Age | Commit message (Collapse) | Author |
|
Make journald audit socket maskable
|
|
man: describe IPv6AcceptRouterAdvertisements= better
|
|
Fixes #1514.
|
|
`journalctl --dump-catalog ID1 ID2 ...` works fine.
|
|
|
|
Adding them to the documentation makes it easier to find
the right man page for people who are trying to understand
where some socket in the filesystem is coming from.
|
|
With the previous description it wasn't clear that the
kernel default is being described.
Add link to kernel docs.
|
|
If we were given some sockets through socket activation, and audit
socket is not among them, do not try to open it. This way, if the
socket unit is disabled, we will not receive audit events.
https://bugzilla.redhat.com/show_bug.cgi?id=1227379
|
|
sd-daemon: wipe out memory before using CMSG_NXTHDR()
|
|
CMSG_NXTHDR() checks for cmsg->cmsg_len *after* it increased the pointer.
While this makes sense for parsing received messages, that's a pitfall
for code crafting messages with this macro.
Wipe out the allocated memory to fix this.
|
|
|
|
|
|
|
|
|
|
Checks that a given address is not tentative nor deprecated.
|
|
No need to expose these functions, but rather call them from address_{add,drop}.
|
|
Don't allocate Address objects only to free them again when processing
rtnl events.
|
|
We need to be able to look these things up quickly as we will be updating them
continuously and there can in principle be many of them.
|
|
|
|
|
|
|
|
Also, explicitly don't support subscribing to GET or SET messages, as these will
never be emitted by the kernel.
|
|
|
|
This is useful in case the daemon is restarted and the state of the IPv4LL client should
be serialized/deserialized.
|
|
|
|
We don't care about timestamps down to the last usec, round to the closest sec
as that will be plenty for debugging purposes.
|
|
Add compare_func and hash_func for the Address object. The notion of
address equality is the same as in the kernel, and hashing preserves
preserves equality.
Two addresses are considered equal if:
- they have the same address family, and
- they are neither IPv4 nor IPv6 addresses, or
- the local addresses are identical, and
- they are IPv6 addresses, or
- they have the same prefixlength, and
- their peer prefixes are identical
This fixes a bug in the old equality check, which got the local address
and the peer prefix mixed up.
|
|
Freeing links/addresses may trigger sending signals over the bus, so let's make sure
the bus stays around until our own objects have been freed.
|
|
Rename new_dynamic() to simply _new() and reuse that from new_static().
|
|
Existing test would use highly-compressible repeatable
input. Two types of input are added:
- zeros
- random blocks interspersed with zeros
The idea is to get more information about behaviour in various cases.
On Intel Xeon the results are:
% ./test-compress-benchmark
XZ/zeros: compressed & decompressed 2535301373 bytes in 32.56s (74.26MiB/s), mean compresion 99.96%, skipped 3160 bytes
LZ4/zeros: compressed & decompressed 2535304362 bytes in 1.16s (2088.69MiB/s), mean compresion 99.60%, skipped 171 bytes
XZ/simple: compressed & decompressed 2535300963 bytes in 30.42s (79.48MiB/s), mean compresion 99.95%, skipped 3570 bytes
LZ4/simple: compressed & decompressed 2535303543 bytes in 1.22s (1978.86MiB/s), mean compresion 99.60%, skipped 990 bytes
XZ/random: compressed & decompressed 381756649 bytes in 60.02s (6.07MiB/s), mean compresion 39.64%, skipped 27813723 bytes
LZ4/random: compressed & decompressed 2507385036 bytes in 0.97s (2477.52MiB/s), mean compresion 54.77%, skipped 27919497 bytes
If someone has ideas for more realistic test cases, they can be easily
added to this framework.
|
|
This converts the stream compression to use the new lz4frame api,
compatible with lz4cat. Previous code used custom headers, so the
compressed file was not compatible with lz4 command line tools.
I considered this the last blocker to using lz4 by default.
Speed seems to be reasonable, although a bit (a few percent) slower
than the lz4 binary, even though compression is the same. I don't
consider this important. It could be caused by the overhead of library
calls, but is probably caused by slightly different buffer sizes or
such. The code in this patch uses mmap, since since this allows the
buffer to be reused while not making the code more complicated at all.
In my testing, this version is noticably faster (~20%) than a naive
single-buffered version. mmap can cause the program to be killed with
SIGBUS, if the underlying file is truncated or a disk error occurs. We
only use this from within coredump and coredumpctl, so I don't
consider this an issue.
Old decompression code is retained and is used if the new code fails
indicating a format error. There have been reports of various smaller
distributions using previous lz4 code, i.e. the old format, and it is
nice to provide backwards compatibility. We can remove the legacy code
in a few versions.
The way that blobs are compressed in the journal is not affected.
|
|
nspawn: create /sys/fs/cgroup for unified hierarchy as well
|
|
Otherwise, we might end up trying to isolate it away when starting user
instances.
While we are at it, also prohibit manual start/stop of these two units.
Fixes: #1507
|
|
No change in behaviour, just make the code more obvious.
|
|
We already stop boot if /etc/mtab is not a symlink right now, and most
likely we'll stop referecing it at all in the future, either way there's
no point in keeping it around as taint flag.
|
|
systemd-run can launch units with SyslogIdentifier and SyslogLevelPrefix
|
|
Make sure the mount units pulled by 'RequiresMountsFor=' are loaded, if they exist
|
|
|
|
|
|
|
|
exist)
We should make sure that mount units involved by 'RequiresMountsFor='
directives are really loaded if not required by any others units so
that Requires= dependencies on the mount units are applied and thus
the mount unit dependencies are started.
|
|
|
|
allow passing in fds for stdin/stdout/stderr for transient services
|
|
Rename struct 'tlv_packet' to 'sd_lldp_packet' and struct
'tlv_section' to 'sd_lldp_section' since the former is referenced in
public header sd-lldp.h.
Signed-off-by: Beniamino Galvani <bgalvani@redhat.com>
|
|
core: manager: add some missing properties
|
|
Including a fix for properly freeing a calendarspec object after use.
|
|
|
|
Before, we'd always reset acquired terminals, which is not really
desired, as we expose a setting TTYReset= which is supposed to control
whether the TTY is reset or not. Previously that setting would only
enable a second resetting of the TTY, which is of course pointless...
Hence, move the implicit resetting out of acquire_terminal() and make
the callers do it if they need it.
|
|
With this change we'll open the shell's tty right from machined and then
pass it to the transient unit we create. This way we make sure the pty
is opened exactly as long as the transient service is around, and no
longer, and vice versa. This way pty forwarders do not have to deal with
EIO problems due to vhangup, as the pty is open all the time from the
point we set things up to the point where the service goes away.
|
|
fixes Coverity #1317207
|