core/manager: honor show_status_overridden in manager_watch_jobs_next_time()

Prompted by #39029
run: include sys/stat.h again
2025-09-22 05:14:44 +02:00 · 2025-09-20 00:01:54 +02:00 · 2025-09-19 22:56:49 +02:00 · 2025-09-20 05:14:25 +09:00 · 2025-09-20 04:28:00 +09:00 · 2025-09-19 20:30:11 +02:00
12 changed files with 186 additions and 172 deletions
--- a/src/bootctl/bootctl-install.c
+++ b/src/bootctl/bootctl-install.c
@ -102,7 +102,7 @@ static int load_kernel_install_layout(void) {
        int r;

        r = load_kernel_install_conf(arg_root,
-                                     getenv("KERNEL_INSTALL_CONF_ROOT"),
+                                     secure_getenv("KERNEL_INSTALL_CONF_ROOT"),
                                     /* ret_machine_id= */ NULL,
                                     /* ret_boot_root= */ NULL,
                                     &layout,
@ -210,12 +210,11 @@ static int version_check(int fd_from, const char *from, int fd_to, const char *t

        r = get_file_version(fd_to, &b);
        if (r == -ESRCH)
-                return log_notice_errno(r, "Skipping \"%s\", it's owned by another boot loader (no version info found).",
-                                        to);
+                return log_info_errno(r, "Skipping \"%s\", it's owned by another boot loader (no version info found).", to);
        if (r < 0)
                return r;
        if (compare_product(a, b) != 0)
-                return log_notice_errno(SYNTHETIC_ERRNO(ESRCH),
+                return log_info_errno(SYNTHETIC_ERRNO(ESRCH),
                                      "Skipping \"%s\", it's owned by another boot loader.", to);

        r = compare_version(a, b);
@ -335,7 +334,11 @@ static int create_subdirs(const char *root, const char * const *subdirs) {
        return 0;
 }

-static int update_efi_boot_binaries(const char *esp_path, const char *source_path) {
+static int update_efi_boot_binaries(
+                const char *esp_path,
+                const char *source_path,
+                const char *ignore_filename) {
+
        _cleanup_closedir_ DIR *d = NULL;
        _cleanup_free_ char *p = NULL;
        int r, ret = 0;
@ -355,6 +358,9 @@ static int update_efi_boot_binaries(const char *esp_path, const char *source_pat
                if (!endswith_no_case(de->d_name, ".efi"))
                        continue;

+                if (strcaseeq_ptr(ignore_filename, de->d_name))
+                        continue;
+
                fd = xopenat_full(dirfd(d), de->d_name, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY|O_NOFOLLOW, XO_REGULAR, /* mode= */ 0);
                if (fd < 0)
                        return log_error_errno(fd, "Failed to open \"%s/%s\" for reading: %m", p, de->d_name);
@ -381,7 +387,7 @@ static int update_efi_boot_binaries(const char *esp_path, const char *source_pat
 }

 static int copy_one_file(const char *esp_path, const char *name, bool force) {
-        char *root = IN_SET(arg_install_source, ARG_INSTALL_SOURCE_AUTO, ARG_INSTALL_SOURCE_IMAGE) ? arg_root : NULL;
+        char *root = IN_SET(arg_install_source, INSTALL_SOURCE_AUTO, INSTALL_SOURCE_IMAGE) ? arg_root : NULL;
        _cleanup_free_ char *source_path = NULL, *dest_path = NULL, *p = NULL, *q = NULL;
        const char *e;
        char *dest_name, *s;
@ -398,7 +404,7 @@ static int copy_one_file(const char *esp_path, const char *name, bool force) {

        r = chase(p, root, CHASE_PREFIX_ROOT|CHASE_PROHIBIT_SYMLINKS|CHASE_TRIGGER_AUTOFS, &source_path, NULL);
        /* If we had a root directory to try, we didn't find it and we are in auto mode, retry on the host */
-        if (r == -ENOENT && root && arg_install_source == ARG_INSTALL_SOURCE_AUTO)
+        if (r == -ENOENT && root && arg_install_source == INSTALL_SOURCE_AUTO)
                r = chase(p, NULL, CHASE_PREFIX_ROOT|CHASE_PROHIBIT_SYMLINKS|CHASE_TRIGGER_AUTOFS, &source_path, NULL);
        if (r < 0)
                return log_error_errno(r,
@ -426,7 +432,7 @@ static int copy_one_file(const char *esp_path, const char *name, bool force) {

