Lennart Poettering [Wed, 20 Jan 2016 23:05:37 +0000 (00:05 +0100)]
resolve: minor strings improvements
Lennart Poettering [Wed, 20 Jan 2016 23:04:19 +0000 (00:04 +0100)]
man: document systemd-resolve(8)
This also links up the new manpage from systemd-resolved.service(8), and makes a couple of unrelated additions.
Lennart Poettering [Wed, 20 Jan 2016 23:03:08 +0000 (00:03 +0100)]
emacs: also configure nxml parameters in .dir-locals.el
We configure the parameters we use for the docbook XML.
Lennart Poettering [Wed, 20 Jan 2016 21:10:00 +0000 (22:10 +0100)]
resolve: rename "systemd-resolve-host" tool to simply "systemd-resolve"
The tool resolves way more than just hosts, hence give it a more generic name. This should be safe, as the tool is
currently undocumented. Before we add documentation for it, let's get the name right.
This also moves the C source into src/resolve/ (from src/resolve-host/), since the old name is a misnomer now. Also,
since it links directly to many of the C files of resolved it really belongs into resolved's directory anyway.
Lennart Poettering [Wed, 20 Jan 2016 21:07:48 +0000 (22:07 +0100)]
resolved: get rid of unnecessary if check
DNS_ANSWER_FOREACH() can deal with NULL answers anyway, let's simplify our code here.
Lennart Poettering [Wed, 20 Jan 2016 21:06:26 +0000 (22:06 +0100)]
resolved: split out RR synthesis logic into its own C file
Also, while we are at it, set the "authenticated" bit for everything we synthesize
Lennart Poettering [Wed, 20 Jan 2016 20:30:59 +0000 (21:30 +0100)]
resolved: move dns_type_to_af() to dns-type.c
Lennart Poettering [Wed, 20 Jan 2016 20:28:22 +0000 (21:28 +0100)]
resolve: generate a nice clean error when clients try to resolve a name when the network is down
Lennart Poettering [Wed, 20 Jan 2016 20:22:26 +0000 (21:22 +0100)]
resolved: when checking whether a link is relevant, check kernel operstate
This mimics what networkd is doing to detect a carrier.
Lennart Poettering [Wed, 20 Jan 2016 19:30:50 +0000 (20:30 +0100)]
resolved: fix typo
Noticed by @vcaputo
Lennart Poettering [Wed, 20 Jan 2016 19:30:03 +0000 (20:30 +0100)]
resolved: fix RR key reduction logic
Fixes #2380.
Lennart Poettering [Wed, 20 Jan 2016 19:27:21 +0000 (20:27 +0100)]
logind,machined: bump TasksMax=
Issue #2388 suggests the current TasksMax= setting for user processes is to low. Bump it to 12K. Also, bump the
container TasksMax= from 8K to 16K, so that it remains higher than the one for user processes.
(Compare: the kernel default limit for processes system-wide is 32K).
Fixes #2388
Lennart Poettering [Mon, 25 Jan 2016 12:46:23 +0000 (13:46 +0100)]
Merge pull request #2428 from msekletar/nspawn-alloca-fix
nspawn: fix memory leak
Michal Sekletar [Mon, 25 Jan 2016 11:06:38 +0000 (12:06 +0100)]
nspawn: fix memory leak
Zbigniew Jędrzejewski-Szmek [Sun, 24 Jan 2016 16:47:19 +0000 (11:47 -0500)]
Merge pull request #2425 from yuwata/journal-remote-v4
ZJS: remove unnecessary oom check after strdupa().
Daniel Mack [Sun, 24 Jan 2016 14:09:33 +0000 (15:09 +0100)]
Merge pull request #2423 from keszybz/udevd-crash-in-cleanup
udevd: do not clean up fds in main
Yu Watanabe [Sun, 24 Jan 2016 06:55:07 +0000 (15:55 +0900)]
journal-remote: fix broken --getter option
This commit fixes the following broken --getter option:
when systemd-journal-remote is called with --getter option,
it causes the error meesage "Zero sources specified" and
the getter command will not be called.
