Compare commits
22 Commits
a100fe3c27
...
dd0395b565
Author | SHA1 | Date |
---|---|---|
Yu Watanabe | dd0395b565 | |
Zbigniew Jędrzejewski-Szmek | fbd6ac2601 | |
Zbigniew Jędrzejewski-Szmek | efd58985f6 | |
Frantisek Sumsal | e31b6bd020 | |
Zbigniew Jędrzejewski-Szmek | d4de2b2aff | |
Zbigniew Jędrzejewski-Szmek | 870d38dca9 | |
Zbigniew Jędrzejewski-Szmek | c7fe06fb0a | |
Zbigniew Jędrzejewski-Szmek | cd517eb731 | |
Daniel Lublin | 1699f53788 | |
Zbigniew Jędrzejewski-Szmek | 105a1a36cd | |
Zbigniew Jędrzejewski-Szmek | 33eb1f2497 | |
Zbigniew Jędrzejewski-Szmek | a345d5c1c9 | |
Zbigniew Jędrzejewski-Szmek | 95d311faea | |
Zbigniew Jędrzejewski-Szmek | 7e0276b37a | |
Guido Günther | 1c5b427f5d | |
Christian Göttsche | fdb0405edd | |
Vladimir Yerilov | 81d4a026a6 | |
Vladimir Yerilov | d015652944 | |
Zbigniew Jędrzejewski-Szmek | 1fb5a5edc7 | |
Zbigniew Jędrzejewski-Szmek | 6cb356ca9f | |
Zbigniew Jędrzejewski-Szmek | 08c7c3216b | |
Luca Boccassi | 31c33315b3 |
10
.lgtm.yml
10
.lgtm.yml
|
@ -9,16 +9,6 @@ extraction:
|
|||
- libfdisk-dev
|
||||
- libp11-kit-dev
|
||||
- libssl-dev
|
||||
before_index:
|
||||
# /tmp has `noexec` set in the LGTM infra which breaks meson's
|
||||
# compilation checks. Let's temporarily override TMPDIR to /var/tmp which
|
||||
# should work as expected
|
||||
# See: https://discuss.lgtm.com/t/meson-fails-to-determine-sizes-of-basic-data-types/2639
|
||||
- export TMPDIR=/var/tmp
|
||||
index:
|
||||
build_command:
|
||||
- meson build
|
||||
- ninja -C build
|
||||
python:
|
||||
python_setup:
|
||||
version: 3
|
||||
|
|
|
@ -10,7 +10,6 @@ Release=31
|
|||
[Output]
|
||||
Format=gpt_ext4
|
||||
Bootable=yes
|
||||
KernelCommandLine=printk.devkmsg=on
|
||||
|
||||
[Partitions]
|
||||
RootSize=3G
|
||||
|
@ -27,6 +26,7 @@ BuildPackages=
|
|||
gcc
|
||||
gettext
|
||||
git
|
||||
glibc-minimal-langpack
|
||||
gnu-efi
|
||||
gnu-efi-devel
|
||||
gnutls-devel
|
||||
|
|
|
@ -96,6 +96,8 @@ And now, here's the list of (hopefully) all APIs that we have introduced with sy
|
|||
| [$NOTIFY_SOCKET Daemon Notifications](https://www.freedesktop.org/software/systemd/man/sd_notify.html) | Environment | yes | yes | a few, including udev | yes | - | no |
|
||||
| [argv[0][0]='@' Logic](https://www.freedesktop.org/wiki/Software/systemd/RootStorageDaemons) | `/proc` marking | yes | yes | mdadm | yes | - | no |
|
||||
| [Unit file format](https://www.freedesktop.org/software/systemd/man/systemd.unit.html) | File format | yes | yes | numerous | no | - | no |
|
||||
| [Network](https://www.freedesktop.org/software/systemd/man/systemd.network.html) & [Netdev file format](https://www.freedesktop.org/software/systemd/man/systemd.netdev.html) | File format | yes | yes | no | no | - | no |
|
||||
| [Link file format](https://www.freedesktop.org/software/systemd/man/systemd.link.html) | File format | yes | yes | no | no | - | no |
|
||||
| [Journal File Format](https://www.freedesktop.org/wiki/Software/systemd/journal-files) | File format | yes | yes | - | maybe | - | no |
|
||||
| [Journal Export Format](https://www.freedesktop.org/wiki/Software/systemd/export) | File format | yes | yes | - | yes | - | no |
|
||||
| [Cooperation in cgroup tree](https://www.freedesktop.org/wiki/Software/systemd/PaxControlGroups) | Treaty | yes | yes | libvirt | yes | libvirt | no |
|
||||
|
|
|
@ -1200,6 +1200,19 @@ evdev:name:MSI Laptop hotkeys:dmi:bvn*:bvr*:bd*:svn*:pnM[iI][cC][rR][oO]-S[tT][a
|
|||
KEYBOARD_KEY_0213=f22
|
||||
KEYBOARD_KEY_0214=f23
|
||||
|
||||
###########################################################
|
||||
# Olimex
|
||||
###########################################################
|
||||
|
||||
# Teres-I
|
||||
evdev:input:b0003v15BAp003C*
|
||||
KEYBOARD_KEY_70066=sleep # Fn+F1
|
||||
KEYBOARD_KEY_700f6=wlan # Fn+F2
|
||||
KEYBOARD_KEY_700c7=f21 # Fn+F3 touchpad toggle
|
||||
KEYBOARD_KEY_7006f=brightnessdown # Fn+F7
|
||||
KEYBOARD_KEY_70070=brightnessup # Fn+F8
|
||||
KEYBOARD_KEY_7006e=switchvideomode # Fn+F9
|
||||
|
||||
###########################################################
|
||||
# OLPC
|
||||
###########################################################
|
||||
|
|
|
@ -41,11 +41,15 @@
|
|||
#
|
||||
# Allowed properties are:
|
||||
# ACCEL_MOUNT_MATRIX=<matrix>
|
||||
# PROXIMITY_NEAR_LEVEL=<value>
|
||||
#
|
||||
# where <matrix> is a mount-matrix in the format specified in the IIO
|
||||
# subsystem[1]. The default, when unset, is equivalent to:
|
||||
# ACCEL_MOUNT_MATRIX=1, 0, 0; 0, 1, 0; 0, 0, 1
|
||||
# eg. the identity matrix.
|
||||
# and <value> is an integer value above which an object is considered
|
||||
# close by a proximity sensor:
|
||||
# PROXIMITY_NEAR_LEVEL=100
|
||||
#
|
||||
# [1]: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dfc57732ad38f93ae6232a3b4e64fd077383a0f1
|
||||
#
|
||||
|
|
|
@ -128,6 +128,7 @@ def property_grammar():
|
|||
('KEYBOARD_LED_CAPSLOCK', Literal('0')),
|
||||
('ACCEL_MOUNT_MATRIX', mount_matrix),
|
||||
('ACCEL_LOCATION', Or(('display', 'base'))),
|
||||
('PROXIMITY_NEAR_LEVEL', INTEGER),
|
||||
)
|
||||
fixed_props = [Literal(name)('NAME') - Suppress('=') - val('VALUE')
|
||||
for name, val in props]
|
||||
|
|
|
@ -350,9 +350,9 @@
|
|||
<varname>TTYPath=</varname>, described below.</para>
|
||||
|
||||
<para>When forwarding to the kernel log buffer (kmsg), make sure to select a suitably large size for
|
||||
the log buffer, and ensure the kernel's rate-limiting applied to userspace processes is turned
|
||||
off. Specifically, add <literal>log_buf_len=8M</literal> and <literal>printk.devkmsg=on</literal> (or
|
||||
similar) to the kernel command line.</para></listitem>
|
||||
the log buffer, for example by adding <literal>log_buf_len=8M</literal> to the kernel command line.
