Compare commits

..

1 Commits

Author SHA1 Message Date
talisein 23d206ce4d
Merge 353f417f48 into 5da7e9b208 2024-11-12 17:52:27 +08:00
189 changed files with 102871 additions and 105503 deletions

93
NEWS
View File

@ -399,15 +399,6 @@ CHANGES WITH 257 in spe:
be extended, and a --measure-base= switch to support measurement
of multi-profile UKIs.
* ukify gained a --certificate-provider switch to use an OpenSSL
provider to load the certificate used to sign artifacts, instead of
having to provide the path to a file on disk.
* bootctl, systemd-keyutil, systemd-measure, systemd-repart, and
systemd-sbsign gained a new --certificate-source switch that allows
loading the X.509 certificate from an OpenSSL provider instead of a
file system path.
* systemd-boot's menu will now react to volume up/down rocker presses
the same way as to arrow up/down presses: they move the menu item up
or down. This is useful on device form factors that have only a
@ -446,9 +437,6 @@ CHANGES WITH 257 in spe:
and providers, with pin caching support for PKCS11. ukify supports it
as an alternative to sbsigntool and pesign.
* A new systemd-keyutil tool has been added, that can be used to perform
various operations on private keys and X.509 certificates.
The journal:
* journalctl can now list invocations of a unit with the
@ -764,38 +752,36 @@ CHANGES WITH 257 in spe:
other cases EnterNamespace= might be an suitable approach to acquire
symbolized backtraces.)
Contributions from: 12paper, A. Wilcox, Abderrahim Kitouni,
Adrian Vovk, Alain Greppin, Allison Karlitskaya, Alyssa Ross,
Anders Jonsson, Andika Triwidada, Andres Beltran, Anouk Ceyssens,
Anselm Schueler, Anton Golubev, Antonio Alvarez Feijoo,
Arian van Putten, Arnaud Patard, Arthur Shau, Bastien Nocera,
Benjamin ROBIN, Brenton Simpson, Bryan Gurney, ButterflyOfFire,
Carlo Teubner, Celeste Liu, Chen Guanqiao, Chen Qi, Chengen Du,
Christoph Anton Mitterer, Colin Foster, Collin L,
Cristian Rodríguez, Daan De Meyer, Dan Nicholson, Daniel Dawson,
Daniel Martinez, Daniel P. Berrangé, Daniel Rusek,
Darsey Litzenberger, David Joaquín Shourabi Porcel,
David Michael, David Rheinsberg, David Tardon, Davide Cavalca,
Derek J. Clark, Diego Viola, Dimitrys Meliates, Diogo Ivo,
DocNITE, Dominique Martinet, Dr. David Alan Gilbert,
Edson Juliano Drosdeck, Erik Sjölund, Etienne Champetier,
Etienne Cordonnier, Ettore Atalan, Eugeny Shcheglov, Fabian Vogt,
Filip Lewiński, Florian Schmaus, Franck Bui, Frantisek Sumsal,
Fábio Rodrigues Ribeiro, Gabriel Elyas, Gaël PORTAY,
Giovanni Baratta, Gregor Herburger, Gregory Arenius, GwynBleidD,
Göran Uddeborg, Hans de Goede, Helmut Grohne, Henry Chen,
Ian Abbott, Integral, Ivan Kruglov, Ivan Shapovalov, James Coglan,
James Hilliard, James Muir, Jason Yundt, Jeffrey Bosboom,
Jian Zhang, Johannes Schneider, John A. Leuenhagen,
Jose Ignacio Tornos Martinez, JoseskVolpe, Joshua Grisham,
Jörg Behrmann, Kai-Chuan Hsieh, Kamil Szczęk, Karel Zak,
Kornilios Kourtis, Kuntal Majumder, Lennart Poettering,
Lidong Zhong, Luca Boccassi, Lucas Adriano Salles,
Lucas Werkmeister, Ludwig Nussel, Luke T. Shumaker,
Lukáš Nykrýn, Luna Jernberg, Léane GRASSER, Maanya Goenka,
Mantas Mikulėnas, Marc Reisner, Marcel Hellwig, Marin Kresic,
Marius Hoch, Martin Srebotnjak, Martin Wilck, Mary Strodl,
Matteo Croce, Matthias Lisin, Matthias Schiffer,
Contributions from: A. Wilcox, Abderrahim Kitouni, Adrian Vovk,
Alain Greppin, Allison Karlitskaya, Alyssa Ross, Anders Jonsson,
Andika Triwidada, Andres Beltran, Anouk Ceyssens, Anton Golubev,
Antonio Alvarez Feijoo, Arian van Putten, Arnaud Patard,
Arthur Shau, Bastien Nocera, Benjamin ROBIN, Brenton Simpson,
Bryan Gurney, ButterflyOfFire, Carlo Teubner, Celeste Liu,
Chen Guanqiao, Chen Qi, Chengen Du, Christoph Anton Mitterer,
Colin Foster, Collin L, Cristian Rodríguez, Daan De Meyer,
Dan Nicholson, Daniel Dawson, Daniel Martinez,
Daniel P. Berrangé, Daniel Rusek, Darsey Litzenberger,
David Joaquín Shourabi Porcel, David Michael, David Rheinsberg,
David Tardon, Davide Cavalca, Derek J. Clark, Diego Viola,
Dimitrys Meliates, Diogo Ivo, DocNITE, Dominique Martinet,
Dr. David Alan Gilbert, Edson Juliano Drosdeck, Erik Sjölund,
Etienne Champetier, Etienne Cordonnier, Ettore Atalan,
Eugeny Shcheglov, Fabian Vogt, Filip Lewiński, Florian Schmaus,
Franck Bui, Frantisek Sumsal, Fábio Rodrigues Ribeiro,
Gabriel Elyas, Gaël PORTAY, Giovanni Baratta, Gregor Herburger,
Gregory Arenius, GwynBleidD, Göran Uddeborg, Hans de Goede,
Helmut Grohne, Henry Chen, Ian Abbott, Integral, Ivan Kruglov,
Ivan Shapovalov, James Coglan, James Hilliard, James Muir,
Jason Yundt, Jeffrey Bosboom, Johannes Schneider,
John A. Leuenhagen, Jose Ignacio Tornos Martinez, JoseskVolpe,
Joshua Grisham, Jörg Behrmann, Kai-Chuan Hsieh, Kamil Szczęk,
Karel Zak, Kornilios Kourtis, Kuntal Majumder, Lennart Poettering,
Luca Boccassi, Lucas Adriano Salles, Lucas Werkmeister,
Ludwig Nussel, Luke T. Shumaker, Lukáš Nykrýn, Léane GRASSER,
Maanya Goenka, Mantas Mikulėnas, Marc Reisner, Marcel Hellwig,
Marin Kresic, Marius Hoch, Martin Srebotnjak, Martin Wilck,
Mary Strodl, Matteo Croce, Matthias Lisin, Matthias Schiffer,
Matthieu Baerts (NGI0), Matthieu CHARETTE,
Mauri de Souza Meneguzzo, Maximilian Wilhelm, Merlin Jehli,
Michael Ferrari, Michal Koutný, Michal Sekletár,
@ -809,17 +795,16 @@ CHANGES WITH 257 in spe:
Stuart Hayhurst, Susant Sahani, Takeo Kondo, Temuri Doghonadze,
Thomas Blume, Thorsten Scherer, Tobias Fleig, Tom Coldrick,
Tom Yan, Tomas Bzatek, Topi Miettinen, Uday Shankar,
Valentin David, Vasiliy Kovalev, Vitaly Kuznetsov, Vito Caputo,
Vladimir Panteleev, Vursc, Will Fancher, WilliButz, Xeonacid,
Yanqing Jing, Yu Watanabe, Yuri Chornoivan, ZHANG Yuntian,
Zbigniew Jędrzejewski-Szmek, Zhou Qiankang, andre4ik3, anonymix007,
bryango, chayleaf, chenjiayi, csp5me, cvlc12, fwfy, hugo303,
jan@neighbourhood.ie, jauge-technica, lumingzh, maia x., marginaldev,
migleeson, nerdopolis, oldherl, pyfisch, q66, rajmohan r, reDBo0n,
rhellstrom, rindeal, samuelvw01, sinus-x, tfg13, vdovhanych, xujing,
Łukasz Stelmach, Štěpán Němec, Дамјан Георгиевски
Vasiliy Kovalev, Vitaly Kuznetsov, Vito Caputo, Vladimir Panteleev,
Will Fancher, WilliButz, Xeonacid, Yanqing Jing, Yu Watanabe,
Yuri Chornoivan, ZHANG Yuntian, Zbigniew Jędrzejewski-Szmek,
Zhou Qiankang, anonymix007, bryango, chayleaf, chenjiayi, csp5me,
cvlc12, fwfy, hugo303, jan@neighbourhood.ie, jauge-technica, lumingzh,
maia x., marginaldev, migleeson, nerdopolis, oldherl, pyfisch, q66,
rajmohan r, reDBo0n, rhellstrom, rindeal, samuelvw01, sinus-x, tfg13,
vdovhanych, xujing, Łukasz Stelmach, Дамјан Георгиевски
— Edinburgh, 2024-11-15
— Edinburgh, 2024-11-06
CHANGES WITH 256:

16
TODO
View File

@ -129,20 +129,6 @@ Deprecations and removals:
Features:
* Teach systemd-ssh-generator to generated an /run/issue.d/ drop-in telling
users how to connect to the system via the AF_VSOCK, as per:
https://github.com/systemd/systemd/issues/35071#issuecomment-2462803142
* maybe introduce an OSC sequence that signals when we ask for a password, so
that terminal emulators can maybe connect a password manager or so, and
highlight things specially.
* Port pidref_namespace_open() to use PIDFD_GET_MNT_NAMESPACE and related
ioctls to get nsfds directly from pidfds.
* start using STATX_SUBVOL in btrfs_is_subvol(). Also, make use of it
generically, so that image discovery recognizes bcachefs subvols too.
* format-table: introduce new cell type for strings with ansi sequences in
them. display them in regular output mode (via strip_tab_ansi()), but
suppress them in json mode.
@ -2064,7 +2050,7 @@ Features:
with other units https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/Documentation/admin-guide/hw-vuln/core-scheduling.rst
- ExtensionImages= deduplication for services is currently only applied to disk images without GPT envelope.
This should be extended to work with proper DDIs too, as well as directory confext/sysext. Moreover,
system-wide confext/sysext should support this too.
system-wide confex/sysext should support this too.
- Pin the mount namespace via FD by sending it back from sd-exec to the manager, and use it
for live mounting, instead of doing it via PID

