| Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
The same check is done exactly one line later, because this is one of
the things that json_variant_is_regular() checks.
As per: https://github.com/systemd/systemd/pull/30578/commits/fa9a6db478e3f0f2753e4633af6d0d4881707c2b#r1441792019
|
|
Any file/directory created by a tmpfiles.d will be deleted. Useful for
purge/factory reset patterns.
|
|
|
|
|
|
Otherwise things might be weird, because background sessions might
become "idle", wich doesn#t really make much sense.
This shouldn't change much in 99% of the cases, but slightly corrects
behaviour as it ensures only "primary"/"foreground" sessions get the
idle logic, i.e. where a user exists that could actually make it
non-idle.
|
|
|
|
If we allow the timer accuracy to grow larger then the timeout itself
things are very confusing, because people might set a 1s time-out and we
turn that into 30s.
Hence, let's just cut off the 30s accuracy to the time-out itself, so
that we stay close to what users configured.
|
|
|
|
We want to cover not only regular bad password entries, but also bad
recovery key entries. Hence let's move the list of errors into the
function, and add more.
|
|
We usually start out out authentication cycles with an "empty" password
attempt, to give homed the chance to authenticated via any plugged in
tokens. Hence frequently the first attempt will just fail, which is no
reason to complain about.
|
|
specified
We usually set the invalid flag for a section if a setting in the section has
an invalid value. Let's also do the same thing for MTUBytes= in [Route].
|
|
bc6fdcbf5d switched its doctype to refentry, so the script started
picking it up and complaining that it's missing required stuff. Since
this file is only included from other man pages, let's skip it when
putting together a list of valid targets.
Resolves: #30715
Follow-up for: bc6fdcbf5d
|
|
|
|
This probably predates our introduction of streq_ptr(). Let's drop this
now however, as we actually want this to be NULL, further down, and
handle that just fine. In particular as all the special cases we have
explicitly set this to NULL anyway.
No real change in behaviour, just some normalization of handling.
|
|
|
|
otherwise it just gets too confusing to follow.
|
|
If PAMName= is used we'll spawn a PAM session for the service, and leave
a process around that closes the PAM session eventually. That process
must close the "exec_fd" that we use to implement Type=exec. After all
the logic relies on the fact that execve() will implicitly close the
exec_fd, and the EOF seen on it is hence indication for the service
manager that execve() has worked. But if we keep an fd open in the PAM
service process, then this is not going to work.
Hence close the fd explicitly so that it definitely doesn't stay pinned
in the child.
|
|
Signed-off-by: Alberto Planas <aplanas@suse.com>
|
|
Otherwise, log_netdev_xyz() does not provide netdev name if it is called
in done(). It is hard to debug.
This should not change any effective behavior, at least with the current
implementation of done() per netdev kind.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
session-status automatically uses "auto" if no ID is specified,
but show-session shows the manager's properties. Let's document
these special values so that users of show-session can benefit too.
|
|
Just to shorten a bit of code.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
If something wrong happened before hashmap_put(), session_free()
may be called through gc logic, and the assertion is triggered.
|
|
|
|
This new transaction result is emitted when the upstream server
indicates a fatal error that we will not try to recover from.
Currently, it is emitted when a validating recursive resolver reports an
error validating dnssec records for a domain. The extended error message
should help give context to the admin.
|
|
If the server is able to indicate an extended error to us, using a
degraded feature set is unlikely to help.
|
|
Some fields of the DnsPacket are not populated until we extract an
answer, like p->opt, despite being referenced by macros like
DNS_PACKET_RCODE. We can reorder some of the basic checks to follow
dns_packet_extract.
|
|
Let's use enum values for the EDNS codes now that we have them, for
readability.
|
|
|
|
Reason to skip the idle session logic for these session classes is that
they are idle by default.
|
|
The current check checks for n_sigbus_queue
being greater than or equal to SIGBUS_QUEUE_MAX,
when it should be just greater than as
n_sigbus_queue being SIGBUS_QUEUE_MAX indicates
that the queue is full, but not overflowed.
|
|
(Hopefully) a temporary workaround for #30573 where starting a user
session when PID 1 is rate limited stalls even after it leaves the rate
limited state:
[ 11.658201] H systemd[1]: Sent message type=signal sender=n/a destination=n/a path=/org/freedesktop/systemd1 interface=org.freedesktop.systemd1.Manager member=UnitRemoved cookie=4208 reply_cookie=0 signature=so error-name=n/a error-mes>
[ 11.658233] H systemd[1]: Event source 0x559babdd8bb0 (mount-monitor-dispatch) left rate limit state.
[ 101.562697] H busctl[784]: Failed to get credentials: Transport endpoint is not connected
[ 101.563480] H systemd[1]: systemd-journald.service: Got notification message from PID 300 (WATCHDOG=1)
[ 101.563725] H testsuite-74.sh[784]: BusAddress=unixexec:path=systemd-run,argv1=-M.host,argv2=-PGq,argv3=--wait,argv4=-pUser%3dtestuser,argv5=-pPAMName%3dlogin,argv6=systemd-stdio-bridge,argv7=-punix:path%3d%24%7bXDG_RUNTIME_DIR%7d/bus
[ 101.564136] H systemd[1]: Successfully forked off '(sd-expire)' as PID 787.
[ 101.564754] H systemd[1]: Successfully forked off '(sd-expire)' as PID 788.
[ 101.564831] H testsuite-74.sh[381]: + echo 'Subtest /usr/lib/systemd/tests/testdata/units/testsuite-74.busctl.sh failed'
The issue appeared after ee07fff03b which does a bunch of mounts/umounts
that get PID 1 into a rate limited state, and is frequent enough to be
annoying, so let's temporarily bump the rate limit to alleviate that.
|
