morgan/systemd
1
0
Fork 0
mirror of https://github.com/morgan9e/systemd synced 2026-04-14 00:14:32 +09:00
Code Issues Packages Projects Releases Wiki Activity
84,078 Commits 1 Branch 0 Tags
aad0d11e7c6f1f7dcc7b00173140c74b8abf88cc
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Lennart Poettering aad0d11e7c dissect-image: when autoprobing insist on vfat for XBOOTLDR 
Let's reduce our attack surface by insisting that XBOOTLDR is vfat when
auto-probing, just like we do for the ESP. Given neither can
realistically be integrity protected (because firmware needs to access
them) let's insist on a vfat which has a much smaller attack surface,
and one we have to accept (for now) anyway, given that the ESP must be
VFAT.

This only applies to auto-probing of course. If people mount things
explicitly via fstab none of this matters. But we really shouldn't
automount a btrfs/xfs/ext4 partition as XBOOTLDR just because it looks
like one, as that would really defeat our otherwise possibly very strict
image policies.

This also introduces a new env var $SYSTEMD_DISSECT_FSTYPE_<DESIGNATOR>
environment variable that may override this hardcoding. This is in
particular useful in our testcases, since various actually do use ext4
as XBOOTLDR case. The tests are updated to make use of the new env var,
both as a mechanism to test this and to keep the tests working.
2025-10-15 08:32:37 +02:00
.clusterfuzzlite
.github
test: enable TEST-06-SELINUX in openSUSE
2025-10-14 17:56:39 +01:00
.obs
ci: stop triggering suse-specific package build on OBS
2025-08-08 18:46:07 +01:00
.semaphore
semaphore-runner: disable cgroup setup in lxc
2025-03-16 15:30:38 +01:00
catalog
meson: using f-strings in meson
2025-10-03 21:21:52 +02:00
coccinelle
tree-wide: use sd_bus_message_send() instead of sd_bus_send() wherever possible
2025-06-24 23:23:40 +09:00
docs
dissect-image: when autoprobing insist on vfat for XBOOTLDR
2025-10-15 08:32:37 +02:00
factory
meson: drop explicit custom_target names
2025-06-28 17:14:50 +02:00
hwdb.d
remove Nulea M501 usb entry from hwdb
2025-10-13 09:44:17 +02:00
LICENSES
licensing: update address of FSF
2025-10-07 13:00:12 +01:00
man
man/systemd.service: Improve OOMPolicy documentation (#39212)
2025-10-10 15:50:56 +02:00
mime
mime: add mimetype for luks home dir
2025-03-07 17:27:20 +01:00
mkosi
mkosi: explicitly pull in libz1 on OpenSUSE
2025-10-14 17:29:58 +01:00
modprobe.d
network
network/dhcp-server: improvements for saving/loading leases (#37835)
2025-06-17 14:31:22 +02:00
po
po: Translated using Weblate (Turkish)
2025-10-04 22:39:07 +02:00
presets
presets: Disable by default for initrd presets
2025-07-04 16:22:27 +01:00
profile.d
Drop machine-id OSC event field if /etc/machine-id doesn't exist
2025-10-09 09:08:13 +02:00
rules.d
udev: create symlinks for s390 PTP devices
2025-10-14 18:31:17 +02:00
shell-completion
bash-completion: update systemd-sysext, systemd-confext
2025-09-26 20:20:49 +02:00
src
dissect-image: when autoprobing insist on vfat for XBOOTLDR
2025-10-15 08:32:37 +02:00
sysctl.d
meson: drop explicit custom_target names
2025-06-28 17:14:50 +02:00
sysusers.d
meson: drop explicit custom_target names
2025-06-28 17:14:50 +02:00
test
dissect-image: when autoprobing insist on vfat for XBOOTLDR
2025-10-15 08:32:37 +02:00
tmpfiles.d
fsck,quotacheck: drop support for traditional /forcefsck, /fastboot, and /forcequotacheck files
2025-07-16 05:47:38 +09:00
tools
Stop specifying license for generated file, instead mark as generated
2025-10-04 18:13:27 +02:00
units
system-systemd\x2dmute\x2dconsole.slice: do not disable default deps
2025-10-07 13:38:21 +02:00
xorg
.clang-format
clang-format: Add include sorting directives
2025-04-30 09:30:33 +02:00
.clang-tidy
clang-tidy: enable bugprone-argument-comment check
2025-06-04 15:50:00 +02:00
.clangd
clangd: Enable UnusedIncludes feature again
2025-05-24 20:57:05 +02:00
.ctags
.dir-locals.el
.editorconfig
chore: fix editorconfig pattern and add setting for zsh
2025-05-30 14:53:45 +09:00
.gitattributes
.gitignore
mkosi: update mkosi commit reference to 7e4ec15aee6b98300b2ee14265bc647a716a9f8a
2025-04-10 02:51:37 +09:00
.mailmap
mailmap: deduplicate Daan
2025-09-17 12:08:03 +02:00
.packit.yml
mkosi: update fedora commit reference to 7de88c66bdc26920db570e67ef74e579f8461d9c
2025-06-16 18:54:08 +01:00
.pylintrc
.vimrc
.ycm_extra_conf.py
tools: consistently use #!/usr/bin/env python3
2025-07-25 12:33:13 +02:00
CITATION.cff
add CITATION.cff file
2025-06-05 14:39:20 +02:00
LICENSE.GPL2
licensing: update address of FSF
2025-10-07 13:00:12 +01:00
LICENSE.LGPL2.1
licensing: update address of FSF
2025-10-07 13:00:12 +01:00
meson_options.txt
firewall-util: remove iptables backend
2025-09-19 15:33:15 +09:00
meson.build
Revert "meson: fail build when encountering unused variables"
2025-10-14 14:40:09 +02:00
meson.version
meson: bump version to 259~devel for next cycle
2025-09-17 13:06:07 +01:00
mypy.ini
NEWS
NEWS: Document new uaccess udev rule priority requirement
2025-10-05 15:47:22 +02:00
README
Revert "Bump required minimum version of libfido2 to 1.5.0" and add missing def instead
2025-09-27 15:46:13 +02:00
README.md
README: update badges
2025-05-22 01:37:05 +09:00
ruff.toml
ruff: Default to python 3.7 version
2025-07-10 18:09:17 +02:00
TODO
update TODO
2025-10-08 12:40:04 +02:00

