summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2015-10-07smack: label /etc/passwd and friends as '_' smack label when ↵Sangjung Woo
--with-smack-run-label' is enabled systemd-sysusers.service unit creates system users and groups and it could update /etc/passwd, /etc/group, /etc/shadow and /etc/gshadow. Those files should have '_' smack label because of accessibility. However, if systemd has its own smack label using '--with-smack-run-label' configuration, systemd-sysusers process spawned by systemd(pid:1) has its parent smack label and eventually updated files also is set as its parent smack label. This patch fixes that bug by labeling updated files as '_' smack label when --with-smack-run-label' is enabled.
2015-10-06Merge pull request #1475 from steelman/analyze-without-hostnamedDaniel Mack
Analyze without hostnamed [V3]
2015-10-06analyze: replace isempty()+ternary with strempty()Łukasz Stelmach
2015-10-06analyze: do not require information from hostnamedŁukasz Stelmach
2015-10-06analyze: introduce _cleanup_host_info_Łukasz Stelmach
2015-10-06siphash24: coding-style fixesTom Gundersen
Drop custom types. Drop unnecessary macros. Fix whitespace. Add asserts.
2015-10-06siphash24: unify APITom Gundersen
Make the API of the new helpers more similar to the old wrapper. In particular we now return the hash as a byte string to avoid any endianness problems.
2015-10-06Merge pull request #1473 from michich/test-hashmapLennart Poettering
test: hashmap - increase number of entries for crippled hash test
2015-10-06Merge pull request #1469 from poettering/even-more-fixedDaniel Mack
Even more fixes
2015-10-06test: hashmap - increase number of entries for crippled hash testMichal Schmidt
The purpose of testing with the crippled hash function is to cover the otherwise very unlikely codepath in bucket_calculate_dib() where it has to fall back to recomputing the hash value. This unlikely path was not covered by test-hashmap anymore after 57217c8f "test: hashmap - cripple the hash function by truncating the input rather than the output". Restore the test coverage by increasing the number of entries in the test. The number was determined empirically by checking with lcov.
2015-10-06Merge pull request #1465 from teg/siphash24Lennart Poettering
hashmap/siphash24: refactor hash functions
2015-10-06util: some comment fixes in fdname_is_valid()Lennart Poettering
2015-10-06strv: properly return ENOMEM where we should in strv_extend_n()Lennart Poettering
2015-10-06activate: validate fdname when accepting itLennart Poettering
2015-10-06Merge pull request #1468 from poettering/fdnamesTom Gundersen
Add support for naming fds for socket activation and more
2015-10-06Merge pull request #1467 from jacob-keller/masterTom Gundersen
networkd: document ability to disable MACAddressPolicy
2015-10-06Merge pull request #1466 from kaysievers/wipTom Gundersen
libsystemd: sd-device - translate / vs. ! in sysname
2015-10-06core: add support for naming file descriptors passed using socket activationLennart Poettering
This adds support for naming file descriptors passed using socket activation. The names are passed in a new $LISTEN_FDNAMES= environment variable, that matches the existign $LISTEN_FDS= one and contains a colon-separated list of names. This also adds support for naming fds submitted to the per-service fd store using FDNAME= in the sd_notify() message. This also adds a new FileDescriptorName= setting for socket unit files to set the name for fds created by socket units. This also adds a new call sd_listen_fds_with_names(), that is similar to sd_listen_fds(), but also returns the names of the fds. systemd-activate gained the new --fdname= switch to specify a name for testing socket activation. This is based on #1247 by Maciej Wereski. Fixes #1247.
2015-10-06Merge pull request #1452 from poettering/journal-vacuumDaniel Mack
A variety of journal vacuuming improvements, plus an nspawn fix
2015-10-06core: simplify fd collection code, return number of fds as return valueLennart Poettering
Let's simplify the fd collection code a bit, and return the number of collected fds as positive integer, the way it's customary in our usual code.
2015-10-06socket: don't double close the same fd for FIFOsLennart Poettering
2015-10-06gpt-auto-generator: fix duplicate backing partition checkLennart Poettering
We shouldn't exit the loop early, otherwise our duplicate backing partition check won't work.
2015-10-05document ability to disable MACAddressPolicyJacob Keller
While it is currently possible to either not set MACAddressPolicy or set it to a value different from "persistent" or "random", it is not obvious that a user can do so. Add a policy, "none", which simply retains kernel MAC addresses (same as not filling in the policy at all) and document it so that users are aware of this setting. Signed-off-by: Jacob Keller <jacob.keller@gmail.com>
2015-10-06libsystemd: sd-device - translate / vs. ! in sysnameKay Sievers
The kernel replaces '/' in device names with '!', we translate that back to '/' in sysname, when taking sysname as input, we should translate it back again.
