summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* vmspawn: fix duplicate logging on oomLennart Poettering2024-08-271-1/+1
|
* Merge pull request #33570 from AdrianVovk/sysupdate-incompleteAdrian Vovk2024-08-279-75/+271
|\ | | | | sysupdate: Handle incomplete versions
| * sysupdate: Add tests for incomplete versionsAdrian Vovk2024-08-221-13/+51
| | | | | | | | To make sure we don't regress on #33339
| * sysupdate: Repair incomplete versions in-placeAdrian Vovk2024-08-223-11/+63
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A previous commit made sysupdate recognize installed versions where some transfers are missing. This commit teaches sysupdate how to correctly repair these incomplete versions. Previously, if you had a incomplete installation of the OS booted, and ran sysupdate in an attempt to repair it, sysupdate would make things worse by creating copies of the currently-booted partitions in the inactive slots. Then at boot you have two identical partitions, with identical labels an UUIDs, and end up with a mess. With this commit, sysupdate is able to recognize situations where it can simply download the missing transfers and leave the rest of the system undistrubed. Partial fix for https://github.com/systemd/systemd/issues/33339
| * sysupdate: Track incompletely-installed versionsAdrian Vovk2024-08-225-48/+134
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When enumerating what versions exist for a given target, sysupdate would completely throw out any version that's incomplete (where some of the transfers in the target have that version installed or available, and other transfers do not). If we're trying to find what versions we can offer for download, this is great behavior. If the server side is advertising a partial update to download, we shouldn't present it to the user. On the other hand, if we're enumerating what versions we have currently installed, this is a bad behavior. It makes sysupdate fragile. For example, if a sysext introduces a new .conf file into /usr/lib/sysupdate.d, suddenly the currently-installed OS stops being a version that we've enumerated. Since it's not enumerated, it's not protected, and so sysupdate will wipe the booted OS. So if we're looking for installed versions, we now loosen the restrictions and enumerate incomplete installations. Partial fix for https://github.com/systemd/systemd/issues/33339
| * sysupdate: Check that --instances-max is in boundsAdrian Vovk2024-08-222-3/+11
| | | | | | | | | | Otherwise user can pass in --instances-max=0 and crash sysupdate with an assertion failure.
| * sysupdate: Fix resource_find_instanceAdrian Vovk2024-08-221-1/+13
| | | | | | | | | | | | | | | | | | The current implementation will never find a match, because in the event of a match instance_cmp falls through to comparing paths and the key we're matching against will always have a path of NULL. So let's just use a separate compare function, just to make sure future updates to instance_cmp don't break resource_find_instance again.
* | exec-invoke: remove redundant empty linesLennart Poettering2024-08-271-2/+0
| |
* | service: add 'debug' option to RestartMode=Luca Boccassi2024-08-2713-24/+164
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | One of the major pait points of managing fleets of headless nodes is that when something fails at startup, unless debug level was already enabled (which usually isn't, as it's a firehose), one needs to manually enable it and pray the issue can be reproduced, which often is really hard and time consuming, just to get extra info. Usually the extra log messages are enough to triage an issue. This new option makes it so that when a service fails and is restarted due to Restart=, log level for that unit is set to debug, so that all setup code in pid1 and sd-executor logs at debug level, and also a new DEBUG_INVOCATION=1 env var is passed to the service itself, so that it knows it should start with a higher log level. Once the unit succeeds or reaches the rate limit the original level is restored.
* | Merge pull request #34114 from yuwata/resolvconf-pLuca Boccassi2024-08-276-14/+93
|\ \ | | | | | | resolve: support 'resolvconf -p'
| * | NEWS: mention "resolvconf -p"Yu Watanabe2024-08-261-0/+5
| | |
| * | test: add more test cases for resolvconfYu Watanabe2024-08-261-0/+40
| | |
| * | resolvconf: disable default route when -p is specifiedYu Watanabe2024-08-264-10/+37
| | | | | | | | | | | | | | | | | | Internally, the switch triggers 'resolvectl default-route INTERFACE no'. Closes #34112.
| * | resolvconf: clear domains if nothing specifiedYu Watanabe2024-08-261-1/+8
| | |
| * | resolvectl: make enum name consistent with the option nameYu Watanabe2024-08-261-3/+3
| | |
* | | core-varlink: add missing runtime scope check for ↵Mike Yuan2024-08-271-1/+4
| | | | | | | | | | | | | | | | | | manager_varlink_managed_oom_connect() Follow-up for 2250c996cfc41afb30cd086adeed18fd41a683ba
* | | Merge pull request #34124 from YHNdnzj/socket-accept-nameYu Watanabe2024-08-2714-52/+47
|\ \ \ | |/ / |/| | core: honor FileDescriptorName= too for Accept=yes sockets, plus several other cleanups
| * | units: don't set LISTEN_FDNAMES for varlink services explicitlyLennart Poettering2024-08-265-5/+0
| | | | | | | | | | | | | | | Now that FileDescriptorName= is properly honored by Accept=yes sockets, this explicit override is pointless.
