This makes `systemd-umount` or `systemd-mount -u` support unmounting
loop devices by the corresponding backing files, like
`systemd-mount --umount /tmp/foo.img /tmp/bar.img`
Fixes#6206.
The CapabilityBoundingSet option only makes sense if we are running as
PID1.
The system.conf.d(5) manpage, already states that the CapabilityBoundingSet
option:
Controls which capabilities to include in the capability bounding set
for PID 1 and its children.
https://github.com/systemd/systemd/issues/6080
Previously, we'd ask liblkid to also tell us about recognized
superblocks with bad checksums. We'd then log about them and ignore
them. This however created ambuigity problems, see #6110: the
BLKID_SUBLKS_BADCSUM is not as innocent as it appears.
This patch drops bad checksum handling and we ignore all such superblocks
entirely again, as it was the status quo ante
d47f6ca5f9 (where this was snuck in).
Ideally, libblkid would be changed to avoid this ambiguity problems for
bad checksums, but that's not going to happen any time soon, according
to @karelzak.
Fixes: #6110
Previously, only when --register=yes was set (the default) the invoked
container would get its own scope, created by machined on behalf of
nspawn. With this change if --register=no is set nspawn will still get
its own scope (which is a good thing, so that --slice= and --property=
take effect), but this is not done through machined but by registering a
scope unit directly in PID 1.
Summary:
--register=yes → allocate a new scope through machined (the default)
--register=yes --keep-unit → use the unit we are already running in an register with machined
--register=no → allocate a new scope directly, but no machined
--register=no --keep-unit → do not allocate nor register anything
Fixes: #5823
dns_packet_new() is sometimes called with mtu == 0, and in that case we should
allocate more than the absolute minimum (which is the dns packet header size),
otherwise we have to resize immediately again after appending the first data to
the packet.
This partially reverts the previous commit.
When DNS is unreliable temporarily, the current implementation will
never improve resend behavior again and switch DNS servers only late
(current maximum timeout is 5 seconds).
We can improve this by biasing the resend_timeout back to the current
RTT when a successful response was received. Next time, a timeout is hit
on this server, it will switch to the next server faster.
Fixes: #5953
Now that we have support for key/switch masking in logind, we can relax
the rules by which logind picks the devices to watch a bit, after all we
won't wake up anymore for every single event, but instead only the
events we actually care about.
This should make power/suspend keys on normal usb/atkbd keyboards just
work.
This way logind will get woken up only when an actual event took place,
and not for every key press on the system.
The ioctl EVIOCSMASK was added by @dvdhrm already in October 2015, for
the use in logind, among others, hence let's actually make use of it
now.
While we are at it, also fix usage of the EVIOCGSW ioctl, where we
assumed a byte array, even though a unsigned long native endian array is
returned.
The allocation size was calculated in a complicated way, and for values
close to the page size we would actually allocate less than requested.
Reported by Chris Coulson <chris.coulson@canonical.com>.
CVE-2017-9445
The defines
KEY_MAX
KEY_CNT
KEY_MIN_INTERESTING
BTN_MISC
BTN_MOUSE
BTN_JOYSTICK
BTN_GAMEPAD
BTN_DIGI
BTN_WHEEL
BTN_TRIGGER_HAPPY
mark start/end of key blocks and do not designate events.
Exclude them from the list of recognized key events.
Assign ID_INPUT_MOUSE property to devices with mouse buttons and no axis.
Libinput tries to use libwacom on devices with tablet-pad capability
which are detected by ID_INPUT_TABLET_PAD=1 property so assign pointer
class by setting ID_INPUT_MOUSE=1 to devices with mouse buttons and let
libwacom override the class for Wacom pads.
This places the input_id call after the evdev hwdb calls. With this the
hwdb fixups in evdev can affect the device capabilities assigned in
input_id.
Remove the ID_INPUT_KEY dependency in atkbd rule because it is now not
assigned at this point.
If a swap partition is created on a disk using GPT then the unit generated by
the gpt-generator can shadow the one generated by the fstab-generator.
This can be an issue if the fstab entry for the swap has options since they are
simply ignored if PID1 decides to use the unit created by the gpt-generator
since this unit carries no information about the swap options.
This patch simply disables the GPT auto logic for swaps if at least one entry
for swap is defined in /etc/fstab.
Fixes: #6192
CLOCK_BOOTTIME should only be used if we actually want the clock to
count on while we are suspended, and it is hence not useful for normal
code execution time limits, fix that.
Moreover, a couple of uses were even more broken, as
clock_bottime_or_monotonic() was called where actually
now(clock_boottime_or_monotic()) was supposed to be called. Ouch!
Fixes: #5903
This makes systemd-umount (or systemd-mount -u) supports multiple arguments
which can be path, device, or fstab style node name, like
`systemd-umount /path/to/umount /dev/sda1 UUID=xxxxxx-xxxx LABEL=xxxxx`.
C.f. https://github.com/systemd/systemd/pull/5235#issuecomment-277731314.
