Chanwoo Choi [Thu, 11 Jul 2024 12:51:08 +0000 (21:51 +0900)]
units: Add SmackProcessLabel under [Service] section for poweroff/reboot/exit service
Need to contain SmackProcessLabel under [Service] section
to keep the security-config rule.
Change-Id: I72be4c689d86a1dcf3967aa9563c74a903e4479d
Signed-off-by: Chanwoo Choi <cw00.choi@samsung.com>
Karol Lewandowski [Wed, 10 Jul 2024 15:54:47 +0000 (17:54 +0200)]
tizen: Drop more unused scripts and binaries
Change-Id: I37dd573d6a7188e78cbf432bf3975449a5d485bb
Karol Lewandowski [Wed, 10 Jul 2024 15:09:31 +0000 (17:09 +0200)]
tizen: Ensure all .service files have necessary SmackProcessLabel= tag
This is needed for security-config checker script only, as the labels
are set anyway via DefaultSmackProcessLabel=System.
Change-Id: I19ccdf6b8fc042f5a8c755f2ca2d996a6c121e60
Łukasz Stelmach [Fri, 21 Jun 2024 21:27:38 +0000 (23:27 +0200)]
fixup! tizen: socket: Serialize auxiliary file descriptors
Łukasz Stelmach [Tue, 28 May 2024 14:56:03 +0000 (16:56 +0200)]
Revert "execute: Call capability_ambient_set_apply even if ambient set is 0"
With ambient capabilities being dropped at the start of process managers
(both system and user) as well as systemd-executor it isn't necessary
to drop them here. Moreover, at this point also the inheritable set can
be preserved. This makes it possible to assign a user session manager
inheritable capabilities which combined with file capabilites (ei sets)
of service executables enable running user services with capabilities
but only when started by the manager.
This reverts commit
943800f4e7728feb2416dd57b8c296614497b94f.
Change-Id: I479f6268373ac8b0772f9ac56dd52f45e6003705
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
Forwarded: https://github.com/systemd/systemd/pull/32937
Łukasz Stelmach [Mon, 20 May 2024 14:51:55 +0000 (16:51 +0200)]
core: drop ambient capabilities in systemd-executor
Since the commit
963b6b906e ("core: drop ambient capabilities in
user manager") systemd running as the session manager has dropped ambient
capabilities retaining other sets allowing user services to be started
with elevated capabilities. This, worked fine until the introduction of
sd-executor. For a non-root process to be started with elevated
capabilities by a non-root parent it either needs file capabilities or
ambient capabilities in the parent process. Thus, systemd needs to allow
sd-executor to inherit its ambient capabilities and sd-executor should
drop them as systemd did before.
The ambient set is managed for both system and session managers, but
with the default set for PID#1 being empty, this code does not affect
operation of PID#1.
Change-Id: I79d2ea9519c574cf1be764b26ac62f1144fa16ca
Fixes:
bb5232b6a3 ("core: add systemd-executor binary")
Forwarded: https://github.com/systemd/systemd/pull/32937
Łukasz Stelmach [Wed, 3 Apr 2024 14:01:50 +0000 (16:01 +0200)]
packaging: add packaging for systemd v255
Change-Id: Ia0f22c8846e88313549ac92fa3239ceda9e2c999
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
Łukasz Stelmach [Tue, 23 Apr 2024 15:10:30 +0000 (17:10 +0200)]
tizen: Install tmpfiles.d/legacy.conf
Change-Id: Ic17b4b218f7585e7ef8d8be5e19459a8dc146a01
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
Kunhoon Baik [Wed, 10 Aug 2016 13:02:22 +0000 (22:02 +0900)]
tizen: configuration files
The following commits were squashed:
- Ibef1d780d3a711b9251cddc41b16c91a154951e2
- I633bf5a15041da8f40f8cde66e488c1b14f25045
- I6b36320191fcc69d5b45cfec5b27a462d0ab8310
- I9aa53189eae878464acba58b5fdd490f6b3ba7f8
- I49f402d56f83700fe7528eab3e034cd845afc0a2
- I550c07ede30a0bb70a9bb3ca00d5771e1722826b
- I0523d4cc46ce2edd05e479e9101c6d20f70b4296
- Ia3759dea4fb248aa88dcd303a4ae4a400d89f580
--8<-------------------------------------------------------->8---
Disable shutdown watchdog as default
Note: The original commit altered the source rather than configuration.
--8<-------------------------------------------------------->8---
Modification of journald configuration for minimal log saving
There were several requirements for minimal disk log.
Especially, Default Tizen tries to keep the the log size under 10MB
because Tizen provides other logging system DLOG.
--8<-------------------------------------------------------->8---
journald: Limit system journal size to 10M
In v219, journald implicitly limits system journal(/var/log/journal) size
to 8MB(twice of the minimum journal file size) with SystemMaxUse=0 setting.
But in v231, journald doesn't stop allocating when max_use is 0.
--8<-------------------------------------------------------->8---
journald: Limit system journal size from 10M to 4M
A journald always loads two journal files (one is current and the other
is just before) in memory using mmap. So it always consumes as much
memory as file size.
A journald rotates the log in 8 files. Each log file has a SystemMaxUse/8
size. (But the minimum value is 512k.)
So SystemMaxUse is 4M to minimize memory usage. (512k * 8 = 4M)
sh-3.2# memps `pidof systemd-journald`
S(CODE) S(DATA) P(CODE) P(DATA) ADDR(start-end) OBJECT NAME
-------- -------- -------- -------- -----------------------------------------------
4 0 508 0
f6d80000-
f6ec0000 /opt/var/log/journal/
999fcdd05c714da0859337c08df2230e/system@
800f735a88e44c35bc7cca47\
9a6984b1-
00000000000015ad-
000561d5c48aab1f.journal
0 4 302 0
f6c40000-
f6d80000 /opt/var/log/journal/
999fcdd05c714da0859337c08df2230e/system.journal
--8<-------------------------------------------------------->8---
Set the default deny policy for system dbus
org.freedesktop.locale1.conf - send: deny, own: deny
org.freedesktop.login1.conf - send: deny, own: deny
org.freedesktop.systemd1.conf - send: deny, own: deny
--8<-------------------------------------------------------->8---
D-Bus policy configs: fixed rules
Removed duplicate rules in all three configs, and specified proper sender
for receiving ActivationRequest signal in org.freedesktop.systemd1.conf.
--8<-------------------------------------------------------->8---
logind: change the power key to disabled
Tizen does not support power off without deviced.
So, you need to turn off the power key function in logind.
1. Disable TAG+="power-switch" uevent rules because logind uses
"power-switch" uevent to recognize the power key.
2. Change default behavior for power key to ignore.
--8<-------------------------------------------------------->8---
tizen: Set DefaultSmackProcessLabel to User
Run user session services with the User SMACK label instead of
System::Privileged inherited from systemd.
