platform/upstream/systemd.git
9 years agoresolved: when rereading /etc/resolv.conf, always start using first DNS server again
Lennart Poettering [Fri, 23 Jan 2015 17:57:29 +0000 (18:57 +0100)]
resolved: when rereading /etc/resolv.conf, always start using first DNS server again

Previously we tried to stick to a DNS server as long as it is available.
When /etc/resolv.conf changed, and the old DNS server we used was still
in there we'd continue to use it, even if it was at the end of the list.

With this change we'll now always start with the first DNS server in the
list again.

Rationale: certain network managing implementations (notably
NetworkManager) when connected to a VPN place both the VPN DNS server as
well as the local DNS server in /etc/resolv.conf. If we used the local
one before we would thus continue to use the local one, making VPN names
unresolvable. NetworkManager really should be fixed to only place the
VPN DNS servers in the file, but with this commit things are at least
similarly bad as they used to be...

9 years ago#pragma once here and there
Zbigniew Jędrzejewski-Szmek [Fri, 23 Jan 2015 14:20:59 +0000 (09:20 -0500)]
#pragma once here and there

9 years agobuild-sys: fix build on compilers without static_assert
Zbigniew Jędrzejewski-Szmek [Fri, 23 Jan 2015 14:06:00 +0000 (09:06 -0500)]
build-sys: fix build on compilers without static_assert

Build would fail when assert was used on the same line in
different files #included together.

https://bugs.freedesktop.org/show_bug.cgi?id=87339

9 years agosystemctl: bugfix for systemctl reboot command with argument
Sangjung Woo [Fri, 23 Jan 2015 11:21:57 +0000 (20:21 +0900)]
systemctl: bugfix for systemctl reboot command with argument

According to systemctl man page, 'systemctl reboot [arg]' should work
without any errors. However, it does not work because of 'Invalid number
of arguments' error, except for 'reboot [arg]'. This patch fixes the bug
so that both of commands work in exactly the same way.

9 years agocore,shutdown: don't bother with unmounting any mounts below /sys, /proc, /dev when...
Lennart Poettering [Fri, 23 Jan 2015 12:44:44 +0000 (13:44 +0100)]
core,shutdown: don't bother with unmounting any mounts below /sys, /proc, /dev when shutting down

After all, mounts below these directories are pretty much guaranteed to
be virtual, and it's hence unnecessary to unmount them during shutdown.
Moreover, in less-priviliged containers we might lack the rights to
unmount them, hence don't even try.

http://lists.freedesktop.org/archives/systemd-devel/2015-January/027113.html

9 years agomount-setup: /selinux, /cgroup, /dev/cgroup are sooo old, don't bother with them...
Lennart Poettering [Fri, 23 Jan 2015 12:44:27 +0000 (13:44 +0100)]
mount-setup: /selinux, /cgroup, /dev/cgroup are sooo old, don't bother with them anymore

9 years agotmpfiles: minor simplification
Zbigniew Jędrzejewski-Szmek [Fri, 23 Jan 2015 04:35:34 +0000 (23:35 -0500)]
tmpfiles: minor simplification

9 years agoman: bring tmpfiles.d(5) in line with code
Zbigniew Jędrzejewski-Szmek [Fri, 23 Jan 2015 04:32:19 +0000 (23:32 -0500)]
man: bring tmpfiles.d(5) in line with code

9 years agoupdate TODO
Lennart Poettering [Fri, 23 Jan 2015 01:59:58 +0000 (02:59 +0100)]
update TODO

9 years agosd-bus: fix typo
Lennart Poettering [Fri, 23 Jan 2015 01:59:30 +0000 (02:59 +0100)]
sd-bus: fix typo

9 years agocore: add a property that shows the current memory usage of a unit
Lennart Poettering [Fri, 23 Jan 2015 01:58:02 +0000 (02:58 +0100)]
core: add a property that shows the current memory usage of a unit

This is exposed the memory.usage_in_bytes cgroup property on the bus,
and makes "systemctl status" show it in its default output.

