1
0
mirror of https://github.com/systemd/systemd.git synced 2024-11-14 15:21:37 +03:00
Commit Graph

21606 Commits

Author SHA1 Message Date
Lennart Poettering
4e5c1db95d Merge pull request #362 from d-hatayama/fix_selinux_unit_check_v2
selinux: fix missing SELinux unit access check
2015-07-28 01:44:18 +02:00
Daniel Mack
8baebe85cc Merge pull request #748 from teg/dns-name-between-4
basic: dns-name - between()
2015-07-28 00:40:15 +02:00
Daniel Mack
77cc990db9 Merge pull request #739 from intelfx/systemd-analyze-plot-user-instance
analyze: correctly draw the plot for user instances.
2015-07-28 00:28:19 +02:00
Ivan Shapovalov
06bef033be analyze: correctly draw the plot for user instances
Start-up timestamp of a user instance (userspace_time in struct boot_times)
actually may be arbitrarily big. This, because all timestamps are offset by
that value, leads to creation of arbitrarily wide SVGs which almost completely
consist of blank space.

Fix this by inverse-offsetting all timestamps by that value if user instance
operation is requested.

Fixes #740.
2015-07-28 01:16:24 +03:00
Tom Gundersen
510cc5ae08 TODO 2015-07-28 00:07:32 +02:00
Tom Gundersen
ae72b22c40 shared: dns-name - add dns_name_between()
Given three DNS names this function indicates if the second argument lies
strictly between the first and the third according to the canonical DNS
name order. Note that the order is circular, so the last name is
considered to be before the first.
2015-07-28 00:07:32 +02:00
Tom Gundersen
5dfd7011ba shared: dns-name - use the canonical dns name ordering
The canonical DNS name ordering considers the rightmost label the most significant,
we were considering it the least significant. This is important when implementing
NSEC, which relies on the correct order.
2015-07-28 00:07:32 +02:00
Tom Gundersen
642900d3fa shared: dns-name - introduce dns_label_unescape_suffix()
Intended to be called repeatedly, and returns then successive unescaped labels
from the most to the least significant (left to right).

This is slightly inefficient as it scans the string three times (two would be
sufficient): once to find the end of the string, once to find the beginning
of each label and lastly once to do the actual unescaping. The latter two
could be done in one go, but that seemed unnecessarily convoluted.
2015-07-28 00:07:31 +02:00
Ivan Shapovalov
29b8b5ce87 analyze: move acquire_boot_times() above acquire_time_data()
Next patch will make the latter call into the former.
2015-07-28 01:01:10 +03:00
Daniel Mack
37d54b938f NEWS: follow VNetHeader rename
VnetHeader was renamed to VNetHeader just now. Update NEWS accordingly.
2015-07-27 21:34:28 +02:00
Daniel Mack
3992bee819 Merge pull request #744 from poettering/vnethdr-fix
networkd: capitalize VNetHeader= as VnetHeader=
2015-07-27 21:34:11 +02:00
Lennart Poettering
1a4d7691e3 Merge pull request #746 from teg/resolved-connect-udp
resolved: UDP fixes
2015-07-27 21:16:27 +02:00
Tom Gundersen
75c0cab158 util: base32hex - explain distinction with base32 2015-07-27 20:34:47 +02:00
Tom Gundersen
c73ee39d10 resolved: transaction - don't explicitly verify packet source
This is handled by the kernel now that the socket is connect()ed.
2015-07-27 20:34:28 +02:00
Tom Gundersen
088480faf1 resolved: transaction - don't unref server when creating TCP socket
This was a bug.
2015-07-27 20:34:15 +02:00
Tom Gundersen
72290734be resolved: scope - write() unicast DNS packets
As we have connect()ed to the desired DNS server, we no longer need to pass
control messages manually when sending packets. Simplify the logic accordingly.
2015-07-27 20:32:24 +02:00
Tom Gundersen
471d40d92f resolved: transaction - introduce dns_transaction_emit()
This function emits the UDP packet via the scope, but first it will
determine the current server (and connect to it) and store the
server in the transaction.

This should not change the behavior, but simplifies the code.
2015-07-27 20:30:54 +02:00
Lennart Poettering
2aba142edd networkd: capitalize VNetHeader= as VnetHeader=
Even when we use shortened, combined words, we still should uppercase
where a new word starts. I couldn't find a canonically capitalized
version of this term, hence I think we should follow our naming rules
here.
2015-07-27 20:24:31 +02:00
Tom Gundersen
c19ffd9fbf resolved: transaction - move a couple of functions
No functional change, but makes follow-up patch clearer.
2015-07-27 20:18:43 +02:00
David Herrmann
d537694a98 terminal: drop unfinished code
This drops the libsystemd-terminal and systemd-consoled code for various
reasons:

 * It's been sitting there unfinished for over a year now and won't get
   finished any time soon.

