Compare commits

...

22 Commits

Author SHA1 Message Date
Yu Watanabe dd0395b565 make namespace_flags_to_string() not return empty string
This improves the following debug log.

Before:
systemd[1162]: Restricting namespace to: .

After:
systemd[1162]: Restricting namespace to: n/a.
2020-03-03 21:17:38 +01:00
Zbigniew Jędrzejewski-Szmek fbd6ac2601
Merge pull request #15009 from keszybz/version-and-doc-updates
Version and doc updates
2020-03-03 20:29:12 +01:00
Zbigniew Jędrzejewski-Szmek efd58985f6
Merge pull request #15002 from keszybz/sysusers-no-proc
Make systemd-sysusers work if /proc is unavailable
2020-03-03 20:28:02 +01:00
Frantisek Sumsal e31b6bd020 lgtm: drop the TMPDIR/meson workaround
The underlying issue seems to be fixed, so let's drop the now obsolete
workarounds.

Introduced in 65be7042a8
2020-03-03 20:27:42 +01:00
Zbigniew Jędrzejewski-Szmek d4de2b2aff man: document that .link/.network/.netdev files have the usual ini syntax
Fixes #1266.
2020-03-03 19:11:59 +01:00
Zbigniew Jędrzejewski-Szmek 870d38dca9 docs: add .link/.network/.netdev files to interface stability chart
Fixes #9850.
2020-03-03 19:11:45 +01:00
Zbigniew Jędrzejewski-Szmek c7fe06fb0a man: document the default value for IPv6AcceptRA=
Fixes #14121.
2020-03-03 18:36:03 +01:00
Zbigniew Jędrzejewski-Szmek cd517eb731 man: specify that Domains= is a space-separated list
Fixes #14998.
2020-03-03 18:03:53 +01:00
Daniel Lublin 1699f53788 hwdb: add corrections for Olimex Teres-I to keyboard hwdb
The firmware of the Olimex Teres-I (a DIY laptop kit) seems to have wrong
scancodes.

Fixes #15003.
2020-03-03 18:00:23 +01:00
Zbigniew Jędrzejewski-Szmek 105a1a36cd tree-wide: fix spelling of lookup and setup verbs
"set up" and "look up" are the verbs, "setup" and "lookup" are the nouns.
2020-03-03 15:02:53 +01:00
Zbigniew Jędrzejewski-Szmek 33eb1f2497 tree-wide: drop printk.devkmsg=on setting in various places
Since 6123dfaa72 this should not be necessary anymore.
2020-03-03 15:02:53 +01:00
Zbigniew Jędrzejewski-Szmek a345d5c1c9 man,mkosi: use glibc-minimal-langpack for Fedora
This saves ~24MB of space, see
https://fedoraproject.org/wiki/Changes/Remove_glibc-langpacks-all_from_buildroot.
2020-03-03 15:02:53 +01:00
Zbigniew Jędrzejewski-Szmek 95d311faea man: bump fedora versions 2020-03-03 15:02:53 +01:00
Zbigniew Jędrzejewski-Szmek 7e0276b37a
Merge pull request #14874 from bluca/portable_detach_now_block
portablectl: block when stopping a unit on detach (--now)
2020-03-03 14:40:12 +01:00
Guido Günther 1c5b427f5d
hwdb: 60-sensor.hwdb: Add proximity sensor udev property (#14845)
Devices with proximity sensors can specify a near level that
indicates when an object is considered close to the device.
2020-03-03 14:40:00 +01:00
Christian Göttsche fdb0405edd selinux: check return value of string_to_security_class()
This should never happen, but better safe than sorry.
2020-03-03 14:17:52 +01:00
Vladimir Yerilov 81d4a026a6 drop unused translations 2020-03-03 13:57:29 +01:00
Vladimir Yerilov d015652944 update Russian translation 2020-03-03 13:57:29 +01:00
Zbigniew Jędrzejewski-Szmek 1fb5a5edc7 sysusers: do not require /proc to be mounted
We're operating on known paths in root-owned directories here, so the detour
through toctou-safe methods that require /proc to be mounted is not necessary.
Should fix https://bugzilla.redhat.com/show_bug.cgi?id=1807768.
2020-03-03 12:29:57 +01:00
Zbigniew Jędrzejewski-Szmek 6cb356ca9f basic/fs-util: add a version of chmod_and_chown that doesn not use /proc 2020-03-03 11:56:44 +01:00
Zbigniew Jędrzejewski-Szmek 08c7c3216b sysusers: many different errnos to express one condition
See https://bugzilla.redhat.com/show_bug.cgi?id=1807768. It turns
out that sysusers cannot query if the group exists:
Failed to check if group dnsmasq already exists: No such process
...
Failed to check if group systemd-timesync already exists: No such process

When the same command is executed later, the issue does not occur. Not sure why
the behaviour in the initial transaction is different. But let's accept all
errors that the man pages list. We check if the user/group exists before creating
anyway, so this seems pretty safe.
2020-03-03 11:56:25 +01:00
Luca Boccassi 31c33315b3 portablectl: block when stopping a unit on detach (--now)
If portablectl detach --now is used, there's a possible race condition
where the unit is not stopped in time before the detach is attempted,
which causes it to fail.
Add a DBUS call to block after starting/stopping if --now is passed,
and add a --no-block parameter to skip it optionally when starting,
since it is not necessary in that case for correct functioning.
2020-02-18 12:02:53 +00:00
38 changed files with 561 additions and 142 deletions

View File

@ -9,16 +9,6 @@ extraction:
- libfdisk-dev - libfdisk-dev
- libp11-kit-dev - libp11-kit-dev
- libssl-dev - libssl-dev
before_index:
# /tmp has `noexec` set in the LGTM infra which breaks meson's
# compilation checks. Let's temporarily override TMPDIR to /var/tmp which
# should work as expected
# See: https://discuss.lgtm.com/t/meson-fails-to-determine-sizes-of-basic-data-types/2639
- export TMPDIR=/var/tmp
index:
build_command:
- meson build
- ninja -C build
python: python:
python_setup: python_setup:
version: 3 version: 3

View File

@ -10,7 +10,6 @@ Release=31
[Output] [Output]
Format=gpt_ext4 Format=gpt_ext4
Bootable=yes Bootable=yes
KernelCommandLine=printk.devkmsg=on
[Partitions] [Partitions]
RootSize=3G RootSize=3G
@ -27,6 +26,7 @@ BuildPackages=
gcc gcc
gettext gettext
git git
glibc-minimal-langpack
gnu-efi gnu-efi
gnu-efi-devel gnu-efi-devel
gnutls-devel gnutls-devel

View File

@ -96,6 +96,8 @@ And now, here's the list of (hopefully) all APIs that we have introduced with sy
| [$NOTIFY_SOCKET Daemon Notifications](https://www.freedesktop.org/software/systemd/man/sd_notify.html) | Environment | yes | yes | a few, including udev | yes | - | no | | [$NOTIFY_SOCKET Daemon Notifications](https://www.freedesktop.org/software/systemd/man/sd_notify.html) | Environment | yes | yes | a few, including udev | yes | - | no |
| [argv[0][0]='@' Logic](https://www.freedesktop.org/wiki/Software/systemd/RootStorageDaemons) | `/proc` marking | yes | yes | mdadm | yes | - | no | | [argv[0][0]='@' Logic](https://www.freedesktop.org/wiki/Software/systemd/RootStorageDaemons) | `/proc` marking | yes | yes | mdadm | yes | - | no |
| [Unit file format](https://www.freedesktop.org/software/systemd/man/systemd.unit.html) | File format | yes | yes | numerous | no | - | no | | [Unit file format](https://www.freedesktop.org/software/systemd/man/systemd.unit.html) | File format | yes | yes | numerous | no | - | no |
| [Network](https://www.freedesktop.org/software/systemd/man/systemd.network.html) & [Netdev file format](https://www.freedesktop.org/software/systemd/man/systemd.netdev.html) | File format | yes | yes | no | no | - | no |
| [Link file format](https://www.freedesktop.org/software/systemd/man/systemd.link.html) | File format | yes | yes | no | no | - | no |
| [Journal File Format](https://www.freedesktop.org/wiki/Software/systemd/journal-files) | File format | yes | yes | - | maybe | - | no | | [Journal File Format](https://www.freedesktop.org/wiki/Software/systemd/journal-files) | File format | yes | yes | - | maybe | - | no |
| [Journal Export Format](https://www.freedesktop.org/wiki/Software/systemd/export) | File format | yes | yes | - | yes | - | no | | [Journal Export Format](https://www.freedesktop.org/wiki/Software/systemd/export) | File format | yes | yes | - | yes | - | no |
| [Cooperation in cgroup tree](https://www.freedesktop.org/wiki/Software/systemd/PaxControlGroups) | Treaty | yes | yes | libvirt | yes | libvirt | no | | [Cooperation in cgroup tree](https://www.freedesktop.org/wiki/Software/systemd/PaxControlGroups) | Treaty | yes | yes | libvirt | yes | libvirt | no |

View File

@ -1200,6 +1200,19 @@ evdev:name:MSI Laptop hotkeys:dmi:bvn*:bvr*:bd*:svn*:pnM[iI][cC][rR][oO]-S[tT][a
KEYBOARD_KEY_0213=f22 KEYBOARD_KEY_0213=f22
KEYBOARD_KEY_0214=f23 KEYBOARD_KEY_0214=f23
###########################################################
# Olimex
###########################################################
# Teres-I
evdev:input:b0003v15BAp003C*
KEYBOARD_KEY_70066=sleep # Fn+F1
KEYBOARD_KEY_700f6=wlan # Fn+F2
KEYBOARD_KEY_700c7=f21 # Fn+F3 touchpad toggle
KEYBOARD_KEY_7006f=brightnessdown # Fn+F7
KEYBOARD_KEY_70070=brightnessup # Fn+F8
KEYBOARD_KEY_7006e=switchvideomode # Fn+F9
########################################################### ###########################################################
# OLPC # OLPC
########################################################### ###########################################################

