summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2014-12-30bus: drop creds->capability_sizeDavid Herrmann
The number of available caps can be read from /proc/sys/kernel/cap_last_cap during runtime. Our helper cap_last_cap() does that, so there's no reason to remember the size of any capability cache. We can just pre-allocate arrays with a suitable size for all available caps and reject any higher caps. The kernel capability API uses u32 as base so make sure we do the same. Note that this is specified by POSIX, so it's unlikely to change.
2014-12-30macro: add DIV_ROUND_UP()David Herrmann
This macro calculates A / B but rounds up instead of down. We explicitly do *NOT* use: (A + B - 1) / A as it suffers from an integer overflow, even though the passed values are properly tested against overflow. Our test-cases show this behavior. Instead, we use: A / B + !!(A % B) Note that on "Real CPUs" this does *NOT* result in two divisions. Instead, instructions like idivl@x86 provide both, the quotient and the remainder. Therefore, both algorithms should perform equally well (I didn't verify this, though).
2014-12-29hwdb: Update database of Bluetooth company identifiersMarcel Holtmann
2014-12-29update TODOLennart Poettering
2014-12-29Revert "machined: don't force terminate registered machines"Lennart Poettering
This reverts commit 206e7a5f7b55ac61188efd895e65ab26e478cbb2. We actually want to allow shutting down containers that use RegisterMachine() rather than CreateMachine() to register their own unit. It should be safe to do so, since the primary usecase for RegisterMachine() are container managers that run only a single container within their own unit, such as systemd-nspawn.
2014-12-29machined: ignore spurious errorLennart Poettering
2014-12-29nspawn: report back to systemd only very late whether we are OKLennart Poettering
That way, systemd can actually figure out if everything is OK with nspawn.
2014-12-29preset: enable machines.target by defaultLennart Poettering
2014-12-29Update TODOLennart Poettering
2014-12-29machinectl: add "enable" and "disable" verbs for enabling/disabling ↵Lennart Poettering
systemd-nspawn for containers This is basically just a shortcut for "systemctl enable systemd-nspawn@<foobar>.service", but does escaping.
2014-12-29machinectl: add new "start" verb to start a container as a service in nspawnLennart Poettering
2014-12-29units: rework systemd-nspawn@.service unitLennart Poettering
- Unescape instance name so that we can take almost anything as instance name. - Introduce "machines.target" which consists of all enabled nspawns and can be used to start/stop them altogether - Look for container directory using -M instead of harcoding the path in /var/lib/container
2014-12-29units: make graphical.target dependencies more complete and similar to those ↵Lennart Poettering
of multi-user.target
2014-12-29bus-proxy: fix sd_bus_reply_*() usageDavid Herrmann
We *must* not use sd_bus_reply_*() as it does not set the sender field correctly. Use the synthetic_reply_*() helpers instead!
2014-12-29capability: use /proc/sys/kernel/cap_last_capDavid Herrmann
This file was introduced with linux-3.2, use it instead of probing for it via prctl(PR_CAPBSET_READ). For now, keep the old code for backwards compat. We can drop it once 3.2 is our lowest requirement. The test-cap-list code is extended to verify cap_last_cap() is the same as we'd get via prctl probing and /proc.
2014-12-29core: loopback - correctly fail the loopback_check if somehow the rtnl calls ↵Tom Gundersen
fail
2014-12-29bus: fix typoDavid Herrmann
Drop spurious 'we'.
2014-12-29rtnl: recv_message - don't enforce sender uidTom Gundersen
All we care about is that the kernel (pid==0) sent the message. Verifying the sender uid seems to break when using userns. Reported by Stéphane Graber.
2014-12-29test: loopback - parse logging env varTom Gundersen
2014-12-29sd-rtnl: rtnl_call - don't dispatch wqueue after timeout has passedTom Gundersen
Only a minor change as the timeout would be hit soon thereafetr at the next loop.
2014-12-29sd-rtnl: rtnl_poll - fix typoTom Gundersen
This caused rtnl_poll to always return true immediately in sd_rtnl_call().
2014-12-29sd-rtnl: recv_message - drop message when peeking failsTom Gundersen
Read the message form the socket or we will loop trying to read the same message repeatedly.
2014-12-29sd-rtnl: recv_message - don't fail on interruptTom Gundersen
We should just try again instead.
2014-12-29sd-rtnl: recv_message - log when dropping messageTom Gundersen
We drop messages received from the wrong uid/pid, log this at debug level.
2014-12-28core: loopback - simplify check_loopback()Tom Gundersen
We no longer configure the addresses on the loopback interface, but simply bring it up and let the kernel do the rest. Also change the check to only check if the interface is up, rather than checking for the IPv4 loopback address.
2014-12-28machined: Fix MarkReadOnly method's name on busSylvain Plantefève
2014-12-28libsystemd: Fix minor typo in commentSylvain Plantefève
2014-12-28machined: don't look for images on each property get, but cache the image ↵Lennart Poettering
object inbetween
2014-12-28update TODOLennart Poettering
2014-12-28util: treat -1 as special size in format_bytes()Lennart Poettering
2014-12-28machined: add support for reporting image size via btrfs quotaLennart Poettering
2014-12-28tmpfiles.d: upgrade a couple of directories we create at boot to subvolumesLennart Poettering
In particular we upgrade /var/lib/container, /var/tmp and /tmp to subvolumes.
2014-12-28tmpfiles: add new line type 'v' for creating btrfs subvolumesLennart Poettering
2014-12-28machinectl/machined: implement "rename", "clone", "read-only" verbs for ↵Lennart Poettering
machine images
2014-12-28machined: add "machinectl remove" for removing imagesLennart Poettering
2014-12-28nspawn: use the same image discovery logic in nspawn as in machinedLennart Poettering
2014-12-28machined: Move image discovery logic into src/shared, so that we can make ↵Lennart Poettering
use of it from nspawn
2014-12-27Fix check_loopback()Stéphane Graber
Add missing htonl() so that check_loopback() actually tests for 127.0.0.1 instead of 1.0.0.127 on little-endian machines.
2014-12-26loginctl: reindent --help textLennart Poettering
2014-12-26loginctl: add more --help sectionsLennart Poettering
2014-12-26machinectl: add status commandsLennart Poettering
2014-12-26machined: fix search patch magic for '.host' imageLennart Poettering
2014-12-26machined: make image read-only check indepenednt on own privsLennart Poettering
2014-12-26machinectl: mark read-only images when listing in redLennart Poettering
2014-12-26update TODOLennart Poettering
2014-12-26import: make image root directory configurable, instead of hardcoding ↵Lennart Poettering
/var/lib/container
2014-12-26machined: when discovering images, implicitly add ".host" as pseudo image ↵Lennart Poettering
referring to the host's own directory tree
2014-12-26machined: fix image search path iterationLennart Poettering
2014-12-26machined: let's also check machine directories in /usr and /usr/localLennart Poettering
2014-12-26import: properly remove pre-existing images if --force is usedLennart Poettering