mirror of
https://github.com/flatcar/scripts.git
synced 2026-05-04 11:51:14 +02:00
overlay coreos/user-patches: Regenerate patches for sys-apps/systemd
Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
This commit is contained in:
Krzesimir Nowak
parent
d011609f09
commit
493f02ce69
@ -1,7 +1,7 @@
|
||||
From 61ae07bbf1d7032eef32137b1fe299647602e3de Mon Sep 17 00:00:00 2001
|
||||
From 6055d8b50c4a39d3e5f4fa0cf017a3b04786c5ba Mon Sep 17 00:00:00 2001
|
||||
From: David Michael <dm0@redhat.com>
|
||||
Date: Tue, 16 Apr 2019 02:44:51 +0000
|
||||
Subject: [PATCH] wait-online: set --any by default
|
||||
Subject: [PATCH 01/20] wait-online: set --any by default
|
||||
|
||||
The systemd-networkd-wait-online command would normally continue
|
||||
waiting after a network interface is usable if other interfaces are
|
||||
@ -11,8 +11,8 @@ Preserve previous Container Linux behavior for compatibility by
|
||||
setting the --any flag by default. See patches from v241 (or
|
||||
earlier) for the original implementation.
|
||||
---
|
||||
src/network/wait-online/wait-online.c | 3 ++-
|
||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||
src/network/wait-online/wait-online.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/network/wait-online/wait-online.c b/src/network/wait-online/wait-online.c
|
||||
index b1d0b9cde2..e07c11d807 100644
|
||||
@ -28,5 +28,5 @@ index b1d0b9cde2..e07c11d807 100644
|
||||
|
||||
STATIC_DESTRUCTOR_REGISTER(arg_interfaces, hashmap_freep);
|
||||
--
|
||||
2.51.0
|
||||
2.52.0
|
||||
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From 5097368cb45b455355165706876509272e49d538 Mon Sep 17 00:00:00 2001
|
||||
From 5bff53a23228b10d93d342510f0ffd41185e3011 Mon Sep 17 00:00:00 2001
|
||||
From: Alex Crawford <alex.crawford@coreos.com>
|
||||
Date: Wed, 2 Mar 2016 10:46:33 -0800
|
||||
Subject: [PATCH 2/8] needs-update: don't require strictly newer usr
|
||||
Subject: [PATCH 02/20] needs-update: don't require strictly newer usr
|
||||
|
||||
Updates should be triggered whenever usr changes, not only when it is newer.
|
||||
---
|
||||
@ -10,10 +10,10 @@ Updates should be triggered whenever usr changes, not only when it is newer.
|
||||
2 files changed, 4 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/man/systemd-update-done.service.xml b/man/systemd-update-done.service.xml
|
||||
index 6b863ecff3..c166c5e7ab 100644
|
||||
index d9d78262a1..761bbdecca 100644
|
||||
--- a/man/systemd-update-done.service.xml
|
||||
+++ b/man/systemd-update-done.service.xml
|
||||
@@ -50,7 +50,7 @@
|
||||
@@ -49,7 +49,7 @@
|
||||
<varname>ConditionNeedsUpdate=</varname> (see
|
||||
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>)
|
||||
condition to make sure to run when <filename>/etc/</filename> or
|
||||
@ -23,10 +23,10 @@ index 6b863ecff3..c166c5e7ab 100644
|
||||
This requires that updates to <filename>/usr/</filename> are always
|
||||
followed by an update of the modification time of
|
||||
diff --git a/src/shared/condition.c b/src/shared/condition.c
|
||||
index 1a03fdbe37..8577c35fa0 100644
|
||||
index b09eff1bfb..3a170b1820 100644
|
||||
--- a/src/shared/condition.c
|
||||
+++ b/src/shared/condition.c
|
||||
@@ -796,7 +796,7 @@ static int condition_test_needs_update(Condition *c, char **env) {
|
||||
@@ -817,7 +817,7 @@ static int condition_test_needs_update(Condition *c, char **env) {
|
||||
* First, compare seconds as they are always accurate...
|
||||
*/
|
||||
if (usr.st_mtim.tv_sec != other.st_mtim.tv_sec)
|
||||
@ -35,7 +35,7 @@ index 1a03fdbe37..8577c35fa0 100644
|
||||
|
||||
/*
|
||||
* ...then compare nanoseconds.
|
||||
@@ -807,7 +807,7 @@ static int condition_test_needs_update(Condition *c, char **env) {
|
||||
@@ -828,7 +828,7 @@ static int condition_test_needs_update(Condition *c, char **env) {
|
||||
* (otherwise the filesystem supports nsec timestamps, see stat(2)).
|
||||
*/
|
||||
if (usr.st_mtim.tv_nsec == 0 || other.st_mtim.tv_nsec > 0)
|
||||
@ -44,7 +44,7 @@ index 1a03fdbe37..8577c35fa0 100644
|
||||
|
||||
_cleanup_free_ char *timestamp_str = NULL;
|
||||
r = parse_env_file(NULL, p, "TIMESTAMP_NSEC", ×tamp_str);
|
||||
@@ -827,7 +827,7 @@ static int condition_test_needs_update(Condition *c, char **env) {
|
||||
@@ -848,7 +848,7 @@ static int condition_test_needs_update(Condition *c, char **env) {
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From 18ce110c4a4a5065ac9003ef67ccd58ada6d3c38 Mon Sep 17 00:00:00 2001
|
||||
From df56cf2ad0c6c84a22e9fca8893c610b82b78377 Mon Sep 17 00:00:00 2001
|
||||
From: Adrian Vladu <avladu@cloudbasesolutions.com>
|
||||
Date: Fri, 16 Feb 2024 11:22:08 +0000
|
||||
Subject: [PATCH 3/8] core: use max for DefaultTasksMax
|
||||
Subject: [PATCH 03/20] core: use max for DefaultTasksMax
|
||||
|
||||
Since systemd v228, systemd has a DefaultTasksMax which defaulted
|
||||
to 512, later 15% of the system's maximum number of PIDs. This
|
||||
@ -21,10 +21,10 @@ Signed-off-by: Adrian Vladu <avladu@cloudbasesolutions.com>
|
||||
3 files changed, 3 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/man/systemd-system.conf.xml b/man/systemd-system.conf.xml
|
||||
index f7b414da5c..9c07e235ab 100644
|
||||
index cf5a3612f6..a0f9f8ba57 100644
|
||||
--- a/man/systemd-system.conf.xml
|
||||
+++ b/man/systemd-system.conf.xml
|
||||
@@ -230,7 +230,7 @@
|
||||
@@ -227,7 +227,7 @@
|
||||
<listitem><para>Configure the default value for the per-unit <varname>TasksMax=</varname> setting. See
|
||||
<citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>
|
||||
for details. This setting applies to all unit types that support resource control settings, with the exception
|
||||
@ -34,10 +34,10 @@ index f7b414da5c..9c07e235ab 100644
|
||||
Kernel has a default value for <varname>kernel.pid_max=</varname> and an algorithm of counting in case of more than 32 cores.