View File

@ -36123,7 +36123,7 @@ OUI:00A044*
ID_OUI_FROM_DATABASE=NTT IT CO., LTD.
OUI:00A045*
ID_OUI_FROM_DATABASE=Phoenix Contact GmbH & Co. KG
ID_OUI_FROM_DATABASE=PHOENIX CONTACT Electronics GmbH
OUI:00A046*
ID_OUI_FROM_DATABASE=SCITEX CORP. LTD.
@ -40088,9 +40088,6 @@ OUI:044707*
OUI:04472A*
ID_OUI_FROM_DATABASE=Palo Alto Networks
OUI:0447CA*
ID_OUI_FROM_DATABASE=GREE ELECTRIC APPLIANCES, INC. OF ZHUHAI
OUI:04489A*
ID_OUI_FROM_DATABASE=Apple, Inc.
@ -40559,9 +40556,6 @@ OUI:04AC44*
OUI:04AEC7*
ID_OUI_FROM_DATABASE=Marquardt
OUI:04B066*
ID_OUI_FROM_DATABASE=Private
OUI:04B0E7*
ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD
@ -43064,30 +43058,12 @@ OUI:0C47A90*
OUI:0C47A91*
ID_OUI_FROM_DATABASE=Shanghai BST Electric Co.,ltd
OUI:0C47A92*
ID_OUI_FROM_DATABASE=Annapurna labs
OUI:0C47A93*
ID_OUI_FROM_DATABASE=HONGKONG STONEOIM TECHNOLOGY LIMITED
OUI:0C47A94*
ID_OUI_FROM_DATABASE=Private
OUI:0C47A95*
ID_OUI_FROM_DATABASE=Everon Co., Ltd.
OUI:0C47A96*
ID_OUI_FROM_DATABASE=Shenzhen Hahappylife Innovations Electronics Technology Co.,Ltd
OUI:0C47A97*
ID_OUI_FROM_DATABASE=Annapurna labs
OUI:0C47A98*
ID_OUI_FROM_DATABASE=Honest Networks LLC
OUI:0C47A99*
ID_OUI_FROM_DATABASE=Shanghai Sigen New Energy Technology Co., Ltd
OUI:0C47A9A*
ID_OUI_FROM_DATABASE=Lens Technology (Xiangtan) Co.,Ltd
@ -43100,9 +43076,6 @@ OUI:0C47A9C*
OUI:0C47A9D*
ID_OUI_FROM_DATABASE=DIG_LINK
OUI:0C47A9E*
ID_OUI_FROM_DATABASE=BGResearch
OUI:0C47C9*
ID_OUI_FROM_DATABASE=Amazon Technologies Inc.
@ -43625,9 +43598,6 @@ OUI:0C9301*
OUI:0C938F*
ID_OUI_FROM_DATABASE=GUANGDONG OPPO MOBILE TELECOMMUNICATIONS CORP.,LTD
OUI:0C93A5*
ID_OUI_FROM_DATABASE=eero inc.
OUI:0C93FB*
ID_OUI_FROM_DATABASE=BNS Solutions
@ -44057,9 +44027,6 @@ OUI:0CEC84*
OUI:0CEC8D*
ID_OUI_FROM_DATABASE=Motorola Mobility LLC, a Lenovo Company
OUI:0CED71*
ID_OUI_FROM_DATABASE=Extreme Networks Headquarters
OUI:0CEDC8*
ID_OUI_FROM_DATABASE=Xiaomi Communications Co Ltd
@ -46244,9 +46211,6 @@ OUI:147F67*
OUI:147FCE*
ID_OUI_FROM_DATABASE=Apple, Inc.
OUI:1480CC*
ID_OUI_FROM_DATABASE=Quectel Wireless Solutions Co.,Ltd.
OUI:14825B*
ID_OUI_FROM_DATABASE=Hefei Radio Communication Technology Co., Ltd
@ -47333,9 +47297,6 @@ OUI:1869DA*
OUI:186A81*
ID_OUI_FROM_DATABASE=Sagemcom Broadband SAS
OUI:186BE2*
ID_OUI_FROM_DATABASE=LYLINK LIMITED
OUI:186D99*
ID_OUI_FROM_DATABASE=Adanis Inc.
@ -48599,9 +48560,6 @@ OUI:1C4D70*
OUI:1C4D89*
ID_OUI_FROM_DATABASE=Hangzhou Huacheng Network Technology Co.,Ltd
OUI:1C4EA2*
ID_OUI_FROM_DATABASE=Shenzhen V-Link Technology CO., LTD.
OUI:1C501E*
ID_OUI_FROM_DATABASE=Sunplus Technology Co., Ltd.
@ -48851,9 +48809,6 @@ OUI:1C77F6*
OUI:1C7839*
ID_OUI_FROM_DATABASE=Shenzhen Tencent Computer System Co., Ltd.
OUI:1C784B*
ID_OUI_FROM_DATABASE=Bouffalo Lab (Nanjing) Co., Ltd.
OUI:1C784E*
ID_OUI_FROM_DATABASE=China Mobile Iot Limited company
@ -49190,9 +49145,6 @@ OUI:1C937C*
OUI:1C93C4*
ID_OUI_FROM_DATABASE=Amazon Technologies Inc.
OUI:1C9468*
ID_OUI_FROM_DATABASE=New H3C Technologies Co., Ltd
OUI:1C9492*
ID_OUI_FROM_DATABASE=RUAG Schweiz AG
@ -51383,9 +51335,6 @@ OUI:24470E*
OUI:244845*
ID_OUI_FROM_DATABASE=Hangzhou Hikvision Digital Technology Co.,Ltd.
OUI:244885*
ID_OUI_FROM_DATABASE=Huawei Device Co., Ltd.
OUI:24497B*
ID_OUI_FROM_DATABASE=Innovative Converged Devices Inc
@ -53438,9 +53387,6 @@ OUI:28DB81*
OUI:28DBA7*
ID_OUI_FROM_DATABASE=Silicon Laboratories
OUI:28DE1C*
ID_OUI_FROM_DATABASE=Samsung Electronics Co.,Ltd
OUI:28DE59*
ID_OUI_FROM_DATABASE=Domus NTW CORP.
@ -54450,7 +54396,7 @@ OUI:2C691D3*
ID_OUI_FROM_DATABASE=Sunsa, Inc
OUI:2C691D4*
ID_OUI_FROM_DATABASE=SPEEDTECH CORP. JIO
ID_OUI_FROM_DATABASE=SPEEDTECH CORP.
OUI:2C691D5*
ID_OUI_FROM_DATABASE=LG Electronics Inc.
@ -55226,9 +55172,6 @@ OUI:2CFFEE*
OUI:3000FC*
ID_OUI_FROM_DATABASE=Nokia
OUI:3001AF*
ID_OUI_FROM_DATABASE=Cisco Systems, Inc
OUI:3003C8*
ID_OUI_FROM_DATABASE=CLOUD NETWORK TECHNOLOGY SINGAPORE PTE. LTD.
@ -56402,9 +56345,6 @@ OUI:30E3D6*
OUI:30E48E*
ID_OUI_FROM_DATABASE=Vodafone UK
OUI:30E4D8*
ID_OUI_FROM_DATABASE=Huawei Device Co., Ltd.
OUI:30E4DB*
ID_OUI_FROM_DATABASE=Cisco Systems, Inc
@ -56420,9 +56360,6 @@ OUI:30E98E*
OUI:30EA26*
ID_OUI_FROM_DATABASE=Sycada BV
OUI:30EB15*
ID_OUI_FROM_DATABASE=Huawei Device Co., Ltd.
OUI:30EB1F*
ID_OUI_FROM_DATABASE=Skylab M&C Technology Co.,Ltd
@ -57200,9 +57137,6 @@ OUI:346F92*
OUI:346FED*
ID_OUI_FROM_DATABASE=Enovation Controls
OUI:347069*
ID_OUI_FROM_DATABASE=Cisco Systems, Inc
OUI:347146*
ID_OUI_FROM_DATABASE=Huawei Device Co., Ltd.
@ -57953,9 +57887,6 @@ OUI:34F39A*
OUI:34F39B*
ID_OUI_FROM_DATABASE=WizLAN Ltd.
OUI:34F5D7*
ID_OUI_FROM_DATABASE=Huawei Device Co., Ltd.
OUI:34F62D*
ID_OUI_FROM_DATABASE=SHARP Corporation
@ -58451,9 +58382,6 @@ OUI:384C4F*
OUI:384C90*
ID_OUI_FROM_DATABASE=Commscope
OUI:384DD2*
ID_OUI_FROM_DATABASE=Huawei Device Co., Ltd.
OUI:384F49*
ID_OUI_FROM_DATABASE=Juniper Networks
@ -60722,9 +60650,6 @@ OUI:3CE624*
OUI:3CE824*
ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD
OUI:3CE86E*
ID_OUI_FROM_DATABASE=Hewlett Packard Enterprise
OUI:3CE90E*
ID_OUI_FROM_DATABASE=Espressif Inc.
@ -63059,9 +62984,6 @@ OUI:44AAE8*
OUI:44AAF5*
ID_OUI_FROM_DATABASE=Commscope
OUI:44AC85*
ID_OUI_FROM_DATABASE=eero inc.
OUI:44AD19*
ID_OUI_FROM_DATABASE=XINGFEI H.KLIMITED
@ -63434,9 +63356,6 @@ OUI:44F477*
OUI:44F4E7*
ID_OUI_FROM_DATABASE=Cohesity Inc
OUI:44F53E*
ID_OUI_FROM_DATABASE=Earda Technologies co Ltd
OUI:44F770*
ID_OUI_FROM_DATABASE=Beijing Xiaomi Mobile Software Co., Ltd
@ -67529,9 +67448,6 @@ OUI:50E039*
OUI:50E085*
ID_OUI_FROM_DATABASE=Intel Corporate
OUI:50E099*
ID_OUI_FROM_DATABASE=HangZhou Atuo Future Technology Co., Ltd
OUI:50E0C7*
ID_OUI_FROM_DATABASE=TurControlSystme AG
@ -68321,9 +68237,6 @@ OUI:547D40*
OUI:547DCD*
ID_OUI_FROM_DATABASE=Texas Instruments
OUI:547E1A*
ID_OUI_FROM_DATABASE=Kaon Group Co., Ltd.
OUI:547F54*
ID_OUI_FROM_DATABASE=INGENICO
@ -70028,9 +69941,6 @@ OUI:58DB8D*
OUI:58DC6D*
ID_OUI_FROM_DATABASE=Exceptional Innovation, Inc.
OUI:58DF59*
ID_OUI_FROM_DATABASE=Cisco Systems, Inc
OUI:58E02C*
ID_OUI_FROM_DATABASE=Micro Technic A/S
@ -70175,9 +70085,6 @@ OUI:58F987*
OUI:58F98E*
ID_OUI_FROM_DATABASE=SECUDOS GmbH
OUI:58FB3E*
ID_OUI_FROM_DATABASE=Huawei Device Co., Ltd.
OUI:58FB84*
ID_OUI_FROM_DATABASE=Intel Corporate
@ -74531,9 +74438,6 @@ OUI:684F64*
OUI:68505D*
ID_OUI_FROM_DATABASE=Halo Technologies
OUI:68508C*
ID_OUI_FROM_DATABASE=Shanghai Sunmi Technology Co.,Ltd.
OUI:685134*
ID_OUI_FROM_DATABASE=Hewlett Packard Enterprise
@ -74945,9 +74849,6 @@ OUI:689A87*
OUI:689AB7*
ID_OUI_FROM_DATABASE=Atelier Vision Corporation
OUI:689B43*
ID_OUI_FROM_DATABASE=Huawei Device Co., Ltd.
OUI:689C5E*
ID_OUI_FROM_DATABASE=AcSiP Technology Corp.
@ -94557,7 +94458,7 @@ OUI:7CBD06*
ID_OUI_FROM_DATABASE=AE REFUsol
OUI:7CBF77*
ID_OUI_FROM_DATABASE=SPEEDTECH CORP. JIO
ID_OUI_FROM_DATABASE=SPEEDTECH CORP.
OUI:7CBF88*
ID_OUI_FROM_DATABASE=Mobilicom LTD
@ -95201,9 +95102,6 @@ OUI:802E14*
OUI:802EC3*
ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD
OUI:802EDE*
ID_OUI_FROM_DATABASE=Huawei Device Co., Ltd.
OUI:802FDE*
ID_OUI_FROM_DATABASE=Zurich Instruments AG
@ -95279,9 +95177,6 @@ OUI:803C20*
OUI:803E48*
ID_OUI_FROM_DATABASE=SHENZHEN GONGJIN ELECTRONICS CO.,LT
OUI:803E4F*
ID_OUI_FROM_DATABASE=GD Midea Air-Conditioning Equipment Co.,Ltd.
OUI:803F5D*
ID_OUI_FROM_DATABASE=Winstars Technology Ltd
@ -95531,9 +95426,6 @@ OUI:8077A4*
OUI:807871*
ID_OUI_FROM_DATABASE=ASKEY COMPUTER CORP
OUI:807933*
ID_OUI_FROM_DATABASE=Aigentec Technology(Zhejiang) Co., Ltd.
OUI:80795D*
ID_OUI_FROM_DATABASE=Infinix mobility limited
@ -97898,9 +97790,6 @@ OUI:884477*
OUI:8844F6*
ID_OUI_FROM_DATABASE=Nokia Corporation
OUI:8845F0*
ID_OUI_FROM_DATABASE=GUANGDONG GENIUS TECHNOLOGY CO., LTD.
OUI:884604*
ID_OUI_FROM_DATABASE=Xiaomi Communications Co Ltd
@ -99683,9 +99572,6 @@ OUI:8C1F64154*
OUI:8C1F64155*
ID_OUI_FROM_DATABASE=SLAT
OUI:8C1F64159*
ID_OUI_FROM_DATABASE=Mediana Co., Ltd.
OUI:8C1F6415A*
ID_OUI_FROM_DATABASE=ASHIDA Electronics Pvt. Ltd
@ -99812,9 +99698,6 @@ OUI:8C1F641B9*
OUI:8C1F641BB*
ID_OUI_FROM_DATABASE=Renwei Electronics Technology (Shenzhen) Co.,LTD.
OUI:8C1F641BC*
ID_OUI_FROM_DATABASE=Transit Solutions, LLC.
OUI:8C1F641BD*
ID_OUI_FROM_DATABASE=DORLET SAU
@ -99914,9 +99797,6 @@ OUI:8C1F64203*
OUI:8C1F64204*
ID_OUI_FROM_DATABASE=castcore
OUI:8C1F64206*
ID_OUI_FROM_DATABASE=KRYFS TECHNOLOGIES PRIVATE LIMITED
OUI:8C1F64208*
ID_OUI_FROM_DATABASE=Sichuan AnSphere Technology Co. Ltd.
@ -100493,9 +100373,6 @@ OUI:8C1F64392*
OUI:8C1F64393*
ID_OUI_FROM_DATABASE=GRE SYSTEM INC.
OUI:8C1F64394*
ID_OUI_FROM_DATABASE=Ceranext Ltd
OUI:8C1F64395*
ID_OUI_FROM_DATABASE=Beijing Ceresdata Technology Co., LTD
@ -100688,9 +100565,6 @@ OUI:8C1F64417*
OUI:8C1F64419*
ID_OUI_FROM_DATABASE=Naval Group
OUI:8C1F6441B*
ID_OUI_FROM_DATABASE=ENERGY POWER PRODUCTS LIMITED
OUI:8C1F6441C*
ID_OUI_FROM_DATABASE=KSE GmbH
@ -102140,9 +102014,6 @@ OUI:8C1F64803*
OUI:8C1F64804*
ID_OUI_FROM_DATABASE=EA Elektro-Automatik
OUI:8C1F64806*
ID_OUI_FROM_DATABASE=Matrixspace
OUI:8C1F64807*
ID_OUI_FROM_DATABASE=GIORDANO CONTROLS SPA
@ -102749,9 +102620,6 @@ OUI:8C1F649B3*
OUI:8C1F649B6*
ID_OUI_FROM_DATABASE=GS Elektromedizinsiche Geräte G. Stemple GmbH
OUI:8C1F649B8*
ID_OUI_FROM_DATABASE=Makel Elektrik Malzemeleri A.Ş.
OUI:8C1F649B9*
ID_OUI_FROM_DATABASE=QUERCUS TECHNOLOGIES, S.L.
@ -104498,9 +104366,6 @@ OUI:8C1F64E80*
OUI:8C1F64E86*
ID_OUI_FROM_DATABASE=ComVetia AG
OUI:8C1F64E88*
ID_OUI_FROM_DATABASE=SiFive Inc
OUI:8C1F64E89*
ID_OUI_FROM_DATABASE=PADL Software Pty Ltd
@ -104963,9 +104828,6 @@ OUI:8C1F64FDA*
OUI:8C1F64FDC*
ID_OUI_FROM_DATABASE=Nuphoton Technologies
OUI:8C1F64FDF*
ID_OUI_FROM_DATABASE=Potter Electric Signal Company
OUI:8C1F64FE0*
ID_OUI_FROM_DATABASE=Potter Electric Signal Company
@ -108386,9 +108248,6 @@ OUI:94A04E*
OUI:94A07D*
ID_OUI_FROM_DATABASE=Huawei Device Co., Ltd.
OUI:94A081*
ID_OUI_FROM_DATABASE=Silicon Laboratories
OUI:94A1A2*
ID_OUI_FROM_DATABASE=AMPAK Technology, Inc.
@ -109253,9 +109112,6 @@ OUI:981E0F*
OUI:981E19*
ID_OUI_FROM_DATABASE=Sagemcom Broadband SAS
OUI:981E89*
ID_OUI_FROM_DATABASE=Tianyi Telecom Terminals Company Limited
OUI:981FB1*
ID_OUI_FROM_DATABASE=Shenzhen Lemon Network Technology Co.,Ltd
@ -109985,9 +109841,6 @@ OUI:98A404*
OUI:98A40E*
ID_OUI_FROM_DATABASE=Snap, Inc.
OUI:98A44E*
ID_OUI_FROM_DATABASE=IEC Technologies S. de R.L de C.V.
OUI:98A5F9*
ID_OUI_FROM_DATABASE=Apple, Inc.
@ -111422,9 +111275,6 @@ OUI:9CB793*
OUI:9CB8B4*
ID_OUI_FROM_DATABASE=AMPAK Technology,Inc.
OUI:9CBAC9*
ID_OUI_FROM_DATABASE=Telit Communication s.p.a
OUI:9CBB98*
ID_OUI_FROM_DATABASE=Shen Zhen RND Electronic Co.,LTD
@ -111860,9 +111710,6 @@ OUI:A00BBA*
OUI:A00CA1*
ID_OUI_FROM_DATABASE=SKTB SKiT
OUI:A00CE2*
ID_OUI_FROM_DATABASE=Shenzhen Shokz Co., Ltd.
OUI:A00E98*
ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD
@ -113954,9 +113801,6 @@ OUI:A47C1F*
OUI:A47CC9*
ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD
OUI:A47D78*
ID_OUI_FROM_DATABASE=Edgecore Americas Networking Corporation
OUI:A47D9F*
ID_OUI_FROM_DATABASE=Shenzhen iComm Semiconductor CO.,LTD
@ -115167,7 +115011,7 @@ OUI:A87285*
ID_OUI_FROM_DATABASE=IDT, INC.
OUI:A8741D*
ID_OUI_FROM_DATABASE=Phoenix Contact GmbH & Co. KG
ID_OUI_FROM_DATABASE=PHOENIX CONTACT Electronics GmbH
OUI:A87484*
ID_OUI_FROM_DATABASE=zte corporation
@ -115274,9 +115118,6 @@ OUI:A88D7B*
OUI:A88E24*
ID_OUI_FROM_DATABASE=Apple, Inc.
OUI:A88F99*
ID_OUI_FROM_DATABASE=Arista Networks
OUI:A88FD9*
ID_OUI_FROM_DATABASE=Apple, Inc.
@ -119387,9 +119228,6 @@ OUI:B4C810*
OUI:B4C9B9*
ID_OUI_FROM_DATABASE=Sichuan AI-Link Technology Co., Ltd.
OUI:B4CADD*
ID_OUI_FROM_DATABASE=Cisco Systems, Inc
OUI:B4CB57*
ID_OUI_FROM_DATABASE=GUANGDONG OPPO MOBILE TELECOMMUNICATIONS CORP.,LTD
@ -120575,9 +120413,6 @@ OUI:B8D4C3*
OUI:B8D4E7*
ID_OUI_FROM_DATABASE=Hewlett Packard Enterprise
OUI:B8D4F7*
ID_OUI_FROM_DATABASE=New H3C Technologies Co., Ltd
OUI:B8D50B*
ID_OUI_FROM_DATABASE=Sunitec Enterprise Co.,Ltd
@ -122279,12 +122114,6 @@ OUI:C02C5C*
OUI:C02C7A*
ID_OUI_FROM_DATABASE=Shenzhen Horn Audio Co.,Ltd.
OUI:C02CED*
ID_OUI_FROM_DATABASE=Silicon Laboratories
OUI:C02D2E*
ID_OUI_FROM_DATABASE=China Mobile Group Device Co.,Ltd.
OUI:C02DEE*
ID_OUI_FROM_DATABASE=Cuff
@ -123371,9 +123200,6 @@ OUI:C0F79D*
OUI:C0F827*
ID_OUI_FROM_DATABASE=Rapidmax Technology Corporation
OUI:C0F853*
ID_OUI_FROM_DATABASE=Tuya Smart Inc.
OUI:C0F87F*
ID_OUI_FROM_DATABASE=Cisco Systems, Inc
@ -126542,9 +126368,6 @@ OUI:CC10A3*
OUI:CC115A*
ID_OUI_FROM_DATABASE=Apple, Inc.
OUI:CC1228*
ID_OUI_FROM_DATABASE=HISENSE VISUAL TECHNOLOGY CO.,LTD
OUI:CC14A6*
ID_OUI_FROM_DATABASE=Yichun MyEnergy Domain, Inc
@ -126635,9 +126458,6 @@ OUI:CC1FC4*
OUI:CC208C*
ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD
OUI:CC20AC*
ID_OUI_FROM_DATABASE=Samsung Electronics Co.,Ltd
OUI:CC20E8*
ID_OUI_FROM_DATABASE=Apple, Inc.
@ -127217,9 +127037,6 @@ OUI:CC896C*
OUI:CC89FD*
ID_OUI_FROM_DATABASE=Nokia Corporation
OUI:CC8A84*
ID_OUI_FROM_DATABASE=Huawei Device Co., Ltd.
OUI:CC8C17*
ID_OUI_FROM_DATABASE=ITEL MOBILE LIMITED
@ -127545,7 +127362,7 @@ OUI:CCCCCC*
ID_OUI_FROM_DATABASE=Silicon Laboratories
OUI:CCCCEA*
ID_OUI_FROM_DATABASE=Phoenix Contact GmbH & Co. KG
ID_OUI_FROM_DATABASE=PHOENIX CONTACT Electronics GmbH
OUI:CCCD64*
ID_OUI_FROM_DATABASE=SM-Electronic GmbH
@ -130956,7 +130773,7 @@ OUI:D822F4*
ID_OUI_FROM_DATABASE=Avnet Silica
OUI:D823E0*
ID_OUI_FROM_DATABASE=SPEEDTECH CORP. JIO
ID_OUI_FROM_DATABASE=SPEEDTECH CORP.
OUI:D82477*
ID_OUI_FROM_DATABASE=Universal Electric Corporation
@ -131141,9 +130958,6 @@ OUI:D8490B*
OUI:D8492F*
ID_OUI_FROM_DATABASE=CANON INC.
OUI:D849BF*
ID_OUI_FROM_DATABASE=CELESTICA INC.
OUI:D84A2B*
ID_OUI_FROM_DATABASE=zte corporation
@ -131729,9 +131543,6 @@ OUI:D8C771*
OUI:D8C7C8*
ID_OUI_FROM_DATABASE=Hewlett Packard Enterprise
OUI:D8C80C*
ID_OUI_FROM_DATABASE=Tuya Smart Inc.
OUI:D8C8E9*
ID_OUI_FROM_DATABASE=Phicomm (Shanghai) Co., Ltd.
@ -132290,9 +132101,6 @@ OUI:DC41A9*
OUI:DC41E5*
ID_OUI_FROM_DATABASE=Shenzhen Zhixin Data Service Co., Ltd.
OUI:DC42C8*
ID_OUI_FROM_DATABASE=Huawei Device Co., Ltd.
OUI:DC44270*
ID_OUI_FROM_DATABASE=Suritel
@ -133367,9 +133175,6 @@ OUI:E021FE*
OUI:E02202*
ID_OUI_FROM_DATABASE=Commscope
OUI:E022A1*
ID_OUI_FROM_DATABASE=AltoBeam Inc.
OUI:E023D7*
ID_OUI_FROM_DATABASE=Sleep Number
@ -135608,9 +135413,6 @@ OUI:E4FC82*
OUI:E4FD45*
ID_OUI_FROM_DATABASE=Intel Corporate
OUI:E4FD8C*
ID_OUI_FROM_DATABASE=Extreme Networks Headquarters
OUI:E4FDA1*
ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD
@ -136676,9 +136478,6 @@ OUI:E8CD2D*
OUI:E8CE06*
ID_OUI_FROM_DATABASE=SkyHawke Technologies, LLC.
OUI:E8CF83*
ID_OUI_FROM_DATABASE=Dell Inc.
OUI:E8D03C*
ID_OUI_FROM_DATABASE=Shenzhen Jingxun Software Telecommunication Technology Co.,Ltd
@ -137513,30 +137312,6 @@ OUI:EC748C*
OUI:EC74BA*
ID_OUI_FROM_DATABASE=Hirschmann Automation and Control GmbH
OUI:EC74CD3*
ID_OUI_FROM_DATABASE=iSolution Technologies Co.,Ltd.
OUI:EC74CD5*
ID_OUI_FROM_DATABASE=Standard Backhaul Communications
OUI:EC74CD6*
ID_OUI_FROM_DATABASE=Platypus
OUI:EC74CD8*
ID_OUI_FROM_DATABASE=TRANS AUDIO VIDEO SRL
OUI:EC74CD9*
ID_OUI_FROM_DATABASE=Sound Health Systems
OUI:EC74CDA*
ID_OUI_FROM_DATABASE=Bosch (zhuhai) Security Systems Company, Ltd.
OUI:EC74CDB*
ID_OUI_FROM_DATABASE=Hitachi Rail GTS Austria GmbH
OUI:EC74CDD*
ID_OUI_FROM_DATABASE=Shenzhen Ting-Shine Technology Co., Ltd.
OUI:EC74D7*
ID_OUI_FROM_DATABASE=Grandstream Networks Inc
@ -143327,9 +143102,6 @@ OUI:FCB467*
OUI:FCB4E6*
ID_OUI_FROM_DATABASE=ASKEY COMPUTER CORP
OUI:FCB577*
ID_OUI_FROM_DATABASE=Cortex Security Inc
OUI:FCB585*
ID_OUI_FROM_DATABASE=Shenzhen Water World Information Co.,Ltd.
@ -143387,9 +143159,6 @@ OUI:FCC23D*
OUI:FCC2DE*
ID_OUI_FROM_DATABASE=Murata Manufacturing Co., Ltd.
OUI:FCC2E5*
ID_OUI_FROM_DATABASE=HOLOWITS TECHNOLOGIES CO.,LTD
OUI:FCC734*
ID_OUI_FROM_DATABASE=Samsung Electronics Co.,Ltd

View File

@ -2019,6 +2019,9 @@ acpi:DEL*:
acpi:DEM*:
ID_VENDOR_FROM_DATABASE=DemoPad Software Ltd
acpi:DEM*:
ID_VENDOR_FROM_DATABASE=DemoPad Software Ltd
acpi:DEN*:
ID_VENDOR_FROM_DATABASE=Densitron Computers Ltd

View File

@ -1,5 +1,5 @@
--- 20-acpi-vendor.hwdb.base 2024-11-15 17:16:38.971258201 +0000
+++ 20-acpi-vendor.hwdb 2024-11-15 17:16:38.979258339 +0000
--- 20-acpi-vendor.hwdb.base 2024-11-06 10:40:14.734611315 +0000
+++ 20-acpi-vendor.hwdb 2024-11-06 10:40:14.738611667 +0000
@@ -3,6 +3,8 @@
# Data imported from:
# https://uefi.org/uefi-pnp-export
@ -137,7 +137,7 @@
acpi:COI*:
ID_VENDOR_FROM_DATABASE=Codec Inc.
@@ -2060,7 +2089,7 @@
@@ -2063,7 +2092,7 @@
ID_VENDOR_FROM_DATABASE=Dragon Information Technology
acpi:DJE*:
@ -146,7 +146,7 @@
acpi:DJP*:
ID_VENDOR_FROM_DATABASE=Maygay Machines, Ltd
@@ -2413,6 +2442,9 @@
@@ -2416,6 +2445,9 @@
acpi:EIN*:
ID_VENDOR_FROM_DATABASE=Elegant Invention
@ -156,7 +156,7 @@
acpi:EKA*:
ID_VENDOR_FROM_DATABASE=MagTek Inc.
@@ -2683,6 +2715,9 @@
@@ -2686,6 +2718,9 @@
acpi:FCG*:
ID_VENDOR_FROM_DATABASE=First International Computer Ltd
@ -166,7 +166,7 @@
acpi:FCS*:
ID_VENDOR_FROM_DATABASE=Focus Enhancements, Inc.
@@ -3059,7 +3094,7 @@
@@ -3062,7 +3097,7 @@
ID_VENDOR_FROM_DATABASE=General Standards Corporation
acpi:GSM*:
@ -175,7 +175,7 @@
acpi:GSN*:
ID_VENDOR_FROM_DATABASE=Grandstream Networks, Inc.
@@ -3169,6 +3204,9 @@
@@ -3172,6 +3207,9 @@
acpi:HEC*:
ID_VENDOR_FROM_DATABASE=Hisense Electric Co., Ltd.
@ -185,7 +185,7 @@
acpi:HEL*:
ID_VENDOR_FROM_DATABASE=Hitachi Micro Systems Europe Ltd
@@ -3304,6 +3342,9 @@
@@ -3307,6 +3345,9 @@
acpi:HSD*:
ID_VENDOR_FROM_DATABASE=HannStar Display Corp
@ -195,7 +195,7 @@
acpi:HSM*:
ID_VENDOR_FROM_DATABASE=AT&T Microelectronics
@@ -3430,6 +3471,9 @@
@@ -3433,6 +3474,9 @@
acpi:ICI*:
ID_VENDOR_FROM_DATABASE=Infotek Communication Inc
@ -205,7 +205,7 @@
acpi:ICM*:
ID_VENDOR_FROM_DATABASE=Intracom SA
@@ -3526,6 +3570,9 @@
@@ -3529,6 +3573,9 @@
acpi:IKE*:
ID_VENDOR_FROM_DATABASE=Ikegami Tsushinki Co. Ltd.
@ -215,7 +215,7 @@
acpi:IKS*:
ID_VENDOR_FROM_DATABASE=Ikos Systems Inc
@@ -3574,6 +3621,9 @@
@@ -3577,6 +3624,9 @@
acpi:IMX*:
ID_VENDOR_FROM_DATABASE=arpara Technology Co., Ltd.
@ -225,7 +225,7 @@
acpi:INA*:
ID_VENDOR_FROM_DATABASE=Inventec Corporation
@@ -4102,6 +4152,9 @@
@@ -4105,6 +4155,9 @@
acpi:LAN*:
ID_VENDOR_FROM_DATABASE=Sodeman Lancom Inc
@ -235,7 +235,7 @@
acpi:LAS*:
ID_VENDOR_FROM_DATABASE=LASAT Comm. A/S
@@ -4153,6 +4206,9 @@
@@ -4156,6 +4209,9 @@
acpi:LED*:
ID_VENDOR_FROM_DATABASE=Long Engineering Design Inc
@ -245,7 +245,7 @@
acpi:LEG*:
ID_VENDOR_FROM_DATABASE=Legerity, Inc
@@ -4171,6 +4227,9 @@
@@ -4174,6 +4230,9 @@
acpi:LGD*:
ID_VENDOR_FROM_DATABASE=LG Display
@ -255,7 +255,7 @@
acpi:LGI*:
ID_VENDOR_FROM_DATABASE=Logitech Inc
@@ -4237,6 +4296,9 @@
@@ -4240,6 +4299,9 @@
acpi:LND*:
ID_VENDOR_FROM_DATABASE=Land Computer Company Ltd
@ -265,7 +265,7 @@
acpi:LNK*:
ID_VENDOR_FROM_DATABASE=Link Tech Inc
@@ -4271,7 +4333,7 @@
@@ -4274,7 +4336,7 @@
ID_VENDOR_FROM_DATABASE=Design Technology
acpi:LPL*:
@ -274,7 +274,7 @@
acpi:LSC*:
ID_VENDOR_FROM_DATABASE=LifeSize Communications
@@ -4447,6 +4509,9 @@
@@ -4450,6 +4512,9 @@
acpi:MCX*:
ID_VENDOR_FROM_DATABASE=Millson Custom Solutions Inc.
@ -284,7 +284,7 @@
acpi:MDA*:
ID_VENDOR_FROM_DATABASE=Media4 Inc
@@ -4693,6 +4758,9 @@
@@ -4696,6 +4761,9 @@
acpi:MOM*:
ID_VENDOR_FROM_DATABASE=Momentum Data Systems
@ -294,7 +294,7 @@
acpi:MOS*:
ID_VENDOR_FROM_DATABASE=Moses Corporation
@@ -4933,6 +5001,9 @@
@@ -4936,6 +5004,9 @@
acpi:NAL*:
ID_VENDOR_FROM_DATABASE=Network Alchemy
@ -304,7 +304,7 @@
acpi:NAT*:
ID_VENDOR_FROM_DATABASE=NaturalPoint Inc.
@@ -5473,6 +5544,9 @@
@@ -5476,6 +5547,9 @@
acpi:PCX*:
ID_VENDOR_FROM_DATABASE=PC Xperten
@ -314,7 +314,7 @@
acpi:PDM*:
ID_VENDOR_FROM_DATABASE=Psion Dacom Plc.
@@ -5536,9 +5610,6 @@
@@ -5539,9 +5613,6 @@
acpi:PHE*:
ID_VENDOR_FROM_DATABASE=Philips Medical Systems Boeblingen GmbH
@ -324,7 +324,7 @@
acpi:PHL*:
ID_VENDOR_FROM_DATABASE=Philips Consumer Electronics Company
@@ -5629,9 +5700,6 @@
@@ -5632,9 +5703,6 @@
acpi:PNL*:
ID_VENDOR_FROM_DATABASE=Panelview, Inc.
@ -334,7 +334,7 @@
acpi:PNR*:
ID_VENDOR_FROM_DATABASE=Planar Systems, Inc.
@@ -6109,9 +6177,6 @@
@@ -6112,9 +6180,6 @@
acpi:RTI*:
ID_VENDOR_FROM_DATABASE=Rancho Tech Inc
@ -344,7 +344,7 @@
acpi:RTL*:
ID_VENDOR_FROM_DATABASE=Realtek Semiconductor Company Ltd
@@ -6286,9 +6351,6 @@
@@ -6289,9 +6354,6 @@
acpi:SEE*:
ID_VENDOR_FROM_DATABASE=SeeColor Corporation
@ -354,7 +354,7 @@
acpi:SEI*:
ID_VENDOR_FROM_DATABASE=Seitz & Associates Inc
@@ -6772,6 +6834,9 @@
@@ -6775,6 +6837,9 @@
acpi:SVD*:
ID_VENDOR_FROM_DATABASE=SVD Computer
@ -364,7 +364,7 @@
acpi:SVI*:
ID_VENDOR_FROM_DATABASE=Sun Microsystems
@@ -6856,6 +6921,9 @@
@@ -6859,6 +6924,9 @@
acpi:SZM*:
ID_VENDOR_FROM_DATABASE=Shenzhen MTC Co., Ltd
@ -374,7 +374,7 @@
acpi:TAA*:
ID_VENDOR_FROM_DATABASE=Tandberg
@@ -6946,6 +7014,9 @@
@@ -6949,6 +7017,9 @@
acpi:TDG*:
ID_VENDOR_FROM_DATABASE=Six15 Technologies
@ -384,7 +384,7 @@
acpi:TDM*:
ID_VENDOR_FROM_DATABASE=Tandem Computer Europe Inc
@@ -6988,6 +7059,9 @@
@@ -6991,6 +7062,9 @@
acpi:TEV*:
ID_VENDOR_FROM_DATABASE=Televés, S.A.
@ -394,7 +394,7 @@
acpi:TEZ*:
ID_VENDOR_FROM_DATABASE=Tech Source Inc.
@@ -7117,9 +7191,6 @@
@@ -7120,9 +7194,6 @@
acpi:TNC*:
ID_VENDOR_FROM_DATABASE=TNC Industrial Company Ltd
@ -404,7 +404,7 @@
acpi:TNM*:
ID_VENDOR_FROM_DATABASE=TECNIMAGEN SA
@@ -7429,14 +7500,14 @@
@@ -7432,14 +7503,14 @@
acpi:UNC*:
ID_VENDOR_FROM_DATABASE=Unisys Corporation
@ -425,7 +425,7 @@
acpi:UNI*:
ID_VENDOR_FROM_DATABASE=Uniform Industry Corp.
@@ -7471,6 +7542,9 @@
@@ -7474,6 +7545,9 @@
acpi:USA*:
ID_VENDOR_FROM_DATABASE=Utimaco Safeware AG
@ -435,7 +435,7 @@
acpi:USD*:
ID_VENDOR_FROM_DATABASE=U.S. Digital Corporation
@@ -7732,9 +7806,6 @@
@@ -7735,9 +7809,6 @@
acpi:WAL*:
ID_VENDOR_FROM_DATABASE=Wave Access
@ -445,7 +445,7 @@
acpi:WAV*:
ID_VENDOR_FROM_DATABASE=Wavephore
@@ -7862,7 +7933,7 @@
@@ -7865,7 +7936,7 @@
ID_VENDOR_FROM_DATABASE=WyreStorm Technologies LLC
acpi:WYS*:
@ -454,7 +454,7 @@
acpi:WYT*:
ID_VENDOR_FROM_DATABASE=Wooyoung Image & Information Co.,Ltd.
@@ -7876,9 +7947,6 @@
@@ -7879,9 +7950,6 @@
acpi:XDM*:
ID_VENDOR_FROM_DATABASE=XDM Ltd.
@ -464,7 +464,7 @@
acpi:XES*:
ID_VENDOR_FROM_DATABASE=Extreme Engineering Solutions, Inc.
@@ -7912,9 +7980,6 @@
@@ -7915,9 +7983,6 @@
acpi:XNT*:
ID_VENDOR_FROM_DATABASE=XN Technologies, Inc.
@ -474,7 +474,7 @@
acpi:XQU*:
ID_VENDOR_FROM_DATABASE=SHANGHAI SVA-DAV ELECTRONICS CO., LTD
@@ -7981,6 +8046,9 @@
@@ -7984,6 +8049,9 @@
acpi:ZBX*:
ID_VENDOR_FROM_DATABASE=Zebax Technologies

