1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2024-12-22 13:33:56 +03:00
systemd-stable/units
Lennart Poettering b30bf55d5c resolved: respond to local resolver requests on 127.0.0.53:53
In order to improve compatibility with local clients that speak DNS directly
(and do not use NSS or our bus API) listen locally on 127.0.0.53:53 and process
any queries made that way.

Note that resolved does not implement a full DNS server on this port, but
simply enough to allow normal, local clients to resolve RRs through resolved.
Specifically it does not implement queries without the RD bit set (these are
requests where recursive lookups are explicitly disabled), and neither queries
with DNSSEC DO set in combination with DNSSEC CD (i.e. DNSSEC lookups with
validation turned off). It also refuses zone transfers and obsolete RR types.
All lookups done this way will be rejected with a clean error code, so that the
client side can repeat the query with a reduced feature set.

The code will set the DNSSEC AD flag however, depending on whether the data
resolved has been validated (or comes from a local, trusted source).

Lookups made via this mechanisms are propagated to LLMNR and mDNS as necessary,
but this is only partially useful as DNS packets cannot carry IP scope data
(i.e. the ifindex), and hence link-local addresses returned cannot be used
properly (and given that LLMNR/mDNS are mostly about link-local communication
this is quite a limitation). Also, given that DNS tends to use IDNA for
non-ASCII names, while LLMNR/mDNS uses UTF-8 lookups cannot be mapped 1:1.

In general this should improve compatibility with clients bypassing NSS but
it is highly recommended for clients to instead use NSS or our native bus API.

This patch also beefs up the DnsStream logic, as it reuses the code for local
TCP listening. DnsStream now provides proper reference counting for its
objects.

In order to avoid feedback loops resolved will no silently ignore 127.0.0.53
specified as DNS server when reading configuration.

resolved listens on 127.0.0.53:53 instead of 127.0.0.1:53 in order to leave
the latter free for local, external DNS servers or forwarders.

This also changes the "etc.conf" tmpfiles snippet to create a symlink from
/etc/resolv.conf to /usr/lib/systemd/resolv.conf by default, thus making this
stub the default mode of operation if /etc is not populated.
2016-06-21 14:15:23 +02:00
..
user remove bus-proxyd 2016-02-12 19:10:01 +01:00
.gitignore Remove systemd-bootchart 2016-02-23 13:30:09 +01:00
basic.target Merge pull request #2565 from poettering/fix-2315 2016-02-09 19:13:15 -05:00
bluetooth.target units: introduce new Documentation= field and make use of it everywhere 2012-05-21 15:14:51 +02:00
busnames.target units: install busnames.target by default 2013-12-03 01:18:26 +01:00
console-getty.service.m4.in console-getty.service: don't start when /dev/console is missing 2015-03-17 12:40:56 +01:00
console-shell.service.m4.in units: don't fail if /root doesn't exist for shell units 2016-01-17 20:47:46 +01:00
container-getty@.service.m4.in units: fix all TTY paths for container gettys 2015-01-27 14:31:44 +01:00
cryptsetup-pre.target cryptsetup: introduce new cryptsetup-pre.traget unit so that services can make sure they are started before and stopped after any LUKS setup 2014-06-18 00:09:46 +02:00
cryptsetup.target units: introduce new Documentation= field and make use of it everywhere 2012-05-21 15:14:51 +02:00
debug-shell.service.in debug-shell: add condition for tty device to run on 2014-06-12 22:26:43 +02:00
dev-hugepages.mount units: skip mounting /dev/hugepages if we don't have CAP_SYS_ADMIN 2014-12-04 02:43:02 +01:00
dev-mqueue.mount units: don't try to mount the mqueue fs if we lack the privileges for it 2016-02-11 02:45:11 +00:00
emergency.service.in Stop syslog.socket when entering emergency mode (#3130) 2016-04-27 10:34:24 +02:00
emergency.target units: introduce new Documentation= field and make use of it everywhere 2012-05-21 15:14:51 +02:00
exit.target containers: systemd exits with non-zero code 2015-09-21 17:32:45 +02:00