View File

@ -41,11 +41,15 @@
# #
# Allowed properties are: # Allowed properties are:
# ACCEL_MOUNT_MATRIX=<matrix> # ACCEL_MOUNT_MATRIX=<matrix>
# PROXIMITY_NEAR_LEVEL=<value>
# #
# where <matrix> is a mount-matrix in the format specified in the IIO # where <matrix> is a mount-matrix in the format specified in the IIO
# subsystem[1]. The default, when unset, is equivalent to: # subsystem[1]. The default, when unset, is equivalent to:
# ACCEL_MOUNT_MATRIX=1, 0, 0; 0, 1, 0; 0, 0, 1 # ACCEL_MOUNT_MATRIX=1, 0, 0; 0, 1, 0; 0, 0, 1
# eg. the identity matrix. # eg. the identity matrix.
# and <value> is an integer value above which an object is considered
# close by a proximity sensor:
# PROXIMITY_NEAR_LEVEL=100
# #
# [1]: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dfc57732ad38f93ae6232a3b4e64fd077383a0f1 # [1]: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dfc57732ad38f93ae6232a3b4e64fd077383a0f1
# #

View File

@ -128,6 +128,7 @@ def property_grammar():
('KEYBOARD_LED_CAPSLOCK', Literal('0')), ('KEYBOARD_LED_CAPSLOCK', Literal('0')),
('ACCEL_MOUNT_MATRIX', mount_matrix), ('ACCEL_MOUNT_MATRIX', mount_matrix),
('ACCEL_LOCATION', Or(('display', 'base'))), ('ACCEL_LOCATION', Or(('display', 'base'))),
('PROXIMITY_NEAR_LEVEL', INTEGER),
) )
fixed_props = [Literal(name)('NAME') - Suppress('=') - val('VALUE') fixed_props = [Literal(name)('NAME') - Suppress('=') - val('VALUE')
for name, val in props] for name, val in props]

View File

@ -350,9 +350,9 @@
<varname>TTYPath=</varname>, described below.</para> <varname>TTYPath=</varname>, described below.</para>
<para>When forwarding to the kernel log buffer (kmsg), make sure to select a suitably large size for <para>When forwarding to the kernel log buffer (kmsg), make sure to select a suitably large size for
the log buffer, and ensure the kernel's rate-limiting applied to userspace processes is turned the log buffer, for example by adding <literal>log_buf_len=8M</literal> to the kernel command line.
off. Specifically, add <literal>log_buf_len=8M</literal> and <literal>printk.devkmsg=on</literal> (or <command>systemd</command> will automatically disable kernel's rate-limiting applied to userspace
similar) to the kernel command line.</para></listitem> processes (equivalent to setting <literal>printk.devkmsg=on</literal>).</para></listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>

View File

@ -135,7 +135,8 @@
the service manager are seen by it.</para> the service manager are seen by it.</para>
<para>If <option>--now</option> and/or <option>--enable</option> are passed, the portable service(s) are <para>If <option>--now</option> and/or <option>--enable</option> are passed, the portable service(s) are
immediately started and/or enabled after attaching the image.</para> immediately started (blocking operation unless <option>--no-block</option> is passed) and/or enabled after
attaching the image.</para>
</listitem> </listitem>
</varlistentry> </varlistentry>
@ -150,8 +151,8 @@
<command>detach</command>.</para></listitem> <command>detach</command>.</para></listitem>
<para>If <option>--now</option> and/or <option>--enable</option> are passed, the portable service(s) are <para>If <option>--now</option> and/or <option>--enable</option> are passed, the portable service(s) are
immediately started and/or enabled before detaching the image. Prefix(es) are also accepted, to be used in immediately stopped (blocking operation) and/or disabled before detaching the image. Prefix(es) are also accepted,
case the unit names do not match the image name as described in the <command>attach</command>.</para> to be used in case the unit names do not match the image name as described in the <command>attach</command>.</para>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
@ -330,6 +331,12 @@
<listitem><para>Immediately start/stop the portable service after attaching/before detaching.</para></listitem> <listitem><para>Immediately start/stop the portable service after attaching/before detaching.</para></listitem>
</varlistentry> </varlistentry>
<varlistentry>
<term><option>--no-block</option></term>
<listitem><para>Don't block waiting for attach --now to complete.</para></listitem>
</varlistentry>
<xi:include href="user-system-options.xml" xpointer="host" /> <xi:include href="user-system-options.xml" xpointer="host" />
<xi:include href="user-system-options.xml" xpointer="machine" /> <xi:include href="user-system-options.xml" xpointer="machine" />

View File

@ -1,8 +1,8 @@
<?xml version='1.0'?> <?xml version='1.0'?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
<!ENTITY fedora_latest_version "30"> <!ENTITY fedora_latest_version "31">
<!ENTITY fedora_cloud_release "1.2"> <!ENTITY fedora_cloud_release "1.9">
]> ]>
<!-- SPDX-License-Identifier: LGPL-2.1+ --> <!-- SPDX-License-Identifier: LGPL-2.1+ -->
@ -1378,7 +1378,7 @@
<programlisting># dnf -y --releasever=&fedora_latest_version; --installroot=/var/lib/machines/f&fedora_latest_version; \ <programlisting># dnf -y --releasever=&fedora_latest_version; --installroot=/var/lib/machines/f&fedora_latest_version; \
--disablerepo='*' --enablerepo=fedora --enablerepo=updates install \ --disablerepo='*' --enablerepo=fedora --enablerepo=updates install \
systemd passwd dnf fedora-release vim-minimal systemd passwd dnf fedora-release vim-minimal glibc-minimal-langpack
# systemd-nspawn -bD /var/lib/machines/f&fedora_latest_version;</programlisting> # systemd-nspawn -bD /var/lib/machines/f&fedora_latest_version;</programlisting>
<para>This installs a minimal Fedora distribution into the <para>This installs a minimal Fedora distribution into the

View File

@ -26,8 +26,11 @@
<refsect1> <refsect1>
<title>Description</title> <title>Description</title>
<para>Network link configuration is performed by the <para>A plain ini-style text file that encodes configuration for matching network devices, used by
<command>net_setup_link</command> udev builtin.</para> <citerefentry><refentrytitle>systemd-udev</refentrytitle><manvolnum>8</manvolnum></citerefentry> and in
particular its <command>net_setup_link</command> builtin. See
<citerefentry><refentrytitle>systemd.syntax</refentrytitle><manvolnum>5</manvolnum></citerefentry> for a
general description of the syntax.</para>
<para>The link files are read from the files located in the system <para>The link files are read from the files located in the system
network directory <filename>/usr/lib/systemd/network</filename>, network directory <filename>/usr/lib/systemd/network</filename>,

View File

@ -27,9 +27,10 @@
<refsect1> <refsect1>
<title>Description</title> <title>Description</title>
<para>Network setup is performed by <para>A plain ini-style text file that encodes configuration about a virtual network device, used by
<citerefentry><refentrytitle>systemd-networkd</refentrytitle><manvolnum>8</manvolnum></citerefentry>. <citerefentry><refentrytitle>systemd-networkd</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
</para> See <citerefentry><refentrytitle>systemd.syntax</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for a general description of the syntax.</para>
<para>The main Virtual Network Device file must have the extension <filename>.netdev</filename>; <para>The main Virtual Network Device file must have the extension <filename>.netdev</filename>;
other extensions are ignored. Virtual network devices are created as soon as networkd is other extensions are ignored. Virtual network devices are created as soon as networkd is

View File

@ -28,9 +28,11 @@
<refsect1> <refsect1>
<title>Description</title> <title>Description</title>
<para>Network setup is performed by <para>A plain ini-style text file that encodes network configuration for matching network interfaces,
used by
<citerefentry><refentrytitle>systemd-networkd</refentrytitle><manvolnum>8</manvolnum></citerefentry>. <citerefentry><refentrytitle>systemd-networkd</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
</para> See <citerefentry><refentrytitle>systemd.syntax</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for a general description of the syntax.</para>
<para>The main network file must have the extension <filename>.network</filename>; other <para>The main network file must have the extension <filename>.network</filename>; other
extensions are ignored. Networks are applied to links whenever the links appear.</para> extensions are ignored. Networks are applied to links whenever the links appear.</para>
@ -514,13 +516,14 @@
<varlistentry> <varlistentry>
<term><varname>Domains=</varname></term> <term><varname>Domains=</varname></term>
<listitem> <listitem>
<para>A list of domains which should be resolved using the DNS servers on this link. Each item in the list <para>A whitespace-separated list of domains which should be resolved using the DNS servers on
should be a domain name, optionally prefixed with a tilde (<literal>~</literal>). The domains with the this link. Each item in the list should be a domain name, optionally prefixed with a tilde
prefix are called "routing-only domains". The domains without the prefix are called "search domains" and (<literal>~</literal>). The domains with the prefix are called "routing-only domains". The
are first used as search suffixes for extending single-label host names (host names containing no dots) to domains without the prefix are called "search domains" and are first used as search suffixes for
become fully qualified domain names (FQDNs). If a single-label host name is resolved on this interface, extending single-label host names (host names containing no dots) to become fully qualified
each of the specified search domains are appended to it in turn, converting it into a fully qualified domain names (FQDNs). If a single-label host name is resolved on this interface, each of the
domain name, until one of them may be successfully resolved.</para> specified search domains are appended to it in turn, converting it into a fully qualified domain
name, until one of them may be successfully resolved.</para>
<para>Both "search" and "routing-only" domains are used for routing of DNS queries: look-ups for host names <para>Both "search" and "routing-only" domains are used for routing of DNS queries: look-ups for host names
ending in those domains (hence also single label names, if any "search domains" are listed), are routed to ending in those domains (hence also single label names, if any "search domains" are listed), are routed to
@ -613,10 +616,12 @@
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term><varname>IPv6AcceptRA=</varname></term> <term><varname>IPv6AcceptRA=</varname></term>
<listitem><para>Takes a boolean. Controls IPv6 Router Advertisement (RA) reception support <listitem><para>Takes a boolean. Controls IPv6 Router Advertisement (RA) reception support for the
for the interface. If true, RAs are accepted; if false, RAs are ignored, independently of the interface. If true, RAs are accepted; if false, RAs are ignored. When RAs are accepted, they may
local forwarding state. When RAs are accepted, they may trigger the start of the DHCPv6 trigger the start of the DHCPv6 client if the relevant flags are set in the RA data, or if no
client if the relevant flags are set in the RA data, or if no routers are found on the link.</para> routers are found on the link. The default is to disable RA reception for bridge devices or when IP
forwarding is enabled, and to enable it otherwise. Cannot be enabled on bond devices and when link
local adressing is disabled.</para>
<para>Further settings for the IPv6 RA support may be configured in the <para>Further settings for the IPv6 RA support may be configured in the
<literal>[IPv6AcceptRA]</literal> section, see below.</para> <literal>[IPv6AcceptRA]</literal> section, see below.</para>