                /* Create the EFI default boot loader name (specified for removable devices) */
                v = strjoina("/EFI/BOOT/BOOT", e);
-                ascii_strupper(strrchr(v, '/') + 1);
+                const char *boot_dot_efi = ascii_strupper(strrchr(v, '/') + 1);

                r = chase(v, esp_path, CHASE_PREFIX_ROOT|CHASE_PROHIBIT_SYMLINKS|CHASE_NONEXISTENT|CHASE_TRIGGER_AUTOFS, &default_dest_path, NULL);
                if (r < 0)
@ -434,24 +440,24 @@ static int copy_one_file(const char *esp_path, const char *name, bool force) {

                RET_GATHER(ret, copy_file_with_version_check(source_path, default_dest_path, force));

-                /* If we were installed under any other name in /EFI/BOOT, make sure we update those binaries
+                /* If we were installed under any other name in /EFI/BOOT/, make sure we update those binaries
                 * as well. */
                if (!force)
-                        RET_GATHER(ret, update_efi_boot_binaries(esp_path, source_path));
+                        RET_GATHER(ret, update_efi_boot_binaries(esp_path, source_path, boot_dot_efi));
        }

        return ret;
 }

 static int install_binaries(const char *esp_path, const char *arch, bool force) {
-        char *root = IN_SET(arg_install_source, ARG_INSTALL_SOURCE_AUTO, ARG_INSTALL_SOURCE_IMAGE) ? arg_root : NULL;
+        char *root = IN_SET(arg_install_source, INSTALL_SOURCE_AUTO, INSTALL_SOURCE_IMAGE) ? arg_root : NULL;
        _cleanup_closedir_ DIR *d = NULL;
        _cleanup_free_ char *path = NULL;
        int r;

        r = chase_and_opendir(BOOTLIBDIR, root, CHASE_PREFIX_ROOT|CHASE_PROHIBIT_SYMLINKS|CHASE_TRIGGER_AUTOFS, &path, &d);
        /* If we had a root directory to try, we didn't find it and we are in auto mode, retry on the host */
-        if (r == -ENOENT && root && arg_install_source == ARG_INSTALL_SOURCE_AUTO)
+        if (r == -ENOENT && root && arg_install_source == INSTALL_SOURCE_AUTO)
                r = chase_and_opendir(BOOTLIBDIR, NULL, CHASE_PREFIX_ROOT|CHASE_PROHIBIT_SYMLINKS|CHASE_TRIGGER_AUTOFS, &path, &d);
        if (r == -ENOENT && arg_graceful() != ARG_GRACEFUL_NO) {
                log_debug("Source directory does not exist, ignoring.");
@ -578,7 +584,7 @@ static int install_entry_token(void) {
        if (!arg_make_entry_directory && arg_entry_token_type == BOOT_ENTRY_TOKEN_MACHINE_ID)
                return 0;

-        p = path_join(arg_root, getenv("KERNEL_INSTALL_CONF_ROOT") ?: "/etc/kernel/", "entry-token");
+        p = path_join(arg_root, secure_getenv("KERNEL_INSTALL_CONF_ROOT") ?: "/etc/kernel/", "entry-token");
        if (!p)
                return log_oom();

@ -900,10 +906,17 @@ static int install_variables(
                return graceful ? 0 : r;
        }

