| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When looking at configuration, often a user wants to suppress the comments and
just look at the parts that actually configure something, roughly equivalent to
systemd-analyze cat-config … | rg -v '^(#|;|$)
This switch implements this natively, skipping lines that start with a comment
character or only contain whitespace.
For formats that have section headers, section headers are skipped, if only
followed by stuff that would be skipped. (The last section header is printed
when we're about to print some actual output.)
Note that the caller doesn't know if the format has headers or not. We do format
type detection in pretty-print.c. So the caller only specifies tldr=true|false, and
conf_files_cat() figures out if the format has headers and whether those should
be handled specially.
The comments that show the file name are always printed, even if all of the file
is suppressed.
This is a partial answer to the discussions in
https://github.com/systemd/systemd/pull/28919,
https://github.com/systemd/systemd/pull/29248. If the default config is shown in
config files, the user can conveniently use '--tldr' to show the relevant parts.
|
| |
|
|
|
|
|
| |
This helps a lot with figuring out why units were started when they
were, rather than guessing there is a dependency relation. We could
perhaps also do fun JavaScript things in the future to highlight
dependencies on mouse-over.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
We so far maintained two places for symboic names for PCRs. One in
tpm2-util.h and one in tpm-pcr.h.
Let's unify this into one, i.e. move the full list from tpm2-util.h into
tpm-pcr.h, replacing the short list placed so far there.
Systematically prefix the definitions with TPM2_ or tpm2_, to follow how
we do this for all other defines in this context.
No change in behaviour, just unification of tables.
|
| |
|
|
|
|
|
|
|
|
| |
seccomp-util.h doesn't need ifdeffing, hence don't. It has worked since
quite a while with HAVE_SECCOMP is off, hence use it everywhere.
Also drop explicit seccomp.h inclusion everywhere (which needs
HAVE_SECCOMP ifdeffery everywhere). seccomp-util.h includes it anyway,
automatically, which we can just rely on, and it deals with HAVE_SECCOMP
at one central place.
|
| | |
|
| | |
|
| | |
|
| |\
| |
| | |
meson: cleanups for version dependency
|
| | | |
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If we don't have TPM support then `alg` is NULL and passing this to
table_new() means we'd get a table with only two columns instead of
three, leading up to a very confusing output:
$ build/systemd-analyze pcrs
System lacks full TPM2 support, not showing PCR state.
NR NAME
0 platform-code
- 1
platform-config -
2 external-code
- 3
external-config -
4 boot-loader-code
- 5
boot-loader-config -
6 -
- 7
...
Let's name the header in this case with a simple dash, as it's going
to be hidden anyway, to make the table nice again:
$ build/systemd-analyze pcrs
System lacks full TPM2 support, not showing PCR state.
NR NAME
0 platform-code
1 platform-config
2 external-code
3 external-config
4 boot-loader-code
5 boot-loader-config
6 -
7 secure-boot-policy
...
|
| |\
| |
| | |
Add RET_GATHER macro to make continue-but-remember-first-error functions easier
|
| | |
| |
| |
| | |
No functional change indentended.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This commits adds version_is_valid_versionspec and uses it in
analyze-compare-version.c.
version_is_valid_versionspec differs from version_is_valid in that it acepts
empty strings and since valid characters in a version spec version are all
ASCII letters and digits as well as "-.~^", but ",_+" allowed by
version_is_valid are not.
Also give a more specific warning message on invalid characters.
|
| |/
|
|
| |
rc2 edition
|
| | |
|
| |
|
|
|
| |
It shows the PCRs we know about along with their name strings and
current values.
|
| |
|
|
|
|
| |
I figure these messages are rather unnecessary, so let the user quiet
them with the existing --quiet flag if desired. Makes systemd-analyze
condition a little more ergonomic in scripts.
|
| |
|
|
|
|
| |
It's highly interesting to see if tools such as systemd-sysupdate
consider a version valid, hence let's output that too (though
gracefully, not fatally)
|
| |
|
|
| |
Instead of _cleanup_(set_freep) or so.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
/run/systemd/mount-rootfs/ too
Let's use the same common directory as the unit logic uses.
This means we have less to clean up, and opens the door to eventually
allow unprivileged operation of the
mount_image_privately_interactively() logic.
|
| |
|
|
|
|
|
|
|
| |
Addresses
https://github.com/systemd/systemd/pull/25608/commits/84be0c710d9d562f6d2cf986cc2a8ff4c98a138b#r1060130312,
https://github.com/systemd/systemd/pull/25608/commits/84be0c710d9d562f6d2cf986cc2a8ff4c98a138b#r1067927293, and
https://github.com/systemd/systemd/pull/25608/commits/84be0c710d9d562f6d2cf986cc2a8ff4c98a138b#r1067926416.
Follow-up for 84be0c710d9d562f6d2cf986cc2a8ff4c98a138b.
|
| |\
| |
| | |
dissect: add dissection policies
|
| | | |
|
| | | |
|
| | | |
|
| |/ |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
It's a sycall group of our own definition, and the output is erroneous
to claim otherwise. Let's hide it.
This adds syscall_set_add() which is nicely symmetric to the existing
syscall_set_remove().
Follow-up for: 6d6a08547c03f96dc798cda1ef4a8d3013d292d5
|
| |
|
|
|
| |
These are almost never used, so let's move them to the _full()
functions signatures.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
In various tools and services we have a per-system and per-user concept.
So far we sometimes used a boolean indicating whether we are in system
mode, or a reversed boolean indicating whether we are in user mode, or
the LookupScope enum used by the lookup path logic.
Let's address that, in introduce a common enum for this, we can use all
across the board.
This is mostly just search/replace, no actual code changes.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Gets the memory state of the manager:
root@image:~# systemd-analyze malloc
<malloc version=1>
<heap nr=0>
<sizes>
<size from=33 to=33 total=396 count=12/>
<unsorted from=20385 to=20385 total=20385 count=1/>
</sizes>
<total type=fast count=0 size=0/>
<total type=rest count=14 size=36589/>
<system type=current size=1691648/>
<system type=max size=1839104/>
<aspace type=total size=1691648/>
<aspace type=mprotect size=1691648/>
</heap>
<total type=fast count=0 size=0/>
<total type=rest count=14 size=36589/>
<total type=mmap count=0 size=0/>
<system type=current size=1691648/>
<system type=max size=1839104/>
<aspace type=total size=1691648/>
<aspace type=mprotect size=1691648/>
</malloc>
|
| |
|
|
|
|
|
| |
Although this slightly more verbose it makes it much easier to reason
about. The code that produces the tests heavily benefits from this.
Test lists are also now sorted by test name.
|
| | |
|
| |
|
|
|
|
| |
Meson+ninja+compiler do this for us and are better at it.
https://mesonbuild.com/FAQ.html#do-i-need-to-add-my-headers-to-the-sources-list-like-in-autotools
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
-1 was used everywhere, but -EBADF or -EBADFD started being used in various
places. Let's make things consistent in the new style.
Note that there are two candidates:
EBADF 9 Bad file descriptor
EBADFD 77 File descriptor in bad state
Since we're initializating the fd, we're just assigning a value that means
"no fd yet", so it's just a bad file descriptor, and the first errno fits
better. If instead we had a valid file descriptor that became invalid because
of some operation or state change, the other errno would fit better.
In some places, initialization is dropped if unnecessary.
|
| |
|
|
| |
Follow-up for #25339
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
The name "def.h" originates from before the rule of "no needless abbreviations"
was established. Let's rename the file to clarify that it contains a collection
of various semi-related constants.
|
| | |
|
| | |
|
