| Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
Otherwise we break TEST-15-DROPIN, since it uses
/usr/lib/systemd/system/service.d/override.conf in some of its
sub-tests.
|
|
|
|
Depending on the location of the original build dir, either ProtectHome=
or ProtectSystem= may get in the way when creating the gcov metadata
files.
Follow-up to:
* 02d7e73013a92c5580023e4e548d19adbc254dbe
* 6c9efba67715cd1ced170ac46c04d47934ad276a
|
|
In order to minimize EFI variable NVRAM wear, do not rewrite variables
if they are already in the wanted state (i.e. same data and attributes).
This allows e.g. performing repeat calls of "bootctl install" (which
always rewrites the EFI boot entry) without consuming EFI NVRAM write
cycles.
|
|
We should drop caches if we are configured to do so in all cases where
we are done with home dir operations: except if that operation is
activation, because in that case we are not destroying anything, but
leaving it on.
Hence, turn off the flag that reminds us that we should drop caches
before exiting, once activation completed fully,
Follow-up for 86019efa4416d7b548cab321c15bc22a65463786
|
|
Follow-up for 4a4654e0241fbeabecb8587fd3520b6b39264b9c.
Fixes #21090.
|
|
it for its payload
We try to pass containers roughly the same rlimits as the host gets from
the kernel. However, this means we'd set the RLIMIT_NOFILE to 4K. Which
is quite limiting though, and is something we actually departed from in
PID1: since 52d620757817bc0fa7de3ddbe43024544ced7ea0 we raise the limit
substantially for all userspace.
Given that nspawn is quite often invoked without proper PID1, let's raise the
limits for container payloads the same way as we do from the real PID1
to its service payloads.
|
|
|
|
This is useful if the auto-firmware setting has been disabled. The
keys used here are based on what the majority of firmware employ in
the wild.
This also ensures there's a chance for the user to discover this in
case they were too slow during POST or simply used the wrong ones.
|
|
|
|
We are using this for creating userns namespaces, and we really
shouldn't try to sync there. Moreover the use of free() in shutdown code
doesn't need it anyway, since it just sync()ed right before anyway. Only
the third user of freeze() we have actually needs the syc(), hence do it
there and nowhere else.
|
|
unbound userns
This returns a namespace fd, and takes a uidmap/gidmap as string. This
is split out out mount-util.c's remount_idmap() logic, so that we can
allocate a userns independently.
|
|
That way we can use it in other code from basic/. It fits into both
headers equally well or badly, hence let's just move this one function.
|
|
Previously the call did two things, and the second thing was optional
(depending on first arg being NULL). Let's simplify this and just make
it two distinct functions, where one calls the other.
This should make things a bit more readable, given that we called a
function called "…and_mount()" which didn't actually mount...
No actual code changes, just some refactoring.
|
|
No actual code changes, just making a structure a bit shorter.
|
|
We use this work dir a various places, and it's easy to mistype, hence
let the compiler detect this for us, and introduce a macro for it.
No code changes, just some search/replace.
|
|
The type of dhcp6_pd_subnet_id is int64_t.
|
|
Previously we'd possibly see POLLHUP on a varlink link, and continue to
run epoll on it even though we have nothing to read nor write anymore.
Let's fix that, and once we know that there's nothing to write anymore
(or we saw a write error already) we'll disconnect after POLLHUP.
Fixes: #20062
|
|
|
|
If we know that /proc/ works, then ENOENT when reopening an fd means the
fd didn't exist. Let's return the correct error code for that, i.e.
EBADF.
|
|
".", …)
This adds a tiny shortcut to fd_reopen(): if we are about to reopen the
fd via O_DIRECTORY then we know it#s a directory and we might as well
reopen it via opening "." using the fd as "at fd" in openat().
