proxmox-mirrors/systemd
1
0
Fork 0
mirror of https://git.proxmox.com/git/systemd synced 2025-06-03 11:56:12 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

New upstream version 245.7

Browse Source
This commit is contained in:
Michael Biebl 2020-07-27 22:03:51 +02:00
parent 20a6e51f0f
commit 478ed93856
132 changed files with 26572 additions and 2428 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
TODO
View File

@ -931,7 +931,8 @@ Features:
- document systemd-journal-flush.service properly
- documentation: recommend to connect the timer units of a service to the service via Also= in [Install]
- man: document the very specific env the shutdown drop-in tools live in
- man: add more examples to man pages
- man: add more examples to man pages,
- in particular an example how to do the equivalent of switching runlevels
- man: maybe sort directives in man pages, and take sections from --help and apply them to man too
- document root=gpt-auto properly

10
docs/USER_RECORD.md
View File

@ -368,11 +368,11 @@ directory is first created, and defaults to `/etc/skel` if not defined.
access mask for the home directory when it is first created.
`tasksMax` → Takes an unsigned 64bit integer indicating the maximum number of
tasks the user may start in parallel during system runtime. This value is
enforced on all tasks (i.e. processes and threads) the user starts or that are
forked off these processes regardless if the change user identity (for example
by setuid binaries/`su`/`sudo` and
similar). [`systemd-logind.service`](https://www.freedesktop.org/software/systemd/man/systemd-logind.service.html)
tasks the user may start in parallel during system runtime. This counts
all tasks (i.e. threads, where each process is at least one thread) the user starts or that are
forked from these processes even if the user identity is changed (for example
by setuid binaries/`su`/`sudo` and similar).
[`systemd-logind.service`](https://www.freedesktop.org/software/systemd/man/systemd-logind.service.html)
enforces this by setting the `TasksMax` slice property for the user's slice
`user-$UID.slice`.

3265
hwdb.d/20-OUI.hwdb
View File

File diff suppressed because it is too large Load Diff

3
hwdb.d/20-acpi-vendor.hwdb
View File

@ -132,6 +132,9 @@ acpi:HWPE*:
acpi:HXTS*:
ID_VENDOR_FROM_DATABASE=Guizhou Huaxintong Semiconductor Technology Co., Ltd
acpi:HYGO*:
ID_VENDOR_FROM_DATABASE=CHENGDU HAIGUANG IC DESIGN CO., LTD
acpi:IBMX*:
ID_VENDOR_FROM_DATABASE=IBM

98
hwdb.d/20-acpi-vendor.hwdb.patch
View File

@ -1,5 +1,5 @@
--- 20-acpi-vendor.hwdb.base 2020-03-06 12:40:11.417307950 +0100
+++ 20-acpi-vendor.hwdb 2020-03-06 12:40:11.433308177 +0100
--- 20-acpi-vendor.hwdb.base 2020-07-23 17:21:29.955652649 +0200
+++ 20-acpi-vendor.hwdb 2020-07-23 17:21:29.974652774 +0200
@@ -3,6 +3,8 @@
# Data imported from:
# https://uefi.org/uefi-pnp-export
@ -19,7 +19,7 @@
acpi:AMDI*:
ID_VENDOR_FROM_DATABASE=AMD
@@ -286,6 +285,9 @@
@@ -289,6 +288,9 @@
acpi:AAA*:
ID_VENDOR_FROM_DATABASE=Avolites Ltd
@ -29,7 +29,7 @@
acpi:AAE*:
ID_VENDOR_FROM_DATABASE=Anatek Electronics Inc.
@@ -313,6 +315,9 @@
@@ -316,6 +318,9 @@
acpi:ABO*:
ID_VENDOR_FROM_DATABASE=D-Link Systems Inc
@ -39,7 +39,7 @@
acpi:ABS*:
ID_VENDOR_FROM_DATABASE=Abaco Systems, Inc.
@@ -358,7 +363,7 @@
@@ -361,7 +366,7 @@
acpi:ACO*:
ID_VENDOR_FROM_DATABASE=Allion Computer Inc.
@ -48,7 +48,7 @@
ID_VENDOR_FROM_DATABASE=Aspen Tech Inc
acpi:ACR*:
@@ -631,6 +636,9 @@
@@ -634,6 +639,9 @@
acpi:AMT*:
ID_VENDOR_FROM_DATABASE=AMT International Industry
@ -58,7 +58,7 @@
acpi:AMX*:
ID_VENDOR_FROM_DATABASE=AMX LLC
@@ -679,6 +687,9 @@
@@ -682,6 +690,9 @@
acpi:AOA*:
ID_VENDOR_FROM_DATABASE=AOpen Inc.
@ -68,7 +68,7 @@
acpi:AOE*:
ID_VENDOR_FROM_DATABASE=Advanced Optics Electronics, Inc.
@@ -688,6 +699,9 @@
@@ -691,6 +702,9 @@
acpi:AOT*:
ID_VENDOR_FROM_DATABASE=Alcatel
@ -78,7 +78,7 @@
acpi:APC*:
ID_VENDOR_FROM_DATABASE=American Power Conversion
@@ -863,7 +877,7 @@
@@ -866,7 +880,7 @@
ID_VENDOR_FROM_DATABASE=Alps Electric Inc
acpi:AUO*:
@ -87,7 +87,7 @@
acpi:AUR*:
ID_VENDOR_FROM_DATABASE=Aureal Semiconductor
@@ -943,6 +957,9 @@
@@ -946,6 +960,9 @@
acpi:AXE*:
ID_VENDOR_FROM_DATABASE=Axell Corporation
@ -97,7 +97,7 @@
acpi:AXI*:
ID_VENDOR_FROM_DATABASE=American Magnetics
@@ -1093,6 +1110,9 @@
@@ -1096,6 +1113,9 @@
acpi:BML*:
ID_VENDOR_FROM_DATABASE=BIOMED Lab
@ -107,7 +107,7 @@
acpi:BMS*:
ID_VENDOR_FROM_DATABASE=BIOMEDISYS
@@ -1105,6 +1125,9 @@
@@ -1108,6 +1128,9 @@
acpi:BNO*:
ID_VENDOR_FROM_DATABASE=Bang & Olufsen
@ -117,7 +117,7 @@
acpi:BNS*:
ID_VENDOR_FROM_DATABASE=Boulder Nonlinear Systems
@@ -1345,6 +1368,9 @@
@@ -1348,6 +1371,9 @@
acpi:CHA*:
ID_VENDOR_FROM_DATABASE=Chase Research PLC
@ -127,7 +127,7 @@
acpi:CHD*:
ID_VENDOR_FROM_DATABASE=ChangHong Electric Co.,Ltd
@@ -1498,6 +1524,9 @@
@@ -1501,6 +1527,9 @@
acpi:COD*:
ID_VENDOR_FROM_DATABASE=CODAN Pty. Ltd.
@ -137,7 +137,7 @@
acpi:COI*:
ID_VENDOR_FROM_DATABASE=Codec Inc.
@@ -1904,7 +1933,7 @@
@@ -1907,7 +1936,7 @@
ID_VENDOR_FROM_DATABASE=Dragon Information Technology
acpi:DJE*:
@ -146,7 +146,7 @@
acpi:DJP*:
ID_VENDOR_FROM_DATABASE=Maygay Machines, Ltd
@@ -2236,6 +2265,9 @@
@@ -2239,6 +2268,9 @@
acpi:EIN*:
ID_VENDOR_FROM_DATABASE=Elegant Invention
@ -156,7 +156,7 @@
acpi:EKA*:
ID_VENDOR_FROM_DATABASE=MagTek Inc.
@@ -2497,6 +2529,9 @@
@@ -2500,6 +2532,9 @@
acpi:FCG*:
ID_VENDOR_FROM_DATABASE=First International Computer Ltd
@ -166,7 +166,7 @@
acpi:FCS*:
ID_VENDOR_FROM_DATABASE=Focus Enhancements, Inc.
@@ -2870,7 +2905,7 @@
@@ -2873,7 +2908,7 @@
ID_VENDOR_FROM_DATABASE=General Standards Corporation
acpi:GSM*:
@ -175,7 +175,7 @@
acpi:GSN*:
ID_VENDOR_FROM_DATABASE=Grandstream Networks, Inc.
@@ -2971,6 +3006,9 @@
@@ -2974,6 +3009,9 @@
acpi:HEC*:
ID_VENDOR_FROM_DATABASE=Hisense Electric Co., Ltd.
@ -185,7 +185,7 @@
acpi:HEL*:
ID_VENDOR_FROM_DATABASE=Hitachi Micro Systems Europe Ltd
@@ -3100,6 +3138,9 @@
@@ -3103,6 +3141,9 @@
acpi:HSD*:
ID_VENDOR_FROM_DATABASE=HannStar Display Corp
@ -195,7 +195,7 @@
acpi:HSM*:
ID_VENDOR_FROM_DATABASE=AT&T Microelectronics
@@ -3223,6 +3264,9 @@
@@ -3226,6 +3267,9 @@
acpi:ICI*:
ID_VENDOR_FROM_DATABASE=Infotek Communication Inc
@ -205,7 +205,7 @@
acpi:ICM*:
ID_VENDOR_FROM_DATABASE=Intracom SA
@@ -3319,6 +3363,9 @@
@@ -3322,6 +3366,9 @@
acpi:IKE*:
ID_VENDOR_FROM_DATABASE=Ikegami Tsushinki Co. Ltd.
@ -215,7 +215,7 @@
acpi:IKS*:
ID_VENDOR_FROM_DATABASE=Ikos Systems Inc
@@ -3364,6 +3411,9 @@
@@ -3367,6 +3414,9 @@
acpi:IMT*:
ID_VENDOR_FROM_DATABASE=Inmax Technology Corporation
@ -225,7 +225,7 @@
acpi:INA*:
ID_VENDOR_FROM_DATABASE=Inventec Corporation
@@ -3871,6 +3921,9 @@
@@ -3874,6 +3924,9 @@
acpi:LAN*:
ID_VENDOR_FROM_DATABASE=Sodeman Lancom Inc
@ -235,7 +235,7 @@
acpi:LAS*:
ID_VENDOR_FROM_DATABASE=LASAT Comm. A/S
@@ -3916,6 +3969,9 @@
@@ -3919,6 +3972,9 @@
acpi:LED*:
ID_VENDOR_FROM_DATABASE=Long Engineering Design Inc
@ -245,7 +245,7 @@
acpi:LEG*:
ID_VENDOR_FROM_DATABASE=Legerity, Inc
@@ -3931,6 +3987,9 @@
@@ -3934,6 +3990,9 @@
acpi:LGC*:
ID_VENDOR_FROM_DATABASE=Logic Ltd
@ -255,7 +255,7 @@
acpi:LGI*:
ID_VENDOR_FROM_DATABASE=Logitech Inc
@@ -3985,6 +4044,9 @@
@@ -3988,6 +4047,9 @@
acpi:LND*:
ID_VENDOR_FROM_DATABASE=Land Computer Company Ltd
@ -265,7 +265,7 @@
acpi:LNK*:
ID_VENDOR_FROM_DATABASE=Link Tech Inc
@@ -4019,7 +4081,7 @@
@@ -4022,7 +4084,7 @@
ID_VENDOR_FROM_DATABASE=Design Technology
acpi:LPL*:
@ -274,7 +274,7 @@
acpi:LSC*:
ID_VENDOR_FROM_DATABASE=LifeSize Communications
@@ -4195,6 +4257,9 @@
@@ -4198,6 +4260,9 @@
acpi:MCX*:
ID_VENDOR_FROM_DATABASE=Millson Custom Solutions Inc.
@ -284,7 +284,7 @@
acpi:MDA*:
ID_VENDOR_FROM_DATABASE=Media4 Inc
@@ -4432,6 +4497,9 @@
@@ -4435,6 +4500,9 @@
acpi:MOM*:
ID_VENDOR_FROM_DATABASE=Momentum Data Systems
@ -294,7 +294,7 @@
acpi:MOS*:
ID_VENDOR_FROM_DATABASE=Moses Corporation
@@ -4657,6 +4725,9 @@
@@ -4660,6 +4728,9 @@
acpi:NAL*:
ID_VENDOR_FROM_DATABASE=Network Alchemy
@ -304,7 +304,7 @@
acpi:NAT*:
ID_VENDOR_FROM_DATABASE=NaturalPoint Inc.
@@ -5161,6 +5232,9 @@
@@ -5164,6 +5235,9 @@
acpi:PCX*:
ID_VENDOR_FROM_DATABASE=PC Xperten
@ -314,7 +314,7 @@
acpi:PDM*:
ID_VENDOR_FROM_DATABASE=Psion Dacom Plc.
@@ -5224,9 +5298,6 @@
@@ -5227,9 +5301,6 @@
acpi:PHE*:
ID_VENDOR_FROM_DATABASE=Philips Medical Systems Boeblingen GmbH
@ -324,7 +324,7 @@
acpi:PHL*:
ID_VENDOR_FROM_DATABASE=Philips Consumer Electronics Company
@@ -5314,9 +5385,6 @@
@@ -5317,9 +5388,6 @@
acpi:PNL*:
ID_VENDOR_FROM_DATABASE=Panelview, Inc.
@ -334,7 +334,7 @@
acpi:PNR*:
ID_VENDOR_FROM_DATABASE=Planar Systems, Inc.
@@ -5452,15 +5520,9 @@
@@ -5455,15 +5523,9 @@
acpi:PTS*:
ID_VENDOR_FROM_DATABASE=Plain Tree Systems Inc
@ -350,7 +350,7 @@
acpi:PVG*:
ID_VENDOR_FROM_DATABASE=Proview Global Co., Ltd
@@ -5776,9 +5838,6 @@
@@ -5779,9 +5841,6 @@
acpi:RTI*:
ID_VENDOR_FROM_DATABASE=Rancho Tech Inc
@ -360,7 +360,7 @@
acpi:RTL*:
ID_VENDOR_FROM_DATABASE=Realtek Semiconductor Company Ltd
@@ -5944,9 +6003,6 @@
@@ -5947,9 +6006,6 @@
acpi:SEE*:
ID_VENDOR_FROM_DATABASE=SeeColor Corporation
@ -370,7 +370,7 @@
acpi:SEI*:
ID_VENDOR_FROM_DATABASE=Seitz & Associates Inc
@@ -6403,6 +6459,9 @@
@@ -6406,6 +6462,9 @@
acpi:SVD*:
ID_VENDOR_FROM_DATABASE=SVD Computer
@ -380,7 +380,7 @@
acpi:SVI*:
ID_VENDOR_FROM_DATABASE=Sun Microsystems
@@ -6487,6 +6546,9 @@
@@ -6490,6 +6549,9 @@
acpi:SZM*:
ID_VENDOR_FROM_DATABASE=Shenzhen MTC Co., Ltd
@ -390,7 +390,7 @@
acpi:TAA*:
ID_VENDOR_FROM_DATABASE=Tandberg
@@ -6577,6 +6639,9 @@
@@ -6580,6 +6642,9 @@
acpi:TDG*:
ID_VENDOR_FROM_DATABASE=Six15 Technologies
@ -400,7 +400,7 @@
acpi:TDM*:
ID_VENDOR_FROM_DATABASE=Tandem Computer Europe Inc
@@ -6619,6 +6684,9 @@
@@ -6622,6 +6687,9 @@
acpi:TEV*:
ID_VENDOR_FROM_DATABASE=Televés, S.A.
@ -410,7 +410,7 @@
acpi:TEZ*:
ID_VENDOR_FROM_DATABASE=Tech Source Inc.
@@ -6733,9 +6801,6 @@
@@ -6736,9 +6804,6 @@
acpi:TNC*:
ID_VENDOR_FROM_DATABASE=TNC Industrial Company Ltd
@ -420,7 +420,7 @@
acpi:TNM*:
ID_VENDOR_FROM_DATABASE=TECNIMAGEN SA
@@ -7042,14 +7107,14 @@
@@ -7045,14 +7110,14 @@
acpi:UNC*:
ID_VENDOR_FROM_DATABASE=Unisys Corporation
@ -441,7 +441,7 @@
acpi:UNI*:
ID_VENDOR_FROM_DATABASE=Uniform Industry Corp.
@@ -7084,6 +7149,9 @@
@@ -7087,6 +7152,9 @@
acpi:USA*:
ID_VENDOR_FROM_DATABASE=Utimaco Safeware AG
@ -451,7 +451,7 @@
acpi:USD*:
ID_VENDOR_FROM_DATABASE=U.S. Digital Corporation
@@ -7327,9 +7395,6 @@
@@ -7330,9 +7398,6 @@
acpi:WAL*:
ID_VENDOR_FROM_DATABASE=Wave Access
@ -461,7 +461,7 @@
acpi:WAV*:
ID_VENDOR_FROM_DATABASE=Wavephore
@@ -7454,7 +7519,7 @@
@@ -7457,7 +7522,7 @@
ID_VENDOR_FROM_DATABASE=WyreStorm Technologies LLC
acpi:WYS*:
@ -470,7 +470,7 @@
acpi:WYT*:
ID_VENDOR_FROM_DATABASE=Wooyoung Image & Information Co.,Ltd.
@@ -7468,9 +7533,6 @@
@@ -7471,9 +7536,6 @@
acpi:XDM*:
ID_VENDOR_FROM_DATABASE=XDM Ltd.
@ -480,7 +480,7 @@
acpi:XES*:
ID_VENDOR_FROM_DATABASE=Extreme Engineering Solutions, Inc.
@@ -7501,9 +7563,6 @@
@@ -7504,9 +7566,6 @@
acpi:XNT*:
ID_VENDOR_FROM_DATABASE=XN Technologies, Inc.
@ -490,7 +490,7 @@
acpi:XQU*:
ID_VENDOR_FROM_DATABASE=SHANGHAI SVA-DAV ELECTRONICS CO., LTD
@@ -7570,6 +7629,9 @@
@@ -7573,6 +7632,9 @@
acpi:ZBX*:
ID_VENDOR_FROM_DATABASE=Zebax Technologies

3
hwdb.d/20-pci-classes.hwdb
View File

@ -470,6 +470,9 @@ pci:v*d*sv*sd*bc0Csc03i20*
pci:v*d*sv*sd*bc0Csc03i30*
ID_PCI_INTERFACE_FROM_DATABASE=XHCI
pci:v*d*sv*sd*bc0Csc03i40*
ID_PCI_INTERFACE_FROM_DATABASE=USB4 Host Interface
pci:v*d*sv*sd*bc0Csc03i80*
ID_PCI_INTERFACE_FROM_DATABASE=Unspecified

1120
hwdb.d/20-pci-vendor-model.hwdb
View File

File diff suppressed because it is too large Load Diff

9509
hwdb.d/20-usb-vendor-model.hwdb
View File

File diff suppressed because it is too large Load Diff

40
hwdb.d/60-evdev.hwdb
View File

@ -434,6 +434,13 @@ evdev:name:Synaptics TM3289-002:dmi:*svnLENOVO*:pvrThinkPadX1Carbon5th*
EVDEV_ABS_35=::19
EVDEV_ABS_36=::19
# Lenovo Thinkpad X1 Tablet Gen3
evdev:input:b0003v17EFp60B5*
EVDEV_ABS_00=::12
EVDEV_ABS_01=::11
EVDEV_ABS_35=::12
EVDEV_ABS_36=::11
# Lenovo T460
evdev:name:SynPS/2 Synaptics TouchPad:dmi:*svnLENOVO*:pn*ThinkPad*T460*
EVDEV_ABS_00=1266:5677:44
@ -523,10 +530,17 @@ evdev:name:AlpsPS/2 ALPS GlidePoint:dmi:*svnLENOVO:*pvrLenovoYoga500-14IBD*
# Lenovo Thinkpad T490
evdev:name:SynPS/2 Synaptics TouchPad:dmi:*:svnLENOVO:*pvrThinkPadT490:*
EVDEV_ABS_00=::57
EVDEV_ABS_01=::33
EVDEV_ABS_35=::57
EVDEV_ABS_36=::33
EVDEV_ABS_00=::44
EVDEV_ABS_01=::52
EVDEV_ABS_35=::44
EVDEV_ABS_36=::52
# Lenovo Legion Y9000X2020
evdev:name:MSFT0001:02 04F3:304B Touchpad:dmi:*svnLENOVO:*pvrLenovoLegionY9000X2020*
EVDEV_ABS_00=::31
EVDEV_ABS_01=::30
EVDEV_ABS_35=::31
EVDEV_ABS_36=::30
#########################################
# Razer
@ -564,6 +578,24 @@ evdev:name:ETPS/2 Elantech Touchpad:dmi:*svnSAMSUNGELECTRONICSCO.,LTD.:pn870Z5E/
EVDEV_ABS_35=::30
EVDEV_ABS_36=::29
#########################################
# Star Labs
#########################################
# Star LabTop Mk III
evdev:name:ALPS0001:00 0911:5288 Touchpad:dmi:*svnStarLabs:pnLabTop*
EVDEV_ABS_00=0:2627:25
EVDEV_ABS_01=0:1331:20
EVDEV_ABS_35=0:2627:25
EVDEV_ABS_36=0:1331:20
# Star Lite Mk II
evdev:name:ALPS0001:00 0911:5288 Touchpad:dmi:*svnStarLabs:pnLite:*
EVDEV_ABS_00=55:1750:16
EVDEV_ABS_01=51:950:15
EVDEV_ABS_35=55:1750:16
EVDEV_ABS_36=51:950:15
#########################################
# System76
#########################################

