mirror of
https://github.com/systemd/systemd
synced 2025-10-05 03:34:46 +02:00
Compare commits
No commits in common. "9e6f0d4bbd204091a92639c8f514680d02e8565b" and "5c68c51045c27d77b7afc211df7304a958d8cf24" have entirely different histories.
9e6f0d4bbd
...
5c68c51045
12
po/zh_CN.po
12
po/zh_CN.po
@ -15,7 +15,7 @@ msgid ""
|
||||
msgstr ""
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2025-07-23 15:38+0100\n"
|
||||
"PO-Revision-Date: 2025-07-27 09:55+0000\n"
|
||||
"PO-Revision-Date: 2025-07-26 20:30+0000\n"
|
||||
"Last-Translator: Jesse Guo <jesseguotech@outlook.com>\n"
|
||||
"Language-Team: Chinese (Simplified) <https://translate.fedoraproject.org/"
|
||||
"projects/systemd/main/zh_CN/>\n"
|
||||
@ -96,12 +96,12 @@ msgstr "移除用户家区域需要认证。"
|
||||
|
||||
#: src/home/org.freedesktop.home1.policy:33
|
||||
msgid "Check credentials of a home area"
|
||||
msgstr "核验家区域的凭证"
|
||||
msgstr "检查家区域凭证"
|
||||
|
||||
#: src/home/org.freedesktop.home1.policy:34
|
||||
msgid ""
|
||||
"Authentication is required to check credentials against a user's home area."
|
||||
msgstr "将凭据与用户家区域进行核验需要认证。"
|
||||
msgstr "根据用户家区域检查凭证需要认证。"
|
||||
|
||||
#: src/home/org.freedesktop.home1.policy:43
|
||||
msgid "Update a home area"
|
||||
@ -140,7 +140,7 @@ msgstr "更改家区域的密码"
|
||||
#: src/home/org.freedesktop.home1.policy:74
|
||||
msgid ""
|
||||
"Authentication is required to change the password of a user's home area."
|
||||
msgstr "更改用户的家区域密码需要认证。"
|
||||
msgstr "更改家区域密码需要认证。"
|
||||
|
||||
#: src/home/org.freedesktop.home1.policy:83
|
||||
msgid "Activate a home area"
|
||||
@ -152,7 +152,7 @@ msgstr "激活用户的家区域需要认证。"
|
||||
|
||||
#: src/home/org.freedesktop.home1.policy:93
|
||||
msgid "Manage Home Directory Signing Keys"
|
||||
msgstr "管理家目录的签名密钥"
|
||||
msgstr "管理家目录签名密钥"
|
||||
|
||||
#: src/home/org.freedesktop.home1.policy:94
|
||||
msgid "Authentication is required to manage signing keys for home directories."
|
||||
@ -263,7 +263,7 @@ msgstr "用户 %s 的安全令牌 PIN 不正确(仅剩一次重试机会!)
|
||||
#: src/home/pam_systemd_home.c:685
|
||||
#, c-format
|
||||
msgid "Home of user %s is currently not active, please log in locally first."
