Age | Commit message (Collapse) | Author | |
---|---|---|---|
2012-08-19 | journal: validate timestamps as well | Lennart Poettering | |
2012-08-18 | mmap: resize arrays dynamically | Lennart Poettering | |
2012-08-18 | journal: even more simple static object tests | Lennart Poettering | |
2012-08-18 | journal: refuse verification of files with unknown flags | Lennart Poettering | |
2012-08-18 | jounral: write bit fiddling test | Lennart Poettering | |
This test goes through every single bit in a journal file, toggles it, and checks if this change is detected by the verification. | |||
2012-08-18 | journal: fix verification without key | Lennart Poettering | |
2012-08-18 | journald: add additional simple static tests to verifier | Lennart Poettering | |
2012-08-17 | journal: be fine with opening rotated/corrupted journal files | Lennart Poettering | |
2012-08-17 | journal: set secure deletion flags for FSS file | Lennart Poettering | |
2012-08-17 | journal: after verification output validated time range | Lennart Poettering | |
2012-08-17 | journal: reword verification messages a bit | Lennart Poettering | |
2012-08-17 | journal: ensure that entries and tags are properly ordered | Lennart Poettering | |
2012-08-17 | journal: show new header fields in header dump | Lennart Poettering | |
2012-08-17 | journal: don't write tag objects if nothing has been written since the last time | Lennart Poettering | |
2012-08-17 | man: add man pages for new FSS stuff | Lennart Poettering | |
2012-08-17 | journal: rework terminology | Lennart Poettering | |
Let's clean up our terminology a bit. New terminology: FSS = Forward Secure Sealing FSPRG = Forward Secure Pseudo-Random Generator FSS is the combination of FSPRG and a HMAC. Sealing = process of adding authentication tags to the journal. Verification = process of checking authentication tags to the journal. Sealing Key = The key used for adding authentication tags to the journal. Verification Key = The key used for checking authentication tags of the journal. Key pair = The pair of Sealing Key and Verification Key Internally, the Sealing Key is the combination of the FSPRG State plus change interval/start time. Internally, the Verification Key is the combination of the FSPRG Seed plus change interval/start time. | |||
2012-08-16 | journal: add FSPRG journal authentication | Lennart Poettering | |
2012-08-16 | journal: fix tag sequence number verification | Lennart Poettering | |
2012-08-16 | journalctl: immeidately terminate on invalid seed | Lennart Poettering | |
2012-08-16 | journal: parse fsprg seed | Lennart Poettering | |
2012-08-16 | journal: count number of entry arrays in header | Lennart Poettering | |
2012-08-16 | keymap: fix map name reference | Kay Sievers | |
2012-08-16 | journal: rename 'mmap' to 'mmap_cache' to appease gcc | Zbigniew Jędrzejewski-Szmek | |
warning: declaration of 'mmap' shadows a global declaration [-Wshadow] | |||
2012-08-16 | journal: fix variable initialization | Lennart Poettering | |
2012-08-16 | journal: fix unitialized var | Lennart Poettering | |
2012-08-16 | journal: journal-send.h doesn't actually exist | Lennart Poettering | |
2012-08-16 | journal: verify structural consistency | Lennart Poettering | |
2012-08-16 | journal: add color to verification progress bar | Lennart Poettering | |
2012-08-16 | journal: verify compressed objects | Lennart Poettering | |
2012-08-16 | journalctl: add --verify-seed= switch to specify seed value | Lennart Poettering | |
2012-08-16 | journal: verify hashes only during actual verification, not all the time | Lennart Poettering | |
2012-08-16 | journal: split up journal-file.c | Lennart Poettering | |
2012-08-16 | journal: add superficial structure verifier | Lennart Poettering | |
2012-08-16 | journal: implement basic journal file verification logic | Lennart Poettering | |
2012-08-16 | conf-parser: make parsing exit status lists non-fatal | Lennart Poettering | |
2012-08-16 | journal: implement generic sharable mmap caching logic | Lennart Poettering | |
instead of having one simple per-file cache implement an more comprehensive one that works for multiple files and can actually maintain multiple maps per file and per object type. | |||
2012-08-15 | keymap: Add Sony VGN | Martin Pitt | |
https://launchpad.net/bugs/939868 | |||
2012-08-14 | conf-parser: simplify a few things by using set_ensure_allocated() rather ↵ | Lennart Poettering | |
than set_new() | |||
2012-08-14 | service: add options RestartPreventExitStatus and SuccessExitStatus | Lukas Nykryn | |
In some cases, like wrong configuration, restarting after error does not help, so administrator can specify statuses by RestartPreventExitStatus which will not cause restart of a service. Sometimes you have non-standart exit status, so this can be specified by SuccessfulExitStatus. | |||
2012-08-13 | journal: include tag object header in hmac | Lennart Poettering | |
2012-08-13 | journal: add all objects we add to HMAC | Lennart Poettering | |
2012-08-13 | journald: initial version of FSPRG hookup | Lennart Poettering | |
This adds forward-secure authentication of journal files. This patch includes key generation as well as tagging of journal files, Verification of journal files will be added in a later patch. | |||
2012-08-13 | umount: MS_MGC_VAL is so 90s | Lennart Poettering | |
2012-08-13 | nspawn,namespaces: make sure we recursively bind mount things in | Lennart Poettering | |
We want to make sure that everything from the host is also visible in the sandbox. | |||
2012-08-13 | machine-id: properly mount transient machine ID read-only | Lennart Poettering | |
2012-08-13 | nspawn: unset a few unnecessary params to mount() | Lennart Poettering | |
2012-08-13 | namespace: rework namespace support | Lennart Poettering | |
- don't use pivot_root() anymore, just reuse root hierarchy - first create all mounts, then mark them read-only so that we get the right behaviour when people want writable mounts inside of read-only mounts - don't pass invalid combinations of MS_ constants to the kernel | |||
2012-08-13 | nspawn: inherit mounts from real root, don't propagate mounts to real root | Lennart Poettering | |
2012-08-12 | switch-root: remount to MS_PRIVATE | Lennart Poettering | |
The kernel does not allow switching roots if things are mounted MS_SHARED. As a work-around, remount things MS_PRIVATE before switching roots. This should be fixed in the kernel for good. https://bugzilla.redhat.com/show_bug.cgi?id=847418 | |||
2012-08-10 | udev: export udev_device_new_from_device_id() | Kay Sievers | |