Lennart Poettering
d0c441f99e
stub: unify how we combine 'measured' flags
...
We have the same non-trivial ternary op expression at various places,
let's unify it in one call, to make this easier to read and remove
duplication.
2024-06-24 22:43:45 +02:00
Lennart Poettering
ff8d08ab4e
uefi: drop redundant local variable
2024-06-24 22:43:45 +02:00
Lennart Poettering
95340b33a4
uefi: drop ill-placed empty line
...
Let's not place empty lines between function calls and their immediate
error handling.
2024-06-24 22:38:24 +02:00
nerdopolis
952b26c75d
login: Add a new SecureAttentionKey dbus signal when Ctrl+Alt+Shift+Esc is pressed
2024-06-24 22:29:38 +02:00
Luca Boccassi
f8f06462e5
Merge pull request #33042 from poettering/machined-unpriv
...
machined: unprivileged machine registration
2024-06-24 20:45:37 +02:00
Luca Boccassi
9ca01a6475
Merge pull request #33000 from poettering/ssh-proxy-machine
...
systemd-ssh-proxy: look for VSOCK CIDs in machined
2024-06-24 20:35:07 +02:00
Yu Watanabe
08f333b9ff
Merge pull request #33466 from YHNdnzj/open-file-graceful-log
...
core/exec-invoke: clean up OpenFile= logging
2024-06-25 03:26:04 +09:00
Eugeny Shcheglov
1750e30d23
Fix typo in CAP_BPF description ( #33464 )
...
description_good and description_bad are mixed up. Disabling CAP_BPF results in the inability to load BPF, not the other way around.
2024-06-25 03:23:50 +09:00
oldherl
341f04fa33
hwdb: fix keyboard of RedmiBook Pro 15 2022 ( #33465 )
...
Fix two problems of the keyboard of RedmiBook Pro 15 2022.
- Enter key in the main area was mapped to KP_Enter.
- When Fn is locked (to use F1-F12 without pressing Fn),
Right Ctrl was mapped to Menu. Keeping it as Right Ctrl is more useful.
2024-06-25 03:22:37 +09:00
Mike Yuan
c24ac9b97b
core/exec-invoke: clean up OpenFile= logging
...
Make collect_open_file_fds() the only logging function,
and downgrade various usual errors to debug level
if OPENFILE_GRACEFUL is set.
Fixes #33458
2024-06-24 18:31:38 +02:00
Mike Yuan
b9c5d812d5
core/exec-invoke: reopen OpenFile= fds with O_NOCTTY
2024-06-24 18:31:36 +02:00
Lennart Poettering
21ab3f505a
uefi: emphasize a bit that EV_IPL event logs is the past, EV_EVENT_TAG the future
2024-06-24 16:26:43 +02:00
Mike Yuan
c53580bf2e
Merge pull request #33401 from yuwata/journal-revert-source-boottime-timestamp
...
journal: partially revert recent changes
2024-06-24 15:34:16 +02:00
Mike Yuan
28cb2803a2
Merge pull request #33456 from yuwata/terminal-util
...
terminal-util: use colon as separator for specifying color
2024-06-24 15:29:36 +02:00
Robin Lee
6efab8c343
vmspawn: define QEMU_MACHINE_TYPE for loongarch64
...
Use ["virt"](https://www.qemu.org/docs/master/system/loongarch/virt.html ) as a commonly used generic platform on loongarch64.
2024-06-24 12:43:45 +02:00
Yu Watanabe
c8210d98a4
terminal-util: several cleanups for ColorMode
...
- introduce or rename usual enum values _MAX and _INVALID,
- introduce and use string table lookup functions,
- split out implementation of get_color_mode() to _impl(),
- add tests for get_color_mode().
2024-06-24 17:57:07 +09:00
Yu Watanabe
5f0b72e53b
terminal-util: merge COLOR_ON with COLOR_24BIT
...
Currently, we assume that there is no restriction on coloring when
COLOR_24BIT. Let's merge the two values.
Follow-up for a5efbf468c
.
