V254 stable batch #315
Merged
V254 stable batch #315
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Follow-up for #26089 and #28505 Currently, if default-keymap is not empty, there's no way to ask vconsole-setup to retain the kernel keymap. Let's accept a special value "kernel" for that purpose. Addresses the problem mentioned in systemd/systemd#28505 (comment) (cherry picked from commit ef7f5ba)
(cherry picked from commit 7e48f3b)
The command is deprecated, as per NEWS of 254. Let's go one step further and remove it from the help text and man page, so that people are not inspired to use it at this time anymore. This is how we usually have done this before: remove it from visibility, but support it for a while still. (cherry picked from commit 0de0ed6)
This is a follow-up for #28596. I think the suggestion to use Type=exec uses too strong wording: Type=exec has non-trivial drawbacks over Type=simple, and they deserve to be mentioned. Hence drop the <emphasis> and turn this around so that Type=exec is *recommended*, but Type=simple is not expressly discouraged, because there are plenty reasons to use it. Add a brief discussion where Type=simple might be preferable. Also, fix the outright unruth that Type=exec was the "simplest and fastest", because it certainly is a lot, but not that. (cherry picked from commit e5e900e)
…alled on SUSE (cherry picked from commit 372d40f)
…have to write it to disk first Prompted by: #28740 (cherry picked from commit 85ec1b6)
…I_FILE_INFO prefix size The gnu-efi definition of the struct uses [1], our local one [0] to size the filename array. Let's avoid an ambiguity and use offsetof() so that this difference doesn't matter. Also, doing it this way makes very clear to the read what happens here: it's a structure with a variable size suffix. (cherry picked from commit 490b448)
We must go through finish, to undo the destruction of the final elements of the iovw properly. (cherry picked from commit 946dc7c)
…to leave keymap untouched This is a magic string, and we should avoid stepping into the territory of normal keymap names with that, given that users can pick names otherwise freely. Hence, prefix the name with a special char to avoid any namespace issues. Follow-up for: #28660 (cherry picked from commit bf77d59)
On openSUSE with BTRFS, /root has to be mounted as dedicated subvolume to avoid restoring it when a rollback of the system happens. (cherry picked from commit 487ae08)
This change makes sure a data copy using copy_bytes() does not exceed the max_bytes value when using COPY_HOLES and max_bytes stops before the next data section. (cherry picked from commit c2dfcbd)
This makes tmpfiles, sysusers, and udevd invoked in the following order: 1. systemd-tmpfiles-setup-dev-early.service Create device nodes gracefully, that is, create device nodes anyway by ignoring unknown users and groups. 2. systemd-sysusers.service Create users and groups, to make later invocations of tmpfiles and udevd can resolve necessary users and groups. 3. systemd-tmpfiles-setup-dev.service Adjust owners of previously created device nodes. 4. systemd-udevd.service Process all devices. Especially to make block devices active and can be mountable. 5. systemd-tmpfiles-setup.service Setup basic filesystem. Follow-up for b42482a. Fixes #28653. Replaces #28681 and #28732. (cherry picked from commit bb7f485)
Signed-off-by: Rahil Bhimjiani <rahil3108@gmail.com> (cherry picked from commit f5263dd)
We call dir_is_empty() to check if the directory is empty but don't take the result into account when returning from the function. (cherry picked from commit e36c621)
(cherry picked from commit eeee486)
…ociated with the token The logic around checking PKCS11 tokens (used by systemd-cryptenroll) contains a bug. The code is checking the flags field of a pkcs11 token_info structure against a set of flags defined for the pkcs11 slot_info structure. This PR changes the check so that the correct structure's flag field is being checked. (Reference to the PKCS#11 spec:http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/os/pkcs11-base-v2.40-os.html, section CK_SLOT_INFO). (cherry picked from commit 5007942)
…e condition If someone reads /run/host/os-release at the exact same time it is being updated, and it is large enough, they might read a half-written file. This is very unlikely as os-release is typically small and very rarely changes, but it is not impossible. Bind mount a staging directory instead of the file, and symlink the file into into, so that we can do atomic file updates and close this gap. Atomic replacement creates a new inode, so existing bind mounts would continue to see the old file, and only new services would see the new file. The indirection via the directory allows to work around this, as the directory is fixed and never changes so the bind mount is always valid, and its content is shared with all existing services. Fixes systemd/systemd#28794 Follow-up for 3f37a82 (cherry picked from commit 663e275)
