Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: systemd-ukify | Distribution: CentOS |
Version: 252 | Vendor: CentOS |
Release: 45.el9 | Build date: Sat Aug 24 11:34:32 2024 |
Group: Unspecified | Build host: ppc64le-07.stream.rdu2.redhat.com |
Size: 62528 | Source RPM: systemd-252-45.el9.src.rpm |
Packager: [email protected] | |
Url: https://systemd.io | |
Summary: Tool to build Unified Kernel Images |
This package provides ukify, a script that combines a kernel image, an initrd, with a command line, and possibly PCR measurements and other metadata, into a Unified Kernel Image (UKI).
LGPLv2+ and MIT and GPLv2+
* Sat Aug 24 2024 systemd team <[email protected]> - 252-45 - build ukify without noarch * Thu Aug 22 2024 systemd maintenance team <[email protected]> - 252-44 - Revert "udev-builtin-net_id: use firmware_node/sun for ID_NET_NAME_SLOT" (RHEL-50103) - fundamental: share constants for confidential virt detection (RHEL-50651) - efi: add helper API for detecting confidential virtualization (RHEL-50651) - efi: don't pull kernel cmdline from SMBIOS in a confidential VM (RHEL-50651) - Fix detection of TDX confidential VM on Azure platform (RHEL-50651) * Thu Aug 22 2024 systemd maintenance team <[email protected]> - 252-43 - udev-builtin-net_id: skip non-directory entry earlier (RHEL-50103) - udev-builtin-net_id: return earlier when hotplug slot is not found (RHEL-50103) - udev-builtin-net_id: split-out pci_get_hotplug_slot() and pci_get_hotplug_slot_from_address() (RHEL-50103) - udev-builtin-net_id: use firmware_node/sun for ID_NET_NAME_SLOT (RHEL-50103) - Include <threads.h> if possible to get thread_local definition (RHEL-50651) - add APIs for detecting confidential virtualization (RHEL-50651) - detect-virt: add --cvm option (RHEL-50651) - detect-virt: add --list-cvm option (RHEL-50651) - unit: add "cvm" option for ConditionSecurity (RHEL-50651) - dbus: add 'ConfidentialVirtualization' property to manager object (RHEL-50651) - core: log detected confidential virtualization type (RHEL-50651) - core: set SYSTEMD_CONFIDENTIAL_VIRTUALIZATION env for generators (RHEL-50651) - udev: add 'conf-virt' constant for confidential virtualization tech (RHEL-50651) - confidential-virt: split caching of CVM detection into separate method (RHEL-50651) - confidential-virt: add detection for s390x target (RHEL-50651) - man/systemd-detect-virt: list known CVM technologies (RHEL-50651) * Mon Aug 19 2024 systemd team <[email protected]> - fix applying patches * Thu Aug 15 2024 systemd maintenance team <[email protected]> - 252-41 - timedatectl: setting set_local_rtc to 1 will throw Warning as well, use log_warning() (#33489) (RHEL-45020) - cryptsetup-tokens: fix pin asserts (RHEL-36276) - cryptenroll: Use CTAP2.1 credProtect extension (RHEL-36276) - kernel-install: check machine ID (RHEL-50672) - kernel-install: ignore errors when reading /etc/machine-id (RHEL-50672) - hwdb: Add Lenovo G580 (RHEL-5950) - Fix key toggle and programmable button for Positivo N14ZP (RHEL-5950) - hwdb: Add accel orientation quirk for the Acer Switch V 10 SW5-017 2-in-1 (RHEL-5950) - hwdb: fix Compaq N14KP6 key toggle touchpad (#25404) (RHEL-5950) - hwdb: remove fuzz and deadzone for Simucube wheel bases. (RHEL-5950) - hwdb: Add support for Elgato Stream Pedal (#25550) (RHEL-5950) - hwdb: add Clevo touchpad toggle key quirks (RHEL-5950) - hwdb: add Dell Inspiron N4010 touchpad corrections (RHEL-5950) - hwdb: add Positivo-vaio Pro PW key toggle touchpad (#25669) (RHEL-5950) - Add mount matrix for VisionBook 12Wr Tab (RHEL-5950) - Update 60-evdev.hwdb (#25704) (RHEL-5950) - hwdb: Add additional Dell models that require ACCEL_LOCATION=base (#25724) (RHEL-5950) - hwdb: drop trailing space (RHEL-5950) - hwdb: add comments about matching entries (RHEL-5950) - hwdb: also add a generic entry for DualPoint Stick (RHEL-5950) - hwdb: Add mount matrix for CSL Panther Tab HD (RHEL-5950) - hwdb: Fix mount matrix for CSL Panther Tab HD (#25752) (RHEL-5950) - hwdb: Fn+F5 fix for MSI Bravo 15-B5DX (#25788) (RHEL-5950) - hwdb: change definition of PROXIMITY_NEAR_LEVEL for sensors (RHEL-5950) - hwdb: Add mic-mute, control-center and screen-rotation mappings for MSI laptops (RHEL-5950) - Prevents airplane mode toggle for HP Spectre 16 (RHEL-5950) - Update 60-sensor.hwdb (RHEL-5950) - Added Tablet Teclast X98 Air 3G (C5J6) (RHEL-5950) - hwdb: remove spurious whitespace (RHEL-5950) - hwdb: Add Dell models that require ACCEL_LOCATION=base (RHEL-5950) - Fix Positivo MASTER-N1110 key toggle touchpad (RHEL-5950) - hwdb: Mark Dell platform accel sensor location to base (RHEL-5950) - hwdb: Add mount matrix for Linx 1020 (RHEL-5950) - hwdb: Add mic mute key mappings for Dell G16 Series (RHEL-5950) - hwdb: Add Chuwi Hi10X (N4120 version) iio matrix (RHEL-5950) - hwdb: Add touchpad toggle mapping for System76 Pangolin 12 (RHEL-5950) - hwdb: Prevent activation of airplane mode on HP ENVY x360 (RHEL-5950) - Update hwdb (RHEL-5950) - hwdb: update (RHEL-5950) - hwdb: update autosuspend db (RHEL-5950) - hwdb: ieee1394-unit-function: add MOTU 896 mk3 Hybrid (RHEL-5950) - Add hwdb sensor entry for Lenovo IdeaPad Duet 3 10IGL5 (82AT). (RHEL-5950) - Fix Positivo-vaio VJPW12F11X key toggle touchpad (RHEL-5950) - hwdb: Add HP Envy x360 Convertible 15-cn0xxx to existing entry (RHEL-5950) - hwdb: add override for IdeaPad5 insert key (RHEL-5950) - hwdb: update database (RHEL-5950) - hwdb: Add HP ENVY x360 2-in-1 (RHEL-5950) - hwdb: update (RHEL-5950) - hwdb: fix swapped buttons for Logitech Lift left (RHEL-5950) - Revert "hwdb: fix swapped buttons for Logitech Lift left" (RHEL-5950) - hwdb: update 70-mouse.hwdb (#26782) (RHEL-5950) - hwdb: 60-keyboard.hwdb: Fix modalias for Thinkpad X200 Tablet (#26795) (RHEL-5950) - Add rebrands of Medion Akoya notebooks/tablets (RHEL-5950) - hwdb: fix Wifi toggling for Haier 7G-Series/JWU (#25293) (#26878) (RHEL-5950) - hwdb: drop boilerplate about match patterns in two more cases (RHEL-5950) - hwdb: Fix incorrect touchpad dimensions on Thinkpad L14 Gen1 (#26937) (RHEL-5950) - hwdb: drop redundant entry (RHEL-5950) - hwdb: Fixed thumb buttons reversed on CHERRY MW 2310 (#26992) (RHEL-5950) - hwdb: Move MSI touchpad-toggle mapping to generic MSI section (RHEL-5950) - update 60-sensor.hwdb with toshiba tablet (#27103) (RHEL-5950) - hwdb: Add support for "Passion Model P612F" (RHEL-5950) - hwdb: fix ambiguous glob pattern for Lenovo machines (RHEL-5950) - hwdb: add matrix for Asus BR1100F (#27197) (RHEL-5950) - hwdb: add accelerometer mount matrix for Lenovo Yoga Tablet 2 851F/L (RHEL-5950) - hwdb: Fix rotation for BMAX Y13 (RHEL-5950) - hwdb: disable entry for Logitech USB receiver used by G502 X (RHEL-5950) - hwdb: add hardware rfkill key for Dell Latitude E6* models (#27462) (RHEL-5950) - hwdb: do not include '#' in modalias (RHEL-5950) - hwdb: add landscape IdeaPad Miix 310 sensor orientation (#27555) (RHEL-5950) - Fix Positivo CF40CM-V2 key toggle touchpad (RHEL-5950) - hwdb: fix keyboard entry for IdeapadFlex5 (#27643) (RHEL-5950) - hwdb: fix Positivo CG15D key toggle touchpad and programmable keys (#27689) (RHEL-5950) - hwdb: add support for Elgato Stream Deck mini (gen 2) (RHEL-5950) - hwdb: fix arrow keys on HP Elite Dragonfly G3 (RHEL-5950) - hwdb: add support for Jun Tab2/Dere T11 to 60-sensor.hwdb (#28092) (RHEL-5950) - hwdb: fix volume control keys on Lenovo IdeaPad Flex 5 (14ARE05) (RHEL-5950) - hwdb: Add override for headset form-factors (RHEL-5950) - hwdb : add support for Archos 101 Cesium Educ to 60-sensor.hwdb (RHEL-5950) - hwdb: drop trailing white space (RHEL-5950) - hwdb: merge multiple keyboard entries with same setting (RHEL-5950) - hwdb: make matching modalias for Archos 101 Cesium Educ more strict (RHEL-5950) - hwdb update for v246-rc1 (RHEL-5950) - update hwdb autosuspend data for v254 (RHEL-5950) - hwdb: add support for Archos 101 Cesium to 60-sensor.hwdb (#28270) (RHEL-5950) - Hwdb: Add Sanwa Direct 400-MA128 external trackpad (#28272) (RHEL-5950) - hwdb: drop POINTINGSTICK_CONST_ACCEL (RHEL-5950) - Add alternate name for MX Ergo as found on some devices (RHEL-5950) - Update hwdb (RHEL-5950) - hwdb: run update-hwdb (RHEL-5950) - hwdb: run update-hwdb (RHEL-5950) - hwdb: Mute SW rfkill keys on MSI Wind U100 (RHEL-5950) - Update 60-sensor.hwdb (#28804) (RHEL-5950) - hwdb: Added config for RCA W101SA23T1 (#29041) (RHEL-5950) - Update 60-input-id.hwdb: add TEX Shinobi (#29068) (RHEL-5950) - hwdb: keyboard: D330 FnLk toggle (RHEL-5950) - hwdb: Add Logitech G502 X (RHEL-5950) - hwdb: ieee1394-unit-function: remove superfluous Weiss Engineering DAC1 entry (RHEL-5950) - hwdb: ieee1394-unit-function: add Weiss Engineering DAC202 (Maya edition) (RHEL-5950) - hwdb: ieee1394-unit-function: add Weiss Engineering INT203 entry with older firmware (RHEL-5950) - hwdb: ieee1394-unit-function: add Weiss Engieering MAN301 (RHEL-5950) - hwdb: Add quirk for teclast x3 plus (G4K3) rotation (#29202) (RHEL-5950) - hwdb: add mic mute key mappings for Acer Predator Triton 300 SE (RHEL-5950) - hwdb: Bush tablet rotation support (#29268) (RHEL-5950) - hwdb: ieee1394-unit-function: add Miglia Technology Harmony Audio (HA02) (RHEL-5950) - add support for hp pavilion gaming 15 lid switch (#29304) (RHEL-5950) - Fix Positivo N14EP6 key toggle touchpad and programmable keys (#29448) (RHEL-5950) - add udev rule for micmute (f20) (RHEL-5950) - hwdb,rules: mark host-to-host network devices as only requiring link local addressing (RHEL-5950) - Update hwdb (RHEL-5950) - Update hwdb autosuspend rules (RHEL-5950) - Update hwdb (RHEL-5950) - hwdb: Add accelerometer data for Librem11 (#29974) (RHEL-5950) - hwdb: PNP/ACPI lists on uefi.org are now in CSV format (RHEL-5950) - Update hwdb (RHEL-5950) - hwdb: rename .html=>.csv (RHEL-5950) - hwdb/acpi-update.py: streamline python code (RHEL-5950) - hwdb: Mark Dell platform accel sensor location to base (RHEL-5950) - hwdb: add Predator PHN16-71 (RHEL-5950) - Update 60-autosuspend.hwdb (#30131) (RHEL-5950) - hwdb: update (RHEL-5950) - hwdb: ieee1394-unit-function: add Sony DVMC-DA1 (RHEL-5950) - hwdb: ieee1394-unit-function: arrangement for Sony DVMC-DA1 (RHEL-5950) - hwdb: update (RHEL-5950) - hwdb: update (RHEL-5950) - Adding Trekstor Primebook C13 rotation to 60-sensor.hwdb (#30415) (RHEL-5950) - Add three Dell platforms to sensor accel location base (RHEL-5950) - Add Bosto BT-12HD series to hwdb (RHEL-5950) - hwdb: Add override for headset form-factor for the Corsair Void Elite (RHEL-5950) - hwdb: add Teclast X98 Pro sensor info (#30859) (RHEL-5950) - hwdb: Correct display rotation on Chuwi Ubook X N4100 (#24248) (RHEL-5950) - hwdb: ieee1394-unit-function: adjustment of entries with device attributes available in Linux v6.8 (RHEL-5950) - 60-evdev.hwdb: Add support for Huion Inspiroy 2 L (#31241) (RHEL-5950) - hwdb: add resolution setting for GAOMON S620 (RHEL-5950) - hwdb: Remove version check in CH Pro Pedals rule (RHEL-5950) - hwdb: Add support for MetawillBook01 to 60-sensor.hwdb Add accel orientation quirk for the METAPHYUNI MetawillBook01 2-in-1 laptop (RHEL-5950) - hwdb: Add headset form-factor override for Xbox Wireless Dongle (RHEL-5950) - hwdb: Add support for Elgato Stream Deck Plus (RHEL-5950) - Fix: Chuwi UBook X (CWI535) screen rotation matrix (RHEL-5950) - hwdb: Add touchpad toggle mapping for Kvadra LE14U/LE15U (RHEL-5950) - hwdb: Add touchpad configuration for ThinkPad E495 (RHEL-5950) - Fix Positivo N14NPE-N and N15NPE-N key toggle touchpad and search key (RHEL-5950) - Update USB ids of hwdb (RHEL-5950) - Added resolution for Huion Kamvas Pro 19 (RHEL-5950) - hwdb: Add mapping for ACPI quickstart keys on Toshiba Z830 (RHEL-5950) - hwdb: fix Asus T300FA rotation matrix (#31973) (RHEL-5950) - Fixed resolution for pen and touchpad (RHEL-5950) - hwdb: fix missing colon (#32108) (RHEL-5950) - hwdb: update for v256 (RHEL-5950) - autosuspend: update for v256 (RHEL-5950) - Update hwdb (RHEL-5950) - Update autosuspend hwdb (RHEL-5950) - Update hwdb (RHEL-5950) - hwdb: Add a common Logitech M185/M225 mouse variant (RHEL-5950) - hwdb: Add mapping for Samsung GalaxyBook - 550X (#32616) (RHEL-5950) - hwdb: Add mapping for Xiaomi Mipad 2 bottom bezel capacitive buttons (RHEL-5950) - hwdb: ieee1394-unit-function: add Tascam IF-FW/DM mkII (RHEL-5950) - hwdb: Add a Logitech MX Master 3S (connected via Bolt Receiver) (RHEL-5950) - Fix Positivo N14EPE and N15EPE key toggle touchpad and search key (RHEL-5950) - hwdb: update Dere N12 / Juno Tablet 3 accelerometer (#32765) (RHEL-5950) - hwdb: updated Librem 11 accelerometer (#32772) (RHEL-5950) - hwdb: ID_INPUT_XYZ allows an empty string (RHEL-5950) - hwdb: ASRock LED Controller classified incorrectly as joystick due to buttons and axis (#32775) (RHEL-5950) - Update hwdb (RHEL-5950) - hwdb.d/60-keyboard.hwdb: enable Clevo quirk for model V5x0TU (RHEL-5950) - hwdb: Enable JP-IK LEAP W502's touchpad toggle key (RHEL-5950) - Update hwdb (RHEL-5950) - Update autosuspend hwdb (RHEL-5950) - hwdb: Lenovo IdeaPad Z500 Touchpad Toggle (#33039) (RHEL-5950) - hwdb: add a vmbus id for HyperV Video device (RHEL-5950) - hwdb: Add Logitech MX Master 3S Bluetooth ID (RHEL-5950) - hwdb: Lenovo 16G6IRL volume keys and friends (#33107) (RHEL-5950) - hwdb: added hwdb rules for micmute and power button on Acer Nitro AN 515-58 (#32867) (RHEL-5950) - Fix key toggle touchpad and programmable buttom for Positivo N14AP7 (RHEL-5950) - Update hwdb (RHEL-5950) - hwdb: add keyboard mappings for the Ayaneo Kun face buttons (RHEL-5950) - Update hwdb (RHEL-5950) - hwdb: add support for AIPTEK Media Tablet Ultimate (#33371) (RHEL-5950) - hwdb: add scancodes for AYANEO devices (#33378) (RHEL-5950) - Add OrangePi NEO Scancodes (RHEL-5950) - hwdb: Fix Logitech G915 TKL (Bluetooth) appearing as a mouse (RHEL-5950) - hwdb: fix keyboard of RedmiBook Pro 15 2022 (#33465) (RHEL-5950) - Added mised EVDEV_ABS_35 & EVDEV_ABS_36 for GAOMON s620 (RHEL-5950) - hwdb: Add some HP IR cameras (RHEL-5950) - hwdb: add more AV controllers (RHEL-5950) - Fix key toggle touchpad button for multilaser ul154 (#33630) (RHEL-5950) - hwdb: Added StarLabs StarLite position sensor mapping (RHEL-5950) - 70-mouse.hwdb: Added Glorious Model O DPI (RHEL-5950) - Update 60-sensor.hwdb (RHEL-5950) - Add MSI Claw AT Keyboard Scancodes. (RHEL-5950) - Add or fix mount matrix for multiple handhelds. (#33586) (RHEL-5950) - Revert "hwdb: Added StarLabs StarLite position sensor mapping" (RHEL-5950) - hwdb: fix accelerometer mount matrix for Aquarius Cmp NS483 (RHEL-5950) - hwdb: add backslash and touchpad toggle mapping for Aquarius Cmp NS483 (RHEL-5950) - hwdb: Add mic mute key mapping for Dell Pro Rugged series (RHEL-5950) - hwdb: fix MXC6655 accelerometer mount matrix for Aquarius Cmp NS483 (RHEL-5950) - add udev rules for trezor hw wallet devices (RHEL-5950) - hwdb: add axis range corrections for the Lenovo Thinkpad E16 (RHEL-5950) - hwdb: fix auto rotate on Asus Q551LB (#33921) (RHEL-5950) - udev: add hwdb execution for hidraw subsystem devices (RHEL-5950) * Wed Aug 07 2024 systemd maintenance team <[email protected]> - 252-40 - add Requires(post) on selinux-policy (RHEL-46339) * Wed Jul 17 2024 systemd maintenance team <[email protected]> - 252-39 - enable FIDO2 support (RHEL-36276) - netif-naming-scheme: disable NAMING_BRIDGE_MULTIFUNCTION_SLOT (RHEL-44630) - netif-naming-scheme: make actually possible to use rhel-9.5 scheme (RHEL-44630) - generator: "uninline" generator_open_unit_file and generator_add_symlink (RHEL-33436) - ci: add support for rhel-only parameters (RHEL-30372) * Wed Jun 19 2024 systemd maintenance team <[email protected]> - 252-38 - tools: fix the file name that "meson setup" generates (RHEL-30372) - tools: explicitly specify "setup" subcommand (RHEL-30372) - fuzz: pass -Dc_args=/-Dcpp_args= to fuzzer targets (RHEL-30372) - fuzz: don't panic without a C++ compiler (RHEL-30372) - meson: use ternary op for brevity (RHEL-30372) * Thu Jun 13 2024 systemd maintenance team <[email protected]> - 252-37 - ci(src-git): add RHEL-9.1 and RHEL-9.1.z to allowed versions (RHEL-30372) - libsystemd: link with '-z nodelete' (RHEL-6589) - basic/utf8: make utf8_encoded_to_unichar() return length of the codepoint (RHEL-31219) - test-gunicode: add new test to show that unichar_iswide() is borked (RHEL-31219) - string-util: pass ANSI sequences through unchanged (RHEL-31219) - cryptsetup: do not assert when unsealing token without salt (RHEL-38864) - cryptsetup: check the existence of salt by salt_size > 0 (RHEL-38864) - core/mount: if umount(8) fails but mount disappeared, assume success (RHEL-13159) - Drop log level of header limits log message (RHEL-33890) - journal: do not rotate unrelated journal files when full or corrupted (RHEL-33890) - man: suffix --unit with an equal sign, since it expects an argument (RHEL-31070) - shared: move uid-alloc-range.