Compare commits
105 Commits
100f50c59f
...
3f3fab37f8
Author | SHA1 | Date |
---|---|---|
slee649 | 3f3fab37f8 | |
Ani Sinha | 4b356c90dc | |
Léane GRASSER | f28e16d14e | |
Yu Watanabe | 9e05e33871 | |
Lennart Poettering | 95116bdfd5 | |
Lennart Poettering | 2bd290ca02 | |
Yu Watanabe | 1e9fb1d456 | |
Yu Watanabe | 56c761f8c6 | |
Yu Watanabe | b76730f3fe | |
Yu Watanabe | 3dda236c5c | |
Zbigniew Jędrzejewski-Szmek | 5598454a3f | |
Yu Watanabe | 2994ca354b | |
Yu Watanabe | eb14b993bb | |
Christian Hesse | c946b13575 | |
Lennart Poettering | e39cbb1442 | |
Marco Tomaschett | bc4a027f9c | |
Lennart Poettering | d209e197f8 | |
Antonio Alvarez Feijoo | 9ed090230e | |
Luca Boccassi | 9bf6ffe166 | |
Lennart Poettering | 47c5ca237b | |
Lennart Poettering | 7f8a4f12df | |
Lennart Poettering | e412fc5e04 | |
Lennart Poettering | cc6baba720 | |
Lennart Poettering | 3ae48d071c | |
Antonio Alvarez Feijoo | 2ccacdd57c | |
Yu Watanabe | d99198819c | |
Tobias Zimmermann | f70e5620b6 | |
Zbigniew Jędrzejewski-Szmek | 3127c71bf4 | |
Yuri Chornoivan | b153eebfb2 | |
Zbigniew Jędrzejewski-Szmek | 2c06e40ae9 | |
Zbigniew Jędrzejewski-Szmek | 5ca9149464 | |
Luca Boccassi | b7eefa1996 | |
Luca Boccassi | 2e5b0412f9 | |
Martin Srebotnjak | 69af4849aa | |
Jiri Grönroos | 18d4e0be89 | |
Dmytro Markevych | 7d7b89a015 | |
Léane GRASSER | 8a92365f79 | |
Yu Watanabe | 2b397d43ab | |
Yu Watanabe | 9ad294efd0 | |
Lennart Poettering | f6793bbcf0 | |
Mike Yuan | f87863a8ff | |
Antonio Alvarez Feijoo | 58c3c2886d | |
Daan De Meyer | dbbe895807 | |
Yu Watanabe | 52b0351a15 | |
Luca Boccassi | fe077a1a58 | |
Xuanjun Wen | a526b9ddfc | |
Mike Yuan | 804dd670d1 | |
Lennart Poettering | d5bb359429 | |
Antonio Alvarez Feijoo | a04d42821b | |
Luca Boccassi | 987156769b | |
Antonio Alvarez Feijoo | 2b251491de | |
Lennart Poettering | 12b06fef7a | |
Yaron Shahrabani | dd7bc02ee6 | |
Mantas Mikulėnas | 2424a67c02 | |
Lennart Poettering | ebe37f771c | |
Lennart Poettering | ac8e381e26 | |
Zbigniew Jędrzejewski-Szmek | 574a04f62a | |
Lennart Poettering | ec97125a7e | |
Lennart Poettering | 54646b1ca9 | |
Federico Giovanardi | 0c851a58f7 | |
Mike Yuan | b718b86e1b | |
Mike Yuan | d911778877 | |
Mike Yuan | eea9d3eb10 | |
Mike Yuan | 579ce77ead | |
Daan De Meyer | 70bb29db62 | |
Lennart Poettering | cc74edd861 | |
Yu Watanabe | c295b558bf | |
Yu Watanabe | 16ccdc3748 | |
Yu Watanabe | 25688f8d5a | |
Yu Watanabe | cb3243460b | |
Yu Watanabe | c8ddd5ff72 | |
Zbigniew Jędrzejewski-Szmek | 5e7e4e4d49 | |
Yu Watanabe | 4d9cac56db | |
Yu Watanabe | 85a1360ecf | |
Yu Watanabe | ec0847f8fb | |
Yu Watanabe | efb158a11b | |
Michał Górny | 7fd70a5326 | |
Yaron Shahrabani | 2b60615a41 | |
Weblate Translation Memory | d0ac6be44b | |
Ettore Atalan | 6b5ce5d6cc | |
Sergey A | 033ee241b7 | |
Luca Boccassi | 72cfd2def6 | |
Daan De Meyer | ac2cdd8d09 | |
Daan De Meyer | 59cd621733 | |
Daan De Meyer | c36a963956 | |
Luca Boccassi | 248eeec612 | |
Luca Boccassi | a66fd4ac9f | |
anonymix007 | 61d6075775 | |
Daan De Meyer | f2ac4458f0 | |
Zbigniew Jędrzejewski-Szmek | 10ed6d91cb | |
Luca Boccassi | 69cd0f4781 | |
Luca Boccassi | 7751bfb179 | |
Luca Boccassi | d182ada2c2 | |
Federico Giovanardi | 55980446c3 | |
Frantisek Sumsal | 238ddac165 | |
Lennart Poettering | be6e599935 | |
Lennart Poettering | bae936b418 | |
Lennart Poettering | 4b20ae9a0e | |
Daan De Meyer | 1a077e05fb | |
Lennart Poettering | 9386bcc2da | |
Yu Watanabe | dd54e63429 | |
Luca Boccassi | 893aa45886 | |
Luca Boccassi | 32a14422ec | |
anonymix007 | 0333b9d589 | |
anonymix007 | fa258f7729 |
93
NEWS
93
NEWS
|
@ -399,6 +399,15 @@ CHANGES WITH 257 in spe:
|
|||
be extended, and a --measure-base= switch to support measurement
|
||||
of multi-profile UKIs.
|
||||
|
||||
* ukify gained a --certificate-provider switch to use an OpenSSL
|
||||
provider to load the certificate used to sign artifacts, instead of
|
||||
having to provide the path to a file on disk.
|
||||
|
||||
* bootctl, systemd-keyutil, systemd-measure, systemd-repart, and
|
||||
systemd-sbsign gained a new --certificate-source switch that allows
|
||||
loading the X.509 certificate from an OpenSSL provider instead of a
|
||||
file system path.
|
||||
|
||||
* systemd-boot's menu will now react to volume up/down rocker presses
|
||||
the same way as to arrow up/down presses: they move the menu item up
|
||||
or down. This is useful on device form factors that have only a
|
||||
|
@ -437,6 +446,9 @@ CHANGES WITH 257 in spe:
|
|||
and providers, with pin caching support for PKCS11. ukify supports it
|
||||
as an alternative to sbsigntool and pesign.
|
||||
|
||||
* A new systemd-keyutil tool has been added, that can be used to perform
|
||||
various operations on private keys and X.509 certificates.
|
||||
|
||||
The journal:
|
||||
|
||||
* journalctl can now list invocations of a unit with the
|
||||
|
@ -752,36 +764,38 @@ CHANGES WITH 257 in spe:
|
|||
other cases EnterNamespace= might be an suitable approach to acquire
|
||||
symbolized backtraces.)
|
||||
|
||||
Contributions from: A. Wilcox, Abderrahim Kitouni, Adrian Vovk,
|
||||
Alain Greppin, Allison Karlitskaya, Alyssa Ross, Anders Jonsson,
|
||||
Andika Triwidada, Andres Beltran, Anouk Ceyssens, Anton Golubev,
|
||||
Antonio Alvarez Feijoo, Arian van Putten, Arnaud Patard,
|
||||
Arthur Shau, Bastien Nocera, Benjamin ROBIN, Brenton Simpson,
|
||||
Bryan Gurney, ButterflyOfFire, Carlo Teubner, Celeste Liu,
|
||||
Chen Guanqiao, Chen Qi, Chengen Du, Christoph Anton Mitterer,
|
||||
Colin Foster, Collin L, Cristian Rodríguez, Daan De Meyer,
|
||||
Dan Nicholson, Daniel Dawson, Daniel Martinez,
|
||||
Daniel P. Berrangé, Daniel Rusek, Darsey Litzenberger,
|
||||
David Joaquín Shourabi Porcel, David Michael, David Rheinsberg,
|
||||
David Tardon, Davide Cavalca, Derek J. Clark, Diego Viola,
|
||||
Dimitrys Meliates, Diogo Ivo, DocNITE, Dominique Martinet,
|
||||
Dr. David Alan Gilbert, Edson Juliano Drosdeck, Erik Sjölund,
|
||||
Etienne Champetier, Etienne Cordonnier, Ettore Atalan,
|
||||
Eugeny Shcheglov, Fabian Vogt, Filip Lewiński, Florian Schmaus,
|
||||
Franck Bui, Frantisek Sumsal, Fábio Rodrigues Ribeiro,
|
||||
Gabriel Elyas, Gaël PORTAY, Giovanni Baratta, Gregor Herburger,
|
||||
Gregory Arenius, GwynBleidD, Göran Uddeborg, Hans de Goede,
|
||||
Helmut Grohne, Henry Chen, Ian Abbott, Integral, Ivan Kruglov,
|
||||
Ivan Shapovalov, James Coglan, James Hilliard, James Muir,
|
||||
Jason Yundt, Jeffrey Bosboom, Johannes Schneider,
|
||||
John A. Leuenhagen, Jose Ignacio Tornos Martinez, JoseskVolpe,
|
||||
Joshua Grisham, Jörg Behrmann, Kai-Chuan Hsieh, Kamil Szczęk,
|
||||
Karel Zak, Kornilios Kourtis, Kuntal Majumder, Lennart Poettering,
|
||||
Luca Boccassi, Lucas Adriano Salles, Lucas Werkmeister,
|
||||
Ludwig Nussel, Luke T. Shumaker, Lukáš Nykrýn, Léane GRASSER,
|
||||
Maanya Goenka, Mantas Mikulėnas, Marc Reisner, Marcel Hellwig,
|
||||
Marin Kresic, Marius Hoch, Martin Srebotnjak, Martin Wilck,
|
||||
Mary Strodl, Matteo Croce, Matthias Lisin, Matthias Schiffer,
|
||||
Contributions from: 12paper, A. Wilcox, Abderrahim Kitouni,
|
||||
Adrian Vovk, Alain Greppin, Allison Karlitskaya, Alyssa Ross,
|
||||
Anders Jonsson, Andika Triwidada, Andres Beltran, Anouk Ceyssens,
|
||||
Anselm Schueler, Anton Golubev, Antonio Alvarez Feijoo,
|
||||
Arian van Putten, Arnaud Patard, Arthur Shau, Bastien Nocera,
|
||||
Benjamin ROBIN, Brenton Simpson, Bryan Gurney, ButterflyOfFire,
|
||||
Carlo Teubner, Celeste Liu, Chen Guanqiao, Chen Qi, Chengen Du,
|
||||
Christoph Anton Mitterer, Colin Foster, Collin L,
|
||||
Cristian Rodríguez, Daan De Meyer, Dan Nicholson, Daniel Dawson,
|
||||
Daniel Martinez, Daniel P. Berrangé, Daniel Rusek,
|
||||
Darsey Litzenberger, David Joaquín Shourabi Porcel,
|
||||
David Michael, David Rheinsberg, David Tardon, Davide Cavalca,
|
||||
Derek J. Clark, Diego Viola, Dimitrys Meliates, Diogo Ivo,
|
||||
DocNITE, Dominique Martinet, Dr. David Alan Gilbert,
|
||||
Edson Juliano Drosdeck, Erik Sjölund, Etienne Champetier,
|
||||
Etienne Cordonnier, Ettore Atalan, Eugeny Shcheglov, Fabian Vogt,
|
||||
Filip Lewiński, Florian Schmaus, Franck Bui, Frantisek Sumsal,
|
||||
Fábio Rodrigues Ribeiro, Gabriel Elyas, Gaël PORTAY,
|
||||
Giovanni Baratta, Gregor Herburger, Gregory Arenius, GwynBleidD,
|
||||
Göran Uddeborg, Hans de Goede, Helmut Grohne, Henry Chen,
|
||||
Ian Abbott, Integral, Ivan Kruglov, Ivan Shapovalov, James Coglan,
|
||||
James Hilliard, James Muir, Jason Yundt, Jeffrey Bosboom,
|
||||
Jian Zhang, Johannes Schneider, John A. Leuenhagen,
|
||||
Jose Ignacio Tornos Martinez, JoseskVolpe, Joshua Grisham,
|
||||
Jörg Behrmann, Kai-Chuan Hsieh, Kamil Szczęk, Karel Zak,
|
||||
Kornilios Kourtis, Kuntal Majumder, Lennart Poettering,
|
||||
Lidong Zhong, Luca Boccassi, Lucas Adriano Salles,
|
||||
Lucas Werkmeister, Ludwig Nussel, Luke T. Shumaker,
|
||||
Lukáš Nykrýn, Luna Jernberg, Léane GRASSER, Maanya Goenka,
|
||||
Mantas Mikulėnas, Marc Reisner, Marcel Hellwig, Marin Kresic,
|
||||
Marius Hoch, Martin Srebotnjak, Martin Wilck, Mary Strodl,
|
||||
Matteo Croce, Matthias Lisin, Matthias Schiffer,
|
||||
Matthieu Baerts (NGI0), Matthieu CHARETTE,
|
||||
Mauri de Souza Meneguzzo, Maximilian Wilhelm, Merlin Jehli,
|
||||
Michael Ferrari, Michal Koutný, Michal Sekletár,
|
||||
|
@ -795,16 +809,17 @@ CHANGES WITH 257 in spe:
|
|||
Stuart Hayhurst, Susant Sahani, Takeo Kondo, Temuri Doghonadze,
|
||||
Thomas Blume, Thorsten Scherer, Tobias Fleig, Tom Coldrick,
|
||||
Tom Yan, Tomas Bzatek, Topi Miettinen, Uday Shankar,
|
||||
Vasiliy Kovalev, Vitaly Kuznetsov, Vito Caputo, Vladimir Panteleev,
|
||||
Will Fancher, WilliButz, Xeonacid, Yanqing Jing, Yu Watanabe,
|
||||
Yuri Chornoivan, ZHANG Yuntian, Zbigniew Jędrzejewski-Szmek,
|
||||
Zhou Qiankang, anonymix007, bryango, chayleaf, chenjiayi, csp5me,
|
||||
cvlc12, fwfy, hugo303, jan@neighbourhood.ie, jauge-technica, lumingzh,
|
||||
maia x., marginaldev, migleeson, nerdopolis, oldherl, pyfisch, q66,
|
||||
rajmohan r, reDBo0n, rhellstrom, rindeal, samuelvw01, sinus-x, tfg13,
|
||||
vdovhanych, xujing, Łukasz Stelmach, Дамјан Георгиевски
|
||||
Valentin David, Vasiliy Kovalev, Vitaly Kuznetsov, Vito Caputo,
|
||||
Vladimir Panteleev, Vursc, Will Fancher, WilliButz, Xeonacid,
|
||||
Yanqing Jing, Yu Watanabe, Yuri Chornoivan, ZHANG Yuntian,
|
||||
Zbigniew Jędrzejewski-Szmek, Zhou Qiankang, andre4ik3, anonymix007,
|
||||
bryango, chayleaf, chenjiayi, csp5me, cvlc12, fwfy, hugo303,
|
||||
jan@neighbourhood.ie, jauge-technica, lumingzh, maia x., marginaldev,
|
||||
migleeson, nerdopolis, oldherl, pyfisch, q66, rajmohan r, reDBo0n,
|
||||
rhellstrom, rindeal, samuelvw01, sinus-x, tfg13, vdovhanych, xujing,
|
||||
Łukasz Stelmach, Štěpán Němec, Дамјан Георгиевски
|
||||
|
||||
— Edinburgh, 2024-11-06
|
||||
— Edinburgh, 2024-11-15
|
||||
|
||||
CHANGES WITH 256:
|
||||
|
||||
|
|
14
TODO
14
TODO
|
@ -129,6 +129,20 @@ Deprecations and removals:
|
|||
|
||||
Features:
|
||||
|
||||
* Teach systemd-ssh-generator to generated an /run/issue.d/ drop-in telling
|
||||
users how to connect to the system via the AF_VSOCK, as per:
|
||||
https://github.com/systemd/systemd/issues/35071#issuecomment-2462803142
|
||||
|
||||
* maybe introduce an OSC sequence that signals when we ask for a password, so
|
||||
that terminal emulators can maybe connect a password manager or so, and
|
||||
highlight things specially.
|
||||
|
||||
* Port pidref_namespace_open() to use PIDFD_GET_MNT_NAMESPACE and related
|
||||
ioctls to get nsfds directly from pidfds.
|
||||
|
||||
* start using STATX_SUBVOL in btrfs_is_subvol(). Also, make use of it
|
||||
generically, so that image discovery recognizes bcachefs subvols too.
|
||||
|
||||
* format-table: introduce new cell type for strings with ansi sequences in
|
||||
them. display them in regular output mode (via strip_tab_ansi()), but
|
||||
suppress them in json mode.
|
||||
|
|
|
@ -36123,7 +36123,7 @@ OUI:00A044*
|
|||
ID_OUI_FROM_DATABASE=NTT IT CO., LTD.
|
||||
|
||||
OUI:00A045*
|
||||
ID_OUI_FROM_DATABASE=PHOENIX CONTACT Electronics GmbH
|
||||
ID_OUI_FROM_DATABASE=Phoenix Contact GmbH & Co. KG
|
||||
|
||||
OUI:00A046*
|
||||
ID_OUI_FROM_DATABASE=SCITEX CORP. LTD.
|
||||
|
@ -40088,6 +40088,9 @@ OUI:044707*
|
|||
OUI:04472A*
|
||||
ID_OUI_FROM_DATABASE=Palo Alto Networks
|
||||
|
||||
OUI:0447CA*
|
||||
ID_OUI_FROM_DATABASE=GREE ELECTRIC APPLIANCES, INC. OF ZHUHAI
|
||||
|
||||
OUI:04489A*
|
||||
ID_OUI_FROM_DATABASE=Apple, Inc.
|
||||
|
||||
|
@ -40556,6 +40559,9 @@ OUI:04AC44*
|
|||
OUI:04AEC7*
|
||||
ID_OUI_FROM_DATABASE=Marquardt
|
||||
|
||||
OUI:04B066*
|
||||
ID_OUI_FROM_DATABASE=Private
|
||||
|
||||
OUI:04B0E7*
|
||||
ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD
|
||||
|
||||
|
@ -43058,12 +43064,30 @@ OUI:0C47A90*
|
|||
OUI:0C47A91*
|
||||
ID_OUI_FROM_DATABASE=Shanghai BST Electric Co.,ltd
|
||||
|
||||
OUI:0C47A92*
|
||||
ID_OUI_FROM_DATABASE=Annapurna labs
|
||||
|
||||
OUI:0C47A93*
|
||||
ID_OUI_FROM_DATABASE=HONGKONG STONEOIM TECHNOLOGY LIMITED
|
||||
|
||||
OUI:0C47A94*
|
||||
ID_OUI_FROM_DATABASE=Private
|
||||
|
||||
OUI:0C47A95*
|
||||
ID_OUI_FROM_DATABASE=Everon Co., Ltd.
|
||||
|
||||
OUI:0C47A96*
|
||||
ID_OUI_FROM_DATABASE=Shenzhen Hahappylife Innovations Electronics Technology Co.,Ltd
|
||||
|
||||
OUI:0C47A97*
|
||||
ID_OUI_FROM_DATABASE=Annapurna labs
|
||||
|
||||
OUI:0C47A98*
|
||||
ID_OUI_FROM_DATABASE=Honest Networks LLC
|
||||
|
||||
OUI:0C47A99*
|
||||
ID_OUI_FROM_DATABASE=Shanghai Sigen New Energy Technology Co., Ltd
|
||||
|
||||
OUI:0C47A9A*
|
||||
ID_OUI_FROM_DATABASE=Lens Technology (Xiangtan) Co.,Ltd
|
||||
|
||||
|
@ -43076,6 +43100,9 @@ OUI:0C47A9C*
|
|||
OUI:0C47A9D*
|
||||
ID_OUI_FROM_DATABASE=DIG_LINK
|
||||
|
||||
OUI:0C47A9E*
|
||||
ID_OUI_FROM_DATABASE=BGResearch
|
||||
|
||||
OUI:0C47C9*
|
||||
ID_OUI_FROM_DATABASE=Amazon Technologies Inc.
|
||||
|
||||
|
@ -43598,6 +43625,9 @@ OUI:0C9301*
|
|||
OUI:0C938F*
|
||||
ID_OUI_FROM_DATABASE=GUANGDONG OPPO MOBILE TELECOMMUNICATIONS CORP.,LTD
|
||||
|
||||
OUI:0C93A5*
|
||||
ID_OUI_FROM_DATABASE=eero inc.
|
||||
|
||||
OUI:0C93FB*
|
||||
ID_OUI_FROM_DATABASE=BNS Solutions
|
||||
|
||||
|
@ -44027,6 +44057,9 @@ OUI:0CEC84*
|
|||
OUI:0CEC8D*
|
||||
ID_OUI_FROM_DATABASE=Motorola Mobility LLC, a Lenovo Company
|
||||
|
||||
OUI:0CED71*
|
||||
ID_OUI_FROM_DATABASE=Extreme Networks Headquarters
|
||||
|
||||
OUI:0CEDC8*
|
||||
ID_OUI_FROM_DATABASE=Xiaomi Communications Co Ltd
|
||||
|
||||
|
@ -46211,6 +46244,9 @@ OUI:147F67*
|
|||
OUI:147FCE*
|
||||
ID_OUI_FROM_DATABASE=Apple, Inc.
|
||||
|
||||
OUI:1480CC*
|
||||
ID_OUI_FROM_DATABASE=Quectel Wireless Solutions Co.,Ltd.
|
||||
|
||||
OUI:14825B*
|
||||
ID_OUI_FROM_DATABASE=Hefei Radio Communication Technology Co., Ltd
|
||||
|
||||
|
@ -47297,6 +47333,9 @@ OUI:1869DA*
|
|||
OUI:186A81*
|
||||
ID_OUI_FROM_DATABASE=Sagemcom Broadband SAS
|
||||
|
||||
OUI:186BE2*
|
||||
ID_OUI_FROM_DATABASE=LYLINK LIMITED
|
||||
|
||||
OUI:186D99*
|
||||
ID_OUI_FROM_DATABASE=Adanis Inc.
|
||||
|
||||
|
@ -48560,6 +48599,9 @@ OUI:1C4D70*
|
|||
OUI:1C4D89*
|
||||
ID_OUI_FROM_DATABASE=Hangzhou Huacheng Network Technology Co.,Ltd
|
||||
|
||||
OUI:1C4EA2*
|
||||
ID_OUI_FROM_DATABASE=Shenzhen V-Link Technology CO., LTD.
|
||||
|
||||
OUI:1C501E*
|
||||
ID_OUI_FROM_DATABASE=Sunplus Technology Co., Ltd.
|
||||
|
||||
|
@ -48809,6 +48851,9 @@ OUI:1C77F6*
|
|||
OUI:1C7839*
|
||||
ID_OUI_FROM_DATABASE=Shenzhen Tencent Computer System Co., Ltd.
|
||||
|
||||
OUI:1C784B*
|
||||
ID_OUI_FROM_DATABASE=Bouffalo Lab (Nanjing) Co., Ltd.
|
||||
|
||||
OUI:1C784E*
|
||||
ID_OUI_FROM_DATABASE=China Mobile Iot Limited company
|
||||
|
||||
|
@ -49145,6 +49190,9 @@ OUI:1C937C*
|
|||
OUI:1C93C4*
|
||||
ID_OUI_FROM_DATABASE=Amazon Technologies Inc.
|
||||
|
||||
OUI:1C9468*
|
||||
ID_OUI_FROM_DATABASE=New H3C Technologies Co., Ltd
|
||||
|
||||
OUI:1C9492*
|
||||
ID_OUI_FROM_DATABASE=RUAG Schweiz AG
|
||||
|
||||
|
@ -51335,6 +51383,9 @@ OUI:24470E*
|
|||
OUI:244845*
|
||||
ID_OUI_FROM_DATABASE=Hangzhou Hikvision Digital Technology Co.,Ltd.
|
||||
|
||||
OUI:244885*
|
||||
ID_OUI_FROM_DATABASE=Huawei Device Co., Ltd.
|
||||
|
||||
OUI:24497B*
|
||||
ID_OUI_FROM_DATABASE=Innovative Converged Devices Inc
|
||||
|
||||
|
@ -53387,6 +53438,9 @@ OUI:28DB81*
|
|||
OUI:28DBA7*
|
||||
ID_OUI_FROM_DATABASE=Silicon Laboratories
|
||||
|
||||
OUI:28DE1C*
|
||||
ID_OUI_FROM_DATABASE=Samsung Electronics Co.,Ltd
|
||||
|
||||
OUI:28DE59*
|
||||
ID_OUI_FROM_DATABASE=Domus NTW CORP.
|
||||
|
||||
|
@ -54396,7 +54450,7 @@ OUI:2C691D3*
|
|||
ID_OUI_FROM_DATABASE=Sunsa, Inc
|
||||
|
||||
OUI:2C691D4*
|
||||
ID_OUI_FROM_DATABASE=SPEEDTECH CORP.
|
||||
ID_OUI_FROM_DATABASE=SPEEDTECH CORP. JIO
|
||||
|
||||
OUI:2C691D5*
|
||||
ID_OUI_FROM_DATABASE=LG Electronics Inc.
|
||||
|
@ -55172,6 +55226,9 @@ OUI:2CFFEE*
|
|||
OUI:3000FC*
|
||||
ID_OUI_FROM_DATABASE=Nokia
|
||||
|
||||
OUI:3001AF*
|
||||
ID_OUI_FROM_DATABASE=Cisco Systems, Inc
|
||||
|
||||
OUI:3003C8*
|
||||
ID_OUI_FROM_DATABASE=CLOUD NETWORK TECHNOLOGY SINGAPORE PTE. LTD.
|
||||
|
||||
|
@ -56345,6 +56402,9 @@ OUI:30E3D6*
|
|||
OUI:30E48E*
|
||||
ID_OUI_FROM_DATABASE=Vodafone UK
|
||||
|
||||
OUI:30E4D8*
|
||||
ID_OUI_FROM_DATABASE=Huawei Device Co., Ltd.
|
||||
|
||||
OUI:30E4DB*
|
||||
ID_OUI_FROM_DATABASE=Cisco Systems, Inc
|
||||
|
||||
|
@ -56360,6 +56420,9 @@ OUI:30E98E*
|
|||
OUI:30EA26*
|
||||
ID_OUI_FROM_DATABASE=Sycada BV
|
||||
|
||||
OUI:30EB15*
|
||||
ID_OUI_FROM_DATABASE=Huawei Device Co., Ltd.
|
||||
|
||||
OUI:30EB1F*
|
||||
ID_OUI_FROM_DATABASE=Skylab M&C Technology Co.,Ltd
|
||||
|
||||
|
@ -57137,6 +57200,9 @@ OUI:346F92*
|
|||
OUI:346FED*
|
||||
ID_OUI_FROM_DATABASE=Enovation Controls
|
||||
|
||||
OUI:347069*
|
||||
ID_OUI_FROM_DATABASE=Cisco Systems, Inc
|
||||
|
||||
OUI:347146*
|
||||
ID_OUI_FROM_DATABASE=Huawei Device Co., Ltd.
|
||||
|
||||
|
@ -57887,6 +57953,9 @@ OUI:34F39A*
|
|||
OUI:34F39B*
|
||||
ID_OUI_FROM_DATABASE=WizLAN Ltd.
|
||||
|
||||
OUI:34F5D7*
|
||||
ID_OUI_FROM_DATABASE=Huawei Device Co., Ltd.
|
||||
|
||||
OUI:34F62D*
|
||||
ID_OUI_FROM_DATABASE=SHARP Corporation
|
||||
|
||||
|
@ -58382,6 +58451,9 @@ OUI:384C4F*
|
|||
OUI:384C90*
|
||||
ID_OUI_FROM_DATABASE=Commscope
|
||||
|
||||
OUI:384DD2*
|
||||
ID_OUI_FROM_DATABASE=Huawei Device Co., Ltd.
|
||||
|
||||
OUI:384F49*
|
||||
ID_OUI_FROM_DATABASE=Juniper Networks
|
||||
|
||||
|
@ -60650,6 +60722,9 @@ OUI:3CE624*
|
|||
OUI:3CE824*
|
||||
ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD
|
||||
|
||||
OUI:3CE86E*
|
||||
ID_OUI_FROM_DATABASE=Hewlett Packard Enterprise
|
||||
|
||||
OUI:3CE90E*
|
||||
ID_OUI_FROM_DATABASE=Espressif Inc.
|
||||
|
||||
|
@ -62984,6 +63059,9 @@ OUI:44AAE8*
|
|||
OUI:44AAF5*
|
||||
ID_OUI_FROM_DATABASE=Commscope
|
||||
|
||||
OUI:44AC85*
|
||||
ID_OUI_FROM_DATABASE=eero inc.
|
||||
|
||||
OUI:44AD19*
|
||||
ID_OUI_FROM_DATABASE=XINGFEI (H.K)LIMITED
|
||||
|
||||
|
@ -63356,6 +63434,9 @@ OUI:44F477*
|
|||
OUI:44F4E7*
|
||||
ID_OUI_FROM_DATABASE=Cohesity Inc
|
||||
|
||||
OUI:44F53E*
|
||||
ID_OUI_FROM_DATABASE=Earda Technologies co Ltd
|
||||
|
||||
OUI:44F770*
|
||||
ID_OUI_FROM_DATABASE=Beijing Xiaomi Mobile Software Co., Ltd
|
||||
|
||||
|
@ -67448,6 +67529,9 @@ OUI:50E039*
|
|||
OUI:50E085*
|
||||
ID_OUI_FROM_DATABASE=Intel Corporate
|
||||
|
||||
OUI:50E099*
|
||||
ID_OUI_FROM_DATABASE=HangZhou Atuo Future Technology Co., Ltd
|
||||
|
||||
OUI:50E0C7*
|
||||
ID_OUI_FROM_DATABASE=TurControlSystme AG
|
||||
|
||||
|
@ -68237,6 +68321,9 @@ OUI:547D40*
|
|||
OUI:547DCD*
|
||||
ID_OUI_FROM_DATABASE=Texas Instruments
|
||||
|
||||
OUI:547E1A*
|
||||
ID_OUI_FROM_DATABASE=Kaon Group Co., Ltd.
|
||||
|
||||
OUI:547F54*
|
||||
ID_OUI_FROM_DATABASE=INGENICO
|
||||
|
||||
|
@ -69941,6 +70028,9 @@ OUI:58DB8D*
|
|||
OUI:58DC6D*
|
||||
ID_OUI_FROM_DATABASE=Exceptional Innovation, Inc.
|
||||
|
||||
OUI:58DF59*
|
||||
ID_OUI_FROM_DATABASE=Cisco Systems, Inc
|
||||
|
||||
OUI:58E02C*
|
||||
ID_OUI_FROM_DATABASE=Micro Technic A/S
|
||||
|
||||
|
@ -70085,6 +70175,9 @@ OUI:58F987*
|
|||
OUI:58F98E*
|
||||
ID_OUI_FROM_DATABASE=SECUDOS GmbH
|
||||
|
||||
OUI:58FB3E*
|
||||
ID_OUI_FROM_DATABASE=Huawei Device Co., Ltd.
|
||||
|
||||
OUI:58FB84*
|
||||
ID_OUI_FROM_DATABASE=Intel Corporate
|
||||
|
||||
|
@ -74438,6 +74531,9 @@ OUI:684F64*
|
|||
OUI:68505D*
|
||||
ID_OUI_FROM_DATABASE=Halo Technologies
|
||||
|
||||
OUI:68508C*
|
||||
ID_OUI_FROM_DATABASE=Shanghai Sunmi Technology Co.,Ltd.
|
||||
|
||||
OUI:685134*
|
||||
ID_OUI_FROM_DATABASE=Hewlett Packard Enterprise
|
||||
|
||||
|
@ -74849,6 +74945,9 @@ OUI:689A87*
|
|||
OUI:689AB7*
|
||||
ID_OUI_FROM_DATABASE=Atelier Vision Corporation
|
||||
|
||||
OUI:689B43*
|
||||
ID_OUI_FROM_DATABASE=Huawei Device Co., Ltd.
|
||||
|
||||
OUI:689C5E*
|
||||
ID_OUI_FROM_DATABASE=AcSiP Technology Corp.
|
||||
|
||||
|
@ -94458,7 +94557,7 @@ OUI:7CBD06*
|
|||
ID_OUI_FROM_DATABASE=AE REFUsol
|
||||
|
||||
OUI:7CBF77*
|
||||
ID_OUI_FROM_DATABASE=SPEEDTECH CORP.
|
||||
ID_OUI_FROM_DATABASE=SPEEDTECH CORP. JIO
|
||||
|
||||
OUI:7CBF88*
|
||||
ID_OUI_FROM_DATABASE=Mobilicom LTD
|
||||
|
@ -95102,6 +95201,9 @@ OUI:802E14*
|
|||
OUI:802EC3*
|
||||
ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD
|
||||
|
||||
OUI:802EDE*
|
||||
ID_OUI_FROM_DATABASE=Huawei Device Co., Ltd.
|
||||
|
||||
OUI:802FDE*
|
||||
ID_OUI_FROM_DATABASE=Zurich Instruments AG
|
||||
|
||||
|
@ -95177,6 +95279,9 @@ OUI:803C20*
|
|||
OUI:803E48*
|
||||
ID_OUI_FROM_DATABASE=SHENZHEN GONGJIN ELECTRONICS CO.,LT
|
||||
|
||||
OUI:803E4F*
|
||||
ID_OUI_FROM_DATABASE=GD Midea Air-Conditioning Equipment Co.,Ltd.
