| Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
initialized by udevd
Fixes #25674.
|
|
Previously these were not written down. This PR depends on #25670, since
`--dry-run` prints at debug level in `main`, which is surprising
behaviour.
|
|
homed LUKS directories
|
|
When generating verity partitions, we only know the partition UUID
of the verity data and hash partition after doing the verity
formatting. This means we can't use the verity partition UUID as
input for deriving the filesystem/luks UUIDs. Currently, we derive
the filesystem/luks UUID from the null UUID instead, which isn't
ideal. Instead, let's always generate a partition UUID and use it
to derive the fs/luks UUIDs, but only use it as the actual partition
UUID if we're not doing verity for the partition.
|
|
If everything points to the fact that TPM2 should work, but then the
driver fails to initialize we should handle this gracefully and not
cause failing services all over the place.
Fixes: #25700
|
|
being invoked
For some reasons, journal timestamps from other sources sometimes
inconsistent. For example,
```
$ journalctl --file system.journal -o short-monotonic -u resmontest.service
[ 1112.168109] ns1.unsigned.test resolvectl[419]: → Q: ns1.unsigned.test IN AAAA
[ 1112.168109] ns1.unsigned.test resolvectl[419]: ← S: success
[ 1112.168109] ns1.unsigned.test resolvectl[419]: → Q: ns1.unsigned.test IN A
[ 1112.168109] ns1.unsigned.test resolvectl[419]: ← S: success
[ 1112.168109] ns1.unsigned.test resolvectl[419]: ← A: ns1.unsigned.test IN A 10.0.0.1
[ 1112.171961] ns1.unsigned.test systemd[1]: resmontest.service: Failed to load configuration: No such file or directory
[ 1112.172223] ns1.unsigned.test systemd[1]: resmontest.service: Trying to enqueue job resmontest.service/start/fail
[ 1112.179866] ns1.unsigned.test systemd[1]: resmontest.service: Installed new job resmontest.service/start as 312
[ 1112.179894] ns1.unsigned.test systemd[1]: resmontest.service: Enqueued job resmontest.service/start as 312
[ 1112.180389] ns1.unsigned.test systemd[1]: resmontest.service: Will spawn child (service_enter_start): /usr/bin/resolvectl
[ 1112.180418] ns1.unsigned.test systemd[1]: resmontest.service: Passing 0 fds to service
[ 1112.180447] ns1.unsigned.test systemd[1]: resmontest.service: About to execute /usr/bin/resolvectl monitor
[ 1112.180477] ns1.unsigned.test systemd[1]: resmontest.service: Forked /usr/bin/resolvectl as 419
[ 1112.180619] ns1.unsigned.test systemd[1]: resmontest.service: Changed dead -> start
[ 1112.180651] ns1.unsigned.test systemd[1]: Starting resmontest.service...
[ 1112.180799] ns1.unsigned.test systemd[419]: resmontest.service: Kernel keyring access prohibited, ignoring.
[ 1112.180895] ns1.unsigned.test systemd[419]: resmontest.service: Executing: /usr/bin/resolvectl monitor
[ 1112.181383] ns1.unsigned.test systemd[1]: resmontest.service: Got notification message from PID 419 (READY=1)
[ 1112.181413] ns1.unsigned.test systemd[1]: resmontest.service: Changed start -> running
[ 1112.181441] ns1.unsigned.test systemd[1]: resmontest.service: Job 312 resmontest.service/start finished, result=done
[ 1112.181469] ns1.unsigned.test systemd[1]: Started resmontest.service.
```
In such case, `journalctl -f` may not show the entries what we are interested in.
Fixes #25749. (At least, workarond for the issue.)
|
|
When an AP goes up, the kernel may emit a netlink event indicating that
the interface has gained carrier. In that event, we should check if the
SSID has changed before attempting to reconfigure. Not doing so means
that the link->ssid member is not updated, leading to a potential
mismatch if some of the .network configurations match on SSID=.
There are however scenarios where the above heuristic is not enough.
Specifically, if the interface carrier state flip-flops within a short
enough interval, the internal throttling of netlink events inside the
kernel may suppress intermediate linkdown+linkup events (cf. Linux
net/core/link_watch.c). So there is no linkup event to react on.
To improve on the latter scenario, it is proposed to make newer kernels
emit an NL80211_CMD_START_AP multicast event when an AP goes up. This
event will not be dropped by link_watch. systemd-networkd can then react
to such events as well, and optionally reconfigure the link if the SSID
has changed. This will only work with newer kernels though.
|
|
As you can see in the below, the dropped dependency Before=issue-24990.service
is not logged, but the dependency Before=test1.service which is not owned by
the units generated by the TEST-26 is logged.
