summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2014-06-30nspawn: block open_by_handle_at() and others via seccompLennart Poettering
Let's protect ourselves against the recently reported docker security issue. Our man page makes clear that we do not make any security promises anyway, but well, this one is easy to mitigate, so let's do it. While we are at it block a couple of more syscalls that are no good in containers, too.
2014-06-30nspawn: let's avoid using goto to wildly for non-cleanup purposesLennart Poettering
2014-06-30nspawn: simplify exit condition checkLennart Poettering
2014-06-30nspawn: log a warning on failure from wait_for_terminate()Luke Shumaker
This is at the suggestion of Djalal Harouni on the mailing list, and reflects the behavior of shared/util.c:wait_for_terminate_and_warn().
2014-06-30nspawn: Fix regression with exit statusLuke Shumaker
Commit 113cea8 introduced a bug that caused the exit code of systemd-nspawn to not reflect the exit code of the program executed in the container.
2014-06-30shared/util.c:wait_for_terminate_and_warn(): Add a comment on the return valuesLuke Shumaker
2014-06-30networkd: dhcp - use same metric for all DHCP-related routesTom Gundersen
2014-06-30util: fix commentLennart Poettering
2014-06-30tests: add missing XDG_RUNTIME_DIR env variableRonny Chevalier
Otherwise the test fails because specifier_runtime() returns -ENOTSUP when XDG_RUNTIME_DIR is not set.
2014-06-29util: refuse considering UID 0xFFFF and 0xFFFFFFFF validLennart Poettering
2014-06-29network-internal: initialize _cleanup_ variableTom Gundersen
2014-06-29netowrkd:deserialize_dhcp_routes verify strndup retSusant Sahani
strndup need to be chcked
2014-06-29networkd: dhcp - update the lifetime of an existing addressTom Gundersen
The logic otherwise is that we leave anything preconfigured alone, but in the case of DHCP we actually need to update it whenever the lease is renewed.
2014-06-29sd-dhcp-client: don't fail hard if UDP socket can not be boundTom Gundersen
Even if we cannot renew the lease at T1, we will likely succeed at T2, so warn and ignore the failure. This could happen if for whatever reason the received address is not yet configured, or it has been lost.
2014-06-29networkd: improve DHCP error loggingTom Gundersen
2014-06-29networkd: set static addresses immediatelyTom Gundersen
Don't wait for IPv4LL nor DHCP to finish before setting statically configured addresses.
2014-06-29Add support for DHCP static route optionsEugene Yakubovich
This adds support for DHCP options 33 and 121: Static Route and Classless Static Route. To enable this feature, set UseRoutes=true in .network file. Returned routes are added to the routing table.
2014-06-29networkd: merge DHCPv4 and DHCPv6 configTom Gundersen
If there are v4 or v6 specific options we can keep those in separate sections, but for the common options, we will use only one. Moreovere only use DHCP=[yes/both|no/none|v4|v6] to enable or disable the clients.
2014-06-29sd-dhcp-client/networkd: set lifetimes for IPv4 addressesPatrik Flykt
Note that /proc/sys/net/ipv4/ip_dynaddr needs to be non-zero. [tomegun: hook up DHCP renew events to increase the lifetime when necessary]
2014-06-29networkd/sd-dhcp-server: only start dhcp server when necessaryTom Gundersen
2014-06-28doc: grammatical correctionsJan Engelhardt
2014-06-27libudev: queue - watch entire directory to allow the re-use of the watch ↵Kay Sievers
descriptor
2014-06-27journald: make MaxFileSec really default to 1monthMichał Bartoszkiewicz
journald.conf(5) states that the default for MaxFileSec is one month, but the code didn't respect that.
2014-06-27coredump: simplify compression logic a bitLennart Poettering
This also make sure we remove the original coredump temporary file if we successfully managed to compress the coredump.
2014-06-27coredump: replace Compression= setting by simpler Compress= boolean settingLennart Poettering
Let's move things closer to journald's configuration settings, which knows Compress= already, as a boolean. This makes things more uniform, but also gives us more freedom to possibly swap out the used compression algorithm one day.
2014-06-27coredump: don't expose the compression level as configuration optionLennart Poettering
This sounds overly low-level and implementation-detaily. Let's just use the default level XZ suggests. This gives us more room to possibly swap out the compression algorithm used, as the compression level range will not leak into user configuration.
2014-06-27journald: invoking fstatvfs() is now redundant in the vacuuming codeLennart Poettering
2014-06-27coredump: don't be annoyed if another coredump hook removes our coredump ↵Lennart Poettering
while we work on it
2014-06-27coredump: fix how the compression level is verifiedLennart Poettering
2014-06-27coredump: add simple coredump vacuumingLennart Poettering
When disk space taken up by coredumps grows beyond a configured limit start removing the oldest coredump of the user with the most coredumps, until we get below the limit again.
