git-history.diyao.me Git - systemd/.git/log

meson: build libsystemd-core via an intermediate static library

By itself, this is not useful. I'm making this a separate commit to
make debugging easier. It turns out that meson does static libraries
using references, so the "static library" a tiny stub stub that refers
to the object files on disk and this has negligible cost:
$ ls -lhd build/src/core/libsystemd-core-257.{a,so}
-rw-r--r-- 1 zbyszek zbyszek 36K Jul 3 16:54 build/src/core/libsystemd-core-257.a
-rwxr-xr-x 1 zbyszek zbyszek 6.1M Jul 3 16:54 build/src/core/libsystemd-core-257.so

(cherry picked from commit d0689ee5fbfafa736e6eca89bc80cb2d372f2229)

meson: rename libbasic to libbasic_static

Our variables for internal libraries are named 'libfoo' for the shared lib
variant, and 'libfoo_static' for the static lib variant. The only exception was
libbasic, because we didn't have a shared variant for it. But let's rename it
for consitency. This makes the build config easier to understand.

(cherry picked from commit 732ed8a84e8b264fccd3f5c0fc68ec2894b6d8ea)

Bump meson version to 256.3~devel

Finalize v256.2

mkosi: switch debian to ci/v256-stable branch

This branch will track changes for v256-stable

workflows/labeler: do not set labels on stable backport PRs

(cherry picked from commit 5dfc88c12f541ff11ad53634be9ca40f13423467)

labeler: match all mkosi files

(cherry picked from commit a3370d5d94167eddf9b0e6efd6a76bb5348afb9d)

labeler: remove matches for dropped files (Makefile)

(cherry picked from commit 5e12de940a4220b22754c12668474462df64090e)

vmm: make sure we can handle smbios objects without variable part

An smbios object with no variable part is a special case, it's just
suffixed with two NUL btes. handle that properly.

This is inspired by a similar fix from https://github.com/systemd/systemd/pull/29726

(cherry picked from commit 44ec70489f377d1fa9f4e19aed95a7e39da7d93d)

README: update requirements for signed dm-verity

The newest kconfig enabling DB-verified dm-verity images is queued
for 6.11:

https://patchwork.kernel.org/project/dm-devel/patch/20240617220037.594792-1-luca.boccassi@gmail.com/
(cherry picked from commit a79b6dc0706dd5fe76ec56b3308b402c133ead23)

sysusers: handle NSS errors gracefully

If the io.systemd.DynamicUser or io.systemd.Machine files exist,
but nothing is listening on them, the nss-systemd module returns
ECONNREFUSED and systemd-sysusers fails to creat the user/group.

This is problematic when ran by packaging scripts, as the package
assumes that after this has run, the user/group exist and can
be used. adduser does not fail in the same situation.

Change sysusers to print a loud warning but otherwise continue
when NSS returns an error.

(cherry picked from commit fc9938d6f8e7081df5420bf88bf98f683b1391c0)

man: fully adopt ~/.local/state/

The XDG base dir spec adopted ~/.local/state/ as a thing a while back,
and we updated our docs in b4d6bc63e602048188896110a585aa7de1c70c9b, but
forgot to to update the table at the bottom to fully reflect the update.
Fix that.

(cherry picked from commit 72a6296b16a75d4e26eec972f2999e69c9967b9d)

man: mention that distinction between /usr/lib/ and /usr/share/ is really about shared *ownership*

(cherry picked from commit 39aafbd42ac3d9675098c8212261fa56261d9066)

man: drop version info from file hiearchy man page

This file doesn't document features of systemd, but is more a of a
general description that generalizes/modernizes FHS. As such, the items
listed in it weren't "added" in systemd versions, they simply reflect
general concepts independent of any specific systemd version. hence
let's drop this misleading and confusing version info.

Or in other words, the man page currently claims under "/usr/": "Added
in version 215." – Which of course is rubbish, the directory existed
since time began.

This also rebreaks all paragaphs this touches.

No content changes.

