summaryrefslogtreecommitdiff
path: root/src/libsystemd
AgeCommit message (Collapse)Author
2016-02-11Remove kdbus custom endpoint supportDaniel Mack
This feature will not be used anytime soon, so remove a bit of cruft. The BusPolicy= config directive will stay around as compat noop.
2016-02-10tree-wide: remove Emacs lines from all filesDaniel Mack
This should be handled fine now by .dir-locals.el, so need to carry that stuff in every file.
2016-02-09core: change internal error code for masked units from EBADR to ESHUTDOWNLennart Poettering
This commit changes the mapping of the BUS_ERROR_UNIT_MASKED error to ESHUTDOWN. This error is used whenever the transaction engine is asked to operate on a masked unit. ESHUTDOWN is what is used for the similar case when the unit file enable/disable logic hits a masked unit file, hence is a natural candidate to be used here too. Background: before this patch both "job type not applicable" and "unit masked" where mapped to EBADR, which transaction_add_job_and_dependencies() then checked for. It actually wanted to check exclusively for the former error condition, not the latter but due to the same mapping this failed to work. This patch semi-undoes an accidental change made in caffa4ef700fdd0eadd6c0b2ef9925611672a1bc, however restores the error number to ESHUTDOWN instead of the original ENOSYS (for the reasons indicated above). To make this easier to grok for the future, I added comments to explaining which error conditions are checked for. Fixes: #2315
2016-02-03Merge pull request #2453 from poettering/journalctl-fTom Gundersen
journalctl --fields logic
2016-02-01sd-journal: properly export has_{persistent|runtime}_files()Lennart Poettering
This was missing in 39fd5b08a73f144a20202a665bd25cad51d8a90b.
2016-02-01sd-journal: add an API to enumerate known field names of the journalLennart Poettering
This adds two new calls to get the list of all journal fields names currently in use. This is the low-level support to implement the feature requested in #2176 in a more optimized way.
2016-02-01sd-netlink: since whe acquire the netlink socket's sockaddr anyway, let's ↵Lennart Poettering
actually verify it
2016-02-01sd-netlink: don't take possesion of netlink fd from caller on failureLennart Poettering
Fixes: #2338
2016-02-01sd-event: permit a USEC_INFINITY timeout as an alternative to a disabling an ↵Lennart Poettering
event source This should simplify handling of time events in clients and is in-line with the USEC_INFINITY macro we already have. This way setting a timeout to 0 indicates "elapse immediately", and a timeout of USEC_INFINITY "elapse never".
2016-02-01sd-event: when determining the last allowed time a time event may elapse, ↵Lennart Poettering
deal with overflows
2016-01-27Merge pull request #1975 from ssahani/vxlan2Tom Gundersen
networkd: Add support to configure VXLAN Port
2016-01-26networkd: rework Domains= settingLennart Poettering
Previously, .network files only knew a vaguely defined "Domains=" concept, for which the documentation declared it was the "DNS domain" for the network connection, without specifying what that means. With this the Domains setting is reworked, so that there are now "routing" domains and "search" domains. The former are to be used by resolved to route DNS request to specific network interfaces, the latter is to be used for searching single-label hostnames with (in addition to being used for routing). Both settings are configured in the "Domains=" setting. Normal domain names listed in it are now considered search domains (for compatibility with existing setups), while those prefixed with "~" are considered routing domains only. To route all lookups to a specific interface the routing domain "." may be used, referring to the root domain. An alternative syntax for this is the "*", as was already implemented before using the "wildcard" domain concept. This commit adds proper parsers for this new logic, and exposes this via the sd-network API. This information is not used by resolved yet, this will be added in a later commit.
2016-01-25resolve: generate a nice clean error when clients try to resolve a name when ↵Lennart Poettering
the network is down
2016-01-19resolved: add bus API for configuring per-link DNS settingsLennart Poettering
This is useful for alternative network management solutions (such as NetworkManager) to push DNS configuration data into resolved. The calls will fail should networkd already have taken possesion of a link, so that the bus API is only available if we don't get the data from networkd.
2016-01-19resolved: add a couple of errors to the error mapping tablesLennart Poettering
These were previously forgotten, add them now.
2016-01-19sd-netlink introduce API to add any size and typeSusant Sahani
Now we dont have any public API that will support any size . sd_netlink_message_append_data will support this.
2016-01-18sd-event: fix theoretical leak on error in event_make_signal_dataZbigniew Jędrzejewski-Szmek
2016-01-18sd-device: initialize variables to avoid warningZbigniew Jędrzejewski-Szmek
The code is correct, assuming that the kernel does not feed us garbled data. Let's initialize those variables to avoid the warning anyway.
2016-01-18bus-kernel: reword assignment of dst_id in bus_message_setup_kmsgZbigniew Jędrzejewski-Szmek
Setting of dst_id was based on interplay of two booleans, making the logic hard to follow (for humans and compilers alike). gcc was confused and emmitted a warning about an uninitialized variable. Rework the code to make it obvious that dst_id is set properly.
