summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* | | | Merge pull request #24691 from yuwata/udev-node-check-existenceDaan De Meyer2022-09-181-55/+78
|\ \ \ \ | | | | | | | | | | udev: check existence of device node
| * | | | udev-node: do not create symlink to a non-existing device nodeYu Watanabe2022-09-161-0/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, the stack directory contains empty regular files named with device ID, and we create sd_device object from the device name. Hence, we implicitly checked the existence of the device node. However, now the files in the stack directory are symlink, and we retrieve the path to the device node and its priority from the symlink. Hence, the existence of the device node is not checked. Let's check if the device node is still exist.
| * | | | udev-node: split out stack_directory_read_one()Yu Watanabe2022-09-161-55/+71
| | | | | | | | | | | | | | | | | | | | No functional changes, just refactoring.
* | | | | Merge pull request #24710 from yuwata/test-50-dissect-cleanupsDaan De Meyer2022-09-181-4/+15
|\ \ \ \ \ | | | | | | | | | | | | TEST-50-DISSECT: cleanups
| * | | | | test-50-dissect: do not fail test on cleanupYu Watanabe2022-09-171-3/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | These paths are read-only mount points. Hence, we cannot remove the contents.
| * | | | | test-50-dissect: check mount destination instead of mount sourceYu Watanabe2022-09-171-1/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | And rebreak long lines. This should take no effective change, just refactoring.
* | | | | | dissect-image: free crypt_device object before trying to activate with ↵Yu Watanabe2022-09-181-5/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | unique name Otherwise we get error from libcryptsetup like the following: systemd[1234]: Cannot use device /dev/loop5 which is in use (already mapped or mounted).
* | | | | | udev: downgrade log level when device node is already removedYu Watanabe2022-09-181-2/+3
| |_|/ / / |/| | | | | | | | | | | | | | Follow-up for 790da548b0c37af60aed2f46867ba3885ea78718.
* | | | | dissect-image: lazily deactivate decrypted DM volumesYu Watanabe2022-09-181-1/+2
| | | | | | | | | | | | | | | | | | | | The DM block device may be still used by other processes.
* | | | | measure: rename measure_pcr() to measure_kernel()Lennart Poettering2022-09-181-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Let's say what we actually measure, not what into (which is obvious anyway). This is generally more descriptive, but also good for later work that allows measuring the boot phase too.
* | | | | cryptsetup-util: introduce crypt_free_and_replace()Yu Watanabe2022-09-172-2/+6
| | | | |
* | | | | Merge pull request #24622 from yuwata/udev-open-with-nocttyLennart Poettering2022-09-1712-27/+33
|\ \ \ \ \ | | | | | | | | | | | | udev: open with O_NOCTTY
| * | | | | udev: use read_virtual_file() at one more placeYu Watanabe2022-09-101-14/+20
| | | | | |
| * | | | | udev: always open with O_NOCTTYYu Watanabe2022-09-1011-13/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | All files or device nodes opened here should not be console tty. Let's open it the flags for safety.
* | | | | | Merge pull request #24708 from keszybz/not-available-in-tablesZbigniew Jędrzejewski-Szmek2022-09-174-15/+15
|\ \ \ \ \ \ | |_|/ / / / |/| | | | | various: use "-" instead of "n/a" in tables
| * | | | | coredumpctl: rename table entryZbigniew Jędrzejewski-Szmek2022-09-172-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | "Disk Size" could be mistaken for "Size of the Disk".
| * | | | | various: use "-" instead of "n/a" in tablesZbigniew Jędrzejewski-Szmek2022-09-173-13/+13
| | |/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In the context of a table, both would be generally understood to have the same meaning. "n/a" is a strange beast. It was useful when tables were produced on the typewriter with "---------" used to separate rows. It is visually more pleasing to use "-", and there is no risk of it being mistaken for a row separator.