-        if (first || r == 0) {
-                r = efi_add_boot_option(slot, pick_efi_boot_option_description(),
-                                        part, pstart, psize,
-                                        uuid, path);
+        bool existing = r > 0;
+
+        if (first || !existing) {
+                r = efi_add_boot_option(
+                                slot,
+                                pick_efi_boot_option_description(),
+                                part,
+                                pstart,
+                                psize,
+                                uuid,
+                                path);
                if (r < 0) {
                        int level = graceful ? arg_quiet ? LOG_DEBUG : LOG_INFO : LOG_ERR;
                        const char *skip = graceful ? ", skipping" : "";
@ -913,7 +926,9 @@ static int install_variables(
                        return graceful ? 0 : r;
                }

-                log_info("Created EFI boot entry \"%s\".", pick_efi_boot_option_description());
+                log_info("%s EFI boot entry \"%s\".",
+                         existing ? "Updated" : "Created",
+                         pick_efi_boot_option_description());
        }

        return insert_into_order(slot, first);
@ -948,30 +963,28 @@ static int are_we_installed(const char *esp_path) {
        return r == 0;
 }

-int verb_install(int argc, char *argv[], void *userdata) {
-        _cleanup_(X509_freep) X509 *certificate = NULL;
-        _cleanup_(openssl_ask_password_ui_freep) OpenSSLAskPasswordUI *ui = NULL;
-        _cleanup_(EVP_PKEY_freep) EVP_PKEY *private_key = NULL;
-        sd_id128_t uuid = SD_ID128_NULL;
-        uint64_t pstart = 0, psize = 0;
-        uint32_t part = 0;
-        bool install, graceful;
+static int load_secure_boot_auto_enroll(
+                X509 **ret_certificate,
+                EVP_PKEY **ret_private_key) {
+
        int r;

-        /* Invoked for both "update" and "install" */
+        assert(ret_certificate);
+        assert(ret_private_key);

-        install = streq(argv[0], "install");
+        if (!arg_secure_boot_auto_enroll) {
+                *ret_certificate = NULL;
+                *ret_private_key = NULL;
+                return 0;
+        }

-        /* Support graceful mode only for updates, unless forcibly enabled in chroot environments */
-        graceful = arg_graceful() == ARG_GRACEFUL_FORCE || (!install && arg_graceful() != ARG_GRACEFUL_NO);
-
-        if (arg_secure_boot_auto_enroll) {
        if (arg_certificate_source_type == OPENSSL_CERTIFICATE_SOURCE_FILE) {
                r = parse_path_argument(arg_certificate, /*suppress_root=*/ false, &arg_certificate);
                if (r < 0)
                        return r;
        }

+        _cleanup_(X509_freep) X509 *certificate = NULL;
        r = openssl_load_x509_certificate(
                        arg_certificate_source_type,
                        arg_certificate_source,
@ -986,6 +999,7 @@ int verb_install(int argc, char *argv[], void *userdata) {
                        return log_error_errno(r, "Failed to parse private key path %s: %m", arg_private_key);
        }

+        _cleanup_(EVP_PKEY_freep) EVP_PKEY *private_key = NULL;
        r = openssl_load_private_key(
                        arg_private_key_source_type,
                        arg_private_key_source,
@ -999,11 +1013,36 @@ int verb_install(int argc, char *argv[], void *userdata) {
                                .hup_fd = -EBADF,
                        },
                        &private_key,
-                                &ui);
+                        /* ret_user_interface= */ NULL);
        if (r < 0)
                return log_error_errno(r, "Failed to load private key from %s: %m", arg_private_key);
+
+        *ret_certificate = TAKE_PTR(certificate);
+        *ret_private_key = TAKE_PTR(private_key);
+
+        return 0;
 }

