Age | Commit message (Collapse) | Author |
|
|
|
|
|
|
|
|
|
|
|
|
|
Also, we don't use {} for single-line if-blocks.
|
|
|
|
|
|
|
|
Also, expose it in machinectl.
|
|
|
|
|
|
The udev-settle guarantees that udevd is no longer processing any of the
events casued by udev-trigger. The way this works is that it sends a
synchronous PING to udevd after udev-trigger has ran, and when that returns
it knows that udevd has started processing the events from udev-trigger.
udev-settle will then wait for the event queue to empty before returning.
However, there was a race here, as we would only update the /run state at
the beginning of the event loop, before reading out new events and before
processing the ping.
That means that if the first uevent arrived in the same event-loop iteration
as the PING, we would return the ping before updating the queue state in /run
(which would happen on the next iteration).
The race window here is tiny (as the /run state would probably get updated
before udev-settle got a chance to read /run), but still a possibility.
Fix the problem by updating the /run state as the last step before returning
the PING.
We must still update it at the beginning of the loop as well, otherwise we
risk being stuck in poll() with a stale state in /run.
Reported-by: Daniel Drake <drake@endlessm.com>
|
|
This is necessary to build with older kernel headers. NDA_VLAN was
introduced in v3.9 and NDA_PORT, NDA_VNI and NDA_IFINDEX in v3.10
|
|
|
|
Lack of this caused journalctl not to display a hint about missing groups
properly when the user lacks permissions.
|
|
|
|
CID #1271349.
|
|
r could never be less than zero.
CID #1271350.
|
|
|
|
XKB errors aren't *that* important.
Coverity complained that the same action is taken in multiple
branches, which is semi-valid, so is fixed too (CID #1256582).
|
|
CID #1256583.
|
|
CID #1257765.
|
|
CID #1257766.
|
|
|
|
The input data would have to be borked, so this is unlikely to happen,
but since we have a nice helper function to do it properly... why not?
CID #1261390.
|
|
Strictly speaking, the output variable is undefined if asprintf fails.
We use the return value not the arg everywhere, and should we do here.
|
|
Not terribly important, but the loop wasn't an actual loop,
making coverity unhappy.
CID #1261725.
|
|
CID #128739.
|
|
This is needed to interoperate firstboot and sysusers. The former one is started
first, and it writes only /etc/shadow when it is told to set the root password.
It's better to relax checks here than to duplicate functionality in firstboot.
|
|
|
|
Because the order of coldplugging is not defined, we can reference a
not-yet-coldplugged unit and read its state while it has not yet been
set to a meaningful value.
This way, already active units may get started again.
We fix this by deferring such actions until all units have been at
least somehow coldplugged.
Fixes https://bugs.freedesktop.org/show_bug.cgi?id=88401
|
|
it is trivial to fall back to our own timestamp
v2: use now()
v3: remove useless if ()
v4: add comment
|
|
I observe that upon loading of framebuffer drivers, I do not get the
desired system font, but the kernel-level defaults (usually
lib/fonts/font_8x16.c, but your mileage may vary depending on kernel
config and boot options).
The fbcon driver may be loaded at a time way before the first
framebuffer device is active, such that the vconsole setup helper
runs too early.
The existing rule is non-fitting. The going live of the fbcon kernel
component does not indicate the proper time at which to load the
visuals, which really ought to be done when a new vtcon object comes
into existence. (The font table is a per-vtcon property.)
|
|
This introduces 'HoldoffTimeoutSec' to logind.conf to make
IGNORE_LID_SWITCH_{SUSPEND,STARTUP}_USEC configurable.
Background: If an external monitor is connected, or if the system is
docked, we want to ignore LID events. This is required to support setups
where a laptop is used with external peripherals while the LID is closed.
However, this requires us to probe all hot-plugged devices before reacting
to LID events. But with modern buses like USB, the standards do not impose
any timeout on the slots, so we have no chance to know whether a given
slot is used or not. Hence, after resume and startup, we have to wait a
fixed timeout to give the kernel a chance to probe devices. Our timeout
has always been generous enough to support even the slowest devices.
However, a lot of people didn't use these features and wanted to disable
the hold-off timer. Now we provide a knob to do that.
|
|
|
|
Commit 3f93da987 accidentally dropped the "return 0" after detection of a
duplicate line. Put it back, to get back the documented and intended "first
match wins" behaviour.
https://launchpad.net/bugs/1428540
|
|
This change makes it so all seccomp filters are mapped
to the appropriate capability and are only added if that
capability was not requested when running the container.
This unbreaks the remaining use cases broken by the
addition of seccomp filters without respecting requested
capabilities.
Co-Authored-By: Clif Houck <me@clifhouck.com>
[zj: - adapt to our coding style, make struct anonymous]
|
|
Everything that is generated can be assumed to belong to CLEANFILES,
which means that the original file has to be in EXTRA_DIST. Simplify
the rules by generating as in $subject.
We have less lists to adjust manually, and 'make clean' actually
removes more stuff that before.
|
|
On large system we hit the limit on 512 simultaneous dbus
connections, resulting in tons of annoying messages:
Too many concurrent connections, refusing
This patch raises the limit to 4096.
|
|
Currently the code will silently blank out events if there are more
then 512 epoll events, causing them never to be handled at all. This
patch removes the cap on the number of events for epoll_wait, thereby
avoiding this issue.
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=89421
|
|
This also adds "machinectl import-raw" and "machinectl import-tar" to
wrap these new bus calls.
THe commands basically do for local files that "machinectl pull-raw" and
friends do for remote files.
|
|
|
|
import and pull calls
|
|
That way we can call the code for local container/VM imports "import"
without confusion.
|
|
sd_dhcp6_client_new() tried to set the DUID based on the machine id.
If the host has no /etc/machine-id, the constructor would fail
making it impossible to create an sd_dhcp6_client instance.
Relax this and create a DUID only later as needed. This way a caller
caller can workaround a missing machine-id file and set a DUID of his
choosing via sd_dhcp6_client_set_duid().
|
|
|
|
The crucial point here is that we will not change the settings of a netdev created by someone else
we simply use it as is and trust it was set up as intended.
This is confusing in the case of the pre-created netdev's (bond0 etc.), the solution should probably
be to simply make the kernel stop creating these devices as they are pretty useless.
|