--8<-------------------------------------------------------->8---
tizen: DefaultSmackProcessLabel=System
Since most system services run with the System SMACK label, to avoid
unnecessary modification to unit files, which results in conflicts
during upgrades, set System as the default label.
--8<-------------------------------------------------------->8---
Author: Kunhoon Baik <knhoon.baik@samsung.com>
Author: Mateusz Moscicki <m.moscicki2@partner.samsung.com>
Author: Adrian Szyndela <adrian.s@samsung.com>
Signed-off-by: Hyeongsik Min <hyeongsik.min@samsung.com>
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
WIP: system.conf.in RebootWatchdogSec=off
Change-Id: I3dda6588884dc804fd944e6385c825865656917b
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
Michal Bloch [Mon, 8 Feb 2021 14:06:03 +0000 (15:06 +0100)]
tizen: dlog
The following commits were squashed.
Change Ids:
- Icf7224d1fabd4cdb45971ac9314ed4d19d220bbb
- I5682de7dce014f76f403406ef73c7bd5a9661d5e
- I5bcc23a74950d2d8ae0db2ecabf5ea14d358b0ec
- I5682de7dce014f76f403406ef73c7bd5a9661d5f
- Ia14de6aeff3828aa0d6a27210fa96c53ee577c8d
--8<-------------------------------------------------------->8---
Basic PoC for DLog stdout redirector
Set Standard{Output,Error}=dlog in a service file,
or DefaultStandard{Output,Error}=dlog for global.
Note that setting the global default should only
really be done if DLog is working under the Android
Logger backend, since the Pipe backend daemon is
not really available early on which can make early
daemons fail.
--8<-------------------------------------------------------->8---
Add "dlog|journal" output redirection option
Journal seems to default to /dev/null even when not explicitly
specified, so there is no separate "dlog|journal|null".
--8<-------------------------------------------------------->8---
Use new dlog-redirect-stdout api function
--8<-------------------------------------------------------->8---
Redirect stdout/stderr to dlog by default
--8<-------------------------------------------------------->8---
Fix an error on dlog-redirection
When both stdout and stderr are set as dlog, log tag and priority of
stderr is not set properly.
--8<-------------------------------------------------------->8---
Signed-off-by: Michal Bloch <m.bloch@samsung.com>
Signed-off-by: Chanwoo Choi <cw00.choi@samsung.com>
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
Signed-off-by: Junghak Sung <jh1009.sung@samsung.com>
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
Łukasz Stelmach [Thu, 4 Apr 2024 13:41:54 +0000 (15:41 +0200)]
tizen: test-runner
The following commits were squashed:
-
8bffaa8df51d26cf58cc0080062f6f35d094374a
-
f7dad5e3e6a2fc19b8edaba5eb14641ce3c7b19f
-
7babb0023de78f342ba4673469a62dbfb79b1937
-
abb5094f9509c92058669adb68fda97b99fe7244
-
cbff03980cc28233d3fa1ca1481336a10935dfa7
--8<-------------------------------------------------------->8---
sd-bus: add support for 'dbus-integration-tests' framework
--8<-------------------------------------------------------->8---
systemd-tests: set common output format
--8<-------------------------------------------------------->8---
license:change test-runner's license from Apache 2.0 to BSD-2-clause
To avoid license conflict between LGPL-2.1 and Apache-2.0, change it.
--8<-------------------------------------------------------->8---
tests: correct test-bus-benchmark test name
Additionally, move the entry to the alphabetically correct position after
the name change.
--8<-------------------------------------------------------->8---
sdbus: kdbus: add test for adding async signal match
--8<-------------------------------------------------------->8---
Change-Id: I23fe21cafe95156846cfc76807fb2305a102be52
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
Karol Lewandowski [Wed, 19 Jul 2023 13:29:26 +0000 (15:29 +0200)]
tizen: Use openssl3 if needed
This commit updates ssl dependency to openssl3.
However, in default tizen configuration openssl is not
used at all as only component using it (systemd-resolved,
as enabled/disabled via -Dresolve=true/false) is disabled.
Change-Id: I3a51139cef21ce80acecfef84f5c3a47a7d7cca1
Michal Bloch [Mon, 23 Jan 2023 18:32:00 +0000 (19:32 +0100)]
tizen: Make an assertion stricter (SVACE)
Change-Id: I88e5ea15729c2d65638b5eb208d7c2c800010f14
Łukasz Stelmach [Tue, 28 Jun 2022 13:31:24 +0000 (15:31 +0200)]
tizen: Set AmbientCapabilities in user@.service
Replace[*] obsolete Capabilities option in user@.service with
AmbientCapabilities to provide appropriate set of capabilties for systemd
to manage user session.
According to capability set transformation rules described in
capabilities(7)
if a process with nonzero user IDs performs an execve(2) then any
capabilities that are present in its permitted and effective
sets will be cleared.
This means that for systemd running with nonzero UID (i.e. as the user
session manager) to keep permitted and effective capability
sets non-empty without setting file capabilities for systemd it is
required to use ambient capabilities.
Using file capabilities for systemd may be a wrong choice in the long
term, because different sets of capabilities may be assigned to different
user sessions.
[*] During update to v255 previous commits changing the value of the
Capabilities options were dropped.
Change-Id: I479fbbcf153737dbf88340ef4eb4be15d707a9a4
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
Hyotaek Shim [Thu, 2 Jun 2022 07:53:13 +0000 (16:53 +0900)]
tizen: Refuse daemon-reload request during boot time
daemon-reload operations can empty the cgroup procs of transient unit,
resulting in user@5001.service stop.
org.freedesktop.systemd1.Manager.Reload
V
unit_free()
V
unit_unwatch_pid() Unit=user-5001.slice <-- tlm-sessiond
V
/sys/fs/cgroup/systemd/user.slice/user-5001.slice/session-c1.scope becomes empty
V
systemd-logind removes session-c1.scope by garbage collection
V
user@5001.service stops
Change-Id: I6195ed25a99c8506534b3bc8d72fbf83906b107c
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
Hyotaek Shim [Thu, 26 May 2022 09:05:29 +0000 (18:05 +0900)]
tizen: Remove StopWhenUnneeded=yes in user-runtime-dir@.service.in
user-runtime-dir@.service should never stop.
When it stops,
user@5001.service(Requires=user-runtime-dir.service) stops accordingly.
Change-Id: I24f5780ab0eebcfbd2efa4c75141f817a9242bca
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
Karol Lewandowski [Thu, 24 Mar 2022 16:03:56 +0000 (17:03 +0100)]
tizen: mount /run/user/UID with noexec
There is no point in having /run/user/UID mounted with exec, especially
that /run itself is mounted with noexec.
