Compare commits
17 Commits
63ed9c9263
...
34c81a3a4b
Author | SHA1 | Date |
---|---|---|
Yu Watanabe | 34c81a3a4b | |
Daan De Meyer | 81af8f998e | |
chenjiayi | 4fc8a63f9e | |
Jason Yundt | dfb3155419 | |
Daan De Meyer | fc5037e7d7 | |
Yu Watanabe | 13f6ec7ce7 | |
Yu Watanabe | 6e1816ef16 | |
Yu Watanabe | 7ac1ad90d0 | |
Yu Watanabe | d265b8afb7 | |
Yu Watanabe | 1aab0a5b10 | |
Yu Watanabe | c3cc561d9f | |
Yu Watanabe | bab2a46912 | |
Yu Watanabe | 97e002effe | |
Yu Watanabe | c471cb4883 | |
Yu Watanabe | a84a33f302 | |
Yu Watanabe | 07fa6897e2 | |
Yu Watanabe | fb1db600fb |
|
@ -593,8 +593,6 @@ node /org/freedesktop/systemd1 {
|
|||
|
||||
<!--method GetJobBefore is not documented!-->
|
||||
|
||||
<!--method SetShowStatus is not documented!-->
|
||||
|
||||
<!--method ListUnitsFiltered is not documented!-->
|
||||
|
||||
<!--method ListUnitsByPatterns is not documented!-->
|
||||
|
@ -673,8 +671,6 @@ node /org/freedesktop/systemd1 {
|
|||
|
||||
<!--property ConfirmSpawn is not documented!-->
|
||||
|
||||
<!--property ShowStatus is not documented!-->
|
||||
|
||||
<!--property DefaultStandardOutput is not documented!-->
|
||||
|
||||
<!--property DefaultStandardError is not documented!-->
|
||||
|
@ -1362,6 +1358,24 @@ node /org/freedesktop/systemd1 {
|
|||
|
||||
<para><function>ResetFailedUnit()</function> resets the "failed" state of a specific unit.</para>
|
||||
|
||||
<para><function>SetShowStatus()</function> configures the display of status messages during bootup and
|
||||
shutdown. The <varname>mode</varname> parameter can be set to any value that's valid for the
|
||||
<varname>systemd.show_status</varname> kernel parameter. For more information about
|
||||
<varname>systemd.show_status</varname>, see
|
||||
<citerefentry project="man-pages"><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>.
|
||||
The <varname>mode</varname> parameter can also be set to an empty string. When <varname>mode</varname>
|
||||
is set to an empty string, <function>SetShowStatus()</function> will reset
|
||||
<varname>ShowStatus</varname> back to its original value. You can use
|
||||
<function>SetShowStatus()</function> create a service that does something like this:
|
||||
<orderedlist>
|
||||
<listitem><para>Send a D-Bus message that will turn off status messages.</para></listitem>
|
||||
<listitem><para>Block until a reply to that message is received.</para></listitem>
|
||||
<listitem><para>Print multiples lines without being interrupted by status messages.</para></listitem>
|
||||
<listitem><para>Send a D-Bus message that will reset <varname>ShowStatus</varname> back to its
|
||||
original value.</para></listitem>
|
||||
</orderedlist>
|
||||
</para>
|
||||
|
||||
<para><function>ResetFailed()</function> resets the "failed" state of all units.</para>
|
||||
|
||||
<para><function>ListUnits()</function> returns an array of all currently loaded units. Note that
|
||||
|
@ -1788,6 +1802,12 @@ node /org/freedesktop/systemd1 {
|
|||
<para><varname>Environment</varname> encodes the environment block passed to all executed services. It
|
||||
may be altered with bus calls such as <function>SetEnvironment()</function> (see above).</para>
|
||||
|
||||
<para><varname>ShowStatus</varname> encodes systemd's current policy for displaying status messages
|
||||
during bootup and shutdown. Its value can be any valid value for the
|
||||
<varname>systemd.show_status</varname> kernel parameter (see
|
||||
<citerefentry project="man-pages"><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>).
