Drop connections and caches and reload config from files, to allow
for low-interruptions updates, and hook up to the usual SIGHUP and
ExecReload=. Mark servers and services configured directly via D-Bus
so that they can be kept around, and only the configuration file
settings are dropped and reloaded.
Fixes https://github.com/systemd/systemd/issues/17503
Fixes https://github.com/systemd/systemd/issues/20604
* efi: Measure into both CC and TPM if available.
It's possible that both measurement protocols are made available, so
instead of assuming only one or the other are available, measure into
both to avoid a problem like CVE-2021-42299.
Signed-off-by: Dionna Glaze <dionnaglaze@google.com>
In case kernel-install is called to install what's already a UKI, 60-ukify
must be skipped. E.g. when distro shipped and signed UKI is being installed,
it is counter-productive to try to rebuild it with ukify. Also, the existing
script is not ready to handle UKIs with embedded initramfs.
Note, it is already possible to disable 60-ukify by setting
KERNEL_INSTALL_UKI_GENERATOR to something but in case it is not set, 60-ukify
assumes it should run.
The testuser user is only needed for integration tests,
which are used in the system user and this config
can be provided as drop-ins instead of inline in postinst scripts.
The Toshiba Z830 has 3 hotkeys which use the ACPI PNP0C32 quickstart spec:
https://archive.org/details/microsoft-acpi-dirapplaunch
These devices have an ACPI method called GHID() which suggests
it returns a value from the "HID Usage Tables" document, but these
methods simple returns a follow number for the button (1, 2 and 3).
The first 2 buttons are for what the manual calls "TOSHIBA eco button"
and "TOSHIBA Presentation button", since there is no good match for
these simply map them to KEY_PROG1 and KEY_PROG2.
The third button is intended to toggle the touchpad on/off, map
this to F21 which GNOME/KDE will interpret as touchpad toggle.
To enable it, use "ephemeral-import" either for mutable mode environment
variable or for value of "--mutable=" flag.
This is a combination of "ephemeral" and "import" modes. It results in a
mutable hierarchy that includes contents of the mutable extension data, but the
modifications are thrown away when the hierarchy is unmerged.
To enable it, use "ephemeral" either for mutable mode environment variable or
for value of "--mutable=" flag.
Instead of using mutable dir in /var/lib/extensions.mutable/<hierarchy>, we
create a directory for overlayfs upperdir and workdir in the same tmpfs mount
that sysext worker process creates in /run/systemd/sysext. As the path for the
workdir will be gone when the worker quits, there is no need to do any
additional cleanup. As such, there is also no need to store a path to workdir
in the metadata directory.