Change-Id: I16d46c3f3103205edf81764ca479ee0a569f90f7
Karol Lewandowski [Tue, 25 Jan 2022 17:20:21 +0000 (18:20 +0100)]
tizen: ensure standard reboot/poweroff not return to shell
Change-Id: Iece3b236f3f2848179dacd3a7ac8afdb008af482
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
Hyotaek Shim [Wed, 9 Jun 2021 10:42:35 +0000 (19:42 +0900)]
tizen: Remove final.target dependency from reboot sequence
Change-Id: I289839f05abd3830691119ac8c9a8a7c370e757e
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
Karol Lewandowski [Mon, 10 May 2021 13:58:27 +0000 (15:58 +0200)]
tizen: Do not use shutdown.target for shutdown
shutdown.target is special unit to which systemd automatically adds
Conflicts= with for every unit.
By removing the relation to this target in shutdown units we practically
change the shutdown to use only explicitly configured units.
Change-Id: I93a43cdb3875250920e3e49817ffcd6f7f7725b6
INSUN PYO [Thu, 4 Mar 2021 06:22:39 +0000 (15:22 +0900)]
tizen: unit: fix serial console baudrate to 115200
Due to noise coming into the serial console or other abnormal behavior,
agetty changes the baudrate in the following order: 115200, 38400, 9600.
Since tizen only uses 115200 baudrate, this is fixed.
It is reported in the DA.
Change-Id: Icf7224d1fabd4cdb45971ac9314ed4d19d220bb1
Karol Lewandowski [Tue, 1 Dec 2020 11:34:31 +0000 (12:34 +0100)]
tizen: Search for configuration files in /hal dir
Since Tizen 6.5, a HAL image is mounted on the /hal directory,
which contains hardware-specific configurations and drivers,
for better portability of Tizen.
This is the priority of path searching for configuration file.
1. /etc/
2. /run/
3. /usr/local/lib/
4. /usr/lib/
5. /hal/lib/
When the same file exists, the higher priority file is used.
In this case, "/etc" is the highest priority.
Because hal can never override platform,
hal has a lower priority than platform.
Change-Id: Ie5e6cf98e64b4317bda23d49571b5c0f60084569
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
[ Change search order for /hal to be searched last ]
Signed-off-by: Karol Lewandowski <k.lewandowsk@samsung.com>
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
Hyotaek Shim [Wed, 28 Oct 2020 07:36:05 +0000 (16:36 +0900)]
tizen: Add an api for early initialization of input udev
KERNEL[3.864698] add /devices/virtual/rc/rc1/input2 (input)
DEVPATH=/devices/virtual/rc/rc1/input2
UDEV [6.541278] add /devices/virtual/rc/rc1/input2 (input)
DEVPATH=/devices/virtual/rc/rc1/input2
For fast input accessing, input udev should be set up early,
so that udev_device_get_is_initialized(input_udev_dev) check can be skipped before UDEV [6.541278].
Change-Id: I8182f856b0169f9c434bb360a49cfef109485c94
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
INSUN PYO [Wed, 7 Oct 2020 03:13:45 +0000 (12:13 +0900)]
tizen: Emergency mode: add emergency-target-holder.service
The emergency-target-holder.service prevents emergency.target from completing.
If emergency.target is not completed,
other services that are not intended can not be run in emergency mode.
Detailed information.
============================================================================================================================
1. If local-fs.target fails, emergency.target is started by 'OnFailure=emergency.target'.
2. By 'OnFailureJobMode=replace-irreversibly' option,
emergency.target cannot be canceled until completion.
3. When starting a new service by any activation(dbus, path, socket) in emergency mode,
sysinit.target is always checked and started by 'DefaultDependency=yes'.
4. sysinit.target stops emergency.target because of the 'Conflicts=emergency.target' setting.
5. However, emergency.target can not be stopped
because it started with 'replace-irreversibly' and not finished yet.
6. So sysinit.target can not be started.
7. New service can not be run because sysinit.target could not be started.
============================================================================================================================
Logs when running new services after applying this patch
=============================================================================================================================
bash-3.2# systemctl start deviced.service
Failed to start deviced.service: Transaction for deviced.service/start is destructive (emergency.target has 'start' job queued, but 'stop' is included in transaction).
See system logs and 'systemctl status deviced.service' for details.
bash-3.2# systemctl start sysinit.target
Failed to start sysinit.target: Transaction for sysinit.target/start is destructive (emergency.target has 'start' job queued, but 'stop' is included in transaction).
See system logs and 'systemctl status sysinit.target' for details.
==============================================================================================================================
Change-Id: I2cefadd7228d463fe1755e0c475f4563d98c8260
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
Insun Pyo [Fri, 18 Sep 2020 06:04:53 +0000 (15:04 +0900)]
tizen: Disable virtualization feature
1. Tizen does not support continer and vm.
2. Resolving Smack error.
==========================================================================================
Jan 01 09:00:19 localhost audit[591]: AVC lsm=SMACK fn=smack_inode_permission action=denied subject="User" object="System::Privileged" requested=r pid=591 comm="systemd" name="sched" dev="proc" ino=12322
Jan 01 09:00:19 localhost audit[591]: AVC lsm=SMACK fn=smack_inode_permission action=denied subject="User" object="System::Privileged" requested=r pid=591 comm="systemd" name="sched" dev="proc" ino=12322
Jan 01 09:00:19 localhost audit[591]: AVC lsm=SMACK fn=smack_inode_permission action=denied subject="User" object="System::Privileged" requested=r pid=591 comm="systemd" name="sched" dev="proc" ino=12322
Jan 01 09:00:19 localhost audit[535]: AVC lsm=SMACK fn=smack_inode_permission action=denied subject="User" object="System::Privileged" requested=r pid=535 comm="tlm-sessiond" name="environ" dev="proc" ino=12572
Jan 01 09:00:19 localhost audit[535]: AVC lsm=SMACK fn=smack_inode_permission action=denied subject="User" object="System::Privileged" requested=r pid=535 comm="tlm-sessiond" name="sched" dev="proc" ino=12322
Jan 01 09:00:30 localhost audit[949]: AVC lsm=SMACK fn=smack_inode_permission action=denied subject="User" object="System::Privileged" requested=r pid=949 comm="systemctl" name="sched" dev="proc" ino=12322
==========================================================================================
Change-Id: I8b947a0de6c030fa7dd4f8d8b080b1f7783a4010
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
Łukasz Stelmach [Wed, 20 Mar 2024 09:40:39 +0000 (10:40 +0100)]
tizen: test-copy: allow copy from symlinked dir
Change-Id: I96f7e86c4f3b26bc79431ccd962dffc82befb14f
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
Adrian Szyndela [Fri, 27 Mar 2020 15:29:24 +0000 (16:29 +0100)]
tizen: tests: make tests pass with non-utf8 locale
Change-Id: Id9056e66b5b3619f7f30a8e1a12b184bf82b1991
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
Łukasz Stelmach [Tue, 19 Mar 2024 13:33:16 +0000 (14:33 +0100)]
tizen: replace realpath with readlink -f
Tizen's coreutils doesn't include 'realpath' utility, which was
introduced in coreutils 8.15. However, Tizen's coreutils includes 'readlink'
utility, which is very close to 'realpath' if called with '-f' param.