|
||||
It may be altered using <function>SetShowStatus()</function> (see above).</para>
|
||||
|
||||
<para><varname>UnitPath</varname> encodes the currently active unit file search path. It is an array of
|
||||
file system paths encoded as strings.</para>
|
||||
|
||||
|
|
|
@ -483,18 +483,18 @@
|
|||
<term><varname>ExcludeFiles=</varname></term>
|
||||
<term><varname>ExcludeFilesTarget=</varname></term>
|
||||
|
||||
<listitem><para>Takes an absolute file system path referring to a source file or directory on the
|
||||
host. This setting may be used to exclude files or directories from the host from being copied into
|
||||
the file system when <varname>CopyFiles=</varname> is used. This option may be used multiple times to
|
||||
exclude multiple files or directories from host from being copied into the newly formatted file
|
||||
system.</para>
|
||||
<listitem><para>Takes one or more absolute paths, separated by whitespace, each referring to a
|
||||
source file or directory on the host. This setting may be used to exclude files or directories from
|
||||
the host from being copied into the file system when <varname>CopyFiles=</varname> is used. This
|
||||
option may be used multiple times to exclude multiple files or directories from host from being
|
||||
copied into the newly formatted file system.</para>
|
||||
|
||||
<para>If the path is a directory and ends with <literal>/</literal>, only the directory's
|
||||
contents are excluded but not the directory itself. If the path is a directory and does not end with
|
||||
<literal>/</literal>, both the directory and its contents are excluded.</para>
|
||||
|
||||
<para><varname>ExcludeFilesTarget=</varname> is like <varname>ExcludeFiles=</varname> except that
|
||||
instead of excluding the path on the host from being copied into the partition, we exclude any files
|
||||
instead of excluding the path on the host from being copied into the partition, it exclude any files
|
||||
and directories from being copied into the given path in the partition.</para>
|
||||
|
||||
<para>When
|
||||
|
|
|
@ -3001,7 +3001,12 @@ SystemCallErrorNumber=EPERM</programlisting>
|
|||
|
||||
<para><option>tty</option> connects standard output to a tty (as configured via <varname>TTYPath=</varname>,
|
||||
see below). If the TTY is used for output only, the executed process will not become the controlling process of
|
||||
the terminal, and will not fail or wait for other processes to release the terminal.</para>
|
||||
the terminal, and will not fail or wait for other processes to release the terminal. Note: if a unit
|
||||
tries to print multiple lines to a TTY during bootup or shutdown, then there's a chance that those
|
||||
lines will be broken up by status messages. <function>SetShowStatus()</function> can be used to
|
||||
prevent this problem. See
|
||||
<citerefentry project="man-pages"><refentrytitle>org.freedesktop.systemd1</refentrytitle><manvolnum>5</manvolnum></citerefentry>
|
||||
for details.</para>
|
||||
|
||||
<para><option>journal</option> connects standard output with the journal, which is accessible via
|
||||
<citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>. Note
|
||||
|
|
|
@ -6243,22 +6243,22 @@ Name=enp1s0
|
|||
[Network]
|
||||
DHCP=ipv6
|
||||
|
||||
# The below setting is optional, to also assign an address in the delegated prefix
|
||||
# to the upstream interface. If not necessary, then comment out the line below and
|
||||
# the [DHCPPrefixDelegation] section.
|
||||
DHCPPrefixDelegation=yes
|
||||
# The lines below are optional, to also assign an address in the delegated prefix
|
||||
# to the upstream interface. Uncomment the lines below if necessary.
|
||||
#[Network]
|
||||
#DHCPPrefixDelegation=yes
|
||||
#[DHCPPrefixDelegation]
|
||||
#UplinkInterface=:self
|
||||
#SubnetId=0
|
||||
#Announce=no
|
||||
|
||||
# If the upstream network provides Router Advertisement with Managed bit set,
|
||||
# then comment out the line below and WithoutRA= setting in the [DHCPv6] section.
|
||||
IPv6AcceptRA=no
|
||||
|
||||
[DHCPv6]
|
||||
WithoutRA=solicit
|
||||
|
||||
[DHCPPrefixDelegation]
|
||||
UplinkInterface=:self
|
||||
SubnetId=0
|
||||
Announce=no</programlisting>
|
||||
# If the upstream network does not provides any Router Advertisement (RA) messages
|
||||
# or provides an RA with both Managed and Other-information bits unset, then
|
||||
# uncomment the lines below.
|
||||
#[Network]
|
||||
#IPv6AcceptRA=no
|
||||
#[DHCPv6]
|
||||
#WithoutRA=solicit</programlisting>
|
||||
|
||||
<programlisting># /etc/systemd/network/55-dhcpv6-pd-downstream.network
|
||||
[Match]
|
||||
|
|
|
@ -568,7 +568,11 @@
|
|||
<listitem><para>Enables display of status messages on the
|
||||
console, as controlled via
|
||||
<varname>systemd.show_status=1</varname> on the kernel command
|
||||
line.</para></listitem>
|
||||
line.</para>
|
||||
<para>You may want to use <function>SetShowStatus()</function> instead of
|
||||
<constant>SIGRTMIN+20</constant> in order to prevent race conditions. See
|
||||
<citerefentry project="man-pages"><refentrytitle>org.freedesktop.systemd1</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
|
||||
</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
|
@ -579,7 +583,11 @@
|
|||
controlled via
|
||||
<varname>systemd.show_status=0</varname>
|
||||
on the kernel command
|
||||
line.</para></listitem>
|
||||
line.</para>
|
||||
<para>You may want to use <function>SetShowStatus()</function> instead of
|
||||
<constant>SIGRTMIN+21</constant> in order to prevent race conditions. See
|
||||
<citerefentry project="man-pages"><refentrytitle>org.freedesktop.systemd1</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
|
||||
</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
|
|
|
@ -4169,7 +4169,7 @@ static void service_sigchld_event(Unit *u, pid_t pid, int code, int status) {
|
|||
* detect when the cgroup becomes empty. Note that the control process is always
|
||||
* our child so it's pointless to watch all other processes. */
|
||||
if (!control_pid_good(s))
|
||||
if (!s->main_pid_known || s->main_pid_alien)
|
||||
if (!s->main_pid_known || s->main_pid_alien || unit_cgroup_delegate(u))
|
||||
(void) unit_enqueue_rewatch_pids(u);
|
||||
}
|
||||
|
||||
|
|
|
@ -404,15 +404,16 @@ static int context_set_path_strv(Context *c, char* const* strv, const char *sour
|
|||
|
||||
static int context_set_plugins(Context *c, const char *s, const char *source) {
|
||||
_cleanup_strv_free_ char **v = NULL;
|
||||
int r;
|
||||
|
||||
assert(c);
|
||||
|
||||
if (c->plugins || !s)
|
||||
return 0;
|
||||
|
||||
v = strv_split(s, NULL);
|
||||
if (!v)
|
||||
return log_oom();
|
||||
r = strv_split_full(&v, s, NULL, EXTRACT_UNQUOTE);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to parse plugin paths from %s: %m", source);
|
||||
|
||||
return context_set_path_strv(c, v, source, "plugins", &c->plugins);
|
||||
}
|
||||
|
|
|
@ -46,7 +46,13 @@ echo 'DTBDTBDTBDTB' >"$D/sources/subdir/whatever.dtb"
|
|||
|
||||
export KERNEL_INSTALL_CONF_ROOT="$D/sources"