9 years agocgroup-show: remove duplicated check
Zbigniew Jędrzejewski-Szmek [Fri, 23 Jan 2015 01:03:58 +0000 (20:03 -0500)]
cgroup-show: remove duplicated check

After 3637713a20 it is not necessary anymore.

9 years agoupdate TODO
Lennart Poettering [Fri, 23 Jan 2015 00:44:14 +0000 (01:44 +0100)]
update TODO

9 years agonspawn: when mounting the cgroup hierarchies, use the exact same mount options for...
Lennart Poettering [Fri, 23 Jan 2015 00:43:16 +0000 (01:43 +0100)]
nspawn: when mounting the cgroup hierarchies, use the exact same mount options for the superblock as the host

Otherwise we'll generate kernel runtime warnings about non-matching
mount options.

9 years agonspawn: mount /tmp in the container, don't leave this to the container's init
Lennart Poettering [Fri, 23 Jan 2015 00:27:06 +0000 (01:27 +0100)]
nspawn: mount /tmp in the container, don't leave this to the container's init

We really want /tmp to be properly mounted, especially in containers
that lack CAP_SYS_ADMIN or that are not fully booted up and only get a
shell, hence let's do so in nspawn already.

9 years agonspawn: allow bind-mounting char and block files
Alban Crequy [Thu, 22 Jan 2015 15:47:07 +0000 (16:47 +0100)]
nspawn: allow bind-mounting char and block files

9 years agoupdate TODO
Lennart Poettering [Fri, 23 Jan 2015 00:20:16 +0000 (01:20 +0100)]
update TODO

9 years agoimportd: when listing transfers, show progress percentage
Lennart Poettering [Fri, 23 Jan 2015 00:16:31 +0000 (01:16 +0100)]
importd: when listing transfers, show progress percentage

With this change the pull protocol implementation processes will pass
progress data to importd which then passes this information on via the
bus. We use sd_notify() as generic transport for this communication,
making importd listen to them, while matching the incoming messages to
the right transfer.

9 years agoimportd: fix bus policy
Lennart Poettering [Fri, 23 Jan 2015 00:16:07 +0000 (01:16 +0100)]
importd: fix bus policy

9 years agomachinectl: fix handling of --verify= argument for dkr downloads
Lennart Poettering [Fri, 23 Jan 2015 00:15:08 +0000 (01:15 +0100)]
machinectl: fix handling of --verify= argument for dkr downloads

9 years agosd-bus: fix handling of double parameters in sd_bus_message_append()
Lennart Poettering [Fri, 23 Jan 2015 00:13:09 +0000 (01:13 +0100)]
sd-bus: fix handling of double parameters in sd_bus_message_append()

We really need to use va_arg() with the right type here as uint64_t and
double might have the same size, but are passed differently as
arguments.

9 years agoimport: we need CAP_DAC_OVERRIDE for untarring systems after all
Lennart Poettering [Fri, 23 Jan 2015 00:12:10 +0000 (01:12 +0100)]
import: we need CAP_DAC_OVERRIDE for untarring systems after all

9 years agocore: zero size notify messages are OK
Lennart Poettering [Fri, 23 Jan 2015 00:11:46 +0000 (01:11 +0100)]
core: zero size notify messages are OK

9 years agotests: use assert_se instead of assert
Ronny Chevalier [Thu, 22 Jan 2015 21:53:42 +0000 (22:53 +0100)]
tests: use assert_se instead of assert

Otherwise they can be optimized away with -DNDEBUG

9 years agopo: update french translation
Sylvain Plantefève [Thu, 22 Jan 2015 20:51:46 +0000 (21:51 +0100)]
po: update french translation

9 years agocatalog: update french translation
Sylvain Plantefève [Thu, 22 Jan 2015 20:51:45 +0000 (21:51 +0100)]
catalog: update french translation

9 years agoman: fix typos
Ronny Chevalier [Sun, 18 Jan 2015 22:23:38 +0000 (23:23 +0100)]
man: fix typos

9 years agosd-dhcp-client: use RFC4361-complient ClientID by default
Tom Gundersen [Wed, 21 Jan 2015 23:53:16 +0000 (00:53 +0100)]
sd-dhcp-client: use RFC4361-complient ClientID by default

In addition to the benefits listed in the RFC, this allows DHCP to work also in
case several interfaces share the same MAC address on the same link (IPVLAN).

