Merge-in changes#1
Merged
cgoesche merged 217 commits intocgoesche:masterfrom Dec 31, 2025
Merged
Conversation
A lot of documentation on the Internet seems to assume "defaults" is the /correct/ default value when no other options are intended. Documentation/example.files/fstab does not have an entry for swap, but it shows "defaults" for other file systems. It seems prudent to align on a single variant, at least in the documentation, even if both are accepted by swapon. Signed-off-by: Chris Hofstaedtler <zeha@debian.org>
Commit 63f7dcb ("lib/config: Make /run path configurable") added a second _PATH_SYSCONFDIR instead of _PATH_RUNSTATEDIR. Fix that.
…linux * 'swapon-fstab-defaults' of https://github.com/zeha/util-linux: swapon: (man page) use "defaults" (plural)
* 'my-master-2' of https://github.com/Leefancy/util-linux: Fix memory leak issue in read_Subid_range()
* 'issuerunfix' of https://github.com/Vogtinator/util-linux: agetty: Fix reading /run/issue.d/ again
Parameters set with `hwclock --param-set` tend to be persisted in the RTC's EEPROM. Writing the same value over and over again can wear out the EEPROM (e.g. on each boot). So read the current value first. Only if the parameter is changed, actually write the new value. This allows for easier integrations, especially since there is no machine-readable way of retrieving the current value via hwclock. Signed-off-by: Bastian Krause <bst@pengutronix.de>
The get_disk_ranges() function incorrectly capped the last usable sector at UINT_MAX, which could cause an overflow when calculating partition size for MBR partition tables. MBR stores partition size as a 32-bit value with maximum UINT_MAX. The partition size is calculated as: size = stop - start + 1 For a partition starting at sector 0: - If stop = UINT_MAX: size = UINT_MAX + 1 (overflow!) - If stop = UINT_MAX - 1: size = UINT_MAX (correct maximum) This fixes the inconsistency where dos_init() correctly warns about disks larger than UINT_MAX sectors (2TiB - 512 bytes for 512-byte sectors), but get_disk_ranges() allowed creating partitions that would overflow the 32-bit size field. Addresses: https://issues.redhat.com/browse/RHEL-122367 Signed-off-by: Karel Zak <kzak@redhat.com>
Signed-off-by: Christian Goeschel Ndjomouo <cgoesc2@wgu.edu>
Signed-off-by: Christian Goeschel Ndjomouo <cgoesc2@wgu.edu>
Signed-off-by: Christian Goeschel Ndjomouo <cgoesc2@wgu.edu>
Signed-off-by: Christian Goeschel Ndjomouo <cgoesc2@wgu.edu>
Signed-off-by: Christian Goeschel Ndjomouo <cgoesc2@wgu.edu>
Signed-off-by: Christian Goeschel Ndjomouo <cgoesc2@wgu.edu>
Signed-off-by: Christian Goeschel Ndjomouo <cgoesc2@wgu.edu>
Signed-off-by: Christian Goeschel Ndjomouo <cgoesc2@wgu.edu>
Signed-off-by: Christian Goeschel Ndjomouo <cgoesc2@wgu.edu>
Signed-off-by: Christian Goeschel Ndjomouo <cgoesc2@wgu.edu>
Signed-off-by: Christian Goeschel Ndjomouo <cgoesc2@wgu.edu>
Signed-off-by: Christian Goeschel Ndjomouo <cgoesc2@wgu.edu>
Signed-off-by: Christian Goeschel Ndjomouo <cgoesc2@wgu.edu>
Signed-off-by: Christian Goeschel Ndjomouo <cgoesc2@wgu.edu>
Signed-off-by: Christian Goeschel Ndjomouo <cgoesc2@wgu.edu>
Signed-off-by: Christian Goeschel Ndjomouo <cgoesc2@wgu.edu>
Signed-off-by: Christian Goeschel Ndjomouo <cgoesc2@wgu.edu>
Signed-off-by: Christian Goeschel Ndjomouo <cgoesc2@wgu.edu>
Signed-off-by: Christian Goeschel Ndjomouo <cgoesc2@wgu.edu>
Signed-off-by: Christian Goeschel Ndjomouo <cgoesc2@wgu.edu>
Signed-off-by: Christian Goeschel Ndjomouo <cgoesc2@wgu.edu>
Signed-off-by: Christian Goeschel Ndjomouo <cgoesc2@wgu.edu>
Signed-off-by: Christian Goeschel Ndjomouo <cgoesc2@wgu.edu>