2016-01-18sd-netlink: remove unused tableZbigniew Jędrzejewski-Szmek
2016-01-18test-bus-error: add tests for setting error == 0Zbigniew Jędrzejewski-Szmek
2016-01-18sd-event: check clock argument to sd_event_now()Zbigniew Jędrzejewski-Szmek
sd_event_now() is a public function, so we must check all arguments for validity. Update man page and add tests. Sample debug message: Assertion 'IN_SET(clock, CLOCK_REALTIME, CLOCK_REALTIME_ALARM, CLOCK_MONOTONIC, CLOCK_BOOTTIME, CLOCK_BOOTTIME_ALARM)' failed at src/libsystemd/sd-event/sd-event.c:2719, function sd_event_now(). Ignoring.
2016-01-18bus-error: verify additional error maps during installationZbigniew Jędrzejewski-Szmek
Go over the entries in the map and check that they make sense. Tests are added. In the future we might want to do additional checks, e.g. verifying that the error names are in the expected format.
2016-01-18basic,bus-error: return negative error from errno_from_nameZbigniew Jędrzejewski-Szmek
errno_from_name used an unusual return convention where 0 meant "not found". This tripped up config_parse_syscall_errno(), which would treat that as success. Return -EINVAL instead, and adjust bus_error_name_to_errno() for the new convention. Also remove a goto which was used as a simple if and clean up surroudning code a bit.
2016-01-13tree-wide: check if errno is greater than zero (2)Zbigniew Jędrzejewski-Szmek
Compare errno with zero in a way that tells gcc that (if the condition is true) errno is positive.
2016-01-12sd-event: minor fixups to delays profiling changesVito Caputo
2016-01-12Merge pull request #2147 from vcaputo/sd-event-measure-latenciesLennart Poettering
sd-event: instrument sd_event_run() for profiling delays
2016-01-12sd-event: instrument sd_event_run() for profiling delaysVito Caputo
Set SD_EVENT_PROFILE_DELAYS to activate accounting and periodic logging of the distribution of delays between sd_event_run() calls. Time spent in dispatching as well as time spent outside of sd_event_run() is measured and accounted for. Every 5 seconds a logarithmic histogram loop iteration delays since 5 seconds previous is logged. This is useful in identifying the frequency and magnitude of latencies affecting the event loop, which should be kept to a minimum.
2016-01-12tree-wide: use xsprintf() where applicableDaniel Mack
Also add a coccinelle receipt to help with such transitions.
2016-01-11resolved: don't attempt to send queries for DNSSEC RR types to servers not ↵Lennart Poettering
supporting them If we already degraded the feature level below DO don't bother with sending requests for DS, DNSKEY, RRSIG, NSEC, NSEC3 or NSEC3PARAM RRs. After all, we cannot do DNSSEC validation then anyway, and we better not press a legacy server like this with such modern concepts. This also has the benefit that when we try to validate a response we received using DNSSEC, and we detect a limited server support level while doing so, all further auxiliary DNSSEC queries will fail right-away.
2016-01-10sd-netlink: fix assertDaniel Mack
nl->fd can be 0.
2016-01-07Merge pull request #2285 from evverx/fix-test-resolveDaniel Mack
tests: test-resolve: wait until all queries are completed
2016-01-07tests: test-resolve: wait until all queries are completedEvgeny Vereshchagin
This is a follow-up for 4a134c4903dbf6ef6c6a Fixes: $ ./test-resolve 209.132.183.105:80 209.132.183.105:80 canonical name: n/a 193.99.144.85:0 [2a02:2e0:3fe:1001:7777:772e:2:85]:0 canonical name: www.heise.de Host: web.heise.de -- Serv: http $ ./test-resolve 193.99.144.85:0 [2a02:2e0:3fe:1001:7777:772e:2:85]:0 canonical name: www.heise.de Host: web.heise.de -- Serv: http $ ./test-resolve ...
2016-01-07Merge pull request #2276 from poettering/dnssec12Tom Gundersen
Twelfth DNSSEC PR
2016-01-06resolved: introduce support for per-interface negative trust anchorsLennart Poettering
2016-01-05resolved,networkd: add a per-interface DNSSEC settingLennart Poettering
This adds a DNSSEC= setting to .network files, and makes resolved honour them.
