shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2025-02-14 05:57:40 +03:00
Code
49,459 Commits 4 Branches 401 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Lennart Poettering fba3e94df5 resolved: never go below DNSSEC feature level in DNSSEC strict mode 
This adjusts our feature level handling: when DNSSEC strict mode is on,
let's never lower the feature level below the lowest DNSSEC mode.

Also, when asking whether DNSSEC is supproted, always say yes in strict
mode. This means that error reporting about transactions that fail
because of missing DNSSEC RRs will not report "incompatible-server" but
instead "missing-signature" or suchlike.

The main difference here is that DNSSEC failures become local to a
transaction, instead of propagating into the feature level we reuse for
future transactions. This is beneficial with routers that implement
"mostly a DNS proxy", i.e. that propagate most DNS requests 1:1 to their
upstream servers, but synthesize local answers for a select few domains.
For example, AVM Fritz!Boxes operate that way: they proxy most traffic
1:1 upstream in an DNSSEC-compatible fashion, but synthesize the
"fritz.box" locally, so that it can be used to configure the router.
This local domain cannot be DNSSEC verified, it comes without
signatures. Previously this would mean once that domain was resolved
feature level would be downgraded, and we'd thus fail all future DNSSEC
attempts. With this change, the immediate lookup for "fritz.box" will
fail validation, but for all other unrelated future ones that comes
without prejudice.

(While we are at it, also make a couple of other downgrade paths a bit
tighter.)