|
||||
msgstr "用户 %s 的家目录目前未激活,请先在本地登录。"
|
||||
msgstr "用户 %s 的家目录目前未启用,请先在本地登录。"
|
||||
|
||||
#: src/home/pam_systemd_home.c:687
|
||||
#, c-format
|
||||
|
||||
@ -7,7 +7,6 @@
|
||||
#include "errno-list.h"
|
||||
#include "errno-util.h"
|
||||
#include "string-util.h"
|
||||
#include "utf8.h"
|
||||
|
||||
BUS_ERROR_MAP_ELF_REGISTER const sd_bus_error_map bus_standard_errors[] = {
|
||||
SD_BUS_ERROR_MAP(SD_BUS_ERROR_FAILED, EACCES),
|
||||
@ -247,7 +246,7 @@ _public_ int sd_bus_error_setfv(sd_bus_error *e, const char *name, const char *f
|
||||
* this, since we at least managed to write the error name */
|
||||
|
||||
if (vasprintf(&mesg, format, ap) >= 0)
|
||||
e->message = utf8_escape_non_printable(mesg);
|
||||
e->message = TAKE_PTR(mesg);
|
||||
}
|
||||
|
||||
e->_need_free = 1;
|
||||
|
||||
@ -43,135 +43,61 @@ trap at_exit EXIT
|
||||
|
||||
systemctl log-level info
|
||||
|
||||
# FIXME: systemd-run doesn't play well with daemon-reexec
|
||||
# See: https://github.com/systemd/systemd/issues/27204
|
||||
add_suppression "org.freedesktop.systemd1" "org.freedesktop.systemd1.Manager:Reexecute FIXME"
|
||||
|
||||
add_suppression "org.freedesktop.systemd1" "org.freedesktop.systemd1.Manager:SoftReboot destructive"
|
||||
add_suppression "org.freedesktop.login1" "Sleep destructive"
|
||||
|
||||
# Skip calling start and stop methods on unit objects, as doing that is not only time consuming, but it also
|
||||
# starts/stops units that interfere with the machine state. The actual code paths should be covered (to some
|
||||
# degree) by the respective method counterparts on the manager object.
|
||||
MANAGER_METHOD_FILTER=(
|
||||
StartUnit
|
||||
StartUnitWithFlags
|
||||
StartUnitReplace
|
||||
StopUnit
|
||||
RestartUnit
|
||||
TryRestartUnit
|
||||
ReloadOrRestartUnit
|
||||
ReloadOrTryRestartUnit
|
||||
KillUnit
|
||||
QueueSignalUnit
|
||||
FreezeUnit
|
||||
AttachProcessesToUnit
|
||||
RemoveSubgroupFromUnit
|
||||
AbandonScope
|
||||
CancelJob
|
||||
Exit
|
||||
Reboot
|
||||
SoftReboot
|
||||
PowerOff
|
||||
Halt
|
||||
KExec
|
||||
SwitchRoot
|
||||
EnqueueMarkedJobs
|
||||
)
|
||||
UNIT_METHOD_FILTER=(
|
||||
Start
|
||||
Stop
|
||||
Restart
|
||||
TryRestart
|
||||
ReloadOrRestart
|
||||
ReloadOrTryRestart
|
||||
Kill
|
||||
QueueSignal
|
||||
Freeze
|
||||
)
|
||||
SCOPE_METHOD_FILTER=(
|
||||
Abandon
|
||||
)
|
||||
JOB_METHOD_FILTER=(
|
||||
Cancel
|
||||
)
|
||||
LOGIN_METHOD_FILTER=(
|
||||
FlushDevices # This triggers all devices and makes the system super heavy
|
||||
PowerOff
|
||||
PowerOffWithFlags
|
||||
Reboot
|
||||
RebootWithFlags
|
||||
Halt
|
||||
HaltWithFlags
|
||||
Suspend
|
||||
SuspendWithFlags
|
||||
Hibernate
|
||||
HibernateWithFlags
|
||||
HybridSleep
|
||||
HybridSleepWithFlags
|
||||
SuspendThenHibernate
|
||||
SuspendThenHibernateWithFlags
|
||||
ScheduleShutdown
|
||||
)
|
||||
for method in "${MANAGER_METHOD_FILTER[@]}"; do
|
||||
add_suppression "org.freedesktop.systemd1" "org.freedesktop.systemd1.Manager:$method"
|
||||
done
|
||||
for method in "${UNIT_METHOD_FILTER[@]}"; do
|
||||
for method in Start Stop Restart ReloadOrRestart ReloadOrTryRestart Kill; do
|
||||
add_suppression "org.freedesktop.systemd1" "org.freedesktop.systemd1.Unit:$method"
|
||||
done
|
||||
for method in "${SCOPE_METHOD_FILTER[@]}"; do
|
||||
add_suppression "org.freedesktop.systemd1" "org.freedesktop.systemd1.Scope:$method"
|
||||
done
|
||||
for method in "${JOB_METHOD_FILTER[@]}"; do
|
||||
add_suppression "org.freedesktop.systemd1" "org.freedesktop.systemd1.Job:$method"
|
||||
done
|
||||
for method in "${LOGIN_METHOD_FILTER[@]}"; do
|
||||
add_suppression "org.freedesktop.login1" "org.freedesktop.login1.Manager:$method"
