system/systemd
system/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd synced 2024-07-22 10:44:58 +00:00
Code Issues Actions 5 Packages Projects Releases Wiki Activity
51975 commits 5 branches 385 tags 510 MiB
C 88.8%
Python 5.4%
Shell 4.4%
Meson 1.2%
Go to file
Zbigniew Jędrzejewski-Szmek 9a797ddc41 meson: allow "soft-static" allocations for uids and gids in the initrd 
The general idea with users and groups created through sysusers is that an
appropriate number is picked when the allocation is made. The number that is
selected will be different on each system based on the order of creation of
users, installed packages, etc. Since system users and groups are not shared
between installations, this generally is not an issue. But it becomes a problem
for initrd: some file systems are shared between the initrd and the host (/run
and /dev are probably the only ones that matter). If the allocations are
different in the host and the initrd, and files survive switch-root, they will
have wrong ownership.

This makes the gids build-time-configurable for all groups and users where
state may survive the switch from initrd to the host.

In particular, all "hardware access" groups are like this: files in /dev will
be owned by them.  Eventually the new udev would change ownership, but there
would be a momemnt where the files were owned by the wrong group. The
allocations are "soft-static" in the language of Fedora packaging guidelines:
the uid/gid will be used if possible, but we'll fall back to a different
one. TTY_GID is the exception, because the number is used directly.

Similarly, the possibility to configure "soft-static" uids is added for daemons
which may usefully run in the initramfs: systemd-network (lease information and
interface state is serialized to /run), systemd-resolve (stub files and
interface state), systemd-timesync (/run/systemd/timesync).

Journal files are owned by the group systemd-journal, and acls are granted
for wheel and adm.

systemd-oom and systemd-coredump are excluded from this patch: I assume that
oomd is not useful in the initrd, and coredump leaves no state (it only creates
a pipe in /run?).

The defaults are not changed: if nothing is configured, dynamic allocation will
be used. I looked at a Debian system, and the numbers are all different than
on Fedora.

For Fedora, see the list of uids and gids at https://pagure.io/setup/blob/master/f/uidgid.
In particular, systemd-network and systemd-resolve got soft-static numbers to
make it easy to transition from a non-host-specific initrd to a host system
already a few years back (https://bugzilla.redhat.com/show_bug.cgi?id=1102002).

