This makes a bond or bridge interface in the degraded-carrier state but has a routable address
handled as routable operational state.
If the carrier is degraded but the address state is routable then the operational state should be
seen as routable and not degraded because that may be the case for bonds if some of the links are down,
but when that happens the bond as whole is still routable.
This also makes operational state to degraded if address state is degraded even if the link state is
degraded-carrier.
Fixes#22713.
mkfs.btrfs refuses to operate on a block device with mounted
partitions, even if doing so is perfectly safe. An example when
this happens is when using systemd-repart with it's --image switch
to add a root partition to a /usr only image. As a workaround until
the issue is fixed, let's hide the information on mounted filesystems
from mkfs.btrfs so it doesn't fail and formats the new filesystem as
expected.
This takes heavy inspiration from @zx2c4 (Jason A. Donenfeld)'s
PR #25531 but changes it considerably, but always going by fd instead of
paths, and only warning about the side file itself and the ESP mount
point, nothing else. This shuld be more than enough and should not be
brittle against concurrent path modifications.
Replaces: #25531
Guard the coverage-related shenanigans from g++ when building the one
C++ unit test we have, so we don't have to make it C++ compatible:
[1573/2109] Compiling C++ object test-bus-vtable-cc.p/src_libsystemd_sd-bus_test-bus-vtable-cc.cc.o
FAILED: test-bus-vtable-cc.p/src_libsystemd_sd-bus_test-bus-vtable-cc.cc.o
ccache c++ -Itest-bus-vtable-cc. ... -c ../src/libsystemd/sd-bus/test-bus-vtable-cc.cc
In file included from <command-line>:
../src/basic/coverage.h:17:15: error: ‘_Noreturn’ does not name a type
17 | static inline _Noreturn void _coverage__exit(int status) {
| ^~~~~~~~~
../src/basic/coverage.h:46:29: error: conflicting declaration of ‘int _coverage_execveat(int, const char*, char* const*, char* const*, int)’ with ‘C’ linkage
46 | #define execveat(d,p,a,e,f) _coverage_execveat(d, p, a, e, f)
| ^~~~~~~~~~~~~~~~~~
../src/basic/coverage.h:34:19: note: previous declaration with ‘C++’ linkage
34 | static inline int _coverage_execveat(
| ^~~~~~~~~~~~~~~~~~
../src/basic/coverage.h:46:29: error: declaration of ‘int _coverage_execveat(int, const char*, char* const*, char* const*, int) noexcept’ has a different exception specifier
46 | #define execveat(d,p,a,e,f) _coverage_execveat(d, p, a, e, f)
| ^~~~~~~~~~~~~~~~~~
../src/basic/coverage.h:34:19: note: from previous declaration ‘int _coverage_execveat(int, const char*, char* const*, char* const*, int)’
34 | static inline int _coverage_execveat(
| ^~~~~~~~~~~~~~~~~~
../src/basic/coverage.h:58:24: error: conflicting declaration of ‘int _coverage_execvpe(const char*, char* const*, char* const*)’ with ‘C’ linkage
58 | #define execvpe(f,a,e) _coverage_execvpe(f, a, e)
| ^~~~~~~~~~~~~~~~~
../src/basic/coverage.h:48:19: note: previous declaration with ‘C++’ linkage
48 | static inline int _coverage_execvpe(
| ^~~~~~~~~~~~~~~~~
../src/basic/coverage.h:58:24: error: declaration of ‘int _coverage_execvpe(const char*, char* const*, char* const*) noexcept’ has a different exception specifier
58 | #define execvpe(f,a,e) _coverage_execvpe(f, a, e)
| ^~~~~~~~~~~~~~~~~
../src/basic/coverage.h:48:19: note: from previous declaration ‘int _coverage_execvpe(const char*, char* const*, char* const*)’
48 | static inline int _coverage_execvpe(
| ^~~~~~~~~~~~~~~~~
[1582/2109] Compiling C object test-event.p/src_libsystemd_sd-event_test-event.c.o
ninja: build stopped: subcommand failed.
