Compare commits

..

1 Commits

Author SHA1 Message Date
talisein 23d206ce4d
Merge 353f417f48 into 5da7e9b208 2024-11-12 17:52:27 +08:00
189 changed files with 102871 additions and 105503 deletions

93
NEWS
View File

@ -399,15 +399,6 @@ CHANGES WITH 257 in spe:
be extended, and a --measure-base= switch to support measurement be extended, and a --measure-base= switch to support measurement
of multi-profile UKIs. of multi-profile UKIs.
* ukify gained a --certificate-provider switch to use an OpenSSL
provider to load the certificate used to sign artifacts, instead of
having to provide the path to a file on disk.
* bootctl, systemd-keyutil, systemd-measure, systemd-repart, and
systemd-sbsign gained a new --certificate-source switch that allows
loading the X.509 certificate from an OpenSSL provider instead of a
file system path.
* systemd-boot's menu will now react to volume up/down rocker presses * systemd-boot's menu will now react to volume up/down rocker presses
the same way as to arrow up/down presses: they move the menu item up the same way as to arrow up/down presses: they move the menu item up
or down. This is useful on device form factors that have only a or down. This is useful on device form factors that have only a
@ -446,9 +437,6 @@ CHANGES WITH 257 in spe:
and providers, with pin caching support for PKCS11. ukify supports it and providers, with pin caching support for PKCS11. ukify supports it
as an alternative to sbsigntool and pesign. as an alternative to sbsigntool and pesign.
* A new systemd-keyutil tool has been added, that can be used to perform
various operations on private keys and X.509 certificates.
The journal: The journal:
* journalctl can now list invocations of a unit with the * journalctl can now list invocations of a unit with the
@ -764,38 +752,36 @@ CHANGES WITH 257 in spe:
other cases EnterNamespace= might be an suitable approach to acquire other cases EnterNamespace= might be an suitable approach to acquire
symbolized backtraces.) symbolized backtraces.)
Contributions from: 12paper, A. Wilcox, Abderrahim Kitouni, Contributions from: A. Wilcox, Abderrahim Kitouni, Adrian Vovk,
Adrian Vovk, Alain Greppin, Allison Karlitskaya, Alyssa Ross, Alain Greppin, Allison Karlitskaya, Alyssa Ross, Anders Jonsson,
Anders Jonsson, Andika Triwidada, Andres Beltran, Anouk Ceyssens, Andika Triwidada, Andres Beltran, Anouk Ceyssens, Anton Golubev,
Anselm Schueler, Anton Golubev, Antonio Alvarez Feijoo, Antonio Alvarez Feijoo, Arian van Putten, Arnaud Patard,
Arian van Putten, Arnaud Patard, Arthur Shau, Bastien Nocera, Arthur Shau, Bastien Nocera, Benjamin ROBIN, Brenton Simpson,
Benjamin ROBIN, Brenton Simpson, Bryan Gurney, ButterflyOfFire, Bryan Gurney, ButterflyOfFire, Carlo Teubner, Celeste Liu,
Carlo Teubner, Celeste Liu, Chen Guanqiao, Chen Qi, Chengen Du, Chen Guanqiao, Chen Qi, Chengen Du, Christoph Anton Mitterer,
Christoph Anton Mitterer, Colin Foster, Collin L, Colin Foster, Collin L, Cristian Rodríguez, Daan De Meyer,
Cristian Rodríguez, Daan De Meyer, Dan Nicholson, Daniel Dawson, Dan Nicholson, Daniel Dawson, Daniel Martinez,
Daniel Martinez, Daniel P. Berrangé, Daniel Rusek, Daniel P. Berrangé, Daniel Rusek, Darsey Litzenberger,
Darsey Litzenberger, David Joaquín Shourabi Porcel, David Joaquín Shourabi Porcel, David Michael, David Rheinsberg,
David Michael, David Rheinsberg, David Tardon, Davide Cavalca, David Tardon, Davide Cavalca, Derek J. Clark, Diego Viola,
Derek J. Clark, Diego Viola, Dimitrys Meliates, Diogo Ivo, Dimitrys Meliates, Diogo Ivo, DocNITE, Dominique Martinet,
DocNITE, Dominique Martinet, Dr. David Alan Gilbert, Dr. David Alan Gilbert, Edson Juliano Drosdeck, Erik Sjölund,
Edson Juliano Drosdeck, Erik Sjölund, Etienne Champetier, Etienne Champetier, Etienne Cordonnier, Ettore Atalan,
Etienne Cordonnier, Ettore Atalan, Eugeny Shcheglov, Fabian Vogt, Eugeny Shcheglov, Fabian Vogt, Filip Lewiński, Florian Schmaus,
Filip Lewiński, Florian Schmaus, Franck Bui, Frantisek Sumsal, Franck Bui, Frantisek Sumsal, Fábio Rodrigues Ribeiro,
Fábio Rodrigues Ribeiro, Gabriel Elyas, Gaël PORTAY, Gabriel Elyas, Gaël PORTAY, Giovanni Baratta, Gregor Herburger,
Giovanni Baratta, Gregor Herburger, Gregory Arenius, GwynBleidD, Gregory Arenius, GwynBleidD, Göran Uddeborg, Hans de Goede,
Göran Uddeborg, Hans de Goede, Helmut Grohne, Henry Chen, Helmut Grohne, Henry Chen, Ian Abbott, Integral, Ivan Kruglov,
Ian Abbott, Integral, Ivan Kruglov, Ivan Shapovalov, James Coglan, Ivan Shapovalov, James Coglan, James Hilliard, James Muir,
James Hilliard, James Muir, Jason Yundt, Jeffrey Bosboom, Jason Yundt, Jeffrey Bosboom, Johannes Schneider,
Jian Zhang, Johannes Schneider, John A. Leuenhagen, John A. Leuenhagen, Jose Ignacio Tornos Martinez, JoseskVolpe,
Jose Ignacio Tornos Martinez, JoseskVolpe, Joshua Grisham, Joshua Grisham, Jörg Behrmann, Kai-Chuan Hsieh, Kamil Szczęk,
Jörg Behrmann, Kai-Chuan Hsieh, Kamil Szczęk, Karel Zak, Karel Zak, Kornilios Kourtis, Kuntal Majumder, Lennart Poettering,
Kornilios Kourtis, Kuntal Majumder, Lennart Poettering, Luca Boccassi, Lucas Adriano Salles, Lucas Werkmeister,
Lidong Zhong, Luca Boccassi, Lucas Adriano Salles, Ludwig Nussel, Luke T. Shumaker, Lukáš Nykrýn, Léane GRASSER,
Lucas Werkmeister, Ludwig Nussel, Luke T. Shumaker, Maanya Goenka, Mantas Mikulėnas, Marc Reisner, Marcel Hellwig,
Lukáš Nykrýn, Luna Jernberg, Léane GRASSER, Maanya Goenka, Marin Kresic, Marius Hoch, Martin Srebotnjak, Martin Wilck,
Mantas Mikulėnas, Marc Reisner, Marcel Hellwig, Marin Kresic, Mary Strodl, Matteo Croce, Matthias Lisin, Matthias Schiffer,
Marius Hoch, Martin Srebotnjak, Martin Wilck, Mary Strodl,
Matteo Croce, Matthias Lisin, Matthias Schiffer,
Matthieu Baerts (NGI0), Matthieu CHARETTE, Matthieu Baerts (NGI0), Matthieu CHARETTE,
Mauri de Souza Meneguzzo, Maximilian Wilhelm, Merlin Jehli, Mauri de Souza Meneguzzo, Maximilian Wilhelm, Merlin Jehli,
Michael Ferrari, Michal Koutný, Michal Sekletár, Michael Ferrari, Michal Koutný, Michal Sekletár,
@ -809,17 +795,16 @@ CHANGES WITH 257 in spe:
Stuart Hayhurst, Susant Sahani, Takeo Kondo, Temuri Doghonadze, Stuart Hayhurst, Susant Sahani, Takeo Kondo, Temuri Doghonadze,
Thomas Blume, Thorsten Scherer, Tobias Fleig, Tom Coldrick, Thomas Blume, Thorsten Scherer, Tobias Fleig, Tom Coldrick,
Tom Yan, Tomas Bzatek, Topi Miettinen, Uday Shankar, Tom Yan, Tomas Bzatek, Topi Miettinen, Uday Shankar,
Valentin David, Vasiliy Kovalev, Vitaly Kuznetsov, Vito Caputo, Vasiliy Kovalev, Vitaly Kuznetsov, Vito Caputo, Vladimir Panteleev,
Vladimir Panteleev, Vursc, Will Fancher, WilliButz, Xeonacid, Will Fancher, WilliButz, Xeonacid, Yanqing Jing, Yu Watanabe,
Yanqing Jing, Yu Watanabe, Yuri Chornoivan, ZHANG Yuntian, Yuri Chornoivan, ZHANG Yuntian, Zbigniew Jędrzejewski-Szmek,
Zbigniew Jędrzejewski-Szmek, Zhou Qiankang, andre4ik3, anonymix007, Zhou Qiankang, anonymix007, bryango, chayleaf, chenjiayi, csp5me,
bryango, chayleaf, chenjiayi, csp5me, cvlc12, fwfy, hugo303, cvlc12, fwfy, hugo303, jan@neighbourhood.ie, jauge-technica, lumingzh,
jan@neighbourhood.ie, jauge-technica, lumingzh, maia x., marginaldev, maia x., marginaldev, migleeson, nerdopolis, oldherl, pyfisch, q66,
migleeson, nerdopolis, oldherl, pyfisch, q66, rajmohan r, reDBo0n, rajmohan r, reDBo0n, rhellstrom, rindeal, samuelvw01, sinus-x, tfg13,
rhellstrom, rindeal, samuelvw01, sinus-x, tfg13, vdovhanych, xujing, vdovhanych, xujing, Łukasz Stelmach, Дамјан Георгиевски
Łukasz Stelmach, Štěpán Němec, Дамјан Георгиевски
— Edinburgh, 2024-11-15 — Edinburgh, 2024-11-06
CHANGES WITH 256: CHANGES WITH 256:

16
TODO
View File

@ -129,20 +129,6 @@ Deprecations and removals:
Features: Features:
* Teach systemd-ssh-generator to generated an /run/issue.d/ drop-in telling
users how to connect to the system via the AF_VSOCK, as per:
https://github.com/systemd/systemd/issues/35071#issuecomment-2462803142
* maybe introduce an OSC sequence that signals when we ask for a password, so
that terminal emulators can maybe connect a password manager or so, and
highlight things specially.
* Port pidref_namespace_open() to use PIDFD_GET_MNT_NAMESPACE and related
ioctls to get nsfds directly from pidfds.
* start using STATX_SUBVOL in btrfs_is_subvol(). Also, make use of it
generically, so that image discovery recognizes bcachefs subvols too.
* format-table: introduce new cell type for strings with ansi sequences in * format-table: introduce new cell type for strings with ansi sequences in
them. display them in regular output mode (via strip_tab_ansi()), but them. display them in regular output mode (via strip_tab_ansi()), but
suppress them in json mode. suppress them in json mode.
@ -2064,7 +2050,7 @@ Features:
with other units https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/Documentation/admin-guide/hw-vuln/core-scheduling.rst with other units https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/Documentation/admin-guide/hw-vuln/core-scheduling.rst
- ExtensionImages= deduplication for services is currently only applied to disk images without GPT envelope. - ExtensionImages= deduplication for services is currently only applied to disk images without GPT envelope.
This should be extended to work with proper DDIs too, as well as directory confext/sysext. Moreover, This should be extended to work with proper DDIs too, as well as directory confext/sysext. Moreover,
system-wide confext/sysext should support this too. system-wide confex/sysext should support this too.
- Pin the mount namespace via FD by sending it back from sd-exec to the manager, and use it - Pin the mount namespace via FD by sending it back from sd-exec to the manager, and use it
for live mounting, instead of doing it via PID for live mounting, instead of doing it via PID