final.target units: introduce new Documentation= field and make use of it everywhere 2012-05-21 15:14:51 +02:00
getty.target unit: link up getty configuration from man page and unit files 2012-11-20 20:10:30 +01:00
getty@.service.m4 install: introduce new DefaultInstance= field for [Install] sections 2014-06-17 02:43:43 +02:00
graphical.target units: make graphical.target dependencies more complete and similar to those of multi-user.target 2014-12-29 17:00:05 +01:00
halt-local.service.in build-sys: make rc-local support part of SYSV compat 2013-01-04 23:26:20 +01:00
halt.target units: rename halt/hibernate/kexec/poweroff/reboot/suspend to systed-xxx 2012-06-25 14:28:50 +02:00
hibernate.target unit: rename BindTo= to BindsTo= 2012-07-13 23:34:40 +02:00
hybrid-sleep.target logind: support for hybrid sleep (i.e. suspend+hibernate at the same time) 2012-10-28 00:50:35 +02:00
initrd-cleanup.service.in core: replace OnFailureIsolate= setting by a more generic OnFailureJobMode= setting and make use of it where applicable 2013-11-26 02:26:31 +01:00
initrd-fs.target core: replace OnFailureIsolate= setting by a more generic OnFailureJobMode= setting and make use of it where applicable 2013-11-26 02:26:31 +01:00
initrd-parse-etc.service.in initrd-parse-etc.service: ignore return code of daemon-reload 2014-09-03 13:28:31 +02:00
initrd-root-device.target Create initrd-root-device.target synchronization point (#3239) 2016-05-12 18:42:39 +02:00
initrd-root-fs.target core: replace OnFailureIsolate= setting by a more generic OnFailureJobMode= setting and make use of it where applicable 2013-11-26 02:26:31 +01:00
initrd-switch-root.service.in core: replace OnFailureIsolate= setting by a more generic OnFailureJobMode= setting and make use of it where applicable 2013-11-26 02:26:31 +01:00
initrd-switch-root.target Make initrd.target the default target in the initrd 2013-03-15 00:49:37 +01:00
initrd-udevadm-cleanup-db.service.in Move udevadm to rootbindir 2013-03-11 07:18:33 +01:00
initrd.target Create initrd-root-device.target synchronization point (#3239) 2016-05-12 18:42:39 +02:00
kexec.target units: rename halt/hibernate/kexec/poweroff/reboot/suspend to systed-xxx 2012-06-25 14:28:50 +02:00
kmod-static-nodes.service.in kmod-static-nodes: don't run if module list is empty 2016-01-11 16:26:17 +01:00
ldconfig.service units: restore ConditionNeesUpdate=/etc in ldconfig.service (#3311) 2016-05-21 17:09:18 -04:00
local-fs-pre.target units: disallow manual starting of passive units 2013-03-26 15:15:39 +01:00
local-fs.target units: local-fs.target - don't pull in default dependencies 2014-06-29 16:20:33 +02:00
machine.slice logind: add infrastructure to keep track of machines, and move to slices 2013-06-20 03:49:59 +02:00
machines.target units: rework systemd-nspawn@.service unit 2014-12-29 17:00:05 +01:00
Makefile build-sys: add small redirecting Makefiles to simplify compilation from within emacs 2010-05-17 01:44:03 +02:00
multi-user.target units: drop [Install] section from multi-user.target and graphical.target 2014-01-17 20:27:35 +01:00
network-online.target units: order network-online.target after network.target 2014-06-11 15:00:45 +02:00
network-pre.target units: introduce network-pre.target as place to hook in firewalls 2014-06-11 12:14:55 +02:00
network.target units: introduce network-pre.target as place to hook in firewalls 2014-06-11 12:14:55 +02:00
nss-lookup.target units: disallow manual starting of passive units 2013-03-26 15:15:39 +01:00
nss-user-lookup.target units: disallow manual starting of passive units 2013-03-26 15:15:39 +01:00
org.freedesktop.hostname1.busname units: remove "AllowUser=root own", the bus owner can always own names 2014-03-08 19:38:06 +01:00
org.freedesktop.import1.busname import: introduce new mini-daemon systemd-importd, and make machinectl a client to it 2015-01-22 04:02:07 +01:00
org.freedesktop.locale1.busname units: remove "AllowUser=root own", the bus owner can always own names 2014-03-08 19:38:06 +01:00
org.freedesktop.login1.busname units: remove "AllowUser=root own", the bus owner can always own names 2014-03-08 19:38:06 +01:00
