Age | Commit message (Collapse) | Author | |
---|---|---|---|
2014-12-30 | bus: drop creds->capability_size | David Herrmann | |
The number of available caps can be read from /proc/sys/kernel/cap_last_cap during runtime. Our helper cap_last_cap() does that, so there's no reason to remember the size of any capability cache. We can just pre-allocate arrays with a suitable size for all available caps and reject any higher caps. The kernel capability API uses u32 as base so make sure we do the same. Note that this is specified by POSIX, so it's unlikely to change. | |||
2014-12-30 | macro: add DIV_ROUND_UP() | David Herrmann | |
This macro calculates A / B but rounds up instead of down. We explicitly do *NOT* use: (A + B - 1) / A as it suffers from an integer overflow, even though the passed values are properly tested against overflow. Our test-cases show this behavior. Instead, we use: A / B + !!(A % B) Note that on "Real CPUs" this does *NOT* result in two divisions. Instead, instructions like idivl@x86 provide both, the quotient and the remainder. Therefore, both algorithms should perform equally well (I didn't verify this, though). | |||
2014-12-29 | hwdb: Update database of Bluetooth company identifiers | Marcel Holtmann | |
2014-12-29 | update TODO | Lennart Poettering | |
2014-12-29 | Revert "machined: don't force terminate registered machines" | Lennart Poettering | |
This reverts commit 206e7a5f7b55ac61188efd895e65ab26e478cbb2. We actually want to allow shutting down containers that use RegisterMachine() rather than CreateMachine() to register their own unit. It should be safe to do so, since the primary usecase for RegisterMachine() are container managers that run only a single container within their own unit, such as systemd-nspawn. | |||
2014-12-29 | machined: ignore spurious error | Lennart Poettering | |
2014-12-29 | nspawn: report back to systemd only very late whether we are OK | Lennart Poettering | |
That way, systemd can actually figure out if everything is OK with nspawn. | |||
2014-12-29 | preset: enable machines.target by default | Lennart Poettering | |
2014-12-29 | Update TODO | Lennart Poettering | |
2014-12-29 | machinectl: add "enable" and "disable" verbs for enabling/disabling ↵ | Lennart Poettering | |
systemd-nspawn for containers This is basically just a shortcut for "systemctl enable systemd-nspawn@<foobar>.service", but does escaping. | |||
2014-12-29 | machinectl: add new "start" verb to start a container as a service in nspawn | Lennart Poettering | |
2014-12-29 | units: rework systemd-nspawn@.service unit | Lennart Poettering | |
- Unescape instance name so that we can take almost anything as instance name. - Introduce "machines.target" which consists of all enabled nspawns and can be used to start/stop them altogether - Look for container directory using -M instead of harcoding the path in /var/lib/container | |||
2014-12-29 | units: make graphical.target dependencies more complete and similar to those ↵ | Lennart Poettering | |
of multi-user.target | |||
2014-12-29 | bus-proxy: fix sd_bus_reply_*() usage | David Herrmann | |
We *must* not use sd_bus_reply_*() as it does not set the sender field correctly. Use the synthetic_reply_*() helpers instead! | |||
2014-12-29 | capability: use /proc/sys/kernel/cap_last_cap | David Herrmann | |
This file was introduced with linux-3.2, use it instead of probing for it via prctl(PR_CAPBSET_READ). For now, keep the old code for backwards compat. We can drop it once 3.2 is our lowest requirement. The test-cap-list code is extended to verify cap_last_cap() is the same as we'd get via prctl probing and /proc. | |||
2014-12-29 | core: loopback - correctly fail the loopback_check if somehow the rtnl calls ↵ | Tom Gundersen | |
fail | |||
2014-12-29 | bus: fix typo | David Herrmann | |
Drop spurious 'we'. | |||
2014-12-29 | rtnl: recv_message - don't enforce sender uid | Tom Gundersen | |
