summaryrefslogtreecommitdiff
path: root/Makefile.am
AgeCommit message (Collapse)Author
2016-02-13Merge pull request #2603 from poettering/drop-compat-libsZbigniew Jędrzejewski-Szmek
Some spring cleaning
2016-02-13build-sys: drop aufs-util.[ch]Lennart Poettering
Left over cruft from the dkr excercise.
2016-02-13util-lib: drop json parserLennart Poettering
This was used by the dkr logic, which is gone now, hence remove this too. Should we need it one day again the git history never forgets... Note that this only covers the JSON parser. The JSON generator used by "journalctl -o json" remains, as its much much simpler and requires no infrastructure except printf() and the most basic escaping.
2016-02-13build-sys: drop libsystemd-{id128,daemon,login,journal}.so compat libsLennart Poettering
They have long been obsolete, and upstream distros and packages have mostly switched over, let's get rid of it for good.
2016-02-13Merge pull request #2589 from keszybz/resolve-tool-2Lennart Poettering
Better support of OPENPGPKEY, CAA, TLSA packets and tests
2016-02-12resolve: always align flags to 8th column and print CAA flagsZbigniew Jędrzejewski-Szmek
Left-over unknown flags are printed numerically. Otherwise, it wouldn't be known what bits are remaining without knowning what the known bits are. A test case is added to verify the flag printing code: ============== src/resolve/test-data/fake-caa.pkts ============== google.com. IN CAA 0 issue "symantec.com" google.com. IN CAA 128 issue "symantec.com" -- Flags: critical google.com. IN CAA 129 issue "symantec.com" -- Flags: critical 1 google.com. IN CAA 22 issue "symantec.com" -- Flags: 22
2016-02-12Fix hashing of TLSA packetsZbigniew Jędrzejewski-Szmek
Also add example files with TLSA and SSHFP records.
2016-02-12test-dns-packet: allow running without argumentsZbigniew Jędrzejewski-Szmek
2016-02-12test-dns-packet: add framework to read and dump packetsZbigniew Jędrzejewski-Szmek
Packets are stored in a simple format: <size> <packet-wire-format> <size> <packet-wire-format> ... Packets for some example domains are dumped, to test rr code for various record types. Currently: A AAAA CAA DNSKEY LOC MX NS NSEC OPENPGPKEY SOA SPF TXT The hashing code is executed, but results are not checked. Also build other tests in src/resolve only with --enable-resolve.
2016-02-11Remove kdbus custom endpoint supportDaniel Mack
This feature will not be used anytime soon, so remove a bit of cruft. The BusPolicy= config directive will stay around as compat noop.
2016-02-11Merge pull request #2587 from haraldh/tpmv3Lennart Poettering
sd-boot: put hashed kernel command line in a PCR of the TPM
2016-02-11systemd-resolve: allow easy querying of openpgp keysZbigniew Jędrzejewski-Szmek
$ systemd-resolve --openpgp zbyszek@fedoraproject.org d08ee310438ca124a6149ea5cc21b6313b390dce485576eff96f8722._openpgpkey.fedoraproject.org. IN OPENPGPKEY mQINBFBHPMsBEACeInGYJCb+7TurKfb6wGyTottCDtiSJB310i37/6ZYoeIay/5soJjlM yfMFQ9T2XNT/0LM6gTa0MpC1st9LnzYTMsT6tzRly1D1UbVI6xw0g0vE5y2Cjk3xUwAyn ...
2016-02-11Move initialize_libgcrypt to separate fileZbigniew Jędrzejewski-Szmek
It's annoying to have the exact same function in three places. It's stored in src/shared, but it's not added to the library to avoid the dependency on libgcrypt.
