summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* ukify: add basic .profile supportLennart Poettering2024-09-062-0/+20
| | | | | | This just allows including .profile sections, but doesn't try to be smart about it. This alone won't help you much to create valid multi-profile UKIs.
* journald: mention the access mode we tried to open /dev/kmsg inLennart Poettering2024-09-061-6/+4
| | | | | | | | | | Let's make clearer what we are going to use /dev/kmsg for: read/write or just writing. This hopefully should avoid confusion, such as the one #33975 is result of. (Also while we are at it, add one extra debug message). Fixes: #33975
* NEWS: extend the userdb sshd_config NEWS entry a bitLennart Poettering2024-09-061-2/+13
|
* Merge pull request #34291 from poettering/utmpx-all-the-wayLennart Poettering2024-09-067-25/+17
|\ | | | | tree-wide: complete the switch to utmpx
| * tree-wide: use UTMPX_FILE rather than _PATH_UTMPXLennart Poettering2024-09-063-9/+9
| | | | | | | | | | | | Apparently _PATH_UTMPX is a glibc'ism. UTMPX_FILE is the same thing and what everyone else uses. Since they are otherwise equivalent, let's just switch.
| * test-utmp: replace UT_LINESIZE/UT_NAMESIZE/UT_HOSTSIZE with sizeof_field()Lennart Poettering2024-09-061-12/+6
| | | | | | | | utmpx doesn't know these defines, hence fix them.
| * tree-wide: drop unnecessary utmp includesLennart Poettering2024-09-062-2/+0
| |
| * user-util: switch from utmp to utmpxLennart Poettering2024-09-061-2/+2
| | | | | | | | | | | | | | | | | | | | We generally use utmpx instead of utmp (both are actually identical on Linux, but utmpx is POSIX, while utmp is not). Let's fix one left-over case. UT_NAMESIZE does not exist in utmpx world, it has no direct counterpart, hence let's just sizeof_field() to determine the size of the actual field. (which comes to the same result of course: 32).
* | man: document that sd_bus_message_read_strv() happily spits out empty arrays ↵Lennart Poettering2024-09-061-1/+3
|/ | | | | | as NULL Fixes: #34163
* coredump: set ProtectHome to read-onlyEtienne Cordonnier2024-09-061-1/+1
| | | | | | | | | | | | In https://github.com/systemd/systemd/pull/5283/commits/924453c22599cc246746a0233b2f52a27ade0819 ProtectHome was set to true for systemd-coredump in order to reduce risk, since an attacker could craft a malicious binary in order to compromise systemd-coredump. At that point the object analysis was done in the main systemd-coredump process. Because of this systemd-coredump is unable to product symbolicated call-stacks for binaries running under /home ("n/a" is shown instead of function names). However, later in https://github.com/systemd/systemd/commit/61aea456c12c54f49c4a76259af130e576130ce9 systemd-coredump was changed to do the object analysis in a forked process, covering those security concerns. Let's set ProtectHome to read-only so that systemd-coredump produces symbolicated call-stacks for processes running under /home.
* Merge pull request #34279 from yuwata/ask-passwordLennart Poettering2024-09-064-11/+25
|\ | | | | ask-password: refuse empty password strv
| * tree-wide: check if non-empty password is acquiredYu Watanabe2024-09-063-3/+4
| |
| * ask-password: refuse empty password strvYu Watanabe2024-09-061-8/+21
| | | | | | | | Fixes #34270.
* | Merge pull request #34285 from poettering/boot-measure-profileLennart Poettering2024-09-065-5/+15
|\ \ | | | | | | measure: introduce support for a new ".profile" section
| * | measure: introduce support for a new ".profile" sectionLennart Poettering2024-09-063-6/+14
| | | | | | | | | | | | | | | This introduces the concept, and makes sure systemd-measure covers it. See a later commit for details on the new section.
| * | uki: add new ".profile" PE section typeLennart Poettering2024-09-063-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | This is the most basic preparatory work for supporting multi-profile UKIs. (This temporarily drops an assert_cc() check which we'll address in the next commit)
* | | po: Translated using Weblate (French)Léane GRASSER2024-09-061-8/+9
|/ / | | | | | | | | | | | | | | Currently translated at 100.0% (253 of 253 strings) Co-authored-by: Léane GRASSER <leane.grasser@proton.me> Translate-URL: https://translate.fedoraproject.org/projects/systemd/main/fr/ Translation: systemd/main
* | network/route: ignore EEXIST reply when the corresponding request is already ↵Yu Watanabe2024-09-061-0/+7
| | | | | | | | | | | | | | detached Follow-ups for db8dc7c1dd7f4620e14fbc4c1560a68a1fc9b85b. Fixes #34275.
* | Merge pull request #34278 from yuwata/timesync-logDaan De Meyer2024-09-062-4/+7
|\ \ | | | | | | timesync: downgrade log level for several messages
| * | timesync: make manager_is_connected() staticYu Watanabe2024-09-062-2/+1
| | |
| * | timesync: downgrade log level about network configuration changeYu Watanabe2024-09-061-2/+6
| | | | | | | | | | | | | | | | | | | | | These message may be unnecessarily shown multiple times when e.g. networkd is restarted, system is wakeup from suspend, and so on. Closes #34262.
