mirror of
https://git.proxmox.com/git/systemd
synced 2025-08-10 05:12:21 +00:00
New upstream version 249.1
This commit is contained in:
Michael Biebl
parent
c3c690cd2f
commit
0e1568bbab
@ -76,10 +76,10 @@ variables. All EFI variables use the vendor UUID
|
||||
* `1 << 6` → The boot loader supports passing a random seed to the OS.
|
||||
|
||||
* The EFI variable `LoaderRandomSeed` contains a binary random seed if set. It
|
||||
is set by the boot loader to pass an entropy seed read from the ESP partition
|
||||
to the OS. The system manager then credits this seed to the kernel's entropy
|
||||
pool. It is the responsibility of the boot loader to ensure the quality and
|
||||
integrity of the random seed.
|
||||
is set by the boot loader to pass an entropy seed read from the ESP to the OS.
|
||||
The system manager then credits this seed to the kernel's entropy pool. It is
|
||||
the responsibility of the boot loader to ensure the quality and integrity of
|
||||
the random seed.
|
||||
|
||||
* The EFI variable `LoaderSystemToken` contains binary random data,
|
||||
persistently set by the OS installer. Boot loaders that support passing
|
||||
|
||||
@ -61,8 +61,8 @@ Everything described below is located on a placeholder file system `$BOOT`. The
|
||||
* On disks with GPT (GUID Partition Table)
|
||||
* If the OS is installed on a disk with GPT, and an Extended Boot Loader Partition or XBOOTLDR partition for short, i.e. a partition with GPT type GUID of `bc13c2ff-59e6-4262-a352-b275fd6f7172`, already exists, it should be used as `$BOOT`.
|
||||
* Otherwise, if the OS is installed on a disk with GPT, and an EFI System Partition or ESP for short, i.e. a partition with GPT type UID of `c12a7328-f81f-11d2-ba4b-00a0c93ec93b`) already exists and is large enough (let's say 250MB) and otherwise qualifies, it should be used as `$BOOT`.
|
||||
* Otherwise, if the OS is installed on a disk with GPT, and if the ESP partition already exists but is too small, a new suitably sized (let's say 500MB) XBOOTLDR partition shall be created and used as `$BOOT`.
|
||||
* Otherwise, if the OS is installed on a disk with GPT, and no ESP partition exists yet, a new suitably sized (let's say 500MB) ESP should be created and used as `$BOOT`.
|
||||
* Otherwise, if the OS is installed on a disk with GPT, and if the ESP already exists but is too small, a new suitably sized (let's say 500MB) XBOOTLDR partition shall be created and used as `$BOOT`.
|
||||
* Otherwise, if the OS is installed on a disk with GPT, and no ESP exists yet, a new suitably sized (let's say 500MB) ESP should be created and used as `$BOOT`.
|
||||
|
||||
This placeholder file system shall be determined during _installation time_, and an fstab entry may be created. It should be mounted to either `/boot/` or `/efi/`. Additional locations like `/boot/efi/`, with `/boot/` being a separate file system, might be supported by implementations. This is not recommended because the mounting of `$BOOT` is then dependent on and requires the mounting of the intermediate file system.
|
||||
|
||||
|
||||
@ -39,7 +39,6 @@
|
||||
<paramdef>const char *<parameter>interface</parameter></paramdef>
|
||||
<paramdef>const char *<parameter>member</parameter></paramdef>
|
||||
<paramdef>sd_bus_error *<parameter>ret_error</parameter></paramdef>
|
||||
<paramdef>sd_bus_message **<parameter>reply</parameter></paramdef>
|
||||
<paramdef>const char *<parameter>type</parameter></paramdef>
|
||||
<paramdef>...</paramdef>
|
||||
</funcprototype>
|
||||
@ -52,7 +51,6 @@
|
||||
<paramdef>const char *<parameter>interface</parameter></paramdef>
|
||||
<paramdef>const char *<parameter>member</parameter></paramdef>
|
||||
<paramdef>sd_bus_error *<parameter>ret_error</parameter></paramdef>
|
||||
<paramdef>sd_bus_message **<parameter>reply</parameter></paramdef>
|
||||
<paramdef>const char *<parameter>type</parameter></paramdef>
|
||||
<paramdef>va_list <parameter>ap</parameter></paramdef>
|
||||
</funcprototype>
|
||||
@ -115,10 +113,9 @@
|
||||
<citerefentry><refentrytitle>sd_bus_call_method</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
|
||||
</para>
|
||||
|
||||
<para><function>sd_bus_set_property()</function> sets a D-Bus property. On success, the response
|
||||
is stored in <parameter>reply</parameter>. If setting the property fails or an internal error
|
||||
occurs, an error is returned and an extended description of the error is optionally stored in
|
||||
<parameter>ret_error</parameter> if it is not <constant>NULL</constant>.