|
||||
# We "install" multiple plugins, but control which ones will be active via install.conf.
|
||||
export KERNEL_INSTALL_PLUGINS="${ukify_install} ${loaderentry_install} ${uki_copy_install}"
|
||||
KERNEL_INSTALL_PLUGINS="'${loaderentry_install}' '${uki_copy_install}'"
|
||||
if [[ -n "$ukify_install" ]]; then
|
||||
# shellcheck disable=SC2089
|
||||
KERNEL_INSTALL_PLUGINS="'${ukify_install}' $KERNEL_INSTALL_PLUGINS"
|
||||
fi
|
||||
# shellcheck disable=SC2090
|
||||
export KERNEL_INSTALL_PLUGINS
|
||||
export BOOT_ROOT="$D/boot"
|
||||
export BOOT_MNT="$D/boot"
|
||||
export MACHINE_ID='3e0484f3634a418b8e6a39e8828b03e3'
|
||||
|
|
|
@ -767,6 +767,14 @@ int dhcp6_client_send_message(sd_dhcp6_client *client) {
|
|||
|
||||
switch (client->state) {
|
||||
case DHCP6_STATE_INFORMATION_REQUEST:
|
||||
/* RFC 7084 section 4.2 (https://datatracker.ietf.org/doc/html/rfc7084#section-4.2)
|
||||
* WPD-4: By default, the IPv6 CE router MUST initiate DHCPv6 prefix delegation when either
|
||||
* the M or O flags are set to 1 in a received Router Advertisement (RA) message. */
|
||||
if (FLAGS_SET(client->request_ia, DHCP6_REQUEST_IA_PD)) {
|
||||
r = dhcp6_option_append_ia(&buf, &offset, (client->lease ? client->lease->ia_pd : NULL) ?: &client->ia_pd);
|
||||
if (r < 0)
|
||||
return r;
|
||||
}
|
||||
break;
|
||||
|
||||
case DHCP6_STATE_SOLICITATION:
|
||||
|
|
|
@ -71,6 +71,32 @@ static void dhcp6_lease_set_lifetime(sd_dhcp6_lease *lease) {
|
|||
lease->lifetime_t2 = t2;
|
||||
}
|
||||
|
||||
static void dhcp6_client_set_information_refresh_time(sd_dhcp6_client *client, sd_dhcp6_lease *lease, usec_t irt) {
|
||||
usec_t t1 = USEC_INFINITY, t2 = USEC_INFINITY, min_valid_lt = USEC_INFINITY;
|
||||
|
||||
if (lease->ia_pd) {
|
||||
t1 = be32_sec_to_usec(lease->ia_pd->header.lifetime_t1, /* max_as_infinity = */ true);
|
||||
t2 = be32_sec_to_usec(lease->ia_pd->header.lifetime_t2, /* max_as_infinity = */ true);
|
||||
|
||||
LIST_FOREACH(addresses, a, lease->ia_pd->addresses)
|
||||
min_valid_lt = MIN(min_valid_lt, be32_sec_to_usec(a->iapdprefix.lifetime_valid, /* max_as_infinity = */ true));
|
||||
|
||||
if (t2 == 0 || t2 > min_valid_lt) {
|
||||
/* If T2 is zero or longer than the minimum valid lifetime of the prefixes,
|
||||
* then adjust lifetime with it. */
|
||||
t1 = min_valid_lt / 2;
|
||||
t2 = min_valid_lt / 10 * 8;
|
||||
}
|
||||
|
||||
/* Adjust the received information refresh time with T1. */
|
||||
irt = MIN(irt, t1);
|
||||
}
|
||||
|
||||
client->information_refresh_time_usec = MAX(irt, IRT_MINIMUM);
|
||||
log_dhcp6_client(client, "New information request will be refused in %s.",
|
||||
FORMAT_TIMESPAN(client->information_refresh_time_usec, USEC_PER_SEC));
|
||||
}
|
||||
|
||||
#define DEFINE_GET_TIME_FUNCTIONS(name, val) \
|
||||
int sd_dhcp6_lease_get_##name( \
|
||||
sd_dhcp6_lease *lease, \
|
||||
|
@ -763,18 +789,12 @@ static int dhcp6_lease_parse_message(
|
|||
continue;
|
||||
}
|
||||
|
||||
dhcp6_ia_free(lease->ia_na);
|
||||
lease->ia_na = TAKE_PTR(ia);
|
||||
free_and_replace_full(lease->ia_na, ia, dhcp6_ia_free);
|
||||
break;
|
||||
}
|
||||
case SD_DHCP6_OPTION_IA_PD: {
|
||||
_cleanup_(dhcp6_ia_freep) DHCP6IA *ia = NULL;
|
||||
|
||||
if (client->state == DHCP6_STATE_INFORMATION_REQUEST) {
|
||||
log_dhcp6_client(client, "Ignoring IA PD option in information requesting mode.");
|
||||
break;
|
||||
}
|
||||
|
||||
r = dhcp6_option_parse_ia(client, client->ia_pd.header.id, optcode, optlen, optval, &ia);
