summaryrefslogtreecommitdiffstats
path: root/src (follow)
Commit message (Collapse)AuthorAgeFilesLines
* home: Prompt for shell in homectl firstbootDaan De Meyer2024-10-021-0/+39
|
* home: Prompt for auxiliary groups in homectl firstbootDaan De Meyer2024-10-021-0/+132
|
* Move show_menu() to terminal-util.hDaan De Meyer2024-10-023-46/+48
|
* tree-wide: Fix Wformat warningsDaan De Meyer2024-10-023-3/+3
| | | | | | The latest clang has started catching more integer promotions which cause us to pass the wrong type to printf() format specifiers so let's fix those.
* Merge pull request #34546 from ikruglov/ikruglov/refactor-GetMachineAddressesDaan De Meyer2024-10-025-215/+256
|\ | | | | machine: generalise logic of GetMachineAddresses/GetOsRelease to later use it in corresponding varlink interfaces
| * machine: generalise logic GetOSRelease to later use it in varlink interfaceIvan Kruglov2024-10-013-75/+111
| |
| * machine: generalise logic GetMachineAddresses to later use it in varlink ↵Ivan Kruglov2024-10-015-140/+145
| | | | | | | | interface
* | tree-wide: always do dlopen() with RTLD_NOW + RTLD_NODELETELennart Poettering2024-10-028-11/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Let's systematically use RTL_NOW|RLTD_NODELETE as flags passed to dlopen(), across our codebase. Various distros build with "-z now" anyway, hence it's weird to specify RTLD_LAZY trying to override that (which it doesn't). Hence, let's follow suit, and just do what everybody else does. Also set RTLD_NODELETE, which is apparently what distros will probably end up implying sooner or later anyway. Given that for pretty much all our dlopen() calls we never call dlclose() anyway, let's just set this everywhere too, to make things systematic. This way, the flags we use by default match what distros such as fedora do, there are no surprises, and read-only relocations can be a thing. Fixes: #34537
* | linux: import input.h and friendsLennart Poettering2024-10-012-0/+1496
| | | | | | | | | | The CIs apparently have rally old headers, where KEY_BRIGHTNESS_AUTO is missing, let's hence ship our own copies from a current kernel.
* | Revert "Preset user units on first boot as well"Lennart Poettering2024-10-011-10/+6
| | | | | | | | This reverts commit 0a40325573b91ea71070653865f7f6a9cada2bef.
* | Add %posttrans versions of the systemd %postun scriptletsDaan De Meyer2024-10-011-0/+32
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | On upgrades, only the %postun scriptlets of the old package version run. This means that any changes related to restarting daemons require two releases before they're actually used. %postun is used because it runs after the old package has been removed, which is important as it means any lingering dropins from the old package will have been removed as well. To allow deploying fixes in just a single release while still running after the old package has been removed, let's introduce %posttrans versions of these scriptlets as %posttrans of the new package runs on upgrade and install after the old package has been removed.
* | systemd-integritysetup: accept integrity-algorithm=xxhash64Daniel Dawson2024-10-011-1/+1
| | | | | | | | Signed-off-by: Daniel Dawson <danielcdawson@gmail.com>
* | Merge pull request #34582 from DaanDeMeyer/repartDaan De Meyer2024-10-011-0/+55
|\ \ | | | | | | repart: copy denylist fixes
| * | repart: Apply denylist to individual files as wellDaan De Meyer2024-09-301-0/+47
| | |
| * | repart: Shortcut copy if source or target starts with exclude pathDaan De Meyer2024-09-301-0/+8
| | | | | | | | | | | | | | | | | | If the source or target we're copying to is a subdirectory of any of the directories specified in ExcludeFiles= or ExcludeFilesTarget=, shortcut the entire copy operation.
