proxmox-mirrors/systemd
1
0
Fork 0
mirror of https://git.proxmox.com/git/systemd synced 2026-01-24 05:14:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

New upstream version 251

Browse Source
This commit is contained in:
Luca Boccassi 2022-05-21 14:59:51 +01:00
parent b3e2133364
commit aff6a67fd8
104 changed files with 3956 additions and 2610 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
.editorconfig
View File

@ -32,3 +32,11 @@ indent_size = 8
indent_size = 2
indent_style = space
max_line_length = 109
[docs/**/*.css]
indent_style = space
indent_size = 2
[docs/**/*.html]
indent_style = space
indent_size = 2

4
.github/workflows/linter.yml vendored
View File

@ -36,11 +36,9 @@ jobs:
# Excludes:
# - man/.* - all snippets in man pages (false positives due to
# missing shebangs)
# - kernel-install/.* - false-positives for dropins (and I'm afraid
# to touch kernel-install)
# - .*\.(in|SKELETON) - all template/skeleton files
# - tools/coverity\.sh - external file (with some modifications)
FILTER_REGEX_EXCLUDE: .*/(man/.*|src/kernel-install/.*|.*\.(in|SKELETON)|tools/coverity\.sh)$
FILTER_REGEX_EXCLUDE: .*/(man/.*|.*\.(in|SKELETON)|tools/coverity\.sh)$
VALIDATE_ALL_CODEBASE: false
VALIDATE_BASH: true
VALIDATE_GITHUB_ACTIONS: true

1
.gitignore vendored
View File

@ -26,6 +26,7 @@ __pycache__/
/.#image.raw.lck
/image.raw.cache-pre-dev
/image.raw.cache-pre-inst
/image.raw.manifest
/install-tree
/.mkosi-*
/mkosi.builddir/

77
NEWS
View File

@ -78,6 +78,10 @@ CHANGES WITH 251:
Users might need to adjust their files that override tmpfiles.d/systemd.conf
to account for this change.
* The requirement for Portable Services images to contain a well-formed
os-release file (i.e.: contain at least an ID field) is now enforced.
This applies to base images and extensions, and also to systemd-sysext.
Changes in the Boot Loader Specification, kernel-install and sd-boot:
* kernel-install's and bootctl's Boot Loader Specification Type #1
@ -335,14 +339,14 @@ CHANGES WITH 251:
this way can be turned off via the new
`systemd.import_credentials=no` kernel command line option.
* LoadCredential= will now automatically search for credentials to
import in the /etc/credstore/, /run/credstore/, /usr/lib/credstore/
directories if no or a relative source filename is passed. Similar
LoadCredentialEncrypted= will search in these same directories, plus
* LoadCredential= will now automatically look for credentials in the
/etc/credstore/, /run/credstore/, /usr/lib/credstore/ directories if
the argument is not an absolute path. Similarly,
LoadCredentialEncrypted= will check the same directories plus
/etc/credstore.encrypted/, /run/credstore.encrypted/ and
/usr/lib/credstore.encrypted/. The idea is that these directories are
now the recommended system-wide location to place credentials for
automatic pick-up by services in.
/usr/lib/credstore.encrypted/. The idea is to use those directories
as the system-wide location for credentials that services should pick
up automatically.
* System and service credentials are described in great detail in a new
document:
@ -525,6 +529,19 @@ CHANGES WITH 251:
also check $COLORTERM (in addition to $NO_COLOR, $SYSTEMD_COLORS, and
$TERM).
* Meson's new install_tag feature is now in use for several components,
allowing to build and install select binaries only: pam, nss, devel
(pkg-config files), systemd-boot, libsystemd, libudev. Example:
$ meson build systemd-boot
$ meson install --tags systemd-boot --no-rebuild
https://mesonbuild.com/Installing.html#installation-tags
* A new build configuration option has been added, to allow selecting the
default compression algorithm used by systemd-journald and systemd-coredump.
This allows to build-in support for decompressing all supported formats,
but choose a specific one for compression. E.g.:
$ meson -Ddefault-compression=xz
Experimental features:
* sd-boot gained a new *experimental* setting "reboot-for-bitlocker" in
@ -547,38 +564,40 @@ CHANGES WITH 251:
Alvin Šipraga, amarjargal, Amarjargal, Andrea Pappacoda,
Andreas Rammhold, Andy Chi, Anita Zhang, Antonio Alvarez Feijoo,
Arfrever Frehtes Taifersar Arahesis, ash, Bastien Nocera, Be,
bearhoney, Ben Efros, Benjamin Berg, Brett Holman,
Christian Brauner, Clyde Byrd III, Curtis Klein, Daan De Meyer,
Daniele Medri, Daniel Mack, Danilo Krummrich, David, David Bond,
Davide Cavalca, David Tardon, davijosw, dependabot[bot],
Donald Chan, Dorian Clay, Eduard Tolosa, Elias Probst,
Erik Sjölund, Evgeny Vereshchagin, Federico Ceratto, Franck Bui,
Frantisek Sumsal, Gaël PORTAY, Georges Basile Stavracas Neto,
Gibeom Gwon, Goffredo Baroncelli, Grigori Goronzy, Hans de Goede,
Heiko Becker, Hugo Carvalho, Jakob Lell, James Hilliard,
Jan Janssen, Jason A. Donenfeld, Joan Bruguera, Joerie de Gram,
Josh Triplett, Julia Kartseva, Kazuo Moriwaka, Khem Raj,
ksa678491784, Lance, Lan Tian, Laura Barcziova, Lennart Poettering,
Leviticoh, licunlong, Lidong Zhong, lincoln auster, Lubomir Rintel,
Luca Boccassi, Luca BRUNO, lucagoc, Ludwig Nussel, Marcel Hellwig,
march1993, Marco Scardovi, Mario Limonciello, Mariusz Tkaczyk,
Markus Weippert, Martin Liska, Martin Wilck, Matija Skala,
bearhoney, Ben Efros, Benjamin Berg, Benjamin Franzke,
Brett Holman, Christian Brauner, Clyde Byrd III, Curtis Klein,
Daan De Meyer, Daniele Medri, Daniel Mack, Danilo Krummrich,
David, David Bond, Davide Cavalca, David Tardon, davijosw,
dependabot[bot], Donald Chan, Dorian Clay, Eduard Tolosa,
Elias Probst, Eli Schwartz, Erik Sjölund, Evgeny Vereshchagin,
Federico Ceratto, Franck Bui, Frantisek Sumsal, Gaël PORTAY,
Georges Basile Stavracas Neto, Gibeom Gwon, Goffredo Baroncelli,
Grigori Goronzy, Hans de Goede, Heiko Becker, Hugo Carvalho,
Jakob Lell, James Hilliard, Jan Janssen, Jason A. Donenfeld,
Joan Bruguera, Joerie de Gram, Josh Triplett, Julia Kartseva,
Kazuo Moriwaka, Khem Raj, ksa678491784, Lance, Lan Tian,
Laura Barcziova, Lennart Poettering, Leviticoh, licunlong,
Lidong Zhong, lincoln auster, Lubomir Rintel, Luca Boccassi,
Luca BRUNO, lucagoc, Ludwig Nussel, Marcel Hellwig, march1993,
Marco Scardovi, Mario Limonciello, Mariusz Tkaczyk,
Markus Weippert, Martin, Martin Liska, Martin Wilck, Matija Skala,
Matthew Blythe, Matthias Lisin, Matthijs van Duin, Matt Walton,
Max Gautier, Michael Biebl, Michael Olbrich, Michal Koutný,
Michal Sekletár, Mike Gilbert, MkfsSion, Morten Linderud,
Nick Rosbrook, Nishal Kulkarni, Noel Kuntze, Peter Hutterer,
Peter Morrow, Pigmy-penguin, prumian, Richard Neill,
Nick Rosbrook, Nikolai Grigoriev, Nikolai Kostrigin,
Nishal Kulkarni, Noel Kuntze, Pablo Ceballos, Peter Hutterer,
Peter Morrow, Pigmy-penguin, Piotr Drąg, prumian, Richard Neill,
Rike-Benjamin Schuppner, rodin-ia, Romain Naour, Ruben Kerkhof,
Ryan Hendrickson, Santa Wiryaman, Sebastian Pucilowski, Seth Falco,
Simon Ellmann, Sonali Srivastava, Stefan Seering,
Stephen Hemminger, tawefogo, techtino, Temuri Doghonadze,
Thomas Batten, Thomas Haller, Thomas Weißschuh, Tobias Stoeckmann,
Tyson Whitehead, Vishal Chillara Srinivas, Vivien Didelot,
w30023233, wangyuhang, Weblate, Xiaotian Wu, yangmingtai, YmrDtnJu,
Yonathan Randolph, Yutsuten, Yu Watanabe,
Tomasz Pala, Tyson Whitehead, Vishal Chillara Srinivas,
Vivien Didelot, w30023233, wangyuhang, Weblate, Xiaotian Wu,
yangmingtai, YmrDtnJu, Yonathan Randolph, Yutsuten, Yu Watanabe,
Zbigniew Jędrzejewski-Szmek, наб
Warsaw, 2022-03---
Edinburgh, 2022-05-21
CHANGES WITH 250:

147
README
View File

@ -60,7 +60,7 @@ REQUIREMENTS:
CONFIG_PROC_FS
CONFIG_FHANDLE (libudev, mount and bind mount handling)
Kernel crypto/hash API
Kernel crypto/hash API:
CONFIG_CRYPTO_USER_API_HASH
CONFIG_CRYPTO_HMAC
CONFIG_CRYPTO_SHA256
@ -71,15 +71,15 @@ REQUIREMENTS:
Legacy hotplug slows down the system and confuses udev:
CONFIG_UEVENT_HELPER_PATH=""
Userspace firmware loading is not supported and should
be disabled in the kernel:
Userspace firmware loading is not supported and should be disabled in
the kernel:
CONFIG_FW_LOADER_USER_HELPER=n
Some udev rules and virtualization detection relies on it:
CONFIG_DMIID
Support for some SCSI devices serial number retrieval, to
create additional symlinks in /dev/disk/ and /dev/tape:
Support for some SCSI devices serial number retrieval, to create
additional symlinks in /dev/disk/ and /dev/tape:
CONFIG_BLK_DEV_BSG
Required for PrivateNetwork= in service units:
@ -97,18 +97,18 @@ REQUIREMENTS:
CONFIG_{TMPFS,EXT4_FS,XFS,BTRFS_FS,...}_POSIX_ACL
CONFIG_SECCOMP
CONFIG_SECCOMP_FILTER (required for seccomp support)
CONFIG_KCMP (for the kcmp() syscall, used to be under CONFIG_CHECKPOINT_RESTORE before ~5.12)
CONFIG_KCMP (for the kcmp() syscall, used to be under
CONFIG_CHECKPOINT_RESTORE before ~5.12)
Required for CPUShares= in resource control unit settings
Required for CPUShares= in resource control unit settings:
CONFIG_CGROUP_SCHED
CONFIG_FAIR_GROUP_SCHED
Required for CPUQuota= in resource control unit settings
Required for CPUQuota= in resource control unit settings:
CONFIG_CFS_BANDWIDTH
Required for IPAddressDeny=, IPAddressAllow=, IPIngressFilterPath=,
IPEgressFilterPath= in resource control unit settings
unit settings
IPEgressFilterPath= in resource control unit settings unit settings:
CONFIG_BPF
CONFIG_BPF_SYSCALL
CONFIG_BPF_JIT
@ -116,7 +116,7 @@ REQUIREMENTS:
CONFIG_CGROUP_BPF
Required for SocketBind{Allow|Deny}=, RestrictNetworkInterfaces= in
resource control unit settings
resource control unit settings:
CONFIG_BPF
CONFIG_BPF_SYSCALL
CONFIG_BPF_JIT
@ -137,22 +137,21 @@ REQUIREMENTS:
CONFIG_DEBUG_INFO_BTF
CONFIG_LSM="...,bpf" or kernel booted with lsm="...,bpf".
We recommend to turn off Real-Time group scheduling in the
kernel when using systemd. RT group scheduling effectively
makes RT scheduling unavailable for most userspace, since it
requires explicit assignment of RT budgets to each unit whose
processes making use of RT. As there's no sensible way to
assign these budgets automatically this cannot really be
fixed, and it's best to disable group scheduling hence.
We recommend to turn off Real-Time group scheduling in the kernel when
using systemd. RT group scheduling effectively makes RT scheduling
unavailable for most userspace, since it requires explicit assignment of
RT budgets to each unit whose processes making use of RT. As there's no
sensible way to assign these budgets automatically this cannot really be
fixed, and it's best to disable group scheduling hence:
CONFIG_RT_GROUP_SCHED=n
It's a good idea to disable the implicit creation of networking bonding
devices by the kernel networking bonding module, so that the
automatically created "bond0" interface doesn't conflict with any such
device created by systemd-networkd (or other tools). Ideally there
would be a kernel compile-time option for this, but there currently
isn't. The next best thing is to make this change through a modprobe.d
drop-in. This is shipped by default, see modprobe.d/systemd.conf.
device created by systemd-networkd (or other tools). Ideally there would
be a kernel compile-time option for this, but there currently isn't. The
next best thing is to make this change through a modprobe.d drop-in.
This is shipped by default, see modprobe.d/systemd.conf.
Required for systemd-nspawn:
CONFIG_DEVPTS_MULTIPLE_INSTANCES or Linux kernel >= 4.7
@ -160,19 +159,17 @@ REQUIREMENTS:
Required for systemd-oomd:
CONFIG_PSI
Note that kernel auditing is broken when used with systemd's
container code. When using systemd in conjunction with
containers, please make sure to either turn off auditing at
runtime using the kernel command line option "audit=0", or
turn it off at kernel compile time using:
Note that kernel auditing is broken when used with systemd's container
code. When using systemd in conjunction with containers, please make
sure to either turn off auditing at runtime using the kernel command
line option "audit=0", or turn it off at kernel compile time using:
CONFIG_AUDIT=n
If systemd is compiled with libseccomp support on
architectures which do not use socketcall() and where seccomp
is supported (this effectively means x86-64 and ARM, but
excludes 32-bit x86!), then nspawn will now install a
work-around seccomp filter that makes containers boot even
with audit being enabled. This works correctly only on kernels
3.14 and newer though. TL;DR: turn audit off, still.
If systemd is compiled with libseccomp support on architectures which do
not use socketcall() and where seccomp is supported (this effectively
means x86-64 and ARM, but excludes 32-bit x86!), then nspawn will now
install a work-around seccomp filter that makes containers boot even
with audit being enabled. This works correctly only on kernels 3.14 and
newer though. TL;DR: turn audit off, still.
glibc >= 2.16
libcap
@ -238,27 +235,26 @@ REQUIREMENTS:
Useful commands:
ninja -C build -v some/target
meson test -C build/
sudo meson install -C build/
sudo meson install -C build/ --no-rebuild
DESTDIR=... meson install -C build/
A tarball can be created with:
v=250 && git archive --prefix=systemd-$v/ v$v | zstd >systemd-$v.tar.zstd
When systemd-hostnamed is used, it is strongly recommended to
install nss-myhostname to ensure that, in a world of
dynamically changing hostnames, the hostname stays resolvable
under all circumstances. In fact, systemd-hostnamed will warn
if nss-myhostname is not installed.
When systemd-hostnamed is used, it is strongly recommended to install
nss-myhostname to ensure that, in a world of dynamically changing
hostnames, the hostname stays resolvable under all circumstances. In
fact, systemd-hostnamed will warn if nss-myhostname is not installed.
nss-systemd must be enabled on systemd systems, as that's required for
DynamicUser= to work. Note that we ship services out-of-the-box that
make use of DynamicUser= now, hence enabling nss-systemd is not
optional.
Note that the build prefix for systemd must be /usr. (Moreover,
packages systemd relies on — such as D-Bus — really should use the same
prefix, otherwise you are on your own.) -Dsplit-usr=false (which is the
default and does not need to be specified) is the recommended setting.
Note that the build prefix for systemd must be /usr. (Moreover, packages
systemd relies on — such as D-Bus — really should use the same prefix,
otherwise you are on your own.) -Dsplit-usr=false (which is the default
and does not need to be specified) is the recommended setting.
-Dsplit-usr=true can be used to give a semblance of support for systems
with programs installed split between / and /usr. Moving everything
under /usr is strongly encouraged.
@ -271,34 +267,51 @@ REQUIREMENTS:
- strace (used by test/test-functions)
- capsh (optional, used by test-execute)
POLICY FOR SUPPORT OF DISTRIBUTIONS AND ARCHITECTURES:
systemd main branch and latest major or stable releases are generally
expected to compile on current versions of popular distributions (at
least all non-EOL versions of Fedora, Debian unstable/testing/stable,
latest Ubuntu LTS and non-LTS releases, openSUSE Tumbleweed/Leap,
CentOS Stream 8 and 9, up-to-date Arch, etc.) We will generally
attempt to support also other non-EOL versions of various distros.
Features which would break compilation on slightly-older distributions
will only be introduced if there are significant reasons for this
(i.e. supporting them interferes with development or requires too many
resources to support). In some cases backports of specific libraries or
tools might be required.
The policy is similar wrt. architecture support. systemd is regularly
tested on popular architectures (currently amd64, i386, arm64, ppc64el,
and s390x), but should compile and work also on other architectures, for
which support has been added. systemd will emit warnings when
architecture-specific constants are not defined.
USERS AND GROUPS:
Default udev rules use the following standard system group
names, which need to be resolvable by getgrnam() at any time,
even in the very early boot stages, where no other databases
and network are available:
Default udev rules use the following standard system group names, which
need to be resolvable by getgrnam() at any time, even in the very early
boot stages, where no other databases and network are available:
audio, cdrom, dialout, disk, input, kmem, kvm, lp, render, tape, tty, video
During runtime, the journal daemon requires the
"systemd-journal" system group to exist. New journal files will
be readable by this group (but not writable), which may be used
to grant specific users read access. In addition, system
groups "wheel" and "adm" will be given read-only access to
journal files using systemd-tmpfiles.service.
During runtime, the journal daemon requires the "systemd-journal" system
group to exist. New journal files will be readable by this group (but
not writable), which may be used to grant specific users read access. In
addition, system groups "wheel" and "adm" will be given read-only access
to journal files using systemd-tmpfiles.service.
The journal remote daemon requires the
"systemd-journal-remote" system user and group to
exist. During execution this network facing service will drop
privileges and assume this uid/gid for security reasons.
The journal remote daemon requires the "systemd-journal-remote" system
user and group to exist. During execution this network facing service
will drop privileges and assume this uid/gid for security reasons.
Similarly, the network management daemon requires the
"systemd-network" system user and group to exist.
Similarly, the network management daemon requires the "systemd-network"
system user and group to exist.
Similarly, the name resolution daemon requires the
"systemd-resolve" system user and group to exist.
Similarly, the name resolution daemon requires the "systemd-resolve"
system user and group to exist.
Similarly, the coredump support requires the
"systemd-coredump" system user and group to exist.
Similarly, the coredump support requires the "systemd-coredump" system
user and group to exist.
NSS:
systemd ships with four glibc NSS modules:
@ -318,9 +331,9 @@ NSS:
DynamicUser= setting in unit files.)
To make use of these NSS modules, please add them to the "hosts:",
"passwd:" and "group:" lines in /etc/nsswitch.conf. The "resolve"
module should replace the glibc "dns" module in this file (and don't
worry, it chain-loads the "dns" module if it can't talk to resolved).
"passwd:" and "group:" lines in /etc/nsswitch.conf. The "resolve" module
should replace the glibc "dns" module in this file (and don't worry, it
chain-loads the "dns" module if it can't talk to resolved).
The four modules should be used in the following order:

6
TODO
View File

@ -739,8 +739,10 @@ Features:
with matches, then activate app through that passing socket over
* unify on openssl:
- port journald + fsprg over from libgcrypt
- when that's done: kill gnutls support in resolved
- kill gnutls support in resolved
- figure out what to do about libmicrohttpd, which has a hard dependency on
gnutls
- port fsprg over to a dlopen lib, then switch it to openssl
* add growvol and makevol options for /etc/crypttab, similar to
x-systemd.growfs and x-systemd-makefs.

18
catalog/systemd.pl.catalog.in
View File

@ -187,6 +187,16 @@ Support: %SUPPORT_URL%
Zainicjowano wyłączenie systemu. Wyłączenie zostało rozpoczęte i wszystkie
usługi systemowe zostały zakończone, a wszystkie systemy plików odmontowane.
-- c14aaf76ec284a5fa1f105f88dfb061c
Subject: Zainicjowano przywrócenie danych fabrycznych systemu
Defined-By: systemd
Support: %SUPPORT_URL%
Zainicjowano przywrócenie danych fabrycznych systemu. Dokładne działanie,
jakie zostanie wykonane jest określone przez implementację, ale zwykle
powoduje przywrócenie stanu i konfiguracji systemu do domyślnych wartości
producenta.
-- 7d4958e842da4a758f6c1cdc7b36dcc5
Subject: Rozpoczęto wykonywanie zadania uruchamiania dla jednostki @UNIT@
Defined-By: systemd
@ -524,3 +534,11 @@ o ich aktualizację tak, aby działały w sposób dynamiczny
bez zależności od usługi systemd-udev-settle.service:
@OFFENDING_UNITS@
-- 7c8a41f37b764941a0e1780b1be2f037
Subject: Początkowa synchronizacja zegara
Defined-By: systemd
Support: %SUPPORT_URL%
Po raz pierwszy podczas obecnego uruchomienia uzyskano synchronizację NTP
i zainicjowano regulację lokalnego zegara systemowego.

40
docs/ARCHITECTURE.md
View File

@ -5,19 +5,21 @@ layout: default
SPDX-License-Identifier: LGPL-2.1-or-later
---
# Code Map
# The systemd Repository Architecture
## Code Map
This section will attempt to provide a high-level overview of the various
components of the systemd repository.
# Source Code
## Source Code
Directories in `src/` provide the implementation of all daemons, libraries and
command-line tools shipped by the project. There are many, and more are
constantly added, so we will not enumerate them all here — the directory
names are self-explanatory.
## Shared Code
### Shared Code
You might wonder what kind of common code belongs in `src/shared/` and what
belongs in `src/basic/`. The split is like this: anything that is used to
@ -44,14 +46,14 @@ To summarize:
`src/journal/` that end up in `libjournal-client.a` convenience library.
- may not use any code outside of `src/basic/`, `src/libsystemd/`, `src/shared/`
## PID 1
### PID 1
Code located in `src/core/` implements the main logic of the systemd system (and user)
service manager.
BPF helpers written in C and used by PID 1 can be found under `src/core/bpf/`.
### Implementing Unit Settings
#### Implementing Unit Settings
The system and session manager supports a large number of unit settings. These can generally
be configured in three ways:
@ -73,12 +75,12 @@ D-Bus messages in `src/shared/bus-unit-util.c`
So that they are exercised by the fuzzing CI, new unit settings should also be listed in the
text files under `test/fuzz/fuzz-unit-file/`.
## systemd-udev
### systemd-udev
Sources for the udev daemon and command-line tool (single binary) can be found under
`src/udev/`.
## Unit Tests
### Unit Tests
Source files found under `src/test/` implement unit-level testing, mostly for
modules found in `src/basic/` and `src/shared/`, but not exclusively. Each test
@ -91,7 +93,7 @@ and generally safe to run on the host without side effects.
Ideally, every module in `src/basic/` and `src/shared/` should have a
corresponding unit test under `src/test/`, exercising every helper function.
## Fuzzing
### Fuzzing
Fuzzers are a type of unit tests that execute code on an externally-supplied
input sample. Fuzzers are called `fuzz-*`. Fuzzers for `src/basic/` and
@ -113,11 +115,11 @@ as a normal executable and executed for each of the input samples under
with sanitizers and invoked as part of the test suite (if `-Dfuzz-tests=true`
is configured). Thirdly, fuzzers are executed through fuzzing engines that try
to find new "interesting" inputs through coverage feedback and massive
parallelization; see the links for oss-fuzz in [Code
quality](https://systemd.io/CODE_QUALITY). For testing and debugging, fuzzers
can be executed as any other program, including under `valgrind` or `gdb`.
parallelization; see the links for oss-fuzz in [Code quality](CODE_QUALITY.md).
For testing and debugging, fuzzers can be executed as any other program,
including under `valgrind` or `gdb`.
# Integration Tests
## Integration Tests
Sources in `test/TEST-*` implement system-level testing for executables,
libraries and daemons that are shipped by the project. They require privileges
@ -131,40 +133,40 @@ is the case.
See `test/README.testsuite` for more specific details.
# hwdb
## hwdb
Rules built in the static hardware database shipped by the project can be found
under `hwdb.d/`. Some of these files are updated automatically, some are filled
by contributors.
# Documentation
## Documentation
## systemd.io
### systemd.io
Markdown files found under `docs/` are automatically published on the
[systemd.io](https://systemd.io) website using Github Pages. A minimal unit test
to ensure the formatting doesn't have errors is included in the
`meson test -C build/ github-pages` run as part of the CI.
## Man pages
### Man pages
Manpages for binaries and libraries, and the DBUS interfaces, can be found under
`man/` and should ideally be kept in sync with changes to the corresponding
binaries and libraries.
## Translations
### Translations
Translations files for binaries and daemons, provided by volunteers, can be found
under `po/` in the usual format. They are kept up to date by contributors and by
automated tools.
# System Configuration files and presets
## System Configuration files and presets
Presets (or templates from which they are generated) for various daemons and tools
can be found under various directories such as `factory/`, `modprobe.d/`, `network/`,
`presets/`, `rules.d/`, `shell-completion/`, `sysctl.d/`, `sysusers.d/`, `tmpfiles.d/`.
# Utilities for Developers
## Utilities for Developers
`tools/`, `coccinelle/`, `.github/`, `.semaphore/`, `.lgtm/`, `.mkosi/` host various
utilities and scripts that are used by maintainers and developers. They are not

2
docs/AUTOMATIC_BOOT_ASSESSMENT.md
View File

@ -11,7 +11,7 @@ systemd provides support for automatically reverting back to the previous
version of the OS or kernel in case the system consistently fails to boot. This
support is built into various of its components. When used together these
components provide a complete solution on UEFI systems, built as add-on to the
[Boot Loader Specification](https://systemd.io/BOOT_LOADER_SPECIFICATION).
[Boot Loader Specification](BOOT_LOADER_SPECIFICATION.md).
However, the different components may also be used independently, and in
combination with other software, to implement similar schemes, for example with
other boot loaders or for non-UEFI systems. Here's a brief overview of the

10
docs/BOOT_LOADER_INTERFACE.md
View File

@ -72,7 +72,7 @@ variables. All EFI variables use the vendor UUID
* `1 << 1` → The boot loader honours `LoaderConfigTimeoutOneShot` when set.
* `1 << 2` → The boot loader honours `LoaderEntryDefault` when set.
* `1 << 3` → The boot loader honours `LoaderEntryOneShot` when set.
* `1 << 4` → The boot loader supports boot counting as described in [Automatic Boot Assessment](https://systemd.io/AUTOMATIC_BOOT_ASSESSMENT).
* `1 << 4` → The boot loader supports boot counting as described in [Automatic Boot Assessment](AUTOMATIC_BOOT_ASSESSMENT.md).
* `1 << 5` → The boot loader supports looking for boot menu entries in the Extended Boot Loader Partition.
* `1 << 6` → The boot loader supports passing a random seed to the OS.
@ -115,8 +115,8 @@ the identifiers as passed in `LoaderEntries`, `LoaderEntryDefault`,
`LoaderEntryOneShot`, `LoaderEntrySelected`, and possibly show nicely localized
names for them in UIs.
1. When boot loader entries are defined through [Boot Loader
Specification](https://systemd.io/BOOT_LOADER_SPECIFICATION) drop-in files
1. When boot loader entries are defined through
[Boot Loader Specification](BOOT_LOADER_SPECIFICATION.md) drop-in files
the identifier should be derived directly from the drop-in snippet name, but
with the `.conf` (or `.efi` in case of Type #2 entries) suffix removed.
@ -146,8 +146,8 @@ names for them in UIs.
## Links
[Boot Loader Specification](https://systemd.io/BOOT_LOADER_SPECIFICATION)<br>
[Discoverable Partitions Specification](https://systemd.io/DISCOVERABLE_PARTITIONS)<br>
[Boot Loader Specification](BOOT_LOADER_SPECIFICATION.md)<br>
[Discoverable Partitions Specification](DISCOVERABLE_PARTITIONS.md)<br>
[`systemd-boot(7)`](https://www.freedesktop.org/software/systemd/man/systemd-boot.html)<br>
[`bootctl(1)`](https://www.freedesktop.org/software/systemd/man/bootctl.html)<br>
[`systemd-gpt-auto-generator(8)`](https://www.freedesktop.org/software/systemd/man/systemd-gpt-auto-generator.html)

4
docs/BOOT_LOADER_SPECIFICATION.md
View File

@ -438,8 +438,8 @@ There are a couple of items that are out of focus for this specification:
## Links
[GUID Partition Table](https://en.wikipedia.org/wiki/GUID_Partition_Table)<br>
[Boot Loader Interface](https://systemd.io/BOOT_LOADER_INTERFACE)<br>
[Discoverable Partitions Specification](https://systemd.io/DISCOVERABLE_PARTITIONS)<br>
[Boot Loader Interface](BOOT_LOADER_INTERFACE.md)<br>
[Discoverable Partitions Specification](DISCOVERABLE_PARTITIONS.md)<br>
[`systemd-boot(7)`](https://www.freedesktop.org/software/systemd/man/systemd-boot.html)<br>
[`bootctl(1)`](https://www.freedesktop.org/software/systemd/man/bootctl.html)<br>
[`systemd-gpt-auto-generator(8)`](https://www.freedesktop.org/software/systemd/man/systemd-gpt-auto-generator.html)

27
docs/BUILDING_IMAGES.md
View File

@ -66,15 +66,15 @@ boot. For that it's essential to:
The
[`kernel-install(8)`](https://www.freedesktop.org/software/systemd/man/kernel-install.html)
logic used to generate [Boot Loader Specification Type
1](https://systemd.io/BOOT_LOADER_SPECIFICATION) entries by default uses the
machine ID as stored in `/etc/machine-id` for naming boot menu entries and the
directories in the ESP to place kernel images in. This is done in order to
allow multiple installations of the same OS on the same system without
conflicts. However, this is problematic if the machine ID shall be generated
automatically on first boot: if the ID is not known before the first boot it
cannot be used to name the most basic resources required for the boot process
to complete.
logic used to generate
[Boot Loader Specification Type 1](BOOT_LOADER_SPECIFICATION.md) entries by
default uses the machine ID as stored in `/etc/machine-id` for naming boot menu
entries and the directories in the ESP to place kernel images in. This is done
in order to allow multiple installations of the same OS on the same system
without conflicts. However, this is problematic if the machine ID shall be
generated automatically on first boot: if the ID is not known before the first
boot it cannot be used to name the most basic resources required for the boot
process to complete.
Thus, for images that shall acquire their identity on first boot only, it is
required to use a different identifier for naming boot menu entries. To allow
@ -203,9 +203,8 @@ it, then format it.
in. The `x-systemd.growfs` mount option in `/etc/fstab` is sufficient to
enable this logic for specific mounts. Alternatively appropriately set up
partitions can set GPT partition flag 59 to request this behaviour, see the
[Discoverable Partitions
Specification](https://systemd.io/DISCOVERABLE_PARTITIONS) for details. If
the file system is already grown it executes no operation.
[Discoverable Partitions Specification](DISCOVERABLE_PARTITIONS.md) for
details. If the file system is already grown it executes no operation.
3. Similar, the `systemd-makefs@.service` and `systemd-makeswap@.service`
services can format file systems and swap spaces before first use, if they
@ -268,8 +267,8 @@ fields.
[`machine-id(5)`](https://www.freedesktop.org/software/systemd/man/machine-id.html)<br>
[`systemd-random-seed(8)`](https://www.freedesktop.org/software/systemd/man/systemd-random-seed.service.html)<br>
[`os-release(5)`](https://www.freedesktop.org/software/systemd/man/os-release.html)<br>
[Boot Loader Specification](https://systemd.io/BOOT_LOADER_SPECIFICATION)<br>
[Discoverable Partitions Specification](https://systemd.io/DISCOVERABLE_PARTITIONS)<br>
[Boot Loader Specification](BOOT_LOADER_SPECIFICATION.md)<br>
[Discoverable Partitions Specification](DISCOVERABLE_PARTITIONS.md)<br>
[`mkosi`](https://github.com/systemd/mkosi)<br>
[`systemd-boot(7)`](https://www.freedesktop.org/software/systemd/man/systemd-boot.html)<br>
[`systemd-repart(8)`](https://www.freedesktop.org/software/systemd/man/systemd-repart.service.html)<br>

2
docs/CODE_QUALITY.md
View File

@ -72,7 +72,7 @@ available functionality:
15. Each PR is automatically tested with [Address Sanitizer](https://clang.llvm.org/docs/AddressSanitizer.html)
and [Undefined Behavior Sanitizer](https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html).
See [Testing systemd using sanitizers](https://systemd.io/TESTING_WITH_SANITIZERS)
See [Testing systemd using sanitizers](TESTING_WITH_SANITIZERS.md)
for more information.
16. Fossies provides [source code misspelling reports](https://fossies.org/features.html#codespell).