The idea is to make it easy to generate all the signing key and certs
that can be used for local signing. The verb is the modeled after
'mkosi genkey', but there are some important differences: we generate
the keys to the paths where they will be read from, both pcr signing
keys and the SecureBoot certificate+key.
If any of the outputs exist, operation is refused. Maybe we could add a
--force option in the future, but this operation should be rare, so I think
it's better to refuse to overwrite anything initially.
I'm only doing a token man page change here.
https://github.com/systemd/systemd/pull/27621 reworks the man page,
and the changes done here would conflict heavily with that work. I'll
submit a follow-up patch later.
Doesn't really matter since the two unicode symbols are supposedly
equivalent, but let's better follow the unicode recommendations to
prefer greek small letter mu, as per:
https://www.unicode.org/reports/tr25
Apparently there are two µ symbols, accept both when parsing.
One is the greek small letter mu (μ) the other is the micro sign (µ).
Unicode recommendation considers both equivalent, and says use of greek
small letter mu is preferred. See:
https://www.unicode.org/reports/tr25
Hence accept both when parsing.
Inspired by: #28029
If multiple devices requested the same device node symlink with the same
priority, then previously we read O(N^2) of files saved in
/run/udev/links.
This makes if the requested symlink already exists with equal or higher
priority, then the symlink is kept, and skip to read all existing files,
except for one related to the current device node, in /run/udev/links.
Hence, the total amount of file read becomes O(N).
This improves performance of testcase_simultaneous_events_2 added by the
previous commit about 30%.
Before (32.8 sec):
```
## 3 iterations start: 11:13:44.690953163
## 3 iterations end: 11:14:17.493974927
```
After (23.8 sec):
```
## 3 iterations start: 11:17:53.869938387
## 3 iterations end: 11:18:17.624268345
```
This is based on the idea and analysis by Franck Bui.
Replaces #25839.
Co-authored-by: Franck Bui <fbui@suse.com>
This means we don't have to do a fallible allocation in the
DecryptedPartitionTarget destructor. Also use log_warning_error_errno()
for the failure we ignore in the destructor.
SOCK_SEQPACKET is only supported on recent kernels. Let's add a
fallback to SOCK_STREAM if it is not supported.
To accomodate SOCK_STREAM, we also modify
pid_notify_with_fds_internal() to do sendmsg() in a loop as with
SOCK_STREAM, sendmsg() is not guaranteed to write all data in a single
syscall or fail otherwise.
This is a rework of #24764 by Cristian Rodríguez
<crodriguez@owncloud.com>, which stalled.
Instead of assigning -1 we'll use a macro defined to INT_MAX however.
The kernel command line may contain newlines which kernel happily
accepts, but we'd ignore everything past the first newline. Let's fix
that by replacing read_one_line_file() with read_full_file().
This changes a boolean param into a proper bitflag field.
Given this only defines a single flag for now this doesn't look like
much of an improvement. But we'll add another flag shortly, where it
starts to make more sense.
It reverse what dns_resource_key_to_json(), i.e. turns JSON data into a
parsed DnsResourceKey object.
Ultimately this just moves a client-side local wrapper into generic
code. Nothing truly new here.
This adds a simple varlink call io.systemd.Resolve.Monitor.DumpCache to
the existing io.systemd.Resolve.Monitor service. It compiles a JSON
object containing the per-scope cache entries and returns it.
Replaces: #20053#19104Fixes: #14796
We are using HandleProtocol everywhere except in these few cases. This
unifies on HandleProtocol as it is simpler to use and equivalent to
OpenProtocol.
The only difference between the two is that OpenProtocol attributes the
opened protocol to a firmware-owned handle instead of our image handle.
This has no real use for regular UEFI applications as any protocols
opened via BY_HANDLE or GET_PROTOCOL is not required to be closed. In
fact, when a protocol is uninstalled it will do nothing more than reduce
the open count for these.
This is identical to json_dispatch_variant() but doesn't increase the
ref counter of the variant. This is useful for taking JSON objects apart
locally without the intention to keep any component pinned for longer
than the local stack frame.
