shaba/systemd-stable
1
1
Fork 0
mirror of https://github.com/systemd/systemd-stable.git synced 2025-01-10 01:17:44 +03:00
Code
24,655 Commits 36 Branches 656 Tags 226 MiB
eb86030ec0
Commit Graph

24655 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Lennart Poettering
eb86030ec0 sd-journal: add an API to enumerate known field names of the journal 
This adds two new calls to get the list of all journal fields names currently in use.

This is the low-level support to implement the feature requested in #2176 in a more optimized way.
 2016-02-01 22:42:33 +01:00
Lennart Poettering
b72190e90f Merge pull request #2505 from torstehu/fix-typo4 
Fix typos and a small build fix
 2016-02-01 22:09:54 +01:00
Torstein Husebø
fa9e9f72b9 resolve: Silence build warning, when systemd is built without libidn 
HAVE_IDN is not defined when systemd is build without it
 2016-02-01 21:10:03 +01:00
Torstein Husebø
e94968ba72 resolve: fix typos 2016-02-01 21:08:00 +01:00
Lennart Poettering
fd04bba0e8 Merge pull request #2491 from martinpitt/master 
tmpfiles: drop /run/lock/lockdev
 2016-02-01 18:27:51 +01:00
Martin Pitt
61f32bff61 tmpfiles: drop /run/lock/lockdev 
Hardly any software uses that any more, and better locking mechanisms like
flock() have been available for many years.

Also drop the corresponding "lock" group from sysusers.d/basic.conf.in, as
nothing else is using this.
 2016-02-01 12:16:24 +01:00
Lennart Poettering
f3ade27e68 Merge pull request #2497 from jsynacek/bootoffset-runtime-v4 
Expose additional booleans in sd_journal and improve error messages in journalctl
 2016-02-01 12:02:53 +01:00
Jan Synacek
c34e939909 journalctl: improve error messages when the specified boot is not found 2016-02-01 11:59:33 +01:00
Jan Synacek
0f1a9a830c journalctl: show friendly info when using -b on runtime journal only 
Make it clear that specifing boot when there is actually only one has no
effect. This cosmetic patch improves user experience a bit.
 2016-02-01 11:59:33 +01:00
Jan Synacek
39fd5b08a7 sd-journal: introduce has_runtime_files and has_persistent_files 
Also introduce sd_journal_has_runtime_files() and
sd_journal_has_persistent_files() to the public API. These functions
can be used to easily find out if the open journal files are runtime
and/or persistent.
 2016-02-01 11:59:27 +01:00
Lennart Poettering
c248c80dfd Merge pull request #2481 from xnox/pretty-ccw 
udev: net_id - for ccw bus, shorten the identifier and stip leading z…
 2016-02-01 11:39:11 +01:00
Lennart Poettering
da21f8743a Merge pull request #2493 from evverx/fix-selinux-checks 
Fix selinux check for ReloadUnit
 2016-02-01 11:34:56 +01:00
Lennart Poettering
a6c5361bb1 Merge pull request #2494 from michaelolbrich/resolved-without-gcrypt 
Resolved without gcrypt
 2016-02-01 11:05:45 +01:00
Zbigniew Jędrzejewski-Szmek
c25bf528a1 Merge pull request #2496 from whot/hwdb-updates 
hwdb: add Samsung 305V4A axis resolutions
 2016-01-31 22:08:25 -05:00
Peter Hutterer
d9a03677a5 hwdb: add Samsung 305V4A axis resolutions 
From https://bugzilla.redhat.com/show_bug.cgi?id=1294022
 2016-02-01 12:50:43 +10:00
Michael Olbrich
4709152273 resolved: allow building without libgcrypt 2016-01-31 23:54:12 +01:00
Michael Olbrich
421cc89d30 resolved: make dnssec_nsec_test_enclosed() static 
It's not used anywhere else.
 2016-01-31 23:54:12 +01:00
Michael Olbrich
dbf0b8a281 resolved: reorder functions 
Preparation to make gcrypt optional.
 2016-01-31 23:54:12 +01:00
Evgeny Vereshchagin
f596e00f32 core: let's check access before type modification 2016-01-31 14:23:46 +00:00
Evgeny Vereshchagin
94bd732348 core: refactoring: add job_type_to_access_method 
remove duplication
 2016-01-31 14:23:46 +00:00
Evgeny Vereshchagin
61ea63f1ab core: fix selinux check for reload 
Fixes:
-bash-4.3# echo 1 >/sys/fs/selinux/enforce
-bash-4.3# runcon -t systemd_test_start_t systemctl start hola

