v254 batch #337
Merged
v254 batch #337
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
I think that those functions should be adjusted, but let's first add a test to establish current behaviour. (cherry picked from commit bf9a49a)
"/dev" or "/dev/" is the mount point, not a device path. In particular, 'systemctl status /dev' clearly does not refer to a device, so let's tweak the code a bit to say that those are not device paths. (Treating "/../dev" same as "/dev" would be also be reasonable, but that requires chase(), which requires disk access, which we don't want to do from this lightweight function.) (cherry picked from commit 8f1998b)
Both styles were mixed in the file, but I find the latter much nicer, because it's not the func that is the pointer, but the return type. (cherry picked from commit 00d811a)
bluca
force-pushed
the
v254-stable
branch
3 times, most recently
from
f033d96
to
0ee972f
Compare
keszybz
requested changes
Nov 9, 2023
There was a problem hiding this comment.
As usual, I think that some of the patches should not be included. Early on there's a bunch of cleanup patches, which while not harmful, might not be necessary. But later on there are some more risky ones.
udevadm-control: parse all args in advance
udevadm-control: return early if --exit is used
Those are risky optimization commits. Why are they being backported?
Edit: e.g.
basic/path-util: change 'char func' to 'char func'
42f8f1e
basic: indent prototypes of two functions with many arguments
9c72aed
delta: inline iterator variable
35223fd
core/dbus-path: use structured initialization in one more place
Considering the author, I'm convinced that they are all correct, but do we really need to include them?
| @@ -216,6 +228,21 @@ _SD_BEGIN_DECLARATIONS; | |||
| # define SD_GPT_USR_NATIVE_VERITY SD_GPT_USR_LOONGARCH64_VERITY | |||
| # define SD_GPT_USR_NATIVE_VERITY_SIG SD_GPT_USR_LOONGARCH64_VERITY_SIG | |||
|
|
|||
| #elif defined(__mips__) && !defined(__mips64) && __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__ | |||
There was a problem hiding this comment.
This seems iffy. You don't expect to get a new architecture supported in a bugfix release. And this a relatively fresh commit. We have been known to make typos, so it'd be better if this baked a while in upstream.
There was a problem hiding this comment.
because it's not really a new architecture, it was just missing from the list
| # Bump the numeric PID range to its maximum of 2^22 (from the in-kernel default | ||
| # of 2^16), to make PID collisions less likely. | ||
| # Bump the numeric PID range to make PID collisions less likely. | ||
| # 2^22 and 2^15 is possible maximum of 64bit and 32bit kernels respectively. |
There was a problem hiding this comment.
Not that it matters, but I don't think we need to fix comments.
There was a problem hiding this comment.
This is shipped to users, and it clarifies what it does, given it can't do any damage I prefer to have it
(cherry picked from commit 1fa2ebb)
I was missing an example of how to use cryptenroll. We have that, but in another page. Instead of repeating, let's just direct the user to the right place. Also, reformat synopsis to the "official" non-nested syntax. (cherry picked from commit 38e3c61)
(cherry picked from commit 5f5f1ba)
Follow-up for d120ce4 [email protected] is used as a synchronization point between the mount unit and corresponding [email protected]. After the mentioned commit, it doesn't get a stop job enqueued during shutdown, and thus the stop job for [email protected] could be run before the mount unit is stopped. Therefore, let's make [email protected] conflict with umount.target, which is also what [email protected] does. Fixes #29336 (cherry picked from commit 99f360a)
(cherry picked from commit c36c81e)
(cherry picked from commit 6ea32f6)
Preparation for systemd#311 (cherry picked from commit 002db03)
(cherry picked from commit 0b675f9)
… units Closes systemd#311 (cherry picked from commit d708bb7)
(cherry picked from commit a730a8f)
(cherry picked from commit 4ed9e26)
For us, this is a compatibility mode, but most likely it is there to stay: the kernel Makefile's install target expects to be able to call /bin/installkernel. We want people who build their own kernels to use this, so that they use kernel-install and get support for all the functionality provided by it, including building of UKIs and other new features. So let's actually advertise that this exists and works. (cherry picked from commit eb25844)
kernel-install uses do_execute(). We would log whenever a spawned child finished, but we would not log anything when the child is launched. When the children log output without a prefix (as the kernel-install plugins do), it is hard to see where that output is coming from. (cherry picked from commit 9ec4f7c)
There's no way for us to wait for specific virtiofs tags to appear, so we have to try and make sure that the tags are all available by the time we try to mount any virtiofs tag. Let's try to do that by loading the necessary modules as early as we can. (cherry picked from commit 67c92f3)
…nored
Before this fix, when recursive-errors was set to 'no' during a systemd-analyze
verification, the parent slice was checked regardless. The 'no' setting means that,
only the specified unit should be looked at and verified and errors in the slices should be
ignored. This commit fixes that issue.
