| Commit message (Collapse) | Author | Files | Lines |
|---|
|
networkd set several sysctl to set the network configuration. Save their
value so we can check is other processes change them.
|
|
Pass to all the sysctl_* functions a hashmap which can be used to
optionally save the value written in the sysctl.
|
|
|
|
|
|
|
|
And add a mirroring dns_scope_ifname()
|
|
|
|
This is a rework of e7a93e75219b22424bab95fe45982f5eef21d581: instead of
handling components with n_variants being zero at every step of the way, we instead
remove it from our list after loading all components, given that such a
component simply makes not sense for the rest of our logic.
|
|
|
|
|
|
Fixes: #33917
|
|
If we operate in "offline" mode, i.e. know the device key, then we will
not have a TPM2 connection, hence don't try to read the PCR bank to use form
it.
We don't need it anyway because we are not going to test unseal things.
Fixes: #33855
|
|
Similar to MakeDirectories=, but creates symlinks in the filesystem.
|
|
|
|
|
|
Signed-off-by: Filip Lewiński <filip.lewinski@3mdeb.com>
|
|
The /dev/zramN devices can be used as regular block devices. They are
typically used for swap areas, but it would be beneficial to have
LABEL and UUID in the udev database to make it more user-friendly for
tools such as lsblk or mount (if used with other filesystems).
|
|
Let's keep only the parsers for the main config in resolved-conf.c
|
|
resolved-dnssd.h
|
|
|
|
I guess this was copy/pasted from sysupdate? Weird though. Fix it. And
also reword "cat" help text to make it more precise.
|
|
Such a policy won't provide any protection, but it's still entirely fine
to have it like this in various contexts, for example at OS install
time, to allocate the nvindex and reference it in enrollments. However,
it does deserve mention, hence log about it at LOG_NOTICE level.
This is based on a similar patch by Arnaud Patard
<arnaud.patard@collabora.com> proposed at #33663.
|
|
It is not true that "no string" is written to journal; the binary
name is used when run via `systemd-cat command`, or `cat` is used
when run via `command | systemd-cat`.
|
|
TEST-64-UDEV-STORAGE is invoked with the subtest appended, so TEST_SKIP=TEST-64-UDEV-STORAGE
does not work. Fix it by using TEST_SKIP as a partial match.
Follow-up for ddc91af4eaa32511f92c83b2c24d9cc0425fd5f5
|
|
|
|
|
|
These variables closely mirror the existing
LoaderDevicePartUUID/LoaderImageIdentifier variables. But the Stub…
variables indicate the location of the stub/UKI (i.e. of systemd-stub),
while the Loader… variables indicate the location of the boot loader
(i.e. of systemd-boot). (Except of course, there is no boot loader used,
in which case both sets point to the stub/UKI, as a special case).
This actually matters, as we support that sd-boot runs off the ESP,
while a UKI then runs off XBOOTLDR, i.e. two distinct partitions.
|
|
Let's always check if we have data to set *first*, and only then check
if an EFI var is already set.
Checking for the EFI var is more expensive after all.
|
|
systemd-stub man page too
Let's fix the version here too, and also clarify that this is usually
not necessarily the ESP.
|
|
First of all, these were always set, i.e. since sd-boot was merged into
our tree, i.e. v220. Let's say so explicitly.
Also, let's be more accurate, regarding which partition this referes to:
it's usually "the" ESP, but given that you can make firmware boot from
arbitrary disks, it could be any other partition too. Hence, be
explicit on this.
Also, clarify tha sd-stub will set this too, if sd-boot never set it.
|
|
|
|
If this is not done, and there are two images, image_1.raw and image_2.raw under
an image.raw.v folder, then the log will say "Using extensions image" instead of
using "Using extensions image_2.raw" which is the desired behavior for v-picked extensions.
|
|
Let's move copying out the PCR signature/key into its own tmpfiles
snippet.
And then let's add support for copying out the profile + os-release
information systemd-stub now places in the invoked initrd.
That way these four pieces of information are available even after the
initrd→host transition.
|
|
Now that we have multi-profile UKIs people likely want to stick more PE
sections into them than before. Hence, bump the number of available PE
section slots to 30 (up from 15). Also, make this configurable at build
time since some folks probably want even more, and others don't want
this at all.
(pre-allocating too many shouldn't matter too much btw, I'd advise
everyone to overshoot, except maybe on the tiniest of embedded boards)
|
|
Closes #34352.
|
|
|
|
|
|
We create subdirectories for each major release, but not for point releases
so strip the suffix if it is present
|
|
Let's make use of libcryptsetup's new crypt_token_set_external_path()
API in place of the interposition stuff we have been doing before. Let's
kill it entirely, given that this was a developer feature only anyway
(and guarded by an appropriate ifdef).
Fixes: #30098
|
|
Login shells are supposed to marked via a dash as first char. We follow
that logic, but right now we simply overwrite the first char of the
shell. That might not be the right choice, given that this turns
"zsh" into "-sh", which suggests some bourne shell process.
Hence, let's correct things, and instead prefix a dash, which should be
safer.
Inspired by findings on https://github.com/systemd/systemd/issues/34153#issuecomment-2338104907
|
|
Some tabs snuck in here, but we don't like tabs in our codebase. Fix
them.
|
|
Indicates whether the ATA read look-ahead feature is supported
and enabled.
Signed-off-by: Tomas Bzatek <tbzatek@redhat.com>
|
|
Instead, let's define them once, and pass them through as parameters
everywhere.
|
|
This iterates through the .profile sections a UKI provides and uses it
to generate multiple menu entries from them, one for each .profile
section.
|
|
|
|
unmanaged
Follow-up for 2cf9b1a0eed7bcd85543e19ba6f0d26767fe1163.
|
|
Then, the Link object for the peer interface can have a reference to the
corresponding NetDev object.
|
|
|
|
Then, Link object for an L2TP session can have reference to the
corresponding NetDev object.
|
|
|