View File

@ -46,6 +46,15 @@
<citerefentry><refentrytitle>systemd.nspawn</refentrytitle><manvolnum>5</manvolnum></citerefentry> <citerefentry><refentrytitle>systemd.nspawn</refentrytitle><manvolnum>5</manvolnum></citerefentry>
</para></listitem> </para></listitem>
<listitem><para>link files, see
<citerefentry><refentrytitle>systemd.link</refentrytitle><manvolnum>5</manvolnum></citerefentry>
</para></listitem>
<listitem><para>netdev and network files, see
<citerefentry><refentrytitle>systemd.netdev</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd.network</refentrytitle><manvolnum>5</manvolnum></citerefentry>
</para></listitem>
<listitem><para>daemon config files, see <listitem><para>daemon config files, see
<citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-user.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>systemd-user.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,

378
po/ru.po
View File

@ -1,22 +1,24 @@
# SPDX-License-Identifier: LGPL-2.1+ # SPDX-License-Identifier: LGPL-2.1+
# #
# translation of ru.po to Rissian # translation of ru.po to Rissian
#
# Julia Dronova <juliette.tux@gmail.com>, 2013. # Julia Dronova <juliette.tux@gmail.com>, 2013.
# Sergey Ptashnick <0comffdiz@inbox.ru>, 2013-2018. # Sergey Ptashnick <0comffdiz@inbox.ru>, 2013-2018.
# # Vladimir Yerilov <openmindead@gmail.com>, 2020.
msgid "" msgid ""
msgstr "" msgstr ""
"Project-Id-Version: systemd\n" "Project-Id-Version: systemd\n"
"Report-Msgid-Bugs-To: https://github.com/systemd/systemd/issues\n" "Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2015-11-22 16:37+0100\n" "POT-Creation-Date: 2020-03-03 00:56+1000\n"
"PO-Revision-Date: 2018-09-01 18:46+0300\n" "PO-Revision-Date: 2020-03-03 16:05+1000\n"
"Last-Translator: Sergey Ptashnick <0comffdiz@inbox.ru>\n" "Last-Translator: Vladimir Yerilov <openmindead@gmail.com>\n"
"Language: ru\n" "Language: ru\n"
"MIME-Version: 1.0\n" "MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n" "Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n" "Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n" "Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<"
"%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2)\n" "=4 && (n%100<10 || n%100>=20) ? 1 : 2)\n"
"X-Generator: Lokalize 19.12.2\n"
#: src/core/org.freedesktop.systemd1.policy.in:22 #: src/core/org.freedesktop.systemd1.policy.in:22
msgid "Send passphrase back to system" msgid "Send passphrase back to system"
@ -69,6 +71,68 @@ msgstr ""
"Чтобы заставить systemd перечитать конфигурацию, необходимо пройти " "Чтобы заставить systemd перечитать конфигурацию, необходимо пройти "
"аутентификацию." "аутентификацию."
#: src/home/org.freedesktop.home1.policy:13
msgid "Create a home area"
msgstr "Создать домашнее пространство"
#: src/home/org.freedesktop.home1.policy:14
msgid "Authentication is required to create a user's home area."
msgstr ""
"Чтобы создать домашнее пространство пользователя, необходимо пройти"
" аутентификацию."
#: src/home/org.freedesktop.home1.policy:23
msgid "Remove a home area"
msgstr "Удалить домашнее пространство"
#: src/home/org.freedesktop.home1.policy:24
msgid "Authentication is required to remove a user's home area."
msgstr ""
"Чтобы удалить домашнее пространство пользователя, необходимо пройти"
" аутентификацию."
#: src/home/org.freedesktop.home1.policy:33
msgid "Check credentials of a home area"
msgstr "Проверить учётные данные домашнего пространства"
#: src/home/org.freedesktop.home1.policy:34
msgid ""
"Authentication is required to check credentials against a user's home area."
msgstr ""
"Чтобы проверить учётные данные для домашнего пространства пользователя,"
" необходимо пройти аутентификацию."
#: src/home/org.freedesktop.home1.policy:43
msgid "Update a home area"
msgstr "Обновить домашнее пространство"
#: src/home/org.freedesktop.home1.policy:44
msgid "Authentication is required to update a user's home area."
msgstr ""
"Чтобы обновить домашнее пространство пользователя, необходимо пройти"
" аутентификацию."
#: src/home/org.freedesktop.home1.policy:53
msgid "Resize a home area"
msgstr "Изменить размер домашнего пространства"
#: src/home/org.freedesktop.home1.policy:54
msgid "Authentication is required to resize a user's home area."
msgstr ""
"Чтобы изменить размер домашнего пространства пользователя, необходимо пройти"
" аутентификацию."
#: src/home/org.freedesktop.home1.policy:63
msgid "Change password of a home area"
msgstr "Изменить пароль для домашнего пространства"
#: src/home/org.freedesktop.home1.policy:64
msgid ""
"Authentication is required to change the password of a user's home area."
msgstr ""
"Чтобы изменить пароль для домашнего пространства пользователя, необходимо"
" пройти аутентификацию."
#: src/hostname/org.freedesktop.hostname1.policy:20 #: src/hostname/org.freedesktop.hostname1.policy:20
msgid "Set host name" msgid "Set host name"
msgstr "Настроить имя компьютера" msgstr "Настроить имя компьютера"
@ -266,8 +330,7 @@ msgstr ""
#: src/login/org.freedesktop.login1.policy:117 #: src/login/org.freedesktop.login1.policy:117
msgid "Allow non-logged-in user to run programs" msgid "Allow non-logged-in user to run programs"
msgstr "" msgstr "Разрешить работу программ в фоновом режиме после завершения сеанса"
"Разрешить работу программ в фоновом режиме после завершения сеанса"
#: src/login/org.freedesktop.login1.policy:118 #: src/login/org.freedesktop.login1.policy:118
msgid "Explicit request is required to run programs as a non-logged-in user." msgid "Explicit request is required to run programs as a non-logged-in user."
@ -302,8 +365,7 @@ msgid "Flush device to seat attachments"
msgstr "Сбросить привязки устройств к рабочим местам" msgstr "Сбросить привязки устройств к рабочим местам"
#: src/login/org.freedesktop.login1.policy:149 #: src/login/org.freedesktop.login1.policy:149
msgid "" msgid "Authentication is required to reset how devices are attached to seats."
"Authentication is required to reset how devices are attached to seats."
msgstr "" msgstr ""
"Чтобы сбросить привязки устройств к рабочим местам, необходимо пройти " "Чтобы сбросить привязки устройств к рабочим местам, необходимо пройти "
"аутентификацию." "аутентификацию."
@ -337,8 +399,8 @@ msgstr ""
#: src/login/org.freedesktop.login1.policy:181 #: src/login/org.freedesktop.login1.policy:181
msgid "" msgid ""
"Authentication is required to power off the system while an application " "Authentication is required to power off the system while an application is "
"is inhibiting this." "inhibiting this."
msgstr "" msgstr ""
"Чтобы выключить систему, несмотря на то, что приложение запросило блокировку " "Чтобы выключить систему, несмотря на то, что приложение запросило блокировку "
"выключения, необходимо пройти аутентификацию." "выключения, необходимо пройти аутентификацию."
@ -358,8 +420,8 @@ msgstr ""
#: src/login/org.freedesktop.login1.policy:203 #: src/login/org.freedesktop.login1.policy:203
msgid "" msgid ""
"Authentication is required to reboot the system while other users are " "Authentication is required to reboot the system while other users are logged "
"logged in." "in."
msgstr "" msgstr ""
"Чтобы перезагрузить систему, несмотря на то, что в ней работают другие " "Чтобы перезагрузить систему, несмотря на то, что в ней работают другие "
"пользователи, необходимо пройти аутентификацию." "пользователи, необходимо пройти аутентификацию."
@ -372,8 +434,8 @@ msgstr ""
#: src/login/org.freedesktop.login1.policy:214 #: src/login/org.freedesktop.login1.policy:214
msgid "" msgid ""
"Authentication is required to reboot the system while an application " "Authentication is required to reboot the system while an application is "
"is inhibiting this." "inhibiting this."
msgstr "" msgstr ""
"Чтобы перезагрузить систему, несмотря на то, что приложение запросило " "Чтобы перезагрузить систему, несмотря на то, что приложение запросило "
"блокировку выключения, необходимо пройти аутентификацию." "блокировку выключения, необходимо пройти аутентификацию."
@ -393,8 +455,8 @@ msgstr ""
#: src/login/org.freedesktop.login1.policy:236 #: src/login/org.freedesktop.login1.policy:236
msgid "" msgid ""
"Authentication is required to halt the system while other users are " "Authentication is required to halt the system while other users are logged "
"logged in." "in."
msgstr "" msgstr ""
"Чтобы остановить систему, несмотря на то, что в ней работают другие " "Чтобы остановить систему, несмотря на то, что в ней работают другие "
"пользователи, необходимо пройти аутентификацию." "пользователи, необходимо пройти аутентификацию."
@ -402,16 +464,16 @@ msgstr ""
#: src/login/org.freedesktop.login1.policy:246 #: src/login/org.freedesktop.login1.policy:246
msgid "Halt the system while an application is inhibiting this" msgid "Halt the system while an application is inhibiting this"
msgstr "" msgstr ""
"Остановить систему, несмотря на то, что приложение запросило блокировку " "Остановить систему несмотря на то, что приложение запросило блокировку "
"выключения" "выключения"
#: src/login/org.freedesktop.login1.policy:247 #: src/login/org.freedesktop.login1.policy:247
