summaryrefslogtreecommitdiffstats
path: root/src/home/homework-luks.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* tree-wide: drop doubled empty linesYu Watanabe2024-10-071-1/+0
|
* fs-util: rename laccess to access_nofollowMike Yuan2024-10-051-1/+1
| | | | In order to distinguish it from libc function naming.
* various: correct laccess() error checkMike Yuan2024-10-041-4/+4
| | | | laccess is our own macro that uses RET_NERRNO.
* repart: Add compression supportDaan De Meyer2024-09-031-0/+2
| | | | | | | | | | | | | | | | | | | | | Now that mkfs.btrfs is adding support for compressing the generated filesystem (https://github.com/kdave/btrfs-progs/pull/882), let's add general support for specifying the compression algorithm and compression level to use. We opt to not parse the specified compression algorithm and instead pass it on as is to the mkfs tool. This has a few benefits: - We support every compression algorithm supported by every tool automatically. - Users don't need to modify systemd-repart if a mkfs tool learns a new compression algorithm in the future - We don't need to maintain a bunch of tables for filesystem to map from our generic compression algorithm enum to the filesystem specific names. We don't add support for btrfs just yet until the corresponding PR in btrfs-progs is merged.
* tree-wide: port over to new builder apisLennart Poettering2024-06-191-6/+6
|
* libsystemd: turn json.[ch] into a public APILennart Poettering2024-06-121-17/+18
| | | | | | | | | | | | | | | This is preparation for making our Varlink API a public API. Since our Varlink API is built on top of our JSON API we need to make that public first (it's a nice API, but JSON APIs there are already enough, this is purely about the Varlink angle). I made most of the json.h APIs public, and just placed them in sd-json.h. Sometimes I wasn't so sure however, since the underlying data structures would have to be made public too. If in doubt I didn#t risk it, and moved the relevant API to src/libsystemd/sd-json/json-util.h instead (without any sd_* symbol prefixes). This is mostly a giant search/replace patch.
* tree-wise: several cleanups for loggingYu Watanabe2024-04-301-6/+6
| | | | | | | | | | | - drop unnecessary SYNTHETIC_ERRNO() when the logger does not propagate error code, - drop unnecessary '%m' in error message when the error code is specified with SYNTHETIC_ERRNO(), - add missing full stop at the end of log message, - use RET_GATHER(), - add missing ", ignoring.", - upeercase the first letter, etc., etc...
* Merge pull request #32143 from yuwata/magicLennart Poettering2024-04-171-1/+1
|\ | | | | basic/linux: copy magic.h from kernel to our code
| * home,resize-fs: replace XFS_SB_MAGIC -> XFS_SUPER_MAGICYu Watanabe2024-04-091-1/+1
| |
* | tree-wide: insert missing space after commaYu Watanabe2024-04-121-2/+2
|/
* homework: Always upload volume key to keyringAdrian Vovk2024-03-231-117/+95
| | | | | | | | | | | | | | | | | | | | This commit makes homework always upload the LUKS volume key into the kernel keyring. This is different from previous behavior in three notable ways: - Previously, we'd only upload if auto-resize was on. In preparation for upcoming changes, now we always upload - Previously, we'd upload the user's actual password (or a password obtained from a FIDO key or similar). Now, we upload the LUKS volume key itself, to remove a layer of unnecessary indirection. - Previously, Lock() wouldn't remove the key from the kernel keyring. This, of course, defeats the purpose of Lock(), so now it removes the key This commit also allows the LUKS volume to be unlocked using the volume key we obtained from the keyring.
* various: also use strdup_to() in cases where we don't return immediatelyZbigniew Jędrzejewski-Szmek2024-03-201-7/+3
|
* homework: Reconcile blob directoriesAdrian Vovk2024-02-191-4/+13
| | | | | | | Whenever the host & embedded records are reconciled, the host & embedded blob directories are now reconciled too in the same direction. Reconciling the blob directories serves exactly the same purpose as reconciling the user records, and thus should behave in the same way.
* homework: Use minimal pbkdf2 parameters without benchmark.Ondrej Kozina2024-02-011-3/+4
|
* tree-wide: replace FOREACH_POINTER with FOREACH_ARGUMENTMike Yuan2024-01-241-23/+26
| | | | | The latter is more generic and while being compatible with the former.
