summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2016-02-01sd-event: when determining the last allowed time a time event may elapse, ↵Lennart Poettering
deal with overflows
2016-02-01util: add usec_add() which adds two usec_t values with overflow handlingLennart Poettering
2016-02-01resolved: rework what ResolveHostname() with family == AF_UNSPEC meansLennart Poettering
Previously, if a hostanem is resolved with AF_UNSPEC specified, this would be used as indication to resolve both an AF_INET and an AF_INET6 address. With this change this logic is altered: an AF_INET address is only resolved if there's actually a routable IPv4 address on the specific interface, and similar an AF_INET6 address is only resolved if there's a routable IPv6 address. With this in place, it's ensured that the returned data is actually connectable by applications. This logic mimics glibc's resolver behaviour. Note that if the client asks explicitly for AF_INET or AF_INET6 it will get what it asked for. This also simplifies the logic how it is determined whether a specific lookup shall take place on a scope. Specifically, the checks with dns_scope_good_key() are now moved out of the transaction code and into the query code, so that we don't even create a transaction object on a specific scope if we cannot execute the resolution on it anyway.
2016-02-01journal-cat: don't allocate memory for the syslog identifierLennart Poettering
Fixes: #2490
2016-02-01activate: reorder --help textLennart Poettering
Make sure the --help and --version options are mentioned first, like in all our other tools.
2016-02-01activate: fix memory allocation for execv() parametersLennart Poettering
Make sure we construct the full environment block on the heap, so that we can clean things up properly if execv() fails.
2016-02-01Merge pull request #2505 from torstehu/fix-typo4Lennart Poettering
Fix typos and a small build fix
2016-02-01resolve: Silence build warning, when systemd is built without libidnTorstein Husebø
HAVE_IDN is not defined when systemd is build without it
2016-02-01resolve: fix typosTorstein Husebø
2016-02-01Merge pull request #2491 from martinpitt/masterLennart Poettering
tmpfiles: drop /run/lock/lockdev
2016-02-01tmpfiles: drop /run/lock/lockdevMartin Pitt
Hardly any software uses that any more, and better locking mechanisms like flock() have been available for many years. Also drop the corresponding "lock" group from sysusers.d/basic.conf.in, as nothing else is using this.
2016-02-01Merge pull request #2497 from jsynacek/bootoffset-runtime-v4Lennart Poettering
Expose additional booleans in sd_journal and improve error messages in journalctl
2016-02-01journalctl: improve error messages when the specified boot is not foundJan Synacek
2016-02-01journalctl: show friendly info when using -b on runtime journal onlyJan Synacek
Make it clear that specifing boot when there is actually only one has no effect. This cosmetic patch improves user experience a bit.
2016-02-01sd-journal: introduce has_runtime_files and has_persistent_filesJan Synacek
Also introduce sd_journal_has_runtime_files() and sd_journal_has_persistent_files() to the public API. These functions can be used to easily find out if the open journal files are runtime and/or persistent.
2016-02-01Merge pull request #2481 from xnox/pretty-ccwLennart Poettering
udev: net_id - for ccw bus, shorten the identifier and stip leading z…
2016-02-01Merge pull request #2493 from evverx/fix-selinux-checksLennart Poettering
Fix selinux check for ReloadUnit
2016-02-01Merge pull request #2494 from michaelolbrich/resolved-without-gcryptLennart Poettering
Resolved without gcrypt
2016-01-31Merge pull request #2496 from whot/hwdb-updatesZbigniew Jędrzejewski-Szmek
hwdb: add Samsung 305V4A axis resolutions
2016-02-01hwdb: add Samsung 305V4A axis resolutionsPeter Hutterer
From https://bugzilla.redhat.com/show_bug.cgi?id=1294022
2016-01-31resolved: allow building without libgcryptMichael Olbrich
2016-01-31resolved: make dnssec_nsec_test_enclosed() staticMichael Olbrich
It's not used anywhere else.
2016-01-31resolved: reorder functionsMichael Olbrich
Preparation to make gcrypt optional.
