The time-util.c provides dual_timestamp_deserialize() function to
convert value to usec_t and set it as value of ts->monotonic and
ts->realtime.
There are some places in code which do the same but only for one
clockid_t (realtime or monotonic), when dual_timestamp_deserialize()
sets value of both.
This patch introduces the deserialize_timestamp_value() which converts
a given value to usec_t and write it to a given timestamp.
Rabin Vincent [Fri, 12 Feb 2016 07:41:44 +0000 (08:41 +0100)]
missing.h: define IFLA_EXT_MASK
We already define IFLA_PROMISCUITY and some other of these masks in
order to allow building with older headers. Define IFLA_EXT_MASK too,
which was added in the same kernel version as IFLA_PROMISCUITY (v3.10).
resolved: extend ResolveHostname() bus call so that it can parse IP addresses
If the hostname passed to ResolveHostname() is actually an IP address that is
correctly formatted as string parse it as such, avoid any DNS traffic and
return the data in parsed form.
This is useful for clients which can simply call the bus function now without
caring about the precise formatting of specified hostnames. This mimics
getaddrinfo()'s behaviour with the AI_NUMERICHOST flag set.
Note that this logic is only implemented for ResolveHostname(), but not for
calls such as ResolveRecord(), for which only DNS domain names may be used as
input.
The "authenticated" flag is set for look-ups of this type, after all no
untrusted network traffic is involved.
resolved: rename "SearchDomains" property in the Manager interface to "Domains"
Another property name fuck-up. The property contains both search and routing
domains and hence should be exposed as "Domains" rather than "SearchDomains".
The counterpart in the Link object was correctly named, and the
SetLinkDomains() and SetDomains() setter calls too, hence let's get this right,
too.
(Yepp, a minor API break actually, but given that this was so far not
documented, and only 3 days public let's fix this now)
We call dual_timestamp_serialize() only if the s->watchdog_timestamp is
set. But the dual_timestamp_serialize() already checks a given dual
timestamp by the call of the dual_timestamp_is_set(). So we can remove
this check safely.
resolved: fix DNSSECSupported Link object property name
By mistake the "DNSSECSupported" bus property of the Link object got named
"DNSSECSupport". Internally, it's named correctly, and the counterpart on the
"Manager" object got named correctly too.
Technically this rename is an API break, but given that the interface is not
documented or widely announced yet, and just 3 days in a published release,
let's just fix this, and hope nobody notices.
Previous code only allowed a single name to be passed, and duplicated
it over all descriptors. For the sake of testing, allow different
names and in arbitrary number. If just one is given, duplicate it
to match the number of sockets. This matches previuos behaviour.
Since this is a testing tool, it seems useful to allow passing invalid
names to test application behaviour with invalid names. Hence, only
warn. When warning, escape the name.
basic/strv: fix strv_join for first empty argument
Empty strings were ignored in strv_join, but only if they were at the beginning
of the string. Empty strings after at least one non-empty item were treated
normally.
The setting is hardly useful (since its effect is generally reduced to zero due
to file system caps), and with the advent of ambient caps an actually useful
replacement exists, hence let's get rid of this.
I am pretty sure this was unused and our man page already recommended against
its use, hence this should be a safe thing to remove.
This was used by the dkr logic, which is gone now, hence remove this too.
Should we need it one day again the git history never forgets...
Note that this only covers the JSON parser. The JSON generator used by
"journalctl -o json" remains, as its much much simpler and requires no
infrastructure except printf() and the most basic escaping.
resolve: always align flags to 8th column and print CAA flags
Left-over unknown flags are printed numerically. Otherwise,
it wouldn't be known what bits are remaining without knowning
what the known bits are.
A test case is added to verify the flag printing code:
============== src/resolve/test-data/fake-caa.pkts ==============
google.com. IN CAA 0 issue "symantec.com"
google.com. IN CAA 128 issue "symantec.com"
-- Flags: critical
google.com. IN CAA 129 issue "symantec.com"
-- Flags: critical 1
google.com. IN CAA 22 issue "symantec.com"
-- Flags: 22
test-dns-packet: add framework to read and dump packets
Packets are stored in a simple format:
<size> <packet-wire-format> <size> <packet-wire-format> ...