Note that this will make the ClientID (so probably the assigned IP address)
change on upgrades. If it is desired to avoid that we would have to remember and
write back the ID (which the library supports, but networkd currently does not).

9 years agodhcp-identifier: create IAID even if no udev device can be found
Tom Gundersen [Thu, 22 Jan 2015 20:18:30 +0000 (21:18 +0100)]
dhcp-identifier: create IAID even if no udev device can be found

This is useful for testing.

9 years agonetworkd: Introduce ip6gre and ip6gretap
Susant Sahani [Sun, 18 Jan 2015 17:54:24 +0000 (23:24 +0530)]
networkd: Introduce ip6gre and ip6gretap

This patch introduces ipv6 gre and gretap.

test:

ip6gre.netdev:
[NetDev]
Name=ip6gretap
Kind=ip6gretap

[Tunnel]
Local=2a00:ffde:4567:edde::4987
Remote=2001:473:fece:cafe::5179

ip6gre.network:
[Match]
Name=eno16777736

[Network]
Tunnel=ip6gretap

ip link

6: ip6gre@eno16777736: <POINTOPOINT,NOARP> mtu 1448 qdisc noop state
DOWN mode DEFAULT group default
    link/gre6 2a:00:ff:de:45:67:ed:de:00:00:00:00:00:00:49:87 peer
20:01:04:73:fe:ce:ca:fe:00:00:00:00:00:00:51:79

9 years agonetworkd: Introduce IP6 tunnel
Susant Sahani [Fri, 16 Jan 2015 19:09:10 +0000 (00:39 +0530)]
networkd: Introduce IP6 tunnel

This patch enables networkd to create IP6 tunnels

example conf:

ipip6.netdev:
[NetDev]
Name=ipip6-tunnel
Kind=ip6tnl

[Tunnel]
Mode=ip4ipv6
Local=2a00:ffde:4567:edde::4987
Remote=2001:473:fece:cafe::5179

ipip6.network
[Match]
Name=wlan0

[Network]
Tunnel=ipip6-tunnel

23: ipip6-tunnel@wlan0: <POINTOPOINT,NOARP> mtu 1452 qdisc noop state
DOWN mode DEFAULT group default
    link/tunnel6 2a00:ffde:4567:edde::4987 peer 2001:473:fece:cafe::5179

9 years agonetworkd: introduce gretap
Susant Sahani [Sat, 20 Dec 2014 08:05:06 +0000 (13:35 +0530)]
networkd: introduce gretap

This patch introdeces gretap to networkd

9 years agoupdate TODO
Lennart Poettering [Thu, 22 Jan 2015 17:55:30 +0000 (18:55 +0100)]
update TODO

9 years agoimportd: run daemon at minimal capabilities
Lennart Poettering [Thu, 22 Jan 2015 17:55:08 +0000 (18:55 +0100)]
importd: run daemon at minimal capabilities

9 years agocgroup-show: don't hit assert, when the extra pids array is empty
Lennart Poettering [Thu, 22 Jan 2015 17:54:48 +0000 (18:54 +0100)]
cgroup-show: don't hit assert, when the extra pids array is empty

9 years agoimportd: fix path to download binary
Lennart Poettering [Thu, 22 Jan 2015 17:38:51 +0000 (18:38 +0100)]
importd: fix path to download binary

9 years agoimport: lock tar into its own private network namespace
Lennart Poettering [Thu, 22 Jan 2015 17:19:58 +0000 (18:19 +0100)]
import: lock tar into its own private network namespace

That way it cannot get access to the network

9 years agoimport: drop all capabilities when invoking tar
Lennart Poettering [Thu, 22 Jan 2015 17:12:31 +0000 (18:12 +0100)]
import: drop all capabilities when invoking tar

9 years agoupdate TODO
Lennart Poettering [Thu, 22 Jan 2015 16:50:26 +0000 (17:50 +0100)]
update TODO

9 years agoimport: only define the _to_string() enum mapping function, thus making gcc shut up
Lennart Poettering [Thu, 22 Jan 2015 16:49:28 +0000 (17:49 +0100)]
import: only define the _to_string() enum mapping function, thus making gcc shut up

9 years agoimport: now that the worker binary is called "systemd-pull" we can shorten the verbs
Lennart Poettering [Thu, 22 Jan 2015 16:38:10 +0000 (17:38 +0100)]
import: now that the worker binary is called "systemd-pull" we can shorten the verbs

Atfer all "systemd-pull pull-tar" is unnecessarily redundant, over
"systemd-pull tar"...

