systemd - systemd

	Commit message (Collapse)	Author	Age	Files	Lines
*	treewide: fix "an" before consonant U sounds	Joerg Behrmann	2023-07-06	10	-11/+11
\| \| \| \| \| \|	The article "a" goes before consonant sounds and "an" goes before vowel sounds. This commit changes an to a for UKI, UDP, UTF-8, URL, UUID, U-Label, UI and USB, since they start with the sound /ˌjuː/.
*	tpm2-util: remove unnecessary semicolon	Antonio Alvarez Feijoo	2023-07-06	1	-1/+1
\|
*	network/json: introduce PreferredLifetimeUSec and ValidLifetimeUSec	Yu Watanabe	2023-07-06	1	-2/+4
\|
*	Merge pull request #28265 from yuwata/network-captive-portal-follow-ups	Lennart Poettering	2023-07-06	9	-136/+260
\|\ \| \| \| \|	network: several follow-ups for captive portal support
\| *	networkctl: urlify captive portal entry	Yu Watanabe	2023-07-06	1	-2/+9
\| \|
\| *	network/ndisc: downgrade log level	Yu Watanabe	2023-07-06	1	-41/+41
\| \| \| \| \| \| \| \| \| \|	The failures may be critical for per-link operation, but not critical for the service.
\| *	network: handle captive portal with multiple routers	Yu Watanabe	2023-07-06	5	-42/+144
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Before this patch, if a network has multiple routers and one of them provides a captive portal, then the portal was overwritten or cleared when another RA from another router is received. This makes captive portals managed in the similar way as DNS servers or DNS domains. So now captive portal can safely handled even if a network has multiple routers.
\| *	network: update comment	Yu Watanabe	2023-07-06	1	-2/+2
\| \|
\| *	network: introduce link_get_captive_portal()	Yu Watanabe	2023-07-06	4	-51/+66
\| \| \| \| \| \| \| \| \| \|	Then, downgrade log level of the message about mis-match of captive portals in different protocols.
* \|	service: explicitly cast float to usec_t	Lennart Poettering	2023-07-06	1	-2/+2
\| \| \| \| \| \| \| \| \| \| \| \|	Let's cast these floats explicitly to usec_t, since implicit float-to-integer casts are dangerous business, and we should underline that there's a cast happening here.
* \|	core/service: make restart delay increase more smoothly	Yu Watanabe	2023-07-06	1	-4/+10
\| \| \| \| \| \| \| \|	Suggested in https://github.com/systemd/systemd/pull/26902#issuecomment-1620400583.
* \|	Merge pull request #27713 from ddstreet/tpm2_replace_make_primary	Lennart Poettering	2023-07-06	6	-311/+710
\|\ \ \| \| \| \| \| \|	Tpm2 replace make primary
\| * \|	tpm2: remove tpm2_make_primary()	Dan Streetman	2023-07-05	1	-163/+25
\| \| \| \| \| \| \| \| \| \| \| \|	Replace use of tpm2_make_primary() with tpm2_create_loaded()
\| * \|	tpm2: move local vars in tpm2_unseal() to point of use	Dan Streetman	2023-07-05	1	-7/+6
\| \| \| \| \| \| \| \| \| \| \| \|	No functional change; cosmetic only.
\| * \|	tpm2: add tpm2_get_or_create_srk()	Dan Streetman	2023-07-05	1	-10/+231
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Add function to simplify getting the TPM SRK; if one exists, it is provided, otherwise one is created and then the new SRK provided. This also add tpm2_create_loaded() and updates tpm2_seal() to use the new functions instead of tpm2_make_primary().
\| * \|	tpm2: add tpm2_persist_handle()	Dan Streetman	2023-07-05	1	-9/+74
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Add function to convert a transient handle in the TPM into a persistent handle in the TPM.
\| * \|	tpm2: cache TPM algorithms	Dan Streetman	2023-07-05	3	-36/+62
\| \| \| \| \| \| \| \| \| \| \| \|	Cache the supported algorithms when creating a new context.