* homework: Cleanup home_store_embedded_identityAdrian Vovk2024-01-181-2/+2
| | | | | This function took an extra argument that it never used. This commit cleans that up
* loop-util: also store the device size in LoopDeviceLennart Poettering2023-12-131-3/+2
| | | | That makes the field easily accessible, just as the sector size.
* blockdev-util: add new helper blockdev_get_device_size()Lennart Poettering2023-12-131-5/+7
| | | | | | | | | | This function is just a wrapper around the BLKGETSIZE64. Which is a pretty simple ioctl. The only reason to wrap it, is that the headers we need to call it are a bit messy (as "linux/fs.h" is incompatible with certain glibc headers). Hence add the simple helper that wraps it and allows us to do the header mess needed in one file only. It's also nicely symmetric to blockdev_get_sector_size().
* process-util: add new FORK_DEATHSIG_SIGKILL flag, rename FORK_DEATHSIG → ↵Lennart Poettering2023-11-021-3/+3
| | | | | | | | | | | | | | | | | | FORK_DEATHSIG_SIGTERM Sometimes it makes sense to hard kill a client if we die. Let's hence add a third FORK_DEATHSIG flag for this purpose: FORK_DEATHSIG_SIGKILL. To make things less confusing this also renames FORK_DEATHSIG to FORK_DEATHSIG_SIGTERM to make clear it sends SIGTERM. We already had FORK_DEATHSIG_SIGINT, hence this makes things nicely symmetric. A bunch of users are switched over for FORK_DEATHSIG_SIGKILL where we know it's safe to abort things abruptly. This should make some kernel cases more robust, since we cannot get confused by signal masks or such. While we are at it, also fix a bunch of bugs where we didn't take FORK_DEATHSIG_SIGINT into account in safe_fork()
* tree-wide: fix typoYu Watanabe2023-10-041-1/+1
|
* various: use _NEG_ macros to reduce indentationZbigniew Jędrzejewski-Szmek2023-08-161-14/+11
| | | | No functional change intended.
* btrfs-util: Move subvolume creation to basic/btrfs.hDaan De Meyer2023-08-141-1/+1
| | | | Also make btrfs_subvol_make() an openat style function.
* tree-wide: Use fdisk_new_context_at() moreDaan De Meyer2023-08-141-6/+2
|
* fdisk-util: Make fdisk_new_context_fd() more genericDaan De Meyer2023-08-141-3/+3
| | | | | Let's make this an openat() style function so we can also pass a device path.
* tree-wide: Fix -Wmaybe-uninitialized compilation warningsDaan De Meyer2023-08-041-1/+1
|
* homework: cleanup use of ERRNO_IS_DEVICE_ABSENT()Dmitry V. Levin2023-07-281-8/+10
| | | | | | | | | | | | | Given that ERRNO_IS_DEVICE_ABSENT() also matches positive values, make sure this macro is not called with arguments that do not have errno semantics. In this case the arguments passed to ERRNO_IS_DEVICE_ABSENT() are the values returned by external cryptsetup functions sym_crypt_init_by_name() and sym_crypt_deactivate_by_name() which are not expected to return any positive values, but let's be consistent anyway and move ERRNO_IS_DEVICE_ABSENT() invocations to the branches where the return values are known to be negative.
* homework-luks: fix typosTopi Miettinen2023-07-211-2/+2
|
* treewide: fix "an" before consonant U soundsJoerg Behrmann2023-07-061-1/+1
| | | | | | The article "a" goes before consonant sounds and "an" goes before vowel sounds. This commit changes an to a for UKI, UDP, UTF-8, URL, UUID, U-Label, UI and USB, since they start with the sound /ˌjuː/.
* homework: resize to maximum disk space if disk size is not specifiedGibeom Gwon2023-06-191-12/+54
| | | | | | | | If the backing storage is LUKS2 on a block device, auto resize mode is enabled, and disk size is not specified, resize the partition to the maximum expandable size. Fixes: #22255, #23967
* chattr-util: Make chattr_full() an openat() style functionDaan De Meyer2023-06-061-1/+1
|
* tree-wide: Fix false positives on newer gccDaan De Meyer2023-05-231-1/+1
| | | | | | Recent gcc versions have started to trigger false positive maybe-uninitialized warnings. Let's make sure we initialize variables annotated with _cleanup_ to avoid these.