[ch] from src/shared/ → src/basic/ (RHEL-31070) - journald: move uid_for_system_journal() to uid-alloc-range.h (RHEL-31070) - sd-journal: when SD_JOURNAL_CURRENT_USER is set, and called from system UID, imply SD_JOURNAL_SYSTEM (RHEL-31070) - man: document that journalctl --user requires Storage=persistent (RHEL-31070) - fix: prefix of dmesg pstore files (RHEL-20322) - backport new mkosi (RHEL-27512) - test: Skip various tests when /sys is not mounted (RHEL-27512) - string-util: introduce ascii_ishex() (RHEL-27512) - sd-id128: several cleanups (RHEL-27512) - sd-id128: make id128_read() or friends return -ENOPKG when the file contents is "uninitialized" (RHEL-27512) - test: add tests for "uninitialized" string handling by id128_read_fd() (RHEL-27512) - man: mention sd_id128_get_machine() or friend may return -ENOPKG (RHEL-27512) - sd-id128: make sd_id128_get_boot() and friend return -ENOMEDIUM (RHEL-27512) - sd-id128: make sd_id128_get_boot() and friend return -ENOSYS when /proc/ is not mounted (RHEL-27512) - man: mention that sd_id128_get_boot() and friend may return -ENOSYS (RHEL-27512) - sd-id128: fold do_sync flag into Id128FormatFlag (RHEL-27512) - sd-id128: make sd_id128_get_machine() or friends return -EUCLEAN when an ID is in an invalid format (RHEL-27512) - sd-id128: allow sd_id128_get_machine() and friend to be called with NULL (RHEL-27512) - sd-id128: also refuse an empty invocation ID (RHEL-27512) - man: update documents for sd_id128_get_invocation() (RHEL-27512) - test-id128: simplify machine-id check (RHEL-27512) - test-fs-util: skip part of test_chase_symlinks if machine-id is not initialized (RHEL-27512) - test-unit-name: simplify machine-id check (RHEL-27512) - test-load-fragment: simplify machine-id check (RHEL-27512) - journal: skip part of test-journal-interleaving if no machine-id exists (RHEL-27512) - test: skip journal tests without valid /etc/machine-id (RHEL-27512) - test-recurse-dir: work around nftw() ignoring symlinks() (RHEL-27512) - test: Skip test-recurse-dir on overlayfs (RHEL-27512) - test-specifier: Ignore -ENOPKG from specifier_printf() (RHEL-27512) - test-execute: Skip when /sys is read-only (RHEL-27512) - kernel-install: Make sure KERNEL_INSTALL_BYPASS is disabled in tests (RHEL-27512) - tools: make sure $KERNEL_INSTALL_BYPASS is disabled when checking help (RHEL-27512) - test-execute: drop capabilities when testing with user manager (RHEL-27512) - tmpfiles: Add merge support for copy files action (RHEL-27512) - generator: add generator_open_unit_file_full to allow creating temporary units (RHEL-27512) - network-generator: rewrite unit if it already exists and its content changed (RHEL-27512) - ci: drop super-linter's shellcheck (RHEL-27512) - mkosi: make sure we build & use RHEL 9 stuff (RHEL-27512) - ci: backport mkosi CI configuration from upstream (RHEL-27512) - mkosi: explicitly enroll SecureBoot keys (RHEL-27512) - test-execute: also mount tmpfs on /dev/shm (RHEL-27512) - mkosi: fix UKI addons test (RHEL-27512) - Revert "mkosi: Disable cmdline addon test for now" (RHEL-27512) - Revert "mkosi: Don't fail on systemd-vconsole-setup.service failure for now" (RHEL-27512) - mkosi: make shellcheck happy (RHEL-27512) - mkosi: use pesign for signing UKI addons (RHEL-27512) - test: copy out the necessary test data before we start overmounting stuff (RHEL-27512) - ci: make the build dir accessible when running w/o privileges (RHEL-27512) - ci: explicitly change oom-{score}-adj before running tests (RHEL-27512) - ratelimit: add ratelimit_left helper (RHEL-35703) - manager: restrict Dump*() to privileged callers or ratelimit (RHEL-35703) - ci: define `runas` function inline (RHEL-35703) - Drop /dev test in test-mountpoint-util (RHEL-30372) - core/manager: export manager_dbus_is_running (RHEL-40878) - core: refuse dbus activation if dbus is not running (RHEL-40878) - core: only refuse Type=dbus service enqueuing if dbus has stop job (RHEL-40878) - Revert "core/manager: export manager_dbus_is_running" and partially "core: refuse dbus activation if dbus is not running" (RHEL-40878) - manager: fix reloading in reload-or-restart --marked (RHEL-40878) - rpm: add `systemd_postun_with_reload` and `systemd_user_postun_with_reload` (RHEL-40878) - rpm: add `systemd_user_daemon_reexec` (RHEL-40878) * Wed May 22 2024 Jan Macku <[email protected]> - 252-35 - spec: return selinux dependencies (RHEL-35732) * Mon May 20 2024 systemd maintenance team <[email protected]> - 252-34 - ci: update actions/upload-artifact to v4 (RHEL-30372) - journal-remote: code is of type enum MHD_RequestTerminationCode (RHEL-30372) - resolve: dns_server_feature_level_*_string type is DnsServerFeatureLevel (RHEL-30372) - shared|install: Use InstallChangeType consistently (RHEL-30372) - test: temporarily disable coredumps in testsuite-17.03.sh (RHEL-30372) - ci: update manpage deployment workflow (RHEL-30372) - bootspec: fix null-dereference-read (RHEL-36284) - units: don't install pcrphase-related units without gnu-efi (RHEL-33384) - kernel-install: fix uki-copy deinstall (RHEL-36505) - ci(packit): explicitly clone `c9s` branch (RHEL-30372) * Fri Apr 26 2024 systemd maintenance team <[email protected]> - 252-33 - execute: Pass AT_FDCWD instead of -1 (RHEL-31783) - ci(src-git): update list of supported products (RHEL-30372) - coredump: by default process and store core files up to 1GiB (RHEL-15501) - coredump: keep core files for two weeks (RHEL-15501) - ukify: make the test happy with the latest OpenSSL (RHEL-30372) - test_ukify: use raw string for the regex (RHEL-30372) - coredump: generate stacktraces also for processes running in containers w/o coredump forwarding (RHEL-29430) - test: add a couple of tests for systemd-coredump (RHEL-29430) - test: don't expand the subshell expression prematurely (RHEL-29430) - coredump filter: fix stack overflow with =all (RHEL-29430) - coredump filter: add mask for 'all' using UINT32_MAX, not UINT64_MAX (RHEL-29430) - test: add coverage for CoredumpFilter=all (RHEL-29430) - test: rotate journal before storing coredumps (RHEL-29430) - test: sync with the fake binary before killing it (RHEL-29430) - test: check coredump handling in containers & namespaces (RHEL-29430) * Mon Mar 18 2024 Jan Macku <[email protected]> - 252-32 - rebase rhel-net-naming-sysattrs to v0.5 * Fri Mar 15 2024 systemd maintenance team <[email protected]> - 252-31 - bootctl: rework random seed logic to use open_mkdir_at() and openat() (RHEL-16952) - bootctl: properly sync fs before/after moving random seed file into place (RHEL-16952) - bootctl: when updating EFI random seed file, hash old seed with new one (RHEL-16952) - sha256: add helper than hashes a buffer *and* its size (RHEL-16952) - random-seed: don't refresh EFI random seed from random-seed.c anymore (RHEL-16952) - bootctl: downgrade graceful messages to LOG_NOTICE (RHEL-16952) - units: rename/rework systemd-boot-system-token.service → systemd-boot-random-seed.service (RHEL-16952) - bootctl: split out setting of system token into function of its own (RHEL-16952) * Mon Mar 11 2024 systemd maintenance team <[email protected]> - 252-30 - resolved: limit the number of signature validations in a transaction (RHEL-26643) - resolved: reduce the maximum nsec3 iterations to 100 (RHEL-26643) - efi: alignment of the PE file has to be at least 512 bytes (RHEL-26133) - units: change assert to condition to skip running in initrd/os (RHEL-16182) - ci: add configuration for regression sniffer GA (RHEL-1086) * Mon Feb 26 2024 systemd