1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2025-01-11 05:17:44 +03:00
Commit Graph

24485 Commits

Author SHA1 Message Date
Lennart Poettering
7405bb3ec0 resolve: fix wording in resolver statistics output
Now that we count both negative and positive validation results, we shouldn't claim we just counted RRsets.
2016-01-25 17:19:19 +01:00
Lennart Poettering
59c5b5974d resolved: log each time we increase the DNSSEC verdict counters
Also, don't consider RRs that aren't primary to the lookups we do as relevant to the lookups.
2016-01-25 17:19:19 +01:00
Lennart Poettering
f6618dcd96 resolved: never store NSEC/NSEC3 RRs from the upper zone of a zone cut in cache
When using NSEC/NSEC3 RRs from the cache to derive existance of arbitrary RRs, we should not get confused by the fact
that NSEC/NSEC3 RRs exist twice at zone cuts: once in the parent zone, and once in the child zone. For most RR types we
should only consult the latter since that's where the beef is. However, for DS lookups we have to check the former.

This change makes sure we never cache NSEC/NSEC3 RRs from any parent zone of a zone-cut. It also makes sure that when
we look for a DS RR in the cache we never consider any cached NSEC RR, as those are now always from the child zone.
2016-01-25 17:19:19 +01:00
Lennart Poettering
fcfaff1235 resolved: if we detect a message with incomplete DNSSEC data, consider this an invalid packet event 2016-01-25 17:19:19 +01:00
Lennart Poettering
7aa8ce9855 resolved: also collect statistics about negative DNSSEC proofs
We already maintain statistics about positive DNSSEC proofs, and count them up by 1 for each validated RRset. Now,
update the same counters each time we validated a negative query, so that the statistics are the combined result of all
validation checks, both positive and negative.
2016-01-25 17:19:19 +01:00
Lennart Poettering
352af30838 resolve: use different bitmap checking rules when we find an exact NSEC3 match, or just a covering enclosure
If we are looking for a DS RR we need to check the NSEC3 bitmap of the parent zone's NSEC3 RR, not the one from the
child. For any other RR we need to look at the child's however, hence enforce this with the bitmaps.

Note that not coverign checks only the lower zone's NSEC3 bitmaps matter, hence the existing check is fine.
2016-01-25 17:19:18 +01:00
Lennart Poettering
300a716dc4 resolve: minor strings improvements 2016-01-25 17:19:18 +01:00
Lennart Poettering
624993ac85 man: document systemd-resolve(8)
This also links up the new manpage from systemd-resolved.service(8), and makes a couple of unrelated additions.
2016-01-25 17:19:18 +01:00
Lennart Poettering
54230826fd emacs: also configure nxml parameters in .dir-locals.el
We configure the parameters we use for the docbook XML.
2016-01-25 16:00:28 +01:00
Lennart Poettering
b5eb973b39 resolve: rename "systemd-resolve-host" tool to simply "systemd-resolve"
The tool resolves way more than just hosts, hence give it a more generic name. This should be safe, as the tool is
currently undocumented. Before we add documentation for it, let's get the name right.

This also moves the C source into src/resolve/ (from src/resolve-host/), since the old name is a misnomer now. Also,
since it links directly to many of the C files of resolved it really belongs into resolved's directory anyway.
2016-01-25 16:00:28 +01:00
Lennart Poettering
ce736ace37 resolved: get rid of unnecessary if check
DNS_ANSWER_FOREACH() can deal with NULL answers anyway, let's simplify our code here.
2016-01-25 15:59:40 +01:00
Lennart Poettering
839a4a20d8 resolved: split out RR synthesis logic into its own C file
Also, while we are at it, set the "authenticated" bit for everything we synthesize
2016-01-25 15:59:40 +01:00
Lennart Poettering
d07b43a18e resolved: move dns_type_to_af() to dns-type.c 2016-01-25 15:59:40 +01:00
Lennart Poettering
edbcc1fdd9 resolve: generate a nice clean error when clients try to resolve a name when the network is down 2016-01-25 15:59:40 +01:00
Lennart Poettering
6955a3ba9d resolved: when checking whether a link is relevant, check kernel operstate
This mimics what networkd is doing to detect a carrier.
2016-01-25 15:59:40 +01:00
Lennart Poettering
55abd6dadd resolved: fix typo
Noticed by @vcaputo
2016-01-25 15:59:39 +01:00
Lennart Poettering
ebc8a1066a resolved: fix RR key reduction logic
Fixes #2380.
2016-01-25 15:59:39 +01:00
Lennart Poettering
cf7d1a30e4 logind,machined: bump TasksMax=
Issue #2388 suggests the current TasksMax= setting for user processes is to low. Bump it to 12K. Also, bump the
container TasksMax= from 8K to 16K, so that it remains higher than the one for user processes.