|
||||
|
||||
OUI:803F5D*
|
||||
ID_OUI_FROM_DATABASE=Winstars Technology Ltd
|
||||
|
||||
|
@ -95426,6 +95531,9 @@ OUI:8077A4*
|
|||
OUI:807871*
|
||||
ID_OUI_FROM_DATABASE=ASKEY COMPUTER CORP
|
||||
|
||||
OUI:807933*
|
||||
ID_OUI_FROM_DATABASE=Aigentec Technology(Zhejiang) Co., Ltd.
|
||||
|
||||
OUI:80795D*
|
||||
ID_OUI_FROM_DATABASE=Infinix mobility limited
|
||||
|
||||
|
@ -97790,6 +97898,9 @@ OUI:884477*
|
|||
OUI:8844F6*
|
||||
ID_OUI_FROM_DATABASE=Nokia Corporation
|
||||
|
||||
OUI:8845F0*
|
||||
ID_OUI_FROM_DATABASE=GUANGDONG GENIUS TECHNOLOGY CO., LTD.
|
||||
|
||||
OUI:884604*
|
||||
ID_OUI_FROM_DATABASE=Xiaomi Communications Co Ltd
|
||||
|
||||
|
@ -99572,6 +99683,9 @@ OUI:8C1F64154*
|
|||
OUI:8C1F64155*
|
||||
ID_OUI_FROM_DATABASE=SLAT
|
||||
|
||||
OUI:8C1F64159*
|
||||
ID_OUI_FROM_DATABASE=Mediana Co., Ltd.
|
||||
|
||||
OUI:8C1F6415A*
|
||||
ID_OUI_FROM_DATABASE=ASHIDA Electronics Pvt. Ltd
|
||||
|
||||
|
@ -99698,6 +99812,9 @@ OUI:8C1F641B9*
|
|||
OUI:8C1F641BB*
|
||||
ID_OUI_FROM_DATABASE=Renwei Electronics Technology (Shenzhen) Co.,LTD.
|
||||
|
||||
OUI:8C1F641BC*
|
||||
ID_OUI_FROM_DATABASE=Transit Solutions, LLC.
|
||||
|
||||
OUI:8C1F641BD*
|
||||
ID_OUI_FROM_DATABASE=DORLET SAU
|
||||
|
||||
|
@ -99797,6 +99914,9 @@ OUI:8C1F64203*
|
|||
OUI:8C1F64204*
|
||||
ID_OUI_FROM_DATABASE=castcore
|
||||
|
||||
OUI:8C1F64206*
|
||||
ID_OUI_FROM_DATABASE=KRYFS TECHNOLOGIES PRIVATE LIMITED
|
||||
|
||||
OUI:8C1F64208*
|
||||
ID_OUI_FROM_DATABASE=Sichuan AnSphere Technology Co. Ltd.
|
||||
|
||||
|
@ -100373,6 +100493,9 @@ OUI:8C1F64392*
|
|||
OUI:8C1F64393*
|
||||
ID_OUI_FROM_DATABASE=GRE SYSTEM INC.
|
||||
|
||||
OUI:8C1F64394*
|
||||
ID_OUI_FROM_DATABASE=Ceranext Ltd
|
||||
|
||||
OUI:8C1F64395*
|
||||
ID_OUI_FROM_DATABASE=Beijing Ceresdata Technology Co., LTD
|
||||
|
||||
|
@ -100565,6 +100688,9 @@ OUI:8C1F64417*
|
|||
OUI:8C1F64419*
|
||||
ID_OUI_FROM_DATABASE=Naval Group
|
||||
|
||||
OUI:8C1F6441B*
|
||||
ID_OUI_FROM_DATABASE=ENERGY POWER PRODUCTS LIMITED
|
||||
|
||||
OUI:8C1F6441C*
|
||||
ID_OUI_FROM_DATABASE=KSE GmbH
|
||||
|
||||
|
@ -102014,6 +102140,9 @@ OUI:8C1F64803*
|
|||
OUI:8C1F64804*
|
||||
ID_OUI_FROM_DATABASE=EA Elektro-Automatik
|
||||
|
||||
OUI:8C1F64806*
|
||||
ID_OUI_FROM_DATABASE=Matrixspace
|
||||
|
||||
OUI:8C1F64807*
|
||||
ID_OUI_FROM_DATABASE=GIORDANO CONTROLS SPA
|
||||
|
||||
|
@ -102620,6 +102749,9 @@ OUI:8C1F649B3*
|
|||
OUI:8C1F649B6*
|
||||
ID_OUI_FROM_DATABASE=GS Elektromedizinsiche Geräte G. Stemple GmbH
|
||||
|
||||
OUI:8C1F649B8*
|
||||
ID_OUI_FROM_DATABASE=Makel Elektrik Malzemeleri A.Ş.
|
||||
|
||||
OUI:8C1F649B9*
|
||||
ID_OUI_FROM_DATABASE=QUERCUS TECHNOLOGIES, S.L.
|
||||
|
||||
|
@ -104366,6 +104498,9 @@ OUI:8C1F64E80*
|
|||
OUI:8C1F64E86*
|
||||
ID_OUI_FROM_DATABASE=ComVetia AG
|
||||
|
||||
OUI:8C1F64E88*
|
||||
ID_OUI_FROM_DATABASE=SiFive Inc
|
||||
|
||||
OUI:8C1F64E89*
|
||||
ID_OUI_FROM_DATABASE=PADL Software Pty Ltd
|
||||
|
||||
|
@ -104828,6 +104963,9 @@ OUI:8C1F64FDA*
|
|||
OUI:8C1F64FDC*
|
||||
ID_OUI_FROM_DATABASE=Nuphoton Technologies
|
||||
|
||||
OUI:8C1F64FDF*
|
||||
ID_OUI_FROM_DATABASE=Potter Electric Signal Company
|
||||
|
||||
OUI:8C1F64FE0*
|
||||
ID_OUI_FROM_DATABASE=Potter Electric Signal Company
|
||||
|
||||
|
@ -108248,6 +108386,9 @@ OUI:94A04E*
|
|||
OUI:94A07D*
|
||||
ID_OUI_FROM_DATABASE=Huawei Device Co., Ltd.
|
||||
|
||||
OUI:94A081*
|
||||
ID_OUI_FROM_DATABASE=Silicon Laboratories
|
||||
|
||||
OUI:94A1A2*
|
||||
ID_OUI_FROM_DATABASE=AMPAK Technology, Inc.
|
||||
|
||||
|
@ -109112,6 +109253,9 @@ OUI:981E0F*
|
|||
OUI:981E19*
|
||||
ID_OUI_FROM_DATABASE=Sagemcom Broadband SAS
|
||||
|
||||
OUI:981E89*
|
||||
ID_OUI_FROM_DATABASE=Tianyi Telecom Terminals Company Limited
|
||||
|
||||
OUI:981FB1*
|
||||
ID_OUI_FROM_DATABASE=Shenzhen Lemon Network Technology Co.,Ltd
|
||||
|
||||
|
@ -109841,6 +109985,9 @@ OUI:98A404*
|
|||
OUI:98A40E*
|
||||
ID_OUI_FROM_DATABASE=Snap, Inc.
|
||||
|
||||
OUI:98A44E*
|
||||
ID_OUI_FROM_DATABASE=IEC Technologies S. de R.L de C.V.
|
||||
|
||||
OUI:98A5F9*
|
||||
ID_OUI_FROM_DATABASE=Apple, Inc.
|
||||
|
||||
|
@ -111275,6 +111422,9 @@ OUI:9CB793*
|
|||
OUI:9CB8B4*
|
||||
ID_OUI_FROM_DATABASE=AMPAK Technology,Inc.
|
||||
|
||||
OUI:9CBAC9*
|
||||
ID_OUI_FROM_DATABASE=Telit Communication s.p.a
|
||||
|
||||
OUI:9CBB98*
|
||||
ID_OUI_FROM_DATABASE=Shen Zhen RND Electronic Co.,LTD
|
||||
|
||||
|
@ -111710,6 +111860,9 @@ OUI:A00BBA*
|
|||
OUI:A00CA1*
|
||||
ID_OUI_FROM_DATABASE=SKTB SKiT
|
||||
|
||||
OUI:A00CE2*
|
||||
ID_OUI_FROM_DATABASE=Shenzhen Shokz Co., Ltd.
|
||||
|
||||
OUI:A00E98*
|
||||
ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD
|
||||
|
||||
|
@ -113801,6 +113954,9 @@ OUI:A47C1F*
|
|||
OUI:A47CC9*
|
||||
ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD
|
||||
|
||||
OUI:A47D78*
|
||||
ID_OUI_FROM_DATABASE=Edgecore Americas Networking Corporation
|
||||
|
||||
OUI:A47D9F*
|
||||
ID_OUI_FROM_DATABASE=Shenzhen iComm Semiconductor CO.,LTD
|
||||
|
||||
|
@ -115011,7 +115167,7 @@ OUI:A87285*
|
|||
ID_OUI_FROM_DATABASE=IDT, INC.
|
||||
|
||||
OUI:A8741D*
|
||||
ID_OUI_FROM_DATABASE=PHOENIX CONTACT Electronics GmbH
|
||||
ID_OUI_FROM_DATABASE=Phoenix Contact GmbH & Co. KG
|
||||
|
||||
OUI:A87484*
|
||||
ID_OUI_FROM_DATABASE=zte corporation
|
||||
|
@ -115118,6 +115274,9 @@ OUI:A88D7B*
|
|||
OUI:A88E24*
|
||||
ID_OUI_FROM_DATABASE=Apple, Inc.
|
||||
|
||||
OUI:A88F99*
|
||||
ID_OUI_FROM_DATABASE=Arista Networks
|
||||
|
||||
OUI:A88FD9*
|
||||
ID_OUI_FROM_DATABASE=Apple, Inc.
|
||||
|
||||
|
@ -119228,6 +119387,9 @@ OUI:B4C810*
|
|||
OUI:B4C9B9*
|
||||
ID_OUI_FROM_DATABASE=Sichuan AI-Link Technology Co., Ltd.
|
||||
|
||||
OUI:B4CADD*
|
||||
ID_OUI_FROM_DATABASE=Cisco Systems, Inc
|
||||
|
||||
OUI:B4CB57*
|
||||
ID_OUI_FROM_DATABASE=GUANGDONG OPPO MOBILE TELECOMMUNICATIONS CORP.,LTD
|
||||
|
||||
|
@ -120413,6 +120575,9 @@ OUI:B8D4C3*
|
|||
OUI:B8D4E7*
|
||||
ID_OUI_FROM_DATABASE=Hewlett Packard Enterprise
|
||||
|
||||
OUI:B8D4F7*
|
||||
ID_OUI_FROM_DATABASE=New H3C Technologies Co., Ltd
|
||||
|
||||
OUI:B8D50B*
|
||||
ID_OUI_FROM_DATABASE=Sunitec Enterprise Co.,Ltd
|
||||
|
||||
|
@ -122114,6 +122279,12 @@ OUI:C02C5C*
|
|||
OUI:C02C7A*
|
||||
ID_OUI_FROM_DATABASE=Shenzhen Horn Audio Co.,Ltd.
|
||||
|
||||
OUI:C02CED*
|
||||
ID_OUI_FROM_DATABASE=Silicon Laboratories
|
||||
|
||||
OUI:C02D2E*
|
||||
ID_OUI_FROM_DATABASE=China Mobile Group Device Co.,Ltd.
|
||||
|
||||
OUI:C02DEE*
|
||||
ID_OUI_FROM_DATABASE=Cuff
|
||||
|
||||
|
@ -123200,6 +123371,9 @@ OUI:C0F79D*
|
|||
OUI:C0F827*
|
||||
ID_OUI_FROM_DATABASE=Rapidmax Technology Corporation
|
||||
|
||||
OUI:C0F853*
|
||||
ID_OUI_FROM_DATABASE=Tuya Smart Inc.
|
||||
|
||||
OUI:C0F87F*
|
||||
ID_OUI_FROM_DATABASE=Cisco Systems, Inc
|
||||
|
||||
|
@ -126368,6 +126542,9 @@ OUI:CC10A3*
|
|||
OUI:CC115A*
|
||||
ID_OUI_FROM_DATABASE=Apple, Inc.
|
||||
|
||||
OUI:CC1228*
|
||||
ID_OUI_FROM_DATABASE=HISENSE VISUAL TECHNOLOGY CO.,LTD
|
||||
|
||||
OUI:CC14A6*
|
||||
ID_OUI_FROM_DATABASE=Yichun MyEnergy Domain, Inc
|
||||
|
||||
|
@ -126458,6 +126635,9 @@ OUI:CC1FC4*
|
|||
OUI:CC208C*
|
||||
ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD
|
||||
|
||||
OUI:CC20AC*
|
||||
ID_OUI_FROM_DATABASE=Samsung Electronics Co.,Ltd
|
||||
|
||||
OUI:CC20E8*
|
||||
ID_OUI_FROM_DATABASE=Apple, Inc.
|
||||
|
||||
|
@ -127037,6 +127217,9 @@ OUI:CC896C*
|
|||
OUI:CC89FD*
|
||||
ID_OUI_FROM_DATABASE=Nokia Corporation
|
||||
|
||||
OUI:CC8A84*
|
||||
ID_OUI_FROM_DATABASE=Huawei Device Co., Ltd.
|
||||
|
||||
OUI:CC8C17*
|
||||
ID_OUI_FROM_DATABASE=ITEL MOBILE LIMITED
|
||||
|
||||
|
@ -127362,7 +127545,7 @@ OUI:CCCCCC*
|
|||
ID_OUI_FROM_DATABASE=Silicon Laboratories
|
||||
|
||||
OUI:CCCCEA*
|
||||
ID_OUI_FROM_DATABASE=PHOENIX CONTACT Electronics GmbH
|
||||
ID_OUI_FROM_DATABASE=Phoenix Contact GmbH & Co. KG
|
||||
|
||||
OUI:CCCD64*
|
||||
ID_OUI_FROM_DATABASE=SM-Electronic GmbH
|
||||
|
@ -130773,7 +130956,7 @@ OUI:D822F4*
|
|||
ID_OUI_FROM_DATABASE=Avnet Silica
|
||||
|
||||
OUI:D823E0*
|
||||
ID_OUI_FROM_DATABASE=SPEEDTECH CORP.
|
||||
ID_OUI_FROM_DATABASE=SPEEDTECH CORP. JIO
|
||||
|
||||
OUI:D82477*
|
||||
ID_OUI_FROM_DATABASE=Universal Electric Corporation
|
||||
|
@ -130958,6 +131141,9 @@ OUI:D8490B*
|
|||
OUI:D8492F*
|
||||
ID_OUI_FROM_DATABASE=CANON INC.
|
||||
|
||||
OUI:D849BF*
|
||||
ID_OUI_FROM_DATABASE=CELESTICA INC.
|
||||
|
||||
OUI:D84A2B*
|
||||
ID_OUI_FROM_DATABASE=zte corporation
|
||||
|
||||
|
@ -131543,6 +131729,9 @@ OUI:D8C771*
|
|||
OUI:D8C7C8*
|
||||
ID_OUI_FROM_DATABASE=Hewlett Packard Enterprise
|
||||
|
||||
OUI:D8C80C*
|
||||
ID_OUI_FROM_DATABASE=Tuya Smart Inc.
|
||||
|
||||
OUI:D8C8E9*
|
||||
ID_OUI_FROM_DATABASE=Phicomm (Shanghai) Co., Ltd.
|
||||
|
||||
|
@ -132101,6 +132290,9 @@ OUI:DC41A9*
|
|||
OUI:DC41E5*
|
||||
ID_OUI_FROM_DATABASE=Shenzhen Zhixin Data Service Co., Ltd.
|
||||
|
||||
OUI:DC42C8*
|
||||
ID_OUI_FROM_DATABASE=Huawei Device Co., Ltd.
|
||||
|
||||
OUI:DC44270*
|
||||
ID_OUI_FROM_DATABASE=Suritel
|
||||
|
||||
|
@ -133175,6 +133367,9 @@ OUI:E021FE*
|
|||
OUI:E02202*
|
||||
ID_OUI_FROM_DATABASE=Commscope
|
||||
|
||||
OUI:E022A1*
|
||||
ID_OUI_FROM_DATABASE=AltoBeam Inc.
|
||||
|
||||
OUI:E023D7*
|
||||
ID_OUI_FROM_DATABASE=Sleep Number
|
||||
|
||||
|
@ -135413,6 +135608,9 @@ OUI:E4FC82*
|
|||
OUI:E4FD45*
|
||||
ID_OUI_FROM_DATABASE=Intel Corporate
|
||||
|
||||
OUI:E4FD8C*
|
||||
ID_OUI_FROM_DATABASE=Extreme Networks Headquarters
|
||||
|
||||
OUI:E4FDA1*
|
||||
ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD
|
||||
|
||||
|
@ -136478,6 +136676,9 @@ OUI:E8CD2D*
|
|||
OUI:E8CE06*
|
||||
ID_OUI_FROM_DATABASE=SkyHawke Technologies, LLC.
|
||||
|
||||
OUI:E8CF83*
|
||||
ID_OUI_FROM_DATABASE=Dell Inc.
|
||||
|
||||
OUI:E8D03C*
|
||||
ID_OUI_FROM_DATABASE=Shenzhen Jingxun Software Telecommunication Technology Co.,Ltd
|
||||
|
||||
|
@ -137312,6 +137513,30 @@ OUI:EC748C*
|
|||
OUI:EC74BA*
|
||||
ID_OUI_FROM_DATABASE=Hirschmann Automation and Control GmbH
|
||||
|
||||
OUI:EC74CD3*
|
||||
ID_OUI_FROM_DATABASE=iSolution Technologies Co.,Ltd.
|
||||
|
||||
OUI:EC74CD5*
|
||||
ID_OUI_FROM_DATABASE=Standard Backhaul Communications
|
||||
|
||||
OUI:EC74CD6*
|
||||
ID_OUI_FROM_DATABASE=Platypus
|
||||
|
||||
OUI:EC74CD8*
|
||||
ID_OUI_FROM_DATABASE=TRANS AUDIO VIDEO SRL
|
||||
|
||||
OUI:EC74CD9*
|
||||
ID_OUI_FROM_DATABASE=Sound Health Systems
|
||||
|
||||
OUI:EC74CDA*
|
||||
ID_OUI_FROM_DATABASE=Bosch (zhuhai) Security Systems Company, Ltd.
|
||||
|
||||
OUI:EC74CDB*
|
||||
ID_OUI_FROM_DATABASE=Hitachi Rail GTS Austria GmbH
|
||||
|
||||
OUI:EC74CDD*
|
||||
ID_OUI_FROM_DATABASE=Shenzhen Ting-Shine Technology Co., Ltd.
|
||||
|
||||
OUI:EC74D7*
|
||||
ID_OUI_FROM_DATABASE=Grandstream Networks Inc
|
||||
|
||||
|
@ -143102,6 +143327,9 @@ OUI:FCB467*
|
|||
OUI:FCB4E6*
|
||||
ID_OUI_FROM_DATABASE=ASKEY COMPUTER CORP
|
||||
|
||||
OUI:FCB577*
|
||||
ID_OUI_FROM_DATABASE=Cortex Security Inc
|
||||
|
||||
OUI:FCB585*
|
||||
ID_OUI_FROM_DATABASE=Shenzhen Water World Information Co.,Ltd.
|
||||
|
||||
|
@ -143159,6 +143387,9 @@ OUI:FCC23D*
|
|||
OUI:FCC2DE*
|
||||
ID_OUI_FROM_DATABASE=Murata Manufacturing Co., Ltd.
|
||||
|
||||
OUI:FCC2E5*
|
||||
ID_OUI_FROM_DATABASE=HOLOWITS TECHNOLOGIES CO.,LTD
|
||||
|
||||
OUI:FCC734*
|
||||
ID_OUI_FROM_DATABASE=Samsung Electronics Co.,Ltd
|
||||
|
||||
|
|
|
@ -2019,9 +2019,6 @@ acpi:DEL*:
|
|||
acpi:DEM*:
|
||||
ID_VENDOR_FROM_DATABASE=DemoPad Software Ltd
|
||||
|
||||
acpi:DEM*:
|
||||
ID_VENDOR_FROM_DATABASE=DemoPad Software Ltd
|
||||
|
||||
acpi:DEN*:
|
||||
ID_VENDOR_FROM_DATABASE=Densitron Computers Ltd
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
--- 20-acpi-vendor.hwdb.base 2024-11-06 10:40:14.734611315 +0000
|
||||
+++ 20-acpi-vendor.hwdb 2024-11-06 10:40:14.738611667 +0000
|
||||
--- 20-acpi-vendor.hwdb.base 2024-11-15 17:16:38.971258201 +0000
|
||||
+++ 20-acpi-vendor.hwdb 2024-11-15 17:16:38.979258339 +0000
|
||||
@@ -3,6 +3,8 @@
|
||||
# Data imported from:
|
||||
# https://uefi.org/uefi-pnp-export
|
||||
|
@ -137,7 +137,7 @@
|
|||
acpi:COI*:
|
||||
ID_VENDOR_FROM_DATABASE=Codec Inc.
|
||||
|
||||
@@ -2063,7 +2092,7 @@
|
||||
@@ -2060,7 +2089,7 @@
|
||||
ID_VENDOR_FROM_DATABASE=Dragon Information Technology
|
||||
|
||||
acpi:DJE*:
|
||||
|
@ -146,7 +146,7 @@
|
|||
|
||||
acpi:DJP*:
|
||||
ID_VENDOR_FROM_DATABASE=Maygay Machines, Ltd
|
||||
@@ -2416,6 +2445,9 @@
|
||||
@@ -2413,6 +2442,9 @@
|
||||
acpi:EIN*:
|
||||
ID_VENDOR_FROM_DATABASE=Elegant Invention
|
||||
|
||||
|
@ -156,7 +156,7 @@
|
|||
acpi:EKA*:
|
||||
ID_VENDOR_FROM_DATABASE=MagTek Inc.
|
||||
|
||||
@@ -2686,6 +2718,9 @@
|
||||
@@ -2683,6 +2715,9 @@
|
||||
acpi:FCG*:
|
||||
ID_VENDOR_FROM_DATABASE=First International Computer Ltd
|
||||
|
||||
|
@ -166,7 +166,7 @@
|
|||
acpi:FCS*:
|
||||
ID_VENDOR_FROM_DATABASE=Focus Enhancements, Inc.
|
||||
|
||||
@@ -3062,7 +3097,7 @@
|
||||
@@ -3059,7 +3094,7 @@
|
||||
ID_VENDOR_FROM_DATABASE=General Standards Corporation
|
||||
|
||||
acpi:GSM*:
|
||||
|
@ -175,7 +175,7 @@
|
|||
|
||||
acpi:GSN*:
|
||||
ID_VENDOR_FROM_DATABASE=Grandstream Networks, Inc.
|
||||
@@ -3172,6 +3207,9 @@
|
||||
@@ -3169,6 +3204,9 @@
|
||||
acpi:HEC*:
|
||||
ID_VENDOR_FROM_DATABASE=Hisense Electric Co., Ltd.
|
||||
|
||||
|
@ -185,7 +185,7 @@
|
|||
acpi:HEL*:
|
||||
ID_VENDOR_FROM_DATABASE=Hitachi Micro Systems Europe Ltd
|
||||
|
||||
@@ -3307,6 +3345,9 @@
|
||||
@@ -3304,6 +3342,9 @@
|
||||
acpi:HSD*:
|
||||
ID_VENDOR_FROM_DATABASE=HannStar Display Corp
|
||||
|
||||
|
@ -195,7 +195,7 @@
|
|||
acpi:HSM*:
|
||||
ID_VENDOR_FROM_DATABASE=AT&T Microelectronics
|
||||
|
||||
@@ -3433,6 +3474,9 @@
|
||||
@@ -3430,6 +3471,9 @@
|
||||
acpi:ICI*:
|
||||
ID_VENDOR_FROM_DATABASE=Infotek Communication Inc
|
||||
|
||||
|
@ -205,7 +205,7 @@
|
|||
acpi:ICM*:
|
||||
ID_VENDOR_FROM_DATABASE=Intracom SA
|
||||
|
||||
@@ -3529,6 +3573,9 @@
|
||||
@@ -3526,6 +3570,9 @@
|
||||
acpi:IKE*:
|
||||
ID_VENDOR_FROM_DATABASE=Ikegami Tsushinki Co. Ltd.
|
||||
|
||||
|
@ -215,7 +215,7 @@
|
|||
acpi:IKS*:
|
||||
ID_VENDOR_FROM_DATABASE=Ikos Systems Inc
|
||||
|
||||
@@ -3577,6 +3624,9 @@
|
||||
@@ -3574,6 +3621,9 @@
|
||||
acpi:IMX*:
|
||||
ID_VENDOR_FROM_DATABASE=arpara Technology Co., Ltd.
|
||||
|
||||
|
@ -225,7 +225,7 @@
|
|||
acpi:INA*:
|
||||
ID_VENDOR_FROM_DATABASE=Inventec Corporation
|
||||
|
||||
@@ -4105,6 +4155,9 @@
|
||||
@@ -4102,6 +4152,9 @@
|
||||
acpi:LAN*:
|
||||
ID_VENDOR_FROM_DATABASE=Sodeman Lancom Inc
|
||||
|
||||
|
@ -235,7 +235,7 @@
|
|||
acpi:LAS*:
|
||||
ID_VENDOR_FROM_DATABASE=LASAT Comm. A/S
|
||||
|
||||
@@ -4156,6 +4209,9 @@
|
||||
@@ -4153,6 +4206,9 @@
|
||||
acpi:LED*:
|
||||
ID_VENDOR_FROM_DATABASE=Long Engineering Design Inc
|
||||
|
||||
|
@ -245,7 +245,7 @@
|
|||
acpi:LEG*:
|
||||
ID_VENDOR_FROM_DATABASE=Legerity, Inc
|
||||
|
||||
@@ -4174,6 +4230,9 @@
|
||||
@@ -4171,6 +4227,9 @@
|
||||
acpi:LGD*:
|
||||
ID_VENDOR_FROM_DATABASE=LG Display
|
||||
|
||||
|
@ -255,7 +255,7 @@
|
|||
acpi:LGI*:
|
||||
ID_VENDOR_FROM_DATABASE=Logitech Inc
|
||||
|
||||
@@ -4240,6 +4299,9 @@
|
||||
@@ -4237,6 +4296,9 @@
|
||||
acpi:LND*:
|
||||
ID_VENDOR_FROM_DATABASE=Land Computer Company Ltd
|
||||
|
||||
|
@ -265,7 +265,7 @@
|
|||
acpi:LNK*:
|
||||
ID_VENDOR_FROM_DATABASE=Link Tech Inc
|
||||
|
||||
@@ -4274,7 +4336,7 @@
|
||||
@@ -4271,7 +4333,7 @@
|
||||
ID_VENDOR_FROM_DATABASE=Design Technology
|
||||
|
||||
acpi:LPL*:
|
||||
|
@ -274,7 +274,7 @@
|
|||
|
||||
acpi:LSC*:
|
||||
ID_VENDOR_FROM_DATABASE=LifeSize Communications
|
||||
@@ -4450,6 +4512,9 @@
|
||||
@@ -4447,6 +4509,9 @@
|
||||
acpi:MCX*:
|
||||
ID_VENDOR_FROM_DATABASE=Millson Custom Solutions Inc.
|
||||
|
||||
|
@ -284,7 +284,7 @@
|
|||
acpi:MDA*:
|
||||
ID_VENDOR_FROM_DATABASE=Media4 Inc
|
||||
|
||||
@@ -4696,6 +4761,9 @@
|
||||
@@ -4693,6 +4758,9 @@
|
||||
acpi:MOM*:
|
||||
ID_VENDOR_FROM_DATABASE=Momentum Data Systems
|
||||
|
||||
|
@ -294,7 +294,7 @@
|
|||
acpi:MOS*:
|
||||
ID_VENDOR_FROM_DATABASE=Moses Corporation
|
||||
|
||||
@@ -4936,6 +5004,9 @@
|
||||
@@ -4933,6 +5001,9 @@
|
||||
acpi:NAL*:
|
||||
ID_VENDOR_FROM_DATABASE=Network Alchemy
|
||||
|
||||
|
@ -304,7 +304,7 @@
|
|||
acpi:NAT*:
|
||||
ID_VENDOR_FROM_DATABASE=NaturalPoint Inc.
|
||||
|
||||
@@ -5476,6 +5547,9 @@
|
||||
@@ -5473,6 +5544,9 @@
|
||||
acpi:PCX*:
|
||||
ID_VENDOR_FROM_DATABASE=PC Xperten
|
||||
|
||||
|
@ -314,7 +314,7 @@
|
|||
acpi:PDM*:
|
||||
ID_VENDOR_FROM_DATABASE=Psion Dacom Plc.
|
||||
|
||||
@@ -5539,9 +5613,6 @@
|
||||
@@ -5536,9 +5610,6 @@
|
||||
acpi:PHE*:
|
||||
ID_VENDOR_FROM_DATABASE=Philips Medical Systems Boeblingen GmbH
|
||||
|
||||
|
@ -324,7 +324,7 @@
|
|||
acpi:PHL*:
|
||||
ID_VENDOR_FROM_DATABASE=Philips Consumer Electronics Company
|
||||
|
||||
@@ -5632,9 +5703,6 @@
|
||||
@@ -5629,9 +5700,6 @@
|
||||
acpi:PNL*:
|
||||
ID_VENDOR_FROM_DATABASE=Panelview, Inc.
|
||||
|
||||
|
@ -334,7 +334,7 @@
|
|||
acpi:PNR*:
|
||||
ID_VENDOR_FROM_DATABASE=Planar Systems, Inc.
|
||||
|
||||
@@ -6112,9 +6180,6 @@
|
||||
@@ -6109,9 +6177,6 @@
|
||||
acpi:RTI*:
|
||||
ID_VENDOR_FROM_DATABASE=Rancho Tech Inc
|
||||
|
||||
|
@ -344,7 +344,7 @@
|
|||
acpi:RTL*:
|
||||
ID_VENDOR_FROM_DATABASE=Realtek Semiconductor Company Ltd
|
||||
|
||||
@@ -6289,9 +6354,6 @@
|
||||
@@ -6286,9 +6351,6 @@
|
||||
acpi:SEE*:
|
||||
ID_VENDOR_FROM_DATABASE=SeeColor Corporation
|
||||
|
||||
|
@ -354,7 +354,7 @@
|
|||
acpi:SEI*:
|
||||
ID_VENDOR_FROM_DATABASE=Seitz & Associates Inc
|
||||
|
||||
@@ -6775,6 +6837,9 @@
|
||||
@@ -6772,6 +6834,9 @@
|
||||
acpi:SVD*:
|
||||
ID_VENDOR_FROM_DATABASE=SVD Computer
|
||||
|
||||
|
@ -364,7 +364,7 @@
|
|||
acpi:SVI*:
|
||||
ID_VENDOR_FROM_DATABASE=Sun Microsystems
|
||||
|
||||
@@ -6859,6 +6924,9 @@
|
||||
@@ -6856,6 +6921,9 @@
|
||||
acpi:SZM*:
|
||||
ID_VENDOR_FROM_DATABASE=Shenzhen MTC Co., Ltd
|
||||
|
||||
|
@ -374,7 +374,7 @@
|
|||
acpi:TAA*:
|
||||
ID_VENDOR_FROM_DATABASE=Tandberg
|
||||
|
||||
@@ -6949,6 +7017,9 @@
|
||||
@@ -6946,6 +7014,9 @@
|
||||
acpi:TDG*:
|
||||
ID_VENDOR_FROM_DATABASE=Six15 Technologies
|
||||
|
||||
|
@ -384,7 +384,7 @@
|
|||
acpi:TDM*:
|
||||
ID_VENDOR_FROM_DATABASE=Tandem Computer Europe Inc
|
||||
|
||||
@@ -6991,6 +7062,9 @@
|
||||
@@ -6988,6 +7059,9 @@
|
||||
acpi:TEV*:
|
||||
ID_VENDOR_FROM_DATABASE=Televés, S.A.
|
||||
|
||||
|
@ -394,7 +394,7 @@
|
|||
acpi:TEZ*:
|
||||
ID_VENDOR_FROM_DATABASE=Tech Source Inc.
|
||||
|
||||
@@ -7120,9 +7194,6 @@
|
||||
@@ -7117,9 +7191,6 @@
|
||||
acpi:TNC*:
|
||||
ID_VENDOR_FROM_DATABASE=TNC Industrial Company Ltd
|
||||
|
||||
|
@ -404,7 +404,7 @@
|
|||
acpi:TNM*:
|
||||
ID_VENDOR_FROM_DATABASE=TECNIMAGEN SA
|
||||
|
||||
@@ -7432,14 +7503,14 @@
|
||||
@@ -7429,14 +7500,14 @@
|
||||
acpi:UNC*:
|
||||
ID_VENDOR_FROM_DATABASE=Unisys Corporation
|
||||
|
||||
|
@ -425,7 +425,7 @@
|
|||
|
||||
acpi:UNI*:
|
||||
ID_VENDOR_FROM_DATABASE=Uniform Industry Corp.
|
||||
@@ -7474,6 +7545,9 @@
|
||||
@@ -7471,6 +7542,9 @@
|
||||
acpi:USA*:
|
||||
ID_VENDOR_FROM_DATABASE=Utimaco Safeware AG
|
||||
|
||||
|
@ -435,7 +435,7 @@
|
|||
acpi:USD*:
|
||||
ID_VENDOR_FROM_DATABASE=U.S. Digital Corporation
|
||||
|
||||
@@ -7735,9 +7809,6 @@
|
||||
@@ -7732,9 +7806,6 @@
|
||||
acpi:WAL*:
|
||||
ID_VENDOR_FROM_DATABASE=Wave Access
|
||||
|
||||
|
@ -445,7 +445,7 @@
|
|||
acpi:WAV*:
|
||||
ID_VENDOR_FROM_DATABASE=Wavephore
|
||||
|
||||
@@ -7865,7 +7936,7 @@
|
||||
@@ -7862,7 +7933,7 @@
|
||||
ID_VENDOR_FROM_DATABASE=WyreStorm Technologies LLC
|
||||
|
||||
acpi:WYS*:
|
||||
|
@ -454,7 +454,7 @@
|
|||
|
||||
acpi:WYT*:
|
||||
ID_VENDOR_FROM_DATABASE=Wooyoung Image & Information Co.,Ltd.
