Compare commits

..

No commits in common. "dd0395b5654c52e982adf6d354db9c7fdcf4b6c7" and "a100fe3c279b93fcf739932fc17d0efe8c802580" have entirely different histories.

38 changed files with 142 additions and 561 deletions

View File

@ -9,6 +9,16 @@ extraction:
- libfdisk-dev - libfdisk-dev
- libp11-kit-dev - libp11-kit-dev
- libssl-dev - libssl-dev
before_index:
# /tmp has `noexec` set in the LGTM infra which breaks meson's
# compilation checks. Let's temporarily override TMPDIR to /var/tmp which
# should work as expected
# See: https://discuss.lgtm.com/t/meson-fails-to-determine-sizes-of-basic-data-types/2639
- export TMPDIR=/var/tmp
index:
build_command:
- meson build
- ninja -C build
python: python:
python_setup: python_setup:
version: 3 version: 3

View File

@ -10,6 +10,7 @@ Release=31
[Output] [Output]
Format=gpt_ext4 Format=gpt_ext4
Bootable=yes Bootable=yes
KernelCommandLine=printk.devkmsg=on
[Partitions] [Partitions]
RootSize=3G RootSize=3G
@ -26,7 +27,6 @@ BuildPackages=
gcc gcc
gettext gettext
git git
glibc-minimal-langpack
gnu-efi gnu-efi
gnu-efi-devel gnu-efi-devel
gnutls-devel gnutls-devel

View File

@ -96,8 +96,6 @@ And now, here's the list of (hopefully) all APIs that we have introduced with sy
| [$NOTIFY_SOCKET Daemon Notifications](https://www.freedesktop.org/software/systemd/man/sd_notify.html) | Environment | yes | yes | a few, including udev | yes | - | no | | [$NOTIFY_SOCKET Daemon Notifications](https://www.freedesktop.org/software/systemd/man/sd_notify.html) | Environment | yes | yes | a few, including udev | yes | - | no |
| [argv[0][0]='@' Logic](https://www.freedesktop.org/wiki/Software/systemd/RootStorageDaemons) | `/proc` marking | yes | yes | mdadm | yes | - | no | | [argv[0][0]='@' Logic](https://www.freedesktop.org/wiki/Software/systemd/RootStorageDaemons) | `/proc` marking | yes | yes | mdadm | yes | - | no |
| [Unit file format](https://www.freedesktop.org/software/systemd/man/systemd.unit.html) | File format | yes | yes | numerous | no | - | no | | [Unit file format](https://www.freedesktop.org/software/systemd/man/systemd.unit.html) | File format | yes | yes | numerous | no | - | no |
| [Network](https://www.freedesktop.org/software/systemd/man/systemd.network.html) & [Netdev file format](https://www.freedesktop.org/software/systemd/man/systemd.netdev.html) | File format | yes | yes | no | no | - | no |
| [Link file format](https://www.freedesktop.org/software/systemd/man/systemd.link.html) | File format | yes | yes | no | no | - | no |
| [Journal File Format](https://www.freedesktop.org/wiki/Software/systemd/journal-files) | File format | yes | yes | - | maybe | - | no | | [Journal File Format](https://www.freedesktop.org/wiki/Software/systemd/journal-files) | File format | yes | yes | - | maybe | - | no |
| [Journal Export Format](https://www.freedesktop.org/wiki/Software/systemd/export) | File format | yes | yes | - | yes | - | no | | [Journal Export Format](https://www.freedesktop.org/wiki/Software/systemd/export) | File format | yes | yes | - | yes | - | no |
| [Cooperation in cgroup tree](https://www.freedesktop.org/wiki/Software/systemd/PaxControlGroups) | Treaty | yes | yes | libvirt | yes | libvirt | no | | [Cooperation in cgroup tree](https://www.freedesktop.org/wiki/Software/systemd/PaxControlGroups) | Treaty | yes | yes | libvirt | yes | libvirt | no |

View File

@ -1200,19 +1200,6 @@ evdev:name:MSI Laptop hotkeys:dmi:bvn*:bvr*:bd*:svn*:pnM[iI][cC][rR][oO]-S[tT][a
KEYBOARD_KEY_0213=f22 KEYBOARD_KEY_0213=f22
KEYBOARD_KEY_0214=f23 KEYBOARD_KEY_0214=f23
###########################################################
# Olimex
###########################################################
# Teres-I
evdev:input:b0003v15BAp003C*
KEYBOARD_KEY_70066=sleep # Fn+F1
KEYBOARD_KEY_700f6=wlan # Fn+F2
KEYBOARD_KEY_700c7=f21 # Fn+F3 touchpad toggle
KEYBOARD_KEY_7006f=brightnessdown # Fn+F7
KEYBOARD_KEY_70070=brightnessup # Fn+F8
KEYBOARD_KEY_7006e=switchvideomode # Fn+F9
########################################################### ###########################################################
# OLPC # OLPC
########################################################### ###########################################################

View File

@ -41,15 +41,11 @@
# #
# Allowed properties are: # Allowed properties are:
# ACCEL_MOUNT_MATRIX=<matrix> # ACCEL_MOUNT_MATRIX=<matrix>
# PROXIMITY_NEAR_LEVEL=<value>
# #
# where <matrix> is a mount-matrix in the format specified in the IIO # where <matrix> is a mount-matrix in the format specified in the IIO
# subsystem[1]. The default, when unset, is equivalent to: # subsystem[1]. The default, when unset, is equivalent to:
# ACCEL_MOUNT_MATRIX=1, 0, 0; 0, 1, 0; 0, 0, 1 # ACCEL_MOUNT_MATRIX=1, 0, 0; 0, 1, 0; 0, 0, 1
# eg. the identity matrix. # eg. the identity matrix.
# and <value> is an integer value above which an object is considered
# close by a proximity sensor:
# PROXIMITY_NEAR_LEVEL=100
# #
# [1]: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dfc57732ad38f93ae6232a3b4e64fd077383a0f1 # [1]: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dfc57732ad38f93ae6232a3b4e64fd077383a0f1
# #

View File

@ -128,7 +128,6 @@ def property_grammar():
('KEYBOARD_LED_CAPSLOCK', Literal('0')), ('KEYBOARD_LED_CAPSLOCK', Literal('0')),
('ACCEL_MOUNT_MATRIX', mount_matrix), ('ACCEL_MOUNT_MATRIX', mount_matrix),
('ACCEL_LOCATION', Or(('display', 'base'))), ('ACCEL_LOCATION', Or(('display', 'base'))),
('PROXIMITY_NEAR_LEVEL', INTEGER),
) )
fixed_props = [Literal(name)('NAME') - Suppress('=') - val('VALUE') fixed_props = [Literal(name)('NAME') - Suppress('=') - val('VALUE')
for name, val in props] for name, val in props]

View File

@ -350,9 +350,9 @@
<varname>TTYPath=</varname>, described below.</para> <varname>TTYPath=</varname>, described below.</para>
<para>When forwarding to the kernel log buffer (kmsg), make sure to select a suitably large size for <para>When forwarding to the kernel log buffer (kmsg), make sure to select a suitably large size for
the log buffer, for example by adding <literal>log_buf_len=8M</literal> to the kernel command line. the log buffer, and ensure the kernel's rate-limiting applied to userspace processes is turned
<command>systemd</command> will automatically disable kernel's rate-limiting applied to userspace off. Specifically, add <literal>log_buf_len=8M</literal> and <literal>printk.devkmsg=on</literal> (or
processes (equivalent to setting <literal>printk.devkmsg=on</literal>).</para></listitem> similar) to the kernel command line.</para></listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>

View File

@ -135,8 +135,7 @@
the service manager are seen by it.</para> the service manager are seen by it.</para>
<para>If <option>--now</option> and/or <option>--enable</option> are passed, the portable service(s) are <para>If <option>--now</option> and/or <option>--enable</option> are passed, the portable service(s) are
immediately started (blocking operation unless <option>--no-block</option> is passed) and/or enabled after immediately started and/or enabled after attaching the image.</para>
attaching the image.</para>
</listitem> </listitem>
</varlistentry> </varlistentry>
@ -151,8 +150,8 @@
<command>detach</command>.</para></listitem> <command>detach</command>.</para></listitem>
<para>If <option>--now</option> and/or <option>--enable</option> are passed, the portable service(s) are <para>If <option>--now</option> and/or <option>--enable</option> are passed, the portable service(s) are
immediately stopped (blocking operation) and/or disabled before detaching the image. Prefix(es) are also accepted, immediately started and/or enabled before detaching the image. Prefix(es) are also accepted, to be used in
to be used in case the unit names do not match the image name as described in the <command>attach</command>.</para> case the unit names do not match the image name as described in the <command>attach</command>.</para>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
@ -331,12 +330,6 @@
<listitem><para>Immediately start/stop the portable service after attaching/before detaching.</para></listitem> <listitem><para>Immediately start/stop the portable service after attaching/before detaching.</para></listitem>
</varlistentry> </varlistentry>
<varlistentry>
<term><option>--no-block</option></term>
<listitem><para>Don't block waiting for attach --now to complete.</para></listitem>
</varlistentry>
<xi:include href="user-system-options.xml" xpointer="host" /> <xi:include href="user-system-options.xml" xpointer="host" />
<xi:include href="user-system-options.xml" xpointer="machine" /> <xi:include href="user-system-options.xml" xpointer="machine" />