|
||||
if (r == -ENOMEM)
|
||||
return log_oom_debug();
|
||||
|
@ -788,8 +808,7 @@ static int dhcp6_lease_parse_message(
|
|||
continue;
|
||||
}
|
||||
|
||||
dhcp6_ia_free(lease->ia_pd);
|
||||
lease->ia_pd = TAKE_PTR(ia);
|
||||
free_and_replace_full(lease->ia_pd, ia, dhcp6_ia_free);
|
||||
break;
|
||||
}
|
||||
case SD_DHCP6_OPTION_RAPID_COMMIT:
|
||||
|
@ -872,12 +891,9 @@ static int dhcp6_lease_parse_message(
|
|||
"The client ID in %s message does not match. Ignoring.",
|
||||
dhcp6_message_type_to_string(message->type));
|
||||
|
||||
if (client->state == DHCP6_STATE_INFORMATION_REQUEST) {
|
||||
client->information_refresh_time_usec = MAX(irt, IRT_MINIMUM);
|
||||
log_dhcp6_client(client, "New information request will be refused in %s.",
|
||||
FORMAT_TIMESPAN(client->information_refresh_time_usec, USEC_PER_SEC));
|
||||
|
||||
} else {
|
||||
if (client->state == DHCP6_STATE_INFORMATION_REQUEST)
|
||||
dhcp6_client_set_information_refresh_time(client, lease, irt);
|
||||
else {
|
||||
r = dhcp6_lease_get_serverid(lease, NULL, NULL);
|
||||
if (r < 0)
|
||||
return log_dhcp6_client_errno(client, r, "%s has no server id",
|
||||
|
|
|
@ -493,6 +493,11 @@ static const uint8_t msg_information_request[] = {
|
|||
DHCP6_MESSAGE_INFORMATION_REQUEST,
|
||||
/* Transaction ID */
|
||||
0x0f, 0xb4, 0xe5,
|
||||
/* IA_PD */
|
||||
0x00, SD_DHCP6_OPTION_IA_PD, 0x00, 0x0c,
|
||||
IA_ID_BYTES,
|
||||
0x00, 0x00, 0x00, 0x00, /* lifetime T1 */
|
||||
0x00, 0x00, 0x00, 0x00, /* lifetime T2 */
|
||||
/* MUD URL */
|
||||
/* ORO */
|
||||
0x00, SD_DHCP6_OPTION_ORO, 0x00, 0x0c,
|
||||
|
|
|
@ -264,30 +264,40 @@ static int dhcp6_address_acquired(Link *link) {
|
|||
return r;
|
||||
}
|
||||
|
||||
if (link->network->dhcp6_use_hostname) {
|
||||
const char *dhcpname = NULL;
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int dhcp6_request_hostname(Link *link) {
|
||||
_cleanup_free_ char *hostname = NULL;
|
||||
const char *dhcpname = NULL;
|
||||
int r;
|
||||
|
||||
(void) sd_dhcp6_lease_get_fqdn(link->dhcp6_lease, &dhcpname);
|
||||
assert(link);
|
||||
assert(link->network);
|
||||
|
||||
if (!link->network->dhcp6_use_hostname)
|
||||
return 0;
|
||||
|
||||
r = sd_dhcp6_lease_get_fqdn(link->dhcp6_lease, &dhcpname);
|
||||
if (r == -ENODATA)
|
||||
return 0;
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
if (dhcpname) {
|
||||
r = shorten_overlong(dhcpname, &hostname);
|
||||
if (r < 0)
|
||||
log_link_warning_errno(link, r, "Unable to shorten overlong DHCP hostname '%s', ignoring: %m", dhcpname);
|
||||
return log_link_warning_errno(link, r, "Unable to shorten overlong DHCP hostname '%s': %m", dhcpname);
|
||||
if (r == 1)
|
||||
log_link_notice(link, "Overlong DHCP hostname received, shortened from '%s' to '%s'", dhcpname, hostname);
|
||||
}
|
||||
if (hostname) {
|
||||
|
||||
r = manager_set_hostname(link->manager, hostname);
|
||||
if (r < 0)
|
||||
log_link_error_errno(link, r, "Failed to set transient hostname to '%s': %m", hostname);
|
||||
}
|
||||
}
|
||||
log_link_warning_errno(link, r, "Failed to set transient hostname to '%s', ignoring: %m", hostname);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int dhcp6_lease_ip_acquired(sd_dhcp6_client *client, Link *link) {
|
||||
static int dhcp6_lease_acquired(sd_dhcp6_client *client, Link *link) {
|
||||
_cleanup_(sd_dhcp6_lease_unrefp) sd_dhcp6_lease *lease_old = NULL;
|
||||
sd_dhcp6_lease *lease;
|
||||
int r;
|
||||
|
