| Commit message (Collapse) | Author | Files | Lines |
|---|
|
mkosi's match syntax was changed so we update our config files to
use the new match syntax which mimicks the systemd condition syntax.
|
|
Fixes: #23440
|
|
When running:
$ localectl set-locale LC_MESSAGES=<TAB>
One is prompted with a list of locale fields instead of the list of
valid locales. This is because by calling "compset -P1 '*='", we modify
the $PREFIX special parameter before testing whether it contains an
equal sign. Therefore
if [[ -prefix 1 *\= ]]
is always false, and we always suggest a list of locale fields to the
user.
Fixes: #27955
|
|
This changes the console layout from 'hu101' to 'hu' when the user calls 'localectl set-x11-keymap hu', because 'hu' is the expected layout instead of 'hu101' for most users.
|
|
Fixes: #22838
|
|
Fixes: #23045
|
|
Setting umask for user sessions via UMASK setting in /etc/login.defs is
a well-known feature. Let's make sure that user manager also runs with
this umask value.
Follow-up for 5e37d1930b41b24c077ce37c6db0e36c745106c7.
|
|
|
|
Follow-up for #27936
Let's also update a bunch of static unit files, matching what we just
did for the generators.
|
|
The old syntax with linux + initrds as positional arguments is still accepted,
but a warning is emitted. We should remove the support for this after the
next release or so.
Adding a single verb by itself is not very useful, but opens the door to adding
other verbs.
|
|
Without this, the tests would generally be skipped, since we haven't made a
release with the addon stub yet. But even if the file is there, we always want
to test the freshly-built item.
|
|
C.f. b2efe286587e11e2aa4a6c7e4a2c15da3bb58a2a.
|
|
00e5933f57c6e336ebed18601299acc6855bb3c2 made all the positional arguments
optional, so let's take advantage of this to simplify variuos callers.
|
|
Online encryption is much faster then offline encryption when using
cryptsetup. To take advantage of this, when loop devices are available,
let's use online encryption instead off offline encryption to encrypt
partitions.
The online encryption logic is the same logic as was removed in
48a09a8fff480aab9a68e95e95cc37f6b1438751, except that it's now
integrated with PartitionTarget to ensure that logic outside of
partition_target_encrypt() has to minimally change regardless of
whether we're doing online or offline encryption.
|
|
|
|
|
|
|
|
|
|
We also remove btrfs_subvol_remove_fd() because btrfs_subvol_remove_at()
is more general.
|
|
|
|
Per coding style, we should accept NULL as the empty path.
|
|
|
|
A generalization of dir_fd_is_root() that allows passing a path
component.
|
|
|
|
|
|
Allow passing NULL to indicate the empty path per coding style.
|
|
We recently codified in the coding style that for openat() style APIs,
an empty path can be passed both as the empty string and as NULL, so
let's make sure we follow that style in xopenat().
|
|
Let's merge these two into a single function that can handle both
variants and more.
|
|
With these settings we intend to turn off timeouts for possibly
interactive/slow commands. The officially documented way to turn off the
time-outs is to setting them to infinity. So far we set them to zero
here though.
This lead to some confusiong, for example #18224. Let's fix this by
uniformly spelling out TimeoutSec=infinity.
This doesn't change behaviour. It just makes our generated files match
what we document, without relying on historic compat support.
Fixes: #18224
|
|
Introduced in 294446dcb9.
|
|
|
|
This adds tpm2_get_capability_algs(), tpm2_supports_alg(), and
tpm2_test_parms(). These functions allow verifying that the TPM supports
specific algs and parameters.