|
||||
@@ -7879,9 +7950,6 @@
|
||||
@@ -7876,9 +7947,6 @@
|
||||
acpi:XDM*:
|
||||
ID_VENDOR_FROM_DATABASE=XDM Ltd.
|
||||
|
||||
|
@ -464,7 +464,7 @@
|
|||
acpi:XES*:
|
||||
ID_VENDOR_FROM_DATABASE=Extreme Engineering Solutions, Inc.
|
||||
|
||||
@@ -7915,9 +7983,6 @@
|
||||
@@ -7912,9 +7980,6 @@
|
||||
acpi:XNT*:
|
||||
ID_VENDOR_FROM_DATABASE=XN Technologies, Inc.
|
||||
|
||||
|
@ -474,7 +474,7 @@
|
|||
acpi:XQU*:
|
||||
ID_VENDOR_FROM_DATABASE=SHANGHAI SVA-DAV ELECTRONICS CO., LTD
|
||||
|
||||
@@ -7984,6 +8049,9 @@
|
||||
@@ -7981,6 +8046,9 @@
|
||||
acpi:ZBX*:
|
||||
ID_VENDOR_FROM_DATABASE=Zebax Technologies
|
||||
|
||||
|
|
|
@ -1438,6 +1438,11 @@ evdev:input:b0003v046DpC309*
|
|||
KEYBOARD_KEY_c01b6=images # My Pictures (F11)
|
||||
KEYBOARD_KEY_c01b7=audio # My Music (F12)
|
||||
|
||||
# Logitech MX Keys for Mac
|
||||
evdev:input:b0003v046Dp4092*
|
||||
KEYBOARD_KEY_70035=102nd # '<' key
|
||||
KEYBOARD_KEY_70064=grave # '^' key
|
||||
|
||||
###########################################################
|
||||
# Maxdata
|
||||
###########################################################
|
||||
|
|
|
@ -376,11 +376,12 @@ sensor:modalias:acpi:KIOX000A*:dmi:*:svncube:pni1-TF:*
|
|||
sensor:modalias:acpi:SMO8500*:dmi:*:svncube:pni7:*
|
||||
ACCEL_MOUNT_MATRIX=1, 0, 0; 0, -1, 0; 0, 0, 1
|
||||
|
||||
# Cube i7 Stylus, i7 Stylus I8L Model, i7 Book (i16) and Mix Plus (i18B)
|
||||
# Cube i7 Stylus, i7 Stylus I8L Model, i7 Book (i16) and Mix Plus (i18B/i18D)
|
||||
sensor:modalias:acpi:KIOX000A*:dmi:*:svnCube:pni7Stylus:*
|
||||
sensor:modalias:acpi:KIOX000A*:dmi:*:svnCube:pni8-L:*
|
||||
sensor:modalias:acpi:KIOX000A*:dmi:*:svnCube:pni16:*
|
||||
sensor:modalias:acpi:KIOX000A*:dmi:*:svnCube:pni18B:*
|
||||
sensor:modalias:acpi:KIOX000A*:dmi:*:svnALLDOCUBE:pni18D:*
|
||||
ACCEL_MOUNT_MATRIX=-1, 0, 0; 0, 1, 0; 0, 0, 1
|
||||
|
||||
# Cube iWork 10 Flagship
|
||||
|
@ -952,6 +953,15 @@ sensor:modalias:acpi:MXC6655*:dmi:*:svnDefaultstring*:pnP612F:*
|
|||
sensor:modalias:acpi:SMO8500*:dmi:*:svnPEAQ:pnPEAQPMMC1010MD99187:*
|
||||
ACCEL_MOUNT_MATRIX=-1, 0, 0; 0, 1, 0; 0, 0, 1
|
||||
|
||||
#########################################
|
||||
# Pine64
|
||||
#########################################
|
||||
|
||||
# PineTab2
|
||||
|
||||
sensor:modalias:of:NaccelerometerT_null_Csilan,sc7a20:*
|
||||
ACCEL_MOUNT_MATRIX=0, 0, -1; 1, 0, 0; 0, -1, 0
|
||||
|
||||
#########################################
|
||||
# Pipo
|
||||
#########################################
|
||||
|
|
203477
hwdb.d/ma-large.txt
203477
hwdb.d/ma-large.txt
File diff suppressed because it is too large
Load Diff
|
@ -770,12 +770,6 @@ C00000-CFFFFF (base 16) HANGZHOU ZHONGKEJIGUANG TECHNOLOGY CO., LTD
|
|||
HANGZHOU Zhejiang 310018
|
||||
CN
|
||||
|
||||
2C-69-1D (hex) SPEEDTECH CORP.
|
||||
400000-4FFFFF (base 16) SPEEDTECH CORP.
|
||||
No. 568, Sec. 1, Minsheng N. Rd., Guishan Dist., Taoyuan City 338, Taiwan
|
||||
Taoyuan 338
|
||||
TW
|
||||
|
||||
2C-69-1D (hex) IBM
|
||||
800000-8FFFFF (base 16) IBM
|
||||
9000 South Rita Rd
|
||||
|
@ -6788,6 +6782,30 @@ AC-EF-92 (hex) CEER NATIONAL AUTOMOTIVE COMPANY
|
|||
Shanghai 201316
|
||||
CN
|
||||
|
||||
0C-47-A9 (hex) Shenzhen Hahappylife Innovations Electronics Technology Co.,Ltd
|
||||
600000-6FFFFF (base 16) Shenzhen Hahappylife Innovations Electronics Technology Co.,Ltd
|
||||
103, Bldg1, Meicheng Ind Park, No.4, Xinhe St, Ma’antang Community, Bantian St, Longgang Dist
|
||||
Shenzhen Guangdong 518000
|
||||
CN
|
||||
|
||||
EC-74-CD (hex) Bosch (zhuhai) Security Systems Company, Ltd.
|
||||
A00000-AFFFFF (base 16) Bosch (zhuhai) Security Systems Company, Ltd.
|
||||
20 Ji Chang Bei Road, Qingwan Industrial Estate, | Sanzao Town, Jinwan District
|
||||
Zhuhai Guangdong 519040
|
||||
CN
|
||||
|
||||
0C-47-A9 (hex) Shanghai Sigen New Energy Technology Co., Ltd
|
||||
900000-9FFFFF (base 16) Shanghai Sigen New Energy Technology Co., Ltd
|
||||
Room 514 The 5th Floor, No.175 Weizhan Road China (Shanghai) Plilot Free Trade Zone
|
||||
Shanghai 201306
|
||||
CN
|
||||
|
||||
2C-69-1D (hex) SPEEDTECH CORP. JIO
|
||||
400000-4FFFFF (base 16) SPEEDTECH CORP. JIO
|
||||
No. 568, Sec. 1, Minsheng N. Rd., Guishan Dist., Taoyuan City 338, Taiwan
|
||||
Taoyuan 338
|
||||
TW
|
||||
|
||||
B8-4C-87 (hex) Shenzhen Link-all Technology Co., Ltd
|
||||
300000-3FFFFF (base 16) Shenzhen Link-all Technology Co., Ltd
|
||||
Floor 5th, Block 9th, Sunny Industrial Zone, Xili Town, Nanshan District, Shenzhen, China
|
||||
|
@ -13073,6 +13091,18 @@ A00000-AFFFFF (base 16) Lens Technology (Xiangtan) Co.,Ltd
|
|||
Xiangtan Hunan 411100
|
||||
CN
|
||||
|
||||
EC-74-CD (hex) Shenzhen Ting-Shine Technology Co., Ltd.
|
||||
D00000-DFFFFF (base 16) Shenzhen Ting-Shine Technology Co., Ltd.
|
||||
No. 148, Huarong Road, Longhua District, Shenzhen
|
||||
Shenzhen Guangdong 518083
|
||||
CN
|
||||
|
||||
EC-74-CD (hex) iSolution Technologies Co.,Ltd.
|
||||
300000-3FFFFF (base 16) iSolution Technologies Co.,Ltd.
|
||||
5F,Bldg #6, Zhongguan Honghualing Industrial South Park
|
||||
Shenzhen Guangdong 518055
|
||||
CN
|
||||
|
||||
B8-4C-87 (hex) Altronix , Corp
|
||||
A00000-AFFFFF (base 16) Altronix , Corp
|
||||
140 58th St. Bldg A, Ste 2N
|
||||
|
@ -19862,6 +19892,48 @@ AC-EF-92 (hex) JiZhiKang (Beijing) Technology Co., Ltd
|
|||
Beijing 100176
|
||||
CN
|
||||
|
||||
0C-47-A9 (hex) HONGKONG STONEOIM TECHNOLOGY LIMITED
|
||||
300000-3FFFFF (base 16) HONGKONG STONEOIM TECHNOLOGY LIMITED
|
||||
UNIT 1507C,15/F,EASTCORE 398 KWUN TONG ROAD KWUN TONG KL
|
||||
hongkong hongkong 999077
|
||||
HK
|
||||
|
||||
0C-47-A9 (hex) Annapurna labs
|
||||
200000-2FFFFF (base 16) Annapurna labs
|
||||
Matam Scientific Industries Center, Building 8.2
|
||||
Mail box 15123 Haifa 3508409
|
||||
IL
|
||||
|
||||
0C-47-A9 (hex) BGResearch
|
||||
E00000-EFFFFF (base 16) BGResearch
|
||||
5, The Business Centre, Harvard Way, Kimbolton,
|
||||
Huntingdon. Cambridgeshire PE28 0NJ
|
||||
GB
|
||||
|
||||
EC-74-CD (hex) Platypus
|
||||
600000-6FFFFF (base 16) Platypus
|
||||
6, Wonteo-ro 110beon-gil, Jungwon-gu
|
||||
Gyeonggi-do Seongnam-si 13360
|
||||
KR
|
||||
|
||||
EC-74-CD (hex) Sound Health Systems
|
||||
900000-9FFFFF (base 16) Sound Health Systems
|
||||
650B Fremont Ave #65
|
||||
Los Altos CA 94024
|
||||
US
|
||||
|
||||
EC-74-CD (hex) Hitachi Rail GTS Austria GmbH
|
||||
B00000-BFFFFF (base 16) Hitachi Rail GTS Austria GmbH
|
||||
Handelskai 92
|
||||
Vienna 1200
|
||||
AT
|
||||
|
||||
EC-74-CD (hex) Standard Backhaul Communications
|
||||
500000-5FFFFF (base 16) Standard Backhaul Communications
|
||||
333 South Highland Ave
|
||||
Briarcliff Manor 10510
|
||||
US
|
||||
|
||||
D0-14-11 (hex) P.B. Elettronica srl
|
||||
100000-1FFFFF (base 16) P.B. Elettronica srl
|
||||
Via Santorelli, 8
|
||||
|
@ -26459,6 +26531,12 @@ C00000-CFFFFF (base 16) Senix
|
|||
0C-47-A9 (hex) Private
|
||||
400000-4FFFFF (base 16) Private
|
||||
|
||||
0C-47-A9 (hex) Honest Networks LLC
|
||||
800000-8FFFFF (base 16) Honest Networks LLC
|
||||
15 Maiden LnSte 1101
|
||||
New York NY 10038
|
||||
US
|
||||
|
||||
C8-5C-E2 (hex) Fela Management AG
|
||||
000000-0FFFFF (base 16) Fela Management AG
|
||||
Basadingerstrasse 18
|
||||
|
@ -33206,8 +33284,20 @@ C00000-CFFFFF (base 16) Annapurna labs
|
|||
Mail box 15123 Haifa 3508409
|
||||
IL
|
||||
|
||||
0C-47-A9 (hex) Everon Co., Ltd.
|
||||
500000-5FFFFF (base 16) Everon Co., Ltd.
|
||||
3F.Pine Avenue B, 100, Eulji-ro, Jung-gu
|
||||
Seoul 04551
|
||||
KR
|
||||
|
||||
0C-47-A9 (hex) Shenzhen Hebang Electronic Co., Ltd
|
||||
B00000-BFFFFF (base 16) Shenzhen Hebang Electronic Co., Ltd
|
||||
2nd Floor West, Bldg B, Kelunte Low Carbon Industry Park, Huarong Road, Dalang, Longhua District
|
||||
Shenzhen 518000
|
||||
CN
|
||||
|
||||
EC-74-CD (hex) TRANS AUDIO VIDEO SRL
|
||||
800000-8FFFFF (base 16) TRANS AUDIO VIDEO SRL
|
||||
Viale Melvin Jones 12
|
||||
Caserta CE 81100
|
||||
IT
|
||||
|
|
|
@ -7457,6 +7457,24 @@ D04000-D04FFF (base 16) Plenty Unlimited Inc
|
|||
HongKong 999077
|
||||
HK
|
||||
|
||||
8C-1F-64 (hex) KRYFS TECHNOLOGIES PRIVATE LIMITED
|
||||
206000-206FFF (base 16) KRYFS TECHNOLOGIES PRIVATE LIMITED
|
||||
SURVEY NO 231 KHERDI MAIN ROAD NEAR HPCL KHERDI SILVASSA
|
||||
SILVASSA DADRA AND NAGAR HAVELI 396230
|
||||
IN
|
||||
|
||||
8C-1F-64 (hex) Matrixspace
|
||||
806000-806FFF (base 16) Matrixspace
|
||||
1721 Moon Lake BlvdSTE 200
|
||||
Hoffman Estates IL 60169
|
||||
US
|
||||
|
||||
8C-1F-64 (hex) ENERGY POWER PRODUCTS LIMITED
|
||||
41B000-41BFFF (base 16) ENERGY POWER PRODUCTS LIMITED
|
||||
7/F, Room 701, Lucky Centre, 165-171, Wanchai Road
|
||||
Wanchai 000000
|
||||
HK
|
||||
|
||||
8C-1F-64 (hex) Jacobs Technology, Inc.
|
||||
A98000-A98FFF (base 16) Jacobs Technology, Inc.
|
||||
7765 Old Telegraph Road
|
||||
|
@ -22361,6 +22379,12 @@ A8C000-A8CFFF (base 16) Elektronik Art
|
|||
Lublin Lublin 20234
|
||||
PL
|
||||
|
||||
8C-1F-64 (hex) Anduril Imaging
|
||||
763000-763FFF (base 16) Anduril Imaging
|
||||
83 Hartwell Ave
|
||||
Lexington MA 02421
|
||||
US
|
||||
|
||||
8C-1F-64 (hex) Wuhan YiValley Opto-electric technology Co.,Ltd
|
||||
175000-175FFF (base 16) Wuhan YiValley Opto-electric technology Co.,Ltd
|
||||
A104,1st stage Juxian Building, Hongshan internatinoal enterprise center
|
||||
|
@ -22379,12 +22403,6 @@ C60000-C60FFF (base 16) Intelligent Security Systems (ISS)
|
|||
Woodbridge NJ 07095
|
||||
US
|
||||
|
||||
8C-1F-64 (hex) Anduril Imaging
|
||||
763000-763FFF (base 16) Anduril Imaging
|
||||
83 Hartwell Ave
|
||||
Lexington MA 02421
|
||||
US
|
||||
|
||||
8C-1F-64 (hex) Flow Power
|
||||
82B000-82BFFF (base 16) Flow Power
|
||||
Suite 2, Level 3, 18 - 20 York St
|
||||
|
@ -29885,12 +29903,42 @@ BA7000-BA7FFF (base 16) iLensys Technologies PVT LTD
|
|||
Thiruvananthapuram KERALA 695014
|
||||
IN
|
||||
|
||||
8C-1F-64 (hex) Potter Electric Signal Company
|
||||
FDF000-FDFFFF (base 16) Potter Electric Signal Company
|
||||
5757 Phantom Drive
|
||||
Hazelwood MO 63042
|
||||
US
|
||||
|
||||
8C-1F-64 (hex) Hurry-tech
|
||||
F19000-F19FFF (base 16) Hurry-tech
|
||||
Greenland Central Plaza ,Building 1 of Yard 9,Room 601
|
||||
Beijing Beijing 100089
|
||||
CN
|
||||
|
||||
8C-1F-64 (hex) Transit Solutions, LLC.
|
||||
1BC000-1BCFFF (base 16) Transit Solutions, LLC.
|
||||
114 West Grandview Avenue
|
||||
Zelienople PA 16063
|
||||
US
|
||||
|
||||
8C-1F-64 (hex) Ceranext Ltd
|
||||
394000-394FFF (base 16) Ceranext Ltd
|
||||
25-27 Demostheni Severi ,Metropolis Tower,Building B',1080 Cyprus
|
||||
Nicosia 1080
|
||||
CY
|
||||
|
||||
8C-1F-64 (hex) SiFive Inc
|
||||
E88000-E88FFF (base 16) SiFive Inc
|
||||
2625 Augustine DriveSuite 101
|
||||
Santa Clara CA 95054
|
||||
US
|
||||
|
||||
8C-1F-64 (hex) Makel Elektrik Malzemeleri A.Ş.
|
||||
9B8000-9B8FFF (base 16) Makel Elektrik Malzemeleri A.Ş.
|
||||
Osmangazi Mah.Mareşal Fevzi Çakmak Cad. No:38 KIRAÇ / Esenyurt
|
||||
ESENYURT İstanbul 34522
|
||||
TR
|
||||
|
||||
8C-1F-64 (hex) Mobileye
|
||||
D63000-D63FFF (base 16) Mobileye
|
||||
13 Hartom st.
|
||||
|
@ -37294,3 +37342,9 @@ BD9000-BD9FFF (base 16) WATTS
|
|||
C. Valportillo Segunda, 8 bis
|
||||
Alcobendas Madrid 28108
|
||||
ES
|
||||
|
||||
8C-1F-64 (hex) Mediana Co., Ltd.
|
||||
159000-159FFF (base 16) Mediana Co., Ltd.
|
||||
132, Donghwagongdan-ro, Munmak-eup
|
||||
Wonju-si Gangwon-do 26365
|
||||
KR
|
||||
|
|
|
@ -2540,7 +2540,6 @@ AVARRO,RRO,08/07/2023
|
|||
"LUMINO Licht Elektronik GmbH",LLT,11/07/2023
|
||||
"Reonel Oy",RNL,01/04/2024
|
||||
DemoPad Software Ltd,DEM,01/04/2024
|
||||
DemoPad Software Ltd,DEM,01/04/2024
|
||||
"TeamViewer Germany GmbH",TMV,01/04/2024
|
||||
"Pixio USA",PXO,02/14/2024
|
||||
"ELARABY COMPANY FOR ENGINEERING INDUSTRIES",EEI,02/14/2024
|
||||
|
|
|
|
@ -421,7 +421,7 @@
|
|||
<term><varname>rd.systemd.verity=</varname></term>
|
||||
<term><varname>systemd.verity_root_data=</varname></term>
|
||||
<term><varname>systemd.verity_root_hash=</varname></term>
|
||||
<term><varname>systemd.verity.root_options=</varname></term>
|
||||
<term><varname>systemd.verity_root_options=</varname></term>
|
||||
<term><varname>usrhash=</varname></term>
|
||||
<term><varname>systemd.verity_usr_data=</varname></term>
|
||||
<term><varname>systemd.verity_usr_hash=</varname></term>
|
||||
|
|
|
@ -265,32 +265,11 @@
|
|||
</refsect1>
|
||||
|
||||
<refsect1>
|
||||
<title>Options</title>
|
||||
<title>Unlocking</title>
|
||||
|
||||
<para>The following options are understood:</para>
|
||||
<para>The following options are understood that may be used to unlock the device in preparation of the enrollment operations:</para>
|
||||
|
||||
<variablelist>
|
||||
<varlistentry>
|
||||
<term><option>--password</option></term>
|
||||
|
||||
<listitem><para>Enroll a regular password/passphrase. This command is mostly equivalent to
|
||||
<command>cryptsetup luksAddKey</command>, however may be combined with
|
||||
<option>--wipe-slot=</option> in one call, see below.</para>
|
||||
|
||||
<xi:include href="version-info.xml" xpointer="v248"/></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>--recovery-key</option></term>
|
||||
|
||||
<listitem><para>Enroll a recovery key. Recovery keys are mostly identical to passphrases, but are
|
||||
computer-generated instead of being chosen by a human, and thus have a guaranteed high entropy. The
|
||||
key uses a character set that is easy to type in, and may be scanned off screen via a QR code.
|
||||
</para>
|
||||
|
||||
<xi:include href="version-info.xml" xpointer="v248"/></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>--unlock-key-file=<replaceable>PATH</replaceable></option></term>
|
||||
|
||||
|
@ -328,7 +307,45 @@
|
|||
|
||||
<xi:include href="version-info.xml" xpointer="v256"/></listitem>
|
||||
</varlistentry>
|
||||
</variablelist>
|
||||
</refsect1>
|
||||
|
||||
<refsect1>
|
||||
<title>Simple Enrollment</title>
|
||||
|
||||
<para>The following options are understood that may be used to enroll simple user input based
|
||||
unlocking:</para>
|
||||
|
||||
<variablelist>
|
||||
<varlistentry>
|
||||
<term><option>--password</option></term>
|
||||
|
||||
<listitem><para>Enroll a regular password/passphrase. This command is mostly equivalent to
|
||||
<command>cryptsetup luksAddKey</command>, however may be combined with
|
||||
<option>--wipe-slot=</option> in one call, see below.</para>
|
||||
|
||||
<xi:include href="version-info.xml" xpointer="v248"/></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>--recovery-key</option></term>
|
||||
|
||||
<listitem><para>Enroll a recovery key. Recovery keys are mostly identical to passphrases, but are
|
||||
computer-generated instead of being chosen by a human, and thus have a guaranteed high entropy. The
|
||||
key uses a character set that is easy to type in, and may be scanned off screen via a QR code.
|
||||
</para>
|
||||
|
||||
<xi:include href="version-info.xml" xpointer="v248"/></listitem>
|
||||
</varlistentry>
|
||||
</variablelist>
|
||||
</refsect1>
|
||||
|
||||
<refsect1>
|
||||
<title>PKCS#11 Enrollment</title>
|
||||
|
||||
<para>The following option is understood that may be used to enroll PKCS#11 tokens:</para>
|
||||
|
||||
<variablelist>
|
||||
<varlistentry>
|
||||
<term><option>--pkcs11-token-uri=<replaceable>URI</replaceable></option></term>
|
||||
|
||||
|
@ -361,7 +378,15 @@
|
|||
|
||||
<xi:include href="version-info.xml" xpointer="v248"/></listitem>
|
||||
</varlistentry>
|
||||
</variablelist>
|
||||
</refsect1>
|
||||
|
||||
<refsect1>
|
||||
<title>FIDO2 Enrollment</title>
|
||||
|
||||
<para>The following options are understood that may be used to enroll PKCS#11 tokens:</para>
|
||||
|
||||
<variablelist>
|
||||
<varlistentry>
|
||||
<term><option>--fido2-credential-algorithm=<replaceable>STRING</replaceable></option></term>
|
||||
<listitem><para>Specify COSE algorithm used in credential generation. The default value is
|
||||
|
@ -461,7 +486,15 @@
|
|||
|
||||
<xi:include href="version-info.xml" xpointer="v249"/></listitem>
|
||||
</varlistentry>
|
||||
</variablelist>
|
||||
</refsect1>
|
||||
|
||||
<refsect1>
|
||||
<title>TPM2 Enrollment</title>
|
||||
|
||||
<para>The following options are understood that may be used to enroll TPM2 devices:</para>
|
||||
|
||||
<variablelist>
|
||||
<varlistentry>
|
||||
<term><option>--tpm2-device=<replaceable>PATH</replaceable></option></term>
|
||||
|
||||
|
@ -636,7 +669,15 @@
|
|||
|
||||
<xi:include href="version-info.xml" xpointer="v255"/></listitem>
|
||||
</varlistentry>
|
||||
</variablelist>
|
||||
</refsect1>
|
||||
|
||||
<refsect1>
|
||||
<title>Other Options</title>
|
||||
|
||||
<para>The following additional options are understood:</para>
|
||||
|
||||
<variablelist>
|
||||
<varlistentry>
|
||||
<term><option>--wipe-slot=<replaceable>SLOT<optional>,SLOT...</optional></replaceable></option></term>
|
||||
|
||||
|
|
|
@ -81,4 +81,7 @@
|
|||
<para id="v255">Added in version 255.</para>
|
||||
<para id="v256">Added in version 256.</para>
|
||||
<para id="v257">Added in version 257.</para>
|
||||
<para id="v258">Added in version 258.</para>
|
||||
<para id="v259">Added in version 259.</para>
|
||||
<para id="v260">Added in version 260.</para>
|
||||
</refsect1>
|
||||
|
|
11
meson.build
11
meson.build
|
@ -2674,6 +2674,14 @@ endif
|
|||
|
||||
#####################################################################
|
||||
|
||||
ukify_depends = []
|
||||
|
||||
foreach executable : ['systemd-measure', 'systemd-sbsign', 'systemd-keyutil']
|
||||
if executable in executables_by_name
|
||||
ukify_depends += [executables_by_name[executable]]
|
||||
endif
|
||||
endforeach
|
||||
|
||||
ukify = custom_target(
|
||||
'ukify',
|
||||
input : 'src/ukify/ukify.py',
|
||||
|
@ -2681,6 +2689,7 @@ ukify = custom_target(
|
|||
command : [jinja2_cmdline, '@INPUT@', '@OUTPUT@'],
|
||||
install : want_ukify,
|
||||
install_mode : 'rwxr-xr-x',
|
||||
depends : ukify_depends,
|
||||
install_dir : bindir)
|
||||
if want_ukify
|
||||
public_programs += ukify
|
||||
|
@ -2700,7 +2709,7 @@ endif
|
|||
|
||||
mkosi_depends = public_programs
|
||||
|
||||
foreach executable : ['systemd-journal-remote', 'systemd-measure', 'systemd-sbsign', 'systemd-keyutil']
|
||||
foreach executable : ['systemd-journal-remote', 'systemd-sbsign', 'systemd-keyutil']
|
||||
if executable in executables_by_name
|
||||
mkosi_depends += [executables_by_name[executable]]
|
||||
endif
|
||||
|
|
|
@ -1 +1 @@
|
|||
257~rc1
|
||||
257~rc2
|
||||
|
|
|
@ -0,0 +1,7 @@
|
|||
#!/bin/bash
|
||||
# SPDX-License-Identifier: LGPL-2.1-or-later
|
||||
set -e
|
||||
|
||||
if [[ "$1" == "clangd" ]]; then
|
||||
exec "$@"
|
||||
fi
|
|
@ -2,10 +2,6 @@
|
|||
# SPDX-License-Identifier: LGPL-2.1-or-later
|
||||
set -e
|
||||
|
||||
if [[ "$1" == "clangd" ]]; then
|
||||
exec "$@"
|
||||
fi
|
||||
|
||||
if [[ ! -f "pkg/$PKG_SUBDIR/PKGBUILD" ]]; then
|
||||
echo "PKGBUILD not found at pkg/$PKG_SUBDIR/PKGBUILD, run mkosi once with -ff to make sure the PKGBUILD is cloned" >&2
|
||||
exit 1
|
||||
|
|
|
@ -7,7 +7,7 @@ Distribution=arch
|
|||
Environment=
|
||||
GIT_URL=https://gitlab.archlinux.org/archlinux/packaging/packages/systemd.git
|
||||
GIT_BRANCH=main
|
||||
GIT_COMMIT=62c224b60ca150627be58ca2da50f47cc0a5793c
|
||||
GIT_COMMIT=29a73017cd380cd8db070dbd560e229d523b3c79
|
||||
PKG_SUBDIR=arch
|
||||
|
||||
[Content]
|
||||
|
|
|
@ -8,7 +8,7 @@ Distribution=|fedora
|
|||
Environment=
|
||||
GIT_URL=https://src.fedoraproject.org/rpms/systemd.git
|
||||
GIT_BRANCH=rawhide
|
||||
GIT_COMMIT=e42eed4afd6267cd954d393d8eec79e0e7573de0
|
||||
GIT_COMMIT=7bd1d09f7fd16d20a041de0eb9af7cc8dbef6a99
|
||||
PKG_SUBDIR=fedora
|
||||
|
||||
[Content]
|
||||
|
|
|
@ -9,7 +9,7 @@ Environment=
|
|||
GIT_URL=https://salsa.debian.org/systemd-team/systemd.git
|
||||
GIT_SUBDIR=debian
|
||||
GIT_BRANCH=debian/master
|
||||
GIT_COMMIT=48fabbd5d240a70fce6712b6161f29b40b2fc7de
|
||||
GIT_COMMIT=51cd22f3684725a1b199012555e7378f2f468c16
|
||||
PKG_SUBDIR=debian
|
||||
|
||||
[Content]
|
||||
|
|
28
po/de.po
28
po/de.po
|
@ -15,7 +15,7 @@ msgid ""
|
|||
msgstr ""
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2024-11-06 14:42+0000\n"
|
||||
"PO-Revision-Date: 2024-11-09 20:13+0000\n"
|
||||
"PO-Revision-Date: 2024-11-17 15:48+0000\n"
|
||||
"Last-Translator: Weblate Translation Memory <noreply-mt-weblate-translation-"
|
||||
"memory@weblate.org>\n"
|
||||
"Language-Team: German <https://translate.fedoraproject.org/projects/systemd/"
|
||||
|
@ -187,9 +187,11 @@ msgstr ""
|
|||
"benötigte Speichermedium oder Dateisystem ein."
|
||||
|
||||
#: src/home/pam_systemd_home.c:298
|
||||
#, fuzzy, c-format
|
||||
#, c-format
|
||||
msgid "Too frequent login attempts for user %s, try again later."
|
||||
msgstr "Zu häufige Loginversuche für %s. Bitte später erneut probieren."
|
||||
msgstr ""
|
||||
"Zu viele Anmeldeversuche für Benutzer %s, versuchen Sie es später noch "
|
||||
"einmal."
|
||||
|
||||
#: src/home/pam_systemd_home.c:310
|
||||
msgid "Password: "
|
||||
|
@ -1189,18 +1191,16 @@ msgid "Subscribe query results"
|
|||
msgstr "Abfrageergebnisse abonnieren"
|
||||
|
||||
#: src/resolve/org.freedesktop.resolve1.policy:144
|
||||
#, fuzzy
|
||||
msgid "Authentication is required to subscribe query results."
|
||||
msgstr "Legitimierung ist zum Versetzen des Systems in Bereitschaft notwendig."
|
||||
msgstr "Legitimierung ist zum Abonnieren von Abfrageergebnissen erforderlich."
|
||||
|
||||
#: src/resolve/org.freedesktop.resolve1.policy:154
|
||||
msgid "Dump cache"
|
||||
msgstr ""
|
||||
|
||||
#: src/resolve/org.freedesktop.resolve1.policy:155
|
||||
#, fuzzy
|
||||
msgid "Authentication is required to dump cache."
|
||||
msgstr "Legitimierung ist zum Festlegen von Domains notwendig."
|
||||
msgstr ""
|
||||
|
||||
#: src/resolve/org.freedesktop.resolve1.policy:165
|
||||
msgid "Dump server state"
|
||||
|
@ -1248,20 +1248,21 @@ msgid "Install specific system version"
|
|||
msgstr "Spezifische Systemversion installieren"
|
||||
|
||||
#: src/sysupdate/org.freedesktop.sysupdate1.policy:56
|
||||
#, fuzzy
|
||||
msgid ""
|
||||
"Authentication is required to update the system to a specific (possibly old) "
|
||||
"version."
|
||||
msgstr "Legitimierung ist zum Festlegen der Systemzeitzone notwendig."
|
||||
msgstr ""
|
||||
"Legitimierung ist zum Aktualisieren des Systems auf eine bestimmte ("
|
||||
"möglicherweise alte) Version erforderlich."
|
||||
|
||||
#: src/sysupdate/org.freedesktop.sysupdate1.policy:65
|
||||
msgid "Cleanup old system updates"
|
||||
msgstr "Alte Systemaktualisierungen bereinigen"
|
||||
|
||||
#: src/sysupdate/org.freedesktop.sysupdate1.policy:66
|
||||
#, fuzzy
|
||||
msgid "Authentication is required to cleanup old system updates."
|
||||
msgstr "Legitimierung ist zum Festlegen der Systemzeit notwendig."
|
||||
msgstr ""
|
||||
"Legitimierung ist zum Bereinigen alter Systemaktualisierungen erforderlich."
|
||||
|
||||
#: src/sysupdate/org.freedesktop.sysupdate1.policy:75
|
||||
msgid "Manage optional features"
|
||||
|
@ -1269,11 +1270,8 @@ msgstr "Optionale Funktionen verwalten"
|
|||
|
||||
# https://www.freedesktop.org/software/systemd/man/sd-login.html
|
||||
#: src/sysupdate/org.freedesktop.sysupdate1.policy:76
|
||||
#, fuzzy
|
||||
msgid "Authentication is required to manage optional features"
|
||||
msgstr ""
|
||||
"Legitimierung ist zur Verwaltung aktiver Sitzungen, Benutzern und "
|
||||
"Arbeitsstationen notwendig."
