summaryrefslogtreecommitdiff
path: root/src/import
AgeCommit message (Collapse)Author
2015-02-24importd: create a loopback btrfs file system for /var/lib/machines, if necessaryLennart Poettering
When manipulating container and VM images we need efficient and atomic directory snapshots and file copies, as well as disk quota. btrfs provides this, legacy file systems do not. Hence, implicitly create a loopback file system in /var/lib/machines.raw and mount it to /var/lib/machines, if that directory is not on btrfs anyway. This is done implicitly and transparently the first time the user invokes "machinectl import-xyz". This allows us to take benefit of btrfs features for container management without actually having the rest of the system use btrfs. The loopback is sized 500M initially. Patches to grow it dynamically are to follow.
2015-02-24import: print nice warning if we need btrfs but /var/lib/machines is not btrfsLennart Poettering
2015-02-18shared: introduce cmsg_close_all() callLennart Poettering
The call iterates through cmsg list and closes all fds passed via SCM_RIGHTS. This patch also ensures the call is used wherever appropriate, where we might get spurious fds sent and we should better close them, then leave them lying around.
2015-02-18logind: open up most bus calls for unpriviliged processes, using PolicyKitLennart Poettering
Also, allow clients to alter their own objects without any further priviliges. i.e. this allows clients to kill and lock their own sessions without involving PK.
2015-02-17import: remove unused variableThomas Hindoe Paaboel Andersen
2015-02-05networkd: exit on idleTom Gundersen
We will be woken up on rtnl or dbus activity, so let's just quit if some time has passed and that is the only thing that can happen. Note that we will always stay around if we expect network activity (e.g. DHCP is enabled), as we are not restarted on that.
2015-02-03util: rework strappenda(), and rename it strjoina()Lennart Poettering
After all it is now much more like strjoin() than strappend(). At the same time, add support for NULL sentinels, even if they are normally not necessary.
2015-01-26treewide: fix multiple typosTorstein Husebø
2015-01-23#pragma once here and thereZbigniew Jędrzejewski-Szmek
2015-01-23importd: when listing transfers, show progress percentageLennart Poettering
With this change the pull protocol implementation processes will pass progress data to importd which then passes this information on via the bus. We use sd_notify() as generic transport for this communication, making importd listen to them, while matching the incoming messages to the right transfer.
2015-01-23importd: fix bus policyLennart Poettering
2015-01-23import: we need CAP_DAC_OVERRIDE for untarring systems after allLennart Poettering
2015-01-22import: lock tar into its own private network namespaceLennart Poettering
That way it cannot get access to the network
2015-01-22import: drop all capabilities when invoking tarLennart Poettering
2015-01-22import: only define the _to_string() enum mapping function, thus making gcc ↵Lennart Poettering
shut up
2015-01-22import: now that the worker binary is called "systemd-pull" we can shorten ↵Lennart Poettering
the verbs Atfer all "systemd-pull pull-tar" is unnecessarily redundant, over "systemd-pull tar"...
2015-01-22importd: try to minimize confusion by renaming "systemd-import" binary to ↵Lennart Poettering
"systemd-pull" This way "systemd-importd" is the daemon that uses "systemd-pull" as backend worker.
2015-01-22importd: minor log improvementsLennart Poettering
2015-01-22import: make the user verficiation keyring override the vendor keyring, ↵Lennart Poettering
instead of extending it This way the user has the ability to remove keys from the vendor-supplied keyring if he intends so.
2015-01-22import: rename --verify=sum to --verify=checksumLennart Poettering
This is how we call it internally, and also a bit more descriptive.
2015-01-22import: introduce new mini-daemon systemd-importd, and make machinectl a ↵Lennart Poettering
client to it The old "systemd-import" binary is now an internal tool. We still use it as asynchronous backend for systemd-importd. Since the import tool might require some IO and CPU resources (due to qcow2 explosion, and decompression), and because we might want to run it with more minimal priviliges we still keep it around as the worker binary to execute as child process of importd. machinectl now has verbs for pulling down images, cancelling them and listing them.
2015-01-22impot: minor cleanupsLennart Poettering
2015-01-21import: simplify dkr importer, by making use of generic import-job logic, ↵Lennart Poettering
used by the raw and tar importers This gets us progress output as well xz/bzip2 support.
2015-01-21import: minor cleanups for the tar and raw importersLennart Poettering
2015-01-21import: support downloading bzip2-encoded imagesLennart Poettering
This way, we can import CoreOS images unmodified.
2015-01-21import: also add verification support to tar importerLennart Poettering
2015-01-21import: make verification code generic, in preparation for using it pull-tarLennart Poettering
2015-01-21import: improve loggingLennart Poettering
2015-01-21import: show download speed while downloadingLennart Poettering
2015-01-21import: add image verification using gpgLennart Poettering
This also adds an initial keyring for the verification, that contains Ubuntu's and Fedora's key. We should probably add more entries sooner or later.
2015-01-20import: add a couple of additional suffixes to remove from raw imagesLennart Poettering
2015-01-20import: make image verification optionalLennart Poettering
2015-01-20import: add a simple scheme for validating the SHA256 sums of downloaded raw ↵Lennart Poettering
files
2015-01-20import: be less aggressive when allocating memory for downloaded payloadLennart Poettering
2015-01-20import: improve logging a bitLennart Poettering
2015-01-20import: port pull-raw to helper tools implemented for pull-tarLennart Poettering
This allows us to reuse a lot more code, and simplify pull-raw drastically.
2015-01-20import: add support for pulling raw tar balls as containersLennart Poettering
Ubuntu provides their cloud images optionally as tarball, hence also support downloading those.
2015-01-20util: make http url validity checks more generic, and move them to util.cLennart Poettering
2015-01-19import: clarify when we are unpacking the qcow2 deviceLennart Poettering
2015-01-19import: make sure don't leak the LZMA contextLennart Poettering
2015-01-19qcow2: when dissecting qcow2, use btrfs clone ioctls for reflinking blocks ↵Lennart Poettering
to target
2015-01-19import: when downloading raw files, show simple progress reportsLennart Poettering
2015-01-19import: simplify the code a bitLennart Poettering
2015-01-19import-raw: when downloading raw images, generate sparse files if we canLennart Poettering
2015-01-19import-raw: set NOCOW flag on all raw images we createLennart Poettering
2015-01-18Move DEFINE_TRIVIAL_CLEANUP_FUNC to macro.hZbigniew Jędrzejewski-Szmek
This remove the need for various header files to include the (relatively heavyweight) util.h.
2015-01-18util: replace RUN_WITH_LOCALE with extended locale functionsCristian Rodríguez
There were two callers, one can use strtod_l() and the other strptime_l(). (David: fix up commit-msg and coding-style)
2015-01-16import: support importing qcow2 imagesLennart Poettering
With this change the import tool will now unpack qcow2 images into normal raw disk images, suitable for usage with nspawn. This allows has the benefit of also allowing importing Ubuntu Cloud images for usage with nspawn.
2015-01-16import: support downloading .xz compressed imagesLennart Poettering
That way we can download fedora cloud raw images as-is and decompress them on-the-fly.
2015-01-15nspawn,machined: change default container image location from ↵Lennart Poettering
/var/lib/container to /var/lib/machines Given that this is also the place to store raw disk images which are very much bootable with qemu/kvm it sounds like a misnomer to call the directory "container". Hence, let's change this sooner rather than later, and use the generic name, in particular since we otherwise try to use the generic "machine" preferably over the more specific "container" or "vm".