View File

@ -36123,7 +36123,7 @@ OUI:00A044*
ID_OUI_FROM_DATABASE=NTT IT CO., LTD. ID_OUI_FROM_DATABASE=NTT IT CO., LTD.
OUI:00A045* OUI:00A045*
ID_OUI_FROM_DATABASE=Phoenix Contact GmbH & Co. KG ID_OUI_FROM_DATABASE=PHOENIX CONTACT Electronics GmbH
OUI:00A046* OUI:00A046*
ID_OUI_FROM_DATABASE=SCITEX CORP. LTD. ID_OUI_FROM_DATABASE=SCITEX CORP. LTD.
@ -40088,9 +40088,6 @@ OUI:044707*
OUI:04472A* OUI:04472A*
ID_OUI_FROM_DATABASE=Palo Alto Networks ID_OUI_FROM_DATABASE=Palo Alto Networks
OUI:0447CA*
ID_OUI_FROM_DATABASE=GREE ELECTRIC APPLIANCES, INC. OF ZHUHAI
OUI:04489A* OUI:04489A*
ID_OUI_FROM_DATABASE=Apple, Inc. ID_OUI_FROM_DATABASE=Apple, Inc.
@ -40559,9 +40556,6 @@ OUI:04AC44*
OUI:04AEC7* OUI:04AEC7*
ID_OUI_FROM_DATABASE=Marquardt ID_OUI_FROM_DATABASE=Marquardt
OUI:04B066*
ID_OUI_FROM_DATABASE=Private
OUI:04B0E7* OUI:04B0E7*
ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD
@ -43064,30 +43058,12 @@ OUI:0C47A90*
OUI:0C47A91* OUI:0C47A91*
ID_OUI_FROM_DATABASE=Shanghai BST Electric Co.,ltd ID_OUI_FROM_DATABASE=Shanghai BST Electric Co.,ltd
OUI:0C47A92*
ID_OUI_FROM_DATABASE=Annapurna labs
OUI:0C47A93*
ID_OUI_FROM_DATABASE=HONGKONG STONEOIM TECHNOLOGY LIMITED
OUI:0C47A94* OUI:0C47A94*
ID_OUI_FROM_DATABASE=Private ID_OUI_FROM_DATABASE=Private
OUI:0C47A95*
ID_OUI_FROM_DATABASE=Everon Co., Ltd.
OUI:0C47A96*
ID_OUI_FROM_DATABASE=Shenzhen Hahappylife Innovations Electronics Technology Co.,Ltd
OUI:0C47A97* OUI:0C47A97*
ID_OUI_FROM_DATABASE=Annapurna labs ID_OUI_FROM_DATABASE=Annapurna labs
OUI:0C47A98*
ID_OUI_FROM_DATABASE=Honest Networks LLC
OUI:0C47A99*
ID_OUI_FROM_DATABASE=Shanghai Sigen New Energy Technology Co., Ltd
OUI:0C47A9A* OUI:0C47A9A*
ID_OUI_FROM_DATABASE=Lens Technology (Xiangtan) Co.,Ltd ID_OUI_FROM_DATABASE=Lens Technology (Xiangtan) Co.,Ltd
@ -43100,9 +43076,6 @@ OUI:0C47A9C*
OUI:0C47A9D* OUI:0C47A9D*
ID_OUI_FROM_DATABASE=DIG_LINK ID_OUI_FROM_DATABASE=DIG_LINK
OUI:0C47A9E*
ID_OUI_FROM_DATABASE=BGResearch
OUI:0C47C9* OUI:0C47C9*
ID_OUI_FROM_DATABASE=Amazon Technologies Inc. ID_OUI_FROM_DATABASE=Amazon Technologies Inc.
@ -43625,9 +43598,6 @@ OUI:0C9301*
OUI:0C938F* OUI:0C938F*
ID_OUI_FROM_DATABASE=GUANGDONG OPPO MOBILE TELECOMMUNICATIONS CORP.,LTD ID_OUI_FROM_DATABASE=GUANGDONG OPPO MOBILE TELECOMMUNICATIONS CORP.,LTD
OUI:0C93A5*
ID_OUI_FROM_DATABASE=eero inc.
OUI:0C93FB* OUI:0C93FB*
ID_OUI_FROM_DATABASE=BNS Solutions ID_OUI_FROM_DATABASE=BNS Solutions
@ -44057,9 +44027,6 @@ OUI:0CEC84*
OUI:0CEC8D* OUI:0CEC8D*
ID_OUI_FROM_DATABASE=Motorola Mobility LLC, a Lenovo Company ID_OUI_FROM_DATABASE=Motorola Mobility LLC, a Lenovo Company
OUI:0CED71*
ID_OUI_FROM_DATABASE=Extreme Networks Headquarters
OUI:0CEDC8* OUI:0CEDC8*
ID_OUI_FROM_DATABASE=Xiaomi Communications Co Ltd ID_OUI_FROM_DATABASE=Xiaomi Communications Co Ltd
@ -46244,9 +46211,6 @@ OUI:147F67*
OUI:147FCE* OUI:147FCE*
ID_OUI_FROM_DATABASE=Apple, Inc. ID_OUI_FROM_DATABASE=Apple, Inc.
OUI:1480CC*
ID_OUI_FROM_DATABASE=Quectel Wireless Solutions Co.,Ltd.
OUI:14825B* OUI:14825B*
ID_OUI_FROM_DATABASE=Hefei Radio Communication Technology Co., Ltd ID_OUI_FROM_DATABASE=Hefei Radio Communication Technology Co., Ltd
@ -47333,9 +47297,6 @@ OUI:1869DA*
OUI:186A81* OUI:186A81*
ID_OUI_FROM_DATABASE=Sagemcom Broadband SAS ID_OUI_FROM_DATABASE=Sagemcom Broadband SAS
OUI:186BE2*
ID_OUI_FROM_DATABASE=LYLINK LIMITED
OUI:186D99* OUI:186D99*
ID_OUI_FROM_DATABASE=Adanis Inc. ID_OUI_FROM_DATABASE=Adanis Inc.
@ -48599,9 +48560,6 @@ OUI:1C4D70*
OUI:1C4D89* OUI:1C4D89*
ID_OUI_FROM_DATABASE=Hangzhou Huacheng Network Technology Co.,Ltd ID_OUI_FROM_DATABASE=Hangzhou Huacheng Network Technology Co.,Ltd
OUI:1C4EA2*
ID_OUI_FROM_DATABASE=Shenzhen V-Link Technology CO., LTD.
OUI:1C501E* OUI:1C501E*
ID_OUI_FROM_DATABASE=Sunplus Technology Co., Ltd. ID_OUI_FROM_DATABASE=Sunplus Technology Co., Ltd.
@ -48851,9 +48809,6 @@ OUI:1C77F6*
OUI:1C7839* OUI:1C7839*
ID_OUI_FROM_DATABASE=Shenzhen Tencent Computer System Co., Ltd. ID_OUI_FROM_DATABASE=Shenzhen Tencent Computer System Co., Ltd.
OUI:1C784B*
ID_OUI_FROM_DATABASE=Bouffalo Lab (Nanjing) Co., Ltd.
OUI:1C784E* OUI:1C784E*
ID_OUI_FROM_DATABASE=China Mobile Iot Limited company ID_OUI_FROM_DATABASE=China Mobile Iot Limited company
@ -49190,9 +49145,6 @@ OUI:1C937C*
OUI:1C93C4* OUI:1C93C4*
ID_OUI_FROM_DATABASE=Amazon Technologies Inc. ID_OUI_FROM_DATABASE=Amazon Technologies Inc.
OUI:1C9468*
ID_OUI_FROM_DATABASE=New H3C Technologies Co., Ltd
OUI:1C9492* OUI:1C9492*
ID_OUI_FROM_DATABASE=RUAG Schweiz AG ID_OUI_FROM_DATABASE=RUAG Schweiz AG
@ -51383,9 +51335,6 @@ OUI:24470E*
OUI:244845* OUI:244845*
ID_OUI_FROM_DATABASE=Hangzhou Hikvision Digital Technology Co.,Ltd. ID_OUI_FROM_DATABASE=Hangzhou Hikvision Digital Technology Co.,Ltd.
OUI:244885*
ID_OUI_FROM_DATABASE=Huawei Device Co., Ltd.
OUI:24497B* OUI:24497B*
ID_OUI_FROM_DATABASE=Innovative Converged Devices Inc ID_OUI_FROM_DATABASE=Innovative Converged Devices Inc
@ -53438,9 +53387,6 @@ OUI:28DB81*
OUI:28DBA7* OUI:28DBA7*
ID_OUI_FROM_DATABASE=Silicon Laboratories ID_OUI_FROM_DATABASE=Silicon Laboratories
OUI:28DE1C*
ID_OUI_FROM_DATABASE=Samsung Electronics Co.,Ltd
OUI:28DE59* OUI:28DE59*
ID_OUI_FROM_DATABASE=Domus NTW CORP. ID_OUI_FROM_DATABASE=Domus NTW CORP.
@ -54450,7 +54396,7 @@ OUI:2C691D3*
ID_OUI_FROM_DATABASE=Sunsa, Inc ID_OUI_FROM_DATABASE=Sunsa, Inc
OUI:2C691D4* OUI:2C691D4*
ID_OUI_FROM_DATABASE=SPEEDTECH CORP. JIO ID_OUI_FROM_DATABASE=SPEEDTECH CORP.
OUI:2C691D5* OUI:2C691D5*
ID_OUI_FROM_DATABASE=LG Electronics Inc. ID_OUI_FROM_DATABASE=LG Electronics Inc.
@ -55226,9 +55172,6 @@ OUI:2CFFEE*
OUI:3000FC* OUI:3000FC*
ID_OUI_FROM_DATABASE=Nokia ID_OUI_FROM_DATABASE=Nokia
OUI:3001AF*
ID_OUI_FROM_DATABASE=Cisco Systems, Inc
OUI:3003C8* OUI:3003C8*
ID_OUI_FROM_DATABASE=CLOUD NETWORK TECHNOLOGY SINGAPORE PTE. LTD. ID_OUI_FROM_DATABASE=CLOUD NETWORK TECHNOLOGY SINGAPORE PTE. LTD.
@ -56402,9 +56345,6 @@ OUI:30E3D6*
OUI:30E48E* OUI:30E48E*
ID_OUI_FROM_DATABASE=Vodafone UK ID_OUI_FROM_DATABASE=Vodafone UK
OUI:30E4D8*
ID_OUI_FROM_DATABASE=Huawei Device Co., Ltd.
OUI:30E4DB* OUI:30E4DB*
ID_OUI_FROM_DATABASE=Cisco Systems, Inc ID_OUI_FROM_DATABASE=Cisco Systems, Inc
@ -56420,9 +56360,6 @@ OUI:30E98E*
OUI:30EA26* OUI:30EA26*
ID_OUI_FROM_DATABASE=Sycada BV ID_OUI_FROM_DATABASE=Sycada BV
OUI:30EB15*
ID_OUI_FROM_DATABASE=Huawei Device Co., Ltd.
OUI:30EB1F* OUI:30EB1F*
ID_OUI_FROM_DATABASE=Skylab M&C Technology Co.,Ltd ID_OUI_FROM_DATABASE=Skylab M&C Technology Co.,Ltd
@ -57200,9 +57137,6 @@ OUI:346F92*
OUI:346FED* OUI:346FED*
ID_OUI_FROM_DATABASE=Enovation Controls ID_OUI_FROM_DATABASE=Enovation Controls
OUI:347069*
ID_OUI_FROM_DATABASE=Cisco Systems, Inc
OUI:347146* OUI:347146*
ID_OUI_FROM_DATABASE=Huawei Device Co., Ltd. ID_OUI_FROM_DATABASE=Huawei Device Co., Ltd.
@ -57953,9 +57887,6 @@ OUI:34F39A*
OUI:34F39B* OUI:34F39B*
ID_OUI_FROM_DATABASE=WizLAN Ltd. ID_OUI_FROM_DATABASE=WizLAN Ltd.
OUI:34F5D7*
ID_OUI_FROM_DATABASE=Huawei Device Co., Ltd.
OUI:34F62D* OUI:34F62D*
ID_OUI_FROM_DATABASE=SHARP Corporation ID_OUI_FROM_DATABASE=SHARP Corporation
@ -58451,9 +58382,6 @@ OUI:384C4F*
OUI:384C90* OUI:384C90*
ID_OUI_FROM_DATABASE=Commscope ID_OUI_FROM_DATABASE=Commscope
OUI:384DD2*
ID_OUI_FROM_DATABASE=Huawei Device Co., Ltd.
OUI:384F49* OUI:384F49*
ID_OUI_FROM_DATABASE=Juniper Networks ID_OUI_FROM_DATABASE=Juniper Networks
@ -60722,9 +60650,6 @@ OUI:3CE624*
OUI:3CE824* OUI:3CE824*
ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD
OUI:3CE86E*
ID_OUI_FROM_DATABASE=Hewlett Packard Enterprise
OUI:3CE90E* OUI:3CE90E*
ID_OUI_FROM_DATABASE=Espressif Inc. ID_OUI_FROM_DATABASE=Espressif Inc.
@ -63059,9 +62984,6 @@ OUI:44AAE8*
OUI:44AAF5* OUI:44AAF5*
ID_OUI_FROM_DATABASE=Commscope ID_OUI_FROM_DATABASE=Commscope
OUI:44AC85*
ID_OUI_FROM_DATABASE=eero inc.
OUI:44AD19* OUI:44AD19*
ID_OUI_FROM_DATABASE=XINGFEI H.KLIMITED ID_OUI_FROM_DATABASE=XINGFEI H.KLIMITED
@ -63434,9 +63356,6 @@ OUI:44F477*
OUI:44F4E7* OUI:44F4E7*
ID_OUI_FROM_DATABASE=Cohesity Inc ID_OUI_FROM_DATABASE=Cohesity Inc
OUI:44F53E*
ID_OUI_FROM_DATABASE=Earda Technologies co Ltd
OUI:44F770* OUI:44F770*
ID_OUI_FROM_DATABASE=Beijing Xiaomi Mobile Software Co., Ltd ID_OUI_FROM_DATABASE=Beijing Xiaomi Mobile Software Co., Ltd
@ -67529,9 +67448,6 @@ OUI:50E039*
OUI:50E085* OUI:50E085*
ID_OUI_FROM_DATABASE=Intel Corporate ID_OUI_FROM_DATABASE=Intel Corporate
OUI:50E099*
ID_OUI_FROM_DATABASE=HangZhou Atuo Future Technology Co., Ltd
OUI:50E0C7* OUI:50E0C7*
ID_OUI_FROM_DATABASE=TurControlSystme AG ID_OUI_FROM_DATABASE=TurControlSystme AG
@ -68321,9 +68237,6 @@ OUI:547D40*
OUI:547DCD* OUI:547DCD*
ID_OUI_FROM_DATABASE=Texas Instruments ID_OUI_FROM_DATABASE=Texas Instruments
OUI:547E1A*
ID_OUI_FROM_DATABASE=Kaon Group Co., Ltd.
OUI:547F54* OUI:547F54*
ID_OUI_FROM_DATABASE=INGENICO ID_OUI_FROM_DATABASE=INGENICO
@ -70028,9 +69941,6 @@ OUI:58DB8D*
OUI:58DC6D* OUI:58DC6D*
ID_OUI_FROM_DATABASE=Exceptional Innovation, Inc. ID_OUI_FROM_DATABASE=Exceptional Innovation, Inc.
OUI:58DF59*
ID_OUI_FROM_DATABASE=Cisco Systems, Inc
OUI:58E02C* OUI:58E02C*
ID_OUI_FROM_DATABASE=Micro Technic A/S ID_OUI_FROM_DATABASE=Micro Technic A/S
@ -70175,9 +70085,6 @@ OUI:58F987*
OUI:58F98E* OUI:58F98E*
ID_OUI_FROM_DATABASE=SECUDOS GmbH ID_OUI_FROM_DATABASE=SECUDOS GmbH
OUI:58FB3E*
ID_OUI_FROM_DATABASE=Huawei Device Co., Ltd.
OUI:58FB84* OUI:58FB84*
ID_OUI_FROM_DATABASE=Intel Corporate ID_OUI_FROM_DATABASE=Intel Corporate
@ -74531,9 +74438,6 @@ OUI:684F64*
OUI:68505D* OUI:68505D*
ID_OUI_FROM_DATABASE=Halo Technologies ID_OUI_FROM_DATABASE=Halo Technologies
OUI:68508C*
ID_OUI_FROM_DATABASE=Shanghai Sunmi Technology Co.,Ltd.
OUI:685134* OUI:685134*
ID_OUI_FROM_DATABASE=Hewlett Packard Enterprise ID_OUI_FROM_DATABASE=Hewlett Packard Enterprise
@ -74945,9 +74849,6 @@ OUI:689A87*
OUI:689AB7* OUI:689AB7*
ID_OUI_FROM_DATABASE=Atelier Vision Corporation ID_OUI_FROM_DATABASE=Atelier Vision Corporation
OUI:689B43*
ID_OUI_FROM_DATABASE=Huawei Device Co., Ltd.
OUI:689C5E* OUI:689C5E*
ID_OUI_FROM_DATABASE=AcSiP Technology Corp. ID_OUI_FROM_DATABASE=AcSiP Technology Corp.
@ -94557,7 +94458,7 @@ OUI:7CBD06*
ID_OUI_FROM_DATABASE=AE REFUsol ID_OUI_FROM_DATABASE=AE REFUsol
OUI:7CBF77* OUI:7CBF77*
ID_OUI_FROM_DATABASE=SPEEDTECH CORP. JIO ID_OUI_FROM_DATABASE=SPEEDTECH CORP.
OUI:7CBF88* OUI:7CBF88*
ID_OUI_FROM_DATABASE=Mobilicom LTD ID_OUI_FROM_DATABASE=Mobilicom LTD
@ -95201,9 +95102,6 @@ OUI:802E14*
OUI:802EC3* OUI:802EC3*
ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD
OUI:802EDE*
ID_OUI_FROM_DATABASE=Huawei Device Co., Ltd.
OUI:802FDE* OUI:802FDE*
ID_OUI_FROM_DATABASE=Zurich Instruments AG ID_OUI_FROM_DATABASE=Zurich Instruments AG
@ -95279,9 +95177,6 @@ OUI:803C20*
OUI:803E48* OUI:803E48*
ID_OUI_FROM_DATABASE=SHENZHEN GONGJIN ELECTRONICS CO.,LT ID_OUI_FROM_DATABASE=SHENZHEN GONGJIN ELECTRONICS CO.,LT
OUI:803E4F*
ID_OUI_FROM_DATABASE=GD Midea Air-Conditioning Equipment Co.,Ltd.
OUI:803F5D* OUI:803F5D*
ID_OUI_FROM_DATABASE=Winstars Technology Ltd ID_OUI_FROM_DATABASE=Winstars Technology Ltd
@ -95531,9 +95426,6 @@ OUI:8077A4*
OUI:807871* OUI:807871*
ID_OUI_FROM_DATABASE=ASKEY COMPUTER CORP ID_OUI_FROM_DATABASE=ASKEY COMPUTER CORP
OUI:807933*
ID_OUI_FROM_DATABASE=Aigentec Technology(Zhejiang) Co., Ltd.
OUI:80795D* OUI:80795D*
ID_OUI_FROM_DATABASE=Infinix mobility limited ID_OUI_FROM_DATABASE=Infinix mobility limited
@ -97898,9 +97790,6 @@ OUI:884477*
OUI:8844F6* OUI:8844F6*
ID_OUI_FROM_DATABASE=Nokia Corporation ID_OUI_FROM_DATABASE=Nokia Corporation
OUI:8845F0*
ID_OUI_FROM_DATABASE=GUANGDONG GENIUS TECHNOLOGY CO., LTD.
OUI:884604* OUI:884604*
ID_OUI_FROM_DATABASE=Xiaomi Communications Co Ltd ID_OUI_FROM_DATABASE=Xiaomi Communications Co Ltd
@ -99683,9 +99572,6 @@ OUI:8C1F64154*
OUI:8C1F64155* OUI:8C1F64155*
ID_OUI_FROM_DATABASE=SLAT ID_OUI_FROM_DATABASE=SLAT
OUI:8C1F64159*
ID_OUI_FROM_DATABASE=Mediana Co., Ltd.
OUI:8C1F6415A* OUI:8C1F6415A*
ID_OUI_FROM_DATABASE=ASHIDA Electronics Pvt. Ltd ID_OUI_FROM_DATABASE=ASHIDA Electronics Pvt. Ltd
@ -99812,9 +99698,6 @@ OUI:8C1F641B9*
OUI:8C1F641BB* OUI:8C1F641BB*
ID_OUI_FROM_DATABASE=Renwei Electronics Technology (Shenzhen) Co.,LTD. ID_OUI_FROM_DATABASE=Renwei Electronics Technology (Shenzhen) Co.,LTD.
OUI:8C1F641BC*
ID_OUI_FROM_DATABASE=Transit Solutions, LLC.
OUI:8C1F641BD* OUI:8C1F641BD*
ID_OUI_FROM_DATABASE=DORLET SAU ID_OUI_FROM_DATABASE=DORLET SAU
@ -99914,9 +99797,6 @@ OUI:8C1F64203*
OUI:8C1F64204* OUI:8C1F64204*
ID_OUI_FROM_DATABASE=castcore ID_OUI_FROM_DATABASE=castcore
OUI:8C1F64206*
ID_OUI_FROM_DATABASE=KRYFS TECHNOLOGIES PRIVATE LIMITED
OUI:8C1F64208* OUI:8C1F64208*
ID_OUI_FROM_DATABASE=Sichuan AnSphere Technology Co. Ltd. ID_OUI_FROM_DATABASE=Sichuan AnSphere Technology Co. Ltd.
@ -100493,9 +100373,6 @@ OUI:8C1F64392*
OUI:8C1F64393* OUI:8C1F64393*
ID_OUI_FROM_DATABASE=GRE SYSTEM INC. ID_OUI_FROM_DATABASE=GRE SYSTEM INC.
OUI:8C1F64394*
ID_OUI_FROM_DATABASE=Ceranext Ltd
OUI:8C1F64395* OUI:8C1F64395*
ID_OUI_FROM_DATABASE=Beijing Ceresdata Technology Co., LTD ID_OUI_FROM_DATABASE=Beijing Ceresdata Technology Co., LTD
@ -100688,9 +100565,6 @@ OUI:8C1F64417*
OUI:8C1F64419* OUI:8C1F64419*
ID_OUI_FROM_DATABASE=Naval Group ID_OUI_FROM_DATABASE=Naval Group
OUI:8C1F6441B*
ID_OUI_FROM_DATABASE=ENERGY POWER PRODUCTS LIMITED
OUI:8C1F6441C* OUI:8C1F6441C*
ID_OUI_FROM_DATABASE=KSE GmbH ID_OUI_FROM_DATABASE=KSE GmbH
@ -102140,9 +102014,6 @@ OUI:8C1F64803*
OUI:8C1F64804* OUI:8C1F64804*
ID_OUI_FROM_DATABASE=EA Elektro-Automatik ID_OUI_FROM_DATABASE=EA Elektro-Automatik
OUI:8C1F64806*
ID_OUI_FROM_DATABASE=Matrixspace
OUI:8C1F64807* OUI:8C1F64807*
ID_OUI_FROM_DATABASE=GIORDANO CONTROLS SPA ID_OUI_FROM_DATABASE=GIORDANO CONTROLS SPA
@ -102749,9 +102620,6 @@ OUI:8C1F649B3*
OUI:8C1F649B6* OUI:8C1F649B6*
ID_OUI_FROM_DATABASE=GS Elektromedizinsiche Geräte G. Stemple GmbH ID_OUI_FROM_DATABASE=GS Elektromedizinsiche Geräte G. Stemple GmbH
OUI:8C1F649B8*
ID_OUI_FROM_DATABASE=Makel Elektrik Malzemeleri A.Ş.
OUI:8C1F649B9* OUI:8C1F649B9*
ID_OUI_FROM_DATABASE=QUERCUS TECHNOLOGIES, S.L. ID_OUI_FROM_DATABASE=QUERCUS TECHNOLOGIES, S.L.
@ -104498,9 +104366,6 @@ OUI:8C1F64E80*
OUI:8C1F64E86* OUI:8C1F64E86*
ID_OUI_FROM_DATABASE=ComVetia AG ID_OUI_FROM_DATABASE=ComVetia AG
OUI:8C1F64E88*
ID_OUI_FROM_DATABASE=SiFive Inc
OUI:8C1F64E89* OUI:8C1F64E89*
ID_OUI_FROM_DATABASE=PADL Software Pty Ltd ID_OUI_FROM_DATABASE=PADL Software Pty Ltd
@ -104963,9 +104828,6 @@ OUI:8C1F64FDA*
OUI:8C1F64FDC* OUI:8C1F64FDC*
ID_OUI_FROM_DATABASE=Nuphoton Technologies ID_OUI_FROM_DATABASE=Nuphoton Technologies
OUI:8C1F64FDF*
ID_OUI_FROM_DATABASE=Potter Electric Signal Company
OUI:8C1F64FE0* OUI:8C1F64FE0*
ID_OUI_FROM_DATABASE=Potter Electric Signal Company ID_OUI_FROM_DATABASE=Potter Electric Signal Company
@ -108386,9 +108248,6 @@ OUI:94A04E*
OUI:94A07D* OUI:94A07D*
ID_OUI_FROM_DATABASE=Huawei Device Co., Ltd. ID_OUI_FROM_DATABASE=Huawei Device Co., Ltd.
OUI:94A081*
ID_OUI_FROM_DATABASE=Silicon Laboratories
OUI:94A1A2* OUI:94A1A2*
ID_OUI_FROM_DATABASE=AMPAK Technology, Inc. ID_OUI_FROM_DATABASE=AMPAK Technology, Inc.
@ -109253,9 +109112,6 @@ OUI:981E0F*
OUI:981E19* OUI:981E19*
ID_OUI_FROM_DATABASE=Sagemcom Broadband SAS ID_OUI_FROM_DATABASE=Sagemcom Broadband SAS
OUI:981E89*
ID_OUI_FROM_DATABASE=Tianyi Telecom Terminals Company Limited
OUI:981FB1* OUI:981FB1*
ID_OUI_FROM_DATABASE=Shenzhen Lemon Network Technology Co.,Ltd ID_OUI_FROM_DATABASE=Shenzhen Lemon Network Technology Co.,Ltd
@ -109985,9 +109841,6 @@ OUI:98A404*
OUI:98A40E* OUI:98A40E*
ID_OUI_FROM_DATABASE=Snap, Inc. ID_OUI_FROM_DATABASE=Snap, Inc.
OUI:98A44E*
ID_OUI_FROM_DATABASE=IEC Technologies S. de R.L de C.V.
OUI:98A5F9* OUI:98A5F9*
ID_OUI_FROM_DATABASE=Apple, Inc. ID_OUI_FROM_DATABASE=Apple, Inc.
@ -111422,9 +111275,6 @@ OUI:9CB793*
OUI:9CB8B4* OUI:9CB8B4*
ID_OUI_FROM_DATABASE=AMPAK Technology,Inc. ID_OUI_FROM_DATABASE=AMPAK Technology,Inc.
OUI:9CBAC9*
ID_OUI_FROM_DATABASE=Telit Communication s.p.a
OUI:9CBB98* OUI:9CBB98*
ID_OUI_FROM_DATABASE=Shen Zhen RND Electronic Co.,LTD ID_OUI_FROM_DATABASE=Shen Zhen RND Electronic Co.,LTD
@ -111860,9 +111710,6 @@ OUI:A00BBA*
OUI:A00CA1* OUI:A00CA1*
ID_OUI_FROM_DATABASE=SKTB SKiT ID_OUI_FROM_DATABASE=SKTB SKiT
OUI:A00CE2*
ID_OUI_FROM_DATABASE=Shenzhen Shokz Co., Ltd.
OUI:A00E98* OUI:A00E98*
ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD
@ -113954,9 +113801,6 @@ OUI:A47C1F*
OUI:A47CC9* OUI:A47CC9*
ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD
OUI:A47D78*
ID_OUI_FROM_DATABASE=Edgecore Americas Networking Corporation
OUI:A47D9F* OUI:A47D9F*
ID_OUI_FROM_DATABASE=Shenzhen iComm Semiconductor CO.,LTD ID_OUI_FROM_DATABASE=Shenzhen iComm Semiconductor CO.,LTD
@ -115167,7 +115011,7 @@ OUI:A87285*
ID_OUI_FROM_DATABASE=IDT, INC. ID_OUI_FROM_DATABASE=IDT, INC.
OUI:A8741D* OUI:A8741D*
ID_OUI_FROM_DATABASE=Phoenix Contact GmbH & Co. KG ID_OUI_FROM_DATABASE=PHOENIX CONTACT Electronics GmbH
OUI:A87484* OUI:A87484*
ID_OUI_FROM_DATABASE=zte corporation ID_OUI_FROM_DATABASE=zte corporation
@ -115274,9 +115118,6 @@ OUI:A88D7B*
OUI:A88E24* OUI:A88E24*
ID_OUI_FROM_DATABASE=Apple, Inc. ID_OUI_FROM_DATABASE=Apple, Inc.
OUI:A88F99*
ID_OUI_FROM_DATABASE=Arista Networks
OUI:A88FD9* OUI:A88FD9*
ID_OUI_FROM_DATABASE=Apple, Inc. ID_OUI_FROM_DATABASE=Apple, Inc.
@ -119387,9 +119228,6 @@ OUI:B4C810*
OUI:B4C9B9* OUI:B4C9B9*
ID_OUI_FROM_DATABASE=Sichuan AI-Link Technology Co., Ltd. ID_OUI_FROM_DATABASE=Sichuan AI-Link Technology Co., Ltd.
OUI:B4CADD*
ID_OUI_FROM_DATABASE=Cisco Systems, Inc
OUI:B4CB57* OUI:B4CB57*
ID_OUI_FROM_DATABASE=GUANGDONG OPPO MOBILE TELECOMMUNICATIONS CORP.,LTD ID_OUI_FROM_DATABASE=GUANGDONG OPPO MOBILE TELECOMMUNICATIONS CORP.,LTD
@ -120575,9 +120413,6 @@ OUI:B8D4C3*
OUI:B8D4E7* OUI:B8D4E7*
ID_OUI_FROM_DATABASE=Hewlett Packard Enterprise ID_OUI_FROM_DATABASE=Hewlett Packard Enterprise
OUI:B8D4F7*
ID_OUI_FROM_DATABASE=New H3C Technologies Co., Ltd
OUI:B8D50B* OUI:B8D50B*
ID_OUI_FROM_DATABASE=Sunitec Enterprise Co.,Ltd ID_OUI_FROM_DATABASE=Sunitec Enterprise Co.,Ltd
@ -122279,12 +122114,6 @@ OUI:C02C5C*
OUI:C02C7A* OUI:C02C7A*
ID_OUI_FROM_DATABASE=Shenzhen Horn Audio Co.,Ltd. ID_OUI_FROM_DATABASE=Shenzhen Horn Audio Co.,Ltd.
OUI:C02CED*
ID_OUI_FROM_DATABASE=Silicon Laboratories
OUI:C02D2E*
ID_OUI_FROM_DATABASE=China Mobile Group Device Co.,Ltd.
OUI:C02DEE* OUI:C02DEE*
ID_OUI_FROM_DATABASE=Cuff ID_OUI_FROM_DATABASE=Cuff
@ -123371,9 +123200,6 @@ OUI:C0F79D*
OUI:C0F827* OUI:C0F827*
ID_OUI_FROM_DATABASE=Rapidmax Technology Corporation ID_OUI_FROM_DATABASE=Rapidmax Technology Corporation
OUI:C0F853*
ID_OUI_FROM_DATABASE=Tuya Smart Inc.
OUI:C0F87F* OUI:C0F87F*
ID_OUI_FROM_DATABASE=Cisco Systems, Inc ID_OUI_FROM_DATABASE=Cisco Systems, Inc
@ -126542,9 +126368,6 @@ OUI:CC10A3*
OUI:CC115A* OUI:CC115A*
ID_OUI_FROM_DATABASE=Apple, Inc. ID_OUI_FROM_DATABASE=Apple, Inc.
OUI:CC1228*
ID_OUI_FROM_DATABASE=HISENSE VISUAL TECHNOLOGY CO.,LTD
OUI:CC14A6* OUI:CC14A6*
ID_OUI_FROM_DATABASE=Yichun MyEnergy Domain, Inc ID_OUI_FROM_DATABASE=Yichun MyEnergy Domain, Inc
@ -126635,9 +126458,6 @@ OUI:CC1FC4*
OUI:CC208C* OUI:CC208C*
ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD
OUI:CC20AC*
ID_OUI_FROM_DATABASE=Samsung Electronics Co.,Ltd
OUI:CC20E8* OUI:CC20E8*
ID_OUI_FROM_DATABASE=Apple, Inc. ID_OUI_FROM_DATABASE=Apple, Inc.
@ -127217,9 +127037,6 @@ OUI:CC896C*
OUI:CC89FD* OUI:CC89FD*
ID_OUI_FROM_DATABASE=Nokia Corporation ID_OUI_FROM_DATABASE=Nokia Corporation
OUI:CC8A84*
ID_OUI_FROM_DATABASE=Huawei Device Co., Ltd.
OUI:CC8C17* OUI:CC8C17*
ID_OUI_FROM_DATABASE=ITEL MOBILE LIMITED ID_OUI_FROM_DATABASE=ITEL MOBILE LIMITED
@ -127545,7 +127362,7 @@ OUI:CCCCCC*
ID_OUI_FROM_DATABASE=Silicon Laboratories ID_OUI_FROM_DATABASE=Silicon Laboratories
OUI:CCCCEA* OUI:CCCCEA*
ID_OUI_FROM_DATABASE=Phoenix Contact GmbH & Co. KG ID_OUI_FROM_DATABASE=PHOENIX CONTACT Electronics GmbH
OUI:CCCD64* OUI:CCCD64*
ID_OUI_FROM_DATABASE=SM-Electronic GmbH ID_OUI_FROM_DATABASE=SM-Electronic GmbH
@ -130956,7 +130773,7 @@ OUI:D822F4*
ID_OUI_FROM_DATABASE=Avnet Silica ID_OUI_FROM_DATABASE=Avnet Silica
OUI:D823E0* OUI:D823E0*
ID_OUI_FROM_DATABASE=SPEEDTECH CORP. JIO ID_OUI_FROM_DATABASE=SPEEDTECH CORP.
OUI:D82477* OUI:D82477*
ID_OUI_FROM_DATABASE=Universal Electric Corporation ID_OUI_FROM_DATABASE=Universal Electric Corporation
@ -131141,9 +130958,6 @@ OUI:D8490B*
OUI:D8492F* OUI:D8492F*
ID_OUI_FROM_DATABASE=CANON INC. ID_OUI_FROM_DATABASE=CANON INC.
OUI:D849BF*
ID_OUI_FROM_DATABASE=CELESTICA INC.
OUI:D84A2B* OUI:D84A2B*
ID_OUI_FROM_DATABASE=zte corporation ID_OUI_FROM_DATABASE=zte corporation
@ -131729,9 +131543,6 @@ OUI:D8C771*
OUI:D8C7C8* OUI:D8C7C8*
ID_OUI_FROM_DATABASE=Hewlett Packard Enterprise ID_OUI_FROM_DATABASE=Hewlett Packard Enterprise
OUI:D8C80C*
ID_OUI_FROM_DATABASE=Tuya Smart Inc.
OUI:D8C8E9* OUI:D8C8E9*
ID_OUI_FROM_DATABASE=Phicomm (Shanghai) Co., Ltd. ID_OUI_FROM_DATABASE=Phicomm (Shanghai) Co., Ltd.
@ -132290,9 +132101,6 @@ OUI:DC41A9*
OUI:DC41E5* OUI:DC41E5*
ID_OUI_FROM_DATABASE=Shenzhen Zhixin Data Service Co., Ltd. ID_OUI_FROM_DATABASE=Shenzhen Zhixin Data Service Co., Ltd.
OUI:DC42C8*
ID_OUI_FROM_DATABASE=Huawei Device Co., Ltd.
OUI:DC44270* OUI:DC44270*
ID_OUI_FROM_DATABASE=Suritel ID_OUI_FROM_DATABASE=Suritel
@ -133367,9 +133175,6 @@ OUI:E021FE*
OUI:E02202* OUI:E02202*
ID_OUI_FROM_DATABASE=Commscope ID_OUI_FROM_DATABASE=Commscope
OUI:E022A1*
ID_OUI_FROM_DATABASE=AltoBeam Inc.
OUI:E023D7* OUI:E023D7*
ID_OUI_FROM_DATABASE=Sleep Number ID_OUI_FROM_DATABASE=Sleep Number
@ -135608,9 +135413,6 @@ OUI:E4FC82*
OUI:E4FD45* OUI:E4FD45*
ID_OUI_FROM_DATABASE=Intel Corporate ID_OUI_FROM_DATABASE=Intel Corporate
OUI:E4FD8C*
ID_OUI_FROM_DATABASE=Extreme Networks Headquarters
OUI:E4FDA1* OUI:E4FDA1*
ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD
@ -136676,9 +136478,6 @@ OUI:E8CD2D*
OUI:E8CE06* OUI:E8CE06*
ID_OUI_FROM_DATABASE=SkyHawke Technologies, LLC. ID_OUI_FROM_DATABASE=SkyHawke Technologies, LLC.
OUI:E8CF83*
ID_OUI_FROM_DATABASE=Dell Inc.
OUI:E8D03C* OUI:E8D03C*
ID_OUI_FROM_DATABASE=Shenzhen Jingxun Software Telecommunication Technology Co.,Ltd ID_OUI_FROM_DATABASE=Shenzhen Jingxun Software Telecommunication Technology Co.,Ltd
@ -137513,30 +137312,6 @@ OUI:EC748C*
OUI:EC74BA* OUI:EC74BA*
ID_OUI_FROM_DATABASE=Hirschmann Automation and Control GmbH ID_OUI_FROM_DATABASE=Hirschmann Automation and Control GmbH
OUI:EC74CD3*
ID_OUI_FROM_DATABASE=iSolution Technologies Co.,Ltd.
OUI:EC74CD5*
ID_OUI_FROM_DATABASE=Standard Backhaul Communications
OUI:EC74CD6*
ID_OUI_FROM_DATABASE=Platypus
OUI:EC74CD8*
ID_OUI_FROM_DATABASE=TRANS AUDIO VIDEO SRL
OUI:EC74CD9*
ID_OUI_FROM_DATABASE=Sound Health Systems
OUI:EC74CDA*
ID_OUI_FROM_DATABASE=Bosch (zhuhai) Security Systems Company, Ltd.
OUI:EC74CDB*
ID_OUI_FROM_DATABASE=Hitachi Rail GTS Austria GmbH
OUI:EC74CDD*
ID_OUI_FROM_DATABASE=Shenzhen Ting-Shine Technology Co., Ltd.
OUI:EC74D7* OUI:EC74D7*
ID_OUI_FROM_DATABASE=Grandstream Networks Inc ID_OUI_FROM_DATABASE=Grandstream Networks Inc
@ -143327,9 +143102,6 @@ OUI:FCB467*
OUI:FCB4E6* OUI:FCB4E6*
ID_OUI_FROM_DATABASE=ASKEY COMPUTER CORP ID_OUI_FROM_DATABASE=ASKEY COMPUTER CORP
OUI:FCB577*
ID_OUI_FROM_DATABASE=Cortex Security Inc
OUI:FCB585* OUI:FCB585*
ID_OUI_FROM_DATABASE=Shenzhen Water World Information Co.,Ltd. ID_OUI_FROM_DATABASE=Shenzhen Water World Information Co.,Ltd.
@ -143387,9 +143159,6 @@ OUI:FCC23D*
OUI:FCC2DE* OUI:FCC2DE*
ID_OUI_FROM_DATABASE=Murata Manufacturing Co., Ltd. ID_OUI_FROM_DATABASE=Murata Manufacturing Co., Ltd.
OUI:FCC2E5*
ID_OUI_FROM_DATABASE=HOLOWITS TECHNOLOGIES CO.,LTD
OUI:FCC734* OUI:FCC734*
ID_OUI_FROM_DATABASE=Samsung Electronics Co.,Ltd ID_OUI_FROM_DATABASE=Samsung Electronics Co.,Ltd

View File

@ -2019,6 +2019,9 @@ acpi:DEL*:
acpi:DEM*: acpi:DEM*:
ID_VENDOR_FROM_DATABASE=DemoPad Software Ltd ID_VENDOR_FROM_DATABASE=DemoPad Software Ltd
acpi:DEM*:
ID_VENDOR_FROM_DATABASE=DemoPad Software Ltd
acpi:DEN*: acpi:DEN*:
ID_VENDOR_FROM_DATABASE=Densitron Computers Ltd ID_VENDOR_FROM_DATABASE=Densitron Computers Ltd

View File

@ -1,5 +1,5 @@
--- 20-acpi-vendor.hwdb.base 2024-11-15 17:16:38.971258201 +0000 --- 20-acpi-vendor.hwdb.base 2024-11-06 10:40:14.734611315 +0000
+++ 20-acpi-vendor.hwdb 2024-11-15 17:16:38.979258339 +0000 +++ 20-acpi-vendor.hwdb 2024-11-06 10:40:14.738611667 +0000
@@ -3,6 +3,8 @@ @@ -3,6 +3,8 @@
# Data imported from: # Data imported from:
# https://uefi.org/uefi-pnp-export # https://uefi.org/uefi-pnp-export
@ -137,7 +137,7 @@
acpi:COI*: acpi:COI*:
ID_VENDOR_FROM_DATABASE=Codec Inc. ID_VENDOR_FROM_DATABASE=Codec Inc.
@@ -2060,7 +2089,7 @@ @@ -2063,7 +2092,7 @@
ID_VENDOR_FROM_DATABASE=Dragon Information Technology ID_VENDOR_FROM_DATABASE=Dragon Information Technology
acpi:DJE*: acpi:DJE*:
@ -146,7 +146,7 @@
acpi:DJP*: acpi:DJP*:
ID_VENDOR_FROM_DATABASE=Maygay Machines, Ltd ID_VENDOR_FROM_DATABASE=Maygay Machines, Ltd
@@ -2413,6 +2442,9 @@ @@ -2416,6 +2445,9 @@
acpi:EIN*: acpi:EIN*:
ID_VENDOR_FROM_DATABASE=Elegant Invention ID_VENDOR_FROM_DATABASE=Elegant Invention
@ -156,7 +156,7 @@
acpi:EKA*: acpi:EKA*:
ID_VENDOR_FROM_DATABASE=MagTek Inc. ID_VENDOR_FROM_DATABASE=MagTek Inc.
@@ -2683,6 +2715,9 @@ @@ -2686,6 +2718,9 @@
acpi:FCG*: acpi:FCG*:
ID_VENDOR_FROM_DATABASE=First International Computer Ltd ID_VENDOR_FROM_DATABASE=First International Computer Ltd
@ -166,7 +166,7 @@
acpi:FCS*: acpi:FCS*:
ID_VENDOR_FROM_DATABASE=Focus Enhancements, Inc. ID_VENDOR_FROM_DATABASE=Focus Enhancements, Inc.
@@ -3059,7 +3094,7 @@ @@ -3062,7 +3097,7 @@
ID_VENDOR_FROM_DATABASE=General Standards Corporation ID_VENDOR_FROM_DATABASE=General Standards Corporation
acpi:GSM*: acpi:GSM*:
@ -175,7 +175,7 @@
acpi:GSN*: acpi:GSN*:
ID_VENDOR_FROM_DATABASE=Grandstream Networks, Inc. ID_VENDOR_FROM_DATABASE=Grandstream Networks, Inc.
@@ -3169,6 +3204,9 @@ @@ -3172,6 +3207,9 @@
acpi:HEC*: acpi:HEC*:
ID_VENDOR_FROM_DATABASE=Hisense Electric Co., Ltd. ID_VENDOR_FROM_DATABASE=Hisense Electric Co., Ltd.
@ -185,7 +185,7 @@
acpi:HEL*: acpi:HEL*:
ID_VENDOR_FROM_DATABASE=Hitachi Micro Systems Europe Ltd ID_VENDOR_FROM_DATABASE=Hitachi Micro Systems Europe Ltd
@@ -3304,6 +3342,9 @@ @@ -3307,6 +3345,9 @@
acpi:HSD*: acpi:HSD*:
ID_VENDOR_FROM_DATABASE=HannStar Display Corp ID_VENDOR_FROM_DATABASE=HannStar Display Corp
@ -195,7 +195,7 @@
acpi:HSM*: acpi:HSM*:
ID_VENDOR_FROM_DATABASE=AT&T Microelectronics ID_VENDOR_FROM_DATABASE=AT&T Microelectronics
@@ -3430,6 +3471,9 @@ @@ -3433,6 +3474,9 @@
acpi:ICI*: acpi:ICI*:
ID_VENDOR_FROM_DATABASE=Infotek Communication Inc ID_VENDOR_FROM_DATABASE=Infotek Communication Inc
@ -205,7 +205,7 @@
acpi:ICM*: acpi:ICM*:
ID_VENDOR_FROM_DATABASE=Intracom SA ID_VENDOR_FROM_DATABASE=Intracom SA
@@ -3526,6 +3570,9 @@ @@ -3529,6 +3573,9 @@
acpi:IKE*: acpi:IKE*:
ID_VENDOR_FROM_DATABASE=Ikegami Tsushinki Co. Ltd. ID_VENDOR_FROM_DATABASE=Ikegami Tsushinki Co. Ltd.
@ -215,7 +215,7 @@
acpi:IKS*: acpi:IKS*:
ID_VENDOR_FROM_DATABASE=Ikos Systems Inc ID_VENDOR_FROM_DATABASE=Ikos Systems Inc
@@ -3574,6 +3621,9 @@ @@ -3577,6 +3624,9 @@
acpi:IMX*: acpi:IMX*:
ID_VENDOR_FROM_DATABASE=arpara Technology Co., Ltd. ID_VENDOR_FROM_DATABASE=arpara Technology Co., Ltd.
@ -225,7 +225,7 @@
acpi:INA*: acpi:INA*:
ID_VENDOR_FROM_DATABASE=Inventec Corporation ID_VENDOR_FROM_DATABASE=Inventec Corporation
@@ -4102,6 +4152,9 @@ @@ -4105,6 +4155,9 @@
acpi:LAN*: acpi:LAN*:
ID_VENDOR_FROM_DATABASE=Sodeman Lancom Inc ID_VENDOR_FROM_DATABASE=Sodeman Lancom Inc
@ -235,7 +235,7 @@
acpi:LAS*: acpi:LAS*:
ID_VENDOR_FROM_DATABASE=LASAT Comm. A/S ID_VENDOR_FROM_DATABASE=LASAT Comm. A/S
@@ -4153,6 +4206,9 @@ @@ -4156,6 +4209,9 @@
acpi:LED*: acpi:LED*:
ID_VENDOR_FROM_DATABASE=Long Engineering Design Inc ID_VENDOR_FROM_DATABASE=Long Engineering Design Inc
@ -245,7 +245,7 @@
acpi:LEG*: acpi:LEG*:
ID_VENDOR_FROM_DATABASE=Legerity, Inc ID_VENDOR_FROM_DATABASE=Legerity, Inc
@@ -4171,6 +4227,9 @@ @@ -4174,6 +4230,9 @@
acpi:LGD*: acpi:LGD*:
ID_VENDOR_FROM_DATABASE=LG Display ID_VENDOR_FROM_DATABASE=LG Display
@ -255,7 +255,7 @@
acpi:LGI*: acpi:LGI*:
ID_VENDOR_FROM_DATABASE=Logitech Inc ID_VENDOR_FROM_DATABASE=Logitech Inc
@@ -4237,6 +4296,9 @@ @@ -4240,6 +4299,9 @@
acpi:LND*: acpi:LND*:
ID_VENDOR_FROM_DATABASE=Land Computer Company Ltd ID_VENDOR_FROM_DATABASE=Land Computer Company Ltd
@ -265,7 +265,7 @@
acpi:LNK*: acpi:LNK*:
ID_VENDOR_FROM_DATABASE=Link Tech Inc ID_VENDOR_FROM_DATABASE=Link Tech Inc
@@ -4271,7 +4333,7 @@ @@ -4274,7 +4336,7 @@
ID_VENDOR_FROM_DATABASE=Design Technology ID_VENDOR_FROM_DATABASE=Design Technology
acpi:LPL*: acpi:LPL*:
@ -274,7 +274,7 @@
acpi:LSC*: acpi:LSC*:
ID_VENDOR_FROM_DATABASE=LifeSize Communications ID_VENDOR_FROM_DATABASE=LifeSize Communications
@@ -4447,6 +4509,9 @@ @@ -4450,6 +4512,9 @@
acpi:MCX*: acpi:MCX*:
ID_VENDOR_FROM_DATABASE=Millson Custom Solutions Inc. ID_VENDOR_FROM_DATABASE=Millson Custom Solutions Inc.
@ -284,7 +284,7 @@
acpi:MDA*: acpi:MDA*:
ID_VENDOR_FROM_DATABASE=Media4 Inc ID_VENDOR_FROM_DATABASE=Media4 Inc
@@ -4693,6 +4758,9 @@ @@ -4696,6 +4761,9 @@
acpi:MOM*: acpi:MOM*:
ID_VENDOR_FROM_DATABASE=Momentum Data Systems ID_VENDOR_FROM_DATABASE=Momentum Data Systems
@ -294,7 +294,7 @@
acpi:MOS*: acpi:MOS*:
ID_VENDOR_FROM_DATABASE=Moses Corporation ID_VENDOR_FROM_DATABASE=Moses Corporation
@@ -4933,6 +5001,9 @@ @@ -4936,6 +5004,9 @@
acpi:NAL*: acpi:NAL*:
ID_VENDOR_FROM_DATABASE=Network Alchemy ID_VENDOR_FROM_DATABASE=Network Alchemy
@ -304,7 +304,7 @@
acpi:NAT*: acpi:NAT*:
ID_VENDOR_FROM_DATABASE=NaturalPoint Inc. ID_VENDOR_FROM_DATABASE=NaturalPoint Inc.
@@ -5473,6 +5544,9 @@ @@ -5476,6 +5547,9 @@
acpi:PCX*: acpi:PCX*:
ID_VENDOR_FROM_DATABASE=PC Xperten ID_VENDOR_FROM_DATABASE=PC Xperten
@ -314,7 +314,7 @@
acpi:PDM*: acpi:PDM*:
ID_VENDOR_FROM_DATABASE=Psion Dacom Plc. ID_VENDOR_FROM_DATABASE=Psion Dacom Plc.
@@ -5536,9 +5610,6 @@ @@ -5539,9 +5613,6 @@
acpi:PHE*: acpi:PHE*:
ID_VENDOR_FROM_DATABASE=Philips Medical Systems Boeblingen GmbH ID_VENDOR_FROM_DATABASE=Philips Medical Systems Boeblingen GmbH
@ -324,7 +324,7 @@
acpi:PHL*: acpi:PHL*:
ID_VENDOR_FROM_DATABASE=Philips Consumer Electronics Company ID_VENDOR_FROM_DATABASE=Philips Consumer Electronics Company
@@ -5629,9 +5700,6 @@ @@ -5632,9 +5703,6 @@
acpi:PNL*: acpi:PNL*:
ID_VENDOR_FROM_DATABASE=Panelview, Inc. ID_VENDOR_FROM_DATABASE=Panelview, Inc.
@ -334,7 +334,7 @@
acpi:PNR*: acpi:PNR*:
ID_VENDOR_FROM_DATABASE=Planar Systems, Inc. ID_VENDOR_FROM_DATABASE=Planar Systems, Inc.
@@ -6109,9 +6177,6 @@ @@ -6112,9 +6180,6 @@
acpi:RTI*: acpi:RTI*:
ID_VENDOR_FROM_DATABASE=Rancho Tech Inc ID_VENDOR_FROM_DATABASE=Rancho Tech Inc
@ -344,7 +344,7 @@
acpi:RTL*: acpi:RTL*:
ID_VENDOR_FROM_DATABASE=Realtek Semiconductor Company Ltd ID_VENDOR_FROM_DATABASE=Realtek Semiconductor Company Ltd
@@ -6286,9 +6351,6 @@ @@ -6289,9 +6354,6 @@
acpi:SEE*: acpi:SEE*:
ID_VENDOR_FROM_DATABASE=SeeColor Corporation ID_VENDOR_FROM_DATABASE=SeeColor Corporation
@ -354,7 +354,7 @@
acpi:SEI*: acpi:SEI*:
ID_VENDOR_FROM_DATABASE=Seitz & Associates Inc ID_VENDOR_FROM_DATABASE=Seitz & Associates Inc
@@ -6772,6 +6834,9 @@ @@ -6775,6 +6837,9 @@
acpi:SVD*: acpi:SVD*:
ID_VENDOR_FROM_DATABASE=SVD Computer ID_VENDOR_FROM_DATABASE=SVD Computer
@ -364,7 +364,7 @@
acpi:SVI*: acpi:SVI*:
ID_VENDOR_FROM_DATABASE=Sun Microsystems ID_VENDOR_FROM_DATABASE=Sun Microsystems
@@ -6856,6 +6921,9 @@ @@ -6859,6 +6924,9 @@
acpi:SZM*: acpi:SZM*:
ID_VENDOR_FROM_DATABASE=Shenzhen MTC Co., Ltd ID_VENDOR_FROM_DATABASE=Shenzhen MTC Co., Ltd
@ -374,7 +374,7 @@
acpi:TAA*: acpi:TAA*:
ID_VENDOR_FROM_DATABASE=Tandberg ID_VENDOR_FROM_DATABASE=Tandberg
@@ -6946,6 +7014,9 @@ @@ -6949,6 +7017,9 @@
acpi:TDG*: acpi:TDG*:
ID_VENDOR_FROM_DATABASE=Six15 Technologies ID_VENDOR_FROM_DATABASE=Six15 Technologies
@ -384,7 +384,7 @@
acpi:TDM*: acpi:TDM*:
ID_VENDOR_FROM_DATABASE=Tandem Computer Europe Inc ID_VENDOR_FROM_DATABASE=Tandem Computer Europe Inc
@@ -6988,6 +7059,9 @@ @@ -6991,6 +7062,9 @@
acpi:TEV*: acpi:TEV*:
ID_VENDOR_FROM_DATABASE=Televés, S.A. ID_VENDOR_FROM_DATABASE=Televés, S.A.
@ -394,7 +394,7 @@
acpi:TEZ*: acpi:TEZ*:
ID_VENDOR_FROM_DATABASE=Tech Source Inc. ID_VENDOR_FROM_DATABASE=Tech Source Inc.
@@ -7117,9 +7191,6 @@ @@ -7120,9 +7194,6 @@
acpi:TNC*: acpi:TNC*:
ID_VENDOR_FROM_DATABASE=TNC Industrial Company Ltd ID_VENDOR_FROM_DATABASE=TNC Industrial Company Ltd
@ -404,7 +404,7 @@
acpi:TNM*: acpi:TNM*:
ID_VENDOR_FROM_DATABASE=TECNIMAGEN SA ID_VENDOR_FROM_DATABASE=TECNIMAGEN SA
@@ -7429,14 +7500,14 @@ @@ -7432,14 +7503,14 @@
acpi:UNC*: acpi:UNC*:
ID_VENDOR_FROM_DATABASE=Unisys Corporation ID_VENDOR_FROM_DATABASE=Unisys Corporation
@ -425,7 +425,7 @@
acpi:UNI*: acpi:UNI*:
ID_VENDOR_FROM_DATABASE=Uniform Industry Corp. ID_VENDOR_FROM_DATABASE=Uniform Industry Corp.
@@ -7471,6 +7542,9 @@ @@ -7474,6 +7545,9 @@
acpi:USA*: acpi:USA*:
ID_VENDOR_FROM_DATABASE=Utimaco Safeware AG ID_VENDOR_FROM_DATABASE=Utimaco Safeware AG
@ -435,7 +435,7 @@
acpi:USD*: acpi:USD*:
ID_VENDOR_FROM_DATABASE=U.S. Digital Corporation ID_VENDOR_FROM_DATABASE=U.S. Digital Corporation
@@ -7732,9 +7806,6 @@ @@ -7735,9 +7809,6 @@
acpi:WAL*: acpi:WAL*:
ID_VENDOR_FROM_DATABASE=Wave Access ID_VENDOR_FROM_DATABASE=Wave Access
@ -445,7 +445,7 @@
acpi:WAV*: acpi:WAV*:
ID_VENDOR_FROM_DATABASE=Wavephore ID_VENDOR_FROM_DATABASE=Wavephore
@@ -7862,7 +7933,7 @@ @@ -7865,7 +7936,7 @@
ID_VENDOR_FROM_DATABASE=WyreStorm Technologies LLC ID_VENDOR_FROM_DATABASE=WyreStorm Technologies LLC
acpi:WYS*: acpi:WYS*:
@ -454,7 +454,7 @@
acpi:WYT*: acpi:WYT*:
ID_VENDOR_FROM_DATABASE=Wooyoung Image & Information Co.,Ltd. ID_VENDOR_FROM_DATABASE=Wooyoung Image & Information Co.,Ltd.
@@ -7876,9 +7947,6 @@ @@ -7879,9 +7950,6 @@
acpi:XDM*: acpi:XDM*:
ID_VENDOR_FROM_DATABASE=XDM Ltd. ID_VENDOR_FROM_DATABASE=XDM Ltd.
@ -464,7 +464,7 @@
acpi:XES*: acpi:XES*:
ID_VENDOR_FROM_DATABASE=Extreme Engineering Solutions, Inc. ID_VENDOR_FROM_DATABASE=Extreme Engineering Solutions, Inc.
@@ -7912,9 +7980,6 @@ @@ -7915,9 +7983,6 @@
acpi:XNT*: acpi:XNT*:
ID_VENDOR_FROM_DATABASE=XN Technologies, Inc. ID_VENDOR_FROM_DATABASE=XN Technologies, Inc.
@ -474,7 +474,7 @@
acpi:XQU*: acpi:XQU*:
ID_VENDOR_FROM_DATABASE=SHANGHAI SVA-DAV ELECTRONICS CO., LTD ID_VENDOR_FROM_DATABASE=SHANGHAI SVA-DAV ELECTRONICS CO., LTD
@@ -7981,6 +8046,9 @@ @@ -7984,6 +8049,9 @@
acpi:ZBX*: acpi:ZBX*:
ID_VENDOR_FROM_DATABASE=Zebax Technologies ID_VENDOR_FROM_DATABASE=Zebax Technologies