9 years agoimportd: try to minimize confusion by renaming "systemd-import" binary to "systemd...
Lennart Poettering [Thu, 22 Jan 2015 16:34:54 +0000 (17:34 +0100)]
importd: try to minimize confusion by renaming "systemd-import" binary to "systemd-pull"

This way "systemd-importd" is the daemon that uses "systemd-pull" as
backend worker.

9 years agomachinectl: when downloading an image, clarify that C-c will not cancel the download...
Lennart Poettering [Thu, 22 Jan 2015 16:31:59 +0000 (17:31 +0100)]
machinectl: when downloading an image, clarify that C-c will not cancel the download, but continue it in the background

9 years agomachinectl: minor simplification
Lennart Poettering [Thu, 22 Jan 2015 16:30:58 +0000 (17:30 +0100)]
machinectl: minor simplification

9 years agomachinectl: parse verify setting client-side
Lennart Poettering [Thu, 22 Jan 2015 16:30:40 +0000 (17:30 +0100)]
machinectl: parse verify setting client-side

9 years agoimportd: minor log improvements
Lennart Poettering [Thu, 22 Jan 2015 16:30:02 +0000 (17:30 +0100)]
importd: minor log improvements

9 years agoimport: make the user verficiation keyring override the vendor keyring, instead of...
Lennart Poettering [Thu, 22 Jan 2015 16:07:27 +0000 (17:07 +0100)]
import: make the user verficiation keyring override the vendor keyring, instead of extending it

This way the user has the ability to remove keys from the
vendor-supplied keyring if he intends so.

9 years agologind: fix sd_eviocrevoke ioctl call
Peter Hutterer [Thu, 22 Jan 2015 01:36:02 +0000 (11:36 +1000)]
logind: fix sd_eviocrevoke ioctl call

If the third argument is non-null, the kernel will always error out with
EINVAL and devices won't get revoked.

Reported-by: Benjamin Tissoires <benjamin.tissoires@gmail.com>
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
9 years agomachinectl: various minor updates to the --help text
Lennart Poettering [Thu, 22 Jan 2015 14:14:23 +0000 (15:14 +0100)]
machinectl: various minor updates to the --help text

9 years agoimport: rename --verify=sum to --verify=checksum
Lennart Poettering [Thu, 22 Jan 2015 14:13:53 +0000 (15:13 +0100)]
import: rename --verify=sum to --verify=checksum

This is how we call it internally, and also a bit more descriptive.

9 years agoman: document new download magic
Lennart Poettering [Thu, 22 Jan 2015 14:12:11 +0000 (15:12 +0100)]
man: document new download magic

9 years agoimport: add org.freedesktop.import1.policy.in to POTFILES.in
Piotr Drąg [Thu, 22 Jan 2015 13:56:45 +0000 (14:56 +0100)]
import: add org.freedesktop.import1.policy.in to POTFILES.in

https://bugs.freedesktop.org/show_bug.cgi?id=88705

9 years agokbd-model-map: add more mappings for Slovak, Lithuanian, and Khmer
Mindaugas Baranauskas [Thu, 22 Jan 2015 06:07:24 +0000 (01:07 -0500)]
kbd-model-map: add more mappings for Slovak, Lithuanian, and Khmer

https://bugs.freedesktop.org/show_bug.cgi?id=88545

9 years agoUse eurlatgr as the example console font
Marko Myllynen [Thu, 15 Jan 2015 12:44:17 +0000 (14:44 +0200)]
Use eurlatgr as the example console font

See https://fedoraproject.org/wiki/Changes/NewDefaultConsoleFont

https://bugzilla.redhat.com/show_bug.cgi?id=1182529

9 years agosysv-generator: only allow regular files in enumerate_sysv()
Cristian Rodríguez [Wed, 14 Jan 2015 05:51:41 +0000 (02:51 -0300)]
sysv-generator: only allow regular files in enumerate_sysv()

Otherwise, if the directory contains other directories we fail
at fopen in load_sysv() with EISDIR.