View File

@ -1,8 +1,8 @@
<?xml version='1.0'?> <?xml version='1.0'?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
<!ENTITY fedora_latest_version "31"> <!ENTITY fedora_latest_version "30">
<!ENTITY fedora_cloud_release "1.9"> <!ENTITY fedora_cloud_release "1.2">
]> ]>
<!-- SPDX-License-Identifier: LGPL-2.1+ --> <!-- SPDX-License-Identifier: LGPL-2.1+ -->
@ -1378,7 +1378,7 @@
<programlisting># dnf -y --releasever=&fedora_latest_version; --installroot=/var/lib/machines/f&fedora_latest_version; \ <programlisting># dnf -y --releasever=&fedora_latest_version; --installroot=/var/lib/machines/f&fedora_latest_version; \
--disablerepo='*' --enablerepo=fedora --enablerepo=updates install \ --disablerepo='*' --enablerepo=fedora --enablerepo=updates install \
systemd passwd dnf fedora-release vim-minimal glibc-minimal-langpack systemd passwd dnf fedora-release vim-minimal
# systemd-nspawn -bD /var/lib/machines/f&fedora_latest_version;</programlisting> # systemd-nspawn -bD /var/lib/machines/f&fedora_latest_version;</programlisting>
<para>This installs a minimal Fedora distribution into the <para>This installs a minimal Fedora distribution into the

View File

@ -26,11 +26,8 @@
<refsect1> <refsect1>
<title>Description</title> <title>Description</title>
<para>A plain ini-style text file that encodes configuration for matching network devices, used by <para>Network link configuration is performed by the
<citerefentry><refentrytitle>systemd-udev</refentrytitle><manvolnum>8</manvolnum></citerefentry> and in <command>net_setup_link</command> udev builtin.</para>
particular its <command>net_setup_link</command> builtin. See
<citerefentry><refentrytitle>systemd.syntax</refentrytitle><manvolnum>5</manvolnum></citerefentry> for a
general description of the syntax.</para>
<para>The link files are read from the files located in the system <para>The link files are read from the files located in the system
network directory <filename>/usr/lib/systemd/network</filename>, network directory <filename>/usr/lib/systemd/network</filename>,

View File

@ -27,10 +27,9 @@
<refsect1> <refsect1>
<title>Description</title> <title>Description</title>
<para>A plain ini-style text file that encodes configuration about a virtual network device, used by <para>Network setup is performed by
<citerefentry><refentrytitle>systemd-networkd</refentrytitle><manvolnum>8</manvolnum></citerefentry>. <citerefentry><refentrytitle>systemd-networkd</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
See <citerefentry><refentrytitle>systemd.syntax</refentrytitle><manvolnum>5</manvolnum></citerefentry> </para>
for a general description of the syntax.</para>
<para>The main Virtual Network Device file must have the extension <filename>.netdev</filename>; <para>The main Virtual Network Device file must have the extension <filename>.netdev</filename>;
other extensions are ignored. Virtual network devices are created as soon as networkd is other extensions are ignored. Virtual network devices are created as soon as networkd is

View File

@ -28,11 +28,9 @@
<refsect1> <refsect1>
<title>Description</title> <title>Description</title>
<para>A plain ini-style text file that encodes network configuration for matching network interfaces, <para>Network setup is performed by
used by
<citerefentry><refentrytitle>systemd-networkd</refentrytitle><manvolnum>8</manvolnum></citerefentry>. <citerefentry><refentrytitle>systemd-networkd</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
See <citerefentry><refentrytitle>systemd.syntax</refentrytitle><manvolnum>5</manvolnum></citerefentry> </para>
for a general description of the syntax.</para>
<para>The main network file must have the extension <filename>.network</filename>; other <para>The main network file must have the extension <filename>.network</filename>; other
extensions are ignored. Networks are applied to links whenever the links appear.</para> extensions are ignored. Networks are applied to links whenever the links appear.</para>
@ -516,14 +514,13 @@
<varlistentry> <varlistentry>
<term><varname>Domains=</varname></term> <term><varname>Domains=</varname></term>
<listitem> <listitem>
<para>A whitespace-separated list of domains which should be resolved using the DNS servers on <para>A list of domains which should be resolved using the DNS servers on this link. Each item in the list
this link. Each item in the list should be a domain name, optionally prefixed with a tilde should be a domain name, optionally prefixed with a tilde (<literal>~</literal>). The domains with the
(<literal>~</literal>). The domains with the prefix are called "routing-only domains". The prefix are called "routing-only domains". The domains without the prefix are called "search domains" and
domains without the prefix are called "search domains" and are first used as search suffixes for are first used as search suffixes for extending single-label host names (host names containing no dots) to
extending single-label host names (host names containing no dots) to become fully qualified become fully qualified domain names (FQDNs). If a single-label host name is resolved on this interface,
domain names (FQDNs). If a single-label host name is resolved on this interface, each of the each of the specified search domains are appended to it in turn, converting it into a fully qualified
specified search domains are appended to it in turn, converting it into a fully qualified domain domain name, until one of them may be successfully resolved.</para>
name, until one of them may be successfully resolved.</para>
<para>Both "search" and "routing-only" domains are used for routing of DNS queries: look-ups for host names <para>Both "search" and "routing-only" domains are used for routing of DNS queries: look-ups for host names
ending in those domains (hence also single label names, if any "search domains" are listed), are routed to ending in those domains (hence also single label names, if any "search domains" are listed), are routed to
@ -616,12 +613,10 @@
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term><varname>IPv6AcceptRA=</varname></term> <term><varname>IPv6AcceptRA=</varname></term>
<listitem><para>Takes a boolean. Controls IPv6 Router Advertisement (RA) reception support for the <listitem><para>Takes a boolean. Controls IPv6 Router Advertisement (RA) reception support
interface. If true, RAs are accepted; if false, RAs are ignored. When RAs are accepted, they may for the interface. If true, RAs are accepted; if false, RAs are ignored, independently of the
trigger the start of the DHCPv6 client if the relevant flags are set in the RA data, or if no local forwarding state. When RAs are accepted, they may trigger the start of the DHCPv6
routers are found on the link. The default is to disable RA reception for bridge devices or when IP client if the relevant flags are set in the RA data, or if no routers are found on the link.</para>
forwarding is enabled, and to enable it otherwise. Cannot be enabled on bond devices and when link
local adressing is disabled.</para>
<para>Further settings for the IPv6 RA support may be configured in the <para>Further settings for the IPv6 RA support may be configured in the
<literal>[IPv6AcceptRA]</literal> section, see below.</para> <literal>[IPv6AcceptRA]</literal> section, see below.</para>

View File

@ -46,15 +46,6 @@
<citerefentry><refentrytitle>systemd.nspawn</refentrytitle><manvolnum>5</manvolnum></citerefentry> <citerefentry><refentrytitle>systemd.nspawn</refentrytitle><manvolnum>5</manvolnum></citerefentry>
</para></listitem> </para></listitem>
<listitem><para>link files, see
<citerefentry><refentrytitle>systemd.link</refentrytitle><manvolnum>5</manvolnum></citerefentry>
</para></listitem>
<listitem><para>netdev and network files, see
<citerefentry><refentrytitle>systemd.netdev</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd.network</refentrytitle><manvolnum>5</manvolnum></citerefentry>
</para></listitem>
<listitem><para>daemon config files, see <listitem><para>daemon config files, see
<citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-user.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>systemd-user.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,