@ -302,6 +312,10 @@ static int dhcp6_lease_ip_acquired(sd_dhcp6_client *client, Link *link) {
|
|||
lease_old = TAKE_PTR(link->dhcp6_lease);
|
||||
link->dhcp6_lease = sd_dhcp6_lease_ref(lease);
|
||||
|
||||
r = dhcp6_request_hostname(link);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
r = dhcp6_address_acquired(link);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
@ -327,22 +341,6 @@ static int dhcp6_lease_ip_acquired(sd_dhcp6_client *client, Link *link) {
|
|||
link_set_state(link, LINK_STATE_CONFIGURING);
|
||||
|
||||
link_check_ready(link);
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int dhcp6_lease_information_acquired(sd_dhcp6_client *client, Link *link) {
|
||||
sd_dhcp6_lease *lease;
|
||||
int r;
|
||||
|
||||
assert(client);
|
||||
assert(link);
|
||||
|
||||
r = sd_dhcp6_client_get_lease(client, &lease);
|
||||
if (r < 0)
|
||||
return log_link_error_errno(link, r, "Failed to get DHCPv6 lease: %m");
|
||||
|
||||
unref_and_replace_full(link->dhcp6_lease, lease, sd_dhcp6_lease_ref, sd_dhcp6_lease_unref);
|
||||
|
||||
link_dirty(link);
|
||||
return 0;
|
||||
}
|
||||
|
@ -387,11 +385,8 @@ static void dhcp6_handler(sd_dhcp6_client *client, int event, void *userdata) {
|
|||
break;
|
||||
|
||||
case SD_DHCP6_CLIENT_EVENT_IP_ACQUIRE:
|
||||
r = dhcp6_lease_ip_acquired(client, link);
|
||||
break;
|
||||
|
||||
case SD_DHCP6_CLIENT_EVENT_INFORMATION_REQUEST:
|
||||
r = dhcp6_lease_information_acquired(client, link);
|
||||
r = dhcp6_lease_acquired(client, link);
|
||||
break;
|
||||
|
||||
default:
|
||||
|
|
|
@ -1439,7 +1439,7 @@ int config_parse_router_prefix_delegation(
|
|||
}
|
||||
|
||||
/* When IPv6SendRA= is enabled, only static prefixes are sent by default, and users
|
||||
* need to explicitly enable DHCPv6PrefixDelegation=. */
|
||||
* need to explicitly enable DHCPPrefixDelegation=. */
|
||||
*ra = r ? RADV_PREFIX_DELEGATION_STATIC : RADV_PREFIX_DELEGATION_NONE;
|
||||
return 0;
|
||||
}
|
||||
|
|
|
@ -1742,8 +1742,9 @@ static int config_parse_exclude_files(
|
|||
const char *rvalue,
|
||||
void *data,
|
||||
void *userdata) {
|
||||
_cleanup_free_ char *resolved = NULL;
|
||||
|
||||
char ***exclude_files = ASSERT_PTR(data);
|
||||
const char *p = ASSERT_PTR(rvalue);
|
||||
int r;
|
||||
|
||||
if (isempty(rvalue)) {
|
||||
|
@ -1751,10 +1752,23 @@ static int config_parse_exclude_files(
|
|||
return 0;
|
||||
}
|
||||
|
||||
r = specifier_printf(rvalue, PATH_MAX-1, system_and_tmp_specifier_table, arg_root, NULL, &resolved);
|
||||
for (;;) {
|
||||
_cleanup_free_ char *word = NULL, *resolved = NULL;
|
||||
|
||||
r = extract_first_word(&p, &word, NULL, EXTRACT_UNQUOTE);
|
||||
if (r == -ENOMEM)
|
||||
return log_oom();
|
||||
if (r < 0) {
|
||||
log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid syntax, ignoring: %s", p);
|
||||
return 0;
|
||||
}
|
||||
if (r == 0)
|
||||
return 0;
|
||||
|
||||
r = specifier_printf(word, PATH_MAX-1, system_and_tmp_specifier_table, arg_root, NULL, &resolved);
|
||||
if (r < 0) {
|
||||
log_syntax(unit, LOG_WARNING, filename, line, r,
|
||||
"Failed to expand specifiers in ExcludeFiles= path, ignoring: %s", rvalue);
|
||||
"Failed to expand specifiers in %s path, ignoring: %s", lvalue, word);
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
@ -1764,6 +1778,7 @@ static int config_parse_exclude_files(
|
|||
|
||||
if (strv_consume(exclude_files, TAKE_PTR(resolved)) < 0)
|
||||
return log_oom();
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
|
|