|
||||
For example, with the default <varname>kernel.pid_max=</varname>, <varname>DefaultTasksMax=</varname> defaults to 4915,
|
||||
diff --git a/src/core/manager.c b/src/core/manager.c
|
||||
index e9fa84079d..af8d3c7b41 100644
|
||||
index 20a535f2f4..be1c352045 100644
|
||||
--- a/src/core/manager.c
|
||||
+++ b/src/core/manager.c
|
||||
@@ -117,7 +117,7 @@
|
||||
@@ -112,7 +112,7 @@
|
||||
/* How many units and jobs to process of the bus queue before returning to the event loop. */
|
||||
#define MANAGER_BUS_MESSAGE_BUDGET 100U
|
||||
|
||||
@ -45,12 +45,12 @@ index e9fa84079d..af8d3c7b41 100644
|
||||
+#define DEFAULT_TASKS_MAX ((CGroupTasksMax) { 100U, 100U }) /* 15% */
|
||||
|
||||
static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
|
||||
static int manager_dispatch_cgroups_agent_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
|
||||
static int manager_dispatch_signal_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
|
||||
diff --git a/src/core/system.conf.in b/src/core/system.conf.in
|
||||
index 1c08aa4d22..2faea3605e 100644
|
||||
index 54196e8489..b0b5c78b56 100644
|
||||
--- a/src/core/system.conf.in
|
||||
+++ b/src/core/system.conf.in
|
||||
@@ -59,7 +59,7 @@
|
||||
@@ -58,7 +58,7 @@
|
||||
#DefaultIPAccounting=no
|
||||
#DefaultMemoryAccounting={{ 'yes' if MEMORY_ACCOUNTING_DEFAULT else 'no' }}
|
||||
#DefaultTasksAccounting=yes
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From 1716754b1f3ea3d5d3f232d9fe50ba1df0c5eff7 Mon Sep 17 00:00:00 2001
|
||||
From 38ef166d85928d1f806bc48f3d29f45563d1abde Mon Sep 17 00:00:00 2001
|
||||
From: Matthew Garrett <mjg59@coreos.com>
|
||||
Date: Tue, 20 Dec 2016 16:43:22 +0000
|
||||
Subject: [PATCH 4/8] systemd: Disable SELinux permissions checks
|
||||
Subject: [PATCH 04/20] systemd: Disable SELinux permissions checks
|
||||
|
||||
We don't care about the interaction between systemd and SELinux policy, so
|
||||
let's just disable these checks rather than having to incorporate policy
|
||||
@ -12,7 +12,7 @@ to limit containers and not anything running directly on the host.
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/core/selinux-access.c b/src/core/selinux-access.c
|
||||
index a67a520a3b..3365b920eb 100644
|
||||
index 8ccc31630d..34e9cebee8 100644
|
||||
--- a/src/core/selinux-access.c
|
||||
+++ b/src/core/selinux-access.c
|
||||
@@ -2,7 +2,7 @@
|
||||
@ -22,8 +22,8 @@ index a67a520a3b..3365b920eb 100644
|
||||
-#if HAVE_SELINUX
|
||||
+#if 0
|
||||
|
||||
#include <errno.h>
|
||||
#include <selinux/avc.h>
|
||||
#include <selinux/selinux.h>
|
||||
--
|
||||
2.52.0
|
||||
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From 306da1d06e84a721ac34fbc303b4629b2c1c7257 Mon Sep 17 00:00:00 2001
|
||||
From 4e071bef0713099cfe2540a5576744c0e5c41723 Mon Sep 17 00:00:00 2001
|
||||
From: Sayan Chowdhury <schowdhury@microsoft.com>
|
||||
Date: Fri, 16 Dec 2022 16:28:26 +0530
|
||||
Subject: [PATCH] Revert "getty: Pass tty to use by agetty via stdin"
|
||||
Subject: [PATCH 05/20] Revert "getty: Pass tty to use by agetty via stdin"
|
||||
|
||||
This reverts commit b4bf9007cbee7dc0b1356897344ae2a7890df84c.
|
||||
|
||||
@ -10,22 +10,24 @@ input for serial consoles (which is used for SSH connections).
|
||||
|
||||
Signed-off-by: Sayan Chowdhury <schowdhury@microsoft.com>
|
||||
---
|
||||
units/console-getty.service.in | 4 +---
|
||||
units/container-getty@.service.in | 4 +---
|
||||
units/getty@.service.in | 4 +---
|
||||
units/serial-getty@.service.in | 4 +---
|
||||
4 files changed, 4 insertions(+), 12 deletions(-)
|
||||
units/console-getty.service.in | 6 +++---
|
||||
units/container-getty@.service.in | 6 +++---
|
||||
units/getty@.service.in | 6 +++---
|
||||
units/serial-getty@.service.in | 6 +++---
|
||||
4 files changed, 12 insertions(+), 12 deletions(-)
|
||||
|
||||
diff --git a/units/console-getty.service.in b/units/console-getty.service.in
|
||||
index 967d8337ab..cde822afc8 100644
|
||||
index 967d8337ab..1f2d8b910f 100644
|
||||
--- a/units/console-getty.service.in
|
||||
+++ b/units/console-getty.service.in
|
||||
@@ -20,12 +20,10 @@ Before=getty.target
|
||||
@@ -20,12 +20,12 @@ Before=getty.target
|
||||
ConditionPathExists=/dev/console
|
||||
|
||||
[Service]
|
||||
-ExecStart=-/sbin/agetty --noreset --noclear --issue-file=/etc/issue:/etc/issue.d:/run/issue.d:/usr/lib/issue.d --keep-baud 115200,57600,38400,9600 - ${TERM}
|
||||
+ExecStart=-/sbin/agetty --noreset --noclear --issue-file=/etc/issue:/etc/issue.d:/run/issue.d:/usr/lib/issue.d --keep-baud 115200,57600,38400,9600 console ${TERM}
|
||||
+# The '-o' option value tells agetty to replace 'login' arguments with '--' for
|
||||
+# safety, and then the entered username.