Yu Watanabe [Sun, 24 Jan 2016 06:54:05 +0000 (15:54 +0900)]
journal-remote: add an example to man
Yu Watanabe [Sun, 24 Jan 2016 06:49:04 +0000 (15:49 +0900)]
journal-remote: output file name is determined by the remote hostname
When --url option is specified, e.g. --url='http://some.host:19531/entries'
retrieved remote journal entries will be stored to
/var/log/journal/remote/remote-some.host.journal
Yu Watanabe [Sun, 24 Jan 2016 06:45:47 +0000 (15:45 +0900)]
journal-remote: make --url option support arbitrary url
Currently, --url option supports the only form like http(s)://some.host:19531.
This commit adds support to call systemd-journal-remote as follwos:
systemd-journal-remote --url='http://some.host:19531'
systemd-journal-remote --url='http://some.host:19531/'
systemd-journal-remote --url='http://some.host:19531/entries'
systemd-journal-remote --url='http://some.host:19531/entries?boot&follow'
The first three example result the same and retrieve all entries.
The last example retrieves only current boot entries and wait new events.
Zbigniew Jędrzejewski-Szmek [Sun, 24 Jan 2016 03:09:51 +0000 (22:09 -0500)]
Merge pull request #2318 from vcaputo/coalesce-ftruncates-redux
journal: coalesce ftruncate()s in 250ms windows
Zbigniew Jędrzejewski-Szmek [Sat, 23 Jan 2016 16:45:22 +0000 (11:45 -0500)]
udevd: do not clean up fds in main
fds will also be closed during manager cleanup in run, leading
to an error when we try to close them again. It is now possible
to "leak" the fds on error, but it's an unlikely event and we
will exit immediately anyway.
Fixes #2418.
Lennart Poettering [Fri, 22 Jan 2016 16:28:59 +0000 (17:28 +0100)]
Merge pull request #2410 from dobyrch/master
systemctl: Allow 'edit' and 'cat' on unloaded units
Lennart Poettering [Fri, 22 Jan 2016 16:28:05 +0000 (17:28 +0100)]
Merge pull request #2412 from fbuihuu/device-fixes
Device fixes
Franck Bui [Fri, 22 Jan 2016 06:18:19 +0000 (07:18 +0100)]
device: make sure to not ignore re-plugged device
systemd automatically mounts device unless 'noauto' is part of the
mount options. This can happen during boot if the device is plugged at
that time or later when the system is already running (the latter case
is not documented AFAICS).
After the systemd booted, I plugged my USB device which had an entry
in /etc/fstab with the default options and systemd automatically
mounted it.
However I noticed that if I unplugged and re-plugged the device the
automatic mounting of the device didn't work anymore: systemd didn't
notice that the device was re-plugged.
This was due to the device unit which was not recycled by the GC
during the unplug event because in the case of automounting, the mount
unit still referenced it. When the device was re-plugged, the old
device unit was reused but it still had the old sysfs path (amongst
other useful information).
Systemd was confused by the stalled sysfs path and decided to ignore
the plug event.
This patch fixes this issue by simply not doing the sanity checking on
the sysfs path if the device is in unplugged state.
Lennart Poettering [Fri, 22 Jan 2016 10:53:58 +0000 (11:53 +0100)]
Merge pull request #2413 from msekletar/update-todo-reload
Remove TODO entry
Michal Sekletar [Fri, 22 Jan 2016 09:10:45 +0000 (10:10 +0100)]
Remove TODO entry
Feature was introduced by 06af2a0
Daniel Mack [Fri, 22 Jan 2016 08:59:23 +0000 (09:59 +0100)]
Merge pull request #2405 from zonque/sysusers
sysusers: use GID_FMT and UID_FMT instead of %d
Daniel Mack [Fri, 22 Jan 2016 08:56:54 +0000 (09:56 +0100)]
Merge pull request #2331 from yuwata/journal-remote-unit-v2
journal-remote: add SupplementaryGroups to systemd-journal-upload.service
Daniel Mack [Fri, 22 Jan 2016 08:51:43 +0000 (09:51 +0100)]
Merge pull request #2332 from yuwata/journal-remote-tmpfiles-v2
journal-remote: tmpfiles.d/journal-remote.conf (v2)
Daniel Mack [Fri, 22 Jan 2016 08:47:59 +0000 (09:47 +0100)]
Merge pull request #2080 from chaloulo/split-mode-host-remove-port-from-journal-filename
journal-remote: split-mode=host, remove port from journal filename
Daniel Mack [Fri, 22 Jan 2016 08:10:13 +0000 (09:10 +0100)]
Merge pull request #2409 from snakeroot/dropin-doc-2
man: describe precedence of drop-in .conf files over unit files
Daniel Mack [Fri, 22 Jan 2016 08:06:20 +0000 (09:06 +0100)]
Merge pull request #2411 from ssahani/activate4
systemd-activate: Add support for datagram socket
Susant Sahani [Fri, 22 Jan 2016 04:12:54 +0000 (09:42 +0530)]
man: add man for systemd-activate datagram syntax
Susant Sahani [Fri, 22 Jan 2016 04:11:44 +0000 (09:41 +0530)]
systemd-activate: Add support for datagram sockets
core: Add flexible way to provide socket type
the socket type should be a diffrent argumet
in make_socket_fd . In this way we can set the socket
type like SOCK_STREAM SOCK_DGRAM in the address.
