| Commit message (Collapse) | Author | Files | Lines |
|---|
|
In https://bugzilla.redhat.com/show_bug.cgi?id=2322937 we're getting
an error message:
Okt 29 22:21:03 fedora systemd-resolved[29311]: Could not create manager: Cannot allocate memory
I expect that this actually comes from dnstls_manager_init(), the
openssl version. But without real logs it's hard to know for sure.
Use EIO instead of ENOMEM, because the problem is unlikely to be actually
related to memory.
|
|
We need a sensible limit on the number of Encrypted DNS options allowed
so that the set of resolvers per link does not grow without bound.
Fixes: 0c90d1d2f243 ("ndisc: Parse RFC9463 encrypted DNS (DNR) option")
|
|
This should catch compilation issues such as:
https://github.com/systemd/systemd/pull/35014
|
|
2024-11-04T20:13:17.3258095Z + for loader in build/src/boot/efi/*{.efi,.efi.stub}
2024-11-04T20:13:17.3258275Z ++ sbverify --list 'build/src/boot/efi/*.efi'
2024-11-04T20:13:17.3258525Z + [[ Error reading file build/src/boot/efi/*.efi: No such file or directory
2024-11-04T20:13:17.3258952Z Can't open image build/src/boot/efi/*.efi != \N\o\ \s\i\g\n\a\t\u\r\e\ \t\a\b\l\e\ \p\r\e\s\e\n\t ]]
|
|
|
|
This allows a single tmpfiles snippet with lines to symlink directories
from /usr/share/factory to be shared across many different configurations
while making sure symlinks only get created if the source actually exists.
|
|
KeepConfiguration=dhcp or dhcp-on-stop already violate RFC. It is not
necessary to honor the RFC about sending decline message on stop.
|
|
They will be used in another file in a later commit.
|
|
This also fixes the position of the logging "Enumeration completed.",
and downgrade its log level.
|
|
We enumerate interfaces at first, then enumerate other configurations
like addresses and so on. If we are running on a container, previously
we started to configure the enumerated interfaces before enumerating other
configurations.
Let's configure interfaces after all configurations are enumerated.
|
|
|
|
It is currently unused, but will be used later.
Preparation for later commits.
|
|
|
|
|
|
It will be used in a later commit.
|
|
|
|
|
|
|
|
All other tools (sbsigntools, osslsigncode, sbctl, goblin) do this
as well so let's follow suite.
|
|
log_info appears to be the preferred method to convey information from
tests. Convert all the printfs to log_info to follow this standard.
|
|
|
|
The previous commit removed the UINT_MAX check for the fd array. Let's
now re-add one, but at a better place, and with a more useful limit. As
it turns out the kernel does not allow passing more than 253 fds at the
same time, hence use that as limit. And do so immediately before
calculating the control buffer size, so that we catch multiplication
overflows.
|
|
|
|
Let's move the helper from nss-resolve.c to generic code, as it's going
to be useful in #34640.
Also, let's tighten the rules, and refuse negative ifindexes, because
they are invalid.
|
|
We fucked that up in the original sd_listen() calls, and then we fixed
that on the newer flavours. But pour internal common implementation
should of course use the full range size_t, as it should be.
This then allows us to drop a redundant range check.
|
|
|
|
This cleans up the handling of the "unset_environment" parameter to
sd_listen() and related calls: the man pages claim we operate on it on
error too. Hence, actually do so in strictly all error paths. Previously
we'd miss out on some, because wrapper functions mishandled them.
This was addressed before in 362dcfc5db0271cd6b3a564c528cabf0ac0e7993
but some codepaths were missed. Complete the work now.
This establishes a common pattern: a function to unset the relevant env
vars, that is called from a goto section at the botom on both success
and failure.
|
|
|
|
Some kernel SAS drivers (e.g. smartpqi) expose ports with num_phys = 0. udev
shouldn't treat these ports as wide ports. SAS wide ports always have
num_phys > 1. See comments for sas_port_add_phy() in the kernel sources.
Sample data from a smartpqi system to illustrate the issue below.
Here the phy device is attached to port 0:0, which has no end devices attached
and the SAS end device (where sda is attached) is associated with SAS
port 0:1, which has no associated phy device. Thus num_phys for port-0:1 is 0.
This is arguably wrong, but it's how smartpqi has always set up its devices in
sysfs.
/sys/class/sas_phy/phy-0:0 -> ../../devices/pci0000:46/0000:46:02.0/0000:47:00.0/host0/scsi_host/host0/phy-0:0/sas_phy/phy-0:0
/sys/devices/pci0000:46/0000:46:02.0/0000:47:00.0/host0/scsi_host/host0/port-0:0/phy-0:0 -> ../phy-0:0
/sys/devices/pci0000:46/0000:46:02.0/0000:47:00.0/host0/scsi_host/host0/phy-0:0/port -> ../port-0:0
/sys/class/sas_device/end_device-0:1 -> ../../devices/pci0000:46/0000:46:02.0/0000:47:00.0/host0/scsi_host/host0/port-0:1/end_device-0:1/sas_device/end_device-0:1
/sys/class/block/sda -> ../../devices/pci0000:46/0000:46:02.0/0000:47:00.0/host0/scsi_host/host0/port-0:1/end_device-0:1/target0:0:0/0:0:0:0/block/sda
Signed-off-by: Martin Wilck <mwilck@suse.com>
|
|
When specified, bootctl install will also set up secure boot
auto-enrollment. For now, We sign all variables using the same
certificate and key pair.
|
|
In mkosi, we want to support signing via a hardware token. We already
support this in systemd-repart and systemd-measure. However, if the
hardware token is protected by a pin, the pin is asked as many as 20
times when building an image as the pin is not cached and thus requested
again for every operation.
