| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
So that sd_path_lookup() can be utilized to replace
duplicate functions.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
Preparation for later commits, where path-lookup would be
moved into libsystemd.
Note that it currently includes sd-id128.h, hence shared/
seems more appropriate anyway.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
boot loader specification states:
architecture: refers to the architecture this entry is for. The argument
should be an architecture identifier, using the architecture vocabulary
defined by the EFI specification (i.e. IA32, x64, IA64, ARM, AA64, …).
If specified and it does not match the local system architecture this
entry should be hidden. The comparison should be done case-insensitively.
Example: architecture aa64
https://uapi-group.org/specifications/specs/boot_loader_specification/#type-1-boot-loader-entry-keys
|
| |\
| |
| | |
various: correct laccess() error check
|
| | |
| |
| |
| | |
In order to distinguish it from libc function naming.
|
| | |
| |
| |
| | |
laccess is our own macro that uses RET_NERRNO.
|
| | |
| |
| |
| | |
We can't shortcut chaseat() if CHASE_PARENT is set.
|
| |/
|
|
|
| |
If the source is a file, don't copy the mode and such from it to
the root directory, even if the target is /.
|
| |\
| |
| | |
ukify: Rework multi-profile UKIs
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The API introduced in https://github.com/systemd/systemd/pull/34295
is less than ideal:
- It doesn't consider signing at all (ukify can't sign separately yet)
- Measurement is completely broken (all profile sections are marked to
not be measured)
- It focuses on a very niche use case of extending existing UKIs and makes
the more common use case of building a UKI with several profiles included
much harder than needed.
Let's instead rework the API to focus on the primary use case of building
a UKI with multiple profiles added to it immediately. We require the profiles
to be built upfront as separate PE binaries with UKI. There's no need to sign
or measure these, they're solely vehicles for profile sections. This saves us
from having to complicate the command line and config parsing to support defining
multiple profiles.
To add the profiles when building a UKI, we introduce the new --add-profile
switch which takes a path to a PE binary describing a profile. The required
sections are read from each PE binary, measured and added as a profile.
The integration test is disabled until the new API is merged and exposed in
mkosi so that building a UKI with profiles can be left to mkosi and the integration
test will only test the switching between profiles and not the building of UKIs
with profiles.
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| | |
sections to later extend"
This reverts commit b6570095ce889b07242d36cd05fa1d1899d0bc6c.
|
| | |
| |
| |
| | |
This reverts commit bc3e2c5a5774ae7b212817d04e04abccf30088ae.
|
| | | |
|
| | |
| |
| |
| |
| |
| | |
Avoids the need to maintain the same list over and over again, and
link it to the defition table in the implementation as a reminder
too
|
| |\ \
| |/
|/| |
Soft deprecate multiple ExecStart= command lines within a single assignment
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
ExecStart=
So far we supported this syntax:
ExecStart=foo ; bar
as equivalent to:
ExecStart=foo
ExecStart=bar
With this change we'll "soft" deprecate the first syntax. i.e. it's
still supported in code, but not documented anymore.
The concept was originally added to make things easier for 3rd party
.ini readers, as it allowed writing unit files with a .ini framework
that doesn't allow multiple assignments for the same key. But frankly,
this is kinda pointless, as so many other of our knobs require the
double assignment.
Hence, let's just stop advertising the concept, let's simplify the docs,
by removing one entirely redundant feature from it.
Replaces: #34570
|
| |\ \
| | |
| | | |
sd-varlink: maintain "more" flag support in the IDL structures
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
an explicit flag
Let's mark functions that accept the 'more' flag explicitly for that,
and validate for this explicitly.
This is preparation for
https://github.com/varlink/varlink.github.io/issues/26, if we get that
one day. Let's make sure that from day #1 we have this info available
even if we don't generate this in the IDL for now.
Also enables the two flags for all interfaces we export that use the
logic.
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Given this is supposed to be a public API now, let's add some concept
for extensions of these open-coded structures: let's make sure we have
flags fields on all structures (which we can use for extensions later).
Right now we only have this for varlink "fields" structures, this adds
the same for "symbols" and the "interface" as a whole.
There are no actual flags defined in either for now, this is just
future-safety preparation.
(But a later commit will add two flags to symbols)
|
| | |
| |
| |
| |
| |
| |
| | |
This is to ensure that the UUIDs from the CopyBlocks= devices are copied
to the corresponding new partition instead of creating a new UUID for
it. With this verity partitions can be copied, keeping their UUIDs to
ensure that they still match up with what is specified in roothash=.