8
docs/CONVERTING_TO_HOMED.md
View File

@ -16,10 +16,10 @@ it might be desirable to convert an existing, traditional user account to a
Before continuing, please read up on these basic concepts:
* [Home Directories](https://systemd.io/HOME_DIRECTORY)
* [JSON User Records](https://systemd.io/USER_RECORD)
* [JSON Group Records](https://systemd.io/GROUP_RECORD)
* [User/Group Record Lookup API via Varlink](https://systemd.io/USER_GROUP_API)
* [Home Directories](HOME_DIRECTORY.md)
* [JSON User Records](USER_RECORD.md)
* [JSON Group Records](GROUP_RECORD.md)
* [User/Group Record Lookup API via Varlink](USER_GROUP_API.md)
## Caveat

8
docs/CREDENTIALS.md
View File

@ -57,9 +57,9 @@ purpose. Specifically, the following features are provided:
8. Credentials are an effective way to pass parameters into services that run
with `RootImage=` or `RootDirectory=` and thus cannot read these resources
directly from the host directory tree. Specifically, [Portable
Services](https://systemd.io/PORTABLE_SERVICES) may be parameterized this
way securely and robustly.
directly from the host directory tree.
Specifically, [Portable Services](PORTABLE_SERVICES.md) may be
parameterized this way securely and robustly.
9. Credentials can be binary and relatively large (though currently an overall
size limit of 1M per service is enforced).
@ -251,7 +251,7 @@ services where they are ultimately consumed.
invokes. [`systemd-nspawn(1)`](https://www.freedesktop.org/software/systemd/man/systemd-nspawn.html#Credentials)'s
`--set-credential=` and `--load-credential=` switches implement this, in
order to pass arbitrary credentials from host to container payload. Also see
the [Container Interface](https://systemd.io/CONTAINER_INTERFACE)
the [Container Interface](CONTAINER_INTERFACE.md)
documentation.
2. Quite similar, qemu VMs can be invoked with `-fw_cfg

19
docs/DISCOVERABLE_PARTITIONS.md
View File

@ -34,15 +34,14 @@ Note that the OS side of this specification is currently implemented in
[systemd](https://systemd.io/) 211 and newer in the
[systemd-gpt-auto-generator(8)](https://www.freedesktop.org/software/systemd/man/systemd-gpt-auto-generator.html)
generator tool. Note that automatic discovery of the root only works if the
boot loader communicates this information to the OS, by implementing the [Boot
Loader
Interface](https://systemd.io/BOOT_LOADER_INTERFACE).
boot loader communicates this information to the OS, by implementing the
[Boot Loader Interface](BOOT_LOADER_INTERFACE.md).
## Defined Partition Type UUIDs
| Name | Partition Type UUID | Allowed File Systems | Explanation |
|------|---------------------|----------------------|-------------|
| _Root Partition (Alpha)_ | `6523f8ae-3eb1-4e2a-a05a-18b695ae656f` | Any native, optionally in LUKS | On systems with matching architecture, the first partition with this type UUID on the disk containing the active EFI ESP is automatically mounted to the root directory <tt>/</tt>. If the partition is encrypted with LUKS or has dm-verity integrity data (see below), the device mapper file will be named `/dev/mapper/root`. |
| _Root Partition (Alpha)_ | `6523f8ae-3eb1-4e2a-a05a-18b695ae656f` | Any native, optionally in LUKS | On systems with matching architecture, the first partition with this type UUID on the disk containing the active EFI ESP is automatically mounted to the root directory `/`. If the partition is encrypted with LUKS or has dm-verity integrity data (see below), the device mapper file will be named `/dev/mapper/root`. |
| _Root Partition (ARC)_ | `d27f46ed-2919-4cb8-bd25-9531f3c16534` | ditto | ditto |
| _Root Partition (32-bit ARM)_ | `69dad710-2ce4-4e3c-b16c-21a1d49abed3` | ditto | ditto |
| _Root Partition (64-bit ARM/AArch64)_ | `b921b045-1df0-41c3-af44-4c6f280d3fae` | ditto | ditto |
@ -151,14 +150,14 @@ Interface](https://systemd.io/BOOT_LOADER_INTERFACE).
| _`/usr/` Verity Signature Partition (amd64/x86_64)_ | `e7bb33fb-06cf-4e81-8273-e543b413e2e2` | ditto | ditto |
| _`/usr/` Verity Signature Partition (x86)_ | `974a71c0-de41-43c3-be5d-5c5ccd1ad2c0` | ditto | ditto |
| _EFI System Partition_ | `c12a7328-f81f-11d2-ba4b-00a0c93ec93b` | VFAT | The ESP used for the current boot is automatically mounted to `/efi/` (or `/boot/` as fallback), unless a different partition is mounted there (possibly via `/etc/fstab`, or because the Extended Boot Loader Partition — see below — exists) or the directory is non-empty on the root disk. This partition type is defined by the [UEFI Specification](http://www.uefi.org/specifications). |
| _Extended Boot Loader Partition_ | `bc13c2ff-59e6-4262-a352-b275fd6f7172` | Typically VFAT | The Extended Boot Loader Partition (XBOOTLDR) used for the current boot is automatically mounted to <tt>/boot/</tt>, unless a different partition is mounted there (possibly via <tt>/etc/fstab</tt>) or the directory is non-empty on the root disk. This partition type is defined by the [Boot Loader Specification](https://systemd.io/BOOT_LOADER_SPECIFICATION). |
| _Extended Boot Loader Partition_ | `bc13c2ff-59e6-4262-a352-b275fd6f7172` | Typically VFAT | The Extended Boot Loader Partition (XBOOTLDR) used for the current boot is automatically mounted to `/boot/`, unless a different partition is mounted there (possibly via `/etc/fstab`) or the directory is non-empty on the root disk. This partition type is defined by the [Boot Loader Specification](BOOT_LOADER_SPECIFICATION.md). |
| _Swap_ | `0657fd6d-a4ab-43c4-84e5-0933c84b4f4f` | Swap, optionally in LUKS | All swap partitions on the disk containing the root partition are automatically enabled. If the partition is encrypted with LUKS, the device mapper file will be named `/dev/mapper/swap`. This partition type predates the Discoverable Partitions Specification. |
| _Home Partition_ | `933ac7e1-2eb4-4f13-b844-0e14e2aef915` | Any native, optionally in LUKS | The first partition with this type UUID on the disk containing the root partition is automatically mounted to `/home/`. If the partition is encrypted with LUKS, the device mapper file will be named `/dev/mapper/home`. |
| _Server Data Partition_ | `3b8f8425-20e0-4f3b-907f-1a25a76f98e8` | Any native, optionally in LUKS | The first partition with this type UUID on the disk containing the root partition is automatically mounted to `/srv/`. If the partition is encrypted with LUKS, the device mapper file will be named `/dev/mapper/srv`. |
| _Variable Data Partition_ | `4d21b016-b534-45c2-a9fb-5c16e091fd2d` | Any native, optionally in LUKS | The first partition with this type UUID on the disk containing the root partition is automatically mounted to `/var/` — under the condition that its partition UUID matches the first 128 bits of `HMAC-SHA256(machine-id, 0x4d21b016b53445c2a9fb5c16e091fd2d)` (i.e. the SHA256 HMAC hash of the binary type UUID keyed by the machine ID as read from [`/etc/machine-id`](https://www.freedesktop.org/software/systemd/man/machine-id.html). This special requirement is made because `/var/` (unlike the other partition types listed here) is inherently private to a specific installation and cannot possibly be shared between multiple OS installations on the same disk, and thus should be bound to a specific instance of the OS, identified by its machine ID. If the partition is encrypted with LUKS, the device mapper file will be named `/dev/mapper/var`. |
| _Temporary Data Partition_ | `7ec6f557-3bc5-4aca-b293-16ef5df639d1` | Any native, optionally in LUKS | The first partition with this type UUID on the disk containing the root partition is automatically mounted to `/var/tmp/`. If the partition is encrypted with LUKS, the device mapper file will be named `/dev/mapper/tmp`. Note that the intended mount point is indeed `/var/tmp/`, not `/tmp/`. The latter is typically maintained in memory via <tt>tmpfs</tt> and does not require a partition on disk. In some cases it might be desirable to make `/tmp/` persistent too, in which case it is recommended to make it a symlink or bind mount to `/var/tmp/`, thus not requiring its own partition type UUID. |
| _Temporary Data Partition_ | `7ec6f557-3bc5-4aca-b293-16ef5df639d1` | Any native, optionally in LUKS | The first partition with this type UUID on the disk containing the root partition is automatically mounted to `/var/tmp/`. If the partition is encrypted with LUKS, the device mapper file will be named `/dev/mapper/tmp`. Note that the intended mount point is indeed `/var/tmp/`, not `/tmp/`. The latter is typically maintained in memory via `tmpfs` and does not require a partition on disk. In some cases it might be desirable to make `/tmp/` persistent too, in which case it is recommended to make it a symlink or bind mount to `/var/tmp/`, thus not requiring its own partition type UUID. |
| _Per-user Home Partition_ | `773f91ef-66d4-49b5-bd83-d683bf40ad16` | Any native, optionally in LUKS | A home partition of a user, managed by [`systemd-homed`](https://www.freedesktop.org/software/systemd/man/systemd-homed.html). |
| _Generic Linux Data Partition_ | `0fc63daf-8483-4772-8e79-3d69d8477de4` | Any native, optionally in LUKS | No automatic mounting takes place for other Linux data partitions. This partition type should be used for all partitions that carry Linux file systems. The installer needs to mount them explicitly via entries in <tt>/etc/fstab</tt>. Optionally, these partitions may be encrypted with LUKS. This partition type predates the Discoverable Partitions Specification. |
| _Generic Linux Data Partition_ | `0fc63daf-8483-4772-8e79-3d69d8477de4` | Any native, optionally in LUKS | No automatic mounting takes place for other Linux data partitions. This partition type should be used for all partitions that carry Linux file systems. The installer needs to mount them explicitly via entries in `/etc/fstab`. Optionally, these partitions may be encrypted with LUKS. This partition type predates the Discoverable Partitions Specification. |
Other GPT type IDs might be used on Linux, for example to mark software RAID or
LVM partitions. The definitions of those GPT types is outside of the scope of
@ -410,9 +409,9 @@ The `gdisk` tool (from version 1.0.5 onward) and its variants (`sgdisk`,
## Links
[Boot Loader Specification](https://systemd.io/BOOT_LOADER_SPECIFICATION)<br>
[Boot Loader Interface](https://systemd.io/BOOT_LOADER_INTERFACE)<br>
[Safely Building Images](https://systemd.io/BUILDING_IMAGES)<br>
[Boot Loader Specification](BOOT_LOADER_SPECIFICATION.md)<br>
[Boot Loader Interface](BOOT_LOADER_INTERFACE.md)<br>
[Safely Building Images](BUILDING_IMAGES.md)<br>
[`systemd-boot(7)`](https://www.freedesktop.org/software/systemd/man/systemd-boot.html)<br>
[`bootctl(1)`](https://www.freedesktop.org/software/systemd/man/bootctl.html)<br>
[`systemd-gpt-auto-generator(8)`](https://www.freedesktop.org/software/systemd/man/systemd-gpt-auto-generator.html)

13
docs/ENVIRONMENT.md
View File

@ -182,8 +182,8 @@ All tools:
requested. The file contains the requested boot loader entry identifier. This
file may be checked for by services run during system shutdown in order to
request the appropriate operation from the boot loader in an alternative
fashion. Note that by default only boot loader entries which follow the [Boot
Loader Specification](https://systemd.io/BOOT_LOADER_SPECIFICATION) and are
fashion. Note that by default only boot loader entries which follow the
[Boot Loader Specification](BOOT_LOADER_SPECIFICATION.md) and are
placed in the ESP or the Extended Boot Loader partition may be selected this
way. However, if a directory `/run/boot-loader-entries/` exists, the entries
are loaded from there instead. The directory should contain the usual
@ -364,11 +364,10 @@ disk images with `--image=` or similar:
to load the embedded Verity signature data. If enabled (which is the
default), Verity root hash information and a suitable signature is
automatically acquired from a signature partition, following the
[Discoverable Partitions
Specification](https://systemd.io/DISCOVERABLE_PARTITIONS). If disabled any
such partition is ignored. Note that this only disables discovery of the root
hash and its signature, the Verity data partition itself is still searched in
the GPT image.
[Discoverable Partitions Specification](DISCOVERABLE_PARTITIONS.md).
If disabled any such partition is ignored. Note that this only disables
discovery of the root hash and its signature, the Verity data partition
itself is still searched in the GPT image.
* `$SYSTEMD_DISSECT_VERITY_SIGNATURE` — takes a boolean, which controls whether
to validate the signature of the Verity root hash if available. If enabled

4
docs/GROUP_RECORD.md
View File

@ -7,8 +7,8 @@ SPDX-License-Identifier: LGPL-2.1-or-later
# JSON Group Records
Long story short: JSON Group Records are to `struct group` what [JSON User
Records](https://systemd.io/USER_RECORD) are to `struct passwd`.
Long story short: JSON Group Records are to `struct group` what
[JSON User Records](USER_RECORD.md) are to `struct passwd`.
Conceptually, much of what applies to JSON user records also applies to JSON
group records. They also consist of seven sections, with similar properties and

2
docs/HACKING.md
View File

@ -331,7 +331,7 @@ debug and set "processId" to "${command:pickProcess}". Now, when starting the de
the PID of the process you want to debug. Run `systemctl show --property MainPID --value <component>` in the
container to figure out the PID and enter it when asked and VSCode will attach to that process instead.
# Debugging systemd-boot
## Debugging systemd-boot
During boot, systemd-boot and the stub loader will output a message like `systemd-boot@0x0A,0x0B`,
providing the location of the text and data sections. These location can then be used to attach

4
docs/HOME_DIRECTORY.md
View File

@ -18,8 +18,8 @@ mechanism used.
## General Structure
Inside of the home directory a file `~/.identity` contains the JSON formatted
user record of the user. It follows the format defined in [`JSON User
Records`](https://systemd.io/USER_RECORD). It is recommended to bring the
user record of the user. It follows the format defined in
[`JSON User Records`](USER_RECORD.md). It is recommended to bring the
record into 'normalized' form (i.e. all objects should contain their fields
sorted alphabetically by their key) before storing it there, though this is not
required nor enforced. Since the user record is cryptographically signed, the

12
docs/INITRD_INTERFACE.md
View File

@ -37,11 +37,10 @@ interfaces are currently used by dracut and the ArchLinux initrds.
optionally followed (in `argv[2]`, `argv[3]`, … systemd's original command
line options, for example `--log-level=` and similar.
* Storage daemons run from the initrd should follow the guide on [systemd
and Storage Daemons for the Root File
System](https://systemd.io/ROOT_STORAGE_DAEMONS) to survive properly from the
boot initrd all the way to the point where systemd jumps back into the initrd
for shutdown.
* Storage daemons run from the initrd should follow the guide on
[systemd and Storage Daemons for the Root File System](ROOT_STORAGE_DAEMONS.md)
to survive properly from the boot initrd all the way to the point where
systemd jumps back into the initrd for shutdown.
One last clarification: we use the term _initrd_ very generically here
describing any kind of early boot file system, regardless whether that might be
@ -70,5 +69,4 @@ systemd. Here are a few terse notes:
* The switch-root operation will result in a killing spree of all running
processes. Some processes might need to be excluded from that, see the guide
on [systemd and Storage Daemons for the Root File
System](https://systemd.io/ROOT_STORAGE_DAEMONS).
on [systemd and Storage Daemons for the Root File System](ROOT_STORAGE_DAEMONS.md).