4
hwdb.d/60-input-id.hwdb
View File

@ -70,3 +70,7 @@ id-input:modalias:input:b0003v28bdp0078*
# Lite-On Tech IBM USB Travel Keyboard with Ultra Nav Mouse
id-input:modalias:input:b0003v04B3p301Ee0100-e0,1,2,4*
ID_INPUT_POINTINGSTICK=1
# Logitech Ultrathin Touch Mouse
id-input:modalias:input:b0005v046DpB00De0700*
ID_INPUT_MOUSE=1

45
hwdb.d/60-keyboard.hwdb
View File

@ -160,6 +160,11 @@ evdev:atkbd:dmi:bvn*:bvr*:bd*:svnAcer*:pnAspire*8930:*
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnAcer*:pnAspire*7750G:pvr*
KEYBOARD_KEY_e0=!pageup
# Predator PH 315-52
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnAcer*:pnPredator*PH*315-52:pvr*
KEYBOARD_KEY_ef=kbdillumup # Fn+F10
KEYBOARD_KEY_f0=kbdillumdown # Fn+F9
# Travelmate C300
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnAcer*:pnTravelMate*C3[01]0*:pvr*
KEYBOARD_KEY_67=f24 # FIXME: rotate screen
@ -481,6 +486,9 @@ evdev:input:b0003v0458p0708*
# Hewlett Packard
###########################################################
evdev:name:Intel HID events:dmi:bvn*:bvr*:bd*:svnHP*:pn*:pvr*
KEYBOARD_KEY_8=unknown # Use hp-wireless instead
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnHewlett-Packard*:pn*:pvr*
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnHP*:pn*:pvr*
KEYBOARD_KEY_81=fn_esc
@ -518,12 +526,21 @@ evdev:atkbd:dmi:bvn*:bvr*:bd*:svnHewlett-Packard*:pnHP*Pavilion*dv7*Notebook*PC:
KEYBOARD_KEY_c6=break
KEYBOARD_KEY_94=reserved
# Pavilion and Spectre x360 13 (Prevents random airplane mode activation)
# Pavilion 13 x360 (Tablet mode and SYSRQ key)
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnHewlett-Packard*:pn*[pP][aA][vV][iI][lL][iI][oO][nN]*13*x360*:pvr*
KEYBOARD_KEY_d7=!f22 # touchpad off
KEYBOARD_KEY_d9=unknown
KEYBOARD_KEY_d2=sysrq # Fn+Print = SYSRQ
# Spectre x360 13 (Prevents random airplane mode activation)
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnHewlett-Packard*:pn*[sS][pP][eE][cC][tT][rR][eE]*x360*13*:pvr*
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnHP*:pn*[sS][pP][eE][cC][tT][rR][eE]*x360Convertible*:pvr*
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnHewlett-Packard*:pn*[pP][aA][vV][iI][lL][iI][oO][nN]*13*x360*:pvr*
KEYBOARD_KEY_d7=unknown
# Spectre x360 13
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnHP*:pnHPSpectrex360Convertible13*:pvr*
KEYBOARD_KEY_82=f20 # Fn+F12; Microphone mute button, should be micmute
# Elitebook
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnHewlett-Packard*:pn*Compaq*:pvr*
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnHewlett-Packard*:pn*EliteBook*:pvr*
@ -581,6 +598,8 @@ evdev:atkbd:dmi:bvn*:bvr*:bd*:svnHewlett-Packard*:pnHDX9494NR:pvr*
# HP EliteBook 725 G2
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnHewlett-Packard*:pnHPLicrice:pvr*
# HP EliteBook 840 G1
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnHewlett-Packard*:pnHPEliteBook840G1:pvr*
# HP ProBook 440 G2
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnHewlett-Packard*:pnHP440G2:pvr*
# several HP ProBooks 4xx
@ -589,6 +608,8 @@ evdev:atkbd:dmi:bvn*:bvr*:bd*:svnHP*:pnHP*ProBook*4*:pvr*
# HP ZBook
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnHewlett-Packard*:pnHPZBook*:pvr*
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnHP*:pnHPZBook*:pvr*
# Elitebook x360 1040 G6
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnHP:pn*EliteBook*x3601040G6:pvr*
KEYBOARD_KEY_81=f20 # Fn+F8; Microphone mute button, should be micmute
# HP ZBook 15 G2
@ -808,6 +829,15 @@ evdev:atkbd:dmi:bvn*:bvr*:svnLENOVO*:pn*IdeaPad*Z370*:pvr*
KEYBOARD_KEY_ae=!volumedown
KEYBOARD_KEY_b0=!volumeup
# Fix for volume keys on Lenovo Yoga S940
# For 10th gen it should be pn81Q8 instead of pn81Q7 but
# I don't have a device to test
# perhaps pn81Q* would work for both generations
evdev:atkbd:dmi:bvn*:bvr*:svnLENOVO:pn81Q7*:pvrLenovoYogaS940*
KEYBOARD_KEY_a0=!mute
KEYBOARD_KEY_ae=!volumedown
KEYBOARD_KEY_b0=!volumeup
# Lenovo Y50-70
evdev:atkbd:dmi:bvn*:bvr*:svnLENOVO*:pn*20378*:pvr*
KEYBOARD_KEY_f3=f21 # Fn+F6 (toggle touchpad)
@ -999,6 +1029,11 @@ evdev:input:b0005v046DpB30B*
KEYBOARD_KEY_c103a=prog3 # Smartkey C → XF86Launch3
KEYBOARD_KEY_c103b=prog4 # Smartkey D → XF86Launch4
# Logitech K811
evdev:input:b0005v046DpB317*
KEYBOARD_KEY_70047=brightnessdown
KEYBOARD_KEY_70048=brightnessup
# iTouch
evdev:input:b0003v046DpC308*
KEYBOARD_KEY_90001=shop # Shopping
@ -1112,6 +1147,7 @@ evdev:atkbd:dmi:bvn*:bvr*:bd*:svnMAXDATA:pnPro*7000*:pvr*
# Akoya
evdev:atkbd:dmi:bvn*:bvr*:svnMEDION*:pnS3409*:pvr*
evdev:atkbd:dmi:bvn*:bvr*:svnMedion*:pnAkoya*:pvr*
evdev:atkbd:dmi:bvn*:bvr*:svnMedion*:pnP6669*:pvr*
KEYBOARD_KEY_a0=!mute
KEYBOARD_KEY_ae=!volumedown
KEYBOARD_KEY_b0=!volumeup
@ -1192,6 +1228,11 @@ evdev:atkbd:dmi:bvn*:bvr*:bd*:svnMicro-Star*:pn*PR200*:pvr*
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnMICRO-STAR*:pnU90/U100:*
KEYBOARD_KEY_e4=reserved
# MSI Prestige15 A10SC specific keycodes. Needed for microphone and screen rotation
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnMicro-Star*:pn*A10SC*:pvr*
KEYBOARD_KEY_f1=f20
KEYBOARD_KEY_f2=f21
###########################################################
# MSI
###########################################################

66
hwdb.d/60-sensor.hwdb
View File

@ -93,6 +93,9 @@ sensor:modalias:acpi:BOSC0200*:dmi:*:svnAcer*:pnSwitchSW312-31:*
sensor:modalias:acpi:BOSC0200*:dmi:*svn*Acer*:*pn*Spin*SP111-33*
ACCEL_MOUNT_MATRIX=0, 1, 0; 1, 0, 0; 0, 0, 1
sensor:modalias:acpi:BOSC0200*:dmi:*svnAcer*:*pnSpinSP111-34*
ACCEL_MOUNT_MATRIX=0, 1, 0; 1, 0, 0; 0, 0, 1
#########################################
# Archos
#########################################
@ -177,6 +180,10 @@ sensor:modalias:acpi:BOSC0200*:dmi:bvnAmericanMegatrendsInc.:bvrP02A_C106.60E:*:
sensor:modalias:acpi:BOSC0200*:dmi:*:svn*CHUWIINNOVATIONANDTECHNOLOGY*:pnHi10protablet:*
ACCEL_MOUNT_MATRIX=0, -1, 0; -1, 0, 0; 0, 0, 1
# Chuwi Hi10 X
sensor:modalias:acpi:MXC6655*:dmi:*:svnCHUWIInnovationAndTechnology*:pnHi10X:*
ACCEL_MOUNT_MATRIX=0, 1, 0; 1, 0, 0; 0, 0, 1
# Chuwi Hi12
sensor:modalias:acpi:BOSC0200*:dmi:*:svnHampoo:pnP02BD6_HI-122LP:*
ACCEL_MOUNT_MATRIX=1, 0, 0; 0, -1, 0; 0, 0, 1
@ -193,6 +200,10 @@ sensor:modalias:acpi:BOSC0200*:dmi:bvnAmericanMegatrendsInc.:bvr5.11:bd05/07/201
sensor:modalias:acpi:BOSC0200*:dmi:bvnAmericanMegatrendsInc.:bvr5.11:bd05/28/2016:svnDefaultstring:pnDefaultstring:pvrDefaultstring:rvnHampoo:rnCherryTrailCR:rvrDefaultstring:cvnDefaultstring:ct3:cvrDefaultstring:
ACCEL_MOUNT_MATRIX=1, 0, 0; 0, -1, 0; 0, 0, 1
# Chuwi HiBook Pro (CWI526)
sensor:modalias:acpi:BOSC0200*:dmi:*:svnHampoo*:pnP1D6_C109K:*
ACCEL_MOUNT_MATRIX=1, 0, 0; 0, -1, 0; 0, 0, 1
# Chuwi CoreBook
# Chuwi CoreBook does not have its product name filled, so we
# match the entire dmi-alias
@ -249,6 +260,10 @@ sensor:modalias:acpi:*KIOX000A*:dmi:*svn*CytrixTechnology:*pn*Complex11t*
sensor:modalias:platform:HID-SENSOR-200073:dmi:*svnDell*:pnVostro5581:*
ACCEL_LOCATION=base
# Dell Venue 8 Pro 3845
sensor:modalias:acpi:INVN6500*:dmi:*svnDellInc.*:pnVenue8Pro3845*
ACCEL_MOUNT_MATRIX=0, -1, 0; -1, 0, 0; 0, 0, 1
# Dell Venue 10 Pro 5055
sensor:modalias:acpi:INVN6500*:dmi:*svnDell*:pnVenue10Pro5055*
ACCEL_MOUNT_MATRIX=0, -1, 0; 1, 0, 0; 0, 0, 1
@ -279,12 +294,32 @@ sensor:modalias:acpi:ACCE0001*:dmi:*svnEndless*:*pnELT-NL3*
sensor:modalias:acpi:KIOX000A*:dmi:*:svnEVE*:pnEveV:*
ACCEL_MOUNT_MATRIX=0, 1, 0; -1, 0, 0; 0, 0, 1
#########################################
# Geo Computers
#########################################
# Geoflex
sensor:modalias:acpi:KIOX010A*:dmi:*:svnGEO*:pnGeoFlex*:*
ACCEL_MOUNT_MATRIX=-1, 0, 0; 0, -1, 0; 0, 0, 1
#########################################
# Google Chromebooks
#########################################
sensor:modalias:platform:cros-ec-accel:dmi:*:svnGOOGLE*
ACCEL_MOUNT_MATRIX=-1, 0, 0; 0, -1, 0; 0, 0, -1
# caroline board (Samsung Chromebook Pro) reports itself as svnGoogle
sensor:modalias:platform:cros-ec-accel:dmi:*:svnGoogle:pnCaroline*
ACCEL_MOUNT_MATRIX=-1, 0, 0; 0, -1, 0; 0, 0, -1
# Dell Inspiron Chromebook 14 2-in-1
sensor:modalias:platform:cros-ec-accel:dmi:*svnGoogle:pnVayne*
ACCEL_MOUNT_MATRIX=-1, 0, 0; 0, -1, 0; 0, 0, -1
# nocturne board (Google Pixel Slate)
sensor:modalias:platform:cros-ec-accel:dmi:*Google_Nocturne*
ACCEL_MOUNT_MATRIX=1, 0, 0; 0, -1, 0; 0, 0, 1
#########################################
# GP-electronic
#########################################
@ -407,6 +442,10 @@ sensor:modalias:acpi:SMO8500*:dmi:bvnLENOVO:*:pvrLenovoMIIX3-830:*
sensor:modalias:acpi:BOSC0200*:dmi:*:svnLENOVO:pn81H3:*
ACCEL_MOUNT_MATRIX=0, 1, 0; -1, 0, 0; 0, 0, 1
# IdeaPad Miix 300
sensor:modalias:acpi:SMO8500*:dmi:bvnLENOVO:*:pvrMIIX300-*
ACCEL_MOUNT_MATRIX=0, -1, 0; -1, 0, 0; 0, 0, 1
# IdeaPad Miix 310 note this only is for BIOS version (bvr) 1HCN4?WW and 1HCN2?WW, which has
# a portrait LCD panel, versions with bvr 1HCN3?WW have a landscape panel
sensor:modalias:acpi:KIOX000A*:dmi:bvnLENOVO:bvr1HCN4?WW:*:svnLENOVO:pn80SG:*
@ -449,6 +488,7 @@ sensor:modalias:acpi:SMO8500*:dmi:*:svnMEDION:pnAkoyaE2212TMD99720:*
ACCEL_MOUNT_MATRIX=-1, 0, 0; 0, 1, 0; 0, 0, 1
# Medion Akoya E2215T MD60198
sensor:modalias:acpi:KIOX000A*:dmi:*svnMEDION:pnE2215TMD60198:*
# Medion Akoya E3216 MD60900
# Medion Akoya E3221 MD61237
# Medion Akoya E2292 MD63390
@ -461,6 +501,12 @@ sensor:modalias:acpi:KIOX010A*:dmi:*:svnMEDION:pnE*:*
sensor:modalias:acpi:KIOX010A*:dmi:*:svnMEDION:pnMEDION*:*
ACCEL_MOUNT_MATRIX=0, -1, 0; -1, 0, 0; 0, 0, 1
#########################################
# MPMAN
#########################################
sensor:modalias:acpi:BMA250E*:dmi:*:svnMPMAN:pnMPWIN8900CL:*
ACCEL_MOUNT_MATRIX=1, 0, 0; 0, -1, 0; 0, 0, 1
#########################################
# MSI
#########################################
@ -491,6 +537,12 @@ sensor:modalias:acpi:KIOX000A*:dmi:*:svnTMAX:pnTM101W610L:*
sensor:modalias:acpi:BOSC0200*:dmi:*:svnNuvision:pnNES11:*
ACCEL_MOUNT_MATRIX=1, 0, 0; 0, -1, 0; 0, 0, 1
#########################################
# Odys
#########################################
sensor:modalias:acpi:BOSC0200*:dmi:bvnINSYDECorp.:bvrODYS.FUSIONWIN12:*
ACCEL_MOUNT_MATRIX=-1, 0, 0; 0, 1, 0; 0, 0, 1
#########################################
# Onda
#########################################
@ -605,6 +657,14 @@ sensor:modalias:acpi:KIOX000A*:dmi:*:svnTECLAST:pnX98PlusII:*
sensor:modalias:acpi:BMA250E*:dmi:bvnAmericanMegatrendsInc.:bvr5.6.5:bd04/15/2014:svnTobefilledbyO.E.M.:pnTobefilledbyO.E.M.:pvrTobefilledbyO.E.M.:rvnAMICorporation:rnAptioCRB:rvrTobefilledbyO.E.M.:cvnToBeFilledByO.E.M.:ct3:cvrToBeFilledByO.E.M.:
ACCEL_MOUNT_MATRIX=-1, 0, 0; 0, 1, 0; 0, 0, 1
#########################################
# Toshiba
#########################################
# Toshiba Encore WT10A tablet
sensor:modalias:acpi:INVN6500*:dmi:*:svnTOSHIBA:pnTOSHIBAWT10-A-103:*
ACCEL_MOUNT_MATRIX=0, -1, 0; -1, 0, 0; 0, 0, 1
#########################################
# Trekstor
#########################################
@ -612,6 +672,9 @@ sensor:modalias:acpi:BMA250*:dmi:*:bvrTREK.G.WI71C.JGBMRBA*:*:svnInsyde:pnST7041
sensor:modalias:acpi:BMA250*:dmi:*:bvrTREK.G.WI71C.JGBMRBA*:*:svnTrekStor:pnSurfTabwintron7.0ST70416-6:*
ACCEL_MOUNT_MATRIX=0, 1, 0; 1, 0, 0; 0, 0, 1
sensor:modalias:acpi:KIOX000A*:dmi:*:svnTrekStor:pnSurfTabtwin10.1:*
ACCEL_MOUNT_MATRIX=-1, 0, 0; 0, 1, 0; 0, 0, 1
sensor:modalias:acpi:KIOX000A*:dmi:*:svnTREKSTOR*:pnPrimetabS11B:*
sensor:modalias:acpi:KIOX000A*:dmi:*:svnTREKSTOR:pnPrimetabT13B:*
sensor:modalias:acpi:BOSC0200*:dmi:*:svnTrekStor*:pnSurfTabtwin11.6:*
@ -630,6 +693,9 @@ sensor:modalias:acpi:KIOX020A*:dmi:*:svnTREKSTOR:pnPRIMEBOOKC11B:*
#########################################
# Umax
#########################################
sensor:modalias:acpi:KIOX000A*:dmi:*:svnUMAX:pnVisionBook10WiPro:*
ACCEL_MOUNT_MATRIX=1, 0, 0; 0, -1, 0; 0, 0, 1
sensor:modalias:acpi:SMO8500*:dmi:*:svnUMAX:pnVisionBook10WiPlus:*
ACCEL_MOUNT_MATRIX=0, -1, 0; -1, 0, 0; 0, 0, 1

