summaryrefslogtreecommitdiffstats
path: root/coccinelle (unfollow)
Commit message (Collapse)AuthorFilesLines
2024-02-13locale-util: Restrict valid localesAdrian Vovk1-1/+4
This further restricts the charset of locales to better reflect what locales actually look like. This allows us to safely join locale names using the `:` character, for instance, which cannot appear in a locale name and is used by the `$LANGUAGE` env var
2024-02-13pam_systemd: Let user record override env varsAdrian Vovk1-35/+9
The user record should be the source of truth for the user's environment variables, and the user should be able to override them in much the same way that they can if they simply append the variable to their ~/.profile For example, before $LANG would never get set to the user's preferred language, because the service manager always ensures that $LANG is set to something (either the localed config, or a compiled-in default). Thus the user's preferredLanguage setting was always ignored
2024-02-13Use tilde for rc tag versioningDaan De Meyer2-2/+5
tilde sorts lower in the version comparison spec: https://uapi-group.org/specifications/specs/version_format_specification/ ➜ systemd git:(strip) systemd-analyze compare-versions 249\~rc1 249 249\~rc1 < 249 ➜ systemd git:(strip) systemd-analyze compare-versions 249-rc1 249 249-rc1 > 249 Also update tools/meson-vcs-tag.sh to use carets instead of hyphens for the git part of the version as carets are allowed to be part of a version by pacman while hyphens are not and both sort higher than a version without the git part.
2024-02-13po: Translated using Weblate (Korean)김인수1-5/+6
Currently translated at 100.0% (227 of 227 strings) Co-authored-by: 김인수 <simmon@nplob.com> Translate-URL: https://translate.fedoraproject.org/projects/systemd/master/ko/ Translation: systemd/main
2024-02-13cryptsetup: Add optional support for linking volume key in keyring.Ondrej Kozina3-1/+90
cryptsetup 2.7.0 adds feature to link effective volume key in custom kernel keyring during device activation. It can be used later to pass linked volume key to other services. For example: kdump enabled systems installed on LUKS2 device. This feature allows it to store volume key linked in a kernel keyring to the kdump reserved memory and reuse it to reactivate LUKS2 device in case of kernel crash.
2024-02-13update TODOLennart Poettering1-0/+10
2024-02-12Fix OOMPolicy= version in manpage of systemd.scopecunshunxia1-1/+7
OOMPolicy in scope units is separately supported in version v253, so I think it cannot be directly used in the manpage with the version from the service. fix:#30836
2024-02-12test/test-shutdown.py: optionally display the test I/Os in a dedicated log fileFranck Bui1-4/+8
Given that the test involves screen(1), sending various control sequences to resize/clear the screen, most of the logs sent from the python script were nearly impossible to read or mixed with other messages sent to the console hence making the debug harder when the test is run manually. This patch introduces an option to redirect the pexpect IOs into a file (to be used in $STATEDIR/TEST-69-SHUTDOWN/run-nspawn). The pexpect logs are also enabled later so the boot logs are skipped since those are already included in the journal.
2024-02-12btrfs-util: apparently btrfs ioctls return unaligned data. deal with it.Lennart Poettering1-105/+98
Kinda sad, that interfaces like this exist in 2024. But let's deal with it: before we access "struct btrfs_ioctl_search_header" let's copy it out, and access it only in the aligned copy. Fixes: #31282
2024-02-12btrfs-util: use memdup_suffix0() instead of strndup() at one more placeLennart Poettering1-2/+2
The structure we copy this out is a large (unaligned) binary blob, hence let's better use the memdup_suffix0() so that gcc doesn't make assumption about the source being a valid string.
2024-02-12btrfs-util: rework btrfs_is_nocow_fd() around fd_is_fs_type() + read_attr_fd()Lennart Poettering1-7/+8
Let's our safer helpers where appropriate.
2024-02-12core/load-fragment: fix typo (sanety -> sanity)Mike Yuan1-1/+1
Follow-up for 435e1098ee9f1175bf60a181771a6e5983bef923
2024-02-12missing: change our close_range() syscall wrapper to map glibc'sLennart Poettering2-16/+7
So glibc exposes a close_range() syscall wrapper now, but they decided to use "unsigned" as type for the fds. Which is a bit weird, because fds are universally understood to be "int". The kernel internally uses "unsigned", both for close() and for close_range(), but weirdly, userspace didn't fix that for close_range() unlike what they did for close()... Weird. But anyway, let's follow suit, and make our wrapper match glibc's. Fixes #31270
2024-02-12TODO: add --dry-run/-nZbigniew Jędrzejewski-Szmek1-0/+1
2024-02-12TEST-22: add --dry-run callsZbigniew Jędrzejewski-Szmek11-11/+225
aCdDefLprRwxXz are tested with --dry-run. I added a primitive test of bc. There were no tests for AhHt, and I didn't add those either.
