| Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
Previously, we'd refuse the combination, and claimed we'd imply it, but
actually didn't. Let's allow the combination and imply read-only from
--volatile=, because that's what's documented, what we claim we do, and
what makes sense.
|
|
|
|
dissected an image
|
|
Let's first setup the volatile logic, and only then mount secondary
partitions of the image in.
|
|
Fixes: #11054 #3847
|
|
|
|
Just some refactoring, no change in behaviour.
|
|
Previously this would fail later on, but let's filter this out at the
time of parsing.
|
|
This was apparently left-over when json_buildv() was added, and
json_build() just became a wrapper for it.
|
|
Run build/test in LXC for now, as full nested QEMU is too brittle right
now: https://github.com/semaphoreci/semaphore/issues/37
But this at least runs some tests. It ensures that systemd generally
works in containers, as well as provides some backup results if the main
Ubuntu CI is down.
|
|
|
|
In [PR#11696][1] it came up that the formatting of continued arguments should
follow the default Emacs style. To ensure this happens when someone has changed
his setting in her private config, the value should be set by *dir-locals.el*.
[1]: https://github.com/systemd/systemd/pull/11696#pullrequestreview-205463987
|
|
Add magic string and enumeration for the ACRN hypervisor
(https://projectacrn.org).
|
|
The asserts are OK, but it's also nice to see the list by eye.
|
|
zone1970.tab was added in that version. Not that it makes sense to use
outdata timezone tables, but people do strange things.
C.f. https://github.com/nodatime/nodatime/issues/319.
|
|
|
|
When systemd retrieve the time zone it read what is in the file
/usr/share/zoneinfo/zone.tab provided by the Time Zone Database.
According to the comments in zone.tab its content is for backward-
compatibility aid for older programs. New programs should use
zone1970.tab. This patch replaces zone.tab with zone1970.tab.
|
|
Apparently this happens IRL. Let's carefully deal with issues like this:
when we overrun, let's not go back to zero but instead leave the highest
cookie bit set. We use that as indication that we are in "overrun
territory", and then are particularly careful with checking cookies,
i.e. that they haven't been used for still outstanding replies yet. This
should retain the quick cookie generation behaviour we used to have, but
permits dealing with overruns.
Replaces: #11804
Fixes: #11809
|
|
Follow-up for bd62b7448623fbe36665e089977731efb55524c0.
|
|
Those bugs were fixed a long time ago. Let's take advantage of this and use the
usual $() syntax.
|
|
CID#996458. Coverity warns that we trust desc->bLength as read in
the input data to adjust our position in the buffer. This value could
be anything, leading to overflow. It's unlikely that the kernel feeds
us invalid data, but let's me more careful.
If any error is encountered, more logs are given.
|
|
|
|
Coverity says:
> Pointer to local outside scope (RETURN_LOCAL)9.
> use_invalid: Using dirs, which points to an out-of-scope temporary variable of type char const *[5].
And indeed, the switch statement forms a scope. Let's use an if to
avoid creating a scope.
|
|
Hopefully fixes oss-fuzz#13440.
|
|
|
|
|
|
Otherwise, if HomeAddress= or friends are specified at the first line of
a section, then its assignment will be ignored.
|
|
|
|
|
|
|
|
And warn about that.
But this only done if GatewayOnLink= is not specified. When it is
explicitly disabled, then the flag will not be set.
|
|
This should not change any behavior. But used in the later commit.
|
|
Previously, if a .networ file contains invalid [Address] or [Route]
section, then the file is completely dropped. This makes networkd
just drops invalid sections.
|
|
But still GatewayOnlink= is supported for backward compatibility.
|
|
This test exposes a race condition when running in LXC, see issue #11848
for details. Until that is understood and fixed, skip the test as it's
not a recent regression.
|
|
This avoids a warning:
An address '192.168.42.100' is specified without prefix length. The
behavior of parsing addresses without prefix length will be changed
in the future release. Please specify prefix length explicitly.
|
|
This provides easier evaluation of failed tests.
|
|
The option cursor-file takes a filename as argument. If the file exists and
contains a valid cursor, this is used to start the output after this position.
At the end, the last cursor gets written to the file.
This allows for an easy implementation of a timer that regularly looks in the
journal for some messages.
journalctl --cursor-file err-cursor -b -p err
journalctl --cursor-file audit-cursor -t audit --grep DENIED
Or you might want to walk the journal in steps of 10 messages:
journalctl --cursor-file ./curs -n10 --since=today -t systemd
|
|
|
|
This test case is a bit silly, but it shows that our code is unprepared to
handle so many network servers, with quadratic complexity in various places.
I don't think there are any valid reasons to have hundres of NTP servers
configured, so let's just emit a warning and cut the list short.
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13354
|
|
hashmap_put() returns 0 if the (key, value) pair is already present in the
hashmap, and -EEXIST if the key exists, but the value is different.
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13433
|
|
|
|
Previously we logged even info message from libselinux as USER_AVC's to
audit. For example, setting SELinux to permissive mode generated
following audit message,
time->Tue Feb 26 11:29:29 2019
type=USER_AVC msg=audit(1551198569.423:334): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: received setenforce notice (enforcing=0) exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
This is unnecessary and wrong at the same time. First, kernel already
records audit event that SELinux was switched to permissive mode, also
the type of the message really shouldn't be USER_AVC.
Let's ignore SELINUX_WARNING and SELINUX_INFO and forward to audit only
USER_AVC's and errors as these two libselinux message types have clear
mapping to audit message types.
|
|
|
|
|
|
|
|
|
|
|
|
And its caller ignore the error.
|