* | | json: add json_dispatch_const_user_group_name()Lennart Poettering2024-10-017-48/+70
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is the same as json_dispatch_user_group_name() but fills in the string as "const char*" to the JSON field. Or in other words, it's what sd_json_dispatch_const_string() is to sd_json_dispatch_string(). Note this drops the SD_JSON_STRICT flags from various dispatch tables for these fields, and replaces this by SD_JSON_RELAX, i.e. the opposite behaviour. As #34558 correctly suggests we should validate user names in lookup functions using the lax rules, rather than the strict ones, since clients not knowing the rules might ask us for arbitrary resolution. (SD_JSON_RELAX internally translates to valid_user_group_name() with the VALID_USER_RELAX flag). See: #34558
* | | Merge pull request #34583 from DaanDeMeyer/ukifyDaan De Meyer2024-09-301-19/+16
|\ \ \ | | | | | | | | ukify: Use SizeOfImage from linux image as virtual size of .linux section
| * | | ukify: Remove special casing for .linux sectionDaan De Meyer2024-09-301-21/+11
| | | | | | | | | | | | | | | | | | | | | | | | Now that we properly leave sufficient space for inline execution of the .linux section, let's remove the special casing of the .linux section as it doesn't need to be the last section anymore now.
| * | | ukify: Use SizeOfImage from linux image as virtual size of .linux sectionDaan De Meyer2024-09-301-2/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The SizeOfImage is bigger than the image itself so that space is guaranteed to be available for in place execution of the linux image. Let's make sure we take this into account and use SizeOfImage as the section's virtual size instead of the size of the image itself. Fixes #34578
| * | | ukify: Drop unused size() methodDaan De Meyer2024-09-301-3/+0
| |/ /
* | | Merge pull request #34564 from YHNdnzj/systemctl-status-job-idMike Yuan2024-09-304-15/+20
|\ \ \ | | | | | | | | systemctl: also show job id in status output
| * | | systemctl: also show job id in status outputMike Yuan2024-09-261-0/+6
| | | | | | | | | | | | | | | | Prompted by one ASG talk ;)
| * | | shared/bus-map-properties: move bus_map_job_id() from wait-for-unitsMike Yuan2024-09-263-15/+14
| |/ /
* | | Merge pull request #34508 from intelfx/work/fix-io-reportingMike Yuan2024-09-304-10/+18
|\ \ \ | | | | | | | | core/cgroup: cache IO accounting data when pruning a cgroup
| * | | core/cgroup: cache IO accounting data when pruning a cgroupIvan Shapovalov2024-09-231-3/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When removing a cgroup in unit_prune_cgroup(), read IO metrics to cache them similar to the existing treatment of the CPU and memory usage data. Note that we do not do this for the IP metrics as the firewall objects are only destroyed in unit_free() and thus stay alive long enough to be read out directly by all interested parties. Fixes #26988.
| * | | core/cgroup: drop `allow_cache` parameter in `unit_get_io_accounting()`Ivan Shapovalov2024-09-214-7/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | The name of the parameter is misleading and it does not save us much work because it is not used during regular unit property queries. It is only used during unit_log_resources(), and the cgroup is already dead by that point so it won't be read anyway.
* | | | tpm2-util: show loaded libraries in 'systemd-analyze has-tpm2'Yu Watanabe2024-09-302-21/+64
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | After 3b16e9f41983f697bc38c40bb8e7119c1bb4f7c8, even the libraries are documented in the man page, it is useful to mention which libraries are checked in the command output. Of course, the dependencies are kind of implementation detail, and may be changed in the future version, but that's especially why I think showing the library deps in the output is useful. systemd-analyze is a debugging tool, and already shows many internal states. I think there is nothing to prevent from showing the deps. Prompted by #34477.
* | | | logind-dbus: really cancel scheduled shutdownDavid Tardon2024-09-301-3/+3
| | | | | | | | | | | | | | | | Fixes #34554
* | | | Merge pull request #34572 from keszybz/fix-printing-of-RootImageOptionsZbigniew Jędrzejewski-Szmek2024-09-283-7/+35
|\ \ \ \ | | | | | | | | | | Fix printing of RootImageOptions
| * | | | shared: adjust whitespace and formattingZbigniew Jędrzejewski-Szmek2024-09-273-7/+12
| | | | |
| * | | | systemctl: fix printing of RootImageOptionsZbigniew Jędrzejewski-Szmek2024-09-271-0/+23
| | |/ / | |/| | | | | | | | | | | | | | | | | | The type is a(ss), so a custom printer is required. Fixes https://github.com/systemd/systemd/issues/33967.
