| Commit message (Collapse) | Author | Files | Lines |
|
|
|
Let's not allow anyone to look into /root/ if we create it via the
base-filesystem logic. i.e. change 0755 → 0750 as default access mode
for /root/, in case we create it if it happens to be missing.
|
|
This allows growfs to expand the filesystem even when the underlying
block device cannot be expanded. This has been useful for example on
LUKS devices that have already been expanded using systemd-repart.
This works around the following error:
```
root@mobian:/home/mobian# /usr/lib/systemd/systemd-growfs /
crypt_resize() of /dev/block/179:2 failed: Operation not permitted
```
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This causes systemd-growfs to exit before resizing the partition when
`--dry-run` is passed. Resizing during a dry run of a change breaks the
users expectations.
|
|
|
|
Instead, just open the mount fd once, and then operate on fds only.
|
|
Similar to the previous commit: let's add extra safety so that we don't
issue ioctls on the wrong type of inode.
|
|
This is a simple safety check, since we shouldn't invoke ioctls on fds
without being reasonably sure they are of the right type since ioctls
are overloaded, and we might be tricked hence to execute an operation on
an fd which means something different than what we expect.
|
|
This reverts commit e73bf3425c0b5a6339388a3a459ce2bac497308b.
|
|
This reverts commit bf40417c7cbe0afb185eda97ea46395b1bb74bdf.
|
|
This reverts commit 1611606fd91648f78137e823d5cc3ac68767e4a2.
|
|
|
|
This current code checks the wrong directory. This was broken in
4c39d899ff00e90b7290e4985696f321d7f2726f which converted the previous
code incorrectly.
|
|
This new call can execute both of the old operations, but also do
generic fstatat() like behaviour.
|
|
Fixes #24003.
|
|
This fixes error in parsing message when the rapid commit option is
located at the end of the message.
Fixes an issure reported in #24002.
|
|
|
|
|
|
|
|
|
|
This effectively revert ba4c7184b320bb8698d470530d46a6c94641cc6e.
Fixes #23546.
|
|
Replaces f42d41cc5f9cd8cac538a1c30fda04d346b5bae2.
|
|
This reverts commit f42d41cc5f9cd8cac538a1c30fda04d346b5bae2.
DHCPv6 client does not require MAC address.
DHCPv4 client will be handled in a different way in a later commit.
Partially fixes #23546.
|
|
Newer binutils versions currently trigger the following warnings due to
a bug in gnu-efi
on arm64:
/usr/bin/ld.bfd: warning: src/boot/efi/systemd-bootaa64.elf has a LOAD segment with RWX permissions
on amd64:
/usr/bin/ld.bfd: warning: /usr/lib/crt0-efi-x86_64.o: missing .note.GNU-stack section implies executable stack
This results in a build failure due to --fatal-warnings.
Work around this issue by suppressing those warnings until gnu-efi has
been fixed.
See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013341
|
|
Also change the title to describe the module more comprehensively.
Follow-up for 90bc309aa2c1430941f4c50f73e681ab3e488bd3. Suggested
in https://bugzilla.redhat.com/show_bug.cgi?id=2085485#c5.
|
|
|
|
|
|
Otherwise the return value of the last command is propagated, which may
cause spurious test failures. E.g., pkill returns 1 if no process
matched, which may be a problem in cleanup session:
cleanup_session() {
...
pkill -u "$(id -u logind-test-user)"
sleep 1
pkill -KILL -u "$(id -u logind-test-user)"
}
If there are no remaining processes when the final pkill runs, it will
return 1 and therefore cleanup_session will return 1 as well.
|
|
|
|
to work around #23987.
|
|
Several DHCP client tests change the system timezone.
Let's save the current timezone at the beginning, and restore it with
the saved value at the end.
|
|
Fixes #23985.
|
|
not activated yet
If for any reason something goes wrong during the boot process (most likely due
to a network issue), system admins should be allowed to log in to the system to
debug the problem. However due to the login session barrier enforced by
systemd-user-sessions.service for all users, logins for root will be delayed
until a (dbus) timeout expires. Beside being confusing, it's not a nice user
experience to wait for an indefinite period of time (no message is shown) this
and also suggests that something went wrong in the background.
The reason of this delay is due to the fact that all units involved in the
creation of a user session are ordered after systemd-user-sessions.service,
which is subject to network issues. If root needs to log in at that time,
logind is requested to create a new session (via pam_systemd), which ultimately
ends up waiting for systemd-user-session.service to be activated. This has the
bad side effect to block login for root until the dbus call done by pam_systemd
times out and the PAM stack proceeds anyways.
To solve this problem, this patch orders the session scope units and the user
instances only after systemd-user-sessions.service for unprivileged users only.
|
|
DefaultSmackProcessLabel tells systemd what label to assign to its child
process in case SmackProcessLabel is not set in the service file. By
default, when DefaultSmackProcessLabel is not set child processes inherit
label from systemd.
If DefaultSmackProcessLabel is set to "/" (which is an invalid character
for a SMACK label) the DEFAULT_SMACK_PROCESS_LABEL set during compilation
is ignored and systemd act as if the option was unset.
|
|
|
|
Also, now that bcd.h does not depend on efi.h anymore we can now
properly include it in the test instead.
|
|
|
|
|
|
|
|
uintptr_t is the more appropriate type when casting to/from pointers.
|
|
I don't quite understand this, but '{ ! true; }' is not the same as '( ! true )'.
In interactive mode, it seems to work as expected. But in a script, it doesn't.
|