View File

@ -1438,11 +1438,6 @@ evdev:input:b0003v046DpC309*
KEYBOARD_KEY_c01b6=images # My Pictures (F11)
KEYBOARD_KEY_c01b7=audio # My Music (F12)
# Logitech MX Keys for Mac
evdev:input:b0003v046Dp4092*
KEYBOARD_KEY_70035=102nd # '<' key
KEYBOARD_KEY_70064=grave # '^' key
###########################################################
# Maxdata
###########################################################

View File

@ -376,12 +376,11 @@ sensor:modalias:acpi:KIOX000A*:dmi:*:svncube:pni1-TF:*
sensor:modalias:acpi:SMO8500*:dmi:*:svncube:pni7:*
ACCEL_MOUNT_MATRIX=1, 0, 0; 0, -1, 0; 0, 0, 1
# Cube i7 Stylus, i7 Stylus I8L Model, i7 Book (i16) and Mix Plus (i18B/i18D)
# Cube i7 Stylus, i7 Stylus I8L Model, i7 Book (i16) and Mix Plus (i18B)
sensor:modalias:acpi:KIOX000A*:dmi:*:svnCube:pni7Stylus:*
sensor:modalias:acpi:KIOX000A*:dmi:*:svnCube:pni8-L:*
sensor:modalias:acpi:KIOX000A*:dmi:*:svnCube:pni16:*
sensor:modalias:acpi:KIOX000A*:dmi:*:svnCube:pni18B:*
sensor:modalias:acpi:KIOX000A*:dmi:*:svnALLDOCUBE:pni18D:*
ACCEL_MOUNT_MATRIX=-1, 0, 0; 0, 1, 0; 0, 0, 1
# Cube iWork 10 Flagship
@ -953,15 +952,6 @@ sensor:modalias:acpi:MXC6655*:dmi:*:svnDefaultstring*:pnP612F:*
sensor:modalias:acpi:SMO8500*:dmi:*:svnPEAQ:pnPEAQPMMC1010MD99187:*
ACCEL_MOUNT_MATRIX=-1, 0, 0; 0, 1, 0; 0, 0, 1
#########################################
# Pine64
#########################################
# PineTab2
sensor:modalias:of:NaccelerometerT_null_Csilan,sc7a20:*
ACCEL_MOUNT_MATRIX=0, 0, -1; 1, 0, 0; 0, -1, 0
#########################################
# Pipo
#########################################

File diff suppressed because it is too large Load Diff

View File

@ -770,6 +770,12 @@ C00000-CFFFFF (base 16) HANGZHOU ZHONGKEJIGUANG TECHNOLOGY CO., LTD
HANGZHOU Zhejiang 310018
CN
2C-69-1D (hex) SPEEDTECH CORP.
400000-4FFFFF (base 16) SPEEDTECH CORP.
No. 568, Sec. 1, Minsheng N. Rd., Guishan Dist., Taoyuan City 338, Taiwan
Taoyuan 338
TW
2C-69-1D (hex) IBM
800000-8FFFFF (base 16) IBM
9000 South Rita Rd
@ -6782,30 +6788,6 @@ AC-EF-92 (hex) CEER NATIONAL AUTOMOTIVE COMPANY
Shanghai 201316
CN
0C-47-A9 (hex) Shenzhen Hahappylife Innovations Electronics Technology Co.,Ltd
600000-6FFFFF (base 16) Shenzhen Hahappylife Innovations Electronics Technology Co.,Ltd
103, Bldg1, Meicheng Ind Park, No.4, Xinhe St, Maantang Community, Bantian St, Longgang Dist
Shenzhen Guangdong 518000
CN
EC-74-CD (hex) Bosch (zhuhai) Security Systems Company, Ltd.
A00000-AFFFFF (base 16) Bosch (zhuhai) Security Systems Company, Ltd.
20 Ji Chang Bei Road, Qingwan Industrial Estate, | Sanzao Town, Jinwan District
Zhuhai Guangdong 519040
CN
0C-47-A9 (hex) Shanghai Sigen New Energy Technology Co., Ltd
900000-9FFFFF (base 16) Shanghai Sigen New Energy Technology Co., Ltd
Room 514 The 5th Floor, No.175 Weizhan Road China (Shanghai) Plilot Free Trade Zone
Shanghai 201306
CN
2C-69-1D (hex) SPEEDTECH CORP. JIO
400000-4FFFFF (base 16) SPEEDTECH CORP. JIO
No. 568, Sec. 1, Minsheng N. Rd., Guishan Dist., Taoyuan City 338, Taiwan
Taoyuan 338
TW
B8-4C-87 (hex) Shenzhen Link-all Technology Co., Ltd
300000-3FFFFF (base 16) Shenzhen Link-all Technology Co., Ltd
Floor 5th, Block 9th, Sunny Industrial Zone, Xili Town, Nanshan District, Shenzhen, China
@ -13091,18 +13073,6 @@ A00000-AFFFFF (base 16) Lens Technology (Xiangtan) Co.,Ltd
Xiangtan Hunan 411100
CN
EC-74-CD (hex) Shenzhen Ting-Shine Technology Co., Ltd.
D00000-DFFFFF (base 16) Shenzhen Ting-Shine Technology Co., Ltd.
No. 148, Huarong Road, Longhua District, Shenzhen
Shenzhen Guangdong 518083
CN
EC-74-CD (hex) iSolution Technologies Co.,Ltd.
300000-3FFFFF (base 16) iSolution Technologies Co.,Ltd.
5F,Bldg #6, Zhongguan Honghualing Industrial South Park
Shenzhen Guangdong 518055
CN
B8-4C-87 (hex) Altronix , Corp
A00000-AFFFFF (base 16) Altronix , Corp
140 58th St. Bldg A, Ste 2N
@ -19892,48 +19862,6 @@ AC-EF-92 (hex) JiZhiKang (Beijing) Technology Co., Ltd
Beijing 100176
CN
0C-47-A9 (hex) HONGKONG STONEOIM TECHNOLOGY LIMITED
300000-3FFFFF (base 16) HONGKONG STONEOIM TECHNOLOGY LIMITED
UNIT 1507C,15/F,EASTCORE 398 KWUN TONG ROAD KWUN TONG KL
hongkong hongkong 999077
HK
0C-47-A9 (hex) Annapurna labs
200000-2FFFFF (base 16) Annapurna labs
Matam Scientific Industries Center, Building 8.2
Mail box 15123 Haifa 3508409
IL
0C-47-A9 (hex) BGResearch
E00000-EFFFFF (base 16) BGResearch
5, The Business Centre, Harvard Way, Kimbolton,
Huntingdon. Cambridgeshire PE28 0NJ
GB
EC-74-CD (hex) Platypus
600000-6FFFFF (base 16) Platypus
6, Wonteo-ro 110beon-gil, Jungwon-gu
Gyeonggi-do Seongnam-si 13360
KR
EC-74-CD (hex) Sound Health Systems
900000-9FFFFF (base 16) Sound Health Systems
650B Fremont Ave #65
Los Altos CA 94024
US
EC-74-CD (hex) Hitachi Rail GTS Austria GmbH
B00000-BFFFFF (base 16) Hitachi Rail GTS Austria GmbH
Handelskai 92
Vienna 1200
AT
EC-74-CD (hex) Standard Backhaul Communications
500000-5FFFFF (base 16) Standard Backhaul Communications
333 South Highland Ave
Briarcliff Manor 10510
US
D0-14-11 (hex) P.B. Elettronica srl
100000-1FFFFF (base 16) P.B. Elettronica srl
Via Santorelli, 8
@ -26531,12 +26459,6 @@ C00000-CFFFFF (base 16) Senix
0C-47-A9 (hex) Private
400000-4FFFFF (base 16) Private
0C-47-A9 (hex) Honest Networks LLC
800000-8FFFFF (base 16) Honest Networks LLC
15 Maiden LnSte 1101
New York NY 10038
US
C8-5C-E2 (hex) Fela Management AG
000000-0FFFFF (base 16) Fela Management AG
Basadingerstrasse 18
@ -33284,20 +33206,8 @@ C00000-CFFFFF (base 16) Annapurna labs
Mail box 15123 Haifa 3508409
IL
0C-47-A9 (hex) Everon Co., Ltd.
500000-5FFFFF (base 16) Everon Co., Ltd.
3F.Pine Avenue B, 100, Eulji-ro, Jung-gu
Seoul 04551
KR
0C-47-A9 (hex) Shenzhen Hebang Electronic Co., Ltd
B00000-BFFFFF (base 16) Shenzhen Hebang Electronic Co., Ltd
2nd Floor West, Bldg B, Kelunte Low Carbon Industry Park, Huarong Road, Dalang, Longhua District
Shenzhen 518000
CN
EC-74-CD (hex) TRANS AUDIO VIDEO SRL
800000-8FFFFF (base 16) TRANS AUDIO VIDEO SRL
Viale Melvin Jones 12
Caserta CE 81100
IT

View File

@ -7457,24 +7457,6 @@ D04000-D04FFF (base 16) Plenty Unlimited Inc
HongKong 999077
HK
8C-1F-64 (hex) KRYFS TECHNOLOGIES PRIVATE LIMITED
206000-206FFF (base 16) KRYFS TECHNOLOGIES PRIVATE LIMITED
SURVEY NO 231 KHERDI MAIN ROAD NEAR HPCL KHERDI SILVASSA
SILVASSA DADRA AND NAGAR HAVELI 396230
IN
8C-1F-64 (hex) Matrixspace
806000-806FFF (base 16) Matrixspace
1721 Moon Lake BlvdSTE 200
Hoffman Estates IL 60169
US
8C-1F-64 (hex) ENERGY POWER PRODUCTS LIMITED
41B000-41BFFF (base 16) ENERGY POWER PRODUCTS LIMITED
7/F, Room 701, Lucky Centre, 165-171, Wanchai Road
Wanchai 000000
HK
8C-1F-64 (hex) Jacobs Technology, Inc.
A98000-A98FFF (base 16) Jacobs Technology, Inc.
7765 Old Telegraph Road
@ -22379,12 +22361,6 @@ A8C000-A8CFFF (base 16) Elektronik Art
Lublin Lublin 20234
PL
8C-1F-64 (hex) Anduril Imaging
763000-763FFF (base 16) Anduril Imaging
83 Hartwell Ave
Lexington MA 02421
US
8C-1F-64 (hex) Wuhan YiValley Opto-electric technology Co.,Ltd
175000-175FFF (base 16) Wuhan YiValley Opto-electric technology Co.,Ltd
A104,1st stage Juxian Building, Hongshan internatinoal enterprise center
@ -22403,6 +22379,12 @@ C60000-C60FFF (base 16) Intelligent Security Systems (ISS)
Woodbridge NJ 07095
US
8C-1F-64 (hex) Anduril Imaging
763000-763FFF (base 16) Anduril Imaging
83 Hartwell Ave
Lexington MA 02421
US
8C-1F-64 (hex) Flow Power
82B000-82BFFF (base 16) Flow Power
Suite 2, Level 3, 18 - 20 York St
@ -29903,42 +29885,12 @@ BA7000-BA7FFF (base 16) iLensys Technologies PVT LTD
Thiruvananthapuram KERALA 695014
IN
8C-1F-64 (hex) Potter Electric Signal Company
FDF000-FDFFFF (base 16) Potter Electric Signal Company
5757 Phantom Drive
Hazelwood MO 63042
US
8C-1F-64 (hex) Hurry-tech
F19000-F19FFF (base 16) Hurry-tech
Greenland Central Plaza ,Building 1 of Yard 9,Room 601
Beijing Beijing 100089
CN
8C-1F-64 (hex) Transit Solutions, LLC.
1BC000-1BCFFF (base 16) Transit Solutions, LLC.
114 West Grandview Avenue
Zelienople PA 16063
US
8C-1F-64 (hex) Ceranext Ltd
394000-394FFF (base 16) Ceranext Ltd
25-27 Demostheni Severi ,Metropolis Tower,Building B',1080 Cyprus
Nicosia 1080
CY
8C-1F-64 (hex) SiFive Inc
E88000-E88FFF (base 16) SiFive Inc
2625 Augustine DriveSuite 101
Santa Clara CA 95054
US
8C-1F-64 (hex) Makel Elektrik Malzemeleri A.Ş.
9B8000-9B8FFF (base 16) Makel Elektrik Malzemeleri A.Ş.
Osmangazi Mah.Mareşal Fevzi Çakmak Cad. No:38 KIRAÇ / Esenyurt
ESENYURT İstanbul 34522
TR
8C-1F-64 (hex) Mobileye
D63000-D63FFF (base 16) Mobileye
13 Hartom st.
@ -37342,9 +37294,3 @@ BD9000-BD9FFF (base 16) WATTS
C. Valportillo Segunda, 8 bis
Alcobendas Madrid 28108
ES
8C-1F-64 (hex) Mediana Co., Ltd.
159000-159FFF (base 16) Mediana Co., Ltd.
132, Donghwagongdan-ro, Munmak-eup
Wonju-si Gangwon-do 26365
KR

View File

@ -2540,6 +2540,7 @@ AVARRO,RRO,08/07/2023
"LUMINO Licht Elektronik GmbH",LLT,11/07/2023
"Reonel Oy",RNL,01/04/2024
DemoPad Software Ltd,DEM,01/04/2024
DemoPad Software Ltd,DEM,01/04/2024
"TeamViewer Germany GmbH",TMV,01/04/2024
"Pixio USA",PXO,02/14/2024
"ELARABY COMPANY FOR ENGINEERING INDUSTRIES",EEI,02/14/2024

1 Company PNP ID Approved On Date
2540 LUMINO Licht Elektronik GmbH LLT 11/07/2023
2541 Reonel Oy RNL 01/04/2024
2542 DemoPad Software Ltd DEM 01/04/2024
2543 DemoPad Software Ltd DEM 01/04/2024
2544 TeamViewer Germany GmbH TMV 01/04/2024
2545 Pixio USA PXO 02/14/2024
2546 ELARABY COMPANY FOR ENGINEERING INDUSTRIES EEI 02/14/2024

View File

@ -421,7 +421,7 @@
<term><varname>rd.systemd.verity=</varname></term>
<term><varname>systemd.verity_root_data=</varname></term>
<term><varname>systemd.verity_root_hash=</varname></term>
<term><varname>systemd.verity_root_options=</varname></term>
<term><varname>systemd.verity.root_options=</varname></term>
<term><varname>usrhash=</varname></term>
<term><varname>systemd.verity_usr_data=</varname></term>
<term><varname>systemd.verity_usr_hash=</varname></term>

View File

@ -265,11 +265,32 @@
</refsect1>
<refsect1>
<title>Unlocking</title>
<title>Options</title>
<para>The following options are understood that may be used to unlock the device in preparation of the enrollment operations:</para>
<para>The following options are understood:</para>
<variablelist>
<varlistentry>
<term><option>--password</option></term>
<listitem><para>Enroll a regular password/passphrase. This command is mostly equivalent to
<command>cryptsetup luksAddKey</command>, however may be combined with
<option>--wipe-slot=</option> in one call, see below.</para>
<xi:include href="version-info.xml" xpointer="v248"/></listitem>
</varlistentry>
<varlistentry>
<term><option>--recovery-key</option></term>
<listitem><para>Enroll a recovery key. Recovery keys are mostly identical to passphrases, but are
computer-generated instead of being chosen by a human, and thus have a guaranteed high entropy. The
key uses a character set that is easy to type in, and may be scanned off screen via a QR code.
</para>
<xi:include href="version-info.xml" xpointer="v248"/></listitem>
</varlistentry>
<varlistentry>
<term><option>--unlock-key-file=<replaceable>PATH</replaceable></option></term>
@ -307,45 +328,7 @@
<xi:include href="version-info.xml" xpointer="v256"/></listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>Simple Enrollment</title>
<para>The following options are understood that may be used to enroll simple user input based
unlocking:</para>
<variablelist>
<varlistentry>
<term><option>--password</option></term>
<listitem><para>Enroll a regular password/passphrase. This command is mostly equivalent to
<command>cryptsetup luksAddKey</command>, however may be combined with
<option>--wipe-slot=</option> in one call, see below.</para>
<xi:include href="version-info.xml" xpointer="v248"/></listitem>
</varlistentry>
<varlistentry>
<term><option>--recovery-key</option></term>
<listitem><para>Enroll a recovery key. Recovery keys are mostly identical to passphrases, but are
computer-generated instead of being chosen by a human, and thus have a guaranteed high entropy. The
key uses a character set that is easy to type in, and may be scanned off screen via a QR code.
</para>
<xi:include href="version-info.xml" xpointer="v248"/></listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>PKCS#11 Enrollment</title>
<para>The following option is understood that may be used to enroll PKCS#11 tokens:</para>
<variablelist>
<varlistentry>
<term><option>--pkcs11-token-uri=<replaceable>URI</replaceable></option></term>
@ -378,15 +361,7 @@
<xi:include href="version-info.xml" xpointer="v248"/></listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>FIDO2 Enrollment</title>
<para>The following options are understood that may be used to enroll PKCS#11 tokens:</para>
<variablelist>
<varlistentry>
<term><option>--fido2-credential-algorithm=<replaceable>STRING</replaceable></option></term>
<listitem><para>Specify COSE algorithm used in credential generation. The default value is
@ -486,15 +461,7 @@
<xi:include href="version-info.xml" xpointer="v249"/></listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>TPM2 Enrollment</title>
<para>The following options are understood that may be used to enroll TPM2 devices:</para>
<variablelist>
<varlistentry>
<term><option>--tpm2-device=<replaceable>PATH</replaceable></option></term>
@ -669,15 +636,7 @@
<xi:include href="version-info.xml" xpointer="v255"/></listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>Other Options</title>
<para>The following additional options are understood:</para>
<variablelist>
<varlistentry>
<term><option>--wipe-slot=<replaceable>SLOT<optional>,SLOT...</optional></replaceable></option></term>

View File

@ -85,6 +85,7 @@
<xi:include href="version-info.xml" xpointer="v257"/></listitem>
</varlistentry>
<xi:include href="standard-options.xml" xpointer="no-pager"/>
<xi:include href="standard-options.xml" xpointer="help"/>
<xi:include href="standard-options.xml" xpointer="version"/>
</variablelist>

View File

@ -1286,21 +1286,21 @@ DuplicateAddressDetection=none</programlisting></para>
<varlistentry>
<term><varname>KeepConfiguration=</varname></term>
<listitem>
<para>Takes a boolean or one of <literal>static</literal>, <literal>dynamic-on-stop</literal>, and
<literal>dynamic</literal>. When <literal>static</literal>, <command>systemd-networkd</command>
will not drop statically configured addresses and routes on starting up process. When
<literal>dynamic-on-stop</literal>, the dynamically configurad addresses and routes, such as
DHCPv4, DHCPv6, SLAAC, and IPv4 link-local address, will not be dropped when
<command>systemd-networkd</command> is being stopped. When <literal>dynamic</literal>, the
dynamically configured addresses and routes will never be dropped, and the lifetime of DHCPv4
leases will be ignored. This is contrary to the DHCP specification, but may be the best choice if,
e.g., the root filesystem relies on this connection. The setting <literal>dynamic</literal> implies
<literal>dynamic-on-stop</literal>, and <literal>yes</literal> implies <literal>dynamic</literal>
and <literal>static</literal>. Defaults to <literal>dynamic-on-stop</literal> when
<command>systemd-networkd</command> is running in initrd, <literal>yes</literal> when the root
filesystem is a network filesystem, and <literal>no</literal> otherwise.</para>
<para>Takes a boolean or one of <literal>static</literal>, <literal>dhcp-on-stop</literal>,
<literal>dhcp</literal>. When <literal>static</literal>, <command>systemd-networkd</command>
will not drop static addresses and routes on starting up process. When set to
<literal>dhcp-on-stop</literal>, <command>systemd-networkd</command> will not drop addresses
and routes on stopping the daemon. When <literal>dhcp</literal>,
the addresses and routes provided by a DHCP server will never be dropped even if the DHCP
lease expires. This is contrary to the DHCP specification, but may be the best choice if,
e.g., the root filesystem relies on this connection. The setting <literal>dhcp</literal>
implies <literal>dhcp-on-stop</literal>, and <literal>yes</literal> implies
<literal>dhcp</literal> and <literal>static</literal>. Defaults to
<literal>dhcp-on-stop</literal> when <command>systemd-networkd</command> is running in
initrd, <literal>yes</literal> when the root filesystem is a network filesystem, and
<literal>no</literal> otherwise.</para>
<xi:include href="version-info.xml" xpointer="v257"/>
<xi:include href="version-info.xml" xpointer="v243"/>
</listitem>
</varlistentry>
</variablelist>

