hwdb.d/60-sensor.hwdb

@@ -435,12 +435,6 @@ sensor:modalias:acpi:KIOX000A*:dmi:*:svnLINX*:pnLINX12*64:*
 #########################################
 # Medion
 #########################################
-
-# Medion Akoya E1239T MD60568
-sensor:modalias:acpi:KIOX0009*:dmi:*:svnMEDION:pnE1239TMD60568:*
- ACCEL_MOUNT_MATRIX=1, 0, 0; 0, -1, 0; 0, 0, 1
-
-# Medion Akoya E2212T MD99720
 sensor:modalias:acpi:SMO8500*:dmi:*:svnMEDION:pnAkoyaE2212TMD99720:*
  ACCEL_MOUNT_MATRIX=-1, 0, 0; 0, 1, 0; 0, 0, 1
 

man/rules/meson.build

@@ -772,7 +772,7 @@ manpages = [
  ['systemd-nspawn', '1', [], ''],
  ['systemd-path', '1', [], ''],
  ['systemd-portabled.service', '8', ['systemd-portabled'], 'ENABLE_PORTABLED'],
- ['systemd-pstore.service', '8', ['systemd-pstore'], 'ENABLE_PSTORE'],
+ ['systemd-pstore', '8', ['systemd-pstore.service'], 'ENABLE_PSTORE'],
  ['systemd-quotacheck.service',
   '8',
   ['systemd-quotacheck'],

man/systemd-pstore.xml

@@ -7,19 +7,19 @@
           xmlns:xi="http://www.w3.org/2001/XInclude">
 
   <refentryinfo>
-    <title>systemd-pstore.service</title>
+    <title>systemd-pstore</title>
     <productname>systemd</productname>
   </refentryinfo>
 
   <refmeta>
-    <refentrytitle>systemd-pstore.service</refentrytitle>
+    <refentrytitle>systemd-pstore</refentrytitle>
     <manvolnum>8</manvolnum>
   </refmeta>
 
   <refnamediv>
-    <refname>systemd-pstore.service</refname>
     <refname>systemd-pstore</refname>
-    <refpurpose>A service to archive contents of pstore</refpurpose>
+    <refname>systemd-pstore.service</refname>
+    <refpurpose>Tool to archive contents of the persistent storage filesystem</refpurpose>
   </refnamediv>
 
   <refsynopsisdiv>
@@ -49,7 +49,7 @@
 
     <para>The pstore service is independent of the kdump service. In cloud environments
     specifically, host and guest filesystems are on remote filesystems (eg. iSCSI
-    or NFS), thus kdump relies (implicitly and/or explicitly) upon proper operation
+    or NFS), thus kdump relies [implicitly and/or explicitly] upon proper operation
     of networking software *and* hardware *and* infrastructure.  Thus it may not be
     possible to capture a kernel coredump to a file since writes over the network
     may not be possible.</para>
@@ -59,9 +59,9 @@
     debugging.</para>
 
     <para>The <command>systemd-pstore</command> executable does the actual work. Upon starting,
-    the <filename>pstore.conf</filename> file is read and the <filename>/sys/fs/pstore</filename>
+    the <filename>pstore.conf</filename> is read to obtain options, then the /sys/fs/pstore
     directory contents are processed according to the options. Pstore files are written to the
-    journal, and optionally saved into <filename>/var/lib/systemd/pstore</filename>.</para>
+    journal, and optionally saved into /var/lib/systemd/pstore.</para>
   </refsect1>
 
   <refsect1>

po/cs.po

@@ -71,7 +71,7 @@ msgid "Create a home area"
 msgstr "Vytvořit domovský adresář"
 
 #: src/home/org.freedesktop.home1.policy:14
-msgid "Authentication is required to create a user's home area."
+msgid "Authentication is required to creat a user's home area."
 msgstr "Pro vytvoření domovského adresáře uživatele je vyžadováno ověření."
 
