update TODO

shell-completion: revert c1072f6473bafa063cbf700c86524083d2857031
fixing https://github.com/systemd/systemd/issues/19689
2026-03-19 11:34:46 +01:00 · 2021-06-17 15:11:37 +02:00 · 2021-06-17 14:42:46 +02:00 · 2021-06-17 13:10:30 +01:00 · 2021-06-17 17:21:17 +09:00 · 2021-06-17 08:52:46 +01:00
29 changed files with 143 additions and 68 deletions
--- a/14
+++ b/14
@ -61,8 +61,8 @@ CHANGES WITH 249 in spe:
          included in the image. For example, a disk image that contains a
          root, /home/, and /var/ partitions, may set MakeDirectories=yes to
          create /home/ and /var/ as empty directories in the root file system
-          on its creation, so that the resulting image can mounted immediately,
+          on its creation, so that the resulting image can be mounted
-          even in read-only mode.
+          immediately, even in read-only mode.
        * systemd-repart's CopyBlocks= setting gained support for the special
          value "auto". If used, a suitable matching partition on the booted OS
@ -134,7 +134,7 @@ CHANGES WITH 249 in spe:
        * The native Journal protocol has been documented. Clients may talk
          this as alternative to the classic BSD syslog protocol for locally
          delivering log records to the Journal. The protocol has been stable
-          since a long time and in fact been implemented already in a variety
+          for a long time and in fact been implemented already in a variety
          of alternative client libraries. This documentation makes the support
          for that official:
@ -226,10 +226,10 @@ CHANGES WITH 249 in spe:
          that matters most, to the point where this is defined.
        * The Discoverable Partition Specification has been updated with a new
-          GPT partition flag "growsfs" defined for its partition types.
+          GPT partition flag "grow-file-system" defined for its partition
-          Whenever partitions with this flag set are automatically mounted
+          types. Whenever partitions with this flag set are automatically
-          (i.e. via systemd-gpt-auto-generator or the --image= switch of
+          mounted (i.e. via systemd-gpt-auto-generator or the --image= switch
-          systemd-nspawn or other tools; and as opposed to explicit mounting
+          of systemd-nspawn or other tools; and as opposed to explicit mounting
          via /etc/fstab), the file system within the partition is
          automatically grown to the full size of the partition. If the file
          system size already matches the partition size this flag has no
--- a/5
+++ b/5
@ -26,6 +26,11 @@ Janitorial Clean-ups:
 Features:
 * firstboot: allow provisioning of /etc/hosts entries, so that we can via the
  credentials logic insert host name to resolve into containers/hosts. Usecase:
  fork a container, and make it ping some specific address which is defined by
  the host on invocation
 * in sd-id128: also parse UUIDs in RFC4122 URN syntax (i.e. chop off urn:uuid: prefix)
 * ability to insert trusted configuration and secrets into the boot parameters
--- a/meson.build
+++ b/meson.build
@ -793,12 +793,37 @@ endif
 conf.set_quoted('NOBODY_USER_NAME', nobody_user)
 conf.set_quoted('NOBODY_GROUP_NAME', nobody_group)
-tty_gid = get_option('tty-gid')
+static_ugids = []
-conf.set('TTY_GID', tty_gid)
+foreach option : ['adm-gid',
                  'audio-gid',
                  'cdrom-gid',
                  'dialout-gid',
                  'disk-gid',
                  'input-gid',
                  'kmem-gid',
                  'kvm-gid',
                  'lp-gid',
                  'render-gid',
                  'sgx-gid',
                  'tape-gid',
                  'tty-gid',
                  'users-gid',
                  'utmp-gid',
                  'video-gid',
                  'wheel-gid',
                  'systemd-journal-gid',
                  'systemd-network-uid',
                  'systemd-resolve-uid',
                  'systemd-timesync-uid']
        name = option.underscorify().to_upper()
        val = get_option(option)
        # Ensure provided GID argument is numeric, otherwise fall back to default assignment
-users_gid = get_option('users-gid')
+        conf.set(name, val >= 0 ? val : '-')
-conf.set('USERS_GID', users_gid < 0 ? '-' : users_gid)
+        if val >= 0
                static_ugids += '@0@:@1@'.format(option, val)
        endif
 endforeach
 conf.set10('ENABLE_ADM_GROUP', get_option('adm-group'))
 conf.set10('ENABLE_WHEEL_GROUP', get_option('wheel-group'))
@ -3713,14 +3738,13 @@ status = [
        'extra start script:                @0@'.format(get_option('rc-local')),
        'debug shell:                       @0@ @ @1@'.format(get_option('debug-shell'),
                                                              get_option('debug-tty')),
        'TTY GID:                           @0@'.format(tty_gid),
        'users GID:                         @0@'.format(conf.get('USERS_GID')),