+int verb_install(int argc, char *argv[], void *userdata) {
+        sd_id128_t uuid = SD_ID128_NULL;
+        uint64_t pstart = 0, psize = 0;
+        uint32_t part = 0;
+        bool install, graceful;
+        int r;
+
+        /* Invoked for both "update" and "install" */
+
+        install = streq(argv[0], "install");
+
+        /* Support graceful mode only for updates, unless forcibly enabled in chroot environments */
+        graceful = arg_graceful() == ARG_GRACEFUL_FORCE || (!install && arg_graceful() != ARG_GRACEFUL_NO);
+
+        _cleanup_(EVP_PKEY_freep) EVP_PKEY *private_key = NULL;
+        _cleanup_(X509_freep) X509 *certificate = NULL;
+        r = load_secure_boot_auto_enroll(&certificate, &private_key);
+        if (r < 0)
+                return r;
+
        r = acquire_esp(/* unprivileged_mode= */ false, graceful, &part, &pstart, &psize, &uuid, NULL);
        if (graceful && r == -ENOKEY)
                return 0; /* If --graceful is specified and we can't find an ESP, handle this cleanly */
@ -1161,7 +1200,7 @@ static int rmdir_one(const char *prefix, const char *suffix) {
 }

 static int remove_subdirs(const char *root, const char *const *subdirs) {
-        int r, q;
+        int r;

        /* We use recursion here to destroy the directories in reverse order. Which should be safe given how
         * short the array is. */
@ -1170,9 +1209,7 @@ static int remove_subdirs(const char *root, const char *const *subdirs) {
                return 0;

        r = remove_subdirs(root, subdirs + 1);
-        q = rmdir_one(root, subdirs[0]);
-
-        return r < 0 ? r : q;
+        return RET_GATHER(r, rmdir_one(root, subdirs[0]));
 }

 static int remove_entry_directory(const char *root) {
@ -1186,19 +1223,14 @@ static int remove_entry_directory(const char *root) {
 }

 static int remove_binaries(const char *esp_path) {
-        int r, q;
+        int r;

        _cleanup_free_ char *p = path_join(esp_path, "/EFI/systemd");
        if (!p)
                return log_oom();

        r = rm_rf(p, REMOVE_ROOT|REMOVE_PHYSICAL);
-
-        q = remove_boot_efi(esp_path);
-        if (q < 0 && r == 0)
-                r = q;
-
-        return r;
+        return RET_GATHER(r, remove_boot_efi(esp_path));
 }

 static int remove_file(const char *root, const char *file) {
@ -1258,11 +1290,9 @@ static int remove_loader_variables(void) {
                q = efi_set_variable(var, NULL, 0);
                if (q == -ENOENT)
                        continue;
-                if (q < 0) {
-                        log_warning_errno(q, "Failed to remove EFI variable %s: %m", var);
-                        if (r >= 0)
-                                r = q;
-                } else
+                if (q < 0)
+                        RET_GATHER(r, log_warning_errno(q, "Failed to remove EFI variable %s: %m", var));
+                else
                        log_info("Removed EFI variable %s.", var);
        }

@ -1271,7 +1301,7 @@ static int remove_loader_variables(void) {

 int verb_remove(int argc, char *argv[], void *userdata) {
        sd_id128_t uuid = SD_ID128_NULL;
-        int r, q;
+        int r;

        r = acquire_esp(/* unprivileged_mode= */ false, /* graceful= */ false, NULL, NULL, NULL, &uuid, NULL);
        if (r < 0)
@ -1286,59 +1316,28 @@ int verb_remove(int argc, char *argv[], void *userdata) {
                return r;

        r = remove_binaries(arg_esp_path);
-
-        q = remove_file(arg_esp_path, "/loader/loader.conf");
-        if (q < 0 && r >= 0)
-                r = q;
-
-        q = remove_file(arg_esp_path, "/loader/random-seed");
-        if (q < 0 && r >= 0)
-                r = q;
-
-        q = remove_file(arg_esp_path, "/loader/entries.srel");
-        if (q < 0 && r >= 0)
-                r = q;
+        RET_GATHER(r, remove_file(arg_esp_path, "/loader/loader.conf"));
+        RET_GATHER(r, remove_file(arg_esp_path, "/loader/random-seed"));
+        RET_GATHER(r, remove_file(arg_esp_path, "/loader/entries.srel"));

        FOREACH_STRING(db, "PK.auth", "KEK.auth", "db.auth") {
                _cleanup_free_ char *p = path_join("/loader/keys/auto", db);
                if (!p)
                        return log_oom();