 * Since its initial creation, several parts need significant rework: The
   input handling should be replaced with the now commonly used libinput,
   the drm accessors should coordinate the handling of mode-object
   hotplugging (including split connectors) with other DRM users, and the
   internal library users should be converted to sd-device and friends.

 * There is still significant kernel work required before sd-console is
   really useful. This includes, but is not limited to, simpledrm and
   drmlog.

 * The authority daemon is needed before all this code can be used for
   real. And this will definitely take a lot more time to get done as
   no-one else is currently working on this, but me.

 * kdbus maintenance has taken up way more time than I thought and it has
   much higher priority. I don't see me spending much time on the
   terminal code in the near future.

If anyone intends to hack on this, please feel free to contact me. I'll
gladly help you out with any issues. Once kdbus and authorityd are
finished (whenever that will be..) I'll definitely pick this up again. But
until then, lets reduce compile times and maintenance efforts on this code
and drop it for now.
2015-07-27 20:15:34 +02:00
Tom Gundersen
0db643664c resolved: transaction - move DNS UDP socket creation to the scope
With access to the server when creating the socket, we can connect()
to the server and hence simplify message sending and receiving in
follow-up patches.
2015-07-27 20:13:11 +02:00
Tom Gundersen
647f6aa8fc resolved: transaction - close socket when changing server
Close the socket when changing the server in a transaction, in
order for it to be reopened with the right server when we send
the next packet.

This fixes a regression where we could get stuck with a failing
server.
2015-07-27 20:01:07 +02:00
Tom Gundersen
86ad4cd709 resolved: transaction - don't request PKTINFO for unicast DNS
This was only ever used by LLMNR, so don't request this for unicast DNS packets.
2015-07-27 19:56:45 +02:00
Tom Gundersen
0eb99d0a6a resloved: transaction - unify IPv4 and IPv6 sockets
A transaction can only have one socket at a time, so no need to distinguish these.
2015-07-27 19:52:48 +02:00
David Herrmann
2d5c8a2756 sd-bus: fix path of object-manager signals
Each signal of the ObjectManager interface carries the path of the object
in question as an argument. Therefore, a caller will deduce the object
this signal is generated for, by parsing the _argument_. A caller will
*not* use the object-path of the message itself (i.e., message->path).
This is done on purpose, so the caller can rely on message->path to be
the path of the actual object-manager that generated this signal, instead
of the path of the object that triggered this signal.

This commit fixes all InterfacesAdded/Removed signals to use the path of
the closest object-manager as message->path. 'closest' in this case means
closest parent with at least one object-manager registered.

This fix raises the question what happens if we stack object-managers in
a hierarchy. Two implementations are possible: First, we report each
object only on the nearest object-manager. Second, we report it on each
parent object-manager. This patch chooses the former. This is compatible
with other existing ObjectManager implementations, which are required to
call GetManagedObjects() recursively on each object they find, which
implements the ObjectManager interface.
2015-07-27 19:15:08 +02:00
Daniel Mack
931618d08c NEWS: group systemd-networkd items
… for better readability.
2015-07-27 19:09:53 +02:00
Kay Sievers
01608bc86a NEWS: fix typos 2015-07-27 18:21:17 +02:00
Daniel Mack
34efe1d812 Merge pull request #738 from poettering/machined-caps
units: add more caps to machined
2015-07-27 18:18:16 +02:00
David Herrmann
e57eaef8a1 NEWS: add entries for v223
New features and API changes for v223. Please review carefully and amend!
2015-07-27 18:13:37 +02:00
Lennart Poettering
b242faae06 units: add more caps to machined
Otherwise copying full directory trees between container and host won't
work, as we cannot access some fiels and cannot adjust the ownership
properly on the destination.

Of course, adding these many caps to the daemon kinda defeats the
purpose of the caps lock-down... but well...