|
||||
+ExecStart=-/sbin/agetty -o '-- \\u' --noreset --noclear --keep-baud 115200,57600,38400,9600 console ${TERM}
|
||||
Type=idle
|
||||
Restart=always
|
||||
UtmpIdentifier=cons
|
||||
@ -35,15 +37,17 @@ index 967d8337ab..cde822afc8 100644
|
||||
TTYReset=yes
|
||||
TTYVHangup=yes
|
||||
diff --git a/units/container-getty@.service.in b/units/container-getty@.service.in
|
||||
index e0b27613df..2868d56ad0 100644
|
||||
index e0b27613df..5f27653d1f 100644
|
||||
--- a/units/container-getty@.service.in
|
||||
+++ b/units/container-getty@.service.in
|
||||
@@ -25,13 +25,11 @@ Conflicts=rescue.service
|
||||
@@ -25,13 +25,13 @@ Conflicts=rescue.service
|
||||
Before=rescue.service
|
||||
|
||||
[Service]
|
||||
-ExecStart=-/sbin/agetty --noreset --noclear --issue-file=/etc/issue:/etc/issue.d:/run/issue.d:/usr/lib/issue.d - ${TERM}
|
||||
+ExecStart=-/sbin/agetty --noreset --noclear --issue-file=/etc/issue:/etc/issue.d:/run/issue.d:/usr/lib/issue.d pts/%I ${TERM}
|
||||
+# The '-o' option value tells agetty to replace 'login' arguments with '--' for
|
||||
+# safety, and then the entered username.
|
||||
+ExecStart=-/sbin/agetty -o '-- \\u' --noreset --noclear pts/%I ${TERM}
|
||||
Type=idle
|
||||
Restart=always
|
||||
RestartSec=0
|
||||
@ -54,15 +58,17 @@ index e0b27613df..2868d56ad0 100644
|
||||
TTYReset=yes
|
||||
TTYVHangup=yes
|
||||
diff --git a/units/getty@.service.in b/units/getty@.service.in
|
||||
index 104c4acc96..bedf0aae54 100644
|
||||
index 104c4acc96..1819627d1c 100644
|
||||
--- a/units/getty@.service.in
|
||||
+++ b/units/getty@.service.in
|
||||
@@ -34,13 +34,11 @@ Before=rescue.service
|
||||
@@ -34,13 +34,13 @@ Before=rescue.service
|
||||
ConditionPathExists=/dev/tty0
|
||||
|
||||
[Service]
|
||||
-ExecStart=-/sbin/agetty --noreset --noclear --issue-file=/etc/issue:/etc/issue.d:/run/issue.d:/usr/lib/issue.d - ${TERM}
|
||||
+ExecStart=-/sbin/agetty --noreset --noclear --issue-file=/etc/issue:/etc/issue.d:/run/issue.d:/usr/lib/issue.d %I ${TERM}
|
||||
+# The '-o' option value tells agetty to replace 'login' arguments with '--' for
|
||||
+# safety, and then the entered username.
|
||||
+ExecStart=-/sbin/agetty -o '-- \\u' --noreset --noclear %I ${TERM}
|
||||
Type=idle
|
||||
Restart=always
|
||||
RestartSec=0
|
||||
@ -73,15 +79,17 @@ index 104c4acc96..bedf0aae54 100644
|
||||
TTYReset=yes
|
||||
TTYVHangup=yes
|
||||
diff --git a/units/serial-getty@.service.in b/units/serial-getty@.service.in
|
||||
index 0134c83d48..7e5c8797ca 100644
|
||||
index 0134c83d48..ba4cbc0edb 100644
|
||||
--- a/units/serial-getty@.service.in
|
||||
+++ b/units/serial-getty@.service.in
|
||||
@@ -30,12 +30,10 @@ Conflicts=rescue.service
|
||||
@@ -30,12 +30,12 @@ Conflicts=rescue.service
|
||||
Before=rescue.service
|
||||
|
||||
[Service]
|
||||
-ExecStart=-/sbin/agetty --noreset --noclear --issue-file=/etc/issue:/etc/issue.d:/run/issue.d:/usr/lib/issue.d --keep-baud 115200,57600,38400,9600 - ${TERM}
|
||||
+ExecStart=-/sbin/agetty --noreset --noclear --issue-file=/etc/issue:/etc/issue.d:/run/issue.d:/usr/lib/issue.d --keep-baud 115200,57600,38400,9600 %I ${TERM}
|
||||
+# The '-o' option value tells agetty to replace 'login' arguments with '--' for
|
||||
+# safety, and then the entered username.