View File

@ -81,7 +81,4 @@
<para id="v255">Added in version 255.</para>
<para id="v256">Added in version 256.</para>
<para id="v257">Added in version 257.</para>
<para id="v258">Added in version 258.</para>
<para id="v259">Added in version 259.</para>
<para id="v260">Added in version 260.</para>
</refsect1>

View File

@ -2674,14 +2674,6 @@ endif
#####################################################################
ukify_depends = []
foreach executable : ['systemd-measure', 'systemd-sbsign', 'systemd-keyutil']
if executable in executables_by_name
ukify_depends += [executables_by_name[executable]]
endif
endforeach
ukify = custom_target(
'ukify',
input : 'src/ukify/ukify.py',
@ -2689,7 +2681,6 @@ ukify = custom_target(
command : [jinja2_cmdline, '@INPUT@', '@OUTPUT@'],
install : want_ukify,
install_mode : 'rwxr-xr-x',
depends : ukify_depends,
install_dir : bindir)
if want_ukify
public_programs += ukify
@ -2709,7 +2700,7 @@ endif
mkosi_depends = public_programs
foreach executable : ['systemd-journal-remote', 'systemd-sbsign', 'systemd-keyutil']
foreach executable : ['systemd-journal-remote', 'systemd-measure', 'systemd-sbsign', 'systemd-keyutil']
if executable in executables_by_name
mkosi_depends += [executables_by_name[executable]]
endif

View File

@ -1 +1 @@
257~rc2
257~rc1

View File

@ -7,3 +7,4 @@ ToolsTreePackages=
meson
mypy
pkgconf
ruff

View File

@ -10,6 +10,5 @@ ToolsTreePackages=
libmicrohttpd
python-jinja
python-pytest
ruff
tpm2-tss
util-linux-libs

View File

@ -13,6 +13,6 @@ ToolsTreePackages=
pkgconfig(fdisk)
pkgconfig(libmicrohttpd)
pkgconfig(mount)
tpm2-tss-devel
tss2-devel
python3-jinja2
python3-pytest

View File

@ -1,8 +0,0 @@
# SPDX-License-Identifier: LGPL-2.1-or-later
[Match]
ToolsTreeDistribution=fedora
[Build]
ToolsTreePackages=
ruff

View File

@ -12,7 +12,6 @@ ToolsTreePackages=
pkgconfig(fdisk)
pkgconfig(libmicrohttpd)
pkgconfig(mount)
python3-ruff
tss2-devel
python3-jinja2
python3-pytest

View File

@ -1,7 +0,0 @@
#!/bin/bash
# SPDX-License-Identifier: LGPL-2.1-or-later
set -e
if [[ "$1" == "clangd" ]]; then
exec "$@"
fi

View File

@ -2,6 +2,10 @@
# SPDX-License-Identifier: LGPL-2.1-or-later
set -e
if [[ "$1" == "clangd" ]]; then
exec "$@"
fi
if [[ ! -f "pkg/$PKG_SUBDIR/PKGBUILD" ]]; then
echo "PKGBUILD not found at pkg/$PKG_SUBDIR/PKGBUILD, run mkosi once with -ff to make sure the PKGBUILD is cloned" >&2
exit 1

View File

@ -7,7 +7,7 @@ Distribution=arch
Environment=
GIT_URL=https://gitlab.archlinux.org/archlinux/packaging/packages/systemd.git
GIT_BRANCH=main
GIT_COMMIT=29a73017cd380cd8db070dbd560e229d523b3c79
GIT_COMMIT=62c224b60ca150627be58ca2da50f47cc0a5793c
PKG_SUBDIR=arch
[Content]

View File

@ -8,7 +8,7 @@ Distribution=|fedora
Environment=
GIT_URL=https://src.fedoraproject.org/rpms/systemd.git
GIT_BRANCH=rawhide
GIT_COMMIT=7bd1d09f7fd16d20a041de0eb9af7cc8dbef6a99
GIT_COMMIT=e42eed4afd6267cd954d393d8eec79e0e7573de0
PKG_SUBDIR=fedora
[Content]

View File

@ -9,7 +9,7 @@ Environment=
GIT_URL=https://salsa.debian.org/systemd-team/systemd.git
GIT_SUBDIR=debian
GIT_BRANCH=debian/master
GIT_COMMIT=51cd22f3684725a1b199012555e7378f2f468c16
GIT_COMMIT=2f288667e0f5eeba19b14d24b621baef2aa413e1
PKG_SUBDIR=debian
[Content]

View File

@ -15,7 +15,7 @@ msgid ""
msgstr ""
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2024-11-06 14:42+0000\n"
"PO-Revision-Date: 2024-11-17 15:48+0000\n"
"PO-Revision-Date: 2024-11-09 20:13+0000\n"
"Last-Translator: Weblate Translation Memory <noreply-mt-weblate-translation-"
"memory@weblate.org>\n"
"Language-Team: German <https://translate.fedoraproject.org/projects/systemd/"
@ -187,11 +187,9 @@ msgstr ""
"benötigte Speichermedium oder Dateisystem ein."
#: src/home/pam_systemd_home.c:298
#, c-format
#, fuzzy, c-format
msgid "Too frequent login attempts for user %s, try again later."
msgstr ""
"Zu viele Anmeldeversuche für Benutzer %s, versuchen Sie es später noch "
"einmal."
msgstr "Zu häufige Loginversuche für %s. Bitte später erneut probieren."
#: src/home/pam_systemd_home.c:310
msgid "Password: "
@ -1191,16 +1189,18 @@ msgid "Subscribe query results"
msgstr "Abfrageergebnisse abonnieren"
#: src/resolve/org.freedesktop.resolve1.policy:144
#, fuzzy
msgid "Authentication is required to subscribe query results."
msgstr "Legitimierung ist zum Abonnieren von Abfrageergebnissen erforderlich."
msgstr "Legitimierung ist zum Versetzen des Systems in Bereitschaft notwendig."
#: src/resolve/org.freedesktop.resolve1.policy:154
msgid "Dump cache"
msgstr ""
#: src/resolve/org.freedesktop.resolve1.policy:155
#, fuzzy
msgid "Authentication is required to dump cache."
msgstr ""
msgstr "Legitimierung ist zum Festlegen von Domains notwendig."
#: src/resolve/org.freedesktop.resolve1.policy:165
msgid "Dump server state"
@ -1248,21 +1248,20 @@ msgid "Install specific system version"
msgstr "Spezifische Systemversion installieren"
#: src/sysupdate/org.freedesktop.sysupdate1.policy:56
#, fuzzy
msgid ""
"Authentication is required to update the system to a specific (possibly old) "
"version."
msgstr ""
"Legitimierung ist zum Aktualisieren des Systems auf eine bestimmte ("
"möglicherweise alte) Version erforderlich."
msgstr "Legitimierung ist zum Festlegen der Systemzeitzone notwendig."
#: src/sysupdate/org.freedesktop.sysupdate1.policy:65
msgid "Cleanup old system updates"
msgstr "Alte Systemaktualisierungen bereinigen"
#: src/sysupdate/org.freedesktop.sysupdate1.policy:66
#, fuzzy
msgid "Authentication is required to cleanup old system updates."
msgstr ""
"Legitimierung ist zum Bereinigen alter Systemaktualisierungen erforderlich."
msgstr "Legitimierung ist zum Festlegen der Systemzeit notwendig."
#: src/sysupdate/org.freedesktop.sysupdate1.policy:75
msgid "Manage optional features"
@ -1270,8 +1269,11 @@ msgstr "Optionale Funktionen verwalten"
# https://www.freedesktop.org/software/systemd/man/sd-login.html
#: src/sysupdate/org.freedesktop.sysupdate1.policy:76
#, fuzzy
msgid "Authentication is required to manage optional features"
msgstr "Legitimierung ist zur Verwaltung optionaler Funktionen erforderlich"
msgstr ""
"Legitimierung ist zur Verwaltung aktiver Sitzungen, Benutzern und "
"Arbeitsstationen notwendig."
#: src/timedate/org.freedesktop.timedate1.policy:22
msgid "Set system time"

View File

@ -3,13 +3,12 @@
# Finnish translation of systemd.
# Jan Kuparinen <copper_fin@hotmail.com>, 2021, 2022, 2023.
# Ricky Tigg <ricky.tigg@gmail.com>, 2022, 2024.
# Jiri Grönroos <jiri.gronroos@iki.fi>, 2024.
msgid ""
msgstr ""
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2024-11-06 14:42+0000\n"
"PO-Revision-Date: 2024-11-20 19:13+0000\n"
"Last-Translator: Jiri Grönroos <jiri.gronroos@iki.fi>\n"
"PO-Revision-Date: 2024-09-12 13:43+0000\n"
"Last-Translator: Ricky Tigg <ricky.tigg@gmail.com>\n"
"Language-Team: Finnish <https://translate.fedoraproject.org/projects/systemd/"
"main/fi/>\n"
"Language: fi\n"
@ -17,7 +16,7 @@ msgstr ""
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=n != 1;\n"
"X-Generator: Weblate 5.8.2\n"
"X-Generator: Weblate 5.7.2\n"
#: src/core/org.freedesktop.systemd1.policy.in:22
msgid "Send passphrase back to system"
@ -113,12 +112,14 @@ msgid "Authentication is required to update a user's home area."
msgstr "Todennus vaaditaan käyttäjän kotialueen päivittämiseksi."
#: src/home/org.freedesktop.home1.policy:53
#, fuzzy
msgid "Update your home area"
msgstr "Päivitä kotialue"
#: src/home/org.freedesktop.home1.policy:54
#, fuzzy
msgid "Authentication is required to update your home area."
msgstr "Todennus vaaditaan kotialueen päivittämiseksi."
msgstr "Todennus vaaditaan käyttäjän kotialueen päivittämiseksi."
#: src/home/org.freedesktop.home1.policy:63
msgid "Resize a home area"
@ -1173,11 +1174,14 @@ msgstr "Todennus vaaditaan vanhojen järjestelmäpäivitysten puhdistamiseen."
#: src/sysupdate/org.freedesktop.sysupdate1.policy:75
msgid "Manage optional features"
msgstr "Hallitse valinnaisia ominaisuuksia"
msgstr ""
#: src/sysupdate/org.freedesktop.sysupdate1.policy:76
#, fuzzy
msgid "Authentication is required to manage optional features"
msgstr "Todennus vaaditaan valinnaisten ominaisuuksien hallintaan"
msgstr ""
"Todennus vaaditaan aktiivisten istuntojen, käyttäjien ja paikkojen "
"hallintaan."
#: src/timedate/org.freedesktop.timedate1.policy:22
msgid "Set system time"

View File

@ -12,7 +12,7 @@ msgid ""
msgstr ""
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2024-11-06 14:42+0000\n"
"PO-Revision-Date: 2024-11-20 19:13+0000\n"
"PO-Revision-Date: 2024-11-07 09:30+0000\n"
"Last-Translator: Léane GRASSER <leane.grasser@proton.me>\n"
"Language-Team: French <https://translate.fedoraproject.org/projects/systemd/"
"main/fr/>\n"
@ -360,8 +360,8 @@ msgid ""
"Authentication is required to set the statically configured local hostname, "
"as well as the pretty hostname."
msgstr ""
"Une authentification est requise pour définir le nom d'hôte local configuré "
"de manière statique, ainsi que le nom d'hôte convivial."
"Une authentification est requise pour définir le nom d'hôte local de manière "
"statique, ainsi que le nom d'hôte familier."
#: src/hostname/org.freedesktop.hostname1.policy:41
msgid "Set machine information"

114
po/he.po
View File

@ -1,22 +1,22 @@
# SPDX-License-Identifier: LGPL-2.1-or-later
#
# Yaron Shahrabani <sh.yaron@gmail.com>, 2023, 2024.
# Yaron Shahrabani <sh.yaron@gmail.com>, 2023.
msgid ""
msgstr ""
"Project-Id-Version: systemd\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2024-11-06 14:42+0000\n"
"PO-Revision-Date: 2024-11-19 07:38+0000\n"
"PO-Revision-Date: 2023-11-22 00:01+0000\n"
"Last-Translator: Yaron Shahrabani <sh.yaron@gmail.com>\n"
"Language-Team: Hebrew <https://translate.fedoraproject.org/projects/systemd/"
"main/he/>\n"
"master/he/>\n"
"Language: he\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=4; plural=(n == 1) ? 0 : ((n == 2) ? 1 : ((n > 10 && "
"n % 10 == 0) ? 2 : 3));\n"
"X-Generator: Weblate 5.8.2\n"
"X-Generator: Weblate 5.2\n"
#: src/core/org.freedesktop.systemd1.policy.in:22
msgid "Send passphrase back to system"
@ -106,12 +106,14 @@ msgid "Authentication is required to update a user's home area."
msgstr "נדרש אימות כדי לעדכן אזור בית למשתמש."
#: src/home/org.freedesktop.home1.policy:53
#, fuzzy
msgid "Update your home area"
msgstr "עדכון אזור הבית שלך"
msgstr "עדכון אזור בית"
#: src/home/org.freedesktop.home1.policy:54
#, fuzzy
msgid "Authentication is required to update your home area."
msgstr "נדרש אימות כדי לעדכן את אזור הבית שלך."
msgstr "נדרש אימות כדי לעדכן אזור בית למשתמש."
#: src/home/org.freedesktop.home1.policy:63
msgid "Resize a home area"
@ -131,12 +133,14 @@ msgid ""
msgstr "נדרש אימות כדי להחליף סיסמה של אזור בית למשתמש."
#: src/home/org.freedesktop.home1.policy:83
#, fuzzy
msgid "Activate a home area"
msgstr "הפעלת אזור בית"
msgstr "יצירת אזור בית"
#: src/home/org.freedesktop.home1.policy:84
#, fuzzy
msgid "Authentication is required to activate a user's home area."
msgstr "נדרש אימות כדי להפעיל אזור בית של משתמש."
msgstr "נדרש אימות כדי ליצור אזור בית למשתמש."
#: src/home/pam_systemd_home.c:293
#, c-format
@ -347,37 +351,46 @@ msgid "Authentication is required to get system description."
msgstr "נדרש אימות כדי למשוך את תיאור המערכת."
#: src/import/org.freedesktop.import1.policy:22
#, fuzzy
msgid "Import a disk image"
msgstr "ייבוא דמות כונן"
msgstr "לייבא מכונה וירטואלית או דמות של מכולה (container image)"
#: src/import/org.freedesktop.import1.policy:23
#, fuzzy
msgid "Authentication is required to import an image."
msgstr "נדרש אימות כדי לייבא דמות."
msgstr ""
"נדרש אימות כדי לייבא מכונה וירטואלית או דמות של מכולה (container image)"
#: src/import/org.freedesktop.import1.policy:32
#, fuzzy
msgid "Export a disk image"
msgstr "ייצוא דמות כונן"
msgstr "ייצוא מכונה וירטואלית או דמות של מכולה (container image)"
#: src/import/org.freedesktop.import1.policy:33
#, fuzzy
msgid "Authentication is required to export disk image."
msgstr "נדרש אימות כדי לייצא דמות כונן."
msgstr ""
"נדרש אימות כדי לייצא מכונה וירטואלית או דמות של מכולה (container image)"
#: src/import/org.freedesktop.import1.policy:42
#, fuzzy
msgid "Download a disk image"
msgstr "הורדת דמות כונן"
msgstr "הורדת מכונה וירטואלית או דמות מכולה"
#: src/import/org.freedesktop.import1.policy:43
#, fuzzy
msgid "Authentication is required to download a disk image."
msgstr "נדרש אימות כדי להוריד דמות כונן."
msgstr "נדרש אימות כדי להוריד מכונה וירטואלית או דמות מכולה"
#: src/import/org.freedesktop.import1.policy:52
msgid "Cancel transfer of a disk image"
msgstr "ביטול העברה של דמות כונן"
msgstr ""
#: src/import/org.freedesktop.import1.policy:53
#, fuzzy
msgid ""
"Authentication is required to cancel the ongoing transfer of a disk image."
msgstr "נדרש אימות כדי לבטל העברה של דמות כונן שמתבצעת בזמן אמת."
msgstr "נדרש אימות כדי להחליף סיסמה של אזור בית למשתמש."
#: src/locale/org.freedesktop.locale1.policy:22
msgid "Set system locale"
@ -719,8 +732,9 @@ msgid "Set a wall message"
msgstr "הגדרת הודעת קיר"
#: src/login/org.freedesktop.login1.policy:397
#, fuzzy
msgid "Authentication is required to set a wall message."
msgstr "נדרש אימות כדי להגדיר הודעת קיר."
msgstr "נדרש אימות כדי להגדיר הודעת קיר"
#: src/login/org.freedesktop.login1.policy:406
msgid "Change Session"
@ -790,14 +804,16 @@ msgstr ""
"נדרש אימות כדי לנהל מכונות וירטואליות (VM) ומכולות (container) מקומיות."
#: src/machine/org.freedesktop.machine1.policy:95
#, fuzzy
msgid "Create a local virtual machine or container"
msgstr "יצירת מכונה וירטואלית או מכולה מקומיות"
msgstr "ניהול מכונות וירטואליות ומכולות מקומיות"
#: src/machine/org.freedesktop.machine1.policy:96
#, fuzzy
msgid ""
"Authentication is required to create a local virtual machine or container."
msgstr ""
"נדרש אימות כדי ליצור מכונות וירטואליות (VM) או מכולות (container) מקומיות."
"נדרש אימות כדי לנהל מכונות וירטואליות (VM) ומכולות (container) מקומיות."
#: src/machine/org.freedesktop.machine1.policy:106
msgid "Manage local virtual machine and container images"
@ -949,13 +965,13 @@ msgstr "נדרש אימות כדי להגדיר כרטיס רשת מחדש."
#: src/network/org.freedesktop.network1.policy:187
msgid "Specify whether persistent storage for systemd-networkd is available"
msgstr "נא לציין האם יש אחסון קבוע זמין ל־systemd-networkd"
msgstr ""
#: src/network/org.freedesktop.network1.policy:188
msgid ""
"Authentication is required to specify whether persistent storage for systemd-"
"networkd is available."
msgstr "נדרש אימות כדי לציין האם אחסון קבוע זמין ל־systemd-networkd."
msgstr ""
#: src/portable/org.freedesktop.portable1.policy:13
msgid "Inspect a portable service image"
@ -988,16 +1004,18 @@ msgid "Register a DNS-SD service"
msgstr "רישום שירות DNS-SD"
#: src/resolve/org.freedesktop.resolve1.policy:23
#, fuzzy
msgid "Authentication is required to register a DNS-SD service."
msgstr "נדרש אימות כדי לרשום שירות DNS-SD."
msgstr "נדרש אימות כדי לרשום שירות DNS-SD"
#: src/resolve/org.freedesktop.resolve1.policy:33
msgid "Unregister a DNS-SD service"
msgstr "ביטול רישום שירות DNS-SD"
#: src/resolve/org.freedesktop.resolve1.policy:34
#, fuzzy
msgid "Authentication is required to unregister a DNS-SD service."
msgstr "נדרש אימות כדי לבטל רישום של שירות DNS-SD."
msgstr "נדרש אימות כדי לבטל רישום של שירות DNS-SD"
#: src/resolve/org.freedesktop.resolve1.policy:132
msgid "Revert name resolution settings"
@ -1009,85 +1027,95 @@ msgstr "נדרש אימות כדי לאפס את הגדרות פתרון השמ
#: src/resolve/org.freedesktop.resolve1.policy:143
msgid "Subscribe query results"
msgstr "רישום לתוצאות שאילתה"
msgstr ""
#: src/resolve/org.freedesktop.resolve1.policy:144
#, fuzzy
msgid "Authentication is required to subscribe query results."
msgstr "נדרש אימות כדי להירשם לתוצאות שאילתה."
msgstr "נדרש אימות כדי להשהות את המערכת."
#: src/resolve/org.freedesktop.resolve1.policy:154
msgid "Dump cache"
msgstr "היטל המטמון"
msgstr ""
#: src/resolve/org.freedesktop.resolve1.policy:155
#, fuzzy
msgid "Authentication is required to dump cache."
msgstr "נדרש אימות כדי להטיל את המטמון."
msgstr "נדרש אימות כדי להגדיר שמות תחום."
#: src/resolve/org.freedesktop.resolve1.policy:165
msgid "Dump server state"
msgstr "היטל מצב השרת"
msgstr ""
#: src/resolve/org.freedesktop.resolve1.policy:166
#, fuzzy
msgid "Authentication is required to dump server state."
msgstr "נדרש אימות כדי להטיל את מצב השרת."
msgstr "נדרש אימות כדי להגדיר שרתי NTP."
#: src/resolve/org.freedesktop.resolve1.policy:176
msgid "Dump statistics"
msgstr "היטל סטטיסטיקה"
msgstr ""
#: src/resolve/org.freedesktop.resolve1.policy:177
#, fuzzy
msgid "Authentication is required to dump statistics."
msgstr "נדרש אימות כדי להטיל סטטיסטיקה."
msgstr "נדרש אימות כדי להגדיר שמות תחום."
#: src/resolve/org.freedesktop.resolve1.policy:187
msgid "Reset statistics"
msgstr "איפוס סטטיסטיקה"
msgstr ""
#: src/resolve/org.freedesktop.resolve1.policy:188
#, fuzzy
msgid "Authentication is required to reset statistics."
msgstr "נדרש אימות כדי לאפס סטטיסטיקה."
msgstr "נדרש אימות כדי לאפס הגדרות NTP."
#: src/sysupdate/org.freedesktop.sysupdate1.policy:35
msgid "Check for system updates"
msgstr "חיפוש עדכוני מערכת"
msgstr ""
#: src/sysupdate/org.freedesktop.sysupdate1.policy:36
#, fuzzy
msgid "Authentication is required to check for system updates."
msgstr "נדרש אימות כדי לחפש עדכוני מערכת."
msgstr "נדרש אימות כדי להגדיר את שעון המערכת."
#: src/sysupdate/org.freedesktop.sysupdate1.policy:45
msgid "Install system updates"
msgstr "התקנת עדכוני מערכת"
msgstr ""
#: src/sysupdate/org.freedesktop.sysupdate1.policy:46
#, fuzzy
msgid "Authentication is required to install system updates."
msgstr "נדרש אימות כדי להתקין עדכוני מערכת."
msgstr "נדרש אימות כדי להגדיר את שעון המערכת."
#: src/sysupdate/org.freedesktop.sysupdate1.policy:55
msgid "Install specific system version"
msgstr "התקנת גרסת מערכת מסוימת"
msgstr ""
#: src/sysupdate/org.freedesktop.sysupdate1.policy:56
#, fuzzy
msgid ""
"Authentication is required to update the system to a specific (possibly old) "
"version."
msgstr "נדרש אימות כדי לעדכן את המערכת לגרסה מסוימת (כנראה ישנה)."
msgstr "נדרש אימות כדי להגדיר את אזור הזמן של המערכת."
#: src/sysupdate/org.freedesktop.sysupdate1.policy:65
msgid "Cleanup old system updates"
msgstr "ניקוי עדכוני מערכת ישנים"
msgstr ""
#: src/sysupdate/org.freedesktop.sysupdate1.policy:66
#, fuzzy
msgid "Authentication is required to cleanup old system updates."
msgstr "נדרש אימות כדי לנקות עדכוני מערכת ישנים."
msgstr "נדרש אימות כדי להגדיר את שעון המערכת."
#: src/sysupdate/org.freedesktop.sysupdate1.policy:75
msgid "Manage optional features"
msgstr "ניהול יכולות רשות"
msgstr ""
#: src/sysupdate/org.freedesktop.sysupdate1.policy:76
#, fuzzy
msgid "Authentication is required to manage optional features"
msgstr "נדרש אימות כדי לנהל יכולות רשות"
msgstr "נדרש אימות כדי לנהל הפעלות, משתמשים ומושבים פעילים."
#: src/timedate/org.freedesktop.timedate1.policy:22
msgid "Set system time"