2024-06-24 17:57:07 +09:00
Yu Watanabe
6eabe9f2ff
terminal-util: use colon as separator for specifying color
...
Then, terminal will safely ignore unsupported features, like colored
underline.
Fixes a regression caused by 891abc9cf1
.
Fixes https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074073 .
Fixes #33449 .
2024-06-24 17:57:07 +09:00
Luca Boccassi
59a7019fee
Merge pull request #33452 from bluca/repart_pkg
...
mkosi: install new split-out systemd packages
2024-06-23 13:19:30 +01:00
Luca Boccassi
8a91a43197
mkosi: bump Debian Salsa commit to latest
2024-06-23 10:20:27 +01:00
Luca Boccassi
621a7fe064
mkosi: install new split-out systemd packages
...
repart and cryptsetup tools were moved out of the main package
to reduce dependencies.
2024-06-23 10:18:10 +01:00
Mike Yuan
eb37c0c078
bus-unit-util: add PrivateTmpEx to bus_append_execute_property()
...
Follow-up for 9d50d053f3
2024-06-23 06:43:14 +09:00
Stuart Hayhurst
5e717db67c
hwdb: Fix Logitech G915 TKL (Bluetooth) appearing as a mouse
2024-06-23 06:41:58 +09:00
Diego Viola
a78394a49a
man: fix double is typo in systemd-tmpfiles
...
Signed-off-by: Diego Viola <diego.viola@gmail.com>
2024-06-22 17:06:26 +09:00
Lennart Poettering
18eaff4272
tree-wide: fix type of read() return variable at a couple of places
...
read() returns ssize_t (i.e. 64bit typically). We assigned it to int
variables in some cases (i.e. 32bit typically). Let's not be so sloppy,
and not accidentally drop 32bit on the floor.
(of course, this is not an issue IRL since we'll not have allocations
above 2^32 ever we could read into, but still, let's clean this up)
2024-06-22 17:05:36 +09:00
Lennart Poettering
57b41f15e5
varlink: yet another fix around handling of IDL comments
...
Skip over them when validating a message against the IDL.
Add test case that tests this.
2024-06-22 17:03:17 +09:00
Yu Watanabe
af6e88432f
Merge pull request #33439 from YHNdnzj/private-tmp-followup
...
core: several follow-ups for recent changes to PrivateTmp
2024-06-22 16:34:55 +09:00
Yu Watanabe
5ab6845036
Merge pull request #33408 from poettering/install-change-fix
...
install: some follow-up fixes to #33254
2024-06-22 16:24:47 +09:00
Lennart Poettering
d9a57a550b
update TODO
2024-06-21 17:49:26 +02:00
Lennart Poettering
ec67cc9785
units: register vmspawn VMs started via systemd-vmspawn@.service by default with machined
2024-06-21 17:49:26 +02:00
Lennart Poettering
ecc4287dee
vmspawn: by default, let machined register a cgroup for VMs
...
This mimics what we do in nspawn: if registration is enabled we'll let
machined allocate a scope unit for us. When --keep-unit is used we'll
register without creating a new scope.
This brings behaviour more inline with what nspawn does, exposing the
same sets of options.
2024-06-21 17:49:26 +02:00
Lennart Poettering
e16be05858
nspawn: machine registration is now available unpriv
2024-06-21 17:38:23 +02:00
Lennart Poettering
f98e821cda
machined: support allocating a scope for machines if needed via varlink
...
On dbus we have two apis: one for registering a new machne when the
client already has a cgroup (RegisterMachine()) and one where it doesn't
and machined shall create it (CreateMachine()).
Let's add the same for the varlink api. To simplify things we just
implement it via a boolean flag to the existign RegisterMachine()
varlink call, since the differences are mostly minor otherwise.
2024-06-21 17:38:23 +02:00
Lennart Poettering
38a7666df3
machined: allow unprivileged registration of VMs/containers
...
Now that we have a concept of unprivileged VMs and containers, let's
allow unprivileged clients to register with machined too – subject to
Polkit permissions.