12
docs/JOURNAL_EXPORT_FORMATS.md
View File

@ -1,15 +1,17 @@
---
title: Journal Export Format
title: Journal Export Formats
category: Interfaces
layout: default
SPDX-License-Identifier: LGPL-2.1-or-later
---
# Journal Export Format
# Journal Export Formats
## Journal Export Format
_Note that this document describes the binary serialization format of journals only, as used for transfer across the network.
For interfacing with web technologies there's the Journal JSON Format, described below.
The binary format on disk is documented as the [Journal File Format](https://systemd.io/JOURNAL_FILE_FORMAT/)._
The binary format on disk is documented as the [Journal File Format](JOURNAL_FILE_FORMAT.md)._
_Before reading on, please make sure you are aware of the [basic properties of journal entries](https://www.freedesktop.org/software/systemd/man/systemd.journal-fields.html), in particular realize that they may include binary non-text data (though usually don't), and the same field might have multiple values assigned within the same entry (though usually hasn't)._
@ -118,11 +120,11 @@ _CMDLINE=python3 -c from systemd import journal; journal.send("foo\nbar")
_SOURCE_REALTIME_TIMESTAMP=1423944916372858
```
# Journal JSON Format
## Journal JSON Format
_Note that this section describes the JSON serialization format of the journal only, as used for interfacing with web technologies.
For binary transfer of journal data across the network there's the Journal Export Format described above.
The binary format on disk is documented as [Journal File Format](https://systemd.io/JOURNAL_FILE_FORMAT)._
The binary format on disk is documented as [Journal File Format](JOURNAL_FILE_FORMAT.md)._
_Before reading on, please make sure you are aware of the [basic properties of journal entries](https://www.freedesktop.org/software/systemd/man/systemd.journal-fields.html), in particular realize that they may include binary non-text data (though usually don't), and the same field might have multiple values assigned within the same entry (though usually hasn't)._

11
docs/JOURNAL_FILE_FORMAT.md
View File

@ -8,8 +8,8 @@ SPDX-License-Identifier: LGPL-2.1-or-later
# Journal File Format
_Note that this document describes the binary on-disk format of journals only.
For interfacing with web technologies there's the [Journal JSON Format](https://systemd.io/JOURNAL_EXPORT_FORMATS#journal-json-format).
For transfer of journal data across the network there's the [Journal Export Format](https://systemd.io/JOURNAL_EXPORT_FORMATS#journal-export-format)._
For interfacing with web technologies there's the [Journal JSON Format](JOURNAL_EXPORT_FORMATS.md#journal-json-format).
For transfer of journal data across the network there's the [Journal Export Format](JOURNAL_EXPORT_FORMATS.md#journal-export-format)._
The systemd journal stores log data in a binary format with several features:
@ -45,9 +45,10 @@ stream-based nature it is not indexed.
_Or, to put this in other words: this low-level document is probably not what
you want to use as base of your project. You want our [C
API](https://www.freedesktop.org/software/systemd/man/sd-journal.html) instead!
And if you really don't want the C API, then you want the [Journal Export
Format or Journal JSON Format](https://systemd.io/JOURNAL_EXPORT_FORMATS) instead!
This document is primarily for your entertainment and education. Thank you!_
And if you really don't want the C API, then you want the
[Journal Export Format or Journal JSON Format](JOURNAL_EXPORT_FORMATS.md)
instead! This document is primarily for your entertainment and education.
Thank you!_
This document assumes you have a basic understanding of the journal concepts,
the properties of a journal entry and so on. If not, please go and read up,

261
docs/NETWORK_ONLINE.md Normal file
View File

@ -0,0 +1,261 @@
---
title: Running Services After the Network Is Up
category: Concepts
layout: default
SPDX-License-Identifier: LGPL-2.1-or-later
---
# Network configuration synchronization points
systemd provides three target units related to network configuration:
## Network pre-configuration: `network-pre.target`
`network-pre.target` is used to order services before any network interfaces
start to be configured. Its primary purpose is for usage with firewall services
that want to establish a firewall *before* any network interface is up.
`network-pre.target` is a passive unit: it cannot be started directly and it is
not pulled in by the the network management service, but instead a service that
wants to run before it must pull it in. Network management services hence
should set `After=network-pre.target`, but not `Wants=network-pre.target` or
`Requires=network-pre.target`. Services that want to be run before the network
is configured should use `Before=network-pre.target` and
`Wants=network-pre.target`. This way, unless there's actually a service that
needs to be ordered before the network is up, this target is not pulled in,
avoiding an unnecessary synchronization point.
## Network management services: `network.target`
`network.target` indicates that the network management stack has been started.
Ordering after it it has little meaning during start-up: whether any network
interfaces are already configured when it is reached is not defined.
Its primary purpose is for ordering things properly at shutdown: since the
shutdown ordering of units in systemd is the reverse of the startup ordering,
any unit that has `After=network.target` can be sure that it is *stopped*
before the network is shut down when the system is going down. This allows
services to cleanly terminate connections before going down, instead of losing
ongoing connections leaving the other side in an undefined state.
Note that `network.target` is a passive unit: you cannot start it directly and
it is not pulled in by any services that want to make use of the network.
Instead, it is pulled in by the network management services
themselves. Services using the network should hence simply place an
`After=network.target` stanza in their unit files, without
`Wants=network.target` or `Requires=network.target`.
## Network connectivity has been estabilished: `network-online.target`
`network-online.target` is a target that actively waits until the network is
"up", where the definition of "up" is defined by the network management
software. Usually it indicates a configured, routable IP address of some
kind. Its primary purpose is to actively delay activation of services until the
network has been set up.
It is an active target, meaning that it may be pulled in by the services
requiring the network to be up, but is not pulled in by the network management
service itself. By default all remote mounts defined in `/etc/fstab` make use
of this service, in order to make sure the network is up before attempts to
connect to a network share are made. Note that normally, if no service requires
it and if no remote mount point is configured, this target is not pulled into
the boot, thus avoiding any delays during boot should the network not be
available. It is strongly recommended not to make use of this target too
liberally: for example network server software should generally not pull this
in (since server software generally is happy to accept local connections even
before any routable network interface is up). Its primary purpose is network
client software that cannot operate without network.
For more details about those targets, see the
[systemd.special(7)](http://www.freedesktop.org/software/systemd/man/systemd.special.html)
man page.
## Compatibility with SysV init
LSB defines a `$network` dependency for legacy init scripts. Whenever systemd
encounters a `$network` dependency in LSB headers of init scripts it will
translate this to `Wants=` and `After=` dependencies on
`network-online.target`, staying relatively close to traditional LSB behaviour.
# Discussion
The meaning of `$network` is defined [only very
unprecisely](http://refspecs.linuxbase.org/LSB_3.1.1/LSB-Core-generic/LSB-Core-generic/facilname.html)
and people tend to have different ideas what it is supposed to mean. Here are a
couple of ideas people came up with so far:
* The network management software is up.
* All "configured" network interfaces are up and an IP address has been assigned to each.
* All discovered local hardware interfaces that have a link beat have an IP address assigned, independently whether there is actually any explicit local configuration for them.
* The network has been set up precisely to the level that a DNS server is reachable.
* Same, but some specific site-specific server is reachable.
* Same, but "the Internet" is reachable.
* All "configured" ethernet devices are up, but all "configured" PPP links which are supposed to also start at boot don't have to be yet.
* A certain "profile" is enabled and some condition of the above holds. If another "profile" is enabled a different condition would have to be checked.
* Based on the location of the system a different set of configuration should be up or checked for.
* At least one global IPv4 address is configured.
* At least one global IPv6 address is configured.
* At least one global IPv4 or IPv6 address is configured.
* And so on and so on.
All these are valid approaches to the question "When is the network up?", but
none of them would be useful to be good as generic default.
Modern networking tends to be highly dynamic: machines are moved between
networks, network configuration changes, hardware is added and removed, virtual
networks are set up, reconfigured, and shut down again. Network connectivity is
not unconditionally and continuously available, and a machine is connected to
different networks at different times. This is particularly true for mobile
hardware such as handsets, tablets, and laptops, but also for embedded and
servers. Software that is written under the assumption that network
connectivity is available continuously and never changes is hence not
up-to-date with reality. Well-written software should be able to handle dynamic
configuration changes. It should react to changing network configuration and
make the best of it. If it cannot reach a server it must retry. If network
configuration connectivity is lost it must not fail catastrophically. Reacting
to local network configuration changes in daemon code is not particularly
hard. In fact many well-known network-facing services running on Linux have
been doing this for decades. A service written like this is robust, can be
started at any time, and will always do the best of the circumstances it is
running in.
`$network` / `network-online.target` is a mechanism that is required only to
deal with software that assumes continuous network is available (i.e. of the
simple not-well-written kind). Which facet of it it requires is undefined. An
IMAP server might just require a certain IP to be assigned so that it can
listen on it. OTOH a network file system client might need DNS up, and the
service to contact up, as well. What precisely is required is not obvious and
can be different things depending on local configuration.
A robust system boots up independently of external services. More specifically,
if a network DHCP server does not react, this should not slow down boot on most
setups, but only for those where network connectivity is strictly needed (for
example, because the host actually boots from the network).
# FAQ
## How do I make sure that my service starts after the network is *really* online?
That depends on your setup and the services you plan to run after it (see
above). If you need to delay you service after network connectivity has been
established, include
```ini
After=network-online.target
Wants=network-online.target
```
in the `.service` file.
This will delay boot until the network management software says the network is "up".
For details, see the next question.
## What does "up" actually mean?
The services that are ordered before `network-online.target` define it's
meaning. *Usually* means that all configured network devices are up and have an
IP address assigned, but details may vary. In particular, configuration may
affect which interfaces are taken into account.
`network-online.target` will time out after 90s. Enabling this might
considerably delay your boot even if the timeout is not reached.
The right "wait" service must be enabled:
`NetworkManager-wait-online.service` if `NetworkManager` is used to configure
the network, `systemd-networkd-wait-online.service` if `systemd-networkd` is
used, etc. `systemd-networkd.service` has
`Also=systemd-networkd-wait-online.service` in its `[Install]` section, so when
`systemd-networkd.service` is enabled, `systemd-networkd-wait-online.service`
will be enabled too, which means that `network-online.target` will include
`systemd-networkd-wait-online.service` when and only when
`systemd-networkd.service` is enabled. `NetworkManager-wait-online.service` is
set up similarly. This means that the "wait" services do not need to be enabled
explicitly. They will be enabled automatically when the "main" service is
enabled, though they will not be *used* unless something else pulls in
`network-online.target`.
To verify that the right service is enabled (usually only one should be):
```console
$ systemctl is-enabled NetworkManager-wait-online.service systemd-networkd-wait-online.service
disabled
enabled
```
## Should `network-online.target` be used?
Please note that `network-online.target` means that the network connectivity
*has been* reached, not that it is currently available. By the very nature and
design of the network, connectivity may briefly or permanently disappear, so
for reasonable user experience, services need to handle temporary lack of
connectivity.
If you are a developer, instead of wondering what to do about `network.target`,
please just fix your program to be friendly to dynamically changing network
configuration. That way you will make your users happy because things just
start to work, and you will get fewer bug reports. You also make the boot
faster by not delaying services until network connectivity has been
established. This is particularly important for folks with slow address
assignment replies from a DHCP server.
Here are a couple of possible approaches:
1. Watch rtnetlink and react to network configuration changes as they
happen. This is usually the nicest solution, but not always the easiest.
2. If you write a server: listen on `[::]`, `[::1]`, `0.0.0.0`, and `127.0.0.1`
only. These pseudo-addresses are unconditionally available. If you always
bind to these addresses you will have code that doesn't have to react to
network changes, as all you listen on is catch-all and private addresses.
3. If you write a server: if you want to listen on other, explicitly configured
addresses, consider using the `IP_FREEBIND` sockopt functionality of the
Linux kernel. This allows your code to bind to an address even if it is not
actually (yet or ever) configured locally. This also makes your code robust
towards network configuration changes. This is provided as `FreeBind=`
for systemd services, see
[systemd.socket(5)](http://www.freedesktop.org/software/systemd/man/systemd.socket.html).
An exception to the above recommendations is services which require network
connectivity, but do not delay system startup. An example may be a service
which downloads package updates into a cache (to be used at some point in the
future by the package management software). Such a service may even start
during boot, and pull in and be ordered after `network-online.target`, but as
long as it is not ordered before any unit that is part of the default target,
it does not delay boot. It is usually easier to write such a service in a
"simplistic" way, where it doesn't try to wait for the network connectivity to
be (re-)established, but is instead started when the network has connectivity,
and if the network goes away, it fails and relies on the system manager to
restart it if appropriate.
## Modyfing the meaning of `network-online.target`
As described above, the meaning of this target is defined first by which
implementing services are enabled (`NetworkManager-wait-online.service`,
`systemd-networkd-wait-online.service`, …), and second by the configuration
specific to those services.
For example, `systemd-networkd-wait-online.service` will wait until all
interfaces that are present and managed by
[systemd-networkd.service(8)](http://www.freedesktop.org/software/systemd/man/systemd-networkd.service.html).
are fully configured or failed and at least one link is online; see
[systemd-networkd-wait-online.service(8)](http://www.freedesktop.org/software/systemd/man/systemd-networkd-wait-online.service.html)
for details. Those conditions are affected by the presence of configuration
that matches various links, but also by settings like
`Unmanaged=`, `RequiredForOnline=`, `RequiredFamilyForOnline=`; see
[systemd.network(5)](http://www.freedesktop.org/software/systemd/man/systemd.socket.html).
It is also possible to plug in additional checks for network state. For
example, to delay `network-online.target` until some a specific host is
reachable (the name can be resolved over DNS and the appropriate route has been
established), the following simple service could be used:
```ini
[Unit]
DefaultDependencies=no
After=nss-lookup.target
Before=network-online.target
[Service]
ExecStart=sh -c 'while ! ping -c 1 example.com; do sleep 1; done'
[Install]
WantedBy=network-online.target
```

16
docs/PORTABILITY_AND_STABILITY.md
View File

@ -83,9 +83,9 @@ And now, here's the list of (hopefully) all APIs that we have introduced with sy
| [hostnamed](https://www.freedesktop.org/wiki/Software/systemd/hostnamed) | D-Bus | yes | yes | GNOME | yes | [Ubuntu](https://launchpad.net/ubuntu/+source/ubuntu-system-service), [Gentoo](http://www.gentoo.org/proj/en/desktop/gnome/openrc-settingsd.xml), [BSD](http://uglyman.kremlin.cc/gitweb/gitweb.cgi?p=systembsd.git;a=summary) | partially |
| [localed](https://www.freedesktop.org/wiki/Software/systemd/localed) | D-Bus | yes | yes | GNOME | yes | [Ubuntu](https://launchpad.net/ubuntu/+source/ubuntu-system-service), [Gentoo](http://www.gentoo.org/proj/en/desktop/gnome/openrc-settingsd.xml), [BSD](http://uglyman.kremlin.cc/gitweb/gitweb.cgi?p=systembsd.git;a=summary) | partially |
| [timedated](https://www.freedesktop.org/wiki/Software/systemd/timedated) | D-Bus | yes | yes | GNOME | yes | [Gentoo](http://www.gentoo.org/proj/en/desktop/gnome/openrc-settingsd.xml), [BSD](http://uglyman.kremlin.cc/gitweb/gitweb.cgi?p=systembsd.git;a=summary) | partially |
| [initrd interface](https://systemd.io/INITRD_INTERFACE) | Environment, flag files | yes | yes | dracut, ArchLinux | yes | ArchLinux | no |
| [Container interface](https://systemd.io/CONTAINER_INTERFACE) | Environment, Mounts | yes | yes | libvirt/LXC | yes | - | no |
| [Boot Loader interface](https://systemd.io/BOOT_LOADER_INTERFACE) | EFI variables | yes | yes | gummiboot | yes | - | no |
| [initrd interface](INITRD_INTERFACE.md) | Environment, flag files | yes | yes | dracut, ArchLinux | yes | ArchLinux | no |
| [Container interface](CONTAINER_INTERFACE.md) | Environment, Mounts | yes | yes | libvirt/LXC | yes | - | no |
| [Boot Loader interface](BOOT_LOADER_INTERFACE.md) | EFI variables | yes | yes | gummiboot | yes | - | no |
| [Service bus API](https://www.freedesktop.org/wiki/Software/systemd/dbus) | D-Bus | yes | yes | system-config-services | no | - | no |
| [logind](https://www.freedesktop.org/wiki/Software/systemd/logind) | D-Bus | yes | yes | GNOME | no | - | no |
| [sd-login.h API](https://www.freedesktop.org/software/systemd/man/sd-login.html) | C Library | yes | yes | GNOME, polkit, ... | no | - | no |
@ -95,15 +95,15 @@ And now, here's the list of (hopefully) all APIs that we have introduced with sy
| [$XDG_RUNTIME_DIR](https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html) | Environment | yes | yes | glib, GNOME | yes | - | no |
| [$LISTEN_FDS $LISTEN_PID FD Passing](https://www.freedesktop.org/software/systemd/man/sd_listen_fds.html) | Environment | yes | yes | numerous (via sd-daemon.h) | yes | - | no |
| [$NOTIFY_SOCKET Daemon Notifications](https://www.freedesktop.org/software/systemd/man/sd_notify.html) | Environment | yes | yes | a few, including udev | yes | - | no |
| [argv&#91;0&#93;&#91;0&#93;='@' Logic](https://systemd.io/ROOT_STORAGE_DAEMONS) | `/proc` marking | yes | yes | mdadm | yes | - | no |
| [argv&#91;0&#93;&#91;0&#93;='@' Logic](ROOT_STORAGE_DAEMONS.md) | `/proc` marking | yes | yes | mdadm | yes | - | no |
| [Unit file format](https://www.freedesktop.org/software/systemd/man/systemd.unit.html) | File format | yes | yes | numerous | no | - | no |
| [Network](https://www.freedesktop.org/software/systemd/man/systemd.network.html) & [Netdev file format](https://www.freedesktop.org/software/systemd/man/systemd.netdev.html) | File format | yes | yes | no | no | - | no |
| [Link file format](https://www.freedesktop.org/software/systemd/man/systemd.link.html) | File format | yes | yes | no | no | - | no |
| [Journal File Format](https://systemd.io/JOURNAL_FILE_FORMAT) | File format | yes | yes | - | maybe | - | no |
| [Journal Export Format](https://systemd.io/JOURNAL_EXPORT_FORMATS#journal-export-format) | File format | yes | yes | - | yes | - | no |
| [Journal JSON Format](https://systemd.io/JOURNAL_EXPORT_FORMATS#journal-json-format) | File format | yes | yes | - | yes | - | no |
| [Journal File Format](JOURNAL_FILE_FORMAT.md) | File format | yes | yes | - | maybe | - | no |
| [Journal Export Format](JOURNAL_EXPORT_FORMATS.md#journal-export-format) | File format | yes | yes | - | yes | - | no |
| [Journal JSON Format](JOURNAL_EXPORT_FORMATS.md#journal-json-format) | File format | yes | yes | - | yes | - | no |
| [Cooperation in cgroup tree](https://www.freedesktop.org/wiki/Software/systemd/PaxControlGroups) | Treaty | yes | yes | libvirt | yes | libvirt | no |
| [Password Agents](https://systemd.io/PASSWORD_AGENTS) | Socket+Files | yes | yes | - | yes | - | no |
| [Password Agents](PASSWORD_AGENTS.md) | Socket+Files | yes | yes | - | yes | - | no |
| [udev multi-seat properties](https://www.freedesktop.org/software/systemd/man/sd-login.html) | udev Property | yes | yes | X11, gdm | no | - | no |
| udev session switch ACL properties | udev Property | no | no | - | no | - | no |
| [CLI of systemctl,...](https://www.freedesktop.org/software/systemd/man/systemctl.html) | CLI | yes | yes | numerous | no | - | no |

4
docs/PORTABLE_SERVICES.md
View File

@ -168,8 +168,8 @@ requirements are made for an image that can be attached/detached with
must be a raw disk image either containing only one, naked file system, or
an image with a partition table understood by the Linux kernel with only a
single partition defined, or alternatively, a GPT partition table with a set
of properly marked partitions following the [Discoverable Partitions
Specification](https://systemd.io/DISCOVERABLE_PARTITIONS).
of properly marked partitions following the
[Discoverable Partitions Specification](DISCOVERABLE_PARTITIONS.md).
3. The image must at least contain one matching unit file, with the right name
prefix and suffix (see above). The unit file is searched in the usual paths,

4
docs/RANDOM_SEEDS.md
View File

@ -387,8 +387,8 @@ This primarily leaves two kind of systems in the cold:
[systemd-boot(7)](https://www.freedesktop.org/software/systemd/man/systemd-boot.html)
for an introduction why. That said, any boot loader can re-implement the
logic described above, and can pass a random seed that systemd as PID 1
will then upload into the kernel's entropy pool. For details see the [Boot
Loader Interface](https://systemd.io/BOOT_LOADER_INTERFACE) documentation.
will then upload into the kernel's entropy pool. For details see the
[Boot Loader Interface](BOOT_LOADER_INTERFACE.md) documentation.
11. *Why not pass the boot loader random seed via kernel command line instead
of as EFI variable?*

10
docs/RESOLVED-VPNS.md
View File

@ -112,7 +112,7 @@ and another one with `~corp.company.example` — both suffixes match a lookup fo
`foo.corp.company.example`, but the latter interface wins, since the match is
for four labels, while the other is for zero labels.
# Putting it Together
## Putting it Together
Let's discuss how the three DNS routing concepts above are best used for a
reasonably complex scenario consisting of:
@ -159,7 +159,7 @@ else. If `privacy0` is then downed again, `wifi0` will get the regular DNS
traffic again, and `company0` will still get the company's internal domain and
IP subnet traffic and nothing else. Everything hence works as intended.
# How to Implement this in Your VPN Software
## How to Implement this in Your VPN Software
Most likely you want to expose a boolean in some way that declares whether a
specific VPN is of the *corporate* or the *privacy* kind:
@ -177,7 +177,7 @@ specific VPN is of the *corporate* or the *privacy* kind:
traditional, i.e. with any search domains as acquired, do not set `~.` though,
and do not disable `default-route`.)
# The APIs
## The APIs
Now we determined how we want to configure things, but how do you actually get
the configuration to `systemd-resolved.service`? There are three relevant
@ -222,7 +222,7 @@ interfaces:
propagate the `default-route` boolean, nor can be used to configure the
`~….in-addr.arpa` or `~.ip6.arpa` routing domains.
# Ordering
## Ordering
When configuring per-interface DNS configuration settings it is wise to
configure everything *before* actually upping the interface. Once the interface
@ -235,7 +235,7 @@ as the former without the latter has no effect, but the latter without the
former will result in DNS traffic possibly being generated, in a non-desirable
way given that the routing information is not set yet.
# Downgrading Search Domains to Routing Domains
## Downgrading Search Domains to Routing Domains
Many VPN implementations provide a way how VPN servers can inform VPN clients
about search domains to use. In some cases it might make sense to install those

9
docs/ROOT_STORAGE_DAEMONS.md
View File

@ -108,10 +108,9 @@ to find a different solution to your problem._
The recommended way to distinguish between run-from-initrd and run-from-rootfs
for a daemon is to check for `/etc/initrd-release` (which exists on all modern
initrd implementations, see the [initrd
Interface](https://systemd.io/INITRD_INTERFACE) for details) which when exists
results in `argv[0][0]` being set to `@`, and otherwise doesn't. Something like
this:
initrd implementations, see the [initrd Interface](INITRD_INTERFACE.md) for
details) which when exists results in `argv[0][0]` being set to `@`, and
otherwise doesn't. Something like this:
```c
#include <unistd.h>
@ -191,4 +190,4 @@ few additional notes for supporting these setups:
program consult this blog story: [Socket
Activation](http://0pointer.de/blog/projects/socket-activation.html)
* Consider having a look at the [initrd Interface of systemd](https://systemd.io/INITRD_INTERFACE).
* Consider having a look at the [initrd Interface of systemd](INITRD_INTERFACE.md).

12
docs/TRANSLATORS.md
View File

@ -32,18 +32,18 @@ $ ninja -C build/ systemd-pot
This will generate file `po/systemd.pot` in the source tree.
Then simply copy it to a new <code><i>${lang_code}</i>.po</code> file, where
<code><i>${lang_code}</i></code> is the two-letter code for a language
Then simply copy it to a new `${lang_code}.po` file, where
`${lang_code}` is the two-letter code for a language
(possibly followed by a two-letter uppercase country code), according to the
ISO 639 standard.
In short:
<pre>
$ cp po/systemd.pot po/<i>${lang_code}</i>.po
</pre>
```
$ cp po/systemd.pot po/${lang_code}.po
```
Then edit the new <code>po/<i>${lang_code}</i>.po</code> file (for example,
Then edit the new `po/${lang_code}.po` file (for example,
using the `poedit` GUI editor.)
## Updating an Existing Translation

11
docs/USERDB_AND_DESKTOPS.md
View File

@ -21,10 +21,10 @@ are recommended. A few areas where that applies are discussed below.
Before reading on, please read up on the basic concepts, specifically:
* [Home Directories](https://systemd.io/HOME_DIRECTORY)
* [JSON User Records](https://systemd.io/USER_RECORD)
* [JSON Group Records](https://systemd.io/GROUP_RECORD)
* [User/Group Record Lookup API via Varlink](https://systemd.io/USER_GROUP_API)
* [Home Directories](HOME_DIRECTORY.md)
* [JSON User Records](USER_RECORD.md)
* [JSON Group Records](GROUP_RECORD.md)
* [User/Group Record Lookup API via Varlink](USER_GROUP_API.md)
## Support for Suspending Home Directory Access during System Suspend
@ -147,8 +147,7 @@ solution only.
In case you wonder, there's no automatic mechanism for converting existing
users registered in `/etc/passwd` or LDAP to users managed by
`systemd-homed`. There's documentation for doing this manually though, see
[Converting Existing Users to systemd-homed managed
Users](https://systemd.io/CONVERTING_TO_HOMED).
[Converting Existing Users to systemd-homed managed Users](CONVERTING_TO_HOMED.md).
## Future Additions

5
docs/USER_GROUP_API.md
View File

@ -7,9 +7,8 @@ SPDX-License-Identifier: LGPL-2.1-or-later
# User/Group Record Lookup API via Varlink
JSON User/Group Records (as described in the [JSON User
Records](https://systemd.io/USER_RECORD) and [JSON Group
Records](https://systemd.io/GROUP_RECORD) documents) that are defined on the
JSON User/Group Records (as described in the [JSON User Records](USER_RECORD.md)
and [JSON Group Records](GROUP_RECORD.md) documents) that are defined on the
local system may be queried with a [Varlink](https://varlink.org/) API. This
API takes both the role of what
[`getpwnam(3)`](http://man7.org/linux/man-pages/man3/getpwnam.3.html) and

15
docs/USER_RECORD.md
View File

@ -14,8 +14,8 @@ pairs, encoded as JSON. Specifically:
1. [`systemd-homed.service`](https://www.freedesktop.org/software/systemd/man/systemd-homed.service.html)
manages `human` user home directories and embeds these JSON records
directly in the home directory images (see [Home
Directories](https://systemd.io/HOME_DIRECTORY) for details).
directly in the home directory images
(see [Home Directories](HOME_DIRECTORY.md) for details).
2. [`pam_systemd`](https://www.freedesktop.org/software/systemd/man/pam_systemd.html)
processes these JSON records for users that log in, and applies various
@ -71,14 +71,13 @@ the following extensions are envisioned:
4. Default parameters for backup applications and similar
Similar to JSON User Records there are also [JSON Group
Records](https://systemd.io/GROUP_RECORD) that encapsulate UNIX groups.
Similar to JSON User Records there are also
[JSON Group Records](GROUP_RECORD.md) that encapsulate UNIX groups.
JSON User Records may be transferred or written to disk in various protocols
and formats. To inquire about such records defined on the local system use the
[User/Group Lookup API via
Varlink](https://systemd.io/USER_GROUP_API). User/group records may also be
dropped in number of drop-in directories as files. See
[User/Group Lookup API via Varlink](USER_GROUP_API.md). User/group records may
also be dropped in number of drop-in directories as files. See
[`nss-systemd(8)`](https://www.freedesktop.org/software/systemd/man/nss-systemd.html)
for details.
@ -215,7 +214,7 @@ object. The following fields are currently defined:
UNIX user name. This field is the only mandatory field, all others are
optional. Corresponds with the `pw_name` field of of `struct passwd` and the
`sp_namp` field of `struct spwd` (i.e. the shadow user record stored in
`/etc/shadow`). See [User/Group Name Syntax](https://systemd.io/USER_NAMES) for
`/etc/shadow`). See [User/Group Name Syntax](USER_NAMES.md) for
the (relaxed) rules the various systemd components enforce on user/group names.
`realm` → The "realm" a user is defined in. This concept allows distinguishing

6
docs/_includes/head.html
View File

@ -4,15 +4,13 @@
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="theme-color" content="#0021D8">
<meta name="theme-color" content="#201A26">
<title>{% if page.title %}{{ page.title }}{% else %}{{ site.title }}{% endif %}</title>
<link rel="canonical" href="{{ page.url | replace:'index.html','' | prepend: site.baseurl | prepend: site.url }}">
<link rel="alternate" type="application/rss+xml" title="{{ site.title }}" href="{{ "/feed.xml" | prepend: site.baseurl | prepend: site.url }}" />
<link rel="stylesheet" href="{{ "/style.css" | prepend: site.baseurl }}">
<link rel="icon" type="image/png" href="/favicon.png" />
<link rel="icon" sizes="144x144" href="apple-touch-icon.png">
</head>

4
docs/_includes/header.html
View File

@ -5,7 +5,9 @@
<div class="wrapper">
<a class="page-logo" href="{{ site.baseurl }}/">
<img src="/assets/page-logo.svg" alt="systemd">
<svg width="202" height="26" viewBox="0 0 202 26">
<use href="/assets/systemd-logo.svg#systemd-logo"/>
</svg>
</a>
</div>

7
docs/assets/page-logo.svg
View File

@ -1,7 +0,0 @@
<svg xmlns="http://www.w3.org/2000/svg" width="202" height="26">
<!-- SPDX-License-Identifier: LGPL-2.1-or-later -->
<path overflow="visible" font-weight="400" d="M0 0v26h10v-4H4V4h6V0zm76 0v4h6v18h-6v4h10V0z" style="line-height:normal;font-variant-ligatures:normal;font-variant-position:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-alternates:normal;font-feature-settings:normal;text-indent:0;text-align:start;text-decoration-line:none;text-decoration-style:solid;text-decoration-color:#000;text-transform:none;text-orientation:mixed;white-space:normal;shape-padding:0;isolation:auto;mix-blend-mode:normal;solid-color:#000;solid-opacity:1" color="#000" font-family="sans-serif" fill="#201a26"/>
<path word-spacing="0" letter-spacing=".2" font-size="12" font-weight="700" style="line-height:1.25;-inkscape-font-specification:'Heebo Bold';text-align:start" d="M113.498 14.926q-4.5-.96-4.5-3.878 0-1.079.609-1.981.621-.902 1.781-1.441 1.16-.54 2.707-.54 1.63 0 2.848.528 1.219.516 1.875 1.453.656.926.656 2.121h-3.539q0-.762-.457-1.183-.457-.434-1.394-.434-.774 0-1.243.363-.457.364-.457.938 0 .55.516.89.527.34 1.781.575 1.5.28 2.543.738 1.043.445 1.653 1.242.62.797.62 2.027 0 1.114-.667 2.004-.657.88-1.887 1.383-1.219.504-2.836.504-1.711 0-2.965-.621-1.242-.633-1.898-1.617-.645-.985-.645-2.051h3.34q.036.914.656 1.36.621.433 1.594.433.902 0 1.383-.34.492-.351.492-.937 0-.364-.223-.61-.21-.258-.773-.48-.55-.223-1.57-.446zm19.384-7.606l-5.086 14.58q-.293.831-.726 1.523-.434.703-1.266 1.195-.832.504-2.098.504-.457 0-.75-.048-.281-.046-.785-.176v-2.672q.176.02.527.02.95 0 1.418-.293.47-.293.715-.961l.352-.926-4.43-12.738h3.797l2.262 7.687 2.285-7.687zm5.884 7.606q-4.5-.96-4.5-3.878 0-1.079.61-1.981.62-.902 1.781-1.441 1.16-.54 2.707-.54 1.629 0 2.848.528 1.218.516 1.875 1.453.656.926.656 2.121h-3.539q0-.762-.457-1.183-.457-.434-1.395-.434-.773 0-1.242.363-.457.364-.457.938 0 .55.516.89.527.34 1.781.575 1.5.28 2.543.738 1.043.445 1.652 1.242.621.797.621 2.027 0 1.114-.668 2.004-.656.88-1.886 1.383-1.219.504-2.836.504-1.711 0-2.965-.621-1.242-.633-1.899-1.617-.644-.985-.644-2.051h3.34q.036.914.656 1.36.621.433 1.594.433.902 0 1.383-.34.492-.351.492-.937 0-.364-.223-.61-.21-.258-.773-.48-.551-.223-1.57-.446zm13.983 2.403q.574 0 .984-.082v2.66q-.914.328-2.086.328-3.727 0-3.727-3.797V9.899h-1.793V7.321h1.793v-3.14h3.54v3.14h2.132v2.578h-2.133v6.129q0 .75.293 1.031.293.27.997.27zm14.228-2.519h-8.016q.2 1.183.985 1.886.785.691 2.015.691.914 0 1.688-.34.785-.351 1.336-1.042l1.699 1.957q-.668.96-1.957 1.617-1.278.656-3 .656-1.946 0-3.387-.82-1.43-.82-2.203-2.227-.762-1.406-.762-3.105v-.446q0-1.898.715-3.386.715-1.489 2.063-2.32 1.347-.844 3.187-.844 1.793 0 3.059.761 1.265.762 1.922 2.168.656 1.395.656 3.293zm-3.469-2.65q-.024-1.03-.574-1.628-.54-.598-1.617-.598-1.008 0-1.582.668-.563.668-.739 1.84h4.512zm19.923-5.073q1.934 0 2.989 1.148 1.054 1.148 1.054 3.727v8.039h-3.539V11.95q0-.797-.21-1.23-.212-.446-.61-.61-.387-.164-.984-.164-.715 0-1.219.352-.504.34-.797.972.02.082.02.27V20h-3.54v-8.015q0-.797-.21-1.242-.211-.445-.61-.621-.386-.176-.996-.176-.68 0-1.183.304-.492.293-.797.844V20h-3.539V7.32h3.316l.118 1.419q.633-.797 1.547-1.22.926-.433 2.086-.433 1.172 0 2.016.48.855.47 1.312 1.442.633-.926 1.582-1.418.961-.504 2.203-.504zM201.398 2v18h-3.187l-.176-1.359q-1.243 1.594-3.212 1.594-1.535 0-2.66-.82-1.113-.832-1.699-2.285-.574-1.454-.574-3.317v-.246q0-1.934.574-3.398.586-1.465 1.7-2.274 1.124-.808 2.683-.808 1.805 0 3.012 1.37V2.001zm-5.672 15.376q1.488 0 2.133-1.266v-4.898q-.61-1.266-2.11-1.266-1.207 0-1.77.984-.55.985-.55 2.637v.246q0 1.629.54 2.602.55.96 1.757.96z" font-family="Heebo" fill="#201a26"/>
<path d="M45 13L63 3v20z" fill="#30d475"/>
<circle cx="30.001" cy="13.001" r="9" fill="#30d475"/>
</svg>
Side by Side

Before

Width:  |  Height:  |  Size: 3.7 KiB

7
docs/assets/systemd-logo.svg Normal file
View File

@ -0,0 +1,7 @@
<svg xmlns="http://www.w3.org/2000/svg" width="202" height="26" viewBox="0 0 202 26" id="systemd-logo">
<!-- SPDX-License-Identifier: LGPL-2.1-or-later -->
<path d="M0 0v26h10v-4H4V4h6V0zm76 0v4h6v18h-6v4h10V0z" fill="currentColor"/>
<path d="M113.498 14.926q-4.5-.96-4.5-3.878 0-1.079.609-1.981.621-.902 1.781-1.441 1.16-.54 2.707-.54 1.63 0 2.848.528 1.219.516 1.875 1.453.656.926.656 2.121h-3.539q0-.762-.457-1.183-.457-.434-1.394-.434-.774 0-1.243.363-.457.364-.457.938 0 .55.516.89.527.34 1.781.575 1.5.28 2.543.738 1.043.445 1.653 1.242.62.797.62 2.027 0 1.114-.667 2.004-.657.88-1.887 1.383-1.219.504-2.836.504-1.711 0-2.965-.621-1.242-.633-1.898-1.617-.645-.985-.645-2.051h3.34q.036.914.656 1.36.621.433 1.594.433.902 0 1.383-.34.492-.351.492-.937 0-.364-.223-.61-.21-.258-.773-.48-.55-.223-1.57-.446zm19.384-7.606l-5.086 14.58q-.293.831-.726 1.523-.434.703-1.266 1.195-.832.504-2.098.504-.457 0-.75-.048-.281-.046-.785-.176v-2.672q.176.02.527.02.95 0 1.418-.293.47-.293.715-.961l.352-.926-4.43-12.738h3.797l2.262 7.687 2.285-7.687zm5.884 7.606q-4.5-.96-4.5-3.878 0-1.079.61-1.981.62-.902 1.781-1.441 1.16-.54 2.707-.54 1.629 0 2.848.528 1.218.516 1.875 1.453.656.926.656 2.121h-3.539q0-.762-.457-1.183-.457-.434-1.395-.434-.773 0-1.242.363-.457.364-.457.938 0 .55.516.89.527.34 1.781.575 1.5.28 2.543.738 1.043.445 1.652 1.242.621.797.621 2.027 0 1.114-.668 2.004-.656.88-1.886 1.383-1.219.504-2.836.504-1.711 0-2.965-.621-1.242-.633-1.899-1.617-.644-.985-.644-2.051h3.34q.036.914.656 1.36.621.433 1.594.433.902 0 1.383-.34.492-.351.492-.937 0-.364-.223-.61-.21-.258-.773-.48-.551-.223-1.57-.446zm13.983 2.403q.574 0 .984-.082v2.66q-.914.328-2.086.328-3.727 0-3.727-3.797V9.899h-1.793V7.321h1.793v-3.14h3.54v3.14h2.132v2.578h-2.133v6.129q0 .75.293 1.031.293.27.997.27zm14.228-2.519h-8.016q.2 1.183.985 1.886.785.691 2.015.691.914 0 1.688-.34.785-.351 1.336-1.042l1.699 1.957q-.668.96-1.957 1.617-1.278.656-3 .656-1.946 0-3.387-.82-1.43-.82-2.203-2.227-.762-1.406-.762-3.105v-.446q0-1.898.715-3.386.715-1.489 2.063-2.32 1.347-.844 3.187-.844 1.793 0 3.059.761 1.265.762 1.922 2.168.656 1.395.656 3.293zm-3.469-2.65q-.024-1.03-.574-1.628-.54-.598-1.617-.598-1.008 0-1.582.668-.563.668-.739 1.84h4.512zm19.923-5.073q1.934 0 2.989 1.148 1.054 1.148 1.054 3.727v8.039h-3.539V11.95q0-.797-.21-1.23-.212-.446-.61-.61-.387-.164-.984-.164-.715 0-1.219.352-.504.34-.797.972.02.082.02.27V20h-3.54v-8.015q0-.797-.21-1.242-.211-.445-.61-.621-.386-.176-.996-.176-.68 0-1.183.304-.492.293-.797.844V20h-3.539V7.32h3.316l.118 1.419q.633-.797 1.547-1.22.926-.433 2.086-.433 1.172 0 2.016.48.855.47 1.312 1.442.633-.926 1.582-1.418.961-.504 2.203-.504zM201.398 2v18h-3.187l-.176-1.359q-1.243 1.594-3.212 1.594-1.535 0-2.66-.82-1.113-.832-1.699-2.285-.574-1.454-.574-3.317v-.246q0-1.934.574-3.398.586-1.465 1.7-2.274 1.124-.808 2.683-.808 1.805 0 3.012 1.37V2.001zm-5.672 15.376q1.488 0 2.133-1.266v-4.898q-.61-1.266-2.11-1.266-1.207 0-1.77.984-.55.985-.55 2.637v.246q0 1.629.54 2.602.55.96 1.757.96z" fill="currentColor"/>
<path d="M45 13L63 3v20z" fill="#30d475"/>
<circle cx="30" cy="13" r="9" fill="#30d475"/>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 3.1 KiB