378
po/ru.po
View File

@ -1,24 +1,22 @@
# SPDX-License-Identifier: LGPL-2.1+ # SPDX-License-Identifier: LGPL-2.1+
# #
# translation of ru.po to Rissian # translation of ru.po to Rissian
#
# Julia Dronova <juliette.tux@gmail.com>, 2013. # Julia Dronova <juliette.tux@gmail.com>, 2013.
# Sergey Ptashnick <0comffdiz@inbox.ru>, 2013-2018. # Sergey Ptashnick <0comffdiz@inbox.ru>, 2013-2018.
# Vladimir Yerilov <openmindead@gmail.com>, 2020. #
msgid "" msgid ""
msgstr "" msgstr ""
"Project-Id-Version: systemd\n" "Project-Id-Version: systemd\n"
"Report-Msgid-Bugs-To: \n" "Report-Msgid-Bugs-To: https://github.com/systemd/systemd/issues\n"
"POT-Creation-Date: 2020-03-03 00:56+1000\n" "POT-Creation-Date: 2015-11-22 16:37+0100\n"
"PO-Revision-Date: 2020-03-03 16:05+1000\n" "PO-Revision-Date: 2018-09-01 18:46+0300\n"
"Last-Translator: Vladimir Yerilov <openmindead@gmail.com>\n" "Last-Translator: Sergey Ptashnick <0comffdiz@inbox.ru>\n"
"Language: ru\n" "Language: ru\n"
"MIME-Version: 1.0\n" "MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n" "Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n" "Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<" "Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n"
"=4 && (n%100<10 || n%100>=20) ? 1 : 2)\n" "%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2)\n"
"X-Generator: Lokalize 19.12.2\n"
#: src/core/org.freedesktop.systemd1.policy.in:22 #: src/core/org.freedesktop.systemd1.policy.in:22
msgid "Send passphrase back to system" msgid "Send passphrase back to system"
@ -71,68 +69,6 @@ msgstr ""
"Чтобы заставить systemd перечитать конфигурацию, необходимо пройти " "Чтобы заставить systemd перечитать конфигурацию, необходимо пройти "
"аутентификацию." "аутентификацию."
#: src/home/org.freedesktop.home1.policy:13
msgid "Create a home area"
msgstr "Создать домашнее пространство"
#: src/home/org.freedesktop.home1.policy:14
msgid "Authentication is required to create a user's home area."
msgstr ""
"Чтобы создать домашнее пространство пользователя, необходимо пройти"
" аутентификацию."
#: src/home/org.freedesktop.home1.policy:23
msgid "Remove a home area"
msgstr "Удалить домашнее пространство"
#: src/home/org.freedesktop.home1.policy:24
msgid "Authentication is required to remove a user's home area."
msgstr ""
"Чтобы удалить домашнее пространство пользователя, необходимо пройти"
" аутентификацию."
#: src/home/org.freedesktop.home1.policy:33
msgid "Check credentials of a home area"
msgstr "Проверить учётные данные домашнего пространства"
#: src/home/org.freedesktop.home1.policy:34
msgid ""
"Authentication is required to check credentials against a user's home area."
msgstr ""
"Чтобы проверить учётные данные для домашнего пространства пользователя,"
" необходимо пройти аутентификацию."
#: src/home/org.freedesktop.home1.policy:43
msgid "Update a home area"
msgstr "Обновить домашнее пространство"
#: src/home/org.freedesktop.home1.policy:44
msgid "Authentication is required to update a user's home area."
msgstr ""
"Чтобы обновить домашнее пространство пользователя, необходимо пройти"
" аутентификацию."
#: src/home/org.freedesktop.home1.policy:53
msgid "Resize a home area"
msgstr "Изменить размер домашнего пространства"
#: src/home/org.freedesktop.home1.policy:54
msgid "Authentication is required to resize a user's home area."
msgstr ""
"Чтобы изменить размер домашнего пространства пользователя, необходимо пройти"
" аутентификацию."
#: src/home/org.freedesktop.home1.policy:63
msgid "Change password of a home area"
msgstr "Изменить пароль для домашнего пространства"
#: src/home/org.freedesktop.home1.policy:64
msgid ""
"Authentication is required to change the password of a user's home area."
msgstr ""
"Чтобы изменить пароль для домашнего пространства пользователя, необходимо"
" пройти аутентификацию."
#: src/hostname/org.freedesktop.hostname1.policy:20 #: src/hostname/org.freedesktop.hostname1.policy:20
msgid "Set host name" msgid "Set host name"
msgstr "Настроить имя компьютера" msgstr "Настроить имя компьютера"
@ -330,7 +266,8 @@ msgstr ""
#: src/login/org.freedesktop.login1.policy:117 #: src/login/org.freedesktop.login1.policy:117
msgid "Allow non-logged-in user to run programs" msgid "Allow non-logged-in user to run programs"
msgstr "Разрешить работу программ в фоновом режиме после завершения сеанса" msgstr ""
"Разрешить работу программ в фоновом режиме после завершения сеанса"
#: src/login/org.freedesktop.login1.policy:118 #: src/login/org.freedesktop.login1.policy:118
msgid "Explicit request is required to run programs as a non-logged-in user." msgid "Explicit request is required to run programs as a non-logged-in user."
@ -365,7 +302,8 @@ msgid "Flush device to seat attachments"
msgstr "Сбросить привязки устройств к рабочим местам" msgstr "Сбросить привязки устройств к рабочим местам"
#: src/login/org.freedesktop.login1.policy:149 #: src/login/org.freedesktop.login1.policy:149
msgid "Authentication is required to reset how devices are attached to seats." msgid ""
"Authentication is required to reset how devices are attached to seats."
msgstr "" msgstr ""
"Чтобы сбросить привязки устройств к рабочим местам, необходимо пройти " "Чтобы сбросить привязки устройств к рабочим местам, необходимо пройти "
"аутентификацию." "аутентификацию."
@ -399,8 +337,8 @@ msgstr ""
#: src/login/org.freedesktop.login1.policy:181 #: src/login/org.freedesktop.login1.policy:181
msgid "" msgid ""
"Authentication is required to power off the system while an application is " "Authentication is required to power off the system while an application "
"inhibiting this." "is inhibiting this."
msgstr "" msgstr ""
"Чтобы выключить систему, несмотря на то, что приложение запросило блокировку " "Чтобы выключить систему, несмотря на то, что приложение запросило блокировку "
"выключения, необходимо пройти аутентификацию." "выключения, необходимо пройти аутентификацию."
@ -420,8 +358,8 @@ msgstr ""
#: src/login/org.freedesktop.login1.policy:203 #: src/login/org.freedesktop.login1.policy:203
msgid "" msgid ""
"Authentication is required to reboot the system while other users are logged " "Authentication is required to reboot the system while other users are "
"in." "logged in."
msgstr "" msgstr ""
"Чтобы перезагрузить систему, несмотря на то, что в ней работают другие " "Чтобы перезагрузить систему, несмотря на то, что в ней работают другие "
"пользователи, необходимо пройти аутентификацию." "пользователи, необходимо пройти аутентификацию."
@ -434,8 +372,8 @@ msgstr ""
#: src/login/org.freedesktop.login1.policy:214 #: src/login/org.freedesktop.login1.policy:214
msgid "" msgid ""
"Authentication is required to reboot the system while an application is " "Authentication is required to reboot the system while an application "
"inhibiting this." "is inhibiting this."
msgstr "" msgstr ""
"Чтобы перезагрузить систему, несмотря на то, что приложение запросило " "Чтобы перезагрузить систему, несмотря на то, что приложение запросило "
"блокировку выключения, необходимо пройти аутентификацию." "блокировку выключения, необходимо пройти аутентификацию."
@ -455,8 +393,8 @@ msgstr ""
#: src/login/org.freedesktop.login1.policy:236 #: src/login/org.freedesktop.login1.policy:236
msgid "" msgid ""
"Authentication is required to halt the system while other users are logged " "Authentication is required to halt the system while other users are "
"in." "logged in."
msgstr "" msgstr ""
"Чтобы остановить систему, несмотря на то, что в ней работают другие " "Чтобы остановить систему, несмотря на то, что в ней работают другие "
"пользователи, необходимо пройти аутентификацию." "пользователи, необходимо пройти аутентификацию."
@ -464,16 +402,16 @@ msgstr ""
#: src/login/org.freedesktop.login1.policy:246 #: src/login/org.freedesktop.login1.policy:246
msgid "Halt the system while an application is inhibiting this" msgid "Halt the system while an application is inhibiting this"
msgstr "" msgstr ""
"Остановить систему несмотря на то, что приложение запросило блокировку " "Остановить систему, несмотря на то, что приложение запросило блокировку "
"выключения" "выключения"
#: src/login/org.freedesktop.login1.policy:247 #: src/login/org.freedesktop.login1.policy:247
msgid "" msgid ""
"Authentication is required to halt the system while an application is " "Authentication is required to halt the system while an application asked "
"inhibiting this." "to inhibit it."
msgstr "" msgstr ""
"Чтобы остановить систему несмотря на то, что приложение запросило блокировку" "Чтобы остановить систему, несмотря на то, что приложение запросило "
" выключения, необходимо пройти аутентификацию." "блокировку выключения, необходимо пройти аутентификацию."
#: src/login/org.freedesktop.login1.policy:257 #: src/login/org.freedesktop.login1.policy:257
msgid "Suspend the system" msgid "Suspend the system"