|
||||
<command>systemd</command> will automatically disable kernel's rate-limiting applied to userspace
|
||||
processes (equivalent to setting <literal>printk.devkmsg=on</literal>).</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
|
|
|
@ -135,7 +135,8 @@
|
|||
the service manager are seen by it.</para>
|
||||
|
||||
<para>If <option>--now</option> and/or <option>--enable</option> are passed, the portable service(s) are
|
||||
immediately started and/or enabled after attaching the image.</para>
|
||||
immediately started (blocking operation unless <option>--no-block</option> is passed) and/or enabled after
|
||||
attaching the image.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
|
@ -150,8 +151,8 @@
|
|||
<command>detach</command>.</para></listitem>
|
||||
|
||||
<para>If <option>--now</option> and/or <option>--enable</option> are passed, the portable service(s) are
|
||||
immediately started and/or enabled before detaching the image. Prefix(es) are also accepted, to be used in
|
||||
case the unit names do not match the image name as described in the <command>attach</command>.</para>
|
||||
immediately stopped (blocking operation) and/or disabled before detaching the image. Prefix(es) are also accepted,
|
||||
to be used in case the unit names do not match the image name as described in the <command>attach</command>.</para>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
|
@ -330,6 +331,12 @@
|
|||
<listitem><para>Immediately start/stop the portable service after attaching/before detaching.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>--no-block</option></term>
|
||||
|
||||
<listitem><para>Don't block waiting for attach --now to complete.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<xi:include href="user-system-options.xml" xpointer="host" />
|
||||
<xi:include href="user-system-options.xml" xpointer="machine" />
|
||||
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
<?xml version='1.0'?>
|
||||
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
|
||||
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
|
||||
<!ENTITY fedora_latest_version "30">
|
||||
<!ENTITY fedora_cloud_release "1.2">
|
||||
<!ENTITY fedora_latest_version "31">
|
||||
<!ENTITY fedora_cloud_release "1.9">
|
||||
]>
|
||||
<!-- SPDX-License-Identifier: LGPL-2.1+ -->
|
||||
|
||||
|
@ -1378,7 +1378,7 @@
|
|||
|
||||
<programlisting># dnf -y --releasever=&fedora_latest_version; --installroot=/var/lib/machines/f&fedora_latest_version; \
|
||||
--disablerepo='*' --enablerepo=fedora --enablerepo=updates install \
|
||||
systemd passwd dnf fedora-release vim-minimal
|
||||
systemd passwd dnf fedora-release vim-minimal glibc-minimal-langpack
|
||||
# systemd-nspawn -bD /var/lib/machines/f&fedora_latest_version;</programlisting>
|
||||
|
||||
<para>This installs a minimal Fedora distribution into the
|
||||
|
|
|
@ -26,8 +26,11 @@
|
|||
<refsect1>
|
||||
<title>Description</title>
|
||||
|
||||
<para>Network link configuration is performed by the
|
||||
<command>net_setup_link</command> udev builtin.</para>
|
||||
<para>A plain ini-style text file that encodes configuration for matching network devices, used by
|
||||
<citerefentry><refentrytitle>systemd-udev</refentrytitle><manvolnum>8</manvolnum></citerefentry> and in
|
||||
particular its <command>net_setup_link</command> builtin. See
|
||||
<citerefentry><refentrytitle>systemd.syntax</refentrytitle><manvolnum>5</manvolnum></citerefentry> for a
|
||||
general description of the syntax.</para>
|
||||
|
||||
<para>The link files are read from the files located in the system
|
||||
network directory <filename>/usr/lib/systemd/network</filename>,
|
||||
|
|
|
@ -27,9 +27,10 @@
|
|||
<refsect1>
|
||||
<title>Description</title>
|
||||
|
||||
<para>Network setup is performed by
|
||||
<para>A plain ini-style text file that encodes configuration about a virtual network device, used by
|
||||
<citerefentry><refentrytitle>systemd-networkd</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
|
||||
</para>
|
||||
See <citerefentry><refentrytitle>systemd.syntax</refentrytitle><manvolnum>5</manvolnum></citerefentry>
|
||||
for a general description of the syntax.</para>
|
||||
|
||||
<para>The main Virtual Network Device file must have the extension <filename>.netdev</filename>;
|
||||
other extensions are ignored. Virtual network devices are created as soon as networkd is
|
||||
|
|
|
@ -28,9 +28,11 @@
|
|||
<refsect1>
|
||||
<title>Description</title>
|
||||
|
||||
<para>Network setup is performed by
|
||||
<para>A plain ini-style text file that encodes network configuration for matching network interfaces,
|
||||
used by
|
||||
<citerefentry><refentrytitle>systemd-networkd</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
|
||||
</para>
|
||||
See <citerefentry><refentrytitle>systemd.syntax</refentrytitle><manvolnum>5</manvolnum></citerefentry>
|
||||
for a general description of the syntax.</para>
|
||||
|
||||
<para>The main network file must have the extension <filename>.network</filename>; other
|
||||
extensions are ignored. Networks are applied to links whenever the links appear.</para>
|
||||
|
@ -514,13 +516,14 @@
|
|||
<varlistentry>
|
||||
<term><varname>Domains=</varname></term>
|
||||
<listitem>
|
||||
<para>A list of domains which should be resolved using the DNS servers on this link. Each item in the list
|
||||
should be a domain name, optionally prefixed with a tilde (<literal>~</literal>). The domains with the
|
||||
prefix are called "routing-only domains". The domains without the prefix are called "search domains" and
|
||||
are first used as search suffixes for extending single-label host names (host names containing no dots) to
|
||||
become fully qualified domain names (FQDNs). If a single-label host name is resolved on this interface,
|
||||
each of the specified search domains are appended to it in turn, converting it into a fully qualified
|
||||
domain name, until one of them may be successfully resolved.</para>
|
||||
<para>A whitespace-separated list of domains which should be resolved using the DNS servers on
|
||||
this link. Each item in the list should be a domain name, optionally prefixed with a tilde
|
||||
(<literal>~</literal>). The domains with the prefix are called "routing-only domains". The
|
||||
domains without the prefix are called "search domains" and are first used as search suffixes for
|
||||
extending single-label host names (host names containing no dots) to become fully qualified
|
||||
domain names (FQDNs). If a single-label host name is resolved on this interface, each of the
|
||||
specified search domains are appended to it in turn, converting it into a fully qualified domain
|
||||
name, until one of them may be successfully resolved.</para>
|
||||
|
||||
<para>Both "search" and "routing-only" domains are used for routing of DNS queries: look-ups for host names
|
||||
ending in those domains (hence also single label names, if any "search domains" are listed), are routed to
|
||||
|
@ -613,10 +616,12 @@
|
|||
</varlistentry>
|
||||
<varlistentry>
|
||||
<term><varname>IPv6AcceptRA=</varname></term>
|
||||
<listitem><para>Takes a boolean. Controls IPv6 Router Advertisement (RA) reception support
|
||||
for the interface. If true, RAs are accepted; if false, RAs are ignored, independently of the
|
||||
local forwarding state. When RAs are accepted, they may trigger the start of the DHCPv6
|
||||
client if the relevant flags are set in the RA data, or if no routers are found on the link.</para>
|
||||
<listitem><para>Takes a boolean. Controls IPv6 Router Advertisement (RA) reception support for the
|
||||
interface. If true, RAs are accepted; if false, RAs are ignored. When RAs are accepted, they may
|
||||
trigger the start of the DHCPv6 client if the relevant flags are set in the RA data, or if no
|
||||
routers are found on the link. The default is to disable RA reception for bridge devices or when IP
|
||||
forwarding is enabled, and to enable it otherwise. Cannot be enabled on bond devices and when link
|
||||
local adressing is disabled.</para>
|
||||
|
||||
<para>Further settings for the IPv6 RA support may be configured in the
|
||||
<literal>[IPv6AcceptRA]</literal> section, see below.</para>
|
||||
|
|
|
@ -46,6 +46,15 @@
|
|||
<citerefentry><refentrytitle>systemd.nspawn</refentrytitle><manvolnum>5</manvolnum></citerefentry>
|
||||
</para></listitem>
|
||||
|
||||
<listitem><para>link files, see
|
||||
<citerefentry><refentrytitle>systemd.link</refentrytitle><manvolnum>5</manvolnum></citerefentry>
|
||||
</para></listitem>
|
||||
|
||||
<listitem><para>netdev and network files, see
|
||||
<citerefentry><refentrytitle>systemd.netdev</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>systemd.network</refentrytitle><manvolnum>5</manvolnum></citerefentry>
|
||||
</para></listitem>
|
||||
|
||||
<listitem><para>daemon config files, see
|
||||
<citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>systemd-user.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
|
||||
|
|
378
po/ru.po
378
po/ru.po
|
@ -1,22 +1,24 @@
|
|||
# SPDX-License-Identifier: LGPL-2.1+
|
||||
#
|
||||
# translation of ru.po to Rissian
|
||||
#
|
||||
# Julia Dronova <juliette.tux@gmail.com>, 2013.
|
||||
# Sergey Ptashnick <0comffdiz@inbox.ru>, 2013-2018.
|
||||
#
|
||||
# Vladimir Yerilov <openmindead@gmail.com>, 2020.
|
||||
msgid ""
|
||||
msgstr ""
|
||||
"Project-Id-Version: systemd\n"
|
||||
"Report-Msgid-Bugs-To: https://github.com/systemd/systemd/issues\n"
|
||||
"POT-Creation-Date: 2015-11-22 16:37+0100\n"
|
||||
"PO-Revision-Date: 2018-09-01 18:46+0300\n"
|
||||
"Last-Translator: Sergey Ptashnick <0comffdiz@inbox.ru>\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2020-03-03 00:56+1000\n"
|
||||
"PO-Revision-Date: 2020-03-03 16:05+1000\n"
|
||||
"Last-Translator: Vladimir Yerilov <openmindead@gmail.com>\n"
|
||||
"Language: ru\n"
|
||||
"MIME-Version: 1.0\n"
|
||||
"Content-Type: text/plain; charset=UTF-8\n"
|
||||
"Content-Transfer-Encoding: 8bit\n"
|
||||
"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n"
|
||||
"%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2)\n"
|
||||
"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<"
|
||||
"=4 && (n%100<10 || n%100>=20) ? 1 : 2)\n"
|
||||
"X-Generator: Lokalize 19.12.2\n"
|
||||
|
||||
#: src/core/org.freedesktop.systemd1.policy.in:22
|
||||
msgid "Send passphrase back to system"
|
||||
|
@ -69,6 +71,68 @@ msgstr ""
|
|||
"Чтобы заставить systemd перечитать конфигурацию, необходимо пройти "
|
||||
"аутентификацию."