2015-10-05Merge pull request #1406 from blaskovic/journal-remote-typoTom Gundersen
journal-remote: typo in log_error when no sources are specified [tomegun: this was a pun, but let's not do that]
2015-10-05Merge pull request #1448 from bengal/lldp-export-v5Tom Gundersen
LLDP: add API to export neighbors list (v5)
2015-10-05Merge pull request #1459 from ssahani/bridge1Tom Gundersen
networkd: add bridge properties
2015-10-05Merge pull request #1372 from jemk/prefsrcTom Gundersen
networkd: add support to configure preferred source of static routes
2015-10-05hashmap: hash_funcs - make inputs unambiguousTom Gundersen
Make sure all variable-length inputs are properly terminated or that their length is encoded in some way. This avoids ambiguity of adjacent inputs. E.g., in case of a hash function taking two strings, compressing "ab" followed by "c" is now distinct from "a" followed by "bc".
2015-10-05hashmap: refactor hash_funcTom Gundersen
All our hash functions are based on siphash24(), factor out siphash_init() and siphash24_finalize() and pass the siphash state to the hash functions rather than the hash key. This simplifies the hash functions, and in particular makes composition simpler as calling siphash24_compress() repeatedly on separate chunks of input has the same effect as first concatenating the input and then calling siphash23_compress() on the result.
2015-10-05test: hashmap - cripple the hash function by truncating the input rather ↵Tom Gundersen
than the output The reason for the crippled hash function is to reduce the distribution of the hash function, do this by truncating the domain rather than the range. This does introduce a change in behavoir as the range is no longer contiguous, which greatly reduces collisions. This is needed as a follow-up patch will no longer allow individual hash functions to alter the output directly.
2015-10-05test: siphash24 - verify internal state and composabilityTom Gundersen
Verify the state of the hash-function according to the reference paper, also verify that we can decompose the input and hash the chunks one by one and still get the same result.
2015-10-05siphash24: expose the internal helper functionsTom Gundersen
2015-10-05siphash24: make siphash24_compress decomposableTom Gundersen
This allows the input to siphash24_compress to be decomposed into smaller chunks and the function to be called on each individual chunk.
2015-10-05siphash24: move last compression iteration from compression step to ↵Tom Gundersen
finalization step The last compression is special as it deals with the length byte, and padding. Move it to the finalization step in preparation for making compression decomposable.
2015-10-05siphash24: split out the compression stepTom Gundersen
2015-10-05siphash24: split out the finalization stepTom Gundersen
2015-10-05siphash24: introduce state structTom Gundersen
Encapsulate the four state variables in a struct so we can more easily pass them around.
2015-10-05test: siphash24 - add regression testTom Gundersen
2015-10-05networkd: add bridge propertiesSusant Sahani
ForwardDelaySec: forward delay HelloTimeSec: hello time MaxAgeSec: maximum message age for more information see http://www.tldp.org/HOWTO/BRIDGE-STP-HOWTO/set-up-the-bridge.html In kernel br_dev_newlink: does not have the this functionality to set while creation. br_changelink: after creation we can change the parameters. we need to first create then set it the parameters. Introduce new callback post_create .This should set the properties after the creation.
2015-10-05sd-rtnl: introduce new API to set the NL header flagsSusant Sahani
By default we set as NLM_F_CREATE | NLM_F_EXCL in sd_rtnl_message_new_link But incase of bridge we need to set NLM_F_REQUEST | NLM_F_ACK. If NLM_F_EXCL is set then we are unable to set the parameters. As bridge supports setting properties after creation not during creation.
2015-10-05sd-rtnl: sd-netlink: add support for bridge NL parametrsSusant Sahani
Rename rtnl_link_info_data_bridge_types to rtnl_link_bridge_management_types as they are of nested types of IFLA_AF_SPEC.
2015-10-05missing.h : add bridge paramsSusant Sahani
2015-10-03core: don't unset reload result, unless we begin a start or reload operationLennart Poettering
Much like the result of the service itself we should not reset the reload result unless we actually start from the beginning, so that clients can query it at any time. Specifically, let's reset the result states only when we begin with a start operation (for both the main result, and the reload result), when we begin with a reload operation (only for the load result), or when the use explicitly asks for that via "systemctl reset-failed". This is a more generic fix for #1447. Fixes #1447.
2015-10-02journal: rework vacuuming logicLennart Poettering
Implement a maximum limit on number of journal files to keep around. Enforcing a limit is useful on this since our performance when viewing pays a heavy penalty for each journal file to interleve. This setting is turned on now by default, and set to 100. Also, actully implement what 348ced909724a1331b85d57aede80a102a00e428 promised: use whatever we find on disk at startup as lower bound on how much disk space we can use. That commit introduced some provisions to implement this, but actually never did. This also adds "journalctl --vacuum-files=" to vacuum files on disk by their number explicitly.
2015-10-02journal: use automatic clenup for ACL typesLennart Poettering
2015-10-02journal: improve some messagesLennart Poettering
Indicate that we are ignoring errors, when we ignore them, and log that at LOG_WARNING level. Use the right error code for the log message.
2015-10-02journal: simplify things by using the LESS_BY() macroLennart Poettering
2015-10-02journal: don't affect atime of journal files when vacuumingLennart Poettering
Let's try to use O_NOATIME if we can when vacuuming old journal files, if we have the permissions for it, so that vacuuming doesn't count as proper journal read access.
2015-10-02journal: prefer stack allocationLennart Poettering