Fixes #433
2015-07-27 17:45:45 +02:00
Daniel Mack
ad8373e9e3 bus-proxy: augment debug message for dropped broadcasts a bit
Add the PID we are proxying for, as well as the message's sender and
destination string, to the debug message that is printed when the proxy
drops unmatched broadcasts.
2015-07-27 15:41:53 +02:00
Susant Sahani
0371f2df67 man: netdev add man for macvtap 2015-07-27 11:19:08 +05:30
Susant Sahani
f33ff02b1a networkd: add support for macvtap
This patch add support for macvtap.

see http://virt.kernelnewbies.org/MacVTap
2015-07-27 11:18:28 +05:30
Susant Sahani
d13125752d sd-netlink: Add macvtap support 2015-07-27 11:18:07 +05:30
Martin Pitt
baee30afce networkd-wait-online: fix -i argument
-i (aka --interface) takes an argument. Tell getopt_long() that, so that optarg
isn't NULL.
2015-07-26 15:39:09 +02:00
Kay Sievers
7189be2728 Merge pull request #716 from michaelolbrich/automount-fixes
Automount fixes
2015-07-26 13:56:50 +02:00
Kay Sievers
2909365c51 Merge pull request #724 from dbuch/master
proxyd: downgrade to log_debug() for unmatched broadcasts
2015-07-26 11:43:13 +02:00
Kay Sievers
fc7bdb583f systemd-boot: fix whitespace 2015-07-26 00:38:01 +02:00
Kay Sievers
2da6d7b91d Merge pull request #634 from icarlosvenegas/sd-boot-show-efi-cmdline_v2
sd-boot: Show stub cmdline when edit (v2)
2015-07-26 00:35:23 +02:00
Tom Gundersen
eeb4b73b6a Merge pull request #727 from phomes/master
man: typo fixes
2015-07-25 23:27:44 +02:00
Tom Gundersen
57cafd9bc0 Merge pull request #725 from keszybz/network-file-masking
man: describe masking of .network files better
2015-07-25 23:25:30 +02:00
Thomas Hindoe Paaboel Andersen
dd2b607b7d man: typo fixes 2015-07-25 23:15:51 +02:00
Zbigniew Jędrzejewski-Szmek
57e27ec0ad man: describe masking of .network files better
This should clear up some confusion in
https://github.com/systemd/systemd/issues/717.

This basically copies the description from systemd.unit to this
man page. Masking can happen also in /run, so strike the part
about /etc, and also add the magic work "mask".
2015-07-25 13:08:21 -04:00
Daniel Buch
e1d654341b proxyd: downgrade to log_debug() for unmatched broadcasts 2015-07-25 14:12:39 +02:00
Daniel Mack
3460810e8c Merge pull request #722 from keszybz/networkd-clarifications
Networkd clarifications
2015-07-25 10:48:43 +02:00
Zbigniew Jędrzejewski-Szmek
23da66bb40 networkd: rename RootBlock to AllowPortToBeRoot
Justification is similar to BPDUGuard rename. "Positive" values
are easier. This is a rather uncommon option, so using a slightly
longer name should not be a problem, and may in fact may make it
easier to guess what the option does without reading the
documentation.
2015-07-24 23:44:42 -04:00
Zbigniew Jędrzejewski-Szmek
072f9e4af4 networkd: turn UnicastFlood on by default
Looking at the kernel commit, "on" seems to be the default value:
commit 867a59436fc35593ae0e0efcd56cc6d2f8506586
Author: Vlad Yasevich <vyasevic@redhat.com>
Date:   Wed Jun 5 10:08:01 2013 -0400

    bridge: Add a flag to control unicast packet flood.

    Add a flag to control flood of unicast traffic.  By default, flood is
    on and the bridge will flood unicast traffic if it doesn't know
    the destination.  When the flag is turned off, unicast traffic
    without an FDB will not be forwarded to the specified port.

... and it seems to be the reasonable thing to do by default.
2015-07-24 23:44:42 -04:00
Zbigniew Jędrzejewski-Szmek
84c3409631 networkd: rename BPDUGuard to UseBPDU
Rename to follow the follow the style of other options.

In general "positive" options are preferred to "negative" ones,
because they are easier to describe and easier for humans to
parse (c.f. the shortening on the man page entry).
2015-07-24 23:44:42 -04:00
Zbigniew Jędrzejewski-Szmek
47c7dfe275 man: reword new Bridge descriptions 2015-07-24 23:44:42 -04:00
Zbigniew Jędrzejewski-Szmek
a9b70f9dfd network: rename DiffServiceCodePoint to CopyDSCP
Old name was slightly misleading, because this flag does not determine
whether DSCP is used overall, but only if it is copied to the
decapsulated packet. Rename to better reflect that.

"Copy" does not imply direction. This is on purpose, because we might
later on enhance the setting to allow/disallow copying in the other
direction, to the encapsulated packet. If that is implemented,
CopyDSCP could understand additional values. This is nicer than
having two separate settings and follows the example of DHCP=.

Also, we try to avoid abbreviations, but we allow acronyms
like MTU, in DiscoverPathMTU=.

This setting was recently added, so it's fine to rename it without
backwards compat.
2015-07-24 23:44:34 -04:00