36
hwdb.d/70-mouse.hwdb
View File

@ -50,8 +50,6 @@
# MOUSE_WHEEL_CLICK_ANGLE_HORIZONTAL
# MOUSE_WHEEL_CLICK_COUNT
# MOUSE_WHEEL_CLICK_COUNT_HORIZONTAL
# MOUSE_WHEEL_TILT_HORIZONTAL
# MOUSE_WHEEL_TILT_VERTICAL
#
#########################################
# ID_INPUT_TRACKBALL #
@ -136,26 +134,6 @@
# MOUSE_WHEEL_CLICK_COUNT_HORIZONTAL works the same way but also follows the
# rules of MOUSE_WHEEL_CLICK_ANGLE_HORIZONTAL.
#########################################
# MOUSE_WHEEL_TILT_HORIZONTAL #
# MOUSE_WHEEL_TILT_VERTICAL #
#########################################
#
# Indicates that the respective axis is not a mouse wheel rotation but a
# tilt along that axis. Wheel tilt is most commonly used for horizontal
# scroll wheel emulation on mice with only a single vertical wheel.
#
# The vertical and horizontal Axes are independently marked as tilt axes,
# for example it is permitted to have a MOUSE_WHEEL_CLICK_COUNT or
# MOUSE_WHEEL_CLICK_ANGLE for the vertical axis and mark the horizontal axis
# marked as as MOUSE_WHEEL_TILT_HORIZONTAL.
#
# It is a bug to have either CLICK_COUNT or CLICK_ANGLE set on the same axis
# as WHEEL_TILT. Applications should give priority to WHEEL_TILT and ignore
# other settings.
#
# This is a flag only, permitted values: 0 or 1
#
# Sort by brand, type (usb, bluetooth), DPI, frequency.
# For mice with switchable resolution, sort by the starred entry.
@ -369,6 +347,10 @@ mouse:usb:v046dpc068:name:Logitech G500:
# Logitech G502 Proteus Spectrum
mouse:usb:v046dpc332:name:Logitech Gaming Mouse G502:
# Logitech G502 HERO SE
mouse:usb:v046dpc08b:name:Logitech G502 HERO SE:
# Logitech G502 Hero
mouse:usb:v046dpc08b:name:Logitech G502 HERO Gaming Mouse:
MOUSE_DPI=1200@1000 *2400@1000 3200@1000 6400@1000
# Logitech G700 Laser Mouse (Wired)
@ -399,6 +381,10 @@ mouse:usb:v046dp101b:name:Logitech M705:
mouse:usb:v046dpc52b:name:Logitech Unifying Device. Wireless PID:101b:
MOUSE_DPI=1000@125
# Logitech M705 (newer version?)
mouse:usb:v046dp406d:name:Logitech M705:
MOUSE_DPI=1000@167
# Logitech M305 Wireless Optical Mouse
mouse:usb:v046dpc52f:name:Logitech USB Receiver:
MOUSE_DPI=1000@170
@ -754,3 +740,9 @@ mouse:usb:v3057p0001:*
MOUSE_DPI=400@125 *800@125 1600@125 3200@125 400@500 800@500 1600@500 3200@500 400@1000 800@1000 1600@1000 3200@1000
MOUSE_WHEEL_CLICK_COUNT=16
MOUSE_WHEEL_CLICK_ANGLE=23
# Zowie ZA12
mouse:usb:v1af3p0001:name:Kingsis Peripherals ZOWIE Gaming mouse:
MOUSE_DPI=400@125 *800@125 1600@125 3200@125 400@500 800@500 1600@500 3200@500 400@1000 800@1000 1600@1000 3200@1000
MOUSE_WHEEL_CLICK_COUNT=16
MOUSE_WHEEL_CLICK_ANGLE=23

1
hwdb.d/acpi_id_registry.html
View File

@ -97,6 +97,7 @@
<tr class="odd"><td>ASEM S.p.A.</td><td>ASEM</td><td>04/29/2019</td> </tr>
<tr class="even"><td>Fujitsu Limited</td><td>FUJI</td><td>06/18/2019</td> </tr>
<tr class="odd"><td>Phytium Technology Co. Ltd.</td><td>PHYT</td><td>02/14/2020</td> </tr>
<tr class="even"><td>CHENGDU HAIGUANG IC DESIGN CO., LTD</td><td>HYGO</td><td>07/15/2020</td> </tr>
</tbody>
</table>
</body>

6228
hwdb.d/ma-large.txt
View File

File diff suppressed because it is too large Load Diff

1324
hwdb.d/ma-medium.txt
View File

File diff suppressed because it is too large Load Diff

1411
hwdb.d/ma-small.txt
View File

File diff suppressed because it is too large Load Diff

408
hwdb.d/pci.ids
View File

File diff suppressed because it is too large Load Diff

3387
hwdb.d/usb.ids
View File

File diff suppressed because it is too large Load Diff

12
man/custom-html.xsl
View File

@ -19,7 +19,8 @@
<xsl:template match="citerefentry[not(@project)]">
<a>
<xsl:attribute name="href">
<xsl:value-of select="refentrytitle"/><xsl:text>.html#</xsl:text>
<xsl:value-of select="refentrytitle"/>
<xsl:text>.html#</xsl:text>
<xsl:value-of select="refentrytitle/@target"/>
</xsl:attribute>
<xsl:call-template name="inline.charseq"/>
@ -133,6 +134,15 @@
</a>
</xsl:template>
<xsl:template match="citerefentry[@project='url']">
<a>
<xsl:attribute name="href">
<xsl:value-of select="refentrytitle/@url"/>
</xsl:attribute>
<xsl:call-template name="inline.charseq"/>
</a>
</xsl:template>
<!--
- helper template to do conflict resolution between various headings with the same inferred ID attribute/tag from the headerlink template
- this conflict resolution is necessary to prevent malformed HTML output (multiple ID attributes with the same value)

8
man/homectl.xml
View File

@ -462,10 +462,10 @@
<term><option>--tasks-max=</option><replaceable>TASKS</replaceable></term>
<listitem><para>Takes a non-zero unsigned integer as argument. Configures the maximum numer of tasks
(i.e. processes and threads) the user may have at any given time. This limit applies to all tasks
forked off the user's sessions, even if they change user identity via <citerefentry
project='man-pages'><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></citerefentry> or a
similar tool. Use <option>--rlimit=LIMIT_NPROC=</option> to place a limit on the tasks actually
(i.e. threads, where each process is at least one thread) the user may have at any given time. This
limit applies to all tasks forked off the user's sessions, even if they change user identity via
<citerefentry project='man-pages'><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></citerefentry>
or a similar tool. Use <option>--rlimit=LIMIT_NPROC=</option> to place a limit on the tasks actually
running under the UID of the user, thus excluding any child processes that might have changed user
identity. This controls the <varname>TasksMax=</varname> settting of the per-user systemd slice unit
<filename>user-$UID.slice</filename>. See

3
man/repart.d.xml
View File

@ -281,7 +281,8 @@
<varname>SizeMaxBytes=</varname>) otherwise. If the backing device does not provide enough space to
fulfill the constraints placing the partition will fail. For partitions that shall be created,
depending on the setting of <varname>Priority=</varname> (see above) the partition might be dropped
and the placing algorithm restarted. By default no size constraints are set.</para></listitem>
and the placing algorithm restarted. By default a minimum size constraint of 10M and no maximum size
constraint is set.</para></listitem>
</varlistentry>
<varlistentry>

8
man/systemctl.xml
View File

@ -263,11 +263,9 @@ Sun 2017-02-26 20:57:49 EST 2h 3min left Sun 2017-02-26 11:56:36 EST 6h ago
If a unit name with no extension is given, an extension of
<literal>.target</literal> will be assumed.</para>
<para>This is similar to changing the runlevel in a
traditional init system. The <command>isolate</command>
command will immediately stop processes that are not enabled
in the new unit, possibly including the graphical
environment or terminal you are currently using.</para>
<para>This command is dangerous, since it will immediately stop processes that are not enabled in
the new target, possibly including the graphical environment or terminal you are currently using.
</para>
<para>Note that this is allowed only on units where
<option>AllowIsolate=</option> is enabled. See

6
man/systemd-makefs@.service.xml
View File

@ -51,7 +51,8 @@
<para><filename>systemd-makefs</filename> knows very little about specific file
systems and swap devices, and after checking that the block device does not already
contain a file system or other content, it will execute binaries specific to
each filesystem type (<filename>/sbin/mkfs.<replaceable>type</replaceable></filename>).</para>
each filesystem type (<filename>/sbin/mkfs.<replaceable>type</replaceable></filename>
or <filename>/sbin/mkswap</filename>).</para>
<para><filename>systemd-growfs</filename> knows very little about specific file
systems and swap devices, and will instruct the kernel to grow the mounted
@ -61,8 +62,7 @@
number specific to each file system, so only certain types are supported.
Currently:
<citerefentry project='man-pages'><refentrytitle>ext4</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
btrfs (see
<citerefentry project='man-pages'><refentrytitle>btrfs-man5</refentrytitle><manvolnum>5</manvolnum></citerefentry>),
<citerefentry project='url'><refentrytitle url='https://btrfs.wiki.kernel.org/index.php/Manpage/btrfs(5)'>btrfs</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
<citerefentry project='man-pages'><refentrytitle>xfs</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
<!-- yes, that's what the man page is called. -->
and dm-crypt partitions (see

8
man/systemd-udevd.service.xml
View File

@ -77,7 +77,7 @@
</varlistentry>
<varlistentry>
<term><option>-c=</option></term>
<term><option>-c</option></term>
<term><option>--children-max=</option></term>
<listitem>
<para>Limit the number of events executed in parallel.</para>
@ -85,7 +85,7 @@
</varlistentry>
<varlistentry>
<term><option>-e=</option></term>
<term><option>-e</option></term>
<term><option>--exec-delay=</option></term>
<listitem>
<para>Delay the execution of <varname>RUN</varname>
@ -97,7 +97,7 @@
</varlistentry>
<varlistentry>
<term><option>-t=</option></term>
<term><option>-t</option></term>
<term><option>--event-timeout=</option></term>
<listitem>
<para>Set the number of seconds to wait for events to finish. After
@ -106,7 +106,7 @@
</varlistentry>
<varlistentry>
<term><option>-N=</option></term>
<term><option>-N</option></term>
<term><option>--resolve-names=</option></term>
<listitem>
<para>Specify when systemd-udevd should resolve names of users and groups.

6
man/systemd.automount.xml
View File

@ -57,6 +57,12 @@
<para>Automount units may be used to implement on-demand mounting
as well as parallelized mounting of file systems.</para>
<para>Note that automount units are separate from the mount itself, so you
should not set <varname>After=</varname> or <varname>Requires=</varname>
for mount dependencies here. For example, you should not set
<varname>After=network-online.target</varname> or similar on network
filesystems. Doing so may result in an ordering cycle.</para>
</refsect1>
<refsect1>

8
man/systemd.exec.xml
View File

@ -2070,13 +2070,7 @@ SystemCallErrorNumber=EPERM</programlisting>
<citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry> for more
details about named file descriptors and their ordering.</para>
<para>This setting defaults to <option>null</option>.</para>
<para>Note that services which specify <option>DefaultDependencies=no</option> and use
<varname>StandardInput=</varname> or <varname>StandardOutput=</varname> with
<option>tty</option>/<option>tty-force</option>/<option>tty-fail</option>, should specify
<option>After=systemd-vconsole-setup.service</option>, to make sure that the tty initialization is
finished before they start.</para></listitem>
<para>This setting defaults to <option>null</option>.</para></listitem>
</varlistentry>
<varlistentry>

12
man/systemd.mount.xml
View File

@ -204,7 +204,11 @@
system that merges multiple mount points). See
<varname>After=</varname> and <varname>Requires=</varname> in
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for details.</para></listitem>
for details.</para>
<para>Note that this option always applies to the created mount unit
only regardless whether <option>x-systemd.automount</option> has been
specified.</para></listitem>
</varlistentry>
<varlistentry>
@ -223,7 +227,11 @@
unit.
See <varname>Before=</varname> and <varname>After=</varname> in
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for details.</para></listitem>
for details.</para>
<para>Note that these options always apply to the created mount unit
only regardless whether <option>x-systemd.automount</option> has been
specified.</para></listitem>
</varlistentry>
<varlistentry>

4
man/systemd.resource-control.xml
View File

@ -669,8 +669,8 @@
</varlistentry>
<varlistentry>
<term><varname>IPIngressFilterPath=<replaceable>BPF_FS_PROGRAMM_PATH</replaceable></varname></term>
<term><varname>IPEgressFilterPath=<replaceable>BPF_FS_PROGRAMM_PATH</replaceable></varname></term>
<term><varname>IPIngressFilterPath=<replaceable>BPF_FS_PROGRAM_PATH</replaceable></varname></term>
<term><varname>IPEgressFilterPath=<replaceable>BPF_FS_PROGRAM_PATH</replaceable></varname></term>
<listitem>
<para>Add custom network traffic filters implemented as BPF programs, applying to all IP packets

19
man/systemd.special.xml
View File

@ -228,22 +228,25 @@
<term><filename>emergency.target</filename></term>
<listitem>
<para>A special target unit that starts an emergency shell on the main console. This
target does not pull in any services or mounts. It is the most minimal version of
target does not pull in other services or mounts. It is the most minimal version of
starting the system in order to acquire an interactive shell; the only processes running
are usually just the system manager (PID 1) and the shell process. This unit is supposed
to be used with the kernel command line option <varname>systemd.unit=</varname>; it is
also used when a file system check on a required file system fails, and boot-up cannot
are usually just the system manager (PID 1) and the shell process. This unit may be used
by specifying <varname>emergency</varname> on the kernel command line; it is
also used when a file system check on a required file system fails and boot-up cannot
continue. Compare with <filename>rescue.target</filename>, which serves a similar
purpose, but also starts the most basic services and mounts all file systems.</para>
<para>Use the <literal>systemd.unit=emergency.target</literal> kernel command line
option to boot into this mode. A short alias for this kernel command line option is
<literal>emergency</literal>, for compatibility with SysV.</para>
<para>In many ways booting into <filename>emergency.target</filename> is similar to the
effect of booting with <literal>init=/bin/sh</literal> on the kernel command line,
except that emergency mode provides you with the full system and service manager, and
allows starting individual units in order to continue the boot process in steps.</para>
<para>Note that depending on how <filename>emergency.target</filename> is reached, the root file
system might be mounted read-only or read-write (no remounting is done specially for this
target). For example, the system may boot with root mounted read-only when <varname>ro</varname>
is used on the kernel command line and remain this way for <filename>emergency.target</filename>,
or the system may transition to <filename>emergency.target</filename> after the system has been
partially booted and disks have already been remounted read-write.</para>
</listitem>
</varlistentry>
<varlistentry>

79
man/udev.xml
View File

@ -280,13 +280,17 @@
<varlistentry>
<term><varname>PROGRAM</varname></term>
<listitem>
<para>Execute a program to determine whether there
is a match; the key is true if the program returns
successfully. The device properties are made available to the
executed program in the environment. The program's standard output
is available in the <varname>RESULT</varname> key.</para>
<para>This can only be used for very short-running foreground tasks. For details,
see <varname>RUN</varname>.</para>
<para>Execute a program to determine whether there is a match; the key is true if the program
returns successfully. The device properties are made available to the executed program in the
environment. The program's standard output is available in the <varname>RESULT</varname>
key.</para>
<para>This can only be used for very short-running foreground tasks. For details, see
<varname>RUN</varname>.</para>
<para>Note that multiple <varname>PROGRAM</varname> keys may be specified in one rule, and
<literal>=</literal>, <literal>:=</literal>, and <literal>+=</literal> have the same effect as
<literal>==</literal>.</para>
</listitem>
</varlistentry>
@ -429,9 +433,14 @@
<varlistentry>
<term><varname>RUN{<replaceable>type</replaceable>}</varname></term>
<listitem>
<para>Add a program to the list of programs to be executed after
processing all the rules for a specific event, depending on
<literal>type</literal>:</para>
<para>Specify a program to be executed after processing of all the rules for the event. With
<literal>+=</literal>, this invocation is added to the list, and with <literal>=</literal> or
<literal>:=</literal>, it replaces any previous contents of the list. Please note that both
<literal>program</literal> and <literal>builtin</literal> types described below use a single
list, so clearing the list with <literal>:=</literal> and <literal>=</literal> affects both
types.</para>
<para><replaceable>type</replaceable> may be:</para>
<variablelist>
<varlistentry>
<term><literal>program</literal></term>
@ -452,21 +461,21 @@
</listitem>
</varlistentry>
</variablelist>
<para>The program name and following arguments are separated by spaces.
Single quotes can be used to specify arguments with spaces.</para>
<para>This can only be used for very short-running foreground tasks. Running an
event process for a long period of time may block all further events for
this or a dependent device.</para>
<para>Starting daemons or other long-running processes is not appropriate
for udev; the forked processes, detached or not, will be unconditionally
killed after the event handling has finished.</para>
<para>Note that running programs that access the network or mount/unmount
filesystems is not allowed inside of udev rules, due to the default sandbox
that is enforced on <filename>systemd-udevd.service</filename>.</para>
<para>Please also note that <literal>:=</literal> and <literal>=</literal> are clearing
both, program and builtin commands.</para>
<para>In order to activate long-running processes from udev rules, provide a service unit, and
pull it in from a udev device using the <varname>SYSTEMD_WANTS</varname> device property. See
<para>The program name and following arguments are separated by spaces. Single quotes can be
used to specify arguments with spaces.</para>
<para>This can only be used for very short-running foreground tasks. Running an event process for
a long period of time may block all further events for this or a dependent device.</para>
<para>Note that running programs that access the network or mount/unmount filesystems is not
allowed inside of udev rules, due to the default sandbox that is enforced on
<filename>systemd-udevd.service</filename>.</para>
<para>Starting daemons or other long-running processes is not allowed; the forked processes,
detached or not, will be unconditionally killed after the event handling has finished. In order
to activate long-running processes from udev rules, provide a service unit and pull it in from a
udev device using the <varname>SYSTEMD_WANTS</varname> device property. See
<citerefentry><refentrytitle>systemd.device</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for details.</para>
</listitem>
@ -489,8 +498,9 @@
<varlistentry>
<term><varname>IMPORT{<replaceable>type</replaceable>}</varname></term>
<listitem>
<para>Import a set of variables as device properties,
depending on <literal>type</literal>:</para>
<para>Import a set of variables as device properties, depending on
<replaceable>type</replaceable>:</para>
<variablelist>
<varlistentry>
<term><literal>program</literal></term>
@ -542,8 +552,14 @@
</listitem>
</varlistentry>
</variablelist>
<para>This can only be used for very short-running foreground tasks. For details
see <option>RUN</option>.</para>
<para>This can only be used for very short-running foreground tasks. For details see
<option>RUN</option>.</para>
<para>Note that multiple <varname>IMPORT{}</varname> keys may be specified in one rule, and
<literal>=</literal>, <literal>:=</literal>, and <literal>+=</literal> have the same effect as
<literal>==</literal>. The key is true if the import is successful, unless <literal>!=</literal>
is used as the operator which causes the key to be true if the import failed.</para>
</listitem>
</varlistentry>
@ -633,9 +649,8 @@
<varlistentry>
<term><option>$number</option>, <option>%n</option></term>
<listitem>
<para>The kernel number for this device. For example,
<literal>sda3</literal> has kernel number <literal>3</literal>.
</para>
<para>The kernel number for this device. For example, <literal>sda3</literal> has kernel number
3.</para>
</listitem>
</varlistentry>

4
man/udevadm.xml
View File

@ -359,7 +359,9 @@
<para>Maximum number of seconds to wait for the event
queue to become empty. The default value is 120 seconds. A
value of 0 will check if the queue is empty and always
return immediately.</para>
return immediately. A non-zero value will return an exit
code of 0 if queue became empty before timeout was reached,
non-zero otherwise.</para>
</listitem>
</varlistentry>
<varlistentry>

2
meson_options.txt
View File

@ -56,7 +56,7 @@ option('debug-extra', type : 'array', choices : ['hashmap', 'mmap-cache', 'sipha
option('memory-accounting-default', type : 'boolean',
description : 'enable MemoryAccounting= by default')
option('bump-proc-sys-fs-file-max', type : 'boolean',
description : 'bump /proc/sys/fs/file-max to ULONG_MAX')
description : 'bump /proc/sys/fs/file-max to LONG_MAX')
option('bump-proc-sys-fs-nr-open', type : 'boolean',
description : 'bump /proc/sys/fs/nr_open to INT_MAX')
option('valgrind', type : 'boolean', value : false,

5
rules.d/60-persistent-storage.rules
View File

@ -76,8 +76,9 @@ KERNEL=="sd*[!0-9]|sr*", ATTRS{ieee1394_id}=="?*", SYMLINK+="disk/by-id/ieee1394
KERNEL=="sd*[0-9]", ATTRS{ieee1394_id}=="?*", SYMLINK+="disk/by-id/ieee1394-$attr{ieee1394_id}-part%n"
# MMC
KERNEL=="mmcblk[0-9]", SUBSYSTEMS=="mmc", ATTRS{name}=="?*", ATTRS{serial}=="?*", \
ENV{ID_NAME}="$attr{name}", ENV{ID_SERIAL}="$attr{serial}", SYMLINK+="disk/by-id/mmc-$env{ID_NAME}_$env{ID_SERIAL}"
KERNEL=="mmcblk[0-9]", SUBSYSTEMS=="mmc", ATTRS{serial}=="?*", ENV{ID_SERIAL}="$attr{serial}"
KERNEL=="mmcblk[0-9]", SUBSYSTEMS=="mmc", ATTRS{name}=="?*", ENV{ID_NAME}="$attr{name}"
KERNEL=="mmcblk[0-9]", ENV{ID_NAME}=="?*", ENV{ID_SERIAL}=="?*", SYMLINK+="disk/by-id/mmc-$env{ID_NAME}_$env{ID_SERIAL}"
KERNEL=="mmcblk[0-9]p[0-9]*", ENV{ID_NAME}=="?*", ENV{ID_SERIAL}=="?*", SYMLINK+="disk/by-id/mmc-$env{ID_NAME}_$env{ID_SERIAL}-part%n"
# UBI-MTD

