Age | Commit message (Collapse) | Author |
|
|
|
tmpfiles: don't recursively descend into journal directories in /var
|
|
Fileio fixes
|
|
An empty env block is completely valid, hence return it as such, and
don't turn it into an error.
|
|
so far, when we read something from /proc/$PID we would pass on the
ENOENT from the kernel as error, if the process was missing. With this
change we systematically convert this to ESRCH, which is the more
appropriate error code, and what all the other glibc/syscalls like
kill() use.
All code that calls these functions should be fine with this change. In
fact, one invocation of get_process_exe() in bus-creds.c already assumed
ESRCH would be returned if a process is missing, and this assumption is
now validated after the change.
|
|
According to our coding style guidelines we shouldn't clobber
pass-by-ref arguments on failure, hence don't do so here either.
|
|
copy: when we recursively copy a directory tree, copy everything
|
|
Don't ignore hidden files and directories.
Fixes #386
|
|
networkd: ip6gre add support for flowlabel
|
|
nspawn: Don't pass uid mount option for devpts
|
|
Oracle kvm
|
|
units: order networkd after sysctl
|
|
Virtualbox 5.0 now supports kvm hypervisor. In this case cpuid
identidies as "kvm", which breaks units depending on
ConditionVirtualization=oracle.
So return "oracle" even with kvm hypervisor.
|
|
networkd: add bridge link properties
|
|
This way networkd will correctly and race-freely inherit the default settings
applied by sysctl.
Suggested in issue #468.
|
|
|
|
new bridge properties
br.network
[Match]
Name=enp0s25
[Network]
Bridge=br-test
[Bridge]
Cost=332
BPDUGuard = true
HairPin = true
FastLeave = true
RootBlock = true
UnicastFlood = true
|
|
build-sys: Use slim LTO objects if possible
|
|
resolved: assorted fixes v2
|
|
We were stopping the transaction, but we need to stop processing the packet alltogether.
|
|
A size_t was being accessed as a char* due to the order of arguments being inverted.
|
|
|
|
We were appending rather than reading the bitmap.
|
|
We can never read past the end of the packet, so this seems impossible
to exploit, but let's error out early as reading past the end of the
current RR is clearly an error.
Found by Lennart, based on patch by Daniel.
|
|
Rename the field to make this clearer.
|
|
Most blobs (keys, signatures, ...) should have a specific size given by
the relevant algorithm. However, as we don't use/verify the algorithms
yet, let's just ensure that we don't read out zero-length data in cases
where this does not make sense.
The only exceptions, where zero-length data is allowed are in the NSEC3
salt field, and the generic data (which we don't know anything about,
so better not make any assumptions).
|
|
bitmap: various clean-ups
|
|
a) use memcmp() to compare bitmaps efficiently
b) use UINT64_C() macro instead of ULL suffixes to get right suffix for
uint64_t constants
c) add a few assert()s
d) when comparing integers with 0 we generally try to make this explicit
with "!= 0".
e) remove redundant bitmap_isset() if check, as we don't have it in
bitmap_isset() either.
f) It should be fine to invoke bitmap_unset() on a NULL bitmap
|
|
resolve: unify memdup() code when parsing RRs
|
|
|
|
|
|
|
|
basic: bitmap: use uint64_t instead if long long unsigned
|
|
ip6 tunnel: add support for DSCP
|
|
|
|
Hook up container userns with nss-mymachines
|
|
tmpfiles: downgrade errors when a file system does not support file a…
|
|
resolved: make sure we alway initialize *start in dns_packet_append_t…
|
|
long long unsigned is always 64 bit wide, so use a more readable type.
|
|
bitmap: bitmap_clear()
|
|
This patch adds support for setting the
DSCP field in the ip6 tunnel.
when set it inherits DSCP field between inner and outer header.
|
|
dns_packet_append_type_window()
|
|
No need to actually reset the bitmap, we can just truncate it back zero
size. That not only makes bitmap_clear() quicker, but also subsequent
bitmap_isclear().
|
|
Let's make dns_packet_read_public_key() more generic by renaming it to
dns_packet_read_memdup() (which more accurately describes what it
does...). Then, patch all cases where we memdup() RR data to use this
new call.
This specifically checks for zero-length objects, and handles them
gracefully. It will set zero length payload fields as a result.
Special care should be taken to ensure that any code using this call
can handle the returned allocated field to be NULL if the size is
specified as 0!
|
|
Mounting devpts with a uid breaks pty allocation with recent glibc
versions, which expect that the kernel will set the correct owner for
user-allocated ptys.
The kernel seems to be smart enough to use the correct uid for root when
we switch to a user namespace.
This resolves #337.
|
|
resolve: fix two minor memory leaks
|
|
resolve: drop dns_scope_good_dns_server()
|
|
strv_extend() already strdup()s internally, no need to to this twice.
(Also, was missing OOM check...).
Use strv_consume() when we already have a string allocated whose
ownership we want to pass to the strv.
This fixes 50f1e641a93cacfc693b0c3d300bee5df0c8c460.
|
|
It's not used anymore since 29815b6c608b836cada5e349d06a96b63eaa65f3,
hence let's remove it from the sources.
|
|
journal: reword msg about enforced size limits a bit
|