Change-Id: I08b6ed68fc6bf0c384b599f4de3724724345d5c7
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
Adrian Szyndela [Thu, 26 Mar 2020 10:19:37 +0000 (11:19 +0100)]
tizen: sd-bus: fix fcntl flag for duplicating fd
Change-Id: Ib9da92cc7b4b733ba8edb3bf04f46cce46c8d8fa
Hyotaek Shim [Mon, 17 Feb 2020 04:54:18 +0000 (13:54 +0900)]
tizen: Increase the max number of INotify instances per real user ID
Change-Id: I49a2ed1881d03def82be5a83ae5b6eb0db01ce6c
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
Paweł Szewczyk [Fri, 26 Jul 2019 08:48:24 +0000 (10:48 +0200)]
tizen: Use separate udev tag for devices in user session
The system-user tag can be used to mark devices that will be enumerated by
systemd in 'systemd --user' instance.
Change-Id: I5889f50df6c329de36c2544ee5cf1ba1c52ad433
Signed-off-by: Paweł Szewczyk <p.szewczyk@samsung.com>
Cheoleun Moon [Fri, 19 Apr 2019 07:31:03 +0000 (16:31 +0900)]
tizen: Add SECLABEL for /dev/net/tun
Change smack label of /dev/net/tun to *
Change-Id: Ie3c7d4e908a077064cb4d5ba5e4e082a7409da64
Signed-off-by: Cheoleun Moon <chleun.moon@samsung.com>
Karol Lewandowski [Thu, 15 Nov 2018 13:02:51 +0000 (14:02 +0100)]
tizen: All logins should use User::Shell smack label
Change-Id: I8c0e7de59689aa83bd0273af4a66dd7a8f823ec9
Paweł Szewczyk [Fri, 5 Oct 2018 12:48:39 +0000 (14:48 +0200)]
tizen: socket: Serialize auxiliary file descriptors
When socket is serialized/deserialized it's important to keep all file
descriptors. This commit adds the serialization of auxiliary fds.
For now, only ffs sockets are using auxiliary descriptors.
Change-Id: I5fea0152fee51560e160fe5df4806b55a5b369d6
Signed-off-by: Paweł Szewczyk <p.szewczyk@samsung.com>
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
pr.jung [Mon, 17 Sep 2018 06:39:43 +0000 (15:39 +0900)]
tizen: Remove build warnings
- Add TIZEN_JOURNALD_KMSG
- Print kmsg log on dlogutil because journald is heavier than dlogutil
Change-Id: I763cfccbb0d877c52d8448de4a50966a33c84981
Signed-off-by: pr.jung <pr.jung@samsung.com>
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
INSUN PYO [Wed, 7 Mar 2018 07:40:53 +0000 (16:40 +0900)]
tizen: logind: change smack label /run/user/%UID/system_share to "*"
Change-Id: I7e08e670378f657d97e41b1f3f86c2c1ae16ccb9
INSUN PYO [Tue, 27 Feb 2018 08:48:52 +0000 (17:48 +0900)]
tizen: logind: change group and permission /run/user/%UID
1. change group and pemission of /run/usre/%UID to uid/system_share,0750
2. make /run/user/%UID/system_share to uid/system_share,0750
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Change-Id: Ie22b8d4e96c1669f7068005952d83f7f4086b60c
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Dawid Kuczma [Tue, 5 Dec 2017 08:31:16 +0000 (09:31 +0100)]
tizen: Add well-known-names -> unique names on graph
Usage:
--well-known-names=true
Change-Id: Ife01bd8d1a2d6acc4a45c6595bcc52c15d523742
Dawid Kuczma [Mon, 6 Nov 2017 12:50:59 +0000 (13:50 +0100)]
tizen: Add tool for processing graph generated by busctl dot.
Usage:
1) gvpr -f graphinfo.gvpr input_file
2) gvpr -f graphinfo.gvpr input_file -a node -a NODE
3) gvpr -f graphinfo.gvpr input_file -a -node -a NODE
Change-Id: Ie4d05c715df17b61c8c7ad1f7724977c9c2f8bb8
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
Dawid Kuczma [Thu, 28 Sep 2017 13:08:20 +0000 (15:08 +0200)]
tizen: Generate graph from the traffic observable by busctl monitor.
Busctl dot is used to visualize IPC traffic.
It generate dot output whitch can be visualized e.g. by using graphviz.
Also adds filtering by sender/receiver pid.
Internally busctl dot works similar to busctl capture.
It reuses monitor() framework.
--pid=PID -only show messages where sender or receiver pid is equal to PID
--sender-pid=PID -only show messages where sender pid is equal to PID
--receiver-pid=PID -same as above, but filtering by receiver pid.
Signed-off-by: Dawid Kuczma <d.kuczma@partner.samsung.com>
Change-Id: Id9ce46f5085dde10010e89057f78d58b3088d3bc
INSUN PYO [Wed, 27 Sep 2017 07:10:21 +0000 (16:10 +0900)]
tizen: units: [user@.service] Set Group as users
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Change-Id: Iaf0d6f57e6a4a124ac0301e38527bddcbb7fe679
INSUN PYO [Tue, 11 Apr 2017 07:26:57 +0000 (16:26 +0900)]
tizen: Do not try to read /proc/1/cgroup from unprivileged processes
In Tizen access to /proc/1 is restricted via Smack. However, there are
unprivileged functions that need to work with information from this dir.
This function caches cgroup information in /run, allowing system-wide
access to this information.
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Change-Id: I2a2977400c7917804599cfb6f225dab897dc8b14
wchang kim [Tue, 15 Nov 2016 02:29:15 +0000 (11:29 +0900)]
tizen: Adding to send new system signal for user session done.
When user-session is done, systemd will send new system signal for user-session done.
interface=org.freedesktop.systemd1.Manager,member=UserSessionStartupFinished
UserSessionStartupFinished(t user_id)
Change-Id: I2ee9a2f232c22428894217fc2a519ec9c017fb2c
Signed-off-by: Woochang Kim <wchang.kim@samsung.com>
wchang kim [Thu, 29 Sep 2016 22:17:55 +0000 (07:17 +0900)]
tizen: Description : Added the local PATH to a shell script.
Adding the local PATH into 50-systemd-user.sh
Change-Id: Ic466577a5db001d99a41410c950220cb49f3d55e
Signed-off-by: Woochang Kim <wchang.kim@samsung.com>
wchang kim [Wed, 28 Sep 2016 09:05:28 +0000 (18:05 +0900)]
tizen: Description : Fixed the security hole.
