summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2016-02-15Merge pull request #2596 from keszybz/move-activate-to-binLennart Poettering
Move activate to bin, extend --fdnames functionality
2016-02-15missing.h: define IFLA_EXT_MASKRabin Vincent
We already define IFLA_PROMISCUITY and some other of these masks in order to allow building with older headers. Define IFLA_EXT_MASK too, which was added in the same kernel version as IFLA_PROMISCUITY (v3.10).
2016-02-13Merge pull request #2608 from poettering/resolved-prop-fixZbigniew Jędrzejewski-Szmek
bus property name fix in resolved
2016-02-13busctl: when formatting message contents, make sure to print all whitespacesLennart Poettering
Previously we'd miss a necessary whitespace at the end of arrays, if more data was following.
2016-02-13resolved: extend ResolveHostname() bus call so that it can parse IP addressesLennart Poettering
If the hostname passed to ResolveHostname() is actually an IP address that is correctly formatted as string parse it as such, avoid any DNS traffic and return the data in parsed form. This is useful for clients which can simply call the bus function now without caring about the precise formatting of specified hostnames. This mimics getaddrinfo()'s behaviour with the AI_NUMERICHOST flag set. Note that this logic is only implemented for ResolveHostname(), but not for calls such as ResolveRecord(), for which only DNS domain names may be used as input. The "authenticated" flag is set for look-ups of this type, after all no untrusted network traffic is involved.
2016-02-13resolved: rename "SearchDomains" property in the Manager interface to "Domains"Lennart Poettering
Another property name fuck-up. The property contains both search and routing domains and hence should be exposed as "Domains" rather than "SearchDomains". The counterpart in the Link object was correctly named, and the SetLinkDomains() and SetDomains() setter calls too, hence let's get this right, too. (Yepp, a minor API break actually, but given that this was so far not documented, and only 3 days public let's fix this now)
2016-02-13resolved: fix definition of SD_RESOLVED_FLAGS_MAKELennart Poettering
2016-02-13resolved: drop references to two bus error codes no longer usedLennart Poettering
2016-02-13service: remove unnecessary checkAlexander Kuleshov
We call dual_timestamp_serialize() only if the s->watchdog_timestamp is set. But the dual_timestamp_serialize() already checks a given dual timestamp by the call of the dual_timestamp_is_set(). So we can remove this check safely.
2016-02-13resolved: fix DNSSECSupported Link object property nameLennart Poettering
By mistake the "DNSSECSupported" bus property of the Link object got named "DNSSECSupport". Internally, it's named correctly, and the counterpart on the "Manager" object got named correctly too. Technically this rename is an API break, but given that the interface is not documented or widely announced yet, and just 3 days in a published release, let's just fix this, and hope nobody notices.
2016-02-13activate: allow multiple, possibly invalid, fd namesZbigniew Jędrzejewski-Szmek
Previous code only allowed a single name to be passed, and duplicated it over all descriptors. For the sake of testing, allow different names and in arbitrary number. If just one is given, duplicate it to match the number of sockets. This matches previuos behaviour. Since this is a testing tool, it seems useful to allow passing invalid names to test application behaviour with invalid names. Hence, only warn. When warning, escape the name.
2016-02-13basic/strv: fix strv_join for first empty argumentZbigniew Jędrzejewski-Szmek
Empty strings were ignored in strv_join, but only if they were at the beginning of the string. Empty strings after at least one non-empty item were treated normally. Previously: {"x"} → "x" {"x", ""} → "x" {"x", "", ""} → "x::" {""} → "" {"", ""} → "" {"", "", ""} → "" {"", "x"} → "x" {"", "x", ""} → "x:" Now: {"x"} → "x" {"x", ""} → "x" {"x", "", ""} → "x::" {""} → "" {"", ""} → ":" {"", "", ""} → "::" {"", "x"} → ":x" {"", "x", ""} → ":x:"
2016-02-13Merge pull request #2603 from poettering/drop-compat-libsZbigniew Jędrzejewski-Szmek
Some spring cleaning
2016-02-13tree-wide: make more global variables staticLennart Poettering
let's export as little as we can
2016-02-13util: drop two unused calls from src/basic/Lennart Poettering
2016-02-13build-sys: drop aufs-util.[ch]Lennart Poettering
Left over cruft from the dkr excercise.