(cherry picked from commit 26db8fe2478316825c5596e4b93b08176a8abddb)

os-util: avoid matching on the wrong extension-release file

The previous commit tries to extract a substring from the
extension-release suffix, but that is not right, it's only the
images that need to be versioned and extracted, use the extension-release
suffix as-is. Otherwise if it happens to contain a prefix that
matches the wrong image, it will be taken into account.

Follow-up for 37543971aff79f3a37646ffc2bb5845c9394797b

(cherry picked from commit 92d1fe3efac7b3a700317ec71b64cab5ebc17b42)

load-fragment: allow MountImages= with paths starting with /dev

For MountImages=, if the source is a block device, it will most likely reside
in /dev. It should be also possible to mount a static device file system in
place of (or part of) /dev. So let's allow paths starting with /dev as an
exception for MountImages=.

(cherry picked from commit e81025970fed5673c631976711d45c67b0443bb4)

zsh: add run0 completions

(cherry picked from commit ef98603f4b88738be3c262ee4bd06209e5a3edf5)

docs: Update HACKING

Let's mention the new way to install the latest changes without
rebuilding the image. Let's also remove the duplicate info about
distribution packages that is already mentioned in its own section.

(cherry picked from commit a2403af3293aef9fa5cf32f5ab9fa4eebe5406db)

README: add missing CONFIG_MEMCG kernel config option for oomd

We need to enable this otherwise systemd-oomd.service fails to start.

Fixes:
ConditionControlGroupController=memory was not met

(cherry picked from commit aa329b89223a79793cde8288b1bc6e93db174938)

boot: cover for hardware keys on phones/tablets

The patch is originally from Brenton Simpson, I (Lennart) just added some
comments and rebased it.

I didn't test this, but the patch looks so obviously right to me, that
I think we should just merge it, instead of delaying this further. In
the worst case noone notices, in the best case this makes sd-boot work
reasonably nicely on devices that only have a hadware power key + volume
rocker.

Fixes: #30598
Replaces: #31135
(cherry picked from commit 2fda6f5fffcc05adaa5a08d976e09ad7cc97c1b3)

core/manager: invoke special targets on signal only for system manager

(cherry picked from commit 6851abe40381cd2c5f059eccc22c6967d0b034e5)

core/dbus-manager: refuse SoftReboot() for user managers

Otherwise, busctl --user call ... SoftReboot results in
user manager broadcasting signal and initiating soft-reboot...

(cherry picked from commit 236cd4854657745e1a59b224a191a232a476527e)

meson: Define __TARGET_ARCH macros required by bpf

These are required by the bpf_tracing.h header in libbpf, see
https://github.com/libbpf/libbpf/blob/master/src/bpf_tracing.h.

bpf_tracing.h does have a few fallbacks in case __TARGET_ARCH_XXX
is not defined but recommends using the __TARGET_ARCH macros instead
so let's do that.

(cherry picked from commit 48d6dad100d0b42c02aa21d897e913461f6b3cc3)

coredump: correctly take tmpfs size into account for compression

We calculate the amount of uncompressed data we can write by taking the limits
into account and halving it to ensure there's room for switching to compression
on the fly when storing cores on a tmpfs (eg: due read-only rootfs).

But the logic is flawed, as taking into account the size of the tmpfs storage
was applied after the halving, so in practice when an uncompressed core file
was larger than the tmpfs, we fill it and then fail.

Rearrange the logic so that the halving is done after taking into account
the tmpfs size.

(cherry picked from commit e6b2508275aac2951aedfc842735d8ebc29850bb)

docs: update RELEASE.md to use same repository for stable branches

(cherry picked from commit 62cc0aca1750e90dce20463fab03362c26d6df0f)

docs: Add section to HACKING.md on distribution packages

(cherry picked from commit 17ef81a764995dfd0f43daf34dcf2ab04806e760)

docs/CODING_STYLE: document that we nowadays prefer (const char*) for func ret type

Addresses https://github.com/systemd/systemd/pull/33567#discussion_r1662818225

(cherry picked from commit 4b7249111a4c1d366f476bdbd6e03f7893eb9d42)

test: fix TEST-74-AUX-UTILS.ssh.sh on SUSE

(cherry picked from commit 252542ffc3fda9b110d108a1bce1a1d562baebd4)

test: preserve symlink in inst_recursive()

On SUSE this function is used to copy symlinks installed in *.wants/
directories.

