summaryrefslogtreecommitdiffstats
path: root/rules.d (unfollow)
Commit message (Collapse)AuthorFilesLines
2023-11-01proc-cmdline: use read_virtual_file() for /proc/cmdlineLennart Poettering1-2/+2
2023-11-01cryptenroll: use erase_and_free() at two more placesLennart Poettering2-3/+3
2023-11-01sd-netlink: res_id is 16bit but serial is 32bitYu Watanabe1-3/+3
The explicit value here is not so important. Let's chop off the higher bits. Fixes the issue reported at https://github.com/systemd/systemd/pull/29802#issuecomment-1788637950.
2023-11-01dhcp6: enterprise ID is 32bitYu Watanabe1-1/+1
Follow-up for 6b44099b3baff64af1ef58db8e38ecddc8070e9b. Fixes #29800.
2023-11-01build(deps): bump actions/checkout from 4.1.0 to 4.1.1dependabot[bot]11-11/+11
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/8ade135a41bc03ea155e62e844d188df1ea18608...b4ffde65f46336ab88eb53be808477a3936bae11) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
2023-11-01build(deps): bump redhat-plumbers-in-action/differential-shellcheckdependabot[bot]1-1/+1
Bumps [redhat-plumbers-in-action/differential-shellcheck](https://github.com/redhat-plumbers-in-action/differential-shellcheck) from 4.2.2 to 5.0.1. - [Release notes](https://github.com/redhat-plumbers-in-action/differential-shellcheck/releases) - [Changelog](https://github.com/redhat-plumbers-in-action/differential-shellcheck/blob/main/docs/CHANGELOG.md) - [Commits](https://github.com/redhat-plumbers-in-action/differential-shellcheck/compare/ac4483d8c6713bd2011037f44fe626989468af74...aa647ec4466543e8555c2c3b648124a9813cee44) --- updated-dependencies: - dependency-name: redhat-plumbers-in-action/differential-shellcheck dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
2023-11-01build(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.1dependabot[bot]1-1/+1
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.2.0 to 2.3.1. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/08b4669551908b1024bb425080c797723083c031...0864cf19026789058feabb7e87baa5f140aac736) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
2023-11-01varlink: add generic impl. of io.systemd.service.SetLogLevel()David Tardon2-0/+42
2023-11-01udev: revert workarounds for issues caused by the devlink creation optimizationYu Watanabe1-11/+0
This reverts the following two commits: - "udev: decrease devlink priority for encrypted partitions" c4521fc17bb33d10bf5aca3f87f6a394dfecf423. - "udev: decrease devlink priority for iso disks" df1dccd25547b430258bd42ec60428fc9aff1370. These commits are workarounds for issues caused by 331aa7aa15ee5dd12b369b276f575d521435eb52. With the previous commit, these workarounds are not necessary anymore, as partitions are always processed later than their whole disk, and a decrypted volume is also processed later than its backing volume.
2023-11-01udev: update devlink with the newer device node even when priority is equivalentYu Watanabe1-5/+5
Several udev rules depends on the previous behavior, i.e. that udev replaces the devlink with the newer device node when the priority is equivalent. Let's relax the optimization done by 331aa7aa15ee5dd12b369b276f575d521435eb52. Follow-up for 331aa7aa15ee5dd12b369b276f575d521435eb52. Note, the offending commit drops O(N) of file reads per uevent, and this commit does not change the computational order. So, hopefully the performance impact of this change is small enough. Fixes #28141.
2023-11-01man: Improve text for SystemMaxFileSize when not setAndré Paiusco1-3/+3
If one sets the SystemMaxUse=64G by the current documentation would expect that each files size would be around 1/8 of this value (8G), althought if the SystemMaxFileSize is not explicit set, it has a max of 128M per file.
2023-11-01analyze: handle CAP_BPF supportPeter Hutterer3-0/+20
2023-11-01man: explicitly mention that environment.d/ cannot be used to set the ↵Lennart Poettering1-11/+17
service manager's own env block Fixes: #29414
2023-11-01man: fix typoYu Watanabe1-1/+1
Follow-up for ba87a61d05d637be9f0b21707f7fe3b0a74c5a05.
2023-11-01network: support ID_NET_MANAGED_BY udev propertyYu Watanabe2-0/+18
If the property is set, networkd manages the interface only when its value is "io.systemd.Network". Closes #29768.
2023-11-01coredump: let's always drop privilegesLennart Poettering1-42/+39
Let's unconditionally drop privileges before submitting the coredump log message. Let's make the codepaths where we acquired a coredump and where we didn't more alike: let's drop privs in both cases. This is not only safer, but means that the coredump messages are always accessible by the owner of the aborted process.