View File

@ -6,7 +6,7 @@
msgid ""
msgstr ""
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2024-11-18 12:55+0900\n"
"POT-Creation-Date: 2024-11-06 14:42+0000\n"
"PO-Revision-Date: 2021-09-09 03:04+0000\n"
"Last-Translator: Takuro Onoue <kusanaginoturugi@gmail.com>\n"
"Language-Team: Japanese <https://translate.fedoraproject.org/projects/"
@ -106,12 +106,14 @@ msgid "Authentication is required to update a user's home area."
msgstr "ユーザのホーム領域の更新には認証が必要です。"
#: src/home/org.freedesktop.home1.policy:53
#, fuzzy
msgid "Update your home area"
msgstr "ホーム領域の更新"
#: src/home/org.freedesktop.home1.policy:54
#, fuzzy
msgid "Authentication is required to update your home area."
msgstr "ホーム領域の更新には認証が必要です。"
msgstr "ユーザのホーム領域の更新には認証が必要です。"
#: src/home/org.freedesktop.home1.policy:63
msgid "Resize a home area"
@ -1118,11 +1120,12 @@ msgstr "過去のシステム更新を削除するには認証が必要です。
#: src/sysupdate/org.freedesktop.sysupdate1.policy:75
msgid "Manage optional features"
msgstr "任意の機能の管理"
msgstr ""
#: src/sysupdate/org.freedesktop.sysupdate1.policy:76
#, fuzzy
msgid "Authentication is required to manage optional features"
msgstr "任意の機能を管理するには認証が必要です。"
msgstr "アクティブなセッションやユーザ,シートを管理するには認証が必要です。"
#: src/timedate/org.freedesktop.timedate1.policy:22
msgid "Set system time"

View File

@ -14,7 +14,7 @@ msgid ""
msgstr ""
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2024-11-06 14:42+0000\n"
"PO-Revision-Date: 2024-11-17 13:38+0000\n"
"PO-Revision-Date: 2024-11-07 09:30+0000\n"
"Last-Translator: \"Sergey A.\" <Ser82-png@yandex.ru>\n"
"Language-Team: Russian <https://translate.fedoraproject.org/projects/systemd/"
"main/ru/>\n"
@ -1280,7 +1280,7 @@ msgstr "Управление дополнительными функциями"
#: src/sysupdate/org.freedesktop.sysupdate1.policy:76
msgid "Authentication is required to manage optional features"
msgstr ""
"Для управления дополнительными функциями необходимо пройти аутентификацию"
"Для управления дополнительными функциями необходимо пройти аутентификацию."
#: src/timedate/org.freedesktop.timedate1.policy:22
msgid "Set system time"

View File

@ -7,7 +7,7 @@ msgstr ""
"Project-Id-Version: systemd\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2024-11-06 14:42+0000\n"
"PO-Revision-Date: 2024-11-20 19:13+0000\n"
"PO-Revision-Date: 2024-08-26 19:38+0000\n"
"Last-Translator: Martin Srebotnjak <miles@filmsi.net>\n"
"Language-Team: Slovenian <https://translate.fedoraproject.org/projects/"
"systemd/main/sl/>\n"
@ -17,7 +17,7 @@ msgstr ""
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=4; plural=n%100==1 ? 0 : n%100==2 ? 1 : n%100==3 || "
"n%100==4 ? 2 : 3;\n"
"X-Generator: Weblate 5.8.2\n"
"X-Generator: Weblate 5.7\n"
#: src/core/org.freedesktop.systemd1.policy.in:22
msgid "Send passphrase back to system"
@ -125,13 +125,16 @@ msgstr ""
"območja."
#: src/home/org.freedesktop.home1.policy:53
#, fuzzy
msgid "Update your home area"
msgstr "Posodobite domače območje"
#: src/home/org.freedesktop.home1.policy:54
#, fuzzy
msgid "Authentication is required to update your home area."
msgstr ""
"Preverjanje pristnosti je potrebno za posodobitev vašega domačega območja."
"Preverjanje pristnosti je potrebno za posodobitev uporabnikovega domačega "
"območja."
#: src/home/org.freedesktop.home1.policy:63
msgid "Resize a home area"
@ -1231,12 +1234,14 @@ msgstr ""
#: src/sysupdate/org.freedesktop.sysupdate1.policy:75
msgid "Manage optional features"
msgstr "Upravljaj dodatne funkcionalnosti"
msgstr ""
#: src/sysupdate/org.freedesktop.sysupdate1.policy:76
#, fuzzy
msgid "Authentication is required to manage optional features"
msgstr ""
"Preverjanje pristnosti je potrebno za upravljanje dodatnih funkcionalnosti."
"Preverjanje pristnosti je potrebno za upravljanje aktivnih sej, uporabnikov "
"in delovišč."
#: src/timedate/org.freedesktop.timedate1.policy:22
msgid "Set system time"

View File

@ -4,12 +4,11 @@
# Eugene Melnik <jeka7js@gmail.com>, 2014.
# Daniel Korostil <ted.korostiled@gmail.com>, 2014, 2016, 2018.
# Yuri Chornoivan <yurchor@ukr.net>, 2019, 2020, 2021, 2022, 2023, 2024.
# Dmytro Markevych <hotr1pak@gmail.com>, 2024.
msgid ""
msgstr ""
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2024-11-06 14:42+0000\n"
"PO-Revision-Date: 2024-11-21 19:38+0000\n"
"PO-Revision-Date: 2024-08-24 10:36+0000\n"
"Last-Translator: Yuri Chornoivan <yurchor@ukr.net>\n"
"Language-Team: Ukrainian <https://translate.fedoraproject.org/projects/"
"systemd/main/uk/>\n"
@ -19,7 +18,7 @@ msgstr ""
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=3; plural=n%10==1 && n%100!=11 ? 0 : n%10>=2 && "
"n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2;\n"
"X-Generator: Weblate 5.8.2\n"
"X-Generator: Weblate 5.7\n"
#: src/core/org.freedesktop.systemd1.policy.in:22
msgid "Send passphrase back to system"
@ -119,12 +118,14 @@ msgid "Authentication is required to update a user's home area."
msgstr "Для оновлення домашньої теки користувача слід пройти розпізнавання."
#: src/home/org.freedesktop.home1.policy:53
#, fuzzy
msgid "Update your home area"
msgstr "Оновлення домашньої області"
msgstr "Оновлення домашньої теки"
#: src/home/org.freedesktop.home1.policy:54
#, fuzzy
msgid "Authentication is required to update your home area."
msgstr "Для оновлення домашньої області слід пройти розпізнавання."
msgstr "Для оновлення домашньої теки користувача слід пройти розпізнавання."
#: src/home/org.freedesktop.home1.policy:63
msgid "Resize a home area"
@ -1211,11 +1212,14 @@ msgstr "Для вилучення застарілих оновлень сист
#: src/sysupdate/org.freedesktop.sysupdate1.policy:75
msgid "Manage optional features"
msgstr "Керування додатковими функціями"
msgstr ""
#: src/sysupdate/org.freedesktop.sysupdate1.policy:76
#, fuzzy
msgid "Authentication is required to manage optional features"
msgstr "Для керування додатковими можливостями слід пройти розпізнавання"
msgstr ""
"Для того, щоб керувати сеансами, користувачами і робочими місцями, слід "
"пройти розпізнавання."
#: src/timedate/org.freedesktop.timedate1.policy:22
msgid "Set system time"

View File

@ -38,12 +38,19 @@ __get_tpm2_devices() {
done
}
__get_block_devices() {
local i
for i in /dev/*; do
[ -b "$i" ] && printf '%s\n' "$i"
done
}
_systemd_cryptenroll() {
local comps
local cur=${COMP_WORDS[COMP_CWORD]} prev=${COMP_WORDS[COMP_CWORD-1]} words cword
local -A OPTS=(
[STANDALONE]='-h --help --version
--password --recovery-key --list-devices'
--password --recovery-key'
[ARG]='--unlock-key-file
--unlock-fido2-device
--unlock-tpm2-device
@ -109,7 +116,7 @@ _systemd_cryptenroll() {
return 0
fi
comps=$(systemd-cryptenroll --list-devices)
comps=$(__get_block_devices)
COMPREPLY=( $(compgen -W '$comps' -- "$cur") )
return 0
}

View File

@ -15,59 +15,27 @@
#include "parse-util.h"
#include "process-util.h"
#include "socket-util.h"
#include "stat-util.h"
#include "user-util.h"
#include "virt.h"
static int audit_read_field(const PidRef *pid, const char *field, char **ret) {
int r;
assert(field);
assert(ret);
if (!pidref_is_set(pid))
return -ESRCH;
/* Auditing is currently not virtualized for containers. Let's hence not use the audit session ID or
* login UID for now, it will be leaked in from the host */
if (detect_container() > 0)
return -ENODATA;
const char *p = procfs_file_alloca(pid->pid, field);
int audit_session_from_pid(pid_t pid, uint32_t *id) {
_cleanup_free_ char *s = NULL;
bool enoent = false;
r = read_virtual_file(p, SIZE_MAX, &s, /* ret_size= */ NULL);
if (r == -ENOENT) {
if (proc_mounted() == 0)
return -ENOSYS;
enoent = true;
} else if (r < 0)
return r;
r = pidref_verify(pid);
if (r < 0)
return r;
if (enoent) /* We got ENOENT, but /proc/ was mounted and the PID still valid? In that case it appears
* auditing is not supported by the kernel. */
return -ENODATA;
delete_trailing_chars(s, NEWLINE);
*ret = TAKE_PTR(s);
return 0;
}
int audit_session_from_pid(const PidRef *pid, uint32_t *ret_id) {
_cleanup_free_ char *s = NULL;
int r;
r = audit_read_field(pid, "sessionid", &s);
if (r < 0)
return r;
const char *p;
uint32_t u;
int r;
assert(id);
/* We don't convert ENOENT to ESRCH here, since we can't
* really distinguish between "audit is not available in the
* kernel" and "the process does not exist", both which will
* result in ENOENT. */
p = procfs_file_alloca(pid, "sessionid");
r = read_one_line_file(p, &s);
if (r < 0)
return r;
r = safe_atou32(s, &u);
if (r < 0)
return r;
@ -75,24 +43,32 @@ int audit_session_from_pid(const PidRef *pid, uint32_t *ret_id) {
if (!audit_session_is_valid(u))
return -ENODATA;
if (ret_id)
*ret_id = u;
*id = u;
return 0;
}
int audit_loginuid_from_pid(const PidRef *pid, uid_t *ret_uid) {
int audit_loginuid_from_pid(pid_t pid, uid_t *uid) {
_cleanup_free_ char *s = NULL;
const char *p;
uid_t u;
int r;
r = audit_read_field(pid, "loginuid", &s);
assert(uid);
p = procfs_file_alloca(pid, "loginuid");
r = read_one_line_file(p, &s);
if (r < 0)
return r;
if (streq(s, "4294967295")) /* loginuid as 4294967295 means not part of any session. */
r = parse_uid(s, &u);
if (r == -ENXIO) /* the UID was -1 */
return -ENODATA;
if (r < 0)
return r;
return parse_uid(s, ret_uid);
*uid = u;
return 0;
}
static int try_audit_request(int fd) {
@ -137,32 +113,33 @@ bool use_audit(void) {
static int cached_use = -1;
int r;
if (cached_use >= 0)
return cached_use;
if (cached_use < 0) {
int fd;
_cleanup_close_ int fd = socket(AF_NETLINK, SOCK_RAW|SOCK_CLOEXEC|SOCK_NONBLOCK, NETLINK_AUDIT);
if (fd < 0) {
cached_use = !ERRNO_IS_PRIVILEGE(errno) && !ERRNO_IS_NOT_SUPPORTED(errno);
if (cached_use)
log_debug_errno(errno, "Unexpected error while creating audit socket, proceeding with its use: %m");
else
log_debug_errno(errno, "Won't talk to audit, because feature or privilege absent: %m");
} else {
/* If we try and use the audit fd but get -ECONNREFUSED, it is because we are not in the
* initial user namespace, and the kernel does not have support for audit outside of the
* initial user namespace (see
* https://elixir.bootlin.com/linux/latest/C/ident/audit_netlink_ok).
*
* If we receive any other error, do not disable audit because we are not sure that the error
* indicates that audit will not work in general. */
r = try_audit_request(fd);
if (r < 0) {
cached_use = r != -ECONNREFUSED;
log_debug_errno(r, cached_use ?
"Failed to make request on audit fd, ignoring: %m" :
"Won't talk to audit: %m");
} else
cached_use = true;
fd = socket(AF_NETLINK, SOCK_RAW|SOCK_CLOEXEC|SOCK_NONBLOCK, NETLINK_AUDIT);
if (fd < 0) {
cached_use = !IN_SET(errno, EAFNOSUPPORT, EPROTONOSUPPORT, EPERM);
if (!cached_use)
log_debug_errno(errno, "Won't talk to audit: %m");
} else {
/* If we try and use the audit fd but get -ECONNREFUSED, it is because
* we are not in the initial user namespace, and the kernel does not
* have support for audit outside of the initial user namespace
* (see https://elixir.bootlin.com/linux/latest/C/ident/audit_netlink_ok).
*
* If we receive any other error, do not disable audit because we are not
* sure that the error indicates that audit will not work in general. */
r = try_audit_request(fd);
if (r < 0) {
cached_use = r != -ECONNREFUSED;
log_debug_errno(r, cached_use ?
"Failed to make request on audit fd, ignoring: %m" :
"Won't talk to audit: %m");
} else
cached_use = true;
safe_close(fd);
}
}
return cached_use;

View File

@ -5,12 +5,10 @@
#include <stdint.h>
#include <sys/types.h>
#include "pidref.h"
#define AUDIT_SESSION_INVALID UINT32_MAX
int audit_session_from_pid(const PidRef *pid, uint32_t *id);
int audit_loginuid_from_pid(const PidRef *pid, uid_t *uid);
int audit_session_from_pid(pid_t pid, uint32_t *id);
int audit_loginuid_from_pid(pid_t pid, uid_t *uid);
bool use_audit(void);

View File

@ -799,20 +799,16 @@ int cg_pid_get_path(const char *controller, pid_t pid, char **ret_path) {
continue;
}
_cleanup_free_ char *path = strdup(e + 1);
char *path = strdup(e + 1);
if (!path)
return -ENOMEM;
/* Refuse cgroup paths from outside our cgroup namespace */
if (startswith(path, "/../"))
return -EUNATCH;
/* Truncate suffix indicating the process is a zombie */
e = endswith(path, " (deleted)");
if (e)
*e = 0;
*ret_path = TAKE_PTR(path);
*ret_path = path;
return 0;
}
}

View File

@ -81,7 +81,6 @@ const char* special_glyph_full(SpecialGlyph code, bool force_utf) {
[SPECIAL_GLYPH_BLUE_CIRCLE] = "o",
[SPECIAL_GLYPH_GREEN_CIRCLE] = "o",
[SPECIAL_GLYPH_SUPERHERO] = "S",
[SPECIAL_GLYPH_IDCARD] = "@",
},
/* UTF-8 */
@ -152,7 +151,6 @@ const char* special_glyph_full(SpecialGlyph code, bool force_utf) {
[SPECIAL_GLYPH_BLUE_CIRCLE] = u8"🔵",
[SPECIAL_GLYPH_GREEN_CIRCLE] = u8"🟢",
[SPECIAL_GLYPH_SUPERHERO] = u8"🦸",
[SPECIAL_GLYPH_IDCARD] = u8"🪪",
},
};

View File

@ -56,7 +56,6 @@ typedef enum SpecialGlyph {
SPECIAL_GLYPH_BLUE_CIRCLE,
SPECIAL_GLYPH_GREEN_CIRCLE,
SPECIAL_GLYPH_SUPERHERO,
SPECIAL_GLYPH_IDCARD,
_SPECIAL_GLYPH_MAX,
_SPECIAL_GLYPH_INVALID = -EINVAL,
} SpecialGlyph;

View File

@ -136,14 +136,12 @@ int namespace_open(
int *ret_userns_fd,
int *ret_root_fd) {
_cleanup_(pidref_done) PidRef pidref = PIDREF_NULL;
int r;
assert(pid >= 0);
r = pidref_set_pid(&pidref, pid);
if (r < 0)
return r;
if (pid == 0)
pid = getpid_cached();
return pidref_namespace_open(&pidref, ret_pidns_fd, ret_mntns_fd, ret_netns_fd, ret_userns_fd, ret_root_fd);
return pidref_namespace_open(&PIDREF_MAKE_FROM_PID(pid), ret_pidns_fd, ret_mntns_fd, ret_netns_fd, ret_userns_fd, ret_root_fd);
}
int namespace_enter(int pidns_fd, int mntns_fd, int netns_fd, int userns_fd, int root_fd) {

View File

@ -102,8 +102,8 @@ int pid_get_comm(pid_t pid, char **ret) {
_cleanup_free_ char *escaped = NULL, *comm = NULL;
int r;
assert(pid >= 0);
assert(ret);
assert(pid >= 0);
if (pid == 0 || pid == getpid_cached()) {
comm = new0(char, TASK_COMM_LEN + 1); /* Must fit in 16 byte according to prctl(2) */
@ -143,9 +143,6 @@ int pidref_get_comm(const PidRef *pid, char **ret) {
if (!pidref_is_set(pid))
return -ESRCH;
if (pidref_is_remote(pid))
return -EREMOTE;
r = pid_get_comm(pid->pid, &comm);
if (r < 0)
return r;
@ -292,9 +289,6 @@ int pidref_get_cmdline(const PidRef *pid, size_t max_columns, ProcessCmdlineFlag
if (!pidref_is_set(pid))
return -ESRCH;
if (pidref_is_remote(pid))
return -EREMOTE;
r = pid_get_cmdline(pid->pid, max_columns, flags, &s);
if (r < 0)
return r;
@ -337,9 +331,6 @@ int pidref_get_cmdline_strv(const PidRef *pid, ProcessCmdlineFlags flags, char *
if (!pidref_is_set(pid))
return -ESRCH;
if (pidref_is_remote(pid))
return -EREMOTE;
r = pid_get_cmdline_strv(pid->pid, flags, &args);
if (r < 0)
return r;
@ -486,9 +477,6 @@ int pidref_is_kernel_thread(const PidRef *pid) {
if (!pidref_is_set(pid))
return -ESRCH;
if (pidref_is_remote(pid))
return -EREMOTE;
result = pid_is_kernel_thread(pid->pid);
if (result < 0)
return result;
@ -606,9 +594,6 @@ int pidref_get_uid(const PidRef *pid, uid_t *ret) {
if (!pidref_is_set(pid))
return -ESRCH;
if (pidref_is_remote(pid))
return -EREMOTE;
r = pid_get_uid(pid->pid, &uid);
if (r < 0)
return r;
@ -809,9 +794,6 @@ int pidref_get_start_time(const PidRef *pid, usec_t *ret) {
if (!pidref_is_set(pid))
return -ESRCH;
if (pidref_is_remote(pid))
return -EREMOTE;
r = pid_get_start_time(pid->pid, ret ? &t : NULL);
if (r < 0)
return r;
@ -1111,9 +1093,6 @@ int pidref_is_my_child(const PidRef *pid) {
if (!pidref_is_set(pid))
return -ESRCH;
if (pidref_is_remote(pid))
return -EREMOTE;
result = pid_is_my_child(pid->pid);
if (result < 0)
return result;
@ -1149,9 +1128,6 @@ int pidref_is_unwaited(const PidRef *pid) {
if (!pidref_is_set(pid))
return -ESRCH;
if (pidref_is_remote(pid))
return -EREMOTE;
if (pid->pid == 1 || pidref_is_self(pid))
return true;
@ -1193,9 +1169,6 @@ int pidref_is_alive(const PidRef *pidref) {
if (!pidref_is_set(pidref))
return -ESRCH;
if (pidref_is_remote(pidref))
return -EREMOTE;
result = pid_is_alive(pidref->pid);
if (result < 0) {
assert(result != -ESRCH);
@ -1487,8 +1460,8 @@ int safe_fork_full(
bool block_signals = false, block_all = false, intermediary = false;
int prio, r;
assert(!FLAGS_SET(flags, FORK_DETACH) ||
(!ret_pid && (flags & (FORK_WAIT|FORK_DEATHSIG_SIGTERM|FORK_DEATHSIG_SIGINT|FORK_DEATHSIG_SIGKILL)) == 0));
assert(!FLAGS_SET(flags, FORK_DETACH) || !ret_pid);
assert(!FLAGS_SET(flags, FORK_DETACH|FORK_WAIT));
/* A wrapper around fork(), that does a couple of important initializations in addition to mere forking. Always
* returns the child's PID in *ret_pid. Returns == 0 in the child, and > 0 in the parent. */
@ -1842,9 +1815,6 @@ int namespace_fork(
int set_oom_score_adjust(int value) {
char t[DECIMAL_STR_MAX(int)];
if (!oom_score_adjust_is_valid(value))
return -EINVAL;
xsprintf(t, "%i", value);
return write_string_file("/proc/self/oom_score_adj", t,
@ -1861,16 +1831,11 @@ int get_oom_score_adjust(int *ret) {
delete_trailing_chars(t, WHITESPACE);
r = safe_atoi(t, &a);
if (r < 0)
return r;
if (!oom_score_adjust_is_valid(a))
return -ENODATA;
assert_se(safe_atoi(t, &a) >= 0);
assert_se(oom_score_adjust_is_valid(a));
if (ret)
*ret = a;
return 0;
}