        'system UIDs:                       <=@0@ (alloc >=@1@)'.format(conf.get('SYSTEM_UID_MAX'),
                                                                        conf.get('SYSTEM_ALLOC_UID_MIN')),
        'system GIDs:                       <=@0@ (alloc >=@1@)'.format(conf.get('SYSTEM_GID_MAX'),
                                                                        conf.get('SYSTEM_ALLOC_GID_MIN')),
        'dynamic UIDs:                      @0@…@1@'.format(dynamic_uid_min, dynamic_uid_max),
        'container UID bases:               @0@…@1@'.format(container_uid_base_min, container_uid_base_max),
        'static UID/GID allocations:        @0@'.format(' '.join(static_ugids)),
        '/dev/kvm access mode:              @0@'.format(get_option('dev-kvm-mode')),
        'render group access mode:          @0@'.format(get_option('group-render-mode')),
        'certificate root directory:        @0@'.format(get_option('certificate-root')),
--- a/meson_options.txt
+++ b/meson_options.txt
@ -204,6 +204,7 @@ option('status-unit-format-default', type : 'combo',
       description : 'use unit name or description in messages by default')
 option('time-epoch', type : 'integer', value : '-1',
       description : 'time epoch for time clients')
 option('system-alloc-uid-min', type : 'integer', value : '-1',
       description : 'minimum system UID used when allocating')
 option('system-alloc-gid-min', type : 'integer', value : '-1',
@ -220,10 +221,6 @@ option('container-uid-base-min', type : 'integer', value : 0x00080000,
       description : 'minimum container UID base')
 option('container-uid-base-max', type : 'integer', value : 0x6FFF0000,
       description : 'maximum container UID base')
 option('tty-gid', type : 'integer', value : 5,
       description : 'the numeric GID of the "tty" group')
 option('users-gid', type : 'integer', value : '-1',
       description : 'the numeric GID of the "users" group')
 option('adm-group', type : 'boolean',
       description : 'the ACL for adm group should be added')
 option('wheel-group', type : 'boolean',
@ -234,6 +231,49 @@ option('nobody-user', type : 'string',
 option('nobody-group', type : 'string',
       description : 'The name of the nobody group (the one with GID 65534)',
       value : 'nobody')
 option('adm-gid', type : 'integer', value : '-1',
       description : 'soft-static allocation for the "adm" group')
 option('audio-gid', type : 'integer', value : '-1',
       description : 'soft-static allocation for the "audio" group')
 option('cdrom-gid', type : 'integer', value : '-1',
       description : 'soft-static allocation for the "cdrom" group')
 option('dialout-gid', type : 'integer', value : '-1',
       description : 'soft-static allocation for the "dialout" group')
 option('disk-gid', type : 'integer', value : '-1',
       description : 'soft-static allocation for the "disk" group')
 option('input-gid', type : 'integer', value : '-1',
       description : 'soft-static allocation for the "input" group')
 option('kmem-gid', type : 'integer', value : '-1',
       description : 'soft-static allocation for the "kmem" group')
 option('kvm-gid', type : 'integer', value : '-1',
       description : 'soft-static allocation for the "kvm" group')
 option('lp-gid', type : 'integer', value : '-1',
       description : 'soft-static allocation for the "lp" group')
 option('render-gid', type : 'integer', value : '-1',
       description : 'soft-static allocation for the "render" group')
 option('sgx-gid', type : 'integer', value : '-1',
       description : 'soft-static allocation for the "sgx" group')
 option('tape-gid', type : 'integer', value : '-1',
       description : 'soft-static allocation for the "tape" group')
 option('tty-gid', type : 'integer', value : 5,
       description : 'the numeric GID of the "tty" group')
 option('users-gid', type : 'integer', value : '-1',
       description : 'soft-static allocation for the "users" group')
 option('utmp-gid', type : 'integer', value : '-1',
       description : 'soft-static allocation for the "utmp" group')
 option('video-gid', type : 'integer', value : '-1',
       description : 'soft-static allocation for the "video" group')
 option('wheel-gid', type : 'integer', value : '-1',
       description : 'soft-static allocation for the "wheel" group')
 option('systemd-journal-gid', type : 'integer', value : '-1',
       description : 'soft-static allocation for the systemd-journal group')
 option('systemd-network-uid', type : 'integer', value : '-1',
       description : 'soft-static allocation for the systemd-network user')
 option('systemd-resolve-uid', type : 'integer', value : '-1',
       description : 'soft-static allocation for the systemd-resolve user')
 option('systemd-timesync-uid', type : 'integer', value : '-1',
       description : 'soft-static allocation for the systemd-timesync user')
 option('dev-kvm-mode', type : 'string', value : '0666',
       description : '/dev/kvm access mode')