org.freedesktop.machine1.busname units: remove "AllowUser=root own", the bus owner can always own names 2014-03-08 19:38:06 +01:00
org.freedesktop.network1.busname units: networkd - fix busname to work on kdbus 2015-02-06 12:12:13 +01:00
org.freedesktop.resolve1.busname units: make resolved pull in its own .busname unit, but only on kdbus systems 2015-01-07 23:44:08 +01:00
org.freedesktop.systemd1.busname units: improve Description= for systemd's own busname unit 2015-01-07 23:44:08 +01:00
org.freedesktop.timedate1.busname units: remove "AllowUser=root own", the bus owner can always own names 2014-03-08 19:38:06 +01:00
paths.target units: introduce new timers.target and paths.target to hook timer/path units into for boot 2013-03-25 21:28:30 +01:00
poweroff.target units: restore job timeouts for poweroff and reboot 2014-11-06 08:17:45 -05:00
printer.target units: introduce new Documentation= field and make use of it everywhere 2012-05-21 15:14:51 +02:00
proc-sys-fs-binfmt_misc.automount units: add reference to new wiki page to all api mount units 2013-01-15 18:14:13 +01:00
proc-sys-fs-binfmt_misc.mount units: add reference to new wiki page to all api mount units 2013-01-15 18:14:13 +01:00
quotaon.service.in readahead: wipe out readahead 2014-09-25 16:39:18 +02:00
rc-local.service.in units: Add "GuessMainPID=no" to compatibility unit for rc-local (#3018) 2016-04-21 19:16:28 +02:00
reboot.target units: restore job timeouts for poweroff and reboot 2014-11-06 08:17:45 -05:00
remote-fs-pre.target units: disallow manual starting of passive units 2013-03-26 15:15:39 +01:00
remote-fs.target filesystem targets: disable default dependencies 2013-09-11 14:40:58 +02:00
rescue.service.in units: wait for plymouth to shut down in rescue.sevice (#3367) 2016-06-01 11:52:35 +02:00
rescue.target rescue: don't pull in sockets 2012-05-22 16:12:25 +02:00
rpcbind.target units: disallow manual starting of passive units 2013-03-26 15:15:39 +01:00
serial-getty@.service.m4 units/serial-getty@.service: use the default RestartSec 2014-07-15 23:51:10 -04:00
shutdown.target units: introduce new Documentation= field and make use of it everywhere 2012-05-21 15:14:51 +02:00
sigpwr.target units: introduce new Documentation= field and make use of it everywhere 2012-05-21 15:14:51 +02:00
sleep.target units: stop sleep.target when it has done its job 2012-06-25 12:01:09 +02:00
slices.target core: general cgroup rework 2013-06-27 04:17:34 +02:00
smartcard.target units: introduce new Documentation= field and make use of it everywhere 2012-05-21 15:14:51 +02:00
sockets.target units: introduce new Documentation= field and make use of it everywhere 2012-05-21 15:14:51 +02:00
sound.target units: introduce new Documentation= field and make use of it everywhere 2012-05-21 15:14:51 +02:00
suspend.target unit: rename BindTo= to BindsTo= 2012-07-13 23:34:40 +02:00
swap.target units: introduce new Documentation= field and make use of it everywhere 2012-05-21 15:14:51 +02:00
sys-fs-fuse-connections.mount units: don't try to mount the FUSE fs if we lack the privileges for it 2016-02-10 23:42:39 +01:00
sys-kernel-config.mount units: conditionalize configfs and debugfs with CAP_SYS_RAWIO 2014-07-04 03:24:42 +02:00
sys-kernel-debug.mount units: conditionalize configfs and debugfs with CAP_SYS_RAWIO 2014-07-04 03:24:42 +02:00
sysinit.target units: remove RefuseManualStart from units which are always around 2014-06-28 00:06:30 -04:00
syslog.socket service: ignore dependencies on $syslog and $local_fs in LSB scripts 2013-01-16 21:34:09 +01:00
system-update.target readahead: wipe out readahead 2014-09-25 16:39:18 +02:00
system.slice units: fix system.slice to require -.slice, instead of just want it 2015-11-11 16:04:16 +01:00
systemd-ask-password-console.path units: introduce new timers.target and paths.target to hook timer/path units into for boot 2013-03-25 21:28:30 +01:00
systemd-ask-password-console.service.in units: run systemd-ask-password-console.service after systemd-vconsole-setup.service 2013-03-06 15:39:37 +01:00
