| Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
Behavior on constantly failing (or oneshot) unit was unclear. Let's
document it here.
|
|
This fixes a bug from #26038 where it would actually write generator
stuff during sysroot check when it was only supposed to check for daemon
reload.
|
|
Fixes another memleak introduced by 64de00c49fde341d09b817164fe8cc8f7da46268.
Fixes #28283.
|
|
For issue #28280.
|
|
same network
Fixes #28280.
|
|
Introduce a manual test tool that creates a journal, corrupts it by
flipping bits at given offsets, and then attempts to write to the journal.
In ideal case we should handle this gracefully without any crash or
memory corruption.
|
|
Updated by "Update PO files to match POT (msgmerge)" hook in Weblate.
Co-authored-by: Weblate <noreply@weblate.org>
Translate-URL: https://translate.fedoraproject.org/projects/systemd/master/
Translation: systemd/main
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Fixes memleak introduced by 64de00c49fde341d09b817164fe8cc8f7da46268.
Fixes #28277.
|
|
With the fix done in PR28215, the unit restart job is created with type JOB_START.
Because of that, it is not properly merged anymore with the old one: the
merged job has state JOB_RUNNING. It should have state JOB_WAITING.
I think that the old job is not cleaned up because we don't go through the failed state.
With this fix, the merged job is properly created with state JOB_WAITING.
|
|
When this option is set to direct, the service restarts without entering a failed
state. Dependent units are not notified of transitory failure.
This is useful for the following use case:
We have a target with Requires=my-service, After=my-service.
my-service.service is a oneshot service and has Restart=on-failure in
its definition.
my-service.service can get stuck for various reasons and time out, in
which case it is restarted. Currently, when it fails the first time, the
target fails, even though my-service is restarted.
The behavior we're looking for is that until my-service is not restarted
anymore, the target stays pending waiting for my-service.service to
start successfully or fail without being restarted anymore.
|
|
Related: https://github.com/systemd/systemd/issues/27604
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
|
|
This reports the confidential virtualization type that was detected
Related: https://github.com/systemd/systemd/issues/27604
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
|
|
Related: https://github.com/systemd/systemd/issues/27604
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
|
|
This property reports whether the system is running inside a confidential
virtual machine.
Related: https://github.com/systemd/systemd/issues/27604
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
|
|
The "cvm" flag indicates whether the OS is running inside a confidential
virtual machine.
Related: https://github.com/systemd/systemd/issues/27604
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
|
|
The --list-cvm option reports the known types of confidential virtualization
technology that can be detected.
Related: https://github.com/systemd/systemd/issues/27604
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
|
|
The --cvm option detects whether the OS is running inside a confidential
virtual machine.
Related: https://github.com/systemd/systemd/issues/27604
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
|
|
This code uses various CPUID checks to be able to identify
* AMD SEV
* AMD SEV-ES
* AMD SEV-SNP
* Intel TDX
On HyperV/Azure, it has special checks for detecting SEV-SNP
since the normal CPUID is blocked.
Related: https://github.com/systemd/systemd/issues/27604
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
|
|
Co-authored-by: Dmitry V. Levin <ldv@altlinux.org>
Resolves: #15055
|
|
The article "a" goes before consonant sounds and "an" goes before vowel
sounds. This commit changes an to a for UKI, UDP, UTF-8, URL, UUID, U-Label, UI
and USB, since they start with the sound /ˌjuː/.
|
|
pwquality and passwdqc
Co-authored-by: Dmitry V. Levin <ldv@altlinux.org>
|
|
With this change, the only direct users of libpwquality functions
are those defined in pwquality-util.
|
|
This would allow to use quality_check_password() in
user_record_quality_check_password() which still uses
sym_pwquality_check() directly.
|
|
As logging password suggestions might leak sensitive information,
print it instead.
Suggested-by: Yu Watanabe <watanabe.yu+github@gmail.com>
|
|
quality_check_password() used to return the same value 0 in two
different cases: when pwq_allocate_context() failed with a
ERRNO_IS_NOT_SUPPORTED() code, and when pwquality_check() rejected the
password. As result, users of quality_check_password() used to report
password weakness also in case when the underlying library was not
available.