2024-02-12systemd-tmpfiles: use statx_mount_sameZbigniew Jędrzejewski-Szmek1-12/+10
It was pointed out in review that the preexisting code should be updated (https://github.com/systemd/systemd/pull/30380#discussion_r1426899180).
2024-02-12tmpfiles: implement --dry-runZbigniew Jędrzejewski-Szmek3-107/+218
The idea is simple: skip the final operation that creates or removes things or changes the attributes, but otherwise go through the rest of the code. This results in quite a lot of fairly repetitive conditions in the low-level code. Another approach would be to print earlier, at a higher level, but then we'd have less precise information about what is about to happen.
2024-02-12service: Demote log level of NotifyAccess= messages to debugMichal Koutný1-6/+7
The situation is a service like Type=notify NotifyAccess=main and the service uses some of the systemd helper utilities, e.g. coredumpctl. The service process will pass NOTIFY_SOCKET to the helper child (accidentally) and the result is a spurious notification and the warning message: > Jan 18 09:38:01 host systemd[1]: sdnotify.service: Got notification message from PID 13736, but reception only permitted for main PID 13549 Notification from helpers seem like an unintentional composition of the commit c118b577fa ("coredumpctl: define main through macro") and commit 6b636c2d27 ("main-func: send main exit code to parent via sd_notify() on exit"). The former used the handy macro for a main function, the latter equipped any main function with the notification. (Further extended in the commit 623a00020f ("notify: Add EXIT_STATUS field").) Since notification from systemd utitilities are meant to extend rudimentary exit()/wait() pair generally, they may happen to land into service's NOTIFY_SOCKET. Tone down messages of notification that won't match NotifyAccess=.
2024-02-12update TODOLennart Poettering1-1/+2
2024-02-12test: add brief test for prclock varlink interfaces and varlinkctl --collectLennart Poettering1-0/+16
2024-02-12varlinkctl: if "call" verb is used, imply "-j"Lennart Poettering2-3/+9
For the other verbs turning off JSON mode makes sense, but for "call" not so much, after all the contents of a method call reply is JSON we couldn't really show any other way. Hence, when JSON output was not configured otherwise in "call", default to the same as -j.
2024-02-12varlinkctl: add new --collect switchLennart Poettering2-1/+37
It exposes the varlink_collect() call we internally provide: it collects all responses of a method call that is issued with the "more" method call flag. It then returns the result as a single JSON array.
2024-02-12varlink: rework varlink_collect()Lennart Poettering3-114/+110
This reworks varlink_collect() so that it is not just a wrapper around varlink_observe(), varlink_bind_reply() and others. It becomes a first class operation. This has various benefits: 1. Memory management is normalized: the reply json variant is now tracked as part of the varlink object, and thus we do not pass ownership to the caller. This is just like we do it for simple method calls and removes a lot of confusion. 2. The bind reply/user data pointer can be used for user stuff, we'll not silently override this. 3. We enforce an overall time-out operation on the whole thing, so that this synchronous operation does no longer block forever.
2024-02-12varlink: properly return reply flags to callersLennart Poettering1-3/+5
We so far have a reply flags return parameter on varlink_call_full(), but we return 0 always. Let's fix that, and return the actual flags we see.
2024-02-12varlink: enforce a maximum size limit on replies collected via varlink_collect()Lennart Poettering1-0/+4
We should not allow servers to blow up client's memory without bounds, hence set a (high) limit on replies we'll collect before failing.
2024-02-12pcrlock: add basic Varlink interfaceLennart Poettering8-6/+224
This can be used to make or delete a PCR policy via Varlink. It can also be used to query the current event log in CEL format.
2024-02-12pcrlock: split out generation of CEL objects into helper funcLennart Poettering1-56/+74
This way, we can reuse it later to generate Varlink replies No change in behaviour, just some trivial split out.
2024-02-12pcrlock: use log_setup()Lennart Poettering1-3/+1