2014-06-27main: uid_to_name() might fail due to OOM, protect against thatLennart Poettering
2014-06-27libudev: queue provide file descriptor to watch busy event queueKay Sievers
2014-06-27libudev: fix udev_queue_get_queue_is_empty() logicKay Sievers
2014-06-27coredumpctl: fix potential deref of null pointerThomas Hindoe Paaboel Andersen
2014-06-27coredump: make sure variable is set if uncompressedThomas Hindoe Paaboel Andersen
reorder the code so the fstat is done before we can jump to uncompressed
2014-06-26coredumpctl: remove unused variableThomas Hindoe Paaboel Andersen
2014-06-26coredump: fix debug messageThomas Hindoe Paaboel Andersen
typo from 347272731e15d3c4a70fad7ccd7185e8e8059d01
2014-06-26sd-dhcp6-client: Implement Rapid CommitPatrik Flykt
Add a Rapid Commit option to Solicit messages and expect a Reply to be received instead of an Advertise. When receiving a DHCPv6 message from the server in state Solicit, continue testing whether the message is a Reply. Ease up the message type checking, it's not fatal if the message is of a wrong type. Add helper functions to set/get the rapid commit of a lease. See RFC 3315, sections 17., 17.1.2., 17.1.4. and 18.1.8.
2014-06-26sd-dhcp6-client: Implement Renew and RebindPatrik Flykt
Start sending Renew and Rebind DHCPv6 messages when respective timers T1 and T2 expire. Rebind messages do not include a Server ID option and the Rebind procedure ends when the last IPv6 address valid lifetime expires, whereafter the client restarts the address acquisition procedure by Soliciting for available servers. See RFC 3315, sections 18.1.3. and 18.1.4. for details.
2014-06-26sd-dhcp6-lease: Add helper function to compute remaining expiry timePatrik Flykt
Create a helper function to compute the remaining time in seconds from time T2 to the IPv6 address with the longest lifetime. The computed time is used as the Maximum Retransmission Duration in Rebinding state. See RFC 3315, section 18.1.4. for details.
2014-06-26sd-dhcp6-client: Add Option Request Option supportPatrik Flykt
Provide a function to request more options from the DHCPv6 server. Provide a sensible default set at startup and add test basic test cases for the intended usage. Define DNS and NTP related option codes and add comments for the unassigned codes.
2014-06-26networkd: Properly stop router solicitation and DHCPv6 clientPatrik Flykt
When a link fails or looses carrier, always stop ongoing router solicitation and any DHCPv6 client that may be running.
2014-06-26sd-icmp6-nd: Add function to stop ongoing ICMPv6 discoveryPatrik Flykt
In some use cases stopping an ongoing ICMPv6 discovery is more useful than always unreferencing the whole structure.
2014-06-26sd-dhcp6-client: return NULL from _unref() like the other sd-* librariesPatrik Flykt
In order to keep the refcounting working, a DONT_DESTROY macro similar to the one in sd-bus has been added also to DHCPv6.
2014-06-26timer: name the stamp file consistentlyMichał Bartoszkiewicz
The stamp file for systemd --user timers was named stamp-foo.timer if XDG_DATA_HOME was unset, but foo.timer otherwise.
2014-06-26coredumpctl: fix HAVE_XZ checkDaniel Mack
2014-06-26coredumpctl: fix build with !HAVE_XZDaniel Mack
Fixes the following build error: CCLD coredumpctl src/journal/coredumpctl.o: In function `save_core': /src/systemd-master/src/journal/coredumpctl.c:656: undefined reference to `decompress_stream' collect2: error: ld returned 1 exit status make[2]: *** [coredumpctl] Error 1 make[1]: *** [all-recursive] Error 1 make: *** [all] Error 2
2014-06-26core/transaction: fix cycle break attempts outside transactionUoti Urpala
Patch fixes some incorrect-looking code in transaction.c. It could fix cases where Debian users with bad package configurations had systemd go into an infinite loop printing messages about breaking an ordering cycle, though I have not reproduced that problem myself. transaction_verify_order_one() considers jobs/units outside current transaction when checking whether ordering dependencies cause cycles. It would also incorrectly try to break cycles at these jobs; this cannot work, as the break action is to remove the job from the transaction, which is a no-op if the job isn't part of the transaction to begin with. The unit_matters_to_anchor() test also looks like it would not work correctly for non-transaction jobs. Add a check to verify that the unit is part of the transaction before considering a job a candidate for deletion. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=752259
2014-06-26core: Don't require cgroups xattr supportTom Hirst
Failure to mount cgroups with xattr should not be fatal
2014-06-26core: use correct format string for UIDsMichał Bartoszkiewicz