|
||||
done
|
||||
|
||||
cat /etc/dfuzzer.conf
|
||||
|
||||
# TODO
|
||||
# * check for possibly newly introduced buses?
|
||||
NAME_LIST=(
|
||||
home
|
||||
hostname
|
||||
import
|
||||
locale
|
||||
login
|
||||
machine
|
||||
portable
|
||||
resolve
|
||||
timedate
|
||||
BUS_LIST=(
|
||||
org.freedesktop.home1
|
||||
org.freedesktop.hostname1
|
||||
org.freedesktop.import1
|
||||
org.freedesktop.locale1
|
||||
org.freedesktop.login1
|
||||
org.freedesktop.machine1
|
||||
org.freedesktop.portable1
|
||||
org.freedesktop.resolve1
|
||||
org.freedesktop.systemd1
|
||||
org.freedesktop.timedate1
|
||||
)
|
||||
|
||||
# systemd-oomd requires PSI
|
||||
if tail -n +1 /proc/pressure/{cpu,io,memory}; then
|
||||
BUS_LIST+=(
|
||||
org.freedesktop.oom1
|
||||
)
|
||||
fi
|
||||
|
||||
# Some services require specific conditions:
|
||||
# - systemd-oomd requires PSI
|
||||
# - systemd-timesyncd can't run in a container
|
||||
# - systemd-networkd can run in a container if it has CAP_NET_ADMIN capability
|
||||
if tail -n +1 /proc/pressure/{cpu,io,memory}; then
|
||||
NAME_LIST+=( oom )
|
||||
fi
|
||||
|
||||
if ! systemd-detect-virt --container; then
|
||||
NAME_LIST+=( timesync )
|
||||
BUS_LIST+=(
|
||||
org.freedesktop.network1
|
||||
org.freedesktop.timesync1
|
||||
)
|
||||
elif busctl introspect org.freedesktop.network1 / &>/dev/null; then
|
||||
BUS_LIST+=(
|
||||
org.freedesktop.network1
|
||||
)
|
||||
fi
|
||||
|
||||
if ip link add dummy-fuzz type dummy; then
|
||||
# if a dummy interface is created, then let's also setup it for resolved
|
||||
ip link set dummy-fuzz up
|
||||
ip address add 192.0.2.1/24 dev dummy-fuzz
|
||||
|
||||
# When we can create a dummy interface, we definitely have CAP_NET_ADMIN
|
||||
NAME_LIST+=( network )
|
||||
|
||||
# Create unit files for another dummy interface for networkd
|
||||
mkdir -p /run/systemd/network
|
||||
cat >/run/systemd/network/10-dummy-fuzz2.netdev <<EOF
|
||||
[NetDev]
|
||||
Kind=dummy
|
||||
Name=dummy-fuzz2
|
||||
EOF
|
||||
cat >/run/systemd/network/10-dummy-fuzz2.network <<EOF
|
||||
[Match]
|
||||
Name=dummy-fuzz2
|
||||
[Network]
|
||||
Address=192.0.2.2/24
|
||||
EOF
|
||||
fi
|
||||
SESSION_BUS_LIST=(
|
||||
org.freedesktop.systemd1
|
||||
)