|
||||
|
||||
#: src/home/org.freedesktop.home1.policy:13
|
||||
msgid "Create a home area"
|
||||
msgstr "Создать домашнее пространство"
|
||||
|
||||
#: src/home/org.freedesktop.home1.policy:14
|
||||
msgid "Authentication is required to create a user's home area."
|
||||
msgstr ""
|
||||
"Чтобы создать домашнее пространство пользователя, необходимо пройти"
|
||||
" аутентификацию."
|
||||
|
||||
#: src/home/org.freedesktop.home1.policy:23
|
||||
msgid "Remove a home area"
|
||||
msgstr "Удалить домашнее пространство"
|
||||
|
||||
#: src/home/org.freedesktop.home1.policy:24
|
||||
msgid "Authentication is required to remove a user's home area."
|
||||
msgstr ""
|
||||
"Чтобы удалить домашнее пространство пользователя, необходимо пройти"
|
||||
" аутентификацию."
|
||||
|
||||
#: src/home/org.freedesktop.home1.policy:33
|
||||
msgid "Check credentials of a home area"
|
||||
msgstr "Проверить учётные данные домашнего пространства"
|
||||
|
||||
#: src/home/org.freedesktop.home1.policy:34
|
||||
msgid ""
|
||||
"Authentication is required to check credentials against a user's home area."
|
||||
msgstr ""
|
||||
"Чтобы проверить учётные данные для домашнего пространства пользователя,"
|
||||
" необходимо пройти аутентификацию."
|
||||
|
||||
#: src/home/org.freedesktop.home1.policy:43
|
||||
msgid "Update a home area"
|
||||
msgstr "Обновить домашнее пространство"
|
||||
|
||||
#: src/home/org.freedesktop.home1.policy:44
|
||||
msgid "Authentication is required to update a user's home area."
|
||||
msgstr ""
|
||||
"Чтобы обновить домашнее пространство пользователя, необходимо пройти"
|
||||
" аутентификацию."
|
||||
|
||||
#: src/home/org.freedesktop.home1.policy:53
|
||||
msgid "Resize a home area"
|
||||
msgstr "Изменить размер домашнего пространства"
|
||||
|
||||
#: src/home/org.freedesktop.home1.policy:54
|
||||
msgid "Authentication is required to resize a user's home area."
|
||||
msgstr ""
|
||||
"Чтобы изменить размер домашнего пространства пользователя, необходимо пройти"
|
||||
" аутентификацию."
|
||||
|
||||
#: src/home/org.freedesktop.home1.policy:63
|
||||
msgid "Change password of a home area"
|
||||
msgstr "Изменить пароль для домашнего пространства"
|
||||
|
||||
#: src/home/org.freedesktop.home1.policy:64
|
||||
msgid ""
|
||||
"Authentication is required to change the password of a user's home area."
|
||||
msgstr ""
|
||||
"Чтобы изменить пароль для домашнего пространства пользователя, необходимо"
|
||||
" пройти аутентификацию."
|
||||
|
||||
#: src/hostname/org.freedesktop.hostname1.policy:20
|
||||
msgid "Set host name"
|
||||
msgstr "Настроить имя компьютера"
|
||||
|
@ -266,8 +330,7 @@ msgstr ""
|
|||
|
||||
#: src/login/org.freedesktop.login1.policy:117
|
||||
msgid "Allow non-logged-in user to run programs"
|
||||
msgstr ""
|
||||
"Разрешить работу программ в фоновом режиме после завершения сеанса"
|
||||
msgstr "Разрешить работу программ в фоновом режиме после завершения сеанса"
|
||||
|
||||
#: src/login/org.freedesktop.login1.policy:118
|
||||
msgid "Explicit request is required to run programs as a non-logged-in user."
|
||||
|
@ -302,8 +365,7 @@ msgid "Flush device to seat attachments"
|
|||
msgstr "Сбросить привязки устройств к рабочим местам"
|
||||
|
||||
#: src/login/org.freedesktop.login1.policy:149
|
||||
msgid ""
|
||||
"Authentication is required to reset how devices are attached to seats."
|
||||
msgid "Authentication is required to reset how devices are attached to seats."
|
||||
msgstr ""
|
||||
"Чтобы сбросить привязки устройств к рабочим местам, необходимо пройти "
|
||||
"аутентификацию."
|
||||
|
@ -337,8 +399,8 @@ msgstr ""
|
|||
|
||||
#: src/login/org.freedesktop.login1.policy:181
|
||||
msgid ""
|
||||
"Authentication is required to power off the system while an application "
|
||||
"is inhibiting this."
|
||||
"Authentication is required to power off the system while an application is "
|
||||
"inhibiting this."
|
||||
msgstr ""
|
||||
"Чтобы выключить систему, несмотря на то, что приложение запросило блокировку "
|
||||
"выключения, необходимо пройти аутентификацию."
|
||||
|
@ -358,8 +420,8 @@ msgstr ""
|
|||
|
||||
#: src/login/org.freedesktop.login1.policy:203
|
||||
msgid ""
|
||||
"Authentication is required to reboot the system while other users are "
|
||||
"logged in."
|
||||
"Authentication is required to reboot the system while other users are logged "
|
||||
"in."
|
||||
msgstr ""
|
||||
"Чтобы перезагрузить систему, несмотря на то, что в ней работают другие "
|
||||
"пользователи, необходимо пройти аутентификацию."
|
||||
|
@ -372,8 +434,8 @@ msgstr ""
|
|||
|
||||
#: src/login/org.freedesktop.login1.policy:214
|
||||
msgid ""
|
||||
"Authentication is required to reboot the system while an application "
|
||||
"is inhibiting this."
|
||||
"Authentication is required to reboot the system while an application is "
|
||||
"inhibiting this."
|
||||
msgstr ""
|
||||
"Чтобы перезагрузить систему, несмотря на то, что приложение запросило "
|
||||
"блокировку выключения, необходимо пройти аутентификацию."
|
||||
|
@ -393,8 +455,8 @@ msgstr ""
|
|||
|
||||
#: src/login/org.freedesktop.login1.policy:236
|
||||
msgid ""
|
||||
"Authentication is required to halt the system while other users are "
|
||||
"logged in."
|
||||
"Authentication is required to halt the system while other users are logged "
|
||||
"in."
|
||||
msgstr ""
|
||||
"Чтобы остановить систему, несмотря на то, что в ней работают другие "
|
||||
"пользователи, необходимо пройти аутентификацию."
|
||||
|
@ -402,16 +464,16 @@ msgstr ""
|
|||
#: src/login/org.freedesktop.login1.policy:246
|
||||
msgid "Halt the system while an application is inhibiting this"
|
||||
msgstr ""
|
||||
"Остановить систему, несмотря на то, что приложение запросило блокировку "
|
||||
"Остановить систему несмотря на то, что приложение запросило блокировку "
|
||||
"выключения"
|
||||
|
||||
#: src/login/org.freedesktop.login1.policy:247
|
||||
msgid ""
|
||||
"Authentication is required to halt the system while an application asked "
|
||||
"to inhibit it."
|
||||
"Authentication is required to halt the system while an application is "
|
||||
"inhibiting this."
|
||||
msgstr ""
|
||||
"Чтобы остановить систему, несмотря на то, что приложение запросило "
|
||||
"блокировку выключения, необходимо пройти аутентификацию."
