morgan/systemd
1
0
Fork 0
mirror of https://github.com/morgan9e/systemd synced 2026-04-14 00:14:32 +09:00
Code Issues Packages Projects Releases Wiki Activity
81,956 Commits 1 Branch 0 Tags
13a98f1f0568472172506445eacee8803ca4c513
Commit Graph

81956 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Emmanuel Ferdman
13a98f1f05 doc: fix integration tests guide reference 2025-06-04 07:29:16 +09:00
Mike Yuan
20ae3ec9b5 core/varlink: use forward.h at two more places (#37716) 2025-06-03 23:11:17 +02:00
Yu Watanabe
813fcf2a8a core/varlink: use forward.h at two more places 2025-06-04 04:57:32 +09:00
Lennart Poettering
d483ac1d0d compress: avoid a bunch of div-by-zeroes 
Follow-up for #37706. Implements the same logic for all compression
algorithms we have.
 2025-06-03 18:27:02 +02:00
Lennart Poettering
a53b225c53 tpm2: various smaller fixes, mostly about better error messages and support checking (#37690) 
Fixes: #35187
Fixes: #36743
Fixes: #37607
 2025-06-03 18:26:36 +02:00
Lennart Poettering
9c335d2458 tpm2-util: guarantee that verb_has_tpm2_generic() returns usable exit status 2025-06-03 16:16:46 +02:00
Lennart Poettering
8756482804 tpm2-util: use BIT_FOREACH() more 2025-06-03 16:16:46 +02:00
Lennart Poettering
1e08f92250 tpm2: add a clear error message for all errors that suggest a PCR violation 
Fixes: #35187
 2025-06-03 16:16:46 +02:00
Lennart Poettering
8335765bb8 tpm2-util: add a brief summary of tpm2_unseal() return values in a comment 2025-06-03 16:15:34 +02:00
Lennart Poettering
f31a87331f tpm2-util: also generate recognizable error if PolicyAuthorizeNV fails 2025-06-03 16:12:45 +02:00
Lennart Poettering
c7ce6fd30e pcrlock: also refuse lacking SHA-256 support early when creating policy 
This will fail eventually, but let's be explicit early here.
 2025-06-03 16:12:45 +02:00
Lennart Poettering
3ab04fbc4c pcrlock: make error messages more useful if PCR state doesn't match policy during PolicyOR 
Fixes: #35187
 2025-06-03 16:12:45 +02:00
Lennart Poettering
1144f07dc6 measure: generate a more useful error in case SHA1 support is disabled by distro 
Fixes: #36743
 2025-06-03 16:12:45 +02:00
Lennart Poettering
ccd2bf48b2 pcrlock: add "is-supported" verb that checks if the local TPM supports the commands we need for pcrlock 
systemd-pcrlock requires support for the PolicyAuthorizeNV command,
which is not implemented in the first TPM2 releases. We also strictly
require SHA-256 support. Hence add a tool for checking for both of
these.

This is a tighter version of "systemd-analyze has-tpm2", that checks for
the precise feature that systemd-pcrlock needs, on top of basic TPM2
functionality.

Fixes: #37607
 2025-06-03 16:12:45 +02:00
Lennart Poettering
d1c36f11d5 tpm2-util: correct copy/pasted error message 2025-06-03 16:05:25 +02:00
Yu Watanabe
add1bc28d3 bus-unit-util: warn and ignore assignment of deprecated properties 
With 5da476ac77, we refused to set the
properties, but this relaxes the behavior, and now commands warn and
ignore the assignment.

Also, assignment of CPUAccounting property is now warned and ignored,
which is deprecated by 29da53dde3.

Prompted by https://github.com/systemd/systemd/pull/37665#discussion_r2115676993
 2025-06-03 15:31:05 +02:00
Yu Watanabe
cb109e00c4 repart: if partition already exists, required size may not be multiple of grain size 
See partition_min_size_with_padding().
Fixes #37178.
 2025-06-03 10:42:34 +02:00
Arian van Putten
96e481bfbd vmspawn: do not preserve access permissions and xattrs of template OVMF vars 
This makes vmspawn work when /usr/share/qemu/edk2-i386-vars.fd is on
disk with 0444 permissions as is the case on NixOS.

The nix package manager does not store any access permissions, ownership,
timestamps, or extended attributes in its package format to increase
reproducibility. The only meta-data that is stored is the executable bit.

Thus when unpacking a nix package, the executable bit is preserved, but no other
access permissions are preserved and all files in /nix/store end up as
read-only.