View File

@ -1438,11 +1438,6 @@ evdev:input:b0003v046DpC309*
KEYBOARD_KEY_c01b6=images # My Pictures (F11) KEYBOARD_KEY_c01b6=images # My Pictures (F11)
KEYBOARD_KEY_c01b7=audio # My Music (F12) KEYBOARD_KEY_c01b7=audio # My Music (F12)
# Logitech MX Keys for Mac
evdev:input:b0003v046Dp4092*
KEYBOARD_KEY_70035=102nd # '<' key
KEYBOARD_KEY_70064=grave # '^' key
########################################################### ###########################################################
# Maxdata # Maxdata
########################################################### ###########################################################

View File

@ -376,12 +376,11 @@ sensor:modalias:acpi:KIOX000A*:dmi:*:svncube:pni1-TF:*
sensor:modalias:acpi:SMO8500*:dmi:*:svncube:pni7:* sensor:modalias:acpi:SMO8500*:dmi:*:svncube:pni7:*
ACCEL_MOUNT_MATRIX=1, 0, 0; 0, -1, 0; 0, 0, 1 ACCEL_MOUNT_MATRIX=1, 0, 0; 0, -1, 0; 0, 0, 1
# Cube i7 Stylus, i7 Stylus I8L Model, i7 Book (i16) and Mix Plus (i18B/i18D) # Cube i7 Stylus, i7 Stylus I8L Model, i7 Book (i16) and Mix Plus (i18B)
sensor:modalias:acpi:KIOX000A*:dmi:*:svnCube:pni7Stylus:* sensor:modalias:acpi:KIOX000A*:dmi:*:svnCube:pni7Stylus:*
sensor:modalias:acpi:KIOX000A*:dmi:*:svnCube:pni8-L:* sensor:modalias:acpi:KIOX000A*:dmi:*:svnCube:pni8-L:*
sensor:modalias:acpi:KIOX000A*:dmi:*:svnCube:pni16:* sensor:modalias:acpi:KIOX000A*:dmi:*:svnCube:pni16:*
sensor:modalias:acpi:KIOX000A*:dmi:*:svnCube:pni18B:* sensor:modalias:acpi:KIOX000A*:dmi:*:svnCube:pni18B:*
sensor:modalias:acpi:KIOX000A*:dmi:*:svnALLDOCUBE:pni18D:*
ACCEL_MOUNT_MATRIX=-1, 0, 0; 0, 1, 0; 0, 0, 1 ACCEL_MOUNT_MATRIX=-1, 0, 0; 0, 1, 0; 0, 0, 1
# Cube iWork 10 Flagship # Cube iWork 10 Flagship
@ -953,15 +952,6 @@ sensor:modalias:acpi:MXC6655*:dmi:*:svnDefaultstring*:pnP612F:*
sensor:modalias:acpi:SMO8500*:dmi:*:svnPEAQ:pnPEAQPMMC1010MD99187:* sensor:modalias:acpi:SMO8500*:dmi:*:svnPEAQ:pnPEAQPMMC1010MD99187:*
ACCEL_MOUNT_MATRIX=-1, 0, 0; 0, 1, 0; 0, 0, 1 ACCEL_MOUNT_MATRIX=-1, 0, 0; 0, 1, 0; 0, 0, 1
#########################################
# Pine64
#########################################
# PineTab2
sensor:modalias:of:NaccelerometerT_null_Csilan,sc7a20:*
ACCEL_MOUNT_MATRIX=0, 0, -1; 1, 0, 0; 0, -1, 0
######################################### #########################################
# Pipo # Pipo
######################################### #########################################

File diff suppressed because it is too large Load Diff

View File

@ -770,6 +770,12 @@ C00000-CFFFFF (base 16) HANGZHOU ZHONGKEJIGUANG TECHNOLOGY CO., LTD
HANGZHOU Zhejiang 310018 HANGZHOU Zhejiang 310018
CN CN
2C-69-1D (hex) SPEEDTECH CORP.
400000-4FFFFF (base 16) SPEEDTECH CORP.
No. 568, Sec. 1, Minsheng N. Rd., Guishan Dist., Taoyuan City 338, Taiwan
Taoyuan 338
TW
2C-69-1D (hex) IBM 2C-69-1D (hex) IBM
800000-8FFFFF (base 16) IBM 800000-8FFFFF (base 16) IBM
9000 South Rita Rd 9000 South Rita Rd
@ -6782,30 +6788,6 @@ AC-EF-92 (hex) CEER NATIONAL AUTOMOTIVE COMPANY
Shanghai 201316 Shanghai 201316
CN CN
0C-47-A9 (hex) Shenzhen Hahappylife Innovations Electronics Technology Co.,Ltd
600000-6FFFFF (base 16) Shenzhen Hahappylife Innovations Electronics Technology Co.,Ltd
103, Bldg1, Meicheng Ind Park, No.4, Xinhe St, Maantang Community, Bantian St, Longgang Dist
Shenzhen Guangdong 518000
CN
EC-74-CD (hex) Bosch (zhuhai) Security Systems Company, Ltd.
A00000-AFFFFF (base 16) Bosch (zhuhai) Security Systems Company, Ltd.
20 Ji Chang Bei Road, Qingwan Industrial Estate, | Sanzao Town, Jinwan District
Zhuhai Guangdong 519040
CN
0C-47-A9 (hex) Shanghai Sigen New Energy Technology Co., Ltd
900000-9FFFFF (base 16) Shanghai Sigen New Energy Technology Co., Ltd
Room 514 The 5th Floor, No.175 Weizhan Road China (Shanghai) Plilot Free Trade Zone
Shanghai 201306
CN
2C-69-1D (hex) SPEEDTECH CORP. JIO
400000-4FFFFF (base 16) SPEEDTECH CORP. JIO
No. 568, Sec. 1, Minsheng N. Rd., Guishan Dist., Taoyuan City 338, Taiwan
Taoyuan 338
TW
B8-4C-87 (hex) Shenzhen Link-all Technology Co., Ltd B8-4C-87 (hex) Shenzhen Link-all Technology Co., Ltd
300000-3FFFFF (base 16) Shenzhen Link-all Technology Co., Ltd 300000-3FFFFF (base 16) Shenzhen Link-all Technology Co., Ltd
Floor 5th, Block 9th, Sunny Industrial Zone, Xili Town, Nanshan District, Shenzhen, China Floor 5th, Block 9th, Sunny Industrial Zone, Xili Town, Nanshan District, Shenzhen, China
@ -13091,18 +13073,6 @@ A00000-AFFFFF (base 16) Lens Technology (Xiangtan) Co.,Ltd
Xiangtan Hunan 411100 Xiangtan Hunan 411100
CN CN
EC-74-CD (hex) Shenzhen Ting-Shine Technology Co., Ltd.
D00000-DFFFFF (base 16) Shenzhen Ting-Shine Technology Co., Ltd.
No. 148, Huarong Road, Longhua District, Shenzhen
Shenzhen Guangdong 518083
CN
EC-74-CD (hex) iSolution Technologies Co.,Ltd.
300000-3FFFFF (base 16) iSolution Technologies Co.,Ltd.
5F,Bldg #6, Zhongguan Honghualing Industrial South Park
Shenzhen Guangdong 518055
CN
B8-4C-87 (hex) Altronix , Corp B8-4C-87 (hex) Altronix , Corp
A00000-AFFFFF (base 16) Altronix , Corp A00000-AFFFFF (base 16) Altronix , Corp
140 58th St. Bldg A, Ste 2N 140 58th St. Bldg A, Ste 2N
@ -19892,48 +19862,6 @@ AC-EF-92 (hex) JiZhiKang (Beijing) Technology Co., Ltd
Beijing 100176 Beijing 100176
CN CN
0C-47-A9 (hex) HONGKONG STONEOIM TECHNOLOGY LIMITED
300000-3FFFFF (base 16) HONGKONG STONEOIM TECHNOLOGY LIMITED
UNIT 1507C,15/F,EASTCORE 398 KWUN TONG ROAD KWUN TONG KL
hongkong hongkong 999077
HK
0C-47-A9 (hex) Annapurna labs
200000-2FFFFF (base 16) Annapurna labs
Matam Scientific Industries Center, Building 8.2
Mail box 15123 Haifa 3508409
IL
0C-47-A9 (hex) BGResearch
E00000-EFFFFF (base 16) BGResearch
5, The Business Centre, Harvard Way, Kimbolton,
Huntingdon. Cambridgeshire PE28 0NJ
GB
EC-74-CD (hex) Platypus
600000-6FFFFF (base 16) Platypus
6, Wonteo-ro 110beon-gil, Jungwon-gu
Gyeonggi-do Seongnam-si 13360
KR
EC-74-CD (hex) Sound Health Systems
900000-9FFFFF (base 16) Sound Health Systems
650B Fremont Ave #65
Los Altos CA 94024
US
EC-74-CD (hex) Hitachi Rail GTS Austria GmbH
B00000-BFFFFF (base 16) Hitachi Rail GTS Austria GmbH
Handelskai 92
Vienna 1200
AT
EC-74-CD (hex) Standard Backhaul Communications
500000-5FFFFF (base 16) Standard Backhaul Communications
333 South Highland Ave
Briarcliff Manor 10510
US
D0-14-11 (hex) P.B. Elettronica srl D0-14-11 (hex) P.B. Elettronica srl
100000-1FFFFF (base 16) P.B. Elettronica srl 100000-1FFFFF (base 16) P.B. Elettronica srl
Via Santorelli, 8 Via Santorelli, 8
@ -26531,12 +26459,6 @@ C00000-CFFFFF (base 16) Senix
0C-47-A9 (hex) Private 0C-47-A9 (hex) Private
400000-4FFFFF (base 16) Private 400000-4FFFFF (base 16) Private
0C-47-A9 (hex) Honest Networks LLC
800000-8FFFFF (base 16) Honest Networks LLC
15 Maiden LnSte 1101
New York NY 10038
US
C8-5C-E2 (hex) Fela Management AG C8-5C-E2 (hex) Fela Management AG
000000-0FFFFF (base 16) Fela Management AG 000000-0FFFFF (base 16) Fela Management AG
Basadingerstrasse 18 Basadingerstrasse 18
@ -33284,20 +33206,8 @@ C00000-CFFFFF (base 16) Annapurna labs
Mail box 15123 Haifa 3508409 Mail box 15123 Haifa 3508409
IL IL
0C-47-A9 (hex) Everon Co., Ltd.
500000-5FFFFF (base 16) Everon Co., Ltd.
3F.Pine Avenue B, 100, Eulji-ro, Jung-gu
Seoul 04551
KR
0C-47-A9 (hex) Shenzhen Hebang Electronic Co., Ltd 0C-47-A9 (hex) Shenzhen Hebang Electronic Co., Ltd
B00000-BFFFFF (base 16) Shenzhen Hebang Electronic Co., Ltd B00000-BFFFFF (base 16) Shenzhen Hebang Electronic Co., Ltd
2nd Floor West, Bldg B, Kelunte Low Carbon Industry Park, Huarong Road, Dalang, Longhua District 2nd Floor West, Bldg B, Kelunte Low Carbon Industry Park, Huarong Road, Dalang, Longhua District
Shenzhen 518000 Shenzhen 518000
CN CN
EC-74-CD (hex) TRANS AUDIO VIDEO SRL
800000-8FFFFF (base 16) TRANS AUDIO VIDEO SRL
Viale Melvin Jones 12
Caserta CE 81100
IT

View File

@ -7457,24 +7457,6 @@ D04000-D04FFF (base 16) Plenty Unlimited Inc
HongKong 999077 HongKong 999077
HK HK
8C-1F-64 (hex) KRYFS TECHNOLOGIES PRIVATE LIMITED
206000-206FFF (base 16) KRYFS TECHNOLOGIES PRIVATE LIMITED
SURVEY NO 231 KHERDI MAIN ROAD NEAR HPCL KHERDI SILVASSA
SILVASSA DADRA AND NAGAR HAVELI 396230
IN
8C-1F-64 (hex) Matrixspace
806000-806FFF (base 16) Matrixspace
1721 Moon Lake BlvdSTE 200
Hoffman Estates IL 60169
US
8C-1F-64 (hex) ENERGY POWER PRODUCTS LIMITED
41B000-41BFFF (base 16) ENERGY POWER PRODUCTS LIMITED
7/F, Room 701, Lucky Centre, 165-171, Wanchai Road
Wanchai 000000
HK
8C-1F-64 (hex) Jacobs Technology, Inc. 8C-1F-64 (hex) Jacobs Technology, Inc.
A98000-A98FFF (base 16) Jacobs Technology, Inc. A98000-A98FFF (base 16) Jacobs Technology, Inc.
7765 Old Telegraph Road 7765 Old Telegraph Road
@ -22379,12 +22361,6 @@ A8C000-A8CFFF (base 16) Elektronik Art
Lublin Lublin 20234 Lublin Lublin 20234
PL PL
8C-1F-64 (hex) Anduril Imaging
763000-763FFF (base 16) Anduril Imaging
83 Hartwell Ave
Lexington MA 02421
US
8C-1F-64 (hex) Wuhan YiValley Opto-electric technology Co.,Ltd 8C-1F-64 (hex) Wuhan YiValley Opto-electric technology Co.,Ltd
175000-175FFF (base 16) Wuhan YiValley Opto-electric technology Co.,Ltd 175000-175FFF (base 16) Wuhan YiValley Opto-electric technology Co.,Ltd
A104,1st stage Juxian Building, Hongshan internatinoal enterprise center A104,1st stage Juxian Building, Hongshan internatinoal enterprise center
@ -22403,6 +22379,12 @@ C60000-C60FFF (base 16) Intelligent Security Systems (ISS)
Woodbridge NJ 07095 Woodbridge NJ 07095
US US
8C-1F-64 (hex) Anduril Imaging
763000-763FFF (base 16) Anduril Imaging
83 Hartwell Ave
Lexington MA 02421
US
8C-1F-64 (hex) Flow Power 8C-1F-64 (hex) Flow Power
82B000-82BFFF (base 16) Flow Power 82B000-82BFFF (base 16) Flow Power
Suite 2, Level 3, 18 - 20 York St Suite 2, Level 3, 18 - 20 York St
@ -29903,42 +29885,12 @@ BA7000-BA7FFF (base 16) iLensys Technologies PVT LTD
Thiruvananthapuram KERALA 695014 Thiruvananthapuram KERALA 695014
IN IN
8C-1F-64 (hex) Potter Electric Signal Company
FDF000-FDFFFF (base 16) Potter Electric Signal Company
5757 Phantom Drive
Hazelwood MO 63042
US
8C-1F-64 (hex) Hurry-tech 8C-1F-64 (hex) Hurry-tech
F19000-F19FFF (base 16) Hurry-tech F19000-F19FFF (base 16) Hurry-tech
Greenland Central Plaza ,Building 1 of Yard 9,Room 601 Greenland Central Plaza ,Building 1 of Yard 9,Room 601
Beijing Beijing 100089 Beijing Beijing 100089
CN CN
8C-1F-64 (hex) Transit Solutions, LLC.
1BC000-1BCFFF (base 16) Transit Solutions, LLC.
114 West Grandview Avenue
Zelienople PA 16063
US
8C-1F-64 (hex) Ceranext Ltd
394000-394FFF (base 16) Ceranext Ltd
25-27 Demostheni Severi ,Metropolis Tower,Building B',1080 Cyprus
Nicosia 1080
CY
8C-1F-64 (hex) SiFive Inc
E88000-E88FFF (base 16) SiFive Inc
2625 Augustine DriveSuite 101
Santa Clara CA 95054
US
8C-1F-64 (hex) Makel Elektrik Malzemeleri A.Ş.
9B8000-9B8FFF (base 16) Makel Elektrik Malzemeleri A.Ş.
Osmangazi Mah.Mareşal Fevzi Çakmak Cad. No:38 KIRAÇ / Esenyurt
ESENYURT İstanbul 34522
TR
8C-1F-64 (hex) Mobileye 8C-1F-64 (hex) Mobileye
D63000-D63FFF (base 16) Mobileye D63000-D63FFF (base 16) Mobileye
13 Hartom st. 13 Hartom st.
@ -37342,9 +37294,3 @@ BD9000-BD9FFF (base 16) WATTS
C. Valportillo Segunda, 8 bis C. Valportillo Segunda, 8 bis
Alcobendas Madrid 28108 Alcobendas Madrid 28108
ES ES
8C-1F-64 (hex) Mediana Co., Ltd.
159000-159FFF (base 16) Mediana Co., Ltd.
132, Donghwagongdan-ro, Munmak-eup
Wonju-si Gangwon-do 26365
KR

View File

@ -2540,6 +2540,7 @@ AVARRO,RRO,08/07/2023
"LUMINO Licht Elektronik GmbH",LLT,11/07/2023 "LUMINO Licht Elektronik GmbH",LLT,11/07/2023
"Reonel Oy",RNL,01/04/2024 "Reonel Oy",RNL,01/04/2024
DemoPad Software Ltd,DEM,01/04/2024 DemoPad Software Ltd,DEM,01/04/2024
DemoPad Software Ltd,DEM,01/04/2024
"TeamViewer Germany GmbH",TMV,01/04/2024 "TeamViewer Germany GmbH",TMV,01/04/2024
"Pixio USA",PXO,02/14/2024 "Pixio USA",PXO,02/14/2024
"ELARABY COMPANY FOR ENGINEERING INDUSTRIES",EEI,02/14/2024 "ELARABY COMPANY FOR ENGINEERING INDUSTRIES",EEI,02/14/2024

1 Company PNP ID Approved On Date
2540 LUMINO Licht Elektronik GmbH LLT 11/07/2023
2541 Reonel Oy RNL 01/04/2024
2542 DemoPad Software Ltd DEM 01/04/2024
2543 DemoPad Software Ltd DEM 01/04/2024
2544 TeamViewer Germany GmbH TMV 01/04/2024
2545 Pixio USA PXO 02/14/2024
2546 ELARABY COMPANY FOR ENGINEERING INDUSTRIES EEI 02/14/2024

View File

@ -421,7 +421,7 @@
<term><varname>rd.systemd.verity=</varname></term> <term><varname>rd.systemd.verity=</varname></term>
<term><varname>systemd.verity_root_data=</varname></term> <term><varname>systemd.verity_root_data=</varname></term>
<term><varname>systemd.verity_root_hash=</varname></term> <term><varname>systemd.verity_root_hash=</varname></term>
<term><varname>systemd.verity_root_options=</varname></term> <term><varname>systemd.verity.root_options=</varname></term>
<term><varname>usrhash=</varname></term> <term><varname>usrhash=</varname></term>
<term><varname>systemd.verity_usr_data=</varname></term> <term><varname>systemd.verity_usr_data=</varname></term>
<term><varname>systemd.verity_usr_hash=</varname></term> <term><varname>systemd.verity_usr_hash=</varname></term>

View File

@ -265,11 +265,32 @@
</refsect1> </refsect1>
<refsect1> <refsect1>
<title>Unlocking</title> <title>Options</title>
<para>The following options are understood that may be used to unlock the device in preparation of the enrollment operations:</para> <para>The following options are understood:</para>
<variablelist> <variablelist>
<varlistentry>
<term><option>--password</option></term>
<listitem><para>Enroll a regular password/passphrase. This command is mostly equivalent to
<command>cryptsetup luksAddKey</command>, however may be combined with
<option>--wipe-slot=</option> in one call, see below.</para>
<xi:include href="version-info.xml" xpointer="v248"/></listitem>
</varlistentry>
<varlistentry>
<term><option>--recovery-key</option></term>
<listitem><para>Enroll a recovery key. Recovery keys are mostly identical to passphrases, but are
computer-generated instead of being chosen by a human, and thus have a guaranteed high entropy. The
key uses a character set that is easy to type in, and may be scanned off screen via a QR code.
</para>
<xi:include href="version-info.xml" xpointer="v248"/></listitem>
</varlistentry>
<varlistentry> <varlistentry>
<term><option>--unlock-key-file=<replaceable>PATH</replaceable></option></term> <term><option>--unlock-key-file=<replaceable>PATH</replaceable></option></term>
@ -307,45 +328,7 @@
<xi:include href="version-info.xml" xpointer="v256"/></listitem> <xi:include href="version-info.xml" xpointer="v256"/></listitem>
</varlistentry> </varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>Simple Enrollment</title>
<para>The following options are understood that may be used to enroll simple user input based
unlocking:</para>
<variablelist>
<varlistentry>
<term><option>--password</option></term>
<listitem><para>Enroll a regular password/passphrase. This command is mostly equivalent to
<command>cryptsetup luksAddKey</command>, however may be combined with
<option>--wipe-slot=</option> in one call, see below.</para>
<xi:include href="version-info.xml" xpointer="v248"/></listitem>
</varlistentry>
<varlistentry>
<term><option>--recovery-key</option></term>
<listitem><para>Enroll a recovery key. Recovery keys are mostly identical to passphrases, but are
computer-generated instead of being chosen by a human, and thus have a guaranteed high entropy. The
key uses a character set that is easy to type in, and may be scanned off screen via a QR code.
</para>
<xi:include href="version-info.xml" xpointer="v248"/></listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>PKCS#11 Enrollment</title>
<para>The following option is understood that may be used to enroll PKCS#11 tokens:</para>
<variablelist>
<varlistentry> <varlistentry>
<term><option>--pkcs11-token-uri=<replaceable>URI</replaceable></option></term> <term><option>--pkcs11-token-uri=<replaceable>URI</replaceable></option></term>
@ -378,15 +361,7 @@
<xi:include href="version-info.xml" xpointer="v248"/></listitem> <xi:include href="version-info.xml" xpointer="v248"/></listitem>
</varlistentry> </varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>FIDO2 Enrollment</title>
<para>The following options are understood that may be used to enroll PKCS#11 tokens:</para>
<variablelist>
<varlistentry> <varlistentry>
<term><option>--fido2-credential-algorithm=<replaceable>STRING</replaceable></option></term> <term><option>--fido2-credential-algorithm=<replaceable>STRING</replaceable></option></term>
<listitem><para>Specify COSE algorithm used in credential generation. The default value is <listitem><para>Specify COSE algorithm used in credential generation. The default value is
@ -486,15 +461,7 @@
<xi:include href="version-info.xml" xpointer="v249"/></listitem> <xi:include href="version-info.xml" xpointer="v249"/></listitem>
</varlistentry> </varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>TPM2 Enrollment</title>
<para>The following options are understood that may be used to enroll TPM2 devices:</para>
<variablelist>
<varlistentry> <varlistentry>
<term><option>--tpm2-device=<replaceable>PATH</replaceable></option></term> <term><option>--tpm2-device=<replaceable>PATH</replaceable></option></term>
@ -669,15 +636,7 @@
<xi:include href="version-info.xml" xpointer="v255"/></listitem> <xi:include href="version-info.xml" xpointer="v255"/></listitem>
</varlistentry> </varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>Other Options</title>
<para>The following additional options are understood:</para>
<variablelist>
<varlistentry> <varlistentry>
<term><option>--wipe-slot=<replaceable>SLOT<optional>,SLOT...</optional></replaceable></option></term> <term><option>--wipe-slot=<replaceable>SLOT<optional>,SLOT...</optional></replaceable></option></term>

View File

@ -85,6 +85,7 @@
<xi:include href="version-info.xml" xpointer="v257"/></listitem> <xi:include href="version-info.xml" xpointer="v257"/></listitem>
</varlistentry> </varlistentry>
<xi:include href="standard-options.xml" xpointer="no-pager"/>
<xi:include href="standard-options.xml" xpointer="help"/> <xi:include href="standard-options.xml" xpointer="help"/>
<xi:include href="standard-options.xml" xpointer="version"/> <xi:include href="standard-options.xml" xpointer="version"/>
</variablelist> </variablelist>

View File

@ -1286,21 +1286,21 @@ DuplicateAddressDetection=none</programlisting></para>
<varlistentry> <varlistentry>
<term><varname>KeepConfiguration=</varname></term> <term><varname>KeepConfiguration=</varname></term>
<listitem> <listitem>
<para>Takes a boolean or one of <literal>static</literal>, <literal>dynamic-on-stop</literal>, and <para>Takes a boolean or one of <literal>static</literal>, <literal>dhcp-on-stop</literal>,
<literal>dynamic</literal>. When <literal>static</literal>, <command>systemd-networkd</command> <literal>dhcp</literal>. When <literal>static</literal>, <command>systemd-networkd</command>
will not drop statically configured addresses and routes on starting up process. When will not drop static addresses and routes on starting up process. When set to
<literal>dynamic-on-stop</literal>, the dynamically configurad addresses and routes, such as <literal>dhcp-on-stop</literal>, <command>systemd-networkd</command> will not drop addresses
DHCPv4, DHCPv6, SLAAC, and IPv4 link-local address, will not be dropped when and routes on stopping the daemon. When <literal>dhcp</literal>,
<command>systemd-networkd</command> is being stopped. When <literal>dynamic</literal>, the the addresses and routes provided by a DHCP server will never be dropped even if the DHCP
dynamically configured addresses and routes will never be dropped, and the lifetime of DHCPv4 lease expires. This is contrary to the DHCP specification, but may be the best choice if,
leases will be ignored. This is contrary to the DHCP specification, but may be the best choice if, e.g., the root filesystem relies on this connection. The setting <literal>dhcp</literal>
e.g., the root filesystem relies on this connection. The setting <literal>dynamic</literal> implies implies <literal>dhcp-on-stop</literal>, and <literal>yes</literal> implies
<literal>dynamic-on-stop</literal>, and <literal>yes</literal> implies <literal>dynamic</literal> <literal>dhcp</literal> and <literal>static</literal>. Defaults to
and <literal>static</literal>. Defaults to <literal>dynamic-on-stop</literal> when <literal>dhcp-on-stop</literal> when <command>systemd-networkd</command> is running in
<command>systemd-networkd</command> is running in initrd, <literal>yes</literal> when the root initrd, <literal>yes</literal> when the root filesystem is a network filesystem, and
filesystem is a network filesystem, and <literal>no</literal> otherwise.</para> <literal>no</literal> otherwise.</para>
<xi:include href="version-info.xml" xpointer="v257"/> <xi:include href="version-info.xml" xpointer="v243"/>
</listitem> </listitem>
</varlistentry> </varlistentry>
</variablelist> </variablelist>