msgid "" msgid ""
"Authentication is required to halt the system while an application asked " "Authentication is required to halt the system while an application is "
"to inhibit it." "inhibiting this."
msgstr "" msgstr ""
"Чтобы остановить систему, несмотря на то, что приложение запросило " "Чтобы остановить систему несмотря на то, что приложение запросило блокировку"
"блокировку выключения, необходимо пройти аутентификацию." " выключения, необходимо пройти аутентификацию."
#: src/login/org.freedesktop.login1.policy:257 #: src/login/org.freedesktop.login1.policy:257
msgid "Suspend the system" msgid "Suspend the system"
@ -444,8 +506,8 @@ msgstr ""
#: src/login/org.freedesktop.login1.policy:279 #: src/login/org.freedesktop.login1.policy:279
msgid "" msgid ""
"Authentication is required to suspend the system while an application " "Authentication is required to suspend the system while an application is "
"is inhibiting this." "inhibiting this."
msgstr "" msgstr ""
"Чтобы перевести систему в ждущий режим, несмотря на то, что приложение " "Чтобы перевести систему в ждущий режим, несмотря на то, что приложение "
"запросило блокировку, необходимо пройти аутентификацию." "запросило блокировку, необходимо пройти аутентификацию."
@ -481,8 +543,8 @@ msgstr ""
#: src/login/org.freedesktop.login1.policy:311 #: src/login/org.freedesktop.login1.policy:311
msgid "" msgid ""
"Authentication is required to hibernate the system while an application " "Authentication is required to hibernate the system while an application is "
"is inhibiting this." "inhibiting this."
msgstr "" msgstr ""
"Чтобы перевести систему в спящий режим, несмотря на то, что приложение " "Чтобы перевести систему в спящий режим, несмотря на то, что приложение "
"запросило блокировку, необходимо пройти аутентификацию." "запросило блокировку, необходимо пройти аутентификацию."
@ -492,8 +554,7 @@ msgid "Manage active sessions, users and seats"
msgstr "Управление текущими сеансами, пользователями и рабочими местами" msgstr "Управление текущими сеансами, пользователями и рабочими местами"
#: src/login/org.freedesktop.login1.policy:322 #: src/login/org.freedesktop.login1.policy:322
msgid "" msgid "Authentication is required to manage active sessions, users and seats."
"Authentication is required to manage active sessions, users and seats."
msgstr "" msgstr ""
"Для управления текущими сеансами, пользователями и рабочими местами, " "Для управления текущими сеансами, пользователями и рабочими местами, "
"необходимо пройти аутентификацию." "необходимо пройти аутентификацию."
@ -509,26 +570,68 @@ msgstr ""
"аутентификацию." "аутентификацию."
#: src/login/org.freedesktop.login1.policy:341 #: src/login/org.freedesktop.login1.policy:341
msgid "Allow indication to the firmware to boot to setup interface" msgid "Set the reboot \"reason\" in the kernel"
msgstr "Разрешить загрузку в режиме настройки прошивки материнской платы" msgstr "Установить \"причину\" перезагрузки"
#: src/login/org.freedesktop.login1.policy:342 #: src/login/org.freedesktop.login1.policy:342
msgid "Authentication is required to set the reboot \"reason\" in the kernel."
msgstr ""
"Чтобы установить \"причину\" перезагрузки, необходимо пройти аутентификацию."
#: src/login/org.freedesktop.login1.policy:352
msgid "Indicate to the firmware to boot to setup interface"
msgstr ""
"Запустить режим настройки прошивки материнской платы при следующей загрузке"
#: src/login/org.freedesktop.login1.policy:353
msgid "" msgid ""
"Authentication is required to indicate to the firmware to boot to setup " "Authentication is required to indicate to the firmware to boot to setup "
"interface." "interface."
msgstr "" msgstr ""
"Чтобы разрешить загрузку в режиме настройки прошивки материнской платы, " "Чтобы запустить режим настройки прошивки материнской платы, "
"необходимо пройти аутентификацию." "необходимо пройти аутентификацию."
#: src/login/org.freedesktop.login1.policy:351 #: src/login/org.freedesktop.login1.policy:363
msgid "Indicate to the boot loader to boot to the boot loader menu"
msgstr "Отобразить меню загрузчика при следующей загрузке"
#: src/login/org.freedesktop.login1.policy:364
msgid ""
"Authentication is required to indicate to the boot loader to boot to the "
"boot loader menu."
msgstr ""
"Чтобы отобразить меню загрузчика при следующей загрузке, "
"необходимо пройти аутентификацию."
#: src/login/org.freedesktop.login1.policy:374
msgid "Indicate to the boot loader to boot a specific entry"
msgstr "Выбрать определённую загрузочную запись при следующем запуске"
#: src/login/org.freedesktop.login1.policy:375
msgid ""
"Authentication is required to indicate to the boot loader to boot into a "
"specific boot loader entry."
msgstr ""
"Чтобы установить определённую загрузочную запись для загрузки, "
"необходимо пройти аутентификацию."
#: src/login/org.freedesktop.login1.policy:385
msgid "Set a wall message" msgid "Set a wall message"
msgstr "Отправить сообщение на все терминалы" msgstr "Отправить сообщение на все терминалы"
#: src/login/org.freedesktop.login1.policy:352 #: src/login/org.freedesktop.login1.policy:386
msgid "Authentication is required to set a wall message" msgid "Authentication is required to set a wall message"
msgstr "" msgstr ""
"Чтобы отправить сообщение на все терминалы, необходимо пройти аутентификацию." "Чтобы отправить сообщение на все терминалы, необходимо пройти аутентификацию."
#: src/login/org.freedesktop.login1.policy:395
msgid "Change Session"
msgstr "Сменить сессию"
#: src/login/org.freedesktop.login1.policy:396
msgid "Authentication is required to change the virtual terminal."
msgstr "Чтобы сменить виртуальный терминал, необходимо пройти аутентификацию."
#: src/machine/org.freedesktop.machine1.policy:22 #: src/machine/org.freedesktop.machine1.policy:22
msgid "Log into a local container" msgid "Log into a local container"
msgstr "Зайти в локальный контейнер" msgstr "Зайти в локальный контейнер"
@ -609,14 +712,151 @@ msgstr ""
"Для управления образами виртуальных машин и контейнеров, необходимо пройти " "Для управления образами виртуальных машин и контейнеров, необходимо пройти "
"аутентификацию." "аутентификацию."
#: src/network/org.freedesktop.network1.policy:22
msgid "Set NTP servers"
msgstr "Задать NTP-серверы"
#: src/network/org.freedesktop.network1.policy:23
msgid "Authentication is required to set NTP servers."
msgstr "Чтобы задать NTP-серверы, необходимо пройти аутентификацию."
#: src/network/org.freedesktop.network1.policy:33
#: src/resolve/org.freedesktop.resolve1.policy:44
msgid "Set DNS servers"
msgstr "Задать DNS-серверы"
#: src/network/org.freedesktop.network1.policy:34
#: src/resolve/org.freedesktop.resolve1.policy:45
msgid "Authentication is required to set DNS servers."
msgstr "Чтобы задать DNS-серверы, необходимо пройти аутентификацию."
#: src/network/org.freedesktop.network1.policy:44
#: src/resolve/org.freedesktop.resolve1.policy:55
msgid "Set domains"
msgstr "Задать домены"
#: src/network/org.freedesktop.network1.policy:45
#: src/resolve/org.freedesktop.resolve1.policy:56
msgid "Authentication is required to set domains."
msgstr "Чтобы задать домены, необходимо пройти аутентификацию."
#: src/network/org.freedesktop.network1.policy:55
#: src/resolve/org.freedesktop.resolve1.policy:66
msgid "Set default route"
msgstr "Задать маршрут по умолчанию"
#: src/network/org.freedesktop.network1.policy:56
#: src/resolve/org.freedesktop.resolve1.policy:67
msgid "Authentication is required to set default route."
msgstr "Чтобы задать маршрут по умолчанию, необходимо пройти аутентификацию."
#: src/network/org.freedesktop.network1.policy:66
#: src/resolve/org.freedesktop.resolve1.policy:77
msgid "Enable/disable LLMNR"
msgstr "Включить/отключить LLMNR"
#: src/network/org.freedesktop.network1.policy:67
#: src/resolve/org.freedesktop.resolve1.policy:78
msgid "Authentication is required to enable or disable LLMNR."
msgstr "Чтобы включить или отключить LLMNR, необходимо пройти аутентификацию."
#: src/network/org.freedesktop.network1.policy:77
#: src/resolve/org.freedesktop.resolve1.policy:88
msgid "Enable/disable multicast DNS"
msgstr "Включить/отключить multicast DNS"
#: src/network/org.freedesktop.network1.policy:78
#: src/resolve/org.freedesktop.resolve1.policy:89
msgid "Authentication is required to enable or disable multicast DNS."
msgstr ""
"Чтобы включить или отключить multicast DNS, необходимо пройти аутентификацию."
#: src/network/org.freedesktop.network1.policy:88
#: src/resolve/org.freedesktop.resolve1.policy:99
msgid "Enable/disable DNS over TLS"
msgstr "Включить/отключить DNS поверх TLS"
#: src/network/org.freedesktop.network1.policy:89
#: src/resolve/org.freedesktop.resolve1.policy:100
msgid "Authentication is required to enable or disable DNS over TLS."
msgstr ""
"Чтобы включить или отключить DNS поверх TLS, необходимо пройти аутентификацию."
#: src/network/org.freedesktop.network1.policy:99
#: src/resolve/org.freedesktop.resolve1.policy:110
msgid "Enable/disable DNSSEC"
msgstr "Включить/отключить DNSSEC"
#: src/network/org.freedesktop.network1.policy:100
#: src/resolve/org.freedesktop.resolve1.policy:111
