summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
Lennart Poettering [Wed, 17 Jul 2019 17:16:33 +0000 (19:16 +0200)]
core: never propagate reload failure to service result
Fixes: #11238
(cherry picked from commit
d611cfa748aaf600832160132774074e808c82c7)
Gbp-Pq: Name core-never-propagate-reload-failure-to-service-result.patch
Michael Biebl [Wed, 17 Jul 2019 23:24:00 +0000 (01:24 +0200)]
meson: make nologin path build time configurable
Some distros install nologin as /usr/sbin/nologin, others as
/sbin/nologin.
Since we can't really on merged-usr everywhere (where the path wouldn't
matter), make the path build time configurable via -Dnologin-path=.
Closes #13028
(cherry picked from commit
6db904625d413739c480ddbe7667d3f40acc4ae0)
Gbp-Pq: Name meson-make-nologin-path-build-time-configurable.patch
Yu Watanabe [Thu, 9 May 2019 05:39:46 +0000 (14:39 +0900)]
network: do not send ipv6 token to kernel
We disabled kernel RA support. Then, we should not send
IFLA_INET6_TOKEN.
Thus, we do not need to send IFLA_INET6_ADDR_GEN_MODE twice.
Follow-up for
0e2fdb83bb5e22047e0c7cc058b415d0e93f02cf and
4eb086a38712ea98faf41e075b84555b11b54362.
(cherry picked from commit
9f6e82e6eb3b6e73d66d00d1d6eee60691fb702f)
Gbp-Pq: Name network-do-not-send-ipv6-token-to-kernel.patch
Susant Sahani [Thu, 9 May 2019 02:05:35 +0000 (07:35 +0530)]
networkd: fix link_up() (#12505)
Fillup IFLA_INET6_ADDR_GEN_MODE while we do link_up.
Fixes the following error:
```
dummy-test: Could not bring up interface: Invalid argument
```
After reading the kernel code when we do a link up
```
net/core/rtnetlink.c
IFLA_AF_SPEC
af_ops->set_link_af(dev, af);
inet6_set_link_af
if (tb[IFLA_INET6_ADDR_GEN_MODE])
Here it looks for IFLA_INET6_ADDR_GEN_MODE
```
Since link up we didn't filling up that it's failing.
Closes #12504.
(cherry picked from commit
4eb086a38712ea98faf41e075b84555b11b54362)
Gbp-Pq: Name networkd-fix-link_up-12505.patch
Yu Watanabe [Fri, 14 Jun 2019 00:42:51 +0000 (09:42 +0900)]
network: read link specific sysctl value
This introduce link_sysctl_ipv6_enabled() and replaces
manager_sysctl_ipv6_enabled() with it.
(cherry picked from commit
bafa9641446852f7fa15ca12d08a223d345c78ea)
Gbp-Pq: Name network-read-link-specific-sysctl-value.patch
Yu Watanabe [Tue, 11 Jun 2019 14:29:57 +0000 (23:29 +0900)]
network: ignore requested ipv6 routing policy rule when ipv6 is disabled by sysctl
(cherry picked from commit
7ef7e5509b637e660e89ba8a938930ec01de6e54)
Gbp-Pq: Name network-ignore-requested-ipv6-routing-policy-rule-when-ip.patch
Yu Watanabe [Tue, 11 Jun 2019 14:26:11 +0000 (23:26 +0900)]
network: ignore requested ipv6 route when ipv6 is disabled by sysctl
(cherry picked from commit
c442331750a2a9711036080f7590e190b9b0eb54)
Gbp-Pq: Name network-ignore-requested-ipv6-route-when-ipv6-is-disabled.patch
Yu Watanabe [Tue, 11 Jun 2019 14:20:56 +0000 (23:20 +0900)]
network: ignore requested ipv6 addresses when ipv6 is disabled by sysctl
(cherry picked from commit
54a1a535bd60f13964bbddd8f381601e33e8e56f)
Gbp-Pq: Name network-ignore-requested-ipv6-addresses-when-ipv6-is-disa.patch
Zbigniew Jędrzejewski-Szmek [Tue, 21 May 2019 17:31:49 +0000 (19:31 +0200)]
man: add note that %h/%u/%U are mostly useless
Fixes #12389.
(cherry picked from commit
b4e2407716731d1ce099bad1c2778f7a4424ed2e)
Gbp-Pq: Name man-add-note-that-h-u-U-are-mostly-useless.patch
Zbigniew Jędrzejewski-Szmek [Tue, 21 May 2019 17:26:12 +0000 (19:26 +0200)]
core: unset HOME=/ that the kernel gives us
Partially fixes #12389.
%h would return "/" in a machine, but "/root" in a container. Let's fix
this by resetting $HOME to the expected value.