View File

@ -81,7 +81,4 @@
<para id="v255">Added in version 255.</para> <para id="v255">Added in version 255.</para>
<para id="v256">Added in version 256.</para> <para id="v256">Added in version 256.</para>
<para id="v257">Added in version 257.</para> <para id="v257">Added in version 257.</para>
<para id="v258">Added in version 258.</para>
<para id="v259">Added in version 259.</para>
<para id="v260">Added in version 260.</para>
</refsect1> </refsect1>

View File

@ -2674,14 +2674,6 @@ endif
##################################################################### #####################################################################
ukify_depends = []
foreach executable : ['systemd-measure', 'systemd-sbsign', 'systemd-keyutil']
if executable in executables_by_name
ukify_depends += [executables_by_name[executable]]
endif
endforeach
ukify = custom_target( ukify = custom_target(
'ukify', 'ukify',
input : 'src/ukify/ukify.py', input : 'src/ukify/ukify.py',
@ -2689,7 +2681,6 @@ ukify = custom_target(
command : [jinja2_cmdline, '@INPUT@', '@OUTPUT@'], command : [jinja2_cmdline, '@INPUT@', '@OUTPUT@'],
install : want_ukify, install : want_ukify,
install_mode : 'rwxr-xr-x', install_mode : 'rwxr-xr-x',
depends : ukify_depends,
install_dir : bindir) install_dir : bindir)
if want_ukify if want_ukify
public_programs += ukify public_programs += ukify
@ -2709,7 +2700,7 @@ endif
mkosi_depends = public_programs mkosi_depends = public_programs
foreach executable : ['systemd-journal-remote', 'systemd-sbsign', 'systemd-keyutil'] foreach executable : ['systemd-journal-remote', 'systemd-measure', 'systemd-sbsign', 'systemd-keyutil']
if executable in executables_by_name if executable in executables_by_name
mkosi_depends += [executables_by_name[executable]] mkosi_depends += [executables_by_name[executable]]
endif endif

View File

@ -1 +1 @@
257~rc2 257~rc1

View File

@ -7,3 +7,4 @@ ToolsTreePackages=
meson meson
mypy mypy
pkgconf pkgconf
ruff

View File

@ -10,6 +10,5 @@ ToolsTreePackages=
libmicrohttpd libmicrohttpd
python-jinja python-jinja
python-pytest python-pytest
ruff
tpm2-tss tpm2-tss
util-linux-libs util-linux-libs

View File

@ -13,6 +13,6 @@ ToolsTreePackages=
pkgconfig(fdisk) pkgconfig(fdisk)
pkgconfig(libmicrohttpd) pkgconfig(libmicrohttpd)
pkgconfig(mount) pkgconfig(mount)
tpm2-tss-devel tss2-devel
python3-jinja2 python3-jinja2
python3-pytest python3-pytest

View File

@ -1,8 +0,0 @@
# SPDX-License-Identifier: LGPL-2.1-or-later
[Match]
ToolsTreeDistribution=fedora
[Build]
ToolsTreePackages=
ruff

View File

@ -12,7 +12,6 @@ ToolsTreePackages=
pkgconfig(fdisk) pkgconfig(fdisk)
pkgconfig(libmicrohttpd) pkgconfig(libmicrohttpd)
pkgconfig(mount) pkgconfig(mount)
python3-ruff
tss2-devel tss2-devel
python3-jinja2 python3-jinja2
python3-pytest python3-pytest

View File

@ -1,7 +0,0 @@
#!/bin/bash
# SPDX-License-Identifier: LGPL-2.1-or-later
set -e
if [[ "$1" == "clangd" ]]; then
exec "$@"
fi

View File

@ -2,6 +2,10 @@
# SPDX-License-Identifier: LGPL-2.1-or-later # SPDX-License-Identifier: LGPL-2.1-or-later
set -e set -e
if [[ "$1" == "clangd" ]]; then
exec "$@"
fi
if [[ ! -f "pkg/$PKG_SUBDIR/PKGBUILD" ]]; then if [[ ! -f "pkg/$PKG_SUBDIR/PKGBUILD" ]]; then
echo "PKGBUILD not found at pkg/$PKG_SUBDIR/PKGBUILD, run mkosi once with -ff to make sure the PKGBUILD is cloned" >&2 echo "PKGBUILD not found at pkg/$PKG_SUBDIR/PKGBUILD, run mkosi once with -ff to make sure the PKGBUILD is cloned" >&2
exit 1 exit 1

View File

@ -7,7 +7,7 @@ Distribution=arch
Environment= Environment=
GIT_URL=https://gitlab.archlinux.org/archlinux/packaging/packages/systemd.git GIT_URL=https://gitlab.archlinux.org/archlinux/packaging/packages/systemd.git
GIT_BRANCH=main GIT_BRANCH=main
GIT_COMMIT=29a73017cd380cd8db070dbd560e229d523b3c79 GIT_COMMIT=62c224b60ca150627be58ca2da50f47cc0a5793c
PKG_SUBDIR=arch PKG_SUBDIR=arch
[Content] [Content]

View File

@ -8,7 +8,7 @@ Distribution=|fedora
Environment= Environment=
GIT_URL=https://src.fedoraproject.org/rpms/systemd.git GIT_URL=https://src.fedoraproject.org/rpms/systemd.git
GIT_BRANCH=rawhide GIT_BRANCH=rawhide
GIT_COMMIT=7bd1d09f7fd16d20a041de0eb9af7cc8dbef6a99 GIT_COMMIT=e42eed4afd6267cd954d393d8eec79e0e7573de0
PKG_SUBDIR=fedora PKG_SUBDIR=fedora
[Content] [Content]

View File

@ -9,7 +9,7 @@ Environment=
GIT_URL=https://salsa.debian.org/systemd-team/systemd.git GIT_URL=https://salsa.debian.org/systemd-team/systemd.git
GIT_SUBDIR=debian GIT_SUBDIR=debian
GIT_BRANCH=debian/master GIT_BRANCH=debian/master
GIT_COMMIT=51cd22f3684725a1b199012555e7378f2f468c16 GIT_COMMIT=2f288667e0f5eeba19b14d24b621baef2aa413e1
PKG_SUBDIR=debian PKG_SUBDIR=debian
[Content] [Content]

View File

@ -15,7 +15,7 @@ msgid ""
msgstr "" msgstr ""
"Report-Msgid-Bugs-To: \n" "Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2024-11-06 14:42+0000\n" "POT-Creation-Date: 2024-11-06 14:42+0000\n"
"PO-Revision-Date: 2024-11-17 15:48+0000\n" "PO-Revision-Date: 2024-11-09 20:13+0000\n"
"Last-Translator: Weblate Translation Memory <noreply-mt-weblate-translation-" "Last-Translator: Weblate Translation Memory <noreply-mt-weblate-translation-"
"memory@weblate.org>\n" "memory@weblate.org>\n"
"Language-Team: German <https://translate.fedoraproject.org/projects/systemd/" "Language-Team: German <https://translate.fedoraproject.org/projects/systemd/"
@ -187,11 +187,9 @@ msgstr ""
"benötigte Speichermedium oder Dateisystem ein." "benötigte Speichermedium oder Dateisystem ein."
#: src/home/pam_systemd_home.c:298 #: src/home/pam_systemd_home.c:298
#, c-format #, fuzzy, c-format
msgid "Too frequent login attempts for user %s, try again later." msgid "Too frequent login attempts for user %s, try again later."
msgstr "" msgstr "Zu häufige Loginversuche für %s. Bitte später erneut probieren."
"Zu viele Anmeldeversuche für Benutzer %s, versuchen Sie es später noch "
"einmal."
#: src/home/pam_systemd_home.c:310 #: src/home/pam_systemd_home.c:310
msgid "Password: " msgid "Password: "
@ -1191,16 +1189,18 @@ msgid "Subscribe query results"
msgstr "Abfrageergebnisse abonnieren" msgstr "Abfrageergebnisse abonnieren"
#: src/resolve/org.freedesktop.resolve1.policy:144 #: src/resolve/org.freedesktop.resolve1.policy:144
#, fuzzy
msgid "Authentication is required to subscribe query results." msgid "Authentication is required to subscribe query results."
msgstr "Legitimierung ist zum Abonnieren von Abfrageergebnissen erforderlich." msgstr "Legitimierung ist zum Versetzen des Systems in Bereitschaft notwendig."
#: src/resolve/org.freedesktop.resolve1.policy:154 #: src/resolve/org.freedesktop.resolve1.policy:154
msgid "Dump cache" msgid "Dump cache"
msgstr "" msgstr ""
#: src/resolve/org.freedesktop.resolve1.policy:155 #: src/resolve/org.freedesktop.resolve1.policy:155
#, fuzzy
msgid "Authentication is required to dump cache." msgid "Authentication is required to dump cache."
msgstr "" msgstr "Legitimierung ist zum Festlegen von Domains notwendig."
#: src/resolve/org.freedesktop.resolve1.policy:165 #: src/resolve/org.freedesktop.resolve1.policy:165
msgid "Dump server state" msgid "Dump server state"
@ -1248,21 +1248,20 @@ msgid "Install specific system version"
msgstr "Spezifische Systemversion installieren" msgstr "Spezifische Systemversion installieren"
#: src/sysupdate/org.freedesktop.sysupdate1.policy:56 #: src/sysupdate/org.freedesktop.sysupdate1.policy:56
#, fuzzy
msgid "" msgid ""
"Authentication is required to update the system to a specific (possibly old) " "Authentication is required to update the system to a specific (possibly old) "
"version." "version."
msgstr "" msgstr "Legitimierung ist zum Festlegen der Systemzeitzone notwendig."
"Legitimierung ist zum Aktualisieren des Systems auf eine bestimmte ("
"möglicherweise alte) Version erforderlich."
#: src/sysupdate/org.freedesktop.sysupdate1.policy:65 #: src/sysupdate/org.freedesktop.sysupdate1.policy:65
msgid "Cleanup old system updates" msgid "Cleanup old system updates"
msgstr "Alte Systemaktualisierungen bereinigen" msgstr "Alte Systemaktualisierungen bereinigen"
#: src/sysupdate/org.freedesktop.sysupdate1.policy:66 #: src/sysupdate/org.freedesktop.sysupdate1.policy:66
#, fuzzy
msgid "Authentication is required to cleanup old system updates." msgid "Authentication is required to cleanup old system updates."
msgstr "" msgstr "Legitimierung ist zum Festlegen der Systemzeit notwendig."
"Legitimierung ist zum Bereinigen alter Systemaktualisierungen erforderlich."
#: src/sysupdate/org.freedesktop.sysupdate1.policy:75 #: src/sysupdate/org.freedesktop.sysupdate1.policy:75
msgid "Manage optional features" msgid "Manage optional features"
@ -1270,8 +1269,11 @@ msgstr "Optionale Funktionen verwalten"
# https://www.freedesktop.org/software/systemd/man/sd-login.html # https://www.freedesktop.org/software/systemd/man/sd-login.html
#: src/sysupdate/org.freedesktop.sysupdate1.policy:76 #: src/sysupdate/org.freedesktop.sysupdate1.policy:76
#, fuzzy
msgid "Authentication is required to manage optional features" msgid "Authentication is required to manage optional features"
msgstr "Legitimierung ist zur Verwaltung optionaler Funktionen erforderlich" msgstr ""
"Legitimierung ist zur Verwaltung aktiver Sitzungen, Benutzern und "
"Arbeitsstationen notwendig."
#: src/timedate/org.freedesktop.timedate1.policy:22 #: src/timedate/org.freedesktop.timedate1.policy:22
msgid "Set system time" msgid "Set system time"

View File

@ -3,13 +3,12 @@
# Finnish translation of systemd. # Finnish translation of systemd.
# Jan Kuparinen <copper_fin@hotmail.com>, 2021, 2022, 2023. # Jan Kuparinen <copper_fin@hotmail.com>, 2021, 2022, 2023.
# Ricky Tigg <ricky.tigg@gmail.com>, 2022, 2024. # Ricky Tigg <ricky.tigg@gmail.com>, 2022, 2024.
# Jiri Grönroos <jiri.gronroos@iki.fi>, 2024.
msgid "" msgid ""
msgstr "" msgstr ""
"Report-Msgid-Bugs-To: \n" "Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2024-11-06 14:42+0000\n" "POT-Creation-Date: 2024-11-06 14:42+0000\n"
"PO-Revision-Date: 2024-11-20 19:13+0000\n" "PO-Revision-Date: 2024-09-12 13:43+0000\n"
"Last-Translator: Jiri Grönroos <jiri.gronroos@iki.fi>\n" "Last-Translator: Ricky Tigg <ricky.tigg@gmail.com>\n"
"Language-Team: Finnish <https://translate.fedoraproject.org/projects/systemd/" "Language-Team: Finnish <https://translate.fedoraproject.org/projects/systemd/"
"main/fi/>\n" "main/fi/>\n"
"Language: fi\n" "Language: fi\n"
@ -17,7 +16,7 @@ msgstr ""
"Content-Type: text/plain; charset=UTF-8\n" "Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n" "Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=n != 1;\n" "Plural-Forms: nplurals=2; plural=n != 1;\n"
"X-Generator: Weblate 5.8.2\n" "X-Generator: Weblate 5.7.2\n"
#: src/core/org.freedesktop.systemd1.policy.in:22 #: src/core/org.freedesktop.systemd1.policy.in:22
msgid "Send passphrase back to system" msgid "Send passphrase back to system"
@ -113,12 +112,14 @@ msgid "Authentication is required to update a user's home area."
msgstr "Todennus vaaditaan käyttäjän kotialueen päivittämiseksi." msgstr "Todennus vaaditaan käyttäjän kotialueen päivittämiseksi."
#: src/home/org.freedesktop.home1.policy:53 #: src/home/org.freedesktop.home1.policy:53
#, fuzzy
msgid "Update your home area" msgid "Update your home area"
msgstr "Päivitä kotialue" msgstr "Päivitä kotialue"
#: src/home/org.freedesktop.home1.policy:54 #: src/home/org.freedesktop.home1.policy:54
#, fuzzy
msgid "Authentication is required to update your home area." msgid "Authentication is required to update your home area."
msgstr "Todennus vaaditaan kotialueen päivittämiseksi." msgstr "Todennus vaaditaan käyttäjän kotialueen päivittämiseksi."
#: src/home/org.freedesktop.home1.policy:63 #: src/home/org.freedesktop.home1.policy:63
msgid "Resize a home area" msgid "Resize a home area"
@ -1173,11 +1174,14 @@ msgstr "Todennus vaaditaan vanhojen järjestelmäpäivitysten puhdistamiseen."
#: src/sysupdate/org.freedesktop.sysupdate1.policy:75 #: src/sysupdate/org.freedesktop.sysupdate1.policy:75
msgid "Manage optional features" msgid "Manage optional features"
msgstr "Hallitse valinnaisia ominaisuuksia" msgstr ""
#: src/sysupdate/org.freedesktop.sysupdate1.policy:76 #: src/sysupdate/org.freedesktop.sysupdate1.policy:76
#, fuzzy
msgid "Authentication is required to manage optional features" msgid "Authentication is required to manage optional features"
msgstr "Todennus vaaditaan valinnaisten ominaisuuksien hallintaan" msgstr ""
"Todennus vaaditaan aktiivisten istuntojen, käyttäjien ja paikkojen "
"hallintaan."
#: src/timedate/org.freedesktop.timedate1.policy:22 #: src/timedate/org.freedesktop.timedate1.policy:22
msgid "Set system time" msgid "Set system time"

View File

@ -12,7 +12,7 @@ msgid ""
msgstr "" msgstr ""
"Report-Msgid-Bugs-To: \n" "Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2024-11-06 14:42+0000\n" "POT-Creation-Date: 2024-11-06 14:42+0000\n"
"PO-Revision-Date: 2024-11-20 19:13+0000\n" "PO-Revision-Date: 2024-11-07 09:30+0000\n"
"Last-Translator: Léane GRASSER <leane.grasser@proton.me>\n" "Last-Translator: Léane GRASSER <leane.grasser@proton.me>\n"
"Language-Team: French <https://translate.fedoraproject.org/projects/systemd/" "Language-Team: French <https://translate.fedoraproject.org/projects/systemd/"
"main/fr/>\n" "main/fr/>\n"
@ -360,8 +360,8 @@ msgid ""
"Authentication is required to set the statically configured local hostname, " "Authentication is required to set the statically configured local hostname, "
"as well as the pretty hostname." "as well as the pretty hostname."
msgstr "" msgstr ""
"Une authentification est requise pour définir le nom d'hôte local configuré " "Une authentification est requise pour définir le nom d'hôte local de manière "
"de manière statique, ainsi que le nom d'hôte convivial." "statique, ainsi que le nom d'hôte familier."
#: src/hostname/org.freedesktop.hostname1.policy:41 #: src/hostname/org.freedesktop.hostname1.policy:41
msgid "Set machine information" msgid "Set machine information"

114
po/he.po
View File

@ -1,22 +1,22 @@
# SPDX-License-Identifier: LGPL-2.1-or-later # SPDX-License-Identifier: LGPL-2.1-or-later
# #
# Yaron Shahrabani <sh.yaron@gmail.com>, 2023, 2024. # Yaron Shahrabani <sh.yaron@gmail.com>, 2023.
msgid "" msgid ""
msgstr "" msgstr ""
"Project-Id-Version: systemd\n" "Project-Id-Version: systemd\n"
"Report-Msgid-Bugs-To: \n" "Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2024-11-06 14:42+0000\n" "POT-Creation-Date: 2024-11-06 14:42+0000\n"
"PO-Revision-Date: 2024-11-19 07:38+0000\n" "PO-Revision-Date: 2023-11-22 00:01+0000\n"
"Last-Translator: Yaron Shahrabani <sh.yaron@gmail.com>\n" "Last-Translator: Yaron Shahrabani <sh.yaron@gmail.com>\n"
"Language-Team: Hebrew <https://translate.fedoraproject.org/projects/systemd/" "Language-Team: Hebrew <https://translate.fedoraproject.org/projects/systemd/"
"main/he/>\n" "master/he/>\n"
"Language: he\n" "Language: he\n"
"MIME-Version: 1.0\n" "MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n" "Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n" "Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=4; plural=(n == 1) ? 0 : ((n == 2) ? 1 : ((n > 10 && " "Plural-Forms: nplurals=4; plural=(n == 1) ? 0 : ((n == 2) ? 1 : ((n > 10 && "
"n % 10 == 0) ? 2 : 3));\n" "n % 10 == 0) ? 2 : 3));\n"
"X-Generator: Weblate 5.8.2\n" "X-Generator: Weblate 5.2\n"
#: src/core/org.freedesktop.systemd1.policy.in:22 #: src/core/org.freedesktop.systemd1.policy.in:22
msgid "Send passphrase back to system" msgid "Send passphrase back to system"
@ -106,12 +106,14 @@ msgid "Authentication is required to update a user's home area."
msgstr "נדרש אימות כדי לעדכן אזור בית למשתמש." msgstr "נדרש אימות כדי לעדכן אזור בית למשתמש."
#: src/home/org.freedesktop.home1.policy:53 #: src/home/org.freedesktop.home1.policy:53
#, fuzzy
msgid "Update your home area" msgid "Update your home area"
msgstr "עדכון אזור הבית שלך" msgstr "עדכון אזור בית"
#: src/home/org.freedesktop.home1.policy:54 #: src/home/org.freedesktop.home1.policy:54
#, fuzzy
msgid "Authentication is required to update your home area." msgid "Authentication is required to update your home area."
msgstr "נדרש אימות כדי לעדכן את אזור הבית שלך." msgstr "נדרש אימות כדי לעדכן אזור בית למשתמש."
#: src/home/org.freedesktop.home1.policy:63 #: src/home/org.freedesktop.home1.policy:63
msgid "Resize a home area" msgid "Resize a home area"
@ -131,12 +133,14 @@ msgid ""
msgstr "נדרש אימות כדי להחליף סיסמה של אזור בית למשתמש." msgstr "נדרש אימות כדי להחליף סיסמה של אזור בית למשתמש."
#: src/home/org.freedesktop.home1.policy:83 #: src/home/org.freedesktop.home1.policy:83
#, fuzzy
msgid "Activate a home area" msgid "Activate a home area"
msgstr "הפעלת אזור בית" msgstr "יצירת אזור בית"
#: src/home/org.freedesktop.home1.policy:84 #: src/home/org.freedesktop.home1.policy:84
#, fuzzy
msgid "Authentication is required to activate a user's home area." msgid "Authentication is required to activate a user's home area."
msgstr "נדרש אימות כדי להפעיל אזור בית של משתמש." msgstr "נדרש אימות כדי ליצור אזור בית למשתמש."
#: src/home/pam_systemd_home.c:293 #: src/home/pam_systemd_home.c:293
#, c-format #, c-format
@ -347,37 +351,46 @@ msgid "Authentication is required to get system description."
msgstr "נדרש אימות כדי למשוך את תיאור המערכת." msgstr "נדרש אימות כדי למשוך את תיאור המערכת."
#: src/import/org.freedesktop.import1.policy:22 #: src/import/org.freedesktop.import1.policy:22
#, fuzzy
msgid "Import a disk image" msgid "Import a disk image"
msgstr "ייבוא דמות כונן" msgstr "לייבא מכונה וירטואלית או דמות של מכולה (container image)"
#: src/import/org.freedesktop.import1.policy:23 #: src/import/org.freedesktop.import1.policy:23
#, fuzzy
msgid "Authentication is required to import an image." msgid "Authentication is required to import an image."
msgstr "נדרש אימות כדי לייבא דמות." msgstr ""
"נדרש אימות כדי לייבא מכונה וירטואלית או דמות של מכולה (container image)"
#: src/import/org.freedesktop.import1.policy:32 #: src/import/org.freedesktop.import1.policy:32
#, fuzzy
msgid "Export a disk image" msgid "Export a disk image"
msgstr "ייצוא דמות כונן" msgstr "ייצוא מכונה וירטואלית או דמות של מכולה (container image)"
#: src/import/org.freedesktop.import1.policy:33 #: src/import/org.freedesktop.import1.policy:33
#, fuzzy
msgid "Authentication is required to export disk image." msgid "Authentication is required to export disk image."
msgstr "נדרש אימות כדי לייצא דמות כונן." msgstr ""
"נדרש אימות כדי לייצא מכונה וירטואלית או דמות של מכולה (container image)"
#: src/import/org.freedesktop.import1.policy:42 #: src/import/org.freedesktop.import1.policy:42
#, fuzzy
msgid "Download a disk image" msgid "Download a disk image"
msgstr "הורדת דמות כונן" msgstr "הורדת מכונה וירטואלית או דמות מכולה"
#: src/import/org.freedesktop.import1.policy:43 #: src/import/org.freedesktop.import1.policy:43
#, fuzzy
msgid "Authentication is required to download a disk image." msgid "Authentication is required to download a disk image."
msgstr "נדרש אימות כדי להוריד דמות כונן." msgstr "נדרש אימות כדי להוריד מכונה וירטואלית או דמות מכולה"
#: src/import/org.freedesktop.import1.policy:52 #: src/import/org.freedesktop.import1.policy:52
msgid "Cancel transfer of a disk image" msgid "Cancel transfer of a disk image"
msgstr "ביטול העברה של דמות כונן" msgstr ""
#: src/import/org.freedesktop.import1.policy:53 #: src/import/org.freedesktop.import1.policy:53
#, fuzzy
msgid "" msgid ""
"Authentication is required to cancel the ongoing transfer of a disk image." "Authentication is required to cancel the ongoing transfer of a disk image."
msgstr "נדרש אימות כדי לבטל העברה של דמות כונן שמתבצעת בזמן אמת." msgstr "נדרש אימות כדי להחליף סיסמה של אזור בית למשתמש."
#: src/locale/org.freedesktop.locale1.policy:22 #: src/locale/org.freedesktop.locale1.policy:22
msgid "Set system locale" msgid "Set system locale"
@ -719,8 +732,9 @@ msgid "Set a wall message"
msgstr "הגדרת הודעת קיר" msgstr "הגדרת הודעת קיר"
#: src/login/org.freedesktop.login1.policy:397 #: src/login/org.freedesktop.login1.policy:397
#, fuzzy
msgid "Authentication is required to set a wall message." msgid "Authentication is required to set a wall message."
msgstr "נדרש אימות כדי להגדיר הודעת קיר." msgstr "נדרש אימות כדי להגדיר הודעת קיר"
#: src/login/org.freedesktop.login1.policy:406 #: src/login/org.freedesktop.login1.policy:406
msgid "Change Session" msgid "Change Session"
@ -790,14 +804,16 @@ msgstr ""
"נדרש אימות כדי לנהל מכונות וירטואליות (VM) ומכולות (container) מקומיות." "נדרש אימות כדי לנהל מכונות וירטואליות (VM) ומכולות (container) מקומיות."
#: src/machine/org.freedesktop.machine1.policy:95 #: src/machine/org.freedesktop.machine1.policy:95
#, fuzzy
msgid "Create a local virtual machine or container" msgid "Create a local virtual machine or container"
msgstr "יצירת מכונה וירטואלית או מכולה מקומיות" msgstr "ניהול מכונות וירטואליות ומכולות מקומיות"
#: src/machine/org.freedesktop.machine1.policy:96 #: src/machine/org.freedesktop.machine1.policy:96
#, fuzzy
msgid "" msgid ""
"Authentication is required to create a local virtual machine or container." "Authentication is required to create a local virtual machine or container."
msgstr "" msgstr ""
"נדרש אימות כדי ליצור מכונות וירטואליות (VM) או מכולות (container) מקומיות." "נדרש אימות כדי לנהל מכונות וירטואליות (VM) ומכולות (container) מקומיות."
#: src/machine/org.freedesktop.machine1.policy:106 #: src/machine/org.freedesktop.machine1.policy:106
msgid "Manage local virtual machine and container images" msgid "Manage local virtual machine and container images"
@ -949,13 +965,13 @@ msgstr "נדרש אימות כדי להגדיר כרטיס רשת מחדש."
#: src/network/org.freedesktop.network1.policy:187 #: src/network/org.freedesktop.network1.policy:187
msgid "Specify whether persistent storage for systemd-networkd is available" msgid "Specify whether persistent storage for systemd-networkd is available"
msgstr "נא לציין האם יש אחסון קבוע זמין ל־systemd-networkd" msgstr ""
#: src/network/org.freedesktop.network1.policy:188 #: src/network/org.freedesktop.network1.policy:188
msgid "" msgid ""
"Authentication is required to specify whether persistent storage for systemd-" "Authentication is required to specify whether persistent storage for systemd-"
"networkd is available." "networkd is available."
msgstr "נדרש אימות כדי לציין האם אחסון קבוע זמין ל־systemd-networkd." msgstr ""
#: src/portable/org.freedesktop.portable1.policy:13 #: src/portable/org.freedesktop.portable1.policy:13
msgid "Inspect a portable service image" msgid "Inspect a portable service image"
@ -988,16 +1004,18 @@ msgid "Register a DNS-SD service"
msgstr "רישום שירות DNS-SD" msgstr "רישום שירות DNS-SD"
#: src/resolve/org.freedesktop.resolve1.policy:23 #: src/resolve/org.freedesktop.resolve1.policy:23
#, fuzzy
msgid "Authentication is required to register a DNS-SD service." msgid "Authentication is required to register a DNS-SD service."
msgstr "נדרש אימות כדי לרשום שירות DNS-SD." msgstr "נדרש אימות כדי לרשום שירות DNS-SD"
#: src/resolve/org.freedesktop.resolve1.policy:33 #: src/resolve/org.freedesktop.resolve1.policy:33
msgid "Unregister a DNS-SD service" msgid "Unregister a DNS-SD service"
msgstr "ביטול רישום שירות DNS-SD" msgstr "ביטול רישום שירות DNS-SD"
#: src/resolve/org.freedesktop.resolve1.policy:34 #: src/resolve/org.freedesktop.resolve1.policy:34
#, fuzzy
msgid "Authentication is required to unregister a DNS-SD service." msgid "Authentication is required to unregister a DNS-SD service."
msgstr "נדרש אימות כדי לבטל רישום של שירות DNS-SD." msgstr "נדרש אימות כדי לבטל רישום של שירות DNS-SD"
#: src/resolve/org.freedesktop.resolve1.policy:132 #: src/resolve/org.freedesktop.resolve1.policy:132
msgid "Revert name resolution settings" msgid "Revert name resolution settings"
@ -1009,85 +1027,95 @@ msgstr "נדרש אימות כדי לאפס את הגדרות פתרון השמ
#: src/resolve/org.freedesktop.resolve1.policy:143 #: src/resolve/org.freedesktop.resolve1.policy:143
msgid "Subscribe query results" msgid "Subscribe query results"
msgstr "רישום לתוצאות שאילתה" msgstr ""
#: src/resolve/org.freedesktop.resolve1.policy:144 #: src/resolve/org.freedesktop.resolve1.policy:144
#, fuzzy
msgid "Authentication is required to subscribe query results." msgid "Authentication is required to subscribe query results."
msgstr "נדרש אימות כדי להירשם לתוצאות שאילתה." msgstr "נדרש אימות כדי להשהות את המערכת."
#: src/resolve/org.freedesktop.resolve1.policy:154 #: src/resolve/org.freedesktop.resolve1.policy:154
msgid "Dump cache" msgid "Dump cache"
msgstr "היטל המטמון" msgstr ""
#: src/resolve/org.freedesktop.resolve1.policy:155 #: src/resolve/org.freedesktop.resolve1.policy:155
#, fuzzy
msgid "Authentication is required to dump cache." msgid "Authentication is required to dump cache."
msgstr "נדרש אימות כדי להטיל את המטמון." msgstr "נדרש אימות כדי להגדיר שמות תחום."
#: src/resolve/org.freedesktop.resolve1.policy:165 #: src/resolve/org.freedesktop.resolve1.policy:165
msgid "Dump server state" msgid "Dump server state"
msgstr "היטל מצב השרת" msgstr ""
#: src/resolve/org.freedesktop.resolve1.policy:166 #: src/resolve/org.freedesktop.resolve1.policy:166
#, fuzzy
msgid "Authentication is required to dump server state." msgid "Authentication is required to dump server state."
msgstr "נדרש אימות כדי להטיל את מצב השרת." msgstr "נדרש אימות כדי להגדיר שרתי NTP."
#: src/resolve/org.freedesktop.resolve1.policy:176 #: src/resolve/org.freedesktop.resolve1.policy:176
msgid "Dump statistics" msgid "Dump statistics"
msgstr "היטל סטטיסטיקה" msgstr ""
#: src/resolve/org.freedesktop.resolve1.policy:177 #: src/resolve/org.freedesktop.resolve1.policy:177
#, fuzzy
msgid "Authentication is required to dump statistics." msgid "Authentication is required to dump statistics."
msgstr "נדרש אימות כדי להטיל סטטיסטיקה." msgstr "נדרש אימות כדי להגדיר שמות תחום."
#: src/resolve/org.freedesktop.resolve1.policy:187 #: src/resolve/org.freedesktop.resolve1.policy:187
msgid "Reset statistics" msgid "Reset statistics"
msgstr "איפוס סטטיסטיקה" msgstr ""
#: src/resolve/org.freedesktop.resolve1.policy:188 #: src/resolve/org.freedesktop.resolve1.policy:188
#, fuzzy
msgid "Authentication is required to reset statistics." msgid "Authentication is required to reset statistics."
msgstr "נדרש אימות כדי לאפס סטטיסטיקה." msgstr "נדרש אימות כדי לאפס הגדרות NTP."
#: src/sysupdate/org.freedesktop.sysupdate1.policy:35 #: src/sysupdate/org.freedesktop.sysupdate1.policy:35
msgid "Check for system updates" msgid "Check for system updates"
msgstr "חיפוש עדכוני מערכת" msgstr ""
#: src/sysupdate/org.freedesktop.sysupdate1.policy:36 #: src/sysupdate/org.freedesktop.sysupdate1.policy:36
#, fuzzy
msgid "Authentication is required to check for system updates." msgid "Authentication is required to check for system updates."
msgstr "נדרש אימות כדי לחפש עדכוני מערכת." msgstr "נדרש אימות כדי להגדיר את שעון המערכת."
#: src/sysupdate/org.freedesktop.sysupdate1.policy:45 #: src/sysupdate/org.freedesktop.sysupdate1.policy:45
msgid "Install system updates" msgid "Install system updates"
msgstr "התקנת עדכוני מערכת" msgstr ""
#: src/sysupdate/org.freedesktop.sysupdate1.policy:46 #: src/sysupdate/org.freedesktop.sysupdate1.policy:46
#, fuzzy
msgid "Authentication is required to install system updates." msgid "Authentication is required to install system updates."
msgstr "נדרש אימות כדי להתקין עדכוני מערכת." msgstr "נדרש אימות כדי להגדיר את שעון המערכת."
#: src/sysupdate/org.freedesktop.sysupdate1.policy:55 #: src/sysupdate/org.freedesktop.sysupdate1.policy:55
msgid "Install specific system version" msgid "Install specific system version"
msgstr "התקנת גרסת מערכת מסוימת" msgstr ""
#: src/sysupdate/org.freedesktop.sysupdate1.policy:56 #: src/sysupdate/org.freedesktop.sysupdate1.policy:56
#, fuzzy
msgid "" msgid ""
"Authentication is required to update the system to a specific (possibly old) " "Authentication is required to update the system to a specific (possibly old) "
"version." "version."
msgstr "נדרש אימות כדי לעדכן את המערכת לגרסה מסוימת (כנראה ישנה)." msgstr "נדרש אימות כדי להגדיר את אזור הזמן של המערכת."
#: src/sysupdate/org.freedesktop.sysupdate1.policy:65 #: src/sysupdate/org.freedesktop.sysupdate1.policy:65
msgid "Cleanup old system updates" msgid "Cleanup old system updates"
msgstr "ניקוי עדכוני מערכת ישנים" msgstr ""
#: src/sysupdate/org.freedesktop.sysupdate1.policy:66 #: src/sysupdate/org.freedesktop.sysupdate1.policy:66
#, fuzzy
msgid "Authentication is required to cleanup old system updates." msgid "Authentication is required to cleanup old system updates."
msgstr "נדרש אימות כדי לנקות עדכוני מערכת ישנים." msgstr "נדרש אימות כדי להגדיר את שעון המערכת."
#: src/sysupdate/org.freedesktop.sysupdate1.policy:75 #: src/sysupdate/org.freedesktop.sysupdate1.policy:75
msgid "Manage optional features" msgid "Manage optional features"
msgstr "ניהול יכולות רשות" msgstr ""
#: src/sysupdate/org.freedesktop.sysupdate1.policy:76 #: src/sysupdate/org.freedesktop.sysupdate1.policy:76
#, fuzzy
msgid "Authentication is required to manage optional features" msgid "Authentication is required to manage optional features"
msgstr "נדרש אימות כדי לנהל יכולות רשות" msgstr "נדרש אימות כדי לנהל הפעלות, משתמשים ומושבים פעילים."
#: src/timedate/org.freedesktop.timedate1.policy:22 #: src/timedate/org.freedesktop.timedate1.policy:22
msgid "Set system time" msgid "Set system time"