\| * \|	tpm2: cache the TPM supported commands, add tpm2_supports_command()	Dan Streetman	2023-07-05	3	-0/+72
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Cache the TPM's supported commands and provide a function to check if a command is supported.
\| * \|	basic/alloc-util: add greedy_realloc_append()	Dan Streetman	2023-07-05	3	-2/+72
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Add function to perform greedy realloc as well as copying the new data into the newly allocated space.
\| * \|	tpm2: replace tpm2_capability_pcrs() macro with direct c->capaiblity_pcrs use	Dan Streetman	2023-07-05	1	-8/+2
\| \| \|
\| * \|	tpm2: add tpm2_create()	Dan Streetman	2023-07-05	1	-39/+86
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	This allows creating a new object (e.g. sealed secret) or key using the TPM. Note that the new object/key is not loaded in the TPM after creation.
\| * \|	tpm2: replace magic number in hmac_sensitive initialization	Dan Streetman	2023-07-05	1	-1/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Instead of setting hmac_sensitive.sensitive.data.size to '32' use the actual hash size as set in the hmac_template.
\| * \|	tpm2: move local vars in tpm2_seal() to point of use	Dan Streetman	2023-07-05	1	-15/+13
\| \| \| \| \| \| \| \| \| \| \| \|	No functional change; cosmetic only.
\| * \|	tpm2: add tpm2_load_external()	Dan Streetman	2023-07-05	1	-21/+45
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	This allows loading an external object/key (e.g. an openssl public key) into the TPM.
\| * \|	tpm2: add tpm2_load()	Dan Streetman	2023-07-05	1	-24/+45
\| \|/ \| \| \| \| \| \| \| \|	This function allows loading an object (e.g. a sealed secret) or key into the TPM.
* \|	Merge pull request #28243 from bluca/sbat_initrd	Lennart Poettering	2023-07-06	2	-12/+43
\|\ \ \| \| \| \| \| \|	ukify: enable --sbat for UKIs too
\| * \|	ukify: measure sbat section too	Luca Boccassi	2023-07-05	1	-1/+1
\| \| \|
\| * \|	ukify: enable --sbat for UKIs too	Luca Boccassi	2023-07-05	2	-12/+43
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	For confidential computing they want to be able to revoke initrds too, so allow passing a specific --sbat section when building a UKI too, not just an addon. Merge it with the stub and kernel sections.
* \| \|	Merge pull request #28262 from YHNdnzj/transaction-followup	Yu Watanabe	2023-07-06	1	-22/+33
\|\ \ \ \| \|_\|/ \|/\| \|	Follow-ups for PropagatesStopTo= fix
\| * \|	core/transaction: correctly skip unneeded operations for PropagatesStopTo=	Mike Yuan	2023-07-05	1	-22/+33
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Follow-up for 48cb073db81fa73f64bc5aa9a1b81ebf627235fa Break out from LIST_FOREACH correctly if nt == JOB_NOP. Shouldn't have functional changes, just optimization.
* \| \|	update syscall tables for upcoming v254	Lennart Poettering	2023-07-05	21	-1/+22
\|/ /
* \|	Merge pull request #28258 from poettering/boot-feature-catchup	Luca Boccassi	2023-07-05	4	-49/+62
\|\ \ \| \| \| \| \| \|	sd-boot/sd-stub boot feature flag catchup
\| * \|	boot: make LoaderType enum less special	Lennart Poettering	2023-07-05	1	-3/+4
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Usually (but not always) we use uppercase type naming, and do a typedef for enums like this. Do so here too.
\| * \|	boot: rename entry_count → n_entries	Lennart Poettering	2023-07-05	1	-46/+46
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	While we don't strictly follow the rule, most of our userspace names these fields that count entries in some array n_xyz, hence let's do so in the EFI boot code too, to make things less special.