Fixes: #10570 #14435 #6490
2021-02-16 18:44:01 +01:00
.github
ci: switch back to meson-0.56.2
2021-02-15 15:38:27 +09:00
.lgtm/cpp-queries
lgtm: complain about accept() [people should use accept4() instead, due to O_CLOEXEC]
2019-04-10 20:03:38 +02:00
.mkosi
Move shared mkosi settings to a single file in mkosi.default.d/
2021-01-06 12:10:58 +00:00
.semaphore
ci: migrate to Semaphore CI 2.0
2021-01-15 20:18:29 +01:00
catalog
license: LGPL-2.1+ -> LGPL-2.1-or-later
2020-11-09 13:23:58 +09:00
coccinelle
coccinelle: ignore specific cases to use SYNTHETIC_ERRNO() macro
2020-11-27 14:35:20 +09:00
docs
Merge pull request #18401 from anitazha/oomdxattr
2021-02-13 10:00:31 +01:00
factory/etc
man: move 'files' module in NSS 'hosts:' line before myhostname
2020-08-17 18:55:59 +02:00
hwdb.d
Fix micmute hotkey on HP EliteBook Folio G1
2021-02-15 18:32:04 +00:00
man
man: fix indentation
2021-02-16 17:59:21 +01:00
mkosi.default.d
mkosi: Enable InstallDirectory and SourceFileTransferFinal options
2021-01-06 23:28:34 +00:00
modprobe.d
license: LGPL-2.1+ -> LGPL-2.1-or-later
2020-11-09 13:23:58 +09:00
network
networkd: Enable IPv6SendRA on builtin network files
2021-01-06 20:00:49 +01:00
po
Translations update from Weblate (#18537)
2021-02-11 00:55:41 +09:00
presets
license: LGPL-2.1+ -> LGPL-2.1-or-later
2020-11-09 13:23:58 +09:00
rules.d
no blkid for mmcblk[0-9]boot[0-9]
2021-02-13 10:38:29 +01:00
shell-completion
portable: add 'reattach' verb and DBUS interface
2021-02-10 19:07:36 +00:00
src
resolved: never go below DNSSEC feature level in DNSSEC strict mode
2021-02-16 18:44:01 +01:00
sysctl.d
sysctl.d: shorten comment
2021-01-15 10:33:29 +01:00
sysusers.d
license: LGPL-2.1+ -> LGPL-2.1-or-later
2020-11-09 13:23:58 +09:00
test
Merge pull request #18579 from keszybz/fix-fragment-id-crash
2021-02-15 23:35:25 +01:00
tmpfiles.d
udev: allow kvm group to access vhost-net device
2021-01-13 13:12:26 +04:00
tools
update-dbus-docs: use color in summary
2021-02-06 11:41:42 +01:00
units
units: turn off DNSSEC validation when timesyncd resolves hostnames
2021-02-14 22:05:18 +01:00
xorg
scripts: use 4 space indentation
2019-04-12 08:30:31 +02:00
.clang-format
clang-format: set SpaceBeforeParens to ControlStatementsExceptForEachMacros
2020-11-16 16:57:51 +09:00
.ctags
editors: Prevent ctags from following symlinks
2019-02-15 11:01:20 -08:00
.dir-locals.el
scripts: use 4 space indentation
2019-04-12 08:30:31 +02:00
.editorconfig
editorconfig: add man configuration
2020-05-26 15:37:05 +02:00
.gitattributes
udev: Extract RAM properties from DMI information
2020-12-16 18:32:29 +01:00
.gitignore
Move shared mkosi settings to a single file in mkosi.default.d/
2021-01-06 12:10:58 +00:00
.lgtm.yml
lgtm: drop the TMPDIR/meson workaround
2020-03-03 20:27:42 +01:00
.mailmap
NEWS: update contributors list for v246-pre
2020-07-23 17:30:54 +02:00
.packit.yml
Revert "ci: build on Fedora ELN as well"
2021-02-15 19:02:59 +00:00
.vimrc
scripts: use 4 space indentation
2019-04-12 08:30:31 +02:00
.ycm_extra_conf.py
ycm: add doc string for all the functions in configuration file
2017-11-29 13:21:49 -07:00
configure
tree-wide: add spdx header on all scripts and helpers
2021-01-28 09:55:35 +01:00
LICENSE.GPL2
relicense to LGPLv2.1 (with exceptions)
2012-04-12 00:24:39 +02:00
LICENSE.LGPL2.1
licence: remove references to old FSF address
2012-12-17 11:41:31 +01:00
Makefile
tree-wide: add spdx header on all scripts and helpers
2021-01-28 09:55:35 +01:00
meson_options.txt
meson: take oomd out of the doghouse
2021-02-02 14:38:19 +01:00
meson.build
Move rpm stuff into a separate src/rpm/ directory
2021-02-15 20:49:14 +01:00
mkosi.build
meson: Fix update-man-rules when the build dir is not a subdir of the project dir
2021-01-24 17:33:49 +00:00
NEWS
NEWS: add a note about no longer probind mmcblk*boot*
2021-02-14 01:30:59 +09:00
README
Adding an explanation for CONFIG_NET requirement (#18600)
2021-02-16 16:26:51 +00:00
README.md
ci: point the Fossies badge to main
2021-01-21 20:08:44 +01:00
TODO
update TODO
2021-02-15 19:23:05 +01:00
zanata.xml
po: add basic fedora.zanata.org configuration
2018-02-19 13:56:57 +01:00

README.md

Systemd

System and Service Manager

Count of open issues over time Count of open pull requests over time Semaphore CI 2.0 Build Status
Coverity Scan Status
OSS-Fuzz Status
CIFuzz
CII Best Practices
Language Grade: C/C++
CentOS CI - CentOS 7
CentOS CI - Arch
CentOS CI - Arch (sanitizers)
Fossies codespell report
Packaging status

Details

Most documentation is available on systemd's web site.

Assorted, older, general information about systemd can be found in the systemd Wiki.

Information about build requirements is provided in the README file.

Consult our NEWS file for information about what's new in the most recent systemd versions.

Please see the Hacking guide for information on how to hack on systemd and test your modifications.

Please see our Contribution Guidelines for more information about filing GitHub Issues and posting GitHub Pull Requests.

When preparing patches for systemd, please follow our Coding Style Guidelines.

If you are looking for support, please contact our mailing list or join our IRC channel.

Stable branches with backported patches are available in the stable repo.

Description
The systemd System and Service Manager
cinitlinuxservicessystemsystemd
Readme 560 MiB
Languages
C 89.2%
Python 5.3%
Shell 4.1%
Meson 1.2%