84
docs/index.md
View File

@ -3,9 +3,11 @@ layout: default
SPDX-License-Identifier: LGPL-2.1-or-later
---
# System and Service Manager
systemd is a suite of basic building blocks for a Linux system. It provides a system and service manager that runs as PID 1 and starts the rest of the system.
systemd provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. systemd supports SysV and LSB init scripts and works as a replacement for sysvinit.
systemd provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. systemd supports SysV and LSB init scripts and works as a replacement for sysvinit.
Other parts include a logging daemon, utilities to control basic system configuration like the hostname, date, locale, maintain a list of logged-in users and running containers and virtual machines, system accounts, runtime directories and settings, and daemons to manage simple network configuration, network time synchronization, log forwarding, and name resolution.
@ -31,63 +33,63 @@ Other parts include a logging daemon, utilities to control basic system configur
---
<pre style="color:white; background-color:black; font-size:smaller; padding:6pt 8pt">
Welcome to <span style="color:blue">Fedora 20 (Heisenbug)</span>!
<pre class="intro-code-block">
Welcome to <span class="color-blue">Fedora 20 (Heisenbug)</span>!
[ <span style="color:green">OK</span> ] Reached target Remote File Systems.
[ <span style="color:green">OK</span> ] Listening on Delayed Shutdown Socket.
[ <span style="color:green">OK</span> ] Listening on /dev/initctl Compatibility Named Pipe.
[ <span style="color:green">OK</span> ] Reached target Paths.
[ <span style="color:green">OK</span> ] Reached target Encrypted Volumes.
[ <span style="color:green">OK</span> ] Listening on Journal Socket.
[ <span class="color-green">OK</span> ] Reached target Remote File Systems.
[ <span class="color-green">OK</span> ] Listening on Delayed Shutdown Socket.
[ <span class="color-green">OK</span> ] Listening on /dev/initctl Compatibility Named Pipe.
[ <span class="color-green">OK</span> ] Reached target Paths.
[ <span class="color-green">OK</span> ] Reached target Encrypted Volumes.
[ <span class="color-green">OK</span> ] Listening on Journal Socket.
Mounting Huge Pages File System...
Mounting POSIX Message Queue File System...
Mounting Debug File System...
Starting Journal Service...
[ <span style="color:green">OK</span> ] Started Journal Service.
[ <span class="color-green">OK</span> ] Started Journal Service.
Mounting Configuration File System...
Mounting FUSE Control File System...
[ <span style="color:green">OK</span> ] Created slice Root Slice.
[ <span style="color:green">OK</span> ] Created slice User and Session Slice.
[ <span style="color:green">OK</span> ] Created slice System Slice.
[ <span style="color:green">OK</span> ] Reached target Slices.
[ <span style="color:green">OK</span> ] Reached target Swap.
[ <span class="color-green">OK</span> ] Created slice Root Slice.
[ <span class="color-green">OK</span> ] Created slice User and Session Slice.
[ <span class="color-green">OK</span> ] Created slice System Slice.
[ <span class="color-green">OK</span> ] Reached target Slices.
[ <span class="color-green">OK</span> ] Reached target Swap.
Mounting Temporary Directory...
[ <span style="color:green">OK</span> ] Reached target Local File Systems (Pre).
[ <span class="color-green">OK</span> ] Reached target Local File Systems (Pre).
Starting Load Random Seed...
Starting Load/Save Random Seed...
[ <span style="color:green">OK</span> ] Mounted Huge Pages File System.
[ <span style="color:green">OK</span> ] Mounted POSIX Message Queue File System.
[ <span style="color:green">OK</span> ] Mounted Debug File System.
[ <span style="color:green">OK</span> ] Mounted Configuration File System.
[ <span style="color:green">OK</span> ] Mounted FUSE Control File System.
[ <span style="color:green">OK</span> ] Mounted Temporary Directory.
[ <span style="color:green">OK</span> ] Started Load Random Seed.
[ <span style="color:green">OK</span> ] Started Load/Save Random Seed.
[ <span style="color:green">OK</span> ] Reached target Local File Systems.
[ <span class="color-green">OK</span> ] Mounted Huge Pages File System.
[ <span class="color-green">OK</span> ] Mounted POSIX Message Queue File System.
[ <span class="color-green">OK</span> ] Mounted Debug File System.
[ <span class="color-green">OK</span> ] Mounted Configuration File System.
[ <span class="color-green">OK</span> ] Mounted FUSE Control File System.
[ <span class="color-green">OK</span> ] Mounted Temporary Directory.
[ <span class="color-green">OK</span> ] Started Load Random Seed.
[ <span class="color-green">OK</span> ] Started Load/Save Random Seed.
[ <span class="color-green">OK</span> ] Reached target Local File Systems.
Starting Recreate Volatile Files and Directories...
Starting Trigger Flushing of Journal to Persistent Storage...
[ <span style="color:green">OK</span> ] Started Recreate Volatile Files and Directories.
[ <span class="color-green">OK</span> ] Started Recreate Volatile Files and Directories.
Starting Record System Reboot/Shutdown in UTMP...
[ <span style="color:green">OK</span> ] Started Trigger Flushing of Journal to Persistent Storage.
[ <span style="color:green">OK</span> ] Started Record System Reboot/Shutdown in UTMP.
[ <span style="color:green">OK</span> ] Reached target System Initialization.
[ <span style="color:green">OK</span> ] Reached target Timers.
[ <span style="color:green">OK</span> ] Listening on D-Bus System Message Bus Socket.
[ <span style="color:green">OK</span> ] Reached target Sockets.
[ <span style="color:green">OK</span> ] Reached target Basic System.
[ <span class="color-green">OK</span> ] Started Trigger Flushing of Journal to Persistent Storage.
[ <span class="color-green">OK</span> ] Started Record System Reboot/Shutdown in UTMP.
[ <span class="color-green">OK</span> ] Reached target System Initialization.
[ <span class="color-green">OK</span> ] Reached target Timers.
[ <span class="color-green">OK</span> ] Listening on D-Bus System Message Bus Socket.
[ <span class="color-green">OK</span> ] Reached target Sockets.
[ <span class="color-green">OK</span> ] Reached target Basic System.
Starting Permit User Sessions...
Starting D-Bus System Message Bus...
[ <span style="color:green">OK</span> ] Started D-Bus System Message Bus.
[ <span class="color-green">OK</span> ] Started D-Bus System Message Bus.
Starting Login Service...
Starting Cleanup of Temporary Directories...
[ <span style="color:green">OK</span> ] Started Permit User Sessions.
[ <span style="color:green">OK</span> ] Started Cleanup of Temporary Directories.
[ <span class="color-green">OK</span> ] Started Permit User Sessions.
[ <span class="color-green">OK</span> ] Started Cleanup of Temporary Directories.
Starting Console Getty...
[ <span style="color:green">OK</span> ] Started Console Getty.
[ <span style="color:green">OK</span> ] Reached target Login Prompts.
[ <span style="color:green">OK</span> ] Started Login Service.
[ <span style="color:green">OK</span> ] Reached target Multi-User System.
[ <span class="color-green">OK</span> ] Started Console Getty.
[ <span class="color-green">OK</span> ] Reached target Login Prompts.
[ <span class="color-green">OK</span> ] Started Login Service.
[ <span class="color-green">OK</span> ] Reached target Multi-User System.
Fedora release 20 (Heisenbug)
Kernel 3.9.2-200.fc18.x86_64 on an x86_64 (console)

623
docs/style.css
View File

@ -12,6 +12,53 @@
font-weight: 600;
}
/* Variables */
:root {
--sd-brand-black: hsl(270, 19%, 13%); /* #201A26; */
--sd-brand-green: hsl(145, 66%, 51%); /* #30D475; */
--sd-brand-white: #fff;
--sd-green: hsl(145, 66%, 43%); /* #26b763 */
--sd-gray-extralight: hsl(30, 10%, 96%); /* #f6f5f4 */
--sd-gray-light: hsl(30, 10%, 92%);
--sd-gray: hsl(30, 10%, 85%);
--sd-gray-dark: hsl(257, 23%, 20%);
--sd-gray-extradark: hsl(257, 23%, 16%); /* #241f31 */
--sd-blue: hsl(200, 66%, 55%);
--sd-highlight-bg-light: rgba(255, 255, 255, 1);
--sd-highlight-bg-dark: rgba(0, 0, 0, .6);
--sd-highlight-inline-bg-light: rgba(0, 0, 0, 0.07);
--sd-highlight-inline-bg-dark: rgba(255, 255, 255, 0.1);
--sd-font-weight-normal: 400;
--sd-font-weight-bold: 600;
/* Light mode variables */
--sd-foreground-color: var(--sd-gray-extradark);
--sd-background-color: var(--sd-gray-extralight);
--sd-logo-color: var(--sd-brand-black);
--sd-link-color: var(--sd-green);
--sd-small-color: var(--sd-gray-dark);
--sd-highlight-bg: var(--sd-highlight-bg-light);
--sd-highlight-inline-bg: var(--sd-highlight-inline-bg-light);
--sd-link-font-weight: var(--sd-font-weight-bold);
}
@media (prefers-color-scheme: dark) {
:root {
color-scheme: dark;
--sd-foreground-color: var(--sd-gray);
--sd-background-color: var(--sd-brand-black);
--sd-logo-color: var(--sd-brand-white);
--sd-link-color: var(--sd-brand-green);
--sd-small-color: var(--sd-gray);
--sd-highlight-bg: var(--sd-highlight-bg-dark);
--sd-highlight-inline-bg: var(--sd-highlight-inline-bg-dark);
--sd-link-font-weight: var(--sd-font-weight-normal);
}
}
/* Typography */
* {
-moz-box-sizing: border-box;
@ -21,24 +68,24 @@
html, body {
margin: 0;
padding: 0;
font-size: 16px;
font-size: 1rem;
font-family: "Heebo", sans-serif;
font-weight: 400;
line-height: 1.6;
}
body {
color: #241f31;
background-color: #f6f5f4;
color: var(--sd-foreground-color);
background-color: var(--sd-background-color);
}
h1, h2, h3, h4, h5, h6 {
margin: 1rem 0 10px;
margin: 1rem 0 0.625rem;
font-weight: 600;
line-height: 1.25;
}
h1 {
text-align: center;
font-size: 30px;
font-weight: 100;
font-size: 1.87rem;
font-weight: 400;
font-style: normal;
margin-bottom: 2rem;
}
@ -46,17 +93,20 @@ h1 {
h1 {
margin-left: 10%;
margin-right: 10%;
font-size: 38px;
font-size: 2.375em;
}
}
h2 {
margin-top: 3rem;
font-size: 1.2rem;
font-size: 1.25rem;
margin-top: 2.5em;
}
h3 {
font-size: 1.15rem;
}
a {
font-weight: 600;
font-weight: var(--sd-link-font-weight);
text-decoration: none;
color: #26b763;
color: var(--sd-link-color);
cursor: pointer;
}
a:hover {
@ -66,7 +116,7 @@ b {
font-weight: 600;
}
small {
color: #777;
color: var(--sd-small-color);
}
hr {
margin: 3rem auto 4rem;
@ -82,27 +132,52 @@ hr {
max-width: 720px;
}
/* Custom content */
.intro-code-block {
background-color: var(--sd-brand-black);
color: var(--sd-brand-white);
font-size: 0.875rem;
padding: 1em;
overflow-x: auto;
}
@media (prefers-color-scheme: dark) {
.intro-code-block {
background-color: var(--sd-highlight-bg);
}
}
/* Singletons */
.page-logo {
display: block;
padding: 5rem 0 3rem;
color: var(--sd-logo-color);
}
.page-logo > img {
.page-logo > svg {
display: block;
width: 12.625em;
height: auto;
margin: 0 auto;
}
.brand-white {
background-color: #fff;
background-color: var(--sd-brand-white);
}
.brand-green {
background-color: #30D475;
background-color: var(--sd-brand-green);
}
.brand-black {
background-color: #201A26;
color: white;
background-color: var(--sd-brand-black);
color: var(--sd-brand-white);
}
.color-green {
color: var(--sd-brand-green);
}
.color-blue {
color: var(--sd-blue);
}
.page-link::after {
@ -123,232 +198,324 @@ tbody td {
vertical-align: top;
}
/* Github Code Highlighting */
/* Rouge Code Highlight, github style */
/* Generated with: rougify style github | sed '/background-color: #f8f8f8/d' */
.highlight table td { padding: 5px; }
.highlight table pre { margin: 0; }
.highlight .cm {
color: #999988;
font-style: italic;
}
.highlight .cp {
color: #999999;
font-weight: bold;
}
.highlight .c1 {
color: #999988;
font-style: italic;
}
.highlight .cs {
color: #999999;
font-weight: bold;
font-style: italic;
}
.highlight .c, .highlight .ch, .highlight .cd, .highlight .cpf {
color: #999988;
font-style: italic;
}
.highlight .err {
color: #a61717;
background-color: #e3d2d2;
}
.highlight .gd {
color: #000000;
background-color: #ffdddd;
}
.highlight .ge {
color: #000000;
font-style: italic;
}
.highlight .gr {
color: #aa0000;
}
.highlight .gh {
color: #999999;
}
.highlight .gi {
color: #000000;
background-color: #ddffdd;
}
.highlight .go {
color: #888888;
}
.highlight .gp {
color: #555555;
}
.highlight .gs {
font-weight: bold;
}
.highlight .gu {
color: #aaaaaa;
}
.highlight .gt {
color: #aa0000;
}
.highlight .kc {
color: #000000;
font-weight: bold;
}
.highlight .kd {
color: #000000;
font-weight: bold;
}
.highlight .kn {
color: #000000;
font-weight: bold;
}
.highlight .kp {
color: #000000;
font-weight: bold;
}
.highlight .kr {
color: #000000;
font-weight: bold;
}
.highlight .kt {
color: #445588;
font-weight: bold;
}
.highlight .k, .highlight .kv {
color: #000000;
font-weight: bold;
}
.highlight .mf {
color: #009999;
}
.highlight .mh {
color: #009999;
}
.highlight .il {
color: #009999;
}
.highlight .mi {
color: #009999;
}
.highlight .mo {
color: #009999;
}
.highlight .m, .highlight .mb, .highlight .mx {
color: #009999;
}
.highlight .sb {
color: #d14;
}
.highlight .sc {
color: #d14;
}
.highlight .sd {
color: #d14;
}
.highlight .s2 {
color: #d14;
}
.highlight .se {
color: #d14;
}
.highlight .sh {
color: #d14;
}
.highlight .si {
color: #d14;
}
.highlight .sx {
color: #d14;
}
.highlight .sr {
color: #009926;
}
.highlight .s1 {
color: #d14;
}
.highlight .ss {
color: #990073;
}
.highlight .s, .highlight .sa, .highlight .dl {
color: #d14;
}
.highlight .na {
color: #008080;
}
.highlight .bp {
color: #999999;
}
.highlight .nb {
color: #0086B3;
}
.highlight .nc {
color: #445588;
font-weight: bold;
}
.highlight .no {
color: #008080;
}
.highlight .nd {
color: #3c5d5d;
font-weight: bold;
}
.highlight .ni {
color: #800080;
}
.highlight .ne {
color: #990000;
font-weight: bold;
}
.highlight .nf, .highlight .fm {
color: #990000;
font-weight: bold;
}
.highlight .nl {
color: #990000;
font-weight: bold;
}
.highlight .nn {
color: #555555;
}
.highlight .nt {
color: #000080;
}
.highlight .vc {
color: #008080;
}
.highlight .vg {
color: #008080;
}
.highlight .vi {
color: #008080;
}
.highlight .nv, .highlight .vm {
color: #008080;
}
.highlight .ow {
color: #000000;
font-weight: bold;
}
.highlight .o {
color: #000000;
font-weight: bold;
}
.highlight .w {
color: #bbbbbb;
}
.highlight {
background-color: #f8f8f8;
@media (prefers-color-scheme: light) {
.highlight .cm {
color: #999988;
font-style: italic;
}
.highlight .cp {
color: #999999;
font-weight: bold;
}
.highlight .c1 {
color: #999988;
font-style: italic;
}
.highlight .cs {
color: #999999;
font-weight: bold;
font-style: italic;
}
.highlight .c, .highlight .ch, .highlight .cd, .highlight .cpf {
color: #999988;
font-style: italic;
}
.highlight .err {
color: #a61717;
background-color: #e3d2d2;
}
.highlight .gd {
color: #000000;
background-color: #ffdddd;
}
.highlight .ge {
color: #000000;
font-style: italic;
}
.highlight .gr {
color: #aa0000;
}
.highlight .gh {
color: #999999;
}
.highlight .gi {
color: #000000;
background-color: #ddffdd;
}
.highlight .go {
color: #888888;
}
.highlight .gp {
color: #555555;
}
.highlight .gs {
font-weight: bold;
}
.highlight .gu {
color: #aaaaaa;
}
.highlight .gt {
color: #aa0000;
}
.highlight .kc {
color: #000000;
font-weight: bold;
}
.highlight .kd {
color: #000000;
font-weight: bold;
}
.highlight .kn {
color: #000000;
font-weight: bold;
}
.highlight .kp {
color: #000000;
font-weight: bold;
}
.highlight .kr {
color: #000000;
font-weight: bold;
}
.highlight .kt {
color: #445588;
font-weight: bold;
}
.highlight .k, .highlight .kv {
color: #000000;
font-weight: bold;
}
.highlight .mf {
color: #009999;
}
.highlight .mh {
color: #009999;
}
.highlight .il {
color: #009999;
}
.highlight .mi {
color: #009999;
}
.highlight .mo {
color: #009999;
}
.highlight .m, .highlight .mb, .highlight .mx {
color: #009999;
}
.highlight .sa {
color: #000000;
font-weight: bold;
}
.highlight .sb {
color: #d14;
}
.highlight .sc {
color: #d14;
}
.highlight .sd {
color: #d14;
}
.highlight .s2 {
color: #d14;
}
.highlight .se {
color: #d14;
}
.highlight .sh {
color: #d14;
}
.highlight .si {
color: #d14;
}
.highlight .sx {
color: #d14;
}
.highlight .sr {
color: #009926;
}
.highlight .s1 {
color: #d14;
}
.highlight .ss {
color: #990073;
}
.highlight .s, .highlight .dl {
color: #d14;
}
.highlight .na {
color: #008080;
}
.highlight .bp {
color: #999999;
}
.highlight .nb {
color: #0086B3;
}
.highlight .nc {
color: #445588;
font-weight: bold;
}
.highlight .no {
color: #008080;
}
.highlight .nd {
color: #3c5d5d;
font-weight: bold;
}
.highlight .ni {
color: #800080;
}
.highlight .ne {
color: #990000;
font-weight: bold;
}
.highlight .nf, .highlight .fm {
color: #990000;
font-weight: bold;
}
.highlight .nl {
color: #990000;
font-weight: bold;
}
.highlight .nn {
color: #555555;
}
.highlight .nt {
color: #000080;
}
.highlight .vc {
color: #008080;
}
.highlight .vg {
color: #008080;
}
.highlight .vi {
color: #008080;
}
.highlight .nv, .highlight .vm {
color: #008080;
}
.highlight .ow {
color: #000000;
font-weight: bold;
}
.highlight .o {
color: #000000;
font-weight: bold;
}
.highlight .w {
color: #bbbbbb;
}
}
@media (prefers-color-scheme: dark) {
/* rouge "base16.dark" code highlight */
/* generated with: rougify style base16.dark | sed '/background-color: #151515/d' */
.highlight, .highlight .w {
color: #d0d0d0;
}
.highlight .err {
color: #151515;
background-color: #ac4142;
}
.highlight .c, .highlight .ch, .highlight .cd, .highlight .cm, .highlight .cpf, .highlight .c1, .highlight .cs {
color: #505050;
}
.highlight .cp {
color: #f4bf75;
}
.highlight .nt {
color: #f4bf75;
}
.highlight .o, .highlight .ow {
color: #d0d0d0;
}
.highlight .p, .highlight .pi {
color: #d0d0d0;
}
.highlight .gi {
color: #90a959;
}
.highlight .gd {
color: #ac4142;
}
.highlight .gh {
color: #6a9fb5;
font-weight: bold;
}
.highlight .k, .highlight .kn, .highlight .kp, .highlight .kr, .highlight .kv {
color: #aa759f;
}
.highlight .kc {
color: #d28445;
}
.highlight .kt {
color: #d28445;
}
.highlight .kd {
color: #d28445;
}
.highlight .s, .highlight .sb, .highlight .sc, .highlight .dl, .highlight .sd, .highlight .s2, .highlight .sh, .highlight .sx, .highlight .s1 {
color: #90a959;
}
.highlight .sa {
color: #aa759f;
}
.highlight .sr {
color: #75b5aa;
}
.highlight .si {
color: #8f5536;
}
.highlight .se {
color: #8f5536;
}
.highlight .nn {
color: #f4bf75;
}
.highlight .nc {
color: #f4bf75;
}
.highlight .no {
color: #f4bf75;
}
.highlight .na {
color: #6a9fb5;
}
.highlight .m, .highlight .mb, .highlight .mf, .highlight .mh, .highlight .mi, .highlight .il, .highlight .mo, .highlight .mx {
color: #90a959;
}
.highlight .ss {
color: #90a959;
}
}
/* Code Blocks */
.highlighter-rouge {
padding: 2px 1rem;
border-radius: 5px;
background-color: white;
color: var(--sd-foreground-color);
background-color: var(--sd-highlight-bg);
overflow: auto;
}
.highlighter-rouge * {
background-color: white;
.highlighter-rouge .highlight .err {
background: transparent !important;
color: inherit !important;
}
/* Inline Code */
code.highlighter-rouge {
padding: 2px 6px;
background-color: rgba(0,0,0, 0.07);
background-color: var(--sd-highlight-inline-bg);
}
a code.highlighter-rouge {
color: inherit;
}