-bash-4.3# sesearch --allow -s systemd_test_reload_t -c service
Found 1 semantic av rules:
   allow systemd_test_reload_t systemd_unit_file_t : service reload ;

-bash-4.3# runcon -t systemd_test_reload_t systemctl reload hola
Failed to reload hola.service: Access denied
See system logs and 'systemctl status hola.service' for details.

-bash-4.3# journalctl -b | grep -i user_avc | grep reload
USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0
msg='
avc:  denied  { start } for auid=0 uid=0 gid=0 path="/etc/systemd/system/hola.service" cmdline="systemctl reload hola"
scontext=unconfined_u:unconfined_r:systemd_test_reload_t:s0-s0:c0.c1023
tcontext=system_u:object_r:systemd_unit_file_t:s0
tclass=service

See
https://fedoraproject.org/wiki/Features/SELinuxSystemdAccessControl#Documentation
 2016-01-31 14:19:15 +00:00
Lennart Poettering
09ce74e196 Merge pull request #2487 from msekletar/bootctl-foreach-dirent 
bootctl: replace readdir() loops with FOREACH_DIRENT
 2016-01-31 14:57:20 +01:00
Evgeny Vereshchagin
5c7290b195 tests: add test-selinux-checks 2016-01-31 09:02:51 +00:00
Michal Sekletar
e41256dcec bootctl: replace readdir() loops with FOREACH_DIRENT 2016-01-31 09:44:53 +01:00
Lennart Poettering
dcabda4155 Merge pull request #2469 from keszybz/resolved-2 
Resolved 2
 2016-01-30 15:04:56 +01:00
Zbigniew Jędrzejewski-Szmek
132bdb0cf8 Merge pull request #2478 from grawity/fix/touch-mode 
basic: fix touch() creating files with 07777 mode
 2016-01-29 21:19:21 -05:00
Mantas Mikulėnas
06eeacb6fe basic: fix touch() creating files with 07777 mode 
mode_t is unsigned, so MODE_INVALID < 0 can never be true.

This fixes a possible DoS where any user could fill /run by writing to
a world-writable /run/systemd/show-status.
 2016-01-29 23:41:09 +02:00
Zbigniew Jędrzejewski-Szmek
c542f805dd man: reword sentence 2016-01-29 12:24:15 -05:00
Zbigniew Jędrzejewski-Szmek
e3309036cd resolved: log server type when switching servers 
I'm not defining _DNS_SERVER_TYPE_MAX/INVALID as usual in the enum,
because it wouldn't be used, and then gcc would complain that
various enums don't test for _DNS_SERVER_TYPE_MAX. It seems better
to define the macro rather than add assert_not_reached() in multiple
places.
 2016-01-29 12:24:15 -05:00
Zbigniew Jędrzejewski-Szmek
a43a068a30 resolved: add macro to compare sized fields 
For consistency, generic.size is renamed to generic.data_size.