|
||||
"Чтобы остановить систему несмотря на то, что приложение запросило блокировку"
|
||||
" выключения, необходимо пройти аутентификацию."
|
||||
|
||||
#: src/login/org.freedesktop.login1.policy:257
|
||||
msgid "Suspend the system"
|
||||
|
@ -444,8 +506,8 @@ msgstr ""
|
|||
|
||||
#: src/login/org.freedesktop.login1.policy:279
|
||||
msgid ""
|
||||
"Authentication is required to suspend the system while an application "
|
||||
"is inhibiting this."
|
||||
"Authentication is required to suspend the system while an application is "
|
||||
"inhibiting this."
|
||||
msgstr ""
|
||||
"Чтобы перевести систему в ждущий режим, несмотря на то, что приложение "
|
||||
"запросило блокировку, необходимо пройти аутентификацию."
|
||||
|
@ -481,8 +543,8 @@ msgstr ""
|
|||
|
||||
#: src/login/org.freedesktop.login1.policy:311
|
||||
msgid ""
|
||||
"Authentication is required to hibernate the system while an application "
|
||||
"is inhibiting this."
|
||||
"Authentication is required to hibernate the system while an application is "
|
||||
"inhibiting this."
|
||||
msgstr ""
|
||||
"Чтобы перевести систему в спящий режим, несмотря на то, что приложение "
|
||||
"запросило блокировку, необходимо пройти аутентификацию."
|
||||
|
@ -492,8 +554,7 @@ msgid "Manage active sessions, users and seats"
|
|||
msgstr "Управление текущими сеансами, пользователями и рабочими местами"
|
||||
|
||||
#: src/login/org.freedesktop.login1.policy:322
|
||||
msgid ""
|
||||
"Authentication is required to manage active sessions, users and seats."
|
||||
msgid "Authentication is required to manage active sessions, users and seats."
|
||||
msgstr ""
|
||||
"Для управления текущими сеансами, пользователями и рабочими местами, "
|
||||
"необходимо пройти аутентификацию."
|
||||
|
@ -509,26 +570,68 @@ msgstr ""
|
|||
"аутентификацию."
|
||||
|
||||
#: src/login/org.freedesktop.login1.policy:341
|
||||
msgid "Allow indication to the firmware to boot to setup interface"
|
||||
msgstr "Разрешить загрузку в режиме настройки прошивки материнской платы"
|
||||
msgid "Set the reboot \"reason\" in the kernel"
|
||||
msgstr "Установить \"причину\" перезагрузки"
|
||||
|
||||
#: src/login/org.freedesktop.login1.policy:342
|
||||
msgid "Authentication is required to set the reboot \"reason\" in the kernel."
|
||||
msgstr ""
|
||||
"Чтобы установить \"причину\" перезагрузки, необходимо пройти аутентификацию."
|
||||
|
||||
#: src/login/org.freedesktop.login1.policy:352
|
||||
msgid "Indicate to the firmware to boot to setup interface"
|
||||
msgstr ""
|
||||
"Запустить режим настройки прошивки материнской платы при следующей загрузке"
|
||||
|
||||
#: src/login/org.freedesktop.login1.policy:353
|
||||
msgid ""
|
||||
"Authentication is required to indicate to the firmware to boot to setup "
|
||||
"interface."
|
||||
msgstr ""
|
||||
"Чтобы разрешить загрузку в режиме настройки прошивки материнской платы, "
|
||||
"Чтобы запустить режим настройки прошивки материнской платы, "
|
||||
"необходимо пройти аутентификацию."
|
||||
|
||||
#: src/login/org.freedesktop.login1.policy:351
|
||||
#: src/login/org.freedesktop.login1.policy:363
|
||||
msgid "Indicate to the boot loader to boot to the boot loader menu"
|
||||
msgstr "Отобразить меню загрузчика при следующей загрузке"
|
||||
|
||||
#: src/login/org.freedesktop.login1.policy:364
|
||||
msgid ""
|
||||
"Authentication is required to indicate to the boot loader to boot to the "
|
||||
"boot loader menu."
|
||||
msgstr ""
|
||||
"Чтобы отобразить меню загрузчика при следующей загрузке, "
|
||||
"необходимо пройти аутентификацию."
|
||||
|
||||
#: src/login/org.freedesktop.login1.policy:374
|
||||
msgid "Indicate to the boot loader to boot a specific entry"
|
||||
msgstr "Выбрать определённую загрузочную запись при следующем запуске"
|
||||
|
||||
#: src/login/org.freedesktop.login1.policy:375
|
||||
msgid ""
|
||||
"Authentication is required to indicate to the boot loader to boot into a "
|
||||
"specific boot loader entry."
|
||||
msgstr ""
|
||||
"Чтобы установить определённую загрузочную запись для загрузки, "
|
||||
"необходимо пройти аутентификацию."
|
||||
|
||||
#: src/login/org.freedesktop.login1.policy:385
|
||||
msgid "Set a wall message"
|
||||
msgstr "Отправить сообщение на все терминалы"
|
||||
|
||||
#: src/login/org.freedesktop.login1.policy:352
|
||||
#: src/login/org.freedesktop.login1.policy:386
|
||||
msgid "Authentication is required to set a wall message"
|
||||
msgstr ""
|
||||
"Чтобы отправить сообщение на все терминалы, необходимо пройти аутентификацию."
|
||||
|
||||
#: src/login/org.freedesktop.login1.policy:395
|
||||
msgid "Change Session"
|
||||
msgstr "Сменить сессию"
|
||||
|
||||
#: src/login/org.freedesktop.login1.policy:396
|
||||
msgid "Authentication is required to change the virtual terminal."
|
||||
msgstr "Чтобы сменить виртуальный терминал, необходимо пройти аутентификацию."
|
||||
|
||||
#: src/machine/org.freedesktop.machine1.policy:22
|
||||
msgid "Log into a local container"
|
||||
msgstr "Зайти в локальный контейнер"
|
||||
|
@ -609,14 +712,151 @@ msgstr ""
|
|||
"Для управления образами виртуальных машин и контейнеров, необходимо пройти "
|
||||
"аутентификацию."
|
||||
|
||||
#: src/network/org.freedesktop.network1.policy:22
|
||||
msgid "Set NTP servers"
|
||||
msgstr "Задать NTP-серверы"
|
||||
|
||||
#: src/network/org.freedesktop.network1.policy:23
|
||||
msgid "Authentication is required to set NTP servers."
|
||||
msgstr "Чтобы задать NTP-серверы, необходимо пройти аутентификацию."
|
||||
|
||||
#: src/network/org.freedesktop.network1.policy:33
|
||||
#: src/resolve/org.freedesktop.resolve1.policy:44
|
||||
msgid "Set DNS servers"
|
||||
msgstr "Задать DNS-серверы"
|
||||
|
||||
#: src/network/org.freedesktop.network1.policy:34
|
||||
#: src/resolve/org.freedesktop.resolve1.policy:45
|
||||
msgid "Authentication is required to set DNS servers."
|
||||
msgstr "Чтобы задать DNS-серверы, необходимо пройти аутентификацию."
|
||||
|
||||
#: src/network/org.freedesktop.network1.policy:44
|
||||
#: src/resolve/org.freedesktop.resolve1.policy:55
|
||||
msgid "Set domains"
|
||||
msgstr "Задать домены"
|
||||
|
||||
#: src/network/org.freedesktop.network1.policy:45
|
||||
#: src/resolve/org.freedesktop.resolve1.policy:56
|
||||
msgid "Authentication is required to set domains."
|
||||
msgstr "Чтобы задать домены, необходимо пройти аутентификацию."
|
||||
|
||||
#: src/network/org.freedesktop.network1.policy:55
|
||||
#: src/resolve/org.freedesktop.resolve1.policy:66
|
||||
msgid "Set default route"
|
||||
msgstr "Задать маршрут по умолчанию"
|
||||
|
||||
#: src/network/org.freedesktop.network1.policy:56
|
||||
#: src/resolve/org.freedesktop.resolve1.policy:67
|
||||
msgid "Authentication is required to set default route."
|
||||
msgstr "Чтобы задать маршрут по умолчанию, необходимо пройти аутентификацию."
|
||||
|
||||
#: src/network/org.freedesktop.network1.policy:66
|
||||
#: src/resolve/org.freedesktop.resolve1.policy:77
|
||||
msgid "Enable/disable LLMNR"
|
||||
msgstr "Включить/отключить LLMNR"
|
||||
|
||||
#: src/network/org.freedesktop.network1.policy:67
|
||||
#: src/resolve/org.freedesktop.resolve1.policy:78
|
||||
msgid "Authentication is required to enable or disable LLMNR."