Signed-off-by: Christian Goeschel Ndjomouo <cgoesc2@wgu.edu>
Signed-off-by: Christian Goeschel Ndjomouo <cgoesc2@wgu.edu>
Signed-off-by: Christian Goeschel Ndjomouo <cgoesc2@wgu.edu>
Signed-off-by: Christian Goeschel Ndjomouo <cgoesc2@wgu.edu>
Signed-off-by: Christian Goeschel Ndjomouo <cgoesc2@wgu.edu>
…mpatibility Signed-off-by: Christian Goeschel Ndjomouo <cgoesc2@wgu.edu>
Signed-off-by: Christian Goeschel Ndjomouo <cgoesc2@wgu.edu>
…esche/util-linux-fork * 'fix/login_shell_arg_null_str' of https://github.com/cgoesche/util-linux-fork: login: duplicate --shell argument to avoid nulling through explicit_bzero()
…esche/util-linux-fork * 'fix/procfs_extraneous_return' of https://github.com/cgoesche/util-linux-fork: lib: (procfs.c) remove extraneous return statement
Move the current code into two small functions to improve readability and facilitate future extensions. Signed-off-by: Karel Zak <kzak@redhat.com>
Split the function into smaller functions to make it easier to read and extend in the future. Introduce a struct to hold all variants of tag names, including udev names in the future. Signed-off-by: Karel Zak <kzak@redhat.com>
Signed-off-by: Karel Zak <kzak@redhat.com>
The library traditionally uses libblkid to obtain device properties (such as FS-type if not specified). This can be a relatively costly operation to scan the device and requires read access to the device. All relevant libblkid information is usually cached by the udev DB. This commit adds the possibility to reuse the information from udev, with a fallback to libblkid if udev is not available. The commit also adds $ ./configure --disable-libmount-udev-support $ meson setup build -Dbuild-libmount-udev-support=disabled to completely disable this feature and avoid libmount's dependence on libsystemd. Signed-off-by: Karel Zak <kzak@redhat.com>
This patch introduces an internal libmount method to convert fs-type (as provided by libblkid or udevd) to mount-type to specify a different mount driver. Currently, the mapping from fs-type to mount-type is hardcoded in libmount as a temporary solution. The final implementation should provide configuration files (e.g., /etc/mount/fs.d/<name>) for these mappings. The current default mapping is implemented only for NTFS. It can be modified during compilation with: ./configure --with-ntfs-mounttype=TYPE or meson setup build -D ntfs-mounttype=TYPE The default is "ntfs3". Addresses: #3618 Addresses: systemd/systemd#39982 Signed-off-by: Karel Zak <kzak@redhat.com>
We need stable filesystem names (types) even though there are multiple filesystem drivers. libmount now provides a way to map the stable fs-types to various mount-types. References: 4cd429f Signed-off-by: Karel Zak <kzak@redhat.com>
…/cgoesche/util-linux-fork * 'fix/consolidate_validate_pfd_ino' of https://github.com/cgoesche/util-linux-fork: lib: (pidutils.c) use uint64_t instead of ino_t for seamless cross-compatibility kill: use uint64_t as type for kill_control->pidfd_ino lib: (pidfd-utils.c) remove extraneous _GNU_SOURCE feature test macro lib: (pidfd-utils) new helper function to retrieve pidfd inode number lib: (pidfd-utils.c) add a helper routine to check the pidfd fs type kill: replace USE_KILL_WITH_PIDFD_INO ifdef with USE_PIDFD_INO_SUPPORT include: (pidfd-utils.h) conditionally define pidfd inode support libmount: add pidfs magic number for fstype check include: (statfs_magic.h) add pidfs magic number kill: use ul_get_valid_pidfd_or_err() to validate user provided pidfd inodes include: add helper routines for opening and validating pidfds
Signed-off-by: Karel Zak <kzak@redhat.com>
Add memeory release for tmpname upon successful return.