msgid "Authentication is required to enable or disable DNSSEC."
msgstr "Чтобы включить или отключить DNSSEC, необходимо пройти аутентификацию."
#: src/network/org.freedesktop.network1.policy:110
#: src/resolve/org.freedesktop.resolve1.policy:121
msgid "Set DNSSEC Negative Trust Anchors"
msgstr "Задать DNSSEC Negative Trust Anchors"
#: src/network/org.freedesktop.network1.policy:111
#: src/resolve/org.freedesktop.resolve1.policy:122
msgid "Authentication is required to set DNSSEC Negative Trust Anchors."
msgstr ""
"Чтобы задать DNSSEC Negative Trust Anchors, необходимо пройти аутентификацию."
#: src/network/org.freedesktop.network1.policy:121
msgid "Revert NTP settings"
msgstr "Восстановить настройки NTP по умолчанию"
#: src/network/org.freedesktop.network1.policy:122
msgid "Authentication is required to reset NTP settings."
msgstr ""
"Чтобы сбросить локальные настройки NTP, необходимо пройти аутентификацию."
#: src/network/org.freedesktop.network1.policy:132
msgid "Revert DNS settings"
msgstr "Восстановить настройки DNS по умолчанию"
#: src/network/org.freedesktop.network1.policy:133
msgid "Authentication is required to reset DNS settings."
msgstr ""
"Чтобы сбросить локальные настройки DNS, необходимо пройти аутентификацию."
#: src/network/org.freedesktop.network1.policy:143
msgid "Renew dynamic addresses"
msgstr "Обновить динамические адреса"
#: src/network/org.freedesktop.network1.policy:144
msgid "Authentication is required to renew dynamic addresses."
msgstr "Чтобы обновить динамические адреса, необходимо пройти аутентификацию."
#: src/network/org.freedesktop.network1.policy:154
msgid "Reload network settings"
msgstr "Перечитать настройки сети"
#: src/network/org.freedesktop.network1.policy:155
msgid "Authentication is required to reload network settings."
msgstr ""
"Чтобы заставить systemd перечитать настройки сети, необходимо пройти "
"аутентификацию."
#: src/network/org.freedesktop.network1.policy:165
msgid "Reconfigure network interface"
msgstr "Изменить конфигурацию сетевого интерфейса"
#: src/network/org.freedesktop.network1.policy:166
msgid "Authentication is required to reconfigure network interface."
msgstr ""
"Чтобы изменить конфигурацию сетевого интерфейса, необходимо пройти"
" аутентификацию."
#: src/portable/org.freedesktop.portable1.policy:13 #: src/portable/org.freedesktop.portable1.policy:13
msgid "Inspect a portable service image" msgid "Inspect a portable service image"
msgstr "Прочитать образ переносимой службы" msgstr "Прочитать образ переносимой службы"
#: src/portable/org.freedesktop.portable1.policy:14 #: src/portable/org.freedesktop.portable1.policy:14
msgid "Authentication is required to inspect a portable service image." msgid "Authentication is required to inspect a portable service image."
msgstr "Чтобы прочитать образ переносимой службы, необходимо пройти " msgstr ""
"аутентификацию." "Чтобы прочитать образ переносимой службы, необходимо пройти аутентификацию."
#: src/portable/org.freedesktop.portable1.policy:23 #: src/portable/org.freedesktop.portable1.policy:23
msgid "Attach or detach a portable service image" msgid "Attach or detach a portable service image"
@ -625,8 +865,9 @@ msgstr "Подключить или отключить образ перенос
#: src/portable/org.freedesktop.portable1.policy:24 #: src/portable/org.freedesktop.portable1.policy:24
msgid "" msgid ""
"Authentication is required to attach or detach a portable service image." "Authentication is required to attach or detach a portable service image."
msgstr "Чтобы подключить или отключить образ переносимой службы, необходимо " msgstr ""
"пройти аутентификацию." "Чтобы подключить или отключить образ переносимой службы, необходимо пройти "
"аутентификацию."
#: src/portable/org.freedesktop.portable1.policy:34 #: src/portable/org.freedesktop.portable1.policy:34
msgid "Delete or modify portable service image" msgid "Delete or modify portable service image"
@ -645,8 +886,8 @@ msgstr "Зарегистрировать службу в DNS-SD"
#: src/resolve/org.freedesktop.resolve1.policy:23 #: src/resolve/org.freedesktop.resolve1.policy:23
msgid "Authentication is required to register a DNS-SD service" msgid "Authentication is required to register a DNS-SD service"
msgstr "Чтобы зарегистрировать службу в DNS-SD, необходимо пройти " msgstr ""
"аутентификацию." "Чтобы зарегистрировать службу в DNS-SD, необходимо пройти аутентификацию."
#: src/resolve/org.freedesktop.resolve1.policy:33 #: src/resolve/org.freedesktop.resolve1.policy:33
msgid "Unregister a DNS-SD service" msgid "Unregister a DNS-SD service"
@ -656,6 +897,15 @@ msgstr "Удалить службу из DNS-SD"
msgid "Authentication is required to unregister a DNS-SD service" msgid "Authentication is required to unregister a DNS-SD service"
msgstr "Чтобы удалить службу из DNS-SD, необходимо пройти аутентификацию." msgstr "Чтобы удалить службу из DNS-SD, необходимо пройти аутентификацию."
#: src/resolve/org.freedesktop.resolve1.policy:132
msgid "Revert name resolution settings"
msgstr "Вернуть настройки разрешения имён по умолчанию"
#: src/resolve/org.freedesktop.resolve1.policy:133
msgid "Authentication is required to reset name resolution settings."
msgstr ""
"Чтобы сбросить настройки разрешения имён, необходимо пройти аутентификацию."
#: src/timedate/org.freedesktop.timedate1.policy:22 #: src/timedate/org.freedesktop.timedate1.policy:22
msgid "Set system time" msgid "Set system time"
msgstr "Настроить системное время" msgstr "Настроить системное время"
@ -696,49 +946,47 @@ msgstr ""
"Чтобы включить или выключить синхронизацию времени по сети, необходимо " "Чтобы включить или выключить синхронизацию времени по сети, необходимо "
"пройти аутентификацию." "пройти аутентификацию."
#: src/core/dbus-unit.c:326 #: src/core/dbus-unit.c:356
msgid "Authentication is required to start '$(unit)'." msgid "Authentication is required to start '$(unit)'."
msgstr "Чтобы запустить «$(unit)», необходимо пройти аутентификацию." msgstr "Чтобы запустить «$(unit)», необходимо пройти аутентификацию."
#: src/core/dbus-unit.c:327 #: src/core/dbus-unit.c:357
msgid "Authentication is required to stop '$(unit)'." msgid "Authentication is required to stop '$(unit)'."
msgstr "Чтобы остановить «$(unit)», необходимо пройти аутентификацию." msgstr "Чтобы остановить «$(unit)», необходимо пройти аутентификацию."
#: src/core/dbus-unit.c:328 #: src/core/dbus-unit.c:358
msgid "Authentication is required to reload '$(unit)'." msgid "Authentication is required to reload '$(unit)'."
msgstr "" msgstr ""
"Чтобы заставить «$(unit)» перечитать конфигурацию, необходимо пройти " "Чтобы заставить «$(unit)» перечитать конфигурацию, необходимо пройти "
"аутентификацию." "аутентификацию."
#: src/core/dbus-unit.c:329 src/core/dbus-unit.c:330 #: src/core/dbus-unit.c:359 src/core/dbus-unit.c:360
msgid "Authentication is required to restart '$(unit)'." msgid "Authentication is required to restart '$(unit)'."
msgstr "Чтобы перезапустить «$(unit)», необходимо пройти аутентификацию." msgstr "Чтобы перезапустить «$(unit)», необходимо пройти аутентификацию."
#: src/core/dbus-unit.c:437 #: src/core/dbus-unit.c:532
msgid "Authentication is required to kill '$(unit)'." msgid ""
msgstr "Чтобы убить юнит «$(unit)», необходимо пройти аутентификацию." "Authentication is required to send a UNIX signal to the processes of "
"'$(unit)'."
msgstr ""
"Чтобы отправить сигнал UNIX процессам юнита «$(unit)», необходимо пройти"
" аутентификацию."
#: src/core/dbus-unit.c:468 #: src/core/dbus-unit.c:563
msgid "Authentication is required to reset the \"failed\" state of '$(unit)'." msgid "Authentication is required to reset the \"failed\" state of '$(unit)'."
msgstr "" msgstr ""
"Чтобы сбросить состояние «failed» у юнита «$(unit)», необходимо пройти " "Чтобы сбросить состояние «failed» у юнита «$(unit)», необходимо пройти "
"аутентификацию." "аутентификацию."
#: src/core/dbus-unit.c:501 #: src/core/dbus-unit.c:596
msgid "Authentication is required to set properties on '$(unit)'." msgid "Authentication is required to set properties on '$(unit)'."
msgstr "Чтобы изменить параметры юнита «$(unit)», необходимо пройти " msgstr ""
"аутентификацию." "Чтобы изменить параметры юнита «$(unit)», необходимо пройти аутентификацию."
#~ msgid "Press Ctrl+C to cancel all filesystem checks in progress" #: src/core/dbus-unit.c:705
#~ msgstr "" msgid ""
#~ "Чтобы прервать все запущенные проверки файловых систем, нажмите Ctrl+C" "Authentication is required to delete files and directories associated with "
"'$(unit)'."
# There is no difference between "на 2 дисках" (plural==1) and "на 5 дисках" (plural==2) msgstr ""
#~ msgid "Checking in progress on %d disk (%3.1f%% complete)" "Чтобы удалить файлы и директории, относящиеся к юниту «$(unit)», необходимо"
#~ msgid_plural "Checking in progress on %d disks (%3.1f%% complete)" " пройти аутентификацию."
#~ msgstr[0] ""
#~ "Проверяется целостность файловой системы на %d диске (выполнено %3.1f%%)"
#~ msgstr[1] ""
#~ "Проверяется целостность файловых систем на %d дисках (выполнено %3.1f%%)"
#~ msgstr[2] ""
#~ "Проверяется целостность файловых систем на %d дисках (выполнено %3.1f%%)"