|
||||
msgstr "Чтобы включить или отключить LLMNR, необходимо пройти аутентификацию."
|
||||
|
||||
#: src/network/org.freedesktop.network1.policy:77
|
||||
#: src/resolve/org.freedesktop.resolve1.policy:88
|
||||
msgid "Enable/disable multicast DNS"
|
||||
msgstr "Включить/отключить multicast DNS"
|
||||
|
||||
#: src/network/org.freedesktop.network1.policy:78
|
||||
#: src/resolve/org.freedesktop.resolve1.policy:89
|
||||
msgid "Authentication is required to enable or disable multicast DNS."
|
||||
msgstr ""
|
||||
"Чтобы включить или отключить multicast DNS, необходимо пройти аутентификацию."
|
||||
|
||||
#: src/network/org.freedesktop.network1.policy:88
|
||||
#: src/resolve/org.freedesktop.resolve1.policy:99
|
||||
msgid "Enable/disable DNS over TLS"
|
||||
msgstr "Включить/отключить DNS поверх TLS"
|
||||
|
||||
#: src/network/org.freedesktop.network1.policy:89
|
||||
#: src/resolve/org.freedesktop.resolve1.policy:100
|
||||
msgid "Authentication is required to enable or disable DNS over TLS."
|
||||
msgstr ""
|
||||
"Чтобы включить или отключить DNS поверх TLS, необходимо пройти аутентификацию."
|
||||
|
||||
#: src/network/org.freedesktop.network1.policy:99
|
||||
#: src/resolve/org.freedesktop.resolve1.policy:110
|
||||
msgid "Enable/disable DNSSEC"
|
||||
msgstr "Включить/отключить DNSSEC"
|
||||
|
||||
#: src/network/org.freedesktop.network1.policy:100
|
||||
#: src/resolve/org.freedesktop.resolve1.policy:111
|
||||
msgid "Authentication is required to enable or disable DNSSEC."
|
||||
msgstr "Чтобы включить или отключить DNSSEC, необходимо пройти аутентификацию."
|
||||
|
||||
#: src/network/org.freedesktop.network1.policy:110
|
||||
#: src/resolve/org.freedesktop.resolve1.policy:121
|
||||
msgid "Set DNSSEC Negative Trust Anchors"
|
||||
msgstr "Задать DNSSEC Negative Trust Anchors"
|
||||
|
||||
#: src/network/org.freedesktop.network1.policy:111
|
||||
#: src/resolve/org.freedesktop.resolve1.policy:122
|
||||
msgid "Authentication is required to set DNSSEC Negative Trust Anchors."
|
||||
msgstr ""
|
||||
"Чтобы задать DNSSEC Negative Trust Anchors, необходимо пройти аутентификацию."
|
||||
|
||||
#: src/network/org.freedesktop.network1.policy:121
|
||||
msgid "Revert NTP settings"
|
||||
msgstr "Восстановить настройки NTP по умолчанию"
|
||||
|
||||
#: src/network/org.freedesktop.network1.policy:122
|
||||
msgid "Authentication is required to reset NTP settings."
|
||||
msgstr ""
|
||||
"Чтобы сбросить локальные настройки NTP, необходимо пройти аутентификацию."
|
||||
|
||||
#: src/network/org.freedesktop.network1.policy:132
|
||||
msgid "Revert DNS settings"
|
||||
msgstr "Восстановить настройки DNS по умолчанию"
|
||||
|
||||
#: src/network/org.freedesktop.network1.policy:133
|
||||
msgid "Authentication is required to reset DNS settings."
|
||||
msgstr ""
|
||||
"Чтобы сбросить локальные настройки DNS, необходимо пройти аутентификацию."
|
||||
|
||||
#: src/network/org.freedesktop.network1.policy:143
|
||||
msgid "Renew dynamic addresses"
|
||||
msgstr "Обновить динамические адреса"
|
||||
|
||||
#: src/network/org.freedesktop.network1.policy:144
|
||||
msgid "Authentication is required to renew dynamic addresses."
|
||||
msgstr "Чтобы обновить динамические адреса, необходимо пройти аутентификацию."
|
||||
|
||||
#: src/network/org.freedesktop.network1.policy:154
|
||||
msgid "Reload network settings"
|
||||
msgstr "Перечитать настройки сети"
|
||||
|
||||
#: src/network/org.freedesktop.network1.policy:155
|
||||
msgid "Authentication is required to reload network settings."
|
||||
msgstr ""
|
||||
"Чтобы заставить systemd перечитать настройки сети, необходимо пройти "
|
||||
"аутентификацию."
|
||||
|
||||
#: src/network/org.freedesktop.network1.policy:165
|
||||
msgid "Reconfigure network interface"
|
||||
msgstr "Изменить конфигурацию сетевого интерфейса"
|
||||
|
||||
#: src/network/org.freedesktop.network1.policy:166
|
||||
msgid "Authentication is required to reconfigure network interface."
|
||||
msgstr ""
|
||||
"Чтобы изменить конфигурацию сетевого интерфейса, необходимо пройти"
|
||||
" аутентификацию."
|
||||
|
||||
#: src/portable/org.freedesktop.portable1.policy:13
|
||||
msgid "Inspect a portable service image"
|
||||
msgstr "Прочитать образ переносимой службы"
|
||||
|
||||
#: src/portable/org.freedesktop.portable1.policy:14
|
||||
msgid "Authentication is required to inspect a portable service image."
|
||||
msgstr "Чтобы прочитать образ переносимой службы, необходимо пройти "
|
||||
"аутентификацию."
|
||||
msgstr ""
|
||||
"Чтобы прочитать образ переносимой службы, необходимо пройти аутентификацию."
|
||||
|
||||
#: src/portable/org.freedesktop.portable1.policy:23
|
||||
msgid "Attach or detach a portable service image"
|
||||
|
@ -625,8 +865,9 @@ msgstr "Подключить или отключить образ перенос
|
|||
#: src/portable/org.freedesktop.portable1.policy:24
|
||||
msgid ""
|
||||
"Authentication is required to attach or detach a portable service image."
|
||||
msgstr "Чтобы подключить или отключить образ переносимой службы, необходимо "
|
||||
"пройти аутентификацию."
|
||||
msgstr ""
|
||||
"Чтобы подключить или отключить образ переносимой службы, необходимо пройти "
|
||||
"аутентификацию."
|
||||
|
||||
#: src/portable/org.freedesktop.portable1.policy:34
|
||||
msgid "Delete or modify portable service image"
|
||||
|
@ -645,8 +886,8 @@ msgstr "Зарегистрировать службу в DNS-SD"
|
|||
|
||||
#: src/resolve/org.freedesktop.resolve1.policy:23
|
||||
msgid "Authentication is required to register a DNS-SD service"
|
||||
msgstr "Чтобы зарегистрировать службу в DNS-SD, необходимо пройти "
|
||||
"аутентификацию."
|
||||
msgstr ""
|
||||
"Чтобы зарегистрировать службу в DNS-SD, необходимо пройти аутентификацию."
|
||||
|
||||
#: src/resolve/org.freedesktop.resolve1.policy:33
|
||||
msgid "Unregister a DNS-SD service"
|
||||
|
@ -656,6 +897,15 @@ msgstr "Удалить службу из DNS-SD"
|
|||
msgid "Authentication is required to unregister a DNS-SD service"
|
||||
msgstr "Чтобы удалить службу из DNS-SD, необходимо пройти аутентификацию."
|
||||
|
||||
#: src/resolve/org.freedesktop.resolve1.policy:132
|
||||
msgid "Revert name resolution settings"
|
||||
msgstr "Вернуть настройки разрешения имён по умолчанию"
|
||||
|
||||
#: src/resolve/org.freedesktop.resolve1.policy:133
|
||||
msgid "Authentication is required to reset name resolution settings."
|
||||
msgstr ""
|
||||
"Чтобы сбросить настройки разрешения имён, необходимо пройти аутентификацию."
|
||||
|
||||
#: src/timedate/org.freedesktop.timedate1.policy:22
|
||||
msgid "Set system time"
|
||||
msgstr "Настроить системное время"
|
||||
|
@ -696,49 +946,47 @@ msgstr ""
|
|||
"Чтобы включить или выключить синхронизацию времени по сети, необходимо "
|
||||
"пройти аутентификацию."
|
||||
|
||||
#: src/core/dbus-unit.c:326
|
||||
#: src/core/dbus-unit.c:356
|
||||
msgid "Authentication is required to start '$(unit)'."
|
||||
msgstr "Чтобы запустить «$(unit)», необходимо пройти аутентификацию."
|
||||
|
||||
#: src/core/dbus-unit.c:327
|
||||
#: src/core/dbus-unit.c:357
|
||||
msgid "Authentication is required to stop '$(unit)'."