View File

@ -6,7 +6,7 @@
msgid "" msgid ""
msgstr "" msgstr ""
"Report-Msgid-Bugs-To: \n" "Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2024-11-18 12:55+0900\n" "POT-Creation-Date: 2024-11-06 14:42+0000\n"
"PO-Revision-Date: 2021-09-09 03:04+0000\n" "PO-Revision-Date: 2021-09-09 03:04+0000\n"
"Last-Translator: Takuro Onoue <kusanaginoturugi@gmail.com>\n" "Last-Translator: Takuro Onoue <kusanaginoturugi@gmail.com>\n"
"Language-Team: Japanese <https://translate.fedoraproject.org/projects/" "Language-Team: Japanese <https://translate.fedoraproject.org/projects/"
@ -106,12 +106,14 @@ msgid "Authentication is required to update a user's home area."
msgstr "ユーザのホーム領域の更新には認証が必要です。" msgstr "ユーザのホーム領域の更新には認証が必要です。"
#: src/home/org.freedesktop.home1.policy:53 #: src/home/org.freedesktop.home1.policy:53
#, fuzzy
msgid "Update your home area" msgid "Update your home area"
msgstr "ホーム領域の更新" msgstr "ホーム領域の更新"
#: src/home/org.freedesktop.home1.policy:54 #: src/home/org.freedesktop.home1.policy:54
#, fuzzy
msgid "Authentication is required to update your home area." msgid "Authentication is required to update your home area."
msgstr "ホーム領域の更新には認証が必要です。" msgstr "ユーザのホーム領域の更新には認証が必要です。"
#: src/home/org.freedesktop.home1.policy:63 #: src/home/org.freedesktop.home1.policy:63
msgid "Resize a home area" msgid "Resize a home area"
@ -1118,11 +1120,12 @@ msgstr "過去のシステム更新を削除するには認証が必要です。
#: src/sysupdate/org.freedesktop.sysupdate1.policy:75 #: src/sysupdate/org.freedesktop.sysupdate1.policy:75
msgid "Manage optional features" msgid "Manage optional features"
msgstr "任意の機能の管理" msgstr ""
#: src/sysupdate/org.freedesktop.sysupdate1.policy:76 #: src/sysupdate/org.freedesktop.sysupdate1.policy:76
#, fuzzy
msgid "Authentication is required to manage optional features" msgid "Authentication is required to manage optional features"
msgstr "任意の機能を管理するには認証が必要です。" msgstr "アクティブなセッションやユーザ,シートを管理するには認証が必要です。"
#: src/timedate/org.freedesktop.timedate1.policy:22 #: src/timedate/org.freedesktop.timedate1.policy:22
msgid "Set system time" msgid "Set system time"

View File

@ -14,7 +14,7 @@ msgid ""
msgstr "" msgstr ""
"Report-Msgid-Bugs-To: \n" "Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2024-11-06 14:42+0000\n" "POT-Creation-Date: 2024-11-06 14:42+0000\n"
"PO-Revision-Date: 2024-11-17 13:38+0000\n" "PO-Revision-Date: 2024-11-07 09:30+0000\n"
"Last-Translator: \"Sergey A.\" <Ser82-png@yandex.ru>\n" "Last-Translator: \"Sergey A.\" <Ser82-png@yandex.ru>\n"
"Language-Team: Russian <https://translate.fedoraproject.org/projects/systemd/" "Language-Team: Russian <https://translate.fedoraproject.org/projects/systemd/"
"main/ru/>\n" "main/ru/>\n"
@ -1280,7 +1280,7 @@ msgstr "Управление дополнительными функциями"
#: src/sysupdate/org.freedesktop.sysupdate1.policy:76 #: src/sysupdate/org.freedesktop.sysupdate1.policy:76
msgid "Authentication is required to manage optional features" msgid "Authentication is required to manage optional features"
msgstr "" msgstr ""
"Для управления дополнительными функциями необходимо пройти аутентификацию" "Для управления дополнительными функциями необходимо пройти аутентификацию."
#: src/timedate/org.freedesktop.timedate1.policy:22 #: src/timedate/org.freedesktop.timedate1.policy:22
msgid "Set system time" msgid "Set system time"

View File

@ -7,7 +7,7 @@ msgstr ""
"Project-Id-Version: systemd\n" "Project-Id-Version: systemd\n"
"Report-Msgid-Bugs-To: \n" "Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2024-11-06 14:42+0000\n" "POT-Creation-Date: 2024-11-06 14:42+0000\n"
"PO-Revision-Date: 2024-11-20 19:13+0000\n" "PO-Revision-Date: 2024-08-26 19:38+0000\n"
"Last-Translator: Martin Srebotnjak <miles@filmsi.net>\n" "Last-Translator: Martin Srebotnjak <miles@filmsi.net>\n"
"Language-Team: Slovenian <https://translate.fedoraproject.org/projects/" "Language-Team: Slovenian <https://translate.fedoraproject.org/projects/"
"systemd/main/sl/>\n" "systemd/main/sl/>\n"
@ -17,7 +17,7 @@ msgstr ""
"Content-Transfer-Encoding: 8bit\n" "Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=4; plural=n%100==1 ? 0 : n%100==2 ? 1 : n%100==3 || " "Plural-Forms: nplurals=4; plural=n%100==1 ? 0 : n%100==2 ? 1 : n%100==3 || "
"n%100==4 ? 2 : 3;\n" "n%100==4 ? 2 : 3;\n"
"X-Generator: Weblate 5.8.2\n" "X-Generator: Weblate 5.7\n"
#: src/core/org.freedesktop.systemd1.policy.in:22 #: src/core/org.freedesktop.systemd1.policy.in:22
msgid "Send passphrase back to system" msgid "Send passphrase back to system"
@ -125,13 +125,16 @@ msgstr ""
"območja." "območja."
#: src/home/org.freedesktop.home1.policy:53 #: src/home/org.freedesktop.home1.policy:53
#, fuzzy
msgid "Update your home area" msgid "Update your home area"
msgstr "Posodobite domače območje" msgstr "Posodobite domače območje"
#: src/home/org.freedesktop.home1.policy:54 #: src/home/org.freedesktop.home1.policy:54
#, fuzzy
msgid "Authentication is required to update your home area." msgid "Authentication is required to update your home area."
msgstr "" msgstr ""
"Preverjanje pristnosti je potrebno za posodobitev vašega domačega območja." "Preverjanje pristnosti je potrebno za posodobitev uporabnikovega domačega "
"območja."
#: src/home/org.freedesktop.home1.policy:63 #: src/home/org.freedesktop.home1.policy:63
msgid "Resize a home area" msgid "Resize a home area"
@ -1231,12 +1234,14 @@ msgstr ""
#: src/sysupdate/org.freedesktop.sysupdate1.policy:75 #: src/sysupdate/org.freedesktop.sysupdate1.policy:75
msgid "Manage optional features" msgid "Manage optional features"
msgstr "Upravljaj dodatne funkcionalnosti" msgstr ""
#: src/sysupdate/org.freedesktop.sysupdate1.policy:76 #: src/sysupdate/org.freedesktop.sysupdate1.policy:76
#, fuzzy
msgid "Authentication is required to manage optional features" msgid "Authentication is required to manage optional features"
msgstr "" msgstr ""
"Preverjanje pristnosti je potrebno za upravljanje dodatnih funkcionalnosti." "Preverjanje pristnosti je potrebno za upravljanje aktivnih sej, uporabnikov "
"in delovišč."
#: src/timedate/org.freedesktop.timedate1.policy:22 #: src/timedate/org.freedesktop.timedate1.policy:22
msgid "Set system time" msgid "Set system time"

View File

@ -4,12 +4,11 @@
# Eugene Melnik <jeka7js@gmail.com>, 2014. # Eugene Melnik <jeka7js@gmail.com>, 2014.
# Daniel Korostil <ted.korostiled@gmail.com>, 2014, 2016, 2018. # Daniel Korostil <ted.korostiled@gmail.com>, 2014, 2016, 2018.
# Yuri Chornoivan <yurchor@ukr.net>, 2019, 2020, 2021, 2022, 2023, 2024. # Yuri Chornoivan <yurchor@ukr.net>, 2019, 2020, 2021, 2022, 2023, 2024.
# Dmytro Markevych <hotr1pak@gmail.com>, 2024.
msgid "" msgid ""
msgstr "" msgstr ""
"Report-Msgid-Bugs-To: \n" "Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2024-11-06 14:42+0000\n" "POT-Creation-Date: 2024-11-06 14:42+0000\n"
"PO-Revision-Date: 2024-11-21 19:38+0000\n" "PO-Revision-Date: 2024-08-24 10:36+0000\n"
"Last-Translator: Yuri Chornoivan <yurchor@ukr.net>\n" "Last-Translator: Yuri Chornoivan <yurchor@ukr.net>\n"
"Language-Team: Ukrainian <https://translate.fedoraproject.org/projects/" "Language-Team: Ukrainian <https://translate.fedoraproject.org/projects/"
"systemd/main/uk/>\n" "systemd/main/uk/>\n"
@ -19,7 +18,7 @@ msgstr ""
"Content-Transfer-Encoding: 8bit\n" "Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=3; plural=n%10==1 && n%100!=11 ? 0 : n%10>=2 && " "Plural-Forms: nplurals=3; plural=n%10==1 && n%100!=11 ? 0 : n%10>=2 && "
"n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2;\n" "n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2;\n"
"X-Generator: Weblate 5.8.2\n" "X-Generator: Weblate 5.7\n"
#: src/core/org.freedesktop.systemd1.policy.in:22 #: src/core/org.freedesktop.systemd1.policy.in:22
msgid "Send passphrase back to system" msgid "Send passphrase back to system"
@ -119,12 +118,14 @@ msgid "Authentication is required to update a user's home area."
msgstr "Для оновлення домашньої теки користувача слід пройти розпізнавання." msgstr "Для оновлення домашньої теки користувача слід пройти розпізнавання."
#: src/home/org.freedesktop.home1.policy:53 #: src/home/org.freedesktop.home1.policy:53
#, fuzzy
msgid "Update your home area" msgid "Update your home area"
msgstr "Оновлення домашньої області" msgstr "Оновлення домашньої теки"
#: src/home/org.freedesktop.home1.policy:54 #: src/home/org.freedesktop.home1.policy:54
#, fuzzy
msgid "Authentication is required to update your home area." msgid "Authentication is required to update your home area."
msgstr "Для оновлення домашньої області слід пройти розпізнавання." msgstr "Для оновлення домашньої теки користувача слід пройти розпізнавання."
#: src/home/org.freedesktop.home1.policy:63 #: src/home/org.freedesktop.home1.policy:63
msgid "Resize a home area" msgid "Resize a home area"
@ -1211,11 +1212,14 @@ msgstr "Для вилучення застарілих оновлень сист
#: src/sysupdate/org.freedesktop.sysupdate1.policy:75 #: src/sysupdate/org.freedesktop.sysupdate1.policy:75
msgid "Manage optional features" msgid "Manage optional features"
msgstr "Керування додатковими функціями" msgstr ""
#: src/sysupdate/org.freedesktop.sysupdate1.policy:76 #: src/sysupdate/org.freedesktop.sysupdate1.policy:76
#, fuzzy
msgid "Authentication is required to manage optional features" msgid "Authentication is required to manage optional features"
msgstr "Для керування додатковими можливостями слід пройти розпізнавання" msgstr ""
"Для того, щоб керувати сеансами, користувачами і робочими місцями, слід "
"пройти розпізнавання."
#: src/timedate/org.freedesktop.timedate1.policy:22 #: src/timedate/org.freedesktop.timedate1.policy:22
msgid "Set system time" msgid "Set system time"

View File

@ -38,12 +38,19 @@ __get_tpm2_devices() {
done done
} }
__get_block_devices() {
local i
for i in /dev/*; do
[ -b "$i" ] && printf '%s\n' "$i"
done
}
_systemd_cryptenroll() { _systemd_cryptenroll() {
local comps local comps
local cur=${COMP_WORDS[COMP_CWORD]} prev=${COMP_WORDS[COMP_CWORD-1]} words cword local cur=${COMP_WORDS[COMP_CWORD]} prev=${COMP_WORDS[COMP_CWORD-1]} words cword
local -A OPTS=( local -A OPTS=(
[STANDALONE]='-h --help --version [STANDALONE]='-h --help --version
--password --recovery-key --list-devices' --password --recovery-key'
[ARG]='--unlock-key-file [ARG]='--unlock-key-file
--unlock-fido2-device --unlock-fido2-device
--unlock-tpm2-device --unlock-tpm2-device
@ -109,7 +116,7 @@ _systemd_cryptenroll() {
return 0 return 0
fi fi
comps=$(systemd-cryptenroll --list-devices) comps=$(__get_block_devices)
COMPREPLY=( $(compgen -W '$comps' -- "$cur") ) COMPREPLY=( $(compgen -W '$comps' -- "$cur") )
return 0 return 0
} }

View File

@ -15,59 +15,27 @@
#include "parse-util.h" #include "parse-util.h"
#include "process-util.h" #include "process-util.h"
#include "socket-util.h" #include "socket-util.h"
#include "stat-util.h"
#include "user-util.h" #include "user-util.h"
#include "virt.h"
static int audit_read_field(const PidRef *pid, const char *field, char **ret) {
int r;
assert(field);
assert(ret);
if (!pidref_is_set(pid))
return -ESRCH;
/* Auditing is currently not virtualized for containers. Let's hence not use the audit session ID or
* login UID for now, it will be leaked in from the host */
if (detect_container() > 0)
return -ENODATA;
const char *p = procfs_file_alloca(pid->pid, field);
int audit_session_from_pid(pid_t pid, uint32_t *id) {
_cleanup_free_ char *s = NULL; _cleanup_free_ char *s = NULL;
bool enoent = false; const char *p;
r = read_virtual_file(p, SIZE_MAX, &s, /* ret_size= */ NULL);
if (r == -ENOENT) {
if (proc_mounted() == 0)
return -ENOSYS;
enoent = true;
} else if (r < 0)
return r;
r = pidref_verify(pid);
if (r < 0)
return r;
if (enoent) /* We got ENOENT, but /proc/ was mounted and the PID still valid? In that case it appears
* auditing is not supported by the kernel. */
return -ENODATA;
delete_trailing_chars(s, NEWLINE);
*ret = TAKE_PTR(s);
return 0;
}
int audit_session_from_pid(const PidRef *pid, uint32_t *ret_id) {
_cleanup_free_ char *s = NULL;
int r;
r = audit_read_field(pid, "sessionid", &s);
if (r < 0)
return r;
uint32_t u; uint32_t u;
int r;
assert(id);
/* We don't convert ENOENT to ESRCH here, since we can't
* really distinguish between "audit is not available in the
* kernel" and "the process does not exist", both which will
* result in ENOENT. */
p = procfs_file_alloca(pid, "sessionid");
r = read_one_line_file(p, &s);
if (r < 0)
return r;
r = safe_atou32(s, &u); r = safe_atou32(s, &u);
if (r < 0) if (r < 0)
return r; return r;
@ -75,24 +43,32 @@ int audit_session_from_pid(const PidRef *pid, uint32_t *ret_id) {
if (!audit_session_is_valid(u)) if (!audit_session_is_valid(u))
return -ENODATA; return -ENODATA;
if (ret_id) *id = u;
*ret_id = u;
return 0; return 0;
} }
int audit_loginuid_from_pid(const PidRef *pid, uid_t *ret_uid) { int audit_loginuid_from_pid(pid_t pid, uid_t *uid) {
_cleanup_free_ char *s = NULL; _cleanup_free_ char *s = NULL;
const char *p;
uid_t u;
int r; int r;
r = audit_read_field(pid, "loginuid", &s); assert(uid);
p = procfs_file_alloca(pid, "loginuid");
r = read_one_line_file(p, &s);
if (r < 0) if (r < 0)
return r; return r;
if (streq(s, "4294967295")) /* loginuid as 4294967295 means not part of any session. */ r = parse_uid(s, &u);
if (r == -ENXIO) /* the UID was -1 */
return -ENODATA; return -ENODATA;
if (r < 0)
return r;
return parse_uid(s, ret_uid); *uid = u;
return 0;
} }
static int try_audit_request(int fd) { static int try_audit_request(int fd) {
@ -137,24 +113,22 @@ bool use_audit(void) {
static int cached_use = -1; static int cached_use = -1;
int r; int r;
if (cached_use >= 0) if (cached_use < 0) {
return cached_use; int fd;
_cleanup_close_ int fd = socket(AF_NETLINK, SOCK_RAW|SOCK_CLOEXEC|SOCK_NONBLOCK, NETLINK_AUDIT); fd = socket(AF_NETLINK, SOCK_RAW|SOCK_CLOEXEC|SOCK_NONBLOCK, NETLINK_AUDIT);
if (fd < 0) { if (fd < 0) {
cached_use = !ERRNO_IS_PRIVILEGE(errno) && !ERRNO_IS_NOT_SUPPORTED(errno); cached_use = !IN_SET(errno, EAFNOSUPPORT, EPROTONOSUPPORT, EPERM);
if (cached_use) if (!cached_use)
log_debug_errno(errno, "Unexpected error while creating audit socket, proceeding with its use: %m"); log_debug_errno(errno, "Won't talk to audit: %m");
else
log_debug_errno(errno, "Won't talk to audit, because feature or privilege absent: %m");
} else { } else {
/* If we try and use the audit fd but get -ECONNREFUSED, it is because we are not in the /* If we try and use the audit fd but get -ECONNREFUSED, it is because
* initial user namespace, and the kernel does not have support for audit outside of the * we are not in the initial user namespace, and the kernel does not
* initial user namespace (see * have support for audit outside of the initial user namespace
* https://elixir.bootlin.com/linux/latest/C/ident/audit_netlink_ok). * (see https://elixir.bootlin.com/linux/latest/C/ident/audit_netlink_ok).
* *
* If we receive any other error, do not disable audit because we are not sure that the error * If we receive any other error, do not disable audit because we are not
* indicates that audit will not work in general. */ * sure that the error indicates that audit will not work in general. */
r = try_audit_request(fd); r = try_audit_request(fd);
if (r < 0) { if (r < 0) {
cached_use = r != -ECONNREFUSED; cached_use = r != -ECONNREFUSED;
@ -163,6 +137,9 @@ bool use_audit(void) {
"Won't talk to audit: %m"); "Won't talk to audit: %m");
} else } else
cached_use = true; cached_use = true;
safe_close(fd);
}
} }
return cached_use; return cached_use;

View File

@ -5,12 +5,10 @@
#include <stdint.h> #include <stdint.h>
#include <sys/types.h> #include <sys/types.h>
#include "pidref.h"
#define AUDIT_SESSION_INVALID UINT32_MAX #define AUDIT_SESSION_INVALID UINT32_MAX
int audit_session_from_pid(const PidRef *pid, uint32_t *id); int audit_session_from_pid(pid_t pid, uint32_t *id);
int audit_loginuid_from_pid(const PidRef *pid, uid_t *uid); int audit_loginuid_from_pid(pid_t pid, uid_t *uid);
bool use_audit(void); bool use_audit(void);

View File

@ -799,20 +799,16 @@ int cg_pid_get_path(const char *controller, pid_t pid, char **ret_path) {
continue; continue;
} }
_cleanup_free_ char *path = strdup(e + 1); char *path = strdup(e + 1);
if (!path) if (!path)
return -ENOMEM; return -ENOMEM;
/* Refuse cgroup paths from outside our cgroup namespace */
if (startswith(path, "/../"))
return -EUNATCH;
/* Truncate suffix indicating the process is a zombie */ /* Truncate suffix indicating the process is a zombie */
e = endswith(path, " (deleted)"); e = endswith(path, " (deleted)");
if (e) if (e)
*e = 0; *e = 0;
*ret_path = TAKE_PTR(path); *ret_path = path;
return 0; return 0;
} }
} }

View File

@ -81,7 +81,6 @@ const char* special_glyph_full(SpecialGlyph code, bool force_utf) {
[SPECIAL_GLYPH_BLUE_CIRCLE] = "o", [SPECIAL_GLYPH_BLUE_CIRCLE] = "o",
[SPECIAL_GLYPH_GREEN_CIRCLE] = "o", [SPECIAL_GLYPH_GREEN_CIRCLE] = "o",
[SPECIAL_GLYPH_SUPERHERO] = "S", [SPECIAL_GLYPH_SUPERHERO] = "S",
[SPECIAL_GLYPH_IDCARD] = "@",
}, },
/* UTF-8 */ /* UTF-8 */
@ -152,7 +151,6 @@ const char* special_glyph_full(SpecialGlyph code, bool force_utf) {
[SPECIAL_GLYPH_BLUE_CIRCLE] = u8"🔵", [SPECIAL_GLYPH_BLUE_CIRCLE] = u8"🔵",
[SPECIAL_GLYPH_GREEN_CIRCLE] = u8"🟢", [SPECIAL_GLYPH_GREEN_CIRCLE] = u8"🟢",
[SPECIAL_GLYPH_SUPERHERO] = u8"🦸", [SPECIAL_GLYPH_SUPERHERO] = u8"🦸",
[SPECIAL_GLYPH_IDCARD] = u8"🪪",
}, },
}; };

View File

@ -56,7 +56,6 @@ typedef enum SpecialGlyph {
SPECIAL_GLYPH_BLUE_CIRCLE, SPECIAL_GLYPH_BLUE_CIRCLE,
SPECIAL_GLYPH_GREEN_CIRCLE, SPECIAL_GLYPH_GREEN_CIRCLE,
SPECIAL_GLYPH_SUPERHERO, SPECIAL_GLYPH_SUPERHERO,
SPECIAL_GLYPH_IDCARD,
_SPECIAL_GLYPH_MAX, _SPECIAL_GLYPH_MAX,
_SPECIAL_GLYPH_INVALID = -EINVAL, _SPECIAL_GLYPH_INVALID = -EINVAL,
} SpecialGlyph; } SpecialGlyph;

View File

@ -136,14 +136,12 @@ int namespace_open(
int *ret_userns_fd, int *ret_userns_fd,
int *ret_root_fd) { int *ret_root_fd) {
_cleanup_(pidref_done) PidRef pidref = PIDREF_NULL; assert(pid >= 0);
int r;
r = pidref_set_pid(&pidref, pid); if (pid == 0)
if (r < 0) pid = getpid_cached();
return r;
return pidref_namespace_open(&pidref, ret_pidns_fd, ret_mntns_fd, ret_netns_fd, ret_userns_fd, ret_root_fd); return pidref_namespace_open(&PIDREF_MAKE_FROM_PID(pid), ret_pidns_fd, ret_mntns_fd, ret_netns_fd, ret_userns_fd, ret_root_fd);
} }
int namespace_enter(int pidns_fd, int mntns_fd, int netns_fd, int userns_fd, int root_fd) { int namespace_enter(int pidns_fd, int mntns_fd, int netns_fd, int userns_fd, int root_fd) {

View File

@ -102,8 +102,8 @@ int pid_get_comm(pid_t pid, char **ret) {
_cleanup_free_ char *escaped = NULL, *comm = NULL; _cleanup_free_ char *escaped = NULL, *comm = NULL;
int r; int r;
assert(pid >= 0);
assert(ret); assert(ret);
assert(pid >= 0);
if (pid == 0 || pid == getpid_cached()) { if (pid == 0 || pid == getpid_cached()) {
comm = new0(char, TASK_COMM_LEN + 1); /* Must fit in 16 byte according to prctl(2) */ comm = new0(char, TASK_COMM_LEN + 1); /* Must fit in 16 byte according to prctl(2) */
@ -143,9 +143,6 @@ int pidref_get_comm(const PidRef *pid, char **ret) {
if (!pidref_is_set(pid)) if (!pidref_is_set(pid))
return -ESRCH; return -ESRCH;
if (pidref_is_remote(pid))
return -EREMOTE;
r = pid_get_comm(pid->pid, &comm); r = pid_get_comm(pid->pid, &comm);
if (r < 0) if (r < 0)
return r; return r;
@ -292,9 +289,6 @@ int pidref_get_cmdline(const PidRef *pid, size_t max_columns, ProcessCmdlineFlag
if (!pidref_is_set(pid)) if (!pidref_is_set(pid))
return -ESRCH; return -ESRCH;
if (pidref_is_remote(pid))
return -EREMOTE;
r = pid_get_cmdline(pid->pid, max_columns, flags, &s); r = pid_get_cmdline(pid->pid, max_columns, flags, &s);
if (r < 0) if (r < 0)
return r; return r;
@ -337,9 +331,6 @@ int pidref_get_cmdline_strv(const PidRef *pid, ProcessCmdlineFlags flags, char *
if (!pidref_is_set(pid)) if (!pidref_is_set(pid))
return -ESRCH; return -ESRCH;
if (pidref_is_remote(pid))
return -EREMOTE;
r = pid_get_cmdline_strv(pid->pid, flags, &args); r = pid_get_cmdline_strv(pid->pid, flags, &args);
if (r < 0) if (r < 0)
return r; return r;
@ -486,9 +477,6 @@ int pidref_is_kernel_thread(const PidRef *pid) {
if (!pidref_is_set(pid)) if (!pidref_is_set(pid))
return -ESRCH; return -ESRCH;
if (pidref_is_remote(pid))
return -EREMOTE;
result = pid_is_kernel_thread(pid->pid); result = pid_is_kernel_thread(pid->pid);
if (result < 0) if (result < 0)
return result; return result;
@ -606,9 +594,6 @@ int pidref_get_uid(const PidRef *pid, uid_t *ret) {
if (!pidref_is_set(pid)) if (!pidref_is_set(pid))
return -ESRCH; return -ESRCH;
if (pidref_is_remote(pid))
return -EREMOTE;
r = pid_get_uid(pid->pid, &uid); r = pid_get_uid(pid->pid, &uid);
if (r < 0) if (r < 0)
return r; return r;
@ -809,9 +794,6 @@ int pidref_get_start_time(const PidRef *pid, usec_t *ret) {
if (!pidref_is_set(pid)) if (!pidref_is_set(pid))
return -ESRCH; return -ESRCH;
if (pidref_is_remote(pid))
return -EREMOTE;
r = pid_get_start_time(pid->pid, ret ? &t : NULL); r = pid_get_start_time(pid->pid, ret ? &t : NULL);
if (r < 0) if (r < 0)
return r; return r;
@ -1111,9 +1093,6 @@ int pidref_is_my_child(const PidRef *pid) {
if (!pidref_is_set(pid)) if (!pidref_is_set(pid))
return -ESRCH; return -ESRCH;
if (pidref_is_remote(pid))
return -EREMOTE;
result = pid_is_my_child(pid->pid); result = pid_is_my_child(pid->pid);
if (result < 0) if (result < 0)
return result; return result;
@ -1149,9 +1128,6 @@ int pidref_is_unwaited(const PidRef *pid) {
if (!pidref_is_set(pid)) if (!pidref_is_set(pid))
return -ESRCH; return -ESRCH;
if (pidref_is_remote(pid))
return -EREMOTE;
if (pid->pid == 1 || pidref_is_self(pid)) if (pid->pid == 1 || pidref_is_self(pid))
return true; return true;
@ -1193,9 +1169,6 @@ int pidref_is_alive(const PidRef *pidref) {
if (!pidref_is_set(pidref)) if (!pidref_is_set(pidref))
return -ESRCH; return -ESRCH;
if (pidref_is_remote(pidref))
return -EREMOTE;
result = pid_is_alive(pidref->pid); result = pid_is_alive(pidref->pid);
if (result < 0) { if (result < 0) {
assert(result != -ESRCH); assert(result != -ESRCH);
@ -1487,8 +1460,8 @@ int safe_fork_full(
bool block_signals = false, block_all = false, intermediary = false; bool block_signals = false, block_all = false, intermediary = false;
int prio, r; int prio, r;
assert(!FLAGS_SET(flags, FORK_DETACH) || assert(!FLAGS_SET(flags, FORK_DETACH) || !ret_pid);
(!ret_pid && (flags & (FORK_WAIT|FORK_DEATHSIG_SIGTERM|FORK_DEATHSIG_SIGINT|FORK_DEATHSIG_SIGKILL)) == 0)); assert(!FLAGS_SET(flags, FORK_DETACH|FORK_WAIT));
/* A wrapper around fork(), that does a couple of important initializations in addition to mere forking. Always /* A wrapper around fork(), that does a couple of important initializations in addition to mere forking. Always
* returns the child's PID in *ret_pid. Returns == 0 in the child, and > 0 in the parent. */ * returns the child's PID in *ret_pid. Returns == 0 in the child, and > 0 in the parent. */
@ -1842,9 +1815,6 @@ int namespace_fork(
int set_oom_score_adjust(int value) { int set_oom_score_adjust(int value) {
char t[DECIMAL_STR_MAX(int)]; char t[DECIMAL_STR_MAX(int)];
if (!oom_score_adjust_is_valid(value))
return -EINVAL;
xsprintf(t, "%i", value); xsprintf(t, "%i", value);
return write_string_file("/proc/self/oom_score_adj", t, return write_string_file("/proc/self/oom_score_adj", t,
@ -1861,16 +1831,11 @@ int get_oom_score_adjust(int *ret) {
delete_trailing_chars(t, WHITESPACE); delete_trailing_chars(t, WHITESPACE);
r = safe_atoi(t, &a); assert_se(safe_atoi(t, &a) >= 0);
if (r < 0) assert_se(oom_score_adjust_is_valid(a));
return r;
if (!oom_score_adjust_is_valid(a))
return -ENODATA;
if (ret) if (ret)
*ret = a; *ret = a;
return 0; return 0;
} }