View File

@ -272,6 +272,52 @@ int fchmod_and_chown(int fd, mode_t mode, uid_t uid, gid_t gid) {
return do_chown || do_chmod; return do_chown || do_chmod;
} }
int chmod_and_chown_unsafe(const char *path, mode_t mode, uid_t uid, gid_t gid) {
bool do_chown, do_chmod;
struct stat st;
assert(path);
/* Change ownership and access mode of the specified path, see description of fchmod_and_chown().
* Should only be used on trusted paths. */
if (lstat(path, &st) < 0)
return -errno;
do_chown =
(uid != UID_INVALID && st.st_uid != uid) ||
(gid != GID_INVALID && st.st_gid != gid);
do_chmod =
!S_ISLNK(st.st_mode) && /* chmod is not defined on symlinks */
((mode != MODE_INVALID && ((st.st_mode ^ mode) & 07777) != 0) ||
do_chown); /* If we change ownership, make sure we reset the mode afterwards, since chown()
* modifies the access mode too */
if (mode == MODE_INVALID)
mode = st.st_mode; /* If we only shall do a chown(), save original mode, since chown() might break it. */
else if ((mode & S_IFMT) != 0 && ((mode ^ st.st_mode) & S_IFMT) != 0)
return -EINVAL; /* insist on the right file type if it was specified */
if (do_chown && do_chmod) {
mode_t minimal = st.st_mode & mode; /* the subset of the old and the new mask */
if (((minimal ^ st.st_mode) & 07777) != 0)
if (chmod(path, minimal & 07777) < 0)
return -errno;
}
if (do_chown)
if (lchown(path, uid, gid) < 0)
return -errno;
if (do_chmod)
if (chmod(path, mode & 07777) < 0)
return -errno;
return do_chown || do_chmod;
}
int fchmod_umask(int fd, mode_t m) { int fchmod_umask(int fd, mode_t m) {
mode_t u; mode_t u;
int r; int r;

View File

@ -34,6 +34,7 @@ int readlink_and_make_absolute(const char *p, char **r);
int chmod_and_chown(const char *path, mode_t mode, uid_t uid, gid_t gid); int chmod_and_chown(const char *path, mode_t mode, uid_t uid, gid_t gid);
int fchmod_and_chown(int fd, mode_t mode, uid_t uid, gid_t gid); int fchmod_and_chown(int fd, mode_t mode, uid_t uid, gid_t gid);
int chmod_and_chown_unsafe(const char *path, mode_t mode, uid_t uid, gid_t gid);
int fchmod_umask(int fd, mode_t mode); int fchmod_umask(int fd, mode_t mode);
int fchmod_opath(int fd, mode_t m); int fchmod_opath(int fd, mode_t m);

View File

@ -233,6 +233,9 @@ int mac_selinux_get_create_label_from_exe(const char *exe, char **label) {
return -errno; return -errno;
sclass = string_to_security_class("process"); sclass = string_to_security_class("process");
if (sclass == 0)
return -ENOSYS;
r = security_compute_create_raw(mycon, fcon, sclass, label); r = security_compute_create_raw(mycon, fcon, sclass, label);
if (r < 0) if (r < 0)
return -errno; return -errno;
@ -312,6 +315,9 @@ int mac_selinux_get_child_mls_label(int socket_fd, const char *exe, const char *
return -ENOMEM; return -ENOMEM;
sclass = string_to_security_class("process"); sclass = string_to_security_class("process");
if (sclass == 0)
return -ENOSYS;
r = security_compute_create_raw(mycon, fcon, sclass, label); r = security_compute_create_raw(mycon, fcon, sclass, label);
if (r < 0) if (r < 0)
return -errno; return -errno;

View File

@ -1713,7 +1713,7 @@ static int method_get_dynamic_users(sd_bus_message *message, void *userdata, sd_
if (r == -EAGAIN) /* not realized yet? */ if (r == -EAGAIN) /* not realized yet? */
continue; continue;
if (r < 0) if (r < 0)
return sd_bus_error_setf(error, SD_BUS_ERROR_FAILED, "Failed to lookup a dynamic user."); return sd_bus_error_setf(error, SD_BUS_ERROR_FAILED, "Failed to look up a dynamic user.");
r = sd_bus_message_append(reply, "(us)", uid, d->name); r = sd_bus_message_append(reply, "(us)", uid, d->name);
if (r < 0) if (r < 0)

View File

@ -127,7 +127,8 @@ int bus_property_get_triggered_unit(sd_bus *bus, const char *path, const char *i
if (!UNIT_WRITE_FLAGS_NOOP(flags)) { \ if (!UNIT_WRITE_FLAGS_NOOP(flags)) { \
*p = (cast_type) v; \ *p = (cast_type) v; \
unit_write_settingf(u, flags, name, \ unit_write_settingf(u, flags, name, \
"%s=%s", name, s); \ "%s=%s", \
name, strempty(s)); \
} \ } \
\ \
return 1; \ return 1; \

View File

@ -4881,7 +4881,7 @@ void exec_context_dump(const ExecContext *c, FILE* f, const char *prefix) {
r = namespace_flags_to_string(c->restrict_namespaces, &s); r = namespace_flags_to_string(c->restrict_namespaces, &s);
if (r >= 0) if (r >= 0)
fprintf(f, "%sRestrictNamespaces: %s\n", fprintf(f, "%sRestrictNamespaces: %s\n",
prefix, s); prefix, strna(s));
} }
if (c->network_namespace_path) if (c->network_namespace_path)

View File

@ -749,7 +749,7 @@ static int mount_private_dev(MountEntry *m) {
r = dev_setup(temporary_mount, UID_INVALID, GID_INVALID); r = dev_setup(temporary_mount, UID_INVALID, GID_INVALID);
if (r < 0) if (r < 0)
log_debug_errno(r, "Failed to setup basic device tree at '%s', ignoring: %m", temporary_mount); log_debug_errno(r, "Failed to set up basic device tree at '%s', ignoring: %m", temporary_mount);
/* Create the /dev directory if missing. It is more likely to be /* Create the /dev directory if missing. It is more likely to be
* missing when the service is started with RootDirectory. This is * missing when the service is started with RootDirectory. This is

View File

@ -3020,7 +3020,7 @@ static int inner_child(
r = setup_dev_console(console); r = setup_dev_console(console);
if (r < 0) if (r < 0)
return log_error_errno(r, "Failed to setup /dev/console: %m"); return log_error_errno(r, "Failed to set up /dev/console: %m");
r = send_one_fd(master_pty_socket, master, 0); r = send_one_fd(master_pty_socket, master, 0);
if (r < 0) if (r < 0)

View File

@ -9,6 +9,7 @@
#include "bus-error.h" #include "bus-error.h"
#include "bus-unit-util.h" #include "bus-unit-util.h"
#include "bus-util.h" #include "bus-util.h"
#include "bus-wait-for-jobs.h"
#include "def.h" #include "def.h"
#include "dirent-util.h" #include "dirent-util.h"
#include "env-file.h" #include "env-file.h"
@ -42,6 +43,7 @@ static BusTransport arg_transport = BUS_TRANSPORT_LOCAL;
static const char *arg_host = NULL; static const char *arg_host = NULL;
static bool arg_enable = false; static bool arg_enable = false;
static bool arg_now = false; static bool arg_now = false;
static bool arg_no_block = false;
static int determine_image(const char *image, bool permit_non_existing, char **ret) { static int determine_image(const char *image, bool permit_non_existing, char **ret) {
int r; int r;
@ -445,7 +447,7 @@ static int maybe_enable_disable(sd_bus *bus, const char *path, bool enable) {
return 0; return 0;
} }
static int maybe_start_stop(sd_bus *bus, const char *path, bool start) { static int maybe_start_stop(sd_bus *bus, const char *path, bool start, BusWaitForJobs *wait) {
_cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL; _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL; _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
char *name = (char *)basename(path), *job = NULL; char *name = (char *)basename(path), *job = NULL;
@ -476,15 +478,29 @@ static int maybe_start_stop(sd_bus *bus, const char *path, bool start) {
if (!arg_quiet) if (!arg_quiet)
log_info("Queued %s to %s portable service %s.", job, start ? "start" : "stop", name); log_info("Queued %s to %s portable service %s.", job, start ? "start" : "stop", name);
if (wait) {
r = bus_wait_for_jobs_add(wait, job);
if (r < 0)
return log_error_errno(r, "Failed to watch %s job for %s %s: %m",
job, start ? "starting" : "stopping", name);
}
return 0; return 0;
} }
static int maybe_enable_start(sd_bus *bus, sd_bus_message *reply) { static int maybe_enable_start(sd_bus *bus, sd_bus_message *reply) {
_cleanup_(bus_wait_for_jobs_freep) BusWaitForJobs *wait = NULL;
int r; int r;
if (!arg_enable && !arg_now) if (!arg_enable && !arg_now)
return 0; return 0;
if (!arg_no_block) {
r = bus_wait_for_jobs_new(bus, &wait);
if (r < 0)
return log_error_errno(r, "Could not watch jobs: %m");
}
r = sd_bus_message_rewind(reply, true); r = sd_bus_message_rewind(reply, true);
if (r < 0) if (r < 0)
return r; return r;
@ -503,7 +519,7 @@ static int maybe_enable_start(sd_bus *bus, sd_bus_message *reply) {
if (STR_IN_SET(type, "symlink", "copy") && ENDSWITH_SET(path, ".service", ".target", ".socket")) { if (STR_IN_SET(type, "symlink", "copy") && ENDSWITH_SET(path, ".service", ".target", ".socket")) {
(void) maybe_enable_disable(bus, path, true); (void) maybe_enable_disable(bus, path, true);
(void) maybe_start_stop(bus, path, true); (void) maybe_start_stop(bus, path, true, wait);
} }
} }
@ -511,10 +527,17 @@ static int maybe_enable_start(sd_bus *bus, sd_bus_message *reply) {
if (r < 0) if (r < 0)
return r; return r;
if (!arg_no_block) {
r = bus_wait_for_jobs(wait, arg_quiet, NULL);
if (r < 0)
return r;
}
return 0; return 0;
} }
static int maybe_stop_disable(sd_bus *bus, char *image, char *argv[]) { static int maybe_stop_disable(sd_bus *bus, char *image, char *argv[]) {
_cleanup_(bus_wait_for_jobs_freep) BusWaitForJobs *wait = NULL;
_cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL, *reply = NULL; _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL, *reply = NULL;
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL; _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
_cleanup_strv_free_ char **matches = NULL; _cleanup_strv_free_ char **matches = NULL;
@ -527,6 +550,10 @@ static int maybe_stop_disable(sd_bus *bus, char *image, char *argv[]) {
if (r < 0) if (r < 0)
return r; return r;
r = bus_wait_for_jobs_new(bus, &wait);
if (r < 0)
return log_error_errno(r, "Could not watch jobs: %m");
r = sd_bus_message_new_method_call( r = sd_bus_message_new_method_call(
bus, bus,
&m, &m,
@ -578,7 +605,7 @@ static int maybe_stop_disable(sd_bus *bus, char *image, char *argv[]) {
if (r < 0) if (r < 0)
return bus_log_parse_error(r); return bus_log_parse_error(r);
(void) maybe_start_stop(bus, name, false); (void) maybe_start_stop(bus, name, false, wait);
(void) maybe_enable_disable(bus, name, false); (void) maybe_enable_disable(bus, name, false);
} }
@ -586,6 +613,11 @@ static int maybe_stop_disable(sd_bus *bus, char *image, char *argv[]) {
if (r < 0) if (r < 0)
return bus_log_parse_error(r); return bus_log_parse_error(r);
/* Stopping must always block or the detach will fail if the unit is still running */
r = bus_wait_for_jobs(wait, arg_quiet, NULL);
if (r < 0)
return r;
return 0; return 0;
} }
@ -997,6 +1029,7 @@ static int help(int argc, char *argv[], void *userdata) {
" after attach/detach\n" " after attach/detach\n"
" --now Immediately start/stop the portable service after\n" " --now Immediately start/stop the portable service after\n"
" attach/before detach\n" " attach/before detach\n"
" --no-block Don't block waiting for attach --now to complete\n"
"\nSee the %s for details.\n" "\nSee the %s for details.\n"
, program_invocation_short_name , program_invocation_short_name
, ansi_highlight() , ansi_highlight()
@ -1020,6 +1053,7 @@ static int parse_argv(int argc, char *argv[]) {
ARG_CAT, ARG_CAT,
ARG_ENABLE, ARG_ENABLE,
ARG_NOW, ARG_NOW,
ARG_NO_BLOCK,
}; };
static const struct option options[] = { static const struct option options[] = {
@ -1038,6 +1072,7 @@ static int parse_argv(int argc, char *argv[]) {
{ "cat", no_argument, NULL, ARG_CAT }, { "cat", no_argument, NULL, ARG_CAT },
{ "enable", no_argument, NULL, ARG_ENABLE }, { "enable", no_argument, NULL, ARG_ENABLE },
{ "now", no_argument, NULL, ARG_NOW }, { "now", no_argument, NULL, ARG_NOW },
{ "no-block", no_argument, NULL, ARG_NO_BLOCK },
{} {}
}; };
@ -1132,6 +1167,10 @@ static int parse_argv(int argc, char *argv[]) {
arg_now = true; arg_now = true;
break; break;
case ARG_NO_BLOCK:
arg_no_block = true;
break;
case '?': case '?':
return -EINVAL; return -EINVAL;