maintenance team <[email protected]> - 252-29 - units: fix typo in Condition in systemd-boot-system-token (RHEL-16952) * Tue Feb 20 2024 systemd maintenance team <[email protected]> - 252-28 - random-seed: shorten a bit may_credit() (RHEL-16952) - random-seed: make one more use of random_write_entropy() (RHEL-16952) - random-seed: use getopt() (RHEL-16952) - random-seed: make the logic to calculate the number of bytes read from the random seed file clearer (RHEL-16952) - random-seed: no need to pass 'mode' argument when opening /dev/urandom (RHEL-16952) - random-seed: split out run() (RHEL-16952) - random_seed: minor improvement in run() (RHEL-16952) - random-seed: downgrade some messages (RHEL-16952) - random-seed: clarify one comment (RHEL-16952) - random-seed: make sure to load machine id even if the seed file is missing (RHEL-16952) - chase-symlinks: add new flag for prohibiting any following of symlinks (RHEL-16952) - bootctl,bootspec: make use of CHASE_PROHIBIT_SYMLINKS whenever we access the ESP/XBOOTLDR (RHEL-16952) - boot: implement kernel EFI RNG seed protocol with proper hashing (RHEL-16952) - random-seed: refresh EFI boot seed when writing a new seed (RHEL-16952) - random-seed: handle post-merge review nits (RHEL-16952) - boot: do not truncate random seed file (RHEL-16952) - bootctl: install system token on virtualized systems (RHEL-16952) - boot: remove random-seed-mode (RHEL-16952) - stub: handle random seed like sd-boot does (RHEL-16952) - efi: add efi_guid_equal() helper (RHEL-16952) - efi: add common implementation for loop finding EFI configuration tables (RHEL-16952) - boot: Detect hypervisors using SMBIOS info (RHEL-16952) - boot: Skip soft-brick warning when in a VM (RHEL-16952) - boot: Replace UINTN with size_t (RHEL-16952) - boot: Use unsigned for beep counting (RHEL-16952) - boot: Use unicode literals (RHEL-16952) - macro: add generic IS_ALIGNED32() anf friends (RHEL-16952) - meson: use 0|1 for SD_BOOT (RHEL-16952) - boot: Add printf functions (RHEL-16952) - boot: Use printf for error logging (RHEL-16952) - boot: Introduce log_wait (RHEL-16952) - boot: Add log_trace debugging helper (RHEL-16952) - tree-wide: Use __func__ in asserts (RHEL-16952) - boot: Drop use of xpool_print/SPrint (RHEL-16952) - boot: Drop use of Print (RHEL-16952) - boot: Rework GUID handling (RHEL-16952) - efi-string: Fix strchr() null byte handling (RHEL-16952) - efi-string: Add startswith8() (RHEL-16952) - efi-string: Add efi_memchr() (RHEL-16952) - vmm: Add more const (RHEL-16952) - vmm: Add smbios_find_oem_string() (RHEL-16952) - stub: Read extra kernel command line items from SMBIOS (RHEL-16952) - vmm: Modernize get_smbios_table() (RHEL-16952) - stub: measure SMBIOS kernel-cmdline-extra in PCR12 (RHEL-16952) - efi: support passing empty cmdline to mangle_stub_cmdline() (RHEL-16952) - efi: set EFIVAR to stop Shim from uninstalling its protocol (RHEL-16952) - ukify: use empty stub for addons (RHEL-16952) - stub: allow loading and verifying cmdline addons (RHEL-16952) - TODO: remove fixed item (RHEL-16952) - fix: do not check/verify slice units if recursive errors are to be ignored (RHEL-1086) * Thu Feb 15 2024 systemd maintenance team <[email protected]> - 252-27 - test: merge TEST-20-MAINPIDGAMES into TEST-07-PID1 (fixup) (RHEL-1086) - test: use the default nsec3-iterations value (RHEL-1086) - test: explicitly set nsec3-iterations to 0 (RHEL-1086) - core: mount namespaces: Remove auxiliary bind mounts directory after unit termination (RHEL-19483) - ci: deploy systemd man to GitHub Pages (RHEL-1086) - doc: add missing `<listitem>` to `systemd.net-naming-scheme.xml` (RHEL-7026) - man: reorder the list of supported naming schemes (RHEL-7026) - tree-wide: fix return value handling of base64mem() (RHEL-16182) - Consolidate various TAKE_* into TAKE_GENERIC(), add TAKE_STRUCT() (RHEL-16182) - pcrphase: add $SYSTEMD_PCRPHASE_STUB_VERIFY env var for overriding stub check (RHEL-16182) - pcrphase: gracefully exit if TPM2 support is incomplete (RHEL-16182) - tpm2-util: split out code that derives "good" TPM2 banks into an strv from pcrphase and generalize it in tpm2-util.c (RHEL-16182) - tpm2-util: split out code that extends a PCR from pcrphase (RHEL-16182) - tpm2-util: optionally do HMAC in tpm2_extend_bytes() in case we process sensitive data (RHEL-16182) - cryptsetup: add tpm2-measure-pcr= and tpm2-measure-bank= crypttab options (RHEL-16182) - man: document the new crypttab measurement options (RHEL-16182) - gpt-auto-generator: automatically measure root/var volume keys into PCR 15 (RHEL-16182) - blkid-util: define enum for blkid_do_safeprobe() return values (RHEL-16182) - pcrphase: make tool more generic, reuse for measuring machine id/fs uuids (RHEL-16182) - units: measure /etc/machine-id into PCR 15 during early boot (RHEL-16182) - generators: optionally, measure file systems at boot (RHEL-16182) - tpm2: add common helper for checking if we are running on UKI with TPM measurements (RHEL-16182) - man: document new machine-id/fs measurement options (RHEL-16182) - test: add simple integration test for checking PCR extension works as it should (RHEL-16182) - update TODO (RHEL-16182) - cryptsetup: retry TPM2 unseal operation if it fails with TPM2_RC_PCR_CHANGED (RHEL-16182) - boot: Simplify object erasure (RHEL-16182) - tree-wide: use CLEANUP_ERASE() at various places (RHEL-16182) - dlfcn: add new safe_dclose() helper (RHEL-16182) - tpm2: rename tpm2 alg id<->string functions (RHEL-16182) - tpm2: rename struct tpm2_context to Tpm2Context (RHEL-16182) - tpm2: use ref counter for Tpm2Context (RHEL-16182) - tpm2: use Tpm2Context* instead of ESYS_CONTEXT* (RHEL-16182) - tpm2: add Tpm2Handle with automatic cleanup (RHEL-16182) - tpm2: simplify tpm2_seal() blob creation (RHEL-16182) - tpm2: add salt to pin (RHEL-16182) - basic/macro: add macro to iterate variadic args (RHEL-16182) - test/test-macro: add tests for FOREACH_VA_ARGS() (RHEL-16182) - basic/bitfield: add bitfield operations (RHEL-16182) - test/test-bitfield: add tests for bitfield macros (RHEL-16182) - tpm2: add tpm2_get_policy_digest() (RHEL-16182) - tpm2: add TPM2_PCR_VALID() (RHEL-16182) - tpm2: add/rename functions to manage pcr selections (RHEL-16182) - test/test-tpm2: add tests for pcr selection functions (RHEL-16182) - tpm2: add tpm2_pcr_read() (RHEL-16182) - tpm2: move openssl-required ifdef code out of policy-building function (RHEL-16182) - tpm2: add tpm2_is_encryption_session() (RHEL-16182) - tpm2: move policy building out of policy session creation (RHEL-16182) - tpm2: add support for a trusted SRK (RHEL-16182) - tpm2: fix nits from PR #26185 (RHEL-16182) - tpm2: replace magic number (RHEL-16182) - tpm2: add tpm2_digest_*() functions (RHEL-16182) - tpm2: replace hash_pin() with tpm2_digest_*() functions (RHEL-16182) - tpm2: add tpm2_set_auth() (RHEL-16182) - tpm2: add tpm2_get_name() (RHEL-16182) - tpm2: rename pcr_values_size vars to n_pcr_values (RHEL-16182) - tpm2: add tpm2_policy_pcr() (RHEL-16182) - tpm2: add tpm2_policy_auth_value() (RHEL-16182) - tpm2: add tpm2_policy_authorize() (RHEL-16182) - tpm2: use tpm2_policy_authorize() (RHEL-16182) - tpm2: add tpm2_calculate_sealing_policy() (RHEL-16182) - tpm: remove external calls to dlopen_tpm2() (RHEL-16182) - tpm2: remove all extern tpm2-tss symbols (RHEL-16182) - tpm2: add tpm2_get_capability(), tpm2_cache_capabilities(), tpm2_capability_pcrs() (RHEL-16182) - tpm2: verify symmetric parms in tpm2_context_new() (RHEL-16182) - tpm2: replace _cleanup_tpm2_* macros with _cleanup_() (RHEL-16182) - tpm2-util: use compound initialization when allocating tpm2 objects (RHEL-16182) - tpm2: add tpm2_get_capability_handle(), tpm2_esys_handle_from_tpm_handle() (RHEL-16182) - tpm2: add tpm2_read_public() (RHEL-16182) - tpm2: add tpm2_get_legacy_template() and tpm2_get_srk_template() (RHEL-16182) - tpm2: add tpm2_load() (RHEL-16182) - tpm2: add tpm2_load_external() (RHEL-16182) - tpm2: move local vars in tpm2_seal() to point of use (RHEL-16182) - tpm2: replace magic number in hmac_sensitive initialization (RHEL-16182) - tpm2: add tpm2_create() (RHEL-16182) - tpm2: replace