View File

@ -220,9 +220,9 @@ static int synthesize_user_creds(
if (ret_gid) if (ret_gid)
*ret_gid = GID_NOBODY; *ret_gid = GID_NOBODY;
if (ret_home) if (ret_home)
*ret_home = FLAGS_SET(flags, USER_CREDS_SUPPRESS_PLACEHOLDER) ? NULL : "/"; *ret_home = FLAGS_SET(flags, USER_CREDS_CLEAN) ? NULL : "/";
if (ret_shell) if (ret_shell)
*ret_shell = FLAGS_SET(flags, USER_CREDS_SUPPRESS_PLACEHOLDER) ? NULL : NOLOGIN; *ret_shell = FLAGS_SET(flags, USER_CREDS_CLEAN) ? NULL : NOLOGIN;
return 0; return 0;
} }
@ -244,7 +244,6 @@ int get_user_creds(
assert(username); assert(username);
assert(*username); assert(*username);
assert((ret_home || ret_shell) || !(flags & (USER_CREDS_SUPPRESS_PLACEHOLDER|USER_CREDS_CLEAN)));
if (!FLAGS_SET(flags, USER_CREDS_PREFER_NSS) || if (!FLAGS_SET(flags, USER_CREDS_PREFER_NSS) ||
(!ret_home && !ret_shell)) { (!ret_home && !ret_shell)) {
@ -316,14 +315,17 @@ int get_user_creds(
if (ret_home) if (ret_home)
/* Note: we don't insist on normalized paths, since there are setups that have /./ in the path */ /* Note: we don't insist on normalized paths, since there are setups that have /./ in the path */
*ret_home = (FLAGS_SET(flags, USER_CREDS_SUPPRESS_PLACEHOLDER) && empty_or_root(p->pw_dir)) || *ret_home = (FLAGS_SET(flags, USER_CREDS_CLEAN) &&
(FLAGS_SET(flags, USER_CREDS_CLEAN) && (!path_is_valid(p->pw_dir) || !path_is_absolute(p->pw_dir))) (empty_or_root(p->pw_dir) ||
? NULL : p->pw_dir; !path_is_valid(p->pw_dir) ||
!path_is_absolute(p->pw_dir))) ? NULL : p->pw_dir;
if (ret_shell) if (ret_shell)
*ret_shell = (FLAGS_SET(flags, USER_CREDS_SUPPRESS_PLACEHOLDER) && shell_is_placeholder(p->pw_shell)) || *ret_shell = (FLAGS_SET(flags, USER_CREDS_CLEAN) &&
(FLAGS_SET(flags, USER_CREDS_CLEAN) && (!path_is_valid(p->pw_shell) || !path_is_absolute(p->pw_shell))) (isempty(p->pw_shell) ||
? NULL : p->pw_shell; !path_is_valid(p->pw_shell) ||
!path_is_absolute(p->pw_shell) ||
is_nologin_shell(p->pw_shell))) ? NULL : p->pw_shell;
if (patch_username) if (patch_username)
*username = p->pw_name; *username = p->pw_name;

View File

@ -12,8 +12,6 @@
#include <sys/types.h> #include <sys/types.h>
#include <unistd.h> #include <unistd.h>
#include "string-util.h"
/* Users managed by systemd-homed. See https://systemd.io/UIDS-GIDS for details how this range fits into the rest of the world */ /* Users managed by systemd-homed. See https://systemd.io/UIDS-GIDS for details how this range fits into the rest of the world */
#define HOME_UID_MIN ((uid_t) 60001) #define HOME_UID_MIN ((uid_t) 60001)
#define HOME_UID_MAX ((uid_t) 60513) #define HOME_UID_MAX ((uid_t) 60513)
@ -38,20 +36,10 @@ static inline int parse_gid(const char *s, gid_t *ret_gid) {
char* getlogname_malloc(void); char* getlogname_malloc(void);
char* getusername_malloc(void); char* getusername_malloc(void);
const char* default_root_shell_at(int rfd);
const char* default_root_shell(const char *root);
bool is_nologin_shell(const char *shell);
static inline bool shell_is_placeholder(const char *shell) {
return isempty(shell) || is_nologin_shell(shell);
}
typedef enum UserCredsFlags { typedef enum UserCredsFlags {
USER_CREDS_PREFER_NSS = 1 << 0, /* if set, only synthesize user records if database lacks them. Normally we bypass the userdb entirely for the records we can synthesize */ USER_CREDS_PREFER_NSS = 1 << 0, /* if set, only synthesize user records if database lacks them. Normally we bypass the userdb entirely for the records we can synthesize */
USER_CREDS_ALLOW_MISSING = 1 << 1, /* if a numeric UID string is resolved, be OK if there's no record for it */ USER_CREDS_ALLOW_MISSING = 1 << 1, /* if a numeric UID string is resolved, be OK if there's no record for it */
USER_CREDS_CLEAN = 1 << 2, /* try to clean up shell and home fields with invalid data */ USER_CREDS_CLEAN = 1 << 2, /* try to clean up shell and home fields with invalid data */
USER_CREDS_SUPPRESS_PLACEHOLDER = 1 << 3, /* suppress home and/or shell fields if value is placeholder (root/empty/nologin) */
} UserCredsFlags; } UserCredsFlags;
int get_user_creds(const char **username, uid_t *ret_uid, gid_t *ret_gid, const char **ret_home, const char **ret_shell, UserCredsFlags flags); int get_user_creds(const char **username, uid_t *ret_uid, gid_t *ret_gid, const char **ret_home, const char **ret_shell, UserCredsFlags flags);
@ -137,6 +125,10 @@ int fgetsgent_sane(FILE *stream, struct sgrp **sg);
int putsgent_sane(const struct sgrp *sg, FILE *stream); int putsgent_sane(const struct sgrp *sg, FILE *stream);
#endif #endif
bool is_nologin_shell(const char *shell);
const char* default_root_shell_at(int rfd);
const char* default_root_shell(const char *root);
int is_this_me(const char *username); int is_this_me(const char *username);
const char* get_home_root(void); const char* get_home_root(void);

View File

@ -1,18 +1,17 @@
# SPDX-License-Identifier: LGPL-2.1-or-later # SPDX-License-Identifier: LGPL-2.1-or-later
if conf.get('ENABLE_BINFMT') != 1
subdir_done()
endif
executables += [ executables += [
libexec_template + { libexec_template + {
'name' : 'systemd-binfmt', 'name' : 'systemd-binfmt',
'public' : true, 'public' : true,
'conditions' : ['ENABLE_BINFMT'],
'sources' : files('binfmt.c'), 'sources' : files('binfmt.c'),
}, },
] ]
install_emptydir(binfmtdir) if conf.get('ENABLE_BINFMT') == 1
if install_sysconfdir install_emptydir(binfmtdir)
if install_sysconfdir
install_emptydir(sysconfdir / 'binfmt.d') install_emptydir(sysconfdir / 'binfmt.d')
endif
endif endif

View File

@ -2469,7 +2469,11 @@ static EFI_STATUS initrd_prepare(
return EFI_OUT_OF_RESOURCES; return EFI_OUT_OF_RESOURCES;
} }
_cleanup_pages_ Pages pages = xmalloc_initrd_pages(size); _cleanup_pages_ Pages pages = xmalloc_pages(
AllocateMaxAddress,
EfiLoaderData,
EFI_SIZE_TO_PAGES(size),
UINT32_MAX /* Below 4G boundary. */);
uint8_t *p = PHYSICAL_ADDRESS_TO_POINTER(pages.addr); uint8_t *p = PHYSICAL_ADDRESS_TO_POINTER(pages.addr);
STRV_FOREACH(i, entry->initrd) { STRV_FOREACH(i, entry->initrd) {

View File

@ -21,11 +21,6 @@
#include "smbios.h" #include "smbios.h"
#include "util.h" #include "util.h"
/* Validate the descriptor macros a bit that they match our expectations */
assert_cc(DEVICE_DESCRIPTOR_DEVICETREE == UINT32_C(0x1000001C));
assert_cc(DEVICE_SIZE_FROM_DESCRIPTOR(DEVICE_DESCRIPTOR_DEVICETREE) == sizeof(Device));
assert_cc(DEVICE_TYPE_FROM_DESCRIPTOR(DEVICE_DESCRIPTOR_DEVICETREE) == DEVICE_TYPE_DEVICETREE);
/** /**
* smbios_to_hashable_string() - Convert ascii smbios string to stripped char16_t. * smbios_to_hashable_string() - Convert ascii smbios string to stripped char16_t.
*/ */
@ -110,10 +105,9 @@ EFI_STATUS chid_match(const void *hwid_buffer, size_t hwid_length, const Device
/* Count devices and check validity */ /* Count devices and check validity */
for (; (n_devices + 1) * sizeof(*devices) < hwid_length;) { for (; (n_devices + 1) * sizeof(*devices) < hwid_length;) {
if (devices[n_devices].struct_size == 0)
if (devices[n_devices].descriptor == DEVICE_DESCRIPTOR_EOL)
break; break;
if (devices[n_devices].descriptor != DEVICE_DESCRIPTOR_DEVICETREE) if (devices[n_devices].struct_size != sizeof(*devices))
return EFI_UNSUPPORTED; return EFI_UNSUPPORTED;
n_devices++; n_devices++;
} }

View File

@ -2,63 +2,22 @@
#pragma once #pragma once
#include "efi.h" #include "efi.h"
#include "chid-fundamental.h" #include "chid-fundamental.h"
/* A .hwids PE section consists of a series of 'Device' structures. A 'Device' structure binds a CHID to some
* resource, for now only Devicetree blobs. Designed to be extensible to other types of resources, should the
* need arise. The series of 'Device' structures is followed by some space for strings that can be referenced
* by offset by the Device structures. */
enum {
DEVICE_TYPE_DEVICETREE = 0x1, /* A devicetree blob */
/* Maybe later additional types for:
* - CoCo Bring-Your-Own-Firmware
* - ACPI DSDT Overrides
* - */
};
#define DEVICE_SIZE_FROM_DESCRIPTOR(u) ((uint32_t) (u) & UINT32_C(0x0FFFFFFF))
#define DEVICE_TYPE_FROM_DESCRIPTOR(u) ((uint32_t) (u) >> 28)
#define DEVICE_MAKE_DESCRIPTOR(type, size) (((uint32_t) (size) | ((uint32_t) type << 28)))
#define DEVICE_DESCRIPTOR_DEVICETREE DEVICE_MAKE_DESCRIPTOR(DEVICE_TYPE_DEVICETREE, sizeof(Device))
#define DEVICE_DESCRIPTOR_EOL UINT32_C(0)
typedef struct Device { typedef struct Device {
uint32_t descriptor; /* The highest four bit encode the type of entry, the other 28 bit encode the uint32_t struct_size; /* = sizeof(struct Device), or 0 for EOL */
* size of the structure. Use the macros above to generate or take apart this
* field. */
EFI_GUID chid;
union {
struct {
/* These offsets are relative to the beginning of the .hwids PE section. */
uint32_t name_offset; /* nul-terminated string or 0 if not present */ uint32_t name_offset; /* nul-terminated string or 0 if not present */
uint32_t compatible_offset; /* nul-terminated string or 0 if not present */ uint32_t compatible_offset; /* nul-terminated string or 0 if not present */
} devicetree; EFI_GUID chid;
/* fields for other descriptor types… */
};
} _packed_ Device; } _packed_ Device;
/* Validate some offset, since the structure is API and src/ukify/ukify.py encodes them directly */
assert_cc(offsetof(Device, descriptor) == 0);
assert_cc(offsetof(Device, chid) == 4);
assert_cc(offsetof(Device, devicetree.name_offset) == 20);
assert_cc(offsetof(Device, devicetree.compatible_offset) == 24);
assert_cc(sizeof(Device) == 28);
static inline const char* device_get_name(const void *base, const Device *device) { static inline const char* device_get_name(const void *base, const Device *device) {
if (device->descriptor != DEVICE_DESCRIPTOR_DEVICETREE) return device->name_offset == 0 ? NULL : (const char *) ((const uint8_t *) base + device->name_offset);
return NULL;
return device->devicetree.name_offset == 0 ? NULL : (const char *) ((const uint8_t *) base + device->devicetree.name_offset);
} }
static inline const char* device_get_compatible(const void *base, const Device *device) { static inline const char* device_get_compatible(const void *base, const Device *device) {
if (device->descriptor != DEVICE_DESCRIPTOR_DEVICETREE) return device->compatible_offset == 0 ? NULL : (const char *) ((const uint8_t *) base + device->compatible_offset);
return NULL;
return device->devicetree.compatible_offset == 0 ? NULL : (const char *) ((const uint8_t *) base + device->devicetree.compatible_offset);
} }
EFI_STATUS chid_match(const void *chids_buffer, size_t chids_length, const Device **ret_device); EFI_STATUS chid_match(const void *chids_buffer, size_t chids_length, const Device **ret_device);

View File

@ -27,7 +27,6 @@ _gnu_printf_(3, 4) EFI_STATUS log_internal(EFI_STATUS status, uint8_t text_color
log_internal(status, text_color, "%s:%i@%s: " format, __FILE__, __LINE__, __func__, ##__VA_ARGS__) log_internal(status, text_color, "%s:%i@%s: " format, __FILE__, __LINE__, __func__, ##__VA_ARGS__)
#define log_debug(...) log_full(EFI_SUCCESS, EFI_LIGHTGRAY, __VA_ARGS__) #define log_debug(...) log_full(EFI_SUCCESS, EFI_LIGHTGRAY, __VA_ARGS__)
#define log_info(...) log_full(EFI_SUCCESS, EFI_WHITE, __VA_ARGS__) #define log_info(...) log_full(EFI_SUCCESS, EFI_WHITE, __VA_ARGS__)
#define log_warning_status(status, ...) log_full(status, EFI_YELLOW, __VA_ARGS__)
#define log_error_status(status, ...) log_full(status, EFI_LIGHTRED, __VA_ARGS__) #define log_error_status(status, ...) log_full(status, EFI_LIGHTRED, __VA_ARGS__)
#define log_error(...) log_full(EFI_INVALID_PARAMETER, EFI_LIGHTRED, __VA_ARGS__) #define log_error(...) log_full(EFI_INVALID_PARAMETER, EFI_LIGHTRED, __VA_ARGS__)
#define log_oom() log_full(EFI_OUT_OF_RESOURCES, EFI_LIGHTRED, "Out of memory.") #define log_oom() log_full(EFI_OUT_OF_RESOURCES, EFI_LIGHTRED, "Out of memory.")

View File

@ -320,7 +320,7 @@ static void pe_locate_sections(
/* device */ NULL, /* device */ NULL,
&hwids_section); &hwids_section);
if (PE_SECTION_VECTOR_IS_SET(&hwids_section)) { if (hwids_section.memory_offset != 0) {
hwids = (const uint8_t *) SIZE_TO_PTR(validate_base) + hwids_section.memory_offset; hwids = (const uint8_t *) SIZE_TO_PTR(validate_base) + hwids_section.memory_offset;
EFI_STATUS err = chid_match(hwids, hwids_section.memory_size, &device); EFI_STATUS err = chid_match(hwids, hwids_section.memory_size, &device);
@ -328,7 +328,8 @@ static void pe_locate_sections(
log_error_status(err, "HWID matching failed, no DT blob will be selected: %m"); log_error_status(err, "HWID matching failed, no DT blob will be selected: %m");
hwids = NULL; hwids = NULL;
} }
} } else
log_info("HWIDs section is missing, no DT blob will be selected");
} }
return pe_locate_sections_internal( return pe_locate_sections_internal(
@ -358,7 +359,7 @@ static uint32_t get_compatibility_entry_address(const DosFileHeader *dos, const
PTR_TO_SIZE(dos), PTR_TO_SIZE(dos),
&vector); &vector);
if (!PE_SECTION_VECTOR_IS_SET(&vector)) /* not found */ if (vector.memory_size == 0) /* not found */
return 0; return 0;
typedef struct { typedef struct {

View File

@ -43,11 +43,8 @@ static EFI_STATUS acquire_rng(void *ret, size_t size) {
return EFI_UNSUPPORTED; return EFI_UNSUPPORTED;
err = rng->GetRNG(rng, NULL, size, ret); err = rng->GetRNG(rng, NULL, size, ret);
/* On some systems the RNG might not be ready during early boot, handle gracefully and don't log. */
if (err == EFI_NOT_READY)
return err;
if (err != EFI_SUCCESS) if (err != EFI_SUCCESS)
return log_warning_status(err, "Failed to acquire RNG data, proceeding without: %m"); return log_error_status(err, "Failed to acquire RNG data: %m");
return EFI_SUCCESS; return EFI_SUCCESS;
} }

View File

@ -114,9 +114,12 @@ static EFI_STATUS combine_initrds(
n += initrd_size; n += initrd_size;
} }
_cleanup_pages_ Pages pages = xmalloc_initrd_pages(n); _cleanup_pages_ Pages pages = xmalloc_pages(
AllocateMaxAddress,
EfiLoaderData,
EFI_SIZE_TO_PAGES(n),
UINT32_MAX /* Below 4G boundary. */);
uint8_t *p = PHYSICAL_ADDRESS_TO_POINTER(pages.addr); uint8_t *p = PHYSICAL_ADDRESS_TO_POINTER(pages.addr);
FOREACH_ARRAY(i, initrds, n_initrds) { FOREACH_ARRAY(i, initrds, n_initrds) {
size_t pad; size_t pad;

View File

@ -99,29 +99,6 @@ static inline Pages xmalloc_pages(
}; };
} }
static inline Pages xmalloc_initrd_pages(size_t n_pages) {
/* The original native x86 boot protocol of the Linux kernel was not 64bit safe, hence we allocate
* memory for the initrds below the 4G boundary on x86, since we don't know early enough which
* protocol we'll use to ultimately boot the kernel. This restriction is somewhat obsolete, since
* these days we generally prefer the kernel's newer EFI entrypoint instead, which has no such
* limitations. On other architectures we do not bother with any restriction on this, in particular
* as some of them don't even have RAM mapped to such low addresses. */
#if defined(__i386__) || defined(__x86_64__)
return xmalloc_pages(
AllocateMaxAddress,
EfiLoaderData,
EFI_SIZE_TO_PAGES(n_pages),
UINT32_MAX /* Below 4G boundary. */);
#else
return xmalloc_pages(
AllocateAnyPages,
EfiLoaderData,
EFI_SIZE_TO_PAGES(n_pages),
0 /* Ignored. */);
#endif
}
void convert_efi_path(char16_t *path); void convert_efi_path(char16_t *path);
char16_t *xstr8_to_path(const char *stra); char16_t *xstr8_to_path(const char *stra);
char16_t *mangle_stub_cmdline(char16_t *cmdline); char16_t *mangle_stub_cmdline(char16_t *cmdline);

View File

@ -299,6 +299,7 @@ static const char *const esp_subdirs[] = {
"EFI/BOOT", "EFI/BOOT",
"loader", "loader",
"loader/keys", "loader/keys",
"loader/keys/auto",
NULL NULL
}; };
@ -614,10 +615,6 @@ static int install_secure_boot_auto_enroll(const char *esp, X509 *certificate, E
return log_error_errno(SYNTHETIC_ERRNO(EIO), "Failed to convert X.509 certificate to DER: %s", return log_error_errno(SYNTHETIC_ERRNO(EIO), "Failed to convert X.509 certificate to DER: %s",
ERR_error_string(ERR_get_error(), NULL)); ERR_error_string(ERR_get_error(), NULL));
r = mkdir_one(esp, "loader/keys/auto");
if (r < 0)
return r;
_cleanup_close_ int keys_fd = chase_and_open("loader/keys/auto", esp, CHASE_PREFIX_ROOT|CHASE_PROHIBIT_SYMLINKS, O_DIRECTORY, NULL); _cleanup_close_ int keys_fd = chase_and_open("loader/keys/auto", esp, CHASE_PREFIX_ROOT|CHASE_PROHIBIT_SYMLINKS, O_DIRECTORY, NULL);
if (keys_fd < 0) if (keys_fd < 0)
return log_error_errno(keys_fd, "Failed to chase loader/keys/auto in the ESP: %m"); return log_error_errno(keys_fd, "Failed to chase loader/keys/auto in the ESP: %m");
@ -1290,10 +1287,6 @@ int verb_remove(int argc, char *argv[], void *userdata) {
r = q; r = q;
} }
q = rmdir_one(arg_esp_path, "/loader/keys/auto");
if (q < 0 && r >= 0)
r = q;
q = remove_subdirs(arg_esp_path, esp_subdirs); q = remove_subdirs(arg_esp_path, esp_subdirs);
if (q < 0 && r >= 0) if (q < 0 && r >= 0)
r = q; r = q;

View File

@ -1088,7 +1088,7 @@ static int method_start_transient_unit(sd_bus_message *message, void *userdata,
m, m,
name, name,
"start", "start",
N_("Authentication is required to start transient unit '$(unit)'."), N_("Authentication is required to start transient '$(unit)'."),
message, message,
error); error);
if (r < 0) if (r < 0)

View File

@ -855,6 +855,9 @@ static int get_fixed_user(
assert(user_or_uid); assert(user_or_uid);
assert(ret_username); assert(ret_username);
/* Note that we don't set $HOME or $SHELL if they are not particularly enlightening anyway
* (i.e. are "/" or "/bin/nologin"). */
r = get_user_creds(&user_or_uid, ret_uid, ret_gid, ret_home, ret_shell, USER_CREDS_CLEAN); r = get_user_creds(&user_or_uid, ret_uid, ret_gid, ret_home, ret_shell, USER_CREDS_CLEAN);
if (r < 0) if (r < 0)
return r; return r;
@ -1880,10 +1883,7 @@ static int build_environment(
} }
} }
/* Note that we don't set $HOME or $SHELL if they are not particularly enlightening anyway if (home && set_user_login_env) {
* (i.e. are "/" or "/bin/nologin"). */
if (home && set_user_login_env && !empty_or_root(home)) {
x = strjoin("HOME=", home); x = strjoin("HOME=", home);
if (!x) if (!x)
return -ENOMEM; return -ENOMEM;
@ -1892,7 +1892,7 @@ static int build_environment(
our_env[n_env++] = x; our_env[n_env++] = x;
} }
if (shell && set_user_login_env && !shell_is_placeholder(shell)) { if (shell && set_user_login_env) {
x = strjoin("SHELL=", shell); x = strjoin("SHELL=", shell);
if (!x) if (!x)
return -ENOMEM; return -ENOMEM;
@ -3471,16 +3471,20 @@ static int apply_working_directory(
const ExecContext *context, const ExecContext *context,
const ExecParameters *params, const ExecParameters *params,
ExecRuntime *runtime, ExecRuntime *runtime,
const char *home) { const char *home,
int *exit_status) {
const char *wd; const char *wd;
int r; int r;
assert(context); assert(context);
assert(exit_status);
if (context->working_directory_home) { if (context->working_directory_home) {
if (!home) if (!home) {
*exit_status = EXIT_CHDIR;
return -ENXIO; return -ENXIO;
}
wd = home; wd = home;
} else } else
@ -3499,7 +3503,13 @@ static int apply_working_directory(
if (r >= 0) if (r >= 0)
r = RET_NERRNO(fchdir(dfd)); r = RET_NERRNO(fchdir(dfd));
} }
return context->working_directory_missing_ok ? 0 : r;
if (r < 0 && !context->working_directory_missing_ok) {
*exit_status = EXIT_CHDIR;
return r;
}
return 0;
} }
static int apply_root_directory( static int apply_root_directory(
@ -3775,7 +3785,7 @@ static int acquire_home(const ExecContext *c, const char **home, char **ret_buf)
if (!c->working_directory_home) if (!c->working_directory_home)
return 0; return 0;
if (c->dynamic_user || (c->user && is_this_me(c->user) <= 0)) if (c->dynamic_user)
return -EADDRNOTAVAIL; return -EADDRNOTAVAIL;
r = get_home_dir(ret_buf); r = get_home_dir(ret_buf);
@ -4533,7 +4543,7 @@ int exec_invoke(
r = acquire_home(context, &home, &home_buffer); r = acquire_home(context, &home, &home_buffer);
if (r < 0) { if (r < 0) {
*exit_status = EXIT_CHDIR; *exit_status = EXIT_CHDIR;
return log_exec_error_errno(context, params, r, "Failed to determine $HOME for the invoking user: %m"); return log_exec_error_errno(context, params, r, "Failed to determine $HOME for user: %m");
} }
/* If a socket is connected to STDIN/STDOUT/STDERR, we must drop O_NONBLOCK */ /* If a socket is connected to STDIN/STDOUT/STDERR, we must drop O_NONBLOCK */
@ -5373,11 +5383,9 @@ int exec_invoke(
* running this service might have the correct privilege to change to the working directory. Also, it * running this service might have the correct privilege to change to the working directory. Also, it
* is absolutely 💣 crucial 💣 we applied all mount namespacing rearrangements before this, so that * is absolutely 💣 crucial 💣 we applied all mount namespacing rearrangements before this, so that
* the cwd cannot be used to pin directories outside of the sandbox. */ * the cwd cannot be used to pin directories outside of the sandbox. */
r = apply_working_directory(context, params, runtime, home); r = apply_working_directory(context, params, runtime, home, exit_status);
if (r < 0) { if (r < 0)
*exit_status = EXIT_CHDIR;
return log_exec_error_errno(context, params, r, "Changing to the requested working directory failed: %m"); return log_exec_error_errno(context, params, r, "Changing to the requested working directory failed: %m");
}
if (needs_sandboxing) { if (needs_sandboxing) {
/* Apply other MAC contexts late, but before seccomp syscall filtering, as those should really be last to /* Apply other MAC contexts late, but before seccomp syscall filtering, as those should really be last to

View File

@ -1689,11 +1689,6 @@ static int become_shutdown(int objective, int retval) {
/* Tell the binary how often to ping, ignore failure */ /* Tell the binary how often to ping, ignore failure */
(void) strv_extendf(&env_block, "WATCHDOG_USEC="USEC_FMT, watchdog_timer); (void) strv_extendf(&env_block, "WATCHDOG_USEC="USEC_FMT, watchdog_timer);
/* Make sure that tools that look for $WATCHDOG_USEC (and might get started by the exitrd) don't get
* confused by the variable, because the sd_watchdog_enabled() protocol uses the same variable for
* the same purposes. */
(void) strv_extendf(&env_block, "WATCHDOG_PID=" PID_FMT, getpid_cached());
if (arg_watchdog_device) if (arg_watchdog_device)
(void) strv_extendf(&env_block, "WATCHDOG_DEVICE=%s", arg_watchdog_device); (void) strv_extendf(&env_block, "WATCHDOG_DEVICE=%s", arg_watchdog_device);

View File

@ -3426,12 +3426,14 @@ static int service_deserialize_item(Unit *u, const char *key, const char *value,
return 0; return 0;
} }
r = service_add_fd_store(s, TAKE_FD(fd), fdn, do_poll); r = service_add_fd_store(s, fd, fdn, do_poll);
if (r < 0) { if (r < 0) {
log_unit_debug_errno(u, r, log_unit_debug_errno(u, r,
"Failed to store deserialized fd '%s', ignoring: %m", fdn); "Failed to store deserialized fd '%s', ignoring: %m", fdn);
return 0; return 0;
} }
TAKE_FD(fd);
} else if (streq(key, "extra-fd")) { } else if (streq(key, "extra-fd")) {
_cleanup_free_ char *fdv = NULL, *fdn = NULL; _cleanup_free_ char *fdv = NULL, *fdn = NULL;
_cleanup_close_ int fd = -EBADF; _cleanup_close_ int fd = -EBADF;

View File

@ -193,7 +193,7 @@ int enroll_fido2(
fflush(stdout); fflush(stdout);
fprintf(stderr, fprintf(stderr,
"\nPlease save this FIDO2 credential ID. It is required when unlocking the volume\n" "\nPlease save this FIDO2 credential ID. It is required when unloocking the volume\n"
"using the associated FIDO2 keyslot which we just created. To configure automatic\n" "using the associated FIDO2 keyslot which we just created. To configure automatic\n"
"unlocking using this FIDO2 token, add an appropriate entry to your /etc/crypttab\n" "unlocking using this FIDO2 token, add an appropriate entry to your /etc/crypttab\n"
"file, see %s for details.\n", link); "file, see %s for details.\n", link);

View File

@ -427,9 +427,6 @@ int wipe_slots(struct crypt_device *cd,
for (size_t i = n_ordered_slots; i > 0; i--) { for (size_t i = n_ordered_slots; i > 0; i--) {
r = crypt_keyslot_destroy(cd, ordered_slots[i - 1]); r = crypt_keyslot_destroy(cd, ordered_slots[i - 1]);
if (r < 0) { if (r < 0) {
if (r == -ENOENT)
log_warning_errno(r, "Failed to wipe non-existent slot %i, continuing.", ordered_slots[i - 1]);
else
log_warning_errno(r, "Failed to wipe slot %i, continuing: %m", ordered_slots[i - 1]); log_warning_errno(r, "Failed to wipe slot %i, continuing: %m", ordered_slots[i - 1]);
if (ret == 0) if (ret == 0)
ret = r; ret = r;

View File

@ -193,7 +193,7 @@ static int help(void) {
"\n%3$sSimple Enrollment:%4$s\n" "\n%3$sSimple Enrollment:%4$s\n"
" --password Enroll a user-supplied password\n" " --password Enroll a user-supplied password\n"
" --recovery-key Enroll a recovery key\n" " --recovery-key Enroll a recovery key\n"
"\n%3$sPKCS#11 Enrollment:%4$s\n" "\n%3$sPKCS11 Enrollment:%4$s\n"
" --pkcs11-token-uri=URI\n" " --pkcs11-token-uri=URI\n"
" Specify PKCS#11 security token URI\n" " Specify PKCS#11 security token URI\n"
"\n%3$sFIDO2 Enrollment:%4$s\n" "\n%3$sFIDO2 Enrollment:%4$s\n"

