Commit Graph

77682 Commits

Author SHA1 Message Date
Ryan Wilson
d8091e1281 Fix PrivatePIDs=yes integration test for kernels with no /proc/scsi 2024-11-08 13:38:35 +09:00
anonymix007
310997d5b4 fundamental: Fix buffer size in get_chid
NUL byte should not be hashed
2024-11-08 00:53:26 +03:00
anonymix007
9f9c847609 fundamental: Fix iteration count in chid_calculate 2024-11-08 00:53:26 +03:00
anonymix007
5d8d7d8e43 fundamental: move string includes from chid-fundamental.c to header 2024-11-08 00:53:26 +03:00
anonymix007
ab7c319268 test: Add chid-fundamental test 2024-11-08 00:53:22 +03:00
Lennart Poettering
0df42ebcd6 sd-varlink: allow that method handles call sd_varlink_close()
It's fine if a method handler closes the connection, deal with it
gracefully.
2024-11-07 22:30:42 +01:00
Daan De Meyer
20c03ed72b
tree-wide: Introduce --certificate-source= option (#35057)
This allows loading the X.509 certificate from an OpenSSL provider
instead of a file system path. This allows loading certficates directly
from hardware tokens instead of having to export them to a file on
disk first.










































<!-- devel-freezer =
{"comment-id":"2460915782","freezing-tag":"v257-rc1"} -->
2024-11-07 21:51:00 +01:00
anonymix007
e266359689 fundamental: Add userspace efi_guid_equal 2024-11-07 22:52:29 +03:00
anonymix007
24677c6787 boot: Fix .dtbauto section number for error reporting 2024-11-07 22:52:29 +03:00
anonymix007
145479f4d0 boot: Fix overflow check for FDT_PROP in devicetree_get_compatible 2024-11-07 22:52:29 +03:00
anonymix007
f935dd74c6 boot: Drop const modifier for smbios_fields and fix smbios_info_done 2024-11-07 22:52:29 +03:00
Daan De Meyer
64cc7ba517 ukify: Introduce --certificate-provider= option
This translates to --certificate-source=provider:<provider> for
signing tools invoked by ukify.
2024-11-07 20:33:08 +01:00
Daan De Meyer
c4bc0fd6de measure: Add pcrpkey verb
This verb writes a public key to stdout extracted from either a public key
path, from a certificate (path or provider) or from a private key (path,
engine, provider). We'll use this in ukify to get rid of the use of the
python cryptography module to convert a private key or certificate to a
public key.
2024-11-07 20:33:08 +01:00
Daan De Meyer
a1d46e3078 tree-wide: Introduce --certificate-source= option
This allows loading the X.509 certificate from an OpenSSL provider
instead of a file system path. This allows loading certficates directly
from hardware tokens instead of having to export them to a file on
disk first.
2024-11-07 20:30:47 +01:00
Daan De Meyer
5619a61829 openssl-util: Set expected object type to private keys
Configures the store to only try to fetch private keys and nothing
else.
2024-11-07 20:24:59 +01:00
Daan De Meyer
4047b99c00 bootctl: Validate private key path 2024-11-07 20:24:59 +01:00
Daan De Meyer
5cca978dae mkosi: Add pytest to tools 2024-11-07 20:24:59 +01:00
Yu Watanabe
dd2bf3141b
Split and rename src/boot (#35068) 2024-11-08 04:13:45 +09:00
Vursc
eb03dffd97 hwdb: fix broken numpad paren keys on Lenovo Thinkbook 16 G6+ 2024 2024-11-08 04:09:55 +09:00
Zbigniew Jędrzejewski-Szmek
56f9a56a6f man: update Fedora links to F41 2024-11-07 16:55:53 +01:00
Zbigniew Jędrzejewski-Szmek
579e905ffe NEWS: add specific versions in key codes entry
This should be easier for folks to consume.