 #: src/home/org.freedesktop.home1.policy:23
@@ -79,7 +79,7 @@ msgid "Remove a home area"
 msgstr "Odebrat domovský adresář"
 
 #: src/home/org.freedesktop.home1.policy:24
-msgid "Authentication is required to remove a user's home area."
+msgid "Authentication is required to remov a user's home area."
 msgstr "Pro odebrání domovského adresáře uživatele je vyžadováno ověření."
 
 #: src/home/org.freedesktop.home1.policy:33
@@ -98,7 +98,7 @@ msgid "Update a home area"
 msgstr "Aktualizovat domovský adresář"
 
 #: src/home/org.freedesktop.home1.policy:44
-msgid "Authentication is required to update a user's home area."
+msgid "Authentication is required to updat a user's home area."
 msgstr "Pro aktualizaci domovského adresáře uživatele je vyžadováno ověření."
 
 #: src/home/org.freedesktop.home1.policy:53
@@ -106,7 +106,7 @@ msgid "Resize a home area"
 msgstr "Změnit velikost domovského adresáře"
 
 #: src/home/org.freedesktop.home1.policy:54
-msgid "Authentication is required to resize a user's home area."
+msgid "Authentication is required to resiz a user's home area."
 msgstr ""
 "Pro změnu velikosti domovského adresáře uživatele je vyžadováno ověření."
 
@@ -115,7 +115,7 @@ msgid "Change password of a home area"
 msgstr "Změnit heslo domovského adresáře"
 
 #: src/home/org.freedesktop.home1.policy:64
-msgid "Authentication is required to change the password of a user's home area."
+msgid "Authentication is required to chang the password of a user's home area."
 msgstr "Pro změnu hesla domovského adresáře uživatele je vyžadováno ověření."
 
 #: src/hostname/org.freedesktop.hostname1.policy:20

po/fr.po

@@ -72,7 +72,7 @@ msgid "Create a home area"
 msgstr "Créer un espace personnel"
 
 #: src/home/org.freedesktop.home1.policy:14
-msgid "Authentication is required to create a user's home area."
+msgid "Authentication is required to creat a user's home area."
 msgstr ""
 "Authentification requise pour créer l'espace personnel d'un utilisateur."
 
@@ -81,7 +81,7 @@ msgid "Remove a home area"
 msgstr "Retirer un espace personnel"
 
 #: src/home/org.freedesktop.home1.policy:24
-msgid "Authentication is required to remove a user's home area."
+msgid "Authentication is required to remov a user's home area."
 msgstr ""
 "Authentification requise pour retirer l'espace personnel d'un utilisateur."
 
@@ -101,7 +101,7 @@ msgid "Update a home area"
 msgstr "Mettre à jour un espace personnel"
 
 #: src/home/org.freedesktop.home1.policy:44
-msgid "Authentication is required to update a user's home area."
+msgid "Authentication is required to updat a user's home area."
 msgstr ""
 "Authentification requise pour mettre à jour l'espace personnel d'un "
 "utilisateur."
@@ -111,7 +111,7 @@ msgid "Resize a home area"
 msgstr "Retailler un espace personnel"
 
 #: src/home/org.freedesktop.home1.policy:54
-msgid "Authentication is required to resize a user's home area."
+msgid "Authentication is required to resiz a user's home area."
 msgstr "Authentification requise pour retailler un espace personnel."
 