Fix this by changing quality_check_password() to forward the
ERRNO_IS_NOT_SUPPORTED() code to its callers, and change the callers
to handle this case gracefully.
|
|
Given that ERRNO_IS_*() also match positive values, call
ERRNO_IS_NOT_SUPPORTED() only if the value returned by
pwq_allocate_context() is negative.
|
|
* Hwdb: Add Sanwa Direct 400-MA128 external trackpad
```
$ udevadm info /dev/input/by-path/pci-0000:28:00.3-usb-0:1.4.4.1:1.1-event-mouse
P: /devices/pci0000:00/0000:00:07.1/0000:28:00.3/usb5/5-1/5-1.4/5-1.4.4/5-1.4.4.1/5-1.4.4.1:1.1/0003:258A:0501.0097/input/input256/event15
M: event15
R: 15
U: input
D: c 13:79
N: input/event15
L: 0
S: input/by-id/usb-SINO_WEALTH_USB_TOUCHPAD-if01-event-mouse
S: input/by-path/pci-0000:28:00.3-usb-0:1.4.4.1:1.1-event-mouse
E: DEVPATH=/devices/pci0000:00/0000:00:07.1/0000:28:00.3/usb5/5-1/5-1.4/5-1.4.4/5-1.4.4.1/5-1.4.4.1:1.1/0003:258A:0501.0097/input/input256/event15
E: DEVNAME=/dev/input/event15
E: MAJOR=13
E: MINOR=79
E: SUBSYSTEM=input
E: USEC_INITIALIZED=3436890430330
E: ID_INPUT=1
E: ID_INPUT_TOUCHPAD=1
E: ID_INPUT_WIDTH_MM=106
E: ID_INPUT_HEIGHT_MM=77
E: ID_BUS=usb
E: ID_MODEL=USB_TOUCHPAD
E: ID_MODEL_ENC=USB\x20TOUCHPAD
E: ID_MODEL_ID=0501
E: ID_SERIAL=SINO_WEALTH_USB_TOUCHPAD
E: ID_VENDOR=SINO_WEALTH
E: ID_VENDOR_ENC=SINO\x20WEALTH
E: ID_VENDOR_ID=258a
E: ID_REVISION=0521
E: ID_TYPE=hid
E: ID_USB_MODEL=USB_TOUCHPAD
E: ID_USB_MODEL_ENC=USB\x20TOUCHPAD
E: ID_USB_MODEL_ID=0501
E: ID_USB_SERIAL=SINO_WEALTH_USB_TOUCHPAD
E: ID_USB_VENDOR=SINO_WEALTH
E: ID_USB_VENDOR_ENC=SINO\x20WEALTH
E: ID_USB_VENDOR_ID=258a
E: ID_USB_REVISION=0521
E: ID_USB_TYPE=hid
E: ID_USB_INTERFACES=:030101:030000:
E: ID_USB_INTERFACE_NUM=01
E: ID_USB_DRIVER=usbhid
E: ID_PATH=pci-0000:28:00.3-usb-0:1.4.4.1:1.1
E: ID_PATH_TAG=pci-0000_28_00_3-usb-0_1_4_4_1_1_1
E: ID_INPUT_TOUCHPAD_INTEGRATION=internal
E: LIBINPUT_DEVICE_GROUP=3/258a/501:usb-0000:28:00.3-1.4.4
E: DEVLINKS=/dev/input/by-id/usb-SINO_WEALTH_USB_TOUCHPAD-if01-event-mouse /dev/input/by-path/pci-0000:28:00.3-usb-0:1.4.4.1:1.1-event-mouse
```
Link to product: https://www.amazon.co.jp/gp/product/B07Z5HCMFP
|
|
Co-authored-by: Yu Watanabe <watanabe.yu+github@gmail.com>
|
|
Let's make including hashes in the mtree output configurable to allow
speeding up the --mtree command in cases where file hashes are not
required.
|
|
--copy-to, --copy-from, --list and --mtree are useful for image directories
as well as image files, so for those verbs, let's check if we were passed
a directory and skip all the image file setup if that's the case.
|
|
|
|
|
|
Let's cast these floats explicitly to usec_t, since implicit
float-to-integer casts are dangerous business, and we should underline
that there's a cast happening here.
|
|
Suggested in https://github.com/systemd/systemd/pull/26902#issuecomment-1620400583.
|
|
|
|
|
|
Follow-up for 0e07cdb0e77d0322bc866b5e13abbe38e988059d and
f84331539deae28fbeb42d45ad0c8d583b3372a3.
|
|
The failures may be critical for per-link operation, but not critical
for the service.
|
|
Before this patch, if a network has multiple routers and one of them
provides a captive portal, then the portal was overwritten or cleared
when another RA from another router is received.
This makes captive portals managed in the similar way as DNS servers or
DNS domains. So now captive portal can safely handled even if a network
has multiple routers.
|
|
|
|
Then, downgrade log level of the message about mis-match of captive
portals in different protocols.
|
|
Replace use of tpm2_make_primary() with tpm2_create_loaded()
|
|
No functional change; cosmetic only.
|