@ -506,8 +444,8 @@ msgstr ""
#: src/login/org.freedesktop.login1.policy:279 #: src/login/org.freedesktop.login1.policy:279
msgid "" msgid ""
"Authentication is required to suspend the system while an application is " "Authentication is required to suspend the system while an application "
"inhibiting this." "is inhibiting this."
msgstr "" msgstr ""
"Чтобы перевести систему в ждущий режим, несмотря на то, что приложение " "Чтобы перевести систему в ждущий режим, несмотря на то, что приложение "
"запросило блокировку, необходимо пройти аутентификацию." "запросило блокировку, необходимо пройти аутентификацию."
@ -543,8 +481,8 @@ msgstr ""
#: src/login/org.freedesktop.login1.policy:311 #: src/login/org.freedesktop.login1.policy:311
msgid "" msgid ""
"Authentication is required to hibernate the system while an application is " "Authentication is required to hibernate the system while an application "
"inhibiting this." "is inhibiting this."
msgstr "" msgstr ""
"Чтобы перевести систему в спящий режим, несмотря на то, что приложение " "Чтобы перевести систему в спящий режим, несмотря на то, что приложение "
"запросило блокировку, необходимо пройти аутентификацию." "запросило блокировку, необходимо пройти аутентификацию."
@ -554,7 +492,8 @@ msgid "Manage active sessions, users and seats"
msgstr "Управление текущими сеансами, пользователями и рабочими местами" msgstr "Управление текущими сеансами, пользователями и рабочими местами"
#: src/login/org.freedesktop.login1.policy:322 #: src/login/org.freedesktop.login1.policy:322
msgid "Authentication is required to manage active sessions, users and seats." msgid ""
"Authentication is required to manage active sessions, users and seats."
msgstr "" msgstr ""
"Для управления текущими сеансами, пользователями и рабочими местами, " "Для управления текущими сеансами, пользователями и рабочими местами, "
"необходимо пройти аутентификацию." "необходимо пройти аутентификацию."
@ -570,68 +509,26 @@ msgstr ""
"аутентификацию." "аутентификацию."
#: src/login/org.freedesktop.login1.policy:341 #: src/login/org.freedesktop.login1.policy:341
msgid "Set the reboot \"reason\" in the kernel" msgid "Allow indication to the firmware to boot to setup interface"
msgstr "Установить \"причину\" перезагрузки" msgstr "Разрешить загрузку в режиме настройки прошивки материнской платы"
#: src/login/org.freedesktop.login1.policy:342 #: src/login/org.freedesktop.login1.policy:342
msgid "Authentication is required to set the reboot \"reason\" in the kernel."
msgstr ""
"Чтобы установить \"причину\" перезагрузки, необходимо пройти аутентификацию."
#: src/login/org.freedesktop.login1.policy:352
msgid "Indicate to the firmware to boot to setup interface"
msgstr ""
"Запустить режим настройки прошивки материнской платы при следующей загрузке"
#: src/login/org.freedesktop.login1.policy:353
msgid "" msgid ""
"Authentication is required to indicate to the firmware to boot to setup " "Authentication is required to indicate to the firmware to boot to setup "
"interface." "interface."
msgstr "" msgstr ""
"Чтобы запустить режим настройки прошивки материнской платы, " "Чтобы разрешить загрузку в режиме настройки прошивки материнской платы, "
"необходимо пройти аутентификацию." "необходимо пройти аутентификацию."
#: src/login/org.freedesktop.login1.policy:363 #: src/login/org.freedesktop.login1.policy:351
msgid "Indicate to the boot loader to boot to the boot loader menu"
msgstr "Отобразить меню загрузчика при следующей загрузке"
#: src/login/org.freedesktop.login1.policy:364
msgid ""
"Authentication is required to indicate to the boot loader to boot to the "
"boot loader menu."
msgstr ""
"Чтобы отобразить меню загрузчика при следующей загрузке, "
"необходимо пройти аутентификацию."
#: src/login/org.freedesktop.login1.policy:374
msgid "Indicate to the boot loader to boot a specific entry"
msgstr "Выбрать определённую загрузочную запись при следующем запуске"
#: src/login/org.freedesktop.login1.policy:375
msgid ""
"Authentication is required to indicate to the boot loader to boot into a "
"specific boot loader entry."
msgstr ""
"Чтобы установить определённую загрузочную запись для загрузки, "
"необходимо пройти аутентификацию."
#: src/login/org.freedesktop.login1.policy:385
msgid "Set a wall message" msgid "Set a wall message"
msgstr "Отправить сообщение на все терминалы" msgstr "Отправить сообщение на все терминалы"
#: src/login/org.freedesktop.login1.policy:386 #: src/login/org.freedesktop.login1.policy:352
msgid "Authentication is required to set a wall message" msgid "Authentication is required to set a wall message"
msgstr "" msgstr ""
"Чтобы отправить сообщение на все терминалы, необходимо пройти аутентификацию." "Чтобы отправить сообщение на все терминалы, необходимо пройти аутентификацию."
#: src/login/org.freedesktop.login1.policy:395
msgid "Change Session"
msgstr "Сменить сессию"
#: src/login/org.freedesktop.login1.policy:396
msgid "Authentication is required to change the virtual terminal."
msgstr "Чтобы сменить виртуальный терминал, необходимо пройти аутентификацию."
#: src/machine/org.freedesktop.machine1.policy:22 #: src/machine/org.freedesktop.machine1.policy:22
msgid "Log into a local container" msgid "Log into a local container"
msgstr "Зайти в локальный контейнер" msgstr "Зайти в локальный контейнер"
@ -712,151 +609,14 @@ msgstr ""
"Для управления образами виртуальных машин и контейнеров, необходимо пройти " "Для управления образами виртуальных машин и контейнеров, необходимо пройти "
"аутентификацию." "аутентификацию."
#: src/network/org.freedesktop.network1.policy:22
msgid "Set NTP servers"
msgstr "Задать NTP-серверы"
#: src/network/org.freedesktop.network1.policy:23
msgid "Authentication is required to set NTP servers."
msgstr "Чтобы задать NTP-серверы, необходимо пройти аутентификацию."
#: src/network/org.freedesktop.network1.policy:33
#: src/resolve/org.freedesktop.resolve1.policy:44
msgid "Set DNS servers"
msgstr "Задать DNS-серверы"
#: src/network/org.freedesktop.network1.policy:34
#: src/resolve/org.freedesktop.resolve1.policy:45
msgid "Authentication is required to set DNS servers."
msgstr "Чтобы задать DNS-серверы, необходимо пройти аутентификацию."
#: src/network/org.freedesktop.network1.policy:44
#: src/resolve/org.freedesktop.resolve1.policy:55
msgid "Set domains"
msgstr "Задать домены"
#: src/network/org.freedesktop.network1.policy:45
#: src/resolve/org.freedesktop.resolve1.policy:56
msgid "Authentication is required to set domains."
msgstr "Чтобы задать домены, необходимо пройти аутентификацию."
#: src/network/org.freedesktop.network1.policy:55
#: src/resolve/org.freedesktop.resolve1.policy:66
msgid "Set default route"
msgstr "Задать маршрут по умолчанию"
#: src/network/org.freedesktop.network1.policy:56
#: src/resolve/org.freedesktop.resolve1.policy:67
msgid "Authentication is required to set default route."
msgstr "Чтобы задать маршрут по умолчанию, необходимо пройти аутентификацию."
#: src/network/org.freedesktop.network1.policy:66
#: src/resolve/org.freedesktop.resolve1.policy:77
msgid "Enable/disable LLMNR"
msgstr "Включить/отключить LLMNR"
#: src/network/org.freedesktop.network1.policy:67
#: src/resolve/org.freedesktop.resolve1.policy:78
msgid "Authentication is required to enable or disable LLMNR."
msgstr "Чтобы включить или отключить LLMNR, необходимо пройти аутентификацию."
#: src/network/org.freedesktop.network1.policy:77
#: src/resolve/org.freedesktop.resolve1.policy:88
msgid "Enable/disable multicast DNS"
msgstr "Включить/отключить multicast DNS"
#: src/network/org.freedesktop.network1.policy:78
#: src/resolve/org.freedesktop.resolve1.policy:89
msgid "Authentication is required to enable or disable multicast DNS."
msgstr ""
"Чтобы включить или отключить multicast DNS, необходимо пройти аутентификацию."
#: src/network/org.freedesktop.network1.policy:88
#: src/resolve/org.freedesktop.resolve1.policy:99
msgid "Enable/disable DNS over TLS"
msgstr "Включить/отключить DNS поверх TLS"
#: src/network/org.freedesktop.network1.policy:89
#: src/resolve/org.freedesktop.resolve1.policy:100
msgid "Authentication is required to enable or disable DNS over TLS."
msgstr ""
"Чтобы включить или отключить DNS поверх TLS, необходимо пройти аутентификацию."
#: src/network/org.freedesktop.network1.policy:99
#: src/resolve/org.freedesktop.resolve1.policy:110
msgid "Enable/disable DNSSEC"
msgstr "Включить/отключить DNSSEC"
#: src/network/org.freedesktop.network1.policy:100
#: src/resolve/org.freedesktop.resolve1.policy:111
msgid "Authentication is required to enable or disable DNSSEC."
msgstr "Чтобы включить или отключить DNSSEC, необходимо пройти аутентификацию."
#: src/network/org.freedesktop.network1.policy:110
#: src/resolve/org.freedesktop.resolve1.policy:121
msgid "Set DNSSEC Negative Trust Anchors"