View File

@ -220,9 +220,9 @@ static int synthesize_user_creds(
if (ret_gid)
*ret_gid = GID_NOBODY;
if (ret_home)
*ret_home = FLAGS_SET(flags, USER_CREDS_SUPPRESS_PLACEHOLDER) ? NULL : "/";
*ret_home = FLAGS_SET(flags, USER_CREDS_CLEAN) ? NULL : "/";
if (ret_shell)
*ret_shell = FLAGS_SET(flags, USER_CREDS_SUPPRESS_PLACEHOLDER) ? NULL : NOLOGIN;
*ret_shell = FLAGS_SET(flags, USER_CREDS_CLEAN) ? NULL : NOLOGIN;
return 0;
}
@ -244,7 +244,6 @@ int get_user_creds(
assert(username);
assert(*username);
assert((ret_home || ret_shell) || !(flags & (USER_CREDS_SUPPRESS_PLACEHOLDER|USER_CREDS_CLEAN)));
if (!FLAGS_SET(flags, USER_CREDS_PREFER_NSS) ||
(!ret_home && !ret_shell)) {
@ -316,14 +315,17 @@ int get_user_creds(
if (ret_home)
/* Note: we don't insist on normalized paths, since there are setups that have /./ in the path */
*ret_home = (FLAGS_SET(flags, USER_CREDS_SUPPRESS_PLACEHOLDER) && empty_or_root(p->pw_dir)) ||
(FLAGS_SET(flags, USER_CREDS_CLEAN) && (!path_is_valid(p->pw_dir) || !path_is_absolute(p->pw_dir)))
? NULL : p->pw_dir;
*ret_home = (FLAGS_SET(flags, USER_CREDS_CLEAN) &&
(empty_or_root(p->pw_dir) ||
!path_is_valid(p->pw_dir) ||
!path_is_absolute(p->pw_dir))) ? NULL : p->pw_dir;
if (ret_shell)
*ret_shell = (FLAGS_SET(flags, USER_CREDS_SUPPRESS_PLACEHOLDER) && shell_is_placeholder(p->pw_shell)) ||
(FLAGS_SET(flags, USER_CREDS_CLEAN) && (!path_is_valid(p->pw_shell) || !path_is_absolute(p->pw_shell)))
? NULL : p->pw_shell;
*ret_shell = (FLAGS_SET(flags, USER_CREDS_CLEAN) &&
(isempty(p->pw_shell) ||
!path_is_valid(p->pw_shell) ||
!path_is_absolute(p->pw_shell) ||
is_nologin_shell(p->pw_shell))) ? NULL : p->pw_shell;
if (patch_username)
*username = p->pw_name;

View File

@ -12,8 +12,6 @@
#include <sys/types.h>
#include <unistd.h>
#include "string-util.h"
/* Users managed by systemd-homed. See https://systemd.io/UIDS-GIDS for details how this range fits into the rest of the world */
#define HOME_UID_MIN ((uid_t) 60001)
#define HOME_UID_MAX ((uid_t) 60513)
@ -38,20 +36,10 @@ static inline int parse_gid(const char *s, gid_t *ret_gid) {
char* getlogname_malloc(void);
char* getusername_malloc(void);
const char* default_root_shell_at(int rfd);
const char* default_root_shell(const char *root);
bool is_nologin_shell(const char *shell);
static inline bool shell_is_placeholder(const char *shell) {
return isempty(shell) || is_nologin_shell(shell);
}
typedef enum UserCredsFlags {
USER_CREDS_PREFER_NSS = 1 << 0, /* if set, only synthesize user records if database lacks them. Normally we bypass the userdb entirely for the records we can synthesize */
USER_CREDS_ALLOW_MISSING = 1 << 1, /* if a numeric UID string is resolved, be OK if there's no record for it */
USER_CREDS_CLEAN = 1 << 2, /* try to clean up shell and home fields with invalid data */
USER_CREDS_SUPPRESS_PLACEHOLDER = 1 << 3, /* suppress home and/or shell fields if value is placeholder (root/empty/nologin) */
USER_CREDS_PREFER_NSS = 1 << 0, /* if set, only synthesize user records if database lacks them. Normally we bypass the userdb entirely for the records we can synthesize */
USER_CREDS_ALLOW_MISSING = 1 << 1, /* if a numeric UID string is resolved, be OK if there's no record for it */
USER_CREDS_CLEAN = 1 << 2, /* try to clean up shell and home fields with invalid data */
} UserCredsFlags;
int get_user_creds(const char **username, uid_t *ret_uid, gid_t *ret_gid, const char **ret_home, const char **ret_shell, UserCredsFlags flags);
@ -137,6 +125,10 @@ int fgetsgent_sane(FILE *stream, struct sgrp **sg);
int putsgent_sane(const struct sgrp *sg, FILE *stream);
#endif
bool is_nologin_shell(const char *shell);
const char* default_root_shell_at(int rfd);
const char* default_root_shell(const char *root);
int is_this_me(const char *username);
const char* get_home_root(void);

View File

@ -1,18 +1,17 @@
# SPDX-License-Identifier: LGPL-2.1-or-later
if conf.get('ENABLE_BINFMT') != 1
subdir_done()
endif
executables += [
libexec_template + {
'name' : 'systemd-binfmt',
'public' : true,
'conditions' : ['ENABLE_BINFMT'],
'sources' : files('binfmt.c'),
},
]
install_emptydir(binfmtdir)
if install_sysconfdir
install_emptydir(sysconfdir / 'binfmt.d')
if conf.get('ENABLE_BINFMT') == 1
install_emptydir(binfmtdir)
if install_sysconfdir
install_emptydir(sysconfdir / 'binfmt.d')
endif
endif

View File

@ -2469,7 +2469,11 @@ static EFI_STATUS initrd_prepare(
return EFI_OUT_OF_RESOURCES;
}
_cleanup_pages_ Pages pages = xmalloc_initrd_pages(size);
_cleanup_pages_ Pages pages = xmalloc_pages(
AllocateMaxAddress,
EfiLoaderData,
EFI_SIZE_TO_PAGES(size),
UINT32_MAX /* Below 4G boundary. */);
uint8_t *p = PHYSICAL_ADDRESS_TO_POINTER(pages.addr);
STRV_FOREACH(i, entry->initrd) {

View File

@ -21,11 +21,6 @@
#include "smbios.h"
#include "util.h"
/* Validate the descriptor macros a bit that they match our expectations */
assert_cc(DEVICE_DESCRIPTOR_DEVICETREE == UINT32_C(0x1000001C));
assert_cc(DEVICE_SIZE_FROM_DESCRIPTOR(DEVICE_DESCRIPTOR_DEVICETREE) == sizeof(Device));
assert_cc(DEVICE_TYPE_FROM_DESCRIPTOR(DEVICE_DESCRIPTOR_DEVICETREE) == DEVICE_TYPE_DEVICETREE);
/**
* smbios_to_hashable_string() - Convert ascii smbios string to stripped char16_t.
*/
@ -110,10 +105,9 @@ EFI_STATUS chid_match(const void *hwid_buffer, size_t hwid_length, const Device
/* Count devices and check validity */
for (; (n_devices + 1) * sizeof(*devices) < hwid_length;) {
if (devices[n_devices].descriptor == DEVICE_DESCRIPTOR_EOL)
if (devices[n_devices].struct_size == 0)
break;
if (devices[n_devices].descriptor != DEVICE_DESCRIPTOR_DEVICETREE)
if (devices[n_devices].struct_size != sizeof(*devices))
return EFI_UNSUPPORTED;
n_devices++;
}

View File

@ -2,63 +2,22 @@
#pragma once
#include "efi.h"
#include "chid-fundamental.h"
/* A .hwids PE section consists of a series of 'Device' structures. A 'Device' structure binds a CHID to some
* resource, for now only Devicetree blobs. Designed to be extensible to other types of resources, should the
* need arise. The series of 'Device' structures is followed by some space for strings that can be referenced
* by offset by the Device structures. */
enum {
DEVICE_TYPE_DEVICETREE = 0x1, /* A devicetree blob */
/* Maybe later additional types for:
* - CoCo Bring-Your-Own-Firmware
* - ACPI DSDT Overrides
* - */
};
#define DEVICE_SIZE_FROM_DESCRIPTOR(u) ((uint32_t) (u) & UINT32_C(0x0FFFFFFF))
#define DEVICE_TYPE_FROM_DESCRIPTOR(u) ((uint32_t) (u) >> 28)
#define DEVICE_MAKE_DESCRIPTOR(type, size) (((uint32_t) (size) | ((uint32_t) type << 28)))
#define DEVICE_DESCRIPTOR_DEVICETREE DEVICE_MAKE_DESCRIPTOR(DEVICE_TYPE_DEVICETREE, sizeof(Device))
#define DEVICE_DESCRIPTOR_EOL UINT32_C(0)
typedef struct Device {
uint32_t descriptor; /* The highest four bit encode the type of entry, the other 28 bit encode the
* size of the structure. Use the macros above to generate or take apart this
* field. */
uint32_t struct_size; /* = sizeof(struct Device), or 0 for EOL */
uint32_t name_offset; /* nul-terminated string or 0 if not present */
uint32_t compatible_offset; /* nul-terminated string or 0 if not present */
EFI_GUID chid;
union {
struct {
/* These offsets are relative to the beginning of the .hwids PE section. */
uint32_t name_offset; /* nul-terminated string or 0 if not present */
uint32_t compatible_offset; /* nul-terminated string or 0 if not present */
} devicetree;
/* fields for other descriptor types… */
};
} _packed_ Device;
/* Validate some offset, since the structure is API and src/ukify/ukify.py encodes them directly */
assert_cc(offsetof(Device, descriptor) == 0);
assert_cc(offsetof(Device, chid) == 4);
assert_cc(offsetof(Device, devicetree.name_offset) == 20);
assert_cc(offsetof(Device, devicetree.compatible_offset) == 24);
assert_cc(sizeof(Device) == 28);
static inline const char* device_get_name(const void *base, const Device *device) {
if (device->descriptor != DEVICE_DESCRIPTOR_DEVICETREE)
return NULL;
return device->devicetree.name_offset == 0 ? NULL : (const char *) ((const uint8_t *) base + device->devicetree.name_offset);
return device->name_offset == 0 ? NULL : (const char *) ((const uint8_t *) base + device->name_offset);
}
static inline const char* device_get_compatible(const void *base, const Device *device) {
if (device->descriptor != DEVICE_DESCRIPTOR_DEVICETREE)
return NULL;
return device->devicetree.compatible_offset == 0 ? NULL : (const char *) ((const uint8_t *) base + device->devicetree.compatible_offset);
return device->compatible_offset == 0 ? NULL : (const char *) ((const uint8_t *) base + device->compatible_offset);
}
EFI_STATUS chid_match(const void *chids_buffer, size_t chids_length, const Device **ret_device);

View File

@ -27,7 +27,6 @@ _gnu_printf_(3, 4) EFI_STATUS log_internal(EFI_STATUS status, uint8_t text_color
log_internal(status, text_color, "%s:%i@%s: " format, __FILE__, __LINE__, __func__, ##__VA_ARGS__)
#define log_debug(...) log_full(EFI_SUCCESS, EFI_LIGHTGRAY, __VA_ARGS__)
#define log_info(...) log_full(EFI_SUCCESS, EFI_WHITE, __VA_ARGS__)
#define log_warning_status(status, ...) log_full(status, EFI_YELLOW, __VA_ARGS__)
#define log_error_status(status, ...) log_full(status, EFI_LIGHTRED, __VA_ARGS__)
#define log_error(...) log_full(EFI_INVALID_PARAMETER, EFI_LIGHTRED, __VA_ARGS__)
#define log_oom() log_full(EFI_OUT_OF_RESOURCES, EFI_LIGHTRED, "Out of memory.")

View File

@ -320,7 +320,7 @@ static void pe_locate_sections(
/* device */ NULL,
&hwids_section);
if (PE_SECTION_VECTOR_IS_SET(&hwids_section)) {
if (hwids_section.memory_offset != 0) {
hwids = (const uint8_t *) SIZE_TO_PTR(validate_base) + hwids_section.memory_offset;
EFI_STATUS err = chid_match(hwids, hwids_section.memory_size, &device);
@ -328,7 +328,8 @@ static void pe_locate_sections(
log_error_status(err, "HWID matching failed, no DT blob will be selected: %m");
hwids = NULL;
}
}
} else
log_info("HWIDs section is missing, no DT blob will be selected");
}
return pe_locate_sections_internal(
@ -358,7 +359,7 @@ static uint32_t get_compatibility_entry_address(const DosFileHeader *dos, const
PTR_TO_SIZE(dos),
&vector);
if (!PE_SECTION_VECTOR_IS_SET(&vector)) /* not found */
if (vector.memory_size == 0) /* not found */
return 0;
typedef struct {

View File

@ -43,11 +43,8 @@ static EFI_STATUS acquire_rng(void *ret, size_t size) {
return EFI_UNSUPPORTED;
err = rng->GetRNG(rng, NULL, size, ret);
/* On some systems the RNG might not be ready during early boot, handle gracefully and don't log. */
if (err == EFI_NOT_READY)
return err;
if (err != EFI_SUCCESS)
return log_warning_status(err, "Failed to acquire RNG data, proceeding without: %m");
return log_error_status(err, "Failed to acquire RNG data: %m");
return EFI_SUCCESS;
}

View File

@ -114,9 +114,12 @@ static EFI_STATUS combine_initrds(
n += initrd_size;
}
_cleanup_pages_ Pages pages = xmalloc_initrd_pages(n);
_cleanup_pages_ Pages pages = xmalloc_pages(
AllocateMaxAddress,
EfiLoaderData,
EFI_SIZE_TO_PAGES(n),
UINT32_MAX /* Below 4G boundary. */);
uint8_t *p = PHYSICAL_ADDRESS_TO_POINTER(pages.addr);
FOREACH_ARRAY(i, initrds, n_initrds) {
size_t pad;

View File

@ -99,29 +99,6 @@ static inline Pages xmalloc_pages(
};
}
static inline Pages xmalloc_initrd_pages(size_t n_pages) {
/* The original native x86 boot protocol of the Linux kernel was not 64bit safe, hence we allocate
* memory for the initrds below the 4G boundary on x86, since we don't know early enough which
* protocol we'll use to ultimately boot the kernel. This restriction is somewhat obsolete, since
* these days we generally prefer the kernel's newer EFI entrypoint instead, which has no such
* limitations. On other architectures we do not bother with any restriction on this, in particular
* as some of them don't even have RAM mapped to such low addresses. */
#if defined(__i386__) || defined(__x86_64__)
return xmalloc_pages(
AllocateMaxAddress,
EfiLoaderData,
EFI_SIZE_TO_PAGES(n_pages),
UINT32_MAX /* Below 4G boundary. */);
#else
return xmalloc_pages(
AllocateAnyPages,
EfiLoaderData,
EFI_SIZE_TO_PAGES(n_pages),
0 /* Ignored. */);
#endif
}
void convert_efi_path(char16_t *path);
char16_t *xstr8_to_path(const char *stra);
char16_t *mangle_stub_cmdline(char16_t *cmdline);

View File

@ -299,6 +299,7 @@ static const char *const esp_subdirs[] = {
"EFI/BOOT",
"loader",
"loader/keys",
"loader/keys/auto",
NULL
};
@ -614,10 +615,6 @@ static int install_secure_boot_auto_enroll(const char *esp, X509 *certificate, E
return log_error_errno(SYNTHETIC_ERRNO(EIO), "Failed to convert X.509 certificate to DER: %s",
ERR_error_string(ERR_get_error(), NULL));
r = mkdir_one(esp, "loader/keys/auto");
if (r < 0)
return r;
_cleanup_close_ int keys_fd = chase_and_open("loader/keys/auto", esp, CHASE_PREFIX_ROOT|CHASE_PROHIBIT_SYMLINKS, O_DIRECTORY, NULL);
if (keys_fd < 0)
return log_error_errno(keys_fd, "Failed to chase loader/keys/auto in the ESP: %m");
@ -1290,10 +1287,6 @@ int verb_remove(int argc, char *argv[], void *userdata) {
r = q;
}
q = rmdir_one(arg_esp_path, "/loader/keys/auto");
if (q < 0 && r >= 0)
r = q;
q = remove_subdirs(arg_esp_path, esp_subdirs);
if (q < 0 && r >= 0)
r = q;

View File

@ -1088,7 +1088,7 @@ static int method_start_transient_unit(sd_bus_message *message, void *userdata,
m,
name,
"start",
N_("Authentication is required to start transient unit '$(unit)'."),
N_("Authentication is required to start transient '$(unit)'."),
message,
error);
if (r < 0)

View File

@ -855,6 +855,9 @@ static int get_fixed_user(
assert(user_or_uid);
assert(ret_username);
/* Note that we don't set $HOME or $SHELL if they are not particularly enlightening anyway
* (i.e. are "/" or "/bin/nologin"). */
r = get_user_creds(&user_or_uid, ret_uid, ret_gid, ret_home, ret_shell, USER_CREDS_CLEAN);
if (r < 0)
return r;
@ -1880,10 +1883,7 @@ static int build_environment(
}
}
/* Note that we don't set $HOME or $SHELL if they are not particularly enlightening anyway
* (i.e. are "/" or "/bin/nologin"). */
if (home && set_user_login_env && !empty_or_root(home)) {
if (home && set_user_login_env) {
x = strjoin("HOME=", home);
if (!x)
return -ENOMEM;
@ -1892,7 +1892,7 @@ static int build_environment(
our_env[n_env++] = x;
}
if (shell && set_user_login_env && !shell_is_placeholder(shell)) {
if (shell && set_user_login_env) {
x = strjoin("SHELL=", shell);
if (!x)
return -ENOMEM;
@ -3471,16 +3471,20 @@ static int apply_working_directory(
const ExecContext *context,
const ExecParameters *params,
ExecRuntime *runtime,
const char *home) {
const char *home,
int *exit_status) {
const char *wd;
int r;
assert(context);
assert(exit_status);
if (context->working_directory_home) {
if (!home)
if (!home) {
*exit_status = EXIT_CHDIR;
return -ENXIO;
}
wd = home;
} else
@ -3499,7 +3503,13 @@ static int apply_working_directory(
if (r >= 0)
r = RET_NERRNO(fchdir(dfd));
}
return context->working_directory_missing_ok ? 0 : r;
if (r < 0 && !context->working_directory_missing_ok) {
*exit_status = EXIT_CHDIR;
return r;
}
return 0;
}
static int apply_root_directory(
@ -3775,7 +3785,7 @@ static int acquire_home(const ExecContext *c, const char **home, char **ret_buf)
if (!c->working_directory_home)
return 0;
if (c->dynamic_user || (c->user && is_this_me(c->user) <= 0))
if (c->dynamic_user)
return -EADDRNOTAVAIL;
r = get_home_dir(ret_buf);
@ -4533,7 +4543,7 @@ int exec_invoke(
r = acquire_home(context, &home, &home_buffer);
if (r < 0) {
*exit_status = EXIT_CHDIR;
return log_exec_error_errno(context, params, r, "Failed to determine $HOME for the invoking user: %m");
return log_exec_error_errno(context, params, r, "Failed to determine $HOME for user: %m");
}
/* If a socket is connected to STDIN/STDOUT/STDERR, we must drop O_NONBLOCK */
@ -5373,11 +5383,9 @@ int exec_invoke(
* running this service might have the correct privilege to change to the working directory. Also, it
* is absolutely 💣 crucial 💣 we applied all mount namespacing rearrangements before this, so that
* the cwd cannot be used to pin directories outside of the sandbox. */
r = apply_working_directory(context, params, runtime, home);
if (r < 0) {
*exit_status = EXIT_CHDIR;
r = apply_working_directory(context, params, runtime, home, exit_status);
if (r < 0)
return log_exec_error_errno(context, params, r, "Changing to the requested working directory failed: %m");
}
if (needs_sandboxing) {
/* Apply other MAC contexts late, but before seccomp syscall filtering, as those should really be last to

View File

@ -1689,11 +1689,6 @@ static int become_shutdown(int objective, int retval) {
/* Tell the binary how often to ping, ignore failure */
(void) strv_extendf(&env_block, "WATCHDOG_USEC="USEC_FMT, watchdog_timer);
/* Make sure that tools that look for $WATCHDOG_USEC (and might get started by the exitrd) don't get
* confused by the variable, because the sd_watchdog_enabled() protocol uses the same variable for
* the same purposes. */
(void) strv_extendf(&env_block, "WATCHDOG_PID=" PID_FMT, getpid_cached());
if (arg_watchdog_device)
(void) strv_extendf(&env_block, "WATCHDOG_DEVICE=%s", arg_watchdog_device);

View File

@ -3426,12 +3426,14 @@ static int service_deserialize_item(Unit *u, const char *key, const char *value,
return 0;
}
r = service_add_fd_store(s, TAKE_FD(fd), fdn, do_poll);
r = service_add_fd_store(s, fd, fdn, do_poll);
if (r < 0) {
log_unit_debug_errno(u, r,
"Failed to store deserialized fd '%s', ignoring: %m", fdn);
return 0;
}
TAKE_FD(fd);
} else if (streq(key, "extra-fd")) {
_cleanup_free_ char *fdv = NULL, *fdn = NULL;
_cleanup_close_ int fd = -EBADF;

View File

@ -193,7 +193,7 @@ int enroll_fido2(
fflush(stdout);
fprintf(stderr,
"\nPlease save this FIDO2 credential ID. It is required when unlocking the volume\n"
"\nPlease save this FIDO2 credential ID. It is required when unloocking the volume\n"
"using the associated FIDO2 keyslot which we just created. To configure automatic\n"
"unlocking using this FIDO2 token, add an appropriate entry to your /etc/crypttab\n"
"file, see %s for details.\n", link);

View File

@ -427,10 +427,7 @@ int wipe_slots(struct crypt_device *cd,
for (size_t i = n_ordered_slots; i > 0; i--) {
r = crypt_keyslot_destroy(cd, ordered_slots[i - 1]);
if (r < 0) {
if (r == -ENOENT)
log_warning_errno(r, "Failed to wipe non-existent slot %i, continuing.", ordered_slots[i - 1]);
else
log_warning_errno(r, "Failed to wipe slot %i, continuing: %m", ordered_slots[i - 1]);
log_warning_errno(r, "Failed to wipe slot %i, continuing: %m", ordered_slots[i - 1]);
if (ret == 0)
ret = r;
} else

View File

@ -193,7 +193,7 @@ static int help(void) {
"\n%3$sSimple Enrollment:%4$s\n"
" --password Enroll a user-supplied password\n"
" --recovery-key Enroll a recovery key\n"
"\n%3$sPKCS#11 Enrollment:%4$s\n"
"\n%3$sPKCS11 Enrollment:%4$s\n"
" --pkcs11-token-uri=URI\n"
" Specify PKCS#11 security token URI\n"
"\n%3$sFIDO2 Enrollment:%4$s\n"

View File

@ -1,9 +1,5 @@
# SPDX-License-Identifier: LGPL-2.1-or-later
if conf.get('HAVE_LIBCRYPTSETUP') != 1
subdir_done()
endif
systemd_cryptenroll_sources = files(
'cryptenroll-list.c',
'cryptenroll-password.c',
@ -28,6 +24,7 @@ executables += [
executable_template + {
'name' : 'systemd-cryptenroll',
'public' : true,
'conditions' : ['HAVE_LIBCRYPTSETUP'],
'sources' : systemd_cryptenroll_sources,
'dependencies' : [
libcryptsetup,