| * | core: honor FileDescriptorName= too for Accept=yes socketsMike Yuan2024-08-265-22/+28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | So far we manually hardcoded $LISTEN_FDNAMES to "varlink" in various varlink service units we ship, even though FileDescriptorName=varlink is specified in associated socket units already, because FileDescriptorName= is currently silently ignored when combined with Accept=yes. Let's step away from this, which seems saner. Note that this is technically a compat break, but a mostly negligible one as there shall be few users setting FileDescriptorName= but still expecting LISTEN_FDNAMES=connection in the actual executable. Preparation for #34080
| * | core: move check for combination of PAMName= + KillMode= to ↵Mike Yuan2024-08-266-20/+14
| | | | | | | | | | | | | | | | | | | | | | | | unit_verify_contexts() While at it, allow "mixed" for all unit types too, i.e. also apply ebc2259da1d1579347b86fc2ebca9f96334b6f22 to socket/mount/swap units.
| * | core/socket: refuse MaxConnection=0 for Accept=no sockets tooMike Yuan2024-08-261-3/+3
| | | | | | | | | | | | | | | | | | This makes no sense at all, and we already refuse such setting for Accept=yes sockets. I see no reason not to extend this to Accept=no ones.
| * | core/socket: use UNIT_ISSET rather than _DEREF where suitableMike Yuan2024-08-261-2/+2
| | |
* | | po: Translated using Weblate (Slovenian)Martin Srebotnjak2024-08-261-48/+35
| | | | | | | | | | | | | | | | | | | | | | | | Currently translated at 100.0% (253 of 253 strings) Co-authored-by: Martin Srebotnjak <miles@filmsi.net> Translate-URL: https://translate.fedoraproject.org/projects/systemd/main/sl/ Translation: systemd/main
* | | resolved: clear the AD bit for bypass packetsRonan Pigott2024-08-262-2/+9
| | | | | | | | | | | | | | | | | | When the bypass logic is invoked, such as for queries to the stub with the DO bit set, be certain to clear the AD bit in the reply before forwarding it if the answer is not known to be authentic.
* | | repart: Use streq_ptr() in one more placeDaan De Meyer2024-08-261-1/+1
| | |
* | | man: document "web" session typeAllison Karlitskaya2024-08-263-4/+6
| | | | | | | | | | | | | | | | | | | | | This has been supported since e9e74f28d783 but never got documented. Add it to the man pages (plus one comment in a header). Closes #34127.
* | | crash-handler: Add back notice log messageDaan De Meyer2024-08-261-0/+2
| | | | | | | | | | | | Fixes https://github.com/systemd/systemd/pull/33959#discussion_r1730987738
* | | update TODOLennart Poettering2024-08-261-0/+4
| | |
* | | mkosi: Stop using git commit timestamps for package releasesDaan De Meyer2024-08-264-20/+4
|/ / | | | | | | | | | | | | | | This prevents bisecting to figure out which commit broke something as when going backwards the git commit timestamp will be older meaning package managers will refuse to upgrade to the "older" version. Let's make sure the release is always newer by using the current date unless $SOURCE_DATE_EPOCH is set.
* | Merge pull request #34117 from yuwata/network-routing-policy-ruleLuca Boccassi2024-08-2610-526/+242
|\ \ | | | | | | network: introduce generic conf parser for [RoutingPolicyRule] section
| * | network/routing-policy-rule: use config_parse_routing_policy_rule() moreYu Watanabe2024-08-243-149/+63
| | | | | | | | | | | | | | | | | | | | | Then, we can drop allocation of RoutingPolicyRule object in each conf parsers. No functional change, just refactoring.
| * | network/routing-policy-rule: introduce a generic conf-parser for ↵Yu Watanabe2024-08-243-243/+80
| | | | | | | | | | | | | | | | | | | | | | | | [RoutingPolicyRule] sectin This introduce config_parse_routing_policy_rule(), which wraps existing conf parsers. With this, we can drop many custom conf parsers for [RoutingPolicyRule], and can reuse generic conf parsers in conf-parser.[ch].
| * | conf-parser: move config_parse_ip_protocol() from network/netdev/fou-tunnel.cYu Watanabe2024-08-245-43/+39
| | | | | | | | | | | | | | | The function is generic enough. Currently it is used at only one place. But it will be used at another place.
| * | conf-parser: introduce config_parse_uint32_flag()Yu Watanabe2024-08-242-0/+30
| | | | | | | | | | | | This is not used currently, but will be used later.