Example:
Say we have a sample.service file:
[Unit]
Description=Sample Service
[Service]
ExecStart=/bin/echo "a"
Slice=support.slice
Before Change:
systemd-analyze verify --recursive-errors=no maanya/sample.service
Assertion 'u' failed at src/core/unit.c:153, function unit_has_name(). Aborting.
Aborted (core dumped)
After Change:
systemd-analyze verify --recursive-errors=no maanya/sample.service
{No errors}
(cherry picked from commit f660c7f)
Let's ake sure we check confexts against the confext api level, and sysext against the sysext api level. Previously the test would simply be skipped for confexts... (cherry picked from commit 81df5cd)
Since the soft-reboot drops the enqueued end.service, we won't shutdown the test VM if the test fails and have to wait for the watchdog to kill us (which may take quite a long time). Let's just forcibly kill the machine instead to save CI resources. (cherry picked from commit 47f6bac)
Debugging mount unit failures caused by systemd not being able to create the mount point is currently rather hard. Let's log about failures to create mount points to simplify debugging. (cherry picked from commit ce427d0)
'[[ not found' (cherry picked from commit c7986bc)
Fixes #29357 and oss-fuzz#62756 (https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62756). (cherry picked from commit 7233c67)
The second half of `chown_recursive` works only if the kernel has ACL support. (cherry picked from commit ec757e9)
…etdevice support (cherry picked from commit 8a87a16)
All the following commands would just fail with -ENOANO anyway, hence there's no point in sending them. And it allows us to shave off some error handling code. (cherry picked from commit 3bce9d5)
The pkcs11 uri is no set if the smart card is not inserted while using `pkcs11-uri=auto` with libcryptsetup plugins. ``` > systemd-cryptsetup attach cr_data /dev/sda1 - pkcs11-uri=auto Set cipher aes, mode xts-plain64, key size 512 bits for device /dev/sda1. Security token (null) not present for unlocking volume Linux filesystem (cr_data), please plug it in. ``` (cherry picked from commit 38cce23)
We may trigger huge number of devices and will receive many events. Let's extend the buffer size, otherwise the buffer may be filled. Fixes #29863. (cherry picked from commit 4e601b7)
(cherry picked from commit 7dafeb6)
…monitor_new() As suggested at systemd/systemd#29872 (comment): > socket memory is these days accounted to the process that owns a socket, > hence we shouldn't be too concerned that this might waste memory. (cherry picked from commit eba449f)
…9837) Previously only the first entered passphrase would be used. Add the ability to check all the passwords entered by the user. The total number of passwords entered is still limited by passphrase entry limit. (cherry picked from commit b55ca26)
If we're waiting for the debugger process to exit and receive SIGTERM, propagate it to all processes in our process group, including the debugger, so we can follow it up with a proper cleanup. Resolves: #28772 (cherry picked from commit b260346)
