| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We often used a pattern like if (!FLAGS_SET(flags, SD_JSON_FORMAT_OFF)),
which is rather verbose and also contains a double negative, which we try
to avoid. Add a little helper to avoid an explicit bit check.
This change clarifies an aditional thing: in some cases we treated
SD_JSON_FORMAT_OFF as a flag (flags & SD_JSON_FORMAT_OFF), while in other cases
we treated it as an independent enum value (flags == SD_JSON_FORMAT_OFF).
In the first form, flags like SD_JSON_FORMAT_SSE do _not_ turn the json
output on, while in the second form they do. Let's use the first form
everywhere.
No functional change intended.
Initially I wasn't sure if this helper should be made public or just internal,
but it seems such a common pattern that if we expose the flags, we might just
as well expose it too, to make life easier for any consumers.
|
| |\
| |
| | |
Various logging improvements
|
| | |
| |
| |
| |
| | |
Let's log about which bus we're trying to connect to and what transport
we're using to do it.
|
| | | |
|
| |/
|
|
| |
Follow-up for 164ca24d7464253e5f8375226b792ef8f6eaffd0.
|
| |
|
|
| |
Fixup for 2413a0fab4fdad7eef3ce1d4b57664be5795b002.
|
| |
|
|
|
| |
Otherwise when the user takes a long time to enter input the operation
to create the user's home will fail with "transport endpoint not connected".
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
This mirrors the behavior of `systemd-firstboot` and allows bootup
messages to settle down before user input is actually processed.
See: https://github.com/systemd/systemd/issues/34448
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Login shells are supposed to marked via a dash as first char. We follow
that logic, but right now we simply overwrite the first char of the
shell. That might not be the right choice, given that this turns
"zsh" into "-sh", which suggests some bourne shell process.
Hence, let's correct things, and instead prefix a dash, which should be
safer.
Inspired by findings on https://github.com/systemd/systemd/issues/34153#issuecomment-2338104907
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
We nowadays reset TTYs by writing ANSI sequences to them. This can only
work if we operate on an *output* fd, not an input fd. Hence switch
various cases where we erroneously used an input fd to use an output fd
instead.
|
| |
|
|
| |
reset-by-ioctl and reset-by-sequence reasonably
|
| |\
| |
| | |
Allow interactive auth in inhibit
|
| | |
| |
| |
| |
| | |
The functions in the file were *not* using the spawn prefix,
and the prefix seems completely unnecessary.
|
| |/ |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is preparation for making our Varlink API a public API. Since our
Varlink API is built on top of our JSON API we need to make that public
first (it's a nice API, but JSON APIs there are already enough, this is
purely about the Varlink angle).
I made most of the json.h APIs public, and just placed them in
sd-json.h. Sometimes I wasn't so sure however, since the underlying data
structures would have to be made public too. If in doubt I didn#t risk
it, and moved the relevant API to src/libsystemd/sd-json/json-util.h
instead (without any sd_* symbol prefixes).
This is mostly a giant search/replace patch.
|
| |
|
|
|
|
|
|
|
|
|
| |
- drop unnecessary SYNTHETIC_ERRNO() when the logger does not propagate
error code,
- drop unnecessary '%m' in error message when the error code is
specified with SYNTHETIC_ERRNO(),
- add missing full stop at the end of log message,
- use RET_GATHER(),
- add missing ", ignoring.",
- upeercase the first letter, etc., etc...
|
| | |
|
| |
|
|
|
|
| |
This makes it possible to update a home record (and blob directory) of a
home area that's either completely absent (i.e. on a USB stick that's
unplugged) or just inaccessible due to lack of authentication
|
| |
|
|
|
|
|
| |
These will be used by display managers to pre-select the user's
preferred desktop environment and display server type. On homed, the
display manager will also be able to set these fields to cache the
user's last selection.
|
| |
|
|
|
|
|
|
|
|
|
| |
Otherwise weird stuff happens on the other side:
[1217111.957263] testsuite-46.sh[61]: + homectl create test-user --disk-size=min --luks-discard=yes --image-path=/home/test-user.home --luks-pbkdf-type=pbkdf2 --luks-pbkdf-time-cost=1ms
[1217112.598219] homectl[66]: Operation on home test-user failed: Provided flags are unsupported (0ad2578000000000).
(taken from TEST-46-HOME run on armv7l)
Fixes issue mentioned in https://github.com/systemd/systemd/pull/31419#issuecomment-1955117397.
|
| |
|
|
|
|
|
|
|
|
|
| |
Rather than adding more and more parameters to ask_password_auto(), let's
pass a structure of the fields that often are constant anyway.
This way, callers can fill in what they need, and we take the filled
structure which we can pass around internally as one.
This is in particular preparation for adding one more field in one of
the next commits.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This makes it possible to edit blob directories using homectl. The
following syntax is available:
* `--blob-directory=/path/somewhere`: Replaces the entire blob directory
with the contents of /path/somewhere
* `--blob-directory=foobar=/path/somewhere`: Replaces just the file
foobar in the blob directory with the contents of /path/somewhere
* `--blob-directory=foobar=`: Deletes the file foobar from the blob
directory
* `--blob-directory=`: Resets all previous flags
* `--avatar=`, etc: Shortcuts for `--blob-directory=FILENAME=` for the
known files in the blob directory
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This field is like preferredLanguage, but takes a priority list of
languages instead. If an app isn't translated into a user's primary
language, it can fall back to one of the other languages in the list
thus making the app more accessible to the user.