* | | | | Merge pull request #24670 from keszybz/early-boot-orderingZbigniew Jędrzejewski-Szmek2022-09-1714-31/+67
|\ \ \ \ \ | | | | | | | | | | | | Early boot ordering
| * | | | | units: drop path to executable in $PATHZbigniew Jędrzejewski-Szmek2022-09-151-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | We don't have it other places, so let's make things a bit simpler.
| * | | | | units: make sure that initrd-switch-root.service pulls in .targetZbigniew Jędrzejewski-Szmek2022-09-151-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Normally we queue initrd-switch-root.target/isolate, which pulls in the service via Wants= in the .target unit file. But if the service is instead started directly, there may be nothing pulling in the target. Let's make sure that the reference exists.
| * | | | | units: add dependency ordering for emergency.service conflictsZbigniew Jędrzejewski-Szmek2022-09-153-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If we want to stop those services which would compete for access to the console, we need to have an ordering so that they are actually stopped before the other things starts, not asynchronously.
| * | | | | units: add ordering dependencies on initrd-switch-root.targetZbigniew Jędrzejewski-Szmek2022-09-159-18/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | For shutdown, we queue shutdown.target/start, so in every unit which should be stopped *before* shutdown, we need both Conflicts and an ordering dependency with shutdown.target (either Before= or After= would work, because stop jobs are always ordered before start jobs). For initrd transition, we queue initrd-switch-root.service/isolate. This automatically creates a /stop job for every running unit without IgnoreOnIsolate. But no ordering dependency is created, unless the unit has a (possibly transitive) ordering dependency on initrd-switch-root.service. Since most units must stop before the transition, we should add the ordering dependency. It is nicer to use Before=initrd-switch-root.target for this. initrd-switch-root.target is ordered before initrd-switch-root.service, so the effect it the same when both are in a transaction. Fixes #23745. To also cover the case where somebody is emergency mode in the initrd and queues initrd-switch-root.service/start (not isolate), also add Conflicts=initrd-switch-root.target, so various units are stopped properly. This extends 2525682565b372b9b83c848bfe89c025fed47a1d to cover all the other services that are touched. It could be consider "operator error", but it's easy to make and it's nicer if we can make this more foolproof.
| * | | | | units/systemd-network-generator.service: add forgotten ordering for shutdownZbigniew Jędrzejewski-Szmek2022-09-151-0/+2
| | | | | |
| * | | | | units: reorder/split unit dependency blocksZbigniew Jędrzejewski-Szmek2022-09-1513-24/+54
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The block is reordered and split to have: 1. description + documentation 2. (optionally) conditions 3. all the dependencies I think it's easier to read the units this way. Also, the Conflicts+Before is seperated out to separate lines. The ordering dependency is "fake", because it could just as well be After=, we are adding it to force ordering wrt. shutdown.target, and it plays a different role than the other Before=, which are about a real ordering on boot.
* | | | | | Merge pull request #24703 from yuwata/dissect-image-verity-partition-make-failDaan De Meyer2022-09-171-24/+29
|\ \ \ \ \ \ | | | | | | | | | | | | | | dissect-image: make verity_partition() actually fail when all attempts of activation failed
| * | | | | | dissect-image: make verity_partition() actually fail when all attempts of ↵Yu Watanabe2022-09-161-4/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | activation failed
| * | | | | | dissect-image: split out verity_timeout()Yu Watanabe2022-09-161-20/+23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | To make verity_partition() shorten. No functional changes, just refactoring.
* | | | | | | fd-util: rename CLOSE_AND_REPLACE() -> close_and_replace()Yu Watanabe2022-09-1711-15/+12
|/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We have free_and_replace() and friends, they are all named with lower letters, even they are macros, not functions. For consistency, let's rename CLOSE_AND_REPLACE() with lower letters. This also mekes the macro used more places.
* | | | | | man: explicitly document that "reboot -f" is different from "systemctl ↵Yu Watanabe2022-09-161-2/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | reboot -f" Closes #24696.
* | | | | | nspawn: fix two error stringsLennart Poettering2022-09-161-2/+2
| | | | | |
* | | | | | add CAP_LINUX_IMMUTABLE to systemd-machined, so it can handle machinectl ↵Dan Streetman2022-09-161-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | read-only requests Without this, the 'machinectl read-only ...' command always fails.