199
hwdb.d/20-OUI.hwdb
View File

@ -29592,7 +29592,7 @@ OUI:0025DE*
ID_OUI_FROM_DATABASE=Probits Co., LTD.
OUI:0025DF*
ID_OUI_FROM_DATABASE=Private
ID_OUI_FROM_DATABASE=Taser International Inc.
OUI:0025E0*
ID_OUI_FROM_DATABASE=CeedTec Sdn Bhd
@ -34914,7 +34914,7 @@ OUI:0081F9*
ID_OUI_FROM_DATABASE=Texas Instruments
OUI:0084ED*
ID_OUI_FROM_DATABASE=Private
ID_OUI_FROM_DATABASE=LEXMARK INTERNATIONAL, INC.
OUI:00869C*
ID_OUI_FROM_DATABASE=Palo Alto Networks
@ -41750,6 +41750,9 @@ OUI:088F2C*
OUI:0890BA*
ID_OUI_FROM_DATABASE=Danlaw Inc
OUI:089115*
ID_OUI_FROM_DATABASE=Amazon Technologies Inc.
OUI:089204*
ID_OUI_FROM_DATABASE=Dell Inc.
@ -41940,7 +41943,7 @@ OUI:08CA45*
ID_OUI_FROM_DATABASE=Toyou Feiji Electronics Co., Ltd.
OUI:08CBE5*
ID_OUI_FROM_DATABASE=R3 - Reliable Realtime Radio Communications GmbH
ID_OUI_FROM_DATABASE=R3 Solutions GmbH
OUI:08CC27*
ID_OUI_FROM_DATABASE=Motorola Mobility LLC, a Lenovo Company
@ -44568,7 +44571,7 @@ OUI:141FBAE*
ID_OUI_FROM_DATABASE=POS Systema LLC
OUI:141FBAF*
ID_OUI_FROM_DATABASE=Private
ID_OUI_FROM_DATABASE=IEEE Registration Authority
OUI:14205E*
ID_OUI_FROM_DATABASE=Apple, Inc.
@ -44615,6 +44618,9 @@ OUI:142D27*
OUI:142D4D*
ID_OUI_FROM_DATABASE=Apple, Inc.
OUI:142D79*
ID_OUI_FROM_DATABASE=Fiberhome Telecommunication Technologies Co.,LTD
OUI:142D8B*
ID_OUI_FROM_DATABASE=Incipio Technologies, Inc
@ -51833,6 +51839,48 @@ OUI:2C6798*
OUI:2C67FB*
ID_OUI_FROM_DATABASE=ShenZhen Zhengjili Electronics Co., LTD
OUI:2C691D0*
ID_OUI_FROM_DATABASE=Hunan Xiangjiang Kunpeng Information Technology Co., Ltd.
OUI:2C691D1*
ID_OUI_FROM_DATABASE=KATEK SE
OUI:2C691D2*
ID_OUI_FROM_DATABASE=Abode Systems Inc
OUI:2C691D3*
ID_OUI_FROM_DATABASE=Sunsa, Inc
OUI:2C691D4*
ID_OUI_FROM_DATABASE=SPEEDTECH CORP.
OUI:2C691D5*
ID_OUI_FROM_DATABASE=LG Electronics Inc.
OUI:2C691D6*
ID_OUI_FROM_DATABASE=Carnegie Robotics
OUI:2C691D7*
ID_OUI_FROM_DATABASE=Shenzhen Gigalight Technology Co., Ltd
OUI:2C691D8*
ID_OUI_FROM_DATABASE=IBM
OUI:2C691D9*
ID_OUI_FROM_DATABASE=SHENZHEN EX-LINK TECHNOLOGY CO.,LTD
OUI:2C691DA*
ID_OUI_FROM_DATABASE=Panasonic Appliances Marketing Asia Pacific (A division of Panasonic Malaysia Sdn Bhd
OUI:2C691DB*
ID_OUI_FROM_DATABASE=Shenzhen Daren HI-Tech Electronics Co., Ltd.
OUI:2C691DC*
ID_OUI_FROM_DATABASE=Aparian, Inc.
OUI:2C691DD*
ID_OUI_FROM_DATABASE=Ascentac Inc.
OUI:2C69BA*
ID_OUI_FROM_DATABASE=RF Controls, LLC
@ -52623,7 +52671,7 @@ OUI:3024A9*
ID_OUI_FROM_DATABASE=HP Inc.
OUI:3027CF*
ID_OUI_FROM_DATABASE=Private
ID_OUI_FROM_DATABASE=Canopy Growth Corp
OUI:302952*
ID_OUI_FROM_DATABASE=Hillstone Networks Inc
@ -52694,6 +52742,9 @@ OUI:303ABA*
OUI:303D08*
ID_OUI_FROM_DATABASE=GLINTT TES S.A.
OUI:303D510*
ID_OUI_FROM_DATABASE=Fink Telecom Services GmbH
OUI:303D511*
ID_OUI_FROM_DATABASE=SHENZHEN WLINK TECHNOLOGY CO., LTD.
@ -52709,6 +52760,12 @@ OUI:303D514*
OUI:303D515*
ID_OUI_FROM_DATABASE=Media Hub Digital Smart Home Pty Ltd.
OUI:303D516*
ID_OUI_FROM_DATABASE=Amber-Link Network Technology Co.,Ltd.
OUI:303D517*
ID_OUI_FROM_DATABASE=Destiny Automate Limited
OUI:303D518*
ID_OUI_FROM_DATABASE=The Heil Co dba AWTI 3rd Eye Cam
@ -52721,9 +52778,15 @@ OUI:303D51A*
OUI:303D51B*
ID_OUI_FROM_DATABASE=Labman Automation
OUI:303D51C*
ID_OUI_FROM_DATABASE=TalkGo, Inc.
OUI:303D51D*
ID_OUI_FROM_DATABASE=XOR UK Corporation Limited
OUI:303D51E*
ID_OUI_FROM_DATABASE=Percent.com
OUI:303EA7*
ID_OUI_FROM_DATABASE=Intel Corporate
@ -53796,7 +53859,7 @@ OUI:343794*
ID_OUI_FROM_DATABASE=Hamee Corp.
OUI:3438AF*
ID_OUI_FROM_DATABASE=Inlab Software GmbH
ID_OUI_FROM_DATABASE=Inlab Networks GmbH
OUI:3438B7*
ID_OUI_FROM_DATABASE=HUMAX Co., Ltd.
@ -55352,6 +55415,9 @@ OUI:38A851*
OUI:38A86B*
ID_OUI_FROM_DATABASE=Orga BV
OUI:38A89B*
ID_OUI_FROM_DATABASE=Fiberhome Telecommunication Technologies Co.,LTD
OUI:38A8CD0*
ID_OUI_FROM_DATABASE=ACiiST Smart Networks Ltd.
@ -57518,6 +57584,9 @@ OUI:407496*
OUI:4074E0*
ID_OUI_FROM_DATABASE=Intel Corporate
OUI:4075C3*
ID_OUI_FROM_DATABASE=Technicolor CH USA Inc.
OUI:4076A9*
ID_OUI_FROM_DATABASE=Huawei Device Co., Ltd.
@ -58223,6 +58292,9 @@ OUI:441102*
OUI:4411C2*
ID_OUI_FROM_DATABASE=Telegartner Karl Gartner GmbH
OUI:441244*
ID_OUI_FROM_DATABASE=Aruba, a Hewlett Packard Enterprise Company
OUI:441319*
ID_OUI_FROM_DATABASE=WKK TECHNOLOGY LTD.
@ -59642,6 +59714,9 @@ OUI:48706F*
OUI:487119*
ID_OUI_FROM_DATABASE=SGB GROUP LTD.
OUI:487310*
ID_OUI_FROM_DATABASE=Juniper Networks
OUI:487397*
ID_OUI_FROM_DATABASE=New H3C Technologies Co., Ltd
@ -66719,6 +66794,9 @@ OUI:643409*
OUI:64351C*
ID_OUI_FROM_DATABASE=e-CON SYSTEMS INDIA PVT LTD
OUI:6437A4*
ID_OUI_FROM_DATABASE=TOKYOSHUHA CO.,LTD.
OUI:643AB1*
ID_OUI_FROM_DATABASE=Sichuan Tianyi Comheart Telecom Co.,LTD
@ -69728,6 +69806,9 @@ OUI:7040FF*
OUI:7041B7*
ID_OUI_FROM_DATABASE=Edwards Lifesciences LLC
OUI:7042D3*
ID_OUI_FROM_DATABASE=Ruijie Networks Co.,LTD
OUI:70441C*
ID_OUI_FROM_DATABASE=SHENZHEN KAIFA TECHNOLOGY CO.,LTD.
@ -71169,7 +71250,7 @@ OUI:70B3D5119*
ID_OUI_FROM_DATABASE=Private
OUI:70B3D511A*
ID_OUI_FROM_DATABASE=Private
ID_OUI_FROM_DATABASE=Mahindra Electric Mobility Limited
OUI:70B3D511B*
ID_OUI_FROM_DATABASE=HoseoTelnet Inc...
@ -83723,6 +83804,9 @@ OUI:74D21D*
OUI:74D285*
ID_OUI_FROM_DATABASE=Texas Instruments
OUI:74D423*
ID_OUI_FROM_DATABASE=Amazon Technologies Inc.
OUI:74D435*
ID_OUI_FROM_DATABASE=GIGA-BYTE TECHNOLOGY CO.,LTD.
@ -86411,6 +86495,9 @@ OUI:7CDAC3*
OUI:7CDB98*
ID_OUI_FROM_DATABASE=ASKEY COMPUTER CORP
OUI:7CDCCC*
ID_OUI_FROM_DATABASE=Beijing Yixin Techology Co.,Ltd
OUI:7CDD11*
ID_OUI_FROM_DATABASE=Chongqing MAS SCI&TECH.Co.,Ltd
@ -88649,6 +88736,9 @@ OUI:84F1D0*
OUI:84F3EB*
ID_OUI_FROM_DATABASE=Espressif Inc.
OUI:84F44C*
ID_OUI_FROM_DATABASE=International Integrated Systems., Inc.
OUI:84F493*
ID_OUI_FROM_DATABASE=OMS spol. s.r.o.
@ -89037,7 +89127,7 @@ OUI:885D90E*
ID_OUI_FROM_DATABASE=Unitac Technology Limited
OUI:885D90F*
ID_OUI_FROM_DATABASE=Private
ID_OUI_FROM_DATABASE=IEEE Registration Authority
OUI:885DFB*
ID_OUI_FROM_DATABASE=zte corporation
@ -89436,7 +89526,7 @@ OUI:88B362*
ID_OUI_FROM_DATABASE=Nokia Shanghai Bell Co., Ltd.
OUI:88B436*
ID_OUI_FROM_DATABASE=Private
ID_OUI_FROM_DATABASE=FUJIFILM Corporation
OUI:88B4A6*
ID_OUI_FROM_DATABASE=Motorola Mobility LLC, a Lenovo Company
@ -90029,6 +90119,9 @@ OUI:8C1F6408B*
OUI:8C1F6408F*
ID_OUI_FROM_DATABASE=AixControl GmbH
OUI:8C1F64092*
ID_OUI_FROM_DATABASE=Gogo BA
OUI:8C1F64098*
ID_OUI_FROM_DATABASE=Agvolution GmbH
@ -90164,6 +90257,9 @@ OUI:8C1F641B6*
OUI:8C1F641BB*
ID_OUI_FROM_DATABASE=Renwei Electronics Technology (Shenzhen) Co.,LTD.
OUI:8C1F641BD*
ID_OUI_FROM_DATABASE=DORLET SAU
OUI:8C1F641BF*
ID_OUI_FROM_DATABASE=Ossia Inc
@ -90281,6 +90377,9 @@ OUI:8C1F642F5*
OUI:8C1F642FD*
ID_OUI_FROM_DATABASE=Enestone Corporation
OUI:8C1F64300*
ID_OUI_FROM_DATABASE=Abbott Diagnostics Technologies AS
OUI:8C1F64301*
ID_OUI_FROM_DATABASE=Agar Corporation Inc.
@ -90551,6 +90650,9 @@ OUI:8C1F64544*
OUI:8C1F64549*
ID_OUI_FROM_DATABASE=Brad Technology
OUI:8C1F6454A*
ID_OUI_FROM_DATABASE=Belden India Private Limited
OUI:8C1F6454C*
ID_OUI_FROM_DATABASE=Gemini Electronics B.V.
@ -90584,6 +90686,9 @@ OUI:8C1F6457B*
OUI:8C1F64581*
ID_OUI_FROM_DATABASE=SpectraDynamics, Inc.
OUI:8C1F6458C*
ID_OUI_FROM_DATABASE=Ear Micro LLC
OUI:8C1F6459F*
ID_OUI_FROM_DATABASE=Delta Computers LLC.
@ -90671,6 +90776,9 @@ OUI:8C1F6465F*
OUI:8C1F64660*
ID_OUI_FROM_DATABASE=LLC NTPC
OUI:8C1F64662*
ID_OUI_FROM_DATABASE=Suzhou Leamore Optronics Co., Ltd.
OUI:8C1F64663*
ID_OUI_FROM_DATABASE=mal-tech Technological Solutions Ltd/CRISP
@ -90719,6 +90827,9 @@ OUI:8C1F646B5*
OUI:8C1F646B9*
ID_OUI_FROM_DATABASE=GS Industrie-Elektronik GmbH
OUI:8C1F646BB*
ID_OUI_FROM_DATABASE=Season Electronics Ltd
OUI:8C1F646C6*
ID_OUI_FROM_DATABASE=FIT
@ -90989,6 +91100,9 @@ OUI:8C1F648D1*
OUI:8C1F648D4*
ID_OUI_FROM_DATABASE=Recab Sweden AB
OUI:8C1F648D5*
ID_OUI_FROM_DATABASE=Agramkow A/S
OUI:8C1F648D9*
ID_OUI_FROM_DATABASE=Pietro Fiorentini Spa
@ -91079,6 +91193,9 @@ OUI:8C1F6497C*
OUI:8C1F64984*
ID_OUI_FROM_DATABASE=Abacus Peripherals Pvt Ltd
OUI:8C1F6498F*
ID_OUI_FROM_DATABASE=Breas Medical AB
OUI:8C1F64991*
ID_OUI_FROM_DATABASE=DB Systel GmbH
@ -91508,6 +91625,9 @@ OUI:8C1F64D54*
OUI:8C1F64D56*
ID_OUI_FROM_DATABASE=Wisdom Audio
OUI:8C1F64D5E*
ID_OUI_FROM_DATABASE=Integer.pl S.A.
OUI:8C1F64D69*
ID_OUI_FROM_DATABASE=ADiCo Corporation
@ -92039,6 +92159,9 @@ OUI:8C5109D*
OUI:8C5109E*
ID_OUI_FROM_DATABASE=IROOTELLUCKY Corp.
OUI:8C5219*
ID_OUI_FROM_DATABASE=SHARP Corporation
OUI:8C53C3*
ID_OUI_FROM_DATABASE=Beijing Xiaomi Mobile Software Co., Ltd
@ -93638,6 +93761,9 @@ OUI:90C7D8*
OUI:90C99B*
ID_OUI_FROM_DATABASE=Tesorion Nederland B.V.
OUI:90CAFA*
ID_OUI_FROM_DATABASE=Google, Inc.
OUI:90CC24*
ID_OUI_FROM_DATABASE=Synaptics, Inc
@ -95016,7 +95142,7 @@ OUI:9802D8E*
ID_OUI_FROM_DATABASE=Private
OUI:9802D8F*
ID_OUI_FROM_DATABASE=Private
ID_OUI_FROM_DATABASE=IEEE Registration Authority
OUI:98039B*
ID_OUI_FROM_DATABASE=Mellanox Technologies, Inc.
@ -97709,6 +97835,9 @@ OUI:A0445C*
OUI:A04466*
ID_OUI_FROM_DATABASE=Intellics
OUI:A044F3*
ID_OUI_FROM_DATABASE=RafaelMicro
OUI:A047D7*
ID_OUI_FROM_DATABASE=Best IT World (India) Pvt Ltd
@ -99251,6 +99380,9 @@ OUI:A49BF5*
OUI:A49D49*
ID_OUI_FROM_DATABASE=Ketra, Inc.
OUI:A49E69*
ID_OUI_FROM_DATABASE=Silicon Laboratories
OUI:A49EDB*
ID_OUI_FROM_DATABASE=AutoCrib, Inc.
@ -102977,6 +103109,9 @@ OUI:B439D6*
OUI:B43A28*
ID_OUI_FROM_DATABASE=Samsung Electronics Co.,Ltd
OUI:B43A31*
ID_OUI_FROM_DATABASE=Silicon Laboratories
OUI:B43AE2*
ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD
@ -104523,7 +104658,7 @@ OUI:B8D812E*
ID_OUI_FROM_DATABASE=ZheJiang FangTai Electirc Co., Ltd
OUI:B8D812F*
ID_OUI_FROM_DATABASE=Private
ID_OUI_FROM_DATABASE=IEEE Registration Authority
OUI:B8D94D*
ID_OUI_FROM_DATABASE=Sagemcom Broadband SAS
@ -105537,7 +105672,7 @@ OUI:BCD713*
ID_OUI_FROM_DATABASE=Owl Labs
OUI:BCD767*
ID_OUI_FROM_DATABASE=Private
ID_OUI_FROM_DATABASE=BAE Systems Apllied Intelligence
OUI:BCD7A5*
ID_OUI_FROM_DATABASE=Aruba, a Hewlett Packard Enterprise Company
@ -106524,7 +106659,7 @@ OUI:C0D391A*
ID_OUI_FROM_DATABASE=Alpha Audiotronics, Inc.
OUI:C0D391B*
ID_OUI_FROM_DATABASE=Private
ID_OUI_FROM_DATABASE=Celliber Technologies Pvt Limited
OUI:C0D391C*
ID_OUI_FROM_DATABASE=Zhinengguo technology company limited
@ -107723,6 +107858,9 @@ OUI:C4EEF5*
OUI:C4EF70*
ID_OUI_FROM_DATABASE=Home Skinovations
OUI:C4EFDA*
ID_OUI_FROM_DATABASE=Honeywell
OUI:C4F081*
ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD
@ -109346,6 +109484,9 @@ OUI:CC5D57*
OUI:CC5D78*
ID_OUI_FROM_DATABASE=JTD Consulting
OUI:CC5EF8*
ID_OUI_FROM_DATABASE=CLOUD NETWORK TECHNOLOGY SINGAPORE PTE. LTD.
OUI:CC5FBF*
ID_OUI_FROM_DATABASE=Topwise 3G Communication Co., Ltd.
@ -111330,7 +111471,7 @@ OUI:D42C46*
ID_OUI_FROM_DATABASE=BUFFALO.INC
OUI:D42DC5*
ID_OUI_FROM_DATABASE=Panasonic i-PRO Sensing Solutions Co., Ltd.
ID_OUI_FROM_DATABASE=i-PRO Co., Ltd.
OUI:D42F23*
ID_OUI_FROM_DATABASE=Akenori PTE Ltd
@ -112481,6 +112622,9 @@ OUI:D8539A*
OUI:D8543A*
ID_OUI_FROM_DATABASE=Texas Instruments
OUI:D85482*
ID_OUI_FROM_DATABASE=Oxit, LLC
OUI:D854A2*
ID_OUI_FROM_DATABASE=Extreme Networks, Inc.
@ -113123,6 +113267,9 @@ OUI:D8F3BC*
OUI:D8F3DB*
ID_OUI_FROM_DATABASE=Post CH AG
OUI:D8F507*
ID_OUI_FROM_DATABASE=Fiberhome Telecommunication Technologies Co.,LTD
OUI:D8F710*
ID_OUI_FROM_DATABASE=Libre Wireless Technologies Inc.
@ -113891,6 +114038,9 @@ OUI:DCB54F*
OUI:DCB72E*
ID_OUI_FROM_DATABASE=Xiaomi Communications Co Ltd
OUI:DCB7AC*
ID_OUI_FROM_DATABASE=Aruba, a Hewlett Packard Enterprise Company
OUI:DCB7FC*
ID_OUI_FROM_DATABASE=Alps Electric (Ireland) Ltd
@ -114101,6 +114251,9 @@ OUI:DCE55B*
OUI:DCE578*
ID_OUI_FROM_DATABASE=Experimental Factory of Scientific Engineering and Special Design Department
OUI:DCE650*
ID_OUI_FROM_DATABASE=Extreme Networks, Inc.
OUI:DCE71C*
ID_OUI_FROM_DATABASE=AUG Elektronik GmbH
@ -114464,6 +114617,9 @@ OUI:E046E5*
OUI:E046EE*
ID_OUI_FROM_DATABASE=NETGEAR
OUI:E04735*
ID_OUI_FROM_DATABASE=Ericsson AB
OUI:E048AF*
ID_OUI_FROM_DATABASE=Premietech Limited
@ -114938,6 +115094,9 @@ OUI:E0B9BA*
OUI:E0B9E5*
ID_OUI_FROM_DATABASE=Technicolor Delivery Technologies Belgium NV
OUI:E0BAAD*
ID_OUI_FROM_DATABASE=Hangzhou Hikvision Digital Technology Co.,Ltd.
OUI:E0BAB4*
ID_OUI_FROM_DATABASE=Arrcus, Inc
@ -116705,6 +116864,9 @@ OUI:E884C6*
OUI:E8854B*
ID_OUI_FROM_DATABASE=Apple, Inc.
OUI:E886CF*
ID_OUI_FROM_DATABASE=Nokia
OUI:E887A3*
ID_OUI_FROM_DATABASE=Loxley Public Company Limited
@ -117299,6 +117461,9 @@ OUI:EC1D7F*
OUI:EC1D8B*
ID_OUI_FROM_DATABASE=Cisco Systems, Inc
OUI:EC1D9E*
ID_OUI_FROM_DATABASE=Quectel Wireless Solutions Co.,Ltd.
OUI:EC1F72*
ID_OUI_FROM_DATABASE=SAMSUNG ELECTRO-MECHANICS(THAILAND)
@ -119309,6 +119474,9 @@ OUI:F417B8*
OUI:F419E2*
ID_OUI_FROM_DATABASE=Volterra
OUI:F41AB0*
ID_OUI_FROM_DATABASE=Shenzhen Xingguodu Technology Co., Ltd.
OUI:F41BA1*
ID_OUI_FROM_DATABASE=Apple, Inc.
@ -119369,6 +119537,9 @@ OUI:F42A7D*
OUI:F42B48*
ID_OUI_FROM_DATABASE=Ubiqam
OUI:F42B7D*
ID_OUI_FROM_DATABASE=Chipsguide technology CO.,LTD.
OUI:F42C56*
ID_OUI_FROM_DATABASE=SENOR TECH CO LTD

4
hwdb.d/20-acpi-vendor.hwdb.patch
View File

@ -1,5 +1,5 @@
--- 20-acpi-vendor.hwdb.base 2022-05-13 17:14:22.098059674 +0100
+++ 20-acpi-vendor.hwdb 2022-05-13 17:14:22.102059756 +0100
--- 20-acpi-vendor.hwdb.base 2022-05-21 12:43:45.053612968 +0100
+++ 20-acpi-vendor.hwdb 2022-05-21 12:43:45.057613062 +0100
@@ -3,6 +3,8 @@
# Data imported from:
# https://uefi.org/uefi-pnp-export

108
hwdb.d/20-pci-vendor-model.hwdb
View File

@ -2967,7 +2967,7 @@ pci:v00001002d000013E9*
ID_MODEL_FROM_DATABASE=Ariel
pci:v00001002d000013FE*
ID_MODEL_FROM_DATABASE=Cyan Skillfish
ID_MODEL_FROM_DATABASE=Cyan Skillfish [BC-250]
pci:v00001002d00001478*
ID_MODEL_FROM_DATABASE=Navi 10 XL Upstream Port of PCI Express Switch
@ -2975,6 +2975,9 @@ pci:v00001002d00001478*
pci:v00001002d00001479*
ID_MODEL_FROM_DATABASE=Navi 10 XL Downstream Port of PCI Express Switch
pci:v00001002d00001506*
ID_MODEL_FROM_DATABASE=Mendocino
pci:v00001002d0000154C*
ID_MODEL_FROM_DATABASE=Kryptos [Radeon RX 350]
@ -2993,6 +2996,9 @@ pci:v00001002d00001552*
pci:v00001002d00001561*
ID_MODEL_FROM_DATABASE=Anubis
pci:v00001002d000015BF*
ID_MODEL_FROM_DATABASE=Phoenix
pci:v00001002d000015D8*
ID_MODEL_FROM_DATABASE=Picasso/Raven 2 [Radeon Vega Series / Radeon Vega Mobile Series]
@ -3077,6 +3083,9 @@ pci:v00001002d0000164C*
pci:v00001002d0000164D*
ID_MODEL_FROM_DATABASE=Rembrandt
pci:v00001002d0000164F*
ID_MODEL_FROM_DATABASE=Phoenix
pci:v00001002d00001681*
ID_MODEL_FROM_DATABASE=Rembrandt [Radeon 680M]
@ -11006,6 +11015,9 @@ pci:v00001002d00007312*
pci:v00001002d00007314*
ID_MODEL_FROM_DATABASE=Navi 10 USB
pci:v00001002d0000731E*
ID_MODEL_FROM_DATABASE=TDC-150
pci:v00001002d0000731F*
ID_MODEL_FROM_DATABASE=Navi 10 [Radeon RX 5600 OEM/5600 XT / 5700/5700 XT]
@ -11040,7 +11052,7 @@ pci:v00001002d0000734F*
ID_MODEL_FROM_DATABASE=Navi 14 [Radeon Pro W5300M]
pci:v00001002d00007360*
ID_MODEL_FROM_DATABASE=Navi 12 [Radeon Pro 5600M / V520]
ID_MODEL_FROM_DATABASE=Navi 12 [Radeon Pro 5600M/V520/BC-160]
pci:v00001002d00007362*
ID_MODEL_FROM_DATABASE=Navi 12 [Radeon Pro V520]
@ -11054,6 +11066,9 @@ pci:v00001002d0000738C*
pci:v00001002d0000738E*
ID_MODEL_FROM_DATABASE=Arcturus GL-XL [Instinct MI100]
pci:v00001002d000073A1*
ID_MODEL_FROM_DATABASE=Navi 21 [Radeon Pro V620]
pci:v00001002d000073A2*
ID_MODEL_FROM_DATABASE=Navi 21 Pro-XTA [Radeon Pro W6900X]
@ -11069,6 +11084,9 @@ pci:v00001002d000073A5*
pci:v00001002d000073AB*
ID_MODEL_FROM_DATABASE=Navi 21 Pro-XLA [Radeon Pro W6800X/Radeon Pro W6800X Duo]
pci:v00001002d000073AE*
ID_MODEL_FROM_DATABASE=Navi 21 [Radeon Pro V620 MxGPU]
pci:v00001002d000073AF*
ID_MODEL_FROM_DATABASE=Navi 21 [Radeon RX 6900 XT]
@ -11096,6 +11114,9 @@ pci:v00001002d000073C3*
pci:v00001002d000073C4*
ID_MODEL_FROM_DATABASE=Navi 22 USB
pci:v00001002d000073CE*
ID_MODEL_FROM_DATABASE=Navi22-XL SRIOV MxGPU
pci:v00001002d000073DF*
ID_MODEL_FROM_DATABASE=Navi 22 [Radeon RX 6700/6700 XT/6750 XT / 6800M]
@ -11135,6 +11156,12 @@ pci:v00001002d00007421*
pci:v00001002d00007422*
ID_MODEL_FROM_DATABASE=Navi 24 [Radeon PRO W6400]
pci:v00001002d00007423*
ID_MODEL_FROM_DATABASE=Navi 24 [Radeon PRO W6300/W6300M]
pci:v00001002d00007424*
ID_MODEL_FROM_DATABASE=Navi 24 [Radeon RX 6300]
pci:v00001002d0000743F*
ID_MODEL_FROM_DATABASE=Navi 24 [Radeon RX 6400 / 6500 XT]
@ -14255,6 +14282,9 @@ pci:v00001022d00001482*
pci:v00001022d00001483*
ID_MODEL_FROM_DATABASE=Starship/Matisse GPP Bridge
pci:v00001022d00001483sv000001DEsd0000FFF9*
ID_MODEL_FROM_DATABASE=Starship/Matisse GPP Bridge (Gimlet Baseboard)
pci:v00001022d00001484*
ID_MODEL_FROM_DATABASE=Starship/Matisse Internal PCIe GPP Bridge 0 to bus[E:B]
@ -16211,6 +16241,9 @@ pci:v00001028d00000016sv00001028sd00001F24*
pci:v00001028d00000073*
ID_MODEL_FROM_DATABASE=NV-RAM Adapter
pci:v00001028d00001028*
ID_MODEL_FROM_DATABASE=PCIe Bridge riser
pci:v00001029*
ID_VENDOR_FROM_DATABASE=Siemens Nixdorf IS
@ -38525,9 +38558,24 @@ pci:v000010EEd00003FC5*
pci:v000010EEd00003FC6*
ID_MODEL_FROM_DATABASE=RME Hammerfall DSP MADI
pci:v000010EEd00005000*
ID_MODEL_FROM_DATABASE=Alveo U200 XDMA Platform
pci:v000010EEd00005004*
ID_MODEL_FROM_DATABASE=Alveo U250 XDMA Platform
pci:v000010EEd00005005*
ID_MODEL_FROM_DATABASE=Alveo U250
pci:v000010EEd0000500C*
ID_MODEL_FROM_DATABASE=Alveo U280 XDMA Platform
pci:v000010EEd00005020*
ID_MODEL_FROM_DATABASE=Alveo U50 XMDA Platform
pci:v000010EEd0000505C*
ID_MODEL_FROM_DATABASE=Alveo U55C
pci:v000010EEd00007038*
ID_MODEL_FROM_DATABASE=FPGA Card XC7VX690T
@ -38546,6 +38594,18 @@ pci:v000010EEd00008380*
pci:v000010EEd00008381*
ID_MODEL_FROM_DATABASE=Ellips Santos Frame Grabber
pci:v000010EEd0000D000*
ID_MODEL_FROM_DATABASE=Alveo U200 Golden Image
pci:v000010EEd0000D004*
ID_MODEL_FROM_DATABASE=Alveo U250 Golden Image
pci:v000010EEd0000D00C*
ID_MODEL_FROM_DATABASE=Alveo U280 Golden Image
pci:v000010EEd0000D020*
ID_MODEL_FROM_DATABASE=Alveo U50 Golden Image
pci:v000010EEd0000D154*
ID_MODEL_FROM_DATABASE=Copley Controls CAN card (PCI-CAN-02)
@ -55572,7 +55632,7 @@ pci:v00001425d00006092*
ID_MODEL_FROM_DATABASE=T62100-KR Unified Wire Ethernet Controller
pci:v00001425d00006092sv000001DEsd0000FFF9*
ID_MODEL_FROM_DATABASE=T62100-KR Unified Wire Ethernet Controller (Gimlet T6)
ID_MODEL_FROM_DATABASE=T62100-KR Unified Wire Ethernet Controller (Gimlet Baseboard)
pci:v00001425d00006401*
ID_MODEL_FROM_DATABASE=T6225-CR Unified Wire Ethernet Controller
@ -55650,7 +55710,7 @@ pci:v00001425d00006492*
ID_MODEL_FROM_DATABASE=T62100-KR Unified Wire Ethernet Controller
pci:v00001425d00006492sv000001DEsd0000FFF9*
ID_MODEL_FROM_DATABASE=T62100-KR Unified Wire Ethernet Controller (Gimlet T6)
ID_MODEL_FROM_DATABASE=T62100-KR Unified Wire Ethernet Controller (Gimlet Baseboard)
pci:v00001425d00006501*
ID_MODEL_FROM_DATABASE=T6225-CR Unified Wire Storage Controller
@ -68978,6 +69038,9 @@ pci:v00001ADEd00003038sv00004254sd00000552*
pci:v00001AE0*
ID_VENDOR_FROM_DATABASE=Google, Inc.
pci:v00001AE0d0000001F*
ID_MODEL_FROM_DATABASE=NVMe device
pci:v00001AE0d00000042*
ID_MODEL_FROM_DATABASE=Compute Engine Virtual Ethernet [gVNIC]
@ -69563,6 +69626,9 @@ pci:v00001B4Bd00002241sv00001028sd00002151*
pci:v00001B4Bd00002241sv00001028sd00002196*
ID_MODEL_FROM_DATABASE=88NR2241 Non-Volatile memory controller (ROR-N100)
pci:v00001B4Bd00002241sv00001B4Bsd00002241*
ID_MODEL_FROM_DATABASE=88NR2241 Non-Volatile memory controller (Santa Cruz NVMe Host Adapter)
pci:v00001B4Bd00002241sv00001D49sd00000306*
ID_MODEL_FROM_DATABASE=88NR2241 Non-Volatile memory controller (ThinkSystem M.2 NVMe 2-Bay RAID Enablement Kit)
@ -71486,6 +71552,9 @@ pci:v00001DA3d00001000*
pci:v00001DA3d00001010*
ID_MODEL_FROM_DATABASE=HL-2000 AI Training Accelerator [Gaudi secured]
pci:v00001DA8*
ID_VENDOR_FROM_DATABASE=Corigine, Inc.
pci:v00001DAD*
ID_VENDOR_FROM_DATABASE=Fungible
@ -72932,6 +73001,9 @@ pci:v00001F3Fd00009032*
pci:v00001F3Fd00009032sv00001F3Fsd000000A1*
ID_MODEL_FROM_DATABASE=SDI5.1 (Dual Port 100GE SDI5.1)
pci:v00001F40*
ID_VENDOR_FROM_DATABASE=Netac Technology Co.,Ltd
pci:v00001FAA*
ID_VENDOR_FROM_DATABASE=Hexaflake (Shanghai) Information Technology Co., Ltd.
@ -82070,6 +82142,9 @@ pci:v00008086d000015FFsv00008086sd0000000B*
pci:v00008086d000015FFsv00008086sd0000000C*
ID_MODEL_FROM_DATABASE=Ethernet Controller X710 for 10GBASE-T (Ethernet Network Adapter X710-T2L for OCP 3.0)
pci:v00008086d000015FFsv00008086sd0000000D*
ID_MODEL_FROM_DATABASE=Ethernet Controller X710 for 10GBASE-T (Ethernet 10G 2P X710-T2L-t OCP)
pci:v00008086d000015FFsv00008086sd0000000F*
ID_MODEL_FROM_DATABASE=Ethernet Controller X710 for 10GBASE-T (Ethernet Network Adapter X710-T2L for OCP 3.0)
@ -92505,10 +92580,28 @@ pci:v00008086d000031A8sv00001849sd000031A8*
ID_MODEL_FROM_DATABASE=Celeron/Pentium Silver Processor USB 3.0 xHCI Controller
pci:v00008086d000031AC*
ID_MODEL_FROM_DATABASE=Celeron/Pentium Silver Processor Serial IO I2C Host Controller
ID_MODEL_FROM_DATABASE=Celeron/Pentium Silver Processor I2C 0
pci:v00008086d000031AE*
ID_MODEL_FROM_DATABASE=Celeron/Pentium Silver Processor Serial IO I2C Host Controller
ID_MODEL_FROM_DATABASE=Celeron/Pentium Silver Processor I2C 1
pci:v00008086d000031B0*
ID_MODEL_FROM_DATABASE=Celeron/Pentium Silver Processor I2C 2
pci:v00008086d000031B2*
ID_MODEL_FROM_DATABASE=Celeron/Pentium Silver Processor I2C 3
pci:v00008086d000031B4*
ID_MODEL_FROM_DATABASE=Celeron/Pentium Silver Processor I2C 4
pci:v00008086d000031B6*
ID_MODEL_FROM_DATABASE=Celeron/Pentium Silver Processor I2C 5
pci:v00008086d000031B8*
ID_MODEL_FROM_DATABASE=Celeron/Pentium Silver Processor I2C 6
pci:v00008086d000031BA*
ID_MODEL_FROM_DATABASE=Celeron/Pentium Silver Processor I2C 7
pci:v00008086d000031BC*
ID_MODEL_FROM_DATABASE=Celeron/Pentium Silver Processor Serial IO UART Host Controller
@ -96944,6 +97037,9 @@ pci:v00008086d00008818*
pci:v00008086d00008819*
ID_MODEL_FROM_DATABASE=Platform Controller Hub EG20T IEEE 1588 Hardware Assist
pci:v00008086d00008A03*
ID_MODEL_FROM_DATABASE=Processor Power and Thermal Controller
pci:v00008086d00008A0D*
ID_MODEL_FROM_DATABASE=Ice Lake Thunderbolt 3 NHI #1

4
hwdb.d/20-usb-vendor-model.hwdb
View File

@ -51843,7 +51843,7 @@ usb:v1391p1000*
ID_MODEL_FROM_DATABASE=URTC-1000
usb:v1395*
ID_VENDOR_FROM_DATABASE=Sennheiser Communications
ID_VENDOR_FROM_DATABASE=DSEA A/S
usb:v1395p0025*
ID_MODEL_FROM_DATABASE=Headset [PC 8]
@ -51969,7 +51969,7 @@ usb:v1395p0067*
ID_MODEL_FROM_DATABASE=SP 20 D MS
usb:v1395p006B*
ID_MODEL_FROM_DATABASE=SC5x5 MS
ID_MODEL_FROM_DATABASE=SC6x5
usb:v1395p0072*
ID_MODEL_FROM_DATABASE=Headset

7
hwdb.d/60-evdev.hwdb
View File

@ -588,6 +588,13 @@ evdev:name:SynPS/2 Synaptics TouchPad:dmi:*:svnLENOVO:*pvrThinkPadP14sGen2a:*
EVDEV_ABS_35=::44
EVDEV_ABS_36=::52
# Lenovo ThinkPad T15g Gen1
evdev:name:SynPS/2 Synaptics TouchPad:dmi:*svnLENOVO:*pvrThinkPadT15gGen1**
EVDEV_ABS_00=::44
EVDEV_ABS_01=::50
EVDEV_ABS_35=::44
EVDEV_ABS_36=::50
# Lenovo Legion Y9000X2020
evdev:name:MSFT0001:02 04F3:304B Touchpad:dmi:*svnLENOVO:*pvrLenovoLegionY9000X2020:*
EVDEV_ABS_00=::31

8
hwdb.d/60-keyboard.hwdb
View File

@ -511,6 +511,14 @@ evdev:input:b0003v0458p0708*
KEYBOARD_KEY_0900fd=scale
KEYBOARD_KEY_0900fc=screenlock
###########################################################
# Google
###########################################################
# Google Hangouts Meet speakermic
evdev:input:b0003v18D1p8001*
KEYBOARD_KEY_b002f=reserved # Disable micmute key
###########################################################
# Hewlett Packard
###########################################################