Let's introduce a custom openssl ui when we use engines and providers
and plug systemd-ask-password into the process. With systemd-ask-password,
the pin can be cached in the kernel keyring, allowing us to reuse it without
querying the user again every time to enter the pin.
We use the private key URI as the keyring identifier so that the cached pin
can be shared across multiple tools.
Note that if the private key is pin protected, openssl will prompt both when
loading the private key using the pkcs11 engine and when actually signing the
roothash. To make sure our custom UI is used when signing the roothash, we have
to also configure it with ENGINE_ctrl() which takes a non-owning pointer to
the UI_METHOD object and its userdata object which we have to keep alive so we
introduce a new AskPasswordUserInterface struct which we use to keep both objects
alive together with the EVP_PKEY object.
Because the AskPasswordRequest struct stores non-owning pointers to its fields,
we change repart to store the private key URI as a global variable again instead
of the EVP_PKEY object so that we can use the private key argument as the keyring
field of the AskPasswordRequest instance without running into lifetime issues.
|
|
No functional change, at least now. Preparation for later commits.
But we are planning to extend KeepConfiguration= and also keep
addresses and so on assigned by other dynamic configuration protocol
like DHCPv6 or NDisc.
However, when link_free_engines() is called here, acquired addresses so
on by NDisc will be removed, even if link_stop_engines() handles
restarting networkd or KeepConfiguration= gracefully.
So, let's not free engines here, but free them later in link_free().
It is not necessary to be called here anyway.
|
|
In that case, requests will never be processed anyway. But further more,
we cannot call link_ref() at that stage. Otherwise, we trigger assertion.
|
|
The names of these conflict with macros from efi.h that we'll move
to efi-fundamental.h in a later commit. Let's avoid the conflict by
getting rid of these helpers. Arguably this also improves readability
by clearly indicating we're passing arbitrary strings and not constants
to the macros when we invoke them.
|
|
Currently ask_password_auto() will always try to store the password into
the user keyring. Let's make this configurable so that we can configure
ask_password_auto() into the session keyring. This is required when working
with user namespaces, as the user keyring is namespaced by user namespaces
which makes it impossible to share cached keys across user namespaces by using
the user namespace while this is possible with the session keyring.
|
|
Users can simply unset the environment variable to achieve the same effect.
|
|
SYSTEMD_ASK_PASSWORD_KEYRING_TIMEOUT_SEC is unset
Follow-up for d9f4dad986dcebd51bdaeb8ba3d2c00cdc0d701e
|
|
With https://github.com/systemd/mkosi/pull/3164, we'll be able to run
arbitrary commands in the mkosi sandbox, which has /usr from the tools
tree if one is configured. Let's add the required packages to be able to
run meson to setup the integration tests. This allows running the integration
tests without having to install meson or other build dependencies on the
host system.
"""
mkosi sandbox meson setup build
mkosi sandbox meson compile -C build mkosi
mkosi sandbox env SYSTEMD_INTEGRATION_TESTS=1 meson test -C build ...
"""
|
|
Bumps [systemd/mkosi](https://github.com/systemd/mkosi) from 2a35f9958bc6b82d95d1eac02dc245e9bb068765 to 8976a0abb19221e65300222f2d33067970cca0f1.
- [Release notes](https://github.com/systemd/mkosi/releases)
- [Commits](https://github.com/systemd/mkosi/compare/2a35f9958bc6b82d95d1eac02dc245e9bb068765...8976a0abb19221e65300222f2d33067970cca0f1)
---
updated-dependencies:
- dependency-name: systemd/mkosi
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|
There's no guarantee our device will be named /dev/vda, so give it
a serial so we can query for its devname inside the test.
|
|
There's no guarantee the root device will be /dev/sda, so let's use
bootctl to get the actual path instead of harcoding it.
|
|
This singular debug message gets printed even if debug is not enabled.
Quiet this message when debug is not enabled for consistency.
|
|
Follow-up for ad03f2d5f0d7f87b775357e5a2727dbcbc973fce
|
|
|
|
When KeepConfiguration=dhcp, we do not remove acquired address, hence
not necessary to restart IPv4LL client.
|
|
|
|
for a given path
|
|
Fixes https://github.com/systemd/systemd/security/code-scanning/2900
|
|
|
|
The check for the old flag was not restored when the weak
blocker was added, add it back. Also skip polkit check for
root for the weak blocker, to keep compatibility with the
previous behaviour.
Partially fixes https://github.com/systemd/systemd/issues/34091
Follow-up for 804874d26ac73e0af07c4c5d7165c95372f03f6d
|