journal-remote: modify make_socket_fd
Douglas Christman [Thu, 21 Jan 2016 23:22:55 +0000 (18:22 -0500)]
systemctl: Allow 'edit' and 'cat' on unloaded units
Don't fail if the unit has a LoadError; otherwise `systemctl edit` cannot be
used to correct the error (e.g. multiple "ExecStart=" lines).
Remove file changed warning so cat output isn't interspersed with log messages.
Fixes #829
Chris Atkinson [Fri, 18 Dec 2015 03:41:59 +0000 (22:41 -0500)]
man: describe precedence of drop-in .conf files over unit files
Daniel Mack [Thu, 21 Jan 2016 15:35:19 +0000 (16:35 +0100)]
sysusers: use GID_FMT and UID_FMT instead of %d
Daniel Mack [Thu, 21 Jan 2016 15:28:19 +0000 (16:28 +0100)]
Merge pull request #1359 from jengelh/ue
sysusers: help useless error message
Daniel Mack [Thu, 21 Jan 2016 15:23:46 +0000 (16:23 +0100)]
Merge pull request #2071 from chaloulo/journal-upload-miss-logs
journal-upload : Ignore journal event when already in uploading state.
Lennart Poettering [Thu, 21 Jan 2016 12:16:47 +0000 (13:16 +0100)]
Merge pull request #2401 from lnykryn/sysv-split-deps-v4
v4: sysv-generator: do not join dependencies on one line, split them
Lukas Nykryn [Wed, 20 Jan 2016 14:16:32 +0000 (15:16 +0100)]
sysv-generator: do not join dependencies on one line, split them
If there is a lot of initscripts and dependencies between them we might
end generating After= (and similar) lines which are longer then LINE_MAX
and thus rejected by parser in systemd.
Fixes #2099
Daniel Mack [Thu, 21 Jan 2016 10:52:01 +0000 (11:52 +0100)]
Merge pull request #2393 from evverx/ignore-test-dnssec-complex
.gitignore: add test-dnssec-complex
Daniel Mack [Thu, 21 Jan 2016 10:51:37 +0000 (11:51 +0100)]
Merge pull request #2371 from evverx/add-valgrind-helper-for-daemon-reexec
core: add valgrind helper for daemon-reexec
Daniel Mack [Thu, 21 Jan 2016 10:50:08 +0000 (11:50 +0100)]
Merge pull request #2391 from keszybz/coverity
Coverity inspired fixes
Harald Hoyer [Thu, 21 Jan 2016 10:39:31 +0000 (11:39 +0100)]
Merge pull request #2341 from nmartensen/fstab-generator-fixes
Fstab-generator fixes
Evgeny Vereshchagin [Thu, 21 Jan 2016 02:10:55 +0000 (02:10 +0000)]
.gitignore: add test-dnssec-complex
This is a follow-up for 412577e
Evgeny Vereshchagin [Tue, 19 Jan 2016 15:48:45 +0000 (15:48 +0000)]
core: add valgrind helper for daemon-reexec
Inspired by https://github.com/systemd/systemd/issues/2187#issuecomment-
165587140
Zbigniew Jędrzejewski-Szmek [Wed, 20 Jan 2016 02:41:00 +0000 (21:41 -0500)]
systemd: remove dead code
We only go to fail label if pam_pid <= 0.
CID #1306746.
Zbigniew Jędrzejewski-Szmek [Wed, 20 Jan 2016 02:29:59 +0000 (21:29 -0500)]
Add assert in barrier code
This function is not supposed to fail, it only returns a boolean.