For instance: in my experience, many Ukrainians are fluent in Russian,
often significantly better than English (especially if they are of a
generation that grew up during the USSR). Such a person might set this
new variable to ["uk_UA.UTF-8", "ru_UA.UTF-8"] so that software that
lacks Ukrainian translations will first try Russian translations before
defaulting to English.
Fixes #31290
|
| |
|
|
|
|
|
|
|
| |
We had both uid-range.h and uid-alloc-range.h. The latter now contains helpers
like {uid,gid}_is_{system,dynamic,container}(), uid_for_system_journal(), so
the existing name is outdated. I think the uid-range.[ch] should stay separate
because it has a bunch of helpers for parsing and printing of uid ranges. So
let's rename as in $subject to better reflect the contents of the file and make
the two sets of files harder to confuse.
|
| | |
|
| |
|
|
|
|
|
| |
This extends what systemd-firstboot does and runs on first boots only
and either processes user records passed in via credentials to create,
or asks the user interactively to create one (only if no regular user
exists yet).
|
| |
|
|
|
|
|
| |
want rather than complain about them
This makes it easier to take a user record from one host and create an
identical user on another.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
FORK_DEATHSIG_SIGTERM
Sometimes it makes sense to hard kill a client if we die. Let's hence
add a third FORK_DEATHSIG flag for this purpose: FORK_DEATHSIG_SIGKILL.
To make things less confusing this also renames FORK_DEATHSIG to
FORK_DEATHSIG_SIGTERM to make clear it sends SIGTERM. We already had
FORK_DEATHSIG_SIGINT, hence this makes things nicely symmetric.
A bunch of users are switched over for FORK_DEATHSIG_SIGKILL where we
know it's safe to abort things abruptly. This should make some kernel
cases more robust, since we cannot get confused by signal masks or such.
While we are at it, also fix a bunch of bugs where we didn't take
FORK_DEATHSIG_SIGINT into account in safe_fork()
|
| |
|
|
|
|
| |
Let's a "b" helper for json_variant_set_field() that combines
json_build() with json_variant_set_field(), similar to the
json_variant_merge_objectb(), json_variant_append_arrayb().
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
json_append() is a useful wrapper around json_variant_merge(). However,
I think the naming sould be cleaned up a bit of both functions.
I thinker "merge" is the better word than "append", since it does
decidedly more than just append: it replaces existing fields of the same
name, hence "merge" sounds more appropriate. This is as opposed to the
similar operations for arrays, where no such override logic is applied
and we really just append, hence those functions are called "append"
already.
To make clearer that "merge" is about objects, and "append" about
arrays, also include "object" in the name.
Also, include "json_variant" in the name, like we do for almost all
other functions in the JSON API that take a JSON object as primary
input, and hence are kinda object methods.
Finally, let's follow the logic that helpers that combine json_build()
with some other operation get suffixed with "b" like we already have in
some cases.
Hence:
json_variant_merge() → json_variant_merge_object()
json_append() → json_variant_merge_objectb()
This mirrors nicely the existing:
json_variant_append_array()
json_vairant_append_arrayb()
This also drops the variant of json_append() that takes a va_arg
parameter (i.e. json_appendv()). We have no user of that so far, and
given the nature as a helper function only I don#t see that happening,
and if it happens after all it's trivial to bring back.
|
| |
|
|
|
|
| |
pwquality and passwdqc
Co-authored-by: Dmitry V. Levin <ldv@altlinux.org>
|
| |
|
|
| |
Instead of _cleanup_(set_freep) or so.
|
| |
|
|
|
| |
parse_boolean_argument() returns the same information via both the output
argument and normal return.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
In various tools and services we have a per-system and per-user concept.
So far we sometimes used a boolean indicating whether we are in system
mode, or a reversed boolean indicating whether we are in user mode, or
the LookupScope enum used by the lookup path logic.
Let's address that, in introduce a common enum for this, we can use all
across the board.
This is mostly just search/replace, no actual code changes.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Let's allow users to configure the (logical) sector size of their
image. This is required when building images for a 4k sector size
disk on a 512b sector size host or vice-versa.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
-1 was used everywhere, but -EBADF or -EBADFD started being used in various
places. Let's make things consistent in the new style.
Note that there are two candidates:
EBADF 9 Bad file descriptor
EBADFD 77 File descriptor in bad state
Since we're initializating the fd, we're just assigning a value that means
"no fd yet", so it's just a bad file descriptor, and the first errno fits
better. If instead we had a valid file descriptor that became invalid because
of some operation or state change, the other errno would fit better.
In some places, initialization is dropped if unnecessary.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
* Some authenticators(like Yubikey) support credential algorithm other than ES256
* Introduce a new option so users can make use of it
|