Refs:
https://lists.x.org/archives/xorg-announce/2024-October/003543.html
https://lists.x.org/archives/xorg-announce/2024-October/003544.html
2024-11-07 16:55:53 +01:00
Anselm Schueler
73f4882ef3 po: Translated using Weblate (German)
Currently translated at 89.8% (231 of 257 strings)

Co-authored-by: Anselm Schueler <mail@anselmschueler.com>
Translate-URL: https://translate.fedoraproject.org/projects/systemd/main/de/
Translation: systemd/main
2024-11-07 15:48:31 +01:00
Zbigniew Jędrzejewski-Szmek
9a10d7eae5 github: adjust version number in templates
Most people are probably on stable releases, but we don't want to update the
minor version all the time, so just specify 256.x as a hint to fill in the
full version.
2024-11-07 15:39:30 +01:00
Zbigniew Jędrzejewski-Szmek
97318131fd Rename src/boot/efi to just src/boot
I very much dislike the approach in which we were mixing Linux and UEFI C code
in the same subdirectory. No code was shared between two environments. This
layout was created in e7dd673d1e, with the
justification of "being more consistent with the rest of systemd", but I don't
see how it's supposed to be so.

Originally, when the C code was just a single bootctl.c file, this wasn't so
bad. But over time the userspace code grew quite a bit. With the moves done in
previuos commits, the intermediate subdirectory is now empty except for the
efi/ subdir, and this additional subdirectory level doesn't have a good
justification. The components is called "systemd-boot", not "systemd-efi", and
we can remove one level of indentation.
2024-11-07 14:52:06 +01:00
Zbigniew Jędrzejewski-Szmek
5ffff673ac Move systemd-sbsign to its own source subdirectory
It's already two files, and I expect that more will come. It's nicer to give
its own subdirectory to maintain consistent structure.
2024-11-07 14:51:43 +01:00
Zbigniew Jędrzejewski-Szmek
1dabec0056 Move systemd-measure to its own source subdirectory
We have other subdirectories with just a single C file. And I expect
that systemd-measure will only grow over time, adding new functionality.
It's nicer to give its own subdirectory to maintain consistent structure.
2024-11-07 14:50:53 +01:00
Zbigniew Jędrzejewski-Szmek
daf72e8df1 Move bless-boot components to their own source subdirectory 2024-11-07 14:50:41 +01:00
Zbigniew Jędrzejewski-Szmek
0b676aab33 Move bootctl to its own source subdirectory
It's been split into a bunch of files and deserves its own subdirectory
similarly to systemctl.
2024-11-07 14:15:00 +01:00
Luca Boccassi
bb5936f7f3 man: fix typos flagged by Lintian 2024-11-07 18:51:21 +09:00
Yu Watanabe
869fe6c9e4
Translations update from Fedora Weblate (#35060) 2024-11-07 18:50:23 +09:00
Luca Boccassi
9a032ec55a test: fix assertion on build system
/* test_path_is_network_fs_harder */
src/test/test-mount-util.c:541: Assertion failed: expected "path_is_network_fs_harder("/")" to succeed but got the following error: Invalid argument

https://buildd.debian.org/status/fetch.php?pkg=systemd&arch=all&ver=257%7Erc1-1&stamp=1730945197&raw=0

Follow-up for d49d95df0a
2024-11-07 18:48:44 +09:00
Oğuz Ersen
100ceecc6c po: Translated using Weblate (Turkish)
Currently translated at 100.0% (257 of 257 strings)

Co-authored-by: Oğuz Ersen <oguz@ersen.moe>
Translate-URL: https://translate.fedoraproject.org/projects/systemd/main/tr/
Translation: systemd/main
2024-11-07 10:48:25 +01:00
Luna Jernberg
af76e987e8 po: Translated using Weblate (Swedish)
Currently translated at 100.0% (257 of 257 strings)

Co-authored-by: Luna Jernberg <bittin@reimu.nl>
Translate-URL: https://translate.fedoraproject.org/projects/systemd/main/sv/
Translation: systemd/main
2024-11-07 10:48:25 +01:00
Sergey A
d73735fbe1 po: Translated using Weblate (Russian)
Currently translated at 100.0% (257 of 257 strings)