systemd-ask-password-wall.path units: introduce new timers.target and paths.target to hook timer/path units into for boot 2013-03-25 21:28:30 +01:00
systemd-ask-password-wall.service.in units: automatically respawn the core services 2012-06-28 12:18:04 +02:00
systemd-backlight@.service.in units: so far we defaulted to 90s as default timeout for most things, let's do so for our oneshot services too 2015-02-02 21:34:32 +01:00
systemd-binfmt.service.in units: specify timeouts for more oneshot services 2015-04-28 08:52:17 -04:00
systemd-coredump.socket coredump: rework coredumping logic 2016-02-10 16:08:32 +01:00
systemd-coredump@.service.in coredump: rework coredumping logic 2016-02-10 16:08:32 +01:00
systemd-exit.service.in containers: systemd exits with non-zero code 2015-09-21 17:32:45 +02:00
systemd-firstboot.service.in units: run firstboot before sysusers, so that firstboot can initialize the root password 2014-10-23 01:24:59 +02:00
systemd-fsck-root.service.in fsck: remove fsckd again, but keep the door open for external replacement 2015-04-28 17:30:00 +02:00
systemd-fsck@.service.in units: make sure that fsck is executed before quotacheck 2016-05-10 14:10:17 +02:00
systemd-halt.service.in man: document systemd-halt.service and friends 2012-06-26 17:50:29 +02:00
systemd-hibernate-resume@.service.in systemd-hibernate-resume@.service: remove unnecessary ordering 2014-10-09 23:53:15 -04:00
systemd-hibernate.service.in man: document systemd-suspend.service 2012-06-26 17:33:11 +02:00
systemd-hostnamed.service.in units: tighten system call filters a bit 2016-06-13 16:25:54 +02:00
systemd-hwdb-update.service.in Revert "hwdb: actually search /run/udev/hwdb.d" 2015-06-09 11:26:06 +02:00
systemd-hybrid-sleep.service.in logind: support for hybrid sleep (i.e. suspend+hibernate at the same time) 2012-10-28 00:50:35 +02:00
systemd-importd.service.in units: tighten system call filters a bit 2016-06-13 16:25:54 +02:00
systemd-initctl.service.in man: document systemd-initctl 2012-06-26 00:15:59 +02:00
systemd-initctl.socket initctl: move /dev/initctl fifo into /run, replace it by symlink 2014-06-04 16:53:58 +02:00
systemd-journal-catalog-update.service.in units: so far we defaulted to 90s as default timeout for most things, let's do so for our oneshot services too 2015-02-02 21:34:32 +01:00
systemd-journal-flush.service.in units: so far we defaulted to 90s as default timeout for most things, let's do so for our oneshot services too 2015-02-02 21:34:32 +01:00
systemd-journal-gatewayd.service.in journal-remote: add documents in the unit files 2015-12-15 10:51:12 +09:00
systemd-journal-gatewayd.socket journal-remote: add documents in the unit files 2015-12-15 10:51:12 +09:00
systemd-journal-remote.service.in journal-remote: add documents in the unit files 2015-12-15 10:51:12 +09:00
systemd-journal-remote.socket journal-remote: add units and read certs from default locations 2014-07-15 22:23:49 -04:00
systemd-journal-upload.service.in journal-remote: add SupplementaryGroups to systemd-journal-upload.service 2016-01-15 15:25:36 +09:00
systemd-journald-audit.socket units: conditionalize audit multicast socket on CAP_AUDIT_READ 2015-05-20 17:40:05 +02:00
systemd-journald-dev-log.socket journald: also increase the SendBuffer of /dev/log to 8M 2014-08-13 18:53:05 +02:00
systemd-journald.service.in units: tighten system call filters a bit 2016-06-13 16:25:54 +02:00
systemd-journald.socket journald: move /dev/log socket to /run 2014-06-04 16:53:58 +02:00
systemd-kexec.service.in man: document systemd-halt.service and friends 2012-06-26 17:50:29 +02:00
systemd-localed.service.in units: tighten system call filters a bit 2016-06-13 16:25:54 +02:00
systemd-logind.service.in units: tighten system call filters a bit 2016-06-13 16:25:54 +02:00
systemd-machine-id-commit.service.in machine-id-commit: merge machine-id-commit functionality into machine-id-setup 2015-09-29 21:55:51 +02:00
systemd-machined.service.in units: tighten system call filters a bit 2016-06-13 16:25:54 +02:00
systemd-modules-load.service.in units: specify timeouts for more oneshot services 2015-04-28 08:52:17 -04:00
