1
0
mirror of https://github.com/systemd/systemd.git synced 2024-10-31 16:21:26 +03:00
Commit Graph

53950 Commits

Author SHA1 Message Date
Yu Watanabe
e338284f9b
Merge pull request #20973 from yuwata/busctl-trivial-cleanups
busctl: trivial cleanups
2021-10-11 14:03:48 +09:00
(GalaxyMaster)
d610e14226
Avoid passing NULL to underlying fprintf() in sysusers (#20974) 2021-10-11 14:03:15 +09:00
Yu Watanabe
84c72b1a23 test: add a test for parsing xml obtained by DBus Introspect method 2021-10-10 21:28:18 +09:00
Yu Watanabe
c58c86d0e2 busctl: add missing header 2021-10-10 21:15:04 +09:00
Yu Watanabe
1b4f2ba28e busctl: shorten code a bit 2021-10-10 20:26:21 +09:00
Yu Watanabe
911815565a busctl: use set_ensure_consume() 2021-10-10 19:10:56 +09:00
Yu Watanabe
b00756030b
Merge pull request #20969 from poettering/cryptenroll-no-homed
cryptenroll: politely refuse enrolling keys into homed volumes
2021-10-10 16:00:07 +09:00
Luca Boccassi
ccf609c88c
Merge pull request #20915 from bluca/libsystemd_openssl
libsystemd/sd-id128: use only internal hmac, remove khash/OpenSSL support
2021-10-09 18:37:59 +01:00
Dimitri John Ledkov
af7fb6831f test: set 5 minute timeout on TEST-11-ISSUE-3166 and TEST-50-DISSECT
When they work they finish quickly in under two minutes on slow machines, when
soft lock ups happen in the nested virt machine each test can run for like 5
hours clogging up CI infrastructure. It's best to fail quicker than that when
qemu or kernel are broken.
2021-10-09 18:31:27 +01:00
Lennart Poettering
de4a575e41 update TODO 2021-10-08 23:50:04 +02:00
Lennart Poettering
e0142d4ff8 cryptenroll: politely refuse enrolling keys into homed volumes
People should use homectl to enroll tokens into home directories, hence
point them there. Otherwise the auth data for the account and for the
LUKS volume will end up being different.
2021-10-08 23:50:04 +02:00
Lennart Poettering
d71059072a homed: don't forget to look at all enrolled tokens
We accidentally increased the token index twice whenever we found our
token. Fix that.
2021-10-08 23:50:04 +02:00
Lennart Poettering
e7e30330ff homed: use crypt_token_max() where appropriate
Let's use the new crypt_token_max() API in systemd-homework too, to cut
iteration of tokens short.

We already use it in cryptenroll/cryptsetup, so let's use it here too.
2021-10-08 23:50:04 +02:00
Lennart Poettering
4a09a67755 cryptsetup: also define crypt_token_max() as fallback locally, not just sym_crypt_token_max()
Our code that links directly against libcryptsetup, and doesn't use
dlopen() might want to use this fallback glue function too.
2021-10-08 23:50:04 +02:00
Jan Janssen
39ddc32a86 bootctl: Add set-timeout verb
Fixes: #18766
2021-10-08 15:32:50 +02:00
Jan Janssen
52b6b35643 sd-boot: Allow disabling timeout 2021-10-08 15:26:55 +02:00
Frantisek Sumsal
b98416e100 tree-wide: assorted Coccinelle fixes
It's that time of year again.
2021-10-08 15:03:27 +02:00
Zbigniew Jędrzejewski-Szmek
ee6df1fdd4 Add benchmark for sha256 calculations 2021-10-08 13:11:00 +01:00
Zbigniew Jędrzejewski-Szmek
0a0ddfeb68 test-id128: split into functions and add the usual headers 2021-10-08 13:11:00 +01:00
Luca Boccassi
1fc8d0c9dd basic: remove khash helpers
No longer used anywhere. So long, and thanks for all the hashes!
2021-10-08 13:11:00 +01:00
Luca Boccassi
ec4afb4606 libsystemd/sd-id128: use only internal hmac, remove khash/OpenSSL support
Using OpenSSL brings in an additional dependency for all users of
libsystemd.so even though it's just one API that makes use of it.

The khash implementation is awkward as it requires context switches and
computation inside the kernel, thus leaving the process.

Remove both from libsystemd.so, and use exclusively the internal hmac fallback.
While this is not optimized, the sd-id128 API is not used in
performance-critical contexts where hardware acceleration would make a
noticeable difference.
2021-10-08 13:11:00 +01:00
Luca Boccassi
8d39bff4e3 basic: add hmac_sha256 implementation
Based on the FIPS 198 specification. Not optimized and probably
completely unsafe, to be used only for non-strong-cryptographic
purposes when OpenSSL cannot be used.
2021-10-08 13:11:00 +01:00
Luca Boccassi
6eb736727a boot/sha256: sd-ify and move to src/fundamental 2021-10-08 13:11:00 +01:00
Luca Boccassi
5d8a725b08 fundamental: define size_t and memcpy for sd-boot 2021-10-08 13:07:00 +01:00
Lennart Poettering
c17e8ce9ec
Merge pull request #20962 from poettering/dttoif
Some tweaks to dirent-util.c
2021-10-08 11:14:03 +02:00
Lennart Poettering
49a0931f62 dirent-util: tweak readdir_ensure_type() a bit
So far we ignored if readdir_ensure_type() failed, the .d_type would
then still possibly report DT_UNKNOWN, possibly confusing the caller.