tpm2_capability_pcrs() macro with direct c->capaiblity_pcrs use (RHEL-16182) - basic/alloc-util: add greedy_realloc_append() (RHEL-16182) - tpm2: cache the TPM supported commands, add tpm2_supports_command() (RHEL-16182) - tpm2: cache TPM algorithms (RHEL-16182) - tpm2: add tpm2_persist_handle() (RHEL-16182) - tpm2: add tpm2_get_or_create_srk() (RHEL-16182) - tpm2: move local vars in tpm2_unseal() to point of use (RHEL-16182) - tpm2: remove tpm2_make_primary() (RHEL-16182) - tpm2: use CreatePrimary() to create primary keys instead of Create() (RHEL-16182) - cryptsetup: downgrade a bunch of log messages that to LOG_WARNING (RHEL-16182) - boot/measure: replace TPM PolicyPCR session with calculation (RHEL-16182) - core: imply DeviceAllow=/dev/tpmrm0 with LoadCredentialEncrypted (RHEL-16182) - added more test cases (RHEL-16182) - test: fixed negative checks in TEST-70-TPM2. Use in-line error handling rather than redirections. Follow up on #27020 (RHEL-16182) - systemd-cryptenroll: add string aliases for tpm2 PCRs Fixes #26697. RFE. (RHEL-16182) - cryptenroll: fix an assertion with weak passwords (RHEL-16182) - man/systemd-cryptenroll: update list of PCRs, link to uapi docs (RHEL-16182) - tpm2: add debug logging to functions converting hash or asym algs to/from strings or ids (RHEL-16182) - tpm2: add tpm2_hash_alg_to_size() (RHEL-16182) - tpm2: change tpm2_tpm*_pcr_selection_to_mask() to return mask (RHEL-16182) - tpm2: add more helper functions for managing TPML_PCR_SELECTION and TPMS_PCR_SELECTION (RHEL-16182) - tpm2: add Tpm2PCRValue struct and associated functions (RHEL-16182) - tpm2: move declared functions in header lower down (RHEL-16182) - tpm2: declare tpm2_log_debug_*() functions in tpm2_util.h (RHEL-16182) - tpm2: change tpm2_calculate_policy_pcr(), tpm2_calculate_sealing_policy() to use Tpm2PCRValue array (RHEL-16182) - tpm2: change tpm2_parse_pcr_argument() parameters to parse to Tpm2PCRValue array (RHEL-16182) - tpm2: add TPM2B_*_MAKE(), TPM2B_*_CHECK_SIZE() macros (RHEL-16182) - tpm2: add tpm2_pcr_read_missing_values() (RHEL-16182) - openssl: add openssl_pkey_from_pem() (RHEL-16182) - openssl: add rsa_pkey_new(), rsa_pkey_from_n_e(), rsa_pkey_to_n_e() (RHEL-16182) - openssl: add ecc_pkey_new(), ecc_pkey_from_curve_x_y(), ecc_pkey_to_curve_x_y() (RHEL-16182) - test: add DEFINE_HEX_PTR() helper function (RHEL-16182) - openssl: add test-openssl (RHEL-16182) - tpm2: add functions to convert TPM2B_PUBLIC to/from openssl pkey or PEM (RHEL-16182) - tpm2: move policy calculation out of tpm2_seal() (RHEL-16182) - man: update systemd-cryptenroll man page with details on --tpm2-pcrs format change (RHEL-16182) - tpm2: update TEST-70-TPM2 to test passing PCR value to systemd-cryptenroll (RHEL-16182) - tpm2: change *alg_to_* functions to use switch() (RHEL-16182) - tpm2: lowercase TPM2_PCR_VALUE[S]_VALID functions (RHEL-16182) - tpm2: move cast from lhs to rhs in uint16_t/int comparison (RHEL-16182) - tpm2: in validator functions, return false instead of assert failure (RHEL-16182) - tpm2: in tpm2_pcr_values_valid() use FOREACH_ARRAY() (RHEL-16182) - tpm2: use SIZE_MAX instead of strlen() for unhexmem() (RHEL-16182) - tpm2: put !isempty() check inside previous !isempty() check (RHEL-16182) - tpm2: simplify call to asprintf() (RHEL-16182) - tpm2: check pcr value hash != 0 before looking up hash algorithm name (RHEL-16182) - tpm2: use strempty() (RHEL-16182) - tpm2: split TPM2_PCR_VALUE_MAKE() over multiple lines (RHEL-16182) - tpm2: remove ret_ prefix from input/output params (RHEL-16182) - tpm2: use memcpy_safe() instead of memcpy() (RHEL-16182) - openssl: use new(char, size) instead of malloc(size) (RHEL-16182) - tpm2: use table for openssl<->tpm2 ecc curve id mappings (RHEL-16182) - tpm2: use switch() instead of if-else (RHEL-16182) - tpm2: make logging level consistent at debug for some functions (RHEL-16182) - tpm2: remove unnecessary void* cast (RHEL-16182) - tpm2: add tpm2_pcr_values_has_(any|all)_values() functions (RHEL-16182) - tpm2: wrap (7) in UINT32_C() (RHEL-16182) - cryptenroll: change man page example to remove leading 0x and lowercase hex (RHEL-16182) - openssl: add log_openssl_errors() (RHEL-16182) - openssl: add openssl_digest_size() (RHEL-16182) - openssl: add openssl_digest_many() (RHEL-16182) - openssl: replace openssl_hash() with openssl_digest() (RHEL-16182) - openssl: add openssl_hmac_many() (RHEL-16182) - openssl: add rsa_oaep_encrypt_bytes() (RHEL-16182) - openssl: add kdf_kb_hmac_derive() (RHEL-16182) - openssl: add openssl_cipher_many() (RHEL-16182) - openssl: add ecc_edch() (RHEL-16182) - openssl: add kdf_ss_derive() (RHEL-16182) - dlfcn-util: add static asserts ensuring our sym_xyz() func ptrs match the types from the official headers (RHEL-16182) - tpm2: add tpm2_marshal_blob() and tpm2_unmarshal_blob() (RHEL-16182) - tpm2: add tpm2_serialize() and tpm2_deserialize() (RHEL-16182) - tpm2: add tpm2_index_to_handle() and tpm2_index_from_handle() (RHEL-16182) - tpm2: fix build failure without openssl (RHEL-16182) - tpm2-util: look for tpm2-pcr-signature.json directly in /.extra/ (RHEL-16182) - tpm2: downgrade most log functions from error to debug (RHEL-16182) - tpm2: handle older tpm enrollments without a saved pcr bank (RHEL-16182) - tpm2: allow tpm2_make_encryption_session() without bind key (RHEL-16182) - tpm2: update tpm2 test for supported commands (RHEL-16182) - tpm2: use GREEDY_REALLOC_APPEND() in tpm2_get_capability_handles(), cap max value (RHEL-16182) - tpm2: change tpm2_unseal() to accept Tpm2Context instead of device string (RHEL-16182) - tpm2: cache TPM's supported ECC curves (RHEL-16182) - tpm2-util: make tpm2_marshal_blob()/tpm2_unmarshal_blob() static (RHEL-16182) - tpm2-util: make tpm2_read_public() static, as we use it only internally in tpm2-util.c (RHEL-16182) - cryptenroll: allow specifying handle index of key to use for sealing (RHEL-16182) - test: add tests for systemd-cryptenroll --tpm2-seal-key-handle (RHEL-16182) - tpm2: do not call Esys_TR_Close() (RHEL-16182) - tpm2: don't use GetCapability() to check transient handles (RHEL-16182) - tpm2-util: pick up a few new symbols from tpm2-tss (RHEL-16182) - tpm2: add tpm2_get_pin_auth() (RHEL-16182) - tpm2: instead of adjusting authValue trailing 0(s), trim them as required by tpm spec (RHEL-16182) - tpm2-util: rename tpm2_calculate_name() → tpm2_calculate_pubkey_name() (RHEL-16182) - cryptenroll: do not implicitly verify with default tpm policy signature (RHEL-16182) - cryptenroll: drop deadcode (RHEL-16182) - tpm2: allow using tpm2_get_srk_template() without tpm (RHEL-16182) - tpm2: add test to verify srk templates (RHEL-16182) - tpm2: add tpm2_sym_alg_*_string() and tpm2_sym_mode_*_string() (RHEL-16182) - tpm2: add tpm2_calculate_seal() and helper functions (RHEL-16182) - tpm2: update test-tpm2 for tpm2_calculate_seal() (RHEL-16182) - cryptenroll: add support for calculated TPM2 enrollment (RHEL-16182) - test: update TEST-70 with systemd-cryptenroll calculated TPM2 enrollment (RHEL-16182) - openssl-util: avoid freeing invalid pointer (RHEL-16182) - creds-util: check for CAP_DAC_READ_SEARCH (RHEL-16182) - creds-util: do not try TPM2 if there is not support (RHEL-16182) - creds-util: merge the TPM2 detection for initrd (RHEL-16182) - cryptenroll: fix a memory leak (RHEL-16182) - sd-journal: introduce sd_journal_step_one() (RHEL-11591) - test: modernize test-journal-flush (RHEL-11591) - journal-file-util: do not fail when journal_file_set_offline() called more than once (RHEL-11591) - journal-file-util: Prefer punching holes instead of truncating (RHEL-11591) - test: add reproducer for SIGBUS issue caused by journal truncation (RHEL-11591) * Wed Jan 31 2024 systemd maintenance team <[email protected]> - 252-26 - spec: update rhel-net-naming-sysattrs to v0.4 (RHEL-22278) * Tue Jan 30 2024 systemd maintenance team <[email protected]> - 252-25 - spec: add new package with RHEL-specific network naming sysattrs (RHEL-22278) * Wed Jan 24 2024 systemd maintenance team <[email protected]> - 252-24 - ci: use source-git-automation composite Action (RHEL-1086) - ci: increase the