systemd-networkd-wait-online.service.in units: networkd - don't order wait-online.service before network.target 2014-06-30 13:06:33 +02:00
systemd-networkd.service.m4.in units: tighten system call filters a bit 2016-06-13 16:25:54 +02:00
systemd-networkd.socket networkd: route - track routes 2015-10-30 12:32:48 +01:00
systemd-nspawn@.service.in units: turn on user namespace by default in systemd-nspawn@.service 2016-04-25 12:16:03 +02:00
systemd-poweroff.service.in man: document systemd-halt.service and friends 2012-06-26 17:50:29 +02:00
systemd-quotacheck.service.in readahead: wipe out readahead 2014-09-25 16:39:18 +02:00
systemd-random-seed.service.in units: specify timeouts for more oneshot services 2015-04-28 08:52:17 -04:00
systemd-reboot.service.in man: document systemd-halt.service and friends 2012-06-26 17:50:29 +02:00
systemd-remount-fs.service.in readahead: wipe out readahead 2014-09-25 16:39:18 +02:00
systemd-resolved.service.m4.in resolved: respond to local resolver requests on 127.0.0.53:53 2016-06-21 14:15:23 +02:00
systemd-rfkill.service.in rfkill: rework and make it listen on /dev/rfkill 2015-10-01 16:21:09 +02:00
systemd-rfkill.socket rfkill: rework and make it listen on /dev/rfkill 2015-10-01 16:21:09 +02:00
systemd-suspend.service.in man: document systemd-suspend.service 2012-06-26 17:33:11 +02:00
systemd-sysctl.service.in units: specify timeouts for more oneshot services 2015-04-28 08:52:17 -04:00
systemd-sysusers.service.in units: specify timeouts for more oneshot services 2015-04-28 08:52:17 -04:00
systemd-timedated.service.in units: tighten system call filters a bit 2016-06-13 16:25:54 +02:00
systemd-timesyncd.service.in units: tighten system call filters a bit 2016-06-13 16:25:54 +02:00
systemd-tmpfiles-clean.service.in readahead: wipe out readahead 2014-09-25 16:39:18 +02:00
systemd-tmpfiles-clean.timer man: link systemd-tmpfiles-setup-dev.service 2013-04-23 12:55:44 +02:00
systemd-tmpfiles-setup-dev.service.in units: tmpfiles-setup-dev - allow unsafe file creation to happen in /dev at boot 2014-10-27 17:40:24 +01:00
systemd-tmpfiles-setup.service.in readahead: wipe out readahead 2014-09-25 16:39:18 +02:00
systemd-udev-settle.service.in udev: replace CAP_MKNOD by writable /sys condition 2013-08-17 19:07:42 +02:00
systemd-udev-trigger.service.in units: move After=systemd-hwdb-update.service dependency from udev to udev-trigger 2015-04-03 14:27:16 +02:00
systemd-udevd-control.socket udev: replace CAP_MKNOD by writable /sys condition 2013-08-17 19:07:42 +02:00
systemd-udevd-kernel.socket units: make ReceiveBuffer= line more readable by using M suffix 2014-11-03 21:51:28 +01:00
systemd-udevd.service.in units: increase watchdog timeout to 3min for all our services 2015-09-29 21:55:51 +02:00
systemd-update-done.service.in readahead: wipe out readahead 2014-09-25 16:39:18 +02:00
systemd-update-utmp-runlevel.service.in utmp: turn systemd-update-utmp-shutdown.service into a normal runtime service 2013-05-16 00:19:03 +02:00
systemd-update-utmp.service.in readahead: wipe out readahead 2014-09-25 16:39:18 +02:00
systemd-user-sessions.service.in units: order systemd-user-sessions.service after network.target 2016-04-22 16:17:00 +02:00
systemd-vconsole-setup.service.in readahead: wipe out readahead 2014-09-25 16:39:18 +02:00
time-sync.target units: time-sync.target probably makes sense, is not just sysv compat 2014-06-11 12:14:55 +02:00
timers.target unit: do not order timers.target before basic.target 2014-11-02 12:33:54 -05:00
tmp.mount.m4 tmp.mount.hm4: After swap.target (#3087) 2016-04-22 14:21:30 +02:00
umount.target units: introduce new Documentation= field and make use of it everywhere 2012-05-21 15:14:51 +02:00
user.slice logind: add infrastructure to keep track of machines, and move to slices 2013-06-20 03:49:59 +02:00
user@.service.m4.in Set user@.service TasksMax=infinity 2015-11-22 23:05:23 +01:00
var-lib-machines.mount units: add missing unit file 2015-02-24 18:46:49 +01:00
x-.slice build-sys: work around automake issue with files with a leading '-' 2013-07-02 23:15:49 -04:00