msgstr "Задать DNSSEC Negative Trust Anchors"
#: src/network/org.freedesktop.network1.policy:111
#: src/resolve/org.freedesktop.resolve1.policy:122
msgid "Authentication is required to set DNSSEC Negative Trust Anchors."
msgstr ""
"Чтобы задать DNSSEC Negative Trust Anchors, необходимо пройти аутентификацию."
#: src/network/org.freedesktop.network1.policy:121
msgid "Revert NTP settings"
msgstr "Восстановить настройки NTP по умолчанию"
#: src/network/org.freedesktop.network1.policy:122
msgid "Authentication is required to reset NTP settings."
msgstr ""
"Чтобы сбросить локальные настройки NTP, необходимо пройти аутентификацию."
#: src/network/org.freedesktop.network1.policy:132
msgid "Revert DNS settings"
msgstr "Восстановить настройки DNS по умолчанию"
#: src/network/org.freedesktop.network1.policy:133
msgid "Authentication is required to reset DNS settings."
msgstr ""
"Чтобы сбросить локальные настройки DNS, необходимо пройти аутентификацию."
#: src/network/org.freedesktop.network1.policy:143
msgid "Renew dynamic addresses"
msgstr "Обновить динамические адреса"
#: src/network/org.freedesktop.network1.policy:144
msgid "Authentication is required to renew dynamic addresses."
msgstr "Чтобы обновить динамические адреса, необходимо пройти аутентификацию."
#: src/network/org.freedesktop.network1.policy:154
msgid "Reload network settings"
msgstr "Перечитать настройки сети"
#: src/network/org.freedesktop.network1.policy:155
msgid "Authentication is required to reload network settings."
msgstr ""
"Чтобы заставить systemd перечитать настройки сети, необходимо пройти "
"аутентификацию."
#: src/network/org.freedesktop.network1.policy:165
msgid "Reconfigure network interface"
msgstr "Изменить конфигурацию сетевого интерфейса"
#: src/network/org.freedesktop.network1.policy:166
msgid "Authentication is required to reconfigure network interface."
msgstr ""
"Чтобы изменить конфигурацию сетевого интерфейса, необходимо пройти"
" аутентификацию."
#: src/portable/org.freedesktop.portable1.policy:13 #: src/portable/org.freedesktop.portable1.policy:13
msgid "Inspect a portable service image" msgid "Inspect a portable service image"
msgstr "Прочитать образ переносимой службы" msgstr "Прочитать образ переносимой службы"
#: src/portable/org.freedesktop.portable1.policy:14 #: src/portable/org.freedesktop.portable1.policy:14
msgid "Authentication is required to inspect a portable service image." msgid "Authentication is required to inspect a portable service image."
msgstr "" msgstr "Чтобы прочитать образ переносимой службы, необходимо пройти "
"Чтобы прочитать образ переносимой службы, необходимо пройти аутентификацию." "аутентификацию."
#: src/portable/org.freedesktop.portable1.policy:23 #: src/portable/org.freedesktop.portable1.policy:23
msgid "Attach or detach a portable service image" msgid "Attach or detach a portable service image"
@ -865,9 +625,8 @@ msgstr "Подключить или отключить образ перенос
#: src/portable/org.freedesktop.portable1.policy:24 #: src/portable/org.freedesktop.portable1.policy:24
msgid "" msgid ""
"Authentication is required to attach or detach a portable service image." "Authentication is required to attach or detach a portable service image."
msgstr "" msgstr "Чтобы подключить или отключить образ переносимой службы, необходимо "
"Чтобы подключить или отключить образ переносимой службы, необходимо пройти " "пройти аутентификацию."
"аутентификацию."
#: src/portable/org.freedesktop.portable1.policy:34 #: src/portable/org.freedesktop.portable1.policy:34
msgid "Delete or modify portable service image" msgid "Delete or modify portable service image"
@ -886,8 +645,8 @@ msgstr "Зарегистрировать службу в DNS-SD"
#: src/resolve/org.freedesktop.resolve1.policy:23 #: src/resolve/org.freedesktop.resolve1.policy:23
msgid "Authentication is required to register a DNS-SD service" msgid "Authentication is required to register a DNS-SD service"
msgstr "" msgstr "Чтобы зарегистрировать службу в DNS-SD, необходимо пройти "
"Чтобы зарегистрировать службу в DNS-SD, необходимо пройти аутентификацию." "аутентификацию."
#: src/resolve/org.freedesktop.resolve1.policy:33 #: src/resolve/org.freedesktop.resolve1.policy:33
msgid "Unregister a DNS-SD service" msgid "Unregister a DNS-SD service"
@ -897,15 +656,6 @@ msgstr "Удалить службу из DNS-SD"
msgid "Authentication is required to unregister a DNS-SD service" msgid "Authentication is required to unregister a DNS-SD service"
msgstr "Чтобы удалить службу из DNS-SD, необходимо пройти аутентификацию." msgstr "Чтобы удалить службу из DNS-SD, необходимо пройти аутентификацию."
#: src/resolve/org.freedesktop.resolve1.policy:132
msgid "Revert name resolution settings"
msgstr "Вернуть настройки разрешения имён по умолчанию"
#: src/resolve/org.freedesktop.resolve1.policy:133
msgid "Authentication is required to reset name resolution settings."
msgstr ""
"Чтобы сбросить настройки разрешения имён, необходимо пройти аутентификацию."
#: src/timedate/org.freedesktop.timedate1.policy:22 #: src/timedate/org.freedesktop.timedate1.policy:22
msgid "Set system time" msgid "Set system time"
msgstr "Настроить системное время" msgstr "Настроить системное время"
@ -946,47 +696,49 @@ msgstr ""
"Чтобы включить или выключить синхронизацию времени по сети, необходимо " "Чтобы включить или выключить синхронизацию времени по сети, необходимо "
"пройти аутентификацию." "пройти аутентификацию."
#: src/core/dbus-unit.c:356 #: src/core/dbus-unit.c:326
msgid "Authentication is required to start '$(unit)'." msgid "Authentication is required to start '$(unit)'."
msgstr "Чтобы запустить «$(unit)», необходимо пройти аутентификацию." msgstr "Чтобы запустить «$(unit)», необходимо пройти аутентификацию."
#: src/core/dbus-unit.c:357 #: src/core/dbus-unit.c:327
msgid "Authentication is required to stop '$(unit)'." msgid "Authentication is required to stop '$(unit)'."
msgstr "Чтобы остановить «$(unit)», необходимо пройти аутентификацию." msgstr "Чтобы остановить «$(unit)», необходимо пройти аутентификацию."
#: src/core/dbus-unit.c:358 #: src/core/dbus-unit.c:328
msgid "Authentication is required to reload '$(unit)'." msgid "Authentication is required to reload '$(unit)'."
msgstr "" msgstr ""
"Чтобы заставить «$(unit)» перечитать конфигурацию, необходимо пройти " "Чтобы заставить «$(unit)» перечитать конфигурацию, необходимо пройти "
"аутентификацию." "аутентификацию."
#: src/core/dbus-unit.c:359 src/core/dbus-unit.c:360 #: src/core/dbus-unit.c:329 src/core/dbus-unit.c:330
msgid "Authentication is required to restart '$(unit)'." msgid "Authentication is required to restart '$(unit)'."
msgstr "Чтобы перезапустить «$(unit)», необходимо пройти аутентификацию." msgstr "Чтобы перезапустить «$(unit)», необходимо пройти аутентификацию."
#: src/core/dbus-unit.c:532 #: src/core/dbus-unit.c:437
msgid "" msgid "Authentication is required to kill '$(unit)'."
"Authentication is required to send a UNIX signal to the processes of " msgstr "Чтобы убить юнит «$(unit)», необходимо пройти аутентификацию."
"'$(unit)'."
msgstr ""
"Чтобы отправить сигнал UNIX процессам юнита «$(unit)», необходимо пройти"
" аутентификацию."
#: src/core/dbus-unit.c:563 #: src/core/dbus-unit.c:468
msgid "Authentication is required to reset the \"failed\" state of '$(unit)'." msgid "Authentication is required to reset the \"failed\" state of '$(unit)'."
msgstr "" msgstr ""
"Чтобы сбросить состояние «failed» у юнита «$(unit)», необходимо пройти " "Чтобы сбросить состояние «failed» у юнита «$(unit)», необходимо пройти "
"аутентификацию." "аутентификацию."
#: src/core/dbus-unit.c:596 #: src/core/dbus-unit.c:501
msgid "Authentication is required to set properties on '$(unit)'." msgid "Authentication is required to set properties on '$(unit)'."
msgstr "" msgstr "Чтобы изменить параметры юнита «$(unit)», необходимо пройти "
"Чтобы изменить параметры юнита «$(unit)», необходимо пройти аутентификацию." "аутентификацию."
#: src/core/dbus-unit.c:705 #~ msgid "Press Ctrl+C to cancel all filesystem checks in progress"
msgid "" #~ msgstr ""
"Authentication is required to delete files and directories associated with " #~ "Чтобы прервать все запущенные проверки файловых систем, нажмите Ctrl+C"
"'$(unit)'."
msgstr "" # There is no difference between "на 2 дисках" (plural==1) and "на 5 дисках" (plural==2)
"Чтобы удалить файлы и директории, относящиеся к юниту «$(unit)», необходимо" #~ msgid "Checking in progress on %d disk (%3.1f%% complete)"
" пройти аутентификацию." #~ msgid_plural "Checking in progress on %d disks (%3.1f%% complete)"
#~ msgstr[0] ""
#~ "Проверяется целостность файловой системы на %d диске (выполнено %3.1f%%)"
#~ msgstr[1] ""
#~ "Проверяется целостность файловых систем на %d дисках (выполнено %3.1f%%)"
#~ msgstr[2] ""
#~ "Проверяется целостность файловых систем на %d дисках (выполнено %3.1f%%)"