2
rules.d/61-autosuspend-manual.rules
View File

@ -10,6 +10,8 @@ SUBSYSTEM=="usb", GOTO="autosuspend_manual_usb"
# USB rules
LABEL="autosuspend_manual_usb"
ATTR{idVendor}=="056a", ATTR{idProduct}=="51a0", GOTO="autosuspend_manual_enable"
ATTR{idVendor}=="058f", ATTR{idProduct}=="9540", GOTO="autosuspend_manual_enable"
GOTO="autosuspend_manual_end"
# Enable autosuspend

1
rules.d/99-systemd.rules.in
View File

@ -49,6 +49,7 @@ SUBSYSTEM=="net", KERNEL!="lo", TAG+="systemd", ENV{SYSTEMD_ALIAS}+="/sys/subsys
SUBSYSTEM=="bluetooth", TAG+="systemd", ENV{SYSTEMD_ALIAS}+="/sys/subsystem/bluetooth/devices/%k"
SUBSYSTEM=="bluetooth", TAG+="systemd", ENV{SYSTEMD_WANTS}+="bluetooth.target", ENV{SYSTEMD_USER_WANTS}+="bluetooth.target"
SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", ENV{ID_USB_INTERFACES}=="*:0b????:*", ENV{ID_SMARTCARD_READER}="1"
ENV{ID_SMARTCARD_READER}=="?*", TAG+="systemd", ENV{SYSTEMD_WANTS}+="smartcard.target", ENV{SYSTEMD_USER_WANTS}+="smartcard.target"
SUBSYSTEM=="sound", KERNEL=="card*", TAG+="systemd", ENV{SYSTEMD_WANTS}+="sound.target", ENV{SYSTEMD_USER_WANTS}+="sound.target"

7
shell-completion/bash/bootctl
View File

@ -31,7 +31,7 @@ _bootctl() {
local i verb comps
local cur=${COMP_WORDS[COMP_CWORD]} prev=${COMP_WORDS[COMP_CWORD-1]}
local -A OPTS=(
[STANDALONE]='-h --help --no-variables -p --print-esp-path -x --print-boot-path --version --no-pager'
[STANDALONE]='-h --help -p --print-esp-path -x --print-boot-path --version --no-variables --no-pager --graceful'
[ARG]='--esp-path --boot-path'
)
@ -56,7 +56,8 @@ _bootctl() {
fi
local -A VERBS=(
[STANDALONE]='help install list remove status update'
# systemd-efi-options takes an argument, but it is free-form, so we cannot complete it
[STANDALONE]='help status install update remove is-installed random-seed systemd-efi-options list'
[BOOTENTRY]='set-default set-oneshot'
)
@ -86,6 +87,8 @@ _bootctl() {
else
comps=''
fi
elif __contains_word "$verb" ${VERBS[BOOLEAN]}; then
comps="yes no"
fi
COMPREPLY=( $(compgen -W '$comps' -- "$cur") )

189
shell-completion/bash/homectl Normal file
View File

@ -0,0 +1,189 @@
# hostctl(1) completion -*- shell-script -*-
# SPDX-License-Identifier: LGPL-2.1+
#
# This file is part of systemd.
#
# systemd is free software; you can redistribute it and/or modify it
# under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation; either version 2.1 of the License, or
# (at your option) any later version.
#
# systemd is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with systemd; If not, see <http://www.gnu.org/licenses/>.
__contains_word () {
local w word=$1; shift
for w in "$@"; do
[[ $w = "$word" ]] && return
done
}
__get_machines() {
local a b
machinectl list --full --no-legend --no-pager 2>/dev/null |
{ while read a b; do echo " $a"; done; };
}
__get_homes() {
homectl --no-pager --no-legend list 2>/dev/null
}
_homectl() {
local i verb comps
local cur=${COMP_WORDS[COMP_CWORD]} prev=${COMP_WORDS[COMP_CWORD-1]}
local -A OPTS=(
[STANDALONE]='-h --help --version
--no-pager --no-legend --no-ask-password
-j -E -P'
[ARG]=' -H --host
-M --machine
--identity
--json
--export-format
-c --real-name
--realm
--email-address
--location
--icon-name
-d --home-dir
--uid
-G --member-of
--skel
--shell
--setenv
--timezone
--language
--ssh-authorized-keys
--pkcs11-token-uri
--locked
--not-before
--not-after
--rate-limit-interval
--rate-limit-burst
--password-hint
--enforce-password-policy
--password-change-now
--password-change-min
--password-change-max
--password-change-warn
--password-change-inactive
--disk-size
--access-mode
--umask
--nice
--rlimit
--tasks-max
--memory-high
--memory-max
--cpu-weight
--io-weight
--storage
--image-path
--fs-type
--luks-discard
--luks-offline-discard
--luks-cipher
--luks-cipher-mode
--luks-volume-key-size
--luks-pbkdf-type
--luks-pbkdf-hash-algorithm
--luks-pbkdf-time-cost
--luks-pbkdf-memory-cost
--luks-pbkdf-parallel-threads
--nosuid
--nodev
--noexec
--cifs-domain
--cifs-user-name
--cifs-service
--stop-delay
--kill-processes
--auto-login'
)
if __contains_word "$prev" ${OPTS[ARG]}; then
case $prev in
--host|-H)
comps=$(compgen -A hostname)
;;
--machine|-M)
comps=$( __get_machines )
;;
--identity|--image-path)
comps=$(compgen -A file -- "$cur" )
compopt -o filenames
;;
--json)
comps='pretty short off'
;;
--export-format)
comps='full stripped minimal'
;;
--locked|--enforce-password-policy|--password-change-now|--luks-discard|--luks-offline-discard|--nosuid|--nodev|--noexec|--kill-processes|--auto-login)
comps='yes no'
;;
-d|--home-dir|--skel)
comps=$(compgen -A directory -- "$cur" )
compopt -o dirnames
;;
-G|--member-of)
comps=$(compgen -A group -- "$cur" )
;;
--shell)
comps=$(cat /etc/shells)
;;
--fs-type)
comps='ext4 xfs btrsf'
;;
--cifs-user-name)
comps=$(compgen -A user -- "$cur" )
;;
esac
COMPREPLY=( $(compgen -W '$comps' -- "$cur") )
return 0
fi
if [[ "$cur" = -* ]]; then
COMPREPLY=( $(compgen -W '${OPTS[*]}' -- "$cur") )
return 0
fi
local -A VERBS=(
[STANDALONE]='list lock-all'
[CREATE]='create'
[NAMES]='activate deactivate inspect authenticate remove lock unlock'
[NAME]='update passwd'
[RESIZE]='resize'
[WITH]='with'
)
for ((i=0; i < COMP_CWORD; i++)); do
if __contains_word "${COMP_WORDS[i]}" ${VERBS[*]}; then
verb=${COMP_WORDS[i]}
break
fi
done
if [[ -z $verb ]]; then
comps=${VERBS[*]}
elif __contains_word "$verb" ${VERBS[NAME]}; then
comps=$(__get_homes)
elif __contains_word "$verb" ${VERBS[NAMES]}; then
comps=$(__get_homes)
elif __contains_word "$verb" ${VERBS[STANDALONE]} ${VERBS[CREATE]} ${VERBS[RESIZE]}; then
comps=$(__get_homes)
elif __contains_word "$verb" ${VERBS[WITH]}; then
comps=$(__get_homes)
fi
COMPREPLY=( $(compgen -W '$comps' -- "$cur") )
return 0
}
complete -F _homectl homectl

1
shell-completion/bash/loginctl
View File

@ -72,7 +72,6 @@ _loginctl () {
return 0
fi
if [[ "$cur" = -* ]]; then
COMPREPLY=( $(compgen -W '${OPTS[*]}' -- "$cur") )
return 0

4
shell-completion/bash/networkctl
View File

@ -37,8 +37,8 @@ _networkctl() {
)
local -A VERBS=(
[STANDALONE]='label'
[LINKS]='status list lldp delete renew'
[STANDALONE]='label reload'
[LINKS]='status list lldp delete renew up down forcerenew reconfigure'
)
_init_completion || return

12
shell-completion/zsh/_bootctl
View File

@ -24,6 +24,13 @@ _bootctl_set-oneshot() {
_bootctl_comp_ids
}
_bootctl_reboot-to-firmware() {
local -a _completions
_completions=( yes no )
typeset -U _completions
_describe 'possible values' _completions
}
(( $+functions[_bootctl_commands] )) || _bootctl_commands()
{
local -a _bootctl_cmds
@ -32,8 +39,10 @@ _bootctl_set-oneshot() {
"install:Install systemd-boot to the ESP and EFI variables"
"update:Update systemd-boot in the ESP and EFI variables"
"remove:Remove systemd-boot from the ESP and EFI variables"
"random-seed:Initialize random seed in ESP and EFI variables"
"is-installed:Test whether systemd-boot is installed in the ESP"
"random-seed:Initialize random seed in ESP and EFI variables"
"systemd-efi-options:Query or set system options string in EFI variable"
"list:List boot loader entries"
"set-default:Set the default boot loader entry"
"set-oneshot:Set the default boot loader entry only for the next boot"
)
@ -59,4 +68,5 @@ _arguments \
{-x,--print-boot-path}'[Print path to the $BOOT partition]' \
'--no-variables[Do not touch EFI variables]' \
'--no-pager[Do not pipe output into a pager]' \
'--graceful[Do not fail when locating ESP or writing fails]' \
'*::bootctl command:_bootctl_commands'

2
src/analyze/analyze-security.c
View File

@ -913,7 +913,7 @@ static const struct security_assessor security_assessor_table[] = {
.parameter = (UINT64_C(1) << CAP_NET_ADMIN),
},
{
.id = "CapabilityBoundingSet=~CAP_RAWIO",
.id = "CapabilityBoundingSet=~CAP_SYS_RAWIO",
.description_good = "Service has no raw I/O access",
.description_bad = "Service has raw I/O access",
.url = "https://www.freedesktop.org/software/systemd/man/systemd.exec.html#CapabilityBoundingSet=",

68
src/backlight/backlight.c
View File

@ -224,10 +224,8 @@ static int get_max_brightness(sd_device *device, unsigned *ret) {
if (r < 0)
return log_device_warning_errno(device, r, "Failed to parse 'max_brightness' \"%s\": %m", max_brightness_str);
if (max_brightness <= 0) {
log_device_warning(device, "Maximum brightness is 0, ignoring device.");
return -EINVAL;
}
if (max_brightness <= 0)
return log_device_warning_errno(device, SYNTHETIC_ERRNO(EINVAL), "Maximum brightness is 0, ignoring device.");
*ret = max_brightness;
return 0;
@ -299,6 +297,34 @@ static bool shall_clamp(sd_device *d) {
return r;
}
static int read_brightness(sd_device *device, const char **ret) {
const char *subsystem;
int r;
assert(device);
assert(ret);
r = sd_device_get_subsystem(device, &subsystem);
if (r < 0)
return log_device_debug_errno(device, r, "Failed to get subsystem: %m");
if (streq(subsystem, "backlight")) {
r = sd_device_get_sysattr_value(device, "actual_brightness", ret);
if (r >= 0)
return 0;
if (r != -ENOENT)
return log_device_debug_errno(device, r, "Failed to read 'actual_brightness' attribute: %m");
log_device_debug_errno(device, r, "Failed to read 'actual_brightness' attribute, fall back to use 'brightness' attribute: %m");
}
r = sd_device_get_sysattr_value(device, "brightness", ret);
if (r < 0)
return log_device_debug_errno(device, r, "Failed to read 'brightness' attribute: %m");
return 0;
}
static int run(int argc, char *argv[]) {
_cleanup_(sd_device_unrefp) sd_device *device = NULL;
_cleanup_free_ char *escaped_ss = NULL, *escaped_sysname = NULL, *escaped_path_id = NULL;
@ -306,13 +332,11 @@ static int run(int argc, char *argv[]) {
unsigned max_brightness;
int r;
if (argc != 3) {
log_error("This program requires two arguments.");
return -EINVAL;
}
log_setup_service();
if (argc != 3)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "This program requires two arguments.");
umask(0022);
r = mkdir_p("/var/lib/systemd/backlight", 0755);
@ -320,19 +344,15 @@ static int run(int argc, char *argv[]) {
return log_error_errno(r, "Failed to create backlight directory /var/lib/systemd/backlight: %m");
sysname = strchr(argv[2], ':');
if (!sysname) {
log_error("Requires a subsystem and sysname pair specifying a backlight device.");
return -EINVAL;
}
if (!sysname)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Requires a subsystem and sysname pair specifying a backlight device.");
ss = strndupa(argv[2], sysname - argv[2]);
sysname++;
if (!STR_IN_SET(ss, "backlight", "leds")) {
log_error("Not a backlight or LED device: '%s:%s'", ss, sysname);
return -EINVAL;
}
if (!STR_IN_SET(ss, "backlight", "leds"))
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Not a backlight or LED device: '%s:%s'", ss, sysname);
r = sd_device_new_from_subsystem_sysname(&device, ss, sysname);
if (r < 0)
@ -391,9 +411,9 @@ static int run(int argc, char *argv[]) {
if (!clamp)
return 0;
r = sd_device_get_sysattr_value(device, "brightness", &curval);
r = read_brightness(device, &curval);
if (r < 0)
return log_device_warning_errno(device, r, "Failed to read 'brightness' attribute: %m");
return log_device_error_errno(device, r, "Failed to read current brightness: %m");
value = strdup(curval);
if (!value)
@ -416,18 +436,16 @@ static int run(int argc, char *argv[]) {
return 0;
}
r = sd_device_get_sysattr_value(device, "brightness", &value);
r = read_brightness(device, &value);
if (r < 0)
return log_device_error_errno(device, r, "Failed to read system 'brightness' attribute: %m");
return log_device_error_errno(device, r, "Failed to read current brightness: %m");
r = write_string_file(saved, value, WRITE_STRING_FILE_CREATE);
if (r < 0)
return log_device_error_errno(device, r, "Failed to write %s: %m", saved);
} else {
log_error("Unknown verb %s.", argv[1]);
return -EINVAL;
}
} else
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Unknown verb %s.", argv[1]);
return 0;
}

10
src/basic/cap-list.c
View File

@ -9,6 +9,7 @@
#include "extract-word.h"
#include "macro.h"
#include "parse-util.h"
#include "stdio-util.h"
#include "util.h"
static const struct capability_name* lookup_capability(register const char *str, register GPERF_LEN_TYPE len);
@ -36,7 +37,7 @@ int capability_from_name(const char *name) {
/* Try to parse numeric capability */
r = safe_atoi(name, &i);
if (r >= 0) {
if (i >= 0 && (size_t) i < ELEMENTSOF(capability_names))
if (i >= 0 && i < 64)
return i;
else
return -EINVAL;
@ -64,11 +65,14 @@ int capability_set_to_string_alloc(uint64_t set, char **s) {
for (i = 0; i <= cap_last_cap(); i++)
if (set & (UINT64_C(1) << i)) {
const char *p;
char buf[2 + 16 + 1];
size_t add;
p = capability_to_name(i);
if (!p)
return -EINVAL;
if (!p) {
xsprintf(buf, "0x%lx", i);
p = buf;
}
add = strlen(p);

162
src/basic/efivars.c
View File

@ -14,6 +14,7 @@
#include "chattr-util.h"
#include "efivars.h"
#include "fd-util.h"
#include "fileio.h"
#include "io-util.h"
#include "macro.h"
#include "stdio-util.h"
@ -24,6 +25,11 @@
#if ENABLE_EFI
/* Reads from efivarfs sometimes fail with EINTR. Retry that many times. */
#define EFI_N_RETRIES_NO_DELAY 20
#define EFI_N_RETRIES_TOTAL 25
#define EFI_RETRY_DELAY (50 * USEC_PER_MSEC)
char* efi_variable_path(sd_id128_t vendor, const char *name) {
char *p;
@ -35,6 +41,17 @@ char* efi_variable_path(sd_id128_t vendor, const char *name) {
return p;
}
static char* efi_variable_cache_path(sd_id128_t vendor, const char *name) {
char *p;
if (asprintf(&p,
"/run/systemd/efivars/%s-" SD_ID128_UUID_FORMAT_STR,
name, SD_ID128_FORMAT_VAL(vendor)) < 0)
return NULL;
return p;
}
int efi_get_variable(
sd_id128_t vendor,
const char *name,
@ -46,6 +63,7 @@ int efi_get_variable(
_cleanup_free_ char *p = NULL;
_cleanup_free_ void *buf = NULL;
struct stat st;
usec_t begin;
uint32_t a;
ssize_t n;
@ -56,50 +74,86 @@ int efi_get_variable(
return -ENOMEM;
if (!ret_value && !ret_size && !ret_attribute) {
/* If caller is not interested in anything, just check if the variable exists and is readable
* to us. */
/* If caller is not interested in anything, just check if the variable exists and is
* readable. */
if (access(p, R_OK) < 0)
return -errno;
return 0;
}
if (DEBUG_LOGGING) {
log_debug("Reading EFI variable %s.", p);
begin = now(CLOCK_MONOTONIC);
}
fd = open(p, O_RDONLY|O_NOCTTY|O_CLOEXEC);
if (fd < 0)
return -errno;
return log_debug_errno(errno, "open(\"%s\") failed: %m", p);
if (fstat(fd, &st) < 0)
return -errno;
return log_debug_errno(errno, "fstat(\"%s\") failed: %m", p);
if (st.st_size < 4)
return -ENODATA;
return log_debug_errno(SYNTHETIC_ERRNO(ENODATA), "EFI variable %s is shorter than 4 bytes, refusing.", p);
if (st.st_size > 4*1024*1024 + 4)
return -E2BIG;
return log_debug_errno(SYNTHETIC_ERRNO(E2BIG), "EFI variable %s is ridiculously large, refusing.", p);
if (ret_value || ret_attribute) {
n = read(fd, &a, sizeof(a));
if (n < 0)
return -errno;
/* The kernel ratelimits reads from the efivarfs because EFI is inefficient, and we'll
* occasionally fail with EINTR here. A slowdown is better than a failure for us, so
* retry a few times and eventually fail with -EBUSY.
*
* See https://github.com/torvalds/linux/blob/master/fs/efivarfs/file.c#L75
* and
* https://github.com/torvalds/linux/commit/bef3efbeb897b56867e271cdbc5f8adaacaeb9cd.
*/
for (unsigned try = 0;; try++) {
n = read(fd, &a, sizeof(a));
if (n >= 0)
break;
log_debug_errno(errno, "Reading from \"%s\" failed: %m", p);
if (errno != EINTR)
return -errno;
if (try >= EFI_N_RETRIES_TOTAL)
return -EBUSY;
if (try >= EFI_N_RETRIES_NO_DELAY)
(void) usleep(EFI_RETRY_DELAY);
}
if (n != sizeof(a))
return -EIO;
return log_debug_errno(SYNTHETIC_ERRNO(EIO),
"Read %zi bytes from EFI variable %s, expected %zu.", n, p, sizeof(a));
}
if (ret_value) {
buf = malloc(st.st_size - 4 + 2);
buf = malloc(st.st_size - 4 + 3);
if (!buf)
return -ENOMEM;
n = read(fd, buf, (size_t) st.st_size - 4);
if (n < 0)
return -errno;
return log_debug_errno(errno, "Failed to read value of EFI variable %s: %m", p);
assert(n <= st.st_size - 4);
/* Always NUL terminate (2 bytes, to protect UTF-16) */
/* Always NUL terminate (3 bytes, to properly protect UTF-16, even if truncated in the middle of a character) */
((char*) buf)[n] = 0;
((char*) buf)[n + 1] = 0;
((char*) buf)[n + 2] = 0;
} else
/* Assume that the reported size is accurate */
n = st.st_size - 4;
if (DEBUG_LOGGING) {
char ts[FORMAT_TIMESPAN_MAX];
usec_t end;
end = now(CLOCK_MONOTONIC);
if (end > begin + EFI_RETRY_DELAY)
log_debug("Detected slow EFI variable read access on " SD_ID128_FORMAT_STR "-%s: %s",
SD_ID128_FORMAT_VAL(vendor), name, format_timespan(ts, sizeof(ts), end - begin, 1));
}
/* Note that efivarfs interestingly doesn't require ftruncate() to update an existing EFI variable
* with a smaller value. */
@ -194,6 +248,14 @@ int efi_set_variable(
if (r < 0)
goto finish;
/* For some reason efivarfs doesn't update mtime automatically. Let's do it manually then. This is
* useful for processes that cache EFI variables to detect when changes occurred. */
if (futimens(fd, (struct timespec[2]) {
{ .tv_nsec = UTIME_NOW },
{ .tv_nsec = UTIME_NOW }
}) < 0)
log_debug_errno(errno, "Failed to update mtime/atime on %s, ignoring: %m", p);
r = 0;
finish:
@ -223,10 +285,16 @@ int efi_set_variable_string(sd_id128_t vendor, const char *name, const char *v)
}
bool is_efi_boot(void) {
if (detect_container() > 0)
return false;
static int cache = -1;
return access("/sys/firmware/efi/", F_OK) >= 0;
if (cache < 0) {
if (detect_container() > 0)
cache = false;
else
cache = access("/sys/firmware/efi/", F_OK) >= 0;
}
return cache;
}
static int read_flag(const char *varname) {
@ -250,15 +318,66 @@ static int read_flag(const char *varname) {
}
bool is_efi_secure_boot(void) {
return read_flag("SecureBoot") > 0;
static int cache = -1;
if (cache < 0)
cache = read_flag("SecureBoot");
return cache > 0;
}
bool is_efi_secure_boot_setup_mode(void) {
return read_flag("SetupMode") > 0;
static int cache = -1;
if (cache < 0)
cache = read_flag("SetupMode");
return cache > 0;
}
int cache_efi_options_variable(void) {
_cleanup_free_ char *line = NULL, *cachepath = NULL;
int r;
/* In SecureBoot mode this is probably not what you want. As your cmdline is cryptographically signed
* like when using Type #2 EFI Unified Kernel Images (https://systemd.io/BOOT_LOADER_SPECIFICATION/)
* The user's intention is then that the cmdline should not be modified. You want to make sure that
* the system starts up as exactly specified in the signed artifact.
*
* (NB: For testing purposes, we still check the $SYSTEMD_EFI_OPTIONS env var before accessing this
* cache, even when in SecureBoot mode.) */
if (is_efi_secure_boot()) {
_cleanup_free_ char *k;
k = efi_variable_path(EFI_VENDOR_SYSTEMD, "SystemdOptions");
if (!k)
return -ENOMEM;
/* Let's be helpful with the returned error and check if the variable exists at all. If it
* does, let's return a recognizable error (EPERM), and if not ENODATA. */
if (access(k, F_OK) < 0)
return errno == ENOENT ? -ENODATA : -errno;
return -EPERM;
}
r = efi_get_variable_string(EFI_VENDOR_SYSTEMD, "SystemdOptions", &line);
if (r == -ENOENT)
return -ENODATA;
if (r < 0)
return r;
cachepath = efi_variable_cache_path(EFI_VENDOR_SYSTEMD, "SystemdOptions");
if (!cachepath)
return -ENOMEM;
return write_string_file(cachepath, line, WRITE_STRING_FILE_ATOMIC|WRITE_STRING_FILE_CREATE|WRITE_STRING_FILE_MKDIR_0755);
}
int systemd_efi_options_variable(char **line) {
const char *e;
_cleanup_free_ char *cachepath = NULL;
int r;
assert(line);
@ -276,10 +395,13 @@ int systemd_efi_options_variable(char **line) {
return 0;
}
r = efi_get_variable_string(EFI_VENDOR_SYSTEMD, "SystemdOptions", line);
cachepath = efi_variable_cache_path(EFI_VENDOR_SYSTEMD, "SystemdOptions");
if (!cachepath)
return -ENOMEM;
r = read_one_line_file(cachepath, line);
if (r == -ENOENT)
return -ENODATA;
return r;
}
#endif