View File

@ -1,9 +1,5 @@
# SPDX-License-Identifier: LGPL-2.1-or-later
if conf.get('HAVE_LIBCRYPTSETUP') != 1
subdir_done()
endif
subdir('cryptsetup-tokens')
systemd_cryptsetup_sources = files(
@ -19,6 +15,7 @@ executables += [
executable_template + {
'name' : 'systemd-cryptsetup',
'public' : true,
'conditions' : ['HAVE_LIBCRYPTSETUP'],
'sources' : systemd_cryptsetup_sources,
'dependencies' : [
libcryptsetup,
@ -28,11 +25,14 @@ executables += [
},
generator_template + {
'name' : 'systemd-cryptsetup-generator',
'conditions' : ['HAVE_LIBCRYPTSETUP'],
'sources' : files('cryptsetup-generator.c'),
},
]
# symlink for backwards compatibility after rename
meson.add_install_script(sh, '-c',
ln_s.format(bindir / 'systemd-cryptsetup',
libexecdir / 'systemd-cryptsetup'))
if conf.get('HAVE_LIBCRYPTSETUP') == 1
# symlink for backwards compatibility after rename
meson.add_install_script(sh, '-c',
ln_s.format(bindir / 'systemd-cryptsetup',
libexecdir / 'systemd-cryptsetup'))
endif

View File

@ -1,18 +1,17 @@
# SPDX-License-Identifier: LGPL-2.1-or-later
if conf.get('HAVE_BLKID') != 1
subdir_done()
endif
executables += [
executable_template + {
'name' : 'systemd-dissect',
'public' : true,
'conditions' : ['HAVE_BLKID'],
'sources' : files('dissect.c'),
},
]
install_emptydir(sbindir)
meson.add_install_script(sh, '-c',
ln_s.format(bindir / 'systemd-dissect',
sbindir / 'mount.ddi'))
if conf.get('HAVE_BLKID') == 1
install_emptydir(sbindir)
meson.add_install_script(sh, '-c',
ln_s.format(bindir / 'systemd-dissect',
sbindir / 'mount.ddi'))
endif

View File

@ -1,18 +1,17 @@
# SPDX-License-Identifier: LGPL-2.1-or-later
if conf.get('ENABLE_ENVIRONMENT_D') != 1
subdir_done()
endif
executables += [
executable_template + {
'name' : '30-systemd-environment-d-generator',
'conditions' : ['ENABLE_ENVIRONMENT_D'],
'sources' : files('environment-d-generator.c'),
'install_dir' : userenvgeneratordir,
},
]
install_emptydir(environmentdir)
meson.add_install_script(sh, '-c',
ln_s.format(sysconfdir / 'environment',
environmentdir / '99-environment.conf'))
if conf.get('ENABLE_ENVIRONMENT_D') == 1
install_emptydir(environmentdir)
meson.add_install_script(sh, '-c',
ln_s.format(sysconfdir / 'environment',
environmentdir / '99-environment.conf'))
endif

View File

@ -1,12 +1,9 @@
# SPDX-License-Identifier: LGPL-2.1-or-later
if conf.get('ENABLE_HIBERNATE') != 1
subdir_done()
endif
executables += [
generator_template + {
'name' : 'systemd-hibernate-resume-generator',
'conditions' : ['ENABLE_HIBERNATE'],
'sources' : files(
'hibernate-resume-generator.c',
'hibernate-resume-config.c',
@ -14,6 +11,7 @@ executables += [
},
libexec_template + {
'name' : 'systemd-hibernate-resume',
'conditions' : ['ENABLE_HIBERNATE'],
'sources' : files(
'hibernate-resume.c',
'hibernate-resume-config.c',

View File

@ -1,9 +1,5 @@
# SPDX-License-Identifier: LGPL-2.1-or-later
if conf.get('ENABLE_HOMED') != 1
subdir_done()
endif
systemd_homework_sources = files(
'home-util.c',
'homework-blob.c',
@ -68,6 +64,7 @@ pam_systemd_home_sources = files(
executables += [
libexec_template + {
'name' : 'systemd-homework',
'conditions' : ['ENABLE_HOMED'],
'sources' : systemd_homework_sources,
'link_with' : [
libshared,
@ -85,6 +82,7 @@ executables += [
libexec_template + {
'name' : 'systemd-homed',
'dbus' : true,
'conditions' : ['ENABLE_HOMED'],
'sources' : systemd_homed_sources,
'include_directories' : includes +
include_directories('.'),
@ -98,6 +96,7 @@ executables += [
executable_template + {
'name' : 'homectl',
'public' : true,
'conditions' : ['ENABLE_HOMED'],
'sources' : homectl_sources,
'dependencies' : [
libcrypt,
@ -109,6 +108,7 @@ executables += [
},
test_template + {
'sources' : files('test-homed-regression-31896.c'),
'conditions' : ['ENABLE_HOMED'],
'type' : 'manual',
},
]
@ -116,7 +116,10 @@ executables += [
modules += [
pam_template + {
'name' : 'pam_systemd_home',
'conditions' : ['HAVE_PAM'],
'conditions' : [
'ENABLE_HOMED',
'HAVE_PAM',
],
'sources' : pam_systemd_home_sources,
'dependencies' : [
libcrypt,
@ -128,18 +131,20 @@ modules += [
},
]
install_data('org.freedesktop.home1.conf',
install_dir : dbuspolicydir)
install_data('org.freedesktop.home1.service',
install_dir : dbussystemservicedir)
install_data('org.freedesktop.home1.policy',
install_dir : polkitpolicydir)
if conf.get('ENABLE_HOMED') == 1
install_data('org.freedesktop.home1.conf',
install_dir : dbuspolicydir)
install_data('org.freedesktop.home1.service',
install_dir : dbussystemservicedir)
install_data('org.freedesktop.home1.policy',
install_dir : polkitpolicydir)
if install_sysconfdir_samples
install_data('homed.conf',
install_dir : pkgconfigfiledir)
if install_sysconfdir_samples
install_data('homed.conf',
install_dir : pkgconfigfiledir)
endif
meson.add_install_script(sh, '-c',
ln_s.format(bindir / 'homectl',
bindir / 'systemd-home-fallback-shell'))
endif
meson.add_install_script(sh, '-c',
ln_s.format(bindir / 'homectl',
bindir / 'systemd-home-fallback-shell'))

View File

@ -1,25 +1,25 @@
# SPDX-License-Identifier: LGPL-2.1-or-later
if conf.get('ENABLE_HOSTNAMED') != 1
subdir_done()
endif
executables += [
libexec_template + {
'name' : 'systemd-hostnamed',
'dbus' : true,
'conditions' : ['ENABLE_HOSTNAMED'],
'sources' : files('hostnamed.c'),
},
executable_template + {
'name' : 'hostnamectl',
'public' : true,
'conditions' : ['ENABLE_HOSTNAMED'],
'sources' : files('hostnamectl.c'),
},
]
install_data('org.freedesktop.hostname1.conf',
install_dir : dbuspolicydir)
install_data('org.freedesktop.hostname1.service',
install_dir : dbussystemservicedir)
install_data('org.freedesktop.hostname1.policy',
install_dir : polkitpolicydir)
if conf.get('ENABLE_HOSTNAMED') == 1
install_data('org.freedesktop.hostname1.conf',
install_dir : dbuspolicydir)
install_data('org.freedesktop.hostname1.service',
install_dir : dbussystemservicedir)
install_data('org.freedesktop.hostname1.policy',
install_dir : polkitpolicydir)
endif

View File

@ -1,12 +1,9 @@
# SPDX-License-Identifier: LGPL-2.1-or-later
if conf.get('HAVE_LIBCRYPTSETUP') != 1
subdir_done()
endif
executables += [
libexec_template + {
'name' : 'systemd-integritysetup',
'conditions' : ['HAVE_LIBCRYPTSETUP'],
'sources' : files(
'integrity-util.c',
'integritysetup.c',
@ -15,6 +12,7 @@ executables += [
},
generator_template + {
'name' : 'systemd-integritysetup-generator',
'conditions' : ['HAVE_LIBCRYPTSETUP'],
'sources' : files(
'integrity-util.c',
'integritysetup-generator.c',

View File

@ -526,8 +526,8 @@ static void client_context_really_refresh(
client_context_read_basic(c);
(void) client_context_read_label(c, label, label_size);
(void) audit_session_from_pid(&PIDREF_MAKE_FROM_PID(c->pid), &c->auditid);
(void) audit_loginuid_from_pid(&PIDREF_MAKE_FROM_PID(c->pid), &c->loginuid);
(void) audit_session_from_pid(c->pid, &c->auditid);
(void) audit_loginuid_from_pid(c->pid, &c->loginuid);
(void) client_context_read_cgroup(s, c, unit_id);
(void) client_context_read_invocation_id(s, c);

View File

@ -750,7 +750,7 @@ static int ndisc_option_parse_route(Set **options, size_t offset, size_t len, co
usec_t lifetime = unaligned_be32_sec_to_usec(opt + 4, /* max_as_infinity = */ true);
struct in6_addr prefix;
memcpy_safe(&prefix, opt + 8, len - 8);
memcpy(&prefix, opt + 8, len - 8);
in6_addr_mask(&prefix, prefixlen);
return ndisc_option_add_route(options, offset, preference, prefixlen, &prefix, lifetime);

View File

@ -1033,14 +1033,12 @@ global:
sd_varlink_server_listen_fd;
sd_varlink_server_loop_auto;
sd_varlink_server_new;
sd_varlink_server_ref;
sd_varlink_server_set_connections_max;
sd_varlink_server_set_connections_per_uid_max;
sd_varlink_server_set_description;
sd_varlink_server_set_exit_on_idle;
sd_varlink_server_set_userdata;
sd_varlink_server_shutdown;
sd_varlink_server_unref;
sd_varlink_set_allow_fd_passing_input;
sd_varlink_set_allow_fd_passing_output;
sd_varlink_set_description;

View File

@ -9,7 +9,6 @@
BUS_ERROR_MAP_ELF_REGISTER const sd_bus_error_map bus_common_errors[] = {
SD_BUS_ERROR_MAP(BUS_ERROR_NO_SUCH_UNIT, ENOENT),
SD_BUS_ERROR_MAP(BUS_ERROR_NO_SUCH_PROCESS, ESRCH),
SD_BUS_ERROR_MAP(BUS_ERROR_NO_UNIT_FOR_PID, ESRCH),
SD_BUS_ERROR_MAP(BUS_ERROR_NO_UNIT_FOR_INVOCATION_ID, ENOENT),
SD_BUS_ERROR_MAP(BUS_ERROR_UNIT_EXISTS, EEXIST),
@ -66,6 +65,8 @@ BUS_ERROR_MAP_ELF_REGISTER const sd_bus_error_map bus_common_errors[] = {
SD_BUS_ERROR_MAP(BUS_ERROR_AUTOMATIC_TIME_SYNC_ENABLED, EALREADY),
SD_BUS_ERROR_MAP(BUS_ERROR_NO_NTP_SUPPORT, EOPNOTSUPP),
SD_BUS_ERROR_MAP(BUS_ERROR_NO_SUCH_PROCESS, ESRCH),
SD_BUS_ERROR_MAP(BUS_ERROR_NO_NAME_SERVERS, ESRCH),
SD_BUS_ERROR_MAP(BUS_ERROR_INVALID_REPLY, EINVAL),
SD_BUS_ERROR_MAP(BUS_ERROR_NO_SUCH_RR, ENOENT),

View File

@ -4,7 +4,6 @@
#include "bus-error.h"
#define BUS_ERROR_NO_SUCH_UNIT "org.freedesktop.systemd1.NoSuchUnit"
#define BUS_ERROR_NO_SUCH_PROCESS "org.freedesktop.systemd1.NoSuchProcess"
#define BUS_ERROR_NO_UNIT_FOR_PID "org.freedesktop.systemd1.NoUnitForPID"
#define BUS_ERROR_NO_UNIT_FOR_INVOCATION_ID "org.freedesktop.systemd1.NoUnitForInvocationID"
#define BUS_ERROR_UNIT_EXISTS "org.freedesktop.systemd1.UnitExists"
@ -67,6 +66,8 @@
#define BUS_ERROR_AUTOMATIC_TIME_SYNC_ENABLED "org.freedesktop.timedate1.AutomaticTimeSyncEnabled"
#define BUS_ERROR_NO_NTP_SUPPORT "org.freedesktop.timedate1.NoNTPSupport"
#define BUS_ERROR_NO_SUCH_PROCESS "org.freedesktop.systemd1.NoSuchProcess"
#define BUS_ERROR_NO_NAME_SERVERS "org.freedesktop.resolve1.NoNameServers"
#define BUS_ERROR_INVALID_REPLY "org.freedesktop.resolve1.InvalidReply"
#define BUS_ERROR_NO_SUCH_RR "org.freedesktop.resolve1.NoSuchRR"

View File

@ -1118,7 +1118,7 @@ int bus_creds_add_more(sd_bus_creds *c, uint64_t mask, PidRef *pidref, pid_t tid
}
if (missing & SD_BUS_CREDS_AUDIT_SESSION_ID) {
r = audit_session_from_pid(pidref, &c->audit_session_id);
r = audit_session_from_pid(pidref->pid, &c->audit_session_id);
if (r == -ENODATA) {
/* ENODATA means: no audit session id assigned */
c->audit_session_id = AUDIT_SESSION_INVALID;
@ -1131,7 +1131,7 @@ int bus_creds_add_more(sd_bus_creds *c, uint64_t mask, PidRef *pidref, pid_t tid
}
if (missing & SD_BUS_CREDS_AUDIT_LOGIN_UID) {
r = audit_loginuid_from_pid(pidref, &c->audit_login_uid);
r = audit_loginuid_from_pid(pidref->pid, &c->audit_login_uid);
if (r == -ENODATA) {
/* ENODATA means: no audit login uid assigned */
c->audit_login_uid = UID_INVALID;

View File

@ -3265,7 +3265,7 @@ static sd_varlink_server* varlink_server_destroy(sd_varlink_server *s) {
return mfree(s);
}
DEFINE_PUBLIC_TRIVIAL_REF_UNREF_FUNC(sd_varlink_server, sd_varlink_server, varlink_server_destroy);
DEFINE_TRIVIAL_REF_UNREF_FUNC(sd_varlink_server, sd_varlink_server, varlink_server_destroy);
static int validate_connection(sd_varlink_server *server, const struct ucred *ucred) {
int allowed = -1;

View File

@ -16,7 +16,7 @@ int varlink_get_peer_pidref(sd_varlink *v, PidRef *ret) {
int pidfd = sd_varlink_get_peer_pidfd(v);
if (pidfd < 0) {
if (!ERRNO_IS_NEG_NOT_SUPPORTED(pidfd) && pidfd != -EINVAL)
if (!ERRNO_IS_NEG_NOT_SUPPORTED(pidfd))
return pidfd;
pid_t pid;

View File

@ -1006,7 +1006,7 @@ static int create_session(
"Maximum number of sessions (%" PRIu64 ") reached, refusing further sessions.",
m->sessions_max);
(void) audit_session_from_pid(&leader, &audit_id);
(void) audit_session_from_pid(leader.pid, &audit_id);
if (audit_session_is_valid(audit_id)) {
/* Keep our session IDs and the audit session IDs in sync */

View File

@ -360,7 +360,7 @@ int bus_session_method_kill(sd_bus_message *message, void *userdata, sd_bus_erro
if (r == 0)
return 1; /* Will call us back */
r = session_kill(s, whom, signo, error);
r = session_kill(s, whom, signo);
if (r < 0)
return r;

View File

@ -254,7 +254,7 @@ int session_set_leader_consume(Session *s, PidRef _leader) {
s->leader_fd_saved = true;
}
(void) audit_session_from_pid(&s->leader, &s->audit_id);
(void) audit_session_from_pid(s->leader.pid, &s->audit_id);
return 1;
}
@ -1387,20 +1387,16 @@ SessionState session_get_state(Session *s) {
return SESSION_ONLINE;
}
int session_kill(Session *s, KillWhom whom, int signo, sd_bus_error *error) {
int session_kill(Session *s, KillWhom whom, int signo) {
assert(s);
switch (whom) {
case KILL_ALL:
if (!SESSION_CLASS_WANTS_SCOPE(s->class))
return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED,
"Session '%s' has no associated scope", s->id);
if (!s->scope)
return sd_bus_error_set_errnof(error, ESRCH, "Scope for session '%s' not active", s->id);
return -ESRCH;
return manager_kill_unit(s->manager, s->scope, KILL_ALL, signo, error);
return manager_kill_unit(s->manager, s->scope, KILL_ALL, signo, NULL);
case KILL_LEADER:
return pidref_kill(&s->leader, signo);

View File

@ -191,7 +191,7 @@ int session_finalize(Session *s);
int session_release(Session *s);
int session_save(Session *s);
int session_load(Session *s);
int session_kill(Session *s, KillWhom whom, int signo, sd_bus_error *error);
int session_kill(Session *s, KillWhom whom, int signo);
SessionState session_get_state(Session *u);

View File

@ -1,18 +1,17 @@
# SPDX-License-Identifier: LGPL-2.1-or-later
if conf.get('HAVE_KMOD') != 1
subdir_done()
endif
executables += [
libexec_template + {
'name' : 'systemd-modules-load',
'conditions' : ['HAVE_KMOD'],
'sources' : files('modules-load.c'),
'dependencies' : libkmod_cflags,
},
]
install_emptydir(modulesloaddir)
if install_sysconfdir
install_emptydir(sysconfdir / 'modules-load.d')
if conf.get('HAVE_KMOD') == 1
install_emptydir(modulesloaddir)
if install_sysconfdir
install_emptydir(sysconfdir / 'modules-load.d')
endif
endif

View File

@ -1,9 +1,5 @@
# SPDX-License-Identifier: LGPL-2.1-or-later
if conf.get('ENABLE_MOUNTFSD') != 1
subdir_done()
endif
systemd_mountwork_sources = files(
'mountwork.c',
)
@ -16,10 +12,12 @@ systemd_mountfsd_sources = files(
executables += [
libexec_template + {
'name' : 'systemd-mountfsd',
'conditions' : ['ENABLE_MOUNTFSD'],
'sources' : systemd_mountfsd_sources,
},
libexec_template + {
'name' : 'systemd-mountwork',
'conditions' : ['ENABLE_MOUNTFSD'],
'sources' : systemd_mountwork_sources,
},
]

View File

@ -276,6 +276,7 @@ static int vl_method_mount_image(
Hashmap **polkit_registry = ASSERT_PTR(userdata);
_cleanup_free_ char *ps = NULL;
bool image_is_trusted = false;
uid_t peer_uid;
int r;
assert(link);
@ -283,6 +284,10 @@ static int vl_method_mount_image(
sd_json_variant_sensitive(parameters); /* might contain passwords */
r = sd_varlink_get_peer_uid(link, &peer_uid);
if (r < 0)
return log_debug_errno(r, "Failed to get client UID: %m");
r = sd_varlink_dispatch(link, parameters, dispatch_table, &p);
if (r != 0)
return r;
@ -522,13 +527,17 @@ static int vl_method_mount_image(
loop_device_relinquish(loop);
return sd_varlink_replybo(
r = sd_varlink_replybo(
link,
SD_JSON_BUILD_PAIR("partitions", SD_JSON_BUILD_VARIANT(aj)),
SD_JSON_BUILD_PAIR("imagePolicy", SD_JSON_BUILD_STRING(ps)),
SD_JSON_BUILD_PAIR("imageSize", SD_JSON_BUILD_INTEGER(di->image_size)),
SD_JSON_BUILD_PAIR("sectorSize", SD_JSON_BUILD_INTEGER(di->sector_size)),
SD_JSON_BUILD_PAIR_CONDITION(!sd_id128_is_null(di->image_uuid), "imageUuid", SD_JSON_BUILD_UUID(di->image_uuid)));
if (r < 0)
return r;
return r;
}
static int process_connection(sd_varlink_server *server, int _fd) {

View File

@ -76,7 +76,6 @@ sources = files(
'networkd-route-nexthop.c',
'networkd-route-util.c',
'networkd-routing-policy-rule.c',
'networkd-serialize.c',
'networkd-setlink.c',
'networkd-speed-meter.c',
'networkd-sriov.c',

View File

@ -72,5 +72,4 @@ const NetDevVTable bare_udp_vtable = {
.fill_message_create = netdev_bare_udp_fill_message_create,
.create_type = NETDEV_CREATE_INDEPENDENT,
.iftype = ARPHRD_NONE,
.keep_existing = true,
};

View File

@ -56,23 +56,13 @@ DEFINE_CONFIG_PARSE_ENUM(config_parse_bond_arp_all_targets, bond_arp_all_targets
DEFINE_CONFIG_PARSE_ENUM(config_parse_bond_primary_reselect, bond_primary_reselect, BondPrimaryReselect);
static int netdev_bond_fill_message_create(NetDev *netdev, Link *link, sd_netlink_message *m) {
Bond *b = BOND(netdev);
int r;
assert(netdev->manager);
assert(!link);
assert(m);
if (netdev->ifindex > 0) {
r = link_get_by_index(netdev->manager, netdev->ifindex, &link);
if (r < 0)
return r;
}
Bond *b = BOND(netdev);
int r;
bool up = link && FLAGS_SET(link->flags, IFF_UP);
bool has_slaves = link && !set_isempty(link->slaves);
if (b->mode != _NETDEV_BOND_MODE_INVALID && !up && !has_slaves) {
if (b->mode != _NETDEV_BOND_MODE_INVALID) {
r = sd_netlink_message_append_u8(m, IFLA_BOND_MODE, b->mode);
if (r < 0)
return r;
@ -85,8 +75,7 @@ static int netdev_bond_fill_message_create(NetDev *netdev, Link *link, sd_netlin
}
if (b->lacp_rate != _NETDEV_BOND_LACP_RATE_INVALID &&
b->mode == NETDEV_BOND_MODE_802_3AD &&
!up) {
b->mode == NETDEV_BOND_MODE_802_3AD) {
r = sd_netlink_message_append_u8(m, IFLA_BOND_AD_LACP_RATE, b->lacp_rate);
if (r < 0)
return r;
@ -130,16 +119,14 @@ static int netdev_bond_fill_message_create(NetDev *netdev, Link *link, sd_netlin
}
if (b->ad_select != _NETDEV_BOND_AD_SELECT_INVALID &&
b->mode == NETDEV_BOND_MODE_802_3AD &&
!up) {
b->mode == NETDEV_BOND_MODE_802_3AD) {
r = sd_netlink_message_append_u8(m, IFLA_BOND_AD_SELECT, b->ad_select);
if (r < 0)
return r;
}
if (b->fail_over_mac != _NETDEV_BOND_FAIL_OVER_MAC_INVALID &&
b->mode == NETDEV_BOND_MODE_ACTIVE_BACKUP &&
!has_slaves) {
b->mode == NETDEV_BOND_MODE_ACTIVE_BACKUP) {
r = sd_netlink_message_append_u8(m, IFLA_BOND_FAIL_OVER_MAC, b->fail_over_mac);
if (r < 0)
return r;
@ -194,7 +181,7 @@ static int netdev_bond_fill_message_create(NetDev *netdev, Link *link, sd_netlin
return r;
}
if (b->ad_user_port_key != 0 && !up) {
if (b->ad_user_port_key != 0) {
r = sd_netlink_message_append_u16(m, IFLA_BOND_AD_USER_PORT_KEY, b->ad_user_port_key);
if (r < 0)
return r;
@ -210,7 +197,7 @@ static int netdev_bond_fill_message_create(NetDev *netdev, Link *link, sd_netlin
if (r < 0)
return r;
if (b->tlb_dynamic_lb >= 0 && !up) {
if (b->tlb_dynamic_lb >= 0) {
r = sd_netlink_message_append_u8(m, IFLA_BOND_TLB_DYNAMIC_LB, b->tlb_dynamic_lb);
if (r < 0)
return r;

