| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\
| |
| | |
firstboot: Add --reset option
|
| | |
| |
| |
| |
| |
| | |
This can be used to prepare an image for firstboot by removing all
files that systemd knows about that contain machine specific
information.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Let's always operate on paths without resolving the final component.
If the path is a symlink, it could point to a vendor default in /usr,
in which case we definitely do not want to modify the vendor defaults.
To avoid this from happening, we replace the symlink with our own file
instead of modifying the file the symlink points at.
|
| |/ |
|
| |
|
|
| |
This reverts commit 8c81a618103cafc715e0a1a521e9f1bd34e3e207.
|
| |
|
|
|
|
|
|
| |
Otherwise, directory with zero access mode cannot be removed.
This is a revised version of 808c8b25eece33c503430151641f5f77676af38c,
- dropped O_NOFOLLOW from fd_reopen()
- fixed error handling on opening path in rm_rf().
|
| |
|
|
|
|
|
|
|
|
| |
Follow-up for #26902 and #26971
Let's always calculate the next restart interval
since that's more useful.
For that, we add 1 to s->n_restarts unconditionally,
and change RestartUSecCurrent property to RestartUSecNext.
|
| |\
| |
| | |
test: a couple of coverage-related test tweaks
|
| | |
| |
| |
| |
| | |
I noticed missing coverage in the reports and turns out this has been
broken since forever (i.e. 2016 - 9f7672b3bc), whoopsie.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
gcov provides wrappers for the exec*() calls but there's none for execveat(),
which means we lose all coverage prior to the call. To mitigate this, let's
add a simple execveat() wrapper in gcov's style[0], which dumps and resets
the coverage data when needed.
This applies only when we're built with -Dfexecve=true.
[0] https://gcc.gnu.org/git/?p=gcc.git;a=blob;f=libgcc/libgcov-interface.c;h=b2ee930864183b78c8826255183ca86e15e21ded;hb=HEAD
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
get_file_version() would return:
- various negative errors if the file could not be accessed or if it was not a
regular file
- 0/NULL if the file was too small
- -ESRCH or -EINVAL if the file did not contain the marker
- -ENOMEM or permissions errors
- 1 if the marker was found
bootctl status iterates over /EFI/{systemd,BOOT}/*.efi and checks if the files
contain a systemd-boot version tag. Resource or permission errors should be
fatal, but lack of version information should be silently ignored.
OTOH, when updating or installing bootloader files, the version is expected
to be present.
get_file_version() is changed to return -ESRCH if the version is unavailable,
and other errnos for permission or resource errors.
The logging is reworked to always display an error if encountered, but also
to log the status at debug level what the result of the version inquiry is.
This makes it figure out what is going on:
/efi/EFI/systemd/systemd-bootx64.efi: EFI binary LoaderInfo marker: "systemd-boot 253-6.fc38"
/efi/EFI/BOOT/BOOTfbx64.efi: EFI binary has no LoaderInfo marker.
/efi/EFI/BOOT/BOOTIA32.EFI: EFI binary has no LoaderInfo marker.
/efi/EFI/BOOT/BOOTX64.EFI: EFI binary LoaderInfo marker: "systemd-boot 253-6.fc38"
Replaces #27034.
Fixes https://github.com/NixOS/nixpkgs/issues/223579.
|
| | |
| |
| |
| | |
This reverts commit 808c8b25eece33c503430151641f5f77676af38c.
|
| | |
| |
| |
| | |
This reverts commit 0278b1c80101cc0d857c1becd0c3a51b2eb14a44.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We have three states:
- ENABLE_COREDUMP and systemd-coredump is installed,
- ENABLE_COREDUMP but systemd-coredump is not installed,
- !ENABLE_COREDUMP.
In the last case we would not do any coredumping-related setup in pid1, which
means that coredumps would go to to the working directory of the process, but
actually limits are set to 0. This is inherited by children of pid1.
As discussed extensively in https://github.com/systemd/systemd/pull/26607, this
default is bad: dumps are written to arbitrary directories and not cleaned up.
