07-201-0/+8
| | | | | | | | | | | | | [ OK ] Created slice system-getty.slice (Slice /system/getty). [ OK ] Created slice system-modprobe.slice (Slice /system/modprobe). [ OK ] Created slice system-sshd\x2dkeygen.slice (Slice /system/sshd-keygen). [ OK ] Created slice user.slice (User and Session Slice). Before, the first three slices were shown without any description which didn't look nice. (cherry picked from commit 4dd21726f852010aef17e9b952b4bb1646fdf496) (cherry picked from commit 0b0d80d96009e10ce36d683b7991829a2cfca67c)
* core/service: rework management of exec_fd event sourceZbigniew Jędrzejewski-Szmek2021-07-201-3/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The code in service_spawn() was written as if exec_fd_event_source was always unset. (We would either fail the assertion that is moved in the patch, or leak the event source object if it was set.) To make this work, let's always assert that exec_fd_event_source is unset, and actually unset it service_sigchld_event(). I think this is the most elegant approach. The problem is that we don't have the same information about execution flags as in service_spawn(), so we need to conditionalize on pid==main_pid to know if we should disable exec_fd_event_source. I think this matches all cases where we may set exec_fd_event_source: service_enter_start() and service_run_next_main(). service_enter_stop_post() calls service_set_state(), which will also destroy the source. But that happens too late, because from service_enter_stop_post() we call service_spawn() first, and then service_set_state() second. (An alternative approach would be to deallocate the existing exec_fd_event_source in service_spawn(). But this would mean that we would temporarily have an event source attached to a process that we already know is dead, which seems less than ideal.) Original report from Dimitri John Ledkov <dimitri.ledkov@canonical.com>: > Ubuntu private bug reference for this issue at the moment is > https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1921145 > Michael's and Ian's team run into an issue when using systemd in the > initrd, without dbus daemon running, and launching a unit in a > particular way that appears to lock up systemd (pid 1) it self. > michael vogt: "The attached script works for me to reproduce this on > classic. I tested 20.04 (245) and 21.04 (247) in a qemu VM. Sometimes > I need to run it multiple times but usually it crashes after at most 2 > runs. Use "journalctl | tail" to see the messages, it's the same that > Ian reported. There is also a /var/crash/_usr_lib_systemd_systemd > crash file created." > I understand that the particular way to run a unit is very odd, > however, it is currently possible to invoke, and it would be expected > for pid1 to not lock up and crash. > The Assertion that systemd hits is along the lines of: > [ 10.182627] systemd[1]: Assertion 's' failed at > src/core/service.c:3204, function service_dispatch_exec_io(). > Aborting. > [ 10.195458] systemd[1]: Caught <ABRT>, dumped core as pid 449. > [ 10.204446] systemd[1]: Freezing execution. (cherry picked from commit bc989831e634123c2ff43bcbbeae19097ccc9ff9) (cherry picked from commit 493c5c7bab9713afcd647dada885bed68b9d3cf3)
* core: disable event sources before unreffing themZbigniew Jędrzejewski-Szmek2021-07-2013-49/+49
| | | | | | | | | | | | | | | | | | | This mirrors the change done for systemd-resolved in 97935302283729c9206b84f5e00b1aff0f78ad19. Quoting that patch: > We generally operate on the assumption that a source is "gone" as soon as we > unref it. This is generally true because we have the only reference. But if > something else holds the reference, our unref doesn't really stop the source > and it could fire again. In particular, we take temporary references from sd-event code, and when called from an sd-event callback, we could temporarily see this elevated reference count. This patch doesn't seem to change anything, but I think it's nicer to do the same change as in other places and not rely on _unref() immediately disabling the source. (cherry picked from commit 5dcadb4c8320f6a7b8a9353404874d43668e4648) (cherry picked from commit 67782e10f0dd0f2feeb036aa4380fa5c6c55aaea)