* | | Merge pull request #34280 from yuwata/cleanupsDaan De Meyer2024-09-064-15/+23
|\ \ \ | | | | | | | | tree-wide: trivial cleanups
| * | | test: fix copy-and-paste error in commentYu Watanabe2024-09-061-1/+1
| | | |
| * | | nspawn: fix indentationYu Watanabe2024-09-061-1/+1
| | | |
| * | | base-filesystem: use FOREACH_ELEMENT()Yu Watanabe2024-09-061-12/+12
| | | |
| * | | mount-util: wrap long lineYu Watanabe2024-09-061-1/+9
| | | |
* | | | sd-netlink: fix typoYu Watanabe2024-09-061-1/+1
| | | | | | | | | | | | | | | | Fixes #34273.
* | | | nspawn: refuse to bind mount device node from host when --private-users= is ↵Yu Watanabe2024-09-061-5/+5
|/ / / | | | | | | | | | | | | | | | | | | | | | specified Also do not chown if a device node is bind-mounted. Fixes #34243.
* | | Merge pull request #34203 from yuwata/network-conf-parserYu Watanabe2024-09-0611-515/+375
|\ \ \ | |_|/ |/| | network: several cleanups for conf parser
| * | network/address: use log_section_warning()Yu Watanabe2024-09-061-24/+20
| | |
| * | network/address: use generic section parser moreYu Watanabe2024-09-064-204/+101
| | | | | | | | | | | | | | | | | | | | | This also - rename variable n -> address, - use log_syntax_parse_error() where applicable, - add one more assertion for lvalue in config_parse_address().
| * | network/address: introduce generic config parser for [Address] sectionYu Watanabe2024-09-063-152/+41
| | | | | | | | | | | | Then, use generic conf parsers defined in conf-parser.[ch].
| * | firewall-util: several cleanups for config_parse_nft_set()Yu Watanabe2024-09-061-17/+5
| | | | | | | | | | | | | | | | | | | | | - use log_syntax_parse_error(), - return 1 on success, - drop unnecessary or redundant assertions, - add missing log_oom().
| * | conf-parser: introduce config_parse_uint32_invert_flag()Yu Watanabe2024-09-062-0/+26
| | | | | | | | | | | | | | | It is similar to config_parse_uint32_flag(), but drops the specified flag when true.
| * | network: align table in network-gperfYu Watanabe2024-09-061-20/+20
| | |
| * | network/address-label: use log_section_warning_errno()Yu Watanabe2024-09-061-8/+12
| | |
| * | network/address-label: introduce generic conf parser for [IPv6AddressLabel] ↵Yu Watanabe2024-09-064-57/+79
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | section This also - renames n -> label, - use log_syntax_parse_error(). No functional change, just refactoring.
| * | conf-parser: introduce config section parser wrapperYu Watanabe2024-09-063-35/+73
| | | | | | | | | | | | It will be used later.
* | | Merge pull request #34267 from DaanDeMeyer/scriptYu Watanabe2024-09-062-6/+7
|\ \ \ | |/ / |/| | mkosi: Install util-linux-script on Rawhide
| * | mkosi: Remove rpm workaroundDaan De Meyer2024-09-051-6/+0
| | | | | | | | | | | | rpm 4.19.93 (4.20 rc) is in rawhide so let's drop the workaround.
| * | mkosi: Install util-linux-script on RawhideDaan De Meyer2024-09-051-0/+7
| | | | | | | | | | | | | | | | | | It's now subpackaged so we can build images without pulling in libutempter but we use script in the testsuite so let's install the subpackage.
* | | hwdb: Mark Apple Wireless keyboards as not having NumLock LEDBastien Nocera2024-09-061-0/+12
| |/ |/| | | | | | | | | | | | | | | Mark those Apple Wireless keyboards as not having a NumLock key: https://en.wikipedia.org/wiki/Apple_Wireless_Keyboard You can see that they don't have a NumLock LED because they didn't even have a NumLock in the first place: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0fea6fe7d5ef1b5fa5f78048d4729f85181c04ca
* | Merge pull request #34155 from poettering/gmtime-safeYu Watanabe2024-09-0617-169/+296
|\ \ | | | | | | handle gmtime_r() errors more robustly
| * | time-util: rework localtime_or_gmtime() into localtime_or_gmtime_usec()Lennart Poettering2024-09-0515-162/+290
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We typically want to deal in usec_t, hence let's change the prototype accordingly, and do proper range checks. Also, make sure are not confused by negative times. Do something similar for mktime_or_timegm(). This is a more comprehensive alternative to #34065 Replaces: #34065
| * | hwclock-util: the struct tm parameter is not a pure return parameter, it's ↵Lennart Poettering2024-09-052-7/+6
| | | | | | | | | | | | also an input parameter
* | | basic: Include <sys/file.h> for LOCK_* constantsA. Wilcox2024-09-061-0/+2
| | | | | | | | | | | | | | | This is needed to ensure LOCK_{EX,SH} are defined in certain environments, including uclibc-ng and musl libc.
* | | Merge pull request #34261 from yuwata/repart-seed-randomYu Watanabe2024-09-062-5/+48
|\ \ \ | | | | | | | | repart: initialize seed earlier
| * | | test: fix indentationYu Watanabe2024-09-051-1/+1
| | | |
| * | | test: add test case for systemd-repart --seed=randomYu Watanabe2024-09-051-0/+43
| | | | | | | | | | | | | | | | For issue #34257.
| * | | repart: initialize seed earlierYu Watanabe2024-09-051-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | As the seed is used by context_load_partition_table() -> derive_uuid(). Fixes #34257.
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-12 11:51:13 +0100