|
||||
+ExecStart=-/sbin/agetty -o '-- \\u' --noreset --noclear --keep-baud 115200,57600,38400,9600 %I ${TERM}
|
||||
Type=idle
|
||||
Restart=always
|
||||
UtmpIdentifier=%I
|
||||
@ -91,5 +99,5 @@ index 0134c83d48..7e5c8797ca 100644
|
||||
TTYReset=yes
|
||||
TTYVHangup=yes
|
||||
--
|
||||
2.51.0
|
||||
2.52.0
|
||||
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From 63fe9e7a742c070c83919be74c383f74420e6777 Mon Sep 17 00:00:00 2001
|
||||
From b097e139801009d722c33a9580bcda23a4a7a1e1 Mon Sep 17 00:00:00 2001
|
||||
From: Adrian Vladu <avladu@cloudbasesolutions.com>
|
||||
Date: Fri, 16 Feb 2024 11:29:04 +0000
|
||||
Subject: [PATCH 6/8] units: Keep using old journal file format
|
||||
Subject: [PATCH 06/20] units: Keep using old journal file format
|
||||
|
||||
Systemd 252 made an incompatible change in journal file format. Temporarily
|
||||
force journald to use the old journal format to give logging containers more
|
||||
@ -14,7 +14,7 @@ Signed-off-by: Adrian Vladu <avladu@cloudbasesolutions.com>
|
||||
2 files changed, 2 insertions(+)
|
||||
|
||||
diff --git a/units/systemd-journald.service.in b/units/systemd-journald.service.in
|
||||
index 4404af963b..323af7cfb0 100644
|
||||
index 1fb080d268..960568aaff 100644
|
||||
--- a/units/systemd-journald.service.in
|
||||
+++ b/units/systemd-journald.service.in
|
||||
@@ -30,6 +30,7 @@ IgnoreOnIsolate=yes
|
||||
|
||||
@ -1,7 +1,8 @@
|
||||
From a31573ecdeff40d109951750c7adf086c52c2869 Mon Sep 17 00:00:00 2001
|
||||
From 0ba9b9356861f8012c0e7794d9c61ebf21a9c6d7 Mon Sep 17 00:00:00 2001
|
||||
From: Krzesimir Nowak <knowak@microsoft.com>
|
||||
Date: Wed, 22 Oct 2025 10:39:42 +0200
|
||||
Subject: [PATCH 7/8] tmpfiles.d: Fix DNS issues with default k8s configuration
|
||||
Subject: [PATCH 07/20] tmpfiles.d: Fix DNS issues with default k8s
|
||||
configuration
|
||||
|
||||
The Kubelet takes /etc/resolv.conf for, e.g., CoreDNS which has dnsPolicy
|
||||
"default", but unless the kubelet `--resolv-conf` flag is set to point to
|
||||
|
||||
@ -1,38 +1,41 @@
|
||||
From 3c13363e4b3f2e5bcc762a71460d84b93452f53f Mon Sep 17 00:00:00 2001
|
||||
From b3430348f5ae93251076fb4e3b4aecbfa02513b5 Mon Sep 17 00:00:00 2001
|
||||
From: Krzesimir Nowak <knowak@microsoft.com>
|
||||
Date: Fri, 24 Oct 2025 11:06:57 +0200
|
||||
Subject: [PATCH] units: Make multi-user.target the default target
|
||||
Subject: [PATCH 08/20] units: Make multi-user.target the default target
|
||||
|
||||
Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
|
||||
Signed-off-by: Kai Lueke <kailuke@microsoft.com>
|
||||
---
|
||||
units/meson.build | 4 +++-
|
||||
1 file changed, 3 insertions(+), 1 deletion(-)
|
||||
units/meson.build | 10 +++++-----
|
||||
1 file changed, 5 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/units/meson.build b/units/meson.build
|
||||
index 4f47a3b2bd..9663e21e0c 100644
|
||||
index 4f47a3b2bd..63940a72be 100644
|
||||
--- a/units/meson.build
|
||||
+++ b/units/meson.build
|
||||
@@ -48,8 +48,7 @@ units = [
|
||||
@@ -47,10 +47,7 @@ units = [
|
||||
'file' : 'getty@.service.in',
|
||||
'symlinks' : ['autovt@.service'],
|
||||
},
|
||||
{
|
||||
- {
|
||||
- 'file' : 'graphical.target',
|
||||
- 'symlinks' : ['default.target'],
|
||||
+ 'file' : 'graphical.target'
|
||||
},
|
||||
- },
|
||||
+ { 'file' : 'graphical.target' },
|
||||
{ 'file' : 'halt.target' },
|
||||
{
|
||||
@@ -142,7 +141,9 @@ units = [
|
||||
'file' : 'hibernate.target',
|
||||
@@ -142,7 +139,10 @@ units = [
|
||||
'conditions' : ['ENABLE_MACHINED'],
|
||||
},
|
||||
{ 'file' : 'modprobe@.service' },
|
||||
- { 'file' : 'multi-user.target' },
|
||||
+ { 'file' : 'multi-user.target' ,
|
||||
+ 'symlinks' : ['default.target']
|
||||
+ {
|
||||
+ 'file' : 'multi-user.target',
|
||||
+ 'symlinks' : ['default.target'],
|
||||
+ },
|
||||
{ 'file' : 'network-online.target' },
|
||||
{ 'file' : 'network-pre.target' },
|
||||
{ 'file' : 'network.target' },
|
||||
--
|
||||
2.51.0
|
||||
2.52.0
|
||||
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From 6f4b065b626edd8a06ff0c8028173e060b5e444b Mon Sep 17 00:00:00 2001
|
||||
From 42b6a55f8d2bdf68ff93764219b3bedffb11f4e0 Mon Sep 17 00:00:00 2001
|
||||
From: Kai Lueke <kailuke@microsoft.com>
|
||||
Date: Thu, 20 Nov 2025 23:43:55 +0900
|
||||
Subject: [PATCH 03/10] vpick: Don't use openat directly but resolve symlinks
|
||||
Subject: [PATCH 09/20] vpick: Don't use openat directly but resolve symlinks
|
||||
in given root
|
||||
|
||||
With systemd-sysext --root= all symlinks should be followed relative to
|
||||
@ -13,7 +13,7 @@ symlink in the given root.
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/shared/vpick.c b/src/shared/vpick.c
|
||||
index b1b2d93054..dfe58cafa5 100644
|
||||
index 07d9d9ffd8..b203609cc9 100644
|
||||
--- a/src/shared/vpick.c
|
||||
+++ b/src/shared/vpick.c
|
||||
@@ -471,9 +471,9 @@ static int make_choice(
|
||||
@ -1,7 +1,7 @@
|
||||
From 9b6f1b1d8e1066a513a2939c613b36c9e887512c Mon Sep 17 00:00:00 2001
|
||||
From 530ffcd9e3212e0c93002e752b682dd41a8889b1 Mon Sep 17 00:00:00 2001
|
||||
From: Kai Lueke <kailuke@microsoft.com>
|
||||
Date: Thu, 20 Nov 2025 23:43:55 +0900
|
||||
Subject: [PATCH 04/10] discover-image: Follow symlinks in a given root
|
||||
Subject: [PATCH 10/20] discover-image: Follow symlinks in a given root
|
||||
|
||||
So far systemd-sysext with --root= specified didn't follow extension
|
||||
symlinks (such as the "current" symlinks managed by systemd-sysupdate).
|
||||
@ -25,7 +25,7 @@ is to do this for the final system which is trusted at this stage.