(Compare: the kernel default limit for processes system-wide is 32K).

Fixes #2388
2016-01-25 15:59:39 +01:00
Lennart Poettering
147d3751d8 Merge pull request #2428 from msekletar/nspawn-alloca-fix
nspawn: fix memory leak
2016-01-25 13:46:23 +01:00
Michal Sekletar
61e741ed3d nspawn: fix memory leak 2016-01-25 12:06:38 +01:00
Zbigniew Jędrzejewski-Szmek
ce262e5760 Merge pull request #2425 from yuwata/journal-remote-v4
ZJS: remove unnecessary oom check after strdupa().
2016-01-24 11:49:31 -05:00
Daniel Mack
3a79e301e8 Merge pull request #2423 from keszybz/udevd-crash-in-cleanup
udevd: do not clean up fds in main
2016-01-24 15:09:33 +01:00
Yu Watanabe
2f1acf6f13 journal-remote: fix broken --getter option
This commit fixes the following broken --getter option:
when systemd-journal-remote is called with --getter option,
it causes the error meesage "Zero sources specified" and
the getter command will not be called.
2016-01-24 16:12:13 +09:00
Yu Watanabe
e6b6225e3b journal-remote: add an example to man 2016-01-24 16:12:13 +09:00
Yu Watanabe
d10accb0b1 journal-remote: output file name is determined by the remote hostname
When --url option is specified, e.g. --url='http://some.host:19531/entries'
retrieved remote journal entries will be stored to
/var/log/journal/remote/remote-some.host.journal
2016-01-24 16:11:21 +09:00
Yu Watanabe
b68f6b0a79 journal-remote: make --url option support arbitrary url
Currently, --url option supports the only form like http(s)://some.host:19531.
This commit adds support to call systemd-journal-remote as follwos:
systemd-journal-remote --url='http://some.host:19531'
systemd-journal-remote --url='http://some.host:19531/'
systemd-journal-remote --url='http://some.host:19531/entries'
systemd-journal-remote --url='http://some.host:19531/entries?boot&follow'
The first three example result the same and retrieve all entries.
The last example retrieves only current boot entries and wait new events.
2016-01-24 15:45:47 +09:00
Zbigniew Jędrzejewski-Szmek
9d5a981398 Merge pull request #2318 from vcaputo/coalesce-ftruncates-redux
journal: coalesce ftruncate()s in 250ms windows
2016-01-23 22:09:51 -05:00
Zbigniew Jędrzejewski-Szmek
efa1606eec udevd: do not clean up fds in main
fds will also be closed during manager cleanup in run, leading
to an error when we try to close them again. It is now possible
to "leak" the fds on error, but it's an unlikely event and we
will exit immediately anyway.

Fixes #2418.
2016-01-23 11:45:22 -05:00
Lennart Poettering
a9eb840583 Merge pull request #2410 from dobyrch/master
systemctl: Allow 'edit' and 'cat' on unloaded units
2016-01-22 17:28:59 +01:00
Lennart Poettering
e14c67d046 Merge pull request #2412 from fbuihuu/device-fixes
Device fixes
2016-01-22 17:28:05 +01:00
Franck Bui
ac9d396b2a device: make sure to not ignore re-plugged device
systemd automatically mounts device unless 'noauto' is part of the
mount options. This can happen during boot if the device is plugged at
that time or later when the system is already running (the latter case
is not documented AFAICS).

After the systemd booted, I plugged my USB device which had an entry
in /etc/fstab with the default options and systemd automatically
mounted it.

However I noticed that if I unplugged and re-plugged the device the
automatic mounting of the device didn't work anymore: systemd didn't
notice that the device was re-plugged.

This was due to the device unit which was not recycled by the GC
during the unplug event because in the case of automounting, the mount
unit still referenced it. When the device was re-plugged, the old
device unit was reused but it still had the old sysfs path (amongst
other useful information).