-                q = remove_file(arg_esp_path, p);
-                if (q < 0 && r >= 0)
-                        r = q;
+                RET_GATHER(r, remove_file(arg_esp_path, p));
        }

-        q = rmdir_one(arg_esp_path, "/loader/keys/auto");
-        if (q < 0 && r >= 0)
-                r = q;
-
-        q = remove_subdirs(arg_esp_path, esp_subdirs);
-        if (q < 0 && r >= 0)
-                r = q;
-
-        q = remove_subdirs(arg_esp_path, dollar_boot_subdirs);
-        if (q < 0 && r >= 0)
-                r = q;
-
-        q = remove_entry_directory(arg_esp_path);
-        if (q < 0 && r >= 0)
-                r = q;
+        RET_GATHER(r, rmdir_one(arg_esp_path, "/loader/keys/auto"));
+        RET_GATHER(r, remove_subdirs(arg_esp_path, esp_subdirs));
+        RET_GATHER(r, remove_subdirs(arg_esp_path, dollar_boot_subdirs));
+        RET_GATHER(r, remove_entry_directory(arg_esp_path));

        if (arg_xbootldr_path) {
                /* Remove a subset of these also from the XBOOTLDR partition if it exists */
-
-                q = remove_file(arg_xbootldr_path, "/loader/entries.srel");
-                if (q < 0 && r >= 0)
-                        r = q;
-
-                q = remove_subdirs(arg_xbootldr_path, dollar_boot_subdirs);
-                if (q < 0 && r >= 0)
-                        r = q;
-
-                q = remove_entry_directory(arg_xbootldr_path);
-                if (q < 0 && r >= 0)
-                        r = q;
+                RET_GATHER(r, remove_file(arg_xbootldr_path, "/loader/entries.srel"));
+                RET_GATHER(r, remove_subdirs(arg_xbootldr_path, dollar_boot_subdirs));
+                RET_GATHER(r, remove_entry_directory(arg_xbootldr_path));
        }

        (void) sync_everything();
@ -1352,15 +1351,8 @@ int verb_remove(int argc, char *argv[], void *userdata) {
        }

        char *path = strjoina("/EFI/systemd/systemd-boot", get_efi_arch(), ".efi");
-        q = remove_variables(uuid, path, true);
-        if (q < 0 && r >= 0)
-                r = q;
-
-        q = remove_loader_variables();
-        if (q < 0 && r >= 0)
-                r = q;
-
-        return r;
+        RET_GATHER(r, remove_variables(uuid, path, /* in_order= */ true));
+        return RET_GATHER(r, remove_loader_variables());
 }

 int verb_is_installed(int argc, char *argv[], void *userdata) {
--- a/src/bootctl/bootctl-random-seed.c
+++ b/src/bootctl/bootctl-random-seed.c
@ -61,7 +61,7 @@ static int set_system_token(void) {
        if (!touch_variables())
                return 0;

-        r = getenv_bool("SYSTEMD_WRITE_SYSTEM_TOKEN");
+        r = secure_getenv_bool("SYSTEMD_WRITE_SYSTEM_TOKEN");
        if (r < 0) {
                if (r != -ENXIO)
                        log_warning_errno(r, "Failed to parse $SYSTEMD_WRITE_SYSTEM_TOKEN, ignoring.");
--- a/src/bootctl/bootctl-util.c
+++ b/src/bootctl/bootctl-util.c
@ -124,7 +124,7 @@ int settle_entry_token(void) {

        r = boot_entry_token_ensure(
                        arg_root,
-                        getenv("KERNEL_INSTALL_CONF_ROOT"),
+                        secure_getenv("KERNEL_INSTALL_CONF_ROOT"),
                        arg_machine_id,
                        /* machine_id_is_random = */ false,
                        &arg_entry_token_type,
--- a/src/bootctl/bootctl.c
+++ b/src/bootctl/bootctl.c
@ -67,7 +67,7 @@ sd_json_format_flags_t arg_json_format_flags = SD_JSON_FORMAT_OFF;
 bool arg_arch_all = false;
 char *arg_root = NULL;
 char *arg_image = NULL;
-InstallSource arg_install_source = ARG_INSTALL_SOURCE_AUTO;
+InstallSource arg_install_source = INSTALL_SOURCE_AUTO;
 char *arg_efi_boot_option_description = NULL;
 bool arg_dry_run = false;
 ImagePolicy *arg_image_policy = NULL;
@ -483,11 +483,11 @@ static int parse_argv(int argc, char *argv[]) {