 #: src/home/org.freedesktop.home1.policy:63
@@ -119,7 +119,7 @@ msgid "Change password of a home area"
 msgstr "Changer le mot de passe d'un espace personnel"
 
 #: src/home/org.freedesktop.home1.policy:64
-msgid "Authentication is required to change the password of a user's home area."
+msgid "Authentication is required to chang the password of a user's home area."
 msgstr ""
 "Authentification requise pour changer le mot de passe de l'espace personnel "
 "d'un utilisateur."

po/ja.po

@@ -65,7 +65,7 @@ msgid "Create a home area"
 msgstr "ホーム領域の作成"
 
 #: src/home/org.freedesktop.home1.policy:14
-msgid "Authentication is required to create a user's home area."
+msgid "Authentication is required to creat a user's home area."
 msgstr "ユーザのホーム領域を作成するには認証が必要です。"
 
 #: src/home/org.freedesktop.home1.policy:23
@@ -73,7 +73,7 @@ msgid "Remove a home area"
 msgstr "ホーム領域の削除"
 
 #: src/home/org.freedesktop.home1.policy:24
-msgid "Authentication is required to remove a user's home area."
+msgid "Authentication is required to remov a user's home area."
 msgstr "ユーザのホーム領域の削除には認証が必要です。"
 
 #: src/home/org.freedesktop.home1.policy:33
@@ -90,7 +90,7 @@ msgid "Update a home area"
 msgstr "ホーム領域の更新"
 
 #: src/home/org.freedesktop.home1.policy:44
-msgid "Authentication is required to update a user's home area."
+msgid "Authentication is required to updat a user's home area."
 msgstr "ユーザのホーム領域の更新には認証が必要です。"
 
 #: src/home/org.freedesktop.home1.policy:53
@@ -98,7 +98,7 @@ msgid "Resize a home area"
 msgstr "ホーム領域のサイズ変更"
 
 #: src/home/org.freedesktop.home1.policy:54
-msgid "Authentication is required to resize a user's home area."
+msgid "Authentication is required to resiz a user's home area."
 msgstr "ユーザのホーム領域のサイズ変更には認証が必要です。"
 
 #: src/home/org.freedesktop.home1.policy:63
@@ -106,7 +106,7 @@ msgid "Change password of a home area"
 msgstr "ホーム領域のパスワード変更"
 
 #: src/home/org.freedesktop.home1.policy:64
-msgid "Authentication is required to change the password of a user's home area."
+msgid "Authentication is required to chang the password of a user's home area."
 msgstr "ユーザのホーム領域のパスワードを変更するには認証が必要です。"
 
 #: src/hostname/org.freedesktop.hostname1.policy:20

po/pl.po

@@ -74,7 +74,7 @@ msgid "Create a home area"
 msgstr "Utworzenie przestrzeni domowej"
 
 #: src/home/org.freedesktop.home1.policy:14
-msgid "Authentication is required to create a user's home area."
+msgid "Authentication is required to creat a user's home area."
 msgstr ""
 "Wymagane jest uwierzytelnienie, aby utworzyć przestrzeń domową użytkownika."
 
@@ -83,7 +83,7 @@ msgid "Remove a home area"
 msgstr "Usunięcie przestrzeni domowej"
 
 #: src/home/org.freedesktop.home1.policy:24
-msgid "Authentication is required to remove a user's home area."
+msgid "Authentication is required to remov a user's home area."
 msgstr "Wymagane jest uwierzytelnienie, aby usunąć przestrzeń domową użytkownika."
 
 #: src/home/org.freedesktop.home1.policy:33
@@ -102,7 +102,7 @@ msgid "Update a home area"
 msgstr "Aktualizacja przestrzeni domowej"
 
 #: src/home/org.freedesktop.home1.policy:44
-msgid "Authentication is required to update a user's home area."
+msgid "Authentication is required to updat a user's home area."
 msgstr ""
 "Wymagane jest uwierzytelnienie, aby zaktualizować przestrzeń domową użytkownika."
 