|
||||
<para><function>sd_bus_set_property()</function> sets a D-Bus property. If setting the property
|
||||
fails or an internal error occurs, an error is returned and an extended description of the error
|
||||
is optionally stored in <parameter>ret_error</parameter> if it is not <constant>NULL</constant>.
|
||||
<parameter>type</parameter> and the arguments that follow it describe the new value of the
|
||||
property and must follow the format described in
|
||||
<citerefentry><refentrytitle>sd_bus_message_append</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
|
||||
|
||||
@ -73,8 +73,8 @@
|
||||
<citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry> for
|
||||
details.</para></listitem>
|
||||
|
||||
<listitem><para>An EFI variable set by the boot loader informs the OS about the ESP partition used
|
||||
during boot. This is then used to automatically mount the correct ESP partition to
|
||||
<listitem><para>An EFI variable set by the boot loader informs the OS about the EFI System Partition used
|
||||
during boot. This is then used to automatically mount the correct EFI System Partition to
|
||||
<filename>/efi/</filename> or <filename>/boot/</filename> during OS runtime. See
|
||||
<citerefentry><refentrytitle>systemd-gpt-auto-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>
|
||||
for details.</para></listitem>
|
||||
|
||||
@ -144,7 +144,7 @@
|
||||
turn. Additionally, lookup of single-label names via unicast DNS may be enabled with the
|
||||
<varname>ResolveUnicastSingleLabel=yes</varname> setting. The details of which servers are queried and
|
||||
how the final reply is chosen are described below. Note that this means that address queries for
|
||||
single-label names are never sent out to remote DNS servers by default, and resoulution is only
|
||||
single-label names are never sent out to remote DNS servers by default, and resolution is only
|
||||
possible if search domains are defined.</para></listitem>
|
||||
|
||||
<listitem><para>Multi-label names with the domain suffix <literal>.local</literal> are resolved using
|
||||
|
||||
@ -998,14 +998,6 @@ IPv6Token=prefixstable:2002:da8:1::</programlisting></para>
|
||||
</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
<varlistentry>
|
||||
<term><varname>Xfrm=</varname></term>
|
||||
<listitem>
|
||||
<para>The name of the xfrm to create on the link. See
|
||||
<citerefentry><refentrytitle>systemd.netdev</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
|
||||
This option may be specified more than once.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
<varlistentry>
|
||||
<term><varname>KeepConfiguration=</varname></term>
|
||||
<listitem>
|
||||
|
||||
@ -74,8 +74,8 @@
|
||||
configuration files, whose syntax and basic set of options is
|
||||
described in
|
||||
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
|
||||
however some are created automatically from other configuration,
|
||||
dynamically from system state or programmatically at runtime.
|
||||
however some are created automatically from other configuration
|
||||
files, dynamically from system state or programmatically at runtime.