In case of "systemctl --user enable <path>", a application can insert
the malicious user service.
So systemctl can only enable the service with service name.
Change-Id: I570f45985516ee3636720f36787080590e6f90ef
Signed-off-by: Woochang Kim <wchang.kim@samsung.com>
Kunhoon Baik [Thu, 1 Sep 2016 07:01:12 +0000 (16:01 +0900)]
tizen: Watchdog : support to change timeout to USEC_INFINITY (disable timeout)
Change-Id: I459471c2d210eb31c22a17e0e45653b3de04233a
Kunhoon Baik [Wed, 17 Aug 2016 12:25:55 +0000 (21:25 +0900)]
tizen: Patch for unlimited timeout for User Session
This patch should be used for specific purpose of Tizen
Change-Id: Ida7448da300b0c4cf9a5189c6f8903a2e8729df3
jin-gyu.kim [Wed, 20 Jul 2016 11:28:15 +0000 (20:28 +0900)]
tizen: Set SmackProcessLabel to System::Privileged in selected units
The following commits were squashed:
- I37c3c1ee8152f82bf45b50f6e81f7986b62547c1
- Icd1e8c7794236670575df68d1fe35c35584f24f2
- If9f30e57050f01004c56b85235ad50d49710ac53
--8<-------------------------------------------------------->8---
Set SmackProcessLabel to System::Privileged in selected units
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
--8<-------------------------------------------------------->8---
logind: add SmackProcessLabel=System::Privileged to user-runtime-dir@.service
To change smack label /run/user/5001/system_share to "*", we need System::Privileged.
--8<-------------------------------------------------------->8---
tizen: Change the SMACK label for systemd in the user session
Change the SMACK label for systemd in the user session to
System::Privileged to avoid problems with handling
org.freedesktop.systemd1.Manager.GetUnitByPID method.
--8<-------------------------------------------------------->8---
Author: INSUN PYO <insun.pyo@samsung.com>
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
Kunhoon Baik [Thu, 30 Jun 2016 12:22:10 +0000 (21:22 +0900)]
tizen: Disable Online KMSG logging
This is Unavoidable Patch for me - This is quick patch for internal issue.
If you have a question for this patch, contact to hyeongsik.min and jinmin
Change-Id: Ie21692ea85ee2e7fbfa0265f9e606b204d27a558
wchang kim [Wed, 29 Jun 2016 23:38:55 +0000 (08:38 +0900)]
tizen: Add smack label(*) to loop device for security policy
Add smack label(*) to loop device for security policy
Change-Id: If9271c209b05f73c20c66f7e30a7d18e070c2b4a
Signed-off-by: Woochang Kim <wchang.kim@samsung.com>
wchang kim [Wed, 29 Jun 2016 00:18:37 +0000 (09:18 +0900)]
tizen: Set PATH in local script for security policy
Set PATH in local script for security
Change-Id: If1f6163bdd936222e103822ee01d4c9a7e886a72
Signed-off-by: Woochang Kim <wchang.kim@samsung.com>
Kunhoon Baik [Tue, 7 Jun 2016 13:51:38 +0000 (22:51 +0900)]
tizen: For using persistent storage in AUTO mode.
As Tizen default, /opt is mounted seperately, and the /var -> /opt/var
Thus, systemd flush should be done after mounting /opt.
In generic, I think that systemd-journal-flush should be done after local-fs.target
because several devices have own partition policies.
Change-Id: I4acb4bd26365681ea798441c2f154b8ba5422665
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
Kunhoon Baik [Sat, 26 Mar 2016 07:31:34 +0000 (16:31 +0900)]
tizen: Run the serial-getty (Open the serial console) eariler for debugging convenience.
Change-Id: I239977c2872ed219bf2591a80c1153eeba4cdc89
Karol Lewandowski [Wed, 21 Oct 2015 16:24:14 +0000 (18:24 +0200)]
tizen: cg_get_root_path: Return default root path if it's not accessible due to insufficient permission
This commit provides default value ("/") for root path in case where
/proc/1/cgroup is not readable due to insufficient permission (eg. in
MAC system).
Inability to read root cgroup path leads to failure in determining
instance type being used (system, user), eg.
user@localhost:~$ /usr/lib/systemd/user-generators/systemd-dbus1-generator
[13087.175648] audit: type=1400 audit(
946701489.290:1463): lsm=SMACK fn=smack_inode_permission action=denied subject="User" object="System" requested=r pid=14081 comm="systemd-dbus1-g" name="cgroup" dev="proc" ino=11149
Failed to determine whether we are running as user or system instance: Permission denied
strace: open("/proc/1/cgroup", O_RDONLY|O_LARGEFILE|O_CLOEXEC) = -1 EACCES (Permission denied)
Change-Id: I60a17ad05b8b49cd1fb1c8aa3ad8f46d34231df3
Signed-off-by: Karol Lewandowski <k.lewandowsk@samsung.com>
Sangjung Woo [Wed, 14 Oct 2015 06:38:25 +0000 (15:38 +0900)]
tizen: units: add 'smackfsroot=*' option into tmp.mount when SMACK is enabled
If SMACK is enabled, 'smackfsroot=*' option should be specified in
tmp.mount file since many non-root processes use /tmp for temporary
usage. If not, /tmp is labeled as '_' and smack denial occurs when
writing.
Note: The original commit has been dropped upstream and replaced with
SmackFileSystemRoot option later renamed to SmackFileSystemRootLabel.
Alas the option didn't work properly and has been dropped too.
Change-Id: I11df1ad555f376eaf0588d35e91789c9e2b07f8d
Origin: https://github.com/systemd/systemd/commit/
409c2a13fd65692c6
Signed-off-by: Sangjung Woo <sangjung.woo@samsung.com>
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
Michael I Doherty [Tue, 23 Jul 2013 13:12:50 +0000 (14:12 +0100)]
tizen: Tune of swap
Allow swap to be activated concurrently with sysinit target
Change-Id: I56aef31809e50ae6c4b10174c0f3b144f72b9746
Łukasz Stelmach [Wed, 29 Oct 2014 11:25:32 +0000 (12:25 +0100)]
tizen: Add pam_systemd.so to systemd-user
+ Add pam_systemd.so to /etc/pam.d/systemd-user
Change-Id: I87e9b5514f2cc77c37bc40aac4f15a4c741ee4e4
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
Michael Demeter [Fri, 11 Oct 2013 22:37:57 +0000 (15:37 -0700)]
tizen: Add 55-udev-smack-default.rules
The following commits were squashed
- Iebe2e349cbedb3013abdf32edb55e9310f1d17f5
- Ia41c0f7d8d4d98e34b4260cd9a8a55d99c5a33a7
- I61c7a3bb1098406172e5ed289cc0510b02794ea5
- Ie955499c4a0bf1581cd64244cb94acfa6279719d
- I706f14f7e8d767b0d7904a08e793f424c47e001b
- I8174ccd81aa3970a76a6f3680234dae77d920429
--8<-------------------------------------------------------->8---
tizen-smack: Handling of /dev
Smack enabled systems need /dev special devices correctly labeled
- Add Check for smack in rules.d/meson.build to include smack default rules
- Add smack default rules to label /dev/xxx correctly for access
--8<-------------------------------------------------------->8---
tizen-smack: label sound devices with *
--8<-------------------------------------------------------->8---
55-udev-smack-default.rules: add group rw permission to input nodes
--8<-------------------------------------------------------->8---
tizen: Change the permission of /dev/kmsg to "root:log 660 *"
Through this patch, /usr/bin/dlog_logger (log:log) can access /dev/kmsg
without root credentials.