nsec3.next_hashed_name comparison was missing a size check.
 2016-01-29 12:24:14 -05:00
Zbigniew Jędrzejewski-Szmek
ba82da3bb5 resolve-host: add option to list protocols 2016-01-29 12:13:08 -05:00
Zbigniew Jędrzejewski-Szmek
869b3b67e3 resolve-host: allow specifying type as TYPEnn 
This mirrors the behaviour of host and makes the conversion to and from
string symmetrical.
 2016-01-29 12:13:08 -05:00
Zbigniew Jędrzejewski-Szmek
f3367a64ca test-tables: ellide boring parts of sparse mappings 2016-01-29 12:13:08 -05:00
Zbigniew Jędrzejewski-Szmek
c7472ce088 test-resolve-tables: new "test", useful to print mappings 2016-01-29 12:13:08 -05:00
Zbigniew Jędrzejewski-Szmek
fc8eec10f6 resolved: calculate and print tags for DNSKEY records 2016-01-29 12:13:06 -05:00
Dimitri John Ledkov
0037a669ac udev: net_id - for ccw bus, shorten the identifier and stip leading zeros 
The commmon case default qeth link is enccw0.0.0600 is rather long.

Thus strip leading zeros (which doesn't make the bus_id unstable),
similar to the PCI domain case.

Also 'ccw' is redundant on S/390, as there aren't really other buses
available which could have qeth driver interfaces. Not sure why this
code is even compiled on non-s390[x] platforms. But to distinguish from
e.g. MAC stable names shorten the suffix to just 'c'.

Thus enccw0.0.0600 becomes enc600.
 2016-01-29 17:54:30 +01:00
Martin Pitt
7d82cd4d53 Merge pull request #2474 from poettering/doc-fix-2189 
man: document special considerations when mixing templated service un…
 2016-01-29 16:53:13 +01:00
Lennart Poettering
ae0a5fb1e1 man: document special considerations when mixing templated service units and DefaultDependencies=no 
Fixes #2189.
 2016-01-29 16:50:50 +01:00
Daniel Mack
0e3a930a60 Merge pull request #2465 from poettering/systemctl-chroot 
Fix for #2015
 2016-01-29 16:04:03 +01:00
Daniel Mack
e0d2df39b1 Merge pull request #2472 from poettering/mini-fixes 
Two mini fixes
 2016-01-29 15:51:16 +01:00
Lennart Poettering
d152dd467a systemctl: actually honour the try-reload-or-restart verb aabf5d4243 promised 
The verb entry got lost in the ultimate commit.
 2016-01-29 15:49:05 +01:00
Lennart Poettering
1e726cc963 systemctl: make most systemctl commands NOPs in a chroot() environment 
Fixes #2015
 2016-01-29 15:49:05 +01:00
Lennart Poettering
040524b4a3 systemctl: consider a chroot() environment always offline 2016-01-29 15:16:56 +01:00
Lennart Poettering
a16f96cd56 basic: when parsing verb command lines, optionally shortcut them in chroot() environments 
This adds some basic infrastructure in order to fix #2015.
 2016-01-29 15:16:56 +01:00
Lennart Poettering
6c033c3496 man: document which section the configuration settings of timesyncd.conf belong into 2016-01-29 14:53:05 +01:00
Lennart Poettering
dbc7bede4a man: actually say which section resolv.conf's setting should be placed in 2016-01-29 14:53:01 +01:00
Lennart Poettering
6c38b6c04e build-sys: install systemd-resolve in /usr/bin 
The command has a man page now and is public, hence add it to /usr/bin.
 2016-01-29 14:45:41 +01:00
Zbigniew Jędrzejewski-Szmek
a5a5f03382 Merge pull request #2466 from poettering/nspawn-journal 
Two small nspawn fixes
 2016-01-28 19:32:48 -05:00
Zbigniew Jędrzejewski-Szmek
2bc968b748 Merge pull request #2464 from poettering/reload-or-try-restart 
Fix for #688
 2016-01-28 19:11:30 -05:00
Zbigniew Jędrzejewski-Szmek
99e5ca6d8b resolved: expand flags field in DNSKEY records 2016-01-28 18:35:02 -05:00