2016-02-13build-sys: drop Makefile symlink in src/basic/linuxLennart Poettering
The dir is not used otherwise, hence let's drop the Makefile, so that the dir stops to exist, too.
2016-02-13core: drop Capabilities= settingLennart Poettering
The setting is hardly useful (since its effect is generally reduced to zero due to file system caps), and with the advent of ambient caps an actually useful replacement exists, hence let's get rid of this. I am pretty sure this was unused and our man page already recommended against its use, hence this should be a safe thing to remove.
2016-02-13util-lib: drop json parserLennart Poettering
This was used by the dkr logic, which is gone now, hence remove this too. Should we need it one day again the git history never forgets... Note that this only covers the JSON parser. The JSON generator used by "journalctl -o json" remains, as its much much simpler and requires no infrastructure except printf() and the most basic escaping.
2016-02-13build-sys: drop libsystemd-{id128,daemon,login,journal}.so compat libsLennart Poettering
They have long been obsolete, and upstream distros and packages have mostly switched over, let's get rid of it for good.
2016-02-13Merge pull request #2589 from keszybz/resolve-tool-2Lennart Poettering
Better support of OPENPGPKEY, CAA, TLSA packets and tests
2016-02-12Merge pull request #2601 from poettering/systemd-analyze-dump-alignZbigniew Jędrzejewski-Szmek
core: fix indenting in dump output
2016-02-12resolve: always align flags to 8th column and print CAA flagsZbigniew Jędrzejewski-Szmek
Left-over unknown flags are printed numerically. Otherwise, it wouldn't be known what bits are remaining without knowning what the known bits are. A test case is added to verify the flag printing code: ============== src/resolve/test-data/fake-caa.pkts ============== google.com. IN CAA 0 issue "symantec.com" google.com. IN CAA 128 issue "symantec.com" -- Flags: critical google.com. IN CAA 129 issue "symantec.com" -- Flags: critical 1 google.com. IN CAA 22 issue "symantec.com" -- Flags: 22
2016-02-12resolve: parse CAA recordsZbigniew Jędrzejewski-Szmek
2016-02-12Fix hashing of TLSA packetsZbigniew Jędrzejewski-Szmek
Also add example files with TLSA and SSHFP records.
2016-02-12test-dns-packet: allow running without argumentsZbigniew Jędrzejewski-Szmek
2016-02-12test-dns-packet: add framework to read and dump packetsZbigniew Jędrzejewski-Szmek
Packets are stored in a simple format: <size> <packet-wire-format> <size> <packet-wire-format> ... Packets for some example domains are dumped, to test rr code for various record types. Currently: A AAAA CAA DNSKEY LOC MX NS NSEC OPENPGPKEY SOA SPF TXT The hashing code is executed, but results are not checked. Also build other tests in src/resolve only with --enable-resolve.
2016-02-12core: fix indenting in dump outputLennart Poettering
Fixes: #2593
2016-02-12time-util: map ALARM clockids to non-ALARM clockids in now()Lennart Poettering
Fixes: #2597
2016-02-12Merge pull request #2594 from keszybz/spellingMartin Pitt
Spelling
2016-02-11Merge pull request #2590 from zonque/bus-endpoint-removalZbigniew Jędrzejewski-Szmek
Remove kdbus custom endpoint support
2016-02-11TypoZbigniew Jędrzejewski-Szmek
2016-02-12Typo fixesMichael Biebl
2016-02-11Remove kdbus custom endpoint supportDaniel Mack
This feature will not be used anytime soon, so remove a bit of cruft. The BusPolicy= config directive will stay around as compat noop.
2016-02-11Merge pull request #2587 from haraldh/tpmv3Lennart Poettering
sd-boot: put hashed kernel command line in a PCR of the TPM
2016-02-11resolved: add cleanup function to rewind packetsZbigniew Jędrzejewski-Szmek
This makes the behaviour more consistent. Before we would not rewind after some errors, but this seems to have been an unintentional omission.