2016-02-11sd-boot: put hashed kernel command line in a PCR of the TPMHarald Hoyer
The UEFI BIOS already hashes the contents of the loaded image, so the initrd and the command line of the binary are recorded. Because manually added LoadOptions are not taken into account, these should be recorded also. This patch logs and extends a TPM PCR register with the LoadOptions. This feature can be enabled with configure --enable-tpm The PCR register index can be specified with configure --with-tpm-pcrindex=<NUM>
2016-02-11build-sys: bump so versionLennart Poettering
2016-02-10build-sys: add TEST-06-SELINUX to distEvgeny Vereshchagin
This is a follow-up to https://github.com/systemd/systemd/pull/2493
2016-02-10tests: add test for https://github.com/systemd/systemd/issues/1981Evgeny Vereshchagin
2016-02-10coredump: dump priviliges when processing system coredumpsLennart Poettering
Let's add an extra-safety net and change UID/GID to the "systemd-coredump" user when processing coredumps from system user. For coredumps of normal users we keep the current logic of processing the coredumps from the user id the coredump was created under. Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=87354
2016-02-10coredump: rework coredumping logicLennart Poettering
This reworks the coredumping logic so that the coredump handler invoked from the kernel only collects runtime data about the crashed process, and then submits it for processing to a socket-activate coredump service, which extracts a stacktrace and writes the coredump to disk. This has a number of benefits: the disk IO and stack trace generation may take a substantial amount of resources, and hence should better be managed by PID 1, so that resource management applies. This patch uses RuntimeMaxSec=, Nice=, OOMScoreAdjust= and various sandboxing settings to ensure that the coredump handler doesn't take away unbounded resources from normally priorized processes. This logic is also nice since this makes sure the coredump processing and storage is delayed correctly until /var/systemd/coredump is mounted and writable. Fixes: #2286
2016-02-10build-sys: move coredump logic into subdir of its ownLennart Poettering
2016-02-10Makefile.am: remove some relictsDaniel Mack
2016-02-08Merge pull request #2543 from keszybz/build-sys-and-man-fixesLennart Poettering
Build sys and man fixes
2016-02-06build-sys: simplify conditionals around shell completion filesZbigniew Jędrzejewski-Szmek
Repeating those conditionals for every program is annoying. Use a helper variable to avoid conditionals. Also always add generated completion files to CLEANFILES.
2016-02-06build-sys: move CLEANFILES additions out from under HAVE_GNUEFIZbigniew Jędrzejewski-Szmek
It's better to always include them in 'make clean'. It is also easier to read Makefile.am when less stuff is conditional.
2016-02-03nspawn: optionally run a stub init process as PID 1Lennart Poettering
This adds a new switch --as-pid2, which allows running commands as PID 2, while a stub init process is run as PID 1. This is useful in order to run arbitrary commands in a container, as PID1's semantics are different from all other processes regarding reaping of unknown children or signal handling.
2016-02-02Merge pull request #2510 from msekletar/journalctl-dev-sda-v4Lennart Poettering
journalctl: make "journalctl /dev/sda" work
2016-02-02journalctl: make "journalctl /dev/sda" workMichal Sekletar
Currently when journalctl is called with path to block device node we add following match _KERNEL_DEVICE=b$MAJOR:$MINOR. That is not sufficient to actually obtain logs about the disk because dev_printk() kernel helper puts to /dev/kmsg information about the device in following format, +$SUBSYSTEM:$ADDRESS, e.g. "+pci:pci:0000:00:14.0". Now we will walk upward the syspath and add match for every device in format produced by dev_printk() as well as match for its device node if it exists.
2016-01-31resolved: allow building without libgcryptMichael Olbrich
2016-01-30Merge pull request #2469 from keszybz/resolved-2Lennart Poettering
Resolved 2
2016-01-29test-resolve-tables: new "test", useful to print mappingsZbigniew Jędrzejewski-Szmek
2016-01-29resolved: calculate and print tags for DNSKEY recordsZbigniew Jędrzejewski-Szmek
2016-01-29build-sys: install systemd-resolve in /usr/binLennart Poettering
The command has a man page now and is public, hence add it to /usr/bin.