(cherry picked from commit 855bad331e28a03d7ad5831caacd3481db938180)

test: fix TEST-24-CRYPTSETUP on SUSE

/etc/systemd/journald.conf.d drop-in dir already exists on SUSE.

(cherry picked from commit 56a894e888002f44f3463b3188f9d5abdcca4bb0)

test: install /etc/hosts

Needed for resolving the "localhost" hostname.

(cherry picked from commit a09825ce9fb3bd315f35654b6e6ee4f92c675cde)

test: split the resolved test suite into separate test cases

Although being far from ideal and the first two test cases have to be run
before the setup phase otherwise they will fail, it still makes the test
suite look much better and easier to read

(cherry picked from commit a9d472d6e4ae6c548dd24097b20563dc9c06b329)

mkosi: update debian commit reference

* abf24e775c Add recommends on linux-sysctl-defaults
* 76cb4138d2 autopkgtest: skip qemu tests on arm64
* 0935d73526 Install new systemd-import generator

(cherry picked from commit 4739539a7866f660cec5d746af65a951cdab8dc4)

units: add dep on systemd-logind.service by user@.service

Let's make sure logind is accessible by the time user@.service runs, and
that logind stays around as long as it does so.

Addresses an issue reported here:

https://lists.freedesktop.org/archives/systemd-devel/2024-June/050468.html

This addresses an issued introduced by
278e815bfa3e4c2e3914e00121c37fc844cb2025, which dropped the a dependency
from user@.service systemd-user-sessions.service without replacement.
While dropping that dependency does make sense, it should have been
replaced with the weaker dependency on systemd-logind.service, hence fix
that now.

user@.service is after all a logind concept, hence logind really should
be around for its lifetime.

systemd-user-sessions.service is a later milestone that only really
should apply to regular users (not root), hence it's too strong a
requirement.

(cherry picked from commit 29294d21cf82323bf04a9dbb5a03d48d6f758822)

repart: add sections to --help text

(cherry picked from commit 68debef4c12e7a25362e8ddbc752feee8c13762b)

Conditional PSI check to reflect changes done in 5.13

cpu.pressure 'full' is undefined for system-wide checks since 5.13 but still reported with values set to 0 for backwards compatibility. Made changes to reflect this for system-wide checks so that the conditional comparison is not made against the 0 value and instead fall back to 'some'.

https://www.kernel.org/doc/html/latest/accounting/psi.html
(cherry picked from commit 98b1ecc9175a8bb241292f6f441a754b6759dd97)

core: try again bind mounting if the destination was already created

If the destination mount point is on a shared filesystem and is
missing on the first attempt, we try to create it, but then
fail with -EEXIST if something else created it in the meanwhile.
Enter the retry logic on EEXIST, as we can just use the mount
point if it was already created.

Fixes https://github.com/systemd/systemd/issues/29690

(cherry picked from commit c3f0f6f8bd812fee4b2ab658a5cc9ac9167d387d)

mkfs-util: Set sector size for btrfs as well

btrfs used to default the sector size to the page size and didn't
support anything else. Since 6.7, it defaults to 4K and using 4K
makes the filesystem compatible with all page sizes. So let's make
sure we use minimum 4K as well (lower causes failures on systems with
a 4K page size) but still allow larger sector sizes if specified by
the user.

(cherry picked from commit 03c9e88fb7eb8973477c33aa63dc6bcf0cab52c9)

repart: Don't set filesystem sector size to 512

We want to use 4K as the default sector size for filesystems so they
don't have to be regenerated to work on 512, 2048 or 4096 sector sizes.