|
||||
|
||||
# Maximum payload size generated by dfuzzer (in bytes) - default: 50K
|
||||
PAYLOAD_MAX=50000
|
||||
@ -181,64 +107,33 @@ if [[ -v ASAN_OPTIONS || -v UBSAN_OPTIONS ]]; then
|
||||
PAYLOAD_MAX=10000 # 10K
|
||||
fi
|
||||
|
||||
# Disable debugging logs from systemd-homed, systemd-nsresourced, and systemd-userdbd.
|
||||
# Otherwise, journal is filled with the debugging logs by them.
|
||||
systemctl service-log-level systemd-homed.service info
|
||||
for service in systemd-nsresourced.service systemd-userdbd.service; do
|
||||
mkdir -p "/run/systemd/system/${service}.d"
|
||||
cat >"/run/systemd/system/${service}.d/10-disable-debug.conf" <<EOF
|
||||
[Service]
|
||||
Environment=SYSTEMD_LOG_LEVEL=info
|
||||
EOF
|
||||
systemctl daemon-reload
|
||||
systemctl restart "$service"
|
||||
done
|
||||
|
||||
test_systemd() {
|
||||
systemd-run "$@" --pipe --wait \
|
||||
-- dfuzzer -b "$PAYLOAD_MAX" -n org.freedesktop.systemd1
|
||||
|
||||
# Let's reload the systemd user daemon to test (de)serialization as well
|
||||
systemctl "$@" daemon-reload
|
||||
# FIXME: explicitly trigger reexecute until systemd/systemd#27204 is resolved
|
||||
systemctl "$@" daemon-reexec
|
||||
}
|
||||
|
||||
# Let's first test the session bus before the system one, as it may be in a
|
||||
# spurious state after fuzzing the system bus or login bus.
|
||||
echo "Bus: org.freedesktop.systemd1 (session)"
|
||||
test_systemd --machine 'testuser@.host' --user
|
||||
|
||||
# Overmount /var/lib/machines with a size-limited tmpfs, as fuzzing
|
||||
# the org.freedesktop.machine1 stuff makes quite a mess
|
||||
mount -t tmpfs -o size=50M tmpfs /var/lib/machines
|
||||
|
||||
# Next, test the system service buses, as the services may be in a spurious
|
||||
# state after fuzzing the system service manager bus.
|
||||
for name in "${NAME_LIST[@]}"; do
|
||||
bus="org.freedesktop.${name}1"
|
||||
service="systemd-${name}d.service"
|
||||
|
||||
echo "Bus: $bus"
|
||||
|
||||
# Unmask and enable the service.
|
||||
systemctl unmask "$service"
|
||||
systemctl enable "$service"
|
||||
|
||||
# enable debugging logs
|
||||
systemctl service-log-level "$service" debug || :
|
||||
|
||||
# Fuzz both the system and the session buses (where applicable)
|
||||
for bus in "${BUS_LIST[@]}"; do
|
||||
echo "Bus: $bus (system)"
|
||||
systemd-run --pipe --wait \
|
||||
-- dfuzzer -b "$PAYLOAD_MAX" -n "$bus"
|
||||
|
||||
# disable debugging logs
|
||||
systemctl service-log-level "$service" info || :
|
||||
# Let's reload the systemd daemon to test (de)serialization as well
|
||||
systemctl daemon-reload
|
||||
# FIXME: explicitly trigger reexecute until systemd/systemd#27204 is resolved
|
||||
systemctl daemon-reexec
|
||||
done
|
||||
|
||||
umount /var/lib/machines
|
||||
|
||||
# Finally, test the system bus.
|
||||
echo "Bus: org.freedesktop.systemd1 (system)"
|
||||
test_systemd
|
||||
for bus in "${SESSION_BUS_LIST[@]}"; do
|
||||
echo "Bus: $bus (session)"
|
||||
systemd-run --machine 'testuser@.host' --user --pipe --wait \
|
||||
-- dfuzzer -b "$PAYLOAD_MAX" -n "$bus"
|
||||
|
||||
# Let's reload the systemd user daemon to test (de)serialization as well
|
||||
systemctl --machine 'testuser@.host' --user daemon-reload
|
||||
# FIXME: explicitly trigger reexecute until systemd/systemd#27204 is resolved
|
||||
systemctl --machine 'testuser@.host' --user daemon-reexec
|
||||
done
|
||||
|
||||
touch /testok
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user