summaryrefslogtreecommitdiffstats
path: root/src/run-generator (unfollow)
Commit message (Collapse)AuthorFilesLines
2024-10-02home: Prompt for auxiliary groups in homectl firstbootDaan De Meyer1-0/+132
2024-10-02Move show_menu() to terminal-util.hDaan De Meyer3-46/+48
2024-10-02mkosi: Stop installing bpftraceDaan De Meyer1-1/+0
bpftrace nudges the Fedora Rawhide images towards compiler-rt18 while the sanitizer builds pull in clang19, leading to the sanitizer libraries not being found at runtime. Let's drop bpftrace for now so that compiler-rt19 is pulled in in the main image.
2024-10-02mkosi: Pass ASAN_OPTIONS to subimagesDaan De Meyer1-0/+1
systemd built with sanitizers is installed in subimages and tools might get invoked in postinstall scripts so we have to disable ASAN in the subimages as well during the image build.
2024-10-02mkosi: Don't sync if the packaging specs repo is dirtyDaan De Meyer1-0/+4
2024-10-02tree-wide: Fix Wformat warningsDaan De Meyer3-3/+3
The latest clang has started catching more integer promotions which cause us to pass the wrong type to printf() format specifiers so let's fix those.
2024-10-02tree-wide: always do dlopen() with RTLD_NOW + RTLD_NODELETELennart Poettering8-11/+10
Let's systematically use RTL_NOW|RLTD_NODELETE as flags passed to dlopen(), across our codebase. Various distros build with "-z now" anyway, hence it's weird to specify RTLD_LAZY trying to override that (which it doesn't). Hence, let's follow suit, and just do what everybody else does. Also set RTLD_NODELETE, which is apparently what distros will probably end up implying sooner or later anyway. Given that for pretty much all our dlopen() calls we never call dlclose() anyway, let's just set this everywhere too, to make things systematic. This way, the flags we use by default match what distros such as fedora do, there are no surprises, and read-only relocations can be a thing. Fixes: #34537
2024-10-01build(deps): bump systemd/mkosidependabot[bot]1-1/+1
Bumps [systemd/mkosi](https://github.com/systemd/mkosi) from 2c9954fa51a3a995bbdc02db6ef51f5bd27bc1ba to 3454f7bd4ef0336ec80a117d593baaef0fe53398. - [Release notes](https://github.com/systemd/mkosi/releases) - [Commits](https://github.com/systemd/mkosi/compare/2c9954fa51a3a995bbdc02db6ef51f5bd27bc1ba...3454f7bd4ef0336ec80a117d593baaef0fe53398) --- updated-dependencies: - dependency-name: systemd/mkosi dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
2024-10-01bpf: fix cross build failure on DebianHelmut Grohne1-8/+15
For compiling bpf code, the system include directory needs to be constructed. On Debian-like systems, this requires passing a multiarch directory. Since clang's -dump-machine prints something other that the multiarch triplet, gcc was interrogated earlier, but that also yields a wrong result for cross compilation and was thus skipped resulting in clang not finding asm/types.h. Rather than, -dump-machine we should ask for -print-multiarch (which rarely differs). Whenever gcc is in use, this is right (even for cross building). Since clang does not support -print-multiarch and its -dump-machine never matches Debian's multiarch, we resort to asking gcc when building natively. For cross builds using clang, we are out of luck.
2024-10-01machine: generalise logic GetOSRelease to later use it in varlink interfaceIvan Kruglov3-75/+111
2024-10-01machine: generalise logic GetMachineAddresses to later use it in varlink ↵Ivan Kruglov5-140/+145
interface
2024-10-01hwbd: use newer KEY_PICKUP_PHONE, KEY_HANGUP_PHONE, ↵Lennart Poettering1-10/+10
KEY_SELECTIVE_SCREENSHOT, KEY_NOTIFICATION_CENTER keycodes where appropriate According to kernel commit cd80ec795156346236e9b1cd9f5cbff5a9bbd212 these were added expressly for these thinkpads, hence use them now.
2024-10-01hwdb: use KEY_ROTATE_DISPLAY for various cases of display rotation keysLennart Poettering1-7/+7
The keycode is reletively new. Let's fix some "FIXMEs" and actually make use of the keycode wherever it appears appropriate according to commentary.
2024-10-01hwdb: there's KEY_BRIGHTNESS_AUTO these days, hence hook it up where a FIXME ↵Lennart Poettering1-4/+4
suggests that
2024-10-01hwdb: make key map match comment for one laptopLennart Poettering1-1/+1
No idea what the right fix is here, the commnt says "touchpad off" but uses "f22" which is touchpad "on". let's trust the comment, because it's more literal, and assume this was a mistake.