|
||||
msgstr "Legitimierung ist zur Verwaltung optionaler Funktionen erforderlich"
|
||||
|
||||
#: src/timedate/org.freedesktop.timedate1.policy:22
|
||||
msgid "Set system time"
|
||||
|
|
18
po/fi.po
18
po/fi.po
|
@ -3,12 +3,13 @@
|
|||
# Finnish translation of systemd.
|
||||
# Jan Kuparinen <copper_fin@hotmail.com>, 2021, 2022, 2023.
|
||||
# Ricky Tigg <ricky.tigg@gmail.com>, 2022, 2024.
|
||||
# Jiri Grönroos <jiri.gronroos@iki.fi>, 2024.
|
||||
msgid ""
|
||||
msgstr ""
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2024-11-06 14:42+0000\n"
|
||||
"PO-Revision-Date: 2024-09-12 13:43+0000\n"
|
||||
"Last-Translator: Ricky Tigg <ricky.tigg@gmail.com>\n"
|
||||
"PO-Revision-Date: 2024-11-20 19:13+0000\n"
|
||||
"Last-Translator: Jiri Grönroos <jiri.gronroos@iki.fi>\n"
|
||||
"Language-Team: Finnish <https://translate.fedoraproject.org/projects/systemd/"
|
||||
"main/fi/>\n"
|
||||
"Language: fi\n"
|
||||
|
@ -16,7 +17,7 @@ msgstr ""
|
|||
"Content-Type: text/plain; charset=UTF-8\n"
|
||||
"Content-Transfer-Encoding: 8bit\n"
|
||||
"Plural-Forms: nplurals=2; plural=n != 1;\n"
|
||||
"X-Generator: Weblate 5.7.2\n"
|
||||
"X-Generator: Weblate 5.8.2\n"
|
||||
|
||||
#: src/core/org.freedesktop.systemd1.policy.in:22
|
||||
msgid "Send passphrase back to system"
|
||||
|
@ -112,14 +113,12 @@ msgid "Authentication is required to update a user's home area."
|
|||
msgstr "Todennus vaaditaan käyttäjän kotialueen päivittämiseksi."
|
||||
|
||||
#: src/home/org.freedesktop.home1.policy:53
|
||||
#, fuzzy
|
||||
msgid "Update your home area"
|
||||
msgstr "Päivitä kotialue"
|
||||
|
||||
#: src/home/org.freedesktop.home1.policy:54
|
||||
#, fuzzy
|
||||
msgid "Authentication is required to update your home area."
|
||||
msgstr "Todennus vaaditaan käyttäjän kotialueen päivittämiseksi."
|
||||
msgstr "Todennus vaaditaan kotialueen päivittämiseksi."
|
||||
|
||||
#: src/home/org.freedesktop.home1.policy:63
|
||||
msgid "Resize a home area"
|
||||
|
@ -1174,14 +1173,11 @@ msgstr "Todennus vaaditaan vanhojen järjestelmäpäivitysten puhdistamiseen."
|
|||
|
||||
#: src/sysupdate/org.freedesktop.sysupdate1.policy:75
|
||||
msgid "Manage optional features"
|
||||
msgstr ""
|
||||
msgstr "Hallitse valinnaisia ominaisuuksia"
|
||||
|
||||
#: src/sysupdate/org.freedesktop.sysupdate1.policy:76
|
||||
#, fuzzy
|
||||
msgid "Authentication is required to manage optional features"
|
||||
msgstr ""
|
||||
"Todennus vaaditaan aktiivisten istuntojen, käyttäjien ja paikkojen "
|
||||
"hallintaan."
|
||||
msgstr "Todennus vaaditaan valinnaisten ominaisuuksien hallintaan"
|
||||
|
||||
#: src/timedate/org.freedesktop.timedate1.policy:22
|
||||
msgid "Set system time"
|
||||
|
|
8
po/fr.po
8
po/fr.po
|
@ -12,7 +12,7 @@ msgid ""
|
|||
msgstr ""
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2024-11-06 14:42+0000\n"
|
||||
"PO-Revision-Date: 2024-11-07 09:30+0000\n"
|
||||
"PO-Revision-Date: 2024-11-23 10:38+0000\n"
|
||||
"Last-Translator: Léane GRASSER <leane.grasser@proton.me>\n"
|
||||
"Language-Team: French <https://translate.fedoraproject.org/projects/systemd/"
|
||||
"main/fr/>\n"
|
||||
|
@ -360,8 +360,8 @@ msgid ""
|
|||
"Authentication is required to set the statically configured local hostname, "
|
||||
"as well as the pretty hostname."
|
||||
msgstr ""
|
||||
"Une authentification est requise pour définir le nom d'hôte local de manière "
|
||||
"statique, ainsi que le nom d'hôte familier."
|
||||
"Une authentification est requise pour définir le nom d'hôte local configuré "
|
||||
"de manière statique, ainsi que le nom d'hôte convivial."
|
||||
|
||||
#: src/hostname/org.freedesktop.hostname1.policy:41
|
||||
msgid "Set machine information"
|
||||
|
@ -1258,7 +1258,7 @@ msgstr ""
|
|||
|
||||
#: src/sysupdate/org.freedesktop.sysupdate1.policy:75
|
||||
msgid "Manage optional features"
|
||||
msgstr "Gérer les fonctionnalités en option"
|
||||
msgstr "Gérer les fonctionnalités facultatives"
|
||||
|
||||
#: src/sysupdate/org.freedesktop.sysupdate1.policy:76
|
||||
msgid "Authentication is required to manage optional features"
|
||||
|
|
114
po/he.po
114
po/he.po
|
@ -1,22 +1,22 @@
|
|||
# SPDX-License-Identifier: LGPL-2.1-or-later
|
||||
#
|
||||
# Yaron Shahrabani <sh.yaron@gmail.com>, 2023.
|
||||
# Yaron Shahrabani <sh.yaron@gmail.com>, 2023, 2024.
|
||||
msgid ""
|
||||
msgstr ""
|
||||
"Project-Id-Version: systemd\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2024-11-06 14:42+0000\n"
|
||||
"PO-Revision-Date: 2023-11-22 00:01+0000\n"
|
||||
"PO-Revision-Date: 2024-11-19 07:38+0000\n"
|
||||
"Last-Translator: Yaron Shahrabani <sh.yaron@gmail.com>\n"
|
||||
"Language-Team: Hebrew <https://translate.fedoraproject.org/projects/systemd/"
|
||||
"master/he/>\n"
|
||||
"main/he/>\n"
|
||||
"Language: he\n"
|
||||
"MIME-Version: 1.0\n"
|
||||
"Content-Type: text/plain; charset=UTF-8\n"
|
||||
"Content-Transfer-Encoding: 8bit\n"
|
||||
"Plural-Forms: nplurals=4; plural=(n == 1) ? 0 : ((n == 2) ? 1 : ((n > 10 && "
|
||||
"n % 10 == 0) ? 2 : 3));\n"
|
||||
"X-Generator: Weblate 5.2\n"
|
||||
"X-Generator: Weblate 5.8.2\n"
|
||||
|
||||
#: src/core/org.freedesktop.systemd1.policy.in:22
|
||||
msgid "Send passphrase back to system"
|
||||
|
@ -106,14 +106,12 @@ msgid "Authentication is required to update a user's home area."
|
|||
msgstr "נדרש אימות כדי לעדכן אזור בית למשתמש."
|
||||
|
||||
#: src/home/org.freedesktop.home1.policy:53
|
||||
#, fuzzy
|
||||
msgid "Update your home area"
|
||||
msgstr "עדכון אזור בית"
|
||||
msgstr "עדכון אזור הבית שלך"
|
||||
|
||||
#: src/home/org.freedesktop.home1.policy:54
|
||||
#, fuzzy
|
||||
msgid "Authentication is required to update your home area."
|
||||
msgstr "נדרש אימות כדי לעדכן אזור בית למשתמש."
|
||||
msgstr "נדרש אימות כדי לעדכן את אזור הבית שלך."
|
||||
|
||||
#: src/home/org.freedesktop.home1.policy:63
|
||||
msgid "Resize a home area"
|
||||
|
@ -133,14 +131,12 @@ msgid ""
|
|||
msgstr "נדרש אימות כדי להחליף סיסמה של אזור בית למשתמש."
|
||||
|
||||
#: src/home/org.freedesktop.home1.policy:83
|
||||
#, fuzzy
|
||||
msgid "Activate a home area"
|
||||
msgstr "יצירת אזור בית"
|
||||
msgstr "הפעלת אזור בית"
|
||||
|
||||
#: src/home/org.freedesktop.home1.policy:84
|
||||
#, fuzzy
|
||||
msgid "Authentication is required to activate a user's home area."
|
||||
msgstr "נדרש אימות כדי ליצור אזור בית למשתמש."
|
||||
msgstr "נדרש אימות כדי להפעיל אזור בית של משתמש."
|
||||
|
||||
#: src/home/pam_systemd_home.c:293
|
||||
#, c-format
|
||||
|
@ -351,46 +347,37 @@ msgid "Authentication is required to get system description."
|
|||
msgstr "נדרש אימות כדי למשוך את תיאור המערכת."
|
||||
|
||||
#: src/import/org.freedesktop.import1.policy:22
|
||||
#, fuzzy
|
||||
msgid "Import a disk image"
|
||||
msgstr "לייבא מכונה וירטואלית או דמות של מכולה (container image)"
|
||||
msgstr "ייבוא דמות כונן"
|
||||
|
||||
#: src/import/org.freedesktop.import1.policy:23
|
||||
#, fuzzy
|
||||
msgid "Authentication is required to import an image."
|
||||
msgstr ""
|
||||
"נדרש אימות כדי לייבא מכונה וירטואלית או דמות של מכולה (container image)"
|
||||
msgstr "נדרש אימות כדי לייבא דמות."
|
||||
|
||||
#: src/import/org.freedesktop.import1.policy:32
|
||||
#, fuzzy
|
||||
msgid "Export a disk image"
|
||||
msgstr "ייצוא מכונה וירטואלית או דמות של מכולה (container image)"
|
||||
msgstr "ייצוא דמות כונן"
|
||||
|
||||
#: src/import/org.freedesktop.import1.policy:33
|
||||
#, fuzzy
|
||||
msgid "Authentication is required to export disk image."
|
||||
msgstr ""
|
||||
"נדרש אימות כדי לייצא מכונה וירטואלית או דמות של מכולה (container image)"
|
||||
msgstr "נדרש אימות כדי לייצא דמות כונן."
|
||||
|
||||
#: src/import/org.freedesktop.import1.policy:42
|
||||
#, fuzzy
|
||||
msgid "Download a disk image"
|
||||
msgstr "הורדת מכונה וירטואלית או דמות מכולה"
|
||||
msgstr "הורדת דמות כונן"
|
||||
|
||||
#: src/import/org.freedesktop.import1.policy:43
|
||||
#, fuzzy
|
||||
msgid "Authentication is required to download a disk image."
|
||||
msgstr "נדרש אימות כדי להוריד מכונה וירטואלית או דמות מכולה"
|
||||
msgstr "נדרש אימות כדי להוריד דמות כונן."
|
||||
|
||||
#: src/import/org.freedesktop.import1.policy:52
|
||||
msgid "Cancel transfer of a disk image"
|
||||
msgstr ""
|
||||
msgstr "ביטול העברה של דמות כונן"
|
||||
|
||||
#: src/import/org.freedesktop.import1.policy:53
|
||||
#, fuzzy
|
||||
msgid ""
|
||||
"Authentication is required to cancel the ongoing transfer of a disk image."
|
||||
msgstr "נדרש אימות כדי להחליף סיסמה של אזור בית למשתמש."
|
||||
msgstr "נדרש אימות כדי לבטל העברה של דמות כונן שמתבצעת בזמן אמת."
|
||||
|
||||
#: src/locale/org.freedesktop.locale1.policy:22
|
||||
msgid "Set system locale"
|
||||
|
@ -732,9 +719,8 @@ msgid "Set a wall message"
|
|||
msgstr "הגדרת הודעת קיר"
|
||||
|
||||
#: src/login/org.freedesktop.login1.policy:397
|
||||
#, fuzzy
|
||||
msgid "Authentication is required to set a wall message."
|
||||
msgstr "נדרש אימות כדי להגדיר הודעת קיר"
|
||||
msgstr "נדרש אימות כדי להגדיר הודעת קיר."
|
||||
|
||||
#: src/login/org.freedesktop.login1.policy:406
|
||||
msgid "Change Session"
|
||||
|
@ -804,16 +790,14 @@ msgstr ""
|
|||
"נדרש אימות כדי לנהל מכונות וירטואליות (VM) ומכולות (container) מקומיות."
|
||||
|
||||
#: src/machine/org.freedesktop.machine1.policy:95
|
||||
#, fuzzy
|
||||
msgid "Create a local virtual machine or container"
|
||||
msgstr "ניהול מכונות וירטואליות ומכולות מקומיות"
|
||||
msgstr "יצירת מכונה וירטואלית או מכולה מקומיות"
|
||||
|
||||
#: src/machine/org.freedesktop.machine1.policy:96
|
||||
#, fuzzy
|
||||
msgid ""
|
||||
"Authentication is required to create a local virtual machine or container."
|
||||
msgstr ""
|
||||
"נדרש אימות כדי לנהל מכונות וירטואליות (VM) ומכולות (container) מקומיות."
|
||||
"נדרש אימות כדי ליצור מכונות וירטואליות (VM) או מכולות (container) מקומיות."
|
||||
|
||||
#: src/machine/org.freedesktop.machine1.policy:106
|
||||
msgid "Manage local virtual machine and container images"
|
||||
|
@ -965,13 +949,13 @@ msgstr "נדרש אימות כדי להגדיר כרטיס רשת מחדש."
|
|||
|
||||
#: src/network/org.freedesktop.network1.policy:187
|
||||
msgid "Specify whether persistent storage for systemd-networkd is available"
|
||||
msgstr ""
|
||||
msgstr "נא לציין האם יש אחסון קבוע זמין ל־systemd-networkd"
|
||||
|
||||
#: src/network/org.freedesktop.network1.policy:188
|
||||
msgid ""
|
||||
"Authentication is required to specify whether persistent storage for systemd-"
|
||||
"networkd is available."
|
||||
msgstr ""
|
||||
msgstr "נדרש אימות כדי לציין האם אחסון קבוע זמין ל־systemd-networkd."
|
||||
|
||||
#: src/portable/org.freedesktop.portable1.policy:13
|
||||
msgid "Inspect a portable service image"
|
||||
|
@ -1004,18 +988,16 @@ msgid "Register a DNS-SD service"
|
|||
msgstr "רישום שירות DNS-SD"
|
||||
|
||||
#: src/resolve/org.freedesktop.resolve1.policy:23
|
||||
#, fuzzy
|
||||
msgid "Authentication is required to register a DNS-SD service."
|
||||
msgstr "נדרש אימות כדי לרשום שירות DNS-SD"
|
||||
msgstr "נדרש אימות כדי לרשום שירות DNS-SD."
|
||||
|
||||
#: src/resolve/org.freedesktop.resolve1.policy:33
|
||||
msgid "Unregister a DNS-SD service"
|
||||
msgstr "ביטול רישום שירות DNS-SD"
|
||||
|
||||
#: src/resolve/org.freedesktop.resolve1.policy:34
|
||||
#, fuzzy
|
||||
msgid "Authentication is required to unregister a DNS-SD service."
|
||||
msgstr "נדרש אימות כדי לבטל רישום של שירות DNS-SD"
|
||||
msgstr "נדרש אימות כדי לבטל רישום של שירות DNS-SD."
|
||||
|
||||
#: src/resolve/org.freedesktop.resolve1.policy:132
|
||||
msgid "Revert name resolution settings"
|
||||
|
@ -1027,95 +1009,85 @@ msgstr "נדרש אימות כדי לאפס את הגדרות פתרון השמ
|
|||
|
||||
#: src/resolve/org.freedesktop.resolve1.policy:143
|
||||
msgid "Subscribe query results"
|
||||
msgstr ""
|
||||
msgstr "רישום לתוצאות שאילתה"
|
||||
|
||||
#: src/resolve/org.freedesktop.resolve1.policy:144
|
||||
#, fuzzy
|
||||
msgid "Authentication is required to subscribe query results."
|
||||
msgstr "נדרש אימות כדי להשהות את המערכת."
|
||||
msgstr "נדרש אימות כדי להירשם לתוצאות שאילתה."
|
||||
|
||||
#: src/resolve/org.freedesktop.resolve1.policy:154
|
||||
msgid "Dump cache"
|
||||
msgstr ""
|
||||
msgstr "היטל המטמון"
|
||||
|
||||
#: src/resolve/org.freedesktop.resolve1.policy:155
|
||||
#, fuzzy
|
||||
msgid "Authentication is required to dump cache."
|
||||
msgstr "נדרש אימות כדי להגדיר שמות תחום."
|
||||
msgstr "נדרש אימות כדי להטיל את המטמון."
|
||||
|
||||
#: src/resolve/org.freedesktop.resolve1.policy:165
|
||||
msgid "Dump server state"
|
||||
msgstr ""
|
||||
msgstr "היטל מצב השרת"
|
||||
|
||||
#: src/resolve/org.freedesktop.resolve1.policy:166
|
||||
#, fuzzy
|
||||
msgid "Authentication is required to dump server state."
|
||||
msgstr "נדרש אימות כדי להגדיר שרתי NTP."
|
||||
msgstr "נדרש אימות כדי להטיל את מצב השרת."
|
||||
|
||||
#: src/resolve/org.freedesktop.resolve1.policy:176
|
||||
msgid "Dump statistics"
|
||||
msgstr ""
|
||||
msgstr "היטל סטטיסטיקה"
|
||||
|
||||
#: src/resolve/org.freedesktop.resolve1.policy:177
|
||||
#, fuzzy
|
||||
msgid "Authentication is required to dump statistics."
|
||||
msgstr "נדרש אימות כדי להגדיר שמות תחום."
|
||||
msgstr "נדרש אימות כדי להטיל סטטיסטיקה."
|
||||
|
||||
#: src/resolve/org.freedesktop.resolve1.policy:187
|
||||
msgid "Reset statistics"
|
||||
msgstr ""
|
||||
msgstr "איפוס סטטיסטיקה"
|
||||
|
||||
#: src/resolve/org.freedesktop.resolve1.policy:188
|
||||
#, fuzzy
|
||||
msgid "Authentication is required to reset statistics."
|
||||
msgstr "נדרש אימות כדי לאפס הגדרות NTP."
|
||||
msgstr "נדרש אימות כדי לאפס סטטיסטיקה."
|
||||
|
||||
#: src/sysupdate/org.freedesktop.sysupdate1.policy:35
|
||||
msgid "Check for system updates"
|
||||
msgstr ""
|
||||
msgstr "חיפוש עדכוני מערכת"
|
||||
|
||||
#: src/sysupdate/org.freedesktop.sysupdate1.policy:36
|
||||
#, fuzzy
|
||||
msgid "Authentication is required to check for system updates."
|
||||
msgstr "נדרש אימות כדי להגדיר את שעון המערכת."
|
||||
msgstr "נדרש אימות כדי לחפש עדכוני מערכת."
|
||||
|
||||
#: src/sysupdate/org.freedesktop.sysupdate1.policy:45
|
||||
msgid "Install system updates"
|
||||
msgstr ""
|
||||
msgstr "התקנת עדכוני מערכת"
|
||||
|
||||
#: src/sysupdate/org.freedesktop.sysupdate1.policy:46
|
||||
#, fuzzy
|
||||
msgid "Authentication is required to install system updates."
|
||||
msgstr "נדרש אימות כדי להגדיר את שעון המערכת."
|
||||
msgstr "נדרש אימות כדי להתקין עדכוני מערכת."
|
||||
|
||||
#: src/sysupdate/org.freedesktop.sysupdate1.policy:55
|
||||
msgid "Install specific system version"
|
||||
msgstr ""
|
||||
msgstr "התקנת גרסת מערכת מסוימת"
|
||||
|
||||
#: src/sysupdate/org.freedesktop.sysupdate1.policy:56
|
||||
#, fuzzy
|
||||
msgid ""
|
||||
"Authentication is required to update the system to a specific (possibly old) "
|
||||
"version."
|
||||
msgstr "נדרש אימות כדי להגדיר את אזור הזמן של המערכת."
|
||||
msgstr "נדרש אימות כדי לעדכן את המערכת לגרסה מסוימת (כנראה ישנה)."
|
||||
|
||||
#: src/sysupdate/org.freedesktop.sysupdate1.policy:65
|
||||
msgid "Cleanup old system updates"
|
||||
msgstr ""
|
||||
msgstr "ניקוי עדכוני מערכת ישנים"
|
||||
|
||||
#: src/sysupdate/org.freedesktop.sysupdate1.policy:66
|
||||
#, fuzzy
|
||||
msgid "Authentication is required to cleanup old system updates."
|
||||
msgstr "נדרש אימות כדי להגדיר את שעון המערכת."
|
||||
msgstr "נדרש אימות כדי לנקות עדכוני מערכת ישנים."
|
||||
|
||||
#: src/sysupdate/org.freedesktop.sysupdate1.policy:75
|
||||
msgid "Manage optional features"
|
||||
msgstr ""
|
||||
msgstr "ניהול יכולות רשות"
|
||||
|
||||
#: src/sysupdate/org.freedesktop.sysupdate1.policy:76
|
||||
#, fuzzy
|
||||
msgid "Authentication is required to manage optional features"
|
||||
msgstr "נדרש אימות כדי לנהל הפעלות, משתמשים ומושבים פעילים."
|
||||
msgstr "נדרש אימות כדי לנהל יכולות רשות"
|
||||
|
||||
#: src/timedate/org.freedesktop.timedate1.policy:22
|
||||
msgid "Set system time"
|
||||
|
|
11
po/ja.po
11
po/ja.po
|
@ -6,7 +6,7 @@
|
|||
msgid ""
|
||||
msgstr ""
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2024-11-06 14:42+0000\n"
|
||||
"POT-Creation-Date: 2024-11-18 12:55+0900\n"
|
||||
"PO-Revision-Date: 2021-09-09 03:04+0000\n"
|
||||
"Last-Translator: Takuro Onoue <kusanaginoturugi@gmail.com>\n"
|
||||
"Language-Team: Japanese <https://translate.fedoraproject.org/projects/"
|
||||
|
@ -106,14 +106,12 @@ msgid "Authentication is required to update a user's home area."
|
|||
msgstr "ユーザのホーム領域の更新には認証が必要です。"
|
||||
|
||||
#: src/home/org.freedesktop.home1.policy:53
|
||||
#, fuzzy
|
||||
msgid "Update your home area"
|
||||
msgstr "ホーム領域の更新"
|
||||
|
||||
#: src/home/org.freedesktop.home1.policy:54
|
||||
#, fuzzy
|
||||
msgid "Authentication is required to update your home area."
|
||||
msgstr "ユーザのホーム領域の更新には認証が必要です。"
|
||||
msgstr "ホーム領域の更新には認証が必要です。"
|
||||
|
||||
#: src/home/org.freedesktop.home1.policy:63
|
||||
msgid "Resize a home area"
|
||||
|
@ -1120,12 +1118,11 @@ msgstr "過去のシステム更新を削除するには認証が必要です。
|
|||
|
||||
#: src/sysupdate/org.freedesktop.sysupdate1.policy:75
|
||||
msgid "Manage optional features"
|
||||
msgstr ""
|
||||
msgstr "任意の機能の管理"
|
||||
|
||||
#: src/sysupdate/org.freedesktop.sysupdate1.policy:76
|
||||
#, fuzzy
|
||||
msgid "Authentication is required to manage optional features"
|
||||
msgstr "アクティブなセッションやユーザ,シートを管理するには認証が必要です。"
|
||||
msgstr "任意の機能を管理するには認証が必要です。"
|
||||
|
||||
#: src/timedate/org.freedesktop.timedate1.policy:22
|
||||
msgid "Set system time"
|
||||
|
|
4
po/ru.po
4
po/ru.po
|
@ -14,7 +14,7 @@ msgid ""
|
|||
msgstr ""
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2024-11-06 14:42+0000\n"
|
||||
"PO-Revision-Date: 2024-11-07 09:30+0000\n"
|
||||
"PO-Revision-Date: 2024-11-17 13:38+0000\n"
|
||||
"Last-Translator: \"Sergey A.\" <Ser82-png@yandex.ru>\n"
|
||||
"Language-Team: Russian <https://translate.fedoraproject.org/projects/systemd/"
|
||||
"main/ru/>\n"
|
||||
|
@ -1280,7 +1280,7 @@ msgstr "Управление дополнительными функциями"
|
|||
#: src/sysupdate/org.freedesktop.sysupdate1.policy:76
|
||||
msgid "Authentication is required to manage optional features"
|
||||
msgstr ""
|
||||
"Для управления дополнительными функциями необходимо пройти аутентификацию."
|
||||
"Для управления дополнительными функциями необходимо пройти аутентификацию"
|
||||
|
||||
#: src/timedate/org.freedesktop.timedate1.policy:22
|
||||
msgid "Set system time"
|
||||
|
|
15
po/sl.po
15
po/sl.po
|
@ -7,7 +7,7 @@ msgstr ""
|
|||
"Project-Id-Version: systemd\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2024-11-06 14:42+0000\n"
|
||||
"PO-Revision-Date: 2024-08-26 19:38+0000\n"
|
||||
"PO-Revision-Date: 2024-11-20 19:13+0000\n"
|
||||
"Last-Translator: Martin Srebotnjak <miles@filmsi.net>\n"
|
||||
"Language-Team: Slovenian <https://translate.fedoraproject.org/projects/"
|
||||
"systemd/main/sl/>\n"
|
||||
|
@ -17,7 +17,7 @@ msgstr ""
|
|||
"Content-Transfer-Encoding: 8bit\n"
|
||||
"Plural-Forms: nplurals=4; plural=n%100==1 ? 0 : n%100==2 ? 1 : n%100==3 || "
|
||||
"n%100==4 ? 2 : 3;\n"
|
||||
"X-Generator: Weblate 5.7\n"
|
||||
"X-Generator: Weblate 5.8.2\n"
|
||||
|
||||
#: src/core/org.freedesktop.systemd1.policy.in:22
|
||||
msgid "Send passphrase back to system"
|
||||
|
@ -125,16 +125,13 @@ msgstr ""
|
|||
"območja."
|
||||
|
||||
#: src/home/org.freedesktop.home1.policy:53
|
||||
#, fuzzy
|
||||
msgid "Update your home area"
|
||||
msgstr "Posodobite domače območje"
|
||||
|
||||
#: src/home/org.freedesktop.home1.policy:54
|
||||
#, fuzzy
|
||||
msgid "Authentication is required to update your home area."
|
||||
msgstr ""
|
||||
"Preverjanje pristnosti je potrebno za posodobitev uporabnikovega domačega "
|
||||
"območja."
|
||||
"Preverjanje pristnosti je potrebno za posodobitev vašega domačega območja."
|
||||
|
||||
#: src/home/org.freedesktop.home1.policy:63
|
||||
msgid "Resize a home area"
|
||||
|
@ -1234,14 +1231,12 @@ msgstr ""
|
|||
|
||||
#: src/sysupdate/org.freedesktop.sysupdate1.policy:75
|
||||
msgid "Manage optional features"
|
||||
msgstr ""
|
||||
msgstr "Upravljaj dodatne funkcionalnosti"
|
||||
|
||||
#: src/sysupdate/org.freedesktop.sysupdate1.policy:76
|
||||
#, fuzzy
|
||||
msgid "Authentication is required to manage optional features"
|
||||
msgstr ""
|
||||
"Preverjanje pristnosti je potrebno za upravljanje aktivnih sej, uporabnikov "
|
||||
"in delovišč."
|
||||
"Preverjanje pristnosti je potrebno za upravljanje dodatnih funkcionalnosti."
|
||||
|
||||
#: src/timedate/org.freedesktop.timedate1.policy:22
|
||||
msgid "Set system time"
|
||||
|
|
18
po/uk.po
18
po/uk.po
|
@ -4,11 +4,12 @@
|
|||
# Eugene Melnik <jeka7js@gmail.com>, 2014.
|
||||
# Daniel Korostil <ted.korostiled@gmail.com>, 2014, 2016, 2018.
|
||||
# Yuri Chornoivan <yurchor@ukr.net>, 2019, 2020, 2021, 2022, 2023, 2024.
|
||||
# Dmytro Markevych <hotr1pak@gmail.com>, 2024.
|
||||
msgid ""
|
||||
msgstr ""
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2024-11-06 14:42+0000\n"
|
||||
"PO-Revision-Date: 2024-08-24 10:36+0000\n"
|
||||
"PO-Revision-Date: 2024-11-21 19:38+0000\n"
|
||||
"Last-Translator: Yuri Chornoivan <yurchor@ukr.net>\n"
|
||||
"Language-Team: Ukrainian <https://translate.fedoraproject.org/projects/"
|
||||
"systemd/main/uk/>\n"
|
||||
|
@ -18,7 +19,7 @@ msgstr ""
|
|||
"Content-Transfer-Encoding: 8bit\n"
|
||||
"Plural-Forms: nplurals=3; plural=n%10==1 && n%100!=11 ? 0 : n%10>=2 && "
|
||||
"n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2;\n"
|
||||
"X-Generator: Weblate 5.7\n"
|
||||
"X-Generator: Weblate 5.8.2\n"
|
||||
|
||||
#: src/core/org.freedesktop.systemd1.policy.in:22
|
||||
msgid "Send passphrase back to system"
|
||||
|
@ -118,14 +119,12 @@ msgid "Authentication is required to update a user's home area."
|
|||
msgstr "Для оновлення домашньої теки користувача слід пройти розпізнавання."
|
||||
|
||||
#: src/home/org.freedesktop.home1.policy:53
|
||||
#, fuzzy
|
||||
msgid "Update your home area"
|
||||
msgstr "Оновлення домашньої теки"
|
||||
msgstr "Оновлення домашньої області"
|
||||
|
||||
#: src/home/org.freedesktop.home1.policy:54
|
||||
#, fuzzy
|
||||
msgid "Authentication is required to update your home area."
|
||||
msgstr "Для оновлення домашньої теки користувача слід пройти розпізнавання."
|
||||
msgstr "Для оновлення домашньої області слід пройти розпізнавання."
|
||||
|
||||
#: src/home/org.freedesktop.home1.policy:63
|
||||
msgid "Resize a home area"
|
||||
|
@ -1212,14 +1211,11 @@ msgstr "Для вилучення застарілих оновлень сист
|
|||
|
||||
#: src/sysupdate/org.freedesktop.sysupdate1.policy:75
|
||||
msgid "Manage optional features"
|
||||
msgstr ""
|
||||
msgstr "Керування додатковими функціями"
|
||||
|
||||
#: src/sysupdate/org.freedesktop.sysupdate1.policy:76
|
||||
#, fuzzy
|
||||
msgid "Authentication is required to manage optional features"
|
||||
msgstr ""
|
||||
"Для того, щоб керувати сеансами, користувачами і робочими місцями, слід "
|
||||
"пройти розпізнавання."
|
||||
msgstr "Для керування додатковими можливостями слід пройти розпізнавання"
|
||||
|
||||
#: src/timedate/org.freedesktop.timedate1.policy:22
|
||||
msgid "Set system time"
|
||||
|
|
|
@ -38,19 +38,12 @@ __get_tpm2_devices() {
|
|||
done
|
||||
}
|
||||
|
||||
__get_block_devices() {
|
||||
local i
|
||||
for i in /dev/*; do
|
||||
[ -b "$i" ] && printf '%s\n' "$i"
|
||||
done
|
||||
}
|
||||
|
||||
_systemd_cryptenroll() {
|
||||
local comps
|
||||
local cur=${COMP_WORDS[COMP_CWORD]} prev=${COMP_WORDS[COMP_CWORD-1]} words cword
|
||||
local -A OPTS=(
|
||||
[STANDALONE]='-h --help --version
|
||||
--password --recovery-key'
|
||||
--password --recovery-key --list-devices'
|
||||
[ARG]='--unlock-key-file
|
||||
--unlock-fido2-device
|
||||
--unlock-tpm2-device
|
||||
|
@ -116,7 +109,7 @@ _systemd_cryptenroll() {
|
|||
return 0
|
||||
fi
|
||||
|
||||
comps=$(__get_block_devices)
|
||||
comps=$(systemd-cryptenroll --list-devices)
|
||||
COMPREPLY=( $(compgen -W '$comps' -- "$cur") )
|
||||
return 0
|
||||
}
|
||||
|
|
|
@ -799,16 +799,20 @@ int cg_pid_get_path(const char *controller, pid_t pid, char **ret_path) {
|
|||
continue;
|
||||
}
|
||||
|
||||
char *path = strdup(e + 1);
|
||||
_cleanup_free_ char *path = strdup(e + 1);
|
||||
if (!path)
|
||||
return -ENOMEM;
|
||||
|
||||
/* Refuse cgroup paths from outside our cgroup namespace */
|
||||
if (startswith(path, "/../"))
|
||||
return -EUNATCH;
|
||||
|
||||
/* Truncate suffix indicating the process is a zombie */
|
||||
e = endswith(path, " (deleted)");
|
||||
if (e)
|
||||
*e = 0;
|
||||
|
||||
*ret_path = path;
|
||||
*ret_path = TAKE_PTR(path);
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -21,7 +21,7 @@
|
|||
#define AUTOFS_MIN_PROTO_VERSION 3
|
||||
#define AUTOFS_MAX_PROTO_VERSION 5
|
||||
|
||||
#define AUTOFS_PROTO_SUBVERSION 5
|
||||
#define AUTOFS_PROTO_SUBVERSION 6
|
||||
|
||||
/*
|
||||
* The wait_queue_token (autofs_wqt_t) is part of a structure which is passed
|
||||
|
|
|
@ -1121,6 +1121,9 @@ enum bpf_attach_type {
|
|||
|
||||
#define MAX_BPF_ATTACH_TYPE __MAX_BPF_ATTACH_TYPE
|
||||
|
||||
/* Add BPF_LINK_TYPE(type, name) in bpf_types.h to keep bpf_link_type_strs[]
|
||||
* in sync with the definitions below.
|
||||
*/
|
||||
enum bpf_link_type {
|
||||
BPF_LINK_TYPE_UNSPEC = 0,
|
||||
BPF_LINK_TYPE_RAW_TRACEPOINT = 1,
|
||||
|
@ -2851,7 +2854,7 @@ union bpf_attr {
|
|||
* **TCP_SYNCNT**, **TCP_USER_TIMEOUT**, **TCP_NOTSENT_LOWAT**,
|
||||
* **TCP_NODELAY**, **TCP_MAXSEG**, **TCP_WINDOW_CLAMP**,
|
||||
* **TCP_THIN_LINEAR_TIMEOUTS**, **TCP_BPF_DELACK_MAX**,
|
||||
* **TCP_BPF_RTO_MIN**.
|
||||
* **TCP_BPF_RTO_MIN**, **TCP_BPF_SOCK_OPS_CB_FLAGS**.