--8<-------------------------------------------------------->8---
Change smack label of /dev/full from '_' to '*'
--8<-------------------------------------------------------->8---
Apply priv_keygrab:r ACL rule to /dev/input
--8<-------------------------------------------------------->8---
Author: Michael Demeter <michael.demeter@intel.com>
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
Signed-off-by: Karol Lewandowski <k.lewandowsk@samsung.com>
Rafal Krypa [Wed, 2 Sep 2015 13:27:50 +0000 (15:27 +0200)]
tizen: Temporarily disable Smack for POSIX shared memory
Mount /dev/shm directory, used by glibc for implementation of POSIX shared
memory segments, will now be mounted with System::Run label, transmutable.
This effectively disables any access control by Smack on POSIX SHMs.
Programs running with the same UID and GIDs, but different Smack labels
(i.e. applications, user services) will be able to spy on each others SHM.
This is a temporary workaround for problems with audio architecture not
compliant with Tizen 3.0 security architecture. Applications using pulse
audio try to exchange SHM segments.
This patch is to be reverted in the near future. It is needed for now to
have a working release.
Change-Id: I82fa7b33ad415a5b57d6e2c3e8c6ea642c659ab7
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Michael Demeter [Fri, 11 Oct 2013 22:37:57 +0000 (15:37 -0700)]
tizen: Handling of /run and /sys/fs/cgroup
Make /run a transmuting directory to enable systemd
communications with services in the User domain.
Change-Id: I9e23b78d17a108d8e56ad85a9e839b6ccbe4feff
Anas Nashif [Sun, 9 Dec 2012 17:51:23 +0000 (09:51 -0800)]
tizen: Add %install_service rpm macro
Change-Id: Idc7f5c392c96981d95420b0d747eaf28964b2d02
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
INSUN PYO [Fri, 7 Jun 2019 06:30:41 +0000 (15:30 +0900)]
tizen: Delayed target
The following commits were squashed:
- I0527d1387500c699be0fbc319c702a77d9ae587b
- I56db28be6f0cecd0562ba8db6bb1d4af0b1a3b7b
- I2f291ea8b5f535157eec4f105f2c37b0cea448c9
- I54e51fc3fe563961f18b953215cee41c3bf4510e
- I2206ada9509d503ac02733d0cb0c1539d932b184
- I0d87c574086073b28aa52dccca3e760914e2abbd
- Ibec5e4f4030e26235dbba6610a5142d0e29e423f
- Ib742d57963db8cfba2a091d4de1562ab0b95fc7a
- I7602100652f478b3d66fcba215659f39a63694e2
- I4ad1ff6a8084ed9db7d630f533a9348b41decbf0
- I8da0c1f224a74d45badd82f2ac1dda13cb8febbb
- Ifacc46fcc5c7ec7bb52f9b4f47ed5ea98aa5fd5a
- I6e2189c2cd0d4a86db995651b43a4dcdc25fcabf
- I581c5dbcf216806dfcff826bbdf7ca82dc944676
- Ic17dd0559544c323dedfe7c9b5ad13d01bc65588
--8<-------------------------------------------------------->8---
Add delayed target
--8<-------------------------------------------------------->8---
Change the config value of the "RemainAfterExit=" ("true" -> "yes")
--8<-------------------------------------------------------->8---
Rework delayed.target
start delayed.service --> finish default.target --> start all of delayed.service -->
finish delayed.target --> StartupFinished
--8<-------------------------------------------------------->8---
delayed: replace dbus-send with a dedicated program
In release versions there can be no helper programs for sending
any messages over D-Bus. Thus, dbus-send, busctl etc. are removed.
This commit replaces dbus-send use cases with a specialized little
tool, which does what dbus-send did in those cases.
--8<-------------------------------------------------------->8---
Delayed target: check interval is changed from 1 second to 0.2 seconds.
--8<-------------------------------------------------------->8---
Fix delayed.target
Add binary wait-target-done.c for waiting creation of *.done file.
--8<-------------------------------------------------------->8---
Fix wait-target-done.c
1. Change inotify fd to nonblock.
2. Change timeout to use alarm(). And make it encompass
the whole process, which now includes wd allocation.
3. Add dependency with tlm.service to
system-delayed-target-trigger.service
4. Add journal log.
--8<-------------------------------------------------------->8---
Add Conflicts=emergency.service in system-delayed-target-trigger.service
--8<-------------------------------------------------------->8---
Restore 'Default Dependendies' to system-default-target-done.service and system-delayed-target-trigger.service
Add 'Requires=sysinit.target' and 'After=sysinit.target basic.target'
Two dependencies prevent those service from running in emergency mode,
because sysinit.target always fails in emergency mode.
--8<-------------------------------------------------------->8---
Delayed target: add delaying the start of delayed.target
If /etc/systemd/delayed-target.conf exists and has DelayedTargetWait environment value,
delayed.target starts after DelayedTargetWait seconds.
If the /tmp/.systemd_delayed_target_wait file is created within the delayed time,
delayed.target starts immediately.
--8<-------------------------------------------------------->8---
Delayed target: add delaying the start of delayed.target #2
Delay time is also applied to user systemd.
System systemd is already applied.
--8<-------------------------------------------------------->8---
delayed: remove unused file
Change-Id: Ifacc46fcc5c7ec7bb52f9b4f47ed5ea98aa5fd5a
--8<-------------------------------------------------------->8---
delayed: rework dealyed service without capability of /usr/bin/touch
VD security remove capability of /usr/bin/touch. (cap_dac_override=ei)
Change permision and group of /run/systemd/system
from 0755/root/root to 0775/root/systemf_fw.
--8<-------------------------------------------------------->8---
Add device_board_set_boot_success in booting-done.service
/usr/bin/device_board_set_boot_success reports boot success to the bootloader.
If boot success is not reported for, e.g., 10-times booting in a row,
bootloader recovers the system.
