Age | Commit message (Collapse) | Author |
|
networkd: ip6gre add support for flowlabel
|
|
nspawn: Don't pass uid mount option for devpts
|
|
Oracle kvm
|
|
Virtualbox 5.0 now supports kvm hypervisor. In this case cpuid
identidies as "kvm", which breaks units depending on
ConditionVirtualization=oracle.
So return "oracle" even with kvm hypervisor.
|
|
networkd: add bridge link properties
|
|
new bridge properties
br.network
[Match]
Name=enp0s25
[Network]
Bridge=br-test
[Bridge]
Cost=332
BPDUGuard = true
HairPin = true
FastLeave = true
RootBlock = true
UnicastFlood = true
|
|
We were stopping the transaction, but we need to stop processing the packet alltogether.
|
|
A size_t was being accessed as a char* due to the order of arguments being inverted.
|
|
|
|
We were appending rather than reading the bitmap.
|
|
We can never read past the end of the packet, so this seems impossible
to exploit, but let's error out early as reading past the end of the
current RR is clearly an error.
Found by Lennart, based on patch by Daniel.
|
|
Rename the field to make this clearer.
|
|
Most blobs (keys, signatures, ...) should have a specific size given by
the relevant algorithm. However, as we don't use/verify the algorithms
yet, let's just ensure that we don't read out zero-length data in cases
where this does not make sense.
The only exceptions, where zero-length data is allowed are in the NSEC3
salt field, and the generic data (which we don't know anything about,
so better not make any assumptions).
|
|
a) use memcmp() to compare bitmaps efficiently
b) use UINT64_C() macro instead of ULL suffixes to get right suffix for
uint64_t constants
c) add a few assert()s
d) when comparing integers with 0 we generally try to make this explicit
with "!= 0".
e) remove redundant bitmap_isset() if check, as we don't have it in
bitmap_isset() either.
f) It should be fine to invoke bitmap_unset() on a NULL bitmap
|
|
resolve: unify memdup() code when parsing RRs
|
|
|
|
|
|
|
|
basic: bitmap: use uint64_t instead if long long unsigned
|
|
ip6 tunnel: add support for DSCP
|
|
Hook up container userns with nss-mymachines
|
|
tmpfiles: downgrade errors when a file system does not support file a…
|
|
resolved: make sure we alway initialize *start in dns_packet_append_t…
|
|
long long unsigned is always 64 bit wide, so use a more readable type.
|
|
bitmap: bitmap_clear()
|
|
This patch adds support for setting the
DSCP field in the ip6 tunnel.
when set it inherits DSCP field between inner and outer header.
|
|
dns_packet_append_type_window()
|
|
No need to actually reset the bitmap, we can just truncate it back zero
size. That not only makes bitmap_clear() quicker, but also subsequent
bitmap_isclear().
|
|
Let's make dns_packet_read_public_key() more generic by renaming it to
dns_packet_read_memdup() (which more accurately describes what it
does...). Then, patch all cases where we memdup() RR data to use this
new call.
This specifically checks for zero-length objects, and handles them
gracefully. It will set zero length payload fields as a result.
Special care should be taken to ensure that any code using this call
can handle the returned allocated field to be NULL if the size is
specified as 0!
|
|
Mounting devpts with a uid breaks pty allocation with recent glibc
versions, which expect that the kernel will set the correct owner for
user-allocated ptys.
The kernel seems to be smart enough to use the correct uid for root when
we switch to a user namespace.
This resolves #337.
|
|
resolve: fix two minor memory leaks
|
|
strv_extend() already strdup()s internally, no need to to this twice.
(Also, was missing OOM check...).
Use strv_consume() when we already have a string allocated whose
ownership we want to pass to the strv.
This fixes 50f1e641a93cacfc693b0c3d300bee5df0c8c460.
|
|
It's not used anymore since 29815b6c608b836cada5e349d06a96b63eaa65f3,
hence let's remove it from the sources.
|
|
journal: reword msg about enforced size limits a bit
|
|
http://lists.freedesktop.org/archives/systemd-devel/2015-July/033574.html
|
|
Machines can also be services
|
|
This makes `systemd-cgls -M <machine name>` work with nspawn containers in
systemd 222.
|
|
This downgrades errors from setting file attributes via tmpfiles to
warnings and makes them non-fatal.
Also, as a special case, if a file system does not support file
attributes at all, then the message is downgraded to debug, so that it
is not seen at all.
With this change reiserfs should not see any messages at all anymore
(since it apparently does not implement file attributes at all), but XFS
will still get a warning but no failure. The warning is something the
XFS kernel folks should fix though, by adjusting their file attributes
behaviour to be identical to ext234's.
Fixes #560.
|
|
improve IN_SET macro
|
|
Making the array static allows gcc -O2 to generate smaller code:
"size systemd" before:
text data bss dec hex filename
1377286 128608 2632 1508526 1704ae systemd
After:
text data bss dec hex filename
1374326 128572 2664 1505562 16f91a systemd
(IN_SET still results in worse generated code than using
"x == FOO || x == BAR || ...". I don't think we'll be able to match
that with the C preprocessor.)
This change limits the use of IN_SET to sets with constant elements. All
present callers use constants. The compiler would report an "initializer
element is not constant" error otherwise.
|
|
Putting the set elements in an array variable and using ELEMENTSOF makes
it clearer what's going on.
Incidentally, it also makes gcc -O2 generate slightly smaller code:
"size systemd", before:
text data bss dec hex filename
1378318 128608 2632 1509558 1708b6 systemd
After:
text data bss dec hex filename
1377286 128608 2632 1508526 1704ae systemd
|
|
network: Add tunnel params
|
|
Job logging fixes and improvements
|
|
|
|
|
|
An endianness conversion was lost in 6024a6e302bad6bcf073fa84a41a6123305dc845.
Restore it. Now ata_id and scsi_id output match.
https://bugzilla.redhat.com/show_bug.cgi?id=1227503
|
|
This way it does not need distinct string literals and it also preserves
the "rd." prefix.
|
|
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1245293
|
|
We do not print all non-OK job completion status messages to the console
in red, because not all of them are plain errors. We do however log the
same messages as LOG_ERR.
Differentiate the log levels by deducing them from the job result in a
way that more or less matches the color of the console message.
|
|
Joins three log_struct() calls into one.
|