* | | | | | sd-netlink: unexport sd-netlinkYu Watanabe2022-09-166-291/+136
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This effectively reverts 84e1001541151da71bae2137e2a1c254b5a3b89f. The sd-netlink library has several issues, and we should not export it without solving them. See issues #24258 and #24124.
* | | | | | Merge pull request #24692 from yuwata/dissect-image-fix-memleakYu Watanabe2022-09-161-14/+12
|\ \ \ \ \ \ | | | | | | | | | | | | | | dissect-image: fix memleak
| * | | | | | dissect-image: handle all non-negative return values as successYu Watanabe2022-09-161-10/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | No functional changes, just coding syle update.
| * | | | | | dissect-image: fix memleak on failureYu Watanabe2022-09-161-4/+3
| | |/ / / / | |/| | | |
* | | | | | update TODOLennart Poettering2022-09-161-5/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Seeding RNG via SMBIOS is bad idea, since often measurement of SMBIOS tables is used for TPM policies, under the assumption SMBIOS remains static after a certain point.
* | | | | | tmpfiles: let's suffix path to dirs with '/' also in log messagesLennart Poettering2022-09-161-1/+1
| | | | | |
* | | | | | tmpfiles: drop redundant forward declarationsLennart Poettering2022-09-161-3/+0
| | | | | |
* | | | | | Merge pull request #24664 from yuwata/watchdogYu Watanabe2022-09-161-8/+17
|\ \ \ \ \ \ | | | | | | | | | | | | | | watchdog: open /dev/watchdog0 only if it exists
| * | | | | | watchdog: use /dev/watchdog0 only if it existsYu Watanabe2022-09-161-8/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #24661.
* | | | | | | Merge pull request #24688 from yuwata/watchdog-dbus-properties-follow-upsYu Watanabe2022-09-164-54/+24
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | pid1: follow-ups for watchdog DBus properties
| * | | | | | | pid1: drop redundant DBus propertiesYu Watanabe2022-09-164-47/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Follow-up for 10f3f4ed016b9fe92ca3d093fcfaed8278e69220. We already have RuntimeWatchdogUSec or friends. Let's not introduce redundant properties. Also, drop the const qualifier for WatchdogLastPingTimestamp, as they are actually not constant.
| * | | | | | | watchdog: explicitly initialize global variableYu Watanabe2022-09-161-7/+3
| |/ / / / / / | | | | | | | | | | | | | | | | | | | | | No functional change, as they were implicitly initialized with zero.
* | | | | | | journalctl: respect --quiet flag during file concistency verificationDaniel Braunwarth2022-09-161-7/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #24563.
* | | | | | | Merge pull request #24685 from yuwata/uid-rangeYu Watanabe2022-09-167-257/+288
|\ \ \ \ \ \ \ | |_|/ / / / / |/| | | | | | uid-range: several cleanups
| * | | | | | test: add tests for uid_range_coalesce()Yu Watanabe2022-09-161-0/+39
| | | | | | |
| * | | | | | uid-range: tie up number and array of uid range entriesYu Watanabe2022-09-167-194/+211
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This renames UidRange -> UidRangeEntry, and reintroduces UidRange which contains the array of UidRangeEntry and its size. No fucntional changes, just refactoring.
| * | | | | | uid-range: make uid_range_intersect() take two UidRange objectsYu Watanabe2022-09-161-5/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | No functional changes, just refactoring.
| * | | | | | uid-range: optimize to load uid_map fileYu Watanabe2022-09-162-36/+27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If uid_map contains many lines, then the previous logic takes O(n^2 log n), This makes O(n log n).
| * | | | | | uid-range: escape from loop earlierYu Watanabe2022-09-161-12/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The array of uid range entries are already sorted. Hence, if x and y are does not have intersection, then the remaining entries neither have intersection with x.
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-30 11:49:06 +0100