2024-10-01linux: import input.h and friendsLennart Poettering2-0/+1496
The CIs apparently have rally old headers, where KEY_BRIGHTNESS_AUTO is missing, let's hence ship our own copies from a current kernel.
2024-10-01Revert "Preset user units on first boot as well"Lennart Poettering2-13/+6
This reverts commit 0a40325573b91ea71070653865f7f6a9cada2bef.
2024-10-01update TODOLennart Poettering1-0/+4
2024-10-01Update sd_bus_message_append_array.xmlMarcel Hellwig1-1/+1
fix pointer constness in documentation
2024-10-01build(deps): bump actions/checkout from 4.1.7 to 4.2.0dependabot[bot]12-12/+12
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.7 to 4.2.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/692973e3d937129bcbf40652eb9f2f61becf3332...d632683dd7b4114ad314bca15554477dd762a938) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
2024-10-01build(deps): bump github/codeql-action from 3.25.15 to 3.26.10dependabot[bot]2-4/+4
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.15 to 3.26.10. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/afb54ba388a7dca6ecae48f608c4ff05ff4cc77a...e2b3eafc8d227b0241d48be5f425d47c2d750a13) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
2024-10-01build(deps): bump meson from 1.5.1 to 1.5.2 in /.github/workflowsdependabot[bot]1-3/+3
Bumps [meson](https://github.com/mesonbuild/meson) from 1.5.1 to 1.5.2. - [Release notes](https://github.com/mesonbuild/meson/releases) - [Commits](https://github.com/mesonbuild/meson/compare/1.5.1...1.5.2) --- updated-dependencies: - dependency-name: meson dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
2024-10-01Add %posttrans versions of the systemd %postun scriptletsDaan De Meyer1-0/+32
On upgrades, only the %postun scriptlets of the old package version run. This means that any changes related to restarting daemons require two releases before they're actually used. %postun is used because it runs after the old package has been removed, which is important as it means any lingering dropins from the old package will have been removed as well. To allow deploying fixes in just a single release while still running after the old package has been removed, let's introduce %posttrans versions of these scriptlets as %posttrans of the new package runs on upgrade and install after the old package has been removed.
2024-10-01systemd-integritysetup: accept integrity-algorithm=xxhash64Daniel Dawson3-3/+3
Signed-off-by: Daniel Dawson <danielcdawson@gmail.com>
2024-10-01json: add json_dispatch_const_user_group_name()Lennart Poettering7-48/+70
This is the same as json_dispatch_user_group_name() but fills in the string as "const char*" to the JSON field. Or in other words, it's what sd_json_dispatch_const_string() is to sd_json_dispatch_string(). Note this drops the SD_JSON_STRICT flags from various dispatch tables for these fields, and replaces this by SD_JSON_RELAX, i.e. the opposite behaviour. As #34558 correctly suggests we should validate user names in lookup functions using the lax rules, rather than the strict ones, since clients not knowing the rules might ask us for arbitrary resolution. (SD_JSON_RELAX internally translates to valid_user_group_name() with the VALID_USER_RELAX flag). See: #34558
2024-09-30update TODOLennart Poettering1-1/+20
2024-09-30ukify: Remove special casing for .linux sectionDaan De Meyer1-21/+11
Now that we properly leave sufficient space for inline execution of the .linux section, let's remove the special casing of the .linux section as it doesn't need to be the last section anymore now.
2024-09-30ukify: Use SizeOfImage from linux image as virtual size of .linux sectionDaan De Meyer1-2/+12
The SizeOfImage is bigger than the image itself so that space is guaranteed to be available for in place execution of the linux image. Let's make sure we take this into account and use SizeOfImage as the section's virtual size instead of the size of the image itself. Fixes #34578
2024-09-30tpm2-util: show loaded libraries in 'systemd-analyze has-tpm2'Yu Watanabe3-22/+68
After 3b16e9f41983f697bc38c40bb8e7119c1bb4f7c8, even the libraries are documented in the man page, it is useful to mention which libraries are checked in the command output. Of course, the dependencies are kind of implementation detail, and may be changed in the future version, but that's especially why I think showing the library deps in the output is useful. systemd-analyze is a debugging tool, and already shows many internal states. I think there is nothing to prevent from showing the deps. Prompted by #34477.
2024-09-30logind-dbus: really cancel scheduled shutdownDavid Tardon1-3/+3
Fixes #34554
2024-09-30ukify: Drop unused size() methodDaan De Meyer1-3/+0
2024-09-30repart: Apply denylist to individual files as wellDaan De Meyer1-0/+47
2024-09-30repart: Shortcut copy if source or target starts with exclude pathDaan De Meyer1-0/+8
If the source or target we're copying to is a subdirectory of any of the directories specified in ExcludeFiles= or ExcludeFilesTarget=, shortcut the entire copy operation.