This has the benefit that we don't need /proc/self/fd/ around for this
special case: fewer sources of errors.
|
|
The clock to use internally is clock_boottime_or_monotonic(), but the
test used CLOCK_MONOTONIC. After one system suspend the test thus likely
starts to fail.
|
|
Fixes: #11559
|
|
downstream
Also, narrow the acceptable range of the states.
|
|
upstream interface
As now the subnet prefix may be assigned to the upstream interface.
|
|
The Surface Type Covers are known to support USB autosuspend just fine
(and it's also enabled by default on Windows), so enable it in hwdb.
|
|
|
|
|
|
d'oh!
|
|
Otherwise we miss quite a lot of coverage (mainly from logind,
hostnamed, networkd, and possibly others), since they can't write their
reports with `ProtectSystem=strict`.
|
|
With `ProtectSystem=strict` gcov is unable to write the *.gcda files
with collected coverage. Let's add a yet another switch to make such
restriction less strict to make gcov happy.
This addresses following errors:
```
...
systemd-networkd[272469]: profiling:/systemd-meson-build/src/shared/libsystemd-shared-249.a.p/binfmt-util.c.gcda:Cannot open
systemd-networkd[272469]: profiling:/systemd-meson-build/src/shared/libsystemd-shared-249.a.p/base-filesystem.c.gcda:Cannot open
systemd-networkd[272469]: profiling:/systemd-meson-build/src/shared/libsystemd-shared-249.a.p/barrier.c.gcda:Cannot open
systemd-networkd[272469]: profiling:/systemd-meson-build/src/shared/libsystemd-shared-249.a.p/ask-password-api.c.gcda:Cannot open
systemd-networkd[272469]: profiling:/systemd-meson-build/src/shared/libsystemd-shared-249.a.p/apparmor-util.c.gcda:Cannot open
systemd-networkd[272469]: profiling:/systemd-meson-build/src/shared/libsystemd-shared-249.a.p/acpi-fpdt.c.gcda:Cannot open
...
```
|
|
When playing around with the coverage-enabled build I kept hitting
an issue where dnsmasq failed to start because the previous instance was
still shutting down. This should, hopefully, help to mitigate that.
|
|
|
|
- replace `A = k` and `X = A` with `X = k`,
- replace `A ^= X` and `A == 0` with `A == X`.
- use UINT32_MAX when accept a packet
|
|
|
|
|
|
|
|
|
|
- replace `A = k` and `X = A` with `X = k`,
- replace `A ^= X` and `A == 0` with `A == X`.
- use UINT32_MAX when accept a packet
|
|
This drops stuct ifa_cacheinfo from Address, and store lifetime with
usec_t.
Why? Now, all requests of address configurations are once stored in
the request queue, and will be processed when it is ready. So, the
timestamp value passed to the kernel must be evaluated on configure.
This also fixes the following two issues.
- Time values in struct ifa_cacheinfo are stored in uint32_t.
So, the validity check of the address configured by NDisc may fail on
long running systems.
- If a system uses DHCPv6PD, when an interface may appear or be
reconfigured later, then the lifetime value may be inappropriate.
We need to adjust the lifetime with the current time and the timestamp
of the lease.
|
|
|
|
|
|
|
|
|
|
It is now ran on the nightly CentOS build, so that it can cover
integration tests too, and not just unit tests. It's nightly as
it considerably increases the integration test runtime, so it's
not appropriate for all PRs.
|
|
otherwise TEST-02 will fail:
```
=== Failed test log ===
--- test-network-generator-conversion.sh begin ---
+ [[ -n '' ]]
+ [[ -x /usr/lib/systemd/systemd-network-generator ]]
+ [[ -x /lib/systemd/systemd-network-generator ]]
+ exit 1
--- test-network-generator-conversion.sh end ---
```
Before:
```
$ meson build -Dnetworkd=false -Dinstall-tests=true
$ ninja -C build
$ DESTDIR=$PWD/test-install ninja -C build install
$ find test-install/ -name test-network-generator-conversion.sh
test-install/usr/lib/systemd/tests/test-network-generator-conversion.sh
```
After:
```
$ find test-install/ -name test-network-generator-conversion.sh
<no output>
```
|
|
Otherwise we'd miss coverage from TEST-{02,24,61}, since they don't go
through the "standard" `check_result_common` hook.
Follow-up to 7bf20e48bd7d641a39a14a7feb749b7e8b0fc0f6.
|
|
Follow-up for 4a4654e0241fbeabecb8587fd3520b6b39264b9c.
|
|
|