|
||||
1 file changed, 122 insertions(+), 40 deletions(-)
|
||||
|
||||
diff --git a/src/shared/discover-image.c b/src/shared/discover-image.c
|
||||
index 1402303a8e..97c4284eca 100644
|
||||
index 888f11f206..53ee30c3f8 100644
|
||||
--- a/src/shared/discover-image.c
|
||||
+++ b/src/shared/discover-image.c
|
||||
@@ -356,6 +356,8 @@ static int image_make(
|
||||
@ -1,7 +1,7 @@
|
||||
From 5480f56002399069f74f30ce3ef620ec44ecf527 Mon Sep 17 00:00:00 2001
|
||||
From 6a95919888a99d92636e0aa28c68d0f95f16e48e Mon Sep 17 00:00:00 2001
|
||||
From: Kai Lueke <kailuke@microsoft.com>
|
||||
Date: Thu, 20 Nov 2025 23:43:55 +0900
|
||||
Subject: [PATCH 3/7] sysext: Use correct image name for extension release
|
||||
Subject: [PATCH 11/20] sysext: Use correct image name for extension release
|
||||
checks
|
||||
|
||||
For the extension release check the image name is needed and was derived
|
||||
@ -21,12 +21,12 @@ device but directly the extension name we have at hand.
|
||||
2 files changed, 10 insertions(+)
|
||||
|
||||
diff --git a/src/shared/discover-image.c b/src/shared/discover-image.c
|
||||
index 91f4407b0e..480ffd221c 100644
|
||||
index 53ee30c3f8..2801793d6d 100644
|
||||
--- a/src/shared/discover-image.c
|
||||
+++ b/src/shared/discover-image.c
|
||||
@@ -1822,6 +1822,11 @@ int image_read_metadata(Image *i, const ImagePolicy *image_policy) {
|
||||
@@ -1844,6 +1844,11 @@ int image_read_metadata(Image *i, const ImagePolicy *image_policy) {
|
||||
if (r < 0)
|
||||
return r;
|
||||
return log_debug_errno(r, "Failed to decrypt image '%s': %m", i->path);
|
||||
|
||||
+ /* Do not use the image name derived from the backing file of the loop device */
|
||||
+ r = free_and_strdup(&m->image_name, i->name);
|
||||
@ -53,5 +53,5 @@ index 5d432b42da..72da02cd89 100644
|
||||
m,
|
||||
d->fd,
|
||||
--
|
||||
2.51.1
|
||||
2.52.0
|
||||
|
||||
@ -1,7 +1,8 @@
|
||||
From f2e3cd402e64528454d3825681ccf242ff1b46af Mon Sep 17 00:00:00 2001
|
||||
From 187e60032a26fb58b8944aac5c48a495f9de2644 Mon Sep 17 00:00:00 2001
|
||||
From: Kai Lueke <kailuke@microsoft.com>
|
||||
Date: Thu, 20 Nov 2025 23:43:55 +0900
|
||||
Subject: [PATCH 4/7] test: Add tests for handling symlinks with systemd-sysext
|
||||
Subject: [PATCH 12/20] test: Add tests for handling symlinks with
|
||||
systemd-sysext
|
||||
|
||||
When we now allow following symlinks inside a --root= we should also
|
||||
test that it works in various cases from simple relative and absolute
|
||||
@ -330,5 +331,5 @@ index ecf0b83b1d..3eec224eb6 100755
|
||||
|
||||
|
||||
--
|
||||
2.51.1
|
||||
2.52.0
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From cf36f845e6a806161e008def40a271e9e9746c4f Mon Sep 17 00:00:00 2001
|
||||
From 773073faa6582a0bbb6f3c4d3b35a1a81fbffd81 Mon Sep 17 00:00:00 2001
|
||||
From: Kai Lueke <kailuke@microsoft.com>
|
||||
Date: Wed, 3 Dec 2025 00:02:32 +0900
|
||||
Subject: [PATCH 5/7] sysext: Create mutable directory with the right mode
|
||||
Subject: [PATCH 13/20] sysext: Create mutable directory with the right mode
|
||||
|
||||
When the mutable directory didn't exist but gets created with
|
||||
--mutable=yes then it used to get mode 700 and later it got patched by
|
||||
@ -41,5 +41,5 @@ index 72da02cd89..d63cf39fbb 100644
|
||||
if (atfd < 0)
|
||||
return log_error_errno(errno, "Failed to open directory '%s': %m", path_in_root);
|
||||
--
|
||||
2.51.1
|
||||
2.52.0
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From 34f3aeb2b92388e26cabe51e48dea99845e0930f Mon Sep 17 00:00:00 2001
|
||||
From d8ccdfe333a2eda7770371112cf5dea0ae67598c Mon Sep 17 00:00:00 2001
|
||||
From: Kai Lueke <kailuke@microsoft.com>
|
||||
Date: Wed, 26 Nov 2025 00:04:43 +0900
|
||||
Subject: [PATCH 1/3] sysext: Skip refresh if no changes are found
|
||||
Subject: [PATCH 14/20] sysext: Skip refresh if no changes are found
|
||||
|
||||
When the extensions for the final system are already set up from the
|
||||
initrd we should avoid disrupting the boot process with the remount
|
||||
@ -292,7 +292,7 @@ index 5f1d90ad79..f244ffa9f1 100644
|
||||
+#define AT_HANDLE_MNT_ID_UNIQUE 0x001 /* Return the u64 unique mount ID. */
|
||||
+#endif
|
||||
diff --git a/src/shared/discover-image.c b/src/shared/discover-image.c
|
||||
index d6d41b4ecf..ddb2edaa33 100644
|
||||
index 2801793d6d..192ed18687 100644
|
||||
--- a/src/shared/discover-image.c
|
||||
+++ b/src/shared/discover-image.c
|
||||
@@ -35,6 +35,9 @@
|
||||
@ -1,7 +1,7 @@
|
||||
From 439fb373b7360ba3759b8978d0354d4fe760c8f2 Mon Sep 17 00:00:00 2001
|
||||
From a228e6433b6febd4d252a3cb71bb0c2e63156b93 Mon Sep 17 00:00:00 2001
|
||||
From: Kai Lueke <kailuke@microsoft.com>
|
||||
Date: Thu, 27 Nov 2025 17:49:15 +0900
|
||||
Subject: [PATCH 2/3] sysext: Get verity user certs from given --root=
|
||||
Subject: [PATCH 15/20] sysext: Get verity user certs from given --root=
|
||||
|
||||
The verity user certs weren't looked up in the given --root= for
|
||||
systemd-sysext which made it fail to set up extensions with a strict
|
||||
@ -18,16 +18,16 @@ Signed-off-by: Kai Lueke <kailuke@microsoft.com>
|
||||
src/machine/machined-varlink.c | 2 +-
|
||||
src/mountfsd/mountwork.c | 1 +
|
||||
src/portable/portabled-image-bus.c | 2 +-
|
||||
src/shared/discover-image.c | 2 +-
|
||||
src/shared/discover-image.c | 3 +-
|
||||
src/shared/discover-image.h | 2 +-
|
||||
src/shared/dissect-image.c | 22 ++++++-----
|
