| Commit message (Collapse) | Author | Files | Lines |
|---|
|
This commit refactors ProtectControlGroups= from using a boolean
in the dbus/execute backend to using an enum. There is no functional
change but this will allow adding new non-boolean values (e.g. strict,
private) a la PrivateHome.
|
|
The default definition to add is `-D__loongarch64__`, which is not searched in [bpf_tracing.h](https://github.com/libbpf/libbpf/blob/09b9e83102eb8ab9e540d36b4559c55f3bcdb95d/src/bpf_tracing.h#L68)
This may avoid `error: Must specify a BPF target arch via __TARGET_ARCH_xxx` in loongarch64
Signed-off-by: Zhou Qiankang <wszqkzqk@qq.com>
|
|
Currently translated at 100.0% (253 of 253 strings)
Co-authored-by: Andika Triwidada <andika@gmail.com>
Translate-URL: https://translate.fedoraproject.org/projects/systemd/main/id/
Translation: systemd/main
|
|
A colleague reported when RootDirectory= does not exist, systemd reports an error like:
```
Failed to set up mount namespacing: No such file or directory
```
Unfortunately, with large spec files, it can be hard to diagnose which path systemd is talking
about. Thus, to make the error message more helpful and similar to mount error messages, we add
the root directory/image path into the error message like:
```
Failed to set up mount namespacing: /tmp/thisdoesnotexist: No such file or directory
```
|
|
This is a non-functional change to ensure error_path used to print out the
offending mount causing an error follows coding guidelines.
|
|
No functional change, but let's print yes/no rather than on/off in systemd-analyze.
Similar to 2e8a581b9cc1132743c2341fc334461096266ad4 and
edd3f4d9b7a63dc9a142ef20119e80d1d9527f2f.
(Note, the commit messages of those commits are wrong, as
parse_boolean() supports on/off anyway.)
|
|
|
|
Fixes a bug introduced by baf3fdec27f0b3a1f3d39c7def2a778824cbee51.
This also adds several assertions at the beginning of the function.
Fixes #34899.
|
|
Follow-up for 115fac3c29c80d8917158df2275d45fee118d61f.
|
|
|
|
(#34893)
|
|
|
|
|
|
We must be prepared that systemd temporarily drops off the bus or
disconnects our direct connections (due to systemctl daemon-reexec or
so). Hence automatically reconnect when we watch the unit status, and
handle this case gracefully.
Fixes: #32906 #27204
|
|
|
|
Let's not confuse users with the login shell indicator and drop it from
the description. This means a run0 session will now usually show up with
a description of "[run0] /bin/bash" rather than "[run0] -/bin/bash".
|
|
I think we should try to communicate clearly if something is a run0
session, or a systemd-run invocation. Hence, let's initialize the
description so that the command is prefixed by
program_invocation_short_name.
Effectively this means that our run0 sessions now appear as services
with a description of "[run0] -/bin/bash"
|
|
The current logic is a bit complex how systemd-run units are called. It
used to be just the unique ID of the dbus connection. Which was nice,
since its system-widely, uniquely assigned to us. But this didn't work
out well, due to direct connections to PID 1 and due to soft reboots.
We nowadays have a better ID to use though, with nicer properties: the
kernel manages a pidfd ID for every process after all, and it's globally
unique, for any process, and regardless of soft reboots. Hence use that
for naming preferably, and just keep one branch with a randomized name
as fallback.
|
|
This makes use of the infra introduced in 229d4a980607e9478cf1935793652ddd9a14618b to indicate visually on each prompt that we are in superuser mode temporarily.
pick ad5de3222f userdbctl: add some basic client-side filtering
|
|
|
|
Fixes: #33033
|
|
|
|
|
|
operation
|
|
even if no user is specified explicitly
When PAMName= is set this should be enough to go through our entire user
changing story, so that PAM is definitely run, and environment variables
definitely pulled in and so on.
Previously, it would happen that under some circumstances we might no do
this when transitioning from root to root itself even though PAM was
enabled.
Fixes: #34682
|
|
|
|
|
|
|
|
This only matters for sorting, and we currently don't support sorting by
path, hence this is of no real effect, but it certainly is more correct.
|
|
|
|
|
|
This adds some basic client-side user/group filtering to "userdbctl":
1. by uid/gid min/max
2. by user "disposition" (i.e. show only regular users with "userdbctl
user -R")
3. by fuzzy name (i.e. search by substring/levenshtein of user name,
real name, and other identifiers of the user/group record).
In the long run we also want to support this server side, but let's
start out with doing this client-side, since many backends won't support
server-side filtering anytime soon anyway, so we need it in either case.
|
|
|
|
|
|
|
|
Follow-up for bd91f23acfecc92ede6965d752540a758b3e6c79.
|
|
This reverts commit 88bbf187a9b2ebe0732caa1e886616ae5f8186da.
The kernel regression has been hopefully fixed by
https://github.com/torvalds/linux/commit/c6508124193d42bbc3224571eb75bfa4c1821fbb
which is included in 6.12-rc4.
Let's drop the workaround.
|
|
Currently translated at 100.0% (253 of 253 strings)
Co-authored-by: Anders Jonsson <anders.jonsson@norsjovallen.se>
Translate-URL: https://translate.fedoraproject.org/projects/systemd/main/sv/
Translation: systemd/main
|
|
Currently we need ukify with support for --profile and --join-profile
which isn't in an official release yet so mention that a local build
from source might be required.
|
|
unset
Follow-up for 1f5a052963464755e87a075f6f4a8867b2199311.
|
|
Call setup_smack() also when only fallback_smack_process_label is set.
Fixes: 75689fb2d41f
|
|
with .read_only = true
|
|
|
|
entries
Otherwise, ProtectHome=tmpfs makes /home/ and friends not read-only.
Also, mount options for /run/ specified in MountAPIVFS=yes are not
applied.
The function append_static_mounts() was introduced in
5327c910d2fc1ae91bd0b891be92b30379c7467b, but at that time, there were
neither .read_only nor .options in the struct. But, when later the
struct is extended, the function was not updated and they were not
copied from the static table.
The fields has been used in static tables since
e4da7d8c796a1fd11ecfa80fb8a48eac9e823f06, and also in
94293d65cd4125347e21b3e423d0e245226b1be2.
Fixes #34825.
|
|
|
|
|
|
Follow-up for 1f5a052963464755e87a075f6f4a8867b2199311.
|
|
Follow-up for 0005411352f9bda0d9887c37b9e75a2bce6c1133.
|
|
Follow-up for 63d4c4271ca529f8357a84cbc075170fffdb3de8.
|
|
The only possible error return in this position is -ENODATA, which is
not interesting.
|
