2025-12-29 12:24:45 +01:00
5 changed files with 10 additions and 64 deletions
--- a/32
+++ b/32
@ -86,33 +86,6 @@ CHANGES WITH 247 in spe:
          this is not caused by systemd/udev changes, but result of a kernel
          behaviour change.
        * UPCOMING INCOMPATIBILITY: So far most downstream distribution
          packages have not retriggered devices once the udev package (or any
          auxiliary package installing additional udev rules) is updated. We
          intend to work with major distributions to change this, so that
          "udevadm trigger -a change" is issued on such upgrades, ensuring that
          the updated ruleset is applied to the devices already discovered, so
          that (asynchronously) after the upgrade completed the udev database
          is consistent with the updated rule set. This means udev rules must
          be ready to be retriggered with a "change" action any time, and
          result in correct and complete udev database entries. While the
          majority of udev rule files known to us currently get this right,
          some don't. Specifically, there are udev rules files included in
          various packages that only set udev properties on the "add" action,
          but do not handle the "change" action. If a device matching those
          rules is retriggered with the "change" action (as is intended here)
          it would suddenly lose the relevant properties. This always has been
          a problematic, but as soon as all udev devices are triggered on
          relevant package upgrades this will become particularly so. It is
          strongly recommended to fix offending rules so that they can handle a
          "change" action at any time, and acquire all necessary udev
          properties even then. Or in other words: the header guard mentioned
          above (ACTION=="remove",GOTO="xyz_end") is the correct approach to
          handle this, as it makes sure rules are rerun on "change" correctly,
          and acccumulate the correct and complete set of udev properties. udev
          rule definitions that cannot handle "change" events being triggered
          at arbitrary times should be considered buggy.
        * The MountAPIVFS= service file setting now defaults to on if
          RootImage= and RootDirectory= are used, which means that with those
          two settings /proc/, /sys/ and /dev/ are automatically properly set
@ -646,11 +619,6 @@ CHANGES WITH 247 in spe:
          placed in app.slice. The plan is to add resource limits and
          protections for the different slices in the future.
        * New GPT partition types for RISCV32/64 for the root and /usr
          partitions, and their associated Verity partitions have been defined,
          and are now understood by systemd-gpt-auto-generator, and the OS
          image dissection logic.
        Contributions from: Adolfo Jayme Barrientos, afg, Alec Moskvin, Alyssa
        Ross, Amitanand Chikorde, Andrew Hangsleben, Anita Zhang, Ansgar
        Burchardt, Arian van Putten, Aurelien Jarno, Axel Rasmussen, bauen1,
--- a/man/systemd.link.xml
+++ b/man/systemd.link.xml
@ -273,21 +273,18 @@
            <varlistentry>
              <term><option>none</option></term>
              <listitem>
-                <para>Keeps the MAC address assigned by the kernel. Or use the MAC address specified in
+                <para>Keeps the MAC address assigned by the kernel.</para>
                <varname>MACAddress=</varname>.</para>
              </listitem>
            </varlistentry>
          </variablelist>
          <para>An empty string assignment is equivalent to setting <literal>none</literal>.</para>
        </listitem>
      </varlistentry>
      <varlistentry>
        <term><varname>MACAddress=</varname></term>
        <listitem>
-          <para>The interface MAC address to use. For this setting to take effect,
+          <para>The MAC address to use, if no
-          <varname>MACAddressPolicy=</varname> must either be unset, empty, or <literal>none</literal>.
+          <varname>MACAddressPolicy=</varname>
-          </para>
+          is specified.</para>
        </listitem>
      </varlistentry>
      <varlistentry>
--- a/src/home/pam_systemd_home.c
+++ b/src/home/pam_systemd_home.c
@ -625,15 +625,6 @@ static int acquire_home(
                do_auth = true;
        }
        /* Later PAM modules may need the auth token, but only during pam_authenticate. */
        if (please_authenticate && !strv_isempty(secret->password)) {
                r = pam_set_item(handle, PAM_AUTHTOK, *secret->password);
                if (r < 0) {
                        pam_syslog(handle, LOG_ERR, "Failed to set PAM auth token: %s", pam_strerror(handle, r));
                        return r;
                }
        }
        r = pam_set_data(handle, fd_field, FD_TO_PTR(acquired_fd), cleanup_home_fd);
        if (r < 0) {
                pam_syslog(handle, LOG_ERR, "Failed to set PAM bus data: %s", pam_strerror(handle, r));
--- a/src/udev/net/link-config.c
+++ b/src/udev/net/link-config.c
@ -181,13 +181,6 @@ int link_load_one(link_config_ctx *ctx, const char *filename) {
                return 0;
        }
        if (IN_SET(link->mac_address_policy, MAC_ADDRESS_POLICY_PERSISTENT, MAC_ADDRESS_POLICY_RANDOM) && link->mac) {
                log_warning("%s: MACAddress= in [Link] section will be ignored when MACAddressPolicy= "
                            "is set to \"persistent\" or \"random\".",
                            filename);
                link->mac = mfree(link->mac);
        }
        log_debug("Parsed configuration file %s", filename);
        LIST_PREPEND(links, ctx->links, TAKE_PTR(link));
@ -675,12 +668,8 @@ static const char* const mac_address_policy_table[_MAC_ADDRESS_POLICY_MAX] = {
 };
 DEFINE_STRING_TABLE_LOOKUP(mac_address_policy, MACAddressPolicy);
-DEFINE_CONFIG_PARSE_ENUM_WITH_DEFAULT(
+DEFINE_CONFIG_PARSE_ENUM(config_parse_mac_address_policy, mac_address_policy, MACAddressPolicy,
-        config_parse_mac_address_policy,
+                         "Failed to parse MAC address policy");
        mac_address_policy,
        MACAddressPolicy,
        MAC_ADDRESS_POLICY_NONE,
        "Failed to parse MAC address policy");
 static const char* const name_policy_table[_NAMEPOLICY_MAX] = {
        [NAMEPOLICY_KERNEL] = "kernel",
--- a/test/test-functions
+++ b/test/test-functions
@ -1058,9 +1058,7 @@ install_pam() {
    else
        find /lib*/security -xtype f
    fi
-    for d in /etc/pam.d /etc/security /usr/lib/pam.d; do
+    find /etc/pam.d /etc/security -xtype f
        [ -d "$d" ] && find $d -xtype f
    done
    ) | while read file; do
        inst $file
    done
@ -1069,6 +1067,9 @@ install_pam() {
    # see http://www.linux-pam.org/Linux-PAM-html/sag-pam_unix.html
    dracut_install -o unix_chkpwd
    [[ "$LOOKS_LIKE_DEBIAN" ]] &&
        cp /etc/pam.d/systemd-user $initdir/etc/pam.d/
    # set empty root password for easy debugging
    sed -i 's/^root:x:/root::/' $initdir/etc/passwd
 }