cron interval to 45 minutes (RHEL-1086) - ci: add all Z-Stream versions to array of allowed versions (RHEL-1086) - udev/net_id: introduce naming scheme for RHEL-9.4 (RHEL-22427) - basic/errno-util: add wrappers which only accept negative errno (RHEL-22443) - errno-util: allow ERRNO_IS_* to accept types wider than int (RHEL-22443) - udev: add new builtin net_driver (RHEL-22443) - udev/net_id: introduce naming scheme for RHEL-8.10 (RHEL-22427) * Fri Jan 12 2024 systemd maintenance team <[email protected]> - 252-23 - logind: don't setup idle session watch for lock-screen and greeter (RHEL-20757) - logind: don't make idle action timer accuracy more coarse than timeout (RHEL-20757) - logind: do TTY idle logic only for sessions marked as "tty" (RHEL-20757) - meson: Properly install 90-uki-copy.install (RHEL-16354) * Mon Jan 08 2024 systemd maintenance team <[email protected]> - 252-22 - Revert "man: mention System Administrator's Guide in systemctl manpage" (RHEL-19436) - man: mention RHEL documentation in systemctl's man page (RHEL-19436) - resolved: actually check authenticated flag of SOA transaction (RHEL-6216) - udev: allow/denylist for reading sysfs attributes when composing a NIC name (RHEL-1317) - man: environment value -> udev property (RHEL-1317) * Mon Dec 11 2023 systemd maintenance team <[email protected]> - 252-21 - meson: fix installation of ukify (RHEL-13199) - sd-id128: introduce id128_hash_ops_free (RHEL-5988) - udevadm-trigger: allow to fallback without synthetic UUID only first time (RHEL-5988) - udevadm-trigger: settle with synthetic UUID if the kernel support it (RHEL-5988) - udevadm-trigger: also check with the original syspath if device is renamed (RHEL-5988) - test: use 'udevadm trigger --settle' even if device is renamed (RHEL-5988) - sd-event: don't mistake USEC_INFINITY passed in for overflow (RHEL-6090) - pid1: rework service_arm_timer() to optionally take a relative time value (RHEL-6090) - manager: add one more assert() (RHEL-6090) - pid1: add new Type=notify-reload service type (RHEL-6090) - man: document Type=notify-reload (RHEL-6090) - pid1: make sure we send our calling service manager RELOADING=1 when reloading (RHEL-6090) - networkd: implement Type=notify-reload protocol (RHEL-6090) - udevd: implement the full Type=notify-reload protocol (RHEL-6090) - logind: implement Type=notify-reload protocol properly (RHEL-6090) - notify: add --stopping + --reloading switches (RHEL-6090) - test: add Type=notify-reload testcase (RHEL-6090) - update TODO (RHEL-6090) - core: check for SERVICE_RELOAD_NOTIFY in manager_dbus_is_running (RHEL-6090) * Fri Dec 08 2023 systemd maintenance team <[email protected]> - 252-20 - udev/net: allow new link name as an altname before renaming happens (RHEL-5988) - sd-netlink: do not swap old name and alternative name (RHEL-5988) - sd-netlink: restore altname on error in rtnl_set_link_name (RHEL-5988) - udev: attempt device rename even if interface is up (RHEL-5988) - sd-netlink: add a test for rtnl_set_link_name() (RHEL-5988) - test-network: add a test for renaming device to current altname (RHEL-5988) - udev: align table (RHEL-5988) - sd-device: make device_set_syspath() clear sysname and sysnum (RHEL-5988) - sd-device: do not directly access entry in sd-device object (RHEL-5988) - udev: move device_rename() from device-private.c (RHEL-5988) - udev: restore syspath and properties on failure (RHEL-5988) - sd-device: introduce device_get_property_int() (RHEL-5988) - core/device: downgrade log level for ignored errors (RHEL-5988) - core/device: ignore failed uevents (RHEL-5988) - test: add tests for failure in renaming network interface (RHEL-5988) - test: modernize test-netlink.c (RHEL-5988) - test-netlink: use dummy interface to test assigning new interface name (RHEL-5988) - udev: use SYNTHETIC_ERRNO() at one more place (RHEL-5988) - udev: make udev_builtin_run() take UdevEvent* (RHEL-5988) - udev/net: verify ID_NET_XYZ before trying to assign it as an alternative name (RHEL-5988) - udev/net: generate new network interface name only on add uevent (RHEL-5988) - sd-netlink: make rtnl_set_link_name() optionally append alternative names (RHEL-5988) - udev/net: assign alternative names only on add uevent (RHEL-5988) - test: add tests for renaming network interface (RHEL-5988) - Backport ukify from upstream (RHEL-13199) - bootctl: make --json output normal json (RHEL-13199) - test: replace readfp() with read_file() (RHEL-13199) - stub/measure: document and measure .uname UKI section (RHEL-13199) - boot: measure .sbat section (RHEL-13199) - Revert "test_ukify: no stinky root needed for signing" (RHEL-13199) - ukify: move to /usr/bin and mark as non non-experimental (RHEL-13199) - kernel-install: Add uki layout (RHEL-16354) - kernel-install: remove math slang from man page (RHEL-16354) - kernel-install: handle uki installs automatically (RHEL-16354) - 90-uki-copy.install: create $BOOT/EFI/Linux directory if needed (RHEL-16354) - kernel-install: Log location that uki is installed in (RHEL-16354) - bootctl: fix errno logging (RHEL-16354) - bootctl: add kernel-identity command (RHEL-16354) - bootctl: add kernel-inspect command (RHEL-16354) - bootctl: add kernel-inspect to --help text (RHEL-16354) - bootctl: drop full stop at end of --help texts (RHEL-16354) - bootctl: change section title for kernel image commands (RHEL-16354) - bootctl: remove space that should not be there (RHEL-16354) - bootctl: kernel-inspect: print os info (RHEL-16354) - bootctl-uki: several coding style fixlets (RHEL-16354) - tree-wide: unify how we pick OS pretty name to display (RHEL-16354) - bootctl-uki: several follow-ups for inspect_osrel() (RHEL-16354) - bootctl: Add missing %m (RHEL-16354) - bootctl: tweak DOS header magic check (RHEL-16354) * Mon Nov 13 2023 systemd maintenance team <[email protected]> - 252-19 - ci: Extend source-git-automation (RHEL-1086) - netif-naming-scheme: let's also include rhel8 schemes (RHEL-7026) - systemd-analyze: Add table and JSON output implementation to plot (RHEL-5070) - systemd-analyze: Update man/systemd-analyze.xml with Plot JSON and table (RHEL-5070) - systemd-analyze: Add tab complete logic for plot (RHEL-5070) - systemd-analyze: Add --json=, --table and -no-legend tests for plot (RHEL-5070) - ci: enable source-git automation to validate reviews and ci results (RHEL-1086) - ci: remove Mergify config - replaced by Pull Request Validator (RHEL-1086) - ci: enable auto-merge GH Action (RHEL-1086) - ci: add missing permissions (RHEL-1086) - ci: `permissions: write-all` (RHEL-1086) - ci(lint): exclude `.in` files from ShellCheck lint (RHEL-1086) - udev: raise RLIMIT_NOFILE as high as we can (RHEL-11040) * Tue Aug 22 2023 systemd maintenance team <[email protected]> - 252-18 - doc: add downstream CONTRIBUTING document (#2170883) - doc: improve CONTRIBUTING document (#2170883) - doc: use link with prefilled Jira issue (#2170883) - docs: link downstream CONTRIBUTING in README (#2170883) - bpf: fix restrict_fs on s390x (#2230364) - udev/net_id: use naming scheme for RHEL-9.3 (#2231845) - core/timer: Always use inactive_exit_timestamp if it is set (#2211065) - timer: Use dual_timestamp_is_set() in one more place (#2211065) - loginctl: list-users: also show state (#2209912) - loginctl: list-sessions: minor modernization (#2209912) - loginctl: list-sessions: also show state (#2209912) - test: add test for state in loginctl list-{users,sessions} (#2209912) - test: add a missing session activation (#2209912) - test: extend test for loginctl list-* (#2209912) - loginctl: shorten variable name (#2209912) - loginctl: use bus_map_all_properties (#2209912) - loginctl: show session idle status in list-sessions (#2209912) - loginctl: some modernizations (#2209912) - loginctl: list-sessions: fix timestamp for idle hint (#2209912) - loginctl: list-users: use bus_map_all_properties (#2209912) - loginctl: also show idle hint in session-status (#2209912) - memory-util: make ArrayCleanup passed to array_cleanup() const (#2190226) - static-destruct: several cleanups (#2190226) - static-destruct: introduce STATIC_ARRAY_DESTRUCTOR_REGISTER() (#2190226) - macro: support the case that the number of elements has const qualifier (#2190226) - shared/generator: apply similar config reordering of generated units (#2190226) - nulstr-util: make ret_size in strv_make_nulstr() optional (#2190226) - generator: teach generator_add_symlink() to instantiate specified unit (#2190226) - units: rework growfs units to be just a regular unit that is instantiated (#2190226) - fstab-generator: use correct targets when /sysroot is specificied in fstab only (#2190226) - fstab-generator: add SYSTEMD_SYSFS_CHECK env var (#2190226) - test: add fstab file support for fstab-generator tests (#2190226) - test-fstab-generator: also check file contents (#2190226) - test-fstab-generator: add tests for mount options (#2190226) - fstab-generator: split out several functions from parse_fstab() (#2190226) - fstab-generator: call add_swap() earlier (#2190226) - fstab-generator: refuse to add swap earlier if disabled (#2190226) - fstab-generator: refuse invalid mount point path in fstab earlier (#2190226) - fstab-generator: fix error code propagation in run_generator() (#2190226) - fstab-generator: support defining mount units through kernel command line (#2190226) - test: add test cases for defining mount and swap units from kernel cmdline (#2190226) - generators: change TimeoutSec=0 to TimeoutSec=infinity (#2190226) - units: change TimeoutSec=0 to TimeoutSec=infinity (#2190226) - fstab-generator: use correct swap name var (#2190226) - fstab-generator: add more parameter name comments (#2190226) - fstab-generator: unify initrd-root-device.target dependency handling code (#2190226) - fstab-util: add fstab_is_bind (#2190226) - fstab-generator: resolve bind mount source when in initrd (#2190226) - fstab-generator: rename 'initrd' flag to 'prefix_sysroot' (#2190226) - fstab-generator: fix target of /sysroot/usr (#2190226) - fstab-generator: add rd.systemd.mount-extra= and friends (#2190226) - fstab-generator: add a flag to accept entry for "/" in initrd (#2190226) - test-fstab-generator: extract core part as a function (#2190226) - test-fstab-generator: also test with SYSTEMD_IN_INITRD=no (#2190226) - test-fstab-generator: add more tests for systemd.mount-extra= and friends (#2190226) - fstab-generator: enable fsck for block device mounts specified in systemd.mount-extra= (#2190226) - core: use correct scope of looking up units (#2226980) - test: merge unit file related tests into TEST-23-UNIT-FILE (#2213521) - test: rename TEST-07-ISSUE-1981 to TEST-07-PID1 (#2213521) - test: merge TEST-08-ISSUE-2730 into TEST-07-PID1 (#2213521) - test: merge TEST-09-ISSUE-2691 into TEST-07-PID1 (#2213521) - test: merge TEST-10-ISSUE-2467 with TEST-07-PID1 (#2213521) - test: merge TEST-11-ISSUE-3166 into TEST-07-PID1 (#2213521) - test: merge TEST-12-ISSUE-3171 into TEST-07-PID1 (#2213521) - test: move TEST-23's units into a dedicated subfolder (#2213521) - test: merge TEST-47-ISSUE-14566 into TEST-07-PID1 (#2213521) - test: merge TEST-51-ISSUE-16115 into TEST-07-PID1 (#2213521) - test: merge TEST-20-MAINPIDGAMES into TEST-07-PID1 (#2213521) - test: abstract the common test parts into a utility script (#2213521) - test: add tests for JoinsNamespaceOf= (#2213521) - core/unit: drop doubled empty line (#2213521) - core/unit: make JoinsNamespaceOf= implies the inverse dependency (#2213521) - core/unit: search shared namespace in transitive relation of JoinsNamespaceOf= (#2213521) - core/unit: update bidirectional dependency simultaneously (#2213521) - resolvectl: fix type of ifindex D-Bus field, and make sure to initialize to zero in all code paths (#2161260) - resolved: add some line-breaks/comments (#2161260) - resolvectl: don't filter loopback DNS server from global DNS server list (#2161260) - blockdev-util: add simple wrapper around BLKSSZGET (#2170883) - loop-util: insist on setting the sector size correctly (#2170883) - dissect-image: add probe_sector_size() helper for detecting sector size of a GPT disk image (#2170883) - loop-util: always tell kernel explicitly about loopback sector size (#2170883) - Revert "Treat EPERM as "not available" too" (#2178222) - Revert "test: accept EPERM for unavailable idmapped mounts as well" (#2178222) * Fri Aug 04 2023 systemd maintenance team <[email protected]> - 252-17 - Revert "core/service: when resetting PID also reset known flag" (#2225667 - ci: explicitly install python3-lldb-$COMPILER_VERSION (#2225667) * Mon Jul 17 2023 systemd maintenance team <[email protected]> - 252-16 - ci: update permissions for source-git automation workflows (#2170883) - pstore: fixes for dmesg.txt reconstruction (#2170883) - pstore: explicitly set the base when converting record ID (#2170883) - pstore: avoid opening the dmesg.txt file if not requested (#2170883) - test: add a couple of tests for systemd-pstore (#2170883) - test: match all messages with the FILE field (#2170883) - test: build the SELinux test module on the host (#2170883) - test: make the stress test slightly less stressful on slower machines (#2170883) - coredump: use unaligned_read_ne{32,64}() to parse auxv (#2170883) - core/transaction: make merge_unit_ids() always return NUL-terminated string (#2170883) - core/transaction: make merge_unit_ids() return non-NULL on success (#2170883) - core/transaction: do not log "(null)" (#2170883) - ci: allow `RHEL-only` labels to mark downstream-only commits (#2170883) - elf-util: discard PT_LOAD segment early based on the start address. (#2215412) - elf-util: check for overflow when computing end of core's PT_LOAD segments (#2215412) - sulogin: use DEFINE_MAIN_FUNCTION() (#2169959) - sulogin: fix control lost of the current terminal when default.target is rescue.target (#2169959) - journal-vacuum: count size of all journal files (#2182632) - memory-util: add a concept for gcc cleanup attribute based array destruction (#2182632) - macro: introduce FOREACH_ARRAY() macro (#2182632) - journal-vacuum: rename function to match struct name (#2182632) - journal-vacuum: use CLEANUP_ARRAY (#2182632) - pam: add call to pam_umask (#2210145) - udev-builtin-net_id: align VF representor names with VF names (#2218886) - pam: add a call to pam_namespace (#2218184) - rules: online CPU automatically on IBM s390x platforms when configured (#2212612) - core/mount: escape invalid UTF8 char in dbus reply (#2208240) - Revert "user: delegate cpu controller, assign weights to user slices" (#2176899) - udev-rules: fix nvme symlink creation on namespace changes (#2172509) - rules: add whitespace after comma before the line continuation (#2172509) - udev: restore compat symlink for nvme devices (#2172509) - rules: drop doubled space (#2172509) - manager: don't taint the host if cgroups v1 is used (#2193456) - core/service: when resetting PID also reset known flag (#2210237) - ci: drop systemd-stable from advanced-commit-linter config (#2170883) * Thu May 18 2023 systemd maintenance team <[email protected]> - 252-15 - ci: trigger `differential-shellcheck` workflow on push (#2100440) - ci: workflow for gathering metadata for source-git automation (#2100440) - ci: first part of the source-git automation - commit linter (#2100440) - ci(Mergify): check CodeQL and build workflows based on changed files (#2100440) - ci: add NOTICE to also update regexp in `.mergify.yml` when updating `paths` property (#2100440) - Support /etc/system-update for OSTree systems (#2203133) - journal-def: fix type of signature to match the actual field in the Header structure (#2183546) - journal: use compound initialization for journal file Header structure (#2183546) - journald: fix log message (#2183546) - sd-journal: cache results of parsing environment variables (#2183546) - compress: introduce compression_supported() helper function (#2183546) - sd-journal: always use the compression algorithm specified in the header (#2183546) - sd-journal: allow to specify compression algorithm through env (#2183546) - test: add test case that journal file is created with the requested compression algorithm (#2183546) - rules: do not online CPU automatically on IBM platforms (#2143107) * Tue