README.md

Systemd

System and Service Manager

OBS Packages Status
Semaphore CI 2.0 Build Status
Coverity Scan Status
OSS-Fuzz Status
CIFuzz
CII Best Practices
Fossies codespell report
Translation status
Coverage Status
Packaging status
OpenSSF Scorecard

Details

Most documentation is available on systemd's web site.

Assorted, older, general information about systemd can be found in the systemd Wiki.

Information about build requirements is provided in the README file.

Consult our NEWS file for information about what's new in the most recent systemd versions.

Please see the Code Map for information about this repository's layout and content.

Please see the Hacking guide for information on how to hack on systemd and test your modifications.

Please see our Contribution Guidelines for more information about filing GitHub Issues and posting GitHub Pull Requests.

When preparing patches for systemd, please follow our Coding Style Guidelines.

If you are looking for support, please contact our mailing list, join our IRC channel #systemd on libera.chat or Matrix channel

Stable branches with backported patches are available in the stable repo.

We have a security bug bounty program sponsored by the Sovereign Tech Fund hosted on YesWeHack

Repositories with distribution packages built from git main are available on OBS

Reference in New Issue View Git Blame Copy Permalink
Description
No description provided
Readme Cite this repository 321 MiB
Languages
C 89%
Python 5.1%
Shell 4.5%
Meson 1.2%