Packets for some example domains are dumped, to test rr code for various
record types. Currently:
A
AAAA
CAA
DNSKEY
LOC
MX
NS
NSEC
OPENPGPKEY
SOA
SPF
TXT
The hashing code is executed, but results are not checked.
Also build other tests in src/resolve only with --enable-resolve.
Daniel Mack [Fri, 12 Feb 2016 14:25:27 +0000 (15:25 +0100)]
remove bus-proxyd
As kdbus won't land in the anticipated way, the bus-proxy is not needed in
its current form. It can be resurrected at any time thanks to the history,
but for now, let's remove it from the sources. If we'll have a similar tool
in the future, it will look quite differently anyway.
Note that stdio-bridge is still available. It was restored from a version
prior to f252ff17, and refactored to make use of the current APIs.
It's annoying to have the exact same function in three places.
It's stored in src/shared, but it's not added to the library to
avoid the dependency on libgcrypt.
ISO/IEC 9899:1999 §7.21.1/2 says:
Where an argument declared as size_t n specifies the length of the array
for a function, n can have the value zero on a call to that
function. Unless explicitly stated otherwise in the description of a
particular function in this subclause, pointer arguments on such a call
shall still have valid values, as described in 7.1.4.
In base64_append_width memcpy was called as memcpy(x, NULL, 0). GCC 4.9
started making use of this and assumes This worked fine under -O0, but
does something strange under -O3.
This patch fixes a bug in base64_append_width(), fixes a possible bug in
journal_file_append_entry_internal(), and makes use of the new function
to simplify the code in other places.
man: correct explanation of "systemctl is-enabled" output
The "is-enabled" command doesn't care whether the symlinks are declared in the
[Install] section of a unit file or not, when returning "enabled". Any alias,
.wants/ or .requires/ symlinks suffice.
Don't ever permit successful user or group lookups if no UID/GID mapping is
actually applied. THis way, we can be sure that nss-mymachines cannot be used
to insert invalid cache entries into nscd's cache.
Daniel Mack [Wed, 10 Feb 2016 14:44:01 +0000 (15:44 +0100)]
cgroup: remove support for NetClass= directive
Support for net_cls.class_id through the NetClass= configuration directive
has been added in v227 in preparation for a per-unit packet filter mechanism.
However, it turns out the kernel people have decided to deprecate the net_cls
and net_prio controllers in v2. Tejun provides a comprehensive justification
for this in his commit, which has landed during the merge window for kernel
v4.5:
As we're aiming for full support for the v2 cgroup hierarchy, we can no
longer support this feature. Userspace tool such as nftables are moving over
to setting rules that are specific to the full cgroup path of a task, which
obsoletes these controllers anyway.
This commit removes support for tweaking details in the net_cls controller,
but keeps the NetClass= directive around for legacy compatibility reasons.
coredump: dump priviliges when processing system coredumps
Let's add an extra-safety net and change UID/GID to the "systemd-coredump" user when processing coredumps from system
user. For coredumps of normal users we keep the current logic of processing the coredumps from the user id the coredump
was created under.
The kernel sets RLIMIT_CORE to 0 by default. Let's bump this to unlimited by
default (for systemd itself and all processes we fork off), so that the
coredump hooks have an effect if they honour it.
Bumping RLIMIT_CORE of course would have the effect that "core" files will end
up on the system at various places, if no coredump hook is used. To avoid this,
make sure PID1 sets the core pattern to the empty string by default, so that
this logic is disabled.
This change in defaults should be useful for all systems where coredump hooks
are used, as it allows useful usage of RLIMIT_CORE from these hooks again. OTOH
systems that expect that coredumps are placed under the name "core" in the
current directory will break with this change. Given how questionnable this
behaviour is, and given that no common distro makes use of this by default it
shouldn't be too much of a loss. Also, the old behaviour may be restored by
explicitly configuring a "core_pattern" of "core", and setting the default
system RLIMIT_CORE to 0 again via system.conf.
coredump: honour RLIMIT_CORE when saving/processing coredumps
With this change processing/saving of coredumps takes the RLIMIT_CORE resource limit of the crashing process into
account, given the user control whether specific processes shall core dump or not, and how large to make the core dump.
Note that this effectively disables core-dumping for now, as RLIMIT_CORE defaults to 0 (i.e. is disabled) for all
system processes.
projects / thirdparty / systemd.git / log