|
||||
msgstr "Чтобы остановить «$(unit)», необходимо пройти аутентификацию."
|
||||
|
||||
#: src/core/dbus-unit.c:328
|
||||
#: src/core/dbus-unit.c:358
|
||||
msgid "Authentication is required to reload '$(unit)'."
|
||||
msgstr ""
|
||||
"Чтобы заставить «$(unit)» перечитать конфигурацию, необходимо пройти "
|
||||
"аутентификацию."
|
||||
|
||||
#: src/core/dbus-unit.c:329 src/core/dbus-unit.c:330
|
||||
#: src/core/dbus-unit.c:359 src/core/dbus-unit.c:360
|
||||
msgid "Authentication is required to restart '$(unit)'."
|
||||
msgstr "Чтобы перезапустить «$(unit)», необходимо пройти аутентификацию."
|
||||
|
||||
#: src/core/dbus-unit.c:437
|
||||
msgid "Authentication is required to kill '$(unit)'."
|
||||
msgstr "Чтобы убить юнит «$(unit)», необходимо пройти аутентификацию."
|
||||
#: src/core/dbus-unit.c:532
|
||||
msgid ""
|
||||
"Authentication is required to send a UNIX signal to the processes of "
|
||||
"'$(unit)'."
|
||||
msgstr ""
|
||||
"Чтобы отправить сигнал UNIX процессам юнита «$(unit)», необходимо пройти"
|
||||
" аутентификацию."
|
||||
|
||||
#: src/core/dbus-unit.c:468
|
||||
#: src/core/dbus-unit.c:563
|
||||
msgid "Authentication is required to reset the \"failed\" state of '$(unit)'."
|
||||
msgstr ""
|
||||
"Чтобы сбросить состояние «failed» у юнита «$(unit)», необходимо пройти "
|
||||
"аутентификацию."
|
||||
|
||||
#: src/core/dbus-unit.c:501
|
||||
#: src/core/dbus-unit.c:596
|
||||
msgid "Authentication is required to set properties on '$(unit)'."
|
||||
msgstr "Чтобы изменить параметры юнита «$(unit)», необходимо пройти "
|
||||
"аутентификацию."
|
||||
msgstr ""
|
||||
"Чтобы изменить параметры юнита «$(unit)», необходимо пройти аутентификацию."
|
||||
|
||||
#~ msgid "Press Ctrl+C to cancel all filesystem checks in progress"
|
||||
#~ msgstr ""
|
||||
#~ "Чтобы прервать все запущенные проверки файловых систем, нажмите Ctrl+C"
|
||||
|
||||
# There is no difference between "на 2 дисках" (plural==1) and "на 5 дисках" (plural==2)
|
||||
#~ msgid "Checking in progress on %d disk (%3.1f%% complete)"
|
||||
#~ msgid_plural "Checking in progress on %d disks (%3.1f%% complete)"
|
||||
#~ msgstr[0] ""
|
||||
#~ "Проверяется целостность файловой системы на %d диске (выполнено %3.1f%%)"
|
||||
#~ msgstr[1] ""
|
||||
#~ "Проверяется целостность файловых систем на %d дисках (выполнено %3.1f%%)"
|
||||
#~ msgstr[2] ""
|
||||
#~ "Проверяется целостность файловых систем на %d дисках (выполнено %3.1f%%)"
|
||||
#: src/core/dbus-unit.c:705
|
||||
msgid ""
|
||||
"Authentication is required to delete files and directories associated with "
|
||||
"'$(unit)'."
|
||||
msgstr ""
|
||||
"Чтобы удалить файлы и директории, относящиеся к юниту «$(unit)», необходимо"
|
||||
" пройти аутентификацию."
|
||||
|
|
|
@ -272,6 +272,52 @@ int fchmod_and_chown(int fd, mode_t mode, uid_t uid, gid_t gid) {
|
|||
return do_chown || do_chmod;
|
||||
}
|
||||
|
||||
int chmod_and_chown_unsafe(const char *path, mode_t mode, uid_t uid, gid_t gid) {
|
||||
bool do_chown, do_chmod;
|
||||
struct stat st;
|
||||
|
||||
assert(path);
|
||||
|
||||
/* Change ownership and access mode of the specified path, see description of fchmod_and_chown().
|
||||
* Should only be used on trusted paths. */
|
||||
|
||||
if (lstat(path, &st) < 0)
|
||||
return -errno;
|
||||
|
||||
do_chown =
|
||||
(uid != UID_INVALID && st.st_uid != uid) ||
|
||||
(gid != GID_INVALID && st.st_gid != gid);
|
||||
|
||||
do_chmod =
|
||||
!S_ISLNK(st.st_mode) && /* chmod is not defined on symlinks */
|
||||
((mode != MODE_INVALID && ((st.st_mode ^ mode) & 07777) != 0) ||
|
||||
do_chown); /* If we change ownership, make sure we reset the mode afterwards, since chown()
|
||||
* modifies the access mode too */
|
||||
|
||||
if (mode == MODE_INVALID)
|
||||
mode = st.st_mode; /* If we only shall do a chown(), save original mode, since chown() might break it. */
|
||||
else if ((mode & S_IFMT) != 0 && ((mode ^ st.st_mode) & S_IFMT) != 0)
|
||||
return -EINVAL; /* insist on the right file type if it was specified */
|
||||
|
||||
if (do_chown && do_chmod) {
|
||||
mode_t minimal = st.st_mode & mode; /* the subset of the old and the new mask */
|
||||
|
||||
if (((minimal ^ st.st_mode) & 07777) != 0)
|
||||
if (chmod(path, minimal & 07777) < 0)
|
||||
return -errno;
|
||||
}
|
||||
|
||||
if (do_chown)
|
||||
if (lchown(path, uid, gid) < 0)
|
||||
return -errno;
|
||||
|
||||
if (do_chmod)
|
||||
if (chmod(path, mode & 07777) < 0)
|
||||
return -errno;
|
||||
|
||||
return do_chown || do_chmod;
|
||||
}
|
||||
|
||||
int fchmod_umask(int fd, mode_t m) {
|
||||
mode_t u;
|
||||
int r;
|
||||
|
|
|
@ -34,6 +34,7 @@ int readlink_and_make_absolute(const char *p, char **r);
|
|||
|
||||
int chmod_and_chown(const char *path, mode_t mode, uid_t uid, gid_t gid);
|
||||
int fchmod_and_chown(int fd, mode_t mode, uid_t uid, gid_t gid);
|
||||
int chmod_and_chown_unsafe(const char *path, mode_t mode, uid_t uid, gid_t gid);
|
||||
|
||||
int fchmod_umask(int fd, mode_t mode);
|
||||
int fchmod_opath(int fd, mode_t m);
|
||||
|
|
|
@ -233,6 +233,9 @@ int mac_selinux_get_create_label_from_exe(const char *exe, char **label) {
|
|||
return -errno;
|
||||
|
||||
sclass = string_to_security_class("process");
|
||||
if (sclass == 0)
|
||||
return -ENOSYS;
|
||||
|
||||
r = security_compute_create_raw(mycon, fcon, sclass, label);
|
||||
if (r < 0)
|
||||
return -errno;
|
||||
|
@ -312,6 +315,9 @@ int mac_selinux_get_child_mls_label(int socket_fd, const char *exe, const char *
|
|||
return -ENOMEM;
|
||||
|
||||
sclass = string_to_security_class("process");
|
||||
if (sclass == 0)
|
||||
return -ENOSYS;
|
||||
|
||||
r = security_compute_create_raw(mycon, fcon, sclass, label);
|
||||
if (r < 0)
|
||||
return -errno;
|
||||
|
|
|
@ -127,7 +127,8 @@ int bus_property_get_triggered_unit(sd_bus *bus, const char *path, const char *i
|
|||
if (!UNIT_WRITE_FLAGS_NOOP(flags)) { \
|
||||
*p = (cast_type) v; \
|
||||
unit_write_settingf(u, flags, name, \
|
||||
"%s=%s", name, s); \
|
||||
"%s=%s", \
|
||||
name, strempty(s)); \
|
||||
} \
|
||||
\
|
||||
return 1; \
|
||||
|
|
|
@ -4881,7 +4881,7 @@ void exec_context_dump(const ExecContext *c, FILE* f, const char *prefix) {
|
|||
r = namespace_flags_to_string(c->restrict_namespaces, &s);
|
||||
if (r >= 0)
|
||||
fprintf(f, "%sRestrictNamespaces: %s\n",
|
||||
prefix, s);
|
||||
prefix, strna(s));
|
||||
}
|
||||
|
||||
if (c->network_namespace_path)
|
||||
|
|
|
@ -9,6 +9,7 @@
|
|||
#include "bus-error.h"
|
||||
#include "bus-unit-util.h"
|
||||
#include "bus-util.h"
|
||||
#include "bus-wait-for-jobs.h"
|