2023-11-01coredump: tweak coredump log messageLennart Poettering1-8/+19
Let's not claim a process dumped core if that was disabled via resource limits. While we are at it, switch from stack to heap allocation for the log message, as it includes a stack trace which can be arbitrarily large. Fixes: #28559
2023-11-01NEWS: fix typoYu Watanabe1-2/+2
2023-11-01Fixed a typo in kernel-install/60-ukify.install.in for globing microcodeMarc Pervaz Boocha1-1/+1
searches in a non-existent micocode/* dir instead of micocode* due a typo in #28592
2023-11-01core: rename and add comment to ExecParameters cleanup functionsLuca Boccassi8-18/+18
2023-11-01po: Translated using Weblate (Portuguese)Hugo Carvalho1-26/+52
Currently translated at 100.0% (227 of 227 strings) Co-authored-by: Hugo Carvalho <hugokarvalho@hotmail.com> Translate-URL: https://translate.fedoraproject.org/projects/systemd/master/pt/ Translation: systemd/main
2023-11-01nspawn: make sure idmapped logic works if DDI contains only /usr/ treeLennart Poettering5-27/+69
If we have a DDI that contains only a /usr/ tree (and which is thus combined with a tmpfs for root on boot) we previously would try to apply idmapping to the tmpfs, but not the /usr/ mount. That's broken of course. Fix this by applying it to both trees.
2023-11-01Update NEWSLuca Boccassi1-0/+284
2023-10-31man: change title of the section to better reflect actual contentMichal Sekletar1-1/+1
2023-10-31core: fix a couple of typosFrantisek Sumsal1-3/+3
2023-10-31test: exercise more systemd-executor related stuffFrantisek Sumsal1-1/+104
2023-10-31barrier: use EBADF where appropriateLennart Poettering1-1/+1
2023-10-31test: skip SocketBind*= tests when built without a bpf frameworkFrantisek Sumsal1-46/+49
The test intentionally checks for -BPF_FRAMEWORK so we run the test case (and fail) even if we rename the feature flag.
2023-10-31core: check if we got a valid personality during deserializationFrantisek Sumsal1-2/+4
2023-10-31nspawn: fix barriers when wiping fully visible procfs/sysfsLennart Poettering1-5/+9
Let's wait until the child is fully done with mounting it's own instances of procfs/sysfs before we destroy our fully visible copies of it. This borrows heavily from Christian Brauners fix #29521, but splits the place + sync into two steps so that the child payload is not started before the parent has destroyed the procfs instance. Alternative to: #29521 Fixes: #28157
2023-10-31udev: fix device name shown in the log message on failureYu Watanabe1-4/+9
Prompted by #29500.
2023-10-31udevadm-trigger: mention --type=all in helpYu Watanabe1-0/+1
Follow-up for 1baeee5784f1b859d2a1446f6776efe6d7fde7b6. Fixes #29779.
2023-10-31man: Add remarks about StandardInput=socket and sd_listen_fds()Michal Koutný2-1/+5
It confuses users when they cannot find respective environment variables with config that is supposes for (x)inetd activated service only. Fix: #29670
2023-10-31sysctl.d: Fix pid_max commentMichal Koutný1-2/+2
The actual default is 2^15 and that is also 32b kernels default. Fix the value, mention 32b and do not talk about default which may depend on nr_cpus. Fix: #29607
2023-10-31varlink: add generic impl. of io.systemd.varlink.Ping()David Tardon2-0/+14
2023-10-31varlink: define interface io.systemd.serviceDavid Tardon4-0/+28
2023-10-31dissect: reenable automatic removal before trying againYu Watanabe1-18/+16
The device node may be different from we want to activate, and we may try to activate different device in the subsequent loop. In such case, we should enable the automatic removal for the unexpected device. Otherwise, it will not be removed even when not necessary anymore.
2023-10-31New PAM module: pam_systemd_loadkeyJin Liu5-0/+214
This module reads password from kernel keyring and sets it as PAM authtok. It's inspired by gdm's pam_gdm, which reads the LUKS password stored by systemd-cryptsetup, so Gnome Keyring can be automatically unlocked if set to the same password (when autologin is enabled so the user doesn't enter a password in gdm).
2023-10-31update TODOLennart Poettering1-5/+0
2023-10-31NEWS: mention that ip=off now means ip=offLennart Poettering1-0/+5
2023-10-31man: document the new ip=link-local kernel cmdline optionLennart Poettering1-7/+16
2023-10-31network-generator: add support for ip=link-localLennart Poettering5-24/+63
2023-10-31network-generator: name enum for "ip=dhcp" case same as literal stringLennart Poettering2-5/+5
Let's make this less confusing, and use the same string externally as enum name internally.
2023-10-31locale: drop implementation detail from comment in config fileYu Watanabe1-1/+1
2023-10-31locale,firstboot: add headers to vconsole.confYu Watanabe6-2/+28
Closes #29717. Replaces #29760. Co-authored-by: cunshunxia <cunshunxia@tencent.com>
2023-10-31env-util: make write_env_file() optionally take headersYu Watanabe10-16/+19
This also makes write_env_file() and write_env_file_label() optionally take dir_fd, and drop write_env_file_at(). Preparation for later commits.
2023-10-31tests: use log_tests_skipped() and friend moreYu Watanabe5-16/+10
2023-10-31tests: make log_tests_skipped() and friend accept format stringYu Watanabe2-14/+17
2023-10-31tree-wide: fix typoYu Watanabe7-9/+9
2023-10-31network: free dhcp6_hostnameRonan Pigott1-0/+1
Fixes: b90480c80daa ("network: introduce SendHostname/Hostname DHCPv6 options")