(cherry picked from commit d34361149f897eac5c6a41854fa4edca4804b49b)

repart: Log more about filesystem sector size

(cherry picked from commit 0e445aaa8553ff4ddf8330913260e5f167b1690d)

core/unit: follow merged units before updating SourcePath= timestamp too

Currently, we only follow merged units for unit_load_dropin() call.
But if the unit is an alias, we should always perform operations
on the "canonical" unit.

(cherry picked from commit 740cd1e0f2ae5cc1a10d2111d63cc4e975761091)

meson: use less verbose quoting

(cherry picked from commit c96cb64dce2e15f50253b34538662845e25e8d1c)

TEST-54-CREDS: Use UEFI firmware if available

On aarch64, SMBIOS is only available when using UEFI, so let's make
sure that the creds test uses UEFI when available so that it can
read creds from SMBIOS when running in a virtual machine.

(cherry picked from commit 436474dd4348d5f12f70d9032d1cc45171b335e7)

TEST-18-FAILUREACTION: Set auto firmware

This test runs in nspawn by default but will still run in qemu when
tests are run unprivileged so make sure we use UEFI if available to
avoid hangs when using the linux firmware.

(cherry picked from commit f392be9e7756268fc1b9d5204adc642bee10c8fa)

TEST-09-REBOOT: Set auto firmware

This test runs in nspawn by default but will still run in qemu when
tests are run unprivileged so make sure we use UEFI if available to
avoid hangs when using the linux firmware.

(cherry picked from commit 3cf38516bb765126fee80fed6d984ae963d075de)

TEST-06-SELINUX: Explicitly pull in autorelabel.service

(cherry picked from commit 7c04137a6f09f8536ea3dfb667bd5a862fe945f1)

TEST-70-TPM2: Use UEFI firmware if available

On x86 this doesn't matter but on aarch64 we need to make sure UEFI
is used so that /sys/kernel/security/tpm0/binary_bios_measurements
is there which is required for TEST-70-TPM2.

(cherry picked from commit 98f2a332cb1a3efc3b2e8a5914a895a0a051bda4)

resolved: correct parsing of OPT extended RCODEs

The DNS_PACKET_RCODE() function works out the full RCODE by taking the
first octet from the OPT record TTL field and bitwise-OR-ing this with
the basic RCODE from the packet header. This results in RCODE values
being lower than they should be.

For example, if the first TTL octet is 0x7a and the basic RCODE is 3,
this function currently returns `0x7a | 3` = 123, rather than 0x7a3 =
1955.

The first TTL octet is supposed to form the upper 8 bits of a 12-bit
value, whereas the current implementation constraints the value to 8
bits and results in mis-interpreted RCODEs.

This fixes things by shifting the TTL 20 places instead of 24 and
masking off the low nibble that comes from the upper bits of the version
octet.

Note that dns_packet_append_opt() correctly converts the input RCODE
into the high octet of the OPT TTL field; this problem only affects
parsing of incoming packets.

(cherry picked from commit c40f3714c9a4d1f2bcd308625c9c835892e3d41c)

TEST-45-TIMEDATE: Use syslog identifier journalctl match

Using a unit match is racy whereas a syslog identifier match is
reliable.

(cherry picked from commit 24284098a4613e626368ebe06ea6e39e49a9bc0f)

resolved: allow the full TTL to be used by OPT records

Whereas RFC 1035 says the TTL field takes the "positive values of a
signed 32 bit number", and RFC 2181 says "Implementations should treat
TTL values received with the most significant bit set as if the entire
value received was zero,", the dns_packet_read_rr() function sets
rr->ttl to zero if the MSB is set.

However, EDNS(0) as specified in RFC 6891 repurposes the TTL field's 4
octets to store other information, c.f.:

                  +0 (MSB)                            +1 (LSB)
       +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
    0: |         EXTENDED-RCODE        |            VERSION            |
       +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
    2: | DO|                           Z                               |
       +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+

The first octet extends the usual 4-bit RCODE from the packet header by
providing an additional 8 bits of space, extending the RCODE to 12 bits.
But, our handling of the TTL field means that the high bit in the first
octet is not actually usable, since setting it will mean these 4 octets
are replaced with 0. This may have the effect of making us believe a
server does not support DNSSEC when it actually set the DO bit in its
OPT record.