9 years agobuild: export symbols to integrate mainloops
Lucas De Marchi [Thu, 22 Jan 2015 00:59:45 +0000 (22:59 -0200)]
build: export symbols to integrate mainloops

9 years agoTODO: tmpfiles
Zbigniew Jędrzejewski-Szmek [Sun, 18 Jan 2015 23:28:17 +0000 (18:28 -0500)]
TODO: tmpfiles

9 years agoshared/acl-util: add mask only when needed, always add base ACLs
Zbigniew Jędrzejewski-Szmek [Sun, 18 Jan 2015 23:22:27 +0000 (18:22 -0500)]
shared/acl-util: add mask only when needed, always add base ACLs

For ACLs to be valid, a set of entries for user, group, and other
must be always present. Always add those entries.

While at it, only add the mask ACL if it is actually required, i.e.
when at least on ACL for non-owner group or user exists.

9 years agotmpfiles: use ACL magic on journal directories
Zbigniew Jędrzejewski-Szmek [Sun, 18 Jan 2015 20:05:40 +0000 (15:05 -0500)]
tmpfiles: use ACL magic on journal directories

9 years agotmpfiles: implement augmenting of existing ACLs
Zbigniew Jędrzejewski-Szmek [Sun, 18 Jan 2015 10:02:47 +0000 (05:02 -0500)]
tmpfiles: implement augmenting of existing ACLs

This is much more useful in practice (equivalent to setfacl -m).

9 years agotmpfiles: make t and a globby, add their recursive versions T and A
Zbigniew Jędrzejewski-Szmek [Sun, 18 Jan 2015 07:10:00 +0000 (02:10 -0500)]
tmpfiles: make t and a globby, add their recursive versions T and A

For types which adapt existing files it is generally more useful to accept
globs.

In analogy to z and Z, add recursive versions using uppercase letters.

Technically, making a accept globs is backwards incompatible, but in
practice it probably isn't yet widely used and we can assume that most
people don't create files with wildcards in names.

Functions which are used as callbacks, but not directly on items, are
renamed not to have "item_" prefix.

9 years agotmpfiles: make recursive operation generic
Zbigniew Jędrzejewski-Szmek [Sun, 18 Jan 2015 06:33:39 +0000 (01:33 -0500)]
tmpfiles: make recursive operation generic

9 years agotmpfiles: add 'a' type to set ACLs
Zbigniew Jędrzejewski-Szmek [Sun, 18 Jan 2015 04:27:39 +0000 (23:27 -0500)]
tmpfiles: add 'a' type to set ACLs

9 years agotmpfiles: attach an array of items to each path
Zbigniew Jędrzejewski-Szmek [Fri, 9 Jan 2015 07:00:37 +0000 (02:00 -0500)]
tmpfiles: attach an array of items to each path

The data structure used by tmpfiles is changed: instead of hashmaps
mapping {path → Item*} we now have hashmaps containing
{path -> ItemArray}, where ItemArray contains a pointer
to an array of Items.

For current code it doesn't matter much, but when we add new types it
is easier to simply add a new Item for a given path, then to coalesce
multiple lines into one Item.

In the future, this change will also make it possible to remember the
file and line where each Item originates, and use that in reporting
errors. Currently this is not possible, since each Item can be created
from multiple lines.

9 years agotmpfiles: make sure not to concatenate non-absolute path
Zbigniew Jędrzejewski-Szmek [Fri, 9 Jan 2015 06:27:31 +0000 (01:27 -0500)]
tmpfiles: make sure not to concatenate non-absolute path

If the path is absolute was only checked later.
Also do not check if path if absolute if we just
specified it starting with a slash.