As well as the mappings between lower and upper ids, a user namespace is associated with an owner user and group in its parent. These are set from the uid and gid when the unshare() call is made, and determine which user in the parent namespace has CAP_SYS_ADMIN in the child and can setns() into it. Add an --owner=<uid>:<gid> option which allows a privileged user to create a user namespace on behalf of another user, mapping parent ids and/or bind-mounting the namespace with privileges that the new owner would not have. Simplify the control flow around map_ids_from_child() vs mapping them inline to avoid too many special cases. We reset mapuser and mapgroup to -1 to signal that the mapping has been delegated to the child helper. For completeness, we maintain the semantics of --map-root-user and --map-current-user, binding the invoking user to root or itself in the new namespace. However, when --owner is used, these must be handled by a forked child as with --map-users and --map-groups. Signed-off-by: Chris Webb <chris@arachsys.com>
get_mnt_ino() was originally introduced in c84f259 where it was used in a loop to wait for the parent process to unshare the mount namespace before binding the namespace in its child. The parent and child processes are now synchronised with eventfd, so remove this vestigial check and the now-unused get_mnt_ino() function. This allows bind_ns_files_from_child() to be used even when the mount namespace isn't amongst the namespaces being unshared. Signed-off-by: Chris Webb <chris@arachsys.com>
unshare --user=<file> always fails because we no longer have CAP_SYS_ADMIN in the parent user namespace after unsharing to create the new one. As with unshare --mount=<file>, fork a child to make the bind mount instead. Signed-off-by: Chris Webb <chris@arachsys.com>
…/util-linux-fork * 'feat/su_accept_gid_args' of https://github.com/cgoesche/util-linux-fork: unshare: use MAX_OF_UINT_TYPE instead of (type)-1 chfn: enable the use of the username or UID unshare: use the new ul_get{grp,userpw}_str() routines login: use new xgetuserpw() instead of xgetpwnam() chsh: use new xgetuserpw() instead of xgetpwnam() su: accept group name and GID in -g and -G options tests: (su) test GID argument in --group option lib: (pwdutils.c) new library routines to get a group/passwd struct by name or GID/UID include/c.h: add MAX_OF_UINT_TYPE macro to get max num of an uint type
…ke/util-linux * 'lsns-8--fix-missing-comma' of https://github.com/masatake/util-linux: docs: lsns(8): add missing a comma in SEE ALSO section
…il-linux * 'unshare/userbind' of https://github.com/arachsys-prs/util-linux: unshare: fix user namespace bind mounts unshare: remove get_mnt_ino() check in bind_ns_files_from_child()
…til-linux * 'unshare/userowner' of https://github.com/arachsys-prs/util-linux: unshare: add --owner to set user namespace owner uid and gid Signed-off-by: Karel Zak <kzak@redhat.com>
Addresses: #3903 Signed-off-by: Karel Zak <kzak@redhat.com>
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| PID= | ||
| FD=3 | ||
| IFNAME= | ||
| readonly MYNETNS=$($TS_CMD_LSNS -n -t net -p $$ -oNS) |
Check warning
Code scanning / shellcheck
SC2155 Warning test
| if [[ "$output" == "$IFNAME" ]]; then | ||
| echo 'TUN.IFACE': $? | ||
| else | ||
| echo 'TUN.IFACE': $? |
Check warning
Code scanning / shellcheck
SC2319 Warning test
| { | ||
| output=$(${TS_CMD_LSFD} -p "${PID}" -n --raw -o TUN.DEVNETNS -Q "${EXPR}") | ||
| if [[ "$output" == "$netns" ]]; then | ||
| echo 'TUN.DEVNETNS': $? |
Check warning
Code scanning / shellcheck
SC2319 Warning test
| if [[ "$output" == "$netns" ]]; then | ||
| echo 'TUN.DEVNETNS': $? | ||
| else | ||
| echo 'TUN.DEVNETNS': $? |
Check warning
Code scanning / shellcheck
SC2319 Warning test
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.