| Commit message (Collapse) | Author | Files | Lines |
|---|
|
Right now systemd-tpm2-setup-early and systemd-pcrphase-initrd.service
are not ordered against each other. However, they require the same slow
resource to operate: the TPM2. If we allow them to access the device
simultaneously, the kernel resource manager like has to save/restore TPM
state while they operate, slowing things down further.
hence, let's avoid all this mess, and just order them against each other
so that the shared resource is first used in full by one and then by the
other.
I opted to order systemd-pcrphase-initrd before
systemd-tpm2-setup-early, since there's value in having the former as
early as possible in userspace, to be a good marker for the transition
from kernel to first userspace. I can see no benefit in the opposite
order however.
|
|
We shouldn't try to use any ANSI escape sequences if TERM=dumb.
Also, the "\r\n" we output can get interpreted as a double newline
(for example by Github Actions), so let's output just "\n" when
TERM=dumb to clean up the CI logs.
|
|
tpm2_context_new and logs about errors
We so far just print a short log message that is not very useful, let's
add some recognizable error codes, and output better log messages if we
can't get TPM stuff to work.
Fixes: #31925
|
|
When an IO event source owns relevant fd, replacing with a new fd leaks
the previously assigned fd.
===
sd_event_add_io(event, &s, fd, ...);
sd_event_source_set_io_fd_own(s, true);
sd_event_source_set_io_fd(s, new_fd); <-- The previous fd is not closed.
sd_event_source_unref(s); <-- new_fd is closed as expected.
===
Without the change, valgrind reports the leak:
==998589==
==998589== FILE DESCRIPTORS: 4 open (3 std) at exit.
==998589== Open file descriptor 4:
==998589== at 0x4F119AB: pipe2 (in /usr/lib64/libc.so.6)
==998589== by 0x408830: test_sd_event_source_set_io_fd (test-event.c:862)
==998589== by 0x403302: run_test_table (tests.h:171)
==998589== by 0x408E31: main (test-event.c:935)
==998589==
==998589==
==998589== HEAP SUMMARY:
==998589== in use at exit: 0 bytes in 0 blocks
==998589== total heap usage: 33,305 allocs, 33,305 frees, 1,283,581 bytes allocated
==998589==
==998589== All heap blocks were freed -- no leaks are possible
==998589==
==998589== For lists of detected and suppressed errors, rerun with: -s
==998589== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)
|
|
Bumps pkg/arch from `ccc32ea` to `124b1da`.
---
updated-dependencies:
- dependency-name: pkg/arch
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|
Follow-ups for 418f2dc75564330d4ff6c86193f4a3c8ffbb1f1b.
|
|
|
|
|
|
To make the reachable time in the RA header sent by networkd
configurable.
|
|
|
|
We do the same for the other distributions, so let's do so for
debian/ubuntu as well.
|
|
|
|
Let's strip unnecessary whitespace to avoid a dpkg-buildpackage
warning.
|
|
|
|
As requested in review.
|
|
I'm working on the transition to merged sbin in Fedora. While the transition is
happening (and probably for a while after), we need to compile systemd with
split-bin=true to support systems upgraded from previous versions. But when the
system has been upgraded and already has /usr/sbin that is a symlink, be nice
and give $PATH without sbin.
We check for both /usr/sbin and /usr/local/sbin. If either exists and is not a
symlink to ./bin, we retain previous behaviour. This means that if both are
converted, we get the same behaviour as split-bin=false, and otherwise we
get the same behaviour as before.
sd-path uses the same logic. This is not a hot path, so I got rid of the nulstr
macros that duplicated the logic.
|
|
If we're already running in a unit with delegation turned on, let's
skip allocation of a scope unit and cgroup subroot. This allows journald
to correctly attribute the logs of all subprocesses spawned by tests such
as test-execute to the test-execute service when the test is running in a service.
|
|
Specifically, this will make tests log to the journal if stderr is
connected to the journal. This means we get proper log priorities
and such compared to if we just logged to stderr.
|
|
|
|
For when we expect something to fail with a specific error.
|
|
|
|
We might be booting from virtiofs which is fuse so we need @application
as well.
|
|
|
|
These don't get pulled in automatically and there doesn't seem to
be a "system-users" package so install the ones we need for the
integration tests manually.
|
|
CentOS does not ship these sysusers dropins which set up basic system
users and groups. Until we can move to CentOS Stream 10, let's add the
dropins ourselves to make sure the base system users/groups are available
on CentOS.
|
|
Required for TEST-01-BASIC.
|
|
The Arch Linux PKGBUILD does not (yet) have versioned dependencies
between the systemd packages, causing systemd-libs to not get updated
to 256-devel if systemd 256-devel is installed. Let's explicitly install
the newer version of systemd-libs as well for now until this problem is
fixed.
|
|
Required for test-bpf-firewall.
|
|
This introduces dependencies on various environment variables set
by rpmbuild which will not be set when rerunning meson inside the
VM/container so let's disable package notes to avoid these dependencies,
as the package notes aren't terribly useful in this scenario anyway.
|
|
|
|
|
|
|
|
Follow-up for d762f4d52d31c8eb6a6a7e517f107dfe8d443ee8.
|
|
This happens when journal is rotated after a data is written but before
an entry that linked to the data is not written yet.
This is neither data corruption, nor program error. Let's downgrade the
log level.
Closes #32153.
|
|
For issue #31516.
|
|
|
|
|
|
This passes an ID derived from the vmgenid down to all VMs. This is
useful to have an identifier for this VM generation id. We derive it
from the invocation ID, if we have one, otherwise we randomize it.
Eventually we should make use of the vmgenid changing to re-acquire MAC
addresses, DHCP leases as such. Let's for now enable the VMM side of the
concept as first step towards that.
|
|
|
|
This is a bit hackish, but really useful sometimes to play around with
some qemu switches.
|
|
THese are generally recommended (and libvirt/gnome-boxes default to them
hence). They are mostly relevant for Windows, but I think it makes sense
to enable them anyway for Linux too, simply to excercise #28001, and
they shouldn't hurt.
|
|
CPUID reporting hyperv should be taken with a grain of salt, and we
should prefer other mechanisms then.
Fixes: #28001
|
|
Follow-ups for 74c4231ce5f6cddabc2500391a8d5fd69e89b79e.
Previously, the path is obtained from the fd, but it is closed in
sd_event_loop() to unpin the filesystem.
So, let's save the path when the event source is created, and make
sd_event_source_get_inotify_path() simply read it.
|
|
|
|
Currently translated at 100.0% (233 of 233 strings)
Co-authored-by: Andika Triwidada <andika@gmail.com>
Translate-URL: https://translate.fedoraproject.org/projects/systemd/main/id/
Translation: systemd/main
|
|
|
|
This also drops several unnecessary conditions for checking sd-radv is running
or not in setting options, e.g. home agent or mac address.
|
|
|
|
|
|
Follow-up for fb573007430ab0dbe45517b58837d2fa5cfa1a48.
Prompted by #32273.
|