2024-06-21 17:38:23 +02:00
Mike Yuan
9d50d053f3
core: expose PrivateTmp=disconnected
...
As discussed in https://github.com/systemd/systemd/pull/32724#discussion_r1638963071
I don't find the opposite reasoning particularly convincing.
We have ProtectHome=tmpfs and friends, and those can be
pretty much trivially implemented through TemporaryFileSystem=
too. The new logic brings many benefits, and is completely generic,
hence I see no reason not to expose it. We can even get more tests
for the code path if we make it public.
2024-06-21 17:31:44 +02:00
Lennart Poettering
f2b10bebb6
test: add some superficial integration tests
2024-06-21 17:28:16 +02:00
Lennart Poettering
26b455d815
ssh-proxy: add support for connecting to VMs by AF_VSOCK via "machine/…" host specs
...
With this one can type "ssh machine/foobar" to connect to locally
registered machine "foobar" via SSH-over-AF_VSOCK.
2024-06-21 17:28:16 +02:00
Lennart Poettering
1c7642a3b7
machined: add simple varlink API for listing machines
2024-06-21 17:28:16 +02:00
Lennart Poettering
53dca805a2
json: teach json_build() to serialize dual_timestamp structures reasonably
2024-06-21 17:28:16 +02:00
Mike Yuan
d7f24848ba
core/namespace: add assertion for PRIVATE_TMP_CONNECTED
2024-06-21 17:24:08 +02:00
Mike Yuan
335b14ade5
core/exec-invoke: respect needs_sandboxing for PrivateTmp
...
Follow-up for 0e551b04ef
2024-06-21 17:24:08 +02:00
Mike Yuan
5f460ae1c2
core/dbus-util: move dbus setter/getter for PrivateTmp to dbus-execute
...
As with all other properties for ExecContext
2024-06-21 17:23:16 +02:00
Lennart Poettering
bed73f32ac
varlink: yet another fix around handling of IDL comments
...
Skip over them when validating a message against the IDL.
Add test case that tests this.
2024-06-21 17:06:54 +02:00
Mike Yuan
41db82f206
core/dbus-execute: use FOREACH_ARRAY more, drop bus_ prefix for static funcs
2024-06-21 17:04:41 +02:00
Mike Yuan
c3662116b9
man/org.freedesktop.systemd1: Status{Bus,Varlink}Error belongs to Service, not Scope
...
Follow-up for 9c025022d9
Ugh, shouldn't have done this bit when I was sleepy...
2024-06-21 16:47:28 +02:00
Lennart Poettering
64d61d1918
install: shorten code a bit
...
This changes behaviour a bit, since we now keep track of OOM errors in
install_changes_add(). Which I'd argue is a good thing.
2024-06-21 16:27:13 +02:00
Lennart Poettering
422f80d59b
install: collect more install_changes_add() errors
...
We so far collected most unexpected errors from install_changes_add()
and propagated them – but for some invocations we forgot to do that. Add
that, and take care we only propagated unexpected errors (i.e. ENOMEM
and such), but treat expected errors as before.
Follow-up for 5163c9b1e5
2024-06-21 16:25:57 +02:00
Lennart Poettering
50df39f2dc
cryptsetup: minor coding style tweaks
...
Don't cram function calls and assignment into if condition checks. It's
not how we usually do things.
Also, define variables at innermost scope.
2024-06-21 15:57:21 +02:00
Nick Rosbrook
82f57401d9
test: skip test-cgroup-id on ENOSYS from cg_cgroupid_open
...
Most container managers will block open_by_handle_at with seccomp to
mitigate a container escape attack. LXD in particular returns ENOSYS
rather than e.g. EPERM like nspawn. Skip this test if we get ENOSYS
from open_by_handle_at via cg_cgroupid_open.
2024-06-21 15:56:42 +02:00
Yu Watanabe
2c1ada796a
Merge pull request #33424 from poettering/machined-gc-rework
...
machined: clean up GC logic
2024-06-21 08:26:30 +09:00