||||
#include "def.h"
|
||||
#include "dirent-util.h"
|
||||
#include "env-file.h"
|
||||
|
@ -42,6 +43,7 @@ static BusTransport arg_transport = BUS_TRANSPORT_LOCAL;
|
|||
static const char *arg_host = NULL;
|
||||
static bool arg_enable = false;
|
||||
static bool arg_now = false;
|
||||
static bool arg_no_block = false;
|
||||
|
||||
static int determine_image(const char *image, bool permit_non_existing, char **ret) {
|
||||
int r;
|
||||
|
@ -445,7 +447,7 @@ static int maybe_enable_disable(sd_bus *bus, const char *path, bool enable) {
|
|||
return 0;
|
||||
}
|
||||
|
||||
static int maybe_start_stop(sd_bus *bus, const char *path, bool start) {
|
||||
static int maybe_start_stop(sd_bus *bus, const char *path, bool start, BusWaitForJobs *wait) {
|
||||
_cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
|
||||
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
|
||||
char *name = (char *)basename(path), *job = NULL;
|
||||
|
@ -476,15 +478,29 @@ static int maybe_start_stop(sd_bus *bus, const char *path, bool start) {
|
|||
if (!arg_quiet)
|
||||
log_info("Queued %s to %s portable service %s.", job, start ? "start" : "stop", name);
|
||||
|
||||
if (wait) {
|
||||
r = bus_wait_for_jobs_add(wait, job);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to watch %s job for %s %s: %m",
|
||||
job, start ? "starting" : "stopping", name);
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int maybe_enable_start(sd_bus *bus, sd_bus_message *reply) {
|
||||
_cleanup_(bus_wait_for_jobs_freep) BusWaitForJobs *wait = NULL;
|
||||
int r;
|
||||
|
||||
if (!arg_enable && !arg_now)
|
||||
return 0;
|
||||
|
||||
if (!arg_no_block) {
|
||||
r = bus_wait_for_jobs_new(bus, &wait);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Could not watch jobs: %m");
|
||||
}
|
||||
|
||||
r = sd_bus_message_rewind(reply, true);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
@ -503,7 +519,7 @@ static int maybe_enable_start(sd_bus *bus, sd_bus_message *reply) {
|
|||
|
||||
if (STR_IN_SET(type, "symlink", "copy") && ENDSWITH_SET(path, ".service", ".target", ".socket")) {
|
||||
(void) maybe_enable_disable(bus, path, true);
|
||||
(void) maybe_start_stop(bus, path, true);
|
||||
(void) maybe_start_stop(bus, path, true, wait);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -511,10 +527,17 @@ static int maybe_enable_start(sd_bus *bus, sd_bus_message *reply) {
|
|||
if (r < 0)
|
||||
return r;
|
||||
|
||||
if (!arg_no_block) {
|
||||
r = bus_wait_for_jobs(wait, arg_quiet, NULL);
|
||||
if (r < 0)
|
||||
return r;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int maybe_stop_disable(sd_bus *bus, char *image, char *argv[]) {
|
||||
_cleanup_(bus_wait_for_jobs_freep) BusWaitForJobs *wait = NULL;
|
||||
_cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL, *reply = NULL;
|
||||
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
|
||||
_cleanup_strv_free_ char **matches = NULL;
|
||||
|
@ -527,6 +550,10 @@ static int maybe_stop_disable(sd_bus *bus, char *image, char *argv[]) {
|
|||
if (r < 0)
|
||||
return r;
|
||||
|
||||
r = bus_wait_for_jobs_new(bus, &wait);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Could not watch jobs: %m");
|
||||
|
||||
r = sd_bus_message_new_method_call(
|
||||
bus,
|
||||
&m,
|
||||
|
@ -578,7 +605,7 @@ static int maybe_stop_disable(sd_bus *bus, char *image, char *argv[]) {
|
|||
if (r < 0)
|
||||
return bus_log_parse_error(r);
|
||||
|
||||
(void) maybe_start_stop(bus, name, false);
|
||||
(void) maybe_start_stop(bus, name, false, wait);
|
||||
(void) maybe_enable_disable(bus, name, false);
|
||||
}
|
||||
|
||||
|
@ -586,6 +613,11 @@ static int maybe_stop_disable(sd_bus *bus, char *image, char *argv[]) {
|
|||
if (r < 0)
|
||||
return bus_log_parse_error(r);
|
||||
|
||||
/* Stopping must always block or the detach will fail if the unit is still running */
|
||||
r = bus_wait_for_jobs(wait, arg_quiet, NULL);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
@ -997,6 +1029,7 @@ static int help(int argc, char *argv[], void *userdata) {
|
|||
" after attach/detach\n"
|
||||
" --now Immediately start/stop the portable service after\n"
|
||||
" attach/before detach\n"
|
||||
" --no-block Don't block waiting for attach --now to complete\n"
|
||||
"\nSee the %s for details.\n"
|
||||
, program_invocation_short_name
|
||||
, ansi_highlight()
|
||||
|
@ -1020,6 +1053,7 @@ static int parse_argv(int argc, char *argv[]) {
|
|||
ARG_CAT,
|
||||
ARG_ENABLE,
|
||||
ARG_NOW,
|
||||
ARG_NO_BLOCK,
|
||||
};
|
||||
|
||||
static const struct option options[] = {
|
||||
|
@ -1038,6 +1072,7 @@ static int parse_argv(int argc, char *argv[]) {
|
|||
{ "cat", no_argument, NULL, ARG_CAT },
|
||||
{ "enable", no_argument, NULL, ARG_ENABLE },
|
||||
{ "now", no_argument, NULL, ARG_NOW },
|
||||
{ "no-block", no_argument, NULL, ARG_NO_BLOCK },
|
||||
{}
|
||||
};
|
||||
|
||||
|
@ -1132,6 +1167,10 @@ static int parse_argv(int argc, char *argv[]) {
|
|||
arg_now = true;
|
||||
break;
|
||||
|
||||
case ARG_NO_BLOCK:
|
||||
arg_no_block = true;
|
||||
break;
|
||||
|
||||
case '?':
|
||||
return -EINVAL;
|
||||
|
||||
|
|
|
@ -406,7 +406,7 @@ static int bus_print_property(const char *name, const char *expected_value, sd_b
|
|||
if (r < 0)
|
||||
return r;
|
||||
|
||||
result = s;
|
||||
result = strempty(s);
|
||||
}
|
||||
|
||||
bus_print_property_value(name, expected_value, value, result);
|
||||
|
|
|
@ -65,12 +65,6 @@ int namespace_flags_to_string(unsigned long flags, char **ret) {
|
|||
return -ENOMEM;
|
||||
}
|
||||
|
||||
if (!s) {
|
||||
s = strdup("");
|
||||
if (!s)
|
||||
return -ENOMEM;
|
||||
}
|
||||
|
||||
*ret = TAKE_PTR(s);
|
||||
|
||||
return 0;
|
||||
|
|
|
@ -94,6 +94,12 @@ STATIC_DESTRUCTOR_REGISTER(database_groups, set_free_freep);
|
|||
STATIC_DESTRUCTOR_REGISTER(uid_range, freep);
|
||||
STATIC_DESTRUCTOR_REGISTER(arg_root, freep);
|
||||
|
||||
static int errno_is_not_exists(int code) {
|
||||
/* See getpwnam(3) and getgrnam(3): those codes and others can be returned if the user or group are
|
||||
* not found. */
|
||||
return IN_SET(code, 0, ENOENT, ESRCH, EBADF, EPERM);
|
||||
}
|
||||
|
||||
static int load_user_database(void) {
|
||||
_cleanup_fclose_ FILE *f = NULL;
|
||||
const char *passwd_path;
|
||||
|
@ -193,7 +199,7 @@ static int load_group_database(void) {
|
|||
static int make_backup(const char *target, const char *x) {
|
||||
_cleanup_close_ int src = -1;
|
||||
_cleanup_fclose_ FILE *dst = NULL;
|
||||
_cleanup_free_ char *temp = NULL;
|
||||
_cleanup_free_ char *dst_tmp = NULL;
|
||||
char *backup;
|
||||
struct timespec ts[2];