I also requested static allocations for sgx, input, render in
https://pagure.io/packaging-committee/issue/1078,
https://pagure.io/setup/pull-request/27.
2021-06-17 09:48:28 +02:00
.github Merge pull request #19669 from mrc0mmand/ci-mkosi-arch 2021-05-20 10:14:30 +01:00
.lgtm/cpp-queries lgtm: complain about accept() [people should use accept4() instead, due to O_CLOEXEC] 2019-04-10 20:03:38 +02:00
.mkosi mkosi: stop pulling in vi 2021-05-19 10:55:03 +02:00
.semaphore ci: drop py2 lxml, pull in jinja2 2021-05-19 10:25:26 +09:00
catalog meson: revert the change to unquote commands in add_install_script 2021-05-14 19:52:25 +02:00
coccinelle coccinelle: filter out a couple of 'false-positive' transformations 2021-03-18 11:59:53 +01:00
docs doc: Add RISC-V to FAQ 2021-06-13 18:20:09 +09:00
factory/etc pam: fix typo try_authtok → use_authtok 2021-05-12 12:14:17 +02:00
hwdb.d hwbd: run "ninja -C build update-hwdb" again 2021-06-15 21:59:44 +02:00
man man: fix RFC number and its title 2021-06-16 10:32:28 +09:00
mkosi.default.d mkosi: Enable InstallDirectory and SourceFileTransferFinal options 2021-01-06 23:28:34 +00:00
modprobe.d Add READMEs in all .d directories 2021-03-26 09:35:07 +01:00
network meson: revert the change to unquote commands in add_install_script 2021-05-14 19:52:25 +02:00
po po: Translated using Weblate (Spanish) 2021-06-08 11:28:46 +01:00
presets license: LGPL-2.1+ -> LGPL-2.1-or-later 2020-11-09 13:23:58 +09:00
rules.d rules.d: Properly quote $env{MODALIAS} 2021-05-24 18:40:01 +01:00
shell-completion Clarify help information for --global 2021-06-10 07:23:05 +02:00
src Merge pull request #19948 from keszybz/set-driver-refactoring 2021-06-16 13:48:18 +01:00
sysctl.d meson: use jinja2 in sysctl.d/ 2021-05-19 10:24:43 +09:00
sysusers.d meson: allow "soft-static" allocations for uids and gids in the initrd 2021-06-17 09:48:28 +02:00
test test: add a testcase for issue #19895 2021-06-15 23:18:06 +01:00
tmpfiles.d meson: add workaround for old meson 2021-05-19 10:25:26 +09:00
tools tools/analyze-dump-sort: a helper to compare two 'systemd-analyze dump' outputs 2021-06-04 12:09:58 +02:00
units unit: use alias name of man page 2021-06-15 12:14:26 +01:00
xorg scripts: use 4 space indentation 2019-04-12 08:30:31 +02:00
.clang-format clang-format: set SpaceBeforeParens to ControlStatementsExceptForEachMacros 2020-11-16 16:57:51 +09:00
.ctags editors: Prevent ctags from following symlinks 2019-02-15 11:01:20 -08:00
.dir-locals.el scripts: use 4 space indentation 2019-04-12 08:30:31 +02:00
.editorconfig editorconfig: add man configuration 2020-05-26 15:37:05 +02:00
.gitattributes udev: Extract RAM properties from DMI information 2020-12-16 18:32:29 +01:00
.gitignore Move shared mkosi settings to a single file in mkosi.default.d/ 2021-01-06 12:10:58 +00:00
.lgtm.yml ci: drop py2 lxml, pull in jinja2 2021-05-19 10:25:26 +09:00
.mailmap mailmap: two more names 2021-03-30 13:17:58 +02:00
.packit.yml packit: drop the 'sources' file after cloning the Fedora repo 2021-04-12 18:10:04 +02:00
.vimrc scripts: use 4 space indentation 2019-04-12 08:30:31 +02:00
.ycm_extra_conf.py ycm: add doc string for all the functions in configuration file 2017-11-29 13:21:49 -07:00
configure tree-wide: add spdx header on all scripts and helpers 2021-01-28 09:55:35 +01:00
LICENSE.GPL2 relicense to LGPLv2.1 (with exceptions) 2012-04-12 00:24:39 +02:00
LICENSE.LGPL2.1 licence: remove references to old FSF address 2012-12-17 11:41:31 +01:00
Makefile tree-wide: add spdx header on all scripts and helpers 2021-01-28 09:55:35 +01:00
meson.build meson: allow "soft-static" allocations for uids and gids in the initrd 2021-06-17 09:48:28 +02:00
meson_options.txt meson: allow "soft-static" allocations for uids and gids in the initrd 2021-06-17 09:48:28 +02:00
mkosi.build mkosi: work-around to make systemd build in Fedora images that lack populated /etc 2021-04-07 17:45:28 +02:00
NEWS Merge pull request #19943 from poettering/v249rc1-rep 2021-06-16 00:02:31 +02:00
README README: drop reference to Kinvolk 2021-05-26 09:34:14 +02:00
README.md docs: add ARCHITECTURE.md with code map 2021-06-03 22:14:19 +02:00
TODO update TODO 2021-06-15 20:58:56 +02:00

README.md

Systemd

System and Service Manager

Count of open issues over time Count of open pull requests over time Semaphore CI 2.0 Build Status
Coverity Scan Status
OSS-Fuzz Status
CIFuzz
CII Best Practices
Language Grade: C/C++
CentOS CI - CentOS 7
CentOS CI - Arch
CentOS CI - Arch (sanitizers)
Fossies codespell report
Packaging status

Details

Most documentation is available on systemd's web site.

Assorted, older, general information about systemd can be found in the systemd Wiki.

Information about build requirements is provided in the README file.

Consult our NEWS file for information about what's new in the most recent systemd versions.

Please see the Code Map for information about this repository's layout and content.

Please see the Hacking guide for information on how to hack on systemd and test your modifications.

Please see our Contribution Guidelines for more information about filing GitHub Issues and posting GitHub Pull Requests.

When preparing patches for systemd, please follow our Coding Style Guidelines.

If you are looking for support, please contact our mailing list or join our IRC channel.

Stable branches with backported patches are available in the stable repo.