morgan/systemd
1
0
Fork 0
mirror of https://github.com/morgan9e/systemd synced 2026-04-14 00:14:32 +09:00
Code Issues Packages Projects Releases Wiki Activity
78,541 Commits 1 Branch 0 Tags
7a0c3923fee4887454427321f80452cec67e3bc7
Commit Graph

78541 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Yu Watanabe
7a0c3923fe docs: replace link to RHEL7 document with RHEL9 documents 2025-01-07 02:05:16 +09:00
Yu Watanabe
a88b0eb4e7 tools: drop workaround for CentOS 7 2025-01-07 02:05:12 +09:00
Yu Watanabe
37b87a1690 README: CentOS Stream 8 reached EOL 2025-01-07 01:21:13 +09:00
Yu Watanabe
0f6d800b9f sd-varlink: add flag for sd_varlink_server for creating connections w… (#35841) 
…ith fd passing enabled

Let's add a simple flag that enables fd passing for all connections of a
server. It's much easier to use this than to install a connect handler
which manually enables this for each connection.
 2025-01-06 22:13:50 +09:00
Daan De Meyer
1b8c5bb267 mkosi: Migrate more deprecated options (#35873) 2025-01-06 13:42:21 +01:00
Luca Boccassi
0b5f926939 CI: add OBS workflow integration to build packages on push to main 
When main is updated, packages for Arch/Debian/Ubuntu/SUSE will be built and published
on OBS:

https://download.opensuse.org/repositories/home:/bluca:/systemd/
https://build.opensuse.org/project/show/home:bluca:systemd
 2025-01-06 11:20:56 +00:00
Daan De Meyer
c5981510e9 ci: Rename qemu variable to vm 2025-01-06 12:08:33 +01:00
Daan De Meyer
28baef47a3 mkosi: Migrate more deprecated options 2025-01-06 12:07:53 +01:00
Luca Boccassi
807db92ab4 sd-device: fix validation for devices under /sys/firmware/ in sd_device_new_from_subsystem_sysname() (#35863) 
Devices under /sys/firmware/ do not have subsystems. Hence, the
validation in sd_device_new_from_subsystem_sysname() ->
device_new_from_path_join() always failed.

Fixes a bug introduced by cd7c71154c
(v257).
Fixes #35861.
 2025-01-06 11:06:23 +00:00
Yu Watanabe
d5cdcba928 mkosi: replace deprecated settings and command with new ones 
Follow-up for c008b70370.

These settings and command were deprecated by the following commit.
ebcd2efa03
 2025-01-06 12:00:43 +01:00
Daan De Meyer
eaf0f79293 machine: several follow-ups for #35066 (#35868) 
Addresses the post-merge review comments.
 2025-01-06 11:59:55 +01:00
Lennart Poettering
336acebc77 basic: port various pidfd/pidref helpers to PIDFD_GET_INFO and PIDFD_GET_*_NAMESPACE (#35242) 
Supersedes #35308 (cherry-picked one commit and replaced the rest)