Here we change things so that the TTL is only set to zero for record
types other than OPT.

(cherry picked from commit 131787979c700becaf6ec24a810658d1313587cc)

TEST-64-UDEV-STORAGE: Make nvme_subsystem expected pci symlinks more generic

When running the test on aarch64 the symlinks look as follows:

"""
[root@H ~]# ls /dev/disk/by-path
platform-4010000000.pcie-pci-0000:00:04.0-scsi-0:0:0:0 platform-4010000000.pcie-pci-0000:00:04.0-scsi-0:0:0:0-part1 platform-4010000000.pcie-pci-0000:00:05.0-nvme-16
platform-4010000000.pcie-pci-0000:00:04.0-scsi-0:0:0:0-part platform-4010000000.pcie-pci-0000:00:04.0-scsi-0:0:0:0-part2 platform-4010000000.pcie-pci-0000:00:05.0-nvme-17
"""

So let's make the PCI patterns a little more generic so they match
both the x86 and the aarch64 paths.

(cherry picked from commit 72d121b60174b825bf1390958eb1b55f34c5ff5b)

LICENSES/README: expand text to summarize state for binaries and libs

We would say how *sources* are licensed, but actually most user care about the
resulting binaries. So say how the *binaries* are licensed. I used the word
"effectively" because the permissive licenses don't set any requirements on the
binaries, so the license of sources is a complex mix, but the resulting
binaries have a simple effective license.

Also, make it clear that the GPLv2 license applies to udev programs, but not
the shared library. Based on private correspondence, there's some confusion
about this.

(cherry picked from commit bd7236912f373e0a06a1b0395000ec67d96767af)

test: pull in multi-user.target explicitly

Let's make sure we pull in multi-user.target so that we get a console
when a test fails and we're running meson test with --interactive.

(cherry picked from commit 32f3617fd700e4a98b35f8c28a2807c2e51a2d9f)

TEST-64-UDEV-STORAGE: Fix python 3.9 compatibility

Using double quotes in f-strings only works from python 3.12 onwards.
Use single quotes to make sure python 3.9 works as well.

Also clean up quotes a little in general.

(cherry picked from commit 4e469c0af2e92914b324f0fb48cf4462caff5c86)

TEST-64-UDEV-STORAGE: Use bus pci slot 1 instead of 0

Trying to use bus pci slot 0 fails on aarch64 so let's use 1 instead.

The error:

"""
qemu-system-aarch64: -device virtio-blk-pci,drive=drive0,scsi=off,bus=pci_bridge25: Unsupported PCI slot 0 for standard hotplug controller. Valid slots are between 1 and 31.
"""

(cherry picked from commit 7f07f9c8cdbcca3b57e40143e86e7179420d39db)

TEST-58-REPART: reverse order of diff args

I expect the test output to be the second argument, so we're diffing "expected"
and "output", not the other way around.

I noticed this when working on https://github.com/systemd/systemd/pull/33081.

(cherry picked from commit 6bb3ea655d08c0602c99ccd2a580ba102fd19114)

man/tmpfiles: remove outdated behavior regarding symlink ownership

Update the man page of tmpfiles.d to remove outdated comments regarding the behavior of ownership with symlinks.
The behavior has been changed in this commit 51207ca134716a0dee5fd763a6c39204be849eb1

(cherry picked from commit d108198f395fde05d94fc75d8581af4aa0de7e4a)

test-mountpoint-util: add a test for bind mounted symlinks

(cherry picked from commit b917e5b06bf466b34edf4002aed98494a331e4d0)

mountpoint-util: do not assume symlinks are not mountpoints

They very much can be with the new mount API.