@ -197,7 +197,7 @@ _unused_ static void test_compress_stream(const char *compression,
|
|||
ASSERT_OK(compress(src, dst, -1, &uncompressed_size));
|
||||
|
||||
if (cat) {
|
||||
assert_se(asprintf(&cmd, "%s %s | diff %s -", cat, pattern, srcfile) > 0);
|
||||
assert_se(asprintf(&cmd, "%s %s | diff '%s' -", cat, pattern, srcfile) > 0);
|
||||
assert_se(system(cmd) == 0);
|
||||
}
|
||||
|
||||
|
@ -212,7 +212,7 @@ _unused_ static void test_compress_stream(const char *compression,
|
|||
r = decompress(dst, dst2, st.st_size);
|
||||
assert_se(r == 0);
|
||||
|
||||
assert_se(asprintf(&cmd2, "diff %s %s", srcfile, pattern2) > 0);
|
||||
assert_se(asprintf(&cmd2, "diff '%s' %s", srcfile, pattern2) > 0);
|
||||
assert_se(system(cmd2) == 0);
|
||||
|
||||
log_debug("/* test faulty decompression */");
|
||||
|
|
|
@ -52,7 +52,8 @@ static void test_event_spawn_self(const char *self, const char *arg, bool with_p
|
|||
|
||||
log_debug("/* %s(%s, %s) */", __func__, arg, yes_no(with_pidfd));
|
||||
|
||||
assert_se(cmd = strjoin(self, " ", arg));
|
||||
/* 'self' may contain spaces, hence needs to be quoted. */
|
||||
assert_se(cmd = strjoin("'", self, "' ", arg));
|
||||
|
||||
test_event_spawn_core(with_pidfd, cmd, result_buf, BUF_SIZE);
|
||||
|
||||
|
|
|
@ -1,10 +0,0 @@
|
|||
#!/usr/bin/env bash
|
||||
# SPDX-License-Identifier: LGPL-2.1-or-later
|
||||
set -e
|
||||
|
||||
TEST_DESCRIPTION="Test Multi-Profile UKI Boots"
|
||||
|
||||
# shellcheck source=test/test-functions
|
||||
. "${TEST_BASE_DIR:?}/test-functions"
|
||||
|
||||
do_test "$@"
|
|
@ -4,32 +4,32 @@ set -e
|
|||
|
||||
ANALYZE="${1:-systemd-analyze}"
|
||||
|
||||
$ANALYZE compare-versions 1 lt 2
|
||||
$ANALYZE compare-versions 1 '<' 2
|
||||
$ANALYZE compare-versions 1 le 2
|
||||
$ANALYZE compare-versions 1 '<=' 2
|
||||
$ANALYZE compare-versions 1 ne 2
|
||||
$ANALYZE compare-versions 1 '!=' 2
|
||||
( ! $ANALYZE compare-versions 1 ge 2 )
|
||||
( ! $ANALYZE compare-versions 1 '>=' 2 )
|
||||
( ! $ANALYZE compare-versions 1 eq 2 )
|
||||
( ! $ANALYZE compare-versions 1 '==' 2 )
|
||||
( ! $ANALYZE compare-versions 1 gt 2 )
|
||||
( ! $ANALYZE compare-versions 1 '>' 2 )
|
||||
"$ANALYZE" compare-versions 1 lt 2
|
||||
"$ANALYZE" compare-versions 1 '<' 2
|
||||
"$ANALYZE" compare-versions 1 le 2
|
||||
"$ANALYZE" compare-versions 1 '<=' 2
|
||||
"$ANALYZE" compare-versions 1 ne 2
|
||||
"$ANALYZE" compare-versions 1 '!=' 2
|
||||
( ! "$ANALYZE" compare-versions 1 ge 2 )
|
||||
( ! "$ANALYZE" compare-versions 1 '>=' 2 )
|
||||
( ! "$ANALYZE" compare-versions 1 eq 2 )
|
||||
( ! "$ANALYZE" compare-versions 1 '==' 2 )
|
||||
( ! "$ANALYZE" compare-versions 1 gt 2 )
|
||||
( ! "$ANALYZE" compare-versions 1 '>' 2 )
|
||||
|
||||
test "$($ANALYZE compare-versions 1 2)" = '1 < 2'
|
||||
test "$($ANALYZE compare-versions 2 2)" = '2 == 2'
|
||||
test "$($ANALYZE compare-versions 2 1)" = '2 > 1'
|
||||
test "$($ANALYZE compare-versions '' '')" = "'' == ''"
|
||||
test "$("$ANALYZE" compare-versions 1 2)" = '1 < 2'
|
||||
test "$("$ANALYZE" compare-versions 2 2)" = '2 == 2'
|
||||
test "$("$ANALYZE" compare-versions 2 1)" = '2 > 1'
|
||||
test "$("$ANALYZE" compare-versions '' '')" = "'' == ''"
|
||||
|
||||
set +e
|
||||
|
||||
$ANALYZE compare-versions 1 2; ret1=$?
|
||||
$ANALYZE compare-versions 2 2; ret2=$?
|
||||
$ANALYZE compare-versions 2 1; ret3=$?
|
||||
"$ANALYZE" compare-versions 1 2; ret1=$?
|
||||
"$ANALYZE" compare-versions 2 2; ret2=$?
|
||||
"$ANALYZE" compare-versions 2 1; ret3=$?