5
src/basic/efivars.h
View File

@ -32,6 +32,7 @@ bool is_efi_boot(void);
bool is_efi_secure_boot(void);
bool is_efi_secure_boot_setup_mode(void);
int cache_efi_options_variable(void);
int systemd_efi_options_variable(char **line);
#else
@ -68,6 +69,10 @@ static inline bool is_efi_secure_boot_setup_mode(void) {
return false;
}
static inline int cache_efi_options_variable(void) {
return -EOPNOTSUPP;
}
static inline int systemd_efi_options_variable(char **line) {
return -ENODATA;
}

5
src/basic/fd-util.c
View File

@ -102,13 +102,16 @@ int fclose_nointr(FILE *f) {
/* Same as close_nointr(), but for fclose() */
errno = 0; /* Extra safety: if the FILE* object is not encapsulating an fd, it might not set errno
* correctly. Let's hence initialize it to zero first, so that we aren't confused by any
* prior errno here */
if (fclose(f) == 0)
return 0;
if (errno == EINTR)
return 0;
return -errno;
return errno_or_else(EIO);
}
FILE* safe_fclose(FILE *f) {

16
src/basic/missing_capability.h
View File

@ -10,3 +10,19 @@
#undef CAP_LAST_CAP
#define CAP_LAST_CAP CAP_AUDIT_READ
#endif
/* 980737282232b752bb14dab96d77665c15889c36 (5.8) */
#ifndef CAP_PERFMON
#define CAP_PERFMON 38
#undef CAP_LAST_CAP
#define CAP_LAST_CAP CAP_PERFMON
#endif
/* a17b53c4a4b55ec322c132b6670743612229ee9c (5.8) */
#ifndef CAP_BPF
#define CAP_BPF 39
#undef CAP_LAST_CAP
#define CAP_LAST_CAP CAP_BPF
#endif

2
src/basic/mountpoint-util.c
View File

@ -272,7 +272,7 @@ int path_is_mount_point(const char *t, const char *root, int flags) {
fd = open_parent(t, O_PATH|O_CLOEXEC, 0);
if (fd < 0)
return -errno;
return fd;
return fd_is_mount_point(fd, last_path_component(t), flags);
}

164
src/basic/parse-util.c
View File

@ -18,6 +18,7 @@
#include "process-util.h"
#include "stat-util.h"
#include "string-util.h"
#include "strv.h"
int parse_boolean(const char *v) {
if (!v)
@ -56,26 +57,24 @@ int parse_pid(const char *s, pid_t* ret_pid) {
}
int parse_mode(const char *s, mode_t *ret) {
char *x;
long l;
unsigned m;
int r;
assert(s);
assert(ret);
s += strspn(s, WHITESPACE);
if (s[0] == '-')
r = safe_atou_full(s, 8 |
SAFE_ATO_REFUSE_PLUS_MINUS, /* Leading '+' or even '-' char? that's just weird,
* refuse. User might have wanted to add mode flags or
* so, but this parser doesn't allow that, so let's
* better be safe. */
&m);
if (r < 0)
return r;
if (m > 07777)
return -ERANGE;
errno = 0;
l = strtol(s, &x, 8);
if (errno > 0)
return -errno;
if (!x || x == s || *x != 0)
return -EINVAL;
if (l < 0 || l > 07777)
return -ERANGE;
*ret = (mode_t) l;
if (ret)
*ret = m;
return 0;
}
@ -340,30 +339,73 @@ int parse_syscall_and_errno(const char *in, char **name, int *error) {
return 0;
}
static const char *mangle_base(const char *s, unsigned *base) {
const char *k;
assert(s);
assert(base);
/* Base already explicitly specified, then don't do anything. */
if (SAFE_ATO_MASK_FLAGS(*base) != 0)
return s;
/* Support Python 3 style "0b" and 0x" prefixes, because they truly make sense, much more than C's "0" prefix for octal. */
k = STARTSWITH_SET(s, "0b", "0B");
if (k) {
*base = 2 | (*base & SAFE_ATO_ALL_FLAGS);
return k;
}
k = STARTSWITH_SET(s, "0o", "0O");
if (k) {
*base = 8 | (*base & SAFE_ATO_ALL_FLAGS);
return k;
}
return s;
}
int safe_atou_full(const char *s, unsigned base, unsigned *ret_u) {
char *x = NULL;
unsigned long l;
assert(s);
assert(base <= 16);
assert(SAFE_ATO_MASK_FLAGS(base) <= 16);
/* strtoul() is happy to parse negative values, and silently
* converts them to unsigned values without generating an
* error. We want a clean error, hence let's look for the "-"
* prefix on our own, and generate an error. But let's do so
* only after strtoul() validated that the string is clean
* otherwise, so that we return EINVAL preferably over
* ERANGE. */
/* strtoul() is happy to parse negative values, and silently converts them to unsigned values without
* generating an error. We want a clean error, hence let's look for the "-" prefix on our own, and
* generate an error. But let's do so only after strtoul() validated that the string is clean
* otherwise, so that we return EINVAL preferably over ERANGE. */
if (FLAGS_SET(base, SAFE_ATO_REFUSE_LEADING_WHITESPACE) &&
strchr(WHITESPACE, s[0]))
return -EINVAL;
s += strspn(s, WHITESPACE);
if (FLAGS_SET(base, SAFE_ATO_REFUSE_PLUS_MINUS) &&
IN_SET(s[0], '+', '-'))
return -EINVAL; /* Note that we check the "-" prefix again a second time below, but return a
* different error. I.e. if the SAFE_ATO_REFUSE_PLUS_MINUS flag is set we
* blanket refuse +/- prefixed integers, while if it is missing we'll just
* return ERANGE, because the string actually parses correctly, but doesn't
* fit in the return type. */
if (FLAGS_SET(base, SAFE_ATO_REFUSE_LEADING_ZERO) &&
s[0] == '0' && !streq(s, "0"))
return -EINVAL; /* This is particularly useful to avoid ambiguities between C's octal
* notation and assumed-to-be-decimal integers with a leading zero. */
s = mangle_base(s, &base);
errno = 0;
l = strtoul(s, &x, base);
l = strtoul(s, &x, SAFE_ATO_MASK_FLAGS(base) /* Let's mask off the flags bits so that only the actual
* base is left */);
if (errno > 0)
return -errno;
if (!x || x == s || *x != 0)
return -EINVAL;
if (s[0] == '-')
if (l != 0 && s[0] == '-')
return -ERANGE;
if ((unsigned long) (unsigned) l != l)
return -ERANGE;
@ -375,13 +417,17 @@ int safe_atou_full(const char *s, unsigned base, unsigned *ret_u) {
}
int safe_atoi(const char *s, int *ret_i) {
unsigned base = 0;
char *x = NULL;
long l;
assert(s);
s += strspn(s, WHITESPACE);
s = mangle_base(s, &base);
errno = 0;
l = strtol(s, &x, 0);
l = strtol(s, &x, base);
if (errno > 0)
return -errno;
if (!x || x == s || *x != 0)
@ -395,21 +441,36 @@ int safe_atoi(const char *s, int *ret_i) {
return 0;
}
int safe_atollu(const char *s, long long unsigned *ret_llu) {
int safe_atollu_full(const char *s, unsigned base, long long unsigned *ret_llu) {
char *x = NULL;
unsigned long long l;
assert(s);
assert(SAFE_ATO_MASK_FLAGS(base) <= 16);
if (FLAGS_SET(base, SAFE_ATO_REFUSE_LEADING_WHITESPACE) &&
strchr(WHITESPACE, s[0]))
return -EINVAL;
s += strspn(s, WHITESPACE);
if (FLAGS_SET(base, SAFE_ATO_REFUSE_PLUS_MINUS) &&
IN_SET(s[0], '+', '-'))
return -EINVAL;
if (FLAGS_SET(base, SAFE_ATO_REFUSE_LEADING_ZERO) &&
s[0] == '0' && s[1] != 0)
return -EINVAL;
s = mangle_base(s, &base);
errno = 0;
l = strtoull(s, &x, 0);
l = strtoull(s, &x, SAFE_ATO_MASK_FLAGS(base));
if (errno > 0)
return -errno;
if (!x || x == s || *x != 0)
return -EINVAL;
if (*s == '-')
if (l != 0 && s[0] == '-')
return -ERANGE;
if (ret_llu)
@ -419,13 +480,17 @@ int safe_atollu(const char *s, long long unsigned *ret_llu) {
}
int safe_atolli(const char *s, long long int *ret_lli) {
unsigned base = 0;
char *x = NULL;
long long l;
assert(s);
s += strspn(s, WHITESPACE);
s = mangle_base(s, &base);
errno = 0;
l = strtoll(s, &x, 0);
l = strtoll(s, &x, base);
if (errno > 0)
return -errno;
if (!x || x == s || *x != 0)
@ -438,20 +503,22 @@ int safe_atolli(const char *s, long long int *ret_lli) {
}
int safe_atou8(const char *s, uint8_t *ret) {
char *x = NULL;
unsigned base = 0;
unsigned long l;
char *x = NULL;
assert(s);
s += strspn(s, WHITESPACE);
s = mangle_base(s, &base);
errno = 0;
l = strtoul(s, &x, 0);
l = strtoul(s, &x, base);
if (errno > 0)
return -errno;
if (!x || x == s || *x != 0)
return -EINVAL;
if (s[0] == '-')
if (l != 0 && s[0] == '-')
return -ERANGE;
if ((unsigned long) (uint8_t) l != l)
return -ERANGE;
@ -466,34 +533,53 @@ int safe_atou16_full(const char *s, unsigned base, uint16_t *ret) {
unsigned long l;
assert(s);
assert(ret);
assert(base <= 16);
assert(SAFE_ATO_MASK_FLAGS(base) <= 16);
if (FLAGS_SET(base, SAFE_ATO_REFUSE_LEADING_WHITESPACE) &&
strchr(WHITESPACE, s[0]))
return -EINVAL;
s += strspn(s, WHITESPACE);
if (FLAGS_SET(base, SAFE_ATO_REFUSE_PLUS_MINUS) &&
IN_SET(s[0], '+', '-'))
return -EINVAL;
if (FLAGS_SET(base, SAFE_ATO_REFUSE_LEADING_ZERO) &&
s[0] == '0' && s[1] != 0)
return -EINVAL;
s = mangle_base(s, &base);
errno = 0;
l = strtoul(s, &x, base);
l = strtoul(s, &x, SAFE_ATO_MASK_FLAGS(base));
if (errno > 0)
return -errno;
if (!x || x == s || *x != 0)
return -EINVAL;
if (s[0] == '-')
if (l != 0 && s[0] == '-')
return -ERANGE;
if ((unsigned long) (uint16_t) l != l)
return -ERANGE;
*ret = (uint16_t) l;
if (ret)
*ret = (uint16_t) l;
return 0;
}
int safe_atoi16(const char *s, int16_t *ret) {
unsigned base = 0;
char *x = NULL;
long l;
assert(s);
s += strspn(s, WHITESPACE);
s = mangle_base(s, &base);
errno = 0;
l = strtol(s, &x, 0);
l = strtol(s, &x, base);
if (errno > 0)
return -errno;
if (!x || x == s || *x != 0)

26
src/basic/parse-util.h
View File

@ -21,6 +21,12 @@ int parse_range(const char *t, unsigned *lower, unsigned *upper);
int parse_errno(const char *t);
int parse_syscall_and_errno(const char *in, char **name, int *error);
#define SAFE_ATO_REFUSE_PLUS_MINUS (1U << 30)
#define SAFE_ATO_REFUSE_LEADING_ZERO (1U << 29)
#define SAFE_ATO_REFUSE_LEADING_WHITESPACE (1U << 28)
#define SAFE_ATO_ALL_FLAGS (SAFE_ATO_REFUSE_PLUS_MINUS|SAFE_ATO_REFUSE_LEADING_ZERO|SAFE_ATO_REFUSE_LEADING_WHITESPACE)
#define SAFE_ATO_MASK_FLAGS(base) ((base) & ~SAFE_ATO_ALL_FLAGS)
int safe_atou_full(const char *s, unsigned base, unsigned *ret_u);
static inline int safe_atou(const char *s, unsigned *ret_u) {
@ -28,7 +34,6 @@ static inline int safe_atou(const char *s, unsigned *ret_u) {
}
int safe_atoi(const char *s, int *ret_i);
int safe_atollu(const char *s, unsigned long long *ret_u);
int safe_atolli(const char *s, long long int *ret_i);
int safe_atou8(const char *s, uint8_t *ret);
@ -45,9 +50,13 @@ static inline int safe_atoux16(const char *s, uint16_t *ret) {
int safe_atoi16(const char *s, int16_t *ret);
static inline int safe_atou32(const char *s, uint32_t *ret_u) {
static inline int safe_atou32_full(const char *s, unsigned base, uint32_t *ret_u) {
assert_cc(sizeof(uint32_t) == sizeof(unsigned));
return safe_atou(s, (unsigned*) ret_u);
return safe_atou_full(s, base, (unsigned*) ret_u);
}
static inline int safe_atou32(const char *s, uint32_t *ret_u) {
return safe_atou32_full(s, 0, (unsigned*) ret_u);
}
static inline int safe_atoi32(const char *s, int32_t *ret_i) {
@ -55,6 +64,12 @@ static inline int safe_atoi32(const char *s, int32_t *ret_i) {
return safe_atoi(s, (int*) ret_i);
}
int safe_atollu_full(const char *s, unsigned base, long long unsigned *ret_llu);
static inline int safe_atollu(const char *s, long long unsigned *ret_llu) {
return safe_atollu_full(s, 0, ret_llu);
}
static inline int safe_atou64(const char *s, uint64_t *ret_u) {
assert_cc(sizeof(uint64_t) == sizeof(unsigned long long));
return safe_atollu(s, (unsigned long long*) ret_u);
@ -65,6 +80,11 @@ static inline int safe_atoi64(const char *s, int64_t *ret_i) {
return safe_atolli(s, (long long int*) ret_i);
}
static inline int safe_atoux64(const char *s, uint64_t *ret) {
assert_cc(sizeof(int64_t) == sizeof(long long unsigned));
return safe_atollu_full(s, 16, (long long unsigned*) ret);
}
#if LONG_MAX == INT_MAX
static inline int safe_atolu(const char *s, unsigned long *ret_u) {
assert_cc(sizeof(unsigned long) == sizeof(unsigned));

32
src/basic/proc-cmdline.c
View File

@ -39,18 +39,6 @@ int proc_cmdline(char **ret) {
return read_one_line_file("/proc/cmdline", ret);
}
/* In SecureBoot mode this is probably not what you want. As your cmdline is
* cryptographically signed like when using Type #2 EFI Unified Kernel Images
* (https://systemd.io/BOOT_LOADER_SPECIFICATION/) The user's intention is then
* that the cmdline should not be modified. You want to make sure that the
* system starts up as exactly specified in the signed artifact. */
static int systemd_options_variable(char **line) {
if (is_efi_secure_boot())
return -ENODATA;
return systemd_efi_options_variable(line);
}
static int proc_cmdline_extract_first(const char **p, char **ret_word, ProcCmdlineFlags flags) {
const char *q = *p;
int r;
@ -130,16 +118,18 @@ int proc_cmdline_parse(proc_cmdline_parse_t parse_item, void *data, ProcCmdlineF
assert(parse_item);
/* We parse the EFI variable first, because later settings have higher priority. */
r = systemd_efi_options_variable(&line);
if (r < 0) {
if (r != -ENODATA)
log_debug_errno(r, "Failed to get SystemdOptions EFI variable, ignoring: %m");
} else {
r = proc_cmdline_parse_given(line, parse_item, data, flags);
if (r < 0)
return r;
r = systemd_options_variable(&line);
if (r < 0 && r != -ENODATA)
log_debug_errno(r, "Failed to get SystemdOptions EFI variable, ignoring: %m");
line = mfree(line);
}
r = proc_cmdline_parse_given(line, parse_item, data, flags);
if (r < 0)
return r;
line = mfree(line);
r = proc_cmdline(&line);
if (r < 0)
return r;
@ -262,7 +252,7 @@ int proc_cmdline_get_key(const char *key, ProcCmdlineFlags flags, char **ret_val
return r;
line = mfree(line);
r = systemd_options_variable(&line);
r = systemd_efi_options_variable(&line);
if (r == -ENODATA)
return false; /* Not found */
if (r < 0)

4
src/basic/process-util.c
View File

@ -1265,8 +1265,8 @@ int safe_fork_full(
r, "Failed to rename process, ignoring: %m");
}
if (flags & FORK_DEATHSIG)
if (prctl(PR_SET_PDEATHSIG, SIGTERM) < 0) {
if (flags & (FORK_DEATHSIG|FORK_DEATHSIG_SIGINT))
if (prctl(PR_SET_PDEATHSIG, (flags & FORK_DEATHSIG_SIGINT) ? SIGINT : SIGTERM) < 0) {
log_full_errno(prio, errno, "Failed to set death signal: %m");
_exit(EXIT_FAILURE);
}