(cherry picked from commit 36e48f22af102843b6cceeda5a2292e57434d2ee)

hostnamed: if polkit authentication fails for Varlink Describe() call, don't reply to client with an error

The logic of the Describe() call was supposed to be: if we can acquire
the PK priv to get the product UUID then let's return the product UUID,
and if we cannot then return the data without it.

This didn't work however, since the polkit varlink glue would
immediately propagate the error it acquired from polkit its own client.
Let's turn this off, optionally, so that hostnamed can handle this
nicely.

(cherry picked from commit b6464e80d65fd5bfd9e6206ee305f0da9c88c096)

core/exec-invoke: use sched_setattr instead of sched_setscheduler

The kernel's sched_setattr interface allows for more control over a processes
scheduling attributes as the previously used sched_setscheduler interface.

Using sched_setattr is also the prerequisite for support of utilization
clamping (UCLAMP [1], see #26705) and allows to set sched_runtime. The latter,
sched_runtime, will probably become a relevant scheduling parameter of the
EEVDF scheduler [2, 3], and therefore will not only apply to processes
scheduled via SCHED_DEADLINE, but also for processes scheduled via
SCHED_OTHER/SCHED_BATCH (i.e., most processes).

1: https://docs.kernel.org/next/scheduler/sched-util-clamp.html
2: https://lwn.net/Articles/969062/
3: https://lwn.net/ml/linux-kernel/20240405110010.934104715@infradead.org/
(cherry picked from commit 016e9d8d08ce66f5e81b42e0a0db398afc17336a)

cryptsetup: improve TPM2 blob display

Just a tiny change to fix an eyesore in cryptsetup luksDump display :)

(cherry picked from commit 0828c6a2bf9aa40a6cf5fcb3d5650130c483ac8a)

util: make file_read() 64bit offset safe

File offsets in UEFI are 64bit on all archs, hence let's use that typo
too, and not create artificial confusion around types.

(cherry picked from commit 9573ab8f5a1e2dfdb3542aa647868ff73ced7dd2)

man/capsule@.service: the capsule user is prefixed with "c-" rather than "p_"

(cherry picked from commit 6343d2ea504661a009df25932fde0ccec15e38d1)

man/capsule@.service.xml: fix typo

(cherry picked from commit 6733d691bb96f926b380fe37aa371b9558b08384)

nspawn, vmspawn: honor the new window title switch

(cherry picked from commit 0bdaa998272da778223ca1965a903c258fcbbfcd)

run: add environment variable to prevent the setting of terminal title

This goes together with the existing SYSTEMD_TINT_BACKGROUND.

Closes https://github.com/systemd/systemd/issues/33301

(cherry picked from commit 27a2513013d3b3c6140de47e04b3042c5b4487e5)

test-execute: add a test case for issue #33299

(cherry picked from commit 956a9f00b444145ebc5ddc7c5cefb0a6c9c7ca8f)

core: do not filter out write() if required in the very late stage

Before 12001b1bf067339db089d52e08fd0b4c6a9945df, write() is required for
if Type=exec. However, with the previous commit, now write() is also used
for sending handoff timestamp. Let's allow write() if necessary.

Fixes a regression caused by 12001b1bf067339db089d52e08fd0b4c6a9945df.
Fixes #33299.

(cherry picked from commit 84b79215ccc5abd6ee50ffd9df34dbbe2d29d625)

core: use write() to send handoff timestamp

Before 12001b1bf067339db089d52e08fd0b4c6a9945df, the timestamp is sent
with write(), but the commit made the timestamp sent by send(), and
causes regressin #33299.

Note the invocation will still fail if write() is filtered by seccomp.
But, that is an old issue since Type=exec is introduced
(5686391b006ee82d8a4559067ad9818e3e631247).

Partially fixes a regression caused by 12001b1bf067339db089d52e08fd0b4c6a9945df.
Partially fixes #33299.