9
hwdb.d/60-sensor.hwdb
View File

@ -106,6 +106,14 @@ sensor:modalias:acpi:BOSC0200*:dmi:*svn*Acer*:*pn*Spin*SP111-33:*
sensor:modalias:acpi:BOSC0200*:dmi:*svnAcer*:*pnSpinSP111-34:*
ACCEL_MOUNT_MATRIX=0, 1, 0; 1, 0, 0; 0, 0, 1
#########################################
# Aquarius
#########################################
# Aquarius NS483
sensor:modalias:acpi:MXC6655*:dmi:*:svnAquarius*:pnNS483:*
ACCEL_MOUNT_MATRIX=-1, 0, 0; 0, 1, 0; 0, 0, 1
#########################################
# Archos
#########################################
@ -277,6 +285,7 @@ sensor:modalias:acpi:KIOX000A*:dmi:*:svnCube:pni18B:*
# Cube iWork 10 Flagship
sensor:modalias:acpi:BOSC0200*:dmi:*:svnCube:pnI15-TC:*
sensor:modalias:acpi:BOSC0200*:dmi:*:svnALLDOCUBE:pnI15-TG:*
ACCEL_MOUNT_MATRIX=1, 0, 0; 0, -1, 0; 0, 0, 1
# Cube iWork 11 Stylus

3816
hwdb.d/ma-large.txt
View File

File diff suppressed because it is too large Load Diff

159
hwdb.d/ma-medium.txt
View File

@ -245,9 +245,6 @@ B00000-BFFFFF (base 16) KeyWest Networks, Inc
Orange CA 92865
US
88-5D-90 (hex) Private
F00000-FFFFFF (base 16) Private
60-95-CE (hex) Beijing Sinomedisite Bio-tech Co.,Ltd
B00000-BFFFFF (base 16) Beijing Sinomedisite Bio-tech Co.,Ltd
No.9 Kangding Street,Economic-Technological Development Area
@ -5078,6 +5075,36 @@ B00000-BFFFFF (base 16) Labman Automation
Stokesley North Yorkshire TS9 5NQ
GB
30-3D-51 (hex) Fink Telecom Services GmbH
000000-0FFFFF (base 16) Fink Telecom Services GmbH
Paradieshofstrasse 101
Basel 4054
CH
30-3D-51 (hex) Amber-Link Network Technology Co.,Ltd.
600000-6FFFFF (base 16) Amber-Link Network Technology Co.,Ltd.
Bld. #1, St. 356, Rd. Guo Shoujing
Shanghai China
CN
88-5D-90 (hex) IEEE Registration Authority
F00000-FFFFFF (base 16) IEEE Registration Authority
445 Hoes Lane
PISCATAWAY NJ 08854
US
2C-69-1D (hex) IBM
800000-8FFFFF (base 16) IBM
9000 South Rita Rd
Tucson AZ 85744
US
2C-69-1D (hex) SPEEDTECH CORP.
400000-4FFFFF (base 16) SPEEDTECH CORP.
No. 568, Sec. 1, Minsheng N. Rd., Guishan Dist., Taoyuan City 338, Taiwan
Taoyuan 338
TW
4C-4B-F9 (hex) Shenzhen dingsheng technology co., LTD
400000-4FFFFF (base 16) Shenzhen dingsheng technology co., LTD
Floor 3, building 5, kaijeda industrial zone, no.97, huaxing road, langkou community, dalang street, longhua district
@ -9926,6 +9953,30 @@ FC-61-79 (hex) Kvaliteta Systems and Solutions Private Limited
Trivandrum Kerala 695583
IN
2C-69-1D (hex) Shenzhen Gigalight Technology Co., Ltd
700000-7FFFFF (base 16) Shenzhen Gigalight Technology Co., Ltd
2/f, Block F3, Changfeng Ind. Park, Liuxian 3 Rd., Shenzhen, Guangdong, China 1/f, Block F4, Changfeng Ind. Park, 68 Zone,Baoan District,Shenzhen,China
Shenzhen Guangdong 518100
CN
2C-69-1D (hex) Panasonic Appliances Marketing Asia Pacific (A division of Panasonic Malaysia Sdn Bhd
A00000-AFFFFF (base 16) Panasonic Appliances Marketing Asia Pacific (A division of Panasonic Malaysia Sdn Bhd
Lot 10, Jalan 13/2
Petaling Jaya Selangor 46200
MY
30-3D-51 (hex) TalkGo, Inc.
C00000-CFFFFF (base 16) TalkGo, Inc.
3518 Fremont Ave N#473
Seattle WA 98103
US
2C-69-1D (hex) KATEK SE
100000-1FFFFF (base 16) KATEK SE
Promenadeplatz 12
Munich 80333
DE
20-85-93 (hex) UNILUMIN GROUP CO.,LTD
300000-3FFFFF (base 16) UNILUMIN GROUP CO.,LTD
No.112 Yongfu Rd.,BaoanDistrict,
@ -10319,9 +10370,6 @@ E00000-EFFFFF (base 16) ShenZhen Arts Changhua Intelligent Technology Co.,
8C-C8-F4 (hex) Private
700000-7FFFFF (base 16) Private
98-02-D8 (hex) Private
F00000-FFFFFF (base 16) Private
D8-86-0B (hex) Get SAT
200000-2FFFFF (base 16) Get SAT
Hamada 12
@ -15083,6 +15131,42 @@ A00000-AFFFFF (base 16) TeraNXT Global India Pvt Ltd.
Rockwall TX 75032
US
30-3D-51 (hex) Percent.com
E00000-EFFFFF (base 16) Percent.com
167/2, Fakirerpool D.I.T Extention Road, Motiheel
Dhaka Dhaka 1000
BD
98-02-D8 (hex) IEEE Registration Authority
F00000-FFFFFF (base 16) IEEE Registration Authority
445 Hoes Lane
PISCATAWAY NJ 08854
US
2C-69-1D (hex) Sunsa, Inc
300000-3FFFFF (base 16) Sunsa, Inc
3422 Fait Ave
Baltimore MD 21224
US
2C-69-1D (hex) SHENZHEN EX-LINK TECHNOLOGY CO.,LTD
900000-9FFFFF (base 16) SHENZHEN EX-LINK TECHNOLOGY CO.,LTD
818 Building 2,Nanyou Fourth Industrial Zone,No 1124 ,Nanshan Avenue,Nanguang Community,Nanshan Street,Nanshan District,Shenzhen
SHENZHEN GUANGDONG 518052
CN
2C-69-1D (hex) Aparian, Inc.
C00000-CFFFFF (base 16) Aparian, Inc.
2709 S Orange AveUnit D
Santa Ana CA 92707
US
2C-69-1D (hex) Carnegie Robotics
600000-6FFFFF (base 16) Carnegie Robotics
4501 Hatfield Street
Pittsburgh PA 15201
US
4C-4B-F9 (hex) Shandong Linkotech Electronic Co., Ltd.
600000-6FFFFF (base 16) Shandong Linkotech Electronic Co., Ltd.
22nd Floor, Building 2, Aosheng Building, No.1166 Xinyi Street, High-tech Zone
@ -15152,9 +15236,6 @@ F00000-FFFFFF (base 16) Private
78-C2-C0 (hex) Private
F00000-FFFFFF (base 16) Private
14-1F-BA (hex) Private
F00000-FFFFFF (base 16) Private
58-FC-DB (hex) Private
F00000-FFFFFF (base 16) Private
@ -20099,6 +20180,42 @@ E00000-EFFFFF (base 16) ACCO Brands USA LLC
Mail box 15123 Haifa 3508409
IL
2C-69-1D (hex) Hunan Xiangjiang Kunpeng Information Technology Co., Ltd.
000000-0FFFFF (base 16) Hunan Xiangjiang Kunpeng Information Technology Co., Ltd.
Building 1# and Building 4#, No. 67 Ziyuan Road, Xueshi Street, Yuelu District,
Changsha Hunan 410006
CN
30-3D-51 (hex) Destiny Automate Limited
700000-7FFFFF (base 16) Destiny Automate Limited
Aw House, 6-8 Stuart Street
Luton Bedfordshire LU1 2SJ
GB
2C-69-1D (hex) Abode Systems Inc
200000-2FFFFF (base 16) Abode Systems Inc
2625 Middlefield Road
Palo Alto CA 94306
US
14-1F-BA (hex) IEEE Registration Authority
F00000-FFFFFF (base 16) IEEE Registration Authority
445 Hoes Lane
PISCATAWAY NJ 08854
US
2C-69-1D (hex) Shenzhen Daren HI-Tech Electronics Co., Ltd.
B00000-BFFFFF (base 16) Shenzhen Daren HI-Tech Electronics Co., Ltd.
Room 401, No. 5, Jiayi Industrial Park, Guihua Community, Guanlan Street, Longhua District, Shenzhen
Shenzhen Guangdong 518109
CN
2C-69-1D (hex) Ascentac Inc.
D00000-DFFFFF (base 16) Ascentac Inc.
11F.-1, No.80, Minzu 1st Rd., Sanmin Dist., Kaohsiung City 807, Taiwan (R.O.C.)
Kaohsiung City Taiwan 807
TW
20-85-93 (hex) Great Lite International
700000-7FFFFF (base 16) Great Lite International
11F., No.207-2, Sec. 3, Beixin Rd., Xindian Dist.,
@ -20735,9 +20852,6 @@ B00000-BFFFFF (base 16) YINUO-LINK LIMITED
80-0A-80 (hex) Private
F00000-FFFFFF (base 16) Private
C0-D3-91 (hex) Private
B00000-BFFFFF (base 16) Private
1C-FD-08 (hex) MESHBOX FOUNDATION PTE. LTD.
E00000-EFFFFF (base 16) MESHBOX FOUNDATION PTE. LTD.
152 Beach Road #14-02 GATEWAY EAST TOWER
@ -20780,9 +20894,6 @@ A00000-AFFFFF (base 16) Banmak Technogies Co.,Ltd
Huizhou Guangdong 516100
CN
B8-D8-12 (hex) Private
F00000-FFFFFF (base 16) Private
A8-3F-A1 (hex) Imecon Engineering SrL
000000-0FFFFF (base 16) Imecon Engineering SrL
via Gerola 13/15
@ -25189,3 +25300,21 @@ D00000-DFFFFF (base 16) XOR UK Corporation Limited
Unit 11-12, Stanhope Gate, Stanhope Rd
Camberley Surrey GU15 3DW
GB
C0-D3-91 (hex) Celliber Technologies Pvt Limited
B00000-BFFFFF (base 16) Celliber Technologies Pvt Limited
No.1027, 24th Main, 11th Cross,
Bangalore Karnataka 560102
IN
2C-69-1D (hex) LG Electronics Inc.
500000-5FFFFF (base 16) LG Electronics Inc.
LG Twin Towers, 128, Yeoui-daero, Yeongdeungpo-gu
Seoul 150-721
KR
B8-D8-12 (hex) IEEE Registration Authority
F00000-FFFFFF (base 16) IEEE Registration Authority
445 Hoes Lane
PISCATAWAY NJ 08854
US

95
hwdb.d/ma-small.txt
View File

@ -4010,9 +4010,6 @@ E6F000-E6FFFF (base 16) Amazon Technologies Inc.
Reno NV 89507
US
70-B3-D5 (hex) Private
11A000-11AFFF (base 16) Private
70-B3-D5 (hex) Mettler Toledo
4FC000-4FCFFF (base 16) Mettler Toledo
1571 Northpointe Parkway
@ -5957,6 +5954,12 @@ C35000-C35FFF (base 16) Peter Huber Kaeltemaschinenbau AG
Offenburg Ba-Wue 77656
DE
70-B3-D5 (hex) Mahindra Electric Mobility Limited
11A000-11AFFF (base 16) Mahindra Electric Mobility Limited
690, Gold Hill Square, Hosur Road, Bommanahalli
Bangalore Karnataka 560068
IN
70-B3-D5 (hex) EVCO SPA
A80000-A80FFF (base 16) EVCO SPA
VIA FELTRE N. 81
@ -11753,23 +11756,59 @@ CC6000-CC6FFF (base 16) Genius Vision Digital Private Limited
Houston TX 77024-7338
US
8C-1F-64 (hex) GO development GmbH
7BC000-7BCFFF (base 16) GO development GmbH
Zeppelinstraße 126
Esslingen am Neckar 73730
DE
8C-1F-64 (hex) Abode Systems Inc
B13000-B13FFF (base 16) Abode Systems Inc
2625 Middlefield Road
Palo Alto CA 94306
US
8C-1F-64 (hex) Ear Micro LLC
58C000-58CFFF (base 16) Ear Micro LLC
4043 Broadway
Kansas City MO 64111
US
8C-1F-64 (hex) DAVE SRL
0EF000-0EFFFF (base 16) DAVE SRL
VIA TALPONEDO 29/A
PORCIA PORDENONE 330850
IT
8C-1F-64 (hex) GO development GmbH
7BC000-7BCFFF (base 16) GO development GmbH
Zeppelinstraße 126
Esslingen am Neckar 73730
DE
8C-1F-64 (hex) Season Electronics Ltd
6BB000-6BBFFF (base 16) Season Electronics Ltd
600 Nest Business Park
Havant Hampshire PO9 5TL
GB
8C-1F-64 (hex) Integer.pl S.A.
D5E000-D5EFFF (base 16) Integer.pl S.A.
Wielicka 28
Krakow 30-552
PL
8C-1F-64 (hex) Abbott Diagnostics Technologies AS
300000-300FFF (base 16) Abbott Diagnostics Technologies AS
P. O. Box 6863 Rodeløkka
Oslo 0504
NO
8C-1F-64 (hex) Suzhou Leamore Optronics Co., Ltd.
662000-662FFF (base 16) Suzhou Leamore Optronics Co., Ltd.
Block 12-301, NO 99 Jinji Lake Road, Suzhou Industrial Park, Suzhou
Suzhou Jiangsu 215000
CN
8C-1F-64 (hex) Breas Medical AB
98F000-98FFFF (base 16) Breas Medical AB
Företagsvägen 1
Mölnlycke SE-435 33
SE
70-B3-D5 (hex) System West dba ICS Electronics
E06000-E06FFF (base 16) System West dba ICS Electronics
@ -17534,10 +17573,10 @@ CD2000-CD2FFF (base 16) TRUMPF Huttinger GmbH + Co. KG,
Göttingen 37075
DE
8C-1F-64 (hex) dinosys
5CB000-5CBFFF (base 16) dinosys
501,35,Gwangnaruro 6-gil,
Seoul Seoul 133-832
8C-1F-64 (hex) WonATech Co., Ltd.
890000-890FFF (base 16) WonATech Co., Ltd.
7, Neunganmal 1-gil
Seocho-gu Seoul 06801
KR
8C-1F-64 (hex) HIROSAWA ELECTRIC Co.,Ltd.
@ -17546,12 +17585,24 @@ CD2000-CD2FFF (base 16) TRUMPF Huttinger GmbH + Co. KG,
Otaku Tokyo 1440034
JP
8C-1F-64 (hex) WonATech Co., Ltd.
890000-890FFF (base 16) WonATech Co., Ltd.
7, Neunganmal 1-gil
Seocho-gu Seoul 06801
8C-1F-64 (hex) dinosys
5CB000-5CBFFF (base 16) dinosys
501,35,Gwangnaruro 6-gil,
Seoul Seoul 133-832
KR
8C-1F-64 (hex) Agramkow A/S
8D5000-8D5FFF (base 16) Agramkow A/S
Augustenborg Landevej 19
Sønderborg 6400
DK
8C-1F-64 (hex) Gogo BA
092000-092FFF (base 16) Gogo BA
105 Edgeview Drive
Broomfield CO 80021
US
70-B3-D5 (hex) YUYAMA MFG Co.,Ltd
BBB000-BBBFFF (base 16) YUYAMA MFG Co.,Ltd
3-3-1
@ -23516,6 +23567,12 @@ CAF000-CAFFFF (base 16) BRS Sistemas Eletrônicos
Porto Alegre RS 91380-000
BR
8C-1F-64 (hex) DORLET SAU
1BD000-1BDFFF (base 16) DORLET SAU
Albert Eistein 34
Alava SPAIN 01510
ES
70-B3-D5 (hex) DISMUNTEL SAL
92C000-92CFFF (base 16) DISMUNTEL SAL
Pol ind cotes
@ -29251,3 +29308,9 @@ DFE000-DFEFFF (base 16) Nuvation Energy
651 North Broad StreetSuite 206
Middletown DE 19709
US
8C-1F-64 (hex) Belden India Private Limited
54A000-54AFFF (base 16) Belden India Private Limited
Plot No. D-228, Chakan MIDC Phase 2,
Village Bhamboli, Taluka:Khed Pune, Maharashtra 410 507
IN

58
hwdb.d/pci.ids
View File

@ -1,8 +1,8 @@
#
# List of PCI ID's
#
# Version: 2022.05.09
# Date: 2022-05-09 03:15:02
# Version: 2022.05.18
# Date: 2022-05-18 03:15:02
#
# Maintained by Albert Pool, Martin Mares, and other volunteers from
# the PCI ID Project at https://pci-ids.ucw.cz/.
@ -1054,15 +1054,17 @@
131c Kaveri [Radeon R7 Graphics]
131d Kaveri [Radeon R6 Graphics]
13e9 Ariel
13fe Cyan Skillfish
13fe Cyan Skillfish [BC-250]
1478 Navi 10 XL Upstream Port of PCI Express Switch
1479 Navi 10 XL Downstream Port of PCI Express Switch
1506 Mendocino
154c Kryptos [Radeon RX 350]
1462 7c28 MS-7C28 Motherboard
154e Garfield
1551 Arlene
1552 Pooky
1561 Anubis
15bf Phoenix
15d8 Picasso/Raven 2 [Radeon Vega Series / Radeon Vega Mobile Series]
103c 8615 Pavilion Laptop 15-cw1xxx
17aa 3181 ThinkCentre M75n IoT
@ -1092,6 +1094,7 @@
1640 Rembrandt Radeon High Definition Audio Controller
164c Lucienne
164d Rembrandt
164f Phoenix
1681 Rembrandt [Radeon 680M]
1714 BeaverCreek HDMI Audio [Radeon HD 6500D and 6400G-6600G series]
103c 168b ProBook 4535s
@ -3754,6 +3757,7 @@
7310 Navi 10 [Radeon Pro W5700X]
7312 Navi 10 [Radeon Pro W5700]
7314 Navi 10 USB
731e TDC-150
731f Navi 10 [Radeon RX 5600 OEM/5600 XT / 5700/5700 XT]
1002 0b36 Reference RX 5700 XT
1458 2313 Radeon RX 5700 XT Gaming OC
@ -3765,16 +3769,18 @@
7341 Navi 14 [Radeon Pro W5500]
7347 Navi 14 [Radeon Pro W5500M]
734f Navi 14 [Radeon Pro W5300M]
7360 Navi 12 [Radeon Pro 5600M / V520]
7360 Navi 12 [Radeon Pro 5600M/V520/BC-160]
7362 Navi 12 [Radeon Pro V520]
7388 Arcturus GL-XL
738c Arcturus GL-XL [Instinct MI100]
738e Arcturus GL-XL [Instinct MI100]
73a1 Navi 21 [Radeon Pro V620]
73a2 Navi 21 Pro-XTA [Radeon Pro W6900X]
73a3 Navi 21 GL-XL [Radeon PRO W6800]
73a4 Navi 21 USB
73a5 Navi 21 [Radeon RX 6950 XT]
73ab Navi 21 Pro-XLA [Radeon Pro W6800X/Radeon Pro W6800X Duo]
73ae Navi 21 [Radeon Pro V620 MxGPU]
73af Navi 21 [Radeon RX 6900 XT]
148c 2414 Navi 21 XTXH [PowerColor Red Devil RX 6900 XT Ultimate]
73bf Navi 21 [Radeon RX 6800/6800 XT / 6900 XT]
@ -3784,6 +3790,7 @@
1eae 6701 XFX Speedster MERC 319 AMD Radeon RX 6800 XT Black
73c3 Navi 22
73c4 Navi 22 USB
73ce Navi22-XL SRIOV MxGPU
73df Navi 22 [Radeon RX 6700/6700 XT/6750 XT / 6800M]
73e0 Navi 23
73e1 Navi 23 WKS-XM [Radeon PRO W6600M]
@ -3797,6 +3804,8 @@
740f Aldebaran
7421 Navi 24 [Radeon PRO W6500M]
7422 Navi 24 [Radeon PRO W6400]
7423 Navi 24 [Radeon PRO W6300/W6300M]
7424 Navi 24 [Radeon RX 6300]
743f Navi 24 [Radeon RX 6400 / 6500 XT]
1da2 e457 PULSE AMD Radeon RX 6500 XT
7833 RS350 Host Bridge
@ -4851,6 +4860,7 @@
1481 Starship/Matisse IOMMU
1482 Starship/Matisse PCIe Dummy Host Bridge
1483 Starship/Matisse GPP Bridge
01de fff9 Gimlet Baseboard
1484 Starship/Matisse Internal PCIe GPP Bridge 0 to bus[E:B]
1485 Starship/Matisse Reserved SPP
1486 Starship/Matisse Cryptographic Coprocessor PSPCPP
@ -5509,6 +5519,7 @@
1028 1f24 PERC S300 Controller
# NV-RAM Adapter used in Dell DR appliances
0073 NV-RAM Adapter
1028 PCIe Bridge riser
1029 Siemens Nixdorf IS
102a LSI Logic
0000 HYDRA
@ -13010,13 +13021,31 @@
3fc4 RME Digi9652 (Hammerfall)
3fc5 RME Hammerfall DSP
3fc6 RME Hammerfall DSP MADI
# Reference: https://xilinx.github.io/Alveo-Cards/master/management-specification/appendix_a.html
5000 Alveo U200 XDMA Platform
# Reference: https://xilinx.github.io/Alveo-Cards/master/management-specification/appendix_a.html
5004 Alveo U250 XDMA Platform
5005 Alveo U250
# Reference: https://xilinx.github.io/Alveo-Cards/master/management-specification/appendix_a.html
500c Alveo U280 XDMA Platform
# Reference: https://xilinx.github.io/Alveo-Cards/master/management-specification/appendix_a.html
5020 Alveo U50 XMDA Platform
# Reference: https://xilinx.github.io/Alveo-Cards/master/management-specification/appendix_a.html
505c Alveo U55C
7038 FPGA Card XC7VX690T
17aa 402f FPGA XC7VX690T-3FFG1157E
8019 Memory controller
1eec 0201 VSEC10232X Dual-port 100Gb/s Etherent PCIe
8380 Ellips ProfiXpress Profibus Master
8381 Ellips Santos Frame Grabber
# Reference: https://xilinx.github.io/Alveo-Cards/master/management-specification/appendix_a.html
d000 Alveo U200 Golden Image
# Reference: https://xilinx.github.io/Alveo-Cards/master/management-specification/appendix_a.html
d004 Alveo U250 Golden Image
# Reference: https://xilinx.github.io/Alveo-Cards/master/management-specification/appendix_a.html
d00c Alveo U280 Golden Image
# Reference: https://xilinx.github.io/Alveo-Cards/master/management-specification/appendix_a.html
d020 Alveo U50 Golden Image
d154 Copley Controls CAN card (PCI-CAN-02)
# SED is assigned Xilinx PCI device IDs ebf0 through ebff
ebf0 SED Systems Modulator/Demodulator
@ -18774,7 +18803,7 @@
6089 T62100-6089 Unified Wire Ethernet Controller
608a T62100-608a Unified Wire Ethernet Controller
6092 T62100-KR Unified Wire Ethernet Controller
01de fff9 Gimlet T6
01de fff9 Gimlet Baseboard
6401 T6225-CR Unified Wire Ethernet Controller
6402 T6225-SO-CR Unified Wire Ethernet Controller
6403 T6425-CR Unified Wire Ethernet Controller
@ -18800,7 +18829,7 @@
6489 T62100-6089 Unified Wire Ethernet Controller
648a T62100-608a Unified Wire Ethernet Controller
6492 T62100-KR Unified Wire Ethernet Controller
01de fff9 Gimlet T6
01de fff9 Gimlet Baseboard
6501 T6225-CR Unified Wire Storage Controller
6502 T6225-SO-CR Unified Wire Storage Controller
6503 T6425-CR Unified Wire Storage Controller
@ -23378,6 +23407,8 @@
13c2 3016 TT-budget S2-4200 Twin
4254 0552 S952 v3
1ae0 Google, Inc.
# NVMe drive in GCP
001f NVMe device
0042 Compute Engine Virtual Ethernet [gVNIC]
abcd Airbrush Combined Paintbox IPU/Oscar Edge TPU [Pixel Neural Core]
1ae3 SANBlaze Technology, Inc.
@ -23619,6 +23650,7 @@
1028 2113 BOSS-N1 Modular
1028 2151 BOSS-N1 Modular ET
1028 2196 ROR-N100
1b4b 2241 Santa Cruz NVMe Host Adapter
1d49 0306 ThinkSystem M.2 NVMe 2-Bay RAID Enablement Kit
1d49 0307 ThinkSystem 7mm NVMe 2-Bay Rear RAID Enablement Kit
9120 88SE9120 SATA 6Gb/s Controller
@ -24324,6 +24356,7 @@
1000 HL-2000 AI Training Accelerator [Gaudi]
# PCIe accelerator card for Deep Learning training tasks with secured firmware
1010 HL-2000 AI Training Accelerator [Gaudi secured]
1da8 Corigine, Inc.
1dad Fungible
1db2 ATP ELECTRONICS INC
1db7 Phytium Technology Co., Ltd.
@ -24834,6 +24867,7 @@
1f3f 00a1 Dual Port 100GE SDI5.0
9032 SDI5.1
1f3f 00a1 Dual Port 100GE SDI5.1
1f40 Netac Technology Co.,Ltd
1faa Hexaflake (Shanghai) Information Technology Co., Ltd.
1fab Unifabrix Ltd.
0000 Nexus Alpha IVPU
@ -28042,6 +28076,7 @@
8086 000a Ethernet Network Adapter X710-T4L for OCP 3.0
8086 000b Ethernet Network Adapter X710-T2L for OCP 3.0
8086 000c Ethernet Network Adapter X710-T2L for OCP 3.0
8086 000d Ethernet 10G 2P X710-T2L-t OCP
8086 000f Ethernet Network Adapter X710-T2L for OCP 3.0
8086 4009 Ethernet Network Adapter X710-T2L
8086 4012 Ethernet Network Adapter X710-T4L for OCP 3.0
@ -31531,8 +31566,14 @@
31a2 Celeron/Pentium Silver Processor Integrated Sensor Solution
31a8 Celeron/Pentium Silver Processor USB 3.0 xHCI Controller
1849 31a8 Celeron/Pentium Silver Processor USB 3.0 xHCI Controller
31ac Celeron/Pentium Silver Processor Serial IO I2C Host Controller
31ae Celeron/Pentium Silver Processor Serial IO I2C Host Controller
31ac Celeron/Pentium Silver Processor I2C 0
31ae Celeron/Pentium Silver Processor I2C 1
31b0 Celeron/Pentium Silver Processor I2C 2
31b2 Celeron/Pentium Silver Processor I2C 3
31b4 Celeron/Pentium Silver Processor I2C 4
31b6 Celeron/Pentium Silver Processor I2C 5
31b8 Celeron/Pentium Silver Processor I2C 6
31ba Celeron/Pentium Silver Processor I2C 7
31bc Celeron/Pentium Silver Processor Serial IO UART Host Controller
31be Celeron/Pentium Silver Processor Serial IO UART Host Controller
31c0 Celeron/Pentium Silver Processor Serial IO UART Host Controller
@ -33012,6 +33053,7 @@
8817 Platform Controller Hub EG20T I2C Controller
8818 Platform Controller Hub EG20T Controller Area Network (CAN) Controller
8819 Platform Controller Hub EG20T IEEE 1588 Hardware Assist
8a03 Processor Power and Thermal Controller
8a0d Ice Lake Thunderbolt 3 NHI #1
8a12 Ice Lake-LP Processor Host Bridge/DRAM Registers
8a13 Ice Lake Thunderbolt 3 USB Controller

8
hwdb.d/usb.ids
View File

@ -9,8 +9,8 @@
# The latest version can be obtained from
# http://www.linux-usb.org/usb.ids
#
# Version: 2022.05.09
# Date: 2022-05-09 20:34:10
# Version: 2022.05.20
# Date: 2022-05-20 20:34:10
#
# Vendors, devices and interfaces. Please keep sorted.
@ -17301,7 +17301,7 @@
a001 Bandit Action Camera Batt-Stick
1391 IdealTEK, Inc.
1000 URTC-1000
1395 Sennheiser Communications
1395 DSEA A/S
0025 Headset [PC 8]
0026 SC230
0027 SC260
@ -17343,7 +17343,7 @@
0065 MB 660
0066 SP 20 D UC
0067 SP 20 D MS
006b SC5x5 MS
006b SC6x5
0072 Headset
3556 USB Headset
1397 BEHRINGER International GmbH

2
man/systemd.xml
View File

@ -621,7 +621,7 @@
<title>Environment</title>
<para>The environment block for the system manager is initially set by the kernel. (In particular,
<literal>key=value</literal> assignments on the kernel command line are returned into environment
<literal>key=value</literal> assignments on the kernel command line are turned into environment
variables for PID 1). For the user manager, the system manager sets the environment as described in the
"Environment Variables in Spawned Processes" section of
<citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>. The

