| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\
| |
| | |
mkosi: Drop build script workarounds
|
| | |
| |
| |
| |
| |
| | |
Let's move stuff that only applies to the final image to the
postinst script. Let's also move out some of the static files to
mkosi.extra/ instead of hardcoding them in scripts.
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We already have this nice code in system that determines the block
device backing the root file system, but it's only used internally in
systemd-gpt-generator. Let's make this more accessible and expose it
directly in bootctl.
It doesn't fit immediately into the topic of bootctl, but I think it's
close enough and behaves very similar to the existing "bootctl
--print-boot-path" and "--print-esp-path" tools.
If --print-root-device (or -R) is specified once, will show the block device
backing the root fs, and if specified twice (probably easier: -RR) it
will show the whole block device that block device belongs to in case it
is a partition block device.
Suggested use:
# cfdisk `bootctl -RR`
To get access to the partition table, behind the OS install, for
whatever it might be.
|
| |\
| |
| | |
A couple of test tweaks for recent CI fails
|
| | |
| |
| |
| |
| |
| | |
gcov is incompatible with DynamicUser=true without additional tweaks, so
let's ignore its complaints in this test, as working around it is not
worth it (in this case).
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Otherwise we might get unexpected test fails due to SIGPIPE:
```
[ 14.334917] testsuite-74.sh[565]: + grep -q '^root:.*:0:0:.*:/bin/fooshell$' test-root/etc/passwd
[ 14.335670] testsuite-74.sh[681]: + systemd-firstboot --root=test-root --prompt-root-shell
[ 14.336382] testsuite-74.sh[680]: + echo -ne '\n/bin/barshell\n'
[ 14.336980] testsuite-74.sh[680]: .//usr/lib/systemd/tests/testdata/units/testsuite-74.firstboot.sh: line 166: echo: write error: Broken pipe
```
|
| |\ \
| |/
|/| |
repart: Add ExcludeFiles= option
|
| | | |
|
| | |
| |
| |
| | |
(as side-effect this also tests the new systemd-notify --exec switch)
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The current unanchored grep sometimes matches MESSAGE=/_CMDLINE= fields
that contain "__SEQNUM=" instead of just the __SEQNUM= field, causing
spurious test fails:
[ 721.546372] testsuite-04.sh[1013]: ++ cut -d= -f2
[ 721.555858] testsuite-04.sh[1011]: ++ journalctl -o export -n 1
[ 721.573037] testsuite-04.sh[1012]: ++ grep -a __SEQNUM=
[ 721.767294] testsuite-04.sh[562]: + SEQNUM1='495773
[ 721.769671] testsuite-04.sh[562]: ++ grep -a __SEQNUM
[ 721.771323] testsuite-04.sh[562]: grep -a __SEQNUM'
[ 721.772938] testsuite-04.sh[562]: + systemd-cat echo yo
[ 721.921413] testsuite-04.sh[562]: + journalctl --sync
[ 722.088945] testsuite-04.sh[1018]: ++ journalctl -o export -n 1
[ 722.104040] testsuite-04.sh[1019]: ++ grep -a __SEQNUM=
[ 722.117239] testsuite-04.sh[1020]: ++ cut -d= -f2
[ 722.314936] testsuite-04.sh[562]: + SEQNUM2=495786
[ 722.317906] testsuite-04.sh[562]: + test 495786 -gt '495773
[ 722.319737] testsuite-04.sh[562]: ++ grep -a __SEQNUM
[ 722.321609] testsuite-04.sh[562]: grep -a __SEQNUM'
[ 722.323536] testsuite-04.sh[562]: /usr/lib/systemd/tests/testdata/units/testsuite-04.sh: line 276: test: 495773
[ 722.325744] testsuite-04.sh[562]: ++ grep -a __SEQNUM
[ 722.327498] testsuite-04.sh[562]: grep -a __SEQNUM: integer expression expected
[ 722.329528] testsuite-04.sh[562]: + journalctl --rotate --vacuum-size=16M
$ build/journalctl --file /var/tmp/systemd-test.0HpVjt/system.journal -o export | grep -a __SEQNUM=
...
__SEQNUM=214849
__SEQNUM=214850
MESSAGE=++ grep -a __SEQNUM=
_CMDLINE=grep -a __SEQNUM=
__SEQNUM=214851
...
__SEQNUM=214860
MESSAGE=++ grep -a __SEQNUM=
_CMDLINE=grep -a __SEQNUM=
__SEQNUM=214861
__SEQNUM=214862
__SEQNUM=214863
...
Let's anchor the expression to avoid this.
Follow-up to f28ed2c1be7.
|
| |
|
|
|
| |
We support separate Startup configurations for CPU and I/O, so
add it for memory too. Only cover cgroupsv2 settings.
|
| |\
| |
| | |
test-execute: drop capabilities when testing with user manager
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Before this, tests are split into two categories, system and user, but
both are running in fully privileged environment. Hence, unprivileged
user scope was mostly not covered by the test.