(cherry picked from commit 5161422bb5b0cc47100163ea690252c90159b354)

seccomp-util: split out seccomp_filter_set_add_by_name()

(cherry picked from commit b89a262eb57f18c2dbf6c1ee7427b6f6fd8203cf)

Fix typo in CAP_BPF description (#33464)

description_good and description_bad are mixed up. Disabling CAP_BPF results in the inability to load BPF, not the other way around.

(cherry picked from commit 1750e30d237e6d9cdebc6b546d0a26342828dbd1)

test-network: check if static routes not overridden by NDisc routes

(cherry picked from commit 62fb079a3b4a6553d87d06a3004d21b4e322a4e5)

network/ndisc: do not remove static routes when received RA with zero lifetime

Similar to the previous commit, but for preventing from removing static
routes on receiving RA with zero lifetime.

Fixes a regresson caused by 479d3e1994a2e4ff7070dc2a0cb1615af7120b0c.
Fixes #33346.

(cherry picked from commit fd436c8d67e75eebd0ef9499f699524e4cbe2a92)

network/ndisc: do not override conflicting static routes

We have already ignored conflicting address configurations requested by
NDisc protocol. See ndisc_request_address().
Let's follow the same rule for routes. That is, if there are conflicting
static routes configured or requested, do not override them by NDisc.

Also, swap the order of checking existing route and existing request.

Fixes a regression caused by 972f1d17ab461a51142a142609dd3ec50bae8440.
Prompted by #33346.

(cherry picked from commit 7af3e8cd0034a6eb2e614b052c94c6d0b4556e98)

core/exec-invoke: reopen OpenFile= fds with O_NOCTTY

(cherry picked from commit b9c5d812d5132ea1d6a7146be80d41ae2ccb288e)

core: verify WorkingDirectory= is outside of API VFS only under mount namespacing

The purpose of the check is to prevent leaking API VFS fds
from host into a mount namespace/container. When mountns
is not used at all, the check is pointless and causes
inconvenience. E.g. file managers might need to be spawned
under those directories, and they surely won't run in mountns.

Suggested in https://github.com/systemd/systemd/pull/33454#issuecomment-2186351467
Fixes #33361

(cherry picked from commit 276bd392ecdd6febaeac82e7d6f46a035826f98d)

terminal-util: use colon as separator for specifying color

Then, terminal will safely ignore unsupported features, like colored
underline.

Fixes a regression caused by 891abc9cf1d3d7afd7b740b4077551dcfb5f8e16.
Fixes https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074073.
Fixes #33449.

(cherry picked from commit 6eabe9f2ff48c1b6924724d5afe64e7b661ccdbf)

man: fix double is typo in systemd-tmpfiles

Signed-off-by: Diego Viola <diego.viola@gmail.com>
(cherry picked from commit a78394a49a3bc8eedb9fc2df10c41765bd823c8e)

test: skip test-cgroup-id on ENOSYS from cg_cgroupid_open

Most container managers will block open_by_handle_at with seccomp to
mitigate a container escape attack. LXD in particular returns ENOSYS
rather than e.g. EPERM like nspawn. Skip this test if we get ENOSYS
from open_by_handle_at via cg_cgroupid_open.

(cherry picked from commit 82f57401d933596746c32a955773bc70be53b0ac)

meson: bpf: propagate 'sysroot' for cross compilation

During cross-compilation of systemd, the compiler used to build the bpf's needs
to be pointed at the correct include searchpath. Which can be done by passing
the corresponding directory in through the cflags; for example in yocto/bitbake
this would work: CFLAGS += "--sysroot=${STAGING_DIR_TARGET}"

Signed-off-by: Johannes Schneider <johannes.schneider@leica-geosystems.com>
(cherry picked from commit b608bf5620765de20851eca55cbd6c42ce1af450)

kernel-install: correct the place where it works in man and help text

(cherry picked from commit 111f9889927d75b82264fcaf59b99b879a4a8a26)

man/systemd.exec: list inaccessible files for ProtectKernelTunables

(cherry picked from commit 163bb43ceaa1e5bdcda27c4417339b3af9cf28af)

Use consistent spelling of systemd.condition_first_boot argument

(cherry picked from commit 051d462b42fe6c27824046c15cd3c84fa5afe05b)

login/user-runtime-dir: free ignored sd_bus_error, avoid triggering assertion

Fixes #33388

(cherry picked from commit 909ba6907032caee1157a3e3afd53640798ea817)

login/user-runtime-dir: use STRLEN where appropriate

Also, add missing trailing / to paths used in STRLEN/sizeof.