|
||||
Units may be "active" (meaning started, bound, plugged in, …,
|
||||
depending on the unit type, see below), or "inactive" (meaning
|
||||
stopped, unbound, unplugged, …), as well as in the process of
|
||||
|
||||
@ -77,4 +77,5 @@ _arguments \
|
||||
'--version[Show package version]' \
|
||||
'--wait=[Wait until service stopped again]' \
|
||||
'--working-directory=[Run with the specified working directory]' \
|
||||
'*::command:_command'
|
||||
'(-):command: _command_names -e' \
|
||||
'*::arguments:_normal'
|
||||
|
||||
@ -378,12 +378,13 @@ int unit_name_unescape(const char *f, char **ret) {
|
||||
}
|
||||
|
||||
int unit_name_path_escape(const char *f, char **ret) {
|
||||
char *p, *s;
|
||||
_cleanup_free_ char *p = NULL;
|
||||
char *s;
|
||||
|
||||
assert(f);
|
||||
assert(ret);
|
||||
|
||||
p = strdupa(f);
|
||||
p = strdup(f);
|
||||
if (!p)
|
||||
return -ENOMEM;
|
||||
|
||||
@ -395,13 +396,9 @@ int unit_name_path_escape(const char *f, char **ret) {
|
||||
if (!path_is_normalized(p))
|
||||
return -EINVAL;
|
||||
|
||||
/* Truncate trailing slashes */
|
||||
/* Truncate trailing slashes and skip leading slashes */
|
||||
delete_trailing_chars(p, "/");
|
||||
|
||||
/* Truncate leading slashes */
|
||||
p = skip_leading_chars(p, "/");
|
||||
|
||||
s = unit_name_escape(p);
|
||||
s = unit_name_escape(skip_leading_chars(p, "/"));
|
||||
}
|
||||
if (!s)
|
||||
return -ENOMEM;
|
||||
|
||||
@ -1337,7 +1337,7 @@ static int verb_status(int argc, char *argv[], void *userdata) {
|
||||
sd_id128_t bootloader_esp_uuid;
|
||||
bool have_bootloader_esp_uuid = efi_loader_get_device_part_uuid(&bootloader_esp_uuid) >= 0;
|
||||
|
||||
print_yes_no_line(false, have_bootloader_esp_uuid, "Boot loader sets ESP partition information");
|
||||
print_yes_no_line(false, have_bootloader_esp_uuid, "Boot loader sets ESP information");
|
||||
if (have_bootloader_esp_uuid && !sd_id128_equal(esp_uuid, bootloader_esp_uuid))
|
||||
printf("WARNING: The boot loader reports a different ESP UUID than detected!\n");
|
||||
|
||||
|
||||
@ -204,14 +204,14 @@ static const char* fallback_chassis(void) {
|
||||
|
||||
r = read_one_line_file("/sys/class/dmi/id/chassis_type", &type);
|
||||
if (r < 0) {
|
||||
log_debug_errno(v, "Failed to read DMI chassis type, ignoring: %m");
|
||||
log_debug_errno(r, "Failed to read DMI chassis type, ignoring: %m");
|
||||
goto try_acpi;
|
||||
}
|
||||
|
||||
r = safe_atou(type, &t);
|
||||
free(type);
|
||||
if (r < 0) {
|
||||
log_debug_errno(v, "Failed to parse DMI chassis type, ignoring: %m");
|
||||
log_debug_errno(r, "Failed to parse DMI chassis type, ignoring: %m");
|
||||
goto try_acpi;
|
||||
}
|
||||
|
||||
@ -260,14 +260,14 @@ static const char* fallback_chassis(void) {
|
||||
try_acpi:
|
||||
r = read_one_line_file("/sys/firmware/acpi/pm_profile", &type);
|
||||
if (r < 0) {
|
||||
log_debug_errno(v, "Failed read ACPI PM profile, ignoring: %m");
|
||||
log_debug_errno(r, "Failed read ACPI PM profile, ignoring: %m");
|
||||
return NULL;
|
||||
}
|
||||
|
||||
r = safe_atou(type, &t);
|
||||
free(type);
|
||||
if (r < 0) {
|
||||
log_debug_errno(v, "Failed parse ACPI PM profile, ignoring: %m");