View File

@ -1,9 +1,5 @@
# SPDX-License-Identifier: LGPL-2.1-or-later # SPDX-License-Identifier: LGPL-2.1-or-later
if conf.get('HAVE_LIBCRYPTSETUP') != 1
subdir_done()
endif
systemd_cryptenroll_sources = files( systemd_cryptenroll_sources = files(
'cryptenroll-list.c', 'cryptenroll-list.c',
'cryptenroll-password.c', 'cryptenroll-password.c',
@ -28,6 +24,7 @@ executables += [
executable_template + { executable_template + {
'name' : 'systemd-cryptenroll', 'name' : 'systemd-cryptenroll',
'public' : true, 'public' : true,
'conditions' : ['HAVE_LIBCRYPTSETUP'],
'sources' : systemd_cryptenroll_sources, 'sources' : systemd_cryptenroll_sources,
'dependencies' : [ 'dependencies' : [
libcryptsetup, libcryptsetup,

View File

@ -1,9 +1,5 @@
# SPDX-License-Identifier: LGPL-2.1-or-later # SPDX-License-Identifier: LGPL-2.1-or-later
if conf.get('HAVE_LIBCRYPTSETUP') != 1
subdir_done()
endif
subdir('cryptsetup-tokens') subdir('cryptsetup-tokens')
systemd_cryptsetup_sources = files( systemd_cryptsetup_sources = files(
@ -19,6 +15,7 @@ executables += [
executable_template + { executable_template + {
'name' : 'systemd-cryptsetup', 'name' : 'systemd-cryptsetup',
'public' : true, 'public' : true,
'conditions' : ['HAVE_LIBCRYPTSETUP'],
'sources' : systemd_cryptsetup_sources, 'sources' : systemd_cryptsetup_sources,
'dependencies' : [ 'dependencies' : [
libcryptsetup, libcryptsetup,
@ -28,11 +25,14 @@ executables += [
}, },
generator_template + { generator_template + {
'name' : 'systemd-cryptsetup-generator', 'name' : 'systemd-cryptsetup-generator',
'conditions' : ['HAVE_LIBCRYPTSETUP'],
'sources' : files('cryptsetup-generator.c'), 'sources' : files('cryptsetup-generator.c'),
}, },
] ]
# symlink for backwards compatibility after rename if conf.get('HAVE_LIBCRYPTSETUP') == 1
meson.add_install_script(sh, '-c', # symlink for backwards compatibility after rename
meson.add_install_script(sh, '-c',
ln_s.format(bindir / 'systemd-cryptsetup', ln_s.format(bindir / 'systemd-cryptsetup',
libexecdir / 'systemd-cryptsetup')) libexecdir / 'systemd-cryptsetup'))
endif

View File

@ -1,18 +1,17 @@
# SPDX-License-Identifier: LGPL-2.1-or-later # SPDX-License-Identifier: LGPL-2.1-or-later
if conf.get('HAVE_BLKID') != 1
subdir_done()
endif
executables += [ executables += [
executable_template + { executable_template + {
'name' : 'systemd-dissect', 'name' : 'systemd-dissect',
'public' : true, 'public' : true,
'conditions' : ['HAVE_BLKID'],
'sources' : files('dissect.c'), 'sources' : files('dissect.c'),
}, },
] ]
install_emptydir(sbindir) if conf.get('HAVE_BLKID') == 1
meson.add_install_script(sh, '-c', install_emptydir(sbindir)
meson.add_install_script(sh, '-c',
ln_s.format(bindir / 'systemd-dissect', ln_s.format(bindir / 'systemd-dissect',
sbindir / 'mount.ddi')) sbindir / 'mount.ddi'))
endif

View File

@ -1,18 +1,17 @@
# SPDX-License-Identifier: LGPL-2.1-or-later # SPDX-License-Identifier: LGPL-2.1-or-later
if conf.get('ENABLE_ENVIRONMENT_D') != 1
subdir_done()
endif
executables += [ executables += [
executable_template + { executable_template + {
'name' : '30-systemd-environment-d-generator', 'name' : '30-systemd-environment-d-generator',
'conditions' : ['ENABLE_ENVIRONMENT_D'],
'sources' : files('environment-d-generator.c'), 'sources' : files('environment-d-generator.c'),
'install_dir' : userenvgeneratordir, 'install_dir' : userenvgeneratordir,
}, },
] ]
install_emptydir(environmentdir) if conf.get('ENABLE_ENVIRONMENT_D') == 1
meson.add_install_script(sh, '-c', install_emptydir(environmentdir)
meson.add_install_script(sh, '-c',
ln_s.format(sysconfdir / 'environment', ln_s.format(sysconfdir / 'environment',
environmentdir / '99-environment.conf')) environmentdir / '99-environment.conf'))
endif

View File

@ -1,12 +1,9 @@
# SPDX-License-Identifier: LGPL-2.1-or-later # SPDX-License-Identifier: LGPL-2.1-or-later
if conf.get('ENABLE_HIBERNATE') != 1
subdir_done()
endif
executables += [ executables += [
generator_template + { generator_template + {
'name' : 'systemd-hibernate-resume-generator', 'name' : 'systemd-hibernate-resume-generator',
'conditions' : ['ENABLE_HIBERNATE'],
'sources' : files( 'sources' : files(
'hibernate-resume-generator.c', 'hibernate-resume-generator.c',
'hibernate-resume-config.c', 'hibernate-resume-config.c',
@ -14,6 +11,7 @@ executables += [
}, },
libexec_template + { libexec_template + {
'name' : 'systemd-hibernate-resume', 'name' : 'systemd-hibernate-resume',
'conditions' : ['ENABLE_HIBERNATE'],
'sources' : files( 'sources' : files(
'hibernate-resume.c', 'hibernate-resume.c',
'hibernate-resume-config.c', 'hibernate-resume-config.c',

View File

@ -1,9 +1,5 @@
# SPDX-License-Identifier: LGPL-2.1-or-later # SPDX-License-Identifier: LGPL-2.1-or-later
if conf.get('ENABLE_HOMED') != 1
subdir_done()
endif
systemd_homework_sources = files( systemd_homework_sources = files(
'home-util.c', 'home-util.c',
'homework-blob.c', 'homework-blob.c',
@ -68,6 +64,7 @@ pam_systemd_home_sources = files(
executables += [ executables += [
libexec_template + { libexec_template + {
'name' : 'systemd-homework', 'name' : 'systemd-homework',
'conditions' : ['ENABLE_HOMED'],
'sources' : systemd_homework_sources, 'sources' : systemd_homework_sources,
'link_with' : [ 'link_with' : [
libshared, libshared,
@ -85,6 +82,7 @@ executables += [
libexec_template + { libexec_template + {
'name' : 'systemd-homed', 'name' : 'systemd-homed',
'dbus' : true, 'dbus' : true,
'conditions' : ['ENABLE_HOMED'],
'sources' : systemd_homed_sources, 'sources' : systemd_homed_sources,
'include_directories' : includes + 'include_directories' : includes +
include_directories('.'), include_directories('.'),
@ -98,6 +96,7 @@ executables += [
executable_template + { executable_template + {
'name' : 'homectl', 'name' : 'homectl',
'public' : true, 'public' : true,
'conditions' : ['ENABLE_HOMED'],
'sources' : homectl_sources, 'sources' : homectl_sources,
'dependencies' : [ 'dependencies' : [
libcrypt, libcrypt,
@ -109,6 +108,7 @@ executables += [
}, },
test_template + { test_template + {
'sources' : files('test-homed-regression-31896.c'), 'sources' : files('test-homed-regression-31896.c'),
'conditions' : ['ENABLE_HOMED'],
'type' : 'manual', 'type' : 'manual',
}, },
] ]
@ -116,7 +116,10 @@ executables += [
modules += [ modules += [
pam_template + { pam_template + {
'name' : 'pam_systemd_home', 'name' : 'pam_systemd_home',
'conditions' : ['HAVE_PAM'], 'conditions' : [
'ENABLE_HOMED',
'HAVE_PAM',
],
'sources' : pam_systemd_home_sources, 'sources' : pam_systemd_home_sources,
'dependencies' : [ 'dependencies' : [
libcrypt, libcrypt,
@ -128,18 +131,20 @@ modules += [
}, },
] ]
install_data('org.freedesktop.home1.conf', if conf.get('ENABLE_HOMED') == 1
install_data('org.freedesktop.home1.conf',
install_dir : dbuspolicydir) install_dir : dbuspolicydir)
install_data('org.freedesktop.home1.service', install_data('org.freedesktop.home1.service',
install_dir : dbussystemservicedir) install_dir : dbussystemservicedir)
install_data('org.freedesktop.home1.policy', install_data('org.freedesktop.home1.policy',
install_dir : polkitpolicydir) install_dir : polkitpolicydir)
if install_sysconfdir_samples if install_sysconfdir_samples
install_data('homed.conf', install_data('homed.conf',
install_dir : pkgconfigfiledir) install_dir : pkgconfigfiledir)
endif endif
meson.add_install_script(sh, '-c', meson.add_install_script(sh, '-c',
ln_s.format(bindir / 'homectl', ln_s.format(bindir / 'homectl',
bindir / 'systemd-home-fallback-shell')) bindir / 'systemd-home-fallback-shell'))
endif

View File

@ -1,25 +1,25 @@
# SPDX-License-Identifier: LGPL-2.1-or-later # SPDX-License-Identifier: LGPL-2.1-or-later
if conf.get('ENABLE_HOSTNAMED') != 1
subdir_done()
endif
executables += [ executables += [
libexec_template + { libexec_template + {
'name' : 'systemd-hostnamed', 'name' : 'systemd-hostnamed',
'dbus' : true, 'dbus' : true,
'conditions' : ['ENABLE_HOSTNAMED'],
'sources' : files('hostnamed.c'), 'sources' : files('hostnamed.c'),
}, },
executable_template + { executable_template + {
'name' : 'hostnamectl', 'name' : 'hostnamectl',
'public' : true, 'public' : true,
'conditions' : ['ENABLE_HOSTNAMED'],
'sources' : files('hostnamectl.c'), 'sources' : files('hostnamectl.c'),
}, },
] ]
install_data('org.freedesktop.hostname1.conf', if conf.get('ENABLE_HOSTNAMED') == 1
install_data('org.freedesktop.hostname1.conf',
install_dir : dbuspolicydir) install_dir : dbuspolicydir)
install_data('org.freedesktop.hostname1.service', install_data('org.freedesktop.hostname1.service',
install_dir : dbussystemservicedir) install_dir : dbussystemservicedir)
install_data('org.freedesktop.hostname1.policy', install_data('org.freedesktop.hostname1.policy',
install_dir : polkitpolicydir) install_dir : polkitpolicydir)
endif

View File

@ -1,12 +1,9 @@
# SPDX-License-Identifier: LGPL-2.1-or-later # SPDX-License-Identifier: LGPL-2.1-or-later
if conf.get('HAVE_LIBCRYPTSETUP') != 1
subdir_done()
endif
executables += [ executables += [
libexec_template + { libexec_template + {
'name' : 'systemd-integritysetup', 'name' : 'systemd-integritysetup',
'conditions' : ['HAVE_LIBCRYPTSETUP'],
'sources' : files( 'sources' : files(
'integrity-util.c', 'integrity-util.c',
'integritysetup.c', 'integritysetup.c',
@ -15,6 +12,7 @@ executables += [
}, },
generator_template + { generator_template + {
'name' : 'systemd-integritysetup-generator', 'name' : 'systemd-integritysetup-generator',
'conditions' : ['HAVE_LIBCRYPTSETUP'],
'sources' : files( 'sources' : files(
'integrity-util.c', 'integrity-util.c',
'integritysetup-generator.c', 'integritysetup-generator.c',

View File

@ -526,8 +526,8 @@ static void client_context_really_refresh(
client_context_read_basic(c); client_context_read_basic(c);
(void) client_context_read_label(c, label, label_size); (void) client_context_read_label(c, label, label_size);
(void) audit_session_from_pid(&PIDREF_MAKE_FROM_PID(c->pid), &c->auditid); (void) audit_session_from_pid(c->pid, &c->auditid);
(void) audit_loginuid_from_pid(&PIDREF_MAKE_FROM_PID(c->pid), &c->loginuid); (void) audit_loginuid_from_pid(c->pid, &c->loginuid);
(void) client_context_read_cgroup(s, c, unit_id); (void) client_context_read_cgroup(s, c, unit_id);
(void) client_context_read_invocation_id(s, c); (void) client_context_read_invocation_id(s, c);

View File

@ -750,7 +750,7 @@ static int ndisc_option_parse_route(Set **options, size_t offset, size_t len, co
usec_t lifetime = unaligned_be32_sec_to_usec(opt + 4, /* max_as_infinity = */ true); usec_t lifetime = unaligned_be32_sec_to_usec(opt + 4, /* max_as_infinity = */ true);
struct in6_addr prefix; struct in6_addr prefix;
memcpy_safe(&prefix, opt + 8, len - 8); memcpy(&prefix, opt + 8, len - 8);
in6_addr_mask(&prefix, prefixlen); in6_addr_mask(&prefix, prefixlen);
return ndisc_option_add_route(options, offset, preference, prefixlen, &prefix, lifetime); return ndisc_option_add_route(options, offset, preference, prefixlen, &prefix, lifetime);

View File

@ -1033,14 +1033,12 @@ global:
sd_varlink_server_listen_fd; sd_varlink_server_listen_fd;
sd_varlink_server_loop_auto; sd_varlink_server_loop_auto;
sd_varlink_server_new; sd_varlink_server_new;
sd_varlink_server_ref;
sd_varlink_server_set_connections_max; sd_varlink_server_set_connections_max;
sd_varlink_server_set_connections_per_uid_max; sd_varlink_server_set_connections_per_uid_max;
sd_varlink_server_set_description; sd_varlink_server_set_description;
sd_varlink_server_set_exit_on_idle; sd_varlink_server_set_exit_on_idle;
sd_varlink_server_set_userdata; sd_varlink_server_set_userdata;
sd_varlink_server_shutdown; sd_varlink_server_shutdown;
sd_varlink_server_unref;
sd_varlink_set_allow_fd_passing_input; sd_varlink_set_allow_fd_passing_input;
sd_varlink_set_allow_fd_passing_output; sd_varlink_set_allow_fd_passing_output;
sd_varlink_set_description; sd_varlink_set_description;

View File

@ -9,7 +9,6 @@
BUS_ERROR_MAP_ELF_REGISTER const sd_bus_error_map bus_common_errors[] = { BUS_ERROR_MAP_ELF_REGISTER const sd_bus_error_map bus_common_errors[] = {
SD_BUS_ERROR_MAP(BUS_ERROR_NO_SUCH_UNIT, ENOENT), SD_BUS_ERROR_MAP(BUS_ERROR_NO_SUCH_UNIT, ENOENT),
SD_BUS_ERROR_MAP(BUS_ERROR_NO_SUCH_PROCESS, ESRCH),
SD_BUS_ERROR_MAP(BUS_ERROR_NO_UNIT_FOR_PID, ESRCH), SD_BUS_ERROR_MAP(BUS_ERROR_NO_UNIT_FOR_PID, ESRCH),
SD_BUS_ERROR_MAP(BUS_ERROR_NO_UNIT_FOR_INVOCATION_ID, ENOENT), SD_BUS_ERROR_MAP(BUS_ERROR_NO_UNIT_FOR_INVOCATION_ID, ENOENT),
SD_BUS_ERROR_MAP(BUS_ERROR_UNIT_EXISTS, EEXIST), SD_BUS_ERROR_MAP(BUS_ERROR_UNIT_EXISTS, EEXIST),
@ -66,6 +65,8 @@ BUS_ERROR_MAP_ELF_REGISTER const sd_bus_error_map bus_common_errors[] = {
SD_BUS_ERROR_MAP(BUS_ERROR_AUTOMATIC_TIME_SYNC_ENABLED, EALREADY), SD_BUS_ERROR_MAP(BUS_ERROR_AUTOMATIC_TIME_SYNC_ENABLED, EALREADY),
SD_BUS_ERROR_MAP(BUS_ERROR_NO_NTP_SUPPORT, EOPNOTSUPP), SD_BUS_ERROR_MAP(BUS_ERROR_NO_NTP_SUPPORT, EOPNOTSUPP),
SD_BUS_ERROR_MAP(BUS_ERROR_NO_SUCH_PROCESS, ESRCH),
SD_BUS_ERROR_MAP(BUS_ERROR_NO_NAME_SERVERS, ESRCH), SD_BUS_ERROR_MAP(BUS_ERROR_NO_NAME_SERVERS, ESRCH),
SD_BUS_ERROR_MAP(BUS_ERROR_INVALID_REPLY, EINVAL), SD_BUS_ERROR_MAP(BUS_ERROR_INVALID_REPLY, EINVAL),
SD_BUS_ERROR_MAP(BUS_ERROR_NO_SUCH_RR, ENOENT), SD_BUS_ERROR_MAP(BUS_ERROR_NO_SUCH_RR, ENOENT),

View File

@ -4,7 +4,6 @@
#include "bus-error.h" #include "bus-error.h"
#define BUS_ERROR_NO_SUCH_UNIT "org.freedesktop.systemd1.NoSuchUnit" #define BUS_ERROR_NO_SUCH_UNIT "org.freedesktop.systemd1.NoSuchUnit"
#define BUS_ERROR_NO_SUCH_PROCESS "org.freedesktop.systemd1.NoSuchProcess"
#define BUS_ERROR_NO_UNIT_FOR_PID "org.freedesktop.systemd1.NoUnitForPID" #define BUS_ERROR_NO_UNIT_FOR_PID "org.freedesktop.systemd1.NoUnitForPID"
#define BUS_ERROR_NO_UNIT_FOR_INVOCATION_ID "org.freedesktop.systemd1.NoUnitForInvocationID" #define BUS_ERROR_NO_UNIT_FOR_INVOCATION_ID "org.freedesktop.systemd1.NoUnitForInvocationID"
#define BUS_ERROR_UNIT_EXISTS "org.freedesktop.systemd1.UnitExists" #define BUS_ERROR_UNIT_EXISTS "org.freedesktop.systemd1.UnitExists"
@ -67,6 +66,8 @@
#define BUS_ERROR_AUTOMATIC_TIME_SYNC_ENABLED "org.freedesktop.timedate1.AutomaticTimeSyncEnabled" #define BUS_ERROR_AUTOMATIC_TIME_SYNC_ENABLED "org.freedesktop.timedate1.AutomaticTimeSyncEnabled"
#define BUS_ERROR_NO_NTP_SUPPORT "org.freedesktop.timedate1.NoNTPSupport" #define BUS_ERROR_NO_NTP_SUPPORT "org.freedesktop.timedate1.NoNTPSupport"
#define BUS_ERROR_NO_SUCH_PROCESS "org.freedesktop.systemd1.NoSuchProcess"
#define BUS_ERROR_NO_NAME_SERVERS "org.freedesktop.resolve1.NoNameServers" #define BUS_ERROR_NO_NAME_SERVERS "org.freedesktop.resolve1.NoNameServers"
#define BUS_ERROR_INVALID_REPLY "org.freedesktop.resolve1.InvalidReply" #define BUS_ERROR_INVALID_REPLY "org.freedesktop.resolve1.InvalidReply"
#define BUS_ERROR_NO_SUCH_RR "org.freedesktop.resolve1.NoSuchRR" #define BUS_ERROR_NO_SUCH_RR "org.freedesktop.resolve1.NoSuchRR"

View File

@ -1118,7 +1118,7 @@ int bus_creds_add_more(sd_bus_creds *c, uint64_t mask, PidRef *pidref, pid_t tid
} }
if (missing & SD_BUS_CREDS_AUDIT_SESSION_ID) { if (missing & SD_BUS_CREDS_AUDIT_SESSION_ID) {
r = audit_session_from_pid(pidref, &c->audit_session_id); r = audit_session_from_pid(pidref->pid, &c->audit_session_id);
if (r == -ENODATA) { if (r == -ENODATA) {
/* ENODATA means: no audit session id assigned */ /* ENODATA means: no audit session id assigned */
c->audit_session_id = AUDIT_SESSION_INVALID; c->audit_session_id = AUDIT_SESSION_INVALID;
@ -1131,7 +1131,7 @@ int bus_creds_add_more(sd_bus_creds *c, uint64_t mask, PidRef *pidref, pid_t tid
} }
if (missing & SD_BUS_CREDS_AUDIT_LOGIN_UID) { if (missing & SD_BUS_CREDS_AUDIT_LOGIN_UID) {
r = audit_loginuid_from_pid(pidref, &c->audit_login_uid); r = audit_loginuid_from_pid(pidref->pid, &c->audit_login_uid);
if (r == -ENODATA) { if (r == -ENODATA) {
/* ENODATA means: no audit login uid assigned */ /* ENODATA means: no audit login uid assigned */
c->audit_login_uid = UID_INVALID; c->audit_login_uid = UID_INVALID;

View File

@ -3265,7 +3265,7 @@ static sd_varlink_server* varlink_server_destroy(sd_varlink_server *s) {
return mfree(s); return mfree(s);
} }
DEFINE_PUBLIC_TRIVIAL_REF_UNREF_FUNC(sd_varlink_server, sd_varlink_server, varlink_server_destroy); DEFINE_TRIVIAL_REF_UNREF_FUNC(sd_varlink_server, sd_varlink_server, varlink_server_destroy);
static int validate_connection(sd_varlink_server *server, const struct ucred *ucred) { static int validate_connection(sd_varlink_server *server, const struct ucred *ucred) {
int allowed = -1; int allowed = -1;

View File

@ -16,7 +16,7 @@ int varlink_get_peer_pidref(sd_varlink *v, PidRef *ret) {
int pidfd = sd_varlink_get_peer_pidfd(v); int pidfd = sd_varlink_get_peer_pidfd(v);
if (pidfd < 0) { if (pidfd < 0) {
if (!ERRNO_IS_NEG_NOT_SUPPORTED(pidfd) && pidfd != -EINVAL) if (!ERRNO_IS_NEG_NOT_SUPPORTED(pidfd))
return pidfd; return pidfd;
pid_t pid; pid_t pid;

View File

@ -1006,7 +1006,7 @@ static int create_session(
"Maximum number of sessions (%" PRIu64 ") reached, refusing further sessions.", "Maximum number of sessions (%" PRIu64 ") reached, refusing further sessions.",
m->sessions_max); m->sessions_max);
(void) audit_session_from_pid(&leader, &audit_id); (void) audit_session_from_pid(leader.pid, &audit_id);
if (audit_session_is_valid(audit_id)) { if (audit_session_is_valid(audit_id)) {
/* Keep our session IDs and the audit session IDs in sync */ /* Keep our session IDs and the audit session IDs in sync */

View File

@ -360,7 +360,7 @@ int bus_session_method_kill(sd_bus_message *message, void *userdata, sd_bus_erro
if (r == 0) if (r == 0)
return 1; /* Will call us back */ return 1; /* Will call us back */
r = session_kill(s, whom, signo, error); r = session_kill(s, whom, signo);
if (r < 0) if (r < 0)
return r; return r;

View File

@ -254,7 +254,7 @@ int session_set_leader_consume(Session *s, PidRef _leader) {
s->leader_fd_saved = true; s->leader_fd_saved = true;
} }
(void) audit_session_from_pid(&s->leader, &s->audit_id); (void) audit_session_from_pid(s->leader.pid, &s->audit_id);
return 1; return 1;
} }
@ -1387,20 +1387,16 @@ SessionState session_get_state(Session *s) {
return SESSION_ONLINE; return SESSION_ONLINE;
} }
int session_kill(Session *s, KillWhom whom, int signo, sd_bus_error *error) { int session_kill(Session *s, KillWhom whom, int signo) {
assert(s); assert(s);
switch (whom) { switch (whom) {
case KILL_ALL: case KILL_ALL:
if (!SESSION_CLASS_WANTS_SCOPE(s->class))
return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED,
"Session '%s' has no associated scope", s->id);
if (!s->scope) if (!s->scope)
return sd_bus_error_set_errnof(error, ESRCH, "Scope for session '%s' not active", s->id); return -ESRCH;
return manager_kill_unit(s->manager, s->scope, KILL_ALL, signo, error); return manager_kill_unit(s->manager, s->scope, KILL_ALL, signo, NULL);
case KILL_LEADER: case KILL_LEADER:
return pidref_kill(&s->leader, signo); return pidref_kill(&s->leader, signo);

View File

@ -191,7 +191,7 @@ int session_finalize(Session *s);
int session_release(Session *s); int session_release(Session *s);
int session_save(Session *s); int session_save(Session *s);
int session_load(Session *s); int session_load(Session *s);
int session_kill(Session *s, KillWhom whom, int signo, sd_bus_error *error); int session_kill(Session *s, KillWhom whom, int signo);
SessionState session_get_state(Session *u); SessionState session_get_state(Session *u);

View File

@ -1,18 +1,17 @@
# SPDX-License-Identifier: LGPL-2.1-or-later # SPDX-License-Identifier: LGPL-2.1-or-later
if conf.get('HAVE_KMOD') != 1
subdir_done()
endif
executables += [ executables += [
libexec_template + { libexec_template + {
'name' : 'systemd-modules-load', 'name' : 'systemd-modules-load',
'conditions' : ['HAVE_KMOD'],
'sources' : files('modules-load.c'), 'sources' : files('modules-load.c'),
'dependencies' : libkmod_cflags, 'dependencies' : libkmod_cflags,
}, },
] ]
install_emptydir(modulesloaddir) if conf.get('HAVE_KMOD') == 1
if install_sysconfdir install_emptydir(modulesloaddir)
if install_sysconfdir
install_emptydir(sysconfdir / 'modules-load.d') install_emptydir(sysconfdir / 'modules-load.d')
endif
endif endif

View File

@ -1,9 +1,5 @@
# SPDX-License-Identifier: LGPL-2.1-or-later # SPDX-License-Identifier: LGPL-2.1-or-later
if conf.get('ENABLE_MOUNTFSD') != 1
subdir_done()
endif
systemd_mountwork_sources = files( systemd_mountwork_sources = files(
'mountwork.c', 'mountwork.c',
) )
@ -16,10 +12,12 @@ systemd_mountfsd_sources = files(
executables += [ executables += [
libexec_template + { libexec_template + {
'name' : 'systemd-mountfsd', 'name' : 'systemd-mountfsd',
'conditions' : ['ENABLE_MOUNTFSD'],
'sources' : systemd_mountfsd_sources, 'sources' : systemd_mountfsd_sources,
}, },
libexec_template + { libexec_template + {
'name' : 'systemd-mountwork', 'name' : 'systemd-mountwork',
'conditions' : ['ENABLE_MOUNTFSD'],
'sources' : systemd_mountwork_sources, 'sources' : systemd_mountwork_sources,
}, },
] ]

View File

@ -276,6 +276,7 @@ static int vl_method_mount_image(
Hashmap **polkit_registry = ASSERT_PTR(userdata); Hashmap **polkit_registry = ASSERT_PTR(userdata);
_cleanup_free_ char *ps = NULL; _cleanup_free_ char *ps = NULL;
bool image_is_trusted = false; bool image_is_trusted = false;
uid_t peer_uid;
int r; int r;
assert(link); assert(link);
@ -283,6 +284,10 @@ static int vl_method_mount_image(
sd_json_variant_sensitive(parameters); /* might contain passwords */ sd_json_variant_sensitive(parameters); /* might contain passwords */
r = sd_varlink_get_peer_uid(link, &peer_uid);
if (r < 0)
return log_debug_errno(r, "Failed to get client UID: %m");
r = sd_varlink_dispatch(link, parameters, dispatch_table, &p); r = sd_varlink_dispatch(link, parameters, dispatch_table, &p);
if (r != 0) if (r != 0)
return r; return r;
@ -522,13 +527,17 @@ static int vl_method_mount_image(
loop_device_relinquish(loop); loop_device_relinquish(loop);
return sd_varlink_replybo( r = sd_varlink_replybo(
link, link,
SD_JSON_BUILD_PAIR("partitions", SD_JSON_BUILD_VARIANT(aj)), SD_JSON_BUILD_PAIR("partitions", SD_JSON_BUILD_VARIANT(aj)),
SD_JSON_BUILD_PAIR("imagePolicy", SD_JSON_BUILD_STRING(ps)), SD_JSON_BUILD_PAIR("imagePolicy", SD_JSON_BUILD_STRING(ps)),
SD_JSON_BUILD_PAIR("imageSize", SD_JSON_BUILD_INTEGER(di->image_size)), SD_JSON_BUILD_PAIR("imageSize", SD_JSON_BUILD_INTEGER(di->image_size)),
SD_JSON_BUILD_PAIR("sectorSize", SD_JSON_BUILD_INTEGER(di->sector_size)), SD_JSON_BUILD_PAIR("sectorSize", SD_JSON_BUILD_INTEGER(di->sector_size)),
SD_JSON_BUILD_PAIR_CONDITION(!sd_id128_is_null(di->image_uuid), "imageUuid", SD_JSON_BUILD_UUID(di->image_uuid))); SD_JSON_BUILD_PAIR_CONDITION(!sd_id128_is_null(di->image_uuid), "imageUuid", SD_JSON_BUILD_UUID(di->image_uuid)));
if (r < 0)
return r;
return r;
} }
static int process_connection(sd_varlink_server *server, int _fd) { static int process_connection(sd_varlink_server *server, int _fd) {

View File

@ -76,7 +76,6 @@ sources = files(
'networkd-route-nexthop.c', 'networkd-route-nexthop.c',
'networkd-route-util.c', 'networkd-route-util.c',
'networkd-routing-policy-rule.c', 'networkd-routing-policy-rule.c',
'networkd-serialize.c',
'networkd-setlink.c', 'networkd-setlink.c',
'networkd-speed-meter.c', 'networkd-speed-meter.c',
'networkd-sriov.c', 'networkd-sriov.c',

View File

@ -72,5 +72,4 @@ const NetDevVTable bare_udp_vtable = {
.fill_message_create = netdev_bare_udp_fill_message_create, .fill_message_create = netdev_bare_udp_fill_message_create,
.create_type = NETDEV_CREATE_INDEPENDENT, .create_type = NETDEV_CREATE_INDEPENDENT,
.iftype = ARPHRD_NONE, .iftype = ARPHRD_NONE,
.keep_existing = true,
}; };