exec_child() is supposed to set *exit_status when returning failure. Unfortunately, we didn't do that in two cases. The result would be: - a bogus error message "Failed at step SUCCESS spawning foo: …", - a bogus success exit status. Bugs introduced in 3909020 and ad21e54. The code is reworked to add some asserts and not set exit_status in the caller so that it's clearer (also to the compiler) that it needs to be set. (cherry picked from commit 5fa01ac)
(cherry picked from commit 973d6be)
… we are in confidential vms (cherry picked from commit fab0eeb)
(cherry picked from commit c1b2e1a)
An error reply from polkit is a valid case and should not be propagated as failure of async_polkit_callback(). It should only be saved here. It'll be returned by bus_verify_polkit_async() later, when it's called for the same method again. Follow-up for #26365. (cherry picked from commit 45b1c01)
Fixes #28943 (cherry picked from commit b56ee69)
install_subdir() does not copy symlinks but copies the file they point to. We also get a very ugly warning in the meson install output: """ Warning: trying to copy a symlink that points to a file. This will copy the file, but this will be changed in a future version of Meson to copy the symlink as is. Please update your build definitions so that it will not break when the change happens. """ Let's fix both problems at once by using rsync which does the right thing. Verified by running systemd-dissect --mtree on both the install output before and after and all the symlinks are now correctly preserved. (cherry picked from commit cc2a0d8)
…nse" This reverts commit 1483892. As the commit says, it does not solve the race. Moreover, it introduces an regression #28410. Also, checking by `path_is_mount_point()` may trigger automount. From statx(2), > AT_NO_AUTOMOUNT > Don't automount the terminal ("basename") component of pathname > if it is a directory that is an automount point. Similar statements can be found in fstatat(2), which is used in the fallback call for statx() in glibc, and name_to_handle_at(2), which is used as the fallback when statx() failed. So, `path_is_mount_point()` may _do_ trigger automount for parent paths. That should be avoided especially on shutdown. The original issue #25527 that is 'fixed' by the commit is not serious, and should be fixed by making umount command handle path gracefully: util-linux/util-linux#2132 Fixes #28410. (cherry picked from commit e323d2e)
Setting USEC_INFINITY to timer event source should not cause any problem. But, disabling timer event source should be preferable. [zjs: simplify the call to sd_event_source_set_enabled()] (cherry picked from commit 57d2b6a)
session_leave_vt may be called after the VT device was hung up, which will cause vt_release to fail with -EIO. This is known to cause an issue with GNOME 44 on Fedora where gdm-session-worker sometimes freezes when trying to switch to VT 1 after a `loginctl terminate-user` operation. Fix this by reopening the VT in session_leave_vt if we get an -EIO. (cherry picked from commit 99d4ad7)
Inspired by systemd/systemd#28997. Noticed by Alvin Alvarado <alvin@striczkof.io>. (cherry picked from commit 594e27b)
The type of a file descriptor is `int`, not `pid_t`. This should not have any effects on API consumers as `pid_t` is already typedef'd as `int` on all glibc-based systems. (cherry picked from commit 904b8bb)
If there are no "ManagedOOMSwap" entries to monitor, then the event source can be completely disabled. This scenario appears to be common and avoiding the wake-ups can save idle energy consumption. This was discovered while using Sysprof for various GNOME 45 performance tuning. systemd-oomd goes from waking up a few times a second to no wake-ups helping keep a laptop in deep(er) sleep. Signed-off-by: Christian Hergert <chergert@redhat.com> (cherry picked from commit b63beb4)
…behavior guarantee With the old boot ID update behavior there's no way to compare the boot ID of a new entry to be written with the boot ID of the last entry in the journal in a performant manner, and therefore no way to determine if monotonic clock value consistency checking is needed. Refuse to open journal files without the new boot ID update behavior guarantee to simplify consistency checking. (cherry picked from commit 2f766ac)
