Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: latchset/clevis
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: master
Choose a base ref
...
head repository: anatol/clevis
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: master
Choose a head ref
Checking mergeability… Don’t worry, you can still create the pull request.
  • 5 commits
  • 7 files changed
  • 1 contributor

Commits on Oct 10, 2022

  1. Add BSD_SOURCES to use setgroups at CentOS7 

    Per manpage here is requirement for setgroups():
  Since glibc 2.19:
    _DEFAULT_SOURCE
  Glibc 2.19 and earlier:
    _BSD_SOURCE

CentOS7 uses glibc-2.17 and thus requires _BSD_SOURCE. Without it we get
following compilation error:

src/luks/udisks2/clevis-luks-udisks2.c:327:13: error: implicit declaration of function 'setgroups' [-Werror=implicit-function-declaration]
             if (setgroups(1, &gid) != 0) {
             ^
    @anatol
    anatol committed Oct 10, 2022
    Configuration menu
    Copy the full SHA
    50330be View commit details
    Browse the repository at this point in the history

  2. Revert "systemd: drop hard requirement on networking" 

    This reverts commit ba8fab2.
    @anatol
    anatol committed Oct 10, 2022
    Configuration menu
    Copy the full SHA
    944f286 View commit details
    Browse the repository at this point in the history

  3. work

    @anatol
    anatol committed Oct 10, 2022
    Configuration menu
    Copy the full SHA
    add1863 View commit details
    Browse the repository at this point in the history

  4. Restore systemd and dracut hook from CentOS7 codebase 

    It turns out that the new (CentOS8) dracut/systemd integration does not
work well with CentOS7 environment.

Tested: installed new clevis rpms at several hosts, regenerated dracut
image with `dracut --force`, reboot the host and observe it unlocked.
    @anatol
    anatol committed Oct 10, 2022
    Configuration menu
    Copy the full SHA
    9196653 View commit details
    Browse the repository at this point in the history

Commits on Nov 2, 2022

  1. sss: sss-encrypt must read pipe data until EOF is reached 

    With current implementation sss-encrypt opens a pipe to the child pin,
then tries to read this pipe *only once*. This might return only partial
data or not data at all in case if the child pin response is slow.

Fix it by reading the pipe until it is closed, and only then process the
data.

Also increase the response buffer from 1024 bytes to 4096 bytes to
accound for larger subpin responses that can be larger than 1024 bytes.

Fixes #389
    @anatol
    anatol committed Nov 2, 2022
    Configuration menu
    Copy the full SHA
    8d3a80d View commit details
    Browse the repository at this point in the history
Loading