Follow-up for #27579
In #27579 we refused all StartUnit requests for Type=dbus units
if dbus is not running, which means if dbus is manually stopped,
user can't use systemctl to start Type=dbus units again, which
is incorrect.
The only culprit that leads to the cancellation of the whole
transaction mentioned in #26799 is job type conflict on dbus.
So let's relax the restriction and only refuse job enqueuing
if dbus has a stop job.
To summarize, the case we want to avoid is:
1. dbus has a stop job installed
2. StartUnit/ActivationRequest is received
3. Type=dbus service gets started, which has Requires=dbus.socket
4. dbus is pulled in again, resulting in job type conflict
What we can support is:
1. dbus is already stopped
2. StartUnit is received (possibly through systemctl, i.e. on private bus)
3. Type=dbus service gets started, which will wait for dbus to start
4. dbus is started again, thus the job for Type=dbus service
Replaces #27590Fixes#27588
We already have the systemd.tty.xxx kernel cmdline arguments for
configuring tty's for services, let's make sure the term cmdline
argument applies to pid1 as well.
We default to quiet operation everywhere except for repart, where
we disable quiet and have the mkfs tools write to stdout.
We also make sure --quiet or equivalent is implemented for all mkfs
tools.
If we switch root and can't execute an init program afterwards, we're
completely stuck as we can't go back to the initramfs to start
emergency.service as it will have been completely removed by the switch
root operation.
To prevent leaving users with a completely undebuggable system, let's
at least check before we switch root whether at least one of the init
programs we might want to execute actually exist, and fail early if
none of them exists.
When running in a VM, we now support propagating the exit status
via a vsock notify socket, so drop the restrictions on propagating
an exit status when not in a container to make sure this works
properly.
The systemd-cryptenroll man page states:
Takes a comma separated list of numeric slot indexes, or the special
strings ..., or any combination of these strings or numeric
indexes, in which case all slots matching either are wiped.
but we'd allow only one special string at any given time as the value
was not ORed when assigning. So, for example, --wipe=recovery,password
would actually become --wipe=password, etc.
Let's make sure we log more of what mkosi's doing so we can debug
issues better. Note this also makes mkosi set SYSTEMD_LOG_LEVEL=debug
when running programs so we'll get all the systemd debug logging as
well.
We run the build as a regular user and create-log-dirs requires to
run as root so let's disable the option to avoid error noise during
the install phase.
Until now, we always excluded the top level directories that were
covered by child partition mount points, regardless of the source
directory and the target directory of the copy files operation.
This means that even if we were populating a XBOOTLDR partition, if
there was an EFI partition in the image, we'd exclude /boot
unconditionally, leading to the XBOOTLDR partition to be empty.
Also, because of the same cause, if we were copying a nested source
directory (e.g. /abc/def) to the root directory in the root
partition, if /abc/def/usr existed and was populated with files and
directories, the root partition would have those files under /usr,
even if a /usr partition was defined.
To fix these issues, instead of unconditionally excluding the top
level partition mount points under <source>, let's make sure that
when we're copying files from any source directory to the root
directory of a root partition, that we exclude the partition mount
point directories under the source directory instead of the top
level ones.
Some tests are skipped because initrd extracted from bootctl
is "/boot/initramfs-5.14.0-284.el9.x86_64.img $tuned_initrd"
and not just "/boot/initramfs-5.14.0-284.el9.x86_64.img".
Therefore split and remove the additional garbage.
Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
sbsign is not available everywhere, for example RHEL does not have it.
Add pesign as alternative to it.
pesign will use options "--secureboot-certificate-name" (mandatory) and
"--secureboot-certificate-dir" (optional), while sbsign will use
"--secureboot-private-key" and "--secureboot-certificate".
By default, use sbsign. If no key/cert is provided or sbsign is not found,
try pesign.
Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>