So add an assert in case anyone calls it without proper initialization
of *b.
Zbigniew Jędrzejewski-Szmek [Wed, 20 Jan 2016 01:25:26 +0000 (20:25 -0500)]
timesyncd: use (void) to mark ignored value
CID #1325772.
Zbigniew Jędrzejewski-Szmek [Wed, 20 Jan 2016 01:23:25 +0000 (20:23 -0500)]
test-date: check return value
CID #1327432.
Zbigniew Jędrzejewski-Szmek [Wed, 20 Jan 2016 01:20:02 +0000 (20:20 -0500)]
test-cgroup-mask: check return value
CID #1339830.
Zbigniew Jędrzejewski-Szmek [Wed, 20 Jan 2016 00:50:17 +0000 (19:50 -0500)]
libsystemd-network: avoid double free on error
This could happen if the remote sent us a badly formatted
option.
CID #1317206.
Zbigniew Jędrzejewski-Szmek [Wed, 20 Jan 2016 00:45:58 +0000 (19:45 -0500)]
libsystemd-network: use assert_se
It cannot fail.
CID #1320623.
Zbigniew Jędrzejewski-Szmek [Wed, 20 Jan 2016 00:25:45 +0000 (19:25 -0500)]
networkd: use (void) to mark ignored values
Null link or netdev are handled fine.
CID #1338084.
Tom Gundersen [Wed, 20 Jan 2016 23:54:35 +0000 (00:54 +0100)]
Merge pull request #2389 from bengal/dhcp-api-cleanup-v3
Improve libsystemd-networkd DHCP API (v3)
Zbigniew Jędrzejewski-Szmek [Wed, 20 Jan 2016 00:17:01 +0000 (19:17 -0500)]
test-tmpfiles: actually test that the file is temporary
CID #1341451.
Tom Gundersen [Wed, 20 Jan 2016 17:09:54 +0000 (18:09 +0100)]
Merge pull request #2329 from ssahani/tunnel
networkd: tunnel add support to configure address "any"
Tom Gundersen [Wed, 20 Jan 2016 16:45:42 +0000 (17:45 +0100)]
Merge pull request #2337 from dhxgit/patch-1
Fix IPv6PrivacyExtension (networkd-ndisc.c)
Lennart Poettering [Wed, 20 Jan 2016 16:39:07 +0000 (17:39 +0100)]
Merge pull request #2054 from keszybz/nss-link-less-2
Nss link less 2
Tom Gundersen [Wed, 20 Jan 2016 16:33:59 +0000 (17:33 +0100)]
Merge pull request #2267 from gdamjan/dont-drop-critical
networkd: link - do not drop config for critical interfaces
Beniamino Galvani [Wed, 20 Jan 2016 13:44:28 +0000 (14:44 +0100)]
dhcp: make DHCP6_OPTION_* enum public
libsystemd-network provides the public function
sd_dhcp6_client_set_request_option() to enable the request of a given
DHCP option. However the enum defining such options is defined in the
internal header dhcp6-protocol.h. Move the enum definition to the
public header sd-dhcp6-client.h and properly namespace values.
Beniamino Galvani [Wed, 20 Jan 2016 13:44:24 +0000 (14:44 +0100)]
dhcp: make DHCP_OPTION_* enum public
libsystemd-network provides the public function
sd_dhcp_client_set_request_option() to enable the request of a given
DHCP option. However the enum defining such options is defined in the
internal header dhcp-protocol.h. Move the enum definition to the
public header sd-dhcp-client.h and properly namespace values.
Beniamino Galvani [Wed, 20 Jan 2016 13:44:14 +0000 (14:44 +0100)]
dhcp: export routes as opaque objects
At the moment sd_dhcp_lease_get_routes() returns an array of structs
which are not defined in public headers. Instead, change the function
to return an array of pointers to opaque sd_dhcp_route objects.