|
||||
|
||||
set -e
|
||||
|
||||
test $ret1 == 12
|
||||
test $ret2 == 0
|
||||
test $ret3 == 11
|
||||
test "$ret1" == 12
|
||||
test "$ret2" == 0
|
||||
test "$ret3" == 11
|
||||
|
|
|
@ -44,9 +44,9 @@ test_one() (
|
|||
fi
|
||||
|
||||
if [[ "${input##*/}" =~ \.fstab\.input ]]; then
|
||||
SYSTEMD_LOG_LEVEL=debug SYSTEMD_IN_INITRD="$initrd" SYSTEMD_SYSFS_CHECK=no SYSTEMD_PROC_CMDLINE="fstab=yes root=fstab" SYSTEMD_FSTAB="$input" SYSTEMD_SYSROOT_FSTAB="/dev/null" $generator "$out" "$out" "$out"
|
||||
SYSTEMD_LOG_LEVEL=debug SYSTEMD_IN_INITRD="$initrd" SYSTEMD_SYSFS_CHECK=no SYSTEMD_PROC_CMDLINE="fstab=yes root=fstab" SYSTEMD_FSTAB="$input" SYSTEMD_SYSROOT_FSTAB="/dev/null" "$generator" "$out" "$out" "$out"
|
||||
else
|
||||
SYSTEMD_LOG_LEVEL=debug SYSTEMD_IN_INITRD="$initrd" SYSTEMD_SYSFS_CHECK=no SYSTEMD_PROC_CMDLINE="fstab=no $(cat "$input")" $generator "$out" "$out" "$out"
|
||||
SYSTEMD_LOG_LEVEL=debug SYSTEMD_IN_INITRD="$initrd" SYSTEMD_SYSFS_CHECK=no SYSTEMD_PROC_CMDLINE="fstab=no $(cat "$input")" "$generator" "$out" "$out" "$out"
|
||||
fi
|
||||
|
||||
# The option x-systemd.growfs creates symlink to system's systemd-growfs@.service in .mount.wants directory.
|
||||
|
|
|
@ -53,7 +53,7 @@ for f in $(find "$SOURCE"/test-*.input | sort -V); do
|
|||
echo "*** Running $f"
|
||||
prepare_testdir "${f%.input}"
|
||||
cp "$f" "$TESTDIR/usr/lib/sysusers.d/test.conf"
|
||||
$SYSUSERS --root="$TESTDIR"
|
||||
"$SYSUSERS" --root="$TESTDIR"
|
||||
|
||||
compare "${f%.*}" ""
|
||||
done
|
||||
|
@ -62,7 +62,7 @@ for f in $(find "$SOURCE"/test-*.input | sort -V); do
|
|||
echo "*** Running $f on stdin"
|
||||
prepare_testdir "${f%.input}"
|
||||
touch "$TESTDIR/etc/sysusers.d/test.conf"
|
||||
$SYSUSERS --root="$TESTDIR" - <"$f"
|
||||
"$SYSUSERS" --root="$TESTDIR" - <"$f"
|
||||
|
||||
compare "${f%.*}" "on stdin"
|
||||
done
|
||||
|
@ -72,9 +72,9 @@ for f in $(find "$SOURCE"/test-*.input | sort -V); do
|
|||
prepare_testdir "${f%.input}"
|
||||
touch "$TESTDIR/etc/sysusers.d/test.conf"
|
||||
# this overrides test.conf which is masked on disk
|
||||
$SYSUSERS --root="$TESTDIR" --replace=/etc/sysusers.d/test.conf - <"$f"
|
||||
"$SYSUSERS" --root="$TESTDIR" --replace=/etc/sysusers.d/test.conf - <"$f"
|
||||
# this should be ignored
|
||||
$SYSUSERS --root="$TESTDIR" --replace=/usr/lib/sysusers.d/test.conf - <"$SOURCE/test-1.input"
|
||||
"$SYSUSERS" --root="$TESTDIR" --replace=/usr/lib/sysusers.d/test.conf - <"$SOURCE/test-1.input"
|
||||
|
||||
compare "${f%.*}" "on stdin with --replace"
|
||||
done
|
||||
|
@ -84,7 +84,7 @@ echo "*** Testing --inline"
|
|||
prepare_testdir "$SOURCE/inline"
|
||||
# copy a random file to make sure it is ignored
|
||||
cp "$f" "$TESTDIR/etc/sysusers.d/confuse.conf"
|
||||
$SYSUSERS --root="$TESTDIR" --inline \
|
||||
"$SYSUSERS" --root="$TESTDIR" --inline \
|
||||
"u u1 222 - - /bin/zsh" \
|
||||
"g g1 111"
|
||||
|
||||
|
@ -95,7 +95,7 @@ echo "*** Testing --inline with --replace"
|
|||
prepare_testdir "$SOURCE/inline"
|
||||
# copy a random file to make sure it is ignored
|
||||
cp "$f" "$TESTDIR/etc/sysusers.d/confuse.conf"
|
||||
$SYSUSERS --root="$TESTDIR" \
|
||||
"$SYSUSERS" --root="$TESTDIR" \
|
||||
--inline \
|
||||
--replace=/etc/sysusers.d/confuse.conf \
|
||||
"u u1 222 - - /bin/zsh" \
|
||||
|
@ -105,7 +105,7 @@ compare "$SOURCE/inline" "(--inline --replace=…)"
|
|||
|
||||
echo "*** Testing --inline with no /etc"
|
||||
rm -rf "${TESTDIR:?}/etc"
|
||||