View File

@ -272,52 +272,6 @@ int fchmod_and_chown(int fd, mode_t mode, uid_t uid, gid_t gid) {
return do_chown || do_chmod; return do_chown || do_chmod;
} }
int chmod_and_chown_unsafe(const char *path, mode_t mode, uid_t uid, gid_t gid) {
bool do_chown, do_chmod;
struct stat st;
assert(path);
/* Change ownership and access mode of the specified path, see description of fchmod_and_chown().
* Should only be used on trusted paths. */
if (lstat(path, &st) < 0)
return -errno;
do_chown =
(uid != UID_INVALID && st.st_uid != uid) ||
(gid != GID_INVALID && st.st_gid != gid);
do_chmod =
!S_ISLNK(st.st_mode) && /* chmod is not defined on symlinks */
((mode != MODE_INVALID && ((st.st_mode ^ mode) & 07777) != 0) ||
do_chown); /* If we change ownership, make sure we reset the mode afterwards, since chown()
* modifies the access mode too */
if (mode == MODE_INVALID)
mode = st.st_mode; /* If we only shall do a chown(), save original mode, since chown() might break it. */
else if ((mode & S_IFMT) != 0 && ((mode ^ st.st_mode) & S_IFMT) != 0)
return -EINVAL; /* insist on the right file type if it was specified */
if (do_chown && do_chmod) {
mode_t minimal = st.st_mode & mode; /* the subset of the old and the new mask */
if (((minimal ^ st.st_mode) & 07777) != 0)
if (chmod(path, minimal & 07777) < 0)
return -errno;
}
if (do_chown)
if (lchown(path, uid, gid) < 0)
return -errno;
if (do_chmod)
if (chmod(path, mode & 07777) < 0)
return -errno;
return do_chown || do_chmod;
}
int fchmod_umask(int fd, mode_t m) { int fchmod_umask(int fd, mode_t m) {
mode_t u; mode_t u;
int r; int r;

View File

@ -34,7 +34,6 @@ int readlink_and_make_absolute(const char *p, char **r);
int chmod_and_chown(const char *path, mode_t mode, uid_t uid, gid_t gid); int chmod_and_chown(const char *path, mode_t mode, uid_t uid, gid_t gid);
int fchmod_and_chown(int fd, mode_t mode, uid_t uid, gid_t gid); int fchmod_and_chown(int fd, mode_t mode, uid_t uid, gid_t gid);
int chmod_and_chown_unsafe(const char *path, mode_t mode, uid_t uid, gid_t gid);
int fchmod_umask(int fd, mode_t mode); int fchmod_umask(int fd, mode_t mode);
int fchmod_opath(int fd, mode_t m); int fchmod_opath(int fd, mode_t m);

View File

@ -233,9 +233,6 @@ int mac_selinux_get_create_label_from_exe(const char *exe, char **label) {
return -errno; return -errno;
sclass = string_to_security_class("process"); sclass = string_to_security_class("process");
if (sclass == 0)
return -ENOSYS;
r = security_compute_create_raw(mycon, fcon, sclass, label); r = security_compute_create_raw(mycon, fcon, sclass, label);
if (r < 0) if (r < 0)
return -errno; return -errno;
@ -315,9 +312,6 @@ int mac_selinux_get_child_mls_label(int socket_fd, const char *exe, const char *
return -ENOMEM; return -ENOMEM;
sclass = string_to_security_class("process"); sclass = string_to_security_class("process");
if (sclass == 0)
return -ENOSYS;
r = security_compute_create_raw(mycon, fcon, sclass, label); r = security_compute_create_raw(mycon, fcon, sclass, label);
if (r < 0) if (r < 0)
return -errno; return -errno;

View File

@ -127,8 +127,7 @@ int bus_property_get_triggered_unit(sd_bus *bus, const char *path, const char *i
if (!UNIT_WRITE_FLAGS_NOOP(flags)) { \ if (!UNIT_WRITE_FLAGS_NOOP(flags)) { \
*p = (cast_type) v; \ *p = (cast_type) v; \
unit_write_settingf(u, flags, name, \ unit_write_settingf(u, flags, name, \
"%s=%s", \ "%s=%s", name, s); \
name, strempty(s)); \
} \ } \
\ \
return 1; \ return 1; \

View File

@ -4881,7 +4881,7 @@ void exec_context_dump(const ExecContext *c, FILE* f, const char *prefix) {
r = namespace_flags_to_string(c->restrict_namespaces, &s); r = namespace_flags_to_string(c->restrict_namespaces, &s);
if (r >= 0) if (r >= 0)
fprintf(f, "%sRestrictNamespaces: %s\n", fprintf(f, "%sRestrictNamespaces: %s\n",
prefix, strna(s)); prefix, s);
} }
if (c->network_namespace_path) if (c->network_namespace_path)