This causes the template OVMF vars file to have 0444 permissions. If we preserve
those permissions when copying the template file to /tmp that means QEMU can not
write to the file and fails.

So lets not preserve permissions and keep the 0600 permissions that are set by
default.
 2025-06-03 11:26:52 +09:00
Daan De Meyer
3590802fe3 repart: Add ratelimitting for progress updates 
Same logic as in systemd-import, this is especially important when
systemd-repart is not run from a tty as currently we'll get something
like this:

```
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G  98%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G  98%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G  98%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G  98%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G  98%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G  98%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G  98%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G  98%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G  98%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G  98%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G  98%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G  98%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G  98%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G  98%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G  98%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G  98%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G  98%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G  99%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G  99%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G  99%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G  99%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G  99%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G  99%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G  99%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G  99%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G  99%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G  99%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G  99%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G  99%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G  99%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G  99%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G  99%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G  99%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G  99%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G  99%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G 100%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G 100%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G 100%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G 100%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G 100%
/var/tmp/.#repartc256fb6b9dc517af → /work/var/tmp/mkosi-workspace-2ek2c3n1/repart-definitions/10-root.conf 1.7G/1.7G 100%
```
 2025-06-03 11:16:09 +09:00
Daan De Meyer
66772511d6 repart: Improve logging in resolve_copy_blocks_auto() 2025-06-03 11:12:50 +09:00
Yu Watanabe
a491eca403 Bugprone argument comment 8 (#37678) 
Follow up from https://github.com/systemd/systemd/pull/37556
 2025-06-03 10:58:52 +09:00
Luca Boccassi
6cd1842e33 test: send monotonic timestamp rather than unix seconds for MONOTONIC_USEC= argument 
Follow-up for 3998b30a04
 2025-06-03 10:54:03 +09:00
Alex
2584f745e0 compress: prevent divide-by-zero when no data is read (#37706) 
If the first call to `loop_read()` returns 0 (no input), `total_in`
remains 0, causing `total_out/total_in` to potential divide by zero.

We add a check before logging the compression ratio to skip the
percentage calculation when total_in is zero.

Co-authored-by: jinyaoguo <guo846@purdue.edu>
 2025-06-03 10:51:00 +09:00
Alex
1a596054a0 network: fix a potential divide-by-zero (#37705) 
In function `tc_init`, hz is parsed from the content of file
`"/proc/net/psched"` and can be 0.
In function `hierarchy_token_bucket_class_verify`, hz is directly used
as a divisor in
`htb->buffer = htb->rate / hz + htb->mtu;` without any check. This adds a check on hz before using it as a divisor.

Co-authored-by: jinyaoguo <guo846@purdue.edu>
 2025-06-03 07:47:49 +09:00
Anton Ryzhov
bd02e15710 man/systemd-creds: fix documentation typo in systemd.exec.xml 2025-06-03 07:42:44 +09:00
Michał Moczulski
f185180951 hwdb: fix touchpad for ASUS X1504ZA (#37696) 
Added udev rule generated by `libinput measure fuzz --fuzz=8`, which
fixes my touchpad.
 2025-06-02 21:12:07 +01:00
Jelle van der Waa
4b7edce916 shared/install.h: rename 'flags' -> 'file_flags' 
Make it consistent with the implementation.
 2025-06-02 18:05:47 +02:00
Jelle van der Waa
fa6f4484e8 io-util: rename 'nfds' -> 'n_fds' 2025-06-02 18:05:45 +02:00
Jelle van der Waa
8821a312a8 uid-range: correct argument comment 2025-06-02 17:39:44 +02:00
Jelle van der Waa
e58cf27aaf sd-varlink: fix argument naming 2025-06-02 17:39:44 +02:00
Jelle van der Waa
2bfa3185aa sd-journal: rename sd_journal_get_monotonic_usec ret argument 
Rename ret to ret_monotonic to distinguish from ret_boot_id and
according to existing argument comments.
 2025-06-02 17:39:44 +02:00
Jelle van der Waa
2377cbcd19 mount-util: correct argument comment 2025-06-02 17:39:44 +02:00
Jelle van der Waa
09958bbb98 nspawn: correct argument comments 2025-06-02 17:39:44 +02:00
Jelle van der Waa
d4f938aec1 env-util: rename 'n' -> 'length' 2025-06-02 17:39:43 +02:00
Lennart Poettering
30f6240bd2 nss-systemd/userdb drop-ins: various doc updates (#37693) 
This mostly adds crosslinks from various bits and pieces of userdb docs
to each other, and adds some clarifications.

