| Age | Commit message (Collapse) | Author |
|---|
|
smack: label /etc/passwd and friends as '_' smack label when --with-smack-run-label' is enabled (v3)
|
|
analyze: minor fixes according to review
|
|
service: fix memory leak in service_add_fd_store()
|
|
strv: fix infinite loop in strv_extend_n()
|
|
fixes Coverity #1325767
|
|
Fixes Coverity #1325768
|
|
--with-smack-run-label' is enabled
systemd-sysusers.service unit creates system users and groups and it
could update /etc/passwd, /etc/group, /etc/shadow and /etc/gshadow.
Those files should have '_' smack label because of accessibility.
However, if systemd has its own smack label using '--with-smack-run-label'
configuration, systemd-sysusers process spawned by systemd(pid:1) has
its parent smack label and eventually updated files also is set as its
parent smack label.
This patch fixes that bug by labeling updated files as '_' smack label
when --with-smack-run-label' is enabled.
|
|
+ use _cleanup_host_info in acquire_host_info()
+ revert the first strempty() to show "Linux" string in case
os_pretty_name is missing.
|
|
Analyze without hostnamed [V3]
|
|
siphash: style fixes
|
|
|
|
|
|
|
|
Drop custom types. Drop unnecessary macros. Fix whitespace. Add asserts.
|
|
Make the API of the new helpers more similar to the old wrapper.
In particular we now return the hash as a byte string to avoid
any endianness problems.
|
|
test: hashmap - increase number of entries for crippled hash test
|
|
Even more fixes
|
|
The purpose of testing with the crippled hash function is to cover
the otherwise very unlikely codepath in bucket_calculate_dib() where
it has to fall back to recomputing the hash value.
This unlikely path was not covered by test-hashmap anymore after
57217c8f "test: hashmap - cripple the hash function by truncating the
input rather than the output".
Restore the test coverage by increasing the number of entries in the test.
The number was determined empirically by checking with lcov.
|
|
hashmap/siphash24: refactor hash functions
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Add support for naming fds for socket activation and more
|
|
networkd: document ability to disable MACAddressPolicy
|
|
libsystemd: sd-device - translate / vs. ! in sysname
|
|
|
|
Usually we try to properly uppercase first characters in the
description, do so here, too. Also, keep it close to the string used in
systemd-networkd.service.
|
|
It's already documented in prose, now add it to the synopsis too.
|
|
This adds support for naming file descriptors passed using socket
activation. The names are passed in a new $LISTEN_FDNAMES= environment
variable, that matches the existign $LISTEN_FDS= one and contains a
colon-separated list of names.
This also adds support for naming fds submitted to the per-service fd
store using FDNAME= in the sd_notify() message.
This also adds a new FileDescriptorName= setting for socket unit files
to set the name for fds created by socket units.
This also adds a new call sd_listen_fds_with_names(), that is similar to
sd_listen_fds(), but also returns the names of the fds.
systemd-activate gained the new --fdname= switch to specify a name for
testing socket activation.
This is based on #1247 by Maciej Wereski.
Fixes #1247.
|
|
A variety of journal vacuuming improvements, plus an nspawn fix
|
|
Let's simplify the fd collection code a bit, and return the number of
collected fds as positive integer, the way it's customary in our usual
code.
|
|
|
|
We shouldn't exit the loop early, otherwise our duplicate backing
partition check won't work.
|
|
While it is currently possible to either not set MACAddressPolicy or set
it to a value different from "persistent" or "random", it is not obvious
that a user can do so. Add a policy, "none", which simply retains kernel
MAC addresses (same as not filling in the policy at all) and document it
so that users are aware of this setting.
Signed-off-by: Jacob Keller <jacob.keller@gmail.com>
|
|
The kernel replaces '/' in device names with '!', we translate that back
to '/' in sysname, when taking sysname as input, we should translate it
back again.
|
|
man: LEVEL in systemd-analyze set-log level is not optional
|
|
journal-remote: typo in log_error when no sources are specified
[tomegun: this was a pun, but let's not do that]
|
|
LLDP: add API to export neighbors list (v5)
|
|
networkd: add bridge properties
|
|
networkd: add support to configure preferred source of static routes
|
|
Make sure all variable-length inputs are properly terminated or that
their length is encoded in some way. This avoids ambiguity of
adjacent inputs.
E.g., in case of a hash function taking two strings, compressing "ab"
followed by "c" is now distinct from "a" followed by "bc".
|
|
All our hash functions are based on siphash24(), factor out
siphash_init() and siphash24_finalize() and pass the siphash
state to the hash functions rather than the hash key.
This simplifies the hash functions, and in particular makes
composition simpler as calling siphash24_compress() repeatedly
on separate chunks of input has the same effect as first
concatenating the input and then calling siphash23_compress()
on the result.
|
|
than the output
The reason for the crippled hash function is to reduce the distribution
of the hash function, do this by truncating the domain rather than the
range. This does introduce a change in behavoir as the range is no longer
contiguous, which greatly reduces collisions.
This is needed as a follow-up patch will no longer allow individual hash
functions to alter the output directly.
|
|
Verify the state of the hash-function according to the reference paper,
also verify that we can decompose the input and hash the chunks one
by one and still get the same result.
|
|
|
|
This allows the input to siphash24_compress to be decomposed into
smaller chunks and the function to be called on each individual
chunk.
|
|
finalization step
The last compression is special as it deals with the length byte, and padding. Move
it to the finalization step in preparation for making compression decomposable.
|
