| Commit message (Collapse) | Author | Files | Lines |
|---|
|
Follow up for 8b3b01c4b7e0fde39b4be354990ee68f5e612c52
We switch to PROJECT_VERSION instead of PROJECT_VERSION_FULL where
we report our version and which is likely being parsed to avoid
breaking compat. If we didn't, the output would change from systemd
255 to systemd 255.1 which could break various tools.
|
|
The newest kconfig enabling DB-verified dm-verity images is queued
for 6.11:
https://patchwork.kernel.org/project/dm-devel/patch/20240617220037.594792-1-luca.boccassi@gmail.com/
|
|
If the io.systemd.DynamicUser or io.systemd.Machine files exist,
but nothing is listening on them, the nss-systemd module returns
ECONNREFUSED and systemd-sysusers fails to creat the user/group.
This is problematic when ran by packaging scripts, as the package
assumes that after this has run, the user/group exist and can
be used. adduser does not fail in the same situation.
Change sysusers to print a loud warning but otherwise continue
when NSS returns an error.
|
|
The XDG base dir spec adopted ~/.local/state/ as a thing a while back,
and we updated our docs in b4d6bc63e602048188896110a585aa7de1c70c9b, but
forgot to to update the table at the bottom to fully reflect the update.
Fix that.
|
|
about shared *ownership*
|
|
This file doesn't document features of systemd, but is more a of a
general description that generalizes/modernizes FHS. As such, the items
listed in it weren't "added" in systemd versions, they simply reflect
general concepts independent of any specific systemd version. hence
let's drop this misleading and confusing version info.
Or in other words, the man page currently claims under "/usr/": "Added
in version 215." – Which of course is rubbish, the directory existed
since time began.
This also rebreaks all paragaphs this touches.
No content changes.
|
|
The previous commit tries to extract a substring from the
extension-release suffix, but that is not right, it's only the
images that need to be versioned and extracted, use the extension-release
suffix as-is. Otherwise if it happens to contain a prefix that
matches the wrong image, it will be taken into account.
Follow-up for 37543971aff79f3a37646ffc2bb5845c9394797b
|
|
Now that we have a way to rebuild and reinstall systemd without
having to rebuild the image, let's default to building a disk image
again.
|
|
The GIT_VERSION is changed to use VERSION_TAG, but in case of cross build
for src/boot/efi, it's not set, causing build error because the compiler cannot
know it's a macro thus treating it as some variable and error out.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
|
|
The meson.version file might contain e.g. 256.2~devel in a stable
branch so let's make sure we deal with that.
|
|
For MountImages=, if the source is a block device, it will most likely reside
in /dev. It should be also possible to mount a static device file system in
place of (or part of) /dev. So let's allow paths starting with /dev as an
exception for MountImages=.
|
|
There is a regression in the login package, skip the test until
it is fixed. https://bugs.debian.org/1075733
|
|
|
|
Let's mention the new way to install the latest changes without
rebuilding the image. Let's also remove the duplicate info about
distribution packages that is already mentioned in its own section.
|
|
|
|
Let's make sure we actually operate on the packaging git repo.
|
|
We need to enable this otherwise systemd-oomd.service fails to start.
Fixes:
ConditionControlGroupController=memory was not met
|
|
* d74b24c7c6 meson options: vcs-tag=false
* 7424fedef0 upgpkg: 256.1-1: new upstream release
* 6016864c99 upgpkg: 256-3: rebuild to fix man pages...
* 6f6d48b221 upgpkg: 256-2: update shells
* b9ce44e766 drop systemd-stable repository, build from main one
* baf4803252 upgpkg: 256-1: new upstream release
* 1d75e7ddaa add an install hint on NEWS
* 6f17a23127 Ups, inverted...
* d76029f7cc update meson options
* 6e7929dd98 upgpkg: 256rc4-1: new upstream pre-release - testing only!
* 7b70e7b0e7 upgpkg: 256rc3-2: fast-forward to current git main, non-official testing
* a438b879e2 upgpkg: 256rc3-1: new upstream pre-release, non-official testing
* ff30a600c9 upgpkg: 256rc2-1: new upstream pre-release, non-official testing
|
|
|
|
These are not actually needed or installed, so delete them from the
build directory, so that inside an image one can do:
apt install --reinstall /work/build/*.deb
Follow-up for 690a85b1d4e794af62bca6d1ea530ffc530ee58c
|
|
Followup for 453cb5d01e587ff6d9fa426397c0d1b858f8f832
Fixes the following assertion:
"""
x86 130 ~/systemd ❯❯❯ meson compile -C build
ninja: Entering directory `/home/tfleig/systemd/build'
[2/5] Generating export-dbus-interfaces with a custom command
FAILED: interfaces
/home/tfleig/systemd/tools/dbus_exporter.py interfaces /home/tfleig/systemd/build/systemd /home/tfleig/systemd/build/systemd-homed /home/tfleig/systemd/build/systemd-hostnamed /home/tfleig/systemd/build/systemd-importd /home/tfleig/systemd/build/systemd-localed /home/tfleig/systemd/build/systemd-logind /home/tfleig/systemd/build/systemd-machined /home/tfleig/systemd/build/systemd-networkd /home/tfleig/systemd/build/systemd-oomd /home/tfleig/systemd/build/systemd-portabled /home/tfleig/systemd/build/systemd-resolved /home/tfleig/systemd/build/systemd-timedated
Assertion '__unique_prefix__expr_91' failed at src/core/load-fragment.c:3912, function config_parse_tasks_max(). Aborting.