|
||||
log_debug_errno(r, "Failed parse ACPI PM profile, ignoring: %m");
|
||||
return NULL;
|
||||
}
|
||||
|
||||
|
||||
@ -1409,7 +1409,7 @@ static const char *table_data_format(Table *t, TableData *d, bool avoid_uppercas
|
||||
_cleanup_free_ char *p = NULL;
|
||||
char *ret;
|
||||
|
||||
p = new(char, FORMAT_TIMESTAMP_MAX);
|
||||
p = new(char, d->type == TABLE_TIMESTAMP_RELATIVE ? FORMAT_TIMESTAMP_RELATIVE_MAX : FORMAT_TIMESTAMP_MAX);
|
||||
if (!p)
|
||||
return NULL;
|
||||
|
||||
@ -1418,7 +1418,7 @@ static const char *table_data_format(Table *t, TableData *d, bool avoid_uppercas
|
||||
else if (d->type == TABLE_TIMESTAMP_UTC)
|
||||
ret = format_timestamp_style(p, FORMAT_TIMESTAMP_MAX, d->timestamp, TIMESTAMP_UTC);
|
||||
else
|
||||
ret = format_timestamp_relative(p, FORMAT_TIMESTAMP_MAX, d->timestamp);
|
||||
ret = format_timestamp_relative(p, FORMAT_TIMESTAMP_RELATIVE_MAX, d->timestamp);
|
||||
if (!ret)
|
||||
return "n/a";
|
||||
|
||||
|
||||
@ -1915,7 +1915,7 @@ static int show_one(
|
||||
return log_error_errno(r, "Failed to get properties: %s", bus_error_message(&error, r));
|
||||
|
||||
if (unit && streq_ptr(info.load_state, "not-found") && streq_ptr(info.active_state, "inactive")) {
|
||||
log_full(show_mode == SYSTEMCTL_SHOW_STATUS ? LOG_ERR : LOG_DEBUG,
|
||||
log_full(show_mode == SYSTEMCTL_SHOW_PROPERTIES ? LOG_DEBUG : LOG_ERR,
|
||||
"Unit %s could not be found.", unit);
|
||||
|
||||
if (show_mode == SYSTEMCTL_SHOW_STATUS)
|
||||
|
||||
@ -36,7 +36,7 @@ static int load_kexec_kernel(void) {
|
||||
return log_error_errno(r,
|
||||
"No kexec kernel loaded and autodetection failed.\n%s",
|
||||
is_efi_boot()
|
||||
? "Cannot automatically load kernel: ESP partition mount point not found."
|
||||
? "Cannot automatically load kernel: ESP mount point not found."
|
||||
: "Automatic loading works only on systems booted with EFI.");
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
@ -11,7 +11,7 @@ TEST_NO_QEMU=1
|
||||
# Using timeout because if the test fails it can loop.
|
||||
# The reason is because the poweroff executed by end.service
|
||||
# could turn into a reboot if the test fails.
|
||||
NSPAWN_TIMEOUT=20
|
||||
NSPAWN_TIMEOUT=60
|
||||
|
||||
# Remove this file if it exists. This is used along with
|
||||
# the make target "finish". Since concrete confirmation is
|
||||
|
||||
@ -35,6 +35,7 @@ QEMU_MEM="${QEMU_MEM:-512M}"
|
||||
# To force creating a new image from scratch (eg: to encrypt it), also define
|
||||
# TEST_FORCE_NEWIMAGE=1 in the test setup script.
|
||||
IMAGE_NAME=${IMAGE_NAME:-default}
|
||||
STRIP_BINARIES="${STRIP_BINARIES:-yes}"
|
||||
TEST_REQUIRE_INSTALL_TESTS="${TEST_REQUIRE_INSTALL_TESTS:-1}"
|
||||
TEST_PARALLELIZE="${TEST_PARALLELIZE:-0}"
|
||||
LOOPDEV=
|
||||
|
||||
@ -20,6 +20,7 @@ CapabilityBoundingSet=CAP_SYS_ADMIN CAP_CHOWN CAP_DAC_OVERRIDE CAP_FOWNER CAP_FS
|
||||
DeviceAllow=/dev/loop-control rw
|
||||
DeviceAllow=/dev/mapper/control rw
|
||||
DeviceAllow=block-* rw
|
||||
DeviceAllow=char-hidraw rw
|
||||
ExecStart={{ROOTLIBEXECDIR}}/systemd-homed
|
||||
IPAddressDeny=any
|
||||
KillMode=mixed
|
||||
|
||||
Loading…
Reference in New Issue
Block a user