Lennart Poettering [Wed, 20 Jan 2016 16:24:59 +0000 (17:24 +0100)]
Merge pull request #1607 from keszybz/lz4-remove-v1
Remove the old version of the lz4 stream compressor
Lennart Poettering [Wed, 20 Jan 2016 16:18:44 +0000 (17:18 +0100)]
Merge pull request #2085 from fbuihuu/more-use-of-check-load-state
core: use bus_unit_check_load_state() in transaction_add_job_and_depe…
Daniel Mack [Wed, 20 Jan 2016 16:06:56 +0000 (17:06 +0100)]
Merge pull request #2222 from snakeroot/eventsplat
hwdb: remove references to udevadm info /dev/input/event*
Daniel Mack [Wed, 20 Jan 2016 15:27:23 +0000 (16:27 +0100)]
Merge pull request #2387 from keszybz/mhd-offset
journal-gatewayd: fix offset
Zbigniew Jędrzejewski-Szmek [Wed, 20 Jan 2016 15:12:18 +0000 (10:12 -0500)]
journal-gatewayd: fix offset
I was checking something when writing the patch and
committed this by mistake.
Lennart Poettering [Wed, 20 Jan 2016 14:44:12 +0000 (15:44 +0100)]
Merge pull request #2385 from zonque/bootctl
bootctl: use DRAW_TREE_RIGHT rather than hard-coded UTF-8 character
Lennart Poettering [Wed, 20 Jan 2016 12:44:31 +0000 (13:44 +0100)]
Merge pull request #2381 from jsynacek/journalctl-colors-v4
basic/terminal-util: introduce SYSTEMD_COLORS environment variable
Daniel Mack [Wed, 20 Jan 2016 12:12:21 +0000 (13:12 +0100)]
bootctl: use DRAW_TREE_RIGHT rather than hard-coded UTF-8 character
Fixes #2384
Tom Gundersen [Wed, 20 Jan 2016 10:30:20 +0000 (11:30 +0100)]
Merge pull request #2372 from poettering/dnssec17
resolved bus API improvements
Jan Synacek [Tue, 19 Jan 2016 09:17:19 +0000 (10:17 +0100)]
basic/terminal-util: introduce SYSTEMD_COLORS environment variable
... to determine if color output should be enabled. If the variable is not set,
fall back to using on_tty(). Also, rewrite existing code to use
colors_enabled() where appropriate.
Lennart Poettering [Tue, 19 Jan 2016 20:48:01 +0000 (21:48 +0100)]
resolved: rework DNSSECSupported property
Not only report whether the server actually supports DNSSEC, but also first check whether DNSSEC is actually enabled
for it in our local configuration.
Also, export a per-link DNSSECSupported property in addition to the existing manager-wide property.
Lennart Poettering [Tue, 19 Jan 2016 20:20:13 +0000 (21:20 +0100)]
resolved: add SetLinkXYZ() method counterparts on the Link object
So far, we exposed SetLinkXYZ() on the Manager interface, to set a couple of link properties. This adds similar calls
SetXYZ() on the Link interface, and makes sure the former is little more than a shortcut to the latter.
SetLinkXYZ() has the benefit of not requiring a GetLink() round trip for setting these properties, while the method
actually belongs to the Link objects, and this change corrects that.
Lennart Poettering [Tue, 19 Jan 2016 17:37:10 +0000 (18:37 +0100)]
sd-resolve: use UINT64_C() macros where appropriate
Lennart Poettering [Tue, 19 Jan 2016 17:36:52 +0000 (18:36 +0100)]
networkd: sd_bus_path_decode() returns 0, if the prefix doesn't match
Lennart Poettering [Tue, 19 Jan 2016 17:35:32 +0000 (18:35 +0100)]
networkd: optimize link_node_enumerator() a bit
strv_consume() is pretty expensive when invoked piecemeal, hence optimize it a bit by pre-allocating a properly sized
array.
Lennart Poettering [Tue, 19 Jan 2016 17:32:42 +0000 (18:32 +0100)]
resolved: expose bus objects for each Link
The link objects expose as properties the current settings made with SetLinkDNS() and related calls, plus some more
information.
Daniel Mack [Tue, 19 Jan 2016 19:44:58 +0000 (20:44 +0100)]
Merge pull request #2373 from keszybz/man-api-build-3
Man page grammar and build tweaks v3
Lennart Poettering [Tue, 19 Jan 2016 16:19:14 +0000 (17:19 +0100)]
resolved: rename a few props to closer match ther counterparts in the various configuration files
Lennart Poettering [Tue, 19 Jan 2016 16:16:12 +0000 (17:16 +0100)]
resolved: add bus API for configuring per-link DNS settings
This is useful for alternative network management solutions (such as NetworkManager) to push DNS configuration data
into resolved.