On a system with a shared home directory, I'm getting a bunch of warnings: systemd-xdg-autostart-generator[76]: Exec binary '/usr/bin/flatpak' does not exist: No such file or directory systemd-xdg-autostart-generator[76]: /home/zbyszek/.config/autostart/org.signal.Signal.desktop: not generating unit, error parsing Exec= line: No such file or directory systemd-xdg-autostart-generator[76]: Exec binary '/usr/bin/flatpak' does not exist: No such file or directory systemd-xdg-autostart-generator[76]: /home/zbyszek/.config/autostart/im.riot.Riot.desktop: not generating unit, error parsing Exec= line: No such file or directory systemd-xdg-autostart-generator[76]: Exec binary '/usr/libexec/gnome-tweak-tool-lid-inhibitor' does not exist: No such file or directory systemd-xdg-autostart-generator[76]: /home/zbyszek/.config/autostart/ignore-lid-switch-tweak.desktop: not generating unit, error parsing Exec= line: No such file or directory systemd-xdg-autostart-generator[76]: Exec binary '/usr/bin/flatpak' does not exist: No such file or directory systemd-xdg-autostart-generator[76]: /home/zbyszek/.config/autostart/org.telegram.desktop.desktop: not generating unit, error parsing Exec= line: No such file or directory This isn't really a problem. Let's just print an info message. (cherry picked from commit ed73914)
Fixes: #29917 (cherry picked from commit 2e290d5)
This completes/corrects the documentation for the following fields:
COREDUMP_CGROUP= - doc where wrong, actually covered COREDUMP_PROC_CGROUP=
COREDUMP_CMDLINE= → undocumented so far
COREDUMP_PROC_CGROUP= → docs where there but incorrectly assigned to COREDUMP_CGROUP=
COREDUMP_PROC_AUXV= → undocumented so far
COREDUMP_SESSION= → undocumented so far
Fixes: #29832
(cherry picked from commit a9d54de)
…sting inodes I think it was clear already, but let's be even clearer. Fixes: #29774 (cherry picked from commit 3cb938b)
…better Fixes: #29759 (cherry picked from commit 7480859)
Fixes: #29743 (cherry picked from commit 2441018)
…ing= settings if they share socket units between multiple service units Fixes: #29600 (cherry picked from commit 2856219)
Fixes: #28982 (cherry picked from commit d33121d)
Currently test_setpriority_closest assumes that setting RLIMIT_NICE to 30 will fail if the process is unprivileged. If it succeeds, it assumes that the process is privileged and setresuid and setresgid will succeed. However, if RLIMIT_NICE is already >= 30, then setrlimit will succeed even if the process is unprivileged. Guard against that by checking for permission errors in setresuid and setresgid and skipping the full test if so. Fixes #22896. (cherry picked from commit 9217255)
Fixes: #29381 (cherry picked from commit a8b53f4)
(cherry picked from commit 5ce851a)
…ryption data was passed as a null pointer when an address was expected. As a result, the assert was always tripped. (cherry picked from commit f64b9a1)
… equivalent Several udev rules depends on the previous behavior, i.e. that udev replaces the devlink with the newer device node when the priority is equivalent. Let's relax the optimization done by 331aa7a. Follow-up for 331aa7a. Note, the offending commit drops O(N) of file reads per uevent, and this commit does not change the computational order. So, hopefully the performance impact of this change is small enough. Fixes #28141. (cherry picked from commit 7ec5ce5)
…timization This reverts the following two commits: - "udev: decrease devlink priority for encrypted partitions" c4521fc. - "udev: decrease devlink priority for iso disks" df1dccd. These commits are workarounds for issues caused by 331aa7a. With the previous commit, these workarounds are not necessary anymore, as partitions are always processed later than their whole disk, and a decrypted volume is also processed later than its backing volume. (cherry picked from commit 4ef83d9)
git restore -s origin/main hwdb.d/ test/hwdb.d test/hwdb-test.sh
rawhide moved to 255, so stick with F39 which uses 254
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.