And also: by default, for the systemd-user service and for local
sessions (i.e. those assigned to a seat): let's imply CAP_WAKE_SYSTEM
for them by default. Yes, let's pass one specific capability by default to local
unprivileged users.
The capability services exactly once purpose: to allow system wake-up
from suspend via alarm clocks, hence is relatively limited in focus. By
adding this tools such as GNOME's Alarm Clock app can simply allocate a
CLOCK_REALTIME_ALARM (or ask systemd --user to do this) timer and it
will wake up the system as necessary.
Note that systemd --user will not pass the ambient caps on by default,
so even with this change, individual services need to use
AmbientCapabilities= to pass this on to the individual programs.
Fixes: #17564#21382
"passwd" and "pscap" are extremely useful to debug basic OS behaviour,
and tiny. So let's add them to our default development images, just to
save us some headaches.
We checked ERRNO_IS_NOT_SUPPORTED on a possible positive non-error code,
which isn't right.
Fix that. Also add caching, since we are about to call this more often.
If CONFIG_PSI_DEFAULT_DISABLED is set in the kernel, then the PSI files
will be there, and you can open them, but read()/write() will fail.
Which is terrible, since that happens so late. But anyway, handle this
gracefully.
Let's log exactly at one place about failed writing of log lines to
journal file: in shall_try_append_again().
Then, if we decide to suppress a retry-after-vacuum because we already
vacuumed anyway then say this explicitly as "supressed rotation",
because that's what we do here.
This removes triplicate logging about the same error, and logs exactly
once, plus optional one "suppressed rotation" message. (plus more debug
output). The triplicate logging was bad in particular because it had no
understanding of the actual error codes and just showed generic UNIX
error strings ("Not a XENIX named type file"). By relying on
shall_try_append_again() to do all logging we now get very clean error
strings for all conditions.
Fixes: #26496
We always want to pass the error code along with the log call, so that
it can add it to structured logging, even if the format string does not
contain %m.
None of these conditions are real issues, but they can simply happen
because we just swtched from /run to /var as backend for logging and
there are old files from different boots with different systemd versions
and so on.
Let's not make more noise than necessary: still log, but not consider it
a warning, but just some normal thing.
We are handling these issues safely after all: by rotating and starting
anew, i.e. there's no reason to be concerned.
If the default target is masked, `systemctl get-default` prints
Failed to get default target: Operation not possible due to RF-kill
That's a bit too cryptic, so let's make it clear what's actually
happening.
Fixes#26589.
This reverts commit df4524cb37.
This commit is just wrong. The thing is that we *don't* know
automatically that the partition contains a swap image, because it could
be encrypted.
Hence revert.
Fixes: #26595
We should check alignment *after* determining the pointer points into
our pool, not before. Otherwise might might end up checking alignment of
the pointer relative to our base, even though it is taken relative to
some other base.
Follow-up for: a2b052b29f
See: https://github.com/systemd/systemd/pull/26393#issuecomment-1442295012
This is a follow-up for b1712fabd1 which
was prepped for 253, but merged into early 254 development cycle. It
thus had the symbol it adds at the wrong symver. Fix thta.