19
src/basic/process-util.h
View File

@ -149,15 +149,16 @@ int must_be_root(void);
typedef enum ForkFlags {
FORK_RESET_SIGNALS = 1 << 0, /* Reset all signal handlers and signal mask */
FORK_CLOSE_ALL_FDS = 1 << 1, /* Close all open file descriptors in the child, except for 0,1,2 */
FORK_DEATHSIG = 1 << 2, /* Set PR_DEATHSIG in the child */
FORK_NULL_STDIO = 1 << 3, /* Connect 0,1,2 to /dev/null */
FORK_REOPEN_LOG = 1 << 4, /* Reopen log connection */
FORK_LOG = 1 << 5, /* Log above LOG_DEBUG log level about failures */
FORK_WAIT = 1 << 6, /* Wait until child exited */
FORK_NEW_MOUNTNS = 1 << 7, /* Run child in its own mount namespace */
FORK_MOUNTNS_SLAVE = 1 << 8, /* Make child's mount namespace MS_SLAVE */
FORK_RLIMIT_NOFILE_SAFE = 1 << 9, /* Set RLIMIT_NOFILE soft limit to 1K for select() compat */
FORK_STDOUT_TO_STDERR = 1 << 10, /* Make stdout a copy of stderr */
FORK_DEATHSIG = 1 << 2, /* Set PR_DEATHSIG in the child to SIGTERM */
FORK_DEATHSIG_SIGINT = 1 << 3, /* Set PR_DEATHSIG in the child to SIGINT */
FORK_NULL_STDIO = 1 << 4, /* Connect 0,1,2 to /dev/null */
FORK_REOPEN_LOG = 1 << 5, /* Reopen log connection */
FORK_LOG = 1 << 6, /* Log above LOG_DEBUG log level about failures */
FORK_WAIT = 1 << 7, /* Wait until child exited */
FORK_NEW_MOUNTNS = 1 << 8, /* Run child in its own mount namespace */
FORK_MOUNTNS_SLAVE = 1 << 9, /* Make child's mount namespace MS_SLAVE */
FORK_RLIMIT_NOFILE_SAFE = 1 << 10, /* Set RLIMIT_NOFILE soft limit to 1K for select() compat */
FORK_STDOUT_TO_STDERR = 1 << 11, /* Make stdout a copy of stderr */
} ForkFlags;
int safe_fork_full(const char *name, const int except_fds[], size_t n_except_fds, ForkFlags flags, pid_t *ret_pid);

37
src/basic/user-util.c
View File

@ -49,7 +49,15 @@ int parse_uid(const char *s, uid_t *ret) {
assert(s);
assert_cc(sizeof(uid_t) == sizeof(uint32_t));
r = safe_atou32(s, &uid);
/* We are very strict when parsing UIDs, and prohibit +/- as prefix, leading zero as prefix, and
* whitespace. We do this, since this call is often used in a context where we parse things as UID
* first, and if that doesn't work we fall back to NSS. Thus we really want to make sure that UIDs
* are parsed as UIDs only if they really really look like UIDs. */
r = safe_atou32_full(s, 10
| SAFE_ATO_REFUSE_PLUS_MINUS
| SAFE_ATO_REFUSE_LEADING_ZERO
| SAFE_ATO_REFUSE_LEADING_WHITESPACE, &uid);
if (r < 0)
return r;
@ -66,22 +74,39 @@ int parse_uid(const char *s, uid_t *ret) {
}
int parse_uid_range(const char *s, uid_t *ret_lower, uid_t *ret_upper) {
uint32_t u, l;
_cleanup_free_ char *word = NULL;
uid_t l, u;
int r;
assert(s);
assert(ret_lower);
assert(ret_upper);
r = parse_range(s, &l, &u);
r = extract_first_word(&s, &word, "-", EXTRACT_DONT_COALESCE_SEPARATORS);
if (r < 0)
return r;
if (r == 0)
return -EINVAL;
r = parse_uid(word, &l);
if (r < 0)
return r;
if (l > u)
/* Check for the upper bound and extract it if needed */
if (!s)
/* Single number with no dash. */
u = l;
else if (!*s)
/* Trailing dash is an error. */
return -EINVAL;
else {
r = parse_uid(s, &u);
if (r < 0)
return r;
if (!uid_is_valid(l) || !uid_is_valid(u))
return -ENXIO;
if (l > u)
return -EINVAL;
}
*ret_lower = l;
*ret_upper = u;

1
src/core/automount.c
View File

@ -1109,6 +1109,7 @@ const UnitVTable automount_vtable = {
"Unit\0"
"Automount\0"
"Install\0",
.private_section = "Automount",
.can_transient = true,
.can_fail = true,

6
src/core/execute.c
View File

@ -1733,7 +1733,8 @@ static int build_environment(
assert(p);
assert(ret);
our_env = new0(char*, 15 + _EXEC_DIRECTORY_TYPE_MAX);
#define N_ENV_VARS 15
our_env = new0(char*, N_ENV_VARS + _EXEC_DIRECTORY_TYPE_MAX);
if (!our_env)
return -ENOMEM;
@ -1881,7 +1882,8 @@ static int build_environment(
}
our_env[n_env++] = NULL;
assert(n_env <= 14 + _EXEC_DIRECTORY_TYPE_MAX);
assert(n_env <= N_ENV_VARS + _EXEC_DIRECTORY_TYPE_MAX);
#undef N_ENV_VARS
*ret = TAKE_PTR(our_env);

51
src/core/job.c
View File

@ -383,62 +383,25 @@ JobType job_type_lookup_merge(JobType a, JobType b) {
return job_merging_table[(a - 1) * a / 2 + b];
}
bool job_later_link_matters(Job *j, JobType type, unsigned generation) {
JobDependency *l;
assert(j);
j->generation = generation;
LIST_FOREACH(subject, l, j->subject_list) {
UnitActiveState state = _UNIT_ACTIVE_STATE_INVALID;
/* Have we seen this before? */
if (l->object->generation == generation)
continue;
state = unit_active_state(l->object->unit);
switch (type) {
case JOB_START:
return IN_SET(state, UNIT_INACTIVE, UNIT_FAILED) ||
job_later_link_matters(l->object, type, generation);
case JOB_STOP:
return IN_SET(state, UNIT_ACTIVE, UNIT_RELOADING) ||
job_later_link_matters(l->object, type, generation);
default:
assert_not_reached("Invalid job type");
}
}
return false;
}
bool job_is_redundant(Job *j, unsigned generation) {
assert(j);
UnitActiveState state = unit_active_state(j->unit);
switch (j->type) {
bool job_type_is_redundant(JobType a, UnitActiveState b) {
switch (a) {
case JOB_START:
return IN_SET(state, UNIT_ACTIVE, UNIT_RELOADING) && !job_later_link_matters(j, JOB_START, generation);
return IN_SET(b, UNIT_ACTIVE, UNIT_RELOADING);
case JOB_STOP:
return IN_SET(state, UNIT_INACTIVE, UNIT_FAILED) && !job_later_link_matters(j, JOB_STOP, generation);
return IN_SET(b, UNIT_INACTIVE, UNIT_FAILED);
case JOB_VERIFY_ACTIVE:
return IN_SET(state, UNIT_ACTIVE, UNIT_RELOADING);
return IN_SET(b, UNIT_ACTIVE, UNIT_RELOADING);
case JOB_RELOAD:
return
state == UNIT_RELOADING;
b == UNIT_RELOADING;
case JOB_RESTART:
return
state == UNIT_ACTIVATING;
b == UNIT_ACTIVATING;
case JOB_NOP:
return true;

3
src/core/job.h
View File

@ -196,8 +196,7 @@ _pure_ static inline bool job_type_is_superset(JobType a, JobType b) {
return a == job_type_lookup_merge(a, b);
}
bool job_later_link_matters(Job *j, JobType type, unsigned generation);
bool job_is_redundant(Job *j, unsigned generation);
bool job_type_is_redundant(JobType a, UnitActiveState b) _pure_;
/* Collapses a state-dependent job type into a simpler type by observing
* the state of the unit which it is going to be applied to. */

13
src/core/load-fragment.c
View File

@ -3998,7 +3998,7 @@ int config_parse_exec_directories(
r = unit_full_printf(u, word, &k);
if (r < 0) {
log_syntax(unit, LOG_ERR, filename, line, r,
log_syntax(unit, LOG_WARNING, filename, line, r,
"Failed to resolve unit specifiers in \"%s\", ignoring: %m", word);
continue;
}
@ -4008,7 +4008,7 @@ int config_parse_exec_directories(
continue;
if (path_startswith(k, "private")) {
log_syntax(unit, LOG_ERR, filename, line, 0,
log_syntax(unit, LOG_WARNING, filename, line, 0,
"%s= path can't be 'private', ignoring assignment: %s", lvalue, word);
continue;
}
@ -4710,7 +4710,6 @@ static int merge_by_names(Unit **u, Set *names, const char *id) {
int unit_load_fragment(Unit *u) {
const char *fragment;
_cleanup_set_free_free_ Set *names = NULL;
struct stat st;
int r;
assert(u);
@ -4742,6 +4741,7 @@ int unit_load_fragment(Unit *u) {
if (fragment) {
/* Open the file, check if this is a mask, otherwise read. */
_cleanup_fclose_ FILE *f = NULL;
struct stat st;
/* Try to open the file name. A symlink is OK, for example for linked files or masks. We
* expect that all symlinks within the lookup paths have been already resolved, but we don't
@ -4778,13 +4778,6 @@ int unit_load_fragment(Unit *u) {
}
}
if (u->source_path) {
if (stat(u->source_path, &st) >= 0)
u->source_mtime = timespec_load(&st.st_mtim);
else
u->source_mtime = 0;
}
/* We do the merge dance here because for some unit types, the unit might have aliases which are not
* declared in the file system. In particular, this is true (and frequent) for device and swap units.
*/

52
src/core/macros.systemd.in
View File

@ -40,12 +40,12 @@ OrderWithRequires(preun): systemd \
OrderWithRequires(postun): systemd \
%{nil}
%__systemd_someargs_0() %{error:This macro requires some arguments}
%__systemd_someargs_0(:) %{error:The %%%1 macro requires some arguments}
%__systemd_twoargs_2() %{nil}
%systemd_post() \
%{expand:%%{?__systemd_someargs_%#}} \
if [ $1 -eq 1 ] && [ -x @bindir@/systemctl ] ; then \
%{expand:%%{?__systemd_someargs_%#:%%__systemd_someargs_%# systemd_post}} \
if [ $1 -eq 1 ] && [ -x @bindir@/systemctl ]; then \
# Initial installation \
@bindir@/systemctl --no-reload preset %{?*} || : \
fi \
@ -54,34 +54,40 @@ fi \
%systemd_user_post() %{expand:%systemd_post \\--global %%{?*}}
%systemd_preun() \
%{expand:%%{?__systemd_someargs_%#}} \
if [ $1 -eq 0 ] && [ -x @bindir@/systemctl ] ; then \
%{expand:%%{?__systemd_someargs_%#:%%__systemd_someargs_%# systemd_preun}} \
if [ $1 -eq 0 ] && [ -x @bindir@/systemctl ]; then \
# Package removal, not upgrade \
@bindir@/systemctl --no-reload disable --now %{?*} || : \
fi \
%{nil}
%systemd_user_preun() \
%{expand:%%{?__systemd_someargs_%#}} \
if [ $1 -eq 0 ] && [ -x @bindir@/systemctl ] ; then \
%{expand:%%{?__systemd_someargs_%#:%%__systemd_someargs_%# systemd_user_preun}} \
if [ $1 -eq 0 ] && [ -x @bindir@/systemctl ]; then \
# Package removal, not upgrade \
@bindir@/systemctl --global disable %{?*} || : \
fi \
%{nil}
%systemd_postun() %{expand:%%{?__systemd_someargs_%#}}%{nil}
%systemd_postun() \
%{expand:%%{?__systemd_someargs_%#:%%__systemd_someargs_%# systemd_postun}} \
%{nil}
%systemd_user_postun() %{expand:%%{?__systemd_someargs_%#}}%{nil}
%systemd_user_postun() \
%{expand:%%{?__systemd_someargs_%#:%%__systemd_someargs_%# systemd_user_postun}} \
%{nil}
%systemd_postun_with_restart() \
%{expand:%%{?__systemd_someargs_%#}} \
if [ $1 -ge 1 ] && [ -x @bindir@/systemctl ] ; then \
%{expand:%%{?__systemd_someargs_%#:%%__systemd_someargs_%# systemd_postun_with_restart}} \
if [ $1 -ge 1 ] && [ -x @bindir@/systemctl ]; then \
# Package upgrade, not uninstall \
@bindir@/systemctl try-restart %{?*} || : \
fi \
%{nil}
%systemd_user_postun_with_restart() %{expand:%%{?__systemd_someargs_%#}}%{nil}
%systemd_user_postun_with_restart() \
%{expand:%%{?__systemd_someargs_%#:%%__systemd_someargs_%# systemd_postun_with_restart}} \
%{nil}
%udev_hwdb_update() %{nil}
@ -91,20 +97,20 @@ fi \
# Deprecated. Use %tmpfiles_create_package instead
%tmpfiles_create() \
%{expand:%%{?__systemd_someargs_%#}} \
%{expand:%%{?__systemd_someargs_%#:%%__systemd_someargs_%# tmpfiles_create}} \
[ -x @bindir@/systemd-tmpfiles ] && @bindir@/systemd-tmpfiles --create %{?*} || : \
%{nil}
# Deprecated. Use %sysusers_create_package instead
%sysusers_create() \
%{expand:%%{?__systemd_someargs_%#}} \
%{expand:%%{?__systemd_someargs_%#:%%__systemd_someargs_%# sysusers_create}} \
[ -x @bindir@/systemd-sysusers ] && @bindir@/systemd-sysusers %{?*} || : \
%{nil}
%sysusers_create_inline() \
[ -x @bindir@/systemd-sysusers ] && @bindir@/systemd-sysusers - <<SYSTEMD_INLINE_EOF || : \
%{?*} \
SYSTEMD_INLINE_EOF \
SYSTEMD_INLINE_EOF\
%{nil}
# This should be used by package installation scripts which require users or
@ -121,10 +127,10 @@ SYSTEMD_INLINE_EOF \
# %files
# %{_sysusersdir}/%{name}.conf
%sysusers_create_package() \
%{expand:%%{?!__systemd_twoargs_%#:%%{error:This macro requires two arguments}}} \
systemd-sysusers --replace=%_sysusersdir/%1.conf - <<SYSTEMD_INLINE_EOF >/dev/null 2>&1 || : \
%{expand:%%{?!__systemd_twoargs_%#:%%{error:The %%%%sysusers_create_package macro requires two arguments}}} \
systemd-sysusers --replace=%_sysusersdir/%1.conf - <<SYSTEMD_INLINE_EOF || : \
%(cat %2) \
SYSTEMD_INLINE_EOF \
SYSTEMD_INLINE_EOF\
%{nil}
# This may be used by package installation scripts to create files according to
@ -141,18 +147,18 @@ SYSTEMD_INLINE_EOF \
# %files
# %{_tmpfilesdir}/%{name}.conf
%tmpfiles_create_package() \
%{expand:%%{?!__systemd_twoargs_%#:%%{error:This macro requires two arguments}}} \
systemd-tmpfiles --replace=%_tmpfilesdir/%1.conf --create - <<SYSTEMD_INLINE_EOF >/dev/null 2>&1 || : \
%{expand:%%{?!__systemd_twoargs_%#:%%{error:The %%%%tmpfiles_create_package macro requires two arguments}}} \
systemd-tmpfiles --replace=%_tmpfilesdir/%1.conf --create - <<SYSTEMD_INLINE_EOF || : \
%(cat %2) \
SYSTEMD_INLINE_EOF \
SYSTEMD_INLINE_EOF\
%{nil}
%sysctl_apply() \
%{expand:%%{?__systemd_someargs_%#}} \
%{expand:%%{?__systemd_someargs_%#:%%__systemd_someargs_%# sysctl_apply}} \
[ -x @rootlibexecdir@/systemd-sysctl ] && @rootlibexecdir@/systemd-sysctl %{?*} || : \
%{nil}
%binfmt_apply() \
%{expand:%%{?__systemd_someargs_%#}} \
%{expand:%%{?__systemd_someargs_%#:%%__systemd_someargs_%# binfmt_apply}} \
[ -x @rootlibexecdir@/systemd-binfmt ] && @rootlibexecdir@/systemd-binfmt %{?*} || : \
%{nil}

5
src/core/main.c
View File

@ -32,6 +32,7 @@
#include "dbus.h"
#include "def.h"
#include "efi-random.h"
#include "efivars.h"
#include "emergency-action.h"
#include "env-util.h"
#include "exit-status.h"
@ -2577,6 +2578,10 @@ int main(int argc, char *argv[]) {
/* The efivarfs is now mounted, let's read the random seed off it */
(void) efi_take_random_seed();
/* Cache command-line options passed from EFI variables */
if (!skip_setup)
(void) cache_efi_options_variable();
}
/* Save the original RLIMIT_NOFILE/RLIMIT_MEMLOCK so that we can reset it later when

2
src/core/path.c
View File

@ -617,7 +617,7 @@ static int path_serialize(Unit *u, FILE *f, FDSet *fds) {
(void) serialize_item_format(f, "path-spec", "%s %i %s",
type,
s->previous_exists,
s->path);
escaped);
}
return 0;

3
src/core/selinux-setup.c
View File

@ -50,7 +50,8 @@ int mac_selinux_setup(bool *loaded_policy) {
/* Already initialized by somebody else? */
r = getcon_raw(&con);
if (r == 0) {
/* getcon_raw can return 0, and still give us a NULL pointer. */
if (r == 0 && con) {
initialized = !streq(con, "kernel");
freecon(con);
}

4
src/core/service.c
View File

@ -1699,10 +1699,10 @@ static bool service_shall_restart(Service *s, const char **reason) {
return s->result == SERVICE_SUCCESS;
case SERVICE_RESTART_ON_FAILURE:
return s->result != SERVICE_SUCCESS;
return !IN_SET(s->result, SERVICE_SUCCESS, SERVICE_SKIP_CONDITION);
case SERVICE_RESTART_ON_ABNORMAL:
return !IN_SET(s->result, SERVICE_SUCCESS, SERVICE_FAILURE_EXIT_CODE);
return !IN_SET(s->result, SERVICE_SUCCESS, SERVICE_FAILURE_EXIT_CODE, SERVICE_SKIP_CONDITION);
case SERVICE_RESTART_ON_WATCHDOG:
return s->result == SERVICE_FAILURE_WATCHDOG;

2
src/core/target.c
View File

@ -193,6 +193,8 @@ const UnitVTable target_vtable = {
"Target\0"
"Install\0",
.can_fail = true,
.load = target_load,
.coldplug = target_coldplug,

8
src/core/transaction.c
View File

@ -279,7 +279,7 @@ static int transaction_merge_jobs(Transaction *tr, sd_bus_error *e) {
return 0;
}
static void transaction_drop_redundant(Transaction *tr, unsigned generation) {
static void transaction_drop_redundant(Transaction *tr) {
bool again;
/* Goes through the transaction and removes all jobs of the units whose jobs are all noops. If not
@ -299,7 +299,7 @@ static void transaction_drop_redundant(Transaction *tr, unsigned generation) {
LIST_FOREACH(transaction, k, j)
if (tr->anchor_job == k ||
!job_is_redundant(k, generation) ||
!job_type_is_redundant(k->type, unit_active_state(k->unit)) ||
(k->unit->job && job_type_is_conflicting(k->type, k->unit->job->type))) {
keep = true;
break;
@ -732,7 +732,7 @@ int transaction_activate(
transaction_minimize_impact(tr);
/* Third step: Drop redundant jobs */
transaction_drop_redundant(tr, generation++);
transaction_drop_redundant(tr);
for (;;) {
/* Fourth step: Let's remove unneeded jobs that might
@ -774,7 +774,7 @@ int transaction_activate(
}
/* Eights step: Drop redundant jobs again, if the merging now allows us to drop more. */
transaction_drop_redundant(tr, generation++);
transaction_drop_redundant(tr);
/* Ninth step: check whether we can actually apply this */
r = transaction_is_destructive(tr, mode, e);

