| Commit message (Collapse) | Author | Age |
|
|
|
| |
Wraps a module with a default location for reporting errors.
|
|\
| |
| | |
exploitdb: 2022-01-25 -> 2022-01-26
|
| | |
|
|\ \
| | |
| | | |
Kernels 2022-01-27
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
|\ \ \
| | | |
| | | | |
prometheus.exporters.smartctl: fixes
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
When no devices are given the exporter tries to autodiscover available
disks. The previous DevicePolicy was however preventing the exporter
from accessing any device at all, since only explicitly mentioned ones
were allowed.
This commit adds an allow rule for several device classes that I could
find on my machines, that gets set when no devices are explicitly
configured.
There is an existing problem with nvme devices, that expose a character
device at `/dev/nvme0`, and a (namespaced) block device at
`/dev/nvme0n1`. The character device does not come with permissions that
we could give to the exporter without further impacting the hardening.
crw------- 1 root root 247, 0 27. Jan 03:10 /dev/nvme0
brw-rw---- 1 root disk 259, 0 27. Jan 03:10 /dev/nvme0n1
The autodiscovery only finds the character device, which the exporter
unfortunately does not have access to.
However a simple udev rule can be used to resolve this:
services.udev.extraRules = ''
SUBSYSTEM=="nvme", KERNEL=="nvme[0-9]*", GROUP="disk"
'';
Unfortunately I'm not fully aware of the security implications this
change carries and we should question upstream (systemd) why they did
not include such a rule.
The disk group has no members on any of my machines.
❯ getent group disk
disk:x:6:
|
| | | |
| | | |
| | | |
| | | |
| | | | |
This allows the exporter to perform SCSI commands and interact with hpsa
and cciss devices.
|
|\ \ \ \ |
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
|\ \ \ \ \
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
helsinki-systems/feat/stc-proper-unit-file-parser
nixos/switch-to-configuration: Proper unit file parser and clean/fix lower part of the script
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
- Fully get rid of `parseKeyValues` and use systemctl features for that
- Add some regex modifiers recommended by perlcritic
- Get rid of a postfix if
- Sort units when showing their status
- Clean the logic for showing what failed from `elif` to `next`
- Switch from `state` to `substate` for `auto-restart` because that's
actually where the value is stored
- Show status of units with one single systemctl call and get rid of
COLUMNS in favor of --full
- Add a test for failing units
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
This replaces the naive K=V unit parser with a proper INI parser from a
library and adds proper support for override files. Also adds a bunch of
comments about parsing, I hope this makes it easier to understand and
maintain in the future.
There are multiple reasons to do so, the first one is just general
correctness with is nice imo. But to get to more serious reasons (I
didn't put in all that effort for nothing) is that this is the first
step torwards more clever restart/reload handling. By using a library
like Data::Compare a future PR could replace the current way of
fingerprinting units (which is to compare store paths) by comparing the
hashes. This is more precise because units won't get restarted because
the order of the options change, comments are added, some dependency of
writeText changes, .... Also this allows us to add a feature like
`X-Reload-Triggers` so the unit can either be reloaded when these change
or restarted when everything else changes, giving module authors the
ability to have their services reloaded without having to fear that
updates are not applied because the service doesn't get restarted.
Another reason why this feature is nice is that now that the unit files
are parsed correctly (and values are just extracted from one section),
potential future rewrites can just rely on some INI library without
having to implement their own weird parser that is compatible with this
script.
This also comes with a new subroutine to handle systemd booleans because
I thought the current way of handling it was just ugly. This also allows
overriding values this script reads in an override file.
Apart from making this script more compatible with the world around it,
this also fixes two issues I saw bugging exactly 0 (zero) people. First
is that this script now supports multiple override files, also ones that
are not called override.conf and the second one is that `1` and `on` are
treated as bools by systemd but were previously not parsed as such by
switch-to-configuration.
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
nixos/mx-puppet-discord: Change systemd unit description to avoid new…
|
| | | | | | | |
|
|\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | | |
haskellPackages: update stackage and hackage
|
| |\ \ \ \ \ \ \
| |/ / / / / / /
|/| | | | | | | |
|
|\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | | |
auto-multiple-choice: add OpenOfficeOODoc perl module as dependency
|
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Without this, AMC cannot export the results to OpenOffice. When one
presses "Reports->OpenOffice->Export", a dialog appears saying that
OpenOffice::OODoc perl module is not installed.
We switch to using makeFullPerlPath to make dependencies of
OpenOfficeOODoc also available. Without this, export complains about
missing XMLTwig.
|
| | | | | | | | | |
|
| |_|/ / / / / /
|/| | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
* tev: 1.19 -> 1.22 (#156914)
* tev: don't build on aarch64-linux
Co-authored-by: Renaud <c0bw3b@users.noreply.github.com>
|
|\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | | |
Revert 153594 doc optimization
|
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
This reverts commit 813f9da8ab69f106055dd4a8fead7bc0a21a251b.
|
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
This reverts commit 0b222173dba00680074ef9e98a5bad224f62967e.
|
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
This reverts commit 15a00be189be329f488986cd72d7315fa643b89a.
|
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
when already copied"
This reverts commit fecf32505984f4b8feae4c54663f322dcc8bd080.
|
| | |_|_|_|_|/ /
| |/| | | | | |
| | | | | | | |
| | | | | | | | |
This reverts commit 5d29853c389b52d75104415060fbeb2cd170a8fa.
|
|\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | | |
sympa: 6.2.66 -> 6.2.68
|
| | | | | | | | | |
|
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
|
|\ \ \ \ \ \ \ \ \ |
|
| | | | | | | | | | |
|
|\ \ \ \ \ \ \ \ \ \
| | | | | | | | | | |
| | | | | | | | | | | |
sqlfluff: 0.9.2 -> 0.9.3
|
| | | | | | | | | | | |
|
|\ \ \ \ \ \ \ \ \ \ \
| |_|_|_|_|_|_|_|_|_|/
|/| | | | | | | | | | |
python310Packages.flux-led: 0.28.11 -> 0.28.17
|
| | | | | | | | | | | |
|
|\ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | |
| | | | | | | | | | | | |
perlPackages.libnet: 3.12 -> 3.13
|
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | | |
Mainly to get the fix for https://rt.cpan.org/Public/Bug/Display.html?id=133912
|
|\ \ \ \ \ \ \ \ \ \ \ \ |
|
| | | | | | | | | | | | | |
|
|\ \ \ \ \ \ \ \ \ \ \ \ \ |
|