Co-authored-by: Sergey A <Ser82-png@yandex.ru>
Translate-URL: https://translate.fedoraproject.org/projects/systemd/main/ru/
Translation: systemd/main
2024-11-07 10:48:25 +01:00
Piotr Drąg
01aafdf637 po: Translated using Weblate (Polish)
Currently translated at 100.0% (257 of 257 strings)

Co-authored-by: Piotr Drąg <piotrdrag@gmail.com>
Translate-URL: https://translate.fedoraproject.org/projects/systemd/main/pl/
Translation: systemd/main
2024-11-07 10:48:25 +01:00
Andika Triwidada
67c1f6bf04 po: Translated using Weblate (Indonesian)
Currently translated at 100.0% (257 of 257 strings)

Co-authored-by: Andika Triwidada <andika@gmail.com>
Translate-URL: https://translate.fedoraproject.org/projects/systemd/main/id/
Translation: systemd/main
2024-11-07 10:48:25 +01:00
Léane GRASSER
b0cb4c70a9 po: Translated using Weblate (French)
Currently translated at 100.0% (257 of 257 strings)

Co-authored-by: Léane GRASSER <leane.grasser@proton.me>
Translate-URL: https://translate.fedoraproject.org/projects/systemd/main/fr/
Translation: systemd/main
2024-11-07 10:48:25 +01:00
Temuri Doghonadze
e75d25ac1e po: Translated using Weblate (Georgian)
Currently translated at 100.0% (257 of 257 strings)

Co-authored-by: Temuri Doghonadze <temuri.doghonadze@gmail.com>
Translate-URL: https://translate.fedoraproject.org/projects/systemd/main/ka/
Translation: systemd/main
2024-11-07 10:48:25 +01:00
김인수
d9b96bf093 po: Translated using Weblate (Korean)
Currently translated at 100.0% (257 of 257 strings)

Co-authored-by: 김인수 <simmon@nplob.com>
Translate-URL: https://translate.fedoraproject.org/projects/systemd/main/ko/
Translation: systemd/main
2024-11-07 10:48:25 +01:00
Antonio Alvarez Feijoo
215292d09e sbsign: remove unimplemented options 2024-11-07 09:47:50 +00:00
Yu Watanabe
fed7857672 NEWS: fix typo
Follow-up for a6d7cc74d6.
2024-11-07 10:05:32 +09:00
Lennart Poettering
c8d45ebfd6 update TODO 2024-11-06 22:19:01 +01:00
Lennart Poettering
acc8bae0b3 NEWS: various cleanups 2024-11-06 22:18:55 +01:00
Lennart Poettering
a6d7cc74d6 NEWS: various cleanups 2024-11-06 21:50:56 +01:00
Adrian Vovk
31616d00ef
sysupdated: Permit mount namespaces
dissect-image tries to use mount namespaces to dissect images without
polluting the host mounts. This change allows it to do that.
2024-11-06 15:44:11 -05:00
Adrian Vovk
a509603b2e
sysupdated: Make sure targets we skip are skipped
We'd log that we're skipping the target, but it would never actually get
removed from the manager's list. Thus, we'd advertise targets that don't
actually exist to clients.

In the original version of the sysupdated PR, this was handled by
removing the target from the manager's list in target_free, and using a
_cleanup_ attribute to free the target when skipping. However, this
changed at some point during review. So, this commit takes the
alternative approach
2024-11-06 15:44:10 -05:00
Luca Boccassi
d80d7a2f2a
docs: fix sbsign manpage syntax and add to list, update release instructions (#35055)
<!-- devel-freezer =
{"comment-id":"2460595245","freezing-tag":"v257-rc1"} -->
2024-11-06 20:18:43 +00:00
Luca Boccassi
088793239e docs: add reminder to run update-man-rules before tagging a release 2024-11-06 19:21:14 +00:00
Luca Boccassi
94a46c20da docs: remove 'v' prefix from meson.version
It is actually v-less
2024-11-06 19:20:00 +00:00
Luca Boccassi
d6f4c96b10 man: run update-man-rules 2024-11-06 19:19:13 +00:00