15
src/core/unit.c
View File

@ -1400,7 +1400,20 @@ int unit_load_fragment_and_dropin(Unit *u, bool fragment_required) {
* target unit needlessly. But we cannot be sure which drops-ins have already
* been loaded and which not, at least without doing complicated book-keeping,
* so let's always reread all drop-ins. */
return unit_load_dropin(unit_follow_merge(u));
r = unit_load_dropin(unit_follow_merge(u));
if (r < 0)
return r;
if (u->source_path) {
struct stat st;
if (stat(u->source_path, &st) >= 0)
u->source_mtime = timespec_load(&st.st_mtim);
else
u->source_mtime = 0;
}
return 0;
}
void unit_add_to_target_deps_queue(Unit *u) {

17
src/fstab-generator/fstab-generator.c
View File

@ -399,7 +399,7 @@ static int add_mount(
SET_FLAG(flags, NOFAIL, true);
}
if (!(flags & AUTOMOUNT) && opts) {
if (opts) {
r = write_after(f, opts);
if (r < 0)
return r;
@ -520,21 +520,6 @@ static int add_mount(
"Documentation=man:fstab(5) man:systemd-fstab-generator(8)\n",
source);
if (opts) {
r = write_after(f, opts);
if (r < 0)
return r;
r = write_requires_after(f, opts);
if (r < 0)
return r;
r = write_before(f, opts);
if (r < 0)
return r;
r = write_requires_mounts_for(f, opts);
if (r < 0)
return r;
}
fprintf(f,
"\n"
"[Automount]\n"

2
src/home/homectl.c
View File

@ -2302,7 +2302,7 @@ static int help(int argc, char *argv[], void *userdata) {
" --location=LOCATION Set location of user on earth\n"
" --icon-name=NAME Icon name for user\n"
" -d --home-dir=PATH Home directory\n"
" --uid=UID Numeric UID for user\n"
" -u --uid=UID Numeric UID for user\n"
" -G --member-of=GROUP Add user to group\n"
" --skel=PATH Skeleton directory to use\n"
" --shell=PATH Shell for account\n"

38
src/import/import-common.c
View File

@ -79,6 +79,17 @@ int import_fork_tar_x(const char *path, pid_t *ret) {
if (r < 0)
return r;
if (r == 0) {
const char *cmdline[] = {
"tar",
"--numeric-owner",
"-C", path,
"-px",
"--xattrs",
"--xattrs-include=*",
use_selinux ? "--selinux" : "--no-selinux",
NULL
};
uint64_t retain =
(1ULL << CAP_CHOWN) |
(1ULL << CAP_FOWNER) |
@ -104,8 +115,15 @@ int import_fork_tar_x(const char *path, pid_t *ret) {
if (r < 0)
log_error_errno(r, "Failed to drop capabilities, ignoring: %m");
execlp("tar", "tar", "--numeric-owner", "-C", path, "-px", "--xattrs", "--xattrs-include=*",
use_selinux ? "--selinux" : "--no-selinux", NULL);
/* Try "gtar" before "tar". We only test things upstream with GNU tar. Some distros appear to
* install a different implementation as "tar" (in particular some that do not support the
* same command line switches), but then provide "gtar" as alias for the real thing, hence
* let's prefer that. (Yes, it's a bad idea they do that, given they don't provide equivalent
* command line support, but we are not here to argue, let's just expose the same
* behaviour/implementation everywhere.) */
execvp("gtar", (char* const*) cmdline);
execvp("tar", (char* const*) cmdline);
log_error_errno(errno, "Failed to execute tar: %m");
_exit(EXIT_FAILURE);
}
@ -133,6 +151,17 @@ int import_fork_tar_c(const char *path, pid_t *ret) {
if (r < 0)
return r;
if (r == 0) {
const char *cmdline[] = {
"tar",
"-C", path,
"-c",
"--xattrs",
"--xattrs-include=*",
use_selinux ? "--selinux" : "--no-selinux",
".",
NULL
};
uint64_t retain = (1ULL << CAP_DAC_OVERRIDE);
/* Child */
@ -152,8 +181,9 @@ int import_fork_tar_c(const char *path, pid_t *ret) {
if (r < 0)
log_error_errno(r, "Failed to drop capabilities, ignoring: %m");
execlp("tar", "tar", "-C", path, "-c", "--xattrs", "--xattrs-include=*",
use_selinux ? "--selinux" : "--no-selinux", ".", NULL);
execvp("gtar", (char* const*) cmdline);
execvp("tar", (char* const*) cmdline);
log_error_errno(errno, "Failed to execute tar: %m");
_exit(EXIT_FAILURE);
}

4
src/journal-remote/journal-gatewayd.c
View File

@ -351,7 +351,7 @@ static int request_parse_range(
return 0;
}
static int request_parse_arguments_iterator(
static mhd_result request_parse_arguments_iterator(
void *cls,
enum MHD_ValueKind kind,
const char *key,
@ -798,7 +798,7 @@ static int request_handler_machine(
return MHD_queue_response(connection, MHD_HTTP_OK, response);
}
static int request_handler(
static mhd_result request_handler(
void *cls,
struct MHD_Connection *connection,
const char *url,

2
src/journal-remote/journal-remote-main.c
View File

@ -253,7 +253,7 @@ static int process_http_upload(
return mhd_respond(connection, MHD_HTTP_ACCEPTED, "OK.");
};
static int request_handler(
static mhd_result request_handler(
void *cls,
struct MHD_Connection *connection,
const char *url,

6
src/journal-remote/microhttpd-util.h
View File

@ -47,6 +47,12 @@
# define MHD_create_response_from_fd_at_offset64 MHD_create_response_from_fd_at_offset
#endif
#if MHD_VERSION >= 0x00097002
# define mhd_result enum MHD_Result
#else
# define mhd_result int
#endif
void microhttpd_logger(void *arg, const char *fmt, va_list ap) _printf_(2, 0);
/* respond_oom() must be usable with return, hence this form. */

7
src/journal/sd-journal.c
View File

@ -1626,9 +1626,10 @@ static int add_directory(
!((dirname && dirname_is_machine_id(dirname) > 0) || path_has_prefix(j, path, "/run")))
return 0;
if (!(FLAGS_SET(j->flags, SD_JOURNAL_ALL_NAMESPACES) ||
dirname_has_namespace(dirname, j->namespace) > 0 ||
(FLAGS_SET(j->flags, SD_JOURNAL_INCLUDE_DEFAULT_NAMESPACE) && dirname_has_namespace(dirname, NULL) > 0)))
if (dirname &&
(!(FLAGS_SET(j->flags, SD_JOURNAL_ALL_NAMESPACES) ||
dirname_has_namespace(dirname, j->namespace) > 0 ||
(FLAGS_SET(j->flags, SD_JOURNAL_INCLUDE_DEFAULT_NAMESPACE) && dirname_has_namespace(dirname, NULL) > 0))))
return 0;
r = directory_open(j, path, &d);

7
src/kernel-install/kernel-install Normal file → Executable file
View File

@ -23,8 +23,11 @@ SKIP_REMAINING=77
usage()
{
echo "Usage:"
echo " $0 add KERNEL-VERSION KERNEL-IMAGE [INITRD-FILE ...]"
echo " $0 remove KERNEL-VERSION"
echo " $0 [OPTIONS...] add KERNEL-VERSION KERNEL-IMAGE [INITRD-FILE ...]"
echo " $0 [OPTIONS...] remove KERNEL-VERSION"
echo "Options:"
echo " -h,--help Print this help"
echo " -v,--verbose Increase verbosity"
}
dropindirs_sort()

30
src/libsystemd-network/network-internal.c
View File

@ -192,30 +192,34 @@ bool net_match_config(Set *match_mac,
Set *match_permanent_mac,
char * const *match_paths,
char * const *match_drivers,
char * const *match_types,
char * const *match_iftypes,
char * const *match_names,
char * const *match_property,
char * const *match_wifi_iftype,
char * const *match_ssid,
Set *match_bssid,
unsigned short iftype,
sd_device *device,
const struct ether_addr *dev_mac,
const struct ether_addr *dev_permanent_mac,
const char *dev_driver,
unsigned short dev_iftype,
const char *dev_name,
char * const *alternative_names,
enum nl80211_iftype wifi_iftype,
const char *ssid,
const struct ether_addr *bssid) {
enum nl80211_iftype dev_wifi_iftype,
const char *dev_ssid,
const struct ether_addr *dev_bssid) {
const char *dev_path = NULL, *dev_driver = NULL, *mac_str;
_cleanup_free_ char *dev_type;
_cleanup_free_ char *dev_iftype_str;
const char *dev_path = NULL;
dev_type = link_get_type_string(iftype, device);
dev_iftype_str = link_get_type_string(dev_iftype, device);
if (device) {
const char *mac_str;
(void) sd_device_get_property_value(device, "ID_PATH", &dev_path);
(void) sd_device_get_property_value(device, "ID_NET_DRIVER", &dev_driver);
if (!dev_driver)
(void) sd_device_get_property_value(device, "ID_NET_DRIVER", &dev_driver);
if (!dev_name)
(void) sd_device_get_sysname(device, &dev_name);
if (!dev_mac &&
@ -238,7 +242,7 @@ bool net_match_config(Set *match_mac,
if (!net_condition_test_strv(match_drivers, dev_driver))
return false;
if (!net_condition_test_strv(match_types, dev_type))
if (!net_condition_test_strv(match_iftypes, dev_iftype_str))
return false;
if (!net_condition_test_ifname(match_names, dev_name, alternative_names))
@ -247,13 +251,13 @@ bool net_match_config(Set *match_mac,
if (!net_condition_test_property(match_property, device))
return false;
if (!net_condition_test_strv(match_wifi_iftype, wifi_iftype_to_string(wifi_iftype)))
if (!net_condition_test_strv(match_wifi_iftype, wifi_iftype_to_string(dev_wifi_iftype)))
return false;
if (!net_condition_test_strv(match_ssid, ssid))
if (!net_condition_test_strv(match_ssid, dev_ssid))
return false;
if (match_bssid && (!bssid || !set_contains(match_bssid, bssid)))
if (match_bssid && (!dev_bssid || !set_contains(match_bssid, dev_bssid)))
return false;
return true;

17
src/libsystemd-network/network-internal.h
View File

@ -18,23 +18,24 @@
char *link_get_type_string(unsigned short iftype, sd_device *device);
bool net_match_config(Set *match_mac,
Set *match_permanent_mac,
char * const *match_path,
char * const *match_driver,
char * const *match_type,
char * const *match_name,
char * const *match_paths,
char * const *match_drivers,
char * const *match_iftypes,
char * const *match_names,
char * const *match_property,
char * const *match_wifi_iftype,
char * const *match_ssid,
Set *match_bssid,
unsigned short iftype,
sd_device *device,
const struct ether_addr *dev_mac,
const struct ether_addr *dev_permanent_mac,
const char *dev_driver,
unsigned short dev_iftype,
const char *dev_name,
char * const *alternative_names,
enum nl80211_iftype wifi_iftype,
const char *ssid,
const struct ether_addr *bssid);
enum nl80211_iftype dev_wifi_iftype,
const char *dev_ssid,
const struct ether_addr *dev_bssid);
CONFIG_PARSER_PROTOTYPE(config_parse_net_condition);
CONFIG_PARSER_PROTOTYPE(config_parse_hwaddr);

2
src/libsystemd-network/sd-lldp.c
View File

@ -466,7 +466,7 @@ _public_ int sd_lldp_get_neighbors(sd_lldp *lldp, sd_lldp_neighbor ***ret) {
_public_ int sd_lldp_set_neighbors_max(sd_lldp *lldp, uint64_t m) {
assert_return(lldp, -EINVAL);
assert_return(m <= 0, -EINVAL);
assert_return(m > 0, -EINVAL);
lldp->neighbors_max = m;
lldp_make_space(lldp, 0);

3
src/libsystemd/sd-bus/bus-message.c
View File

@ -3157,7 +3157,8 @@ static struct bus_body_part* find_part(sd_bus_message *m, size_t index, size_t s
return NULL;
if (p)
*p = (uint8_t*) part->data + index - begin;
*p = part->data ? (uint8_t*) part->data + index - begin
: NULL; /* Avoid dereferencing a NULL pointer. */
m->cached_rindex_part = part;
m->cached_rindex_part_begin = begin;

4
src/login/logind-dbus.c
View File

@ -2867,14 +2867,14 @@ static int method_set_reboot_to_boot_loader_menu(
return r;
} else {
if (x == UINT64_MAX) {
if (unlink("/run/systemd/reboot-to-loader-menu") < 0 && errno != ENOENT)
if (unlink("/run/systemd/reboot-to-boot-loader-menu") < 0 && errno != ENOENT)
return -errno;
} else {
char buf[DECIMAL_STR_MAX(uint64_t) + 1];
xsprintf(buf, "%" PRIu64, x); /* µs granularity */
r = write_string_file_atomic_label("/run/systemd/reboot-to-loader-menu", buf);
r = write_string_file_atomic_label("/run/systemd/reboot-to-boot-loader-menu", buf);
if (r < 0)
return r;
}

11
src/login/logind.c
View File

@ -2,6 +2,7 @@
#include <errno.h>
#include <fcntl.h>
#include <sys/types.h>
#include <unistd.h>
#include "sd-daemon.h"
@ -30,6 +31,7 @@
#include "strv.h"
#include "terminal-util.h"
#include "udev-util.h"
#include "user-util.h"
static Manager* manager_unref(Manager *m);
DEFINE_TRIVIAL_CLEANUP_FUNC(Manager*, manager_unref);
@ -323,11 +325,18 @@ static int manager_enumerate_users(Manager *m) {
FOREACH_DIRENT(de, d, return -errno) {
User *u;
uid_t uid;
if (!dirent_is_file(de))
continue;
k = manager_add_user_by_name(m, de->d_name, &u);
k = parse_uid(de->d_name, &uid);
if (k < 0) {
r = log_warning_errno(k, "Failed to parse filename /run/systemd/users/%s as UID.", de->d_name);
continue;
}
k = manager_add_user_by_uid(m, uid, &u);
if (k < 0) {
r = log_warning_errno(k, "Failed to add user by file name %s, ignoring: %m", de->d_name);
continue;

2
src/network/netdev/macsec.c
View File

@ -102,7 +102,7 @@ static void macsec_receive_channel_free(ReceiveChannel *c) {
if (c->macsec) {
if (c->sci.as_uint64 > 0)
ordered_hashmap_remove(c->macsec->receive_channels, &c->sci.as_uint64);
ordered_hashmap_remove_value(c->macsec->receive_channels, &c->sci.as_uint64, c);
if (c->section)
ordered_hashmap_remove(c->macsec->receive_channels_by_section, c->section);

4
src/network/netdev/netdev.c
View File

@ -687,7 +687,7 @@ int netdev_load_one(Manager *manager, const char *filename) {
r = config_parse_many(filename, NETWORK_DIRS, dropin_dirname,
NETDEV_COMMON_SECTIONS NETDEV_OTHER_SECTIONS,
config_item_perf_lookup, network_netdev_gperf_lookup,
CONFIG_PARSE_WARN, netdev_raw);
CONFIG_PARSE_WARN, netdev_raw, NULL);
if (r < 0)
return r;
@ -727,7 +727,7 @@ int netdev_load_one(Manager *manager, const char *filename) {
r = config_parse_many(filename, NETWORK_DIRS, dropin_dirname,
NETDEV_VTABLE(netdev)->sections,
config_item_perf_lookup, network_netdev_gperf_lookup,
CONFIG_PARSE_WARN, netdev);
CONFIG_PARSE_WARN, netdev, NULL);
if (r < 0)
return r;

5
src/network/netdev/wireguard.c
View File

@ -219,6 +219,7 @@ static int wireguard_set_interface(NetDev *netdev) {
_cleanup_(sd_netlink_message_unrefp) sd_netlink_message *message = NULL;
WireguardIPmask *mask_start = NULL;
WireguardPeer *peer, *peer_start;
bool sent_once = false;
uint32_t serial;
Wireguard *w;
int r;
@ -227,7 +228,7 @@ static int wireguard_set_interface(NetDev *netdev) {
w = WIREGUARD(netdev);
assert(w);
for (peer_start = w->peers; peer_start; ) {
for (peer_start = w->peers; peer_start || !sent_once; ) {
uint16_t i = 0;
message = sd_netlink_message_unref(message);
@ -278,6 +279,8 @@ static int wireguard_set_interface(NetDev *netdev) {
r = sd_netlink_send(netdev->manager->genl, message, &serial);
if (r < 0)
return log_netdev_error_errno(netdev, r, "Could not set wireguard device: %m");
sent_once = true;
}
return 0;