|
| | |
| |
| |
| | |
Fixup for 2413a0fab4fdad7eef3ce1d4b57664be5795b002.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fixes compilation error
"""
[780/3171] /usr/bin/clang -std=gnu11 -Wno-compare-distinct-pointer-types -fno-stack-protector -O2 -target bpf -g -c -D__aarch64__ -I. -isystem /usr/include/ -idirafter /usr/include ../src/nsresourced/bpf/userns_restrict/userns-restrict.bpf.c -o src/nsresourced/bpf/userns_restrict/userns-restrict.bpf.unstripped.o -I/usr/src/kernels/6.11.1-0.hs1.hs+fb.el9.aarch64
FAILED: src/nsresourced/bpf/userns_restrict/userns-restrict.bpf.unstripped.o
/usr/bin/clang -std=gnu11 -Wno-compare-distinct-pointer-types -fno-stack-protector -O2 -target bpf -g -c -D__aarch64__ -I. -isystem /usr/include/ -idirafter /usr/include ../src/nsresourced/bpf/userns_restrict/userns-restrict.bpf.c -o src/nsresourced/bpf/userns_restrict/userns-restrict.bpf.unstripped.o -I/usr/src/kernels/6.11.1-0.hs1.hs+fb.el9.aarch64
../src/nsresourced/bpf/userns_restrict/userns-restrict.bpf.c:27:7: error: conflicting types for 'bpf_rdonly_cast'
27 | void *bpf_rdonly_cast(void *, __u32) __ksym;
| ^
/usr/src/kernels/6.11.1-0.hs1.hs+fb.el9.aarch64/vmlinux.h:143063:14: note: previous declaration is here
143063 | extern void *bpf_rdonly_cast(const void *obj__ign, u32 btf_id__k) __weak __ksym;
| ^
1 error generated.
"""
|
| | |
| |
| |
| |
| |
| | |
Add support for opening /dev/hidraw devices via logind's TakeDevice().
Same semantics as our support for evdev devices, but it requires the
HIDIOCREVOKE ioctl in the kernel.
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
IPE is a new LSM being introduced in 6.12. Like IMA, it works based on a
policy file that has to be loaded at boot, the earlier the better. So
like IMA, if such a policy is present, load it and activate it.
If there are any .p7b files in /etc/ipe/, load them as policies.
The files have to be inline signed in DER format as per IPE documentation.
For more information on the details of IPE:
https://microsoft.github.io/ipe/
|
| | |
| |
| |
| |
| | |
Otherwise when the user takes a long time to enter input the operation
to create the user's home will fail with "transport endpoint not connected".
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| | |
The latest clang has started catching more integer promotions which
cause us to pass the wrong type to printf() format specifiers so let's
fix those.
|
| |\ \
| |/
|/| |
machine: generalise logic of GetMachineAddresses/GetOsRelease to later use it in corresponding varlink interfaces
|
| | | |
|
| | |
| |
| |
| | |
interface
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Let's systematically use RTL_NOW|RLTD_NODELETE as flags passed to
dlopen(), across our codebase.
Various distros build with "-z now" anyway, hence it's weird to specify
RTLD_LAZY trying to override that (which it doesn't). Hence, let's
follow suit, and just do what everybody else does.
Also set RTLD_NODELETE, which is apparently what distros will probably
end up implying sooner or later anyway. Given that for pretty much all
our dlopen() calls we never call dlclose() anyway, let's just set this
everywhere too, to make things systematic.
This way, the flags we use by default match what distros such as fedora
do, there are no surprises, and read-only relocations can be a thing.
Fixes: #34537
|
| | |
| |
| |
| |
| | |
The CIs apparently have rally old headers, where KEY_BRIGHTNESS_AUTO is
missing, let's hence ship our own copies from a current kernel.
|
| | |
| |
| |
| | |
This reverts commit 0a40325573b91ea71070653865f7f6a9cada2bef.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
On upgrades, only the %postun scriptlets of the old package version
run. This means that any changes related to restarting daemons require
two releases before they're actually used.
%postun is used because it runs after the old package has been removed,
which is important as it means any lingering dropins from the old package
will have been removed as well.
To allow deploying fixes in just a single release while still running after
the old package has been removed, let's introduce %posttrans versions of these
scriptlets as %posttrans of the new package runs on upgrade and install after
the old package has been removed.
|
| | |
| |
| |
| | |
Signed-off-by: Daniel Dawson <danielcdawson@gmail.com>
|
| |\ \
| | |
| | | |
repart: copy denylist fixes
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | | |
If the source or target we're copying to is a subdirectory of any of the
directories specified in ExcludeFiles= or ExcludeFilesTarget=, shortcut the
entire copy operation.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This is the same as json_dispatch_user_group_name() but fills in the
string as "const char*" to the JSON field. Or in other words, it's what
sd_json_dispatch_const_string() is to sd_json_dispatch_string().
Note this drops the SD_JSON_STRICT flags from various dispatch tables
for these fields, and replaces this by SD_JSON_RELAX, i.e. the opposite
behaviour. As #34558 correctly suggests we should validate user names
in lookup functions using the lax rules, rather than the strict ones,
since clients not knowing the rules might ask us for arbitrary
resolution.
(SD_JSON_RELAX internally translates to valid_user_group_name() with the
VALID_USER_RELAX flag).
See: #34558
|
| |\ \ \
| | | |
| | | | |
ukify: Use SizeOfImage from linux image as virtual size of .linux section
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Now that we properly leave sufficient space for inline execution of
the .linux section, let's remove the special casing of the .linux
section as it doesn't need to be the last section anymore now.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The SizeOfImage is bigger than the image itself so that space is
guaranteed to be available for in place execution of the linux image. Let's
make sure we take this into account and use SizeOfImage as the section's virtual
size instead of the size of the image itself.
Fixes #34578
|