View File

@ -863,7 +863,7 @@ void dns_scope_process_query(DnsScope *s, DnsStream *stream, DnsPacket *p) {
r = dns_zone_lookup(&s->zone, key, 0, &answer, &soa, &tentative); r = dns_zone_lookup(&s->zone, key, 0, &answer, &soa, &tentative);
if (r < 0) { if (r < 0) {
log_debug_errno(r, "Failed to lookup key: %m"); log_debug_errno(r, "Failed to look up key: %m");
return; return;
} }
if (r == 0) if (r == 0)

View File

@ -195,7 +195,7 @@ static int mdns_scope_process_query(DnsScope *s, DnsPacket *p) {
r = dns_zone_lookup(&s->zone, key, 0, &answer, &soa, &tentative); r = dns_zone_lookup(&s->zone, key, 0, &answer, &soa, &tentative);
if (r < 0) if (r < 0)
return log_debug_errno(r, "Failed to lookup key: %m"); return log_debug_errno(r, "Failed to look up key: %m");
if (tentative && DNS_PACKET_NSCOUNT(p) > 0) { if (tentative && DNS_PACKET_NSCOUNT(p) > 0) {
/* /*

View File

@ -406,7 +406,7 @@ static int bus_print_property(const char *name, const char *expected_value, sd_b
if (r < 0) if (r < 0)
return r; return r;
result = s; result = strempty(s);
} }
bus_print_property_value(name, expected_value, value, result); bus_print_property_value(name, expected_value, value, result);

View File

@ -18,7 +18,7 @@ int module_load_and_warn(struct kmod_ctx *ctx, const char *module, bool verbose)
r = kmod_module_new_from_lookup(ctx, module, &modlist); r = kmod_module_new_from_lookup(ctx, module, &modlist);
if (r < 0) if (r < 0)
return log_full_errno(verbose ? LOG_ERR : LOG_DEBUG, r, return log_full_errno(verbose ? LOG_ERR : LOG_DEBUG, r,
"Failed to lookup module alias '%s': %m", module); "Failed to look up module alias '%s': %m", module);
if (!modlist) { if (!modlist) {
log_full_errno(verbose ? LOG_ERR : LOG_DEBUG, r, log_full_errno(verbose ? LOG_ERR : LOG_DEBUG, r,

View File

@ -65,12 +65,6 @@ int namespace_flags_to_string(unsigned long flags, char **ret) {
return -ENOMEM; return -ENOMEM;
} }
if (!s) {
s = strdup("");
if (!s)
return -ENOMEM;
}
*ret = TAKE_PTR(s); *ret = TAKE_PTR(s);
return 0; return 0;

View File

@ -6590,7 +6590,7 @@ static int enable_sysv_units(const char *verb, char **args) {
j = unit_file_exists(arg_scope, &paths, name); j = unit_file_exists(arg_scope, &paths, name);
if (j < 0 && !IN_SET(j, -ELOOP, -ERFKILL, -EADDRNOTAVAIL)) if (j < 0 && !IN_SET(j, -ELOOP, -ERFKILL, -EADDRNOTAVAIL))
return log_error_errno(j, "Failed to lookup unit file state: %m"); return log_error_errno(j, "Failed to look up unit file state: %m");
found_native = j != 0; found_native = j != 0;
/* If we have both a native unit and a SysV script, enable/disable them both (below); for is-enabled, /* If we have both a native unit and a SysV script, enable/disable them both (below); for is-enabled,

View File

@ -94,6 +94,12 @@ STATIC_DESTRUCTOR_REGISTER(database_groups, set_free_freep);
STATIC_DESTRUCTOR_REGISTER(uid_range, freep); STATIC_DESTRUCTOR_REGISTER(uid_range, freep);
STATIC_DESTRUCTOR_REGISTER(arg_root, freep); STATIC_DESTRUCTOR_REGISTER(arg_root, freep);
static int errno_is_not_exists(int code) {
/* See getpwnam(3) and getgrnam(3): those codes and others can be returned if the user or group are
* not found. */
return IN_SET(code, 0, ENOENT, ESRCH, EBADF, EPERM);
}
static int load_user_database(void) { static int load_user_database(void) {
_cleanup_fclose_ FILE *f = NULL; _cleanup_fclose_ FILE *f = NULL;
const char *passwd_path; const char *passwd_path;
@ -193,7 +199,7 @@ static int load_group_database(void) {
static int make_backup(const char *target, const char *x) { static int make_backup(const char *target, const char *x) {
_cleanup_close_ int src = -1; _cleanup_close_ int src = -1;
_cleanup_fclose_ FILE *dst = NULL; _cleanup_fclose_ FILE *dst = NULL;
_cleanup_free_ char *temp = NULL; _cleanup_free_ char *dst_tmp = NULL;
char *backup; char *backup;
struct timespec ts[2]; struct timespec ts[2];
struct stat st; struct stat st;
@ -210,7 +216,7 @@ static int make_backup(const char *target, const char *x) {
if (fstat(src, &st) < 0) if (fstat(src, &st) < 0)
return -errno; return -errno;
r = fopen_temporary_label(target, x, &dst, &temp); r = fopen_temporary_label(target, x, &dst, &dst_tmp);
if (r < 0) if (r < 0)
return r; return r;
@ -224,7 +230,7 @@ static int make_backup(const char *target, const char *x) {
backup = strjoina(x, "-"); backup = strjoina(x, "-");
/* Copy over the access mask */ /* Copy over the access mask */
r = fchmod_and_chown(fileno(dst), st.st_mode & 07777, st.st_uid, st.st_gid); r = chmod_and_chown_unsafe(dst_tmp, st.st_mode & 07777, st.st_uid, st.st_gid);
if (r < 0) if (r < 0)
log_warning_errno(r, "Failed to change access mode or ownership of %s: %m", backup); log_warning_errno(r, "Failed to change access mode or ownership of %s: %m", backup);
@ -237,7 +243,7 @@ static int make_backup(const char *target, const char *x) {
if (r < 0) if (r < 0)
goto fail; goto fail;
if (rename(temp, backup) < 0) { if (rename(dst_tmp, backup) < 0) {
r = -errno; r = -errno;
goto fail; goto fail;
} }
@ -245,7 +251,7 @@ static int make_backup(const char *target, const char *x) {
return 0; return 0;
fail: fail:
(void) unlink(temp); (void) unlink(dst_tmp);
return r; return r;
} }
@ -339,13 +345,13 @@ static int putsgent_with_members(const struct sgrp *sg, FILE *gshadow) {
} }
#endif #endif
static int sync_rights(FILE *from, FILE *to) { static int sync_rights(FILE *from, const char *to) {
struct stat st; struct stat st;
if (fstat(fileno(from), &st) < 0) if (fstat(fileno(from), &st) < 0)
return -errno; return -errno;
return fchmod_and_chown(fileno(to), st.st_mode & 07777, st.st_uid, st.st_gid); return chmod_and_chown_unsafe(to, st.st_mode & 07777, st.st_uid, st.st_gid);
} }
static int rename_and_apply_smack(const char *temp_path, const char *dest_path) { static int rename_and_apply_smack(const char *temp_path, const char *dest_path) {
@ -383,7 +389,7 @@ static int write_temporary_passwd(const char *passwd_path, FILE **tmpfile, char
original = fopen(passwd_path, "re"); original = fopen(passwd_path, "re");
if (original) { if (original) {
r = sync_rights(original, passwd); r = sync_rights(original, passwd_tmp);
if (r < 0) if (r < 0)
return r; return r;
@ -485,7 +491,7 @@ static int write_temporary_shadow(const char *shadow_path, FILE **tmpfile, char
original = fopen(shadow_path, "re"); original = fopen(shadow_path, "re");
if (original) { if (original) {
r = sync_rights(original, shadow); r = sync_rights(original, shadow_tmp);
if (r < 0) if (r < 0)
return r; return r;
@ -582,7 +588,7 @@ static int write_temporary_group(const char *group_path, FILE **tmpfile, char **
original = fopen(group_path, "re"); original = fopen(group_path, "re");
if (original) { if (original) {
r = sync_rights(original, group); r = sync_rights(original, group_tmp);
if (r < 0) if (r < 0)
return r; return r;
@ -681,7 +687,7 @@ static int write_temporary_gshadow(const char * gshadow_path, FILE **tmpfile, ch
if (original) { if (original) {
struct sgrp *sg; struct sgrp *sg;
r = sync_rights(original, gshadow); r = sync_rights(original, gshadow_tmp);
if (r < 0) if (r < 0)
return r; return r;
@ -971,7 +977,7 @@ static int add_user(Item *i) {
return 0; return 0;
} }
if (!IN_SET(errno, 0, ENOENT)) if (!errno_is_not_exists(errno))
return log_error_errno(errno, "Failed to check if user %s already exists: %m", i->name); return log_error_errno(errno, "Failed to check if user %s already exists: %m", i->name);
} }
@ -1108,7 +1114,7 @@ static int get_gid_by_name(const char *name, gid_t *gid) {
*gid = g->gr_gid; *gid = g->gr_gid;
return 0; return 0;
} }
if (!IN_SET(errno, 0, ENOENT)) if (!errno_is_not_exists(errno))
return log_error_errno(errno, "Failed to check if group %s already exists: %m", name); return log_error_errno(errno, "Failed to check if group %s already exists: %m", name);
} }

