| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On certain systems the `install_libnss()` function might end up with an
empty list of libraries to install, which triggers an assertion in
`image_install()`:
```
I: Install libnss
..//test-functions: line 2721: 1: parameter null or not set
make: *** [Makefile:4: setup] Error 1
```
E.g.:
```
# LD_DEBUG=files getent passwd 2>&1 >/dev/null | sed -n '/calling init: .*libnss_/ {s!^.* /!/!; p}'
/lib64/libnss_sss.so.2
/lib64/libnss_systemd.so.2
# dnf -y remove sssd-client systemd-libs
# LD_DEBUG=files getent passwd 2>&1 >/dev/null | sed -n '/calling init: .*libnss_/ {s!^.* /!/!; p}'
<no output>
```
Let's handle this case gracefully.
|
| |
|
|\
| |
| | |
shutdown: lazily umount all API vfs
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Let's go directly from opening /proc/ to opening /proc/$PID/fd/ instead
of indirectly via opening /proc/$PID/ first. Saves a syscall.
Also, add error logging about all unexpected errors.
Finally, drop redundant denylist for /proc/, /sys/, /dev/ prefix
checking, should be redundant, given the ealier check against the 'mnt'
prefix.
|
| |
| |
| |
| | |
Alternative for: df48b430a4a85f923eaecb3fadf9c514692d2082
|
| | |
|
| | |
|
| |
| |
| |
| | |
No actual change of words.
|
|\ \
| | |
| | | |
udevadm-wait: also listen kernel uevents
|
| | | |
|
| | | |
|
| | |
| | |
| | |
| | | |
Suggested at https://github.com/systemd/systemd/pull/24471#discussion_r959703103.
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Until now using the INTERACTIVE_DEBUG=yes stuff together with sanitizers
was almost impossible, since the console kept eating up our inputs or
not responding at all. After a painful day of debugging I noticed that
if we use a shell script in the initrd -> root transition, we might end up
with a plymouthd still running, which kept screwing with the tty.
E.g. with initrd -> wrapper -> systemd transition, where the `wrapper`
is a simple script:
```
exec -- /usr/lib/systemd/systemd "$@"
```
we'd end up with a stray plymouthd process after the bootup:
```
1 0 440 2 20 0 0 0 worker I ? 0:00 [kworker/5:2-ata_sff]
1 0 453 2 20 0 0 0 worker I ? 0:00 [kworker/9:2-rcu_gp]
5 0 456 1 20 0 7252 1960 do_epo S ? 0:00 @usr/sbin/plymouthd --mode=boot --pid-file=/run/plymouth/pid --attach-to-session
```
After killing it, the tty works finally as expected.
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The loading of an extension image from a symlink "NAME.raw" to
"NAME-VERSION.raw" failed because the release file name check worked
with the backing file of the loop device which already resolves the
symlink and thus the found name "NAME-VERSION" mismatched "NAME".
Pass the original filename and use it instead of the backing file
when available. This fixes the loading of "NAME.raw" extensions which
are a symlink to "NAME-VERSION.raw" as, e.g., may be the case when
systemd-sysupdate manages multiple versions.
Fixes https://github.com/systemd/systemd/issues/24293
|
|\ \ \
| | | |
| | | | |
nspawn: add rootidmap as --bind option
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
rootidmap bind option will map the root user from the container to the
owner of the mounted directory on the filesystem. This will ensure files
and directories created by the root user in the container will be owned
by the directory owner on the filesystem. All other user will remain
unmapped.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This enum should be used to define various idmapping modes for bind
mounts which might be incompatible. Changing its name and the values
name to reflect that.
|
|\ \ \ \
| | | | |
| | | | | |
parse-util: simplify safe_atou8() + safe_atou16()
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
As in the previous commit: it's just a wrapper around the same
strtoul(), hence let's just share some more code.
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Both are fancy wrappers around strtoul() anyway, not more, hence let's
just make them a wrapper around each other, too, to simplify things a
lot.
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
The filter is generated based on the following results:
---
git clone git@github.com:linuxhw/DMI.git
cd DMI
git grep -h -A2 '^System Information$' | grep 'Manufacturer' | sort | uniq -c | sort -nr | less
git grep -h -A2 '^System Information$' | grep 'Product Name' | sort | uniq -c | sort -nr | less
---
Closes #24446.
|
|\ \ \ \ \
| | | | | |
| | | | | | |
test: mark knot.conf tmpfiles config as optional
|
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
I'm not sure why this worked previously.
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Since it got removed in the recent knot release.
See: https://github.com/CZ-NIC/knot/commit/a6971a4025133a77b29f6d2b381b40dc0499730c
|
|\ \ \ \ \ \
| |_|/ / / /
|/| | | | | |
homed: don't wait for workers without time limit
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Let's give IO/resizing/… more time then usual.