                case ARG_INSTALL_SOURCE:
                        if (streq(optarg, "auto"))
-                                arg_install_source = ARG_INSTALL_SOURCE_AUTO;
+                                arg_install_source = INSTALL_SOURCE_AUTO;
                        else if (streq(optarg, "image"))
-                                arg_install_source = ARG_INSTALL_SOURCE_IMAGE;
+                                arg_install_source = INSTALL_SOURCE_IMAGE;
                        else if (streq(optarg, "host"))
-                                arg_install_source = ARG_INSTALL_SOURCE_HOST;
+                                arg_install_source = INSTALL_SOURCE_HOST;
                        else
                                return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
                                                       "Unexpected parameter for --install-source=: %s", optarg);
@ -648,7 +648,7 @@ static int parse_argv(int argc, char *argv[]) {
        if (arg_root && arg_image)
                return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Please specify either --root= or --image=, the combination of both is not supported.");

-        if (arg_install_source != ARG_INSTALL_SOURCE_AUTO && !arg_root && !arg_image)
+        if (arg_install_source != INSTALL_SOURCE_AUTO && !arg_root && !arg_image)
                return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "--install-from-host is only supported with --root= or --image=.");

        if (arg_dry_run && argv[optind] && !STR_IN_SET(argv[optind], "unlink", "cleanup"))
@ -697,23 +697,16 @@ static int bootctl_main(int argc, char *argv[]) {
        return dispatch_verb(argc, argv, verbs, NULL);
 }

-static int run(int argc, char *argv[]) {
-        _cleanup_(loop_device_unrefp) LoopDevice *loop_device = NULL;
-        _cleanup_(umount_and_freep) char *mounted_dir = NULL;
-        int r;
-
-        log_setup();
-
-        r = parse_argv(argc, argv);
-        if (r <= 0)
-                return r;
-
-        if (arg_varlink) {
+static int vl_server(void) {
        _cleanup_(sd_varlink_server_unrefp) sd_varlink_server *varlink_server = NULL;
+        int r;

        /* Invocation as Varlink service */

-                r = varlink_server_new(&varlink_server, SD_VARLINK_SERVER_ROOT_ONLY, NULL);
+        r = varlink_server_new(
+                        &varlink_server,
+                        SD_VARLINK_SERVER_ROOT_ONLY,
+                        /* userdata= */ NULL);
        if (r < 0)
                return log_error_errno(r, "Failed to allocate Varlink server: %m");

@ -733,9 +726,23 @@ static int run(int argc, char *argv[]) {
        if (r < 0)
                return log_error_errno(r, "Failed to run Varlink event loop: %m");

-                return EXIT_SUCCESS;
+        return 0;
 }

+static int run(int argc, char *argv[]) {
+        _cleanup_(loop_device_unrefp) LoopDevice *loop_device = NULL;
+        _cleanup_(umount_and_freep) char *mounted_dir = NULL;
+        int r;
+
+        log_setup();
+
+        r = parse_argv(argc, argv);
+        if (r <= 0)
+                return r;
+
+        if (arg_varlink)
+                return vl_server();
+
        if (arg_print_root_device > 0) {
                _cleanup_free_ char *path = NULL;
                dev_t devno;
--- a/src/bootctl/bootctl.h
+++ b/src/bootctl/bootctl.h
@ -4,9 +4,11 @@
 #include "forward.h"

 typedef enum InstallSource {
-        ARG_INSTALL_SOURCE_IMAGE,
-        ARG_INSTALL_SOURCE_HOST,
-        ARG_INSTALL_SOURCE_AUTO,
+        INSTALL_SOURCE_IMAGE,
+        INSTALL_SOURCE_HOST,
+        INSTALL_SOURCE_AUTO,
+        _INSTALL_SOURCE_MAX,
+        _INSTALL_SOURCE_INVALID = -EINVAL,
 } InstallSource;

 typedef enum GracefulMode {
--- a/src/core/job.c
+++ b/src/core/job.c
@ -772,7 +772,7 @@ static void job_emit_done_message(Unit *u, uint32_t job_id, JobType t, JobResult
                /* No message on the console if the job did not actually do anything due to unmet condition. */
                if (console_only)
                        return;
-                else
+
                do_console = false;
        }