View File

@ -155,7 +155,7 @@ int main(int argc, char *argv[]) {
r = btrfs_subvol_snapshot("/xxxquotatest", "/xxxquotatest2", BTRFS_SNAPSHOT_RECURSIVE|BTRFS_SNAPSHOT_QUOTA); r = btrfs_subvol_snapshot("/xxxquotatest", "/xxxquotatest2", BTRFS_SNAPSHOT_RECURSIVE|BTRFS_SNAPSHOT_QUOTA);
if (r < 0) if (r < 0)
log_error_errno(r, "Failed to setup snapshot: %m"); log_error_errno(r, "Failed to set up snapshot: %m");
r = btrfs_qgroup_get_quota("/xxxquotatest2/beneath", 0, &quota); r = btrfs_qgroup_get_quota("/xxxquotatest2/beneath", 0, &quota);
if (r < 0) if (r < 0)

View File

@ -802,6 +802,50 @@ static void test_chmod_and_chown(void) {
assert_se(S_ISLNK(st.st_mode)); assert_se(S_ISLNK(st.st_mode));
} }
static void test_chmod_and_chown_unsafe(void) {
_cleanup_(rm_rf_physical_and_freep) char *d = NULL;
_unused_ _cleanup_umask_ mode_t u = umask(0000);
struct stat st;
const char *p;
if (geteuid() != 0)
return;
log_info("/* %s */", __func__);
assert_se(mkdtemp_malloc(NULL, &d) >= 0);
p = strjoina(d, "/reg");
assert_se(mknod(p, S_IFREG | 0123, 0) >= 0);
assert_se(chmod_and_chown_unsafe(p, S_IFREG | 0321, 1, 2) >= 0);
assert_se(chmod_and_chown_unsafe(p, S_IFDIR | 0555, 3, 4) == -EINVAL);
assert_se(lstat(p, &st) >= 0);
assert_se(S_ISREG(st.st_mode));
assert_se((st.st_mode & 07777) == 0321);
p = strjoina(d, "/dir");
assert_se(mkdir(p, 0123) >= 0);
assert_se(chmod_and_chown_unsafe(p, S_IFDIR | 0321, 1, 2) >= 0);
assert_se(chmod_and_chown_unsafe(p, S_IFREG | 0555, 3, 4) == -EINVAL);
assert_se(lstat(p, &st) >= 0);
assert_se(S_ISDIR(st.st_mode));
assert_se((st.st_mode & 07777) == 0321);
p = strjoina(d, "/lnk");
assert_se(symlink("idontexist", p) >= 0);
assert_se(chmod_and_chown_unsafe(p, S_IFLNK | 0321, 1, 2) >= 0);
assert_se(chmod_and_chown_unsafe(p, S_IFREG | 0555, 3, 4) == -EINVAL);
assert_se(chmod_and_chown_unsafe(p, S_IFDIR | 0555, 3, 4) == -EINVAL);
assert_se(lstat(p, &st) >= 0);
assert_se(S_ISLNK(st.st_mode));
}
int main(int argc, char *argv[]) { int main(int argc, char *argv[]) {
test_setup_logging(LOG_INFO); test_setup_logging(LOG_INFO);
@ -819,6 +863,7 @@ int main(int argc, char *argv[]) {
test_fsync_directory_of_file(); test_fsync_directory_of_file();
test_rename_noreplace(); test_rename_noreplace();
test_chmod_and_chown(); test_chmod_and_chown();
test_chmod_and_chown_unsafe();
return 0; return 0;
} }

View File

@ -79,7 +79,7 @@ int main(int argc, char *argv[]) {
0, 0,
NULL); NULL);
if (r < 0) { if (r < 0) {
log_error_errno(r, "Failed to setup namespace: %m"); log_error_errno(r, "Failed to set up namespace: %m");
log_info("Usage:\n" log_info("Usage:\n"
" sudo TEST_NS_PROJECTS=/home/lennart/projects ./test-ns\n" " sudo TEST_NS_PROJECTS=/home/lennart/projects ./test-ns\n"

View File

@ -190,7 +190,7 @@ static void test_restrict_namespace(void) {
log_info("/* %s */", __func__); log_info("/* %s */", __func__);
assert_se(namespace_flags_to_string(0, &s) == 0 && streq(s, "")); assert_se(namespace_flags_to_string(0, &s) == 0 && isempty(s));
s = mfree(s); s = mfree(s);
assert_se(namespace_flags_to_string(CLONE_NEWNS, &s) == 0 && streq(s, "mnt")); assert_se(namespace_flags_to_string(CLONE_NEWNS, &s) == 0 && streq(s, "mnt"));
s = mfree(s); s = mfree(s);

View File

@ -110,7 +110,7 @@ static int manager_send_request(Manager *m) {
r = manager_listen_setup(m); r = manager_listen_setup(m);
if (r < 0) if (r < 0)
return log_warning_errno(r, "Failed to setup connection socket: %m"); return log_warning_errno(r, "Failed to set up connection socket: %m");
/* /*
* Set transmit timestamp, remember it; the server will send that back * Set transmit timestamp, remember it; the server will send that back

View File

@ -163,7 +163,7 @@ static int builtin_hwdb(sd_device *dev, int argc, char *argv[], bool test) {
if (argv[optind]) { if (argv[optind]) {
r = udev_builtin_hwdb_lookup(dev, prefix, argv[optind], filter, test); r = udev_builtin_hwdb_lookup(dev, prefix, argv[optind], filter, test);
if (r < 0) if (r < 0)
return log_device_debug_errno(dev, r, "Failed to lookup hwdb: %m"); return log_device_debug_errno(dev, r, "Failed to look up hwdb: %m");
if (r == 0) if (r == 0)
return log_device_debug_errno(dev, SYNTHETIC_ERRNO(ENODATA), "No entry found from hwdb."); return log_device_debug_errno(dev, SYNTHETIC_ERRNO(ENODATA), "No entry found from hwdb.");
return r; return r;
@ -178,7 +178,7 @@ static int builtin_hwdb(sd_device *dev, int argc, char *argv[], bool test) {
r = udev_builtin_hwdb_search(dev, srcdev, subsystem, prefix, filter, test); r = udev_builtin_hwdb_search(dev, srcdev, subsystem, prefix, filter, test);
if (r < 0) if (r < 0)
return log_device_debug_errno(dev, r, "Failed to lookup hwdb: %m"); return log_device_debug_errno(dev, r, "Failed to look up hwdb: %m");
if (r == 0) if (r == 0)
return log_device_debug_errno(dev, SYNTHETIC_ERRNO(ENODATA), "No entry found from hwdb."); return log_device_debug_errno(dev, SYNTHETIC_ERRNO(ENODATA), "No entry found from hwdb.");
return r; return r;

View File

@ -10,7 +10,6 @@ Release=29
[Output] [Output]
Format=raw_btrfs Format=raw_btrfs
Bootable=yes Bootable=yes
KernelCommandLine=printk.devkmsg=on
OutputDirectory=../mkosi.output OutputDirectory=../mkosi.output
Output=networkd-test.raw Output=networkd-test.raw

View File

@ -212,7 +212,6 @@ loglevel=2 \
init=$PATH_TO_INIT \ init=$PATH_TO_INIT \
console=$CONSOLE \ console=$CONSOLE \
selinux=0 \ selinux=0 \
printk.devkmsg=on \
$_cgroup_args \ $_cgroup_args \
$KERNEL_APPEND \ $KERNEL_APPEND \
" "