$SYSUSERS --root="$TESTDIR" --inline \
|
||||
"$SYSUSERS" --root="$TESTDIR" --inline \
|
||||
"u u1 222 - - /bin/zsh" \
|
||||
"g g1 111"
|
||||
|
||||
|
@ -136,7 +136,7 @@ for f in $(find "$SOURCE"/test-*.input | sort -V); do
|
|||
echo "*** Running $f (with login.defs)"
|
||||
prepare_testdir "${f%.input}"
|
||||
cp "$f" "$TESTDIR/usr/lib/sysusers.d/test.conf"
|
||||
$SYSUSERS --root="$TESTDIR"
|
||||
"$SYSUSERS" --root="$TESTDIR"
|
||||
|
||||
# shellcheck disable=SC2050
|
||||
[ @ENABLE_COMPAT_MUTABLE_UID_BOUNDARIES@ = 1 ] && bound=555 || bound=$system_guid_max
|
||||
|
@ -152,7 +152,7 @@ for f in $(find "$SOURCE"/test-*.input | sort -V); do
|
|||
echo "*** Running $f (with login.defs symlinked)"
|
||||
prepare_testdir "${f%.input}"
|
||||
cp "$f" "$TESTDIR/usr/lib/sysusers.d/test.conf"
|
||||
$SYSUSERS --root="$TESTDIR"
|
||||
"$SYSUSERS" --root="$TESTDIR"
|
||||
|
||||
# shellcheck disable=SC2050
|
||||
[ @ENABLE_COMPAT_MUTABLE_UID_BOUNDARIES@ = 1 ] && bound=555 || bound=$system_guid_max
|
||||
|
@ -166,7 +166,7 @@ for f in $(find "$SOURCE"/unhappy-*.input | sort -V); do
|
|||
echo "*** Running test $f"
|
||||
prepare_testdir "${f%.input}"
|
||||
cp "$f" "$TESTDIR/usr/lib/sysusers.d/test.conf"
|
||||
SYSTEMD_LOG_LEVEL=info $SYSUSERS --root="$TESTDIR" 2>&1 | tail -n1 | sed -r 's/^[^:]+:[^:]+://' >"$TESTDIR/err"
|
||||
SYSTEMD_LOG_LEVEL=info "$SYSUSERS" --root="$TESTDIR" 2>&1 | tail -n1 | sed -r 's/^[^:]+:[^:]+://' >"$TESTDIR/err"
|
||||
if ! diff -u "$TESTDIR/err" "${f%.*}.expected-err"; then
|
||||
echo >&2 "**** Unexpected error output for $f"
|
||||
cat >&2 "$TESTDIR/err"
|
||||
|
|
|
@ -17,9 +17,9 @@ if test -f /run/systemd/stub/profile; then
|
|||
fi
|
||||
echo "CURRENT MEASUREMENT:"
|
||||
/usr/lib/systemd/systemd-measure --current
|
||||
if test -f /run/systemd/tpm2-pcr-signature.json ; then
|
||||
if test -f /run/systemd/tpm2-pcr-signature.json; then
|
||||
echo "CURRENT SIGNATURE:"
|
||||
jq < /run/systemd/tpm2-pcr-signature.json
|
||||
jq </run/systemd/tpm2-pcr-signature.json
|
||||
fi
|
||||
|
||||
echo "CURRENT EVENT LOG + PCRS:"
|
||||
|
@ -45,7 +45,7 @@ TITLE="Profile Two"' --measure-base=/tmp/extended1.efi --cmdline="testprofile2=1
|
|||
|
||||
# Prepare a disk image, locked to the PCR measurements of the UKI we just generated
|
||||
truncate -s 32M /root/encrypted.raw
|
||||
echo -n "geheim" > /root/encrypted.secret
|
||||
echo -n "geheim" >/root/encrypted.secret
|
||||
cryptsetup luksFormat -q --pbkdf pbkdf2 --pbkdf-force-iterations 1000 --use-urandom /root/encrypted.raw --key-file=/root/encrypted.secret
|
||||
systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs= --tpm2-public-key=/root/pcrsign.public.pem --unlock-key-file=/root/encrypted.secret /root/encrypted.raw
|
||||
rm -f /root/encrypted.secret
|
||||
|
@ -62,12 +62,12 @@ else
|
|||
|
||||
if [ "$ID" = "profile0" ]; then
|
||||
grep -v testprofile /proc/cmdline
|
||||
echo "default $(basename "$CURRENT_UKI")@profile1" > "$(bootctl -p)/loader/loader.conf"
|
||||
echo "default $(basename "$CURRENT_UKI")@profile1" >"$(bootctl -p)/loader/loader.conf"
|
||||
reboot
|
||||
exit 0
|
||||
elif [ "$ID" = "profile1" ]; then
|
||||
grep testprofile1=1 /proc/cmdline
|
||||
echo "default $(basename "$CURRENT_UKI")@profile2" > "$(bootctl -p)/loader/loader.conf"
|
||||
echo "default $(basename "$CURRENT_UKI")@profile2" >"$(bootctl -p)/loader/loader.conf"
|
||||
reboot
|
||||
exit 0
|
||||
elif [ "$ID" = "profile2" ]; then
|
||||
|
|
Loading…
Reference in New Issue