@@ -111,7 +111,7 @@ msgid "Resize a home area"
 msgstr "Zmiana rozmiaru przestrzeni domowej"
 
 #: src/home/org.freedesktop.home1.policy:54
-msgid "Authentication is required to resize a user's home area."
+msgid "Authentication is required to resiz a user's home area."
 msgstr ""
 "Wymagane jest uwierzytelnienie, aby zmienić rozmiar przestrzeni domowej "
 "użytkownika."
@@ -121,7 +121,7 @@ msgid "Change password of a home area"
 msgstr "Zmiana hasła przestrzeni domowej"
 
 #: src/home/org.freedesktop.home1.policy:64
-msgid "Authentication is required to change the password of a user's home area."
+msgid "Authentication is required to chang the password of a user's home area."
 msgstr ""
 "Wymagane jest uwierzytelnienie, aby zmienić hasło przestrzeni domowej "
 "użytkownika."

po/uk.po

@@ -75,7 +75,7 @@ msgid "Create a home area"
 msgstr "Створення домашньої теки"
 
 #: src/home/org.freedesktop.home1.policy:14
-msgid "Authentication is required to create a user's home area."
+msgid "Authentication is required to creat a user's home area."
 msgstr "Для створення домашньої теки користувача слід пройти розпізнавання."
 
 #: src/home/org.freedesktop.home1.policy:23
@@ -83,7 +83,7 @@ msgid "Remove a home area"
 msgstr "Вилучення домашньої теки"
 
 #: src/home/org.freedesktop.home1.policy:24
-msgid "Authentication is required to remove a user's home area."
+msgid "Authentication is required to remov a user's home area."
 msgstr "Для вилучення домашньої теки користувача слід пройти розпізнавання."
 
 #: src/home/org.freedesktop.home1.policy:33
@@ -102,7 +102,7 @@ msgid "Update a home area"
 msgstr "Оновлення домашньої теки"
 
 #: src/home/org.freedesktop.home1.policy:44
-msgid "Authentication is required to update a user's home area."
+msgid "Authentication is required to updat a user's home area."
 msgstr "Для оновлення домашньої теки користувача слід пройти розпізнавання."
 
 #: src/home/org.freedesktop.home1.policy:53
@@ -110,7 +110,7 @@ msgid "Resize a home area"
 msgstr "Зміна розмірів домашньої теки"
 
 #: src/home/org.freedesktop.home1.policy:54
-msgid "Authentication is required to resize a user's home area."
+msgid "Authentication is required to resiz a user's home area."
 msgstr ""
 "Для зміни розмірів домашньої теки користувача слід пройти розпізнавання."
 
@@ -119,7 +119,7 @@ msgid "Change password of a home area"
 msgstr "Зміна пароля до домашньої теки"
 
 #: src/home/org.freedesktop.home1.policy:64
-msgid "Authentication is required to change the password of a user's home area."
+msgid "Authentication is required to chang the password of a user's home area."
 msgstr ""
 "Для зміни пароля для доступу до домашньої теки користувача слід пройти"
 " розпізнавання."

presets/90-systemd.preset

@@ -36,8 +36,6 @@ disable systemd-journal-gatewayd.*
 disable systemd-journal-remote.*
 disable systemd-journal-upload.*
 
-enable systemd-pstore.service
-
 # Passive targets: always off by default, since they should only be pulled in
 # by dependent units.
 

src/basic/label.c

@@ -10,11 +10,11 @@
 #include "selinux-util.h"
 #include "smack-util.h"
 
-int label_fix(const char *path, LabelFixFlags flags) {
+int label_fix_container(const char *path, const char *inside_path, LabelFixFlags flags) {
         int r, q;
 
-        r = mac_selinux_fix(path, flags);
+        r = mac_selinux_fix_container(path, inside_path, flags);
-        q = mac_smack_fix(path, flags);
+        q = mac_smack_fix_container(path, inside_path, flags);
 
         if (r < 0)
                 return r;

src/basic/label.h

@@ -9,7 +9,10 @@ typedef enum LabelFixFlags {
         LABEL_IGNORE_EROFS  = 1 << 1,
 } LabelFixFlags;
 