View File

@ -56,23 +56,13 @@ DEFINE_CONFIG_PARSE_ENUM(config_parse_bond_arp_all_targets, bond_arp_all_targets
DEFINE_CONFIG_PARSE_ENUM(config_parse_bond_primary_reselect, bond_primary_reselect, BondPrimaryReselect); DEFINE_CONFIG_PARSE_ENUM(config_parse_bond_primary_reselect, bond_primary_reselect, BondPrimaryReselect);
static int netdev_bond_fill_message_create(NetDev *netdev, Link *link, sd_netlink_message *m) { static int netdev_bond_fill_message_create(NetDev *netdev, Link *link, sd_netlink_message *m) {
Bond *b = BOND(netdev);
int r;
assert(netdev->manager);
assert(!link); assert(!link);
assert(m); assert(m);
if (netdev->ifindex > 0) { Bond *b = BOND(netdev);
r = link_get_by_index(netdev->manager, netdev->ifindex, &link); int r;
if (r < 0)
return r;
}
bool up = link && FLAGS_SET(link->flags, IFF_UP); if (b->mode != _NETDEV_BOND_MODE_INVALID) {
bool has_slaves = link && !set_isempty(link->slaves);
if (b->mode != _NETDEV_BOND_MODE_INVALID && !up && !has_slaves) {
r = sd_netlink_message_append_u8(m, IFLA_BOND_MODE, b->mode); r = sd_netlink_message_append_u8(m, IFLA_BOND_MODE, b->mode);
if (r < 0) if (r < 0)
return r; return r;
@ -85,8 +75,7 @@ static int netdev_bond_fill_message_create(NetDev *netdev, Link *link, sd_netlin
} }
if (b->lacp_rate != _NETDEV_BOND_LACP_RATE_INVALID && if (b->lacp_rate != _NETDEV_BOND_LACP_RATE_INVALID &&
b->mode == NETDEV_BOND_MODE_802_3AD && b->mode == NETDEV_BOND_MODE_802_3AD) {
!up) {
r = sd_netlink_message_append_u8(m, IFLA_BOND_AD_LACP_RATE, b->lacp_rate); r = sd_netlink_message_append_u8(m, IFLA_BOND_AD_LACP_RATE, b->lacp_rate);
if (r < 0) if (r < 0)
return r; return r;
@ -130,16 +119,14 @@ static int netdev_bond_fill_message_create(NetDev *netdev, Link *link, sd_netlin
} }
if (b->ad_select != _NETDEV_BOND_AD_SELECT_INVALID && if (b->ad_select != _NETDEV_BOND_AD_SELECT_INVALID &&
b->mode == NETDEV_BOND_MODE_802_3AD && b->mode == NETDEV_BOND_MODE_802_3AD) {
!up) {
r = sd_netlink_message_append_u8(m, IFLA_BOND_AD_SELECT, b->ad_select); r = sd_netlink_message_append_u8(m, IFLA_BOND_AD_SELECT, b->ad_select);
if (r < 0) if (r < 0)
return r; return r;
} }
if (b->fail_over_mac != _NETDEV_BOND_FAIL_OVER_MAC_INVALID && if (b->fail_over_mac != _NETDEV_BOND_FAIL_OVER_MAC_INVALID &&
b->mode == NETDEV_BOND_MODE_ACTIVE_BACKUP && b->mode == NETDEV_BOND_MODE_ACTIVE_BACKUP) {
!has_slaves) {
r = sd_netlink_message_append_u8(m, IFLA_BOND_FAIL_OVER_MAC, b->fail_over_mac); r = sd_netlink_message_append_u8(m, IFLA_BOND_FAIL_OVER_MAC, b->fail_over_mac);
if (r < 0) if (r < 0)
return r; return r;
@ -194,7 +181,7 @@ static int netdev_bond_fill_message_create(NetDev *netdev, Link *link, sd_netlin
return r; return r;
} }
if (b->ad_user_port_key != 0 && !up) { if (b->ad_user_port_key != 0) {
r = sd_netlink_message_append_u16(m, IFLA_BOND_AD_USER_PORT_KEY, b->ad_user_port_key); r = sd_netlink_message_append_u16(m, IFLA_BOND_AD_USER_PORT_KEY, b->ad_user_port_key);
if (r < 0) if (r < 0)
return r; return r;
@ -210,7 +197,7 @@ static int netdev_bond_fill_message_create(NetDev *netdev, Link *link, sd_netlin
if (r < 0) if (r < 0)
return r; return r;
if (b->tlb_dynamic_lb >= 0 && !up) { if (b->tlb_dynamic_lb >= 0) {
r = sd_netlink_message_append_u8(m, IFLA_BOND_TLB_DYNAMIC_LB, b->tlb_dynamic_lb); r = sd_netlink_message_append_u8(m, IFLA_BOND_TLB_DYNAMIC_LB, b->tlb_dynamic_lb);
if (r < 0) if (r < 0)
return r; return r;

View File

@ -281,17 +281,12 @@ static void bridge_init(NetDev *netdev) {
b->ageing_time = USEC_INFINITY; b->ageing_time = USEC_INFINITY;
} }
static bool bridge_can_set_mac(NetDev *netdev, const struct hw_addr_data *hw_addr) {
return true;
}
const NetDevVTable bridge_vtable = { const NetDevVTable bridge_vtable = {
.object_size = sizeof(Bridge), .object_size = sizeof(Bridge),
.init = bridge_init, .init = bridge_init,
.sections = NETDEV_COMMON_SECTIONS "Bridge\0", .sections = NETDEV_COMMON_SECTIONS "Bridge\0",
.post_create = netdev_bridge_post_create, .post_create = netdev_bridge_post_create,
.create_type = NETDEV_CREATE_INDEPENDENT, .create_type = NETDEV_CREATE_INDEPENDENT,
.can_set_mac = bridge_can_set_mac,
.iftype = ARPHRD_ETHER, .iftype = ARPHRD_ETHER,
.generate_mac = true, .generate_mac = true,
}; };

View File

@ -4,15 +4,10 @@
#include "dummy.h" #include "dummy.h"
static bool dummy_can_set_mac(NetDev *netdev, const struct hw_addr_data *hw_addr) {
return true;
}
const NetDevVTable dummy_vtable = { const NetDevVTable dummy_vtable = {
.object_size = sizeof(Dummy), .object_size = sizeof(Dummy),
.sections = NETDEV_COMMON_SECTIONS, .sections = NETDEV_COMMON_SECTIONS,
.create_type = NETDEV_CREATE_INDEPENDENT, .create_type = NETDEV_CREATE_INDEPENDENT,
.can_set_mac = dummy_can_set_mac,
.iftype = ARPHRD_ETHER, .iftype = ARPHRD_ETHER,
.generate_mac = true, .generate_mac = true,
}; };

View File

@ -254,10 +254,6 @@ static int netdev_geneve_verify(NetDev *netdev, const char *filename) {
return 0; return 0;
} }
static bool geneve_can_set_mac(NetDev *netdev, const struct hw_addr_data *hw_addr) {
return true;
}
static void geneve_init(NetDev *netdev) { static void geneve_init(NetDev *netdev) {
Geneve *v = GENEVE(netdev); Geneve *v = GENEVE(netdev);
@ -276,7 +272,6 @@ const NetDevVTable geneve_vtable = {
.fill_message_create = netdev_geneve_fill_message_create, .fill_message_create = netdev_geneve_fill_message_create,
.create_type = NETDEV_CREATE_INDEPENDENT, .create_type = NETDEV_CREATE_INDEPENDENT,
.config_verify = netdev_geneve_verify, .config_verify = netdev_geneve_verify,
.can_set_mac = geneve_can_set_mac,
.iftype = ARPHRD_ETHER, .iftype = ARPHRD_ETHER,
.generate_mac = true, .generate_mac = true,
}; };

View File

@ -60,7 +60,6 @@ const NetDevVTable ipvlan_vtable = {
.can_set_mac = ipvlan_can_set_mac, .can_set_mac = ipvlan_can_set_mac,
.iftype = ARPHRD_ETHER, .iftype = ARPHRD_ETHER,
.generate_mac = true, .generate_mac = true,
.keep_existing = true,
}; };
const NetDevVTable ipvtap_vtable = { const NetDevVTable ipvtap_vtable = {
@ -72,7 +71,6 @@ const NetDevVTable ipvtap_vtable = {
.can_set_mac = ipvlan_can_set_mac, .can_set_mac = ipvlan_can_set_mac,
.iftype = ARPHRD_ETHER, .iftype = ARPHRD_ETHER,
.generate_mac = true, .generate_mac = true,
.keep_existing = true,
}; };
IPVlanMode link_get_ipvlan_mode(Link *link) { IPVlanMode link_get_ipvlan_mode(Link *link) {

View File

@ -178,7 +178,6 @@ const NetDevVTable macvtap_vtable = {
.create_type = NETDEV_CREATE_STACKED, .create_type = NETDEV_CREATE_STACKED,
.iftype = ARPHRD_ETHER, .iftype = ARPHRD_ETHER,
.generate_mac = true, .generate_mac = true,
.keep_existing = true,
}; };
const NetDevVTable macvlan_vtable = { const NetDevVTable macvlan_vtable = {
@ -190,5 +189,4 @@ const NetDevVTable macvlan_vtable = {
.create_type = NETDEV_CREATE_STACKED, .create_type = NETDEV_CREATE_STACKED,
.iftype = ARPHRD_ETHER, .iftype = ARPHRD_ETHER,
.generate_mac = true, .generate_mac = true,
.keep_existing = true,
}; };

View File

@ -400,7 +400,7 @@ int netdev_enter_ready(NetDev *netdev) {
assert(netdev); assert(netdev);
assert(netdev->ifname); assert(netdev->ifname);
if (!IN_SET(netdev->state, NETDEV_STATE_LOADING, NETDEV_STATE_CREATING)) if (netdev->state != NETDEV_STATE_CREATING)
return 0; return 0;
netdev->state = NETDEV_STATE_READY; netdev->state = NETDEV_STATE_READY;
@ -432,17 +432,18 @@ static int netdev_create_handler(sd_netlink *rtnl, sd_netlink_message *m, NetDev
assert(netdev->state != _NETDEV_STATE_INVALID); assert(netdev->state != _NETDEV_STATE_INVALID);
r = sd_netlink_message_get_errno(m); r = sd_netlink_message_get_errno(m);
if (r >= 0) if (r == -EEXIST)
log_netdev_debug(netdev, "Created."); log_netdev_info(netdev, "netdev exists, using existing without changing its parameters");
else if (r == -EEXIST && netdev->ifindex > 0) else if (r < 0) {
log_netdev_debug(netdev, "Already exists."); log_netdev_warning_errno(netdev, r, "netdev could not be created: %m");
else {
log_netdev_warning_errno(netdev, r, "Failed to create netdev: %m");
netdev_enter_failed(netdev); netdev_enter_failed(netdev);
return 0;
return 1;
} }
return netdev_enter_ready(netdev); log_netdev_debug(netdev, "Created");
return 1;
} }
int netdev_set_ifindex_internal(NetDev *netdev, int ifindex) { int netdev_set_ifindex_internal(NetDev *netdev, int ifindex) {
@ -463,6 +464,8 @@ int netdev_set_ifindex_internal(NetDev *netdev, int ifindex) {
} }
static int netdev_set_ifindex_impl(NetDev *netdev, const char *name, int ifindex) { static int netdev_set_ifindex_impl(NetDev *netdev, const char *name, int ifindex) {
int r;
assert(netdev); assert(netdev);
assert(name); assert(name);
assert(ifindex > 0); assert(ifindex > 0);
@ -475,7 +478,11 @@ static int netdev_set_ifindex_impl(NetDev *netdev, const char *name, int ifindex
"Received netlink message with unexpected interface name %s (ifindex=%i).", "Received netlink message with unexpected interface name %s (ifindex=%i).",
name, ifindex); name, ifindex);
return netdev_set_ifindex_internal(netdev, ifindex); r = netdev_set_ifindex_internal(netdev, ifindex);
if (r <= 0)
return r;
return netdev_enter_ready(netdev);
} }
int netdev_set_ifindex(NetDev *netdev, sd_netlink_message *message) { int netdev_set_ifindex(NetDev *netdev, sd_netlink_message *message) {
@ -629,32 +636,15 @@ finalize:
static bool netdev_can_set_mac(NetDev *netdev, const struct hw_addr_data *hw_addr) { static bool netdev_can_set_mac(NetDev *netdev, const struct hw_addr_data *hw_addr) {
assert(netdev); assert(netdev);
assert(netdev->manager);
assert(hw_addr); assert(hw_addr);
if (hw_addr->length <= 0) if (hw_addr->length <= 0)
return false; return false;
Link *link; if (!NETDEV_VTABLE(netdev)->can_set_mac)
if (link_get_by_index(netdev->manager, netdev->ifindex, &link) < 0) return true;
return true; /* The netdev does not exist yet. We can set MAC address. */
if (hw_addr_equal(&link->hw_addr, hw_addr))
return false; /* Unchanged, not necessary to set. */
/* Some netdevs refuse to update MAC address even if the interface is not running, e.g. ipvlan.
* Some other netdevs have the IFF_LIVE_ADDR_CHANGE flag and can update update MAC address even if
* the interface is running, e.g. dummy. For those cases, use custom checkers. */
if (NETDEV_VTABLE(netdev)->can_set_mac)
return NETDEV_VTABLE(netdev)->can_set_mac(netdev, hw_addr); return NETDEV_VTABLE(netdev)->can_set_mac(netdev, hw_addr);
/* Before ad72c4a06acc6762e84994ac2f722da7a07df34e and 0ec92a8f56ff07237dbe8af7c7a72aba7f957baf
* (both in v6.5), the kernel refuse to set MAC address for existing netdevs even if it is unchanged.
* So, by default, do not update MAC address if the it is running. See eth_prepare_mac_addr_change(),
* which is called by eth_mac_addr(). Note, the result of netif_running() is mapped to operstate
* and flags. See rtnl_fill_ifinfo() and dev_get_flags(). */
return link->kernel_operstate == IF_OPER_DOWN &&
(link->flags & (IFF_RUNNING | IFF_LOWER_UP | IFF_DORMANT)) == 0;
} }
static bool netdev_can_set_mtu(NetDev *netdev, uint32_t mtu) { static bool netdev_can_set_mtu(NetDev *netdev, uint32_t mtu) {
@ -663,35 +653,18 @@ static bool netdev_can_set_mtu(NetDev *netdev, uint32_t mtu) {
if (mtu <= 0) if (mtu <= 0)
return false; return false;
Link *link; if (!NETDEV_VTABLE(netdev)->can_set_mtu)
if (link_get_by_index(netdev->manager, netdev->ifindex, &link) < 0)
return true; /* The netdev does not exist yet. We can set MTU. */
if (mtu < link->min_mtu || link->max_mtu < mtu)
return false; /* The MTU is out of range. */
if (link->mtu == mtu)
return false; /* Unchanged, not necessary to set. */
/* Some netdevs cannot change MTU, e.g. vxlan. Let's use the custom checkers in such cases. */
if (NETDEV_VTABLE(netdev)->can_set_mtu)
return NETDEV_VTABLE(netdev)->can_set_mtu(netdev, mtu);
/* By default, allow to update the MTU. */
return true; return true;
return NETDEV_VTABLE(netdev)->can_set_mtu(netdev, mtu);
} }
static int netdev_create_message(NetDev *netdev, Link *link, sd_netlink_message *m) { static int netdev_create_message(NetDev *netdev, Link *link, sd_netlink_message *m) {
int r; int r;
if (netdev->ifindex <= 0) {
/* Set interface name when it is newly created. Otherwise, the kernel older than
* bd039b5ea2a91ea707ee8539df26456bd5be80af (v6.2) will refuse the netlink message even if
* the name is unchanged. */
r = sd_netlink_message_append_string(m, IFLA_IFNAME, netdev->ifname); r = sd_netlink_message_append_string(m, IFLA_IFNAME, netdev->ifname);
if (r < 0) if (r < 0)
return r; return r;
}
struct hw_addr_data hw_addr; struct hw_addr_data hw_addr;
r = netdev_generate_hw_addr(netdev, link, netdev->ifname, &netdev->hw_addr, &hw_addr); r = netdev_generate_hw_addr(netdev, link, netdev->ifname, &netdev->hw_addr, &hw_addr);
@ -854,16 +827,7 @@ static int stacked_netdev_process_request(Request *req, Link *link, void *userda
assert(link); assert(link);
if (!netdev_is_managed(netdev)) if (!netdev_is_managed(netdev))
goto cancelled; /* Already detached, due to e.g. reloading .netdev files, cancelling the request. */ return 1; /* Already detached, due to e.g. reloading .netdev files, cancelling the request. */
if (NETDEV_VTABLE(netdev)->keep_existing && netdev->ifindex > 0) {
/* Already exists, and the netdev does not support updating, entering the ready state. */
r = netdev_enter_ready(netdev);
if (r < 0)
return r;
goto cancelled;
}
r = netdev_is_ready_to_create(netdev, link); r = netdev_is_ready_to_create(netdev, link);
if (r <= 0) if (r <= 0)
@ -874,41 +838,21 @@ static int stacked_netdev_process_request(Request *req, Link *link, void *userda
return log_netdev_warning_errno(netdev, r, "Failed to create netdev: %m"); return log_netdev_warning_errno(netdev, r, "Failed to create netdev: %m");
return 1; return 1;
cancelled:
assert_se(TAKE_PTR(req->counter) == &link->create_stacked_netdev_messages);
link->create_stacked_netdev_messages--;
if (link->create_stacked_netdev_messages == 0) {
link->stacked_netdevs_created = true;
log_link_debug(link, "Stacked netdevs created.");
link_check_ready(link);
}
return 1;
} }
static int create_stacked_netdev_handler(sd_netlink *rtnl, sd_netlink_message *m, Request *req, Link *link, void *userdata) { static int create_stacked_netdev_handler(sd_netlink *rtnl, sd_netlink_message *m, Request *req, Link *link, void *userdata) {
NetDev *netdev = ASSERT_PTR(userdata);
int r; int r;
assert(m); assert(m);
assert(link); assert(link);
r = sd_netlink_message_get_errno(m); r = sd_netlink_message_get_errno(m);
if (r >= 0) if (r < 0 && r != -EEXIST) {
log_netdev_debug(netdev, "Created."); log_link_message_warning_errno(link, m, r, "Could not create stacked netdev");
else if (r == -EEXIST && netdev->ifindex > 0)
log_netdev_debug(netdev, "Already exists.");
else {
log_netdev_warning_errno(netdev, r, "Failed to create netdev: %m");
netdev_enter_failed(netdev);
link_enter_failed(link); link_enter_failed(link);
return 0; return 0;
} }
(void) netdev_enter_ready(netdev);
if (link->create_stacked_netdev_messages == 0) { if (link->create_stacked_netdev_messages == 0) {
link->stacked_netdevs_created = true; link->stacked_netdevs_created = true;
log_link_debug(link, "Stacked netdevs created."); log_link_debug(link, "Stacked netdevs created.");
@ -957,15 +901,6 @@ static int independent_netdev_process_request(Request *req, Link *link, void *us
if (!netdev_is_managed(netdev)) if (!netdev_is_managed(netdev))
return 1; /* Already detached, due to e.g. reloading .netdev files, cancelling the request. */ return 1; /* Already detached, due to e.g. reloading .netdev files, cancelling the request. */
if (NETDEV_VTABLE(netdev)->keep_existing && netdev->ifindex > 0) {
/* Already exists, and the netdev does not support updating, entering the ready state. */
r = netdev_enter_ready(netdev);
if (r < 0)
return r;
return 1; /* Skip this request. */
}
r = netdev_is_ready_to_create(netdev, NULL); r = netdev_is_ready_to_create(netdev, NULL);
if (r <= 0) if (r <= 0)
return r; return r;
@ -995,9 +930,21 @@ static int netdev_request_to_create(NetDev *netdev) {
if (netdev->state != NETDEV_STATE_LOADING) if (netdev->state != NETDEV_STATE_LOADING)
return 0; /* Already configured (at least tried previously). Not necessary to reconfigure. */ return 0; /* Already configured (at least tried previously). Not necessary to reconfigure. */
r = netdev_is_ready_to_create(netdev, NULL);
if (r < 0)
return r;
if (r > 0) {
/* If the netdev has no dependency, then create it now. */
r = independent_netdev_create(netdev);
if (r < 0)
return log_netdev_warning_errno(netdev, r, "Failed to create netdev: %m");
} else {
/* Otherwise, wait for the dependencies being resolved. */
r = netdev_queue_request(netdev, independent_netdev_process_request, NULL); r = netdev_queue_request(netdev, independent_netdev_process_request, NULL);
if (r < 0) if (r < 0)
return log_netdev_warning_errno(netdev, r, "Failed to request to create netdev: %m"); return log_netdev_warning_errno(netdev, r, "Failed to request to create netdev: %m");
}
return 0; return 0;
} }

View File

@ -199,10 +199,6 @@ typedef struct NetDevVTable {
/* When assigning ifindex to the netdev, skip to check if the netdev kind matches. */ /* When assigning ifindex to the netdev, skip to check if the netdev kind matches. */
bool skip_netdev_kind_check; bool skip_netdev_kind_check;
/* Provides if the netdev can be updated, that is, whether RTM_NEWLINK with existing ifindex is supported or not.
* If this is true, the netdev does not support updating. */
bool keep_existing;
} NetDevVTable; } NetDevVTable;
extern const NetDevVTable * const netdev_vtable[_NETDEV_KIND_MAX]; extern const NetDevVTable * const netdev_vtable[_NETDEV_KIND_MAX];

View File

@ -4,15 +4,10 @@
#include "netdevsim.h" #include "netdevsim.h"
static bool netdevsim_can_set_mac(NetDev *netdev, const struct hw_addr_data *hw_addr) {
return true;
}
const NetDevVTable netdevsim_vtable = { const NetDevVTable netdevsim_vtable = {
.object_size = sizeof(NetDevSim), .object_size = sizeof(NetDevSim),
.sections = NETDEV_COMMON_SECTIONS, .sections = NETDEV_COMMON_SECTIONS,
.create_type = NETDEV_CREATE_INDEPENDENT, .create_type = NETDEV_CREATE_INDEPENDENT,
.can_set_mac = netdevsim_can_set_mac,
.iftype = ARPHRD_ETHER, .iftype = ARPHRD_ETHER,
.generate_mac = true, .generate_mac = true,
}; };

View File

@ -1119,11 +1119,6 @@ static void netdev_tunnel_init(NetDev *netdev) {
t->ttl = DEFAULT_IPV6_TTL; t->ttl = DEFAULT_IPV6_TTL;
} }
static bool tunnel_can_set_mac(NetDev *netdev, const struct hw_addr_data *hw_addr) {
assert(IN_SET(netdev->kind, NETDEV_KIND_GRETAP, NETDEV_KIND_IP6GRETAP, NETDEV_KIND_ERSPAN));
return true;
}
const NetDevVTable ipip_vtable = { const NetDevVTable ipip_vtable = {
.object_size = sizeof(Tunnel), .object_size = sizeof(Tunnel),
.init = netdev_tunnel_init, .init = netdev_tunnel_init,
@ -1193,7 +1188,6 @@ const NetDevVTable gretap_vtable = {
.is_ready_to_create = netdev_tunnel_is_ready_to_create, .is_ready_to_create = netdev_tunnel_is_ready_to_create,
.config_verify = netdev_tunnel_verify, .config_verify = netdev_tunnel_verify,
.needs_reconfigure = tunnel_needs_reconfigure, .needs_reconfigure = tunnel_needs_reconfigure,
.can_set_mac = tunnel_can_set_mac,
.iftype = ARPHRD_ETHER, .iftype = ARPHRD_ETHER,
.generate_mac = true, .generate_mac = true,
}; };
@ -1219,7 +1213,6 @@ const NetDevVTable ip6gretap_vtable = {
.is_ready_to_create = netdev_tunnel_is_ready_to_create, .is_ready_to_create = netdev_tunnel_is_ready_to_create,
.config_verify = netdev_tunnel_verify, .config_verify = netdev_tunnel_verify,
.needs_reconfigure = tunnel_needs_reconfigure, .needs_reconfigure = tunnel_needs_reconfigure,
.can_set_mac = tunnel_can_set_mac,
.iftype = ARPHRD_ETHER, .iftype = ARPHRD_ETHER,
.generate_mac = true, .generate_mac = true,
}; };
@ -1245,7 +1238,6 @@ const NetDevVTable erspan_vtable = {
.is_ready_to_create = netdev_tunnel_is_ready_to_create, .is_ready_to_create = netdev_tunnel_is_ready_to_create,
.config_verify = netdev_tunnel_verify, .config_verify = netdev_tunnel_verify,
.needs_reconfigure = tunnel_needs_reconfigure, .needs_reconfigure = tunnel_needs_reconfigure,
.can_set_mac = tunnel_can_set_mac,
.iftype = ARPHRD_ETHER, .iftype = ARPHRD_ETHER,
.generate_mac = true, .generate_mac = true,
}; };

View File

@ -36,28 +36,10 @@ static TunTap* TUNTAP(NetDev *netdev) {
DEFINE_PRIVATE_HASH_OPS_FULL(named_fd_hash_ops, char, string_hash_func, string_compare_func, free, void, close_fd_ptr); DEFINE_PRIVATE_HASH_OPS_FULL(named_fd_hash_ops, char, string_hash_func, string_compare_func, free, void, close_fd_ptr);
static int manager_add_tuntap_fd_impl(Manager *m, int fd, const char *name) {
_cleanup_free_ char *tuntap_name = NULL;
int r;
assert(m);
assert(fd >= 0);
assert(name);
tuntap_name = strdup(name);
if (!tuntap_name)
return log_oom_debug();
r = hashmap_ensure_put(&m->tuntap_fds_by_name, &named_fd_hash_ops, tuntap_name, FD_TO_PTR(fd));
if (r < 0)
return log_debug_errno(r, "Failed to store tuntap fd: %m");
TAKE_PTR(tuntap_name);
return 0;
}
int manager_add_tuntap_fd(Manager *m, int fd, const char *name) { int manager_add_tuntap_fd(Manager *m, int fd, const char *name) {
_cleanup_free_ char *tuntap_name = NULL;
const char *p; const char *p;
int r;
assert(m); assert(m);
assert(fd >= 0); assert(fd >= 0);
@ -70,75 +52,65 @@ int manager_add_tuntap_fd(Manager *m, int fd, const char *name) {
if (!ifname_valid(p)) if (!ifname_valid(p))
return log_debug_errno(SYNTHETIC_ERRNO(EINVAL), "Received tuntap fd with invalid name (%s).", p); return log_debug_errno(SYNTHETIC_ERRNO(EINVAL), "Received tuntap fd with invalid name (%s).", p);
return manager_add_tuntap_fd_impl(m, fd, p); tuntap_name = strdup(p);
} if (!tuntap_name)
return log_oom_debug();
static int netdev_take_tuntap_fd(Manager *m, const char *ifname) { r = hashmap_ensure_put(&m->tuntap_fds_by_name, &named_fd_hash_ops, tuntap_name, FD_TO_PTR(fd));
_unused_ _cleanup_free_ char *name = NULL;
void *p;
assert(m);
assert(ifname);
p = hashmap_remove2(m->tuntap_fds_by_name, ifname, (void**) &name);
if (!p)
return -EBADF;
return PTR_TO_FD(p);
}
static int netdev_push_tuntap_fd(NetDev *netdev, int fd) {
_unused_ _cleanup_close_ int fd_old = -EBADF;
int r;
assert(netdev->manager);
fd_old = netdev_take_tuntap_fd(netdev->manager, netdev->ifname);
if (!TUNTAP(netdev)->keep_fd)
return 0;
r = manager_add_tuntap_fd_impl(netdev->manager, fd, netdev->ifname);
if (r < 0) if (r < 0)
return r; return log_debug_errno(r, "Failed to store tuntap fd: %m");
(void) notify_push_fdf(fd, "tuntap-%s", netdev->ifname); TAKE_PTR(tuntap_name);
return 1; /* saved */ return 0;
}
static void manager_close_and_notify_tuntap_fd(Manager *m, const char *ifname) {
assert(m);
assert(ifname);
/* netdev_take_tuntap_fd() may invalidate ifname. Hence, need to create fdname earlier. */
const char *fdname = strjoina("tuntap-", ifname);
close_and_notify_warn(netdev_take_tuntap_fd(m, ifname), fdname);
} }
void manager_clear_unmanaged_tuntap_fds(Manager *m) { void manager_clear_unmanaged_tuntap_fds(Manager *m) {
const char *name; char *name;
void *p; void *p;
assert(m); assert(m);
HASHMAP_FOREACH_KEY(p, name, m->tuntap_fds_by_name) { while ((p = hashmap_steal_first_key_and_value(m->tuntap_fds_by_name, (void**) &name))) {
NetDev *netdev; close_and_notify_warn(PTR_TO_FD(p), name);
name = mfree(name);
if (netdev_get(m, name, &netdev) < 0 ||
!IN_SET(netdev->kind, NETDEV_KIND_TAP, NETDEV_KIND_TUN) ||
!TUNTAP(netdev)->keep_fd)
manager_close_and_notify_tuntap_fd(m, name);
} }
} }
static int tuntap_take_fd(NetDev *netdev) {
_cleanup_free_ char *name = NULL;
void *p;
int r;
assert(netdev);
assert(netdev->manager);
r = link_get_by_name(netdev->manager, netdev->ifname, NULL);
if (r < 0)
return r;
p = hashmap_remove2(netdev->manager->tuntap_fds_by_name, netdev->ifname, (void**) &name);
if (!p)
return -ENOENT;
log_netdev_debug(netdev, "Found file descriptor in fd store.");
return PTR_TO_FD(p);
}
static int netdev_create_tuntap(NetDev *netdev) { static int netdev_create_tuntap(NetDev *netdev) {
_cleanup_close_ int fd = -EBADF; _cleanup_close_ int fd = -EBADF;
struct ifreq ifr = {}; struct ifreq ifr = {};
TunTap *t = TUNTAP(netdev); TunTap *t;
int r; int r;
assert(netdev);
assert(netdev->manager); assert(netdev->manager);
t = TUNTAP(netdev);
assert(t);
fd = TAKE_FD(t->fd);
if (fd < 0)
fd = tuntap_take_fd(netdev);
if (fd < 0)
fd = open(TUN_DEV, O_RDWR|O_CLOEXEC); fd = open(TUN_DEV, O_RDWR|O_CLOEXEC);
if (fd < 0) if (fd < 0)
return log_netdev_error_errno(netdev, errno, "Failed to open " TUN_DEV ": %m"); return log_netdev_error_errno(netdev, errno, "Failed to open " TUN_DEV ": %m");
@ -203,25 +175,42 @@ static int netdev_create_tuntap(NetDev *netdev) {
if (ioctl(fd, TUNSETPERSIST, 1) < 0) if (ioctl(fd, TUNSETPERSIST, 1) < 0)
return log_netdev_error_errno(netdev, errno, "TUNSETPERSIST failed: %m"); return log_netdev_error_errno(netdev, errno, "TUNSETPERSIST failed: %m");
r = netdev_push_tuntap_fd(netdev, fd); if (t->keep_fd) {
if (r < 0) t->fd = TAKE_FD(fd);
return log_netdev_warning_errno(netdev, r, "Failed to save TUN/TAP fd: %m"); (void) notify_push_fdf(t->fd, "tuntap-%s", netdev->ifname);
if (r > 0) }
TAKE_FD(fd);
netdev_enter_ready(netdev);
return 0; return 0;
} }
static void tuntap_drop(NetDev *netdev) { static void tuntap_init(NetDev *netdev) {
assert(netdev); TunTap *t;
manager_close_and_notify_tuntap_fd(netdev->manager, netdev->ifname); assert(netdev);
t = TUNTAP(netdev);
assert(t);
t->fd = -EBADF;
}
static void tuntap_drop(NetDev *netdev) {
TunTap *t;
assert(netdev);
t = TUNTAP(netdev);
assert(t);
t->fd = close_and_notify_warn(t->fd, netdev->ifname);
} }
static void tuntap_done(NetDev *netdev) { static void tuntap_done(NetDev *netdev) {
TunTap *t = TUNTAP(netdev); TunTap *t;
assert(netdev);
t = TUNTAP(netdev);
assert(t);
t->fd = safe_close(t->fd);
t->user_name = mfree(t->user_name); t->user_name = mfree(t->user_name);
t->group_name = mfree(t->group_name); t->group_name = mfree(t->group_name);
} }
@ -248,6 +237,7 @@ const NetDevVTable tun_vtable = {
.object_size = sizeof(TunTap), .object_size = sizeof(TunTap),
.sections = NETDEV_COMMON_SECTIONS "Tun\0", .sections = NETDEV_COMMON_SECTIONS "Tun\0",
.config_verify = tuntap_verify, .config_verify = tuntap_verify,
.init = tuntap_init,
.drop = tuntap_drop, .drop = tuntap_drop,
.done = tuntap_done, .done = tuntap_done,
.create = netdev_create_tuntap, .create = netdev_create_tuntap,
@ -259,6 +249,7 @@ const NetDevVTable tap_vtable = {
.object_size = sizeof(TunTap), .object_size = sizeof(TunTap),
.sections = NETDEV_COMMON_SECTIONS "Tap\0", .sections = NETDEV_COMMON_SECTIONS "Tap\0",
.config_verify = tuntap_verify, .config_verify = tuntap_verify,
.init = tuntap_init,
.drop = tuntap_drop, .drop = tuntap_drop,
.done = tuntap_done, .done = tuntap_done,
.create = netdev_create_tuntap, .create = netdev_create_tuntap,

View File

@ -8,6 +8,7 @@ typedef struct TunTap TunTap;
struct TunTap { struct TunTap {
NetDev meta; NetDev meta;
int fd;
char *user_name; char *user_name;
char *group_name; char *group_name;
bool multi_queue; bool multi_queue;

Some files were not shown because too many files have changed in this diff Show More