(I left a few comments that's folded by GitHub. Please make sure to
check them too.)
 2025-01-06 11:23:08 +01:00
Lennart Poettering
7f72184f12 more pidref'ification (#35839) 
This is split out of #35264, but makes a ton of sense on its own.
 2025-01-06 11:21:43 +01:00
Lennart Poettering
6f84873096 mountfsd,networkd,nsresourced: port over to new fd passing varlink server flags 2025-01-06 10:31:40 +01:00
Daan De Meyer
65b603492d tty-ask-password-agent: if we're spawning further agents, grant them notify access (#35855) 
Alternative to #35853
 2025-01-06 10:05:29 +01:00
Lennart Poettering
dd445d6e99 cgroup-util: add remoteness checks to all cg_pidref_get_xyz() calls 2025-01-06 09:54:41 +01:00
Lennart Poettering
1740d3e04b sd-login: make use of getpeerpidref() and cg_pidref_get_*() 2025-01-06 09:54:41 +01:00
Lennart Poettering
92d78966fd cgroup-util: add pidref counterparts for cg_pid_get_session() + cg_pid_get_owner_uid() 2025-01-06 09:54:41 +01:00
Lennart Poettering
b2206fe514 socket-util: introduce getpeerpidref() 
This combines getpeercred() and getpeerpidfd() and returns a PidRef
 2025-01-06 09:45:57 +01:00
Lennart Poettering
6d4778f14f sd-varlink: add flag for sd_varlink_server for creating connections with fd passing enabled 
Let's add a simple flag that enables fd passing for all connections of a
server. It's much easier to use this than to install a connect handler
which manually enables this for each connection.
 2025-01-06 09:28:19 +01:00
Yu Watanabe
c192d87d83 machine: comment source and destination must be absolute 
Addresses the post-merge review comment:
https://github.com/systemd/systemd/pull/35066#discussion_r1901841247
 2025-01-06 17:14:26 +09:00
Yu Watanabe
8551ac2092 machine: use json_dispatch_const_path() where applicable 
Follow-up for #35066 and 3866e9ce9d.
 2025-01-06 17:09:43 +09:00
Yu Watanabe
5eec51a6c1 packit: Move fmf metadata into upstream (#35700) 
This moves https://src.fedoraproject.org/tests/systemd into upstream so
it's one less moving piece that we need to remember.
 2025-01-06 10:37:56 +09:00
Daan De Meyer
b0b88f18b3 packit: Move fmf metadata into upstream 
This moves https://src.fedoraproject.org/tests/systemd into upstream
so it's one less moving piece that we need to remember. While we're at
it, do various cleanups as well:

- Remove non-packit logic
- Set NO_BUILD in mkosi.local.conf as it's not picked up from the
  process environment
- Don't set unused environment variables
- Remove workdir logic as we run in an ephemeral VM already
- Drop --verbose from meson test to reduce noise
  from passed tests
- Use mkosi sandbox and drop duplicated deps from metadata file
- Stop running the unit tests as they already run as part of the rpm
  build and as part of the integration tests.
- Various style fixes
 2025-01-05 23:21:36 +01:00
Daan De Meyer
8a9b989cba mkosi: Make path exclude more generic 
The systemd rpms we try to install in packit have /usr/bin/bash and
/usr/bin/python3 as dependencies which breaks dnf5 because mkosi
doesn't download filelists metadata and
https://bugzilla.redhat.com/show_bug.cgi?id=2263771 is still not fixed
almost a year after being reported.
 2025-01-05 23:19:44 +01:00
Daan De Meyer
c008b70370 mkosi: Update to latest 2025-01-05 21:18:32 +01:00
Yu Watanabe
3328d1e181 sd-device: fix validation for devices under /sys/firmware/ in sd_device_new_from_subsystem_sysname() 
Devices under /sys/firmware/ do not have subsystems. Hence, the
validation in sd_device_new_from_subsystem_sysname() ->
device_new_from_path_join() always failed.

Fixes a bug introduced by cd7c71154c (v257).
Fixes #35861.
 2025-01-05 03:52:05 +09:00
Yu Watanabe
7e5238625e sd-device: add missing debugging log 
It was unexpectedly dropped by 660087dc9c.
 2025-01-05 03:09:57 +09:00
Luca Boccassi
c9098abd57 mkosi: update debian commit reference 
* 7dc7ee8007 d/rules: drop duplicated config flag
* 2f417d66d1 Install new files for upstream CI
 2025-01-05 01:49:43 +09:00
Chris Hofstaedtler
18f3c91a04 analyze: fix URLs to DeviceAllow=, IPAddressDeny= 
Signed-off-by: Chris Hofstaedtler <zeha@debian.org>
 2025-01-05 01:49:05 +09:00
Yu Watanabe
be68dcdc20 firewall-util: allow to override the table and map names through env var 
Then, use test specific names to make the test not conflict with
networkd.