(cherry picked from commit
9d48671c62de133a2b9fe7c31e70c0ff8e68f2db)
Gbp-Pq: Name core-unset-HOME-that-the-kernel-gives-us.patch
Thadeu Lima de Souza Cascardo [Mon, 13 May 2019 19:58:01 +0000 (16:58 -0300)]
ask-password: prevent buffer overflow when reading from keyring
When we read from keyring, a temporary buffer is allocated in order to
determine the size needed for the entire data. However, when zeroing that area,
we use the data size returned by the read instead of the lesser size allocate
for the buffer.
That will cause memory corruption that causes systemd-cryptsetup to crash
either when a single large password is used or when multiple passwords have
already been pushed to the keyring.
Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
(cherry picked from commit
59c55e73eaee345e1ee67c23eace8895ed499693)
Gbp-Pq: Name ask-password-prevent-buffer-overflow-when-reading-from-ke.patch
Lennart Poettering [Fri, 10 May 2019 19:16:16 +0000 (15:16 -0400)]
random-util: eat up bad RDRAND values seen on AMD CPUs
An ugly, ugly work-around for #11810. And no, we shouldn't have to do
this. This is something for AMD, the firmware or the kernel to
fix/work-around, not us. But nonetheless, this should do it for now.
Fixes: #11810
(cherry picked from commit
1c53d4a070edbec8ad2d384ba0014d0eb6bae077)
Gbp-Pq: Name random-util-eat-up-bad-RDRAND-values-seen-on-AMD-CPUs.patch
Michael Biebl [Tue, 14 May 2019 15:40:45 +0000 (17:40 +0200)]
Drop support for /usr/sbin/halt.local
/usr/sbin/halt.local is a Fedora/Red Hat anachronism from pre-systemd
times.
(cherry picked from commit
44508946534eee032927c263b79464832656dd6e)
Gbp-Pq: Name Drop-support-for-usr-sbin-halt.local.patch
Michael Biebl [Fri, 17 May 2019 06:02:46 +0000 (08:02 +0200)]
meson: stop creating .wants directories for {multi-user,getty}.target (#12569)
Since preset is supposed to be used to enable the services, there is no
need to pre-create those directories either.
Follow-up for #12164
(cherry picked from commit
dadc7f2e43b163dd740832abd73b83245f716c1e)
Gbp-Pq: Name meson-stop-creating-.wants-directories-for-multi-user-get.patch
Lennart Poettering [Thu, 18 Apr 2019 13:16:18 +0000 (15:16 +0200)]
test: add test for flush_accept()
Fixes: #12335
(cherry picked from commit
5b116c37e14582ee6550c9157445d6bbd4ce1813)
Gbp-Pq: Name test-add-test-for-flush_accept.patch
Lennart Poettering [Thu, 18 Apr 2019 13:13:54 +0000 (15:13 +0200)]
socket-util: make sure flush_accept() doesn't hang on unexpected EOPNOTSUPP
So apparently there are two reasons why accept() can return EOPNOTSUPP:
because the socket is not a listening stream socket (or similar), or
because the incoming TCP connection for some reason wasn't acceptable to
the host. THe latter should be a transient error, as suggested on
accept(2). The former however should be considered fatal for
flush_accept(). Let's fix this by explicitly checking whether the socket
is a listening socket beforehand.
(cherry picked from commit
f3d75364fbebf2ddb6393e54db5e10b6f6234e14)
Gbp-Pq: Name socket-util-make-sure-flush_accept-doesn-t-hang-on-unexpe.patch
Michael Biebl [Thu, 29 Aug 2019 14:18:18 +0000 (15:18 +0100)]
systemd (242-5) unstable; urgency=medium
[ Dan Streetman ]
* d/rules: add CONFFGLAGS_UPSTREAM to dh_auto_configure -- params
[ Michael Biebl ]
* core: never propagate reload failure to service result.
Fixes a regression introduced in v239 where the main process of a
service unit gets killed on reload if ExecReload fails. (Closes: #936032)
* shared/seccomp: add sync_file_range2.
Some architectures need the arguments to be reordered because of alignment
issues. Otherwise, it's the same as sync_file_range.
Fixes sync_file_range failures in nspawn containers on arm, ppc.
(Closes: #935091)
* bash-completion: don't sort syslog priorities.
By default, the available completions are sorted alphabetically, which
is counterproductive in case of syslog priorities. Override the default
behavior using the `nosort` option. (Closes: #913222)
* test-bpf: skip test when run inside containers
[dgit import unpatched systemd 242-5]
Michael Biebl [Thu, 29 Aug 2019 14:18:18 +0000 (15:18 +0100)]
Import systemd_242-5.debian.tar.xz
[dgit import tarball systemd 242-5 systemd_242-5.debian.tar.xz]
Michael Biebl [Tue, 7 May 2019 23:33:56 +0000 (00:33 +0100)]
Import systemd_242.orig.tar.gz
[dgit import orig systemd_242.orig.tar.gz]
projects / systemd.git / log