-int label_fix(const char *path, LabelFixFlags flags);
+int label_fix_container(const char *path, const char *inside_path, LabelFixFlags flags);
+static inline int label_fix(const char *path, LabelFixFlags flags) {
+        return label_fix_container(path, path, flags);
+}
 
 int mkdir_label(const char *path, mode_t mode);
 int mkdirat_label(int dirfd, const char *path, mode_t mode);

src/basic/selinux-util.c

@@ -124,7 +124,7 @@ void mac_selinux_reload(void) {
 #endif
 }
 
-int mac_selinux_fix(const char *path, LabelFixFlags flags) {
+int mac_selinux_fix_container(const char *path, const char *inside_path, LabelFixFlags flags) {
 
 #if HAVE_SELINUX
         char procfs_path[STRLEN("/proc/self/fd/") + DECIMAL_STR_MAX(int)];
@@ -151,7 +151,7 @@ int mac_selinux_fix(const char *path, LabelFixFlags flags) {
         if (fstat(fd, &st) < 0)
                 return -errno;
 
-        if (selabel_lookup_raw(label_hnd, &fcon, path, st.st_mode) < 0) {
+        if (selabel_lookup_raw(label_hnd, &fcon, inside_path, st.st_mode) < 0) {
                 r = -errno;
 
                 /* If there's no label to set, then exit without warning */
@@ -185,7 +185,7 @@ int mac_selinux_fix(const char *path, LabelFixFlags flags) {
         return 0;
 
 fail:
-        log_enforcing_errno(r, "Unable to fix SELinux security context of %s: %m", path);
+        log_enforcing_errno(r, "Unable to fix SELinux security context of %s (%s): %m", path, inside_path);
         if (security_getenforce() == 1)
                 return r;
 #endif

src/basic/selinux-util.h

@@ -22,7 +22,11 @@ int mac_selinux_init(void);
 void mac_selinux_finish(void);
 void mac_selinux_reload(void);
 
-int mac_selinux_fix(const char *path, LabelFixFlags flags);
+int mac_selinux_fix_container(const char *path, const char *inside_path, LabelFixFlags flags);
+static inline int mac_selinux_fix(const char *path, LabelFixFlags flags) {
+        return mac_selinux_fix_container(path, path, flags);
+}
+
 int mac_selinux_apply(const char *path, const char *label);
 
 int mac_selinux_get_create_label_from_exe(const char *exe, char **label);

src/basic/smack-util.c

@@ -206,7 +206,7 @@ int mac_smack_fix_at(int dirfd, const char *path, LabelFixFlags flags) {
         return smack_fix_fd(fd, path, flags);
 }
 
-int mac_smack_fix(const char *path, LabelFixFlags flags) {
+int mac_smack_fix_container(const char *path, const char *inside_path, LabelFixFlags flags) {
         _cleanup_free_ char *abspath = NULL;
         _cleanup_close_ int fd = -1;
         int r;
@@ -228,7 +228,7 @@ int mac_smack_fix(const char *path, LabelFixFlags flags) {
                 return -errno;
         }
 
-        return smack_fix_fd(fd, abspath, flags);
+        return smack_fix_fd(fd, inside_path, flags);
 }
 
 int mac_smack_copy(const char *dest, const char *src) {
@@ -274,7 +274,7 @@ int mac_smack_apply_pid(pid_t pid, const char *label) {
         return 0;
 }
 
-int mac_smack_fix(const char *path, LabelFixFlags flags) {
+int mac_smack_fix_container(const char *path, const char *inside_path, LabelFixFlags flags) {
         return 0;
 }
 

src/basic/smack-util.h

@@ -29,7 +29,11 @@ typedef enum SmackAttr {
 
 bool mac_smack_use(void);
 