All we care about is that the kernel (pid==0) sent the message. Verifying the sender uid seems to break when using userns. Reported by Stéphane Graber. | |||
2014-12-29 | test: loopback - parse logging env var | Tom Gundersen | |
2014-12-29 | sd-rtnl: rtnl_call - don't dispatch wqueue after timeout has passed | Tom Gundersen | |
Only a minor change as the timeout would be hit soon thereafetr at the next loop. | |||
2014-12-29 | sd-rtnl: rtnl_poll - fix typo | Tom Gundersen | |
This caused rtnl_poll to always return true immediately in sd_rtnl_call(). | |||
2014-12-29 | sd-rtnl: recv_message - drop message when peeking fails | Tom Gundersen | |
Read the message form the socket or we will loop trying to read the same message repeatedly. | |||
2014-12-29 | sd-rtnl: recv_message - don't fail on interrupt | Tom Gundersen | |
We should just try again instead. | |||
2014-12-29 | sd-rtnl: recv_message - log when dropping message | Tom Gundersen | |
We drop messages received from the wrong uid/pid, log this at debug level. | |||
2014-12-28 | core: loopback - simplify check_loopback() | Tom Gundersen | |
We no longer configure the addresses on the loopback interface, but simply bring it up and let the kernel do the rest. Also change the check to only check if the interface is up, rather than checking for the IPv4 loopback address. | |||
2014-12-28 | machined: Fix MarkReadOnly method's name on bus | Sylvain Plantefève | |
2014-12-28 | libsystemd: Fix minor typo in comment | Sylvain Plantefève | |
2014-12-28 | machined: don't look for images on each property get, but cache the image ↵ | Lennart Poettering | |
object inbetween | |||
2014-12-28 | update TODO | Lennart Poettering | |
2014-12-28 | util: treat -1 as special size in format_bytes() | Lennart Poettering | |
2014-12-28 | machined: add support for reporting image size via btrfs quota | Lennart Poettering | |
2014-12-28 | tmpfiles.d: upgrade a couple of directories we create at boot to subvolumes | Lennart Poettering | |
In particular we upgrade /var/lib/container, /var/tmp and /tmp to subvolumes. | |||
2014-12-28 | tmpfiles: add new line type 'v' for creating btrfs subvolumes | Lennart Poettering | |
2014-12-28 | machinectl/machined: implement "rename", "clone", "read-only" verbs for ↵ | Lennart Poettering | |
machine images | |||
2014-12-28 | machined: add "machinectl remove" for removing images | Lennart Poettering | |
2014-12-28 | nspawn: use the same image discovery logic in nspawn as in machined | Lennart Poettering | |
2014-12-28 | machined: Move image discovery logic into src/shared, so that we can make ↵ | Lennart Poettering | |
use of it from nspawn | |||
2014-12-27 | Fix check_loopback() | Stéphane Graber | |
Add missing htonl() so that check_loopback() actually tests for 127.0.0.1 instead of 1.0.0.127 on little-endian machines. | |||
2014-12-26 | loginctl: reindent --help text | Lennart Poettering | |
2014-12-26 | loginctl: add more --help sections | Lennart Poettering | |
2014-12-26 | machinectl: add status commands | Lennart Poettering | |
2014-12-26 | machined: fix search patch magic for '.host' image | Lennart Poettering | |
2014-12-26 | machined: make image read-only check indepenednt on own privs | Lennart Poettering | |
2014-12-26 | machinectl: mark read-only images when listing in red | Lennart Poettering | |
2014-12-26 | update TODO | Lennart Poettering | |
2014-12-26 | import: make image root directory configurable, instead of hardcoding ↵ | Lennart Poettering | |
/var/lib/container | |||
2014-12-26 | machined: when discovering images, implicitly add ".host" as pseudo image ↵ | Lennart Poettering | |
referring to the host's own directory tree | |||
2014-12-26 | machined: fix image search path iteration | Lennart Poettering | |
2014-12-26 | machined: let's also check machine directories in /usr and /usr/local | Lennart Poettering | |
2014-12-26 | import: properly remove pre-existing images if --force is used | Lennart Poettering | |