2016-01-27nss: block various signals while running NSS lookupsLennart Poettering
Let's make sure our poll() calls don't get interrupted where they shouldn't (SIGALRM, ...), but allow them to be interrupted where they should (SIGINT, ...). Fixes #1965
2016-01-26Merge pull request #2446 from keszybz/ask-passwordLennart Poettering
Ask password unicode fix
2016-01-26test-ask-password-api: add a manual test for password readingZbigniew Jędrzejewski-Szmek
2016-01-26networkd: use an OrderedSet instead of Set to collect link domainsLennart Poettering
For the search domain logic the order is highly relevant, hence make sure when collecting the various search domains to add them to an ordered set, so that the order between search domains of a specific link is retained.
2016-01-25build-sys: provide fallback value for xsltprocZbigniew Jędrzejewski-Szmek
Commit ab6f56debf made the change to allow building man pages even when disabled with ./configure --disable-manpages. This works fine, as long as xsltproc is present. If xsltproc is not present, the command to build a man page (obviously) fails. Unfortnately it fails with a cryptic message '-o not found', because $(XSLTPROC) is empty. Add a fallback, to use 'xsltproc' is $(XSLTPROC) is not defined. This way we get a nice message: make: xsltproc: Command not found
2016-01-25resolved: synthesize RRs for data from /etc/hostsLennart Poettering
This way the difference between lookups via NSS and our native bus API should become minimal.
2016-01-25resolve: rename "systemd-resolve-host" tool to simply "systemd-resolve"Lennart Poettering
The tool resolves way more than just hosts, hence give it a more generic name. This should be safe, as the tool is currently undocumented. Before we add documentation for it, let's get the name right. This also moves the C source into src/resolve/ (from src/resolve-host/), since the old name is a misnomer now. Also, since it links directly to many of the C files of resolved it really belongs into resolved's directory anyway.
2016-01-25resolved: split out RR synthesis logic into its own C fileLennart Poettering
Also, while we are at it, set the "authenticated" bit for everything we synthesize
2016-01-20Merge pull request #2054 from keszybz/nss-link-less-2Lennart Poettering
Nss link less 2
2016-01-20Merge pull request #2372 from poettering/dnssec17Tom Gundersen
resolved bus API improvements
2016-01-19resolved: expose bus objects for each LinkLennart Poettering
The link objects expose as properties the current settings made with SetLinkDNS() and related calls, plus some more information.
2016-01-19Merge pull request #2373 from keszybz/man-api-build-3Daniel Mack
Man page grammar and build tweaks v3
2016-01-18build-sys: allow building man pages even if disabled in ./configureZbigniew Jędrzejewski-Szmek
This is purely for developer convenience: building man pages is slow so people tend to disable them when not working on documentation. But sometimes it is useful to build the man page to look something up, especially when working on an older machine which has outdated documentation, or to test some change to documentation. The rules to build man pages are now outside of the ENABLE_MANPAGES conditional, but they are not used unless manually invoked, and only the inclusion of man pages in build and install targets is affected by the conditional. Also, more generated files are removed in clean, which seems to be good thing, and Makefile.am is simplified.
2016-01-17resolved: add complex test caseLennart Poettering
This new test case tries to resolve a couple of known domains, to verify the validation results. It talks to resolved via the bus, thus comprehensively testing the whole shebang. Of course, it requires network connectivity and a DNSSEC capable DNS server, hence this is a manual test.
2016-01-12Merge pull request #2131 from evverx/regenerate-m4-on-reconfigureLennart Poettering
build-sys: regenerate %.m4 -> % on reconfigure
2016-01-11basic: split hash functions into their own header filesLennart Poettering
The hash operations are not really that specific to hashmaps, hence split them into a .c module of their own.
2016-01-07Merge pull request #2276 from poettering/dnssec12Tom Gundersen
Twelfth DNSSEC PR
2016-01-07build-sys: valgrind-tests: exclude python scripts tooEvgeny Vereshchagin