View File

@ -281,17 +281,12 @@ static void bridge_init(NetDev *netdev) {
b->ageing_time = USEC_INFINITY;
}
static bool bridge_can_set_mac(NetDev *netdev, const struct hw_addr_data *hw_addr) {
return true;
}
const NetDevVTable bridge_vtable = {
.object_size = sizeof(Bridge),
.init = bridge_init,
.sections = NETDEV_COMMON_SECTIONS "Bridge\0",
.post_create = netdev_bridge_post_create,
.create_type = NETDEV_CREATE_INDEPENDENT,
.can_set_mac = bridge_can_set_mac,
.iftype = ARPHRD_ETHER,
.generate_mac = true,
};

View File

@ -4,15 +4,10 @@
#include "dummy.h"
static bool dummy_can_set_mac(NetDev *netdev, const struct hw_addr_data *hw_addr) {
return true;
}
const NetDevVTable dummy_vtable = {
.object_size = sizeof(Dummy),
.sections = NETDEV_COMMON_SECTIONS,
.create_type = NETDEV_CREATE_INDEPENDENT,
.can_set_mac = dummy_can_set_mac,
.iftype = ARPHRD_ETHER,
.generate_mac = true,
};

View File

@ -254,10 +254,6 @@ static int netdev_geneve_verify(NetDev *netdev, const char *filename) {
return 0;
}
static bool geneve_can_set_mac(NetDev *netdev, const struct hw_addr_data *hw_addr) {
return true;
}
static void geneve_init(NetDev *netdev) {
Geneve *v = GENEVE(netdev);
@ -276,7 +272,6 @@ const NetDevVTable geneve_vtable = {
.fill_message_create = netdev_geneve_fill_message_create,
.create_type = NETDEV_CREATE_INDEPENDENT,
.config_verify = netdev_geneve_verify,
.can_set_mac = geneve_can_set_mac,
.iftype = ARPHRD_ETHER,
.generate_mac = true,
};

View File

@ -60,7 +60,6 @@ const NetDevVTable ipvlan_vtable = {
.can_set_mac = ipvlan_can_set_mac,
.iftype = ARPHRD_ETHER,
.generate_mac = true,
.keep_existing = true,
};
const NetDevVTable ipvtap_vtable = {
@ -72,7 +71,6 @@ const NetDevVTable ipvtap_vtable = {
.can_set_mac = ipvlan_can_set_mac,
.iftype = ARPHRD_ETHER,
.generate_mac = true,
.keep_existing = true,
};
IPVlanMode link_get_ipvlan_mode(Link *link) {

View File

@ -178,7 +178,6 @@ const NetDevVTable macvtap_vtable = {
.create_type = NETDEV_CREATE_STACKED,
.iftype = ARPHRD_ETHER,
.generate_mac = true,
.keep_existing = true,
};
const NetDevVTable macvlan_vtable = {
@ -190,5 +189,4 @@ const NetDevVTable macvlan_vtable = {
.create_type = NETDEV_CREATE_STACKED,
.iftype = ARPHRD_ETHER,
.generate_mac = true,
.keep_existing = true,
};

View File

@ -400,7 +400,7 @@ int netdev_enter_ready(NetDev *netdev) {
assert(netdev);
assert(netdev->ifname);
if (!IN_SET(netdev->state, NETDEV_STATE_LOADING, NETDEV_STATE_CREATING))
if (netdev->state != NETDEV_STATE_CREATING)
return 0;
netdev->state = NETDEV_STATE_READY;
@ -432,17 +432,18 @@ static int netdev_create_handler(sd_netlink *rtnl, sd_netlink_message *m, NetDev
assert(netdev->state != _NETDEV_STATE_INVALID);
r = sd_netlink_message_get_errno(m);
if (r >= 0)
log_netdev_debug(netdev, "Created.");
else if (r == -EEXIST && netdev->ifindex > 0)
log_netdev_debug(netdev, "Already exists.");
else {
log_netdev_warning_errno(netdev, r, "Failed to create netdev: %m");
if (r == -EEXIST)
log_netdev_info(netdev, "netdev exists, using existing without changing its parameters");
else if (r < 0) {
log_netdev_warning_errno(netdev, r, "netdev could not be created: %m");
netdev_enter_failed(netdev);
return 0;
return 1;
}
return netdev_enter_ready(netdev);
log_netdev_debug(netdev, "Created");
return 1;
}
int netdev_set_ifindex_internal(NetDev *netdev, int ifindex) {
@ -463,6 +464,8 @@ int netdev_set_ifindex_internal(NetDev *netdev, int ifindex) {
}
static int netdev_set_ifindex_impl(NetDev *netdev, const char *name, int ifindex) {
int r;
assert(netdev);
assert(name);
assert(ifindex > 0);
@ -475,7 +478,11 @@ static int netdev_set_ifindex_impl(NetDev *netdev, const char *name, int ifindex
"Received netlink message with unexpected interface name %s (ifindex=%i).",
name, ifindex);
return netdev_set_ifindex_internal(netdev, ifindex);
r = netdev_set_ifindex_internal(netdev, ifindex);
if (r <= 0)
return r;
return netdev_enter_ready(netdev);
}
int netdev_set_ifindex(NetDev *netdev, sd_netlink_message *message) {
@ -629,32 +636,15 @@ finalize:
static bool netdev_can_set_mac(NetDev *netdev, const struct hw_addr_data *hw_addr) {
assert(netdev);
assert(netdev->manager);
assert(hw_addr);
if (hw_addr->length <= 0)
return false;
Link *link;
if (link_get_by_index(netdev->manager, netdev->ifindex, &link) < 0)
return true; /* The netdev does not exist yet. We can set MAC address. */
if (!NETDEV_VTABLE(netdev)->can_set_mac)
return true;
if (hw_addr_equal(&link->hw_addr, hw_addr))
return false; /* Unchanged, not necessary to set. */
/* Some netdevs refuse to update MAC address even if the interface is not running, e.g. ipvlan.
* Some other netdevs have the IFF_LIVE_ADDR_CHANGE flag and can update update MAC address even if
* the interface is running, e.g. dummy. For those cases, use custom checkers. */
if (NETDEV_VTABLE(netdev)->can_set_mac)
return NETDEV_VTABLE(netdev)->can_set_mac(netdev, hw_addr);
/* Before ad72c4a06acc6762e84994ac2f722da7a07df34e and 0ec92a8f56ff07237dbe8af7c7a72aba7f957baf
* (both in v6.5), the kernel refuse to set MAC address for existing netdevs even if it is unchanged.
* So, by default, do not update MAC address if the it is running. See eth_prepare_mac_addr_change(),
* which is called by eth_mac_addr(). Note, the result of netif_running() is mapped to operstate
* and flags. See rtnl_fill_ifinfo() and dev_get_flags(). */
return link->kernel_operstate == IF_OPER_DOWN &&
(link->flags & (IFF_RUNNING | IFF_LOWER_UP | IFF_DORMANT)) == 0;
return NETDEV_VTABLE(netdev)->can_set_mac(netdev, hw_addr);
}
static bool netdev_can_set_mtu(NetDev *netdev, uint32_t mtu) {
@ -663,35 +653,18 @@ static bool netdev_can_set_mtu(NetDev *netdev, uint32_t mtu) {
if (mtu <= 0)
return false;
Link *link;
if (link_get_by_index(netdev->manager, netdev->ifindex, &link) < 0)
return true; /* The netdev does not exist yet. We can set MTU. */
if (!NETDEV_VTABLE(netdev)->can_set_mtu)
return true;
if (mtu < link->min_mtu || link->max_mtu < mtu)
return false; /* The MTU is out of range. */
if (link->mtu == mtu)
return false; /* Unchanged, not necessary to set. */
/* Some netdevs cannot change MTU, e.g. vxlan. Let's use the custom checkers in such cases. */
if (NETDEV_VTABLE(netdev)->can_set_mtu)
return NETDEV_VTABLE(netdev)->can_set_mtu(netdev, mtu);
/* By default, allow to update the MTU. */
return true;
return NETDEV_VTABLE(netdev)->can_set_mtu(netdev, mtu);
}
static int netdev_create_message(NetDev *netdev, Link *link, sd_netlink_message *m) {
int r;
if (netdev->ifindex <= 0) {
/* Set interface name when it is newly created. Otherwise, the kernel older than
* bd039b5ea2a91ea707ee8539df26456bd5be80af (v6.2) will refuse the netlink message even if
* the name is unchanged. */
r = sd_netlink_message_append_string(m, IFLA_IFNAME, netdev->ifname);
if (r < 0)
return r;
}
r = sd_netlink_message_append_string(m, IFLA_IFNAME, netdev->ifname);
if (r < 0)
return r;
struct hw_addr_data hw_addr;
r = netdev_generate_hw_addr(netdev, link, netdev->ifname, &netdev->hw_addr, &hw_addr);
@ -854,16 +827,7 @@ static int stacked_netdev_process_request(Request *req, Link *link, void *userda
assert(link);
if (!netdev_is_managed(netdev))
goto cancelled; /* Already detached, due to e.g. reloading .netdev files, cancelling the request. */
if (NETDEV_VTABLE(netdev)->keep_existing && netdev->ifindex > 0) {
/* Already exists, and the netdev does not support updating, entering the ready state. */
r = netdev_enter_ready(netdev);
if (r < 0)
return r;
goto cancelled;
}
return 1; /* Already detached, due to e.g. reloading .netdev files, cancelling the request. */
r = netdev_is_ready_to_create(netdev, link);
if (r <= 0)
@ -874,41 +838,21 @@ static int stacked_netdev_process_request(Request *req, Link *link, void *userda
return log_netdev_warning_errno(netdev, r, "Failed to create netdev: %m");
return 1;
cancelled:
assert_se(TAKE_PTR(req->counter) == &link->create_stacked_netdev_messages);
link->create_stacked_netdev_messages--;
if (link->create_stacked_netdev_messages == 0) {
link->stacked_netdevs_created = true;
log_link_debug(link, "Stacked netdevs created.");
link_check_ready(link);
}
return 1;
}
static int create_stacked_netdev_handler(sd_netlink *rtnl, sd_netlink_message *m, Request *req, Link *link, void *userdata) {
NetDev *netdev = ASSERT_PTR(userdata);
int r;
assert(m);
assert(link);
r = sd_netlink_message_get_errno(m);
if (r >= 0)
log_netdev_debug(netdev, "Created.");
else if (r == -EEXIST && netdev->ifindex > 0)
log_netdev_debug(netdev, "Already exists.");
else {
log_netdev_warning_errno(netdev, r, "Failed to create netdev: %m");
netdev_enter_failed(netdev);
if (r < 0 && r != -EEXIST) {
log_link_message_warning_errno(link, m, r, "Could not create stacked netdev");
link_enter_failed(link);
return 0;
}
(void) netdev_enter_ready(netdev);
if (link->create_stacked_netdev_messages == 0) {
link->stacked_netdevs_created = true;
log_link_debug(link, "Stacked netdevs created.");
@ -957,15 +901,6 @@ static int independent_netdev_process_request(Request *req, Link *link, void *us
if (!netdev_is_managed(netdev))
return 1; /* Already detached, due to e.g. reloading .netdev files, cancelling the request. */
if (NETDEV_VTABLE(netdev)->keep_existing && netdev->ifindex > 0) {
/* Already exists, and the netdev does not support updating, entering the ready state. */
r = netdev_enter_ready(netdev);
if (r < 0)
return r;
return 1; /* Skip this request. */
}
r = netdev_is_ready_to_create(netdev, NULL);
if (r <= 0)
return r;
@ -995,9 +930,21 @@ static int netdev_request_to_create(NetDev *netdev) {
if (netdev->state != NETDEV_STATE_LOADING)
return 0; /* Already configured (at least tried previously). Not necessary to reconfigure. */
r = netdev_queue_request(netdev, independent_netdev_process_request, NULL);
r = netdev_is_ready_to_create(netdev, NULL);
if (r < 0)
return log_netdev_warning_errno(netdev, r, "Failed to request to create netdev: %m");
return r;
if (r > 0) {
/* If the netdev has no dependency, then create it now. */
r = independent_netdev_create(netdev);
if (r < 0)
return log_netdev_warning_errno(netdev, r, "Failed to create netdev: %m");
} else {
/* Otherwise, wait for the dependencies being resolved. */
r = netdev_queue_request(netdev, independent_netdev_process_request, NULL);
if (r < 0)
return log_netdev_warning_errno(netdev, r, "Failed to request to create netdev: %m");
}
return 0;
}

View File

@ -199,10 +199,6 @@ typedef struct NetDevVTable {
/* When assigning ifindex to the netdev, skip to check if the netdev kind matches. */
bool skip_netdev_kind_check;
/* Provides if the netdev can be updated, that is, whether RTM_NEWLINK with existing ifindex is supported or not.
* If this is true, the netdev does not support updating. */
bool keep_existing;
} NetDevVTable;
extern const NetDevVTable * const netdev_vtable[_NETDEV_KIND_MAX];

View File

@ -4,15 +4,10 @@
#include "netdevsim.h"
static bool netdevsim_can_set_mac(NetDev *netdev, const struct hw_addr_data *hw_addr) {
return true;
}
const NetDevVTable netdevsim_vtable = {
.object_size = sizeof(NetDevSim),
.sections = NETDEV_COMMON_SECTIONS,
.create_type = NETDEV_CREATE_INDEPENDENT,
.can_set_mac = netdevsim_can_set_mac,
.iftype = ARPHRD_ETHER,
.generate_mac = true,
};

View File

@ -1119,11 +1119,6 @@ static void netdev_tunnel_init(NetDev *netdev) {
t->ttl = DEFAULT_IPV6_TTL;
}
static bool tunnel_can_set_mac(NetDev *netdev, const struct hw_addr_data *hw_addr) {
assert(IN_SET(netdev->kind, NETDEV_KIND_GRETAP, NETDEV_KIND_IP6GRETAP, NETDEV_KIND_ERSPAN));
return true;
}
const NetDevVTable ipip_vtable = {
.object_size = sizeof(Tunnel),
.init = netdev_tunnel_init,
@ -1193,7 +1188,6 @@ const NetDevVTable gretap_vtable = {
.is_ready_to_create = netdev_tunnel_is_ready_to_create,
.config_verify = netdev_tunnel_verify,
.needs_reconfigure = tunnel_needs_reconfigure,
.can_set_mac = tunnel_can_set_mac,
.iftype = ARPHRD_ETHER,
.generate_mac = true,
};
@ -1219,7 +1213,6 @@ const NetDevVTable ip6gretap_vtable = {
.is_ready_to_create = netdev_tunnel_is_ready_to_create,
.config_verify = netdev_tunnel_verify,
.needs_reconfigure = tunnel_needs_reconfigure,
.can_set_mac = tunnel_can_set_mac,
.iftype = ARPHRD_ETHER,
.generate_mac = true,
};
@ -1245,7 +1238,6 @@ const NetDevVTable erspan_vtable = {
.is_ready_to_create = netdev_tunnel_is_ready_to_create,
.config_verify = netdev_tunnel_verify,
.needs_reconfigure = tunnel_needs_reconfigure,
.can_set_mac = tunnel_can_set_mac,
.iftype = ARPHRD_ETHER,
.generate_mac = true,
};

View File

@ -36,28 +36,10 @@ static TunTap* TUNTAP(NetDev *netdev) {
DEFINE_PRIVATE_HASH_OPS_FULL(named_fd_hash_ops, char, string_hash_func, string_compare_func, free, void, close_fd_ptr);
static int manager_add_tuntap_fd_impl(Manager *m, int fd, const char *name) {
_cleanup_free_ char *tuntap_name = NULL;
int r;
assert(m);
assert(fd >= 0);
assert(name);
tuntap_name = strdup(name);
if (!tuntap_name)
return log_oom_debug();
r = hashmap_ensure_put(&m->tuntap_fds_by_name, &named_fd_hash_ops, tuntap_name, FD_TO_PTR(fd));
if (r < 0)
return log_debug_errno(r, "Failed to store tuntap fd: %m");
TAKE_PTR(tuntap_name);
return 0;
}
int manager_add_tuntap_fd(Manager *m, int fd, const char *name) {
_cleanup_free_ char *tuntap_name = NULL;
const char *p;
int r;
assert(m);
assert(fd >= 0);
@ -70,76 +52,66 @@ int manager_add_tuntap_fd(Manager *m, int fd, const char *name) {
if (!ifname_valid(p))
return log_debug_errno(SYNTHETIC_ERRNO(EINVAL), "Received tuntap fd with invalid name (%s).", p);
return manager_add_tuntap_fd_impl(m, fd, p);
}
tuntap_name = strdup(p);
if (!tuntap_name)
return log_oom_debug();
static int netdev_take_tuntap_fd(Manager *m, const char *ifname) {
_unused_ _cleanup_free_ char *name = NULL;
void *p;
assert(m);
assert(ifname);
p = hashmap_remove2(m->tuntap_fds_by_name, ifname, (void**) &name);
if (!p)
return -EBADF;
return PTR_TO_FD(p);
}
static int netdev_push_tuntap_fd(NetDev *netdev, int fd) {
_unused_ _cleanup_close_ int fd_old = -EBADF;
int r;
assert(netdev->manager);
fd_old = netdev_take_tuntap_fd(netdev->manager, netdev->ifname);
if (!TUNTAP(netdev)->keep_fd)
return 0;
r = manager_add_tuntap_fd_impl(netdev->manager, fd, netdev->ifname);
r = hashmap_ensure_put(&m->tuntap_fds_by_name, &named_fd_hash_ops, tuntap_name, FD_TO_PTR(fd));
if (r < 0)
return r;
return log_debug_errno(r, "Failed to store tuntap fd: %m");
(void) notify_push_fdf(fd, "tuntap-%s", netdev->ifname);
return 1; /* saved */
}
static void manager_close_and_notify_tuntap_fd(Manager *m, const char *ifname) {
assert(m);
assert(ifname);
/* netdev_take_tuntap_fd() may invalidate ifname. Hence, need to create fdname earlier. */
const char *fdname = strjoina("tuntap-", ifname);
close_and_notify_warn(netdev_take_tuntap_fd(m, ifname), fdname);
TAKE_PTR(tuntap_name);
return 0;
}
void manager_clear_unmanaged_tuntap_fds(Manager *m) {
const char *name;
char *name;
void *p;
assert(m);
HASHMAP_FOREACH_KEY(p, name, m->tuntap_fds_by_name) {
NetDev *netdev;
if (netdev_get(m, name, &netdev) < 0 ||
!IN_SET(netdev->kind, NETDEV_KIND_TAP, NETDEV_KIND_TUN) ||
!TUNTAP(netdev)->keep_fd)
manager_close_and_notify_tuntap_fd(m, name);
while ((p = hashmap_steal_first_key_and_value(m->tuntap_fds_by_name, (void**) &name))) {
close_and_notify_warn(PTR_TO_FD(p), name);
name = mfree(name);
}
}
static int tuntap_take_fd(NetDev *netdev) {
_cleanup_free_ char *name = NULL;
void *p;
int r;
assert(netdev);
assert(netdev->manager);
r = link_get_by_name(netdev->manager, netdev->ifname, NULL);
if (r < 0)
return r;
p = hashmap_remove2(netdev->manager->tuntap_fds_by_name, netdev->ifname, (void**) &name);
if (!p)
return -ENOENT;
log_netdev_debug(netdev, "Found file descriptor in fd store.");
return PTR_TO_FD(p);
}
static int netdev_create_tuntap(NetDev *netdev) {
_cleanup_close_ int fd = -EBADF;
struct ifreq ifr = {};
TunTap *t = TUNTAP(netdev);
TunTap *t;
int r;
assert(netdev);
assert(netdev->manager);
t = TUNTAP(netdev);
assert(t);
fd = open(TUN_DEV, O_RDWR|O_CLOEXEC);
fd = TAKE_FD(t->fd);
if (fd < 0)
fd = tuntap_take_fd(netdev);
if (fd < 0)
fd = open(TUN_DEV, O_RDWR|O_CLOEXEC);
if (fd < 0)
return log_netdev_error_errno(netdev, errno, "Failed to open " TUN_DEV ": %m");
@ -203,25 +175,42 @@ static int netdev_create_tuntap(NetDev *netdev) {
if (ioctl(fd, TUNSETPERSIST, 1) < 0)
return log_netdev_error_errno(netdev, errno, "TUNSETPERSIST failed: %m");
r = netdev_push_tuntap_fd(netdev, fd);
if (r < 0)
return log_netdev_warning_errno(netdev, r, "Failed to save TUN/TAP fd: %m");
if (r > 0)
TAKE_FD(fd);
if (t->keep_fd) {
t->fd = TAKE_FD(fd);
(void) notify_push_fdf(t->fd, "tuntap-%s", netdev->ifname);
}
netdev_enter_ready(netdev);
return 0;
}
static void tuntap_drop(NetDev *netdev) {
assert(netdev);
static void tuntap_init(NetDev *netdev) {
TunTap *t;
manager_close_and_notify_tuntap_fd(netdev->manager, netdev->ifname);
assert(netdev);
t = TUNTAP(netdev);
assert(t);
t->fd = -EBADF;
}
static void tuntap_drop(NetDev *netdev) {
TunTap *t;
assert(netdev);
t = TUNTAP(netdev);
assert(t);
t->fd = close_and_notify_warn(t->fd, netdev->ifname);
}
static void tuntap_done(NetDev *netdev) {
TunTap *t = TUNTAP(netdev);
TunTap *t;
assert(netdev);
t = TUNTAP(netdev);
assert(t);
t->fd = safe_close(t->fd);
t->user_name = mfree(t->user_name);
t->group_name = mfree(t->group_name);
}
@ -248,6 +237,7 @@ const NetDevVTable tun_vtable = {
.object_size = sizeof(TunTap),
.sections = NETDEV_COMMON_SECTIONS "Tun\0",
.config_verify = tuntap_verify,
.init = tuntap_init,
.drop = tuntap_drop,
.done = tuntap_done,
.create = netdev_create_tuntap,
@ -259,6 +249,7 @@ const NetDevVTable tap_vtable = {
.object_size = sizeof(TunTap),
.sections = NETDEV_COMMON_SECTIONS "Tap\0",
.config_verify = tuntap_verify,
.init = tuntap_init,
.drop = tuntap_drop,
.done = tuntap_done,
.create = netdev_create_tuntap,

View File

@ -8,6 +8,7 @@ typedef struct TunTap TunTap;
struct TunTap {
NetDev meta;
int fd;
char *user_name;
char *group_name;
bool multi_queue;

Some files were not shown because too many files have changed in this diff Show More