Fixes: #22901
|
| |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Let's put some time-limit on it.
Fixes: #22901
|
|\ \ \ \ \
| |_|/ / /
|/| | | | |
job: Don't discard propagated restart jobs when unit is activating
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
When a service unit Requires= a socket, and the socket is restarted while the
service is in state=activating, the propagated restart is being discarded. This
is contrary to the documentation for Requires=, which states "this unit will be
stopped (or restarted) if one of the other units is explicitly stopped (or
restarted)".
|
| | | | | |
|
| |/ / /
|/| | |
| | | |
| | | |
| | | | |
This is useful when we need to fill in the UUID later, such as when
using verity partitions.
|
|\ \ \ \
| | | | |
| | | | | |
loop-util: several follow ups for recent changes
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Follow-up for 7f52206a2bc128f9ae8306db43aa6e2f7d916f82.
C.f. 87862cc2b4abb9564f7e0365ac515dc9020a54e4.
|
| | | | | |
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
loop_device_make()
This also fixes a leak of lock_fd, which introduced by
7f52206a2bc128f9ae8306db43aa6e2f7d916f82, when fd is for a block device,
and size or offset is non-zero.
Fixes another issue in #24147.
|
| | | | | |
|
| | | | | |
|
|/ / / / |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
If multiple service is starting simultaneously with a shared image,
then one of the service may fail to create a mount node:
systemd[695]: Bind-mounting /usr/lib/os-release on /run/systemd/unit-root/run/host/os-release (MS_BIND|MS_REC "")...
systemd[696]: Bind-mounting /usr/lib/os-release on /run/systemd/unit-root/run/host/os-release (MS_BIND|MS_REC "")...
systemd[695]: Failed to mount /usr/lib/os-release (type n/a) on /run/systemd/unit-root/run/host/os-release (MS_BIND|MS_REC ""): No such file or directory
systemd[696]: Failed to mount /usr/lib/os-release (type n/a) on /run/systemd/unit-root/run/host/os-release (MS_BIND|MS_REC ""): No such file or directory
systemd[695]: Bind-mounting /usr/lib/os-release on /run/systemd/unit-root/run/host/os-release (MS_BIND|MS_REC "")...
systemd[696]: Failed to create destination mount point node '/run/systemd/unit-root/run/host/os-release': Operation not permitted
systemd[695]: Successfully mounted /usr/lib/os-release to /run/systemd/unit-root/run/host/os-release
The function apply_one_mount() in src/core/namespace.c gracefully
handles -EEXIST from make_mount_point_inode_from_path(), but it erroneously
returned -EPERM previously. This fixes the issue.
Fixes one of the issues in #24147, especially reported at
https://github.com/systemd/systemd/issues/24147#issuecomment-1236194671.
|
| | | |
| | | |
| | | | |
A NetDev is needed to create the bridge in order to match the example's description "This creates a bridge..."
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Without the section header the assignments were effectively ignored.
Follow-up to 9fff8e1fdd222f8f05b9ecf170814a9059acfc78.
|
|\ \ \ \
| | | | |
| | | | | |
bootspec: do not build too many json object at once
|
| | | | | |
|
| | | | | |
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This adds a testcase for the issue oss-fuzz#50949
(https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50949).
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This is a workaround for an issue in the memory sanitizer.
If a function is called with too many arguments, then the sanitizer
triggers the following false-positive warning:
==349==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x7f8b247134a7 in json_buildv /work/build/../../src/systemd/src/shared/json.c:3213:17
#1 0x7f8b24714231 in json_build /work/build/../../src/systemd/src/shared/json.c:4117:13
#2 0x7f8b24487fa5 in show_boot_entries /work/build/../../src/systemd/src/shared/bootspec.c:1424:29
#3 0x4a6a1b in LLVMFuzzerTestOneInput /work/build/../../src/systemd/src/fuzz/fuzz-bootspec.c:119:16
#4 0x4c6693 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:611:15
#5 0x4c5e7a in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool, bool*) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:514:3
#6 0x4c7ce4 in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::__Fuzzer::vector<fuzzer::SizedFile, std::__Fuzzer::allocator<fuzzer::SizedFile> >&) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:826:7
#7 0x4c7f19 in fuzzer::Fuzzer::Loop(std::__Fuzzer::vector<fuzzer::SizedFile, std::__Fuzzer::allocator<fuzzer::SizedFile> >&) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:857:3
#8 0x4b757f in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:912:6
#9 0x4e0bd2 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
#10 0x7f8b23ead082 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24082) (BuildId: 1878e6b475720c7c51969e69ab2d276fae6d1dee)
#11 0x41f69d in _start (build-out/fuzz-bootspec+0x41f69d)
Follow-up for #24541.
Fixes #24551.
|
|/ / / / |
|
| | | |
| | | |
| | | |
| | | | |
size
|