Age | Commit message (Collapse) | Author | |
---|---|---|---|
2014-02-28 | networkd: add networkd-wait-online | Tom Gundersen | |
This is mostly a proof of concept to try sd-network, so we don't hook it up with a .service file quite yet. We probably want it to be more clever about deciding when we are 'online'. The binary will wait for at least one network managed by networkd, and until all networks managed by networkd are configured. | |||
2014-02-28 | sd-network: add new library | Tom Gundersen | |
This is similar to sd-login, but exposes the state of networkd rather than logind. Include it in libsystemd-dhcp and rename it to libsystemd-network. | |||
2014-02-27 | build-sys: Do not distribute generated udev service files | Armin K | |
They are already in nodist_systemunit_DATA and if they are shipped, they contain hardcoded paths to udevadm and systemd-udevd which will cause them to fail to start when rootprefix != prefix and rootlibdir != libdir. | |||
2014-02-26 | build-sys: networkd - simplify makefile fragment | Tom Gundersen | |
2014-02-26 | core: add new RestrictAddressFamilies= switch | Lennart Poettering | |
This new unit settings allows restricting which address families are available to processes. This is an effective way to minimize the attack surface of services, by turning off entire network stacks for them. This is based on seccomp, and does not work on x86-32, since seccomp cannot filter socketcall() syscalls on that platform. | |||
2014-02-24 | build-sys: bump revisions and version | Lennart Poettering | |
2014-02-24 | NEWS: prepare for release of 210 | Lennart Poettering | |
2014-02-23 | src/shared/ cannot reference symbols from libraries | Kay Sievers | |
../src/shared/unit-name.c:462: error: undefined reference to 'sd_bus_label_escape' ../src/shared/unit-name.c:477: error: undefined reference to 'sd_bus_label_unescape' collect2: error: ld returned 1 exit status | |||
2014-02-22 | build-sys: build compat libs from sources, avoiding the not generally ↵ | Kay Sievers | |
available ifunc wrapping | |||
2014-02-22 | build-sys: add seccomp includes where needed | Kay Sievers | |
2014-02-22 | networkd/nspawn: enable dhcp client on veth device created in guest | Tom Gundersen | |
When starting systemd-nspawn with --network-veth, we create a veth device called host0 in the guest. Pick up on this and start a dhcp client on it. We will also pick up host0 netdevs created by other containers should they chose to use the same name. | |||
2014-02-22 | build-sys: create /var/log/journal/ in journald section | Kay Sievers | |
2014-02-22 | build-sys: Also move libsystemd-journal to rootlibdir | Armin K | |
2014-02-21 | Makefile: fix build on clang | Thomas Hindoe Paaboel Andersen | |
needed after libsystemd-daemon was merged into libsystemd in 0ebee8818404adb95a0b8a01416aad3a16f64ae1 | |||
2014-02-21 | install: networkd.service depend on !--disable | Jason A. Donenfeld | |
It doesn't make any sense to symlink this unit file into /etc when the unit file itself isn't even installed, with --disable-networkd. This moves the GENERAL_ALIASES logic into the right "if" block. | |||
2014-02-21 | build-sys: make network files respect --rootprefix | Samuli Suominen | |
With --rootprefix= systemd-udevd gets installed to /lib/systemd, and since the network configuration is also required during early boot, it should be available there with it. Using --prefix= is not an option since it would put everything, including pkg-config files, man pages, documentation, to / which is not wanted. This commit puts 99-default.link to /lib/systemd/network/ when required. | |||
2014-02-21 | install: enable networkd by default | Tom Gundersen | |
This treats it similarly to getty@tty1.service and remote-fs.target, which can be enabled/disabled, but defaults to enabled. | |||
2014-02-21 | install: do not statically enable systemd-networkd | Jason A. Donenfeld | |
[tomegun: pruned the commit message as not to contradict the follow-up commit] | |||
2014-02-20 | build-sys: add conditionals and regenerate manpage list | Zbigniew Jędrzejewski-Szmek | |