|
||||
* * **IPPROTO_IP**, which supports *optname* **IP_TOS**.
|
||||
* * **IPPROTO_IPV6**, which supports the following *optname*\ s:
|
||||
* **IPV6_TCLASS**, **IPV6_AUTOFLOWLABEL**.
|
||||
|
@ -5519,11 +5522,12 @@ union bpf_attr {
|
|||
* **-EOPNOTSUPP** if the hash calculation failed or **-EINVAL** if
|
||||
* invalid arguments are passed.
|
||||
*
|
||||
* void *bpf_kptr_xchg(void *map_value, void *ptr)
|
||||
* void *bpf_kptr_xchg(void *dst, void *ptr)
|
||||
* Description
|
||||
* Exchange kptr at pointer *map_value* with *ptr*, and return the
|
||||
* old value. *ptr* can be NULL, otherwise it must be a referenced
|
||||
* pointer which will be released when this helper is called.
|
||||
* Exchange kptr at pointer *dst* with *ptr*, and return the old value.
|
||||
* *dst* can be map value or local kptr. *ptr* can be NULL, otherwise
|
||||
* it must be a referenced pointer which will be released when this helper
|
||||
* is called.
|
||||
* Return
|
||||
* The old value of kptr (which can be NULL). The returned pointer
|
||||
* if not NULL, is a reference which must be released using its
|
||||
|
@ -6046,11 +6050,6 @@ enum {
|
|||
BPF_F_MARK_ENFORCE = (1ULL << 6),
|
||||
};
|
||||
|
||||
/* BPF_FUNC_clone_redirect and BPF_FUNC_redirect flags. */
|
||||
enum {
|
||||
BPF_F_INGRESS = (1ULL << 0),
|
||||
};
|
||||
|
||||
/* BPF_FUNC_skb_set_tunnel_key and BPF_FUNC_skb_get_tunnel_key flags. */
|
||||
enum {
|
||||
BPF_F_TUNINFO_IPV6 = (1ULL << 0),
|
||||
|
@ -6197,10 +6196,12 @@ enum {
|
|||
BPF_F_BPRM_SECUREEXEC = (1ULL << 0),
|
||||
};
|
||||
|
||||
/* Flags for bpf_redirect_map helper */
|
||||
/* Flags for bpf_redirect and bpf_redirect_map helpers */
|
||||
enum {
|
||||
BPF_F_BROADCAST = (1ULL << 3),
|
||||
BPF_F_EXCLUDE_INGRESS = (1ULL << 4),
|
||||
BPF_F_INGRESS = (1ULL << 0), /* used for skb path */
|
||||
BPF_F_BROADCAST = (1ULL << 3), /* used for XDP path */
|
||||
BPF_F_EXCLUDE_INGRESS = (1ULL << 4), /* used for XDP path */
|
||||
#define BPF_F_REDIRECT_FLAGS (BPF_F_INGRESS | BPF_F_BROADCAST | BPF_F_EXCLUDE_INGRESS)
|
||||
};
|
||||
|
||||
#define __bpf_md_ptr(type, name) \
|
||||
|
@ -7080,6 +7081,7 @@ enum {
|
|||
TCP_BPF_SYN = 1005, /* Copy the TCP header */
|
||||
TCP_BPF_SYN_IP = 1006, /* Copy the IP[46] and TCP header */
|
||||
TCP_BPF_SYN_MAC = 1007, /* Copy the MAC, IP[46], and TCP header */
|
||||
TCP_BPF_SOCK_OPS_CB_FLAGS = 1008, /* Get or Set TCP sock ops flags */
|
||||
};
|
||||
|
||||
enum {
|
||||
|
@ -7512,4 +7514,13 @@ struct bpf_iter_num {
|
|||
__u64 __opaque[1];
|
||||
} __attribute__((aligned(8)));
|
||||
|
||||
/*
|
||||
* Flags to control BPF kfunc behaviour.
|
||||
* - BPF_F_PAD_ZEROS: Pad destination buffer with zeros. (See the respective
|
||||
* helper documentation for details.)
|
||||
*/
|
||||
enum bpf_kfunc_flags {
|
||||
BPF_F_PAD_ZEROS = (1ULL << 0),
|
||||
};
|
||||
|
||||
#endif /* __LINUX_BPF_H__ */
|
||||
|
|
|
@ -28,6 +28,23 @@
|
|||
#define _BITUL(x) (_UL(1) << (x))
|
||||
#define _BITULL(x) (_ULL(1) << (x))
|
||||
|
||||
#if !defined(__ASSEMBLY__)
|
||||
/*
|
||||
* Missing __asm__ support
|
||||
*
|
||||
* __BIT128() would not work in the __asm__ code, as it shifts an
|
||||
* 'unsigned __init128' data type as direct representation of
|
||||
* 128 bit constants is not supported in the gcc compiler, as
|
||||
* they get silently truncated.
|
||||
*
|
||||
* TODO: Please revisit this implementation when gcc compiler
|
||||
* starts representing 128 bit constants directly like long
|
||||
* and unsigned long etc. Subsequently drop the comment for
|
||||
* GENMASK_U128() which would then start supporting __asm__ code.
|
||||
*/
|
||||
#define _BIT128(x) ((unsigned __int128)(1) << (x))
|
||||
#endif
|
||||
|
||||
#define __ALIGN_KERNEL(x, a) __ALIGN_KERNEL_MASK(x, (__typeof__(x))(a) - 1)
|
||||
#define __ALIGN_KERNEL_MASK(x, mask) (((x) + (mask)) & ~(mask))
|
||||
|
||||
|
|
|
@ -2531,4 +2531,20 @@ struct ethtool_link_settings {
|
|||
* __u32 map_lp_advertising[link_mode_masks_nwords];
|
||||
*/
|
||||
};
|
||||
|
||||
/**
|
||||
* enum phy_upstream - Represents the upstream component a given PHY device
|
||||
* is connected to, as in what is on the other end of the MII bus. Most PHYs
|
||||
* will be attached to an Ethernet MAC controller, but in some cases, there's
|
||||
* an intermediate PHY used as a media-converter, which will driver another
|
||||
* MII interface as its output.
|
||||
* @PHY_UPSTREAM_MAC: Upstream component is a MAC (a switch port,
|
||||
* or ethernet controller)
|
||||
* @PHY_UPSTREAM_PHY: Upstream component is a PHY (likely a media converter)
|
||||
*/
|
||||
enum phy_upstream {
|
||||
PHY_UPSTREAM_MAC,
|
||||
PHY_UPSTREAM_PHY,
|
||||
};
|
||||
|
||||
#endif /* _LINUX_ETHTOOL_H */
|
||||
|
|
|
@ -67,6 +67,7 @@ enum {
|
|||
FRA_IP_PROTO, /* ip proto */
|
||||
FRA_SPORT_RANGE, /* sport */
|
||||
FRA_DPORT_RANGE, /* dport */
|
||||
FRA_DSCP, /* dscp */
|
||||
__FRA_MAX
|
||||
};
|
||||
|
||||
|
|
|
@ -230,8 +230,8 @@ struct tpacket_hdr_v1 {
|
|||
* ts_first_pkt:
|
||||
* Is always the time-stamp when the block was opened.
|
||||
* Case a) ZERO packets
|
||||
* No packets to deal with but atleast you know the
|
||||
* time-interval of this block.
|
||||
* No packets to deal with but at least you know
|
||||
* the time-interval of this block.
|
||||
* Case b) Non-zero packets
|
||||
* Use the ts of the first packet in the block.
|
||||
*
|
||||
|
@ -265,7 +265,8 @@ enum tpacket_versions {
|
|||
- struct tpacket_hdr
|
||||
- pad to TPACKET_ALIGNMENT=16
|
||||
- struct sockaddr_ll
|
||||
- Gap, chosen so that packet data (Start+tp_net) alignes to TPACKET_ALIGNMENT=16
|
||||
- Gap, chosen so that packet data (Start+tp_net) aligns to
|
||||
TPACKET_ALIGNMENT=16
|
||||
- Start+tp_mac: [ Optional MAC header ]
|
||||
- Start+tp_net: Packet data, aligned to TPACKET_ALIGNMENT=16.
|
||||
- Pad to align to TPACKET_ALIGNMENT=16
|
||||
|
|
|
@ -141,7 +141,7 @@ struct in_addr {
|
|||
*/
|
||||
#define IP_PMTUDISC_INTERFACE 4
|
||||
/* weaker version of IP_PMTUDISC_INTERFACE, which allows packets to get
|
||||
* fragmented if they exeed the interface mtu
|
||||
* fragmented if they exceed the interface mtu
|
||||
*/
|
||||
#define IP_PMTUDISC_OMIT 5
|
||||
|
||||
|
|
|
@ -140,25 +140,6 @@
|
|||
|
||||
#endif /* _NETINET_IN_H */
|
||||
|
||||
/* Coordinate with glibc netipx/ipx.h header. */
|
||||
#if defined(__NETIPX_IPX_H)
|
||||
|
||||
#define __UAPI_DEF_SOCKADDR_IPX 0
|
||||
#define __UAPI_DEF_IPX_ROUTE_DEFINITION 0
|
||||
#define __UAPI_DEF_IPX_INTERFACE_DEFINITION 0
|
||||
#define __UAPI_DEF_IPX_CONFIG_DATA 0
|
||||
#define __UAPI_DEF_IPX_ROUTE_DEF 0
|
||||
|
||||
#else /* defined(__NETIPX_IPX_H) */
|
||||
|
||||
#define __UAPI_DEF_SOCKADDR_IPX 1
|
||||
#define __UAPI_DEF_IPX_ROUTE_DEFINITION 1
|
||||
#define __UAPI_DEF_IPX_INTERFACE_DEFINITION 1
|
||||
#define __UAPI_DEF_IPX_CONFIG_DATA 1
|
||||
#define __UAPI_DEF_IPX_ROUTE_DEF 1
|
||||
|
||||
#endif /* defined(__NETIPX_IPX_H) */
|
||||
|
||||
/* Definitions for xattr.h */
|
||||
#if defined(_SYS_XATTR_H)
|
||||
#define __UAPI_DEF_XATTR 0
|
||||
|
@ -240,23 +221,6 @@
|
|||
#define __UAPI_DEF_IP6_MTUINFO 1
|
||||
#endif
|
||||
|
||||
/* Definitions for ipx.h */
|
||||
#ifndef __UAPI_DEF_SOCKADDR_IPX
|
||||
#define __UAPI_DEF_SOCKADDR_IPX 1
|
||||
#endif
|
||||
#ifndef __UAPI_DEF_IPX_ROUTE_DEFINITION
|
||||
#define __UAPI_DEF_IPX_ROUTE_DEFINITION 1
|
||||
#endif
|
||||
#ifndef __UAPI_DEF_IPX_INTERFACE_DEFINITION
|
||||
#define __UAPI_DEF_IPX_INTERFACE_DEFINITION 1
|
||||
#endif
|
||||
#ifndef __UAPI_DEF_IPX_CONFIG_DATA
|
||||
#define __UAPI_DEF_IPX_CONFIG_DATA 1
|
||||
#endif
|
||||
#ifndef __UAPI_DEF_IPX_ROUTE_DEF
|
||||
#define __UAPI_DEF_IPX_ROUTE_DEF 1
|
||||
#endif
|
||||
|
||||
/* Definitions for xattr.h */
|
||||
#ifndef __UAPI_DEF_XATTR
|
||||
#define __UAPI_DEF_XATTR 1
|
||||
|
|
|
@ -436,7 +436,7 @@ enum nft_set_elem_flags {
|
|||
* @NFTA_SET_ELEM_KEY: key value (NLA_NESTED: nft_data)
|
||||
* @NFTA_SET_ELEM_DATA: data value of mapping (NLA_NESTED: nft_data_attributes)
|
||||
* @NFTA_SET_ELEM_FLAGS: bitmask of nft_set_elem_flags (NLA_U32)
|
||||
* @NFTA_SET_ELEM_TIMEOUT: timeout value (NLA_U64)
|
||||
* @NFTA_SET_ELEM_TIMEOUT: timeout value, zero means never times out (NLA_U64)
|
||||
* @NFTA_SET_ELEM_EXPIRATION: expiration time (NLA_U64)
|
||||
* @NFTA_SET_ELEM_USERDATA: user data (NLA_BINARY)
|
||||
* @NFTA_SET_ELEM_EXPR: expression (NLA_NESTED: nft_expr_attributes)
|
||||
|
@ -1694,7 +1694,7 @@ enum nft_flowtable_flags {
|
|||
*
|
||||
* @NFTA_FLOWTABLE_TABLE: name of the table containing the expression (NLA_STRING)
|
||||
* @NFTA_FLOWTABLE_NAME: name of this flow table (NLA_STRING)
|
||||
* @NFTA_FLOWTABLE_HOOK: netfilter hook configuration(NLA_U32)
|
||||
* @NFTA_FLOWTABLE_HOOK: netfilter hook configuration (NLA_NESTED)
|
||||
* @NFTA_FLOWTABLE_USE: number of references to this flow table (NLA_U32)
|
||||
* @NFTA_FLOWTABLE_HANDLE: object handle (NLA_U64)
|
||||
* @NFTA_FLOWTABLE_FLAGS: flags (NLA_U32)
|
||||
|
|
|
@ -16,10 +16,15 @@ struct nhmsg {
|
|||
struct nexthop_grp {
|
||||
__u32 id; /* nexthop id - must exist */
|
||||
__u8 weight; /* weight of this nexthop */
|
||||
__u8 resvd1;
|
||||
__u8 weight_high; /* high order bits of weight */
|
||||
__u16 resvd2;
|
||||
};
|
||||
|
||||
static __inline__ __u16 nexthop_grp_weight(const struct nexthop_grp *entry)
|
||||
{
|
||||
return ((entry->weight_high << 8) | entry->weight) + 1;
|
||||
}
|
||||
|
||||
enum {
|
||||
NEXTHOP_GRP_TYPE_MPATH, /* hash-threshold nexthop group
|
||||
* default type if not specified
|
||||
|
@ -33,6 +38,9 @@ enum {
|
|||
#define NHA_OP_FLAG_DUMP_STATS BIT(0)
|
||||
#define NHA_OP_FLAG_DUMP_HW_STATS BIT(1)
|
||||
|
||||
/* Response OP_FLAGS. */
|
||||
#define NHA_OP_FLAG_RESP_GRP_RESVD_0 BIT(31) /* Dump clears resvd fields. */
|
||||
|
||||
enum {
|
||||
NHA_UNSPEC,
|
||||
NHA_ID, /* u32; id for nexthop. id == 0 means auto-assign */
|
||||
|
|
|
@ -531,20 +531,24 @@ int is_idmapping_supported(const char *path) {
|
|||
userns_fd = userns_acquire(uid_map, gid_map);
|
||||
if (ERRNO_IS_NEG_NOT_SUPPORTED(userns_fd) || ERRNO_IS_NEG_PRIVILEGE(userns_fd))
|
||||
return false;
|
||||
if (userns_fd == -ENOSPC) {
|
||||
log_debug_errno(userns_fd, "Failed to acquire new user namespace, user.max_user_namespaces seems to be exhausted or maybe even zero, assuming ID-mapping is not supported: %m");
|
||||
return false;
|
||||
}
|
||||
if (userns_fd < 0)
|
||||
return log_debug_errno(userns_fd, "ID-mapping supported namespace acquire failed for '%s' : %m", path);
|
||||
return log_debug_errno(userns_fd, "Failed to acquire new user namespace for checking if '%s' supports ID-mapping: %m", path);
|
||||
|
||||
dir_fd = RET_NERRNO(open(path, O_RDONLY | O_CLOEXEC | O_NOFOLLOW));
|
||||
if (ERRNO_IS_NEG_NOT_SUPPORTED(dir_fd))
|
||||
return false;
|
||||
if (dir_fd < 0)
|
||||
return log_debug_errno(dir_fd, "ID-mapping supported open failed for '%s' : %m", path);
|
||||
return log_debug_errno(dir_fd, "Failed to open '%s', cannot determine if ID-mapping is supported: %m", path);
|
||||
|
||||
mount_fd = RET_NERRNO(open_tree(dir_fd, "", AT_EMPTY_PATH | OPEN_TREE_CLONE | OPEN_TREE_CLOEXEC));
|
||||
if (ERRNO_IS_NEG_NOT_SUPPORTED(mount_fd) || ERRNO_IS_NEG_PRIVILEGE(mount_fd) || mount_fd == -EINVAL)
|
||||
return false;
|
||||
if (mount_fd < 0)
|
||||
return log_debug_errno(mount_fd, "ID-mapping supported open_tree failed for '%s' : %m", path);
|
||||
return log_debug_errno(mount_fd, "Failed to open mount tree '%s', cannot determine if ID-mapping is supported: %m", path);
|
||||
|
||||
r = RET_NERRNO(mount_setattr(mount_fd, "", AT_EMPTY_PATH,
|
||||
&(struct mount_attr) {
|
||||
|
@ -554,7 +558,7 @@ int is_idmapping_supported(const char *path) {
|
|||
if (ERRNO_IS_NEG_NOT_SUPPORTED(r) || ERRNO_IS_NEG_PRIVILEGE(r) || r == -EINVAL)
|
||||
return false;
|
||||
if (r < 0)
|
||||
return log_debug_errno(r, "ID-mapping supported setattr failed for '%s' : %m", path);
|
||||
return log_debug_errno(r, "Failed to set mount attribute to '%s', cannot determine if ID-mapping is supported: %m", path);
|
||||
|
||||
return true;
|
||||
}
|
||||
|
|
|
@ -102,8 +102,8 @@ int pid_get_comm(pid_t pid, char **ret) {
|
|||
_cleanup_free_ char *escaped = NULL, *comm = NULL;
|
||||
int r;
|
||||
|
||||
assert(ret);
|
||||
assert(pid >= 0);
|
||||
assert(ret);
|
||||
|
||||
if (pid == 0 || pid == getpid_cached()) {
|
||||
comm = new0(char, TASK_COMM_LEN + 1); /* Must fit in 16 byte according to prctl(2) */
|
||||
|
@ -143,6 +143,9 @@ int pidref_get_comm(const PidRef *pid, char **ret) {
|
|||
if (!pidref_is_set(pid))
|
||||
return -ESRCH;
|
||||
|
||||
if (pidref_is_remote(pid))
|
||||
return -EREMOTE;
|
||||
|
||||
r = pid_get_comm(pid->pid, &comm);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
@ -289,6 +292,9 @@ int pidref_get_cmdline(const PidRef *pid, size_t max_columns, ProcessCmdlineFlag
|
|||
if (!pidref_is_set(pid))
|
||||
return -ESRCH;
|
||||
|
||||
if (pidref_is_remote(pid))
|
||||
return -EREMOTE;
|
||||
|
||||
r = pid_get_cmdline(pid->pid, max_columns, flags, &s);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
@ -331,6 +337,9 @@ int pidref_get_cmdline_strv(const PidRef *pid, ProcessCmdlineFlags flags, char *
|
|||
if (!pidref_is_set(pid))
|
||||
return -ESRCH;
|
||||
|
||||
if (pidref_is_remote(pid))
|
||||
return -EREMOTE;
|
||||
|
||||
r = pid_get_cmdline_strv(pid->pid, flags, &args);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
@ -477,6 +486,9 @@ int pidref_is_kernel_thread(const PidRef *pid) {
|
|||
if (!pidref_is_set(pid))
|
||||
return -ESRCH;
|
||||
|
||||
if (pidref_is_remote(pid))
|
||||
return -EREMOTE;
|
||||
|
||||
result = pid_is_kernel_thread(pid->pid);
|
||||
if (result < 0)
|
||||
return result;
|
||||
|
@ -594,6 +606,9 @@ int pidref_get_uid(const PidRef *pid, uid_t *ret) {
|
|||
if (!pidref_is_set(pid))
|
||||
return -ESRCH;
|
||||
|
||||
if (pidref_is_remote(pid))
|
||||
return -EREMOTE;
|
||||
|
||||
r = pid_get_uid(pid->pid, &uid);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
@ -794,6 +809,9 @@ int pidref_get_start_time(const PidRef *pid, usec_t *ret) {
|
|||
if (!pidref_is_set(pid))
|
||||
return -ESRCH;
|
||||
|
||||
if (pidref_is_remote(pid))
|
||||
return -EREMOTE;
|
||||
|
||||
r = pid_get_start_time(pid->pid, ret ? &t : NULL);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
@ -1093,6 +1111,9 @@ int pidref_is_my_child(const PidRef *pid) {
|
|||
if (!pidref_is_set(pid))
|
||||
return -ESRCH;
|
||||
|
||||
if (pidref_is_remote(pid))
|
||||
return -EREMOTE;
|
||||
|
||||
result = pid_is_my_child(pid->pid);
|
||||
if (result < 0)
|
||||
return result;
|
||||
|
@ -1128,6 +1149,9 @@ int pidref_is_unwaited(const PidRef *pid) {
|
|||
if (!pidref_is_set(pid))
|
||||
return -ESRCH;
|
||||
|
||||
if (pidref_is_remote(pid))
|
||||
return -EREMOTE;
|
||||
|
||||
if (pid->pid == 1 || pidref_is_self(pid))
|
||||
return true;
|
||||
|
||||
|
@ -1169,6 +1193,9 @@ int pidref_is_alive(const PidRef *pidref) {
|
|||
if (!pidref_is_set(pidref))
|
||||
return -ESRCH;
|
||||
|
||||
if (pidref_is_remote(pidref))
|
||||
return -EREMOTE;
|
||||
|
||||
result = pid_is_alive(pidref->pid);
|
||||
if (result < 0) {
|
||||
assert(result != -ESRCH);
|
||||
|
|
|
@ -220,9 +220,9 @@ static int synthesize_user_creds(
|
|||
if (ret_gid)
|
||||
*ret_gid = GID_NOBODY;
|
||||
if (ret_home)
|
||||
*ret_home = FLAGS_SET(flags, USER_CREDS_CLEAN) ? NULL : "/";
|
||||
*ret_home = FLAGS_SET(flags, USER_CREDS_SUPPRESS_PLACEHOLDER) ? NULL : "/";
|
||||
if (ret_shell)
|
||||
*ret_shell = FLAGS_SET(flags, USER_CREDS_CLEAN) ? NULL : NOLOGIN;
|
||||
*ret_shell = FLAGS_SET(flags, USER_CREDS_SUPPRESS_PLACEHOLDER) ? NULL : NOLOGIN;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
@ -244,6 +244,7 @@ int get_user_creds(
|
|||
|
||||
assert(username);
|
||||
assert(*username);
|
||||
assert((ret_home || ret_shell) || !(flags & (USER_CREDS_SUPPRESS_PLACEHOLDER|USER_CREDS_CLEAN)));
|
||||
|
||||
if (!FLAGS_SET(flags, USER_CREDS_PREFER_NSS) ||
|
||||
(!ret_home && !ret_shell)) {
|
||||
|
@ -315,17 +316,14 @@ int get_user_creds(
|
|||
|
||||
if (ret_home)
|
||||
/* Note: we don't insist on normalized paths, since there are setups that have /./ in the path */
|
||||
*ret_home = (FLAGS_SET(flags, USER_CREDS_CLEAN) &&
|
||||
(empty_or_root(p->pw_dir) ||
|
||||
!path_is_valid(p->pw_dir) ||
|
||||
!path_is_absolute(p->pw_dir))) ? NULL : p->pw_dir;
|
||||
*ret_home = (FLAGS_SET(flags, USER_CREDS_SUPPRESS_PLACEHOLDER) && empty_or_root(p->pw_dir)) ||
|
||||
(FLAGS_SET(flags, USER_CREDS_CLEAN) && (!path_is_valid(p->pw_dir) || !path_is_absolute(p->pw_dir)))
|
||||
? NULL : p->pw_dir;
|
||||
|
||||
if (ret_shell)
|
||||
*ret_shell = (FLAGS_SET(flags, USER_CREDS_CLEAN) &&
|
||||
(isempty(p->pw_shell) ||
|
||||
!path_is_valid(p->pw_shell) ||
|
||||
!path_is_absolute(p->pw_shell) ||
|
||||
is_nologin_shell(p->pw_shell))) ? NULL : p->pw_shell;
|
||||
*ret_shell = (FLAGS_SET(flags, USER_CREDS_SUPPRESS_PLACEHOLDER) && shell_is_placeholder(p->pw_shell)) ||
|
||||
(FLAGS_SET(flags, USER_CREDS_CLEAN) && (!path_is_valid(p->pw_shell) || !path_is_absolute(p->pw_shell)))
|
||||
? NULL : p->pw_shell;
|
||||
|
||||
if (patch_username)
|
||||
*username = p->pw_name;
|
||||
|
|
|
@ -12,6 +12,8 @@
|
|||
#include <sys/types.h>
|
||||
#include <unistd.h>
|
||||
|
||||
#include "string-util.h"
|
||||
|
||||
/* Users managed by systemd-homed. See https://systemd.io/UIDS-GIDS for details how this range fits into the rest of the world */
|
||||
#define HOME_UID_MIN ((uid_t) 60001)
|
||||
#define HOME_UID_MAX ((uid_t) 60513)
|
||||
|
@ -36,10 +38,20 @@ static inline int parse_gid(const char *s, gid_t *ret_gid) {
|
|||
char* getlogname_malloc(void);
|
||||
char* getusername_malloc(void);
|
||||
|
||||
const char* default_root_shell_at(int rfd);
|
||||
const char* default_root_shell(const char *root);
|
||||
|
||||
bool is_nologin_shell(const char *shell);
|
||||
|
||||
static inline bool shell_is_placeholder(const char *shell) {
|
||||
return isempty(shell) || is_nologin_shell(shell);
|
||||
}
|
||||
|
||||
typedef enum UserCredsFlags {
|
||||
USER_CREDS_PREFER_NSS = 1 << 0, /* if set, only synthesize user records if database lacks them. Normally we bypass the userdb entirely for the records we can synthesize */
|
||||
USER_CREDS_ALLOW_MISSING = 1 << 1, /* if a numeric UID string is resolved, be OK if there's no record for it */
|
||||
USER_CREDS_CLEAN = 1 << 2, /* try to clean up shell and home fields with invalid data */
|
||||
USER_CREDS_PREFER_NSS = 1 << 0, /* if set, only synthesize user records if database lacks them. Normally we bypass the userdb entirely for the records we can synthesize */
|
||||
USER_CREDS_ALLOW_MISSING = 1 << 1, /* if a numeric UID string is resolved, be OK if there's no record for it */
|
||||
USER_CREDS_CLEAN = 1 << 2, /* try to clean up shell and home fields with invalid data */
|
||||
USER_CREDS_SUPPRESS_PLACEHOLDER = 1 << 3, /* suppress home and/or shell fields if value is placeholder (root/empty/nologin) */
|
||||
} UserCredsFlags;
|
||||
|
||||
int get_user_creds(const char **username, uid_t *ret_uid, gid_t *ret_gid, const char **ret_home, const char **ret_shell, UserCredsFlags flags);
|
||||
|
@ -125,10 +137,6 @@ int fgetsgent_sane(FILE *stream, struct sgrp **sg);
|
|||
int putsgent_sane(const struct sgrp *sg, FILE *stream);
|
||||
#endif
|
||||
|
||||
bool is_nologin_shell(const char *shell);
|
||||
const char* default_root_shell_at(int rfd);
|
||||
const char* default_root_shell(const char *root);
|
||||
|
||||
int is_this_me(const char *username);
|
||||
|
||||
const char* get_home_root(void);
|
||||
|
|
|
@ -21,6 +21,11 @@
|
|||
#include "smbios.h"
|
||||
#include "util.h"
|
||||
|
||||
/* Validate the descriptor macros a bit that they match our expectations */
|
||||
assert_cc(DEVICE_DESCRIPTOR_DEVICETREE == UINT32_C(0x1000001C));
|
||||
assert_cc(DEVICE_SIZE_FROM_DESCRIPTOR(DEVICE_DESCRIPTOR_DEVICETREE) == sizeof(Device));
|
||||
assert_cc(DEVICE_TYPE_FROM_DESCRIPTOR(DEVICE_DESCRIPTOR_DEVICETREE) == DEVICE_TYPE_DEVICETREE);
|
||||
|
||||
/**
|
||||
* smbios_to_hashable_string() - Convert ascii smbios string to stripped char16_t.
