Where we have a device that looks like a mouse and is connected over i2c, tag
it as pointing stick. There is no such thing as a i2c mouse.
Even touchpads that aren't recognized by the kernel will not show up as i2c
mouse - either the touchpad follows the Win8.1 specs in which case the kernel
switches it to multitouch mode and it shows up like a touchpad. The built-in
trackpoint, if any, is then the i2c mouse device.
Where the touchpad doesn't follow the spec, the kernel will not handle it and
the touchpad remains on the PS/2 legacy bus - not i2c. Hence we can assume
that any i2c mouse device is really a pointing stick.
This prevents an error in pam_systemd when logging in.
sshd[2623165]: pam_unix(sshd:session): session opened for user tony.stark(uid=10001) by (uid=0)
sshd[2623165]: pam_systemd(sshd:session): Failed to get user record: Invalid argument
Bug: https://bugs.gentoo.org/708824
Currently, if deactivation of the primary swap unit fails:
# LANG=C systemctl --no-pager stop dev-mapper-fedora\\x2dswap.swap
Job for dev-mapper-fedora\x2dswap.swap failed.
See "systemctl status "dev-mapper-fedora\\x2dswap.swap"" and "journalctl -xe" for details.
then there are still the running stop jobs for all the secondary swap units
that follow the primary one:
# systemctl list-jobs
JOB UNIT TYPE STATE
3233 dev-disk-by\x2duuid-2dc8b9b1\x2da0a5\x2d44d8\x2d89c4\x2d6cdd26cd5ce0.swap stop running
3232 dev-dm\x2d1.swap stop running
3231 dev-disk-by\x2did-dm\x2duuid\x2dLVM\x2dyuXWpCCIurGzz2nkGCVnUFSi7GH6E3ZcQjkKLnF0Fil0RJmhoLN8fcOnDybWCMTj.swap stop running
3230 dev-disk-by\x2did-dm\x2dname\x2dfedora\x2dswap.swap stop running
3234 dev-fedora-swap.swap stop running
5 jobs listed.
This remains endlessly because their JobTimeoutUSec is infinity:
# LANG=C systemctl show -p JobTimeoutUSec dev-fedora-swap.swap
JobTimeoutUSec=infinity
If this issue happens during system shutdown, the system shutdown appears to
get hang and the system will be forcibly shutdown or rebooted 30 minutes later
by the following configuration:
# grep -E "^JobTimeout" /usr/lib/systemd/system/reboot.target
JobTimeoutSec=30min
JobTimeoutAction=reboot-force
The scenario in the real world seems that there is some service unit with
KillMode=none, processes whose memory is being swapped out are not killed
during stop operation in the service unit and then swapoff command fails.
On the other hand, it works well in successful case of swapoff command because
the secondary jobs monitor /proc/swaps file and can detect deletion of the
corresponding swap file.
This commit fixes the issue by finishing the secondary swap units' jobs if
deactivation of the primary swap unit fails.
Fixes: #11577
If the peripheral device type is that of a host managed zone block device (0x14),
the device supports the same identification mechanisms as conventional disks (0x00).
The problem with the original form is that the subject of the sentence with
passive void is "the system", and we're not inhibiting the system. In English
the sense can be made out, but the form is gramatically incorrect.
In fact, the Polish translation got this wrong:
> msgid "Power off the system while an application is inhibiting this"
> msgstr "Wyłączenie systemu, kiedy program zażądał jego wstrzymania"
"jego" can only refer to "the system", because of gender mismatch with "power
off". If our translators cannot grok the message, then we should probably reword
it.
Also, drop the "asked to" part. Everything we do is over IPC, so we only ever
"ask" for things, and this adds no value.
"home" is okay-ish in English, but rather awkward in many other languages.
For example, even before this change, in fr.po we had "un espace personnel"
as the translation everywhere. Let's use a less overloaded term.
Fixes#14789.
If portablectl detach --now is used, there's a possible race condition
where the unit is not stopped in time before the detach is attempted,
which causes it to fail.
Add a DBUS call to block after starting/stopping if --now is passed,
and add a --no-block parameter to skip it optionally when starting,
since it is not necessary in that case for correct functioning.
The enum used for column names is integer type while table_set_display() is parsing
arguments on size_t alignment which may result in assert in table_set_display() if
the size between types missmatch. This patch cast the enums to size_t.
It also fixes all other occurences for table_set_display() and
table_set_sort().
The enum used for column names is integer type while table_set_display() is parsing
arguments on size_t alignment which may result in assert in table_set_display() if
the size between types missmatch. This patch cast the enums to size_t.
An alternative solution would be to change the table_set_display() function
arguments to unsigned type.
In order to allow other parts of systemd-networkd to use sets/hashmaps
of Address objects, the address_hash_ops structure needs to be made
available to them.
The RFC 7217 (prefixstable) algorithm can use Duplicate Address
Detection to produce multiple candidate addresses, but the implementation
here does not currently employ that mechanism.
This error message will be emitted when any form of SLAAC address
generation fails, not just 'prefix stable', so the message should
only refer to SLAAC.
The logic which can produce an IPv6 address using SLAAC produces an
address, not a prefix, so the boolean variable used to detect whether
it succeeded should reflect that.
Add shortcuts to enable and start, or disable and stop, portable
services with a single portablectl command.
Allow to pass a filter on detach, as it's necessary to call
GetImageMetadata to get the unit names associated with an image.
Fixes#10232
9e48626571 added some new syscalls to the
filter lists. However, on systems that do not yet support the new calls,
running systemd-run with the filter set results in error:
```
$ sudo systemd-run -t -r -p "SystemCallFilter=~@mount" /bin/true
Failed to start transient service unit: Invalid argument
```
Having the same properties in a unit file will start the service
without issue. This is because the load-fragment code will parse the
syscall filters in permissive mode:
https://github.com/systemd/systemd/blob/master/src/core/load-fragment.c#L2909
whereas the dbus-execute equivalent of the code does not.