Before:
systemd[1]: issue-24990.service: Dependency After=test1.service dropped, merged into issue-24990.service
systemd[1]: issue-24990.service: Dependency Before=test1.service dropped, merged into issue-24990.service
After:
systemd[1]: issue-24990.service: Dependency After=test1.service is dropped, as test1.service is merged into issue-24990.service.
systemd[1]: issue-24990.service: Dependency Before=issue-24990.service in test1.service is dropped, as test1.service is merged into issue-24990.service.
|
|
@keszybz asked for an example with --append= used in the systemd-measure
man page. Here it is.
As requested: https://github.com/systemd/systemd/pull/25224#pullrequestreview-1190709772
|
|
|
|
|
|
|
|
|
|
|
|
This is not performance sensitive, don#t try to be smart with realloc()
Follow-up for: #25305
Fixes: #25303
|
|
|
|
|
|
|
|
|
|
Add a test that verifies a deleted alternative name is restored on error
in rtnl_set_link_name().
|
|
Currently rename_netif() will not attempt to rename a device if it is
already up, because the kernel will return -EBUSY unless live renaming
is allowed on the device. This restriction will be removed in a future
kernel version [1].
To cover both cases, always attempt to rename the interface and return 0
if we get -EBUSY.
[1] https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/commit/?id=bd039b5ea2a9
|
|
If a current alternative name is to be used to rename a network
interface, the alternative name must be removed first. If interface
renaming fails, restore the alternative name that was deleted if
necessary.
|
|
|
|
Commit 434a348380 ("netlink: do not fail when new interface name is
already used as an alternative name") added logic to set the old
interface name as an alternative name, but only when the new name is
currently an alternative name. This is not the desired outcome in most
cases, and the important part of this commit was to delete the new name
from the list of alternative names if necessary.
|
|
When configuring a link's alternative names, the link's new name to-be
is not allowed to be included because interface renaming will fail if
the new name is already present as an alternative name. However,
rtnl_set_link_name will delete the conflicting alternative name before
renaming the device, if necessary.
Allow the new link name to be set as an alternative name before the
device is renamed. This means that if the rename is later skipped (i.e.
because the link is already up), then the name can at least still be
present as an alternative name.
|
|
This reverts commit 5dd34c2604567320707625bc009cf01c3769605f.
`resolvectl monitor` sends notify event, and systemd-run wait for the
service being in active state. Hence, the loop is not necessary.
|
|
|
|
|
|
|
|
Commit a76d7aca sets ACCEL_MOUNT_MATRIX to match the device's casing
(landscape) instead of the LCD panel (portrait).
|
|
|
|
|
|
Often it's useful to add multiple signatures in the signature JSON file
to embedd in a single .pcrsig. (For example, a signature by key X for
boot phase "enter-initrd" and one by key Y for
"enter-initrd:leave-initrd" or so). Make this easy, by adding the
ability to append signatures to a previously generated JSON file.
|
|
|
|
Add integration tests for journald's log filtering feature.
|
|
Use LogFilterPatterns from the unit's cgroup xattr in order to keep or
discard log messages before writing them to the journal.
When a log message is discarded, it won't be written to syslog, console...
either.
When a native, syslog, or standard output log message is received,
systemd-journald will process it if it matches against at least one
allowed pattern (if any) and none of the denied patterns (if any).
|
|
|
|
Parse DBus structure send by LogFilterPatterns to print it in systemctl
show.
|
|
Define new unit parameter (LogFilterPatterns) to filter logs processed by
journald.
This option is used to store a regular expression which is carried from
PID1 to systemd-journald through a cgroup xattrs:
`user.journald_log_filter_patterns`.
|
|
Add function set_make_nulstr() to create a nulstr out of a set. Behave
the same way as strv_make_nulstr().
|
|
Instead of having Minimize= take a boolean let's allow for two
different ways to enable it. "best" means we want the most minimal
image possible, which currently is only possible for read-only
filesystems but can be extended in the future with bisection
to find the most minimal possible size.
We also add "guess", which is the current behavior, where we
populate once and use the sparse size to make a reasonable guess
on a size that fits all the sources without needing to O(log(n))
tries to find the most minimal size.
|
|
|
|
|
|
singular
|
|
|
|
|
|
$TERM would generally be set if we're connected to a proper graphical terminal
emulator. In all other cases, in particular if $TERM is not set, we almost
certainly are not connected to something that can output emojis. In particular
the text console is unlikely to ever do it correctly.
So let's invert the check, and only write emojis if $TERM is set.
Fixes #25521.
|
|
In 9efb224443d819b7d64ec76cb94c8aa625a8abf2 was supposed to align
them, but for some reason I just added a second space everywhere.
|
