-
Notifications
You must be signed in to change notification settings - Fork 6
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
(RHEL-71409) Rebase rhel-only patches on top of v257 #47
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
jamacku
force-pushed
the
rebase257
branch
5 times, most recently
from
December 16, 2024 13:25
bea03a9
to
28ea94a
Compare
jamacku
changed the title
Rebase rhel-only patches on top of v257
(RHEL-71409) Rebase rhel-only patches on top of v257
Dec 16, 2024
This effectively reverts a change in 115d514 'journald: move uid_for_system_journal() to uid-alloc-range.h', which slipped in an additional check of uid_is_container(uid). The problem is that that change is not backwards-compatible at all and very hard for users to handle. There is no common agreement on mappings of high-range uids. Systemd declares ownership of a large range for container uids in https://systemd.io/UIDS-GIDS/, but this is only a recent change and various sites allocated those ranges in a different way, in particular FreeIPA uses (used?) uids from this range for human users. On big sites with lots of users changing uids is obviously a hard problem. We generally assume that uids cannot be "freed" and/or changed and/or reused safely, so we shouldn't demand the same from others. This is somewhat similar to the situation with SYSTEM_ALLOC_UID_MIN / SYSTEM_UID_MAX, which we tried to define to a fixed value in our code, causing huge problems for existing systems with were created with a different definition and couldn't be easily updated. For that case, we added a configuration time switch and we now parse /etc/login.defs to actually use the value that is appropriate for the local system. Unfortunately, login.defs doesn't have a concept of container allocation ranges (and we don't have code to parse and use those nonexistent names either), so we can't tell users to adjust logind.defs to work around the changed definition. login.defs has SUB_UID_{MIN,MAX}, but those aren't really the same thing, because they are used to define where the add allocations for subuids, which is generally a much smaller range. Maybe we should talk with other folks about the appropriate allocation ranges and define some new settings in login.defs. But this would require discussion and coordination with other projects first. Actualy, it seems that this change was needed at all. The code in the container does not log to the outside journal. It talks to its own journald, which does journal splitting using its internal logic based on shifted uids. So let's revert the change to fix user systems. Fixes https://bugzilla.redhat.com/show_bug.cgi?id=2251843. rhel-only: bugfix Related: RHEL-40924
Follow-up for systemd/systemd#33383. rhel-only: bugfix Related: RHEL-40924
Adjust upstream config to use our shared stack rhel-only: feature Related: RHEL-40924
Also add RHEL8,9,10 versions to version-info.xml file rhel-only: feature Resolves: RHEL-22621
Also split rules into 40-redhat-hotplug.rules, 40-redhat-s390.rules and 40-redhat.rules. rhel-only: feature Resolves: RHEL-40360
RHEL-only: bugfix Related: RHEL-40924
RHEL-only: bugfix Related: RHEL-40924
I think this was the intent of commit 91b684c, just network-online.target didn't exist back then. RHEL-only: bugfix Related: RHEL-40924
RHEL-only: feature Related: RHEL-40924
RHEL-only: feature Related: RHEL-40924
RHEL-only: policy Related: RHEL-40924
Kernel removed the elevator= option, so let's reintroduce it for rhel8 via udev rule. RHEL-only: feature Related: RHEL-40924
This should be hopefully high enough even for the very big deployments. RHEL-only: feature Related: RHEL-40924
While stable MAC address for interface types that don't have the address provided by HW could be useful it also breaks LACP based bonds. Let's err on the side of caution and don't change the MAC address from udev. RHEL-only: policy Related: RHEL-40924
RHEL-only: bugfix Related: RHEL-40924
In rhel10 we will have separate bin and sbin RHEL-only: policy Resolves: RHEL-46277
We noticed that some people are installing systemd* and then have daemons they don't need running. So let's remove resolved from presets so its usage is a bit more deliberate RHEL-only: policy Resolves: RHEL-46576
rhel-only: ci Related: RHEL-40924
follow-up to redhat-plumbers@13a0702 rhel-only: policy Related: RHEL-40924
As it's not needed anymore. rhel-only: ci Related: RHEL-40924
This brings policy inline with RHEL-9. rhel-only: policy Related: RHEL-46778
rhel-only: policy Related: RHEL-40924
rhel-only: policy Related: RHEL-40924
rhel-only: policy Related: RHEL-40924
rhel-only: policy Related: RHEL-40924
rhel-only: policy Resolves: RHEL-44416
rhel-only: policy Related: RHEL-55728
It seems that virtio devices always have "0" in the firmware_node/sun. And because of that, udev will always name the device ens0, which leads to collisions. So let's disable it for now. rhel-only: policy Resolves: RHEL-55728
Commit validationTracker - RHEL-40924, RHEL-22621, RHEL-40360, RHEL-46277, RHEL-46576, RHEL-46778, RHEL-44416, RHEL-55728, RHEL-44417, RHEL-71409 The following commits meet all requirements
Tracker validation🔴 Missing tracker or Unknown tracker type; type: 'unknown' Pull Request validationFailed🔴 Failed or pending checks - |
rhel-only: policy Related: RHEL-44417
If - for whatever reason - a script uses set -u (nounset) and includes /etc/profile.d/70-systemd-shell-extra.sh (e.g. transitively via /etc/profile) the script would fail with: /etc/profile.d/70-systemd-shell-extra.sh: line 15: SHELL_PROMPT_PREFIX: unbound variable For example: $ cat > foo.sh <<EOF #!/bin/sh set -u source /etc/profile EOF $ chmod 700 foo.sh $ ./foo.sh /etc/profile.d/70-systemd-shell-extra.sh: line 15: SHELL_PROMPT_PREFIX: unbound variable Fix this by using shell parameter substitution[^1] (which is a POSIX shell concept) to set the $SHELL_* variables to the empty string if undefined. [^1]: https://pubs.opengroup.org/onlinepubs/9699919799.2018edition/utilities/V3_chap02.html (cherry picked from commit 12e33d332b3f8754f4d5d0d21d5d3f0de8adc54c) Related: RHEL-71409
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.