* | | | Merge pull request #34548 from SimonPilkington/fix-creds-catMike Yuan2024-09-271-1/+5
|\ \ \ \ | |_|_|/ |/| | | creds: fix cat with encrypted credentials
| * | | creds: fix cat with encrypted credentialsSimon Pilkington2024-09-251-1/+5
| |/ / | | | | | | | | | Fixes: https://github.com/systemd/systemd/issues/34547
* / / seccomp-util: include @sandbox in @defaultMickaël Salaün2024-09-272-1/+1
|/ / | | | | | | | | | | | | | | | | | | Every services and containers should be able to protect their users and limit the impact of security bugs thanks to the security syscalls provided by seccomp and Landlock. The goal of these syscalls is to improve security with additional restrictions. They are designed to be safely used by unprivileged (and then potentially malicious) users. Remove the now-redundant "seccomp" entry for nspawn.
* | repart: Determine verity sig size based on partition designatorDaan De Meyer2024-09-241-1/+1
| | | | | | | | | | | | Verity= is an image build concept, not a first boot concept, whereas a partition designator is always available, so let's do the size stuff based on that.
* | repart: Use swap format for swap partition even if encryptedDaan De Meyer2024-09-231-3/+3
| |
* | repart: Add a log message when we're about to fsync().Daan De Meyer2024-09-231-0/+2
| |
* | Preset user units on first boot as wellDaan De Meyer2024-09-211-6/+10
| | | | | | | | | | | | We need to make sure the presets from /usr/lib/systemd/user-preset are applied as well. Currently only the ones from /usr/lib/systemd/system-preset are applied.
* | Merge pull request #34511 from YHNdnzj/strv-extend-strv-consumeYu Watanabe2024-09-2129-187/+236
|\ \ | | | | | | basic/strv: introduce strv_extend_strv_consume()
| * | tree-wide: use strv_extend_strv_consume() where appropriateMike Yuan2024-09-2120-111/+52
| | |
| * | basic/strv: introduce strv_extend_strv_consume()Mike Yuan2024-09-213-5/+104
| | |
| * | basic/strv: make string_strv_hash_ops static, add missing assertionsMike Yuan2024-09-202-3/+15
| | |
| * | shared/bus-map-properties: modernize map_basic() and bus_map_strv_sort()Mike Yuan2024-09-201-29/+23
| | |
| * | basic/memory-util: make mempcpy_typesafe() take number of obj rather than ↵Mike Yuan2024-09-201-1/+6
| | | | | | | | | | | | | | | | | | raw size Follow-up for eda6223942a172fa6777901cf5fbd47438f285ce
| * | basic: replace size_multiply_overflow() with MUL_ASSIGN_SAFE where applicableMike Yuan2024-09-203-25/+23
| | |
| * | basic/macro: move DECIMAL_STR_FMT to shared/testsMike Yuan2024-09-202-13/+13
| | | | | | | | | | | | This shall never be used outside of test functions.
* | | Merge pull request #34502 from yuwata/strv_find_closestYu Watanabe2024-09-216-84/+109
|\ \ \ | | | | | | | | strv: introduce strv_find_closest()
| * | | verbs: use strv_find_closest()Yu Watanabe2024-09-202-74/+43
| | | | | | | | | | | | | | | | This also makes the list of verbs is always shown on failure.
| * | | strv: introduce strv_find_closest()Yu Watanabe2024-09-204-10/+66
| | |/ | |/| | | | | | | Follow-up for 1e1ac5d53b0f126b6c4419506c7c42b67c07537f.
* | | machined-dbus: move manager_add_machine() and _get_machine_by_pid() to -coreMike Yuan2024-09-212-51/+53
| | |