|
||||
*/
|
||||
|
@ -105,9 +110,10 @@ EFI_STATUS chid_match(const void *hwid_buffer, size_t hwid_length, const Device
|
|||
|
||||
/* Count devices and check validity */
|
||||
for (; (n_devices + 1) * sizeof(*devices) < hwid_length;) {
|
||||
if (devices[n_devices].struct_size == 0)
|
||||
|
||||
if (devices[n_devices].descriptor == DEVICE_DESCRIPTOR_EOL)
|
||||
break;
|
||||
if (devices[n_devices].struct_size != sizeof(*devices))
|
||||
if (devices[n_devices].descriptor != DEVICE_DESCRIPTOR_DEVICETREE)
|
||||
return EFI_UNSUPPORTED;
|
||||
n_devices++;
|
||||
}
|
||||
|
|
|
@ -2,22 +2,63 @@
|
|||
#pragma once
|
||||
|
||||
#include "efi.h"
|
||||
|
||||
#include "chid-fundamental.h"
|
||||
|
||||
/* A .hwids PE section consists of a series of 'Device' structures. A 'Device' structure binds a CHID to some
|
||||
* resource, for now only Devicetree blobs. Designed to be extensible to other types of resources, should the
|
||||
* need arise. The series of 'Device' structures is followed by some space for strings that can be referenced
|
||||
* by offset by the Device structures. */
|
||||
|
||||
enum {
|
||||
DEVICE_TYPE_DEVICETREE = 0x1, /* A devicetree blob */
|
||||
|
||||
/* Maybe later additional types for:
|
||||
* - CoCo Bring-Your-Own-Firmware
|
||||
* - ACPI DSDT Overrides
|
||||
* - … */
|
||||
};
|
||||
|
||||
#define DEVICE_SIZE_FROM_DESCRIPTOR(u) ((uint32_t) (u) & UINT32_C(0x0FFFFFFF))
|
||||
#define DEVICE_TYPE_FROM_DESCRIPTOR(u) ((uint32_t) (u) >> 28)
|
||||
#define DEVICE_MAKE_DESCRIPTOR(type, size) (((uint32_t) (size) | ((uint32_t) type << 28)))
|
||||
|
||||
#define DEVICE_DESCRIPTOR_DEVICETREE DEVICE_MAKE_DESCRIPTOR(DEVICE_TYPE_DEVICETREE, sizeof(Device))
|
||||
#define DEVICE_DESCRIPTOR_EOL UINT32_C(0)
|
||||
|
||||
typedef struct Device {
|
||||
uint32_t struct_size; /* = sizeof(struct Device), or 0 for EOL */
|
||||
uint32_t name_offset; /* nul-terminated string or 0 if not present */
|
||||
uint32_t compatible_offset; /* nul-terminated string or 0 if not present */
|
||||
uint32_t descriptor; /* The highest four bit encode the type of entry, the other 28 bit encode the
|
||||
* size of the structure. Use the macros above to generate or take apart this
|
||||
* field. */
|
||||
EFI_GUID chid;
|
||||
union {
|
||||
struct {
|
||||
/* These offsets are relative to the beginning of the .hwids PE section. */
|
||||
uint32_t name_offset; /* nul-terminated string or 0 if not present */
|
||||
uint32_t compatible_offset; /* nul-terminated string or 0 if not present */
|
||||
} devicetree;
|
||||
/* fields for other descriptor types… */
|
||||
};
|
||||
} _packed_ Device;
|
||||
|
||||
/* Validate some offset, since the structure is API and src/ukify/ukify.py encodes them directly */
|
||||
assert_cc(offsetof(Device, descriptor) == 0);
|
||||
assert_cc(offsetof(Device, chid) == 4);
|
||||
assert_cc(offsetof(Device, devicetree.name_offset) == 20);
|
||||
assert_cc(offsetof(Device, devicetree.compatible_offset) == 24);
|
||||
assert_cc(sizeof(Device) == 28);
|
||||
|
||||
static inline const char* device_get_name(const void *base, const Device *device) {
|
||||
return device->name_offset == 0 ? NULL : (const char *) ((const uint8_t *) base + device->name_offset);
|
||||
if (device->descriptor != DEVICE_DESCRIPTOR_DEVICETREE)
|
||||
return NULL;
|
||||
|
||||
return device->devicetree.name_offset == 0 ? NULL : (const char *) ((const uint8_t *) base + device->devicetree.name_offset);
|
||||
}
|
||||
|
||||
static inline const char* device_get_compatible(const void *base, const Device *device) {
|
||||
return device->compatible_offset == 0 ? NULL : (const char *) ((const uint8_t *) base + device->compatible_offset);
|
||||
if (device->descriptor != DEVICE_DESCRIPTOR_DEVICETREE)
|
||||
return NULL;
|
||||
|
||||
return device->devicetree.compatible_offset == 0 ? NULL : (const char *) ((const uint8_t *) base + device->devicetree.compatible_offset);
|
||||
}
|
||||
|
||||
EFI_STATUS chid_match(const void *chids_buffer, size_t chids_length, const Device **ret_device);
|
||||
|
|
|
@ -100,6 +100,13 @@ static inline Pages xmalloc_pages(
|
|||
}
|
||||
|
||||
static inline Pages xmalloc_initrd_pages(size_t n_pages) {
|
||||
/* The original native x86 boot protocol of the Linux kernel was not 64bit safe, hence we allocate
|
||||
* memory for the initrds below the 4G boundary on x86, since we don't know early enough which
|
||||
* protocol we'll use to ultimately boot the kernel. This restriction is somewhat obsolete, since
|
||||
* these days we generally prefer the kernel's newer EFI entrypoint instead, which has no such
|
||||
* limitations. On other architectures we do not bother with any restriction on this, in particular
|
||||
* as some of them don't even have RAM mapped to such low addresses. */
|
||||
|
||||
#if defined(__i386__) || defined(__x86_64__)
|
||||
return xmalloc_pages(
|
||||
AllocateMaxAddress,
|
||||
|
|
|
@ -299,7 +299,6 @@ static const char *const esp_subdirs[] = {
|
|||
"EFI/BOOT",
|
||||
"loader",
|
||||
"loader/keys",
|
||||
"loader/keys/auto",
|
||||
NULL
|
||||
};
|
||||
|
||||
|
@ -615,6 +614,10 @@ static int install_secure_boot_auto_enroll(const char *esp, X509 *certificate, E
|
|||
return log_error_errno(SYNTHETIC_ERRNO(EIO), "Failed to convert X.509 certificate to DER: %s",
|
||||
ERR_error_string(ERR_get_error(), NULL));
|
||||
|
||||
r = mkdir_one(esp, "loader/keys/auto");
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
_cleanup_close_ int keys_fd = chase_and_open("loader/keys/auto", esp, CHASE_PREFIX_ROOT|CHASE_PROHIBIT_SYMLINKS, O_DIRECTORY, NULL);
|
||||
if (keys_fd < 0)
|
||||
return log_error_errno(keys_fd, "Failed to chase loader/keys/auto in the ESP: %m");
|
||||
|
@ -1287,6 +1290,10 @@ int verb_remove(int argc, char *argv[], void *userdata) {
|
|||
r = q;
|
||||
}
|
||||
|
||||
q = rmdir_one(arg_esp_path, "/loader/keys/auto");
|
||||
if (q < 0 && r >= 0)
|
||||
r = q;
|
||||
|
||||
q = remove_subdirs(arg_esp_path, esp_subdirs);
|
||||
if (q < 0 && r >= 0)
|
||||
r = q;
|
||||
|
|
|
@ -855,9 +855,6 @@ static int get_fixed_user(
|
|||
assert(user_or_uid);
|
||||
assert(ret_username);
|
||||
|
||||
/* Note that we don't set $HOME or $SHELL if they are not particularly enlightening anyway
|
||||
* (i.e. are "/" or "/bin/nologin"). */
|
||||
|
||||
r = get_user_creds(&user_or_uid, ret_uid, ret_gid, ret_home, ret_shell, USER_CREDS_CLEAN);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
@ -1883,7 +1880,10 @@ static int build_environment(
|
|||
}
|
||||
}
|
||||
|
||||
if (home && set_user_login_env) {
|
||||
/* Note that we don't set $HOME or $SHELL if they are not particularly enlightening anyway
|
||||
* (i.e. are "/" or "/bin/nologin"). */
|
||||
|
||||
if (home && set_user_login_env && !empty_or_root(home)) {
|
||||
x = strjoin("HOME=", home);
|
||||
if (!x)
|
||||
return -ENOMEM;
|
||||
|
@ -1892,7 +1892,7 @@ static int build_environment(
|
|||
our_env[n_env++] = x;
|
||||
}
|
||||
|
||||
if (shell && set_user_login_env) {
|
||||
if (shell && set_user_login_env && !shell_is_placeholder(shell)) {
|
||||
x = strjoin("SHELL=", shell);
|
||||
if (!x)
|
||||
return -ENOMEM;
|
||||
|
@ -3471,20 +3471,16 @@ static int apply_working_directory(
|
|||
const ExecContext *context,
|
||||
const ExecParameters *params,
|
||||
ExecRuntime *runtime,
|
||||
const char *home,
|
||||
int *exit_status) {
|
||||
const char *home) {
|
||||
|
||||
const char *wd;
|
||||
int r;
|
||||
|
||||
assert(context);
|
||||
assert(exit_status);
|
||||
|
||||
if (context->working_directory_home) {
|
||||
if (!home) {
|
||||
*exit_status = EXIT_CHDIR;
|
||||
if (!home)
|
||||
return -ENXIO;
|
||||
}
|
||||
|
||||
wd = home;
|
||||
} else
|
||||
|
@ -3503,13 +3499,7 @@ static int apply_working_directory(
|
|||
if (r >= 0)
|
||||
r = RET_NERRNO(fchdir(dfd));
|
||||
}
|
||||
|
||||
if (r < 0 && !context->working_directory_missing_ok) {
|
||||
*exit_status = EXIT_CHDIR;
|
||||
return r;
|
||||
}
|
||||
|
||||
return 0;
|
||||
return context->working_directory_missing_ok ? 0 : r;
|
||||
}
|
||||
|
||||
static int apply_root_directory(
|
||||
|
@ -3785,7 +3775,7 @@ static int acquire_home(const ExecContext *c, const char **home, char **ret_buf)
|
|||
if (!c->working_directory_home)
|
||||
return 0;
|
||||
|
||||
if (c->dynamic_user)
|
||||
if (c->dynamic_user || (c->user && is_this_me(c->user) <= 0))
|
||||
return -EADDRNOTAVAIL;
|
||||
|
||||
r = get_home_dir(ret_buf);
|
||||
|
@ -4543,7 +4533,7 @@ int exec_invoke(
|
|||
r = acquire_home(context, &home, &home_buffer);
|
||||
if (r < 0) {
|
||||
*exit_status = EXIT_CHDIR;
|
||||
return log_exec_error_errno(context, params, r, "Failed to determine $HOME for user: %m");
|
||||
return log_exec_error_errno(context, params, r, "Failed to determine $HOME for the invoking user: %m");
|
||||
}
|
||||
|
||||
/* If a socket is connected to STDIN/STDOUT/STDERR, we must drop O_NONBLOCK */
|
||||
|
@ -5382,9 +5372,11 @@ int exec_invoke(
|
|||
* running this service might have the correct privilege to change to the working directory. Also, it
|
||||
* is absolutely 💣 crucial 💣 we applied all mount namespacing rearrangements before this, so that
|
||||
* the cwd cannot be used to pin directories outside of the sandbox. */
|
||||
r = apply_working_directory(context, params, runtime, home, exit_status);
|
||||
if (r < 0)
|
||||
r = apply_working_directory(context, params, runtime, home);
|
||||
if (r < 0) {
|
||||
*exit_status = EXIT_CHDIR;
|
||||
return log_exec_error_errno(context, params, r, "Changing to the requested working directory failed: %m");
|
||||
}
|
||||
|
||||
if (needs_sandboxing) {
|
||||
/* Apply other MAC contexts late, but before seccomp syscall filtering, as those should really be last to
|
||||
|
|
|
@ -1689,6 +1689,11 @@ static int become_shutdown(int objective, int retval) {
|
|||
/* Tell the binary how often to ping, ignore failure */
|
||||
(void) strv_extendf(&env_block, "WATCHDOG_USEC="USEC_FMT, watchdog_timer);
|
||||
|
||||
/* Make sure that tools that look for $WATCHDOG_USEC (and might get started by the exitrd) don't get
|
||||
* confused by the variable, because the sd_watchdog_enabled() protocol uses the same variable for
|
||||
* the same purposes. */
|
||||
(void) strv_extendf(&env_block, "WATCHDOG_PID=" PID_FMT, getpid_cached());
|
||||
|
||||
if (arg_watchdog_device)
|
||||
(void) strv_extendf(&env_block, "WATCHDOG_DEVICE=%s", arg_watchdog_device);
|
||||
|
||||
|
|
|
@ -3426,14 +3426,12 @@ static int service_deserialize_item(Unit *u, const char *key, const char *value,
|
|||
return 0;
|
||||
}
|
||||
|
||||
r = service_add_fd_store(s, fd, fdn, do_poll);
|
||||
r = service_add_fd_store(s, TAKE_FD(fd), fdn, do_poll);
|
||||
if (r < 0) {
|
||||
log_unit_debug_errno(u, r,
|
||||
"Failed to store deserialized fd '%s', ignoring: %m", fdn);
|
||||
return 0;
|
||||
}
|
||||
|
||||
TAKE_FD(fd);
|
||||
} else if (streq(key, "extra-fd")) {
|
||||
_cleanup_free_ char *fdv = NULL, *fdn = NULL;
|
||||
_cleanup_close_ int fd = -EBADF;
|
||||
|
|
|
@ -193,7 +193,7 @@ int enroll_fido2(
|
|||
fflush(stdout);
|
||||
|
||||
fprintf(stderr,
|
||||
"\nPlease save this FIDO2 credential ID. It is required when unloocking the volume\n"
|
||||
"\nPlease save this FIDO2 credential ID. It is required when unlocking the volume\n"
|
||||
"using the associated FIDO2 keyslot which we just created. To configure automatic\n"
|
||||
"unlocking using this FIDO2 token, add an appropriate entry to your /etc/crypttab\n"
|
||||
"file, see %s for details.\n", link);
|
||||
|
|
|
@ -427,7 +427,10 @@ int wipe_slots(struct crypt_device *cd,
|
|||
for (size_t i = n_ordered_slots; i > 0; i--) {
|
||||
r = crypt_keyslot_destroy(cd, ordered_slots[i - 1]);
|
||||
if (r < 0) {
|
||||
log_warning_errno(r, "Failed to wipe slot %i, continuing: %m", ordered_slots[i - 1]);
|
||||
if (r == -ENOENT)
|
||||
log_warning_errno(r, "Failed to wipe non-existent slot %i, continuing.", ordered_slots[i - 1]);
|
||||
else
|
||||
log_warning_errno(r, "Failed to wipe slot %i, continuing: %m", ordered_slots[i - 1]);
|
||||
if (ret == 0)
|
||||
ret = r;
|
||||
} else
|
||||
|
|
|
@ -193,7 +193,7 @@ static int help(void) {
|
|||
"\n%3$sSimple Enrollment:%4$s\n"
|
||||
" --password Enroll a user-supplied password\n"
|
||||
" --recovery-key Enroll a recovery key\n"
|
||||
"\n%3$sPKCS11 Enrollment:%4$s\n"
|
||||
"\n%3$sPKCS#11 Enrollment:%4$s\n"
|
||||
" --pkcs11-token-uri=URI\n"
|
||||
" Specify PKCS#11 security token URI\n"
|
||||
"\n%3$sFIDO2 Enrollment:%4$s\n"
|
||||
|
|
|
@ -98,16 +98,11 @@ static int parse_proc_cmdline_item(const char *key, const char *value, void *dat
|
|||
}
|
||||
}
|
||||
|
||||
#if HAVE_SYSV_COMPAT
|
||||
else if (streq(key, "fastboot") && !value) {
|
||||
log_warning("Please pass 'fsck.mode=skip' rather than 'fastboot' on the kernel command line.");
|
||||
else if (streq(key, "fastboot") && !value)
|
||||
arg_skip = true;
|
||||
|
||||
} else if (streq(key, "forcefsck") && !value) {
|
||||
log_warning("Please pass 'fsck.mode=force' rather than 'forcefsck' on the kernel command line.");
|
||||
else if (streq(key, "forcefsck") && !value)
|
||||
arg_force = true;
|
||||
}
|
||||
#endif
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
|
|
@ -750,7 +750,7 @@ static int ndisc_option_parse_route(Set **options, size_t offset, size_t len, co
|
|||
usec_t lifetime = unaligned_be32_sec_to_usec(opt + 4, /* max_as_infinity = */ true);
|
||||
|
||||
struct in6_addr prefix;
|
||||
memcpy(&prefix, opt + 8, len - 8);
|
||||
memcpy_safe(&prefix, opt + 8, len - 8);
|
||||
in6_addr_mask(&prefix, prefixlen);
|
||||
|
||||
return ndisc_option_add_route(options, offset, preference, prefixlen, &prefix, lifetime);
|
||||
|
|
|
@ -1033,12 +1033,14 @@ global:
|
|||
sd_varlink_server_listen_fd;
|
||||
sd_varlink_server_loop_auto;
|
||||
sd_varlink_server_new;
|
||||
sd_varlink_server_ref;
|
||||
sd_varlink_server_set_connections_max;
|
||||
sd_varlink_server_set_connections_per_uid_max;
|
||||
sd_varlink_server_set_description;
|
||||
sd_varlink_server_set_exit_on_idle;
|
||||
sd_varlink_server_set_userdata;
|
||||
sd_varlink_server_shutdown;
|
||||
sd_varlink_server_unref;
|
||||
sd_varlink_set_allow_fd_passing_input;
|
||||
sd_varlink_set_allow_fd_passing_output;
|
||||
sd_varlink_set_description;
|
||||
|
|
|
@ -3265,7 +3265,7 @@ static sd_varlink_server* varlink_server_destroy(sd_varlink_server *s) {
|
|||
return mfree(s);
|
||||
}
|
||||
|
||||
DEFINE_TRIVIAL_REF_UNREF_FUNC(sd_varlink_server, sd_varlink_server, varlink_server_destroy);
|
||||
DEFINE_PUBLIC_TRIVIAL_REF_UNREF_FUNC(sd_varlink_server, sd_varlink_server, varlink_server_destroy);
|
||||
|
||||
static int validate_connection(sd_varlink_server *server, const struct ucred *ucred) {
|
||||
int allowed = -1;
|
||||
|
|
|
@ -16,7 +16,7 @@ int varlink_get_peer_pidref(sd_varlink *v, PidRef *ret) {
|
|||
|
||||
int pidfd = sd_varlink_get_peer_pidfd(v);
|
||||
if (pidfd < 0) {
|
||||
if (!ERRNO_IS_NEG_NOT_SUPPORTED(pidfd))
|
||||
if (!ERRNO_IS_NEG_NOT_SUPPORTED(pidfd) && pidfd != -EINVAL)
|
||||
return pidfd;
|
||||
|
||||
pid_t pid;
|
||||
|
|
|
@ -101,18 +101,19 @@ static int help(int argc, char *argv[], void *userdata) {
|
|||
" -j Same as --json=pretty on tty, --json=short otherwise\n"
|
||||
" --append=PATH Load specified JSON signature, and append new signature to it\n"
|
||||
"\n%3$sUKI PE Section Options:%4$s %3$sUKI PE Section%4$s\n"
|
||||
" --linux=PATH Path to Linux kernel image file %7$s .linux\n"
|
||||
" --osrel=PATH Path to os-release file %7$s .osrel\n"
|
||||
" --cmdline=PATH Path to file with kernel command line %7$s .cmdline\n"
|
||||
" --initrd=PATH Path to initrd image file %7$s .initrd\n"
|
||||
" --ucode=PATH Path to microcode image file %7$s .ucode\n"
|
||||
" --splash=PATH Path to splash bitmap file %7$s .splash\n"
|
||||
" --dtb=PATH Path to DeviceTree file %7$s .dtb\n"
|
||||
" --uname=PATH Path to 'uname -r' file %7$s .uname\n"
|
||||
" --sbat=PATH Path to SBAT file %7$s .sbat\n"
|
||||
" --pcrpkey=PATH Path to public key for PCR signatures %7$s .pcrpkey\n"
|
||||
" --profile=PATH Path to profile file %7$s .profile\n"
|
||||
" --hwids=PATH Path to HWIDs file %7$s .hwids\n"
|
||||
" --linux=PATH Path to Linux kernel image file %7$s .linux\n"
|
||||
" --osrel=PATH Path to os-release file %7$s .osrel\n"
|
||||
" --cmdline=PATH Path to file with kernel command line %7$s .cmdline\n"
|
||||
" --initrd=PATH Path to initrd image file %7$s .initrd\n"
|
||||
" --ucode=PATH Path to microcode image file %7$s .ucode\n"
|
||||
" --splash=PATH Path to splash bitmap file %7$s .splash\n"
|
||||
" --dtb=PATH Path to DeviceTree file %7$s .dtb\n"
|
||||
" --dtbauto=PATH Path to DeviceTree file for auto selection %7$s .dtbauto\n"
|
||||
" --uname=PATH Path to 'uname -r' file %7$s .uname\n"
|
||||
" --sbat=PATH Path to SBAT file %7$s .sbat\n"
|
||||
" --pcrpkey=PATH Path to public key for PCR signatures %7$s .pcrpkey\n"
|
||||
" --profile=PATH Path to profile file %7$s .profile\n"
|
||||
" --hwids=PATH Path to HWIDs file %7$s .hwids\n"
|
||||
"\nSee the %2$s for details.\n",
|
||||
program_invocation_short_name,
|
||||
link,
|
||||
|
|
|
@ -642,7 +642,7 @@ static bool netdev_can_set_mac(NetDev *netdev, const struct hw_addr_data *hw_add
|
|||
if (hw_addr_equal(&link->hw_addr, hw_addr))
|
||||
return false; /* Unchanged, not necessary to set. */
|
||||
|
||||
/* Soem netdevs refuse to update MAC address even if the interface is not running, e.g. ipvlan.
|
||||
/* Some netdevs refuse to update MAC address even if the interface is not running, e.g. ipvlan.
|
||||
* Some other netdevs have the IFF_LIVE_ADDR_CHANGE flag and can update update MAC address even if
|
||||
* the interface is running, e.g. dummy. For those cases, use custom checkers. */
|
||||
if (NETDEV_VTABLE(netdev)->can_set_mac)
|
||||
|
|
|
@ -1443,6 +1443,7 @@ int link_reconfigure_impl(Link *link, LinkReconfigurationFlag flags) {
|
|||
}
|
||||
|
||||
typedef struct LinkReconfigurationData {
|
||||
Manager *manager;
|
||||
Link *link;
|
||||
LinkReconfigurationFlag flags;
|
||||
sd_bus_message *message;
|
||||
|
@ -1473,6 +1474,12 @@ static void link_reconfiguration_data_destroy_callback(LinkReconfigurationData *
|
|||
}
|
||||
|
||||
if (!data->counter || *data->counter <= 0) {
|
||||
/* Update the state files before replying the bus method. Otherwise,
|
||||
* systemd-networkd-wait-online following networkctl reload/reconfigure may read an
|
||||
* outdated state file and wrongly handle an interface is already in the configured
|
||||
* state. */
|
||||
(void) manager_clean_all(data->manager);
|
||||
|
||||
r = sd_bus_reply_method_return(data->message, NULL);
|
||||
if (r < 0)
|
||||
log_warning_errno(r, "Failed to reply for DBus method, ignoring: %m");
|
||||
|
@ -1521,6 +1528,7 @@ int link_reconfigure_full(Link *link, LinkReconfigurationFlag flags, sd_bus_mess
|
|||
}
|
||||
|
||||
*data = (LinkReconfigurationData) {
|
||||
.manager = link->manager,
|
||||
.link = link_ref(link),
|
||||
.flags = flags,
|
||||
.message = sd_bus_message_ref(message), /* message may be NULL, but _ref() works fine. */
|
||||
|
|
|
@ -1610,7 +1610,7 @@ static int ndisc_router_process_onlink_prefix(Link *link, sd_ndisc_router *rt) {
|
|||
return 0;
|
||||
}
|
||||
|
||||
static int ndisc_router_process_prefix(Link *link, sd_ndisc_router *rt) {
|
||||
static int ndisc_router_process_prefix(Link *link, sd_ndisc_router *rt, bool zero_lifetime) {
|
||||
uint8_t flags, prefixlen;
|
||||
struct in6_addr a;
|
||||
int r;
|
||||
|
@ -1619,6 +1619,14 @@ static int ndisc_router_process_prefix(Link *link, sd_ndisc_router *rt) {
|
|||
assert(link->network);
|
||||
assert(rt);
|
||||
|
||||
usec_t lifetime_usec;
|
||||
r = sd_ndisc_router_prefix_get_valid_lifetime(rt, &lifetime_usec);
|
||||
if (r < 0)
|
||||
return log_link_warning_errno(link, r, "Failed to get prefix lifetime: %m");
|
||||
|
||||
if ((lifetime_usec == 0) != zero_lifetime)
|
||||
return 0;
|
||||
|
||||
r = sd_ndisc_router_prefix_get_address(rt, &a);
|
||||
if (r < 0)
|
||||
return log_link_warning_errno(link, r, "Failed to get prefix address: %m");
|
||||
|
@ -1664,7 +1672,7 @@ static int ndisc_router_process_prefix(Link *link, sd_ndisc_router *rt) {
|
|||
return 0;
|
||||
}
|
||||
|
||||
static int ndisc_router_process_route(Link *link, sd_ndisc_router *rt) {
|
||||
static int ndisc_router_process_route(Link *link, sd_ndisc_router *rt, bool zero_lifetime) {
|
||||
_cleanup_(route_unrefp) Route *route = NULL;
|
||||
uint8_t preference, prefixlen;
|
||||
struct in6_addr gateway, dst;
|
||||
|
@ -1680,6 +1688,9 @@ static int ndisc_router_process_route(Link *link, sd_ndisc_router *rt) {
|
|||
if (r < 0)
|
||||
return log_link_warning_errno(link, r, "Failed to get route lifetime from RA: %m");
|
||||
|
||||
if ((lifetime_usec == 0) != zero_lifetime)
|
||||
return 0;
|
||||
|
||||
r = sd_ndisc_router_route_get_address(rt, &dst);
|
||||
if (r < 0)
|
||||
return log_link_warning_errno(link, r, "Failed to get route destination address: %m");
|
||||
|
@ -1712,10 +1723,6 @@ static int ndisc_router_process_route(Link *link, sd_ndisc_router *rt) {
|
|||
}
|
||||
|
||||
r = sd_ndisc_router_route_get_preference(rt, &preference);
|
||||
if (r == -EOPNOTSUPP) {
|
||||
log_link_debug_errno(link, r, "Received route prefix with unsupported preference, ignoring: %m");
|
||||
return 0;
|
||||
}
|
||||
if (r < 0)
|
||||
return log_link_warning_errno(link, r, "Failed to get router preference from RA: %m");
|
||||
|
||||
|
@ -1759,7 +1766,7 @@ DEFINE_PRIVATE_HASH_OPS_WITH_KEY_DESTRUCTOR(
|
|||
ndisc_rdnss_compare_func,
|
||||
free);
|
||||
|
||||
static int ndisc_router_process_rdnss(Link *link, sd_ndisc_router *rt) {
|
||||
static int ndisc_router_process_rdnss(Link *link, sd_ndisc_router *rt, bool zero_lifetime) {
|
||||
usec_t lifetime_usec;
|
||||
const struct in6_addr *a;
|
||||
struct in6_addr router;
|
||||
|
@ -1781,6 +1788,9 @@ static int ndisc_router_process_rdnss(Link *link, sd_ndisc_router *rt) {
|
|||
if (r < 0)
|
||||
return log_link_warning_errno(link, r, "Failed to get RDNSS lifetime: %m");
|
||||
|
||||
if ((lifetime_usec == 0) != zero_lifetime)
|
||||
return 0;
|
||||
|
||||
n = sd_ndisc_router_rdnss_get_addresses(rt, &a);
|
||||
if (n < 0)
|
||||
return log_link_warning_errno(link, n, "Failed to get RDNSS addresses: %m");
|
||||
|
@ -1851,7 +1861,7 @@ DEFINE_PRIVATE_HASH_OPS_WITH_KEY_DESTRUCTOR(
|
|||
ndisc_dnssl_compare_func,
|
||||
free);
|
||||
|
||||
static int ndisc_router_process_dnssl(Link *link, sd_ndisc_router *rt) {
|
||||
static int ndisc_router_process_dnssl(Link *link, sd_ndisc_router *rt, bool zero_lifetime) {
|
||||
char **l;
|
||||
usec_t lifetime_usec;
|
||||
struct in6_addr router;
|
||||
|
@ -1873,6 +1883,9 @@ static int ndisc_router_process_dnssl(Link *link, sd_ndisc_router *rt) {
|
|||
if (r < 0)
|
||||
return log_link_warning_errno(link, r, "Failed to get DNSSL lifetime: %m");
|
||||
|
||||
if ((lifetime_usec == 0) != zero_lifetime)
|
||||
return 0;
|
||||
|
||||
r = sd_ndisc_router_dnssl_get_domains(rt, &l);
|
||||
if (r < 0)
|
||||
return log_link_warning_errno(link, r, "Failed to get DNSSL addresses: %m");
|
||||
|
@ -1953,7 +1966,7 @@ DEFINE_PRIVATE_HASH_OPS_WITH_KEY_DESTRUCTOR(
|
|||
ndisc_captive_portal_compare_func,
|
||||
ndisc_captive_portal_free);
|
||||
|
||||
static int ndisc_router_process_captive_portal(Link *link, sd_ndisc_router *rt) {
|
||||
static int ndisc_router_process_captive_portal(Link *link, sd_ndisc_router *rt, bool zero_lifetime) {
|
||||
_cleanup_(ndisc_captive_portal_freep) NDiscCaptivePortal *new_entry = NULL;
|
||||
_cleanup_free_ char *captive_portal = NULL;
|
||||
const char *uri;
|
||||
|
@ -1980,6 +1993,9 @@ static int ndisc_router_process_captive_portal(Link *link, sd_ndisc_router *rt)
|
|||
if (r < 0)
|
||||
return log_link_warning_errno(link, r, "Failed to get lifetime of RA message: %m");
|
||||
|
||||
if ((lifetime_usec == 0) != zero_lifetime)
|
||||
return 0;
|
||||
|
||||
r = sd_ndisc_router_get_captive_portal(rt, &uri);
|
||||
if (r < 0)
|
||||
return log_link_warning_errno(link, r, "Failed to get captive portal from RA: %m");
|
||||
|
@ -2068,7 +2084,7 @@ DEFINE_PRIVATE_HASH_OPS_WITH_KEY_DESTRUCTOR(
|
|||
ndisc_pref64_compare_func,
|
||||
mfree);
|
||||
|
||||
static int ndisc_router_process_pref64(Link *link, sd_ndisc_router *rt) {
|
||||
static int ndisc_router_process_pref64(Link *link, sd_ndisc_router *rt, bool zero_lifetime) {
|
||||
_cleanup_free_ NDiscPREF64 *new_entry = NULL;
|
||||
usec_t lifetime_usec;
|
||||
struct in6_addr a, router;
|
||||
|
@ -2099,6 +2115,9 @@ static int ndisc_router_process_pref64(Link *link, sd_ndisc_router *rt) {
|
|||
if (r < 0)
|
||||
return log_link_warning_errno(link, r, "Failed to get pref64 prefix lifetime: %m");
|
||||
|
||||
if ((lifetime_usec == 0) != zero_lifetime)
|
||||
return 0;
|
||||
|
||||
if (lifetime_usec == 0) {
|
||||
free(set_remove(link->ndisc_pref64,
|
||||
&(NDiscPREF64) {
|
||||
|
@ -2217,7 +2236,7 @@ static int sd_dns_resolver_copy(const sd_dns_resolver *a, sd_dns_resolver *b) {
|
|||
return 0;
|
||||
}
|
||||
|
||||
static int ndisc_router_process_encrypted_dns(Link *link, sd_ndisc_router *rt) {
|
||||
static int ndisc_router_process_encrypted_dns(Link *link, sd_ndisc_router *rt, bool zero_lifetime) {
|
||||
int r;
|
||||
|
||||
assert(link);
|
||||
|
@ -2240,6 +2259,9 @@ static int ndisc_router_process_encrypted_dns(Link *link, sd_ndisc_router *rt) {
|
|||
if (r < 0)
|
||||
return log_link_warning_errno(link, r, "Failed to get lifetime of RA message: %m");
|
||||
|
||||
if ((lifetime_usec == 0) != zero_lifetime)
|
||||
return 0;
|
||||
|
||||
r = sd_ndisc_router_encrypted_dns_get_resolver(rt, &res);
|
||||
if (r < 0)
|
||||
return log_link_warning_errno(link, r, "Failed to get encrypted dns resolvers: %m");
|
||||
|
@ -2292,7 +2314,7 @@ static int ndisc_router_process_encrypted_dns(Link *link, sd_ndisc_router *rt) {
|
|||
return 0;
|
||||
}
|
||||
|
||||
static int ndisc_router_process_options(Link *link, sd_ndisc_router *rt) {
|
||||
static int ndisc_router_process_options(Link *link, sd_ndisc_router *rt, bool zero_lifetime) {
|
||||
size_t n_captive_portal = 0;
|
||||
int r;
|
||||
|
||||
|
@ -2314,19 +2336,19 @@ static int ndisc_router_process_options(Link *link, sd_ndisc_router *rt) {
|
|||
|
||||
switch (type) {
|
||||
case SD_NDISC_OPTION_PREFIX_INFORMATION:
|
||||
r = ndisc_router_process_prefix(link, rt);
|
||||
r = ndisc_router_process_prefix(link, rt, zero_lifetime);
|
||||
break;
|
||||
|
||||
case SD_NDISC_OPTION_ROUTE_INFORMATION:
|
||||
r = ndisc_router_process_route(link, rt);
|
||||
r = ndisc_router_process_route(link, rt, zero_lifetime);
|
||||
break;
|
||||
|
||||
case SD_NDISC_OPTION_RDNSS:
|
||||
r = ndisc_router_process_rdnss(link, rt);
|
||||
r = ndisc_router_process_rdnss(link, rt, zero_lifetime);
|
||||
break;
|
||||
|
||||
case SD_NDISC_OPTION_DNSSL:
|
||||
r = ndisc_router_process_dnssl(link, rt);
|
||||
r = ndisc_router_process_dnssl(link, rt, zero_lifetime);
|
||||
break;
|
||||
case SD_NDISC_OPTION_CAPTIVE_PORTAL:
|
||||
if (n_captive_portal > 0) {
|
||||
|
@ -2336,15 +2358,15 @@ static int ndisc_router_process_options(Link *link, sd_ndisc_router *rt) {
|
|||
n_captive_portal++;
|
||||
continue;
|
||||
}
|
||||
r = ndisc_router_process_captive_portal(link, rt);
|
||||
r = ndisc_router_process_captive_portal(link, rt, zero_lifetime);
|
||||
if (r > 0)
|
||||
n_captive_portal++;
|
||||
break;
|
||||
case SD_NDISC_OPTION_PREF64:
|
||||
r = ndisc_router_process_pref64(link, rt);
|
||||
r = ndisc_router_process_pref64(link, rt, zero_lifetime);
|
||||
break;
|
||||
case SD_NDISC_OPTION_ENCRYPTED_DNS:
|
||||
r = ndisc_router_process_encrypted_dns(link, rt);
|
||||
r = ndisc_router_process_encrypted_dns(link, rt, zero_lifetime);
|
||||
break;
|
||||
}
|
||||
if (r < 0 && r != -EBADMSG)
|
||||
|
@ -2652,10 +2674,6 @@ static int ndisc_router_handler(Link *link, sd_ndisc_router *rt) {
|
|||
if (r < 0)
|
||||
return r;
|
||||
|
||||
r = ndisc_router_process_default(link, rt);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
r = ndisc_router_process_reachable_time(link, rt);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
@ -2672,7 +2690,15 @@ static int ndisc_router_handler(Link *link, sd_ndisc_router *rt) {
|
|||
if (r < 0)
|
||||
return r;
|
||||
|
||||
r = ndisc_router_process_options(link, rt);
|
||||
r = ndisc_router_process_options(link, rt, /* zero_lifetime = */ true);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
r = ndisc_router_process_default(link, rt);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
r = ndisc_router_process_options(link, rt, /* zero_lifetime = */ false);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
|
|
|
@ -968,7 +968,7 @@ static void nexthop_forget_one(NextHop *nexthop) {
|
|||
|
||||
Request *req;
|
||||
if (nexthop_get_request_by_id(nexthop->manager, nexthop->id, &req) >= 0)
|
||||
route_enter_removed(req->userdata);
|
||||
nexthop_enter_removed(req->userdata);
|
||||
|
||||
nexthop_enter_removed(nexthop);
|
||||
log_nexthop_debug(nexthop, "Forgetting silently removed", nexthop->manager);
|
||||
|
|
|
@ -50,6 +50,7 @@ static int add_syscall_filters(
|
|||
{ CAP_IPC_LOCK, "@memlock" },
|
||||
|
||||
/* Plus a good set of additional syscalls which are not part of any of the groups above */
|
||||
{ 0, "arm_fadvise64_64" },
|
||||
{ 0, "brk" },
|
||||
{ 0, "capget" },
|
||||
{ 0, "capset" },
|
||||
|
|
|
@ -477,7 +477,8 @@ static int custom_mount_check_all(void) {
|
|||
if (path_equal(m->destination, "/") && arg_userns_mode != USER_NAMESPACE_NO) {
|
||||
if (arg_userns_ownership != USER_NAMESPACE_OWNERSHIP_OFF)
|
||||
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
|
||||
"--private-users-ownership=own may not be combined with custom root mounts.");
|
||||
"--private-users-ownership=%s may not be combined with custom root mounts.",
|
||||
user_namespace_ownership_to_string(arg_userns_ownership));
|
||||
if (arg_uid_shift == UID_INVALID)
|
||||
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
|
||||
"--private-users with automatic UID shift may not be combined with custom root mounts.");
|
||||
|
@ -2279,10 +2280,9 @@ static int copy_devnode_one(const char *dest, const char *node, bool ignore_mkno
|
|||
r = path_extract_directory(from, &parent);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to extract directory from %s: %m", from);
|
||||
if (!path_equal(parent, "/dev/")) {
|
||||
if (userns_mkdir(dest, parent, 0755, 0, 0) < 0)
|
||||
return log_error_errno(r, "Failed to create directory %s: %m", parent);
|
||||
}
|
||||
r = userns_mkdir(dest, parent, 0755, 0, 0);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to create directory %s: %m", parent);
|
||||
|
||||
if (mknod(to, st.st_mode, st.st_rdev) < 0) {
|
||||
r = -errno; /* Save the original error code. */
|
||||
|
@ -4653,7 +4653,7 @@ static int nspawn_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t r
|
|||
|
||||
ucred = CMSG_FIND_DATA(&msghdr, SOL_SOCKET, SCM_CREDENTIALS, struct ucred);
|
||||
if (!ucred || ucred->pid != inner_child_pid) {
|
||||
log_debug("Received notify message without valid credentials. Ignoring.");
|
||||
log_debug("Received notify message from process that is not the payload's PID 1. Ignoring.");
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
|
|
@ -36,14 +36,9 @@ static int parse_proc_cmdline_item(const char *key, const char *value, void *dat
|
|||
arg_skip = true;
|
||||
else
|
||||
log_warning("Invalid quotacheck.mode= value, ignoring: %s", value);
|
||||
}
|
||||
|
||||
#if HAVE_SYSV_COMPAT
|
||||
else if (streq(key, "forcequotacheck") && !value) {
|
||||
log_warning("Please use 'quotacheck.mode=force' rather than 'forcequotacheck' on the kernel command line. Proceeding anyway.");
|
||||
} else if (streq(key, "forcequotacheck") && !value)
|
||||
arg_force = true;
|
||||
}
|
||||
#endif
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
|
|
@ -2297,7 +2297,8 @@ static int start_transient_scope(sd_bus *bus) {
|
|||
uid_t uid;
|
||||
gid_t gid;
|
||||
|
||||
r = get_user_creds(&arg_exec_user, &uid, &gid, &home, &shell, USER_CREDS_CLEAN|USER_CREDS_PREFER_NSS);
|
||||
r = get_user_creds(&arg_exec_user, &uid, &gid, &home, &shell,
|
||||
USER_CREDS_CLEAN|USER_CREDS_SUPPRESS_PLACEHOLDER|USER_CREDS_PREFER_NSS);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to resolve user %s: %m", arg_exec_user);
|
||||
|
||||
|
|
|
@ -46,13 +46,17 @@ static bool argv_has_at(pid_t pid) {
|
|||
return c == '@';
|
||||
}
|
||||
|
||||
static bool is_survivor_cgroup(const PidRef *pid) {
|
||||
static bool is_in_survivor_cgroup(const PidRef *pid) {
|
||||
_cleanup_free_ char *cgroup_path = NULL;
|
||||
int r;
|
||||
|
||||
assert(pidref_is_set(pid));
|
||||
|
||||
r = cg_pidref_get_path(/* root= */ NULL, pid, &cgroup_path);
|
||||
if (r == -EUNATCH) {
|
||||
log_warning_errno(r, "Process " PID_FMT " appears to originate in foreign namespace, ignoring.", pid->pid);
|
||||
return true;
|
||||
}
|
||||
if (r < 0) {
|
||||
log_warning_errno(r, "Failed to get cgroup path of process " PID_FMT ", ignoring: %m", pid->pid);
|
||||
return false;
|
||||
|
@ -86,7 +90,7 @@ static bool ignore_proc(const PidRef *pid, bool warn_rootfs) {
|
|||
return true; /* also ignore processes where we can't determine this */
|
||||
|
||||
/* Ignore processes that are part of a cgroup marked with the user.survive_final_kill_signal xattr */
|
||||
if (is_survivor_cgroup(pid))
|
||||
if (is_in_survivor_cgroup(pid))
|
||||
return true;
|
||||
|
||||
r = pidref_get_uid(pid, &uid);
|
||||
|
|
|
@ -392,7 +392,7 @@ int tpm2_make_pcr_json_array(uint32_t pcr_mask, sd_json_variant **ret);
|
|||
int tpm2_parse_pcr_json_array(sd_json_variant *v, uint32_t *ret);
|
||||
|
||||
int tpm2_make_luks2_json(int keyslot, uint32_t hash_pcr_mask, uint16_t pcr_bank, const struct iovec *pubkey, uint32_t pubkey_pcr_mask, uint16_t primary_alg, const struct iovec blobs[], size_t n_blobs, const struct iovec policy_hash[], size_t n_policy_hash, const struct iovec *salt, const struct iovec *srk, const struct iovec *pcrlock_nv, TPM2Flags flags, sd_json_variant **ret);
|
||||
int tpm2_parse_luks2_json(sd_json_variant *v, int *ret_keyslot, uint32_t *ret_hash_pcr_mask, uint16_t *ret_pcr_bank, struct iovec *ret_pubkey, uint32_t *ret_pubkey_pcr_mask, uint16_t *ret_primary_alg, struct iovec **ret_blobs, size_t *ret_n_blobs, struct iovec **ret_policy_hash, size_t *ret_n_policy_hash, struct iovec *ret_salt, struct iovec *ret_srk, struct iovec *pcrlock_nv, TPM2Flags *ret_flags);
|
||||
int tpm2_parse_luks2_json(sd_json_variant *v, int *ret_keyslot, uint32_t *ret_hash_pcr_mask, uint16_t *ret_pcr_bank, struct iovec *ret_pubkey, uint32_t *ret_pubkey_pcr_mask, uint16_t *ret_primary_alg, struct iovec **ret_blobs, size_t *ret_n_blobs, struct iovec **ret_policy_hash, size_t *ret_n_policy_hash, struct iovec *ret_salt, struct iovec *ret_srk, struct iovec *ret_pcrlock_nv, TPM2Flags *ret_flags);
|
||||
|
||||
/* Default to PCR 7 only */
|
||||
#define TPM2_PCR_INDEX_DEFAULT UINT32_C(7)
|
||||
|
|
|
@ -28,21 +28,28 @@ const char* user_record_state_color(const char *state) {
|
|||
return NULL;
|
||||
}
|
||||
|
||||
static void dump_self_modifiable(const char *heading, char **field, const char **value) {
|
||||
static void dump_self_modifiable(
|
||||
const char *heading,
|
||||
char **field,
|
||||
const char **value) {
|
||||
|
||||
assert(heading);
|
||||
|
||||
/* Helper function for printing the various self_modifiable_* fields from the user record */
|
||||
|
||||
if (strv_isempty((char**) value))
|
||||
/* Case 1: the array is explicitly set to be empty by the administrator */
|
||||
printf("%13s %sDisabled by Administrator%s\n", heading, ansi_highlight_red(), ansi_normal());
|
||||
if (!value)
|
||||
/* Case 1: no value is set and no default either */
|
||||
printf("%13s %snone%s\n", heading, ansi_highlight(), ansi_normal());
|
||||
else if (strv_isempty((char**) value))
|
||||
/* Case 2: the array is explicitly set to empty by the administrator */
|
||||
printf("%13s %sdisabled by administrator%s\n", heading, ansi_highlight_red(), ansi_normal());
|
||||
else if (!field)
|
||||
/* Case 2: we have values, but the field is NULL. This means that we're using the defaults.