View File

@ -9,7 +9,6 @@
#include "bus-error.h" #include "bus-error.h"
#include "bus-unit-util.h" #include "bus-unit-util.h"
#include "bus-util.h" #include "bus-util.h"
#include "bus-wait-for-jobs.h"
#include "def.h" #include "def.h"
#include "dirent-util.h" #include "dirent-util.h"
#include "env-file.h" #include "env-file.h"
@ -43,7 +42,6 @@ static BusTransport arg_transport = BUS_TRANSPORT_LOCAL;
static const char *arg_host = NULL; static const char *arg_host = NULL;
static bool arg_enable = false; static bool arg_enable = false;
static bool arg_now = false; static bool arg_now = false;
static bool arg_no_block = false;
static int determine_image(const char *image, bool permit_non_existing, char **ret) { static int determine_image(const char *image, bool permit_non_existing, char **ret) {
int r; int r;
@ -447,7 +445,7 @@ static int maybe_enable_disable(sd_bus *bus, const char *path, bool enable) {
return 0; return 0;
} }
static int maybe_start_stop(sd_bus *bus, const char *path, bool start, BusWaitForJobs *wait) { static int maybe_start_stop(sd_bus *bus, const char *path, bool start) {
_cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL; _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL; _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
char *name = (char *)basename(path), *job = NULL; char *name = (char *)basename(path), *job = NULL;
@ -478,29 +476,15 @@ static int maybe_start_stop(sd_bus *bus, const char *path, bool start, BusWaitFo
if (!arg_quiet) if (!arg_quiet)
log_info("Queued %s to %s portable service %s.", job, start ? "start" : "stop", name); log_info("Queued %s to %s portable service %s.", job, start ? "start" : "stop", name);
if (wait) {
r = bus_wait_for_jobs_add(wait, job);
if (r < 0)
return log_error_errno(r, "Failed to watch %s job for %s %s: %m",
job, start ? "starting" : "stopping", name);
}
return 0; return 0;
} }
static int maybe_enable_start(sd_bus *bus, sd_bus_message *reply) { static int maybe_enable_start(sd_bus *bus, sd_bus_message *reply) {
_cleanup_(bus_wait_for_jobs_freep) BusWaitForJobs *wait = NULL;
int r; int r;
if (!arg_enable && !arg_now) if (!arg_enable && !arg_now)
return 0; return 0;
if (!arg_no_block) {
r = bus_wait_for_jobs_new(bus, &wait);
if (r < 0)
return log_error_errno(r, "Could not watch jobs: %m");
}
r = sd_bus_message_rewind(reply, true); r = sd_bus_message_rewind(reply, true);
if (r < 0) if (r < 0)
return r; return r;
@ -519,7 +503,7 @@ static int maybe_enable_start(sd_bus *bus, sd_bus_message *reply) {
if (STR_IN_SET(type, "symlink", "copy") && ENDSWITH_SET(path, ".service", ".target", ".socket")) { if (STR_IN_SET(type, "symlink", "copy") && ENDSWITH_SET(path, ".service", ".target", ".socket")) {
(void) maybe_enable_disable(bus, path, true); (void) maybe_enable_disable(bus, path, true);
(void) maybe_start_stop(bus, path, true, wait); (void) maybe_start_stop(bus, path, true);
} }
} }
@ -527,17 +511,10 @@ static int maybe_enable_start(sd_bus *bus, sd_bus_message *reply) {
if (r < 0) if (r < 0)
return r; return r;
if (!arg_no_block) {
r = bus_wait_for_jobs(wait, arg_quiet, NULL);
if (r < 0)
return r;
}
return 0; return 0;
} }
static int maybe_stop_disable(sd_bus *bus, char *image, char *argv[]) { static int maybe_stop_disable(sd_bus *bus, char *image, char *argv[]) {
_cleanup_(bus_wait_for_jobs_freep) BusWaitForJobs *wait = NULL;
_cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL, *reply = NULL; _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL, *reply = NULL;
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL; _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
_cleanup_strv_free_ char **matches = NULL; _cleanup_strv_free_ char **matches = NULL;
@ -550,10 +527,6 @@ static int maybe_stop_disable(sd_bus *bus, char *image, char *argv[]) {
if (r < 0) if (r < 0)
return r; return r;
r = bus_wait_for_jobs_new(bus, &wait);
if (r < 0)
return log_error_errno(r, "Could not watch jobs: %m");
r = sd_bus_message_new_method_call( r = sd_bus_message_new_method_call(
bus, bus,
&m, &m,
@ -605,7 +578,7 @@ static int maybe_stop_disable(sd_bus *bus, char *image, char *argv[]) {
if (r < 0) if (r < 0)
return bus_log_parse_error(r); return bus_log_parse_error(r);
(void) maybe_start_stop(bus, name, false, wait); (void) maybe_start_stop(bus, name, false);
(void) maybe_enable_disable(bus, name, false); (void) maybe_enable_disable(bus, name, false);
} }
@ -613,11 +586,6 @@ static int maybe_stop_disable(sd_bus *bus, char *image, char *argv[]) {
if (r < 0) if (r < 0)
return bus_log_parse_error(r); return bus_log_parse_error(r);
/* Stopping must always block or the detach will fail if the unit is still running */
r = bus_wait_for_jobs(wait, arg_quiet, NULL);
if (r < 0)
return r;
return 0; return 0;
} }
@ -1029,7 +997,6 @@ static int help(int argc, char *argv[], void *userdata) {
" after attach/detach\n" " after attach/detach\n"
" --now Immediately start/stop the portable service after\n" " --now Immediately start/stop the portable service after\n"
" attach/before detach\n" " attach/before detach\n"
" --no-block Don't block waiting for attach --now to complete\n"
"\nSee the %s for details.\n" "\nSee the %s for details.\n"
, program_invocation_short_name , program_invocation_short_name
, ansi_highlight() , ansi_highlight()
@ -1053,7 +1020,6 @@ static int parse_argv(int argc, char *argv[]) {
ARG_CAT, ARG_CAT,
ARG_ENABLE, ARG_ENABLE,
ARG_NOW, ARG_NOW,
ARG_NO_BLOCK,
}; };
static const struct option options[] = { static const struct option options[] = {
@ -1072,7 +1038,6 @@ static int parse_argv(int argc, char *argv[]) {
{ "cat", no_argument, NULL, ARG_CAT }, { "cat", no_argument, NULL, ARG_CAT },
{ "enable", no_argument, NULL, ARG_ENABLE }, { "enable", no_argument, NULL, ARG_ENABLE },
{ "now", no_argument, NULL, ARG_NOW }, { "now", no_argument, NULL, ARG_NOW },
{ "no-block", no_argument, NULL, ARG_NO_BLOCK },
{} {}
}; };
@ -1167,10 +1132,6 @@ static int parse_argv(int argc, char *argv[]) {
arg_now = true; arg_now = true;
break; break;
case ARG_NO_BLOCK:
arg_no_block = true;
break;
case '?': case '?':
return -EINVAL; return -EINVAL;

View File

@ -406,7 +406,7 @@ static int bus_print_property(const char *name, const char *expected_value, sd_b
if (r < 0) if (r < 0)
return r; return r;
result = strempty(s); result = s;
} }
bus_print_property_value(name, expected_value, value, result); bus_print_property_value(name, expected_value, value, result);

View File

@ -65,6 +65,12 @@ int namespace_flags_to_string(unsigned long flags, char **ret) {
return -ENOMEM; return -ENOMEM;
} }
if (!s) {
s = strdup("");
if (!s)
return -ENOMEM;
}
*ret = TAKE_PTR(s); *ret = TAKE_PTR(s);
return 0; return 0;

