Age | Commit message (Collapse) | Author | |
---|---|---|---|
2015-02-18 | logind: open up most bus calls for unpriviliged processes, using PolicyKit | Lennart Poettering | |
Also, allow clients to alter their own objects without any further priviliges. i.e. this allows clients to kill and lock their own sessions without involving PK. | |||
2015-02-17 | import: remove unused variable | Thomas Hindoe Paaboel Andersen | |
2015-02-05 | networkd: exit on idle | Tom Gundersen | |
We will be woken up on rtnl or dbus activity, so let's just quit if some time has passed and that is the only thing that can happen. Note that we will always stay around if we expect network activity (e.g. DHCP is enabled), as we are not restarted on that. | |||
2015-02-03 | util: rework strappenda(), and rename it strjoina() | Lennart Poettering | |
After all it is now much more like strjoin() than strappend(). At the same time, add support for NULL sentinels, even if they are normally not necessary. | |||
2015-01-26 | treewide: fix multiple typos | Torstein Husebø | |
2015-01-23 | #pragma once here and there | Zbigniew Jędrzejewski-Szmek | |
2015-01-23 | importd: when listing transfers, show progress percentage | Lennart Poettering | |
With this change the pull protocol implementation processes will pass progress data to importd which then passes this information on via the bus. We use sd_notify() as generic transport for this communication, making importd listen to them, while matching the incoming messages to the right transfer. | |||
2015-01-23 | importd: fix bus policy | Lennart Poettering | |
2015-01-23 | import: we need CAP_DAC_OVERRIDE for untarring systems after all | Lennart Poettering | |
2015-01-22 | import: lock tar into its own private network namespace | Lennart Poettering | |
That way it cannot get access to the network | |||
2015-01-22 | import: drop all capabilities when invoking tar | Lennart Poettering | |
2015-01-22 | import: only define the _to_string() enum mapping function, thus making gcc ↵ | Lennart Poettering | |
shut up | |||
2015-01-22 | import: now that the worker binary is called "systemd-pull" we can shorten ↵ | Lennart Poettering | |
the verbs Atfer all "systemd-pull pull-tar" is unnecessarily redundant, over "systemd-pull tar"... | |||
2015-01-22 | importd: try to minimize confusion by renaming "systemd-import" binary to ↵ | Lennart Poettering | |
"systemd-pull" This way "systemd-importd" is the daemon that uses "systemd-pull" as backend worker. | |||
2015-01-22 | importd: minor log improvements | Lennart Poettering | |
2015-01-22 | import: make the user verficiation keyring override the vendor keyring, ↵ | Lennart Poettering | |
instead of extending it This way the user has the ability to remove keys from the vendor-supplied keyring if he intends so. | |||
2015-01-22 | import: rename --verify=sum to --verify=checksum | Lennart Poettering | |
This is how we call it internally, and also a bit more descriptive. | |||
2015-01-22 | import: introduce new mini-daemon systemd-importd, and make machinectl a ↵ | Lennart Poettering | |
client to it The old "systemd-import" binary is now an internal tool. We still use it as asynchronous backend for systemd-importd. Since the import tool might require some IO and CPU resources (due to qcow2 explosion, and decompression), and because we might want to run it with more minimal priviliges we still keep it around as the worker binary to execute as child process of importd. machinectl now has verbs for pulling down images, cancelling them and listing them. | |||
2015-01-22 | impot: minor cleanups | Lennart Poettering | |
2015-01-21 | import: simplify dkr importer, by making use of generic import-job logic, ↵ | Lennart Poettering | |
used by the raw and tar importers This gets us progress output as well xz/bzip2 support. | |||
2015-01-21 | import: minor cleanups for the tar and raw importers | Lennart Poettering | |
2015-01-21 | import: support downloading bzip2-encoded images | Lennart Poettering | |
This way, we can import CoreOS images unmodified. | |||
2015-01-21 | import: also add verification support to tar importer | Lennart Poettering | |
2015-01-21 | import: make verification code generic, in preparation for using it pull-tar | Lennart Poettering | |