||||
src/shared/dissect-image.h | 2 +-
|
||||
src/sysext/sysext.c | 4 +-
|
||||
test/units/TEST-50-DISSECT.sysext.sh | 58 ++++++++++++++++++++++++++++
|
||||
11 files changed, 84 insertions(+), 20 deletions(-)
|
||||
11 files changed, 85 insertions(+), 20 deletions(-)
|
||||
|
||||
diff --git a/src/core/namespace.c b/src/core/namespace.c
|
||||
index 283a1108ce..97cf008194 100644
|
||||
index 2e3b2a4177..95f8714ea6 100644
|
||||
--- a/src/core/namespace.c
|
||||
+++ b/src/core/namespace.c
|
||||
@@ -2593,6 +2593,7 @@ int setup_namespace(const NamespaceParameters *p, char **reterr_path) {
|
||||
@ -79,7 +79,7 @@ index 8bc6565079..2857cd18be 100644
|
||||
return sd_bus_error_set_errnof(error, r, "Failed to read image metadata: %m");
|
||||
}
|
||||
diff --git a/src/machine/machined-varlink.c b/src/machine/machined-varlink.c
|
||||
index 52b1fc12d2..1e8f4ce9a8 100644
|
||||
index 064ffab137..f3676e625c 100644
|
||||
--- a/src/machine/machined-varlink.c
|
||||
+++ b/src/machine/machined-varlink.c
|
||||
@@ -621,7 +621,7 @@ static int list_image_one_and_maybe_read_metadata(sd_varlink *link, Image *image
|
||||
@ -117,7 +117,7 @@ index e8bcb900ef..380a6d5d45 100644
|
||||
return sd_bus_error_set_errnof(error, r, "Failed to read image metadata: %m");
|
||||
}
|
||||
diff --git a/src/shared/discover-image.c b/src/shared/discover-image.c
|
||||
index 9ce5f028fc..822ea2bd24 100644
|
||||
index 192ed18687..925bc6010b 100644
|
||||
--- a/src/shared/discover-image.c
|
||||
+++ b/src/shared/discover-image.c
|
||||
@@ -1766,7 +1766,7 @@ int image_set_pool_limit(ImageClass class, uint64_t referenced_max) {
|
||||
@ -129,6 +129,14 @@ index 9ce5f028fc..822ea2bd24 100644
|
||||
_cleanup_(release_lock_file) LockFile global_lock = LOCK_FILE_INIT, local_lock = LOCK_FILE_INIT;
|
||||
int r;
|
||||
|
||||
@@ -1892,6 +1892,7 @@ int image_read_metadata(Image *i, const ImagePolicy *image_policy) {
|
||||
|
||||
r = dissected_image_decrypt(
|
||||
m,
|
||||
+ root,
|
||||
/* passphrase= */ NULL,
|
||||
&verity,
|
||||
flags);
|
||||
diff --git a/src/shared/discover-image.h b/src/shared/discover-image.h
|
||||
index 7b5593f08d..4d64a306c8 100644
|
||||
--- a/src/shared/discover-image.h
|
||||
@ -143,10 +151,10 @@ index 7b5593f08d..4d64a306c8 100644
|
||||
bool image_in_search_path(RuntimeScope scope, ImageClass class, const char *root, const char *image);
|
||||
|
||||
diff --git a/src/shared/dissect-image.c b/src/shared/dissect-image.c
|
||||
index 715afc8882..8ffb63e1d3 100644
|
||||
index 64639000b1..cec4225e92 100644
|
||||
--- a/src/shared/dissect-image.c
|
||||
+++ b/src/shared/dissect-image.c
|
||||
@@ -2611,7 +2611,7 @@ static char* dm_deferred_remove_clean(char *name) {
|
||||
@@ -2740,7 +2740,7 @@ static char* dm_deferred_remove_clean(char *name) {
|
||||
}
|
||||
DEFINE_TRIVIAL_CLEANUP_FUNC(char *, dm_deferred_remove_clean);
|
||||
|
||||
@ -155,7 +163,7 @@ index 715afc8882..8ffb63e1d3 100644
|
||||
int r;
|
||||
|
||||
if (!FLAGS_SET(flags, DISSECT_IMAGE_ALLOW_USERSPACE_VERITY)) {
|
||||
@@ -2656,7 +2656,7 @@ static int validate_signature_userspace(const VeritySettings *verity, DissectIma
|
||||
@@ -2785,7 +2785,7 @@ static int validate_signature_userspace(const VeritySettings *verity, DissectIma
|
||||
/* Because installing a signature certificate into the kernel chain is so messy, let's optionally do
|
||||
* userspace validation. */
|
||||
|
||||
@ -164,7 +172,7 @@ index 715afc8882..8ffb63e1d3 100644
|
||||
if (r < 0)
|
||||
return log_debug_errno(r, "Failed to enumerate certificates: %m");
|
||||
if (strv_isempty(certs)) {
|
||||
@@ -2718,6 +2718,7 @@ static int validate_signature_userspace(const VeritySettings *verity, DissectIma
|
||||
@@ -2847,6 +2847,7 @@ static int validate_signature_userspace(const VeritySettings *verity, DissectIma
|
||||
|
||||
static int do_crypt_activate_verity(
|
||||
struct crypt_device *cd,
|
||||
@ -172,7 +180,7 @@ index 715afc8882..8ffb63e1d3 100644
|
||||
const char *name,
|
||||
const VeritySettings *verity,
|
||||
DissectImageFlags flags) {
|
||||
@@ -2765,7 +2766,7 @@ static int do_crypt_activate_verity(
|
||||
@@ -2894,7 +2895,7 @@ static int do_crypt_activate_verity(
|
||||
|
||||
/* Preferably propagate the original kernel error, so that the fallback logic can work,
|
||||
* as the device-mapper is finicky around concurrent activations of the same volume */
|
||||
@ -181,7 +189,7 @@ index 715afc8882..8ffb63e1d3 100644
|
||||
if (k < 0)
|
||||
return r < 0 ? r : k;
|
||||
if (k == 0)
|
||||
@@ -2805,8 +2806,9 @@ static usec_t verity_timeout(void) {
|
||||
@@ -2934,8 +2935,9 @@ static usec_t verity_timeout(void) {
|
||||
|
||||
static int verity_partition(
|
||||
PartitionDesignator designator,
|
||||
@ -193,7 +201,7 @@ index 715afc8882..8ffb63e1d3 100644
|
||||
const VeritySettings *verity,
|
||||
DissectImageFlags flags,
|
||||
DecryptedImage *d) {
|
||||
@@ -2886,7 +2888,7 @@ static int verity_partition(
|
||||
@@ -3015,7 +3017,7 @@ static int verity_partition(
|
||||
goto check; /* The device already exists. Let's check it. */
|
||||
|
||||
/* The symlink to the device node does not exist yet. Assume not activated, and let's activate it. */
|
||||
@ -202,7 +210,7 @@ index 715afc8882..8ffb63e1d3 100644
|
||||
if (r >= 0)
|
||||
goto try_open; /* The device is activated. Let's open it. */
|
||||
/* libdevmapper can return EINVAL when the device is already in the activation stage.