2016-01-31core: let's check access before type modificationEvgeny Vereshchagin
2016-01-31core: refactoring: add job_type_to_access_methodEvgeny Vereshchagin
remove duplication
2016-01-31core: fix selinux check for reloadEvgeny Vereshchagin
Fixes: -bash-4.3# echo 1 >/sys/fs/selinux/enforce -bash-4.3# runcon -t systemd_test_start_t systemctl start hola -bash-4.3# sesearch --allow -s systemd_test_reload_t -c service Found 1 semantic av rules: allow systemd_test_reload_t systemd_unit_file_t : service reload ; -bash-4.3# runcon -t systemd_test_reload_t systemctl reload hola Failed to reload hola.service: Access denied See system logs and 'systemctl status hola.service' for details. -bash-4.3# journalctl -b | grep -i user_avc | grep reload USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=' avc: denied { start } for auid=0 uid=0 gid=0 path="/etc/systemd/system/hola.service" cmdline="systemctl reload hola" scontext=unconfined_u:unconfined_r:systemd_test_reload_t:s0-s0:c0.c1023 tcontext=system_u:object_r:systemd_unit_file_t:s0 tclass=service See https://fedoraproject.org/wiki/Features/SELinuxSystemdAccessControl#Documentation
2016-01-31Merge pull request #2487 from msekletar/bootctl-foreach-direntLennart Poettering
bootctl: replace readdir() loops with FOREACH_DIRENT
2016-01-31tests: add test-selinux-checksEvgeny Vereshchagin
2016-01-31bootctl: replace readdir() loops with FOREACH_DIRENTMichal Sekletar
2016-01-30Merge pull request #2469 from keszybz/resolved-2Lennart Poettering
Resolved 2
2016-01-29Merge pull request #2478 from grawity/fix/touch-modeZbigniew Jędrzejewski-Szmek
basic: fix touch() creating files with 07777 mode
2016-01-29basic: fix touch() creating files with 07777 modeMantas Mikulėnas
mode_t is unsigned, so MODE_INVALID < 0 can never be true. This fixes a possible DoS where any user could fill /run by writing to a world-writable /run/systemd/show-status.
2016-01-29man: reword sentenceZbigniew Jędrzejewski-Szmek
2016-01-29resolved: log server type when switching serversZbigniew Jędrzejewski-Szmek
I'm not defining _DNS_SERVER_TYPE_MAX/INVALID as usual in the enum, because it wouldn't be used, and then gcc would complain that various enums don't test for _DNS_SERVER_TYPE_MAX. It seems better to define the macro rather than add assert_not_reached() in multiple places.
2016-01-29resolved: add macro to compare sized fieldsZbigniew Jędrzejewski-Szmek
For consistency, generic.size is renamed to generic.data_size. nsec3.next_hashed_name comparison was missing a size check.
2016-01-29resolve-host: add option to list protocolsZbigniew Jędrzejewski-Szmek
2016-01-29resolve-host: allow specifying type as TYPEnnZbigniew Jędrzejewski-Szmek
This mirrors the behaviour of host and makes the conversion to and from string symmetrical.
2016-01-29test-tables: ellide boring parts of sparse mappingsZbigniew Jędrzejewski-Szmek
2016-01-29test-resolve-tables: new "test", useful to print mappingsZbigniew Jędrzejewski-Szmek
2016-01-29resolved: calculate and print tags for DNSKEY recordsZbigniew Jędrzejewski-Szmek
2016-01-29udev: net_id - for ccw bus, shorten the identifier and stip leading zerosDimitri John Ledkov
The commmon case default qeth link is enccw0.0.0600 is rather long. Thus strip leading zeros (which doesn't make the bus_id unstable), similar to the PCI domain case. Also 'ccw' is redundant on S/390, as there aren't really other buses available which could have qeth driver interfaces. Not sure why this code is even compiled on non-s390[x] platforms. But to distinguish from e.g. MAC stable names shorten the suffix to just 'c'. Thus enccw0.0.0600 becomes enc600.
2016-01-29Merge pull request #2474 from poettering/doc-fix-2189Martin Pitt
man: document special considerations when mixing templated service un…
2016-01-29man: document special considerations when mixing templated service units and ↵Lennart Poettering
DefaultDependencies=no Fixes #2189.
2016-01-29Merge pull request #2465 from poettering/systemctl-chrootDaniel Mack
Fix for #2015
2016-01-29Merge pull request #2472 from poettering/mini-fixesDaniel Mack
Two mini fixes
2016-01-29systemctl: actually honour the try-reload-or-restart verb aabf5d4243408 promisedLennart Poettering
The verb entry got lost in the ultimate commit.
2016-01-29systemctl: make most systemctl commands NOPs in a chroot() environmentLennart Poettering
Fixes #2015
2016-01-29systemctl: consider a chroot() environment always offlineLennart Poettering
2016-01-29basic: when parsing verb command lines, optionally shortcut them in chroot() ↵Lennart Poettering
environments This adds some basic infrastructure in order to fix #2015.
2016-01-29man: document which section the configuration settings of timesyncd.conf ↵Lennart Poettering
belong into