|
||||
/* Case 3: we have values, but the field is NULL. This means that we're using the defaults.
|
||||
* We list them anyways, because they're security-sensitive to the administrator */
|
||||
STRV_FOREACH(i, value)
|
||||
printf("%13s %s%s%s\n", i == value ? heading : "", ansi_grey(), *i, ansi_normal());
|
||||
else
|
||||
/* Case 3: we have a list provided by the administrator */
|
||||
/* Case 4: we have a list provided by the administrator */
|
||||
STRV_FOREACH(i, value)
|
||||
printf("%13s %s\n", i == value ? heading : "", *i);
|
||||
}
|
||||
|
|
|
@ -2165,8 +2165,15 @@ const char** user_record_self_modifiable_fields(UserRecord *h) {
|
|||
|
||||
assert(h);
|
||||
|
||||
/* Note: if the self_modifiable_fields field in UserRecord is NULL we'll apply a default, if we have
|
||||
* one. If it is a non-NULL empty strv, we'll report it as explicit empty list. When the field is
|
||||
* NULL and we have no default list we'll return NULL. */
|
||||
|
||||
/* Note that we intentionally distinguish between NULL and an empty array here */
|
||||
return (const char**) h->self_modifiable_fields ?: (const char**) default_fields;
|
||||
if (h->self_modifiable_fields)
|
||||
return (const char**) h->self_modifiable_fields;
|
||||
|
||||
return user_record_disposition(h) == USER_REGULAR ? (const char**) default_fields : NULL;
|
||||
}
|
||||
|
||||
const char** user_record_self_modifiable_blobs(UserRecord *h) {
|
||||
|
@ -2180,7 +2187,10 @@ const char** user_record_self_modifiable_blobs(UserRecord *h) {
|
|||
assert(h);
|
||||
|
||||
/* Note that we intentionally distinguish between NULL and an empty array here */
|
||||
return (const char**) h->self_modifiable_blobs ?: (const char**) default_blobs;
|
||||
if (h->self_modifiable_blobs)
|
||||
return (const char**) h->self_modifiable_blobs;
|
||||
|
||||
return user_record_disposition(h) == USER_REGULAR ? (const char**) default_blobs : NULL;
|
||||
}
|
||||
|
||||
const char** user_record_self_modifiable_privileged(UserRecord *h) {
|
||||
|
@ -2201,7 +2211,10 @@ const char** user_record_self_modifiable_privileged(UserRecord *h) {
|
|||
assert(h);
|
||||
|
||||
/* Note that we intentionally distinguish between NULL and an empty array here */
|
||||
return (const char**) h->self_modifiable_privileged ?: (const char**) default_fields;
|
||||
if (h->self_modifiable_privileged)
|
||||
return (const char**) h->self_modifiable_privileged;
|
||||
|
||||
return user_record_disposition(h) == USER_REGULAR ? (const char**) default_fields : NULL;
|
||||
}
|
||||
|
||||
static int remove_self_modifiable_json_fields_common(UserRecord *current, sd_json_variant **target) {
|
||||
|
|
|
@ -98,15 +98,17 @@ static int delete_dm(DeviceMapper *m) {
|
|||
assert(major(m->devnum) != 0);
|
||||
assert(m->path);
|
||||
|
||||
fd = open(m->path, O_RDONLY|O_CLOEXEC|O_NONBLOCK);
|
||||
if (fd < 0)
|
||||
log_debug_errno(errno, "Failed to open DM block device %s for syncing, ignoring: %m", m->path);
|
||||
else {
|
||||
(void) sync_with_progress(fd);
|
||||
fd = safe_close(fd);
|
||||
}
|
||||
|
||||
fd = open("/dev/mapper/control", O_RDWR|O_CLOEXEC);
|
||||
if (fd < 0)
|
||||
return -errno;
|
||||
|
||||
_cleanup_close_ int block_fd = open(m->path, O_RDONLY|O_CLOEXEC|O_NONBLOCK);
|
||||
if (block_fd < 0)
|
||||
log_debug_errno(errno, "Failed to open DM block device %s for syncing, ignoring: %m", m->path);
|
||||
else
|
||||
(void) sync_with_progress(block_fd);
|
||||
return log_debug_errno(errno, "Failed to open /dev/mapper/control: %m");
|
||||
|
||||
return RET_NERRNO(ioctl(fd, DM_DEV_REMOVE, &(struct dm_ioctl) {
|
||||
.version = {
|
||||
|
|
|
@ -211,10 +211,8 @@ static int sync_making_progress(unsigned long long *prev_dirty) {
|
|||
continue;
|
||||
|
||||
errno = 0;
|
||||
if (sscanf(line, "%*s %llu %*s", &ull) != 1) {
|
||||
log_warning_errno(errno_or_else(EIO), "Failed to parse /proc/meminfo field, ignoring: %m");
|
||||
return false;
|
||||
}
|
||||
if (sscanf(line, "%*s %llu %*s", &ull) != 1)
|
||||
return log_warning_errno(errno_or_else(EIO), "Failed to parse /proc/meminfo field: %m");
|
||||
|
||||
val += ull;
|
||||
}
|
||||
|
|
|
@ -245,8 +245,8 @@ static int add_vsock_socket(
|
|||
if (r < 0)
|
||||
return r;
|
||||
|
||||
log_info("Binding SSH to AF_VSOCK vsock::22.\n"
|
||||
"→ connect via 'ssh vsock/%u' from host", local_cid);
|
||||
log_debug("Binding SSH to AF_VSOCK vsock::22.\n"
|
||||
"→ connect via 'ssh vsock/%u' from host", local_cid);
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
@ -280,8 +280,8 @@ static int add_local_unix_socket(
|
|||
if (r < 0)
|
||||
return r;
|
||||
|
||||
log_info("Binding SSH to AF_UNIX socket /run/ssh-unix-local/socket.\n"
|
||||
"→ connect via 'ssh .host' locally");
|
||||
log_debug("Binding SSH to AF_UNIX socket /run/ssh-unix-local/socket.\n"
|
||||
"→ connect via 'ssh .host' locally");
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
@ -336,8 +336,8 @@ static int add_export_unix_socket(
|
|||
if (r < 0)
|
||||
return r;
|
||||
|
||||
log_info("Binding SSH to AF_UNIX socket /run/host/unix-export/ssh\n"
|
||||
"→ connect via 'ssh unix/run/systemd/nspawn/unix-export/\?\?\?/ssh' from host");
|
||||
log_debug("Binding SSH to AF_UNIX socket /run/host/unix-export/ssh\n"
|
||||
"→ connect via 'ssh unix/run/systemd/nspawn/unix-export/\?\?\?/ssh' from host");
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
@ -387,7 +387,7 @@ static int add_extra_sockets(
|
|||
if (r < 0)
|
||||
return r;
|
||||
|
||||
log_info("Binding SSH to socket %s.", *i);
|
||||
log_debug("Binding SSH to socket %s.", *i);
|
||||
n++;
|
||||
}
|
||||
|
||||
|
@ -462,7 +462,7 @@ static int run(const char *dest, const char *dest_early, const char *dest_late)
|
|||
_cleanup_free_ char *sshd_binary = NULL;
|
||||
r = find_executable("sshd", &sshd_binary);
|
||||
if (r == -ENOENT) {
|
||||
log_info("Disabling SSH generator logic, since sshd is not installed.");
|
||||
log_debug("Disabling SSH generator logic, since sshd is not installed.");
|
||||
return 0;
|
||||
}
|
||||
if (r < 0)
|
||||
|
|
|
@ -724,7 +724,7 @@ static void print_status_info(
|
|||
printf(" Tasks: %" PRIu64, i->tasks_current);
|
||||
|
||||
if (i->tasks_max != UINT64_MAX)
|
||||
printf(" (limit: %" PRIu64 ")\n", i->tasks_max);
|
||||
printf("%s (limit: %" PRIu64 ")%s\n", ansi_grey(), i->tasks_max, ansi_normal());
|
||||
else
|
||||
printf("\n");
|
||||
}
|
||||
|
|
|
@ -99,15 +99,15 @@ int main(void) {
|
|||
printf("Found %zu symbols from source files.\\n", j);
|
||||
|
||||
for (i = 0; symbols_from_sym[i].name; i++) {
|
||||
struct symbol*n = bsearch(symbols_from_sym+i, symbols_from_source, sizeof(symbols_from_source)/sizeof(symbols_from_source[0])-1, sizeof(symbols_from_source[0]), sort_callback);
|
||||
struct symbol *n = bsearch(symbols_from_sym+i, symbols_from_source, sizeof(symbols_from_source)/sizeof(symbols_from_source[0])-1, sizeof(symbols_from_source[0]), sort_callback);
|
||||
if (!n)
|
||||
printf("Found in symbol file, but not in sources: %s\\n", symbols_from_sym[i].name);
|
||||
}
|
||||
|
||||
for (j = 0; symbols_from_source[j].name; j++) {
|
||||
struct symbol*n = bsearch(symbols_from_source+j, symbols_from_source, sizeof(symbols_from_sym)/sizeof(symbols_from_sym[0])-1, sizeof(symbols_from_sym[0]), sort_callback);
|
||||
struct symbol *n = bsearch(symbols_from_source+j, symbols_from_sym, sizeof(symbols_from_sym)/sizeof(symbols_from_sym[0])-1, sizeof(symbols_from_sym[0]), sort_callback);
|
||||
if (!n)
|
||||
printf("Found in sources, but not in symbol file: %s\\n", symbols_from_source[i].name);
|
||||
printf("Found in sources, but not in symbol file: %s\\n", symbols_from_source[j].name);
|
||||
}
|
||||
|
||||
return i == j ? EXIT_SUCCESS : EXIT_FAILURE;
|
||||
|
|
|
@ -7,24 +7,26 @@ TEST(audit_loginuid_from_pid) {
|
|||
_cleanup_(pidref_done) PidRef self = PIDREF_NULL, pid1 = PIDREF_NULL;
|
||||
int r;
|
||||
|
||||
assert_se(pidref_set_self(&self) >= 0);
|
||||
assert_se(pidref_set_pid(&pid1, 1) >= 0);
|
||||
ASSERT_OK(pidref_set_self(&self));
|
||||
ASSERT_OK(pidref_set_pid(&pid1, 1));
|
||||
|
||||
uid_t uid;
|
||||
r = audit_loginuid_from_pid(&self, &uid);
|
||||
assert_se(r >= 0 || r == -ENODATA);
|
||||
if (r != -ENODATA)
|
||||
ASSERT_OK(r);
|
||||
if (r >= 0)
|
||||
log_info("self audit login uid: " UID_FMT, uid);
|
||||
|
||||
assert_se(audit_loginuid_from_pid(&pid1, &uid) == -ENODATA);
|
||||
ASSERT_ERROR(audit_loginuid_from_pid(&pid1, &uid), ENODATA);
|
||||
|
||||
uint32_t sessionid;
|
||||
r = audit_session_from_pid(&self, &sessionid);
|
||||
assert_se(r >= 0 || r == -ENODATA);
|
||||
if (r != -ENODATA)
|
||||
ASSERT_OK(r);
|
||||
if (r >= 0)
|
||||
log_info("self audit session id: %" PRIu32, sessionid);
|
||||
|
||||
assert_se(audit_session_from_pid(&pid1, &sessionid) == -ENODATA);
|
||||
ASSERT_ERROR(audit_session_from_pid(&pid1, &sessionid), ENODATA);
|
||||
}
|
||||
|
||||
static int intro(void) {
|
||||
|
|
|
@ -9,7 +9,7 @@
|
|||
({ \
|
||||
typeof(ret) _r = (ret); \
|
||||
user_record_unref(*_r); \
|
||||
assert_se(user_record_build((ret), SD_JSON_BUILD_OBJECT(__VA_ARGS__)) >= 0); \
|
||||
assert_se(user_record_build((ret), SD_JSON_BUILD_OBJECT(SD_JSON_BUILD_PAIR_STRING("disposition", "regular"), __VA_ARGS__)) >= 0); \
|
||||
0; \
|
||||
})
|
||||
|
||||
|
|
|
@ -363,7 +363,7 @@ def test_config_priority(tmp_path):
|
|||
assert opts.pcr_public_keys == ['PKEY2', 'some/path8']
|
||||
assert opts.pcr_banks == ['SHA1', 'SHA256']
|
||||
assert opts.signing_engine == 'ENGINE'
|
||||
assert opts.signtool == ukify.SbSign # from args
|
||||
assert opts.signtool == 'sbsign' # from args
|
||||
assert opts.sb_key == 'SBKEY' # from args
|
||||
assert opts.sb_cert == pathlib.Path('SBCERT') # from args
|
||||
assert opts.sb_certdir == 'some/path5' # from config
|
||||
|
|
|
@ -238,7 +238,9 @@ class UkifyConfig:
|
|||
all: bool
|
||||
cmdline: Union[str, Path, None]
|
||||
devicetree: Path
|
||||
devicetree_auto: list[Path]
|
||||
efi_arch: str
|
||||
hwids: Path
|
||||
initrd: list[Path]
|
||||
join_profiles: list[Path]
|
||||
json: Union[Literal['pretty'], Literal['short'], Literal['off']]
|
||||
|
@ -265,7 +267,7 @@ class UkifyConfig:
|
|||
signing_engine: Optional[str]
|
||||
signing_provider: Optional[str]
|
||||
certificate_provider: Optional[str]
|
||||
signtool: Optional[type['SignTool']]
|
||||
signtool: Optional[str]
|
||||
splash: Optional[Path]
|
||||
stub: Path
|
||||
summary: bool
|
||||
|
@ -365,6 +367,8 @@ DEFAULT_SECTIONS_TO_SHOW = {
|
|||
'.ucode': 'binary',
|
||||
'.splash': 'binary',
|
||||
'.dtb': 'binary',
|
||||
'.dtbauto': 'binary',
|
||||
'.hwids': 'binary',
|
||||
'.cmdline': 'text',
|
||||
'.osrel': 'text',
|
||||
'.uname': 'text',
|
||||
|
@ -447,7 +451,7 @@ class UKI:
|
|||
if s.name == '.profile':
|
||||
start = i + 1
|
||||
|
||||
if any(section.name == s.name for s in self.sections[start:]):
|
||||
if any(section.name == s.name for s in self.sections[start:] if s.name != '.dtbauto'):
|
||||
raise ValueError(f'Duplicate section {section.name}')
|
||||
|
||||
self.sections += [section]
|
||||
|
@ -462,6 +466,17 @@ class SignTool:
|
|||
def verify(opts: UkifyConfig) -> bool:
|
||||
raise NotImplementedError()
|
||||
|
||||
@staticmethod
|
||||
def from_string(name) -> type['SignTool']:
|
||||
if name == 'pesign':
|
||||
return PeSign
|
||||
elif name == 'sbsign':
|
||||
return SbSign
|
||||
elif name == 'systemd-sbsign':
|
||||
return SystemdSbSign
|
||||
else:
|
||||
raise ValueError(f'Invalid sign tool: {name!r}')
|
||||
|
||||
|
||||
class PeSign(SignTool):
|
||||
@staticmethod
|
||||
|
@ -620,8 +635,11 @@ def check_inputs(opts: UkifyConfig) -> None:
|
|||
continue
|
||||
|
||||
if isinstance(value, Path):
|
||||
# Open file to check that we can read it, or generate an exception
|
||||
value.open().close()
|
||||
# Check that we can open the directory or file, or generate and exception
|
||||
if value.is_dir():
|
||||
value.iterdir()
|
||||
else:
|
||||
value.open().close()
|
||||
elif isinstance(value, list):
|
||||
for item in value:
|
||||
if isinstance(item, Path):
|
||||
|
@ -704,7 +722,16 @@ def call_systemd_measure(uki: UKI, opts: UkifyConfig, profile_start: int = 0) ->
|
|||
# PCR measurement
|
||||
|
||||
# First, pick up either the base sections or the profile specific sections we shall measure now
|
||||
to_measure = {s.name: s for s in uki.sections[profile_start:] if s.measure}
|
||||
unique_to_measure = {
|
||||
s.name: s for s in uki.sections[profile_start:] if s.measure and s.name != '.dtbauto'
|
||||
}
|
||||
|
||||
dtbauto_to_measure: list[Optional[Section]] = [
|
||||
s for s in uki.sections[profile_start:] if s.measure and s.name == '.dtbauto'
|
||||
]
|
||||
|
||||
if len(dtbauto_to_measure) == 0:
|
||||
dtbauto_to_measure = [None]
|
||||
|
||||
# Then, if we're measuring a profile, lookup the missing sections from the base image.
|
||||
if profile_start != 0:
|
||||
|
@ -718,61 +745,72 @@ def call_systemd_measure(uki: UKI, opts: UkifyConfig, profile_start: int = 0) ->
|
|||
continue
|
||||
|
||||
# Check if this is a section we already covered above
|
||||
if section.name in to_measure:
|
||||
if section.name in unique_to_measure:
|
||||
continue
|
||||
|
||||
to_measure[section.name] = section
|
||||
unique_to_measure[section.name] = section
|
||||
|
||||
if opts.measure:
|
||||
pp_groups = opts.phase_path_groups or []
|
||||
to_measure = unique_to_measure.copy()
|
||||
|
||||
cmd = [
|
||||
measure_tool,
|
||||
'calculate',
|
||||
*(f"--{s.name.removeprefix('.')}={s.content}" for s in to_measure.values()),
|
||||
*(f'--bank={bank}' for bank in banks),
|
||||
# For measurement, the keys are not relevant, so we can lump all the phase paths
|
||||
# into one call to systemd-measure calculate.
|
||||
*(f'--phase={phase_path}' for phase_path in itertools.chain.from_iterable(pp_groups)),
|
||||
]
|
||||
for dtbauto in dtbauto_to_measure:
|
||||
if dtbauto is not None:
|
||||
to_measure[dtbauto.name] = dtbauto
|
||||
|
||||
print('+', shell_join(cmd))
|
||||
subprocess.check_call(cmd)
|
||||
pp_groups = opts.phase_path_groups or []
|
||||
|
||||
cmd = [
|
||||
measure_tool,
|
||||
'calculate',
|
||||
*(f"--{s.name.removeprefix('.')}={s.content}" for s in to_measure.values()),
|
||||
*(f'--bank={bank}' for bank in banks),
|
||||
# For measurement, the keys are not relevant, so we can lump all the phase paths
|
||||
# into one call to systemd-measure calculate.
|
||||
*(f'--phase={phase_path}' for phase_path in itertools.chain.from_iterable(pp_groups)),
|
||||
]
|
||||
|
||||
print('+', shell_join(cmd))
|
||||
subprocess.check_call(cmd)
|
||||
|
||||
# PCR signing
|
||||
|
||||
if opts.pcr_private_keys:
|
||||
pcrsigs = []
|
||||
to_measure = unique_to_measure.copy()
|
||||
|
||||
cmd = [
|
||||
measure_tool,
|
||||
'sign',
|
||||
*(f"--{s.name.removeprefix('.')}={s.content}" for s in to_measure.values()),
|
||||
*(f'--bank={bank}' for bank in banks),
|
||||
]
|
||||
for dtbauto in dtbauto_to_measure:
|
||||
if dtbauto is not None:
|
||||
to_measure[dtbauto.name] = dtbauto
|
||||
|
||||
for priv_key, pub_key, group in key_path_groups(opts):
|
||||
extra = [f'--private-key={priv_key}']
|
||||
if opts.signing_engine is not None:
|
||||
assert pub_key
|
||||
extra += [f'--private-key-source=engine:{opts.signing_engine}']
|
||||
extra += [f'--certificate={pub_key}']
|
||||
elif opts.signing_provider is not None:
|
||||
assert pub_key
|
||||
extra += [f'--private-key-source=provider:{opts.signing_provider}']
|
||||
extra += [f'--certificate={pub_key}']
|
||||
elif pub_key:
|
||||
extra += [f'--public-key={pub_key}']
|
||||
cmd = [
|
||||
measure_tool,
|
||||
'sign',
|
||||
*(f"--{s.name.removeprefix('.')}={s.content}" for s in to_measure.values()),
|
||||
*(f'--bank={bank}' for bank in banks),
|
||||
]
|
||||
|
||||
if opts.certificate_provider is not None:
|
||||
extra += [f'--certificate-source=provider:{opts.certificate_provider}']
|
||||
for priv_key, pub_key, group in key_path_groups(opts):
|
||||
extra = [f'--private-key={priv_key}']
|
||||
if opts.signing_engine is not None:
|
||||
assert pub_key
|
||||
extra += [f'--private-key-source=engine:{opts.signing_engine}']
|
||||
extra += [f'--certificate={pub_key}']
|
||||
elif opts.signing_provider is not None:
|
||||
assert pub_key
|
||||
extra += [f'--private-key-source=provider:{opts.signing_provider}']
|
||||
extra += [f'--certificate={pub_key}']
|
||||
elif pub_key:
|
||||
extra += [f'--public-key={pub_key}']
|
||||
|
||||
extra += [f'--phase={phase_path}' for phase_path in group or ()]
|
||||
if opts.certificate_provider is not None:
|
||||
extra += [f'--certificate-source=provider:{opts.certificate_provider}']
|
||||
|
||||
print('+', shell_join(cmd + extra)) # type: ignore
|
||||
pcrsig = subprocess.check_output(cmd + extra, text=True) # type: ignore
|
||||
pcrsig = json.loads(pcrsig)
|
||||
pcrsigs += [pcrsig]
|
||||
extra += [f'--phase={phase_path}' for phase_path in group or ()]
|
||||
|
||||
print('+', shell_join(cmd + extra)) # type: ignore
|
||||
pcrsig = subprocess.check_output(cmd + extra, text=True) # type: ignore
|
||||
pcrsig = json.loads(pcrsig)
|
||||
pcrsigs += [pcrsig]
|
||||
|
||||
combined = combine_signatures(pcrsigs)
|
||||
uki.add_section(Section.create('.pcrsig', combined))
|
||||
|
@ -903,7 +941,7 @@ def pe_add_sections(uki: UKI, output: str) -> None:
|
|||
# the one from the kernel to it. It should be small enough to fit in the existing section, so just
|
||||
# swap the data.
|
||||
for i, s in enumerate(pe.sections[:n_original_sections]):
|
||||
if pe_strip_section_name(s.Name) == section.name:
|
||||
if pe_strip_section_name(s.Name) == section.name and section.name != '.dtbauto':
|
||||
if new_section.Misc_VirtualSize > s.SizeOfRawData:
|
||||
raise PEError(f'Not enough space in existing section {section.name} to append new data.')
|
||||
|
||||
|
@ -975,6 +1013,123 @@ def merge_sbat(input_pe: list[Path], input_text: list[str]) -> str:
|
|||
)
|
||||
|
||||
|
||||
# Keep in sync with EFI_GUID (src/boot/efi.h)
|
||||
# uint32_t Data1, uint16_t Data2, uint16_t Data3, uint8_t Data4[8]
|
||||
EFI_GUID = tuple[int, int, int, tuple[int, int, int, int, int, int, int, int]]
|
||||
EFI_GUID_STRUCT_SIZE = 4 + 2 + 2 + 1 * 8
|
||||
|
||||
# Keep in sync with Device (DEVICE_TYPE_DEVICETREE) from src/boot/chid.h
|
||||
# uint32_t descriptor, EFI_GUID chid, uint32_t name_offset, uint32_t compatible_offset
|
||||
DEVICE_STRUCT_SIZE = 4 + EFI_GUID_STRUCT_SIZE + 4 + 4
|
||||
NULL_DEVICE = b'\0' * DEVICE_STRUCT_SIZE
|
||||
DEVICE_TYPE_DEVICETREE = 1
|
||||
|
||||
|
||||
def device_make_descriptor(device_type: int, size: int) -> int:
|
||||
return (size) | (device_type << 28)
|
||||
|
||||
|
||||
def pack_device(offsets: dict[str, int], name: str, compatible: str, chids: list[EFI_GUID]) -> bytes:
|
||||
data = b''
|
||||
|
||||
for data1, data2, data3, data4 in chids:
|
||||
data += struct.pack(
|
||||
'<IIHH8BII',
|
||||
device_make_descriptor(DEVICE_TYPE_DEVICETREE, DEVICE_STRUCT_SIZE),
|
||||
data1,
|
||||
data2,
|
||||
data3,
|
||||
*data4,
|
||||
offsets[name],
|
||||
offsets[compatible],
|
||||
)
|
||||
|
||||
assert len(data) == DEVICE_STRUCT_SIZE * len(chids)
|
||||
return data
|
||||
|
||||
|
||||
def hex_pairs_list(string: str) -> list[int]:
|
||||
return [int(string[i : i + 2], 16) for i in range(0, len(string), 2)]
|
||||
|
||||
|
||||
def pack_strings(strings: set[str], base: int) -> tuple[bytes, dict[str, int]]:
|
||||
blob = b''
|
||||
offsets = {}
|
||||
|
||||
for string in sorted(strings):
|
||||
offsets[string] = base + len(blob)
|
||||
blob += string.encode('utf-8') + b'\00'
|
||||
|
||||
return (blob, offsets)
|
||||
|
||||
|
||||
def parse_hwid_dir(path: Path) -> bytes:
|
||||
hwid_files = path.rglob('*.txt')
|
||||
|
||||
strings: set[str] = set()
|
||||
devices: collections.defaultdict[tuple[str, str], list[EFI_GUID]] = collections.defaultdict(list)
|
||||
|
||||
uuid_regexp = re.compile(
|
||||
r'\{[0-9a-f]{8}-[0-9a-f]{4}-[0-5][0-9a-f]{3}-[089ab][0-9a-f]{3}-[0-9a-f]{12}\}', re.I
|
||||
)
|
||||
|
||||
for hwid_file in hwid_files:
|
||||
content = hwid_file.open().readlines()
|
||||
|
||||
data: dict[str, str] = {
|
||||
'Manufacturer': '',
|
||||
'Family': '',
|
||||
'Compatible': '',
|
||||
}
|
||||
uuids: list[EFI_GUID] = []
|
||||
|
||||
for line in content:
|
||||
for k in data:
|
||||
if line.startswith(k):
|
||||
data[k] = line.split(':')[1].strip()
|
||||
break
|
||||
else:
|
||||
uuid = uuid_regexp.match(line)
|
||||
if uuid is not None:
|
||||
d1, d2, d3, d4, d5 = uuid.group(0)[1:-1].split('-')
|
||||
|
||||
data1 = int(d1, 16)
|
||||
data2 = int(d2, 16)
|
||||
data3 = int(d3, 16)
|
||||
data4 = cast(
|
||||
tuple[int, int, int, int, int, int, int, int],
|
||||
tuple(hex_pairs_list(d4) + hex_pairs_list(d5)),
|
||||
)
|
||||
|
||||
uuids.append((data1, data2, data3, data4))
|
||||
|
||||
for k, v in data.items():
|
||||
if not v:
|
||||
raise ValueError(f'hwid description file "{hwid_file}" does not contain "{k}"')
|
||||
|
||||
name = data['Manufacturer'] + ' ' + data['Family']
|
||||
compatible = data['Compatible']
|
||||
|
||||
strings |= set([name, compatible])
|
||||
|
||||
# (compatible, name) pair uniquely identifies the device
|
||||
devices[(compatible, name)] += uuids
|
||||
|
||||
total_device_structs = 1
|
||||
for dev, uuids in devices.items():
|
||||
total_device_structs += len(uuids)
|
||||
|
||||
strings_blob, offsets = pack_strings(strings, total_device_structs * DEVICE_STRUCT_SIZE)
|
||||
|
||||
devices_blob = b''
|
||||
for (compatible, name), uuids in devices.items():
|
||||
devices_blob += pack_device(offsets, name, compatible, uuids)
|
||||
|
||||
devices_blob += NULL_DEVICE
|
||||
|
||||
return devices_blob + strings_blob
|
||||
|
||||
|
||||
STUB_SBAT = """\
|
||||
sbat,1,SBAT Version,sbat,1,https://github.com/rhboot/shim/blob/main/SBAT.md
|
||||
uki,1,UKI,uki,1,https://uapi-group.org/specifications/specs/unified_kernel_image/
|
||||
|
@ -997,15 +1152,16 @@ def make_uki(opts: UkifyConfig) -> None:
|
|||
|
||||
if opts.linux and sign_args_present:
|
||||
assert opts.signtool is not None
|
||||
signtool = SignTool.from_string(opts.signtool)
|
||||
|
||||
if not sign_kernel:
|
||||
# figure out if we should sign the kernel
|
||||
sign_kernel = opts.signtool.verify(opts)
|
||||
sign_kernel = signtool.verify(opts)
|
||||
|
||||
if sign_kernel:
|
||||
linux_signed = tempfile.NamedTemporaryFile(prefix='linux-signed')
|
||||
linux = Path(linux_signed.name)
|
||||
opts.signtool.sign(os.fspath(opts.linux), os.fspath(linux), opts=opts)
|
||||
signtool.sign(os.fspath(opts.linux), os.fspath(linux), opts=opts)
|
||||
|
||||
if opts.uname is None and opts.linux is not None:
|
||||
print('Kernel version not specified, starting autodetection 😖.')