Fixes: #27208
 2025-06-02 17:02:20 +02:00
Zbigniew Jędrzejewski-Szmek
b83f69952b Deduplicate error string patterns (#37676) 
I wanted to see if moving moving out constant string arguments our of
error messages results in smaller binary sizes. Turns out it does, but
the savings are not consistent. Sometimes we get a few kB in a single
binary, sometimes there is no size change.
 2025-06-02 15:34:17 +02:00
Lennart Poettering
a9de5d7d84 man: emphasize that systemd-userdb-load-credentials.service doesn't do UID/GID allocation 2025-06-02 15:16:31 +02:00
Lennart Poettering
c5fcf4ab59 man: add reference from userdbctl man page to nss-systemd regarding user record drop-ins 2025-06-02 15:16:31 +02:00
Lennart Poettering
c4c0307f53 man: mention systemd-userdb-load-credentials.service when discussing /run/userdb/ drop-ins 2025-06-02 15:16:31 +02:00
Lennart Poettering
344309d6d9 repart: fix generation of UUID= line for vfat in fstab entries (#37689) 
Fixes: #36735
 2025-06-02 12:25:14 +02:00
Adrian Vovk
554130faf3 Define uid range for greeter 
In multi-seat scenarios, a display manager might need to start multiple
greeter sessions. But systemd allows at most one graphical session per
user. So, display managers now have a range of UIDs to dynamically
allocate users for their greeter sessions.
 2025-06-02 11:19:12 +02:00
Zbigniew Jędrzejewski-Szmek
42ba99748d various: do not include file names directly in error messages 
git grep -l 'Failed to open /'|xargs sed -r -i 's|"Failed to open (/[^ ]+): %m"|"Failed to open %s: %m", "\1"|g'
git grep -l $'Failed to open \'/'|xargs sed -r -i $'s|"Failed to open \'(/[^ ]+)\': %m"|"Failed to open %s: %m", "\\1"|g'
git grep -l "Failed to open /"|xargs sed -r -i $'s|"Failed to open (/[^ ]+), ignoring: %m"|"Failed to open %s, ignoring: %m", "\\1"|g'
+ some manual fixups.
 2025-06-02 11:10:38 +02:00
dependabot[bot]
2dcf0ee0ef build(deps): bump github/codeql-action from 3.28.10 to 3.28.18 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.10 to 3.28.18.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](b56ba49b26...ff0a06e83c)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.28.18
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-06-02 18:03:15 +09:00
Yu Watanabe
0436240dd2 udevadm: allow to specify device by device ID (#37636) 2025-06-02 18:02:36 +09:00
Lennart Poettering
a27e58892e repart: set a useful access mode file for generated fstab files 
We create these as temporary files with 0600 access mode. Let's adjust
this before we install the files.
 2025-06-02 10:12:33 +02:00
Lennart Poettering
8504721e0e repart: fix generation of UUID= line for vfat in fstab entries 
Fixes: #36735
 2025-06-02 10:12:10 +02:00
dependabot[bot]
6b805724cc build(deps): bump meson from 1.6.1 to 1.8.1 in /.github/workflows 
Bumps [meson](https://github.com/mesonbuild/meson) from 1.6.1 to 1.8.1.
- [Release notes](https://github.com/mesonbuild/meson/releases)
- [Commits](https://github.com/mesonbuild/meson/compare/1.6.1...1.8.1)

---
updated-dependencies:
- dependency-name: meson
  dependency-version: 1.8.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-06-02 16:57:24 +09:00
dependabot[bot]
4eeb8bb388 build(deps): bump super-linter/super-linter from 7.3.0 to 7.4.0 
Bumps [super-linter/super-linter](https://github.com/super-linter/super-linter) from 7.3.0 to 7.4.0.
- [Release notes](https://github.com/super-linter/super-linter/releases)
- [Changelog](https://github.com/super-linter/super-linter/blob/main/CHANGELOG.md)
- [Commits](4e8a7c2bf1...12150456a7)

---
updated-dependencies:
- dependency-name: super-linter/super-linter
  dependency-version: 7.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-06-02 16:55:21 +09:00
Lennart Poettering
83f8c15dea Update TODO 2025-06-02 09:34:59 +02:00
Daan De Meyer
08a3afc5a1 repart: CopyBlocks=auto fix for verity-sig partitions (#37688) 
Alternative to: #37687
 2025-06-02 09:15:46 +02:00