38
meson.build
View File

@ -669,8 +669,7 @@ gperf_test_format = '''
const char * in_word_set(const char *, @0@);
@1@
'''
gperf_snippet_format = 'echo foo,bar | @0@ -L ANSI-C'
gperf_snippet = run_command(sh, '-c', gperf_snippet_format.format(gperf.path()),
gperf_snippet = run_command(sh, '-c', 'echo foo,bar | "$1" -L ANSI-C', '_', gperf,
check : true)
gperf_test = gperf_test_format.format('size_t', gperf_snippet.stdout())
if cc.compiles(gperf_test)
@ -1004,8 +1003,8 @@ bpf_framework_required = want_bpf_framework == 'true'
libbpf = dependency('libbpf', required : bpf_framework_required, version : '>= 0.2')
conf.set10('HAVE_LIBBPF', libbpf.found())
if want_bpf_framework == 'false' or not libbpf.found()
conf.set10('BPF_FRAMEWORK', 0)
if want_bpf_framework == 'false' or not libbpf.found() or skip_deps
conf.set10('BPF_FRAMEWORK', false)
else
# Support 'versioned' clang/llvm-strip binaries, as seen on Debian/Ubuntu
# (like clang-10/llvm-strip-10)
@ -1013,11 +1012,7 @@ else
r = find_program('clang', required : bpf_framework_required, version : '>= 10.0.0')
clang_found = r.found()
if clang_found
if meson.version().version_compare('>= 0.55')
clang = [r.full_path()]
else
clang = [r.path()]
endif
clang = r.path()
endif
# Assume that the required flags are supported by the found clang.
clang_supports_flags = clang_found
@ -1581,20 +1576,6 @@ if dbus_interfaces_dir == '' or dbus_interfaces_dir == 'yes'
endif
endif
endif
if dbus_interfaces_dir == dbusdatadir / 'interfaces' or dbus_interfaces_dir == 'no'
dbus_interfaces_dir_name = 'interfaces'
dbus_interfaces_dir_parent = dbusdatadir
else
elements = dbus_interfaces_dir.split('/')
dbus_interfaces_dir_name = elements[-1]
dbus_interfaces_dir_parent = '/'
foreach elem : elements
if elem == dbus_interfaces_dir_name and dbus_interfaces_dir == dbus_interfaces_dir_parent / dbus_interfaces_dir_name
break
endif
dbus_interfaces_dir_parent = dbus_interfaces_dir_parent / elem
endforeach
endif
# We support one or the other. If gcrypt is available, we assume it's there to
# be used, and use it in preference.
@ -2140,13 +2121,16 @@ foreach tuple : [['myhostname', 'ENABLE_NSS_MYHOSTNAME'],
librt],
link_depends : sym,
install : true,
install_tag : 'nss',
install_dir : rootlibdir)
# We cannot use shared_module because it does not support version suffix.
# Unfortunately shared_library insists on creating the symlink…
meson.add_install_script('sh', '-c',
'rm $DESTDIR@0@/libnss_@1@.so'
.format(rootlibdir, module))
.format(rootlibdir, module),
install_tag : 'nss'
)
if want_tests != 'false'
test('dlopen-nss_' + module,
@ -2415,6 +2399,7 @@ if conf.get('ENABLE_LOGIND') == 1
libpam_misc],
link_depends : pam_systemd_sym,
install : true,
install_tag : 'pam',
install_dir : pamlibdir)
if want_tests != 'false'
@ -2643,6 +2628,7 @@ if conf.get('ENABLE_HOMED') == 1
libcrypt],
link_depends : pam_systemd_home_sym,
install : true,
install_tag : 'pam',
install_dir : pamlibdir)
endif
endif
@ -4101,9 +4087,9 @@ alias_target('update-man-rules', update_man_rules)
if not meson.is_cross_build()
custom_target(
'export-dbus-interfaces',
output : dbus_interfaces_dir_name,
output : fs.name(dbus_interfaces_dir),
install : dbus_interfaces_dir != 'no',
install_dir : dbus_interfaces_dir_parent,
install_dir : fs.parent(dbus_interfaces_dir),
command : [export_dbus_interfaces_py, '@OUTPUT@', dbus_programs])
endif

36
po/ja.po
View File

@ -6,7 +6,7 @@
msgid ""
msgstr ""
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2021-01-08 17:48+0100\n"
"POT-Creation-Date: 2022-05-15 23:21+0900\n"
"PO-Revision-Date: 2021-09-09 03:04+0000\n"
"Last-Translator: Takuro Onoue <kusanaginoturugi@gmail.com>\n"
"Language-Team: Japanese <https://translate.fedoraproject.org/projects/"
@ -147,6 +147,22 @@ msgstr "プロダクトUUIDを取得する"
msgid "Authentication is required to get product UUID."
msgstr "プロダクトUUIDを取得するには認証が必要です。"
#: src/hostname/org.freedesktop.hostname1.policy:61
msgid "Get hardware serial number"
msgstr "ハードウェアのシリアル番号を取得する"
#: src/hostname/org.freedesktop.hostname1.policy:62
msgid "Authentication is required to get hardware serial number."
msgstr "ハードウェアのシリアル番号を取得するには認証が必要です。"
#: src/hostname/org.freedesktop.hostname1.policy:71
msgid "Get system description"
msgstr "システムの説明を取得"
#: src/hostname/org.freedesktop.hostname1.policy:72
msgid "Authentication is required to get system description."
msgstr "システムの説明を取得するには認証が必要です。"
#: src/import/org.freedesktop.import1.policy:22
msgid "Import a VM or container image"
msgstr "仮想マシンもしくはコンテナイメージの読込"
@ -841,44 +857,44 @@ msgid ""
"shall be enabled."
msgstr "ネットワーク経由の時刻同期を有効もしくは無効にするには認証が必要です。"
#: src/core/dbus-unit.c:359
#: src/core/dbus-unit.c:366
msgid "Authentication is required to start '$(unit)'."
msgstr "'$(unit)'を開始するには認証が必要です。"
#: src/core/dbus-unit.c:360
#: src/core/dbus-unit.c:367
msgid "Authentication is required to stop '$(unit)'."
msgstr "'$(unit)'を停止するには認証が必要です。"
#: src/core/dbus-unit.c:361
#: src/core/dbus-unit.c:368
msgid "Authentication is required to reload '$(unit)'."
msgstr "'$(unit)'を再読込するには認証が必要です。"
#: src/core/dbus-unit.c:362 src/core/dbus-unit.c:363
#: src/core/dbus-unit.c:369 src/core/dbus-unit.c:370
msgid "Authentication is required to restart '$(unit)'."
msgstr "'$(unit)'を再起動するには認証が必要です。"
#: src/core/dbus-unit.c:535
#: src/core/dbus-unit.c:555
msgid ""
"Authentication is required to send a UNIX signal to the processes of "
"'$(unit)'."
msgstr "'$(unit)'のプロセスにUNIXシグナルを送るには認証が必要です。"
#: src/core/dbus-unit.c:566
#: src/core/dbus-unit.c:586
msgid "Authentication is required to reset the \"failed\" state of '$(unit)'."
msgstr "'$(unit)'の「失敗」状態をリセットするには認証が必要です。"
#: src/core/dbus-unit.c:599
#: src/core/dbus-unit.c:619
msgid "Authentication is required to set properties on '$(unit)'."
msgstr "'$(unit)'のプロパティを設定するには認証が必要です。"
#: src/core/dbus-unit.c:708
#: src/core/dbus-unit.c:728
msgid ""
"Authentication is required to delete files and directories associated with "
"'$(unit)'."
msgstr ""
"'$(unit)'に関連付けられたファイルやディレクトリの削除には認証が必要です。"
#: src/core/dbus-unit.c:757
#: src/core/dbus-unit.c:777
msgid ""
"Authentication is required to freeze or thaw the processes of '$(unit)' unit."
msgstr "'$(unit)'のプロセスを凍結もしくは凍結解除するには認証が必要です。"

38
po/pl.po
View File

@ -5,8 +5,8 @@
msgid ""
msgstr ""
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2021-01-08 17:48+0100\n"
"PO-Revision-Date: 2020-10-18 13:10+0200\n"
"POT-Creation-Date: 2022-05-15 13:05+0200\n"
"PO-Revision-Date: 2022-05-15 13:10+0200\n"
"Last-Translator: Piotr Drąg <piotrdrag@gmail.com>\n"
"Language-Team: Polish <trans-pl@lists.fedoraproject.org>\n"
"Language: pl\n"
@ -165,6 +165,22 @@ msgstr "Uzyskanie UUID produktu"
msgid "Authentication is required to get product UUID."
msgstr "Wymagane jest uwierzytelnienie, aby uzyskać UUID produktu."
#: src/hostname/org.freedesktop.hostname1.policy:61
msgid "Get hardware serial number"
msgstr "Uzyskanie numeru seryjnego sprzętu"
#: src/hostname/org.freedesktop.hostname1.policy:62
msgid "Authentication is required to get hardware serial number."
msgstr "Wymagane jest uwierzytelnienie, aby uzyskać numer seryjny sprzętu."
#: src/hostname/org.freedesktop.hostname1.policy:71
msgid "Get system description"
msgstr "Uzyskanie opisu systemu"
#: src/hostname/org.freedesktop.hostname1.policy:72
msgid "Authentication is required to get system description."
msgstr "Wymagane jest uwierzytelnienie, aby uzyskać opis systemu."
#: src/import/org.freedesktop.import1.policy:22
msgid "Import a VM or container image"
msgstr "Import obrazu maszyny wirtualnej lub kontenera"
@ -918,25 +934,25 @@ msgstr ""
"Wymagane jest uwierzytelnienie, aby kontrolować, czy włączyć synchronizację "
"czasu przez sieć."
#: src/core/dbus-unit.c:359
#: src/core/dbus-unit.c:366
msgid "Authentication is required to start '$(unit)'."
msgstr "Wymagane jest uwierzytelnienie, aby uruchomić jednostkę „$(unit)”."
#: src/core/dbus-unit.c:360
#: src/core/dbus-unit.c:367
msgid "Authentication is required to stop '$(unit)'."
msgstr "Wymagane jest uwierzytelnienie, aby zatrzymać jednostkę „$(unit)”."
#: src/core/dbus-unit.c:361
#: src/core/dbus-unit.c:368
msgid "Authentication is required to reload '$(unit)'."
msgstr ""
"Wymagane jest uwierzytelnienie, aby ponownie wczytać jednostkę „$(unit)”."
#: src/core/dbus-unit.c:362 src/core/dbus-unit.c:363
#: src/core/dbus-unit.c:369 src/core/dbus-unit.c:370
msgid "Authentication is required to restart '$(unit)'."
msgstr ""
"Wymagane jest uwierzytelnienie, aby ponownie uruchomić jednostkę „$(unit)”."
#: src/core/dbus-unit.c:535
#: src/core/dbus-unit.c:555
msgid ""
"Authentication is required to send a UNIX signal to the processes of "
"'$(unit)'."
@ -944,18 +960,18 @@ msgstr ""
"Wymagane jest uwierzytelnienie, aby wysłać sygnał uniksowy do procesów "
"jednostki „$(unit)”."
#: src/core/dbus-unit.c:566
#: src/core/dbus-unit.c:586
msgid "Authentication is required to reset the \"failed\" state of '$(unit)'."
msgstr ""
"Wymagane jest uwierzytelnienie, aby przywrócić stan „failed” (niepowodzenia) "
"jednostki „$(unit)”."
#: src/core/dbus-unit.c:599
#: src/core/dbus-unit.c:619
msgid "Authentication is required to set properties on '$(unit)'."
msgstr ""
"Wymagane jest uwierzytelnienie, aby ustawić właściwości jednostki „$(unit)”."
#: src/core/dbus-unit.c:708
#: src/core/dbus-unit.c:728
msgid ""
"Authentication is required to delete files and directories associated with "
"'$(unit)'."
@ -963,7 +979,7 @@ msgstr ""
"Wymagane jest uwierzytelnienie, aby usunąć pliki i katalogi powiązane "
"z jednostką „$(unit)”."
#: src/core/dbus-unit.c:757
#: src/core/dbus-unit.c:777
msgid ""
"Authentication is required to freeze or thaw the processes of '$(unit)' unit."
msgstr ""

3
rules.d/meson.build
View File

@ -35,6 +35,9 @@ rules = [
[files('70-memory.rules'),
dmi_arches.contains(host_machine.cpu_family())],
[files('70-power-switch.rules'),
enable_logind],
]
all_rules = []

4
src/boot/efi/meson.build
View File

@ -3,6 +3,8 @@
conf.set10('ENABLE_EFI', get_option('efi'))
conf.set10('HAVE_GNU_EFI', false)
efi_config_h_dir = meson.current_build_dir()
if not get_option('efi') or get_option('gnu-efi') == 'false'
if get_option('gnu-efi') == 'true'
error('gnu-efi support requested, but general efi support is disabled')
@ -185,7 +187,7 @@ efi_cflags = cc.get_supported_arguments(
]
) + [
'-nostdlib',
'-std=gnu99',
'-std=gnu11',
'-ffreestanding',
'-fshort-wchar',
'-fvisibility=hidden',

6
src/boot/efi/secure-boot.c
View File

@ -1,5 +1,6 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */
#include "sbat.h"
#include "secure-boot.h"
#include "util.h"
@ -30,8 +31,5 @@ SecureBootMode secure_boot_mode(void) {
}
#ifdef SBAT_DISTRO
static const char sbat[] _used_ _section_(".sbat") =
"sbat,1,SBAT Version,sbat,1,https://github.com/rhboot/shim/blob/main/SBAT.md\n"
SBAT_PROJECT ",1,The systemd Developers," SBAT_PROJECT "," PROJECT_VERSION "," PROJECT_URL "\n"
SBAT_PROJECT "." SBAT_DISTRO "," STRINGIFY(SBAT_DISTRO_GENERATION) "," SBAT_DISTRO_SUMMARY "," SBAT_DISTRO_PKGNAME "," SBAT_DISTRO_VERSION "," SBAT_DISTRO_URL "\n";
static const char sbat[] _used_ _section_(".sbat") = SBAT_SECTION_TEXT;
#endif

27
src/core/bpf-lsm.c
View File

@ -125,55 +125,57 @@ static int mac_bpf_use(void) {
}
}
int lsm_bpf_supported(void) {
bool lsm_bpf_supported(bool initialize) {
_cleanup_(restrict_fs_bpf_freep) struct restrict_fs_bpf *obj = NULL;
static int supported = -1;
int r;
if (supported >= 0)
return supported;
if (!initialize)
return false;
r = dlopen_bpf();
if (r < 0) {
log_info_errno(r, "Failed to open libbpf, LSM BPF is not supported: %m");
return supported = 0;
return (supported = false);
}
r = cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER);
if (r < 0) {
log_warning_errno(r, "Can't determine whether the unified hierarchy is used: %m");
return supported = 0;
return (supported = false);
}
if (r == 0) {
log_info_errno(SYNTHETIC_ERRNO(EOPNOTSUPP),
"Not running with unified cgroup hierarchy, LSM BPF is not supported");
return supported = 0;
return (supported = false);
}
r = mac_bpf_use();
if (r < 0) {
log_warning_errno(r, "Can't determine whether the BPF LSM module is used: %m");
return supported = 0;
return (supported = false);
}
if (r == 0) {
log_info_errno(SYNTHETIC_ERRNO(EOPNOTSUPP),
"BPF LSM hook not enabled in the kernel, LSM BPF not supported");
return supported = 0;
return (supported = false);
}
r = prepare_restrict_fs_bpf(&obj);
if (r < 0)
return supported = 0;
return (supported = false);
if (!bpf_can_link_lsm_program(obj->progs.restrict_filesystems)) {
log_warning_errno(SYNTHETIC_ERRNO(EOPNOTSUPP),
"Failed to link BPF program. Assuming BPF is not available");
return supported = 0;
return (supported = false);
}
return supported = 1;
return (supported = true);
}
int lsm_bpf_setup(Manager *m) {
@ -267,7 +269,8 @@ int lsm_bpf_cleanup(const Unit *u) {
assert(u);
assert(u->manager);
if (!lsm_bpf_supported())
/* If we never successfully detected support, there is nothing to clean up. */
if (!lsm_bpf_supported(/* initialize = */ false))
return 0;
if (!u->manager->restrict_fs)
@ -297,8 +300,8 @@ void lsm_bpf_destroy(struct restrict_fs_bpf *prog) {
restrict_fs_bpf__destroy(prog);
}
#else /* ! BPF_FRAMEWORK */
int lsm_bpf_supported(void) {
return 0;
bool lsm_bpf_supported(bool initialize) {
return false;
}
int lsm_bpf_setup(Manager *m) {

2
src/core/bpf-lsm.h
View File

@ -14,7 +14,7 @@ typedef struct Manager Manager;
typedef struct restrict_fs_bpf restrict_fs_bpf;
int lsm_bpf_supported(void);
bool lsm_bpf_supported(bool initialize);
int lsm_bpf_setup(Manager *m);
int lsm_bpf_unit_restrict_filesystems(Unit *u, const Set *filesystems, bool allow_list);
int lsm_bpf_cleanup(const Unit *u);

6
src/core/bpf/meson.build
View File

@ -33,11 +33,7 @@ cpu_arch_defines = {
clang_arch_flags = cpu_arch_defines.get(host_machine.cpu_family(),
['-D__@0@__'.format(host_machine.cpu_family())])
if meson.version().version_compare('>= 0.58')
libbpf_include_dir = libbpf.get_variable('includedir')
else
libbpf_include_dir = libbpf.get_variable(pkgconfig : 'includedir')
endif
libbpf_include_dir = libbpf.get_variable(pkgconfig : 'includedir')
bpf_o_unstripped_cmd = [
clang,

2
src/core/dbus-socket.c
View File

@ -403,7 +403,7 @@ static int bus_socket_set_transient_property(
if (p->address.type < 0)
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid address type: %s", t);
if (socket_address_family(&p->address) != AF_LOCAL && p->address.type == SOCK_SEQPACKET)
if (socket_address_family(&p->address) != AF_UNIX && p->address.type == SOCK_SEQPACKET)
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Address family not supported: %s", a);
}

4
src/core/load-fragment.c
View File

@ -644,7 +644,7 @@ int config_parse_socket_listen(
p->address.type = SOCK_SEQPACKET;
}
if (socket_address_family(&p->address) != AF_LOCAL && p->address.type == SOCK_SEQPACKET) {
if (socket_address_family(&p->address) != AF_UNIX && p->address.type == SOCK_SEQPACKET) {
log_syntax(unit, LOG_WARNING, filename, line, 0, "Address family not supported, ignoring: %s", rvalue);
return 0;
}
@ -4849,7 +4849,7 @@ int config_parse_load_credential(
}
if (isempty(p)) {
/* If only one field field is specified take it as shortcut for inheriting a credential named
/* If only one field is specified take it as shortcut for inheriting a credential named
* the same way from our parent */
q = strdup(k);
if (!q)

2
src/core/manager.c
View File

@ -951,7 +951,7 @@ int manager_new(LookupScope scope, ManagerTestRunFlags test_run_flags, Manager *
return r;
#if HAVE_LIBBPF
if (MANAGER_IS_SYSTEM(m) && lsm_bpf_supported()) {
if (MANAGER_IS_SYSTEM(m) && lsm_bpf_supported(/* initialize = */ true)) {
r = lsm_bpf_setup(m);
if (r < 0)
log_warning_errno(r, "Failed to setup LSM BPF, ignoring: %m");

14
src/fundamental/macro-fundamental.h
View File

@ -53,7 +53,7 @@
#define CONCATENATE(x, y) XCONCATENATE(x, y)
#ifdef SD_BOOT
void efi_assert(const char *expr, const char *file, unsigned line, const char *function) _noreturn_;
_noreturn_ void efi_assert(const char *expr, const char *file, unsigned line, const char *function);
#ifdef NDEBUG
#define assert(expr)
@ -62,6 +62,7 @@
#define assert(expr) ({ _likely_(expr) ? VOID_0 : efi_assert(#expr, __FILE__, __LINE__, __PRETTY_FUNCTION__); })
#define assert_not_reached() efi_assert("Code should not be reached", __FILE__, __LINE__, __PRETTY_FUNCTION__)
#endif
#define static_assert _Static_assert
#define assert_se(expr) ({ _likely_(expr) ? VOID_0 : efi_assert(#expr, __FILE__, __LINE__, __PRETTY_FUNCTION__); })
#define memcpy(a, b, c) CopyMem((a), (b), (c))
@ -83,15 +84,8 @@
_expr_; \
})
#if defined(static_assert)
#define assert_cc(expr) \
static_assert(expr, #expr)
#else
#define assert_cc(expr) \
struct CONCATENATE(_assert_struct_, __COUNTER__) { \
char x[(expr) ? 0 : -1]; \
}
#endif
#define assert_cc(expr) static_assert(expr, #expr)
#define UNIQ_T(x, uniq) CONCATENATE(__unique_prefix_, CONCATENATE(x, uniq))
#define UNIQ __COUNTER__

8
src/fundamental/sbat.h Normal file
View File

@ -0,0 +1,8 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */
#ifdef SBAT_DISTRO
# define SBAT_SECTION_TEXT \
"sbat,1,SBAT Version,sbat,1,https://github.com/rhboot/shim/blob/main/SBAT.md\n" \
SBAT_PROJECT ",1,The systemd Developers," SBAT_PROJECT "," PROJECT_VERSION "," PROJECT_URL "\n" \
SBAT_PROJECT "." SBAT_DISTRO "," STRINGIFY(SBAT_DISTRO_GENERATION) "," SBAT_DISTRO_SUMMARY "," SBAT_DISTRO_PKGNAME "," SBAT_DISTRO_VERSION "," SBAT_DISTRO_URL "\n"
#endif

10
src/kernel-install/90-loaderentry.install
View File

@ -18,8 +18,6 @@
# You should have received a copy of the GNU Lesser General Public License
# along with systemd; If not, see <http://www.gnu.org/licenses/>.
shopt -s nullglob
COMMAND="$1"
KERNEL_VERSION="$2"
ENTRY_DIR_ABS="$3"
@ -36,7 +34,7 @@ BOOT_MNT="$(stat -c %m "$BOOT_ROOT")"
if [ "$BOOT_MNT" = '/' ]; then
ENTRY_DIR="$ENTRY_DIR_ABS"
else
ENTRY_DIR="${ENTRY_DIR_ABS#$BOOT_MNT}"
ENTRY_DIR="${ENTRY_DIR_ABS#"$BOOT_MNT"}"
fi
case "$COMMAND" in
@ -55,8 +53,10 @@ case "$COMMAND" in
esac
if [ -r /etc/os-release ]; then
# shellcheck source=/dev/null
. /etc/os-release
elif [ -r /usr/lib/os-release ]; then
# shellcheck source=/dev/null
. /usr/lib/os-release
fi
@ -105,9 +105,10 @@ install -g root -o root -m 0644 "$KERNEL_IMAGE" "$ENTRY_DIR_ABS/linux" || {
}
shift "$INITRD_OPTIONS_SHIFT"
# All files listed as arguments, and staged files called "initrd*" are installed as initrds.
# All files listed as arguments, and staged files starting with "initrd" are installed as initrds.
for initrd in "$@" "${KERNEL_INSTALL_STAGING_AREA}"/initrd*; do
[ -f "$initrd" ] || {
[ "$initrd" = "${KERNEL_INSTALL_STAGING_AREA}/initrd*" ] && continue
echo "Error: initrd '$initrd' not a file." >&2
exit 1
}
@ -139,6 +140,7 @@ mkdir -p "${LOADER_ENTRY%/*}" || {
have_initrd=
for initrd in "${@}" "${KERNEL_INSTALL_STAGING_AREA}"/initrd*; do
[ -f "$initrd" ] || continue
echo "initrd $ENTRY_DIR/${initrd##*/}"
have_initrd=yes
done

109
src/kernel-install/kernel-install.in
View File

@ -75,7 +75,7 @@ fi
export KERNEL_INSTALL_VERBOSE=0
if [ "$1" = "--verbose" ] || [ "$1" = "-v" ]; then
shift
KERNEL_INSTALL_VERBOSE=1
export KERNEL_INSTALL_VERBOSE=1
fi
if [ "${0##*/}" = "installkernel" ]; then
@ -103,25 +103,55 @@ layout=
initrd_generator=
if [ -r "/etc/kernel/install.conf" ]; then
. /etc/kernel/install.conf
install_conf="/etc/kernel/install.conf"
elif [ -r "/usr/lib/kernel/install.conf" ]; then
. /usr/lib/kernel/install.conf
install_conf="/usr/lib/kernel/install.conf"
else
install_conf=
fi
if [ -n "$install_conf" ]; then
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "Reading $install_conf…"
. "$install_conf"
# FIXME: This may override configuration in environment variables, e.g. $BOOT_ROOT.
fi
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && [ -n "$layout" ] && \
echo "$install_conf configures layout=$layout"
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && [ -n "$initrd_generator" ] && \
echo "$install_conf configures initrd_generator=$initrd_generator"
[ -n "$MACHINE_ID" ] && [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
echo "machine-id $MACHINE_ID set via environment or install.conf"
[ -n "$BOOT_ROOT" ] && [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
echo "BOOT_ROOT=$BOOT_ROOT set via environment or install.conf"
# If /etc/machine-id is initialized we'll use it, otherwise we'll use a freshly
# generated one. If the user configured an explicit machine ID to use in
# /etc/machine-info to use for our purpose, we'll use that instead (for
# compatibility).
[ -z "$MACHINE_ID" ] && [ -r /etc/machine-info ] && . /etc/machine-info && MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"
[ -z "$MACHINE_ID" ] && [ -r /etc/machine-id ] && read -r MACHINE_ID </etc/machine-id
[ -z "$MACHINE_ID" ] && MACHINE_ID="$(systemd-id128 new)"
if [ -z "$MACHINE_ID" ] && [ -r /etc/machine-info ] && . /etc/machine-info && MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"; then
[ -n "$MACHINE_ID" ] && [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
echo "machine-id $MACHINE_ID acquired from /etc/machine-info"
fi
if [ -z "$MACHINE_ID" ] && [ -r /etc/machine-id ] && read -r MACHINE_ID </etc/machine-id; then
[ -n "$MACHINE_ID" ] && [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
echo "machine-id $MACHINE_ID acquired from /etc/machine-id"
fi
if [ -z "$MACHINE_ID" ]; then
MACHINE_ID="$(systemd-id128 new)" || exit 1
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "new machine-id $MACHINE_ID generated"
fi
# Now that we determined the machine ID to use, let's determine the "token" for
# the boot loader entry to generate. We use that for naming the directory below
# $BOOT where we want to place the kernel/initrd and related resources, as well
# for naming the .conf boot loader spec entry. Typically this is just the
# machine ID, but it can be anything else, too, if we are told so.
[ -z "$ENTRY_TOKEN" ] && [ -r /etc/kernel/entry-token ] && read -r ENTRY_TOKEN </etc/kernel/entry-token
if [ -z "$ENTRY_TOKEN" ] && [ -r /etc/kernel/entry-token ] && read -r ENTRY_TOKEN </etc/kernel/entry-token; then
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
echo "entry-token \"$ENTRY_TOKEN\" acquired from /etc/kernel/entry-token"
fi
if [ -z "$ENTRY_TOKEN" ]; then
# If not configured explicitly, then use a few candidates: the machine ID,
# the IMAGE_ID= and ID= fields from /etc/os-release and finally the fixed
@ -134,38 +164,65 @@ if [ -z "$ENTRY_TOKEN" ]; then
else
ENTRY_TOKEN_SEARCH="$ENTRY_TOKEN"
fi
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "Entry-token candidates: $ENTRY_TOKEN_SEARCH"
# NB: The $MACHINE_ID is guaranteed to be a valid machine ID, but
# $ENTRY_TOKEN can be any string that fits into a VFAT filename, though
# typically is just the machine ID.
[ -z "$BOOT_ROOT" ] && for suff in $ENTRY_TOKEN_SEARCH; do
for pref in "/efi" "/boot" "/boot/efi"; do
if [ -n "$BOOT_ROOT" ]; then
# If this was already configured, don't try to guess
BOOT_ROOT_SEARCH="$BOOT_ROOT"
else
BOOT_ROOT_SEARCH="/efi /boot /boot/efi"
fi
for pref in $BOOT_ROOT_SEARCH; do
for suff in $ENTRY_TOKEN_SEARCH; do
if [ -d "$pref/$suff" ]; then
BOOT_ROOT="$pref"
ENTRY_TOKEN="$suff"
[ -z "$BOOT_ROOT" ] && BOOT_ROOT="$pref"
[ -z "$ENTRY_TOKEN" ] && ENTRY_TOKEN="$suff"
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
echo "$pref/$suff exists, using BOOT_ROOT=$BOOT_ROOT, ENTRY_TOKEN=$ENTRY_TOKEN"
break 2
else
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "$pref/$suff not found…"
fi
if [ -d "$pref/loader/entries" ]; then
[ -z "$BOOT_ROOT" ] && BOOT_ROOT="$pref"
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
echo "$pref/loader/entries exists, using BOOT_ROOT=$BOOT_ROOT"
break 2
else
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "$pref/loader/entries not found…"
fi
done
done
[ -z "$BOOT_ROOT" ] && for pref in "/efi" "/boot" "/boot/efi"; do
if [ -d "$pref/loader/entries" ]; then
BOOT_ROOT="$pref"
break
fi
done
[ -z "$BOOT_ROOT" ] && for pref in "/efi" "/boot/efi"; do
if mountpoint -q "$pref"; then
BOOT_ROOT="$pref"
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
echo "$pref is a mount point, using BOOT_ROOT=$BOOT_ROOT"
break
else
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "$pref is not a mount point…"
fi
done
[ -z "$BOOT_ROOT" ] && BOOT_ROOT="/boot"
if [ -z "$BOOT_ROOT" ]; then
BOOT_ROOT="/boot"
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
echo "KERNEL_INSTALL_BOOT_ROOT autodection yielded no candidates, using \"$BOOT_ROOT\""
fi
[ -z "$ENTRY_TOKEN" ] && ENTRY_TOKEN="$MACHINE_ID"
if [ -z "$ENTRY_TOKEN" ]; then
ENTRY_TOKEN="$MACHINE_ID"
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
echo "No entry-token candidate matched, using \"$ENTRY_TOKEN\" from machine-id"
fi
if [ -z "$layout" ]; then
# No layout configured by the administrator. Let's try to figure it out
@ -183,19 +240,27 @@ if [ -z "$layout" ]; then
# have no idea what that means, let's stay away from it by default.
layout="other"
fi
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
echo "$BOOT_ROOT/loader/entries.srel with '$ENTRIES_SREL' found, using layout=$layout"
elif [ -d "$BOOT_ROOT/$ENTRY_TOKEN" ]; then
# If the metadata in $BOOT_ROOT doesn't tell us anything, then check if
# the entry token directory already exists. If so, let's assume it's
# the standard boot loader spec, too.
layout="bls"
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "$BOOT_ROOT/$ENTRY_TOKEN exists, using layout=$layout"
else
# There's no metadata in $BOOT_ROOT, and apparently no entry token
# directory installed? Then we really don't know anything.
layout="other"
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "Entry-token directory not found, using layout=$layout"
fi
fi
ENTRY_DIR_ABS="$BOOT_ROOT/$ENTRY_TOKEN/$KERNEL_VERSION"
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "Using ENTRY_DIR_ABS=$ENTRY_DIR_ABS"
# Provide a directory where to store generated initrds
cleanup() {
@ -204,7 +269,7 @@ cleanup() {
trap cleanup EXIT
KERNEL_INSTALL_STAGING_AREA="$(mktemp -d -t -p /tmp kernel-install.staging.XXXXXXX)"
KERNEL_INSTALL_STAGING_AREA="$(mktemp -d -t kernel-install.staging.XXXXXXX)"
export KERNEL_INSTALL_MACHINE_ID="$MACHINE_ID"
export KERNEL_INSTALL_ENTRY_TOKEN="$ENTRY_TOKEN"
@ -226,6 +291,8 @@ PLUGINS="$(
IFS="
"
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo -e "Plugin files:\n$PLUGINS"
case "$COMMAND" in
add)
if [ $# -lt 1 ]; then