Nevertheless, the kernel cannot really fix it. It doesn't know where to write,
and it doesn't know when that place would become available. It is only the
userspace that can tell this to the kernel. So the only sensible change in the
kernel would be to default to '|/bin/false', i.e. do what we do now.
In the middle case, we disabled writing of coredumps via a pattern, but raise
the RLIMIT_CORE. We need to raise the limit because we can't raise it later
after processes have been forked off. This means we behave correctly, but allow
coredumping to be enabled at a later point without a reboot.
This patch makes the last case behave like the middle case. This means that
even if systemd is compiled with systemd-coredump, it still does the usual
setup. If users want to restore the kernel default, they need to provide two
drop-in files:
for sysctl.d, with 'kernel.core_pattern=core'
for systemd.conf, with 'DefaultLimitCORE=0'.
The general idea is that pid1 does the safe thing. A distro may want to use
something different than the systemd-coredump machinery, and then that would
could packaged together with the drop-ins to change the configuration.
Alternative-for: #26607
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
After this commit[1], LoongArch now uses these Multiarch specs:
- Double float: loongarch64-linux-gnu
- Single float: loongarch64-linux-gnuf32
- Soft float: loongarch64-linux-gnusf
You can visit here[2] to view the full documentation.
[1]: https://github.com/loongson/LoongArch-Documentation/commit/55dbaadaaa90b5f5d08a74d96b866af42c8c3c82
[2]: https://loongson.github.io/LoongArch-Documentation/LoongArch-toolchain-conventions-EN.html
|
| |\ \
| | |
| | | |
rm-rf: also chmod directory if cannot be opened
|
| | | | |
|
| | | |
| | |
| | |
| | | |
Otherwise, directory with zero access mode cannot be removed.
|
| | | |
| | |
| | |
| | | |
No functional change hopefully, just for safety.
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Similar to what we do for directories, just before we remove a file,
let's try to take a BSD lock on it. If that fails, skip removing the
file.
|
| |\ \ \
| | | |
| | | | |
Chase fixes
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
xopenat() now calls fd_reopen() if an empty path is specified, so
let's make use of that to simplify the chase open helpers.
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
We definitely want to follow symlinks when calling fd_reopen() so
let's strip O_NOFOLLOW when we call it from xopenat().
|
| | | | | |
|
| | | | | |
|
| |\ \ \ \
| | | | |
| | | | | |
chase: gracefully drop CHASE_AT_RESOLVE_IN_ROOT when AT_FDCWD is specified
|
| | | | | | |
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
If we get AT_FDCWD or root dir fd, we always resolve symlinks relative to the host's root.
Hence, the flag is meaningless.
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
add ability to show contents of service fdstore + teach systemd-notify passing fds into the fdstore
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
This exposes the fd passing we support via sd_pid_notify_with_fds() also
via the command line tool systemd-notify.
|
| | | | | | | |
|
| | | | | | | |
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Let's use more _cleanup_ expressions. Various other modernizations. No
actual code changes, except for maybe a conversion to use heap memory
when generating an array of fds, instead of stack as before. Given that
fdstores are typically user controlled, that should be a wise idea.
|
| | | | | | | |
|
| | | | | | | |
|
| | | | | | | |
|
| | | | | | | |
|
| | | | | | | |
|
| | | | | | | |
|
| | | |_|_|/
| |/| | |
| | | | |
| | | | | |
as string
|
| | |_|/ /
|/| | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
- allow to run without $PROJECT_BUILD_ROOT,
- drop unnecessary export for bootctl,
- enable -x option to show commands,
- use 'test ! -e' to check the nonexistence of files,
- show more debugging logs.
|
| |\ \ \ \
| | | | |
| | | | | |
chase: trivial cleanups
|
| | | | | | |
|
| | | | | | |
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
The immediately preceeding service_close_socket_fd() call does that
internally anyway. No need to do this again right after.
|
| |\ \ \ \ \
| |_|_|/ /
|/| | | | |
fd-util: make fd_get_path() support AT_FDCWD
|
| | | | | | |
|
| | |/ / / |
|
| | | | | |
|