The list of man pages is auto generated, based on conditonal='...' attributes in the man page itself. | |||
2014-02-21 | core: Add AppArmor profile switching | Michael Scherer | |
This permit to switch to a specific apparmor profile when starting a daemon. This will result in a non operation if apparmor is disabled. It also add a new build requirement on libapparmor for using this feature. | |||
2014-02-21 | build-sys: Fix compilation of nspawn when seccomp is not enabled | Michael Scherer | |
2014-02-21 | core: add new ConditionArchitecture() that checks the architecture returned ↵ | Lennart Poettering | |
by uname()'s machine field. | |||
2014-02-20 | bootctl: add bash completion | Thomas Hindoe Paaboel Andersen | |
2014-02-20 | networkd: netdev - allow filtering on kernel cmdline, host and virt | Tom Gundersen | |
2014-02-20 | condition: split out most of condition handling into libsystemd-shard | Tom Gundersen | |
The parts that require linknig to libcap, libselinux and friends stays in libsystemd-core. | |||
2014-02-20 | macro: introduce nice macro for disabling -Wmissing-prototypes warnigs | Lennart Poettering | |
2014-02-20 | readd journald.so install hooks under libsystemd.so | Dave Reisner | |
Inadvertently removed in add00dfd1f05. | |||
2014-02-20 | build-sys: missing EXTRA_DISTsystemd/v209 | Lennart Poettering | |
2014-02-20 | build-sys: install compat .pc file | Lennart Poettering | |
2014-02-20 | build-sys: add linkwarning.h to tarball | Lennart Poettering | |
2014-02-19 | udev: net-config - allow interface names to be set from the hwdb | Tom Gundersen | |
2014-02-19 | build-sys: enable compat-libs for distcheck | Kay Sievers | |
2014-02-19 | build-sys: export experimental symbols only with --enable-kdbus | Kay Sievers | |
2014-02-19 | build-sys: add gcrypt CFLAGS | Kay Sievers | |
2014-02-19 | build-sys: merge libsystemd-journal into libsystemd | Kay Sievers | |
2014-02-19 | busctl: install bash completion | Thomas Hindoe Paaboel Andersen | |
2014-02-18 | build-sys: fixups for libsystemd-daemon merge | Zbigniew Jędrzejewski-Szmek | |
2014-02-19 | build-sys: install headers with --enable-kdbus | Kay Sievers | |
2014-02-19 | build-sys: merge libsystemd-daemon into libsystemd | Kay Sievers | |
2014-02-18 | delta: add bash completion | Thomas Hindoe Paaboel Andersen | |
2014-02-18 | seccomp: add helper call to add all secondary archs to a seccomp filter | Lennart Poettering | |
And make use of it where appropriate for executing services and for nspawn. | |||
2014-02-18 | machinectl: add bash completion | Thomas Hindoe Paaboel Andersen | |
2014-02-18 | fix SECCOMP_CFLAGS usage | Cristian Rodríguez | |
SECCOMP_CFLAGS must be in the global CFLAGS as <seccomp.h> is included in core/execute.h. when seccomp.h is not in the standard path.(i.e openSUSE has it in /usr/include/pkg/libseccomp/, precisely to catch this kind of bugs) compiling systemd fails. | |||
2014-02-14 | build-sys: fix for "recipe for target 'dbus1-generator-install-hook' failed" | Simon Peeters | |
2014-02-13 | nspawn: make socket(AF_NETLINK, *, NETLINK_AUDIT) fail with EAFNOTSUPPORT in ↵ | Lennart Poettering | |
containers The kernel still doesn't support audit in containers, so let's make use of seccomp and simply turn it off entirely. We can get rid of this big as soon as the kernel is fixed again. | |||
2014-02-13 | nspawn: check with udev before we take possession of an interface | Lennart Poettering | |
2014-02-13 | core: add SystemCallArchitectures= unit setting to allow disabling of non-native | Lennart Poettering | |
architecture support for system calls Also, turn system call filter bus properties into complex types instead of concatenated strings. | |||
2014-02-12 | syscallfilter: port to libseccomp | Ronny Chevalier | |
2014-02-12 | build-sys: add less-variables.xml to EXTRA_DIST | Zbigniew Jędrzejewski-Szmek | |
2014-02-12 | man: use xinclude to de-deduplicate common text | Zbigniew Jędrzejewski-Szmek | |
I only tested with python-lxml. I'm not sure if xml.etree should be deprecated. |