--- a/src/core/manager.c
+++ b/src/core/manager.c
@ -137,7 +137,7 @@ static usec_t manager_watch_jobs_next_time(Manager *m) {
                /* Let the user manager without a timeout show status quickly, so the system manager can make
                 * use of it, if it wants to. */
                timeout = JOBS_IN_PROGRESS_WAIT_USEC * 2 / 3;
-        else if (show_status_on(m->show_status))
+        else if (manager_get_show_status_on(m))
                /* When status is on, just use the usual timeout. */
                timeout = JOBS_IN_PROGRESS_WAIT_USEC;
        else
@ -4525,10 +4525,10 @@ static bool manager_should_show_status(Manager *m, StatusType type) {
                return false;

        /* If we cannot find out the status properly, just proceed. */
-        if (type != STATUS_TYPE_EMERGENCY && manager_check_ask_password(m) > 0)
+        if (type < STATUS_TYPE_EMERGENCY && manager_check_ask_password(m) > 0)
                return false;

-        if (type == STATUS_TYPE_NOTICE && m->show_status != SHOW_STATUS_NO)
+        if (type >= STATUS_TYPE_NOTICE && manager_get_show_status(m) != SHOW_STATUS_NO)
                return true;

        return manager_get_show_status_on(m);
--- a/src/core/unit.c
+++ b/src/core/unit.c
@ -1825,7 +1825,15 @@ static bool unit_test_assert(Unit *u) {
        return u->assert_result;
 }

-void unit_status_printf(Unit *u, StatusType status_type, const char *status, const char *format, const char *ident) {
+void unit_status_printf(
+                Unit *u,
+                StatusType status_type,
+                const char *status,
+                const char *format,
+                const char *ident) {
+
+        assert(u);
+
        if (log_get_show_color()) {
                if (u->manager->status_unit_format == STATUS_UNIT_FORMAT_COMBINED && strchr(ident, ' '))
                        ident = strjoina(ANSI_HIGHLIGHT, u->id, ANSI_NORMAL, " - ", u->description);
--- a/src/core/unit.h
+++ b/src/core/unit.h
@ -52,10 +52,12 @@ typedef enum OOMPolicy {
 } OOMPolicy;

 typedef enum StatusType {
-        STATUS_TYPE_EPHEMERAL,
+        STATUS_TYPE_EPHEMERAL,   /* ordered by severity! Do not break order */
        STATUS_TYPE_NORMAL,
        STATUS_TYPE_NOTICE,
        STATUS_TYPE_EMERGENCY,
+        _STATUS_TYPE_MAX,
+        _STATUS_TYPE_INVALID = -EINVAL,
 } StatusType;

 static inline bool UNIT_IS_ACTIVE_OR_RELOADING(UnitActiveState t) {
--- a/src/run/run.c
+++ b/src/run/run.c
@ -5,6 +5,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <sys/resource.h>
+#include <sys/stat.h>
 #include <unistd.h>