 option('group-render-mode', type : 'string', value : '0666',
--- a/shell-completion/zsh/_bootctl
+++ b/shell-completion/zsh/_bootctl
@ -1,4 +1,4 @@
-#compdef bootctl                    -*- shell-script -*-
+#compdef bootctl
 # SPDX-License-Identifier: LGPL-2.1-or-later
 __bootctl() {
--- a/shell-completion/zsh/_busctl
+++ b/shell-completion/zsh/_busctl
@ -1,4 +1,4 @@
-#compdef busctl                    -*- shell-script -*-
+#compdef busctl
 # SPDX-License-Identifier: LGPL-2.1-or-later
 # busctl(1) completion                               -*- shell-script -*-
--- a/shell-completion/zsh/_coredumpctl
+++ b/shell-completion/zsh/_coredumpctl
@ -1,4 +1,4 @@
-#compdef coredumpctl                    -*- shell-script -*-
+#compdef coredumpctl
 # SPDX-License-Identifier: LGPL-2.1-or-later
 (( $+functions[_coredumpctl_commands] )) ||
--- a/shell-completion/zsh/_hostnamectl
+++ b/shell-completion/zsh/_hostnamectl
@ -1,4 +1,4 @@
-#compdef hostnamectl                    -*- shell-script -*-
+#compdef hostnamectl
 # SPDX-License-Identifier: LGPL-2.1-or-later
 (( $+functions[_hostnamectl_hostname] )) ||
--- a/shell-completion/zsh/_journalctl
+++ b/shell-completion/zsh/_journalctl
@ -1,4 +1,4 @@
-#compdef journalctl                    -*- shell-script -*-
+#compdef journalctl
 # SPDX-License-Identifier: LGPL-2.1-or-later
 (( $+functions[_journalctl_fields] )) ||
--- a/shell-completion/zsh/_kernel-install
+++ b/shell-completion/zsh/_kernel-install
@ -1,4 +1,4 @@
-#compdef kernel-install                    -*- shell-script -*-
+#compdef kernel-install
 # SPDX-License-Identifier: LGPL-2.1-or-later
 (( $+functions[_kernel-install_images] )) ||
--- a/shell-completion/zsh/_localectl
+++ b/shell-completion/zsh/_localectl
@ -1,4 +1,4 @@
-#compdef localectl                    -*- shell-script -*-
+#compdef localectl
 # SPDX-License-Identifier: LGPL-2.1-or-later
 (( $+functions[_localectl_set-locale] )) ||
--- a/shell-completion/zsh/_loginctl
+++ b/shell-completion/zsh/_loginctl
@ -1,4 +1,4 @@
-#compdef loginctl                    -*- shell-script -*-
+#compdef loginctl
 # SPDX-License-Identifier: LGPL-2.1-or-later
 (( $+functions[_loginctl_all_sessions] )) ||
--- a/shell-completion/zsh/_machinectl
+++ b/shell-completion/zsh/_machinectl
@ -1,4 +1,4 @@
-#compdef machinectl                    -*- shell-script -*-
+#compdef machinectl
 # SPDX-License-Identifier: LGPL-2.1-or-later
 (( $+functions[__machinectl_get_machines] )) ||
--- a/shell-completion/zsh/_networkctl
+++ b/shell-completion/zsh/_networkctl
@ -1,4 +1,4 @@
-#compdef networkctl                    -*- shell-script -*-
+#compdef networkctl
 # SPDX-License-Identifier: LGPL-2.1-or-later
 (( $+functions[_networkctl_commands] )) ||
--- a/shell-completion/zsh/_resolvectl
+++ b/shell-completion/zsh/_resolvectl
@ -1,4 +1,4 @@
-#compdef resolvectl systemd-resolve         -*- shell-script -*-
+#compdef resolvectl systemd-resolve
 # SPDX-License-Identifier: LGPL-2.1-or-later
 #
 # This file is part of systemd.
--- a/shell-completion/zsh/_systemctl.in
+++ b/shell-completion/zsh/_systemctl.in
@ -1,4 +1,4 @@
-#compdef systemctl                    -*- shell-script -*-
+#compdef systemctl
 # SPDX-License-Identifier: LGPL-2.1-or-later
 (( $+functions[_systemctl_commands] )) || _systemctl_commands()
--- a/shell-completion/zsh/_systemd
+++ b/shell-completion/zsh/_systemd
@ -1,4 +1,4 @@
-#compdef systemd-cat systemd-ask-password systemd-cgls systemd-cgtop systemd-detect-virt systemd-machine-id-setup systemd-notify systemd-tty-ask-password-agent                    -*- shell-script -*-
+#compdef systemd-cat systemd-ask-password systemd-cgls systemd-cgtop systemd-detect-virt systemd-machine-id-setup systemd-notify systemd-tty-ask-password-agent
 # SPDX-License-Identifier: LGPL-2.1-or-later
 local curcontext="$curcontext" state lstate line
--- a/shell-completion/zsh/_systemd-analyze
+++ b/shell-completion/zsh/_systemd-analyze
@ -1,4 +1,4 @@
-#compdef systemd-analyze                    -*- shell-script -*-
+#compdef systemd-analyze
 # SPDX-License-Identifier: LGPL-2.1-or-later
 (( $+functions[_systemd-analyze_log-level] )) ||
--- a/shell-completion/zsh/_systemd-delta
+++ b/shell-completion/zsh/_systemd-delta
@ -1,4 +1,4 @@
-#compdef systemd-delta                    -*- shell-script -*-
+#compdef systemd-delta
 # SPDX-License-Identifier: LGPL-2.1-or-later
 (( $+functions[_systemd-delta_types] )) ||
--- a/shell-completion/zsh/_systemd-inhibit
+++ b/shell-completion/zsh/_systemd-inhibit
@ -1,4 +1,4 @@
-#compdef systemd-inhibit                    -*- shell-script -*-
+#compdef systemd-inhibit
 # SPDX-License-Identifier: LGPL-2.1-or-later
 (( $+functions[_systemd-inhibit_commands] )) ||
--- a/shell-completion/zsh/_systemd-nspawn
+++ b/shell-completion/zsh/_systemd-nspawn
@ -1,4 +1,4 @@
-#compdef systemd-nspawn                    -*- shell-script -*-
+#compdef systemd-nspawn
 # SPDX-License-Identifier: LGPL-2.1-or-later
 (( $+functions[_systemd-nspawn_caps] )) ||
--- a/shell-completion/zsh/_systemd-run
+++ b/shell-completion/zsh/_systemd-run
@ -1,4 +1,4 @@
-#compdef systemd-run                    -*- shell-script -*-
+#compdef systemd-run
 # SPDX-License-Identifier: LGPL-2.1-or-later
 # @todo _systemctl has a helper with the same name, so we must redefine
--- a/shell-completion/zsh/_systemd-tmpfiles
+++ b/shell-completion/zsh/_systemd-tmpfiles
@ -1,4 +1,4 @@
-#compdef systemd-tmpfiles                    -*- shell-script -*-
+#compdef systemd-tmpfiles
 # SPDX-License-Identifier: LGPL-2.1-or-later
 _arguments \
--- a/shell-completion/zsh/_timedatectl
+++ b/shell-completion/zsh/_timedatectl
@ -1,4 +1,4 @@
-#compdef timedatectl                    -*- shell-script -*-
+#compdef timedatectl
 # SPDX-License-Identifier: LGPL-2.1-or-later
 _timedatectl_set-timezone(){
--- a/shell-completion/zsh/_udevadm
+++ b/shell-completion/zsh/_udevadm
@ -1,4 +1,4 @@
-#compdef udevadm                    -*- shell-script -*-
+#compdef udevadm
 # SPDX-License-Identifier: LGPL-2.1-or-later
 (( $+functions[_udevadm_info] )) ||
--- a/src/core/unit.c
+++ b/src/core/unit.c
@ -5520,7 +5520,11 @@ int unit_pid_attachable(Unit *u, pid_t pid, sd_bus_error *error) {
 void unit_log_success(Unit *u) {
        assert(u);
-        log_unit_struct(u, LOG_INFO,
+        /* Let's show message "Deactivated successfully" in debug mode (when manager is user) rather than in info mode.
         * This message has low information value for regular users and it might be a bit overwhelming on a system with
         * a lot of devices. */
        log_unit_struct(u,
                        MANAGER_IS_USER(u->manager) ? LOG_DEBUG : LOG_INFO,
                        "MESSAGE_ID=" SD_MESSAGE_UNIT_SUCCESS_STR,
                        LOG_UNIT_INVOCATION_ID(u),
                        LOG_UNIT_MESSAGE(u, "Deactivated successfully."));
--- a/sysusers.d/basic.conf.in
+++ b/sysusers.d/basic.conf.in
@ -12,28 +12,28 @@ u root    0     "Super User" /root
 u {{NOBODY_USER_NAME}}  65534 "Nobody"     -
 # Administrator group: can *see* more than normal users
-g adm     -     -            -
+g adm     {{ADM_GID    }}     -            -
 # Administrator group: can *do* more than normal users
-g wheel   -     -            -
+g wheel   {{WHEEL_GID  }}     -            -
-# Access to certain kernel and userspace facilities
+# Access to shared database of users on the system
-g kmem    -     -            -
+g utmp    {{UTMP_GID   }}     -            -
 # Physical and virtual hardware access groups
 g audio   {{AUDIO_GID  }}     -            -
 g cdrom   {{CDROM_GID  }}     -            -
 g dialout {{DIALOUT_GID}}     -            -
 g disk    {{DISK_GID   }}     -            -
 g input   {{INPUT_GID  }}     -            -
 g kmem    {{KMEM_GID   }}     -            -
 g kvm     {{KVM_GID    }}     -            -
 g lp      {{LP_GID     }}     -            -
 g render  {{RENDER_GID }}     -            -
 g sgx     {{SGX_GID    }}     -            -
 g tape    {{TAPE_GID   }}     -            -
 g tty     {{TTY_GID    }}     -            -
-g utmp    -     -            -
+g video   {{VIDEO_GID  }}     -            -
 # Hardware access groups
 g audio   -     -            -
 g cdrom   -     -            -
 g dialout -     -            -
 g disk    -     -            -
 g input   -     -            -
 g kvm     -     -            -
 g lp      -     -            -
 g render  -     -            -
 g sgx     -     -            -
 g tape    -     -            -
 g video   -     -            -
 # Default group for normal users
 g users   {{USERS_GID  }}     -            -
--- a/sysusers.d/systemd.conf.in
+++ b/sysusers.d/systemd.conf.in
@ -5,18 +5,18 @@
 #  the Free Software Foundation; either version 2.1 of the License, or
 #  (at your option) any later version.
-g systemd-journal   - -
+g systemd-journal   {{SYSTEMD_JOURNAL_GID}} -
 {% if ENABLE_NETWORKD %}
-u systemd-network   - "systemd Network Management"
+u systemd-network   {{SYSTEMD_NETWORK_UID}} "systemd Network Management"
 {% endif %}
 {% if ENABLE_OOMD %}
 u systemd-oom       - "systemd Userspace OOM Killer"
 {% endif %}
 {% if ENABLE_RESOLVE %}
-u systemd-resolve   - "systemd Resolver"
+u systemd-resolve   {{SYSTEMD_RESOLVE_UID}} "systemd Resolver"
 {% endif %}
 {% if ENABLE_TIMESYNCD %}
-u systemd-timesync  - "systemd Time Synchronization"
+u systemd-timesync  {{SYSTEMD_TIMESYNC_UID}} "systemd Time Synchronization"
 {% endif %}
 {% if ENABLE_COREDUMP %}
 u systemd-coredump  - "systemd Core Dumper"
--- a/test/test-functions
+++ b/test/test-functions
@ -1006,12 +1006,14 @@ create_empty_image() {
    fi
    local size=500
    if [ -z "$NO_BUILD" ]; then
        if meson configure "${BUILD_DIR:?}" | grep 'static-lib\|standalone-binaries' | awk '{ print $2 }' | grep -q 'true'; then
            size=$((size+=200))
        fi
        if meson configure "${BUILD_DIR:?}" | grep 'link-.*-shared' | awk '{ print $2 }' | grep -q 'false'; then
            size=$((size+=200))
        fi
    fi
    if [[ "$STRIP_BINARIES" = "no" ]]; then
        size=$((4 * size))
    fi
Author	SHA1	Message	Date
Lennart Poettering	17f8a7e972	update TODO	2021-06-17 15:11:37 +02:00
Eric Cook	682e043c42	shell-completion: revert c1072f6473bafa063cbf700c86524083d2857031 fixing https://github.com/systemd/systemd/issues/19689	2021-06-17 14:42:46 +02:00
Jan Macku	edf2ee22f5	core: Hide "Deactivated successfully" message Show message "Deactivated successfully" in debug mode (when manager is user) rather than in info mode. This message has low information value for regular users and it might be a bit overwhelming on a system with a lot of devices.	2021-06-17 13:10:30 +01:00
Luca Boccassi	63878c52be	test: do not run 'meson configure' if NO_BUILD is set There is no build tree and packages are used, so it cannot work. Unlikely that static linking has been set for those builds anyway. Fixes https://github.com/systemd/systemd/issues/19955	2021-06-17 17:21:17 +09:00
Joerg Behrmann	5601400e17	NEWS: fix typos	2021-06-17 08:52:46 +01:00
Zbigniew Jędrzejewski-Szmek	9a797ddc41	meson: allow "soft-static" allocations for uids and gids in the initrd The general idea with users and groups created through sysusers is that an appropriate number is picked when the allocation is made. The number that is selected will be different on each system based on the order of creation of users, installed packages, etc. Since system users and groups are not shared between installations, this generally is not an issue. But it becomes a problem for initrd: some file systems are shared between the initrd and the host (/run and /dev are probably the only ones that matter). If the allocations are different in the host and the initrd, and files survive switch-root, they will have wrong ownership. This makes the gids build-time-configurable for all groups and users where state may survive the switch from initrd to the host. In particular, all "hardware access" groups are like this: files in /dev will be owned by them. Eventually the new udev would change ownership, but there would be a momemnt where the files were owned by the wrong group. The allocations are "soft-static" in the language of Fedora packaging guidelines: the uid/gid will be used if possible, but we'll fall back to a different one. TTY_GID is the exception, because the number is used directly. Similarly, the possibility to configure "soft-static" uids is added for daemons which may usefully run in the initramfs: systemd-network (lease information and interface state is serialized to /run), systemd-resolve (stub files and interface state), systemd-timesync (/run/systemd/timesync). Journal files are owned by the group systemd-journal, and acls are granted for wheel and adm. systemd-oom and systemd-coredump are excluded from this patch: I assume that oomd is not useful in the initrd, and coredump leaves no state (it only creates a pipe in /run?). The defaults are not changed: if nothing is configured, dynamic allocation will be used. I looked at a Debian system, and the numbers are all different than on Fedora. For Fedora, see the list of uids and gids at https://pagure.io/setup/blob/master/f/uidgid. In particular, systemd-network and systemd-resolve got soft-static numbers to make it easy to transition from a non-host-specific initrd to a host system already a few years back (https://bugzilla.redhat.com/show_bug.cgi?id=1102002). I also requested static allocations for sgx, input, render in https://pagure.io/packaging-committee/issue/1078, https://pagure.io/setup/pull-request/27.	2021-06-17 09:48:28 +02:00