Age | Commit message (Collapse) | Author |
|
Commit 3f93da987 accidentally dropped the "return 0" after detection of a
duplicate line. Put it back, to get back the documented and intended "first
match wins" behaviour.
https://launchpad.net/bugs/1428540
|
|
|
|
This change makes it so all seccomp filters are mapped
to the appropriate capability and are only added if that
capability was not requested when running the container.
This unbreaks the remaining use cases broken by the
addition of seccomp filters without respecting requested
capabilities.
Co-Authored-By: Clif Houck <me@clifhouck.com>
[zj: - adapt to our coding style, make struct anonymous]
|
|
Everything that is generated can be assumed to belong to CLEANFILES,
which means that the original file has to be in EXTRA_DIST. Simplify
the rules by generating as in $subject.
We have less lists to adjust manually, and 'make clean' actually
removes more stuff that before.
|
|
On large system we hit the limit on 512 simultaneous dbus
connections, resulting in tons of annoying messages:
Too many concurrent connections, refusing
This patch raises the limit to 4096.
|
|
Currently the code will silently blank out events if there are more
then 512 epoll events, causing them never to be handled at all. This
patch removes the cap on the number of events for epoll_wait, thereby
avoiding this issue.
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=84437
|
|
Using the DIR macro breaks caching and has no benefit as it only offers
performance improvements when AS_FOR is used with a single element list.
Also --with-lds-dir= was broken as we never set have_efi_lds in this case.
Fix this and check if PATH actually contains the efi-lds file.
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=89421
|
|
|
|
This also adds "machinectl import-raw" and "machinectl import-tar" to
wrap these new bus calls.
THe commands basically do for local files that "machinectl pull-raw" and
friends do for remote files.
|
|
|
|
import and pull calls
|
|
That way we can call the code for local container/VM imports "import"
without confusion.
|
|
sd_dhcp6_client_new() tried to set the DUID based on the machine id.
If the host has no /etc/machine-id, the constructor would fail
making it impossible to create an sd_dhcp6_client instance.
Relax this and create a DUID only later as needed. This way a caller
caller can workaround a missing machine-id file and set a DUID of his
choosing via sd_dhcp6_client_set_duid().
|
|
|
|
The crucial point here is that we will not change the settings of a netdev created by someone else
we simply use it as is and trust it was set up as intended.
This is confusing in the case of the pre-created netdev's (bond0 etc.), the solution should probably
be to simply make the kernel stop creating these devices as they are pretty useless.
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=89411
|
|
On s390 (at least) /sys/class/power_supply is not present. We should
treat this like if this directory was empty, and not an error.
|
|
For daemons which have a main configuration file, there's
little reason for the administrator to use configuration snippets.
They are useful for packagers which need to override settings, but
we shouldn't advertise that as the main way of configuring those
services.
https://bugs.freedesktop.org/show_bug.cgi?id=89397
|
|
If HAVE_PAM isn't set then don't attempt to copy /etc/pam.d from the
factory, as it doesn't get installed.
|
|
They are now useful for any fs used for journal storage.
|
|
|
|
Otherwise distribution tarfiles are not generated properly.
|
|
|
|
|
|
gcc was complaining that progress_rc might be used uninitalized.
But it was actually always set, because the condition was always
satisfied. Remove the condition.
|
|
A warning is printed if ACLs cannot be retrieved for any reason other
than -ENOSYS. For -ENOSYS, debug log is printed.
|
|
Add some forgotten strings for systemd, logind and machined.
|
|
|
|
downloads
If /var/lib/machines is mounted as btrfs loopback file system in
/var/lib/machines.raw with this change we automatically grow the file
system as it fills up. After each 10M we write to it during imports, we
check the free disk space, and if the fill level grows beyond 66% we
increase the size of the file system to 3x the fill level (thus lowering
it to 33%).
|
|
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=89379
|
|
|
|
gpg2 insists on created a trust db even if we tun off all trust db
support. Hence create a temporary home where the trust db is placed, and
remove it after use.
|
|
|
|
is called
|
|
Logs constantly show
systemd-journald[395]: Failed to set file attributes: Inappropriate ioctl for device
This is because ext4 does not support FS_NOCOW_FL.
[zj: fold into one conditional as suggested on the ML and
fix (preexisting) r/errno confusion in error message.]
|
|
Binary fields were not processed properly, and resulting journal files
were non-conforming, resulting in an error ("Invalid field.") when reading.
https://bugs.freedesktop.org/show_bug.cgi?id=89391
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=89382
|
|
|
|
pool size
|
|
This way, we can safely set up the directories from two processes at the
same time, including machined and importd simultaneously.
|
|
|
|
This adds support for showing the accumulated consumed CPU time per-unit
in the "systemctl status" output. The property is also readable via the
bus.
|
|
After some reconsideration, we decided to move the binary protocol
back to 64-bit wide UIDs and GIDs. After all, it should be possible
to redefine [gu]id_t to uint64_t and things should continue to
work. As we want to avoid such data types in kdbus.h, let's move
back to 64-bit values and be safe.
In sd-bus, we have to do a translation between uint64_t and gid_t
now for supplementary gids.
Some inline comments have also been updated in kdbus upstream.
|
|
|
|
|
|
Otherwise every daemon reload prints out warnings like:
systemd[1]: Unit type .busname is not supported on this system.
systemd[1]: Unit type .swap is not supported on this system.
|
|
|