Systemd was confused by the stalled sysfs path and decided to ignore
the plug event.

This patch fixes this issue by simply not doing the sanity checking on
the sysfs path if the device is in unplugged state.
2016-01-22 13:53:00 +01:00
Lennart Poettering
dd17a7aa12 Merge pull request #2413 from msekletar/update-todo-reload
Remove TODO entry
2016-01-22 11:53:58 +01:00
Michal Sekletar
99d7bd1c00 Remove TODO entry
Feature was introduced by 06af2a0
2016-01-22 10:10:45 +01:00
Daniel Mack
620b63ec02 Merge pull request #2405 from zonque/sysusers
sysusers: use GID_FMT and UID_FMT instead of %d
2016-01-22 09:59:23 +01:00
Daniel Mack
efda7e594e Merge pull request #2331 from yuwata/journal-remote-unit-v2
journal-remote: add SupplementaryGroups to systemd-journal-upload.service
2016-01-22 09:56:54 +01:00
Daniel Mack
e813475097 Merge pull request #2332 from yuwata/journal-remote-tmpfiles-v2
journal-remote: tmpfiles.d/journal-remote.conf (v2)
2016-01-22 09:51:43 +01:00
Daniel Mack
371859d6b5 Merge pull request #2080 from chaloulo/split-mode-host-remove-port-from-journal-filename
journal-remote: split-mode=host, remove port from journal filename
2016-01-22 09:47:59 +01:00
Daniel Mack
07313a1826 Merge pull request #2409 from snakeroot/dropin-doc-2
man: describe precedence of drop-in .conf files over unit files
2016-01-22 09:10:13 +01:00
Daniel Mack
808abf0969 Merge pull request #2411 from ssahani/activate4
systemd-activate: Add support for datagram socket
2016-01-22 09:06:20 +01:00
Susant Sahani
530a071ab5 man: add man for systemd-activate datagram syntax 2016-01-22 09:42:54 +05:30
Susant Sahani
7b7afdfc07 systemd-activate: Add support for datagram sockets
core: Add flexible way to provide socket type
the socket type should be a diffrent argumet
in make_socket_fd . In this way we can set the socket
type like SOCK_STREAM SOCK_DGRAM in the address.

journal-remote: modify make_socket_fd
2016-01-22 09:41:44 +05:30
Douglas Christman
1e524ec6e2 systemctl: Allow 'edit' and 'cat' on unloaded units
Don't fail if the unit has a LoadError; otherwise `systemctl edit` cannot be
used to correct the error (e.g. multiple "ExecStart=" lines).

Remove file changed warning so cat output isn't interspersed with log messages.

Fixes #829
2016-01-21 18:22:55 -05:00
Chris Atkinson
0cf4c0d141 man: describe precedence of drop-in .conf files over unit files 2016-01-21 17:21:46 -05:00
Daniel Mack
dda65f56ff sysusers: use GID_FMT and UID_FMT instead of %d 2016-01-21 16:35:19 +01:00
Daniel Mack
e77435f2b0 Merge pull request #1359 from jengelh/ue
sysusers: help useless error message
2016-01-21 16:28:19 +01:00
Daniel Mack
390be1c86a Merge pull request #2071 from chaloulo/journal-upload-miss-logs
journal-upload : Ignore journal event when already in uploading state.
2016-01-21 16:23:46 +01:00
Lennart Poettering
bef33b6c0a Merge pull request #2401 from lnykryn/sysv-split-deps-v4
v4: sysv-generator: do not join dependencies on one line, split them
2016-01-21 13:16:47 +01:00
Lukas Nykryn
c584ffc0b7 sysv-generator: do not join dependencies on one line, split them
If there is a lot of initscripts and dependencies between them we might
end generating After= (and similar) lines which are longer then LINE_MAX
and thus rejected by parser in systemd.

Fixes #2099
2016-01-21 12:53:14 +01:00
Daniel Mack
9f3fda90a3 Merge pull request #2393 from evverx/ignore-test-dnssec-complex
.gitignore: add test-dnssec-complex
2016-01-21 11:52:01 +01:00
Daniel Mack
127a45c36f Merge pull request #2371 from evverx/add-valgrind-helper-for-daemon-reexec
core: add valgrind helper for daemon-reexec
2016-01-21 11:51:37 +01:00