Since the permissive mode appears to be the right setting to support
older kernels/libseccomp, this will update the dbus-execute parsing
to also be permissive.
Instead of setting the bus error structure and then freeing it, let's only set
it if used. If we will ignore the selinux denial, say ", ignore" to make this
clear. Also, use _cleanup_ to avoid gotos.
../src/core/selinux-access.c: In function ‘mac_selinux_generic_access_check’:
../src/basic/log.h:223:27: error: ‘%s’ directive argument is null [-Werror=format-overflow=]
../src/core/selinux-access.c:235:85: note: format string is defined here
235 | log_warning_errno(errno, "SELinux getcon_raw failed (tclass=%s perm=%s): %m", tclass, permission);
| ^~
I wonder why nobody ever noticed this.
Fixes#14691 (other issues listed in that ticket have already been fixed).
For #8495: it is arguably useful to not show the length of the password
in public spaces. It is possible to press TAB or BS to cancel the asterisks,
but this is not very discoverable. Let's make it discoverable by showing
a message (in gray). The message is "erased" after the first character
is entered.
test-ask-password-api would crash if ^D was pressed.
If think the callers generally expect a non-empty strv as reply. Let's
return an error if we have nothing to return.
Also modernize test-ask-password-api a bit.
Let systemd create the dummy file where a device node will be mounted on with the default label for the parent directory (e.g. /tmp/namespace-dev-yTMwAe/dev/).
Fixes: #13762
Inside format_bytes, we return NULL if the value is UINT64_MAX. This
makes some kind of sense where this has some other semantic meaning than
being a value, but in this case the value is both a.) not the default
(so we definitely want to display it), and b.) means "infinity" (or
"max" in cgroup terminology).
This patch adds a small wrapper around format_bytes that can be used for
these cases, to avoid the following situation:
[root@tangsanjiao ~]# cat /sys/fs/cgroup/workload.slice/memory.low
max
[root@tangsanjiao ~]# systemctl show workload.slice -p MemoryLow
MemoryLow=infinity
[root@tangsanjiao ~]# systemctl status workload.slice | grep low:
Memory: 14.9G (low: (null))
After the patch:
[root@tangsanjiao ~]# systemctl status workload.slice | grep low:
Memory: 15.1G (low: infinity)
Provide names to choose between different auto-generation types:
2.1 "eui64" for EUI-64 of RFC 4291
2.2 "prefixstable" for RFC 7217
```
[Match]
Name=veth99
[Network]
DHCP=no
IPv6AcceptRA=yes
IPv6Token=prefixstable:2001:888:0db8:1::
```
Previously, when doing an async PK query we'd store the original
callback/userdata pair and call it again after the PK request is
complete. This is problematic, since PK queries might be slow and in the
meantime the userdata might be released and re-acquired. Let's avoid
this by always traversing through the message handlers so that we always
re-resolve the callback and userdata pair and thus can be sure it's
up-to-date and properly valid.
When authorizing via PolicyKit we want to process incoming method calls
twice: once to process and figure out that we need PK authentication,
and a second time after we aquired PK authentication to actually execute
the operation. With this new call sd_bus_enqueue_for_read() we have a
way to put an incoming message back into the read queue for this
purpose.
This might have other uses too, for example debugging.
When we do an async pk request, let's store which action/details we used
for the original request, and when we are called for the second time,
let's compare. If the action/details changed, let's not allow the access
to go through.
Relevant when testing in permissive mode, where the function does not return a failure to the client.
This helps to configure a system in permissive mode, without getting surprising failures when switching to enforced mode.
`log_enforcing()` and `log_enforcing_errno()` are only used for important messages, which describe failures in enforced mode.
They are guarded either by `!mac_selinux_use()` or `!label_hnd` checks, where the latter is itself guarded by the former.
Only SELinux enabled systems print these logs.
This helps to configure a system in permissive mode, without getting surprising failures when switching to enforced mode.
This never made into a release, so we can change the name with impunity.
Suggested by Davide Pesavento.
I opted to add the "ing" ending. "Fair queuing" is the name of the general
concept and algorithm, and "Fair queue" is mostly used for the implementation
name.
Fixes systemd build in Fedora rawhide.
The old ldsdir option is not useful, because both the directory and the
file name changed. Let's remove the option and try to autodetect the file
name. If this turns out to be not enough, a new option to simply specify
the full path to the file can be added.
F31:
efi arch: x86_64
EFI machine type: x64
EFI CC ccache cc
EFI lds: /usr/lib64/gnuefi/elf_x64_efi.lds
EFI crt0: /usr/lib64/gnuefi/crt0-efi-x64.o
EFI include directory: /usr/include/efi
F32:
efi arch: x86_64
EFI machine type: x64
EFI CC ccache cc
EFI lds: /usr/lib/gnuefi/x64/efi.lds
EFI crt0: /usr/lib/gnuefi/x64/crt0.o
EFI include directory: /usr/include/efi
Two releases ago we started warning about this, and I think it is now to turn
this into a hard error. People get bitten by this every once in a while, and
there doesn't see to be any legitimate use case where the same .link or
.network files should be applied to _all_ interfaces, since in particular that
configuration would apply both to lo and any other interfaces. And if for
whatever reason that is actually desired, OriginalName=* or Name=* can be
easily added to silence the warning and achieve the effect.
(The case described in #12098 is particularly nasty: 'echo -n >foo.network'
creates a mask file, 'echo >foo.network' creates a "match all" file.)
Fixes#717, #12098 for realz now.