In mkosi CI, we want persistent journals when running interactively
and runtime journals when running in CI, so let's add a credential
that allows us to configure which one to use.
Workaround for #32436.
The test may fail if the journal is vacuumed or rotated during the test is running.
Let's use the newest archive file for safety.
If we request a DS and the resolver offers an unsigned SOA, a new
auxiliary transaction for the DS will be rejected as a loop, and we
might not make any progress toward finding the DS we need. Let's ensure
that we at least always check the parent in this case.
Fixes: 47690634f1 ("resolved: don't request the SOA for every dns label")
Required for integration tests to power off on PID 1 crashes. We
deprecate systemd.crash_reboot and related options by removing them
from the documentation but still parsing them.
If mac_selinux_access_check() or bus_verify_bypass_dump_ratelimit_async()
fail, we goto "ratelimited" where we set a custom D-BUS error. In
"ratelimited", we call sd_bus_error_setf() which eventually hits an
assert_return(!bus_error_is_dirty()). Avoid hitting this assertion by
passing NULL as the error to mac_selinux_access_check() and
bus_verify_bypass_dump_ratelimit_async() since we will override the error
immediately anyway if either fails.
We modify both functions as well to allow passing a NULL error and fix
the argument name as well while we're at it.
We already log to syslog using pam_syslog() for logs generated directly
within our pam plugins. However, any logs generated by our generic logging
macros that are invoked within a pam plugin will log to the console. Let's
make sure our generic logging macros are set up to log to syslog as well.
Let's shutdown the write end and wait for EOF from the other side
before continuing to make sure that the receiver has received all
data we sent on the socket.
Previously, if we encountered a non-socket fd we'd return ENOTSOCK the
first time, but the subsequent times we'd return ENOMEDIUM, due to
caching. Let's make sure we return the same errors all the the time.
We're still seeing problems in mkosi CI where we lose notify messages
sent over vsock from virtual machines because the virtual machine shuts
down before the socket buffers are flushed.
Let's try setting SO_LINGER on vsock sockets so that the kernel waits
until the buffers are flushed when we close the file descriptor.
To make sure it works, let's get rid of our previous workaround that
sends EXIT_STATUS earlier to reduce the chance of it not arriving.
This way, if it doesn't work, we'll notice it immediately due to CI
failures.
The expression for calculation of the _do_log values in the log_exec_*
macros need to be the same as the unit_log_level_test() function, used
to calculate _do_log in unit.h. The only difference between execute.h
and unit.h is the lack of the Unit structure.
Fixes: b646fc324a ("core: ensure execute/spawn functions can work without Unit object")
Fixes: 210ca71cb5 ("core/execute: clean up log_exec_full_errno and friends")
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