207
src/network/networkd-link.c
View File

@ -618,10 +618,14 @@ static int link_new(Manager *manager, sd_netlink_message *message, Link **ret) {
if (r < 0)
log_link_debug_errno(link, r, "MAC address not found for new device, continuing without");
r = ethtool_get_permanent_macaddr(NULL, link->ifname, &link->permanent_mac);
r = ethtool_get_permanent_macaddr(&manager->ethtool_fd, link->ifname, &link->permanent_mac);
if (r < 0)
log_link_debug_errno(link, r, "Permanent MAC address not found for new device, continuing without: %m");
r = ethtool_get_driver(&manager->ethtool_fd, link->ifname, &link->driver);
if (r < 0)
log_link_debug_errno(link, r, "Failed to get driver, continuing without: %m");
r = sd_netlink_message_read_strv(message, IFLA_PROP_LIST, IFLA_ALT_IFNAME, &link->alternative_names);
if (r < 0 && r != -ENODATA)
return r;
@ -725,6 +729,7 @@ static Link *link_free(Link *link) {
strv_free(link->alternative_names);
free(link->kind);
free(link->ssid);
free(link->driver);
(void) unlink(link->state_file);
free(link->state_file);
@ -1128,16 +1133,14 @@ void link_check_ready(Link *link) {
in_addr_is_null(AF_INET6, (const union in_addr_union*) &link->ipv6ll_address))
return;
if ((link_dhcp4_enabled(link) || link_dhcp6_enabled(link)) &&
if ((link_dhcp4_enabled(link) || link_dhcp6_enabled(link) || link_ipv6_accept_ra_enabled(link)) &&
!link->dhcp4_configured &&
!link->dhcp6_configured &&
!link->ndisc_configured &&
!(link_ipv4ll_enabled(link, ADDRESS_FAMILY_FALLBACK_IPV4) && link->ipv4ll_address))
/* When DHCP is enabled, at least one protocol must provide an address, or
/* When DHCP or RA is enabled, at least one protocol must provide an address, or
* an IPv4ll fallback address must be configured. */
return;
if (link_ipv6_accept_ra_enabled(link) && !link->ndisc_configured)
return;
}
if (link->state != LINK_STATE_CONFIGURED)
@ -3041,8 +3044,10 @@ static int link_reconfigure_internal(Link *link, sd_netlink_message *m, bool for
strv_free_and_replace(link->alternative_names, s);
}
r = network_get(link->manager, link->iftype, link->sd_device, link->ifname, link->alternative_names,
&link->mac, &link->permanent_mac, link->wlan_iftype, link->ssid, &link->bssid, &network);
r = network_get(link->manager, link->iftype, link->sd_device,
link->ifname, link->alternative_names, link->driver,
&link->mac, &link->permanent_mac,
link->wlan_iftype, link->ssid, &link->bssid, &network);
if (r == -ENOENT) {
link_enter_unmanaged(link);
return 0;
@ -3177,8 +3182,10 @@ static int link_initialized_and_synced(Link *link) {
if (r < 0)
return r;
r = network_get(link->manager, link->iftype, link->sd_device, link->ifname, link->alternative_names,
&link->mac, &link->permanent_mac, link->wlan_iftype, link->ssid, &link->bssid, &network);
r = network_get(link->manager, link->iftype, link->sd_device,
link->ifname, link->alternative_names, link->driver,
&link->mac, &link->permanent_mac,
link->wlan_iftype, link->ssid, &link->bssid, &network);
if (r == -ENOENT) {
link_enter_unmanaged(link);
return 0;
@ -3293,7 +3300,6 @@ static int link_load(Link *link) {
*dhcp4_address = NULL,
*ipv4ll_address = NULL;
union in_addr_union address;
const char *p;
int r;
assert(link);
@ -3332,107 +3338,100 @@ static int link_load(Link *link) {
network_file_fail:
if (addresses) {
p = addresses;
for (const char *p = addresses; p; ) {
_cleanup_free_ char *address_str = NULL;
char *prefixlen_str;
int family;
unsigned char prefixlen;
for (;;) {
_cleanup_free_ char *address_str = NULL;
char *prefixlen_str;
int family;
unsigned char prefixlen;
r = extract_first_word(&p, &address_str, NULL, 0);
if (r < 0)
log_link_warning_errno(link, r, "failed to parse ADDRESSES: %m");
if (r <= 0)
break;
r = extract_first_word(&p, &address_str, NULL, 0);
if (r < 0) {
log_link_debug_errno(link, r, "Failed to extract next address string: %m");
continue;
}
if (r == 0)
break;
prefixlen_str = strchr(address_str, '/');
if (!prefixlen_str) {
log_link_debug(link, "Failed to parse address and prefix length %s", address_str);
continue;
}
*prefixlen_str++ = '\0';
r = sscanf(prefixlen_str, "%hhu", &prefixlen);
if (r != 1) {
log_link_error(link, "Failed to parse prefixlen %s", prefixlen_str);
continue;
}
r = in_addr_from_string_auto(address_str, &family, &address);
if (r < 0) {
log_link_debug_errno(link, r, "Failed to parse address %s: %m", address_str);
continue;
}
r = address_add(link, family, &address, prefixlen, NULL);
if (r < 0)
return log_link_error_errno(link, r, "Failed to add address: %m");
prefixlen_str = strchr(address_str, '/');
if (!prefixlen_str) {
log_link_debug(link, "Failed to parse address and prefix length %s", address_str);
continue;
}
*prefixlen_str++ = '\0';
r = sscanf(prefixlen_str, "%hhu", &prefixlen);
if (r != 1) {
log_link_error(link, "Failed to parse prefixlen %s", prefixlen_str);
continue;
}
r = in_addr_from_string_auto(address_str, &family, &address);
if (r < 0) {
log_link_debug_errno(link, r, "Failed to parse address %s: %m", address_str);
continue;
}
r = address_add(link, family, &address, prefixlen, NULL);
if (r < 0)
return log_link_error_errno(link, r, "Failed to add address: %m");
}
if (routes) {
p = routes;
for (const char *p = routes; p; ) {
_cleanup_(sd_event_source_unrefp) sd_event_source *expire = NULL;
_cleanup_(route_freep) Route *tmp = NULL;
_cleanup_free_ char *route_str = NULL;
char *prefixlen_str;
Route *route;
for (;;) {
_cleanup_(sd_event_source_unrefp) sd_event_source *expire = NULL;
_cleanup_(route_freep) Route *tmp = NULL;
_cleanup_free_ char *route_str = NULL;
char *prefixlen_str;
Route *route;
r = extract_first_word(&p, &route_str, NULL, 0);
if (r < 0)
log_link_debug_errno(link, r, "failed to parse ROUTES: %m");
if (r <= 0)
break;
r = extract_first_word(&p, &route_str, NULL, 0);
if (r < 0) {
log_link_debug_errno(link, r, "Failed to extract next route string: %m");
continue;
}
if (r == 0)
break;
prefixlen_str = strchr(route_str, '/');
if (!prefixlen_str) {
log_link_debug(link, "Failed to parse route %s", route_str);
continue;
}
*prefixlen_str++ = '\0';
r = route_new(&tmp);
if (r < 0)
return log_oom();
r = sscanf(prefixlen_str, "%hhu/%hhu/%"SCNu32"/%"PRIu32"/"USEC_FMT, &tmp->dst_prefixlen, &tmp->tos, &tmp->priority, &tmp->table, &tmp->lifetime);
if (r != 5) {
log_link_debug(link,
"Failed to parse destination prefix length, tos, priority, table or expiration %s",
prefixlen_str);
continue;
}
r = in_addr_from_string_auto(route_str, &tmp->family, &tmp->dst);
if (r < 0) {
log_link_debug_errno(link, r, "Failed to parse route destination %s: %m", route_str);
continue;
}
r = route_add(link, tmp, &route);
if (r < 0)
return log_link_error_errno(link, r, "Failed to add route: %m");
if (route->lifetime != USEC_INFINITY && !kernel_route_expiration_supported()) {
r = sd_event_add_time(link->manager->event, &expire, clock_boottime_or_monotonic(), route->lifetime,
0, route_expire_handler, route);
if (r < 0)
log_link_warning_errno(link, r, "Could not arm route expiration handler: %m");
}
sd_event_source_unref(route->expire);
route->expire = TAKE_PTR(expire);
prefixlen_str = strchr(route_str, '/');
if (!prefixlen_str) {
log_link_debug(link, "Failed to parse route %s", route_str);
continue;
}
*prefixlen_str++ = '\0';
r = route_new(&tmp);
if (r < 0)
return log_oom();
r = sscanf(prefixlen_str,
"%hhu/%hhu/%"SCNu32"/%"PRIu32"/"USEC_FMT,
&tmp->dst_prefixlen,
&tmp->tos,
&tmp->priority,
&tmp->table,
&tmp->lifetime);
if (r != 5) {
log_link_debug(link,
"Failed to parse destination prefix length, tos, priority, table or expiration %s",
prefixlen_str);
continue;
}
r = in_addr_from_string_auto(route_str, &tmp->family, &tmp->dst);
if (r < 0) {
log_link_debug_errno(link, r, "Failed to parse route destination %s: %m", route_str);
continue;
}
r = route_add(link, tmp, &route);
if (r < 0)
return log_link_error_errno(link, r, "Failed to add route: %m");
if (route->lifetime != USEC_INFINITY && !kernel_route_expiration_supported()) {
r = sd_event_add_time(link->manager->event, &expire,
clock_boottime_or_monotonic(),
route->lifetime, 0, route_expire_handler, route);
if (r < 0)
log_link_warning_errno(link, r, "Could not arm route expiration handler: %m");
}
sd_event_source_unref(route->expire);
route->expire = TAKE_PTR(expire);
}
if (dhcp4_address) {

1
src/network/networkd-link.h
View File

@ -57,6 +57,7 @@ typedef struct Link {
struct in6_addr ipv6ll_address;
uint32_t mtu;
sd_device *sd_device;
char *driver;
/* wlan */
enum nl80211_iftype wlan_iftype;

3
src/network/networkd-manager.c
View File

@ -1747,6 +1747,7 @@ int manager_new(Manager **ret) {
*m = (Manager) {
.speed_meter_interval_usec = SPEED_METER_DEFAULT_TIME_INTERVAL,
.ethtool_fd = -1,
};
m->state_file = strdup("/run/systemd/netif/state");
@ -1857,6 +1858,8 @@ void manager_free(Manager *m) {
free(m->dynamic_timezone);
free(m->dynamic_hostname);
safe_close(m->ethtool_fd);
free(m);
}

1
src/network/networkd-manager.h
View File

@ -26,6 +26,7 @@ struct Manager {
sd_bus *bus;
sd_device_monitor *device_monitor;
Hashmap *polkit_registry;
int ethtool_fd;
bool enumerating:1;
bool dirty:1;

4
src/network/networkd-network-gperf.gperf
View File

@ -172,7 +172,7 @@ DHCPv4.MaxAttempts, config_parse_dhcp_max_attempts,
DHCPv4.UserClass, config_parse_dhcp_user_class, 0, offsetof(Network, dhcp_user_class)
DHCPv4.DUIDType, config_parse_duid_type, 0, offsetof(Network, duid)
DHCPv4.DUIDRawData, config_parse_duid_rawdata, 0, offsetof(Network, duid)
DHCPv4.RouteMetric, config_parse_unsigned, 0, offsetof(Network, dhcp_route_metric)
DHCPv4.RouteMetric, config_parse_uint32, 0, offsetof(Network, dhcp_route_metric)
DHCPv4.RouteTable, config_parse_section_route_table, 0, 0
DHCPv4.UseTimezone, config_parse_bool, 0, offsetof(Network, dhcp_use_timezone)
DHCPv4.IAID, config_parse_iaid, 0, 0
@ -322,7 +322,7 @@ DHCP.VendorClassIdentifier, config_parse_string,
DHCP.UserClass, config_parse_dhcp_user_class, 0, offsetof(Network, dhcp_user_class)
DHCP.DUIDType, config_parse_duid_type, 0, offsetof(Network, duid)
DHCP.DUIDRawData, config_parse_duid_rawdata, 0, offsetof(Network, duid)
DHCP.RouteMetric, config_parse_unsigned, 0, offsetof(Network, dhcp_route_metric)
DHCP.RouteMetric, config_parse_uint32, 0, offsetof(Network, dhcp_route_metric)
DHCP.RouteTable, config_parse_section_route_table, 0, 0
DHCP.UseTimezone, config_parse_bool, 0, offsetof(Network, dhcp_use_timezone)
DHCP.IAID, config_parse_iaid, 0, 0

28
src/network/networkd-network.c
View File

@ -326,6 +326,7 @@ int network_verify(Network *network) {
int network_load_one(Manager *manager, OrderedHashmap **networks, const char *filename) {
_cleanup_free_ char *fname = NULL, *name = NULL;
_cleanup_(network_unrefp) Network *network = NULL;
_cleanup_strv_free_ char **dropins = NULL;
_cleanup_fclose_ FILE *file = NULL;
const char *dropin_dirname;
char *d;
@ -491,7 +492,7 @@ int network_load_one(Manager *manager, OrderedHashmap **networks, const char *fi
"TokenBucketFilter\0"
"TrivialLinkEqualizer\0",
config_item_perf_lookup, network_network_gperf_lookup,
CONFIG_PARSE_WARN, network);
CONFIG_PARSE_WARN, network, &dropins);
if (r < 0)
return r;
@ -507,9 +508,22 @@ int network_load_one(Manager *manager, OrderedHashmap **networks, const char *fi
network->filename);
struct stat stats;
if (stat(filename, &stats) < 0)
return -errno;
network->timestamp = timespec_load(&stats.st_mtim);
if (stat(filename, &stats) >= 0)
network->timestamp = timespec_load(&stats.st_mtim);
char **f;
STRV_FOREACH(f, dropins) {
usec_t t;
if (stat(*f, &stats) < 0) {
network->timestamp = 0;
break;
}
t = timespec_load(&stats.st_mtim);
if (t > network->timestamp)
network->timestamp = t;
}
if (network_verify(network) < 0)
/* Ignore .network files that do not match the conditions. */
@ -731,8 +745,8 @@ int network_get_by_name(Manager *manager, const char *name, Network **ret) {
}
int network_get(Manager *manager, unsigned short iftype, sd_device *device,
const char *ifname, char * const *alternative_names,
const struct ether_addr *address, const struct ether_addr *permanent_address,
const char *ifname, char * const *alternative_names, const char *driver,
const struct ether_addr *mac, const struct ether_addr *permanent_mac,
enum nl80211_iftype wlan_iftype, const char *ssid, const struct ether_addr *bssid,
Network **ret) {
Network *network;
@ -746,7 +760,7 @@ int network_get(Manager *manager, unsigned short iftype, sd_device *device,
network->match_path, network->match_driver,
network->match_type, network->match_name, network->match_property,
network->match_wlan_iftype, network->match_ssid, network->match_bssid,
iftype, device, address, permanent_address,
device, mac, permanent_mac, driver, iftype,
ifname, alternative_names, wlan_iftype, ssid, bssid)) {
if (network->match_name && device) {
const char *attr;

9
src/network/networkd-network.h
View File

@ -95,7 +95,7 @@ struct Network {
char **dhcp_user_class;
char *dhcp_hostname;
uint64_t dhcp_max_attempts;
unsigned dhcp_route_metric;
uint32_t dhcp_route_metric;
uint32_t dhcp_route_table;
uint32_t dhcp_route_mtu;
uint16_t dhcp_client_port;
@ -303,10 +303,11 @@ int network_load_one(Manager *manager, OrderedHashmap **networks, const char *fi
int network_verify(Network *network);
int network_get_by_name(Manager *manager, const char *name, Network **ret);
int network_get(Manager *manager, unsigned short iftype, sd_device *device, const char *ifname, char * const *alternative_names,
int network_get(Manager *manager, unsigned short iftype, sd_device *device,
const char *ifname, char * const *alternative_names, const char *driver,
const struct ether_addr *mac, const struct ether_addr *permanent_mac,
enum nl80211_iftype wlan_iftype, const char *ssid,
const struct ether_addr *bssid, Network **ret);
enum nl80211_iftype wlan_iftype, const char *ssid, const struct ether_addr *bssid,
Network **ret);
int network_apply(Network *network, Link *link);
void network_apply_anonymize_if_set(Network *network);

2
src/network/test-network.c
View File

@ -126,7 +126,7 @@ static void test_network_get(Manager *manager, sd_device *loopback) {
/* Let's hope that the test machine does not have a .network file that applies to loopback device…
* But it is still possible, so let's allow that case too. */
r = network_get(manager, 0, loopback, "lo", NULL, &mac, &mac, 0, NULL, NULL, &network);
r = network_get(manager, 0, loopback, "lo", NULL, NULL, &mac, &mac, 0, NULL, NULL, &network);
if (r == -ENOENT)
/* The expected case */
assert_se(!network);

2
src/network/test-networkd-conf.c
View File

@ -101,7 +101,7 @@ static void test_config_parse_duid_rawdata(void) {
test_config_parse_duid_rawdata_one("11::", 0, &(DUID){0, 1, {0x11}}); /* FIXME: should this be an error? */
test_config_parse_duid_rawdata_one("abcdef", 0, &(DUID){});
test_config_parse_duid_rawdata_one(BYTES_0_128, 0, &(DUID){});
test_config_parse_duid_rawdata_one(BYTES_0_128 + 2, 0, &(DUID){0, 128, BYTES_1_128});
test_config_parse_duid_rawdata_one(&BYTES_0_128[2], 0, &(DUID){0, 128, BYTES_1_128});
}
static void test_config_parse_hwaddr(void) {

4
src/nspawn/nspawn-mount.c
View File

@ -619,9 +619,9 @@ int mount_all(const char *dest,
#if HAVE_SELINUX
{ "/sys/fs/selinux", "/sys/fs/selinux", NULL, NULL, MS_BIND,
0 }, /* Bind mount first */
MOUNT_MKDIR }, /* Bind mount first (mkdir/chown the mount point in case /sys/ is mounted as minimal skeleton tmpfs) */
{ NULL, "/sys/fs/selinux", NULL, NULL, MS_BIND|MS_RDONLY|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_REMOUNT,
0 }, /* Then, make it r/o */
0 }, /* Then, make it r/o (don't mkdir/chown the mount point here, the previous entry already did that) */
#endif
};

29
src/nspawn/nspawn.c
View File

@ -2923,13 +2923,20 @@ static int inner_child(
/* Wait until the parent wrote the UID map */
if (!barrier_place_and_sync(barrier)) /* #2 */
return log_error_errno(SYNTHETIC_ERRNO(ESRCH),
"Parent died too early");
}
return log_error_errno(SYNTHETIC_ERRNO(ESRCH), "Parent died too early");
r = reset_uid_gid();
if (r < 0)
return log_error_errno(r, "Couldn't become new root: %m");
/* Become the new root user inside our namespace */
r = reset_uid_gid();
if (r < 0)
return log_error_errno(r, "Couldn't become new root: %m");
/* Creating a new user namespace means all MS_SHARED mounts become MS_SLAVE. Let's put them
* back to MS_SHARED here, since that's what we want as defaults. (This will not reconnect
* propagation, but simply create new peer groups for all our mounts). */
r = mount_verbose(LOG_ERR, NULL, "/", NULL, MS_SHARED|MS_REC, NULL);
if (r < 0)
return r;
}
r = mount_all(NULL,
arg_mount_settings | MOUNT_IN_USERNS,
@ -3294,9 +3301,8 @@ static int outer_child(
if (r < 0)
return r;
/* Mark everything as slave, so that we still
* receive mounts from the real root, but don't
* propagate mounts to the real root. */
/* Mark everything as slave, so that we still receive mounts from the real root, but don't propagate
* mounts to the real root. */
r = mount_verbose(LOG_ERR, NULL, "/", NULL, MS_SLAVE|MS_REC, NULL);
if (r < 0)
return r;
@ -3542,9 +3548,8 @@ static int outer_child(
notify_socket = safe_close(notify_socket);
uid_shift_socket = safe_close(uid_shift_socket);
/* The inner child has all namespaces that are
* requested, so that we all are owned by the user if
* user namespaces are turned on. */
/* The inner child has all namespaces that are requested, so that we all are owned by the
* user if user namespaces are turned on. */
if (arg_network_namespace_path) {
r = namespace_enter(-1, -1, netns_fd, -1, -1);

17
src/partition/repart.c
View File

@ -48,6 +48,12 @@
#include "terminal-util.h"
#include "utf8.h"
/* If not configured otherwise use a minimal partition size of 10M */
#define DEFAULT_MIN_SIZE (10*1024*1024)
/* Hard lower limit for new partition sizes */
#define HARD_MIN_SIZE 4096
/* Note: When growing and placing new partitions we always align to 4K sector size. It's how newer hard disks
* are designed, and if everything is aligned to that performance is best. And for older hard disks with 512B
* sector size devices were generally assumed to have an even number of sectors, hence at the worst we'll
@ -319,7 +325,9 @@ static uint64_t partition_min_size(const Partition *p) {
/* Calculate the disk space we really need at minimum for this partition. If the partition already
* exists the current size is what we really need. If it doesn't exist yet refuse to allocate less
* than 4K. */
* than 4K.
*
* DEFAULT_MIN_SIZE is the default SizeMin= we configure if nothing else is specified. */
if (PARTITION_IS_FOREIGN(p)) {
/* Don't allow changing size of partitions not managed by us */
@ -327,11 +335,8 @@ static uint64_t partition_min_size(const Partition *p) {
return p->current_size;
}
sz = p->current_size != UINT64_MAX ? p->current_size : 4096;
if (p->size_min != UINT64_MAX)
return MAX(p->size_min, sz);
return sz;
sz = p->current_size != UINT64_MAX ? p->current_size : HARD_MIN_SIZE;
return MAX(p->size_min == UINT64_MAX ? DEFAULT_MIN_SIZE : p->size_min, sz);
}
static uint64_t partition_max_size(const Partition *p) {

2
src/portable/portable.c
View File

@ -884,7 +884,7 @@ static int attach_unit_file(
_cleanup_(unlink_and_freep) char *tmp = NULL;
_cleanup_close_ int fd = -1;
fd = open_tmpfile_linkable(where, O_WRONLY|O_CLOEXEC, &tmp);
fd = open_tmpfile_linkable(path, O_WRONLY|O_CLOEXEC, &tmp);
if (fd < 0)
return log_debug_errno(fd, "Failed to create unit file '%s': %m", path);

2
src/resolve/resolv.conf
View File

@ -15,4 +15,4 @@
# operation for /etc/resolv.conf.
nameserver 127.0.0.53
options edns0
options edns0 trust-ad

11
src/resolve/resolved-dns-server.c
View File

@ -421,6 +421,7 @@ DnsServerFeatureLevel dns_server_possible_feature_level(DnsServer *s) {
s->possible_feature_level = s->verified_feature_level;
else {
DnsServerFeatureLevel p = s->possible_feature_level;
int log_level = LOG_WARNING;
if (s->n_failed_tcp >= DNS_SERVER_FEATURE_RETRY_ATTEMPTS &&
s->possible_feature_level == DNS_SERVER_FEATURE_LEVEL_TCP) {
@ -448,6 +449,10 @@ DnsServerFeatureLevel dns_server_possible_feature_level(DnsServer *s) {
log_debug("Server doesn't support EDNS(0) properly, downgrading feature level...");
s->possible_feature_level = DNS_SERVER_FEATURE_LEVEL_UDP;
/* Users often don't control the DNS server they use so let's not complain too loudly
* when we can't use EDNS because the DNS server doesn't support it. */
log_level = LOG_NOTICE;
} else if (s->packet_rrsig_missing &&
s->possible_feature_level >= DNS_SERVER_FEATURE_LEVEL_DO) {
@ -492,9 +497,9 @@ DnsServerFeatureLevel dns_server_possible_feature_level(DnsServer *s) {
/* We changed the feature level, reset the counting */
dns_server_reset_counters(s);
log_warning("Using degraded feature set (%s) for DNS server %s.",
dns_server_feature_level_to_string(s->possible_feature_level),
dns_server_string(s));
log_full(log_level, "Using degraded feature set %s instead of %s for DNS server %s.",
dns_server_feature_level_to_string(s->possible_feature_level),
dns_server_feature_level_to_string(p), dns_server_string(s));
}
}

Some files were not shown because too many files have changed in this diff Show More