|
||||
struct stat st;
|
||||
|
@ -210,7 +216,7 @@ static int make_backup(const char *target, const char *x) {
|
|||
if (fstat(src, &st) < 0)
|
||||
return -errno;
|
||||
|
||||
r = fopen_temporary_label(target, x, &dst, &temp);
|
||||
r = fopen_temporary_label(target, x, &dst, &dst_tmp);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
|
@ -224,7 +230,7 @@ static int make_backup(const char *target, const char *x) {
|
|||
backup = strjoina(x, "-");
|
||||
|
||||
/* Copy over the access mask */
|
||||
r = fchmod_and_chown(fileno(dst), st.st_mode & 07777, st.st_uid, st.st_gid);
|
||||
r = chmod_and_chown_unsafe(dst_tmp, st.st_mode & 07777, st.st_uid, st.st_gid);
|
||||
if (r < 0)
|
||||
log_warning_errno(r, "Failed to change access mode or ownership of %s: %m", backup);
|
||||
|
||||
|
@ -237,7 +243,7 @@ static int make_backup(const char *target, const char *x) {
|
|||
if (r < 0)
|
||||
goto fail;
|
||||
|
||||
if (rename(temp, backup) < 0) {
|
||||
if (rename(dst_tmp, backup) < 0) {
|
||||
r = -errno;
|
||||
goto fail;
|
||||
}
|
||||
|
@ -245,7 +251,7 @@ static int make_backup(const char *target, const char *x) {
|
|||
return 0;
|
||||
|
||||
fail:
|
||||
(void) unlink(temp);
|
||||
(void) unlink(dst_tmp);
|
||||
return r;
|
||||
}
|
||||
|
||||
|
@ -339,13 +345,13 @@ static int putsgent_with_members(const struct sgrp *sg, FILE *gshadow) {
|
|||
}
|
||||
#endif
|
||||
|
||||
static int sync_rights(FILE *from, FILE *to) {
|
||||
static int sync_rights(FILE *from, const char *to) {
|
||||
struct stat st;
|
||||
|
||||
if (fstat(fileno(from), &st) < 0)
|
||||
return -errno;
|
||||
|
||||
return fchmod_and_chown(fileno(to), st.st_mode & 07777, st.st_uid, st.st_gid);
|
||||
return chmod_and_chown_unsafe(to, st.st_mode & 07777, st.st_uid, st.st_gid);
|
||||
}
|
||||
|
||||
static int rename_and_apply_smack(const char *temp_path, const char *dest_path) {
|
||||
|
@ -383,7 +389,7 @@ static int write_temporary_passwd(const char *passwd_path, FILE **tmpfile, char
|
|||
original = fopen(passwd_path, "re");
|
||||
if (original) {
|
||||
|
||||
r = sync_rights(original, passwd);
|
||||
r = sync_rights(original, passwd_tmp);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
|
@ -485,7 +491,7 @@ static int write_temporary_shadow(const char *shadow_path, FILE **tmpfile, char
|
|||
original = fopen(shadow_path, "re");
|
||||
if (original) {
|
||||
|
||||
r = sync_rights(original, shadow);
|
||||
r = sync_rights(original, shadow_tmp);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
|
@ -582,7 +588,7 @@ static int write_temporary_group(const char *group_path, FILE **tmpfile, char **
|
|||
original = fopen(group_path, "re");
|
||||
if (original) {
|
||||
|
||||
r = sync_rights(original, group);
|
||||
r = sync_rights(original, group_tmp);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
|
@ -681,7 +687,7 @@ static int write_temporary_gshadow(const char * gshadow_path, FILE **tmpfile, ch
|
|||
if (original) {
|
||||
struct sgrp *sg;
|
||||
|
||||
r = sync_rights(original, gshadow);
|
||||
r = sync_rights(original, gshadow_tmp);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
|
@ -971,7 +977,7 @@ static int add_user(Item *i) {
|
|||
|
||||
return 0;
|
||||
}
|
||||
if (!IN_SET(errno, 0, ENOENT))
|
||||
if (!errno_is_not_exists(errno))
|
||||
return log_error_errno(errno, "Failed to check if user %s already exists: %m", i->name);
|
||||
}
|
||||
|
||||
|
@ -1108,7 +1114,7 @@ static int get_gid_by_name(const char *name, gid_t *gid) {
|
|||
*gid = g->gr_gid;
|
||||
return 0;
|
||||
}
|
||||
if (!IN_SET(errno, 0, ENOENT))
|
||||
if (!errno_is_not_exists(errno))
|
||||
return log_error_errno(errno, "Failed to check if group %s already exists: %m", name);
|
||||
}
|
||||
|
||||
|
|
|
@ -802,6 +802,50 @@ static void test_chmod_and_chown(void) {
|
|||
assert_se(S_ISLNK(st.st_mode));
|
||||
}
|
||||
|
||||
static void test_chmod_and_chown_unsafe(void) {
|
||||
_cleanup_(rm_rf_physical_and_freep) char *d = NULL;
|
||||
_unused_ _cleanup_umask_ mode_t u = umask(0000);
|
||||
struct stat st;
|
||||
const char *p;
|
||||
|
||||
if (geteuid() != 0)
|
||||
return;
|
||||
|
||||
log_info("/* %s */", __func__);
|
||||
|
||||
assert_se(mkdtemp_malloc(NULL, &d) >= 0);
|
||||
|
||||
p = strjoina(d, "/reg");
|
||||
assert_se(mknod(p, S_IFREG | 0123, 0) >= 0);
|
||||
|
||||
assert_se(chmod_and_chown_unsafe(p, S_IFREG | 0321, 1, 2) >= 0);
|
||||
assert_se(chmod_and_chown_unsafe(p, S_IFDIR | 0555, 3, 4) == -EINVAL);
|
||||
|
||||
assert_se(lstat(p, &st) >= 0);
|
||||
assert_se(S_ISREG(st.st_mode));
|
||||
assert_se((st.st_mode & 07777) == 0321);
|
||||
|
||||
p = strjoina(d, "/dir");
|
||||
assert_se(mkdir(p, 0123) >= 0);
|
||||
|
||||
assert_se(chmod_and_chown_unsafe(p, S_IFDIR | 0321, 1, 2) >= 0);
|
||||
assert_se(chmod_and_chown_unsafe(p, S_IFREG | 0555, 3, 4) == -EINVAL);
|
||||
|
||||
assert_se(lstat(p, &st) >= 0);
|
||||
assert_se(S_ISDIR(st.st_mode));
|
||||
assert_se((st.st_mode & 07777) == 0321);
|
||||
|
||||
p = strjoina(d, "/lnk");
|
||||
assert_se(symlink("idontexist", p) >= 0);
|
||||
|
||||
assert_se(chmod_and_chown_unsafe(p, S_IFLNK | 0321, 1, 2) >= 0);
|
||||
assert_se(chmod_and_chown_unsafe(p, S_IFREG | 0555, 3, 4) == -EINVAL);
|
||||
assert_se(chmod_and_chown_unsafe(p, S_IFDIR | 0555, 3, 4) == -EINVAL);
|
||||
|
||||
assert_se(lstat(p, &st) >= 0);
|
||||
assert_se(S_ISLNK(st.st_mode));
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[]) {
|
||||
test_setup_logging(LOG_INFO);
|
||||
|
||||
|
@ -819,6 +863,7 @@ int main(int argc, char *argv[]) {
|
|||
test_fsync_directory_of_file();
|
||||
test_rename_noreplace();
|
||||
test_chmod_and_chown();
|
||||
test_chmod_and_chown_unsafe();
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
|
|
@ -190,7 +190,7 @@ static void test_restrict_namespace(void) {
|
|||
|
||||
log_info("/* %s */", __func__);
|
||||
|
||||
assert_se(namespace_flags_to_string(0, &s) == 0 && streq(s, ""));
|
||||
assert_se(namespace_flags_to_string(0, &s) == 0 && isempty(s));
|
||||
s = mfree(s);
|
||||
assert_se(namespace_flags_to_string(CLONE_NEWNS, &s) == 0 && streq(s, "mnt"));
|
||||
s = mfree(s);
|
||||
|
|
|
@ -10,7 +10,6 @@ Release=29
|
|||
[Output]
|
||||
Format=raw_btrfs
|
||||
Bootable=yes
|
||||
KernelCommandLine=printk.devkmsg=on
|
||||
OutputDirectory=../mkosi.output
|
||||
Output=networkd-test.raw
|
||||
|
||||
|
|
|
@ -212,7 +212,6 @@ loglevel=2 \
|
|||
init=$PATH_TO_INIT \
|
||||
console=$CONSOLE \
|
||||
selinux=0 \
|
||||
printk.devkmsg=on \
|
||||
$_cgroup_args \
|
||||
$KERNEL_APPEND \
|
||||
"
|
||||
|
|
Loading…
Reference in New Issue