Current operation of system-update-cleanup.service (removing /system-update
symlink and rebooting) implies that any update must complete *before*
system-update.target is reached.
Update recommendations to include explicitly setting
Before=system-update.target in services that use offline-updates mode.
Signed-off-by: Michael Zhivich <mzhivich@akamai.com>
Let's hide non-UTF-8 locales by default. It's 2019 after all.
Let's add an undocumented env var to reenable listing them though.
This should substantially shorten the list of choices we offer users,
and only show realistic choices.
note that only firstboot and localectl make use of this information, and
both allow configuration of values outside of these lists, hence all
this change does is hide legacy options, but they are still available if
you know what you do, and that's how it should be.
When DHCP or any other dynamic addresses are changed, then
link_request_set_routes() is invoked, and even if no static routes
are configured, the operational state is needlessly changed to
configuring state.
This makes the state is changed only when static routes are configured.
Apparently PAM reacts differently on different systems (?) and if no
authoritative matching module is found might either succeed/fail,
depending on the system.
Let's lock this down explicitly, by hooking in pam_deny.so.
Of course, these PAM files are just examples, and no distro in its right
mind would ship these unmodified, but let's default to something safe.
Fixes: #12950
Let's remove some unnecessary confusion around signed/unsigned types for
log levels. Let's just stick to signed, because that is what glibc
generally appears to use.
While we are at it, add explicit logging for all error causes.
let's add [static] where it was missing so far
Drop [static] on parameters that can be NULL.
Add an assert() around parameters that have [static] and can't be NULL
hence.
Add some "const" where it was forgotten.
Let's drop the 'static' logic when a parameter can be NULL.
I think asan/ubsan are right here, judging by the C99 spec language:
"A declaration of a parameter as ‘‘array of type’’ shall be adjusted to
‘‘qualified pointer to type’’, where the type qualifiers (if any) are
those specified within the [ and ] of the array type derivation. If the
keyword static also appears within the [ and ] of the array type
derivation, then for each call to the function, the value of the
corresponding actual argument shall provide access to the first element
of an array with at least as many elements as specified by the size
expression."
If we specify NULL, then we certainly don't pvode access to any valid
array.
Fixes: #13039
This decorator tells compilers that the memory we return is shorter than
it actually is, thus triggering misleading bad memory access complaints.
Fixes: #13026