Let's run all tests in both system and user scopes, and drop capabilities
when Manager is running in user scope.
This also makes the host environment protected more from the test run.
|
| |\ \
| | |
| | | |
journal sequence number rework
|
| | | | |
|
| | | | |
|
| |\ \ \
| | | |
| | | | |
sysusers: also create root group
|
| | | |/
| |/| |
|
| |/ / |
|
| | | |
|
| |/
|
|
|
|
|
|
| |
If a service defines Delegate=yes, its subcgroup won't inherit the
LogFilterPatterns= option, because the option is stored on the unit's
cgroup attributes, not on the subcgroup.
Fixed by using the unit's cgroup attributes instead.
|
| |
|
|
|
|
|
| |
If the device access policy is restricted, add implicitly access to the TPM
if at least one encrypted credential needs to be loaded.
Fixes https://github.com/systemd/systemd/issues/26042
|
| |
|
|
|
|
|
|
| |
If it was not requested to use a tpm2 signature file when enrolling, do
not fallback to the default /run/systemd/tpm2-pcr-signature.json as it
likely will be unrelated if it exists.
Fixes https://github.com/systemd/systemd/issues/25435
|
| |\
| |
| | |
argv-util: also update short invocation name
|
| | | |
|
| |/
|
|
|
|
|
|
|
|
| |
(The one case that is left unchanged is '< <(subcommand)'.)
This way, the style with no gap was already dominant. This way, the reader
immediately knows that ' < ' is a comparison operator and ' << ' is a shift.
In a few cases, replace custom EOF replacement by just EOF. There is no point
in using someting like "_EOL" unless "EOF" appears in the text.
|
| |\
| |
| | |
sysusers: improve messages and autocreate /etc
|
| | | |
|
| |\ \
| | |
| | | |
ci: Test with secure boot enabled under mkosi
|
| | |/
| |
| |
| |
| |
| | |
This gives us some nice test coverage for secure boot enrolling and the
stub secure boot workound. The authenticated EFI variables are already
created by mkosi, all we need to do is request secure boot to be used.
|
| |\ \
| | |
| | | |
test: add a testcase for lvextend
|
| | | |
| | |
| | |
| | | |
For RHBZ#2158628 (https://bugzilla.redhat.com/show_bug.cgi?id=2158628)
|
| | |/ |
|
| |\ \
| |/
|/| |
locale: check conversion before polkit
|
| | | |
|
| |\ \
| | |
| | | |
tmpfiles: fix specifier expansion in arguments of C and L lines
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Starting with commit 2f3b873a4973, when the path contains a specifier
and the argument is omitted, tmpfiles used to perform specifier
expansions twice: first specifier expansion was applied to the path
itself, and afterwards the result of the first expansion was used
in the constructed argument and expanded once again.
Resolves: #26244
Fixes: 2f3b873a4973 ("tmpfiles: copy/link /usr/share/factory/ files when the source argument is omitted")
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Make sure the argument of "C" type undergoes specifier expansion
before it's checked for validity. In particular, starting with
commit ce610af143b2, the check for path existence used to fail
in case of presence of any specifier in the argument.
Also, starting with commit 2f3b873a4973, when the path contains
a specifier and the argument is omitted, tmpfiles used to perform
specifier expansions twice: first specifier expansion was applied
to the path itself, and afterwards the result of the first expansion
was used in the constructed argument and expanded once again.
Finally, starting with commit 849958d1ba35, when the argument begins
with %h specifier, tmpfiles used to complain that the source path
is not absolute.
Resolves: #25381
Fixes: ce610af143b2 ('tmpfiles: in C lines, make missing source graceful error')
Fixes: 2f3b873a4973 ('tmpfiles: copy/link /usr/share/factory/ files when the source argument is omitted')
Fixes: 849958d1ba35 ('tmpfiles: add new "C" line for copying files or directories')
|
| |\ \
| | |
| | | |
test: cover (not only) IPv6 in the resolved test suite
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
On Arch both delv and dig pull in libnss_resolve:
```
$ grep resolve /etc/nsswitch.conf
hosts: mymachines resolve [!UNAVAIL=return] files myhostname dns
```
|
| | | | |
|
| | | | |
|
| | | | |
|
| | |/ |
|
| |/
|
|
|
|
|
|
| |
We might be running in a chroot as a uid that doesn't exist in /etc/passwd.
Let's make sure we don't fail in this scenario.
We pass $HOME when resetting the env so that we can find a home directory
and skip tests that depend on user name/group.
|
| |
|
|
|
| |
This can be used to match verity partitions together using the repart
JSON output.
|
| |
|
|
| |
Fixes: #26165
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Debian/Ubuntu use almost the same variables, but without '_'. Given
our usage is new, rename them so that they match and downstream tech
debt can be removed.
Follow-up for https://github.com/systemd/systemd/pull/25805
See:
https://github.com/systemd/systemd/issues/24228
https://github.com/systemd/systemd/pull/25412
|
| |\
| |
| | |
test: bump the client-side timeout in sd-bus as well
|