-- Bootloader --
If (BOOT_SUCCESS flag is set) {
Clear the BOOT_SUCCESS flag
BOOT_FAIL_COUNT = 0
} Else {
If (++ BOOT_FAIL_COUNT > 10) {
BOOT_FAIL_COUNT = 0
Restore to the other partitions (e.g., b -> a)
Proceed to the recovery booting (ramdisk-recovery, bootmode="recovery")
}
}
Proceed to the normal booting (ramdisk, bootmode="")
--8<-------------------------------------------------------->8---
Run booting-done.service as root:root System
booting-done.service should be privileged to be responsible for
checkpointing booting status not only for normal booting
but also for FOTA and recovery booting.
--8<-------------------------------------------------------->8---
Author: Insun Pyo <insun.pyo@samsung.com>
Author: Adrian Szyndela <adrian.s@samsung.com>
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
Signed-off-by: Youngjae Cho <y0.cho@samsung.com>
Łukasz Stelmach [Tue, 23 Apr 2024 08:38:32 +0000 (10:38 +0200)]
tizen: Serialize and deserialize Capabilities
Pass capabilities as configured in service files to systemd-executor. To
avoid using cap_to_text() the text representation of capabilities from
a unit file is preserved in ExecContext.
Change-Id: I9903a741e35ec890747866838747bf5af1fe9f6e
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
Łukasz Stelmach [Thu, 7 Mar 2024 22:22:46 +0000 (23:22 +0100)]
tizen: Revert: "core: drop Capabilities= setting"
This reverts commit
479050b36302a360048c2af5e79683d14ad56fb3
Change-Id: I24367aea159b1decc732b3fbaf448a40e59f2634
Signed-off-by: Woochang Kim <wchang.kim@samsung.com>
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
Łukasz Stelmach [Thu, 25 Apr 2024 14:10:49 +0000 (16:10 +0200)]
Fix _do_log conditions in log_exec_* macros
The expression for calculation of the _do_log values in the log_exec_*
macros need to be the same as the unit_log_level_test() function, used
to calculate _do_log in unit.h. The only difference between execute.h
and unit.h is the lack of the Unit structure.
Change-Id: I14f40cac7b05696e9091fa24fbed314459a737d1
Origin: https://github.com/systemd/systemd/commit/
e85be4983d974063b5210e6df77d9109ffbc9932
Fixes:
b646fc324a ("core: ensure execute/spawn functions can work without Unit object")
Fixes:
210ca71cb5 ("core/execute: clean up log_exec_full_errno and friends")
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
Mike Yuan [Mon, 19 Feb 2024 12:55:51 +0000 (20:55 +0800)]
core/execute: clean up log_exec_full_errno and friends
Also drop unused log_exec_struct_iovec().
Change-Id: I3077b3c05cc7080ea34cdbf408eb72fdc451d1be
Origin: https://github.com/systemd/systemd/commit/
210ca71cb5d9f41df3b23eef28d6742bd90a0362
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
Mike Yuan [Fri, 16 Feb 2024 12:00:06 +0000 (20:00 +0800)]
core/exec-invoke: record correct exit status when failed to locate executable
Follow-up for
4d8b0f0f7aeadc401ac02f67576ccb1de8cf79e6
After the mentioned commit, when the ExecCommand executable is missing,
and failure will be ignored by manager, we exit with EXIT_SUCCESS at executor
side too. The behavior however contradicts systemd.service(5), which states:
> If the executable path is prefixed with "-", an exit code of the command
> normally considered a failure (i.e. non-zero exit status or abnormal exit
> due to signal is _recorded_, but has no further effect and is considered
> equivalent to success.
and thus makes debugging unexpected failures harder. Therefore, let's still
exit with EXIT_EXEC, but just skip LOG_ERR level log.
Change-Id: Iaa3b66e6f16d5410f94f9bf8b302b710bf611006
Origin: https://github.com/systemd/systemd/commit/
80b18d217a0d2ef1f3b6793f8038a40ac0b5f719
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
Luca Boccassi [Wed, 6 Dec 2023 20:32:40 +0000 (20:32 +0000)]
NEWS: finalize for v255
Luca Boccassi [Wed, 6 Dec 2023 20:29:04 +0000 (20:29 +0000)]
Merge pull request #30334 from DaanDeMeyer/repart-fixes
repart: Add Minimize=best to --make-ddi= partition definitions
Lennart Poettering [Wed, 6 Dec 2023 18:20:35 +0000 (19:20 +0100)]
README: mention Matrix channel
Luca Boccassi [Wed, 6 Dec 2023 16:57:29 +0000 (16:57 +0000)]
Merge pull request #30341 from bluca/news
Update hwdb and NEWS
Daan De Meyer [Wed, 6 Dec 2023 11:18:32 +0000 (12:18 +0100)]
test: Add test case for --make-ddi=sysext
Also make sure that the sysext is big enough to not fit in the
minimum partition size so we know Minimize= is being used.
Daan De Meyer [Tue, 5 Dec 2023 13:56:15 +0000 (14:56 +0100)]
repart: Add Minimize=best to --make-ddi= partition definitions
Otherwise, repart won't calculate the minimal size of the partition
automatically and things will fail once the partitions exceed the
minimal partition size (10M).
Luca Boccassi [Wed, 6 Dec 2023 10:06:50 +0000 (10:06 +0000)]
hwdb: update
ninja -C build update-hwdb
Luca Boccassi [Wed, 6 Dec 2023 10:00:25 +0000 (10:00 +0000)]
NEWS: note that newly introduced tools are experimental
So that we can change interfaces for at least one release if needed
Luca Boccassi [Wed, 6 Dec 2023 09:57:38 +0000 (09:57 +0000)]
NEWS: update contributors list
Roland Singer [Wed, 6 Dec 2023 09:49:47 +0000 (10:49 +0100)]
ukify: fix handling of --secureboot-certificate-validity= (#30315)
Before:
$ python src/ukify/ukify.py genkey --secureboot-private-key=sb2.key --secureboot-certificate=sb2.cert --secureboot-certificate-validity=111
Traceback (most recent call last):
File "/home/zbyszek/src/systemd-work/src/ukify/ukify.py", line 1660, in <module>
main()
File "/home/zbyszek/src/systemd-work/src/ukify/ukify.py", line 1652, in main
generate_keys(opts)
File "/home/zbyszek/src/systemd-work/src/ukify/ukify.py", line 943, in generate_keys
key_pem, cert_pem = generate_key_cert_pair(
^^^^^^^^^^^^^^^^^^^^^^^
File "/home/zbyszek/src/systemd-work/src/ukify/ukify.py", line 891, in generate_key_cert_pair
now + ONE_DAY * valid_days
~~~~~~~~^~~~~~~~~~~~
TypeError: can't multiply sequence by non-int of type 'datetime.timedelta'
Now:
$ python src/ukify/ukify.py genkey --secureboot-private-key=sb2.key --secureboot-certificate=sb2.cert --secureboot-certificate-validity=111
Writing SecureBoot private key to sb2.key
Writing SecureBoot certificate to sb2.cert
The new code is also clearer.