View File

@ -94,12 +94,6 @@ STATIC_DESTRUCTOR_REGISTER(database_groups, set_free_freep);
STATIC_DESTRUCTOR_REGISTER(uid_range, freep); STATIC_DESTRUCTOR_REGISTER(uid_range, freep);
STATIC_DESTRUCTOR_REGISTER(arg_root, freep); STATIC_DESTRUCTOR_REGISTER(arg_root, freep);
static int errno_is_not_exists(int code) {
/* See getpwnam(3) and getgrnam(3): those codes and others can be returned if the user or group are
* not found. */
return IN_SET(code, 0, ENOENT, ESRCH, EBADF, EPERM);
}
static int load_user_database(void) { static int load_user_database(void) {
_cleanup_fclose_ FILE *f = NULL; _cleanup_fclose_ FILE *f = NULL;
const char *passwd_path; const char *passwd_path;
@ -199,7 +193,7 @@ static int load_group_database(void) {
static int make_backup(const char *target, const char *x) { static int make_backup(const char *target, const char *x) {
_cleanup_close_ int src = -1; _cleanup_close_ int src = -1;
_cleanup_fclose_ FILE *dst = NULL; _cleanup_fclose_ FILE *dst = NULL;
_cleanup_free_ char *dst_tmp = NULL; _cleanup_free_ char *temp = NULL;
char *backup; char *backup;
struct timespec ts[2]; struct timespec ts[2];
struct stat st; struct stat st;
@ -216,7 +210,7 @@ static int make_backup(const char *target, const char *x) {
if (fstat(src, &st) < 0) if (fstat(src, &st) < 0)
return -errno; return -errno;
r = fopen_temporary_label(target, x, &dst, &dst_tmp); r = fopen_temporary_label(target, x, &dst, &temp);
if (r < 0) if (r < 0)
return r; return r;
@ -230,7 +224,7 @@ static int make_backup(const char *target, const char *x) {
backup = strjoina(x, "-"); backup = strjoina(x, "-");
/* Copy over the access mask */ /* Copy over the access mask */
r = chmod_and_chown_unsafe(dst_tmp, st.st_mode & 07777, st.st_uid, st.st_gid); r = fchmod_and_chown(fileno(dst), st.st_mode & 07777, st.st_uid, st.st_gid);
if (r < 0) if (r < 0)
log_warning_errno(r, "Failed to change access mode or ownership of %s: %m", backup); log_warning_errno(r, "Failed to change access mode or ownership of %s: %m", backup);
@ -243,7 +237,7 @@ static int make_backup(const char *target, const char *x) {
if (r < 0) if (r < 0)
goto fail; goto fail;
if (rename(dst_tmp, backup) < 0) { if (rename(temp, backup) < 0) {
r = -errno; r = -errno;
goto fail; goto fail;
} }
@ -251,7 +245,7 @@ static int make_backup(const char *target, const char *x) {
return 0; return 0;
fail: fail:
(void) unlink(dst_tmp); (void) unlink(temp);
return r; return r;
} }
@ -345,13 +339,13 @@ static int putsgent_with_members(const struct sgrp *sg, FILE *gshadow) {
} }
#endif #endif
static int sync_rights(FILE *from, const char *to) { static int sync_rights(FILE *from, FILE *to) {
struct stat st; struct stat st;
if (fstat(fileno(from), &st) < 0) if (fstat(fileno(from), &st) < 0)
return -errno; return -errno;
return chmod_and_chown_unsafe(to, st.st_mode & 07777, st.st_uid, st.st_gid); return fchmod_and_chown(fileno(to), st.st_mode & 07777, st.st_uid, st.st_gid);
} }
static int rename_and_apply_smack(const char *temp_path, const char *dest_path) { static int rename_and_apply_smack(const char *temp_path, const char *dest_path) {
@ -389,7 +383,7 @@ static int write_temporary_passwd(const char *passwd_path, FILE **tmpfile, char
original = fopen(passwd_path, "re"); original = fopen(passwd_path, "re");
if (original) { if (original) {
r = sync_rights(original, passwd_tmp); r = sync_rights(original, passwd);
if (r < 0) if (r < 0)
return r; return r;
@ -491,7 +485,7 @@ static int write_temporary_shadow(const char *shadow_path, FILE **tmpfile, char
original = fopen(shadow_path, "re"); original = fopen(shadow_path, "re");
if (original) { if (original) {
r = sync_rights(original, shadow_tmp); r = sync_rights(original, shadow);
if (r < 0) if (r < 0)
return r; return r;
@ -588,7 +582,7 @@ static int write_temporary_group(const char *group_path, FILE **tmpfile, char **
original = fopen(group_path, "re"); original = fopen(group_path, "re");
if (original) { if (original) {
r = sync_rights(original, group_tmp); r = sync_rights(original, group);
if (r < 0) if (r < 0)
return r; return r;
@ -687,7 +681,7 @@ static int write_temporary_gshadow(const char * gshadow_path, FILE **tmpfile, ch
if (original) { if (original) {
struct sgrp *sg; struct sgrp *sg;
r = sync_rights(original, gshadow_tmp); r = sync_rights(original, gshadow);
if (r < 0) if (r < 0)
return r; return r;
@ -977,7 +971,7 @@ static int add_user(Item *i) {
return 0; return 0;
} }
if (!errno_is_not_exists(errno)) if (!IN_SET(errno, 0, ENOENT))
return log_error_errno(errno, "Failed to check if user %s already exists: %m", i->name); return log_error_errno(errno, "Failed to check if user %s already exists: %m", i->name);
} }
@ -1114,7 +1108,7 @@ static int get_gid_by_name(const char *name, gid_t *gid) {
*gid = g->gr_gid; *gid = g->gr_gid;
return 0; return 0;
} }
if (!errno_is_not_exists(errno)) if (!IN_SET(errno, 0, ENOENT))
return log_error_errno(errno, "Failed to check if group %s already exists: %m", name); return log_error_errno(errno, "Failed to check if group %s already exists: %m", name);
} }

View File

@ -802,50 +802,6 @@ static void test_chmod_and_chown(void) {
assert_se(S_ISLNK(st.st_mode)); assert_se(S_ISLNK(st.st_mode));
} }
static void test_chmod_and_chown_unsafe(void) {
_cleanup_(rm_rf_physical_and_freep) char *d = NULL;
_unused_ _cleanup_umask_ mode_t u = umask(0000);
struct stat st;
const char *p;
if (geteuid() != 0)
return;
log_info("/* %s */", __func__);
assert_se(mkdtemp_malloc(NULL, &d) >= 0);
p = strjoina(d, "/reg");
assert_se(mknod(p, S_IFREG | 0123, 0) >= 0);
assert_se(chmod_and_chown_unsafe(p, S_IFREG | 0321, 1, 2) >= 0);
assert_se(chmod_and_chown_unsafe(p, S_IFDIR | 0555, 3, 4) == -EINVAL);
assert_se(lstat(p, &st) >= 0);
assert_se(S_ISREG(st.st_mode));
assert_se((st.st_mode & 07777) == 0321);
p = strjoina(d, "/dir");
assert_se(mkdir(p, 0123) >= 0);
assert_se(chmod_and_chown_unsafe(p, S_IFDIR | 0321, 1, 2) >= 0);
assert_se(chmod_and_chown_unsafe(p, S_IFREG | 0555, 3, 4) == -EINVAL);
assert_se(lstat(p, &st) >= 0);
assert_se(S_ISDIR(st.st_mode));
assert_se((st.st_mode & 07777) == 0321);
p = strjoina(d, "/lnk");
assert_se(symlink("idontexist", p) >= 0);
assert_se(chmod_and_chown_unsafe(p, S_IFLNK | 0321, 1, 2) >= 0);
assert_se(chmod_and_chown_unsafe(p, S_IFREG | 0555, 3, 4) == -EINVAL);
assert_se(chmod_and_chown_unsafe(p, S_IFDIR | 0555, 3, 4) == -EINVAL);
assert_se(lstat(p, &st) >= 0);
assert_se(S_ISLNK(st.st_mode));
}
int main(int argc, char *argv[]) { int main(int argc, char *argv[]) {
test_setup_logging(LOG_INFO); test_setup_logging(LOG_INFO);
@ -863,7 +819,6 @@ int main(int argc, char *argv[]) {
test_fsync_directory_of_file(); test_fsync_directory_of_file();
test_rename_noreplace(); test_rename_noreplace();
test_chmod_and_chown(); test_chmod_and_chown();
test_chmod_and_chown_unsafe();
return 0; return 0;
} }

View File

@ -190,7 +190,7 @@ static void test_restrict_namespace(void) {
log_info("/* %s */", __func__); log_info("/* %s */", __func__);
assert_se(namespace_flags_to_string(0, &s) == 0 && isempty(s)); assert_se(namespace_flags_to_string(0, &s) == 0 && streq(s, ""));
s = mfree(s); s = mfree(s);
assert_se(namespace_flags_to_string(CLONE_NEWNS, &s) == 0 && streq(s, "mnt")); assert_se(namespace_flags_to_string(CLONE_NEWNS, &s) == 0 && streq(s, "mnt"));
s = mfree(s); s = mfree(s);

View File

@ -10,6 +10,7 @@ Release=29
[Output] [Output]
Format=raw_btrfs Format=raw_btrfs
Bootable=yes Bootable=yes
KernelCommandLine=printk.devkmsg=on
OutputDirectory=../mkosi.output OutputDirectory=../mkosi.output
Output=networkd-test.raw Output=networkd-test.raw

View File

@ -212,6 +212,7 @@ loglevel=2 \
init=$PATH_TO_INIT \ init=$PATH_TO_INIT \
console=$CONSOLE \ console=$CONSOLE \
selinux=0 \ selinux=0 \
printk.devkmsg=on \
$_cgroup_args \ $_cgroup_args \
$KERNEL_APPEND \ $KERNEL_APPEND \
" "