| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We often used a pattern like if (!FLAGS_SET(flags, SD_JSON_FORMAT_OFF)),
which is rather verbose and also contains a double negative, which we try
to avoid. Add a little helper to avoid an explicit bit check.
This change clarifies an aditional thing: in some cases we treated
SD_JSON_FORMAT_OFF as a flag (flags & SD_JSON_FORMAT_OFF), while in other cases
we treated it as an independent enum value (flags == SD_JSON_FORMAT_OFF).
In the first form, flags like SD_JSON_FORMAT_SSE do _not_ turn the json
output on, while in the second form they do. Let's use the first form
everywhere.
No functional change intended.
Initially I wasn't sure if this helper should be made public or just internal,
but it seems such a common pattern that if we expose the flags, we might just
as well expose it too, to make life easier for any consumers.
|
| |
|
|
| |
In order to distinguish it from libc function naming.
|
| |
|
|
| |
laccess is our own macro that uses RET_NERRNO.
|
| | |
|
| |
|
|
|
|
| |
To support the case that paths to plugins contain spaces.
Prompted by #34459
|
| |
|
| |
It was quite a surprise to find my comments in a booted kernel cmdline.
|
| |
|
|
|
|
| |
On CentOS/Fedora, dracut is configured to write the initrd to
/boot/initramfs-$KERNEL_VERSION...img so let's check for that as well
if no initrds were supplied.
|
| |
|
|
|
|
|
| |
If we're running from within a container, we're very likely not going
to want to use the kernel command line from /proc/cmdline, so let's add
a check to see if we're running from a container to decide whether we'll
use the kernel command line from /proc/cmdline.
|
| |
|
|
|
|
|
|
|
| |
The new file, modules.weakdep, generated by depmod to get the weak
dpendencies information can be present
(https://github.com/kmod-project/kmod/commit/05828b4a6e9327a63ef94df544a042b5e9ce4fe7),
so remove it like the other similar files.
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
When boot counting is enabled, adding a new loader entry or UKI can conflict
with an existing one that has booted successfully and therefore has its boot
counter removed. systemd-bless-boot will fail to bless the new successful boot,
since a file without a boot counter already exists. Since kernel-install will
clobber existing files without boot counting, we should therefore remove files
without a boot count as well, when we add a file with one.
Fixes: #33504
|
| |
|
|
|
|
|
|
|
| |
Follow up for 8b3b01c4b7e0fde39b4be354990ee68f5e612c52
We switch to PROJECT_VERSION instead of PROJECT_VERSION_FULL where
we report our version and which is likely being parsed to avoid
breaking compat. If we didn't, the output would change from systemd
255 to systemd 255.1 which could break various tools.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is preparation for making our Varlink API a public API. Since our
Varlink API is built on top of our JSON API we need to make that public
first (it's a nice API, but JSON APIs there are already enough, this is
purely about the Varlink angle).
I made most of the json.h APIs public, and just placed them in
sd-json.h. Sometimes I wasn't so sure however, since the underlying data
structures would have to be made public too. If in doubt I didn#t risk
it, and moved the relevant API to src/libsystemd/sd-json/json-util.h
instead (without any sd_* symbol prefixes).
This is mostly a giant search/replace patch.
|
| |
|
|
| |
Fixes https://github.com/systemd/systemd/issues/32992.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
After db26d8025e5bbc188f93b645124126bbc550caa5,
kernel-install takes config files under /run/
and /usr/local/lib/ into account too. The same
should apply to ukify.
Note that ukify when invoked alone searches under
/run/systemd/, /etc/systemd/, /usr/local/lib/systemd/,
and /usr/lib/systemd/, respectively, which is against
our usual order...
|
| |
|
|
| |
This reverts commit 85b774de49caff8be819f021740dd680ba76ab77.
|
| |
|
|
|
|
|
|
|
|
|
| |
In case kernel-install is called to install what's already a UKI, 60-ukify
must be skipped. E.g. when distro shipped and signed UKI is being installed,
it is counter-productive to try to rebuild it with ukify. Also, the existing
script is not ready to handle UKIs with embedded initramfs.
Note, it is already possible to disable 60-ukify by setting
KERNEL_INSTALL_UKI_GENERATOR to something but in case it is not set, 60-ukify
assumes it should run.
|
| |\
| |
| | |
Add strdup_to() helper
|
| | |
| |
| |
| |
| |
| | |
I didn't know that this helper existed… It is very similar to strdup_to_full(),
but all callers can actually be replaced by strdup_to(), which has more fitting
semantics.
|
| |/
|
|
|
|
|
|
|
|
|
|
| |
For "kernel-install remove ..." only the kernel version is passed, not
the kernel image. So auto-detecting KERNEL_INSTALL_IMAGE_TYPE and
setting KERNEL_INSTALL_LAYOUT does not work for uninstall.