The calls will fail should networkd already have taken possesion of a link, so that the bus API is only available if
we don't get the data from networkd.
Lennart Poettering [Tue, 19 Jan 2016 16:15:02 +0000 (17:15 +0100)]
resolved: add a couple of errors to the error mapping tables
These were previously forgotten, add them now.
Lennart Poettering [Tue, 19 Jan 2016 16:13:27 +0000 (17:13 +0100)]
resolved: allocate DNS scope for links only if the interface is up
For mDNS and LLMNR we already created the scopes only if the specific interfaces where actually up and suitable for
Multicasting. Add a similar (but weaker) logic for unicast DNS as well.
Lennart Poettering [Tue, 19 Jan 2016 16:12:12 +0000 (17:12 +0100)]
resolve-host: support --interface= as long form for -i
Lennart Poettering [Tue, 19 Jan 2016 16:11:28 +0000 (17:11 +0100)]
resolve-host: show whether DNSSEC is supported or not in --statistics output
This should be generally useful information, hence show it.
Lennart Poettering [Tue, 19 Jan 2016 16:10:34 +0000 (17:10 +0100)]
resolve-host: also show mDNS as source of resolving
Zbigniew Jędrzejewski-Szmek [Tue, 5 Jan 2016 04:17:21 +0000 (23:17 -0500)]
man/sd_event_{add_io,add_time,add_signal,now}: various small fixes
- remove things which are clear from the context
- 0 is a valid descriptor number, hence "positive" → "non-negative"
- "positive" means greater than zero, hence "positive non-zero" → "positive"
- use oxford comma
- reword some things for clarity
Lennart Poettering [Tue, 19 Jan 2016 14:11:10 +0000 (15:11 +0100)]
Merge pull request #2369 from zonque/resolved
resolved: hide public mDNS configuration knobs for now
Lennart Poettering [Tue, 19 Jan 2016 14:09:53 +0000 (15:09 +0100)]
Merge pull request #2357 from keszybz/warnings-2
Remove gcc warnings v2
Daniel Mack [Tue, 19 Jan 2016 13:05:01 +0000 (14:05 +0100)]
resolved: remove configuration knobs for mDNS until it's ready
These bits were intenionally left out while mDNS is under development.
Remove the exposed knobs and man page entries again until this is settled.
Daniel Mack [Tue, 19 Jan 2016 12:58:55 +0000 (13:58 +0100)]
resolved: fix mDNS IPv6 multicast address
Fixes #2366
Tom Gundersen [Tue, 19 Jan 2016 00:44:20 +0000 (01:44 +0100)]
Merge pull request #2358 from poettering/dnssec16
sixteenth DNSSEC patch set
Lennart Poettering [Mon, 18 Jan 2016 23:51:26 +0000 (00:51 +0100)]
resolved: don't forget about lost OPT and RRSIG when downgrading a feature level
Certain Belkin routers appear to implement a broken DNS cache for A RRs and some others, but implement a pass-thru for
AAAA RRs. This has the effect that we quickly recognize the broken logic of the router when we do an A lookup, but for
AAAA everything works fine until we actually try to validate the request. Given that the validation will necessarily
fail ultimately let's make sure we remember even when downgrading a feature level that OPT or RRSIG was missing.
Lennart Poettering [Mon, 18 Jan 2016 21:45:18 +0000 (22:45 +0100)]
update DNSSEC TODO
Lennart Poettering [Mon, 18 Jan 2016 22:29:04 +0000 (23:29 +0100)]
resolved: don't try to print error strings, where errno isn't set
Lennart Poettering [Mon, 18 Jan 2016 22:27:16 +0000 (23:27 +0100)]
resolved: when restarting a transaction pick a new ID
When we restart a transaction because of an incompatible server, pick a new transaction ID.
This should increase compatibility with DNS servers that don't like if they get different requests with the same
transaction ID.
Lennart Poettering [Mon, 18 Jan 2016 22:15:35 +0000 (23:15 +0100)]
resolved: enforce maximum limit on DNS transactions
given that DNSSEC lookups may result in quite a number of auxiliary transactions, let's better be safe than sorry and
also enforce a limit on the number of total transactions, not just on the number of queries.