The monotonic clock value consistency should only be checked if the boot ID is the same as the last journal entry, and requiring that the current boot ID be the same as the boot ID of the last entry is not necessary for ensuring deterministic bisection as we already enforce strict ordering of the real time clock value in a single journal file. This fixes an issue where a new journal file is unnecessarily created every boot, potentially wasting storage space. (cherry picked from commit addcecf)
|
"userdbd: Order systemd-userdbd.service after systemd-remount-fs.service" has an open revert PR so I'd drop it for now, until that is resolved systemd/systemd#29074 |
(cherry picked from commit 05ebcbd)
Resolves: #29048 (cherry picked from commit 97e2785)
When icmp6_receive() fails, then the source address is not initialized yet. (cherry picked from commit 4674f40)
- Rename the argument for storing the sender address, - allow to call it with NULL for ret_xyz, - reduce needless copy of timestamp when the message does not have timestamp. (cherry picked from commit 5121163)
Fixes #29050. (cherry picked from commit 4961f56)
…seats When the user tries to attach a device lacking ID_FOR_SEAT they currently get a very cryptic error message. Let's improve the situation a bit. Still a bit cryptic maybe, but much less so. Inspired-by: https://lists.freedesktop.org/archives/systemd-devel/2023-September/049469.html Inspired-by: https://lists.freedesktop.org/archives/systemd-devel/2023-September/049484.html Also-see: https://lists.freedesktop.org/archives/systemd-devel/2023-September/049470.html Also-see: https://lists.freedesktop.org/archives/systemd-devel/2023-September/049489.html (cherry picked from commit 08237f0)
f2fs is actively maintained upstream, and popular in certain device categories (phones, embedded), so allow-list by default. Fixes systemd/systemd#29026 (cherry picked from commit ee6cf8e)
(cherry picked from commit bd6c95c)
For a userns root user to be able to access the credentials, both the uid and gid of the credentials directory have to be mapped into the userns. Currently, the credentials directory group is root, which we obviously do not want to map in to a userns, so let's make sure that the credentials directory and files are owned by the service group instead, which can generally be safely mapped into the userns. Since we use permissions mode 0600, this shouldn't cause any change in who is able to access the credentials. Fixes #28747 (cherry picked from commit 3a78b0e)
Otherwise, we get redefinition errors if <net/if.h> is included later on by another header. (cherry picked from commit 2af02e6)
Currently, we mount via file descriptors using /proc/self/fd. This works, but it means that in /proc/mounts and various other files, the source of the mount will be listed as /proc/self/fd/xxx. For other software that parses these files, /proc/self/fd/xxx doesn't mean anything, or worse, it means the completely wrong thing, as it will refer to one of their own file descriptors instead. Let's improve the situation by using /proc/pid/fd instead. This allows processes parsing /proc/mounts to do the right thing more often than not. One scenario where even this doesn't work if when containers are involved, as with the pid namespace unshared, even /proc/pid/fd will mean the wrong thing, but it's no worse than /proc/self/fd which will always means the wrong thing. This also doesn't work if we mount via file descriptor and then exit, as the pid will be gone, but it does work as long as the process that did the mount is alive, which makes it useful for systemd-dissect --with for example if the program we run in the image wants to parse /proc/mounts. (cherry picked from commit 4419735)
When running on non-native userland architecture via systemd-nspawn and qemu-user-static QEMU-emulator, clone() with CLONE_NEWNS fails with EINVAL. Fixes #28901. [zjs: add a comment in the code] (cherry picked from commit 4680187)
keszybz
force-pushed
the
v254-stable-batch
branch
from
d4681ee
to
0e25a21
Compare
Thanks. |
|
Can you also cherry-pick 16173ab please? So that the mkosi arch CI job will work |
No need to disable arch completely, let's just disable keyring checking to get CI working again for now. (cherry picked from commit 16173ab)
|
CentOS CI should be fixed tomorrow, let's wait so that we can get sanitizers coverage |
|
I don't think we need to wait. Half of the patches are docs or tests or units, i.e. stuff which doesn't need coverage. There is only a handful of patches which do so calculations in C, but those either have some unit tests or are simple code. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.