-int mac_smack_fix(const char *path, LabelFixFlags flags);
+int mac_smack_fix_container(const char *path, const char *inside_path, LabelFixFlags flags);
+static inline int mac_smack_fix(const char *path, LabelFixFlags flags) {
+        return mac_smack_fix_container(path, path, flags);
+}
+
 int mac_smack_fix_at(int dirfd, const char *path, LabelFixFlags flags);
 
 const char* smack_attr_to_string(SmackAttr i) _const_;

src/core/namespace.c

@@ -34,6 +34,7 @@
 #include "tmpfile-util.h"
 #include "umask-util.h"
 #include "user-util.h"
+#include "virt.h"
 
 #define DEV_MOUNT_OPTIONS (MS_NOSUID|MS_STRICTATIME|MS_NOEXEC)
 
@@ -690,6 +691,22 @@ static int mount_private_dev(MountEntry *m) {
                 r = log_debug_errno(errno, "Failed to mount tmpfs on '%s': %m", dev);
                 goto fail;
         }
+#if HAVE_SELINUX || ENABLE_SMACK
+        if (detect_container() <= 0) {
+                /* these could fail if inside container */
+                r = mac_selinux_init();
+                if (r < 0) {
+                        log_debug("Failed to reinitialize SELinux policy");
+                        goto fail;
+                }
+                r = label_fix_container(dev, "/dev", 0);
+                if (r < 0) {
+                        log_debug_errno(errno, "Failed to fix label of '%s' as /dev: %m", dev);
+                        goto fail;
+                }
+                mac_selinux_finish();
+        }
+#endif
 
         devpts = strjoina(temporary_mount, "/dev/pts");
         (void) mkdir(devpts, 0755);

src/home/org.freedesktop.home1.policy

@@ -11,7 +11,7 @@
 
         <action id="org.freedesktop.home1.create-home">
                 <description gettext-domain="systemd">Create a home area</description>
-                <message gettext-domain="systemd">Authentication is required to create a user's home area.</message>
+                <message gettext-domain="systemd">Authentication is required to creat a user's home area.</message>
                 <defaults>
                         <allow_any>auth_admin_keep</allow_any>
                         <allow_inactive>auth_admin_keep</allow_inactive>
@@ -21,7 +21,7 @@
 
         <action id="org.freedesktop.home1.remove-home">
                 <description gettext-domain="systemd">Remove a home area</description>
-                <message gettext-domain="systemd">Authentication is required to remove a user's home area.</message>
+                <message gettext-domain="systemd">Authentication is required to remov a user's home area.</message>
                 <defaults>
                         <allow_any>auth_admin_keep</allow_any>
                         <allow_inactive>auth_admin_keep</allow_inactive>
@@ -41,7 +41,7 @@
 
         <action id="org.freedesktop.home1.update-home">
                 <description gettext-domain="systemd">Update a home area</description>
-                <message gettext-domain="systemd">Authentication is required to update a user's home area.</message>
+                <message gettext-domain="systemd">Authentication is required to updat a user's home area.</message>
                 <defaults>
                         <allow_any>auth_admin_keep</allow_any>
                         <allow_inactive>auth_admin_keep</allow_inactive>
@@ -51,7 +51,7 @@
 
         <action id="org.freedesktop.home1.resize-home">
                 <description gettext-domain="systemd">Resize a home area</description>
-                <message gettext-domain="systemd">Authentication is required to resize a user's home area.</message>
+                <message gettext-domain="systemd">Authentication is required to resiz a user's home area.</message>
                 <defaults>
                         <allow_any>auth_admin_keep</allow_any>
                         <allow_inactive>auth_admin_keep</allow_inactive>
@@ -61,7 +61,7 @@
 
         <action id="org.freedesktop.home1.passwd-home">
                 <description gettext-domain="systemd">Change password of a home area</description>
-                <message gettext-domain="systemd">Authentication is required to change the password of a user's home area.</message>
+                <message gettext-domain="systemd">Authentication is required to chang the password of a user's home area.</message>
                 <defaults>
                         <allow_any>auth_admin_keep</allow_any>
                         <allow_inactive>auth_admin_keep</allow_inactive>