\| * \|	efi: add a bunch of reported EFI loader/stub feature flags	Lennart Poettering	2023-07-05	4	-0/+12
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	We gained a bunch of new features that deserve reporting to userspace, hence add matching flags for each. This allows userspace to determine if installing addons in the ESP even makes sense. This is inspired by a similar changes in #28057
* \| \|	Merge pull request #28255 from yuwata/sd-device-fix-clone	Luca Boccassi	2023-07-05	1	-47/+31
\|\ \ \ \| \|_\|/ \|/\| \|	sd-device: fix device_clone_with_db()
\| * \|	sd-device: do not read uevent file in device_clone_with_db()	Yu Watanabe	2023-07-05	1	-47/+31
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Follow-up for 381f6d4ba5551898e7ff19189485072b94879281. When the function is called, the device may be already removed, and another device has the same syspath. Such situation can occur when a partition removed and another is created. In that case, the sysfs paths of the removed and newly created partitions can be same, but their devnums are different, and thus the database files corresponding to the devices are also different. Fixes #27981.
* \| \|	hostname-setup: don't pass "true" to a flags parameter	Lennart Poettering	2023-07-05	1	-1/+1
\| \| \|
* \| \|	Merge pull request #28252 from yuwata/journal-open-machine	Mike Yuan	2023-07-05	6	-43/+70
\|\ \ \ \| \|_\|/ \|/\| \|	journal: introduce journal_open_machine()
\| * \|	journal-upload: add missing assertion	Yu Watanabe	2023-07-05	1	-0/+2
\| \| \|
\| * \|	journal-upload: replace deprecated sd_journal_open_container()	Yu Watanabe	2023-07-05	1	-7/+4
\| \| \|
\| * \|	journal-util: extract journal_open_machine() from journalctl	Yu Watanabe	2023-07-05	3	-30/+50
\| \| \|
\| * \|	sd-journal: introduce SD_JOURNAL_TAKE_DIRECTORY_FD flag for ↵	Yu Watanabe	2023-07-05	2	-3/+13
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	sd_journal_open_directory_fd() If it is called with the flag, then the provided file descriptor will be owned by the sd_journal object, and will be closed in sd_journal_close().
\| * \|	journal-upload: make --namespace=* work	Yu Watanabe	2023-07-05	1	-5/+3
\| \|/ \| \| \| \| \| \| \| \| \| \| \| \|	Follow-up for 9f6e0bd417fa287dd1e7b541bfe0c60f04cc29e4. Note that sd_journal_open() is a simple wrapper of sd_journal_open_namespace(), hence we can merge the two branch.
* \|	Merge pull request #26844 from YHNdnzj/propagate-stop-fixup	Lennart Poettering	2023-07-05	4	-111/+141
\|\ \ \| \| \| \| \| \|	core: introduce UNIT_ATOM_PROPAGATE_STOP_GRACEFUL for PropagatesStopTo=
\| * \|	core: introduce UNIT_ATOM_PROPAGATE_STOP_GRACEFUL for PropagatesStopTo=	Mike Yuan	2023-07-05	4	-50/+80
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Follow-up for 017a7ba4f406adcf69d6b3ec15b9f2d9ed5ad853 Before this commit, when a unit that is restarting propagates stop to other units, it can also depend on them, which results in job type conflict and thus failure to pull in the dependencies. So, let's introduce a new dependency atom UNIT_ATOM_PROPAGATE_STOP_GRACEFUL, and use it for PropagatesStopTo=. It will enqueue a restart job if there's already a start job, which meets the ultimate goal and avoids job type conflict. Fixes #26839
\| * \|	core/transaction: return early when appropriate to reduce nesting	Mike Yuan	2023-07-05	1	-93/+93
\| \|/
* \|	Merge pull request #28207 from poettering/initrd-creds	Luca Boccassi	2023-07-05	19	-123/+818
\|\ \ \| \| \| \| \| \|	various credential improvements (including initrd creds, creds in generators, fstab + getty creds)
\| * \|	import-creds: add support for binary credentials specified on the kernel cmdline	Lennart Poettering	2023-07-04	1	-4/+22
\| \| \|
\| * \|	generator: run various generators only run on the host, not in initrd	Lennart Poettering	2023-07-04	5	-2/+26
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	These 5 generators only make sense on the host,not in the initrd, hence if they end up in the initrd anyway, make them exit quickly.