2024-09-27shared: adjust whitespace and formattingZbigniew Jędrzejewski-Szmek3-7/+12
2024-09-27systemctl: fix printing of RootImageOptionsZbigniew Jędrzejewski-Szmek1-0/+23
The type is a(ss), so a custom printer is required. Fixes https://github.com/systemd/systemd/issues/33967.
2024-09-27seccomp-util: include @sandbox in @defaultMickaël Salaün2-1/+1
Every services and containers should be able to protect their users and limit the impact of security bugs thanks to the security syscalls provided by seccomp and Landlock. The goal of these syscalls is to improve security with additional restrictions. They are designed to be safely used by unprivileged (and then potentially malicious) users. Remove the now-redundant "seccomp" entry for nspawn.
2024-09-26man: fix formatting in file-hierarchyZbigniew Jędrzejewski-Szmek1-3/+4
Somebody wrapped the text, but whitespace is preserved in <programlisting>, so the output was mangled. It also doesn't make sense to run systemd-path as root (as indicated by '#'), so drop that. Also, this chunk should be a separate paragraph.
2024-09-26systemctl: also show job id in status outputMike Yuan1-0/+6
Prompted by one ASG talk ;)
2024-09-26shared/bus-map-properties: move bus_map_job_id() from wait-for-unitsMike Yuan3-15/+14
2024-09-25mkosi: update arch commit referenceDaan De Meyer1-1/+1
* d5a2dc54da Use vmlinux.h from linux-headers * 59912d804f update checksums... * 83edb5244e build: set ssh privsep dir to /usr/share/empty.sshd * 65363cc5ba build: explicitly enable vmlinux-h=generated * 14e6d27dd4 build: drop deprecated default-hierarchy option * 81e7545ca3 systemd.install: stop applying ACL ourselves * 147c214201 systemd-hook: use systemd-notify --booted to detect if systemd is running * 010bc3c05c upgpkg: 256.6-1: new upstream release
2024-09-25Fix reference to FileDescriptorStoreMax= directiveNils K1-1/+1
2024-09-25NEWS: Document change to systemd-creds 'cat' verbSimon Pilkington1-1/+6
See: https://github.com/systemd/systemd/pull/34548
2024-09-25machine: resolve race condition in TEST-13-NSPAWN.machinectl.shIvan Kruglov1-0/+9
I encountered this race condition while working on TEST-13-NSPAWN.varlinkctl.sh. The long-running machine's init script sometimes does not have time to start and register signals. As result, occasiounally failed tests.
2024-09-25creds: fix cat with encrypted credentialsSimon Pilkington2-3/+7
Fixes: https://github.com/systemd/systemd/issues/34547
2024-09-25TODO: add one more systemctl rfeZbigniew Jędrzejewski-Szmek1-2/+6
2024-09-25po: Translated using Weblate (Portuguese (Brazil))Fábio Rodrigues Ribeiro1-8/+10
Currently translated at 97.2% (246 of 253 strings) po: Translated using Weblate (Portuguese (Brazil)) Currently translated at 96.0% (243 of 253 strings) Co-authored-by: Fábio Rodrigues Ribeiro <farribeiro@gmail.com> Translate-URL: https://translate.fedoraproject.org/projects/systemd/main/pt_BR/ Translation: systemd/main
2024-09-25po: Translated using Weblate (Portuguese (Brazil))Gabriel Elyas1-78/+76
Currently translated at 96.0% (243 of 253 strings) po: Translated using Weblate (Portuguese (Brazil)) Currently translated at 89.3% (226 of 253 strings) Co-authored-by: Gabriel Elyas <gabrielelyas@protonmail.com> Translate-URL: https://translate.fedoraproject.org/projects/systemd/main/pt_BR/ Translation: systemd/main
2024-09-24units: Order ldconfig after systemd-tmpfiles-setup.serviceDaan De Meyer1-2/+3
tmpfiles might be linking the configuration for ldconfig into /etc so make sure it runs after it so that the configuration is guaranteed to be in place.
2024-09-24repart: Determine verity sig size based on partition designatorDaan De Meyer1-1/+1
Verity= is an image build concept, not a first boot concept, whereas a partition designator is always available, so let's do the size stuff based on that.
2024-09-23core/cgroup: cache IO accounting data when pruning a cgroupIvan Shapovalov1-3/+15
When removing a cgroup in unit_prune_cgroup(), read IO metrics to cache them similar to the existing treatment of the CPU and memory usage data. Note that we do not do this for the IP metrics as the firewall objects are only destroyed in unit_free() and thus stay alive long enough to be read out directly by all interested parties. Fixes #26988.