The 90-uki-copy.install plugin must consider this and *not* exit early
for the "remove" command, otherwise $BOOT_ROOT will be filled with stale
kernel images.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
| |\
| |
| | |
Read kernel-install config from /run/kernel too
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This brings the handling of config for kernel-install in line with most of
systemd, i.e. we search the set of paths for the main config file, and the full
set of drop-in paths for drop-ins.
This mirrors what 07f5e35fe7967c824a87f18a3a1d3c22e5be70f5 did for udev.conf.
That change worked out fine, so I hope this one will too.
The update in the man page is minimal. I think we should split out a separate
page for the config file later on.
One motivating use case is to allow a drop-in to be created for temporary
config overrides and then removed after the operation is done.
|
| | |
| |
| |
| |
| |
| |
| | |
That's not gramatically correct.
In backlight, change "assocation" to "deduplication". Without the context,
it's probably not clear at all that we "associate" them to ignore them.
|
| | |
| |
| |
| |
| |
| | |
GIT_VERSION only makes sense for C files as it depends on C preprocessor
macro expansion now so let's use VERSION_TAG instead of GIT_VERSION
for the two remaining usages of GIT_VERSION that are not in C files.
|
| | | |
|
| | |
| |
| |
| |
| |
| | |
When using uki, kernel installations always have the same name in
systemd-boot menu.
Signed-off-by: Guilhem Lettron <guilhem@barpilot.io>
|
| |/
|
|
|
|
|
|
|
|
| |
checking
let's make userspace verity signature checking optional. This adds a
dissection flag to enable the logic and patches through all our users to
enable it by default, thus effectively not changing anything from the
status quo ante. However, know we have a knob to turn this off in
certain scenarios.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Let's make sure that versions generated by meson-vcs-tag.sh always
sort higher than official and stable releases. We achieve this by
immediately updating the meson version in meson.build after a new
release. To make sure this version always sorts lower than future
rcs, we suffix it with "~devel" which will sort lower than "~rcX".
The new release workflow is to update the version in meson.build
for each rc and the official release and to also update the version
number after a new release to the next development version.
The full version is exposed as PROJECT_VERSION_FULL and used where
it makes sense over PROJECT_VERSION.
We also switch to reading the version from a meson.version file in
the repo instead of hardcoding it in meson.build. This makes it
easier to access both inside and outside of the project.
The meson-vcs-tag.sh script is rewritten to query the version from
meson.version instead of passing it in via the command line. This
makes it easier to use outside of systemd since users don't have to
query the version themselves first.
|
| | |
|
| |\
| |
| | |
kernel-install fixes
|
| | | |
|
| | |
| |
| |
| | |
Don't reopen or dup values that weren't set before. Fixes add-all.
|
| |/ |
|
| |
|
|
|
|
| |
Let's make sure these follow the rest of kernel-install and always
operate on the given root directory, even if the verb itself can't
support --root= just yet.
|
| |
|
|
|
|
| |
`list` and `add-all` ignore `--root` or `--image`, working on the running
system instead.
Also improve the error message if `--image` is used.
|
| | |
|
| |\
| |
| | |
Use exec() to import ukify
|
| | |
| |
| |
| |
| |
| | |
As suggested by Daniele Nicolodi.
Also drop left-over debug line.
|
| | |
| |
| |
| |
| |
| | |
Using the kernel version from the host is incorrect in this case, so
fix the logic so it handles no version being specified correctly with
--root=.
|
| |/ |
|
| |
|
|
|
|
|
|
|
|
|
| |
when KERNEL_INSTALL_UKIFY is not supplied we set ukify to $PWD/ukify
that will fail (perhaps only for manual installations):
FileNotFoundError: [Errno 2] No such file or directory: '/usr/src/linux-6.7-rc1/ukify'
this will make sure we have a sane default for UKIFY
Signed-off-by: Paymon MARANDI <paymon@utubeipod.xyz>
|
| |
|
|
|
|
|
|
|
|
|
| |
When we resolve symlinks, paths (especially filenames) may be changed,
but plugins may expect to see the kernel added under the name specified,
not under the final name that the symlink chain resolves to.
This makes symlinks in specified paths that passed to plugins are not
resolved when neither --root nor --image specified.
Fixes #29317.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
This fixes a regression introduced by
42551ea7e923bac5df12b20e3e735a487d38dcd5.
In the shell script version, plugin failures are propagated to the
caller. But after the commit, failures in plugins are logged, but never
propagated as the exit code of the execution.
Fixes #30087.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
parameters
This makes "kernel-install inspect" work more "kernel-install add": if
the version or kernel image is specified as "-" or omitted we'll make it
up.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Let's make kernel-install a bit easier to use:
If the kernel version is not specified, let's imply "uname -r", so that
we regnerate the entries for the current kernel.
If the kernel image is not specified let's imply using
/usr/lib/modules/$version/vmlinuz, i.e. the location distros like Fedora
drop the kernel into, which we generally recommend people to use.
If the kernel is not found there, don't try to automatically pick the
kernel path, and fail, as before.
|
| |
|
|
|
| |
This simply dumps the dirs in /usr/lib/modules/ and whether they contain
a vmlinuz binary.
|