|
||||
|
@ -1041,11 +1197,18 @@ def make_uki(opts: UkifyConfig) -> None:
|
|||
print('+', shell_join(cmd))
|
||||
pcrpkey = subprocess.check_output(cmd)
|
||||
|
||||
hwids = None
|
||||
|
||||
if opts.hwids is not None:
|
||||
hwids = parse_hwid_dir(opts.hwids)
|
||||
|
||||
sections = [
|
||||
# name, content, measure?
|
||||
('.osrel', opts.os_release, True),
|
||||
('.cmdline', opts.cmdline, True),
|
||||
('.dtb', opts.devicetree, True),
|
||||
*(('.dtbauto', dtb, True) for dtb in opts.devicetree_auto),
|
||||
('.hwids', hwids, True),
|
||||
('.uname', opts.uname, True),
|
||||
('.splash', opts.splash, True),
|
||||
('.pcrpkey', pcrpkey, True),
|
||||
|
@ -1159,7 +1322,9 @@ def make_uki(opts: UkifyConfig) -> None:
|
|||
|
||||
if sign_args_present:
|
||||
assert opts.signtool is not None
|
||||
opts.signtool.sign(os.fspath(unsigned_output), os.fspath(opts.output), opts)
|
||||
signtool = SignTool.from_string(opts.signtool)
|
||||
|
||||
signtool.sign(os.fspath(unsigned_output), os.fspath(opts.output), opts)
|
||||
|
||||
# We end up with no executable bits, let's reapply them
|
||||
os.umask(umask := os.umask(0))
|
||||
|
@ -1489,10 +1654,10 @@ class ConfigItem:
|
|||
else:
|
||||
conv = lambda s: s # noqa: E731
|
||||
|
||||
# This is a bit ugly, but --initrd is the only option which is specified
|
||||
# This is a bit ugly, but --initrd and --devicetree-auto are the only options
|
||||
# with multiple args on the command line and a space-separated list in the
|
||||
# config file.
|
||||
if self.name == '--initrd':
|
||||
if self.name in ['--initrd', '--devicetree-auto']:
|
||||
value = [conv(v) for v in value.split()]
|
||||
else:
|
||||
value = conv(value)
|
||||
|
@ -1512,26 +1677,6 @@ class ConfigItem:
|
|||
return (section_name, key, value)
|
||||
|
||||
|
||||
class SignToolAction(argparse.Action):
|
||||
def __call__(
|
||||
self,
|
||||
parser: argparse.ArgumentParser,
|
||||
namespace: argparse.Namespace,
|
||||
values: Union[str, Sequence[Any], None] = None,
|
||||
option_string: Optional[str] = None,
|
||||
) -> None:
|
||||
if values is None:
|
||||
setattr(namespace, 'signtool', None)
|
||||
elif values == 'sbsign':
|
||||
setattr(namespace, 'signtool', SbSign)
|
||||
elif values == 'pesign':
|
||||
setattr(namespace, 'signtool', PeSign)
|
||||
elif values == 'systemd-sbsign':
|
||||
setattr(namespace, 'signtool', SystemdSbSign)
|
||||
else:
|
||||
raise ValueError(f"Unknown signtool '{values}' (this is unreachable)")
|
||||
|
||||
|
||||
VERBS = ('build', 'genkey', 'inspect')
|
||||
|
||||
CONFIG_ITEMS = [
|
||||
|
@ -1605,6 +1750,23 @@ CONFIG_ITEMS = [
|
|||
help='Device Tree file [.dtb section]',
|
||||
config_key='UKI/DeviceTree',
|
||||
),
|
||||
ConfigItem(
|
||||
'--devicetree-auto',
|
||||
metavar='PATH',
|
||||
type=Path,
|
||||
action='append',
|
||||
help='DeviceTree file for automatic selection [.dtbauto section]',
|
||||
default=[],
|
||||
config_key='UKI/DeviceTreeAuto',
|
||||
config_push=ConfigItem.config_list_prepend,
|
||||
),
|
||||
ConfigItem(
|
||||
'--hwids',
|
||||
metavar='DIR',
|
||||
type=Path,
|
||||
help='Directory with HWID text files [.hwids section]',
|
||||
config_key='UKI/HWIDs',
|
||||
),
|
||||
ConfigItem(
|
||||
'--uname',
|
||||
metavar='VERSION',
|
||||
|
@ -1688,7 +1850,6 @@ CONFIG_ITEMS = [
|
|||
ConfigItem(
|
||||
'--signtool',
|
||||
choices=('sbsign', 'pesign', 'systemd-sbsign'),
|
||||
action=SignToolAction,
|
||||
dest='signtool',
|
||||
help=(
|
||||
'whether to use sbsign or pesign. It will also be inferred by the other '
|
||||
|
@ -2005,24 +2166,24 @@ def finalize_options(opts: argparse.Namespace) -> None:
|
|||
)
|
||||
elif bool(opts.sb_key) and bool(opts.sb_cert):
|
||||
# both param given, infer sbsign and in case it was given, ensure signtool=sbsign
|
||||
if opts.signtool and opts.signtool not in (SbSign, SystemdSbSign):
|
||||
if opts.signtool and opts.signtool not in ('sbsign', 'systemd-sbsign'):
|
||||
raise ValueError(
|
||||
f'Cannot provide --signtool={opts.signtool} with --secureboot-private-key= and --secureboot-certificate=' # noqa: E501
|
||||
)
|
||||
if not opts.signtool:
|
||||
opts.signtool = SbSign
|
||||
opts.signtool = 'sbsign'
|
||||
elif bool(opts.sb_cert_name):
|
||||
# sb_cert_name given, infer pesign and in case it was given, ensure signtool=pesign
|
||||
if opts.signtool and opts.signtool != PeSign:
|
||||
if opts.signtool and opts.signtool != 'pesign':
|
||||
raise ValueError(
|
||||
f'Cannot provide --signtool={opts.signtool} with --secureboot-certificate-name='
|
||||
)
|
||||
opts.signtool = PeSign
|
||||
opts.signtool = 'pesign'
|
||||
|
||||
if opts.signing_provider and opts.signtool != SystemdSbSign:
|
||||
if opts.signing_provider and opts.signtool != 'systemd-sbsign':
|
||||
raise ValueError('--signing-provider= can only be used with--signtool=systemd-sbsign')
|
||||
|
||||
if opts.certificate_provider and opts.signtool != SystemdSbSign:
|
||||
if opts.certificate_provider and opts.signtool != 'systemd-sbsign':
|
||||
raise ValueError('--certificate-provider= can only be used with--signtool=systemd-sbsign')
|
||||
|
||||
if opts.sign_kernel and not opts.sb_key and not opts.sb_cert_name:
|
||||
|
|
|
@ -23,6 +23,7 @@
|
|||
#include "user-util.h"
|
||||
#include "userdb.h"
|
||||
#include "verbs.h"
|
||||
#include "virt.h"
|
||||
|
||||
static enum {
|
||||
OUTPUT_CLASSIC,
|
||||
|
@ -139,10 +140,16 @@ static int show_user(UserRecord *ur, Table *table) {
|
|||
return 0;
|
||||
}
|
||||
|
||||
static bool test_show_mapped(void) {
|
||||
/* Show mapped user range only in environments where user mapping is a thing. */
|
||||
return running_in_userns() > 0;
|
||||
}
|
||||
|
||||
static const struct {
|
||||
uid_t first, last;
|
||||
const char *name;
|
||||
UserDisposition disposition;
|
||||
bool (*test)(void);
|
||||
} uid_range_table[] = {
|
||||
{
|
||||
.first = 1,
|
||||
|
@ -175,11 +182,12 @@ static const struct {
|
|||
.last = MAP_UID_MAX,
|
||||
.name = "mapped",
|
||||
.disposition = USER_REGULAR,
|
||||
.test = test_show_mapped,
|
||||
},
|
||||
};
|
||||
|
||||
static int table_add_uid_boundaries(Table *table, const UIDRange *p) {
|
||||
int r;
|
||||
int r, n_added = 0;
|
||||
|
||||
assert(table);
|
||||
|
||||
|
@ -192,6 +200,9 @@ static int table_add_uid_boundaries(Table *table, const UIDRange *p) {
|
|||
if (!uid_range_covers(p, i->first, i->last - i->first + 1))
|
||||
continue;
|
||||
|
||||
if (i->test && !i->test())
|
||||
continue;
|
||||
|
||||
name = strjoin(special_glyph(SPECIAL_GLYPH_ARROW_DOWN),
|
||||
" begin ", i->name, " users ",
|
||||
special_glyph(SPECIAL_GLYPH_ARROW_DOWN));
|
||||
|
@ -249,9 +260,11 @@ static int table_add_uid_boundaries(Table *table, const UIDRange *p) {
|
|||
TABLE_INT, 1); /* sort after any other entry with the same UID */
|
||||
if (r < 0)
|
||||
return table_log_add_error(r);
|
||||
|
||||
n_added += 2;
|
||||
}
|
||||
|
||||
return ELEMENTSOF(uid_range_table) * 2;
|
||||
return n_added;
|
||||
}
|
||||
|
||||
static int add_unavailable_uid(Table *table, uid_t start, uid_t end) {
|
||||
|
@ -565,16 +578,22 @@ static int show_group(GroupRecord *gr, Table *table) {
|
|||
}
|
||||
|
||||
static int table_add_gid_boundaries(Table *table, const UIDRange *p) {
|
||||
int r;
|
||||
int r, n_added = 0;
|
||||
|
||||
assert(table);
|
||||
|
||||
FOREACH_ELEMENT(i, uid_range_table) {
|
||||
_cleanup_free_ char *name = NULL, *comment = NULL;
|
||||
|
||||
if (!FLAGS_SET(arg_disposition_mask, UINT64_C(1) << i->disposition))
|
||||
continue;
|
||||
|
||||
if (!uid_range_covers(p, i->first, i->last - i->first + 1))
|
||||
continue;
|
||||
|
||||
if (i->test && !i->test())
|
||||
continue;
|
||||
|
||||
name = strjoin(special_glyph(SPECIAL_GLYPH_ARROW_DOWN),
|
||||
" begin ", i->name, " groups ",
|
||||
special_glyph(SPECIAL_GLYPH_ARROW_DOWN));
|
||||
|
@ -626,9 +645,11 @@ static int table_add_gid_boundaries(Table *table, const UIDRange *p) {
|
|||
TABLE_INT, 1); /* sort after any other entry with the same GID */
|
||||
if (r < 0)
|
||||
return table_log_add_error(r);
|
||||
|
||||
n_added += 2;
|
||||
}
|
||||
|
||||
return ELEMENTSOF(uid_range_table) * 2;
|
||||
return n_added;
|
||||
}
|
||||
|
||||
static int add_unavailable_gid(Table *table, uid_t start, uid_t end) {
|
||||
|
|
|
@ -2182,6 +2182,10 @@ static int run_virtual_machine(int kvm_device_fd, int vhost_device_fd) {
|
|||
|
||||
(void) sd_event_add_signal(event, NULL, (SIGRTMIN+18) | SD_EVENT_SIGNAL_PROCMASK, sigrtmin18_handler, NULL);
|
||||
|
||||
r = sd_event_add_memory_pressure(event, NULL, NULL, NULL);
|
||||
if (r < 0)
|
||||
log_debug_errno(r, "Failed allocate memory pressure event source, ignoring: %m");
|
||||
|
||||
/* Exit when the child exits */
|
||||
(void) event_add_child_pidref(event, NULL, &child_pidref, WEXITED, on_child_exit, NULL);
|
||||
|
||||
|
|
|
@ -960,10 +960,13 @@ exec $(systemctl cat systemd-networkd.service | sed -n '/^ExecStart=/ {{ s/^.*=/
|
|||
|
||||
# wait until devices got created
|
||||
for _ in range(50):
|
||||
out = subprocess.check_output(['ip', 'a', 'show', 'dev', self.if_router])
|
||||
if b'state UP' in out and b'scope global' in out:
|
||||
if subprocess.run(['ip', 'link', 'show', 'dev', self.if_router],
|
||||
stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL).returncode == 0:
|
||||
break
|
||||
time.sleep(0.1)
|
||||
else:
|
||||
subprocess.call(['ip', 'link', 'show', 'dev', self.if_router])
|
||||
self.fail('Timed out waiting for {ifr} created.'.format(ifr=self.if_router))
|
||||
|
||||
def shutdown_iface(self):
|
||||
'''Remove test interface and stop DHCP server'''
|
||||
|
|
|
@ -1712,18 +1712,18 @@ check_coverage_reports() {
|
|||
|
||||
# Create a coverage report that will later be uploaded. Remove info about system
|
||||
# libraries/headers and generated files, as we don't really care about them.
|
||||
lcov --directory "${root}/${BUILD_DIR:?}" --capture --exclude "*.gperf" --output-file "${dest}.new"
|
||||
lcov --ignore-errors inconsistent --directory "${root}/${BUILD_DIR:?}" --capture --exclude "*.gperf" --output-file "${dest}.new"
|
||||
if [[ -f "$dest" ]]; then
|
||||
# If the destination report file already exists, don't overwrite it, but
|
||||
# merge it with the already present one - this usually happens when
|
||||
# running both "parts" of a test in one run (the qemu and the nspawn part).
|
||||
lcov --add-tracefile "${dest}" --add-tracefile "${dest}.new" -o "${dest}"
|
||||
lcov --ignore-errors inconsistent --add-tracefile "${dest}" --add-tracefile "${dest}.new" -o "${dest}"
|
||||
else
|
||||
# If there's no prior coverage report, merge the new one with the base
|
||||
# report we did during the setup phase (see test_setup()).
|
||||
lcov --add-tracefile "${TESTDIR:?}/coverage-base" --add-tracefile "${dest}.new" -o "${dest}"
|
||||
lcov --ignore-errors inconsistent --add-tracefile "${TESTDIR:?}/coverage-base" --add-tracefile "${dest}.new" -o "${dest}"
|
||||
fi
|
||||
lcov --remove "$dest" -o "$dest" '/usr/include/*' '/usr/lib/*' "${BUILD_DIR:?}/*"
|
||||
lcov --ignore-errors inconsistent --remove "$dest" -o "$dest" '/usr/include/*' '/usr/lib/*' "${BUILD_DIR:?}/*"
|
||||
rm -f "${dest}.new"
|
||||
|
||||
# If the test logs contain lines like:
|
||||
|
|
|
@ -1,18 +0,0 @@
|
|||
# SPDX-License-Identifier: LGPL-2.1-or-later
|
||||
[Match]
|
||||
Name=router-low
|
||||
|
||||
[Network]
|
||||
IPv6AcceptRA=no
|
||||
IPv6SendRA=yes
|
||||
|
||||
[IPv6SendRA]
|
||||
# changed from low to high
|
||||
RouterPreference=high
|
||||
EmitDNS=no
|
||||
EmitDomains=no
|
||||
|
||||
[IPv6Prefix]
|
||||
Prefix=2002:da8:1:98::/64
|
||||
PreferredLifetimeSec=1000s
|
||||
ValidLifetimeSec=2100s
|
|
@ -1,18 +0,0 @@
|
|||
# SPDX-License-Identifier: LGPL-2.1-or-later
|
||||
[Match]
|
||||
Name=router-high
|
||||
|
||||
[Network]
|
||||
IPv6AcceptRA=no
|
||||
IPv6SendRA=yes
|
||||
|
||||
[IPv6SendRA]
|
||||
# changed from high to low
|
||||
RouterPreference=low
|
||||
EmitDNS=no
|
||||
EmitDomains=no
|
||||
|
||||
[IPv6Prefix]
|
||||
Prefix=2002:da8:1:99::/64
|
||||
PreferredLifetimeSec=1000s
|
||||
ValidLifetimeSec=2100s
|
|
@ -6391,6 +6391,27 @@ class NetworkdRATests(unittest.TestCase, Utilities):
|
|||
|
||||
self.check_ipv6_sysctl_attr('client', 'hop_limit', '43')
|
||||
|
||||
def check_router_preference(self, suffix, metric_1, preference_1, metric_2, preference_2):
|
||||
self.wait_online('client:routable')
|
||||
self.wait_address('client', f'2002:da8:1:99:1034:56ff:fe78:9a{suffix}/64', ipv='-6', timeout_sec=10)
|
||||
self.wait_address('client', f'2002:da8:1:98:1034:56ff:fe78:9a{suffix}/64', ipv='-6', timeout_sec=10)
|
||||
self.wait_route('client', rf'default nhid [0-9]* via fe80::1034:56ff:fe78:9a99 proto ra metric {metric_1}', ipv='-6', timeout_sec=10)
|
||||
self.wait_route('client', rf'default nhid [0-9]* via fe80::1034:56ff:fe78:9a98 proto ra metric {metric_2}', ipv='-6', timeout_sec=10)
|
||||
|
||||
print('### ip -6 route show dev client default')
|
||||
output = check_output('ip -6 route show dev client default')
|
||||
print(output)
|
||||
self.assertRegex(output, rf'default nhid [0-9]* via fe80::1034:56ff:fe78:9a99 proto ra metric {metric_1} expires [0-9]*sec pref {preference_1}')
|
||||
self.assertRegex(output, rf'default nhid [0-9]* via fe80::1034:56ff:fe78:9a98 proto ra metric {metric_2} expires [0-9]*sec pref {preference_2}')
|
||||
|
||||
for i in [100, 200, 300, 512, 1024, 2048]:
|
||||
if i not in [metric_1, metric_2]:
|
||||
self.assertNotIn(f'metric {i} ', output)
|
||||
|
||||
for i in ['low', 'medium', 'high']:
|
||||
if i not in [preference_1, preference_2]:
|
||||
self.assertNotIn(f'pref {i}', output)
|
||||
|
||||
def test_router_preference(self):
|
||||
copy_network_unit('25-veth-client.netdev',
|
||||
'25-veth-router-high.netdev',
|
||||
|
@ -6409,72 +6430,47 @@ class NetworkdRATests(unittest.TestCase, Utilities):
|
|||
|
||||
networkctl_reconfigure('client')
|
||||
self.wait_online('client:routable')
|
||||
self.check_router_preference('00', 512, 'high', 2048, 'low')
|
||||
|
||||
self.wait_address('client', '2002:da8:1:99:1034:56ff:fe78:9a00/64', ipv='-6', timeout_sec=10)
|
||||
self.wait_address('client', '2002:da8:1:98:1034:56ff:fe78:9a00/64', ipv='-6', timeout_sec=10)
|
||||
self.wait_route('client', r'default nhid [0-9]* via fe80::1034:56ff:fe78:9a99 proto ra metric 512', ipv='-6', timeout_sec=10)
|
||||
self.wait_route('client', r'default nhid [0-9]* via fe80::1034:56ff:fe78:9a98 proto ra metric 2048', ipv='-6', timeout_sec=10)
|
||||
|
||||
print('### ip -6 route show dev client default')
|
||||
output = check_output('ip -6 route show dev client default')
|
||||
print(output)
|
||||
self.assertRegex(output, r'default nhid [0-9]* via fe80::1034:56ff:fe78:9a99 proto ra metric 512 expires [0-9]*sec pref high')
|
||||
self.assertRegex(output, r'default nhid [0-9]* via fe80::1034:56ff:fe78:9a98 proto ra metric 2048 expires [0-9]*sec pref low')
|
||||
|
||||
# change the map from preference to metric.
|
||||
with open(os.path.join(network_unit_dir, '25-veth-client.network'), mode='a', encoding='utf-8') as f:
|
||||
f.write('\n[Link]\nMACAddress=12:34:56:78:9a:01\n[IPv6AcceptRA]\nRouteMetric=100:200:300\n')
|
||||
|
||||
networkctl_reload()
|
||||
self.wait_online('client:routable')
|
||||
|
||||
self.wait_address('client', '2002:da8:1:99:1034:56ff:fe78:9a01/64', ipv='-6', timeout_sec=10)
|
||||
self.wait_address('client', '2002:da8:1:98:1034:56ff:fe78:9a01/64', ipv='-6', timeout_sec=10)
|
||||
self.wait_route('client', r'default nhid [0-9]* via fe80::1034:56ff:fe78:9a99 proto ra metric 100', ipv='-6', timeout_sec=10)
|
||||
self.wait_route('client', r'default nhid [0-9]* via fe80::1034:56ff:fe78:9a98 proto ra metric 300', ipv='-6', timeout_sec=10)
|
||||
|
||||
print('### ip -6 route show dev client default')
|
||||
output = check_output('ip -6 route show dev client default')
|
||||
print(output)
|
||||
self.assertRegex(output, r'default nhid [0-9]* via fe80::1034:56ff:fe78:9a99 proto ra metric 100 expires [0-9]*sec pref high')
|
||||
self.assertRegex(output, r'default nhid [0-9]* via fe80::1034:56ff:fe78:9a98 proto ra metric 300 expires [0-9]*sec pref low')
|
||||
self.assertNotIn('metric 512', output)
|
||||
self.assertNotIn('metric 2048', output)
|
||||
self.check_router_preference('01', 100, 'high', 300, 'low')
|
||||
|
||||
# swap the preference (for issue #28439)
|
||||
remove_network_unit('25-veth-router-high.network', '25-veth-router-low.network')
|
||||
copy_network_unit('25-veth-router-high2.network', '25-veth-router-low2.network')
|
||||
with open(os.path.join(network_unit_dir, '25-veth-router-high.network'), mode='a', encoding='utf-8') as f:
|
||||
f.write('\n[IPv6SendRA]\nRouterPreference=low\n')
|
||||
with open(os.path.join(network_unit_dir, '25-veth-router-low.network'), mode='a', encoding='utf-8') as f:
|
||||
f.write('\n[IPv6SendRA]\nRouterPreference=high\n')
|
||||
networkctl_reload()
|
||||
self.wait_route('client', r'default nhid [0-9]* via fe80::1034:56ff:fe78:9a99 proto ra metric 300', ipv='-6', timeout_sec=10)
|
||||
self.wait_route('client', r'default nhid [0-9]* via fe80::1034:56ff:fe78:9a98 proto ra metric 100', ipv='-6', timeout_sec=10)
|
||||
|
||||
print('### ip -6 route show dev client default')
|
||||
output = check_output('ip -6 route show dev client default')
|
||||
print(output)
|
||||
self.assertRegex(output, r'default nhid [0-9]* via fe80::1034:56ff:fe78:9a99 proto ra metric 300 expires [0-9]*sec pref low')
|
||||
self.assertRegex(output, r'default nhid [0-9]* via fe80::1034:56ff:fe78:9a98 proto ra metric 100 expires [0-9]*sec pref high')
|
||||
self.assertNotRegex(output, r'default nhid [0-9]* via fe80::1034:56ff:fe78:9a99 proto ra metric 100')
|
||||
self.assertNotRegex(output, r'default nhid [0-9]* via fe80::1034:56ff:fe78:9a98 proto ra metric 300')
|
||||
self.assertNotIn('metric 512', output)
|
||||
self.assertNotIn('metric 2048', output)
|
||||
self.check_router_preference('01', 300, 'low', 100, 'high')
|
||||
|
||||
# Use the same preference, and check if the two routes are not coalesced. See issue #33470.
|
||||
with open(os.path.join(network_unit_dir, '25-veth-router-high2.network'), mode='a', encoding='utf-8') as f:
|
||||
with open(os.path.join(network_unit_dir, '25-veth-router-high.network'), mode='a', encoding='utf-8') as f:
|
||||
f.write('\n[IPv6SendRA]\nRouterPreference=medium\n')
|
||||
with open(os.path.join(network_unit_dir, '25-veth-router-low2.network'), mode='a', encoding='utf-8') as f:
|
||||
with open(os.path.join(network_unit_dir, '25-veth-router-low.network'), mode='a', encoding='utf-8') as f:
|
||||
f.write('\n[IPv6SendRA]\nRouterPreference=medium\n')
|
||||
networkctl_reload()
|
||||
self.wait_route('client', r'default nhid [0-9]* via fe80::1034:56ff:fe78:9a99 proto ra metric 200', ipv='-6', timeout_sec=10)
|
||||
self.wait_route('client', r'default nhid [0-9]* via fe80::1034:56ff:fe78:9a98 proto ra metric 200', ipv='-6', timeout_sec=10)
|
||||
self.check_router_preference('01', 200, 'medium', 200, 'medium')
|
||||
|
||||
print('### ip -6 route show dev client default')
|
||||
output = check_output('ip -6 route show dev client default')
|
||||
print(output)
|
||||
self.assertRegex(output, r'default nhid [0-9]* via fe80::1034:56ff:fe78:9a99 proto ra metric 200 expires [0-9]*sec pref medium')
|
||||
self.assertRegex(output, r'default nhid [0-9]* via fe80::1034:56ff:fe78:9a98 proto ra metric 200 expires [0-9]*sec pref medium')
|
||||
self.assertNotIn('pref high', output)
|
||||
self.assertNotIn('pref low', output)
|
||||
self.assertNotIn('metric 512', output)
|
||||
self.assertNotIn('metric 2048', output)
|
||||
# Use route options to configure default routes.
|
||||
# The preference specified in the RA header should be ignored. See issue #33468.
|
||||
with open(os.path.join(network_unit_dir, '25-veth-router-high.network'), mode='a', encoding='utf-8') as f:
|
||||
f.write('\n[IPv6SendRA]\nRouterPreference=high\n[IPv6RoutePrefix]\nRoute=::/0\nLifetimeSec=1200\n')
|
||||
with open(os.path.join(network_unit_dir, '25-veth-router-low.network'), mode='a', encoding='utf-8') as f:
|
||||
f.write('\n[IPv6SendRA]\nRouterPreference=low\n[IPv6RoutePrefix]\nRoute=::/0\nLifetimeSec=1200\n')
|
||||
networkctl_reload()
|
||||
self.check_router_preference('01', 200, 'medium', 200, 'medium')
|
||||
|
||||
# Set zero lifetime to the route options.
|
||||
# The preference specified in the RA header should be used.
|
||||
with open(os.path.join(network_unit_dir, '25-veth-router-high.network'), mode='a', encoding='utf-8') as f:
|
||||
f.write('LifetimeSec=0\n')
|
||||
with open(os.path.join(network_unit_dir, '25-veth-router-low.network'), mode='a', encoding='utf-8') as f:
|
||||
f.write('LifetimeSec=0\n')
|
||||
networkctl_reload()
|
||||
self.check_router_preference('01', 100, 'high', 300, 'low')
|
||||
|
||||
def _test_ndisc_vs_static_route(self, manage_foreign_nexthops):
|
||||
if not manage_foreign_nexthops:
|
||||
|
|
|
@ -0,0 +1,20 @@
|
|||
#!/usr/bin/env bash
|
||||
# SPDX-License-Identifier: LGPL-2.1-or-later
|
||||
|
||||
set -eux
|
||||
set -o pipefail
|
||||
|
||||
# shellcheck source=test/units/util.sh
|
||||
. "$(dirname "$0")"/util.sh
|
||||
|
||||
(! systemd-run --wait -p DynamicUser=yes \
|
||||
-p EnvironmentFile=-/usr/lib/systemd/systemd-asan-env \
|
||||
-p WorkingDirectory='~' true)
|
||||
|
||||
assert_eq "$(systemd-run --pipe --uid=root -p WorkingDirectory='~' pwd)" "/root"
|
||||
assert_eq "$(systemd-run --pipe --uid=nobody -p WorkingDirectory='~' pwd)" "/"
|
||||
assert_eq "$(systemd-run --pipe --uid=testuser -p WorkingDirectory='~' pwd)" "/home/testuser"
|
||||
|
||||
(! systemd-run --wait -p DynamicUser=yes -p User=testuser \
|
||||
-p EnvironmentFile=-/usr/lib/systemd/systemd-asan-env \
|
||||
-p WorkingDirectory='~' true)
|
|
@ -3,6 +3,14 @@
|
|||
set -eux
|
||||
set -o pipefail
|
||||
|
||||
if systemd-analyze compare-versions "$(nvme --version | grep libnvme | awk '{print $3}')" eq 1.11; then
|
||||
if grep -q "CONFIG_NVME_TCP_TLS is not set" "/boot/config-$(uname -r)" 2>/dev/null || grep -q "CONFIG_NVME_TCP_TLS is not set" "/usr/lib/modules/$(uname -r)/config" 2>/dev/null; then
|
||||
# See: https://github.com/linux-nvme/nvme-cli/issues/2573
|
||||
echo "nvme-cli is broken and requires TLS support in the kernel" >/skipped
|
||||
exit 77
|
||||
fi
|
||||
fi
|
||||
|
||||
/usr/lib/systemd/systemd-storagetm --list-devices
|
||||
|
||||
modprobe -v nvmet-tcp
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# the Free Software Foundation; either version 2.1 of the License, or
|
||||
# (at your option) any later version.
|
||||
|
||||
# See tmpfiles.d(5) for details
|
||||
# See tmpfiles.d(5) for details.
|
||||
|
||||
{% if LINK_SHELL_EXTRA_DROPIN %}
|
||||
L$ {{SHELLPROFILEDIR}}/70-systemd-shell-extra.sh - - - - {{LIBEXECDIR}}/profile.d/70-systemd-shell-extra.sh
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# the Free Software Foundation; either version 2.1 of the License, or
|
||||
# (at your option) any later version.
|
||||
|
||||
# See tmpfiles.d(5) for details
|
||||
# See tmpfiles.d(5) for details.
|
||||
|
||||
{% if LINK_SSH_PROXY_DROPIN %}
|
||||
L$ {{SSHCONFDIR}}/20-systemd-ssh-proxy.conf - - - - {{LIBEXECDIR}}/ssh_config.d/20-systemd-ssh-proxy.conf
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# the Free Software Foundation; either version 2.1 of the License, or
|
||||
# (at your option) any later version.
|
||||
|
||||
# See tmpfiles.d(5) for details
|
||||
# See tmpfiles.d(5) for details.
|
||||
|
||||
# Copy systemd-stub provided metadata such as PCR signature and public key file
|
||||
# from initrd into /run/, so that it will survive the initrd stage
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# the Free Software Foundation; either version 2.1 of the License, or
|
||||
# (at your option) any later version.
|
||||
|
||||
# See tmpfiles.d(5) for details
|
||||
# See tmpfiles.d(5) for details.
|
||||
|
||||
{% if LINK_SSHD_USERDB_DROPIN %}
|
||||
L {{SSHDCONFDIR}}/20-systemd-userdb.conf - - - - {{LIBEXECDIR}}/sshd_config.d/20-systemd-userdb.conf
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# the Free Software Foundation; either version 2.1 of the License, or
|
||||
# (at your option) any later version.
|
||||
|
||||
# See tmpfiles.d(5) for details
|
||||
# See tmpfiles.d(5) for details.
|
||||
|
||||
d /etc/credstore 0700 root root
|
||||
d /etc/credstore.encrypted 0700 root root
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# the Free Software Foundation; either version 2.1 of the License, or
|
||||
# (at your option) any later version.
|
||||
|
||||
# See tmpfiles.d(5) for details
|
||||
# See tmpfiles.d(5) for details.
|
||||
|
||||
L /etc/os-release - - - - ../usr/lib/os-release
|
||||
L+ /etc/mtab - - - - ../proc/self/mounts
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# the Free Software Foundation; either version 2.1 of the License, or
|
||||
# (at your option) any later version.
|
||||
|
||||
# See tmpfiles.d(5) for details
|
||||
# See tmpfiles.d(5) for details.
|
||||
|
||||
Q /home 0755 - - -
|
||||
q /srv 0755 - - -
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# the Free Software Foundation; either version 2.1 of the License, or
|
||||
# (at your option) any later version.
|
||||
|
||||
# See tmpfiles.d(5) for details
|
||||
# See tmpfiles.d(5) for details.
|
||||
|
||||
# Set the NOCOW attribute for directories of journal files. This flag
|
||||
# is inherited by their new files and sub-directories. Matters only
|
||||
|
|
|
@ -5,26 +5,28 @@
|
|||
# the Free Software Foundation; either version 2.1 of the License, or
|
||||
# (at your option) any later version.
|
||||
|
||||
# See tmpfiles.d(5) for details
|
||||
# See tmpfiles.d(5) for details.
|
||||
|
||||
# These files are considered legacy and are unnecessary on legacy-free
|
||||
# systems.
|
||||
# The functionality provided by these files and directories has been replaced
|
||||
# by newer interfaces. Their use is discouraged on legacy-free systems. This
|
||||
# configuration is provided to maintain backward compatibility.
|
||||
|
||||
d /run/lock 0755 root root -
|
||||
L /var/lock - - - - ../run/lock
|
||||
|
||||
{% if HAVE_SYSV_COMPAT %}
|
||||
{% if CREATE_LOG_DIRS %}
|
||||
L$ /var/log/README - - - - ../..{{DOC_DIR}}/README.logs
|
||||
{% endif %}
|
||||
|
||||
# /run/lock/subsys is used for serializing SysV service execution, and
|
||||
# hence without use on SysV-less systems.
|
||||
|
||||
d /run/lock/subsys 0755 root root -
|
||||
|
||||
# /forcefsck, /fastboot and /forcequotacheck are deprecated in favor of the
|
||||
# kernel command line options 'fsck.mode=force', 'fsck.mode=skip' and
|
||||
# 'quotacheck.mode=force'
|
||||
|
||||
r! /forcefsck
|
||||
r! /fastboot
|
||||
r! /forcequotacheck
|
||||
{% endif %}
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue