mirror of
https://github.com/systemd/systemd
synced 2025-10-07 20:54:45 +02:00
Compare commits
No commits in common. "96ba43388f253cf94791bc46e1424359f836f2e3" and "869b44e0f7a1fa501c2e7b6774228c31d9caac61" have entirely different histories.
96ba43388f
...
869b44e0f7
126
NEWS
126
NEWS
@ -86,10 +86,9 @@ CHANGES WITH 258 in spe:
|
||||
keyboard mapping hardware database (hwdb.d/60-keyboard.hwdb) so far
|
||||
mapped the microphone mute and touchpad on/off/toggle keys to the
|
||||
function keys F20, F21, F22, F23 instead of their correct key codes.
|
||||
This key code mangling has been removed from udev.
|
||||
|
||||
This key code mangling has been removed.
|
||||
To maintain compatibility with X11 applications that rely on the old
|
||||
function key code mappings, this mangling has now been added to the
|
||||
function key code mappings, this mangling has now been moved to the
|
||||
relevant X11 keyboard driver modules. In order to ensure these keys
|
||||
continue to work, update to xf86-input-evdev >= 2.11.0 and
|
||||
xf86-input-libinput >= 1.5.0 before updating to systemd >= 258.
|
||||
@ -551,8 +550,8 @@ CHANGES WITH 258 in spe:
|
||||
* The generic "io.systemd.service" Varlink service that various of our
|
||||
long-running services implement, gained a new GetEnvironment() call
|
||||
that returns the current environment block of the service's main
|
||||
process. In addition, this service interface has been implemented in
|
||||
many more long-running services.
|
||||
process. In addition, this service interface has been implemented in many
|
||||
more long-running services.
|
||||
|
||||
* A new sd-varlink call sd_varlink_get_description() has been added
|
||||
that returns the string previously set via
|
||||
@ -636,15 +635,15 @@ CHANGES WITH 258 in spe:
|
||||
|
||||
* resolved.conf gained a new setting RefuseRecordTypes= which takes a
|
||||
list of RR types for which to refuse lookup attempts. This may be
|
||||
used to for example block A or AAAA lookups on IPv4- or IPv6-only
|
||||
used to for example block A or AAAA lookups on IPv4 or IPv6 only
|
||||
hosts.
|
||||
|
||||
* A new DNS "delegate zone" concept has been introduced, which are
|
||||
additional lookup scopes (on top of the existing per-interface and
|
||||
the one global scope so far supported in resolved), which carry one
|
||||
or more DNS server addresses and a DNS search/routing domain. It
|
||||
allows routing requests to specific domains to specific servers.
|
||||
Delegate zones can be configured via drop-ins below
|
||||
allows routing requests to specific domains to specific
|
||||
servers. Delegate zones can be configured via drop-ins below
|
||||
/etc/systemd/dns-delegate.d/*.dns-delegate.
|
||||
|
||||
* "resolvectl query -t sshfp" will now decode the returned RR
|
||||
@ -707,13 +706,13 @@ CHANGES WITH 258 in spe:
|
||||
variables can be forced now in environments where we'd previously
|
||||
automatically turn this off (e.g. in choot() contexts).
|
||||
|
||||
* systemd-stub gained support for a couple of "extension" CHIDs, that
|
||||
* systemd-stub learnt support for a couple of "extension" CHIDs, that
|
||||
are not part of the Microsoft's original spec, and which include EDID
|
||||
display identification information in the hash. This may be used to
|
||||
match Devicetree blobs in UKIs. "systemd-analyze chid" has been
|
||||
updated to support these extension CHIDs, too. (They are clearly
|
||||
marked as extensions CHIDs, to emphasize they are systemd's own
|
||||
invention, and not based on the Windows CHID spec.)
|
||||
invention, and not based on the Windows CHID spec)
|
||||
|
||||
* systemd-boot's loader.conf configuration file gained a new
|
||||
secure-boot-enroll-action setting which controls the action to take
|
||||
@ -783,11 +782,11 @@ CHANGES WITH 258 in spe:
|
||||
systemd-nsresourced, even if run privileged.
|
||||
|
||||
* If systemd-nspawn is used interactively, two new special key
|
||||
sequences can be used to trigger an immediate clean shutdown or
|
||||
reboot of the container with systemd running as PID 1: '^]^]p' for
|
||||
shutdown and '^]^]r' for reboot. This is in addition to the
|
||||
previously supported '^]^]^]' which triggers immediate shutdown
|
||||
without going through the usual shutdown logic.
|
||||
sequences can be entered to trigger an immediate clean shutdown or
|
||||
reboot of the container (under the assumption it runs systemd as PID
|
||||
1): ^]^]p will shutdown and ^]^]r will reboot. This is in addition to
|
||||
the previously supported ^]^]^] which will immediately shut it down,
|
||||
without going through the clean shutdown logic.
|
||||
|
||||
* systemd-nspawn will now invoke the TTY password agent if invoked
|
||||
interactively and without privileges. This makes sure unprivileged
|
||||
@ -890,27 +889,26 @@ CHANGES WITH 258 in spe:
|
||||
filtering by UID/GID min/max, fuzzy name matching and user
|
||||
disposition. Previously this was supported by the userdbctl
|
||||
client-side only. With this, userdb providers may now optionally
|
||||
implement this server-side too in order to optimize the lookups.
|
||||
implement this server side too in order to optimize the lookups.
|
||||
|
||||
* User records now support a concept of home "areas",
|
||||
i.e. subdirectories of the primary $HOME directory that a user can
|
||||
log into. This is useful to maintain separate development
|
||||
environments or configuration contexts, but within the ownership of
|
||||
the same user. Support for this is implemented in systemd-homed, but
|
||||
is conceptually open to other backends, too.
|
||||
|
||||
New home areas can be created via "mkdir -p ~/Areas/ && cp /etc/skel
|
||||
~/Areas/foo", or removed by "rm -rf ~/Areas/foo". Whenever prompted
|
||||
for login and a user name is requested, it is possible to enter a
|
||||
username suffixed by "%" and the area name in order to log into the
|
||||
specified area of the user. (e.g. "bar%foo"). Effectively this
|
||||
ensures that $HOME and $XDG_RUNTIME_DIR include the area choice after
|
||||
login. Note that at this moment it's not possible to log into a full
|
||||
graphical session with this, since we'd have to start a per-area user
|
||||
service manager for that, and we currently do not do this. But we
|
||||
hope to provide this in one of the next releases. In order to
|
||||
implement all this user records gained a new "defaultArea" field,
|
||||
which is configurable with homectl's --default-area= switch.
|
||||
is conceptually open to other backends, too. New home areas can be
|
||||
created via "mkdir -p ~/Areas/ && cp /etc/skel ~/Areas/foo", or
|
||||
removed by "rm -rf ~/Areas/foo". Whenever prompted for login and a
|
||||
user name is requested, it is possible to enter a username suffixed
|
||||
by "%" and the area name in order to log into the specified area of
|
||||
the user. (e.g. "bar%foo"). Effectively this ensures that $HOME and
|
||||
$XDG_RUNTIME_DIR include the area choice after login. Note that at
|
||||
this moment it's not possible to log into a fully graphical session
|
||||
with this, since we'd have to start a per-area user service manager
|
||||
for that, and we currently do not do this. But we hope to provide
|
||||
this in one of the next releases. In order to implement all this user
|
||||
records gained a new "defaultArea" field, which is configurable with
|
||||
homectl's --default-area= switch.
|
||||
|
||||
* An explicit MIME type application/x.systemd-home is now used for all
|
||||
LUKS *.home files managed by systemd.
|
||||
@ -1041,24 +1039,25 @@ CHANGES WITH 258 in spe:
|
||||
* There's now a per-user counterpart of /var/lib/machines/ defined as
|
||||
~/.local/state/machines/. Various tools such as systemd-nspawn +
|
||||
systemd-vmspawn now will search this directory when looking for a
|
||||
disk image, when invoked in unprivileged user context.
|
||||
systemd-dissect's --discover command may now be combined with --user
|
||||
or --system to choose in which of the directory scopes to look for
|
||||
images.
|
||||
disk image, when invoked in unprivileged user
|
||||
context. systemd-dissect's --discover command may now be combined
|
||||
with --user or --system to choose in which of the directory scopes to
|
||||
look for images.
|
||||
|
||||
* systemd-dissect gained a new --all switch. If specified the tool will
|
||||
not just discover DDIs (i.e. disk images) but also images stored in
|
||||
regular directories.
|
||||
|
||||
* systemd-dissect gained a new "--shift" switch for recursively
|
||||
re-chown()ing a directory tree from one set of UID/GIDs to another.
|
||||
This may be used to shift a tree from the base-0-UID range to the
|
||||
foreign UID range or back.
|
||||
re-chown()ing a directory tree from one set of UID/GIDs to
|
||||
another. This may be used to shift a tree from the base-0-UID range
|
||||
to the foreign UID range or back.
|
||||
|
||||
* systemd-dissect gained new --usr-hash= and --usr-hash-sig= options,
|
||||
that are similar to the existing --root-hash=/--root-hash-sig=
|
||||
options, but for the /usr/ partition. This allows the root hash of
|
||||
the /usr/ Verity volume and its signature to be specified.
|
||||
* systemd-dissect gained a new --usr-hash= option (and
|
||||
--usr-hash-sig=), that is what the existing --root-hash= switch does
|
||||
(and --root-hash-sig=), but for the /usr/ partition. Or in other words,
|
||||
it allows specifying the root hash of the /usr/ Verity volume, and
|
||||
possible its signature.
|
||||
|
||||
* When dissecting/mounting a DDI disk image, and no Verity root hash or
|
||||
signature is provided, suitable values are now automatically
|
||||
@ -1163,8 +1162,8 @@ CHANGES WITH 258 in spe:
|
||||
* systemd-repart gained a new switch --append-fstab= for controlling
|
||||
how to write or append automatically generated /etc/fstab entries.
|
||||
|
||||
* CopyFiles= lines can now contain an "fsverity=copy" flag to preserve
|
||||
the fs-verity status of the source files when populating the
|
||||
* `CopyFiles=` lines can now contain an `fsverity=copy` flag to
|
||||
preserve the fs-verity status of the source files when populating the
|
||||
filesystem.
|
||||
|
||||
* systemd-repart has been updated to automatically generate the
|
||||
@ -2963,9 +2962,9 @@ CHANGES WITH 256:
|
||||
controlled via the --register= switch.
|
||||
|
||||
* machinectl's start command (and related) can now invoke images either
|
||||
as containers via systemd-nspawn (specified as '--runner=nspawn', the
|
||||
default) or as VMs via systemd-vmspawn (specified as
|
||||
'--runner=vmspawn' or '-V').
|
||||
as containers via `systemd-nspawn` (switch is --runner=nspawn, the
|
||||
default) or as VMs via `systemd-vmspawn` (switch is --runner=vmspawn,
|
||||
or short -V).
|
||||
|
||||
* systemd-vmspawn now supports two switches --pass-ssh-key= and
|
||||
--ssh-key-type= to optionally set up transient SSH keys to pass to the
|
||||
@ -3871,7 +3870,7 @@ CHANGES WITH 255:
|
||||
sd_id128_get_machine_app_specific() and
|
||||
sd_id128_get_boot_app_specific() but takes the ID to base calculation
|
||||
on as input. This new functionality is also exposed in the
|
||||
systemd-id128 tool where you can now combine --app= with 'show'.
|
||||
"systemd-id128" tool where you can now combine --app= with `show`.
|
||||
|
||||
* All tools that parse timestamps now can also parse RFC3339 style
|
||||
timestamps that include the "T" and Z" characters.
|
||||
@ -6178,7 +6177,7 @@ CHANGES WITH 251:
|
||||
compatibility reasons, but nonetheless apparently commonplace). Note
|
||||
that this mapping is mapped 1:1 in a pass-through fashion, i.e. the
|
||||
UID assignments from the range are not managed or mapped by
|
||||
systemd-homed, and must be managed with other mechanisms, in the
|
||||
`systemd-homed`, and must be managed with other mechanisms, in the
|
||||
context of the local system.
|
||||
|
||||
Typically, a better approach to user namespacing in relevant
|
||||
@ -6323,15 +6322,15 @@ CHANGES WITH 251:
|
||||
* PID 1 will now automatically pick up system credentials from qemu's
|
||||
fw_cfg interface, thus allowing passing arbitrary data into VM
|
||||
systems similar to how this is already supported for passing them
|
||||
into systemd-nspawn containers. Credentials may now also be passed in
|
||||
via the new kernel command line option "systemd.set_credential="
|
||||
into `systemd-nspawn` containers. Credentials may now also be passed
|
||||
in via the new kernel command line option `systemd.set_credential=`
|
||||
(note that kernel command line options are world-readable during
|
||||
runtime, and only useful for credentials that require no
|
||||
confidentiality). The credentials that can be passed to unified
|
||||
kernels that use the systemd-stub UEFI stub are now similarly
|
||||
kernels that use the `systemd-stub` UEFI stub are now similarly
|
||||
picked up automatically. Automatic importing of system credentials
|
||||
this way can be turned off via the new
|
||||
"systemd.import_credentials=no" kernel command line option.
|
||||
`systemd.import_credentials=no` kernel command line option.
|
||||
|
||||
* LoadCredential= will now automatically look for credentials in the
|
||||
/etc/credstore/, /run/credstore/, /usr/lib/credstore/ directories if
|
||||
@ -10840,7 +10839,7 @@ CHANGES WITH 242:
|
||||
|
||||
Hint: the log output from udev (at debug level) was enhanced to
|
||||
clarify what policy is followed and which attributes are used.
|
||||
'SYSTEMD_LOG_LEVEL=debug udevadm test-builtin net_setup_link /sys/class/net/<name>'
|
||||
`SYSTEMD_LOG_LEVEL=debug udevadm test-builtin net_setup_link /sys/class/net/<name>`
|
||||
may be used to view this.
|
||||
|
||||
Hint: if a bridge interface is created without any slaves, and gains
|
||||
@ -10870,7 +10869,7 @@ CHANGES WITH 242:
|
||||
configured with PIDFile= for processes of that service.
|
||||
|
||||
* The fallback DNS server list was augmented with Cloudflare public DNS
|
||||
servers. Use '-Ddns-servers=' to set a different fallback.
|
||||
servers. Use `-Ddns-servers=` to set a different fallback.
|
||||
|
||||
* A new special target usb-gadget.target will be started automatically
|
||||
when a USB Device Controller is detected (which means that the system
|
||||
@ -11006,7 +11005,7 @@ CHANGES WITH 242:
|
||||
system tree, --console=/--pipe may be used to configure how standard
|
||||
input, output, and error are set up.
|
||||
|
||||
* busctl learned the 'emit' verb to generate D-Bus signals.
|
||||
* busctl learned the `emit` verb to generate D-Bus signals.
|
||||
|
||||
* systemd-analyze cat-config may be used to gather and display
|
||||
configuration spread over multiple files, for example system and user
|
||||
@ -11057,14 +11056,14 @@ CHANGES WITH 242:
|
||||
This makes it easier to use kernel-install with plugins which support
|
||||
a different layout of the bootloader partitions (for example grub2).
|
||||
|
||||
* During package installation (with 'ninja install'), we would create
|
||||
* During package installation (with `ninja install`), we would create
|
||||
symlinks for getty@tty1.service, systemd-networkd.service,
|
||||
systemd-networkd.socket, systemd-resolved.service,
|
||||
remote-cryptsetup.target, remote-fs.target,
|
||||
systemd-networkd-wait-online.service, and systemd-timesyncd.service
|
||||
in /etc, as if 'systemctl enable' was called for those units, to make
|
||||
in /etc, as if `systemctl enable` was called for those units, to make
|
||||
the system usable immediately after installation. Now this is not
|
||||
done anymore, and instead calling 'systemctl preset-all' is
|
||||
done anymore, and instead calling `systemctl preset-all` is
|
||||
recommended after the first installation of systemd.
|
||||
|
||||
* A new boolean sandboxing option RestrictSUIDSGID= has been added that
|
||||
@ -11828,12 +11827,11 @@ CHANGES WITH 239:
|
||||
"systemd-resolve" user on such systems, so that nss-ldap won't be
|
||||
triggered; or use a different NSS package that doesn't do networking
|
||||
in-process but provides a local asynchronous name cache; or configure
|
||||
the NSS package to avoid lookups for UIDs in the range between the
|
||||
values returned by the commands
|
||||
'pkg-config systemd --variable=dynamicuidmin' and
|
||||
'pkg-config systemd --variable=dynamicuidmax', so that it does not
|
||||
consider itself authoritative for the same UID range systemd
|
||||
allocates dynamic users from.
|
||||
the NSS package to avoid lookups for UIDs in the range `pkg-config
|
||||
systemd --variable=dynamicuidmin` … `pkg-config systemd
|
||||
--variable=dynamicuidmax`, so that it does not consider itself
|
||||
authoritative for the same UID range systemd allocates dynamic users
|
||||
from.
|
||||
|
||||
* The systemd-resolve tool has been renamed to resolvectl (it also
|
||||
remains available under the old name, for compatibility), and its
|
||||
|
||||
@ -321,23 +321,6 @@
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>--entry-type=type1|type2|all</option></term>
|
||||
|
||||
<listitem>
|
||||
<para>
|
||||
Controls the type of entries handled by the command. This is typically useful when multiple types
|
||||
of boot entries with the same kernel version are installed, and only one should be removed. When
|
||||
<literal>type1</literal> or <literal>type2</literal> is specified, each plugin is invoked with
|
||||
<varname>$KERNEL_INSTALL_BOOT_ENTRY_TYPE</varname> environment variable with the specified
|
||||
value. When <literal>all</literal> is specified, the environment variable will not be set.
|
||||
Defaults to <literal>all</literal>.
|
||||
</para>
|
||||
|
||||
<xi:include href="version-info.xml" xpointer="v258"/>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>--entry-token=</option></term>
|
||||
|
||||
|
||||
@ -565,16 +565,6 @@
|
||||
<xi:include href="standard-options.xml" xpointer="help" />
|
||||
<xi:include href="standard-options.xml" xpointer="version" />
|
||||
<xi:include href="standard-options.xml" xpointer="json" />
|
||||
|
||||
<varlistentry id='no-pager'>
|
||||
<term><option>--no-pager</option></term>
|
||||
|
||||
<listitem><para>Do not pipe output into a pager. This currently only applies to
|
||||
<option>--help</option>. (The pager is not started during normal operation.)</para>
|
||||
|
||||
<xi:include href="version-info.xml" xpointer="v258"/>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
</variablelist>
|
||||
|
||||
<para>All command line arguments after the first non-option argument become part of the command line of
|
||||
|
||||
@ -5,7 +5,7 @@ Distribution=centos
|
||||
|
||||
[Distribution]
|
||||
Release=10
|
||||
Repositories=epel
|
||||
Repositories=epel,epel-next
|
||||
|
||||
[Build]
|
||||
Environment=
|
||||
|
||||
@ -2,7 +2,8 @@
|
||||
|
||||
[Match]
|
||||
Repositories=epel
|
||||
Release=9
|
||||
|
||||
[Content]
|
||||
Packages=rpmautospec-rpm-macros
|
||||
Packages=
|
||||
erofs-utils
|
||||
rpmautospec-rpm-macros
|
||||
@ -1,11 +0,0 @@
|
||||
# SPDX-License-Identifier: LGPL-2.1-or-later
|
||||
|
||||
[TriggerMatch]
|
||||
Repositories=epel
|
||||
Release=9
|
||||
|
||||
[TriggerMatch]
|
||||
Release=10
|
||||
|
||||
[Content]
|
||||
Packages=erofs-utils
|
||||
@ -40,8 +40,7 @@ _systemd_run() {
|
||||
--path-property --socket-property --timer-property -H --host -M --machine --expand-environment
|
||||
--background --json --job-mode
|
||||
)
|
||||
local OPTS="${opts_with_values[*]} --no-ask-password --no-pager
|
||||
--scope -u --slice-inherit -r --remain-after-exit
|
||||
local OPTS="${opts_with_values[*]} --no-ask-password --scope -u --slice-inherit -r --remain-after-exit
|
||||
--send-sighup -d --same-dir -t --pty -P --pipe -S --shell -q --quiet --ignore-failure
|
||||
--on-clock-change --on-timezone-change --no-block --wait -G --collect --user --system -h --help --version -v --verbose"
|
||||
local mode=--system
|
||||
|
||||
@ -47,7 +47,6 @@ _arguments \
|
||||
'(-C --capsule)'{-C,--capsule=}'[Operate on capsule]:capsule' \
|
||||
'--nice=[Nice level]:nice level' \
|
||||
'--no-ask-password[Do not query the user for authentication]' \
|
||||
'--no-pager[Do not spawn a pager]' \
|
||||
'(--wait)--no-block[Do not synchronously wait for the unit start operation to finish]' \
|
||||
'--on-active=[Run after SEC seconds]:SEC' \
|
||||
'--on-boot=[Run SEC seconds after machine was booted up]:SEC' \
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
|
||||
#include "analyze.h"
|
||||
#include "analyze-capability.h"
|
||||
#include "capability-list.h"
|
||||
#include "cap-list.h"
|
||||
#include "capability-util.h"
|
||||
#include "format-table.h"
|
||||
#include "log.h"
|
||||
|
||||
@ -4,7 +4,7 @@
|
||||
|
||||
#include "alloc-util.h"
|
||||
#include "bitfield.h"
|
||||
#include "capability-list.h"
|
||||
#include "cap-list.h"
|
||||
#include "capability-util.h"
|
||||
#include "extract-word.h"
|
||||
#include "log.h"
|
||||
@ -14,8 +14,8 @@
|
||||
|
||||
static const struct capability_name* lookup_capability(register const char *str, register GPERF_LEN_TYPE len);
|
||||
|
||||
#include "capability-from-name.inc"
|
||||
#include "capability-to-name.inc"
|
||||
#include "cap-from-name.inc"
|
||||
#include "cap-to-name.inc"
|
||||
|
||||
const char* capability_to_name(int id) {
|
||||
if (id < 0)
|
||||
@ -8,7 +8,7 @@
|
||||
|
||||
#include "alloc-util.h"
|
||||
#include "bitfield.h"
|
||||
#include "capability-list.h"
|
||||
#include "cap-list.h"
|
||||
#include "capability-util.h"
|
||||
#include "fd-util.h"
|
||||
#include "fileio.h"
|
||||
|
||||
@ -14,7 +14,7 @@ basic_sources = files(
|
||||
'build.c',
|
||||
'build-path.c',
|
||||
'bus-label.c',
|
||||
'capability-list.c',
|
||||
'cap-list.c',
|
||||
'capability-util.c',
|
||||
'capsule-util.c',
|
||||
'cgroup-util.c',
|
||||
@ -122,11 +122,11 @@ sources += basic_sources
|
||||
|
||||
generated_gperf_headers = []
|
||||
foreach item : [
|
||||
# name, source, prefix, headers
|
||||
['af', af_sources, '', ['<sys/socket.h>'], ],
|
||||
['arphrd', arphrd_sources, 'ARPHRD_', ['<linux/if_arp.h>'], ],
|
||||
['capability', capability_sources, '', ['<linux/capability.h>'], ],
|
||||
['errno', [], '', ['<errno.h>'], ],
|
||||
# name, source, struct name, prefix, headers
|
||||
['af', af_sources, 'af', '', ['<sys/socket.h>'], ],
|
||||
['arphrd', arphrd_sources, 'arphrd', 'ARPHRD_', ['<linux/if_arp.h>'], ],
|
||||
['cap', cap_sources, 'capability', '', ['<linux/capability.h>'], ],
|
||||
['errno', [], 'errno', '', ['<errno.h>'], ],
|
||||
]
|
||||
|
||||
fname = '@0@-list.txt'.format(item[0])
|
||||
@ -141,7 +141,7 @@ foreach item : [
|
||||
gperf_file = custom_target(
|
||||
input : list_txt,
|
||||
output : fname,
|
||||
command : [generate_gperfs, item[0], item[2], '@INPUT@'] + item[3],
|
||||
command : [generate_gperfs, item[2], item[3], '@INPUT@'] + item[4],
|
||||
capture : true)
|
||||
|
||||
fname = '@0@-from-name.inc'.format(item[0])
|
||||
@ -150,8 +150,8 @@ foreach item : [
|
||||
output : fname,
|
||||
command : [gperf,
|
||||
'-L', 'ANSI-C', '-t', '--ignore-case',
|
||||
'-N', 'lookup_@0@'.format(item[0]),
|
||||
'-H', 'hash_@0@_name'.format(item[0]),
|
||||
'-N', 'lookup_@0@'.format(item[2]),
|
||||
'-H', 'hash_@0@_name'.format(item[2]),
|
||||
'-p', '-C',
|
||||
'@INPUT@'],
|
||||
capture : true)
|
||||
|
||||
@ -475,7 +475,8 @@ Virtualization detect_vm(void) {
|
||||
VIRTUALIZATION_ORACLE,
|
||||
VIRTUALIZATION_XEN,
|
||||
VIRTUALIZATION_AMAZON,
|
||||
VIRTUALIZATION_PARALLELS)) {
|
||||
VIRTUALIZATION_PARALLELS,
|
||||
VIRTUALIZATION_GOOGLE)) {
|
||||
v = dmi;
|
||||
goto finish;
|
||||
}
|
||||
@ -514,10 +515,6 @@ Virtualization detect_vm(void) {
|
||||
hyperv = true;
|
||||
else if (v == VIRTUALIZATION_VM_OTHER)
|
||||
other = true;
|
||||
else if (v == VIRTUALIZATION_KVM && dmi == VIRTUALIZATION_GOOGLE)
|
||||
/* The DMI vendor tables in /sys/class/dmi/id don't help us distinguish between GCE
|
||||
* virtual machines and bare-metal instances, so we need to look at hypervisor. */
|
||||
return VIRTUALIZATION_GOOGLE;
|
||||
else if (v != VIRTUALIZATION_NONE)
|
||||
goto finish;
|
||||
|
||||
@ -530,9 +527,7 @@ Virtualization detect_vm(void) {
|
||||
return dmi;
|
||||
if (dmi == VIRTUALIZATION_VM_OTHER)
|
||||
other = true;
|
||||
else if (!IN_SET(dmi, VIRTUALIZATION_NONE, VIRTUALIZATION_GOOGLE)) {
|
||||
/* At this point if GCE has been detected in dmi, do not report as a VM. It should
|
||||
* be a bare-metal machine */
|
||||
else if (dmi != VIRTUALIZATION_NONE) {
|
||||
v = dmi;
|
||||
goto finish;
|
||||
}
|
||||
|
||||
@ -9,7 +9,7 @@
|
||||
#include "bpf-restrict-fs.h"
|
||||
#include "bus-get-properties.h"
|
||||
#include "bus-unit-util.h"
|
||||
#include "capability-list.h"
|
||||
#include "cap-list.h"
|
||||
#include "cpu-set-util.h"
|
||||
#include "creds-util.h"
|
||||
#include "dbus-execute.h"
|
||||
|
||||
@ -14,7 +14,7 @@
|
||||
#include "alloc-util.h"
|
||||
#include "async.h"
|
||||
#include "bitfield.h"
|
||||
#include "capability-list.h"
|
||||
#include "cap-list.h"
|
||||
#include "capability-util.h"
|
||||
#include "cgroup-setup.h"
|
||||
#include "coredump-util.h"
|
||||
|
||||
@ -17,7 +17,7 @@
|
||||
#include "bpf-restrict-fs.h"
|
||||
#include "bus-error.h"
|
||||
#include "calendarspec.h"
|
||||
#include "capability-list.h"
|
||||
#include "cap-list.h"
|
||||
#include "capability-util.h"
|
||||
#include "cgroup-setup.h"
|
||||
#include "condition.h"
|
||||
|
||||
@ -12,7 +12,7 @@
|
||||
#include "bus-error.h"
|
||||
#include "bus-locator.h"
|
||||
#include "bus-util.h"
|
||||
#include "capability-list.h"
|
||||
#include "cap-list.h"
|
||||
#include "capability-util.h"
|
||||
#include "cgroup-util.h"
|
||||
#include "creds-util.h"
|
||||
|
||||
@ -13,7 +13,7 @@ arphrd_sources = files(
|
||||
)
|
||||
|
||||
# Source files that provides CAP_XYZ
|
||||
capability_sources = files(
|
||||
cap_sources = files(
|
||||
'uapi/linux/capability.h',
|
||||
)
|
||||
|
||||
|
||||
@ -44,10 +44,6 @@ HEADER = '''\
|
||||
|
||||
#include_next <sys/syscall.h>
|
||||
|
||||
#ifdef ARCH_MIPS
|
||||
#include <asm/sgidefs.h>
|
||||
#endif
|
||||
|
||||
#include <assert.h>
|
||||
'''
|
||||
|
||||
|
||||
@ -8,10 +8,6 @@
|
||||
|
||||
#include_next <sys/syscall.h>
|
||||
|
||||
#ifdef ARCH_MIPS
|
||||
#include <asm/sgidefs.h>
|
||||
#endif
|
||||
|
||||
#include <assert.h>
|
||||
|
||||
/* Note: if this code looks strange, this is because it is derived from the same
|
||||
|
||||
@ -33,12 +33,11 @@ case "$COMMAND" in
|
||||
exec depmod -a "$KERNEL_VERSION"
|
||||
;;
|
||||
remove)
|
||||
if [ -n "$KERNEL_INSTALL_BOOT_ENTRY_TYPE" ] && [ -d "/lib/modules/$KERNEL_VERSION/kernel" ]; then
|
||||
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
|
||||
echo "Multiple entry types may exist, not removing modules.dep or associated files."
|
||||
[ "$KERNEL_INSTALL_BOOT_ENTRY_TYPE" = "type2" ] || \
|
||||
[ "$KERNEL_INSTALL_BOOT_ENTRY_TYPE" = "type1" ] && \
|
||||
[ -d "/lib/modules/$KERNEL_VERSION/kernel" ] && \
|
||||
echo "Multiple entry types exist, not removing modules.dep or associated files." && \
|
||||
exit 0
|
||||
fi
|
||||
|
||||
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
|
||||
echo "Removing /lib/modules/${KERNEL_VERSION}/modules.dep and associated files"
|
||||
exec rm -f \
|
||||
|
||||
@ -1496,17 +1496,17 @@ static int help(void) {
|
||||
" --boot-path=PATH Path to the $BOOT partition\n"
|
||||
" --make-entry-directory=yes|no|auto\n"
|
||||
" Create $BOOT/ENTRY-TOKEN/ directory\n"
|
||||
" --entry-type=type1|type2|all\n"
|
||||
" Operate only on the specified bootloader\n"
|
||||
" entry type\n"
|
||||
" --entry-token=machine-id|os-id|os-image-id|auto|literal:…\n"
|
||||
" Entry token to be used for this installation\n"
|
||||
" Entry token to use for this installation\n"
|
||||
" --no-pager Do not pipe inspect output into a pager\n"
|
||||
" --json=pretty|short|off Generate JSON output\n"
|
||||
" --no-legend Do not show the headers and footers\n"
|
||||
" --root=PATH Operate on an alternate filesystem root\n"
|
||||
" --image=PATH Operate on disk image as filesystem root\n"
|
||||
" --image-policy=POLICY Specify disk image dissection policy\n"
|
||||
" --entry-type=type1|type2|all\n"
|
||||
" Operate only on the specified bootloader\n"
|
||||
" entry type\n"
|
||||
"\n"
|
||||
"This program may also be invoked as 'installkernel':\n"
|
||||
" installkernel [OPTIONS...] VERSION VMLINUZ [MAP] [INSTALLATION-DIR]\n"
|
||||
|
||||
@ -41,10 +41,8 @@ if want_kernel_install
|
||||
install_data('install.conf',
|
||||
install_dir : kerneldir)
|
||||
|
||||
if want_ukify
|
||||
install_data('uki.conf',
|
||||
install_dir : kerneldir)
|
||||
endif
|
||||
install_data('uki.conf',
|
||||
install_dir : kerneldir)
|
||||
|
||||
if install_sysconfdir
|
||||
install_emptydir(sysconfdir / 'kernel/install.d')
|
||||
|
||||
@ -8,7 +8,7 @@
|
||||
#include "bus-internal.h"
|
||||
#include "bus-message.h"
|
||||
#include "bus-type.h"
|
||||
#include "capability-list.h"
|
||||
#include "cap-list.h"
|
||||
#include "capability-util.h"
|
||||
#include "fileio.h"
|
||||
#include "format-util.h"
|
||||
|
||||
@ -20,9 +20,9 @@ int device_enumerator_add_parent_devices(sd_device_enumerator *enumerator, sd_de
|
||||
int device_enumerator_add_match_is_initialized(sd_device_enumerator *enumerator, MatchInitializedType type);
|
||||
int device_enumerator_add_match_parent_incremental(sd_device_enumerator *enumerator, sd_device *parent);
|
||||
int device_enumerator_add_prioritized_subsystem(sd_device_enumerator *enumerator, const char *subsystem);
|
||||
sd_device* device_enumerator_get_first(sd_device_enumerator *enumerator);
|
||||
sd_device* device_enumerator_get_next(sd_device_enumerator *enumerator);
|
||||
sd_device** device_enumerator_get_devices(sd_device_enumerator *enumerator, size_t *ret_n_devices);
|
||||
sd_device *device_enumerator_get_first(sd_device_enumerator *enumerator);
|
||||
sd_device *device_enumerator_get_next(sd_device_enumerator *enumerator);
|
||||
sd_device **device_enumerator_get_devices(sd_device_enumerator *enumerator, size_t *ret_n_devices);
|
||||
|
||||
#define FOREACH_DEVICE_AND_SUBSYSTEM(enumerator, device) \
|
||||
for (device = device_enumerator_get_first(enumerator); \
|
||||
|
||||
@ -98,7 +98,7 @@ static void device_enumerator_unref_devices(sd_device_enumerator *enumerator) {
|
||||
enumerator->n_devices = 0;
|
||||
}
|
||||
|
||||
static sd_device_enumerator* device_enumerator_free(sd_device_enumerator *enumerator) {
|
||||
static sd_device_enumerator *device_enumerator_free(sd_device_enumerator *enumerator) {
|
||||
assert(enumerator);
|
||||
|
||||
device_enumerator_unref_devices(enumerator);
|
||||
@ -1021,7 +1021,7 @@ int device_enumerator_scan_devices(sd_device_enumerator *enumerator) {
|
||||
return r;
|
||||
}
|
||||
|
||||
_public_ sd_device* sd_device_enumerator_get_device_first(sd_device_enumerator *enumerator) {
|
||||
_public_ sd_device *sd_device_enumerator_get_device_first(sd_device_enumerator *enumerator) {
|
||||
assert_return(enumerator, NULL);
|
||||
|
||||
if (device_enumerator_scan_devices(enumerator) < 0)
|
||||
@ -1038,7 +1038,7 @@ _public_ sd_device* sd_device_enumerator_get_device_first(sd_device_enumerator *
|
||||
return enumerator->devices[0];
|
||||
}
|
||||
|
||||
_public_ sd_device* sd_device_enumerator_get_device_next(sd_device_enumerator *enumerator) {
|
||||
_public_ sd_device *sd_device_enumerator_get_device_next(sd_device_enumerator *enumerator) {
|
||||
assert_return(enumerator, NULL);
|
||||
|
||||
if (!enumerator->scan_uptodate ||
|
||||
@ -1088,7 +1088,7 @@ int device_enumerator_scan_subsystems(sd_device_enumerator *enumerator) {
|
||||
return r;
|
||||
}
|
||||
|
||||
_public_ sd_device* sd_device_enumerator_get_subsystem_first(sd_device_enumerator *enumerator) {
|
||||
_public_ sd_device *sd_device_enumerator_get_subsystem_first(sd_device_enumerator *enumerator) {
|
||||
assert_return(enumerator, NULL);
|
||||
|
||||
if (device_enumerator_scan_subsystems(enumerator) < 0)
|
||||
@ -1105,7 +1105,7 @@ _public_ sd_device* sd_device_enumerator_get_subsystem_first(sd_device_enumerato
|
||||
return enumerator->devices[0];
|
||||
}
|
||||
|
||||
_public_ sd_device* sd_device_enumerator_get_subsystem_next(sd_device_enumerator *enumerator) {
|
||||
_public_ sd_device *sd_device_enumerator_get_subsystem_next(sd_device_enumerator *enumerator) {
|
||||
assert_return(enumerator, NULL);
|
||||
|
||||
if (!enumerator->scan_uptodate ||
|
||||
@ -1161,7 +1161,7 @@ int device_enumerator_scan_devices_and_subsystems(sd_device_enumerator *enumerat
|
||||
return r;
|
||||
}
|
||||
|
||||
sd_device* device_enumerator_get_first(sd_device_enumerator *enumerator) {
|
||||
sd_device *device_enumerator_get_first(sd_device_enumerator *enumerator) {
|
||||
assert_return(enumerator, NULL);
|
||||
|
||||
if (!enumerator->scan_uptodate)
|
||||
@ -1178,7 +1178,7 @@ sd_device* device_enumerator_get_first(sd_device_enumerator *enumerator) {
|
||||
return enumerator->devices[0];
|
||||
}
|
||||
|
||||
sd_device* device_enumerator_get_next(sd_device_enumerator *enumerator) {
|
||||
sd_device *device_enumerator_get_next(sd_device_enumerator *enumerator) {
|
||||
assert_return(enumerator, NULL);
|
||||
|
||||
if (!enumerator->scan_uptodate ||
|
||||
@ -1189,7 +1189,7 @@ sd_device* device_enumerator_get_next(sd_device_enumerator *enumerator) {
|
||||
return enumerator->devices[++enumerator->current_device_index];
|
||||
}
|
||||
|
||||
sd_device** device_enumerator_get_devices(sd_device_enumerator *enumerator, size_t *ret_n_devices) {
|
||||
sd_device **device_enumerator_get_devices(sd_device_enumerator *enumerator, size_t *ret_n_devices) {
|
||||
assert(enumerator);
|
||||
assert(ret_n_devices);
|
||||
|
||||
|
||||
@ -412,13 +412,13 @@ _public_ int sd_device_monitor_attach_event(sd_device_monitor *m, sd_event *even
|
||||
return 0;
|
||||
}
|
||||
|
||||
_public_ sd_event* sd_device_monitor_get_event(sd_device_monitor *m) {
|
||||
_public_ sd_event *sd_device_monitor_get_event(sd_device_monitor *m) {
|
||||
assert_return(m, NULL);
|
||||
|
||||
return m->event;
|
||||
}
|
||||
|
||||
_public_ sd_event_source* sd_device_monitor_get_event_source(sd_device_monitor *m) {
|
||||
_public_ sd_event_source *sd_device_monitor_get_event_source(sd_device_monitor *m) {
|
||||
assert_return(m, NULL);
|
||||
|
||||
return m->event_source;
|
||||
@ -447,7 +447,7 @@ _public_ int sd_device_monitor_get_description(sd_device_monitor *m, const char
|
||||
return 0;
|
||||
}
|
||||
|
||||
static sd_device_monitor* device_monitor_free(sd_device_monitor *m) {
|
||||
static sd_device_monitor *device_monitor_free(sd_device_monitor *m) {
|
||||
assert(m);
|
||||
|
||||
(void) sd_device_monitor_detach_event(m);
|
||||
|
||||
@ -52,7 +52,7 @@ int device_new_aux(sd_device **ret) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
static sd_device* device_free(sd_device *device) {
|
||||
static sd_device *device_free(sd_device *device) {
|
||||
assert(device);
|
||||
|
||||
sd_device_unref(device->parent);
|
||||
@ -1051,7 +1051,7 @@ static int device_enumerate_children(sd_device *device) {
|
||||
return 1; /* Enumerated. */
|
||||
}
|
||||
|
||||
_public_ sd_device* sd_device_get_child_first(sd_device *device, const char **ret_suffix) {
|
||||
_public_ sd_device *sd_device_get_child_first(sd_device *device, const char **ret_suffix) {
|
||||
int r;
|
||||
|
||||
assert(device);
|
||||
@ -1069,7 +1069,7 @@ _public_ sd_device* sd_device_get_child_first(sd_device *device, const char **re
|
||||
return sd_device_get_child_next(device, ret_suffix);
|
||||
}
|
||||
|
||||
_public_ sd_device* sd_device_get_child_next(sd_device *device, const char **ret_suffix) {
|
||||
_public_ sd_device *sd_device_get_child_next(sd_device *device, const char **ret_suffix) {
|
||||
sd_device *child;
|
||||
|
||||
assert(device);
|
||||
@ -1922,7 +1922,7 @@ _public_ int sd_device_get_usec_since_initialized(sd_device *device, uint64_t *r
|
||||
return 0;
|
||||
}
|
||||
|
||||
_public_ const char* sd_device_get_tag_first(sd_device *device) {
|
||||
_public_ const char *sd_device_get_tag_first(sd_device *device) {
|
||||
void *v;
|
||||
|
||||
assert_return(device, NULL);
|
||||
@ -1936,7 +1936,7 @@ _public_ const char* sd_device_get_tag_first(sd_device *device) {
|
||||
return v;
|
||||
}
|
||||
|
||||
_public_ const char* sd_device_get_tag_next(sd_device *device) {
|
||||
_public_ const char *sd_device_get_tag_next(sd_device *device) {
|
||||
void *v;
|
||||
|
||||
assert_return(device, NULL);
|
||||
@ -1962,7 +1962,7 @@ static bool device_database_supports_current_tags(sd_device *device) {
|
||||
return device->database_version >= 1;
|
||||
}
|
||||
|
||||
_public_ const char* sd_device_get_current_tag_first(sd_device *device) {
|
||||
_public_ const char *sd_device_get_current_tag_first(sd_device *device) {
|
||||
void *v;
|
||||
|
||||
assert_return(device, NULL);
|
||||
@ -1979,7 +1979,7 @@ _public_ const char* sd_device_get_current_tag_first(sd_device *device) {
|
||||
return v;
|
||||
}
|
||||
|
||||
_public_ const char* sd_device_get_current_tag_next(sd_device *device) {
|
||||
_public_ const char *sd_device_get_current_tag_next(sd_device *device) {
|
||||
void *v;
|
||||
|
||||
assert_return(device, NULL);
|
||||
@ -1996,7 +1996,7 @@ _public_ const char* sd_device_get_current_tag_next(sd_device *device) {
|
||||
return v;
|
||||
}
|
||||
|
||||
_public_ const char* sd_device_get_devlink_first(sd_device *device) {
|
||||
_public_ const char *sd_device_get_devlink_first(sd_device *device) {
|
||||
void *v;
|
||||
|
||||
assert_return(device, NULL);
|
||||
@ -2010,7 +2010,7 @@ _public_ const char* sd_device_get_devlink_first(sd_device *device) {
|
||||
return v;
|
||||
}
|
||||
|
||||
_public_ const char* sd_device_get_devlink_next(sd_device *device) {
|
||||
_public_ const char *sd_device_get_devlink_next(sd_device *device) {
|
||||
void *v;
|
||||
|
||||
assert_return(device, NULL);
|
||||
@ -2083,7 +2083,7 @@ int device_properties_prepare(sd_device *device) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
_public_ const char* sd_device_get_property_first(sd_device *device, const char **_value) {
|
||||
_public_ const char *sd_device_get_property_first(sd_device *device, const char **_value) {
|
||||
const char *key;
|
||||
int r;
|
||||
|
||||
@ -2100,7 +2100,7 @@ _public_ const char* sd_device_get_property_first(sd_device *device, const char
|
||||
return key;
|
||||
}
|
||||
|
||||
_public_ const char* sd_device_get_property_next(sd_device *device, const char **_value) {
|
||||
_public_ const char *sd_device_get_property_next(sd_device *device, const char **_value) {
|
||||
const char *key;
|
||||
int r;
|
||||
|
||||
@ -2217,14 +2217,19 @@ static int device_sysattrs_read_all(sd_device *device) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
_public_ const char* sd_device_get_sysattr_first(sd_device *device) {
|
||||
_public_ const char *sd_device_get_sysattr_first(sd_device *device) {
|
||||
void *v;
|
||||
int r;
|
||||
|
||||
assert_return(device, NULL);
|
||||
|
||||
if (!device->sysattrs_read &&
|
||||
device_sysattrs_read_all(device) < 0)
|
||||
return NULL;
|
||||
if (!device->sysattrs_read) {
|
||||
r = device_sysattrs_read_all(device);
|
||||
if (r < 0) {
|
||||
errno = -r;
|
||||
return NULL;
|
||||
}
|
||||
}
|
||||
|
||||
device->sysattrs_iterator = ITERATOR_FIRST;
|
||||
|
||||
@ -2232,7 +2237,7 @@ _public_ const char* sd_device_get_sysattr_first(sd_device *device) {
|
||||
return v;
|
||||
}
|
||||
|
||||
_public_ const char* sd_device_get_sysattr_next(sd_device *device) {
|
||||
_public_ const char *sd_device_get_sysattr_next(sd_device *device) {
|
||||
void *v;
|
||||
|
||||
assert_return(device, NULL);
|
||||
|
||||
@ -22,7 +22,7 @@
|
||||
#include "bus-error.h"
|
||||
#include "bus-internal.h"
|
||||
#include "bus-locator.h"
|
||||
#include "capability-list.h"
|
||||
#include "cap-list.h"
|
||||
#include "capability-util.h"
|
||||
#include "cgroup-setup.h"
|
||||
#include "chase.h"
|
||||
|
||||
@ -1345,7 +1345,7 @@ int link_drop_ipv6ll_addresses(Link *link) {
|
||||
/* IPv6LL address may be in the tentative state, and in that case networkd has not received it.
|
||||
* So, we need to dump all IPv6 addresses. */
|
||||
|
||||
if (link_ipv6ll_enabled_harder(link))
|
||||
if (link_may_have_ipv6ll(link, /* check_multicast = */ false))
|
||||
return 0;
|
||||
|
||||
r = sd_rtnl_message_new_addr(link->manager->rtnl, &req, RTM_GETADDR, link->ifindex, AF_INET6);
|
||||
|
||||
@ -43,26 +43,41 @@ bool link_ipv6ll_enabled(Link *link) {
|
||||
return link->network->link_local & ADDRESS_FAMILY_IPV6;
|
||||
}
|
||||
|
||||
bool link_ipv6ll_enabled_harder(Link *link) {
|
||||
bool link_may_have_ipv6ll(Link *link, bool check_multicast) {
|
||||
assert(link);
|
||||
|
||||
/* This is mostly equivalent to link_ipv6ll_enabled(), but also checks if an IPv6LL address is
|
||||
* manually configured. */
|
||||
/*
|
||||
* This is equivalent to link_ipv6ll_enabled() for non-WireGuard interfaces.
|
||||
*
|
||||
* For WireGuard interface, the kernel does not assign any IPv6LL addresses, but we can assign
|
||||
* it manually. It is necessary to set an IPv6LL address manually to run NDisc or RADV on
|
||||
* WireGuard interface. Note, also Multicast=yes must be set. See #17380.
|
||||
*
|
||||
* TODO: May be better to introduce GenerateIPv6LinkLocalAddress= setting, and use algorithms
|
||||
* used in networkd-address-generation.c
|
||||
*/
|
||||
|
||||
if (link_ipv6ll_enabled(link))
|
||||
return true;
|
||||
|
||||
if (!link->network)
|
||||
return false;
|
||||
/* IPv6LL address can be manually assigned on WireGuard interface. */
|
||||
if (streq_ptr(link->kind, "wireguard")) {
|
||||
Address *a;
|
||||
|
||||
Address *a;
|
||||
ORDERED_HASHMAP_FOREACH(a, link->network->addresses_by_section) {
|
||||
if (a->family != AF_INET6)
|
||||
continue;
|
||||
if (in6_addr_is_set(&a->in_addr_peer.in6))
|
||||
continue;
|
||||
if (in6_addr_is_link_local(&a->in_addr.in6))
|
||||
return true;
|
||||
if (!link->network)
|
||||
return false;
|
||||
|
||||
if (check_multicast && !FLAGS_SET(link->flags, IFF_MULTICAST) && link->network->multicast <= 0)
|
||||
return false;
|
||||
|
||||
ORDERED_HASHMAP_FOREACH(a, link->network->addresses_by_section) {
|
||||
if (a->family != AF_INET6)
|
||||
continue;
|
||||
if (in6_addr_is_set(&a->in_addr_peer.in6))
|
||||
continue;
|
||||
if (in6_addr_is_link_local(&a->in_addr.in6))
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
return false;
|
||||
|
||||
@ -15,7 +15,7 @@ typedef enum IPv6LinkLocalAddressGenMode {
|
||||
} IPv6LinkLocalAddressGenMode;
|
||||
|
||||
bool link_ipv6ll_enabled(Link *link);
|
||||
bool link_ipv6ll_enabled_harder(Link *link);
|
||||
bool link_may_have_ipv6ll(Link *link, bool check_multicast);
|
||||
|
||||
IPv6LinkLocalAddressGenMode link_get_ipv6ll_addrgen_mode(Link *link);
|
||||
int ipv6ll_addrgen_mode_fill_message(sd_netlink_message *message, IPv6LinkLocalAddressGenMode mode);
|
||||
|
||||
@ -133,7 +133,7 @@ bool link_ipv6_enabled(Link *link) {
|
||||
if (link->network->bond)
|
||||
return false;
|
||||
|
||||
if (link_ipv6ll_enabled(link))
|
||||
if (link_may_have_ipv6ll(link, /* check_multicast = */ false))
|
||||
return true;
|
||||
|
||||
if (network_has_static_ipv6_configurations(link->network))
|
||||
@ -2126,17 +2126,6 @@ bool link_has_carrier(Link *link) {
|
||||
return netif_has_carrier(link->kernel_operstate, link->flags);
|
||||
}
|
||||
|
||||
bool link_multicast_enabled(Link *link) {
|
||||
assert(link);
|
||||
|
||||
/* If Multicast= is specified, use the value. */
|
||||
if (link->network && link->network->multicast >= 0)
|
||||
return link->network->multicast;
|
||||
|
||||
/* Otherwise, return the current state. */
|
||||
return FLAGS_SET(link->flags, IFF_MULTICAST);
|
||||
}
|
||||
|
||||
#define FLAG_STRING(string, flag, old, new) \
|
||||
(((old ^ new) & flag) \
|
||||
? ((old & flag) ? (" -" string) : (" +" string)) \
|
||||
|
||||
@ -229,7 +229,6 @@ void link_check_ready(Link *link);
|
||||
void link_update_operstate(Link *link, bool also_update_bond_master);
|
||||
|
||||
bool link_has_carrier(Link *link);
|
||||
bool link_multicast_enabled(Link *link);
|
||||
|
||||
bool link_ipv6_enabled(Link *link);
|
||||
int link_ipv6ll_gained(Link *link);
|
||||
|
||||
@ -65,10 +65,7 @@ bool link_ndisc_enabled(Link *link) {
|
||||
if (!link->network)
|
||||
return false;
|
||||
|
||||
if (!link_multicast_enabled(link))
|
||||
return false;
|
||||
|
||||
if (!link_ipv6ll_enabled_harder(link))
|
||||
if (!link_may_have_ipv6ll(link, /* check_multicast = */ true))
|
||||
return false;
|
||||
|
||||
/* Honor explicitly specified value. */
|
||||
|
||||
@ -31,10 +31,10 @@
|
||||
bool link_radv_enabled(Link *link) {
|
||||
assert(link);
|
||||
|
||||
if (!link_multicast_enabled(link))
|
||||
if (!link_may_have_ipv6ll(link, /* check_multicast = */ true))
|
||||
return false;
|
||||
|
||||
if (!link_ipv6ll_enabled_harder(link))
|
||||
if (link->hw_addr.length != ETH_ALEN)
|
||||
return false;
|
||||
|
||||
return link->network->router_prefix_delegation;
|
||||
|
||||
@ -8,7 +8,7 @@
|
||||
|
||||
#include "alloc-util.h"
|
||||
#include "bus-util.h"
|
||||
#include "capability-list.h"
|
||||
#include "cap-list.h"
|
||||
#include "cgroup-util.h"
|
||||
#include "cpu-set-util.h"
|
||||
#include "device-util.h"
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
#include "sd-bus.h"
|
||||
|
||||
#include "alloc-util.h"
|
||||
#include "capability-list.h"
|
||||
#include "cap-list.h"
|
||||
#include "conf-parser.h"
|
||||
#include "cpu-set-util.h"
|
||||
#include "extract-word.h"
|
||||
|
||||
@ -32,7 +32,7 @@
|
||||
#include "bus-error.h"
|
||||
#include "bus-locator.h"
|
||||
#include "bus-util.h"
|
||||
#include "capability-list.h"
|
||||
#include "cap-list.h"
|
||||
#include "capability-util.h"
|
||||
#include "cgroup-setup.h"
|
||||
#include "cgroup-util.h"
|
||||
|
||||
@ -42,7 +42,6 @@
|
||||
#include "log.h"
|
||||
#include "main-func.h"
|
||||
#include "osc-context.h"
|
||||
#include "pager.h"
|
||||
#include "parse-argument.h"
|
||||
#include "parse-util.h"
|
||||
#include "path-util.h"
|
||||
@ -111,7 +110,6 @@ static char **arg_cmdline = NULL;
|
||||
static char *arg_exec_path = NULL;
|
||||
static bool arg_ignore_failure = false;
|
||||
static char *arg_background = NULL;
|
||||
static PagerFlags arg_pager_flags = 0;
|
||||
static sd_json_format_flags_t arg_json_format_flags = SD_JSON_FORMAT_OFF;
|
||||
static char *arg_shell_prompt_prefix = NULL;
|
||||
static int arg_lightweight = -1;
|
||||
@ -135,8 +133,6 @@ static int help(void) {
|
||||
_cleanup_free_ char *link = NULL;
|
||||
int r;
|
||||
|
||||
pager_open(arg_pager_flags);
|
||||
|
||||
r = terminal_urlify_man("systemd-run", "1", &link);
|
||||
if (r < 0)
|
||||
return log_oom();
|
||||
@ -181,7 +177,6 @@ static int help(void) {
|
||||
" when queueing a new job\n"
|
||||
" --ignore-failure Ignore the exit status of the invoked process\n"
|
||||
" --background=COLOR Set ANSI color for background\n"
|
||||
" --no-pager Do not pipe output into a pager\n"
|
||||
"\n%3$sPath options:%4$s\n"
|
||||
" --path-property=NAME=VALUE Set path unit property\n"
|
||||
"\n%3$sSocket options:%4$s\n"
|
||||
@ -323,7 +318,6 @@ static int parse_argv(int argc, char *argv[]) {
|
||||
ARG_JOB_MODE,
|
||||
ARG_IGNORE_FAILURE,
|
||||
ARG_BACKGROUND,
|
||||
ARG_NO_PAGER,
|
||||
ARG_JSON,
|
||||
};
|
||||
|
||||
@ -376,7 +370,6 @@ static int parse_argv(int argc, char *argv[]) {
|
||||
{ "job-mode", required_argument, NULL, ARG_JOB_MODE },
|
||||
{ "ignore-failure", no_argument, NULL, ARG_IGNORE_FAILURE },
|
||||
{ "background", required_argument, NULL, ARG_BACKGROUND },
|
||||
{ "no-pager", no_argument, NULL, ARG_NO_PAGER },
|
||||
{ "json", required_argument, NULL, ARG_JSON },
|
||||
{},
|
||||
};
|
||||
@ -691,10 +684,6 @@ static int parse_argv(int argc, char *argv[]) {
|
||||
return r;
|
||||
break;
|
||||
|
||||
case ARG_NO_PAGER:
|
||||
arg_pager_flags |= PAGER_DISABLE;
|
||||
break;
|
||||
|
||||
case ARG_JSON:
|
||||
r = parse_json_argument(optarg, &arg_json_format_flags);
|
||||
if (r <= 0)
|
||||
|
||||
@ -5,10 +5,6 @@
|
||||
#include <syslog.h>
|
||||
#include <unistd.h>
|
||||
|
||||
#ifdef ARCH_MIPS
|
||||
#include <asm/sgidefs.h>
|
||||
#endif
|
||||
|
||||
#include "alloc-util.h"
|
||||
#include "base-filesystem.h"
|
||||
#include "errno-util.h"
|
||||
|
||||
@ -4,7 +4,7 @@
|
||||
|
||||
#include "alloc-util.h"
|
||||
#include "bus-print-properties.h"
|
||||
#include "capability-list.h"
|
||||
#include "cap-list.h"
|
||||
#include "cgroup-util.h"
|
||||
#include "escape.h"
|
||||
#include "log.h"
|
||||
|
||||
@ -11,7 +11,7 @@
|
||||
#include "bus-locator.h"
|
||||
#include "bus-unit-util.h"
|
||||
#include "bus-util.h"
|
||||
#include "capability-list.h"
|
||||
#include "cap-list.h"
|
||||
#include "cgroup-setup.h"
|
||||
#include "cgroup-util.h"
|
||||
#include "condition.h"
|
||||
|
||||
@ -16,7 +16,7 @@
|
||||
#include "battery-util.h"
|
||||
#include "bitfield.h"
|
||||
#include "blockdev-util.h"
|
||||
#include "capability-list.h"
|
||||
#include "cap-list.h"
|
||||
#include "capability-util.h"
|
||||
#include "cgroup-util.h"
|
||||
#include "compare-operator.h"
|
||||
|
||||
@ -1,8 +1,7 @@
|
||||
/* SPDX-License-Identifier: LGPL-2.1-or-later */
|
||||
#pragma once
|
||||
|
||||
#include <linux/quota.h> /* IWYU pragma: export */
|
||||
#include <sys/quota.h> /* IWYU pragma: export */
|
||||
#include <sys/quota.h> /* IWYU pragma: export */
|
||||
|
||||
#include "forward.h"
|
||||
|
||||
|
||||
@ -8,10 +8,6 @@
|
||||
#include <sys/shm.h>
|
||||
#include <sys/stat.h>
|
||||
|
||||
#ifdef ARCH_MIPS
|
||||
#include <asm/sgidefs.h>
|
||||
#endif
|
||||
|
||||
#include "af-list.h"
|
||||
#include "alloc-util.h"
|
||||
#include "env-util.h"
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
/* SPDX-License-Identifier: LGPL-2.1-or-later */
|
||||
|
||||
#include "alloc-util.h"
|
||||
#include "capability-list.h"
|
||||
#include "cap-list.h"
|
||||
#include "format-util.h"
|
||||
#include "glyph-util.h"
|
||||
#include "hashmap.h"
|
||||
|
||||
@ -4,7 +4,7 @@
|
||||
|
||||
#include "alloc-util.h"
|
||||
#include "bitfield.h"
|
||||
#include "capability-list.h"
|
||||
#include "cap-list.h"
|
||||
#include "cgroup-util.h"
|
||||
#include "dns-domain.h"
|
||||
#include "glyph-util.h"
|
||||
|
||||
@ -50,8 +50,8 @@ typedef int (*sd_device_monitor_handler_t)(sd_device_monitor *m, sd_device *devi
|
||||
|
||||
/* device */
|
||||
|
||||
sd_device* sd_device_ref(sd_device *device);
|
||||
sd_device* sd_device_unref(sd_device *device);
|
||||
sd_device *sd_device_ref(sd_device *device);
|
||||
sd_device *sd_device_unref(sd_device *device);
|
||||
|
||||
int sd_device_new_from_syspath(sd_device **ret, const char *syspath);
|
||||
int sd_device_new_from_devnum(sd_device **ret, char type, dev_t devnum);
|
||||
@ -98,8 +98,8 @@ const char* sd_device_get_property_first(sd_device *device, const char **value);
|
||||
const char* sd_device_get_property_next(sd_device *device, const char **value);
|
||||
const char* sd_device_get_sysattr_first(sd_device *device);
|
||||
const char* sd_device_get_sysattr_next(sd_device *device);
|
||||
sd_device* sd_device_get_child_first(sd_device *device, const char **ret_suffix);
|
||||
sd_device* sd_device_get_child_next(sd_device *device, const char **ret_suffix);
|
||||
sd_device *sd_device_get_child_first(sd_device *device, const char **ret_suffix);
|
||||
sd_device *sd_device_get_child_next(sd_device *device, const char **ret_suffix);
|
||||
|
||||
int sd_device_has_tag(sd_device *device, const char *tag);
|
||||
int sd_device_has_current_tag(sd_device *device, const char *tag);
|
||||
@ -117,13 +117,13 @@ int sd_device_open(sd_device *device, int flags);
|
||||
/* device enumerator */
|
||||
|
||||
int sd_device_enumerator_new(sd_device_enumerator **ret);
|
||||
sd_device_enumerator* sd_device_enumerator_ref(sd_device_enumerator *enumerator);
|
||||
sd_device_enumerator* sd_device_enumerator_unref(sd_device_enumerator *enumerator);
|
||||
sd_device_enumerator *sd_device_enumerator_ref(sd_device_enumerator *enumerator);
|
||||
sd_device_enumerator *sd_device_enumerator_unref(sd_device_enumerator *enumerator);
|
||||
|
||||
sd_device* sd_device_enumerator_get_device_first(sd_device_enumerator *enumerator);
|
||||
sd_device* sd_device_enumerator_get_device_next(sd_device_enumerator *enumerator);
|
||||
sd_device* sd_device_enumerator_get_subsystem_first(sd_device_enumerator *enumerator);
|
||||
sd_device* sd_device_enumerator_get_subsystem_next(sd_device_enumerator *enumerator);
|
||||
sd_device *sd_device_enumerator_get_device_first(sd_device_enumerator *enumerator);
|
||||
sd_device *sd_device_enumerator_get_device_next(sd_device_enumerator *enumerator);
|
||||
sd_device *sd_device_enumerator_get_subsystem_first(sd_device_enumerator *enumerator);
|
||||
sd_device *sd_device_enumerator_get_subsystem_next(sd_device_enumerator *enumerator);
|
||||
|
||||
int sd_device_enumerator_add_match_subsystem(sd_device_enumerator *enumerator, const char *subsystem, int match);
|
||||
int sd_device_enumerator_add_match_sysattr(sd_device_enumerator *enumerator, const char *sysattr, const char *value, int match);
|
||||
@ -139,8 +139,8 @@ int sd_device_enumerator_add_all_parents(sd_device_enumerator *enumerator);
|
||||
/* device monitor */
|
||||
|
||||
int sd_device_monitor_new(sd_device_monitor **ret);
|
||||
sd_device_monitor* sd_device_monitor_ref(sd_device_monitor *m);
|
||||
sd_device_monitor* sd_device_monitor_unref(sd_device_monitor *m);
|
||||
sd_device_monitor *sd_device_monitor_ref(sd_device_monitor *m);
|
||||
sd_device_monitor *sd_device_monitor_unref(sd_device_monitor *m);
|
||||
|
||||
int sd_device_monitor_get_fd(sd_device_monitor *m);
|
||||
int sd_device_monitor_get_events(sd_device_monitor *m);
|
||||
@ -148,8 +148,8 @@ int sd_device_monitor_get_timeout(sd_device_monitor *m, uint64_t *ret);
|
||||
int sd_device_monitor_set_receive_buffer_size(sd_device_monitor *m, size_t size);
|
||||
int sd_device_monitor_attach_event(sd_device_monitor *m, sd_event *event);
|
||||
int sd_device_monitor_detach_event(sd_device_monitor *m);
|
||||
sd_event* sd_device_monitor_get_event(sd_device_monitor *m);
|
||||
sd_event_source* sd_device_monitor_get_event_source(sd_device_monitor *m);
|
||||
sd_event *sd_device_monitor_get_event(sd_device_monitor *m);
|
||||
sd_event_source *sd_device_monitor_get_event_source(sd_device_monitor *m);
|
||||
int sd_device_monitor_set_description(sd_device_monitor *m, const char *description);
|
||||
int sd_device_monitor_get_description(sd_device_monitor *m, const char **ret);
|
||||
int sd_device_monitor_is_running(sd_device_monitor *m);
|
||||
|
||||
@ -249,11 +249,11 @@ executables += [
|
||||
'type' : 'manual',
|
||||
},
|
||||
test_template + {
|
||||
'sources' : files('test-capability-list.c'),
|
||||
'sources' : files('test-cap-list.c'),
|
||||
'dependencies' : libcap,
|
||||
},
|
||||
test_template + {
|
||||
'sources' : files('test-capability-util.c'),
|
||||
'sources' : files('test-capability.c'),
|
||||
'dependencies' : libcap,
|
||||
},
|
||||
test_template + {
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
#include <stdio.h>
|
||||
|
||||
#include "alloc-util.h"
|
||||
#include "capability-list.h"
|
||||
#include "cap-list.h"
|
||||
#include "capability-util.h"
|
||||
#include "parse-util.h"
|
||||
#include "random-util.h"
|
||||
@ -305,7 +305,7 @@ static int search_rules_file(const char *s, const char *root, ConfFile ***files,
|
||||
if (!GREEDY_REALLOC_APPEND(*files, *n_files, f, n))
|
||||
return log_oom();
|
||||
|
||||
f = mfree(f); /* The array elements are owned by 'files'. So, conf_file_free_many() must not be called. */
|
||||
TAKE_PTR(f);
|
||||
n = 0;
|
||||
return 0;
|
||||
}
|
||||
|
||||
@ -572,8 +572,6 @@ def main() -> None:
|
||||
else:
|
||||
firmware = args.firmware
|
||||
|
||||
vm = args.vm or os.getuid() != 0 or os.getenv('TEST_PREFER_QEMU', '0') == '1'
|
||||
|
||||
cmd = [
|
||||
args.mkosi,
|
||||
'--directory', os.fspath(args.mkosi_dir),
|
||||
@ -618,8 +616,9 @@ def main() -> None:
|
||||
),
|
||||
'--credential', f"journal.storage={'persistent' if sys.stdin.isatty() else args.storage}",
|
||||
*(['--runtime-build-sources=no', '--register=no'] if not sys.stdin.isatty() else []),
|
||||
'vm' if vm else 'boot',
|
||||
*(['--', '--capability=CAP_BPF'] if not vm else []),
|
||||
'vm' if args.vm or os.getuid() != 0 or os.getenv('TEST_PREFER_QEMU', '0') == '1' else 'boot',
|
||||
*(['--', '--capability=CAP_BPF'] \
|
||||
if not args.vm and os.getenv('TEST_PREFER_QEMU', '0') == '0' else []),
|
||||
] # fmt: skip
|
||||
|
||||
try:
|
||||
|
||||
@ -6,12 +6,12 @@ set -o pipefail
|
||||
# shellcheck source=test/units/util.sh
|
||||
. "$(dirname "$0")"/util.sh
|
||||
|
||||
if [[ ! -f /usr/lib/systemd/system/systemd-mountfsd.socket ]] ||
|
||||
[[ ! -f /usr/lib/systemd/system/systemd-nsresourced.socket ]] ||
|
||||
! command -v mksquashfs ||
|
||||
if [[ ! -f /usr/lib/systemd/system/systemd-mountfsd.socket ]] || \
|
||||
[[ ! -f /usr/lib/systemd/system/systemd-nsresourced.socket ]] || \
|
||||
! command -v mksquashfs || \
|
||||
! grep -q bpf /sys/kernel/security/lsm ||
|
||||
! find /usr/lib* -name libbpf.so.1 2>/dev/null | grep . ||
|
||||
systemd-analyze compare-versions "$(uname -r)" lt 6.5 ||
|
||||
! find /usr/lib* -name libbpf.so.1 2>/dev/null | grep . || \
|
||||
systemd-analyze compare-versions "$(uname -r)" lt 6.5 || \
|
||||
systemd-analyze compare-versions "$(pkcheck --version | awk '{print $3}')" lt 124; then
|
||||
echo "Skipping mountfsd/nsresourced tests"
|
||||
exit 0
|
||||
|
||||
@ -243,9 +243,9 @@ EOF
|
||||
|
||||
sleep 1
|
||||
|
||||
if [[ "$(systemctl is-failed tmp-hoge.mount)" == "failed" ]] ||
|
||||
if [[ "$(systemctl is-failed tmp-hoge.mount)" == "failed" ]] || \
|
||||
journalctl --since="$since" -u tmp-hoge.mount -q --grep "but there is no mount"; then
|
||||
exit 1
|
||||
exit 1
|
||||
fi
|
||||
|
||||
systemctl stop tmp-hoge.mount
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user