When creating a new context, this checks if the TPM supports the symmetric algs
we use. If the TPM does not support the symmetric algs and parameters we
require, we log and return error.
|
|
tpm2_capability_pcrs()
This adds a function to query specific capabilities from the TPM. That is then
used in a function to query the allocation of PCRs in the TPM, i.e. which PCR
banks and indexes are available, and caches the PCR allocation when the TPM
context is created.
|
|
- sort binaries
- send stdout/stderr of the autorelabel service to console as well
|
|
Turns out we can, apart from just building the module, "shove" it into
the SELinux database in a chroot as well. This brings quite significant
time savings, as the SELinux db rebuild takes 2 - 5 minutes in a VM
without acceleration (and takes currently ~half of the runtime of the test
in the C8S job).
|
|
|
|
In the documentation we usually spell the concept "control group".
Internally in code we usually call it "cgroup" or "CGroup". In systemctl output we
called the field "CGroup" so far, i.e. a capitalized version of the
internal name. This is of course very unsystematic. Let's clean this up
a bit: let's now say:
* in docs, continue to spell it out "control groups"
* in brief output call it "CGroup"
* internally call it "cgroup" or "CGroup"
Fixes: #14429
|
|
Linux kernel will, as documented in drivers/video/backlight/backlight.c,
report changes to a backlights brightness as a uevent (ACTION=change).
systemd-udev will consume the uevent, match on this rule and try to
activate the systemd-backlight service for the backlight. BUT when
systemd is not compiled with backlight support, this will lead to
failure that is reported in the journal.
Since the failure to activate systemd-backlight and subsequent failure
log entry happens on every backlight brightness change, we found the
resulting logspam during regular operation excessive and came up with
this patch to mitigate it.
The conditional is also extended to "*kbd_backlight" match, since
even though we did not investigate to see if the logspam would be
similar, the unconditional match to activate systemd-backlight here
would also not make sense when the feature is not compiled in.
Signed-off-by: Simon Braunschmidt <simon.braunschmidt@iba-group.com>
|
|
To avoid the "mountpoint is busy" error.
|
|
|
|
|
|
The TEST-24 has been silently timing out for quite a while in the C8S
job, as the check_result_qemu() override lacked some error checks,
whoopsie.
|
|
When the header= option comes before any other type= defining one, we
trip over an assertion:
Jun 04 15:45:33 H testsuite-24.sh[752]: + systemctl start systemd-cryptsetup@detached.service
Jun 04 15:45:33 H systemd[1]: Starting systemd-cryptsetup@detached.service...
Jun 04 15:45:33 H systemd-cryptsetup[4641]: Assertion 'name' failed at src/basic/strv.c:21, function strv_find(). Aborting.
...
Jun 04 15:45:33 H systemd-coredump[4643]: Process 4641 (systemd-cryptse) of user 0 dumped core.
...
Stack trace of thread 4641:
#0 0x00007ff9256afe5c __pthread_kill_implementation (libc.so.6 + 0x8ce5c)
#1 0x00007ff92565fa76 raise (libc.so.6 + 0x3ca76)
#2 0x00007ff9256497fc abort (libc.so.6 + 0x267fc)
#3 0x00007ff926076047 log_assert_failed (libsystemd-shared-253.so + 0x276047)
#4 0x00007ff9260ab317 strv_find (libsystemd-shared-253.so + 0x2ab317)
#5 0x0000000000405927 parse_one_option (systemd-cryptsetup + 0x5927)
#6 0x0000000000407793 parse_options (systemd-cryptsetup + 0x7793)
#7 0x000000000040fa0c run (systemd-cryptsetup + 0xfa0c)
#8 0x000000000041137f main (systemd-cryptsetup + 0x1137f)
#9 0x00007ff92564a510 __libc_start_call_main (libc.so.6 + 0x27510)
#10 0x00007ff92564a5c9 __libc_start_main@@GLIBC_2.34 (libc.so.6 + 0x275c9)
#11 0x0000000000403915 _start (systemd-cryptsetup + 0x3915)
ELF object binary architecture: AMD x86-64
|
|
|
|
No functional change.
|
|
As we use it for /var and with the default 100 MiB there's not enough
space for the journal.
|
|
|
|
No functional change.
|
|
|
|
And hide it all behind $TEST_SETUP_SWTPM.
|