(cherry picked from commit 0b8a714b2bb69cba68daec4f742c1b85bbafbdb1)

pretty-print: take console glyph width into account when drawing progress bar

So far this used string length, not character width. Fix that.

(cherry picked from commit 1ad4e37da164041605d18c28ee1868cf942f7857)

mkosi: add support for TEST_SAVE_JOURNAL to integration test wrapper

Same variable and values as supported by the shell suite

(cherry picked from commit 59d4970a552cbc30d7977bdc9eca756b41260875)

semaphore: pin packaging to ci/v256/stable branch

The packaging in debian/master is no longer compatible with v256-stable
so switch it

test: skip TEST-69-SHUTDOWN on Debian

There is a regression in the login package, skip the test until
it is fixed. https://bugs.debian.org/1075733

(cherry picked from commit 92d9d5ca70b0a8b3aea12f24e9cd0f770c31a94c)

meson: Bump version to 256.2~devel

We need this so the packages built in CI are considered more recent
than the stable releases shipped by distributions.

meson: Fix various versions

Follow up for 8b3b01c4b7e0fde39b4be354990ee68f5e612c52

We switch to PROJECT_VERSION instead of PROJECT_VERSION_FULL where
we report our version and which is likely being parsed to avoid
breaking compat. If we didn't, the output would change from systemd
255 to systemd 255.1 which could break various tools.

(cherry picked from commit 6a4fcf8cefceba151e11f85e784c8962b6fc383b)

src/boot/efi/meson.build: ensure VERSION_TAG exists in case of cross build

The GIT_VERSION is changed to use VERSION_TAG, but in case of cross build
for src/boot/efi, it's not set, causing build error because the compiler cannot
know it's a macro thus treating it as some variable and error out.

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
(cherry picked from commit 646ed5af0013accacac1f4ac048371bebec52f60)

mkosi: Build a disk image by default again

Now that we have a way to rebuild and reinstall systemd without
having to rebuild the image, let's default to building a disk image
again.

(cherry picked from commit 96110261ee7716bf19a6920a4206365614ad3857)

meson: Deal with potential stable versions

The meson.version file might contain e.g. 256.2~devel in a stable
branch so let's make sure we deal with that.

(cherry picked from commit 8b3b01c4b7e0fde39b4be354990ee68f5e612c52)

mkosi: bump to latest commit

(cherry picked from commit ea6376d17f4475d470925adfe7bf1bac577e96b2)

mkosi: Switch back to btrfs

Now that we're running on Noble instead of Jammy btrfs has the temp_fsid
feature which means we can mount the same image multiple times so let's
switch back to btrfs instead of ext4 as the filesystem as btrfs properly
records timestamps when building filesystems from a root directory unlike
ext4.

(cherry picked from commit 93440db8b5eae1244aaf5fecfa68050a8b26f3e3)

mkosi: Install btrfs-progs on CentOS as well

(cherry picked from commit 48e7d0e91e1c9d86c660a67a8ca29aa79deee33d)

mkosi: Enable hyperscale-packages-experimental for CentOS

This gets us a kernel with btrfs support.

(cherry picked from commit 6f1f13ca9f8db424c613332ec4739e53b2db6fdf)

mkosi: Drop leftover systemd-coredump-debuginfo package for opensuse

The package was merged into the main systemd package in
https://src.opensuse.org/rpm/systemd/commit/23bfa9d83b6e24a5395a704b816a351f3dc5b5316e580cacedd1b5d9e068c117.

(cherry picked from commit 21942c008e6540f2ff905a2c6de35475037e734b)