* mkfs-util: Add quiet argument to make_filesystem()Daan De Meyer2023-05-121-1/+9
| | | | | | | | We default to quiet operation everywhere except for repart, where we disable quiet and have the mkfs tools write to stdout. We also make sure --quiet or equivalent is implemented for all mkfs tools.
* fsck: use execv_p_ and execl_p_Florian Klink2023-04-171-10/+1
| | | | | Instead of invoking find_executable on our own, use the variants of exec provided by glibc which does this for us.
* fsck: look for fsck binary not just in /sbinFlorian Klink2023-04-151-1/+10
| | | | | | | | | This removes remaining hardcoded occurences of `/sbin/fsck`, and instead uses `find_executable` to find `fsck`. We also use `fsck_exists_for_fstype` to check for the `fsck.*` executable, which also checks in `$PATH`, so it's fair to assume fsck itself is also available.
* repart: Add support for reading mkfs options from environmentDaan De Meyer2023-03-101-20/+2
|
* doc: replace wrong idiom in homed commentJan Engelhardt2023-03-071-2/+2
|
* homework: when creating/resizing GPT partitions, also set sector size explicitlyLennart Poettering2023-01-181-6/+13
|
* loop-util: always tell kernel explicitly about loopback sector sizeLennart Poettering2023-01-181-2/+18
| | | | | | Let's not leave the sector size unspecified: either set a user supplied value, or auto-detect the right size by probing the disk image accordingly.
* repart: Allow configuring sector sizeDaan De Meyer2023-01-171-1/+1
| | | | | | Let's allow users to configure the (logical) sector size of their image. This is required when building images for a 4k sector size disk on a 512b sector size host or vice-versa.
* tree-wide: use -EBADF for fd initializationZbigniew Jędrzejewski-Szmek2022-12-191-9/+9
| | | | | | | | | | | | | | | | -1 was used everywhere, but -EBADF or -EBADFD started being used in various places. Let's make things consistent in the new style. Note that there are two candidates: EBADF 9 Bad file descriptor EBADFD 77 File descriptor in bad state Since we're initializating the fd, we're just assigning a value that means "no fd yet", so it's just a bad file descriptor, and the first errno fits better. If instead we had a valid file descriptor that became invalid because of some operation or state change, the other errno would fit better. In some places, initialization is dropped if unnecessary.
* Implement SYSTEMD_HOME_MKFS_OPTIONS_* envvars to configure mkfs options for ↵Aidan Dang2022-12-151-1/+24
| | | | homed LUKS directories
* Implement --luks-pbkdf-force-iterations for homedAidan Dang2022-12-061-1/+5
|
* blkid-util: define enum for blkid_do_safeprobe() return valuesLennart Poettering2022-12-011-6/+10
| | | | | | libblkid really should define an enum for this on its own, but it currently doesn't and returns literal numeric values. Lets make this more readable by adding our own symbolic names via an enum.
* tree-wide: use errno_or_else() more, instead of homegrown checksLennart Poettering2022-12-011-5/+5
|
* blkid: add helpers that get gpt partition uuid as sd_id128_tLennart Poettering2022-11-291-10/+6
| | | | just some refactoring to make things simpler.
* fdisk: introduce common fdisk_new_context_fd() helperLennart Poettering2022-11-261-27/+5
| | | | | We do the same thing over and over again and it's a bit ugly, hence let's unify the code for it at one common place.
* homed: handle EINTR gracefully when waiting for device nodeLennart Poettering2022-11-221-2/+5
|
* homed: properly initialize all return paramsLennart Poettering2022-10-241-0/+1
|
* tree-wide: add ERRNO_IS_XATTR_ABSENT() helperLennart Poettering2022-10-101-1/+1
| | | | | We check the same list of error codes on various xattr operations, and we should on some more. Add a common helper for this purpose.
* Implement --luks-sector-size for homedAidan Dang2022-10-071-3/+3
|
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-11 13:00:27 +0100