|
||||
@@ -2980,7 +2982,7 @@ static int verity_partition(
|
||||
@@ -3109,7 +3111,7 @@ static int verity_partition(
|
||||
*/
|
||||
sym_crypt_free(cd);
|
||||
cd = NULL;
|
||||
@ -211,7 +219,7 @@ index 715afc8882..8ffb63e1d3 100644
|
||||
}
|
||||
|
||||
return log_debug_errno(SYNTHETIC_ERRNO(EBUSY), "All attempts to activate verity device %s failed.", name);
|
||||
@@ -3000,6 +3002,7 @@ success:
|
||||
@@ -3129,6 +3131,7 @@ success:
|
||||
|
||||
int dissected_image_decrypt(
|
||||
DissectedImage *m,
|
||||
@ -219,7 +227,7 @@ index 715afc8882..8ffb63e1d3 100644
|
||||
const char *passphrase,
|
||||
const VeritySettings *verity,
|
||||
DissectImageFlags flags) {
|
||||
@@ -3047,7 +3050,7 @@ int dissected_image_decrypt(
|
||||
@@ -3176,7 +3179,7 @@ int dissected_image_decrypt(
|
||||
if (k >= 0) {
|
||||
flags |= getenv_bool("SYSTEMD_VERITY_SHARING") != 0 ? DISSECT_IMAGE_VERITY_SHARE : 0;
|
||||
|
||||
@ -228,7 +236,7 @@ index 715afc8882..8ffb63e1d3 100644
|
||||
if (r < 0)
|
||||
return r;
|
||||
}
|
||||
@@ -3080,7 +3083,7 @@ int dissected_image_decrypt_interactively(
|
||||
@@ -3209,7 +3212,7 @@ int dissected_image_decrypt_interactively(
|
||||
n--;
|
||||
|
||||
for (;;) {
|
||||
@ -237,7 +245,7 @@ index 715afc8882..8ffb63e1d3 100644
|
||||
if (r >= 0)
|
||||
return r;
|
||||
if (r == -EKEYREJECTED)
|
||||
@@ -4367,6 +4370,7 @@ int verity_dissect_and_mount(
|
||||
@@ -4455,6 +4458,7 @@ int verity_dissect_and_mount(
|
||||
r = dissected_image_decrypt(
|
||||
dissected_image,
|
||||
NULL,
|
||||
@ -259,7 +267,7 @@ index 97431bca67..004dc46dc3 100644
|
||||
int dissected_image_mount(DissectedImage *m, const char *where, uid_t uid_shift, uid_t uid_range, int userns_fd, DissectImageFlags flags);
|
||||
int dissected_image_mount_and_warn(DissectedImage *m, const char *where, uid_t uid_shift, uid_t uid_range, int userns_fd, DissectImageFlags flags);
|
||||
diff --git a/src/sysext/sysext.c b/src/sysext/sysext.c
|
||||
index c33ce0d0a4..dbd6df63b4 100644
|
||||
index bfe71f2267..20acc60724 100644
|
||||
--- a/src/sysext/sysext.c
|
||||
+++ b/src/sysext/sysext.c
|
||||
@@ -1888,7 +1888,7 @@ static int merge_subprocess(
|
||||
@ -271,7 +279,7 @@ index c33ce0d0a4..dbd6df63b4 100644
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
@@ -2308,7 +2308,7 @@ static int image_discover_and_read_metadata(ImageClass image_class, Hashmap **re
|
||||
@@ -2312,7 +2312,7 @@ static int image_discover_and_read_metadata(ImageClass image_class, Hashmap **re
|
||||
return log_error_errno(r, "Failed to discover images: %m");
|
||||
|
||||
HASHMAP_FOREACH(img, images) {
|
||||
@ -1,7 +1,7 @@
|
||||
From d711880914fe0e32f3fbc946d8b8ee54031727b1 Mon Sep 17 00:00:00 2001
|
||||
From aeacbbca05e0479c0768c4b368a2ea68668d20bc Mon Sep 17 00:00:00 2001
|
||||
From: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
Date: Thu, 17 Jul 2025 05:03:54 -0400
|
||||
Subject: [PATCH 1/4] sysext: introduce global config file
|
||||
Subject: [PATCH 16/20] sysext: introduce global config file
|
||||
|
||||
Introduce systemd/{sysext/confext}.conf and systemd/{sysext/confext}.conf.d to provide an
|
||||
alternative way of setting the cmdline options in systemd-sysext.