1
src/libsystemd/meson.build
View File

@ -187,6 +187,7 @@ custom_target(
output : 'libsystemd.pc',
command : [jinja2_cmdline, '@INPUT@', '@OUTPUT@'],
install : pkgconfiglibdir != 'no',
install_tag : 'devel',
install_dir : pkgconfiglibdir)
############################################################

2
src/libsystemd/sd-bus/bus-objects.c
View File

@ -926,7 +926,7 @@ int introspect_path(
char **ret,
sd_bus_error *error) {
_cleanup_ordered_set_free_ OrderedSet *s = NULL;
_cleanup_ordered_set_free_free_ OrderedSet *s = NULL;
_cleanup_(introspect_free) struct introspect intro = {};
bool empty;
int r;

4
src/libsystemd/sd-bus/sd-bus.c
View File

@ -3973,6 +3973,10 @@ _public_ int sd_bus_path_decode(const char *path, const char *prefix, char **ext
return 0;
}
/* Note that 'e' might be an empty string here. That's expected. E.g. a case where the subtree
* corresponds to a subtree on a disk, and we want to return something that represents the root
* of the filesystem. */
ret = bus_label_unescape(e);
if (!ret)
return -ENOMEM;

4
src/libsystemd/sd-bus/test-bus-marshal.c
View File

@ -36,7 +36,7 @@ static void test_bus_path_encode_unique(void) {
}
static void test_bus_path_encode(void) {
_cleanup_free_ char *a = NULL, *b = NULL, *c = NULL, *d = NULL, *e = NULL, *f = NULL;
_cleanup_free_ char *a = NULL, *b = NULL, *c = NULL, *d = NULL, *e = NULL, *f = NULL, *g = NULL;
assert_se(sd_bus_path_encode("/foo/bar", "waldo", &a) >= 0 && streq(a, "/foo/bar/waldo"));
assert_se(sd_bus_path_decode(a, "/waldo", &b) == 0 && b == NULL);
@ -50,6 +50,8 @@ static void test_bus_path_encode(void) {
assert_se(sd_bus_path_encode("/foo/bar", "foo.bar", &e) >= 0 && streq(e, "/foo/bar/foo_2ebar"));
assert_se(sd_bus_path_decode(e, "/foo/bar", &f) > 0 && streq(f, "foo.bar"));
assert_se(sd_bus_path_decode("/waldo", "/waldo", &g) > 0 && streq(g, ""));
}
static void test_bus_path_encode_many(void) {

1
src/libudev/meson.build
View File

@ -40,6 +40,7 @@ custom_target(
output : 'libudev.pc',
command : [jinja2_cmdline, '@INPUT@', '@OUTPUT@'],
install : pkgconfiglibdir != 'no',
install_tag : 'devel',
install_dir : pkgconfiglibdir)
############################################################

6
src/network/networkctl.c
View File

@ -1814,13 +1814,13 @@ static int link_status_one(
TABLE_STRING, bond_mode_to_string(info->mode),
TABLE_EMPTY,
TABLE_STRING, "Miimon:",
TABLE_TIMESPAN_MSEC, jiffies_to_usec(info->miimon),
TABLE_TIMESPAN_MSEC, info->miimon * USEC_PER_MSEC,
TABLE_EMPTY,
TABLE_STRING, "Updelay:",
TABLE_TIMESPAN_MSEC, jiffies_to_usec(info->updelay),
TABLE_TIMESPAN_MSEC, info->updelay * USEC_PER_MSEC,
TABLE_EMPTY,
TABLE_STRING, "Downdelay:",
TABLE_TIMESPAN_MSEC, jiffies_to_usec(info->downdelay));
TABLE_TIMESPAN_MSEC, info->downdelay * USEC_PER_MSEC);
if (r < 0)
return table_log_add_error(r);

6
src/network/networkd-link.c
View File

@ -2035,11 +2035,11 @@ static int link_update_master(Link *link, sd_netlink_message *message) {
return 0;
if (link->master_ifindex == 0)
log_link_debug(link, "Joined to master interface: %i", master_ifindex);
log_link_debug(link, "Attached to master interface: %i", master_ifindex);
else if (master_ifindex == 0)
log_link_debug(link, "Left from master interface: %i", link->master_ifindex);
log_link_debug(link, "Detached from master interface: %i", link->master_ifindex);
else
log_link_debug(link, "Master interface is changed: %i → %i", link->master_ifindex, master_ifindex);
log_link_debug(link, "Master interface changed: %i → %i", link->master_ifindex, master_ifindex);
link_drop_from_master(link);

1
src/network/networkd-network.c
View File

@ -383,6 +383,7 @@ int network_load_one(Manager *manager, OrderedHashmap **networks, const char *fi
.required_for_online = -1,
.required_operstate_for_online = LINK_OPERSTATE_RANGE_DEFAULT,
.activation_policy = _ACTIVATION_POLICY_INVALID,
.group = -1,
.arp = -1,
.multicast = -1,
.allmulticast = -1,

3
src/portable/portable.c
View File

@ -530,7 +530,6 @@ static int extract_image_and_extensions(
int r;
assert(name_or_path);
assert(matches);
r = image_find_harder(IMAGE_PORTABLE, name_or_path, NULL, &image);
if (r < 0)
@ -583,6 +582,8 @@ static int extract_image_and_extensions(
"PORTABLE_PREFIXES", &prefixes);
if (r < 0)
return r;
if (isempty(id))
return sd_bus_error_set_errnof(error, SYNTHETIC_ERRNO(ESTALE), "Image %s os-release metadata lacks the ID field", name_or_path);
if (prefixes) {
valid_prefixes = strv_split(prefixes, WHITESPACE);

19
src/portable/portabled-image-bus.c
View File

@ -1045,19 +1045,23 @@ int bus_image_acquire(
/* If it's a short name, let's search for it */
r = image_find(IMAGE_PORTABLE, name_or_path, NULL, &loaded);
if (r == -ENOENT)
return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PORTABLE_IMAGE, "No image '%s' found.", name_or_path);
return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PORTABLE_IMAGE,
"No image '%s' found.", name_or_path);
/* other errors are handled below… */
} else {
/* Don't accept path if this is always forbidden */
if (mode == BUS_IMAGE_REFUSE_BY_PATH)
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Expected image name, not path in place of '%s'.", name_or_path);
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS,
"Expected image name, not path in place of '%s'.", name_or_path);
if (!path_is_absolute(name_or_path))
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Image name '%s' is not valid or not a valid path.", name_or_path);
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS,
"Image name '%s' is not valid or not a valid path.", name_or_path);
if (!path_is_normalized(name_or_path))
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Image path '%s' is not normalized.", name_or_path);
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS,
"Image path '%s' is not normalized.", name_or_path);
if (mode == BUS_IMAGE_AUTHENTICATE_BY_PATH) {
r = bus_verify_polkit_async(
@ -1080,7 +1084,9 @@ int bus_image_acquire(
r = image_from_path(name_or_path, &loaded);
}
if (r == -EMEDIUMTYPE) {
sd_bus_error_setf(error, BUS_ERROR_BAD_PORTABLE_IMAGE_TYPE, "Typ of image '%s' not recognized; supported image types are directories/btrfs subvolumes, block devices, and raw disk image files with suffix '.raw'.", name_or_path);
sd_bus_error_setf(error, BUS_ERROR_BAD_PORTABLE_IMAGE_TYPE,
"Type of image '%s' not recognized; supported image types are directories/btrfs subvolumes, block devices, and raw disk image files with suffix '.raw'.",
name_or_path);
return r;
}
if (r < 0)
@ -1120,6 +1126,9 @@ int bus_image_object_find(
return 0;
if (r == 0)
goto not_found;
if (isempty(e))
/* The path is "/org/freedesktop/portable1/image" itself */
goto not_found;
r = bus_image_acquire(m, sd_bus_get_current_message(bus), e, NULL, BUS_IMAGE_REFUSE_BY_PATH, NULL, &image, error);
if (r == -ENOENT)

9
src/resolve/resolved-bus.c
View File

@ -1899,13 +1899,10 @@ static int bus_method_register_service(sd_bus_message *message, void *userdata,
_cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;
_cleanup_(dnssd_service_freep) DnssdService *service = NULL;
_cleanup_(sd_bus_track_unrefp) sd_bus_track *bus_track = NULL;
const char *name, *name_template, *type;
_cleanup_free_ char *path = NULL;
_cleanup_free_ char *instance_name = NULL;
Manager *m = userdata;
DnssdService *s = NULL;
const char *name;
const char *name_template;
const char *type;
Manager *m = userdata;
uid_t euid;
int r;
@ -1953,7 +1950,7 @@ static int bus_method_register_service(sd_bus_message *message, void *userdata,
if (!service->type)
return log_oom();
r = dnssd_render_instance_name(service, &instance_name);
r = dnssd_render_instance_name(m, service, NULL);
if (r < 0)
return r;

4
src/resolve/resolved-dns-answer.c
View File

@ -69,7 +69,7 @@ static int dns_answer_reserve_internal(DnsAnswer *a, size_t n) {
DnsAnswer *dns_answer_new(size_t n) {
_cleanup_ordered_set_free_ OrderedSet *s = NULL;
DnsAnswer *a;
_cleanup_(dns_answer_unrefp) DnsAnswer *a = NULL;
if (n > UINT16_MAX)
n = UINT16_MAX;
@ -90,7 +90,7 @@ DnsAnswer *dns_answer_new(size_t n) {
if (dns_answer_reserve_internal(a, n) < 0)
return NULL;
return a;
return TAKE_PTR(a);
}
static DnsAnswer *dns_answer_free(DnsAnswer *a) {

5
src/resolve/resolved-dns-dnssec.c
View File

@ -778,8 +778,7 @@ static hash_md_t algorithm_to_implementation_id(uint8_t algorithm) {
static void dnssec_fix_rrset_ttl(
DnsResourceRecord *list[],
unsigned n,
DnsResourceRecord *rrsig,
usec_t realtime) {
DnsResourceRecord *rrsig) {
assert(list);
assert(n > 0);
@ -1110,7 +1109,7 @@ int dnssec_verify_rrset(
/* Now, fix the ttl, expiry, and remember the synthesizing source and the signer */
if (r > 0)
dnssec_fix_rrset_ttl(list, n, rrsig, realtime);
dnssec_fix_rrset_ttl(list, n, rrsig);
if (r == 0)
*result = DNSSEC_INVALID;

28
src/resolve/resolved-dns-transaction.c
View File

@ -2211,7 +2211,7 @@ static int dns_transaction_negative_trust_anchor_lookup(DnsTransaction *t, const
return link_negative_trust_anchor_lookup(t->scope->link, name);
}
static int dns_transaction_has_unsigned_negative_answer(DnsTransaction *t) {
static int dns_transaction_has_negative_answer(DnsTransaction *t) {
int r;
assert(t);
@ -2230,14 +2230,7 @@ static int dns_transaction_has_unsigned_negative_answer(DnsTransaction *t) {
r = dns_transaction_negative_trust_anchor_lookup(t, dns_resource_key_name(dns_transaction_key(t)));
if (r < 0)
return r;
if (r > 0)
return false;
/* The answer does not contain any RRs that match to the
* question. If so, let's see if there are any NSEC/NSEC3 RRs
* included. If not, the answer is unsigned. */
return !dns_answer_contains_nsec_or_nsec3(t->answer);
return !r;
}
static int dns_transaction_is_primary_response(DnsTransaction *t, DnsResourceRecord *rr) {
@ -2561,14 +2554,15 @@ int dns_transaction_request_dnssec_keys(DnsTransaction *t) {
* we got. Now, let's request what we need to validate what we
* didn't get... */
r = dns_transaction_has_unsigned_negative_answer(t);
r = dns_transaction_has_negative_answer(t);
if (r < 0)
return r;
if (r > 0) {
const char *name;
const char *name, *signed_status;
uint16_t type = 0;
name = dns_resource_key_name(dns_transaction_key(t));
signed_status = dns_answer_contains_nsec_or_nsec3(t->answer) ? "signed" : "unsigned";
/* If this was a SOA or NS request, then check if there's a DS RR for the same domain. Note that this
* could also be used as indication that we are not at a zone apex, but in real world setups there are
@ -2581,21 +2575,21 @@ int dns_transaction_request_dnssec_keys(DnsTransaction *t) {
r = dns_name_parent(&name);
if (r > 0) {
type = DNS_TYPE_SOA;
log_debug("Requesting parent SOA (→ %s) to validate transaction %" PRIu16 " (%s, unsigned empty DS response).",
name, t->id, dns_resource_key_name(dns_transaction_key(t)));
log_debug("Requesting parent SOA (→ %s) to validate transaction %" PRIu16 " (%s, %s empty DS response).",
name, t->id, dns_resource_key_name(dns_transaction_key(t)), signed_status);
} else
name = NULL;
} else if (IN_SET(dns_transaction_key(t)->type, DNS_TYPE_SOA, DNS_TYPE_NS)) {
type = DNS_TYPE_DS;
log_debug("Requesting DS (→ %s) to validate transaction %" PRIu16 " (%s, unsigned empty SOA/NS response).",
name, t->id, name);
log_debug("Requesting DS (→ %s) to validate transaction %" PRIu16 " (%s, %s empty SOA/NS response).",
name, t->id, name, signed_status);
} else {
type = DNS_TYPE_SOA;
log_debug("Requesting SOA (→ %s) to validate transaction %" PRIu16 " (%s, unsigned empty non-SOA/NS/DS response).",
name, t->id, name);
log_debug("Requesting SOA (→ %s) to validate transaction %" PRIu16 " (%s, %s empty non-SOA/NS/DS response).",
name, t->id, name, signed_status);
}
if (name) {

22
src/resolve/resolved-dnssd.c
View File

@ -136,14 +136,12 @@ static int dnssd_service_load(Manager *manager, const char *filename) {
}
static int specifier_dnssd_hostname(char specifier, const void *data, const char *root, const void *userdata, char **ret) {
DnssdService *s = (DnssdService *) userdata;
const Manager *m = ASSERT_PTR(userdata);
char *n;
assert(s);
assert(s->manager);
assert(s->manager->llmnr_hostname);
assert(m->llmnr_hostname);
n = strdup(s->manager->llmnr_hostname);
n = strdup(m->llmnr_hostname);
if (!n)
return -ENOMEM;
@ -151,7 +149,7 @@ static int specifier_dnssd_hostname(char specifier, const void *data, const char
return 0;
}
int dnssd_render_instance_name(DnssdService *s, char **ret_name) {
int dnssd_render_instance_name(Manager *m, DnssdService *s, char **ret) {
static const Specifier specifier_table[] = {
{ 'a', specifier_architecture, NULL },
{ 'b', specifier_boot_id, NULL },
@ -167,10 +165,11 @@ int dnssd_render_instance_name(DnssdService *s, char **ret_name) {
_cleanup_free_ char *name = NULL;
int r;
assert(m);
assert(s);
assert(s->name_template);
r = specifier_printf(s->name_template, DNS_LABEL_MAX, specifier_table, NULL, s, &name);
r = specifier_printf(s->name_template, DNS_LABEL_MAX, specifier_table, NULL, m, &name);
if (r < 0)
return log_debug_errno(r, "Failed to replace specifiers: %m");
@ -179,7 +178,8 @@ int dnssd_render_instance_name(DnssdService *s, char **ret_name) {
"Service instance name '%s' is invalid.",
name);
*ret_name = TAKE_PTR(name);
if (ret)
*ret = TAKE_PTR(name);
return 0;
}
@ -207,9 +207,7 @@ int dnssd_load(Manager *manager) {
}
int dnssd_update_rrs(DnssdService *s) {
_cleanup_free_ char *n = NULL;
_cleanup_free_ char *service_name = NULL;
_cleanup_free_ char *full_name = NULL;
_cleanup_free_ char *n = NULL, *service_name = NULL, *full_name = NULL;
int r;
assert(s);
@ -221,7 +219,7 @@ int dnssd_update_rrs(DnssdService *s) {
LIST_FOREACH(items, txt_data, s->txt_data_items)
txt_data->rr = dns_resource_record_unref(txt_data->rr);
r = dnssd_render_instance_name(s, &n);
r = dnssd_render_instance_name(s->manager, s, &n);
if (r < 0)
return r;

2
src/resolve/resolved-dnssd.h
View File

@ -53,7 +53,7 @@ DnssdTxtData *dnssd_txtdata_free_all(DnssdTxtData *txt_data);
DEFINE_TRIVIAL_CLEANUP_FUNC(DnssdService*, dnssd_service_free);
DEFINE_TRIVIAL_CLEANUP_FUNC(DnssdTxtData*, dnssd_txtdata_free);
int dnssd_render_instance_name(DnssdService *s, char **ret_name);
int dnssd_render_instance_name(Manager *m, DnssdService *s, char **ret);
int dnssd_load(Manager *manager);
int dnssd_txt_item_new_from_string(const char *key, const char *value, DnsTxtItem **ret_item);
int dnssd_txt_item_new_from_data(const char *key, const void *value, const size_t size, DnsTxtItem **ret_item);

36
src/rpm/triggers.systemd.in
View File

@ -72,37 +72,31 @@ end
-- This script will process files installed in {{SYSUSERS_DIR}} to create
-- specified users automatically. The priority is set such that it
-- will run before the tmpfiles file trigger.
if posix.access("/run/systemd/system") then
pid = posix.fork()
if pid == 0 then
assert(posix.execp("systemd-sysusers"))
elseif pid > 0 then
posix.wait(pid)
end
pid = posix.fork()
if pid == 0 then
assert(posix.execp("systemd-sysusers"))
elseif pid > 0 then
posix.wait(pid)
end
%transfiletriggerin -P 1000700 udev -p <lua> -- {{UDEV_HWDB_DIR}}
-- This script will automatically invoke hwdb update if files have been
-- installed or updated in {{UDEV_HWDB_DIR}}.
if posix.access("/run/systemd/system") then
pid = posix.fork()
if pid == 0 then
assert(posix.execp("systemd-hwdb", "update"))
elseif pid > 0 then
posix.wait(pid)
end
pid = posix.fork()
if pid == 0 then
assert(posix.execp("systemd-hwdb", "update"))
elseif pid > 0 then
posix.wait(pid)
end
%transfiletriggerin -P 1000700 -p <lua> -- {{SYSTEMD_CATALOG_DIR}}
-- This script will automatically invoke journal catalog update if files
-- have been installed or updated in {{SYSTEMD_CATALOG_DIR}}.
if posix.access("/run/systemd/system") then
pid = posix.fork()
if pid == 0 then
assert(posix.execp("journalctl", "--update-catalog"))
elseif pid > 0 then
posix.wait(pid)
end
pid = posix.fork()
if pid == 0 then
assert(posix.execp("journalctl", "--update-catalog"))
elseif pid > 0 then
posix.wait(pid)
end
%transfiletriggerin -P 1000700 -p <lua> -- {{BINFMT_DIR}}

12
src/rpm/triggers.systemd.sh.in
View File

@ -43,23 +43,17 @@
# This script will process files installed in {{SYSUSERS_DIR}} to create
# specified users automatically. The priority is set such that it
# will run before the tmpfiles file trigger.
if test -d "/run/systemd/system"; then
systemd-sysusers || :
fi
systemd-sysusers || :
%transfiletriggerin -P 1000700 udev -- {{UDEV_HWDB_DIR}}
# This script will automatically invoke hwdb update if files have been
# installed or updated in {{UDEV_HWDB_DIR}}.
if test -d "/run/systemd/system"; then
systemd-hwdb update || :
fi
systemd-hwdb update || :
%transfiletriggerin -P 1000700 -- {{SYSTEMD_CATALOG_DIR}}
# This script will automatically invoke journal catalog update if files
# have been installed or updated in {{SYSTEMD_CATALOG_DIR}}.
if test -d "/run/systemd/system"; then
journalctl --update-catalog || :
fi
journalctl --update-catalog || :
%transfiletriggerin -P 1000700 -- {{BINFMT_DIR}}
# This script will automatically apply binfmt rules if files have been

2
src/shared/dissect-image.c
View File

@ -3157,7 +3157,7 @@ int verity_dissect_and_mount(
* First, check the distro ID. If that matches, then check the new SYSEXT_LEVEL value if
* available, or else fallback to VERSION_ID. If neither is present (eg: rolling release),
* then a simple match on the ID will be performed. */
if (required_host_os_release_id) {
if (!isempty(required_host_os_release_id)) {
_cleanup_strv_free_ char **extension_release = NULL;
r = load_extension_release_pairs(dest, dissected_image->image_name, &extension_release);

6
src/shared/extension-release.c
View File

@ -51,13 +51,13 @@ int extension_release_validate(
extension_release_id = strv_env_pairs_get(extension_release, "ID");
if (isempty(extension_release_id)) {
log_debug("Extension '%s' does not contain ID in extension-release but requested to match '%s'",
name, strna(host_os_release_id));
name, host_os_release_id);
return 0;
}
if (!streq_ptr(host_os_release_id, extension_release_id)) {
if (!streq(host_os_release_id, extension_release_id)) {
log_debug("Extension '%s' is for OS '%s', but deployed on top of '%s'.",
name, strna(extension_release_id), strna(host_os_release_id));
name, extension_release_id, host_os_release_id);
return 0;
}

2
src/shared/mkdir-label.c
View File

@ -1,5 +1,7 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */
#include <sys/stat.h>
#include "mkdir-label.h"
#include "selinux-util.h"
#include "smack-util.h"

4
src/sysext/sysext.c
View File

@ -478,6 +478,10 @@ static int merge_subprocess(Hashmap *images, const char *workspace) {
"SYSEXT_LEVEL", &host_os_release_sysext_level);
if (r < 0)
return log_error_errno(r, "Failed to acquire 'os-release' data of OS tree '%s': %m", empty_to_root(arg_root));
if (isempty(host_os_release_id))
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"'ID' field not found or empty in 'os-release' data of OS tree '%s': %m",
empty_to_root(arg_root));
/* Let's now mount all images */
HASHMAP_FOREACH(img, images) {

4
src/test/meson.build
View File

@ -478,6 +478,10 @@ tests += [
[files('test-date.c')],
[files('test-sbat.c'),
[], [], [], 'HAVE_GNU_EFI', '',
['-I@0@'.format(efi_config_h_dir)]],
[files('test-sleep.c')],
[files('test-tpm2.c')],

7
src/test/test-boot-timestamps.c
View File

@ -6,6 +6,7 @@
#include "acpi-fpdt.h"
#include "boot-timestamps.h"
#include "efi-loader.h"
#include "errno-util.h"
#include "log.h"
#include "tests.h"
#include "util.h"
@ -16,7 +17,7 @@ static int test_acpi_fpdt(void) {
r = acpi_get_boot_usec(&loader_start, &loader_exit);
if (r < 0) {
bool ok = r == -ENOENT || r == -EACCES || r == -ENODATA;
bool ok = IN_SET(r, -ENOENT, -ENODATA) || ERRNO_IS_PRIVILEGE(r);
log_full_errno(ok ? LOG_DEBUG : LOG_ERR, r, "Failed to read ACPI FPDT: %m");
return ok ? 0 : r;
@ -35,7 +36,7 @@ static int test_efi_loader(void) {
r = efi_loader_get_boot_usec(&loader_start, &loader_exit);
if (r < 0) {
bool ok = r == -ENOENT || r == -EACCES || r == -EOPNOTSUPP;
bool ok = IN_SET(r, -ENOENT, -EOPNOTSUPP) || ERRNO_IS_PRIVILEGE(r);
log_full_errno(ok ? LOG_DEBUG : LOG_ERR, r, "Failed to read EFI loader data: %m");
return ok ? 0 : r;
@ -56,7 +57,7 @@ static int test_boot_timestamps(void) {
r = boot_timestamps(NULL, &fw, &l);
if (r < 0) {
bool ok = r == -ENOENT || r == -EACCES || r == -EOPNOTSUPP;
bool ok = IN_SET(r, -ENOENT, -EOPNOTSUPP) || ERRNO_IS_PRIVILEGE(r);
log_full_errno(ok ? LOG_DEBUG : LOG_ERR, r, "Failed to read variables: %m");
return ok ? 0 : r;

3
src/test/test-bpf-lsm.c
View File

@ -78,8 +78,7 @@ int main(int argc, char *argv[]) {
if (!can_memlock())
return log_tests_skipped("Can't use mlock()");
r = lsm_bpf_supported();
if (r <= 0)
if (!lsm_bpf_supported(/* initialize = */ true))
return log_tests_skipped("LSM BPF hooks are not supported");
r = enter_cgroup_subroot(NULL);

6
src/test/test-execute.c
View File

@ -1107,6 +1107,12 @@ static void test_exec_condition(Manager *m) {
}
static void test_exec_umask_namespace(Manager *m) {
/* exec-specifier-credentials-dir.service creates /run/credentials and enables implicit
* InaccessiblePath= for the directory for all later services with mount namespace. */
if (!is_inaccessible_available()) {
log_notice("Testing without inaccessible, skipping %s", __func__);
return;
}
test(m, "exec-umask-namespace.service", can_unshare ? 0 : EXIT_NAMESPACE, CLD_EXITED);
}

4
src/test/test-nss-hosts.c
View File

@ -324,7 +324,7 @@ static void test_byname(void *handle, const char *module, const char *name) {
puts("");
test_gethostbyname3_r(handle, module, name, AF_UNSPEC);
puts("");
test_gethostbyname3_r(handle, module, name, AF_LOCAL);
test_gethostbyname3_r(handle, module, name, AF_UNIX);
puts("");
test_gethostbyname2_r(handle, module, name, AF_INET);
@ -333,7 +333,7 @@ static void test_byname(void *handle, const char *module, const char *name) {
puts("");
test_gethostbyname2_r(handle, module, name, AF_UNSPEC);
puts("");
test_gethostbyname2_r(handle, module, name, AF_LOCAL);
test_gethostbyname2_r(handle, module, name, AF_UNIX);
puts("");
test_gethostbyname_r(handle, module, name);

23
src/test/test-sbat.c Normal file
View File

@ -0,0 +1,23 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */
/* We include efi_config.h after undefining PROJECT_VERSION which is also defined in config.h. */
#undef PROJECT_VERSION
#include "efi_config.h"
#include "build.h"
#include "sbat.h"
#include "tests.h"
TEST(sbat_section_text) {
log_info("---SBAT-----------&<----------------------------------------\n"
"%s"
"------------------>&-----------------------------------------",
#ifdef SBAT_DISTRO
SBAT_SECTION_TEXT
#else
"(not defined)"
#endif
);
}
DEFINE_TEST_MAIN(LOG_INFO);

2
src/udev/net/link-config.c
View File

@ -993,7 +993,7 @@ int config_parse_ifalias(
assert(rvalue);
assert(data);
if (!isempty(rvalue)) {
if (isempty(rvalue)) {
*s = mfree(*s);
return 0;
}

2
src/udev/udev-ctrl.c
View File

@ -53,7 +53,7 @@ int udev_ctrl_new_from_fd(UdevCtrl **ret, int fd) {
assert(ret);
if (fd < 0) {
sock = socket(AF_LOCAL, SOCK_SEQPACKET|SOCK_NONBLOCK|SOCK_CLOEXEC, 0);
sock = socket(AF_UNIX, SOCK_SEQPACKET|SOCK_NONBLOCK|SOCK_CLOEXEC, 0);
if (sock < 0)
return log_error_errno(errno, "Failed to create socket: %m");
}

4
src/udev/udevd.c
View File

@ -1661,7 +1661,7 @@ static int listen_fds(int *ret_ctrl, int *ret_netlink) {
return n;
for (fd = SD_LISTEN_FDS_START; fd < n + SD_LISTEN_FDS_START; fd++) {
if (sd_is_socket(fd, AF_LOCAL, SOCK_SEQPACKET, -1) > 0) {
if (sd_is_socket(fd, AF_UNIX, SOCK_SEQPACKET, -1) > 0) {
if (ctrl_fd >= 0)
return -EINVAL;
ctrl_fd = fd;
@ -1979,7 +1979,7 @@ static int main_loop(Manager *manager) {
manager->pid = getpid_cached();
/* unnamed socket from workers to the main daemon */
r = socketpair(AF_LOCAL, SOCK_DGRAM|SOCK_CLOEXEC, 0, manager->worker_watch);
r = socketpair(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0, manager->worker_watch);
if (r < 0)
return log_error_errno(errno, "Failed to create socketpair for communicating with workers: %m");

2
test/TEST-50-DISSECT/test.sh
View File

@ -12,7 +12,7 @@ TEST_INSTALL_VERITY_MINIMAL=1
# shellcheck source=test/test-functions
. "${TEST_BASE_DIR:?}/test-functions"
QEMU_TIMEOUT=600
QEMU_TIMEOUT=1200
command -v mksquashfs >/dev/null 2>&1 || exit 0
command -v veritysetup >/dev/null 2>&1 || exit 0

Some files were not shown because too many files have changed in this diff Show More