2015-01-21 | import: improve logging | Lennart Poettering | |
2015-01-21 | import: show download speed while downloading | Lennart Poettering | |
2015-01-21 | import: add image verification using gpg | Lennart Poettering | |
This also adds an initial keyring for the verification, that contains Ubuntu's and Fedora's key. We should probably add more entries sooner or later. | |||
2015-01-20 | import: add a couple of additional suffixes to remove from raw images | Lennart Poettering | |
2015-01-20 | import: make image verification optional | Lennart Poettering | |
2015-01-20 | import: add a simple scheme for validating the SHA256 sums of downloaded raw ↵ | Lennart Poettering | |
files | |||
2015-01-20 | import: be less aggressive when allocating memory for downloaded payload | Lennart Poettering | |
2015-01-20 | import: improve logging a bit | Lennart Poettering | |
2015-01-20 | import: port pull-raw to helper tools implemented for pull-tar | Lennart Poettering | |
This allows us to reuse a lot more code, and simplify pull-raw drastically. | |||
2015-01-20 | import: add support for pulling raw tar balls as containers | Lennart Poettering | |
Ubuntu provides their cloud images optionally as tarball, hence also support downloading those. | |||
2015-01-20 | util: make http url validity checks more generic, and move them to util.c | Lennart Poettering | |
2015-01-19 | import: clarify when we are unpacking the qcow2 device | Lennart Poettering | |
2015-01-19 | import: make sure don't leak the LZMA context | Lennart Poettering | |
2015-01-19 | qcow2: when dissecting qcow2, use btrfs clone ioctls for reflinking blocks ↵ | Lennart Poettering | |
to target | |||
2015-01-19 | import: when downloading raw files, show simple progress reports | Lennart Poettering | |
2015-01-19 | import: simplify the code a bit | Lennart Poettering | |
2015-01-19 | import-raw: when downloading raw images, generate sparse files if we can | Lennart Poettering | |
2015-01-19 | import-raw: set NOCOW flag on all raw images we create | Lennart Poettering | |
2015-01-18 | Move DEFINE_TRIVIAL_CLEANUP_FUNC to macro.h | Zbigniew Jędrzejewski-Szmek | |
This remove the need for various header files to include the (relatively heavyweight) util.h. | |||
2015-01-18 | util: replace RUN_WITH_LOCALE with extended locale functions | Cristian Rodríguez | |
There were two callers, one can use strtod_l() and the other strptime_l(). (David: fix up commit-msg and coding-style) | |||
2015-01-16 | import: support importing qcow2 images | Lennart Poettering | |
With this change the import tool will now unpack qcow2 images into normal raw disk images, suitable for usage with nspawn. This allows has the benefit of also allowing importing Ubuntu Cloud images for usage with nspawn. | |||
2015-01-16 | import: support downloading .xz compressed images | Lennart Poettering | |
That way we can download fedora cloud raw images as-is and decompress them on-the-fly. | |||
2015-01-15 | nspawn,machined: change default container image location from ↵ | Lennart Poettering | |
/var/lib/container to /var/lib/machines Given that this is also the place to store raw disk images which are very much bootable with qemu/kvm it sounds like a misnomer to call the directory "container". Hence, let's change this sooner rather than later, and use the generic name, in particular since we otherwise try to use the generic "machine" preferably over the more specific "container" or "vm". | |||
2015-01-15 | import: rename "gpt" disk image type to "raw" | Lennart Poettering | |
After all, nspawn can now dissect MBR partition levels, too, hence ".gpt" appears a misnomer. Moreover, the the .raw suffix for these files is already pretty popular (the Fedora disk images use it for example), hence sounds like an OK scheme to adopt. | |||
2015-01-13 | import: make sure we don't mangle file ownerships with the local passwd ↵ | Lennart Poettering | |
database when untarring | |||
2015-01-08 | import: also set NOCOW for gpt disk images | Lennart Poettering | |
Given the write patterns on disk images, we better should turn COW off for them. In particular as the file systems used inside the disk images should do their own data integrity checks anyway and we don't need multiple layers of it. |