2016-01-05networkd,resolved: add a per-interface mdns configuration optionLennart Poettering
2016-01-05sd-network: unify parsing of /run/systemd/netif/links/* string fieldsLennart Poettering
2016-01-05tests: use sd_bus_flush_close_unref instead of sd_bus_unref in test-bus-cleanupEvgeny Vereshchagin
Fixes: $ make valgrind-tests TESTS=test-bus-cleanup ==6363== 9 bytes in 1 blocks are possibly lost in loss record 1 of 28 ==6363== at 0x4C2BBCF: malloc (vg_replace_malloc.c:299) ==6363== by 0x197D12: hexmem (hexdecoct.c:79) ==6363== by 0x183083: bus_socket_start_auth_client (bus-socket.c:639) ==6363== by 0x1832A0: bus_socket_start_auth (bus-socket.c:678) ==6363== by 0x183438: bus_socket_connect (bus-socket.c:705) ==6363== by 0x14B0F2: bus_start_address (sd-bus.c:1053) ==6363== by 0x14B592: sd_bus_start (sd-bus.c:1134) ==6363== by 0x14B95E: sd_bus_open_system (sd-bus.c:1235) ==6363== by 0x1127E2: test_bus_open (test-bus-cleanup.c:42) ==6363== by 0x112AAE: main (test-bus-cleanup.c:87) ==6363== ... $ ./libtool --mode=execute valgrind ./test-bus-cleanup ==6584== LEAK SUMMARY: ... ==6584== possibly lost: 10,566 bytes in 27 blocks
2016-01-04resolved: explicitly handle case when the trust anchor is emptyLennart Poettering
Since we honour RFC5011 revoked keys it might happen we end up with an empty trust anchor, or one where there's no entry for the root left. With this patch the logic is changed what to do in this case. Before this patch we'd end up requesting the root DS, which returns with NODATA but a signed NSEC we cannot verify, since the trust anchor is empty after all. Thus we'd return a DNSSEC result of "missing-key", as we lack a verified version of the key. With this patch in place, look-ups for the root DS are explicitly recognized, and not passed on to the DNS servers. Instead, if downgrade-ok mode is on an unsigned NODATA response is synthesized, so that the validator code continues under the assumption the root zone was unsigned. If downgrade-ok mode is off a new transaction failure is generated, that makes this case recognizable.
2016-01-04resolved: introduce a proper bus error for DNSSEC validation errorsLennart Poettering
2016-01-01Merge pull request #2241 from poettering/dnssec9Tom Gundersen
Ninth DNSSEC patch set
2015-12-29resolved: properly handle SRV RRs with the DNS root as hostnameLennart Poettering
2015-12-29resolved: add errno mapping for BUS_ERROR_CONNECTION_FAILURELennart Poettering
This was missing when the error type was added in ac720200b7e5b80cc4985087e38f3452e5b3b080.
2015-12-29resolved: change mapping of BUS_ERROR_NO_NAME_SERVERS to ESRCHLennart Poettering
EIO is really too generic, and indicates transmission problems.
2015-12-29tests: fix memory leak in test-bus-marshalEvgeny Vereshchagin
Fixes: ``` $ ./configure ... --enable-dbus $ make $ make valgrind-tests TESTS=test-bus-marshal ... ==25301== 51 bytes in 1 blocks are definitely lost in loss record 7 of 18 ==25301== at 0x4C2DD9F: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==25301== by 0x5496B8C: ??? (in /lib/x86_64-linux-gnu/libdbus-1.so.3.14.3) ==25301== by 0x54973E3: _dbus_string_append_printf_valist (in /lib/x86_64-linux-gnu/libdbus-1.so.3.14.3) ==25301== by 0x547E5C2: _dbus_set_error_valist (in /lib/x86_64-linux-gnu/libdbus-1.so.3.14.3) ==25301== by 0x547E73E: dbus_set_error (in /lib/x86_64-linux-gnu/libdbus-1.so.3.14.3) ==25301== by 0x548969A: dbus_message_demarshal (in /lib/x86_64-linux-gnu/libdbus-1.so.3.14.3) ==25301== by 0x115C1A: main (test-bus-marshal.c:244) ==25301== ```
2015-12-26resolved: generate an explicit transaction error when we cannot reach server ↵Lennart Poettering
via TCP Previously, if we couldn't reach a server via UDP we'd generate an MAX_ATTEMPTS transaction result, but if we couldn't reach it via TCP we'd generate a RESOURCES transaction result. While it is OK to generate two different errors I think, "RESOURCES" is certainly a misnomer. Introduce a new transaction result "CONNECTION_FAILURE" instead.
2015-12-21sd-event: improve debugging of event source errorsDaniel Mack
Printing the pointer variable really doesn't help, so drop that. Instead, add a string lookup table for the EventSourceType enum, and print the type of event source in case of errors.
2015-12-02tests: turn check if manager cannot be intialized into macroZbigniew Jędrzejewski-Szmek
We need to check the same thing in multiple tests. Use a shared macro to make it easier to update the list of errnos. Change the errno code for "unitialized cgroup fs" for ENOMEDIUM. Exec format error looks like something more serious. This fixes test-execute invocation in mock.
2015-11-27selinux: split up mac_selinux_have() from mac_selinux_use()Lennart Poettering
Let's distuingish the cases where our code takes an active role in selinux management, or just passively reports whatever selinux properties are set. mac_selinux_have() now checks whether selinux is around for the passive stuff, and mac_selinux_use() for the active stuff. The latter checks the former, plus also checks UID == 0, under the assumption that only when we run priviliged selinux management really makes sense. Fixes: #1941