* resolved: do not try to copy empty NSEC types bitmapsAlexander Tsoy2021-07-201-6/+10
| | | | | | | | | dns_resource_record_copy() assumes that NSEC types bitmap is non-empty which results in a null pointer dereference inside bitmap_copy() in some cases. Fix this by calling bitmap_copy() conditionally. (cherry picked from commit 1f00a50c695fe3b55dee38fbd02a902a6c703c87) (cherry picked from commit fc7be6db131a5062dde76ee7857c2f91e1c402cb)
* dbus-socket: fix check of Listen* argumentsZbigniew Jędrzejewski-Szmek2021-07-201-2/+2
| | | | | | | | | | | | We checked the wrong field, which was always NULL here, so we would always reject the assignment. We would also print the wrong string in the error message: $ sudo systemd-run --socket-property ListenFIFO=/tmp/fifo3 cat Failed to start transient socket unit: Invalid socket path: FIFO (cherry picked from commit aeecab3804aae973577f36880af4b7799e4eb7d5) (cherry picked from commit 78fb13b38572f6649f1e9822ef6acb8ca4952c12)
* resolvectl: Only strip ifname suffixes when being resolvconfMike Crowe2021-07-203-9/+21
| | | | | | | | | | | | Only treat interface names containing dots specially when resolvectl is pretending to be resolvconf to fix https://github.com/systemd/systemd/issues/20014 . Move the special suffix-stripping behaviour of ifname_mangle out to the new ifname_resolvconf_mangle to be called from resolvconf only. (cherry picked from commit 7875170f01991a1d28cfe284cc7075630cd69055) (cherry picked from commit 6ec5680beaa8df4b4b87e9aa614d29561c0e98fe)
* docs: update autofs Kconfig nameAndrea Pappacoda2021-07-201-1/+1
| | | | | (cherry picked from commit 0c651d32d49e66ea0152eea5e65dd19fe01e7a06) (cherry picked from commit b6811758288fd53266028885d46f5a5f7d8c49a7)
* sd-journal: add missing bracket in journal verify log messageLennart Poettering2021-07-201-1/+1
| | | | | (cherry picked from commit 6abd991c718dbc1480ab7e71103a8b3e886bd3a3) (cherry picked from commit 3dabd7f816fa0465c08745ce76f459c4c2a7c3d5)
* sd-dhcp-client: tentatively ignore FORCERENEW commandYu Watanabe2021-07-201-0/+8
| | | | | | | | | | | | | This makes DHCP client ignore FORCERENEW requests, as unauthenticated FORCERENEW requests causes a security issue (TALOS-2020-1142, CVE-2020-13529). Let's re-enable this after RFC3118 (Authentication for DHCP Messages) and/or RFC6704 (Forcerenew Nonce Authentication) are implemented. Fixes #16774. (cherry picked from commit 38e980a6a5a3442c2f48b1f827284388096d8ca5) (cherry picked from commit 3ec1234d1e3195849088b2a3c70fbdefebeadc35)
* completion: fix 'unbound variables' errorsLuca Boccassi2021-07-2017-18/+18
| | | | | | | Fixes https://github.com/systemd/systemd/issues/19987 (cherry picked from commit 36ec026830c6978be8bd39f3c6d1d7822495e07f) (cherry picked from commit fe13c0bd40bc5ccdda61b8b474194920543a617b)
* completion/systemd-delta,-resolve: autocomplete with parametersLuca Boccassi2021-07-202-2/+2
| | | | | (cherry picked from commit 6a0667d2b6f05682c2ced1b53132274049b9ea5c) (cherry picked from commit 0aed618942b0bcc5946d15c91f3518fc5024789a)
* time-util: don't use plural units indiscriminatelyAnders Wenhaug2021-07-202-12/+105
| | | | | | | | | | | | format_timestamp_relative currently returns the plural form of years and months no matter the quantity, and in many cases (for durations > 1 week) this is the same with days. This patch changes this so that the function takes the quantity into account, returning "1 month 1 week ago" instead of "1 months 1 weeks ago". (cherry picked from commit 45eb4d2261ed0d943fd503a6d79ee3b7b7558c09) (cherry picked from commit e74329ce9fa7ccb025960f9b220dff9e556a80e5)
* shell-completion: revert c1072f6473bafa063cbf700c86524083d2857031Eric Cook2021-07-2021-21/+21
| | | | | | | fixing https://github.com/systemd/systemd/issues/19689 (cherry picked from commit 682e043c42fe3ac0fee4ce727458aaeb0e638589) (cherry picked from commit 2683e7a16024506b203092208ca1d28b953a111a)
* core/service: fix assertion when Type=dbus but BusName= is not specifiedYu Watanabe2021-07-201-1/+2
| | | | | | | Fixes #19920. (cherry picked from commit 0f97b7c338bb7440572c454558efb8fee395896a) (cherry picked from commit 455713ce7061afa6db68e72c93c061335dd941df)
View Lorry Controller Status