Mike Yuan [Tue, 5 Dec 2023 13:53:51 +0000 (21:53 +0800)]
repart: use correct errno
Frantisek Sumsal [Tue, 5 Dec 2023 11:22:20 +0000 (12:22 +0100)]
test: load the io controller before checking if io.latency exists
Otherwise the following test gets always skipped.
Daan De Meyer [Tue, 5 Dec 2023 10:21:15 +0000 (11:21 +0100)]
repart: Fix sysext definitions for --make-ddi=
CopyFiles= does not support multiple directories separated by
whitespace. Instead the setting has to be specified multiple times.
Luca Boccassi [Tue, 5 Dec 2023 11:53:31 +0000 (11:53 +0000)]
selinux: downgrade log about state to trace
It is printed on every invocation of sd-executor, which is noisy and not useful
Follow-up for:
bb5232b6a3b8a
Yu Watanabe [Tue, 5 Dec 2023 14:50:25 +0000 (23:50 +0900)]
basic: fix typo
huyubiao [Tue, 5 Dec 2023 12:53:32 +0000 (20:53 +0800)]
fix: The example2 in hwdb.xml is unreasonable
use evdev:atkbd:dmi:bvnAcer:bvr:bdXXXXX:bd08/05/2010:svnAcer:pnX123: instead of evdev:atkbd:dmi:bvnAcer:bdXXXXX:bd08/05/2010:svnAcer:pnX123
Luca Boccassi [Mon, 4 Dec 2023 18:23:34 +0000 (18:23 +0000)]
Merge pull request #30313 from mrc0mmand/ubuntu-ci
Reduce the number of deny-list files for Ubuntu CI
Yu Watanabe [Mon, 4 Dec 2023 03:36:53 +0000 (12:36 +0900)]
tools/meson-vcs-tag: the third argument is optional
Follow-up for
1a71ac07adafebe7e0074f92d049f72968ca2d47.
Luca Boccassi [Mon, 4 Dec 2023 10:29:06 +0000 (10:29 +0000)]
Merge pull request #30314 from DaanDeMeyer/dmi
Document kernel configs required for reading credentials from SMBIOS
Daan De Meyer [Mon, 4 Dec 2023 10:16:52 +0000 (11:16 +0100)]
mkosi: Update comment why we can't use linux-kvm yet
Daan De Meyer [Mon, 4 Dec 2023 10:13:59 +0000 (11:13 +0100)]
Document kernel configs required for reading credentials from SMBIOS
Frantisek Sumsal [Mon, 4 Dec 2023 09:57:39 +0000 (10:57 +0100)]
test: reenable TEST-30 on i*86
The original reason for deny-listing it was that it's flaky there. I'm
not sure if that's still the case, but the Ubuntu CI jobs for i*86 are
gone, so this file shouldn't be needed anymore anyway.
Frantisek Sumsal [Mon, 4 Dec 2023 09:51:35 +0000 (10:51 +0100)]
test: skip TEST-36 on s390x and powerpc
As QEMU there doesn't support NUMA nodes. Also, drop the now unneeded
deny-list file for Ubuntu CI.
Frantisek Sumsal [Mon, 4 Dec 2023 09:23:42 +0000 (10:23 +0100)]
test: check if 'btrfs filesystem' supports 'mkswapfile'
Instead of deny-listing the test on Ubuntu CI, so it gets enabled
automagically once btrfs-progs is updated to a newer version there.
Frantisek Sumsal [Mon, 4 Dec 2023 09:16:02 +0000 (10:16 +0100)]
test: reenable TEST-25-IMPORT in Ubuntu CI
Let's see if #13973 is still an issue.
Luca Boccassi [Sun, 3 Dec 2023 18:30:07 +0000 (18:30 +0000)]
executor: apply LogLevelMax earlier
SELinux logs before we have a chance to apply it, move it up as it
breaks TEST-04-JOURNAL:
[ 408.578624] testsuite-04.sh[11463]: ++ journalctl -b -q -u silent-success.service
[ 408.578743] testsuite-04.sh[11098]: + [[ -z Dec 03 13:38:41 H systemd-executor[11459]: SELinux enabled state cached to: disabled ]]
Follow-up for:
bb5232b6a3b8a
Yu Watanabe [Mon, 4 Dec 2023 02:44:58 +0000 (11:44 +0900)]
Merge pull request #30305 from yuwata/seccomp-fix
seccomp: override the default action only when the filter is allow-list
Zbigniew Jędrzejewski-Szmek [Sat, 2 Dec 2023 09:26:05 +0000 (10:26 +0100)]
tests: fix section mapping in test_ukify.py
The regexp only worked if the sections were small enough for the size to
start with "0". I have an initrd that is 0x1078ec7e bytes, so the tests
would spuriously fail.
Luca Boccassi [Sun, 3 Dec 2023 12:34:24 +0000 (12:34 +0000)]
Merge pull request #30297 from keszybz/fixups
A few unrelated fixups for recent commits
Yu Watanabe [Sun, 3 Dec 2023 09:01:20 +0000 (18:01 +0900)]
seccomp-util: also use ENOSYS for unknown syscalls in seccomp_load_syscall_filter_set()
Follow-up for
2331c02d06cae97b87637a0fc6bb4961b509ccf2.
Note, currently, the function is always called with SCMP_ACT_ALLOW as
the default action, except for the test. So, this should not change
anything in the runtime code.
Yu Watanabe [Sun, 3 Dec 2023 08:37:02 +0000 (17:37 +0900)]
seccomp-util: override default action only when the filter is allow-list
Follow-up for
2331c02d06cae97b87637a0fc6bb4961b509ccf2.
Fixes #30304.
Zbigniew Jędrzejewski-Szmek [Wed, 29 Nov 2023 13:38:06 +0000 (14:38 +0100)]
stdio-bridge: return immediately if we can
Follow-up for
0321248b79d14ceddd36140b327332f145ae68e7.
Zbigniew Jędrzejewski-Szmek [Wed, 29 Nov 2023 13:13:33 +0000 (14:13 +0100)]
run: fix bad escaping and memory ownership confusion
arg_description was either set to arg_unit (i.e. a const char*), or to
char *description, the result of allocation in run(). But description
was decorated with _cleanup_, so it would be freed when going out of the
function. Nothing bad would happen, because the program would exit after
exiting from run(), but this is just all too messy.
Also, strv_join(" ") + shell_escape() is not a good way to escape command
lines. In particular, one the join has happened, we cannot distinguish
empty arguments, or arguments with whitespace, etc. We have a helper
function to do the escaping properly, so let's use that.
Fixup for
2c29813da3421b77eca5e5cdc3b9a863cad473b9.