Traceback (most recent call last):
File "/home/tfleig/systemd/tools/dbus_exporter.py", line 45, in <module>
main()
File "/home/tfleig/systemd/tools/dbus_exporter.py", line 42, in main
extract_interfaces_xml(args.output, exe)
File "/home/tfleig/systemd/tools/dbus_exporter.py", line 9, in extract_interfaces_xml
proc = run(
File "/usr/lib64/python3.9/subprocess.py", line 528, in run
raise CalledProcessError(retcode, process.args,
subprocess.CalledProcessError: Command '[PosixPath('/home/tfleig/systemd/build/systemd'), '--bus-introspect', 'list']' died with <Signals.SIGABRT: 6>.
[4/5] Generating man/systemd.index.xml with a custom command
ninja: build stopped: subcommand failed.
"""
|
|
Previously, the order was quite chaotic, even sometimes interleaved with
entirely unrelated switches. Let's clean this up and use the same order
as in the spec.
This doesn't change anything real, but I think it's a worthy clean-up in
particular as this order is documented as the PCR measurement order of
these sections, hence there's actually a bit of relevance to always
communicate the same order everywhere.
|
|
|
|
The patch is originally from Brenton Simpson, I (Lennart) just added some
comments and rebased it.
I didn't test this, but the patch looks so obviously right to me, that
I think we should just merge it, instead of delaying this further. In
the worst case noone notices, in the best case this makes sd-boot work
reasonably nicely on devices that only have a hadware power key + volume
rocker.
Fixes: #30598
Replaces: #31135
|
|
|
|
At this point we have a clearer model:
* systemd-measure should be used for measuring UKIs on vendor build
systems, i.e. only cover stuff predictable by the OS vendor, and
identical on all systems. And that is pretty much only PCR 11.
* systemd-pcrlock should cover the other PCRs, which carry inherently
local information, and can only be predicted locally and not already
on vendor build systems.
Because of that, let's not bother with any PCRs except for 11 in
systemd-measure. This was added at a time where systemd-pcrlock didn't
exist yet, and hence it wasn't clear how this will play out in the end.
|
|
|
|
Let's simplify the code a bit, and parse Type 2 entries in a function of
its own, separate from the directory enumeration.
This closely follows a similar split we did a long time ago for Type 1.
This is just refactoring, no real code change.
|
|
|
|
|
|
While we write data to this parameter, it's not really a return
parameter, we after all do not fully set it, we just fill in some
fields. Hence it must be initialized beforehand.
According to our coding style only parameters that are purely used for
returning something should be named "ret_xyz", hence this one should not
be.
(We'll later rely on the current behaviour that it leaves array entries
for which we find no sections untouched, hence leave behaviour as is,
just rename the parameters to something more appropriate).
(Since we are dropping the "ret_" prefix of "ret_sections", let's rename
the old "section" parameter at the same time to "section_names", to make
clearer what it is about).
|
|
|
|
|
|
$SYSTEMD_REPART_OVERRIDE_FSTYPE is too invasive. Often you want to
override the fstype only for a specific designator, so let's support
that as well.
|
|
With the latest mkosi, mkosi -t none can be used to rerun the build
script without messing with a previously built image. This allows
one to run "mkosi -t disk -f qemu" in one terminal to build and boot
an image in qemu and then run "mkosi -t none" in another terminal to
rebuild the packages. If one then has "RuntimeBuildSources=yes" set
in their mkosi configuration, the build directory is mounted into the
virtual machine, which means that one can then run "dnf upgrade
/work/build/*.rpm" from within the VM to install the new packages.
This allows for quickly iterating on changes without having to rebuild
the image all the time.
We'll probably want to document this at some point, but let's start
with making it possible by copying the built packages to the build directory.
|
|
Currently if git merge-base fails we'll hide the error and exit with
exit status 0. Let's make we only exit early if git merge-base exits
with 1 which indicates the current commit is not on the target branch.
Any other error is considered fatal.
|
|
Two very similar devices, with two functions - a regular camera and IR.
The peculiarity of their infrared camera is that it uses a color image
format (YUYV), although it is essentially black and white.
The IR camera interface differs from the regular camera interface by name:
"HP Wide Vision FHD Camera: HP W" for the regular camera and
"HP Wide Vision FHD Camera: HP I" for an infrared camera
Therefore, glob *I is used to separate the IR camera
|
|
|
|
* f9fe17dbde Use vmlinux.h from kernel-devel
* 9cbad936a6 Pull in openssl-devel-engine
* 8ae009f929 Only add Requires on python3-zstd on Fedora
* 750e910c7c Drop BuildRequires on python3-zstd
|
|
destructive/system-wide operation
|
|
|
|
Otherwise, busctl --user call ... SoftReboot results in
user manager broadcasting signal and initiating soft-reboot...
|
|
It's pointless to do selinux or /run/ space checks
for user managers.
|
|
Also, there can only be one system manager.
|
|
|
|
This is only for logging, but since we lookup for the unit
here, let's try to be accurate.
|
|
If work is being done in a separate branch, don't touch the packaging
checkout.
|
|
These are required by the bpf_tracing.h header in libbpf, see
https://github.com/libbpf/libbpf/blob/master/src/bpf_tracing.h.
bpf_tracing.h does have a few fallbacks in case __TARGET_ARCH_XXX
is not defined but recommends using the __TARGET_ARCH macros instead
so let's do that.
|
|
We calculate the amount of uncompressed data we can write by taking the limits
into account and halving it to ensure there's room for switching to compression
on the fly when storing cores on a tmpfs (eg: due read-only rootfs).
But the logic is flawed, as taking into account the size of the tmpfs storage
was applied after the halving, so in practice when an uncompressed core file
was larger than the tmpfs, we fill it and then fail.
Rearrange the logic so that the halving is done after taking into account
the tmpfs size.
|
|
ret type
Addresses https://github.com/systemd/systemd/pull/33567#discussion_r1662818225
|
