If for any reason something goes wrong during the boot process (most likely due
to a network issue), system admins should be allowed to log in to the system to
debug the problem. However due to the login session barrier enforced by
systemd-user-sessions.service for all users, logins for root will be delayed
until a (dbus) timeout expires. Beside being confusing, it's not a nice user
experience to wait for an indefinite period of time (no message is shown) this
and also suggests that something went wrong in the background.
The reason of this delay is due to the fact that all units involved in the
creation of a user session are ordered after systemd-user-sessions.service,
which is subject to network issues. If root needs to log in at that time,
logind is requested to create a new session (via pam_systemd), which ultimately
ends up waiting for systemd-user-session.service to be activated. This has the
bad side effect to block login for root until the dbus call done by pam_systemd
times out and the PAM stack proceeds anyways.
To solve this problem, this patch orders the session scope units and the user
instances only after systemd-user-sessions.service for unprivileged users only.
DefaultSmackProcessLabel tells systemd what label to assign to its child
process in case SmackProcessLabel is not set in the service file. By
default, when DefaultSmackProcessLabel is not set child processes inherit
label from systemd.
If DefaultSmackProcessLabel is set to "/" (which is an invalid character
for a SMACK label) the DEFAULT_SMACK_PROCESS_LABEL set during compilation
is ignored and systemd act as if the option was unset.
In the welcome line, use NAME= as the fallback for PRETTY_NAME=.
PRETTY_NAME= doesn't have to be set, but NAME= should.
Example output:
---
Welcome to Fedora Linux 37 (Rawhide Prerelease)!
[ !! ] This OS version (Fedora Linux 37 (Rawhide Prerelease)) is past its end-of-support date (1999-01-01)
Queued start job for default target graphical.target.
[ OK ] Created slice system-getty.slice.
---
When using --root=/--image= the binaries to install/update will be
picked from the directory/image. Add an option to let the caller
choose.
By default (auto) the image is tried first, and if nothing is found
then the host. The other options allow to strictly try the image
or host and ignore the other.
This merges the various labelling calls into a single label_fix_full(),
which can operate on paths, on inode fds, and in a dirfd/fname style
(i.e. like openat()). It also systematically separates the path to look
up in the db from the path we actually use to reference the inode to
relabel.
This then ports tmpfiles over to labelling by fd. This should make the
code a bit less racy, as we'll try hard to always operate on the very
same inode, pinning it via an fd.
User-visibly the behaviour should not change.
This uses RET_NERRNO to more quickly pull the error code we see into
"r" out of "errno".
This does not change anything really. The only reason to do this is
because it is harder to break this accidentally. The thing is that
"errno" is easily set as side-effect of arbitrary functions. Thus, if we
rely on it being set for long code paths, we need to make carefully sure
that no code in between calls any function that might corrupt it as
side-effect. As far as I can see we did get this right. Nonetheless, I
think we should just store the value in "r" instead, to make it easier
to maintain this in the long run, if more code is inserted one day, who
knows.
mkdirat_errno_wrapper(x,y,z) is identical to RET_NERRNO(mkdirat(x, y,
z)). Let's always use the latter when we can, because easier to read,
shorter.
The only reason to have mkdirat_errno_wrapper() at all is so that we can
pass a function pointer to it around. Otherwise, let's not use it.
let's use our better, newer internal APIs for these purposes. This gets us
two things: safer handling when the root dir is specified, and better
handling of paths with trailing slashes, as we can refuse them whenever
a directory is not acceptable.
Let's make this functions that check validity of paths a bit more
friendly towards one specific kind of invalid path: a NULL pointer.
This follows similar logic in path_is_valid(), path_is_normalized() and
so on.
These are somewhat pointless gnu-efi typedefs. Using the names from the
UEFI spec makes things clearer.
The one exception left is EFI_FILE as we use it a lot and
EFI_FILE_PROTOCOL is quite a handful.