| * | conf-parser: return 1 on successYu Watanabe2024-08-242-9/+10
| | | | | | | | | | | | | | | | | | Typically, conf parsers will ignore most errors during parsing strings and return 0. Let's return 1 on success. Otherwise it is hard to reused these function in another conf parser.
| * | parse-util: drop unused parse_ip_prefix_length()Yu Watanabe2024-08-242-18/+0
| | |
| * | network/routing-policy-rule: merge two conf parsersYu Watanabe2024-08-243-56/+21
| | | | | | | | | | | | | | | Both conf parsers takes an integer. Only difference is the maximum value. Let's merge them, and pass the maximum value through ltype.
| * | network/routing-policy-rule: trivial cleanups for conf-parsersYu Watanabe2024-08-241-38/+29
| | | | | | | | | | | | No functional change, just refactoring.
| * | network/routing-policy-rule: rename n -> ruleYu Watanabe2024-08-241-84/+84
| | |
* | | man: reword about default route for DNS trafficYu Watanabe2024-08-261-14/+14
| | | | | | | | | | | | | | | | | | | | | DefaultRoute is a D-Bus property, not a valid setting name in .network files nor resolved.conf. Whether a link is the default route or not is configured with DNSDefaultRoute= setting in .network files.
* | | Merge pull request #34120 from weblate/weblate-systemd-mainYu Watanabe2024-08-253-186/+149
|\ \ \ | |/ / |/| | Translations update from Fedora Weblate
| * | po: Translated using Weblate (Turkish)Oğuz Ersen2024-08-251-95/+82
| | | | | | | | | | | | | | | | | | | | | | | | Currently translated at 100.0% (253 of 253 strings) Co-authored-by: Oğuz Ersen <oguz@ersen.moe> Translate-URL: https://translate.fedoraproject.org/projects/systemd/main/tr/ Translation: systemd/main
| * | po: Translated using Weblate (Russian)Sergey A2024-08-251-49/+36
| | | | | | | | | | | | | | | | | | | | | | | | Currently translated at 100.0% (253 of 253 strings) Co-authored-by: Sergey A <Ser82-png@yandex.ru> Translate-URL: https://translate.fedoraproject.org/projects/systemd/main/ru/ Translation: systemd/main
| * | po: Translated using Weblate (French)Léane GRASSER2024-08-251-35/+29
| | | | | | | | | | | | | | | | | | | | | | | | Currently translated at 100.0% (253 of 253 strings) Co-authored-by: Léane GRASSER <leane.grasser@proton.me> Translate-URL: https://translate.fedoraproject.org/projects/systemd/main/fr/ Translation: systemd/main
| * | po: Translated using Weblate (French)Weblate Translation Memory2024-08-251-10/+5
|/ / | | | | | | | | | | | | | | Currently translated at 100.0% (253 of 253 strings) Co-authored-by: Weblate Translation Memory <noreply-mt-weblate-translation-memory@weblate.org> Translate-URL: https://translate.fedoraproject.org/projects/systemd/main/fr/ Translation: systemd/main
* | meson: search for 'bpf-unknown-none' tooSam James2024-08-241-0/+1
| | | | | | | | | | | | We currently search for 'bpf-gcc' and 'bpf-none-gcc'. Gentoo's sys-devel/bpf-toolchain package uses 'bpf-unknown-none-gcc', as does Fedora's cross-binutils. Search for this name too.
* | Merge pull request #34115 from weblate/weblate-systemd-mainYu Watanabe2024-08-244-191/+126
|\ \ | | | | | | Translations update from Fedora Weblate
| * | po: Translated using Weblate (Georgian)Temuri Doghonadze2024-08-241-48/+32
| | | | | | | | | | | | | | | | | | | | | | | | Currently translated at 100.0% (253 of 253 strings) Co-authored-by: Temuri Doghonadze <temuri.doghonadze@gmail.com> Translate-URL: https://translate.fedoraproject.org/projects/systemd/main/ka/ Translation: systemd/main
| * | po: Translated using Weblate (Ukrainian)Yuri Chornoivan2024-08-241-48/+31
| | | | | | | | | | | | | | | | | | | | | | | | Currently translated at 100.0% (253 of 253 strings) Co-authored-by: Yuri Chornoivan <yurchor@ukr.net> Translate-URL: https://translate.fedoraproject.org/projects/systemd/main/uk/ Translation: systemd/main
| * | po: Translated using Weblate (Polish)Piotr Drąg2024-08-241-48/+34
| | | | | | | | | | | | | | | | | | | | | | | | Currently translated at 100.0% (253 of 253 strings) Co-authored-by: Piotr Drąg <piotrdrag@gmail.com> Translate-URL: https://translate.fedoraproject.org/projects/systemd/main/pl/ Translation: systemd/main