2016-02-11systemd-resolve: allow easy querying of openpgp keysZbigniew Jędrzejewski-Szmek
$ systemd-resolve --openpgp zbyszek@fedoraproject.org d08ee310438ca124a6149ea5cc21b6313b390dce485576eff96f8722._openpgpkey.fedoraproject.org. IN OPENPGPKEY mQINBFBHPMsBEACeInGYJCb+7TurKfb6wGyTottCDtiSJB310i37/6ZYoeIay/5soJjlM yfMFQ9T2XNT/0LM6gTa0MpC1st9LnzYTMsT6tzRly1D1UbVI6xw0g0vE5y2Cjk3xUwAyn ...
2016-02-11Move initialize_libgcrypt to separate fileZbigniew Jędrzejewski-Szmek
It's annoying to have the exact same function in three places. It's stored in src/shared, but it's not added to the library to avoid the dependency on libgcrypt.
2016-02-11Add memcpy_safeZbigniew Jędrzejewski-Szmek
ISO/IEC 9899:1999 §7.21.1/2 says: Where an argument declared as size_t n specifies the length of the array for a function, n can have the value zero on a call to that function. Unless explicitly stated otherwise in the description of a particular function in this subclause, pointer arguments on such a call shall still have valid values, as described in 7.1.4. In base64_append_width memcpy was called as memcpy(x, NULL, 0). GCC 4.9 started making use of this and assumes This worked fine under -O0, but does something strange under -O3. This patch fixes a bug in base64_append_width(), fixes a possible bug in journal_file_append_entry_internal(), and makes use of the new function to simplify the code in other places.
2016-02-11core: use correct enumThomas Hindoe Paaboel Andersen
from e903182e5b0daa941de47a9c08c824106cec7fe0
2016-02-11sd-boot: put hashed kernel command line in a PCR of the TPMHarald Hoyer
The UEFI BIOS already hashes the contents of the loaded image, so the initrd and the command line of the binary are recorded. Because manually added LoadOptions are not taken into account, these should be recorded also. This patch logs and extends a TPM PCR register with the LoadOptions. This feature can be enabled with configure --enable-tpm The PCR register index can be specified with configure --with-tpm-pcrindex=<NUM>
2016-02-11delta: minor coding style fixesLennart Poettering
no change in behaviour
2016-02-11core: don't choke if a unit another unit triggers vanishes during reloadLennart Poettering
Fixes: #1981
2016-02-10nss-mymachines: never resolve unmapped UIDs/GIDsLennart Poettering
Don't ever permit successful user or group lookups if no UID/GID mapping is actually applied. THis way, we can be sure that nss-mymachines cannot be used to insert invalid cache entries into nscd's cache. https://bugzilla.redhat.com/show_bug.cgi?id=1285339
2016-02-10Merge pull request #2574 from zonque/netclass-removeLennart Poettering
cgroup: remove support for NetClass= directive
2016-02-10Merge pull request #2495 from heftig/masterLennart Poettering
tty-ask-password: Split out password sending
2016-02-10cgroup: remove support for NetClass= directiveDaniel Mack
Support for net_cls.class_id through the NetClass= configuration directive has been added in v227 in preparation for a per-unit packet filter mechanism. However, it turns out the kernel people have decided to deprecate the net_cls and net_prio controllers in v2. Tejun provides a comprehensive justification for this in his commit, which has landed during the merge window for kernel v4.5: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bd1060a1d671 As we're aiming for full support for the v2 cgroup hierarchy, we can no longer support this feature. Userspace tool such as nftables are moving over to setting rules that are specific to the full cgroup path of a task, which obsoletes these controllers anyway. This commit removes support for tweaking details in the net_cls controller, but keeps the NetClass= directive around for legacy compatibility reasons.
2016-02-10core: treat JobTimeout=0 as equivalent to JobTimeout=infinityLennart Poettering
Corrects an incompatibility introduced with 36c16a7cdd6c33d7980efc2cd6a2211941f302b4. Fixes: #2537
2016-02-10core: simplify how we parse TimeoutSec=, TimeoutStartSec= and TimeoutStopSec=Lennart Poettering
Let's make things more obvious by placing the parse_usec() invocation directly in config_parse_service_timeout().
2016-02-10coredump: dump priviliges when processing system coredumpsLennart Poettering
Let's add an extra-safety net and change UID/GID to the "systemd-coredump" user when processing coredumps from system user. For coredumps of normal users we keep the current logic of processing the coredumps from the user id the coredump was created under. Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=87354