Let's make this safer: if we get an error on readdir_ensure_type() then
report it — except if it is ENOENT which indicates the dirent vanished
by now, which is not a problem and we should just skip to the next
entry.
2021-10-07 23:13:40 +02:00
Lennart Poettering
3214129369 dirent-util: use statx() in readdir_ensure_type()
Let's ask exactly for the one field we actually want to know, i.e.
STATX_TYPE.

(While we are at it, also copy over the inode number, if we have it,
simply to report the most recent info we have)

(Also, see AT_NO_AUTOMOUNT, so that we don't trigger automounts here.
After all, if we want to know the inode type of a dirent here, then
there's not need to trigger the automount, the inode type is not going
to change by that.)
2021-10-07 23:13:40 +02:00
Lennart Poettering
ba24ef86e7 dirent-util: get rid of stat_mode_to_dirent_type()
Apparently glibc already has a helper for this. (Not in the man pages
for Linux, but FreeBSD does document these cryptic helpers, and its
exported by glibc. That should be good enough for us.)
2021-10-07 23:13:03 +02:00
Lennart Poettering
a94aa2b9c1 dissect: print more useful error messages for two more error cases 2021-10-07 23:07:32 +02:00
Daan De Meyer
d888ef68d1 coredump: Add --all option
This option has coredumpctl look at all journals instead of only the
local ones. This allows coredumpctl to show information about remote
coredumps if the coredumps are made available in /var/lib/systemd/coredump
and the corresponding journals are made available in /var/log/journal.

This is already possible using the --directory option but --all makes it
more user friendly since users don't have to enter the journal directory
anymore as long as it's available under /var/log/journal.
2021-10-07 22:13:12 +02:00
Lennart Poettering
7cfe9ec983
Merge pull request #20910 from poettering/nftw-no-more
basic: add recurse_dir() function as modern replacement for nftw()
2021-10-07 22:12:41 +02:00
Luca Boccassi
2eacd9a7b6 network: assert on dereferenced pointer
CID#1462762
2021-10-07 22:12:19 +02:00
Yu Watanabe
6830c3a553
Merge pull request #20778 from yuwata/network-ipv6-token
network: rework IPv6 address generation mode
2021-10-07 23:24:00 +09:00
Lennart Poettering
17175882d7 homed: typo fix 2021-10-07 15:43:27 +02:00
Lennart Poettering
da3ab57cbc update TODO 2021-10-07 15:43:24 +02:00
Lennart Poettering
4c737f4ef1
Merge pull request #20948 from poettering/cgls-xattr
cgls: show cgroup id and xattr info in output
2021-10-07 15:25:03 +02:00
Lennart Poettering
f04d0575c9 update TODO 2021-10-07 11:59:23 +02:00
Lennart Poettering
aea0fe53ae mount-setup: port from nftw() to recurse_dir() 2021-10-07 11:59:23 +02:00
Lennart Poettering
fef4fe1a84 kbd-util: port from nftw() to recurse_dir() 2021-10-07 11:59:23 +02:00
Lennart Poettering
8e5aba7aca cgroup-util: port from nftw() to recurse_dir() 2021-10-07 11:59:23 +02:00
Lennart Poettering
79a72b1bf8 kmod-setup: port from nftw() to recurse_dir() 2021-10-07 11:58:26 +02:00
Lennart Poettering
ced9fde1be tests: add test for recurse_dir() 2021-10-07 11:58:26 +02:00
Lennart Poettering
b5a07e524e basic: add new recurse_dir() tool as replacement for nftw()
libc nftw() shows its age a bit, let's replace it with a more moden
infra that is built around openat(), O_PATH, statx(). This makes the
interface less prone to races and cleans up the API a bit adding
substantially more functionality.
2021-10-07 11:58:26 +02:00
Lennart Poettering
edcd27dcaf tree-wide: remove a few unnecessary inclusions of ftw.h 2021-10-07 11:58:26 +02:00
Lennart Poettering
823d72c7f7 fileio: add shortcut for xopendirat() when called in opendir() compatible mode 2021-10-07 11:58:26 +02:00
Lennart Poettering
21d46382e0 dirent-util: split out new function stat_mode_to_dirent_type()
This contains the mapping between mode_t inode type flags and dirent's
d_type. Splitting this out allows us to use the mapping elsewhere later.
2021-10-07 11:58:26 +02:00
Lennart Poettering
d83a8ed002 bash-completion: add the two new switches to systemd-cgls
(completion hookup for zsh doesn't appear to exist, hence not adding
there.)
2021-10-07 11:51:10 +02:00
Lennart Poettering
bd3bfc8856 man: document the two new switches for systemd-cgls 2021-10-07 11:50:52 +02:00
Lennart Poettering
87843de48b cgls: enable cgroupid/xattr output by default (but make it configurable) 2021-10-07 11:50:47 +02:00
Lennart Poettering
5a5a5d2914 cgroups-show: optionally show cgroup xattrs + cgroup id in cgroup tree output 2021-10-07 11:50:42 +02:00