Using systems with ADLINK COM-HPC-ALT, ASRock Rack ALTRAD8UD-1L2T and
AMPONED8-2T/BCM boards, there's an issue due to the internal network
connection between the BMC and host, which runs over USB (i.e. Linux
running on the BMC configures a USB gadget ethernet device, with a link
local address).
With the default configuration on Ubuntu (I'm using 25.10),
NetworkManager repeatedly tries to get an address for the interface
using DHCP, resulting in an "Activation of network connection failed"
notification every minute or two.
Add 82-net-auto-link-local.hwdb and 82-net-auto-link-local.rules to the
build system and update 82-net-auto-link-local.hwdb to add the USB
device vendor/product pairs I've seen on the various systems I have with
Ampere Altra and AmpereOne CPUs.
Add BMC USB-to-USB Ethernet gadget devices found on ASRock Rack and
ADLINK boards containing Ampere Altra and AmpereOne CPUs to
82-net-auto-link-local.hwdb. Update 20-usb-vendor-model.hwdb with
devices which were missing.
Update hwdb.d/meson.build and rules.d/meson.build to add the
82-net-auto-link-local.{hwdb,rules} files into the build. Commit
ec541c569b in 2023 added the files
but didn't add them to the build system.
We carefully prepare a copy of a local buffer to save in device cache
and then save the buffer there instead... This leads to abort in free()
on exit (also, copied is leaked).
Reproducer:
# udevadm test /sys/block/sr0
Follow-up-for: a9559ebcbc
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2406118
It is now possible to build and run without libmount. But if support
is compiled in, then we need to be able to load it. Hence gracefully
skip it when support is not compiled in, but fail otherwise.
It was actually intended to load libmount very early, as it is
needed by more than just mount units, such as umount_recursive(),
bind_remount_recursive(), get_sub_mounts(), etc.
Fixes https://github.com/systemd/systemd/issues/39994
This reverts commit 46b4b33c25.
manager_varlink_init_resolve_hook and manager_varlink_init_userdb are very
similar, but one didn't set a description and the other one had an error
message which didn't print the offending path.
Define constants for the paths, and also change other similar constants
to have slightly shorter names. (It's an "address" and "path", but we don't
need to have both parts in the name, esp. that it makes the name very long.)
Clarify in the docs that `if-safe` is the default by noting
that in the text for it, but also moving it to the first mentioned
option.
Make explicit in `man systemd-boot` that the `secure-boot-enroll`
option is specified in the `loader.conf`
Update an outdated comment in boot.c around the same.
Signed-off-by: Colin Walters <walters@verbum.org>
musl's getopt_long() behaves something different in handling optional arguments:
```
$ journalctl _PID=1 _COMM=systemd --since 19:19:01 -n all --follow
Failed to add match 'all': Invalid argument
```
This introduces getopt_long_fix() that reorders the passed arguments to make
getopt_long() provided by musl works as what we expect.
Also, musl's getopt() always behaves POSIXLY_CORRECT mode, and stops parsing
arguments when a non-option string found. Let's always use getopt_long().
When we send a batch of nfnl messages, but e.g. without sufficient
privilege, the kernel may only return an error message for
NFNL_MSG_BATCH_BEGIN and ignore all later messages.
So, we need to read the response for the NFNL_MSG_BATCH_BEGIN,
and if it is an error ignore the replies for the rest.
When we send a message with NLM_F_ACK, but if later we are not
interested in the reply and do not want to call sd_netlink_read(),
the reply will be stored in the rqueue forever.
Let's introduce a way to ignore received message without waiting reply.
When sd-event is attached to the sd-netlink object, use the timestamp of
the current event, otherwise call now().
This mostly change nothing. Preparation for later change.
Every other log in this function is debug level, so downgrade this too.
Otherwise compiling without libcryptsetup means sd-executor logs at
error level when starting any service, regardless of whether it is
needed or not.
Fixes https://github.com/systemd/systemd/issues/39968
Follow-up for efaf5a763d
This is a follow-up for 119d332d9c and
ensures the check only is applied to the system instance of machined. It
doesn't really apply to the per-user instance, because we never want to
permit differently privileged clients access anyway.
(The process_is_owned_by_uid() call might fail if invoked unpriv, hence
there's value in not calling it if machined runs in --user mode, it's
what makes machined actually work)
Previously, we looked for scripts in the tools/ directory ad hoc,
wherever they were needed. Let's do those checks in one place.
The main meson.build file is shrunk somewhat, which is always nice.
Quite often we need to specify include_directories('.'). Normally, meson
does this automatically, but we specify implicit_include_directories : false,
see 30d20907bd for an explanation.
Passing the include_directories argument through the template layers was rather
cumbersome. Let's simplify things by always including the directory of the
first source file. This makes the definitions simpler, at the cost of having an
unnecessary include directory in the list in some cases.
(Tests are excluded from this change, because they happen to not need this, but
also because some tests have source[0] which is a custom target, and we'd need
newer meson to support that.)
… and also when it fails, in the few cases where this wasn't done already.
When I was debugging https://github.com/systemd/systemd/issues/39048, it
was quite confusing that we print copious information about D-Bus messages
and all other steps we're undertaking, but nothing about the sd-notify
messages which are much more important. Add some debug messages for the
cases where we didn't print anything. (The case where $NOTIFY_SOCKET is
not set in left unchanged. The variable is often left unset and we don't
need to spam logs in that trivial case.)
--lines=1 means that we show the last message about the unit, whatever it is:
$ SYSTEMD_LOG_LEVEL=debug systemctl --verbose start demo2
...
Invoking 'journalctl -q --follow --no-pager --lines=1 --synchronize-on-exit=yes --unit=demo2.service' as child.
...
Directory /var/log/journal/7d16833bfa924410851e2a193bcfd4ba added.
Journal effective settings seal=no keyed_hash=yes compress=ZSTD compress_threshold_bytes=8B
...
Reiterating files to get inotify watches established.
Considering root directory '/run/log/journal'.
Considering root directory '/var/log/journal'.
Considering directory '/var/log/journal/7d16833bfa924410851e2a193bcfd4ba'.
Nov 26 17:24:35 rawhide systemd[1]: Finished demo2.service.
...
Executing dbus call org.freedesktop.systemd1.Manager StartUnit(demo2.service, replace)
...
Job for demo2.service finished.
Got result done/Success for job demo2.service.
journal: Sending message: {"method":"io.systemd.Journal.Synchronize","parameters":{"offline":false}}
Nov 27 13:05:30 rawhide systemd[1]: Starting demo2.service...
Nov 27 13:05:30 rawhide systemd[1]: demo2.service: Deactivated successfully.
Nov 27 13:05:30 rawhide systemd[1]: Finished demo2.service.
...
We obviously should only show _new_ messages, hence change to --lines=0.
This works properly after the fix in the previous commit.
Fixes#39048.
If --lines=0 is given, we'd skip the setup and not invoke sd_notify,
potentially blocking the caller. Change the condition for the callback
to also include that case. Since then the callback would always be
set, the 'if' statement is not necessary anymore.
One of the pending commits in Weblate causes conflicts due to an
unfortunate timing with 9e929e4aa7, so
let's pull the changes into the main tree manually (and resolve the
conflicts).