|
||||
@ -85,5 +85,5 @@ index 20acc60724..332fc55bb3 100644
|
||||
if (r <= 0)
|
||||
return r;
|
||||
--
|
||||
2.51.0
|
||||
2.52.0
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From 88943429fbf80cf55fc7307ea34b5942524c2f45 Mon Sep 17 00:00:00 2001
|
||||
From d8eabd012273376febada7ad6c9481a360c2e113 Mon Sep 17 00:00:00 2001
|
||||
From: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
Date: Thu, 17 Jul 2025 05:28:21 -0400
|
||||
Subject: [PATCH 2/4] man/sysext.conf: add systemd-sysext config files
|
||||
Subject: [PATCH 17/20] man/sysext.conf: add systemd-sysext config files
|
||||
|
||||
Add sysext.conf, which similar to other configs like coredump, will be
|
||||
searched in:
|
||||
@ -152,5 +152,5 @@ index 3f60c85dba..6df2d94e9f 100644
|
||||
<member><citerefentry><refentrytitle>systemd-stub</refentrytitle><manvolnum>7</manvolnum></citerefentry></member>
|
||||
<member><citerefentry><refentrytitle>importctl</refentrytitle><manvolnum>1</manvolnum></citerefentry></member>
|
||||
--
|
||||
2.51.0
|
||||
2.52.0
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From 363c849b4faed27449a0e3ee41c302709aec0807 Mon Sep 17 00:00:00 2001
|
||||
From dccee58738d9602dd62f482ed11152f51b4da896 Mon Sep 17 00:00:00 2001
|
||||
From: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
Date: Thu, 17 Jul 2025 10:16:24 -0400
|
||||
Subject: [PATCH 3/4] sysext: support ImagePolicy global config option
|
||||
Subject: [PATCH 18/20] sysext: support ImagePolicy global config option
|
||||
|
||||
Just as Mutable=, support ImagePolicy in systemd/{sysext/confext}.conf and
|
||||
dropins in systemd/{sysext.confext}.conf.d/* configs.
|
||||
@ -46,5 +46,5 @@ index 332fc55bb3..9656e975c4 100644
|
||||
};
|
||||
_cleanup_free_ char *config_file = NULL;
|
||||
--
|
||||
2.51.0
|
||||
2.52.0
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From 3498a462f517b024b3125e0bb79c8c6c54bb62c9 Mon Sep 17 00:00:00 2001
|
||||
From 5d8c8737ea0b44c50e4e60a9c93c7321051f7955 Mon Sep 17 00:00:00 2001
|
||||
From: Kai Lueke <kailuke@microsoft.com>
|
||||
Date: Thu, 11 Dec 2025 19:49:20 +0900
|
||||
Subject: [PATCH] sysext: Fix config file support with --root=
|
||||
Subject: [PATCH 19/20] sysext: Fix config file support with --root=
|
||||
|
||||
Config files for --root= weren't picked up as expected because the
|
||||
--root= flag got parsed after the config file.
|
||||
@ -1,10 +1,8 @@
|
||||
This can be dropped in v285.5+.
|
||||
|
||||
From b1d53ddea750f761234c2d8fb04b10f23f77347e Mon Sep 17 00:00:00 2001
|
||||
From 4bf1282faa430669eba4169837657f00f2cba019 Mon Sep 17 00:00:00 2001
|
||||
From: Justin Kromlinger <hashworks@archlinux.org>
|
||||
Date: Wed, 8 Oct 2025 16:55:09 +0200
|
||||
Subject: [PATCH] Drop `machine-id` OSC event field if /etc/machine-id doesn't
|
||||
exist
|
||||
Subject: [PATCH 20/20] Drop `machine-id` OSC event field if /etc/machine-id
|
||||
doesn't exist
|
||||
|
||||
While we can safely assume that `/proc/sys/kernel/random/boot_id`
|
||||
exists, the same can't be said for `/etc/machine-id` in environments
|
||||
@ -18,9 +16,15 @@ no such file or directory` with the OSC events introduced in dadbb34
|
||||
[0] https://gitlab.archlinux.org/archlinux/archlinux-docker/-/issues/107
|
||||
|
||||
(cherry picked from commit 0fe45b98dd737da86fcbb703809ebf2163c397f3)
|
||||
---
|
||||
profile.d/80-systemd-osc-context.sh | 5 ++++-
|
||||
1 file changed, 4 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/profile.d/80-systemd-osc-context.sh b/profile.d/80-systemd-osc-context.sh
|
||||
index a0ac858828..ead61b6753 100644
|
||||
--- a/profile.d/80-systemd-osc-context.sh
|
||||
+++ b/profile.d/80-systemd-osc-context.sh
|
||||
@@ -32,7 +32,10 @@ __systemd_osc_context_escape() {
|
||||
@@ -28,7 +28,10 @@ __systemd_osc_context_escape() {
|
||||
}
|
||||
|
||||
__systemd_osc_context_common() {
|
||||
@ -32,3 +36,6 @@ no such file or directory` with the OSC events introduced in dadbb34
|
||||
}
|
||||
|
||||
__systemd_osc_context_precmdline() {
|
||||
--
|
||||
2.52.0
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
Most of these patches are not really upstreamable.
|
||||
Most of these patches are not really upstreamable:
|
||||
|
||||
- `0001-wait-online-set-any-by-default.patch`
|
||||
- backward compat stuff
|
||||
@ -18,3 +18,21 @@ Most of these patches are not really upstreamable.
|
||||
- workaround for issues with default k8s coredns config
|
||||
- `0008-units-Make-multi-user.target-the-default-target.patch`
|
||||
- change default.target to a suitable symlink for Flatcar
|
||||
|
||||
These patches can be dropped after we update to systemd 260:
|
||||
|
||||
- `0009-vpick-Don-t-use-openat-directly-but-resolve-symlinks.patch`
|
||||
- `0010-discover-image-Follow-symlinks-in-a-given-root.patch`
|
||||
- `0011-sysext-Use-correct-image-name-for-extension-release-.patch`
|
||||
- `0012-test-Add-tests-for-handling-symlinks-with-systemd-sy.patch`
|
||||
- `0013-sysext-Create-mutable-directory-with-the-right-mode.patch`
|
||||
- `0014-sysext-Skip-refresh-if-no-changes-are-found.patch`
|
||||
- `0015-sysext-Get-verity-user-certs-from-given-root.patch`
|
||||
- `0016-sysext-introduce-global-config-file.patch`
|
||||
- `0017-man-sysext.conf-add-systemd-sysext-config-files.patch`
|
||||
- `0018-sysext-support-ImagePolicy-global-config-option.patch`
|
||||
- `0019-sysext-Fix-config-file-support-with-root.patch`
|
||||
|
||||
This patch can be dropped after updating to systemd 258.5:
|
||||
|
||||
- `0020-Drop-machine-id-OSC-event-field-if-etc-machine-id-do.patch`
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user