Hopefully fixes #35526.
 2025-01-05 01:48:29 +09:00
Mike Yuan
9598708a12 cgroup-util: explain why cg_pidref_get_path() cannot be ported over to pidfd helpers (yet) 
See also: https://github.com/systemd/systemd/pull/35242#issuecomment-2506686806
 2025-01-04 17:48:23 +01:00
Mike Yuan
f1ba5c900b cgroup-util: introduce generic cg_path_from_cgroupid() helper 
Taken from nsresourced/userns-registry.c userns_destroy_cgroup()
 2025-01-04 17:48:22 +01:00
Mike Yuan
223d455670 process-util: make pid_is_unwaited() wrapper around pidref version 2025-01-04 17:48:22 +01:00
Mike Yuan
47f64104d1 process-util: port pidref_get_uid() and pidref_is_my_child() to pidfd helpers 2025-01-04 17:48:22 +01:00
Yu Watanabe
12f77fe058 hostname: read hardware serial from device tree (#35797) 
Closes #35792.
 2025-01-05 01:46:58 +09:00
Mike Yuan
85e7bbfaa4 pidfd-util: introduce pidfd_get_{ppid,uid,cgroupid} which goes via PIDFD_GET_INFO too 2025-01-04 17:08:01 +01:00
Mike Yuan
dcf0ef3f42 pidfd-util: try to translate pidfd -> pid through ioctl(PIDFD_GET_INFO) 2025-01-04 17:08:01 +01:00
Mike Yuan
92b8e5e72f namespace-util: introduce pidref_in_same_namespace() 2025-01-04 17:08:01 +01:00
Mike Yuan
a33f691374 process-util: move namespace_get_leader() to namespace-util 
This allows us to drop the hack for recursive includes.
 2025-01-04 17:08:00 +01:00
Mike Yuan
0577339d7d various: add missing include for namespace-util.h 
Preparation for later commits for removing inclusion
of namespace-util from process-util.h
 2025-01-04 17:08:00 +01:00
Mike Yuan
4cad58788b namespace-util: hook pidref_namespace_open() up with pidfd_get_namespace() 
Supersedes #35308
 2025-01-04 17:08:00 +01:00
Mike Yuan
2f7cd6c70a namespace-util: correct assertion in namespace_is_init() 
Follow-up for 18ead2b03d
 2025-01-04 17:07:59 +01:00
Mike Yuan
07610cafcf namespace-util: modernize fd_is_namespace() and is_our_namespace() 
- Make fd_is_namespace() take NamespaceType
- Drop support for kernel without NS_GET_NSTYPE (< 4.11)
- Port is_our_namespace() to namespace_open_by_type()
  (preparation for later commits, where the latter
  would go by pidfd if available, avoiding procfs)
 2025-01-04 17:07:59 +01:00
Yu Watanabe
1775337a36 namespace-util: refuse remote pidref in pidref_namespace_open() 2025-01-04 17:07:59 +01:00
Mike Yuan
72661e0091 pidfd-util: introduce helper for obtaining ns fd using PIDFD_GET_*_NAMESPACE directly 2025-01-04 17:07:59 +01:00
Mike Yuan
9a7b20b6a6 errno-util: add ERRNO_IS_IOCTL_NOT_SUPPORTED that checks EINVAL additionally 2025-01-04 17:07:58 +01:00
Mike Yuan
5d873679b1 core/socket: include peer pidfd id in socket service instance if available 2025-01-04 17:07:58 +01:00
Mike Yuan
2fa42318c3 pidref: move generic pidfd_get_inode_id() to pidfd-util 
Prompted by 221d6e54c6

Also generalize pidfd_check_pidfs() and expose have_pidfs for later use.
 2025-01-04 17:07:58 +01:00
Mike Yuan
ebddfb0dee basic: introduce missing_pidfd.h 2025-01-04 16:58:13 +01:00