Mar 21 2023 systemd maintenance team <[email protected]> - 252-14 - systemd: Support OOMPolicy in scope units (#2176918) - systemd: Default to OOMPolicy=continue for login session scopes (#2176918) - man: rework description of OOMPolicy= a bit (#2176918) - core,man: add missing integration of OOMPolicy= in scopes (#2176918) - meson: Store fuzz tests in structured way (#2176918) - meson: Generate fuzzer inputs with directives (#2176918) - oss-fuzz: include generated corpora in the final zip file (#2176918) - unit: In cgroupv1, gracefully terminate delegated scopes again (#2180120) * Mon Feb 27 2023 systemd maintenance team <[email protected]> - 252-8 - journal-file: Fix return value in bump_entry_array() (#2173682) * Mon Feb 27 2023 systemd maintenance team <[email protected]> - 252-7 - test: add coverage for #24177 (#1985288) - logind-session: make stopping of idle session visible to admins (#2172401) * Wed Feb 22 2023 systemd maintenance team <[email protected]> - 252-6 - journalctl: actually run the static destructors (#2122500) - efi: drop executable-stack bit from .elf file (#2140646) - install: fail early if specifier expansion failed (#2138081) - test: add coverage for #26467 (#2138081) * Fri Feb 17 2023 systemd maintenance team <[email protected]> - 252-5 - nss-myhostname: fix inverted condition in (#2167468) - nss-myhostname: do not return empty result with NSS_STATUS_SUCCESS (#2167468) - sleep: rename hibernate_delay_sec -> _usec (#2151612) - sleep: fetch_batteries_capacity_by_name() does not return -ENOENT (#2151612) - sleep: drop unnecessary temporal vaiable and initialization (#2151612) - sleep: introduce SuspendEstimationSec= (#2151612) - sleep: coding style fixlets (#2151612) - sleep: simplify code a bit (#2151612) - sleep: fix indentation (#2151612) - sleep: enumerate only existing and non-device batteries (#2151612) - core: when isolating to a unit, also keep units running that are triggered by units we keep running (#1952378) - udev/net_id: introduce naming scheme for RHEL-9.2 (#2170500) * Mon Feb 06 2023 systemd maintenance team <[email protected]> - 252-4 - udev: make get_virtfn_info() provide physical PCI device (#2159448) - test: make helper_check_device_units() log unit name (#2138081) - test: add a testcase for lvextend (#2138081) - pid1: fix segv triggered by status query (#26279) (#2138081) - test: create config under /run (#2138081) - test: add tests for mDNS and LLMNR settings (#2138081) - resolved: introduce the _localdnsstub and _localdnsproxy special hostnames for 127.0.0.54 + 127.0.0.53 (#2138081) - test: wait for the monitoring service to become active (#2138081) - test: suppress echo in monitor_check_rr() (#2138081) - Revert "test: wait for the monitoring service to become active" (#2138081) - test: show and check almost all journal entries since the relevant command being invoked (#2138081) - test: cover IPv6 in the resolved test suite (#2138081) - test: add a couple of SRV records to check service resolution (#2138081) - test: add a test for the OPENPGPKEY RR (#2138081) - test: don't hang indefinitely on no match (#2138081) - test-ndisc: fix memleak and fd leak (#2138081) - test-unit-name: fix fd leak (#2138081) - test: bump D-Bus service start timeout if we run without accel (#2138081) - test: bump the client-side timeout in sd-bus as well (#2138081) - test: bump the container spawn timeout to 60s (#2138081) - network: fix memleak (#2138081) - busctl: fix introspecting DBus properties (#2138081) - busctl: simplify peeking the type (#2138081) - resolve: drop redundant call of socket_ipv6_is_supported() (#2138081) - resolve: introduce link_get_llmnr_support() and link_get_mdns_support() (#2138081) - resolve: provide effective supporting levels of mDNS and LLMNR (#2138081) - resolvectl: warn if the global mDNS or LLMNR support level is lower than the requested one (#2138081) - resolve: enable per-link mDNS setting by default (#2138081) * Mon Jan 16 2023 systemd maintenance team <[email protected]> - 252-3 - swap: tell swapon to reinitialize swap if needed (#2151993) - coredump: adjust whitespace (#2155517) - coredump: do not allow user to access coredumps with changed uid/gid/capabilities (#2155517) - Revert "basic: add fallback in chase_symlinks_and_opendir() for cases when /proc is not mounted" (#2138081) - glyph-util: add warning sign special glyph (#2138081) - chase-symlink: when converting directory O_PATH fd to real fd, don't bother with /proc/ (#2138081) - systemctl: print a clear warning if people invoke systemctl without /proc/ (#2138081) - TEST-65: check cat-config operation in chroot (#2138081) - TEST-65: use [[ -v ]] more (#2138081) - systemctl: warn if trying to disable a unit with no install info (#2141979) - systemctl: allow suppress the warning of no install info using --no-warn (#2141979) - rpm/systemd-update-helper: use --no-warn when disabling units (#2141979) - systemctl: suppress warning about missing /proc/ when --no-warn (#2141979) - shell-completion: systemctl: add --no-warn (#2141979) - core/unit: drop doubled empty line (#2160477) - core/unit: drop dependency to the unit being merged (#2160477) - core/unit: fix logic of dropping self-referencing dependencies (#2160477) - core/unit: merge two loops into one (#2160477) - test: add test case for sysv-generator and invalid dependency (#2160477) - core/unit: merge unit names after merging deps (#2160477) - core/unit: fix log message (#2160477) - test: explicitly create the /etc/init.d directory (#2160477) - test: support a non-default SysV directory (#2160477) * Fri Dec 09 2022 systemd maintenance team <[email protected]> - 252-2 - test: check if we can use SHA1 MD for signing before using it (#2141979) - boot: cleanups for efivar_get() and friends (#2141979) - boot: fix false maybe-uninitialized warning (#2141979) - tree-wide: modernizations with RET_NERRNO() (#2137584) - sd-bus: handle -EINTR return from bus_poll() (#2137584) - stdio-bridge: don't be bothered with EINTR (#2137584) - varlink: also handle EINTR gracefully when waiting for EIO via ppoll() (#2137584) - sd-netlink: handle EINTR from poll() gracefully, as success (#2137584) - resolved: handle -EINTR returned from fd_wait_for_event() better (#2137584) - homed: handle EINTR gracefully when waiting for device node (#2137584) - utmp-wtmp: fix error in case isatty() fails (#2137584) - utmp-wtmp: handle EINTR gracefully when waiting to write to tty (#2137584) - io-util: document EINTR situation a bit (#2137584) - terminal-util: Set OPOST when setting ONLCR (#2138081) - cgtop: Do not rewrite -P or -k options (#2138081) - test: Add tests for systemd-cgtop args parsing (#2138081) - resolved: remove inappropriate assert() (#2138081) - boot: Add xstrn8_to_16 (#2138081) - boot: Use xstr8_to_16 (#2138081) - boot: Use xstr8_to_16 for path conversion (#2138081) - stub: Fix cmdline handling (#2138081) - stub: Detect empty LoadOptions when run from EFI shell (#2138081) - boot: Use EFI_BOOT_MANAGER_POLICY_PROTOCOL to connect console devices (#2138081) - boot: Make sure all partitions drivers are connected (#2138081) - boot: improve support for qemu (#2138081) - systemd-boot man page: add section for virtual machines (#2138081) - boot: Only do full driver initialization in VMs (#2138081) - dissect: rework DISSECT_IMAGE_ADD_PARTITION_DEVICES + DISSECT_IMAGE_OPEN_PARTITION_DEVICES (#2138081) - ci(Mergify): v252 configuration update (#2138081) - ci: Run GitHub workflows on rhel branches (#2138081) - ci: Drop scorecards workflow, not relevant (#2138081) * Fri Dec 02 2022 systemd maintenance team <[email protected]> - 252-1 - Rebase to systemd v252 + systemd-stable v252.2 (#2138081) * Fri Dec 02 2022 systemd maintenance team <[email protected]> - 250-13 - build systemd-boot EFI tools (#2140646) * Thu Aug 25 2022 systemd maintenance team <[email protected]> - 250-11 - scope: allow unprivileged delegation on scopes (#2120604) - udev/net_id: add "rhel-9.1" naming scheme (#2121144)
/usr/bin/ukify /usr/lib/systemd/ukify /usr/share/man/man1/ukify.1.gz
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Nov 26 08:27:25 2024