 #include "sd-bus.h"
--- a/src/shared/boot-entry.h
+++ b/src/shared/boot-entry.h
@ -11,6 +11,8 @@ typedef enum BootEntryTokenType {
        BOOT_ENTRY_TOKEN_OS_ID,
        BOOT_ENTRY_TOKEN_LITERAL,
        BOOT_ENTRY_TOKEN_AUTO,
+        _BOOT_ENTRY_TOKEN_TYPE_MAX,
+        _BOOT_ENTRY_TOKEN_TYPE_INVALID = -EINVAL,
 } BootEntryTokenType;

 bool boot_entry_token_valid(const char *p);
--- a/src/shared/libaudit-util.c
+++ b/src/shared/libaudit-util.c
@ -22,7 +22,7 @@ static DLSYM_PROTOTYPE(audit_open) = NULL;

 int dlopen_libaudit(void) {
        ELF_NOTE_DLOPEN("libaudit",
-                        "Support for Audit loggging",
+                        "Support for Audit logging",
                        ELF_NOTE_DLOPEN_PRIORITY_RECOMMENDED,
                        "libaudit.so.1");
Author	SHA1	Message	Date
Mike Yuan	4f8c1de213	core/manager: honor show_status_overridden in manager_watch_jobs_next_time() Prompted by #39029	2025-09-20 00:01:54 +02:00
Yu Watanabe	e66b233e83	run: include sys/stat.h again This partially reverts 9adb4685dffadb3991535a8d990ce35132b6d9a6. For the case that sys/stat.h is not included indirectly by other headers. Fixes the following error: ``` ../src/run/run.c: In function 'fchown_to_capsule': ../src/run/run.c:2128:21: error: storage size of 'st' isn't known 2128 \| struct stat st; \| ^~ ```	2025-09-19 22:56:49 +02:00
Yu Watanabe	4bbd7ece53	libaudit-util: fix typo Follow-up for 4d8c5c657ae0829f93944a00302e7ce700913e54.	2025-09-20 05:14:25 +09:00
Yu Watanabe	99e04eacbd	Various smaller tweaks to bootctl (#38996 )	2025-09-20 04:28:00 +09:00
Mike Yuan	d25c8ee7f9	core: console status fixes (#39029 )	2025-09-19 20:30:11 +02:00
Lennart Poettering	a86a366eb0	bootctl: split out auto-enroll cert load code into function of its own	2025-09-20 00:47:46 +09:00
Lennart Poettering	407139ae92	bootctl: output a more precise log message when updating existing EFI vars	2025-09-20 00:47:46 +09:00
Lennart Poettering	7dd55c83b8	bootctl: don't update $ESP/EFI/BOOTX64.EFI twice We update BOOTX64.EFI explicitly once (because we know that it's the main entry point of UEFI) and then a second time when we update everything in $ESP/EFI/*.EFI. That's redundant and pretty ugly/confusing in the log output. Hence exclude the file we already updated explicitly from the 2nd run.	2025-09-20 00:47:46 +09:00
Lennart Poettering	b6f4f85c39	bootctl: downgrade messages about foreign EFI files Given that we iterate through $ESP/EFI/BOOT/*.EFI these days this is a pretty common case, hence it's not really noteworthy, hence downgrade these log messages from LOG_NOTICE to LOG_INFO.	2025-09-20 00:47:46 +09:00
Lennart Poettering	c95d72913a	bootctl: split out varlink setup into a helper call of its own	2025-09-20 00:47:46 +09:00
Lennart Poettering	83d0b6597c	bootctl: normalize some enum definitions	2025-09-20 00:47:46 +09:00
Lennart Poettering	f757022294	bootctl: use RET_GATHER() all over the place	2025-09-20 00:47:46 +09:00
Lennart Poettering	5c396a0110	bootctl: switch a few getenv() calls to secure_getenv() Following the rule that we should always prefer the secure flavour over the regular one unless there's a clear reason for the regular one, let's switch this over. Better safe than sorry.	2025-09-20 00:47:46 +09:00
Lennart Poettering	9ecc969855	core: fix status output suppression This fixes two things: first of all it ensures we take the override status output field properly into account, instead of going directly to the regular one. Moreover, it ensures that we bypass auto for both notice + emergency, since both have the same "impact", and, don't limit this for notice only.	2025-09-19 17:32:48 +02:00
Lennart Poettering	8e9b722b4a	unit: line-break overly long parameter list + add assert()	2025-09-19 17:32:48 +02:00
Lennart Poettering	84ba8721de	job: shorten code	2025-09-19 17:32:48 +02:00