9 years agotmpfiles: detect all combinations of + and !
Zbigniew Jędrzejewski-Szmek [Fri, 9 Jan 2015 06:11:01 +0000 (01:11 -0500)]
tmpfiles: detect all combinations of + and !

The same algorithm as with - and @ in ExecStart= is used.

9 years agotmpfiles: simplification
Zbigniew Jędrzejewski-Szmek [Fri, 9 Jan 2015 06:10:02 +0000 (01:10 -0500)]
tmpfiles: simplification

Certain conditions were checked more than once. Warning message
is improved.

9 years agocatalog: update pt_BR translation
Rafael Ferreira [Mon, 19 Jan 2015 14:39:43 +0000 (12:39 -0200)]
catalog: update pt_BR translation

Brazilian Portuguese update for CATALOG patch, according to commit
2057124e7910c4cab7e53d26e0c3749d326ae2bb ("Grammar changes to catalog")

https://bugs.freedesktop.org/show_bug.cgi?id=88588

9 years agoshared/cgroup-show: simplify show_pid_array()
Zbigniew Jędrzejewski-Szmek [Wed, 21 Jan 2015 04:09:58 +0000 (23:09 -0500)]
shared/cgroup-show: simplify show_pid_array()

int[] should not be used as pid_t[], even if happens to be same thing.
Also deduplicating in a quadratic loop right before sorting is unnecessary.
Remove custom greedy_realloc implementation.

9 years agoAssorted format fixes
Zbigniew Jędrzejewski-Szmek [Wed, 21 Jan 2015 03:22:15 +0000 (22:22 -0500)]
Assorted format fixes

Types used for pids and uids in various interfaces are unpredictable.
Too bad.

9 years agoFix some format strings for enums, they are signed
Zbigniew Jędrzejewski-Szmek [Thu, 22 Jan 2015 04:47:37 +0000 (23:47 -0500)]
Fix some format strings for enums, they are signed

9 years agoshared/util: use signed printf format for PIDs
Zbigniew Jędrzejewski-Szmek [Thu, 22 Jan 2015 04:35:19 +0000 (23:35 -0500)]
shared/util: use signed printf format for PIDs

gcc 5 started warning about this.

9 years agoupdate TODO
Lennart Poettering [Thu, 22 Jan 2015 03:01:58 +0000 (04:01 +0100)]
update TODO

9 years agoimport: introduce new mini-daemon systemd-importd, and make machinectl a client to it
Lennart Poettering [Thu, 22 Jan 2015 02:57:15 +0000 (03:57 +0100)]
import: introduce new mini-daemon systemd-importd, and make machinectl a client to it

The old "systemd-import" binary is now an internal tool. We still use it
as asynchronous backend for systemd-importd. Since the import tool might
require some IO and CPU resources (due to qcow2 explosion, and
decompression), and because we might want to run it with more minimal
priviliges we still keep it around as the worker binary to execute as
child process of importd.

machinectl now has verbs for pulling down images, cancelling them and
listing them.

9 years agoimpot: minor cleanups
Lennart Poettering [Thu, 22 Jan 2015 02:51:22 +0000 (03:51 +0100)]
impot: minor cleanups

9 years agolog: add new log output mode, that prints to console, but prefixes with syslog priority
Lennart Poettering [Thu, 22 Jan 2015 02:47:46 +0000 (03:47 +0100)]
log: add new log output mode, that prints to console, but prefixes with syslog priority

This is useful when we execute our own programs, reading output from its
STDERR, and want to retain priority information.

9 years agonetworkd: plug lldp leak
Tom Gundersen [Wed, 21 Jan 2015 22:02:22 +0000 (23:02 +0100)]
networkd: plug lldp leak

9 years agonetwork: dhcp - split out dhcp_identifier_set_{iaid,duid_en} from dhcp6-client
Tom Gundersen [Wed, 21 Jan 2015 21:25:20 +0000 (22:25 +0100)]
network: dhcp - split out dhcp_identifier_set_{iaid,duid_en} from dhcp6-client

This will also be used in dhcp4-client.

9 years agonetwork: dhcp - split out the duid structure into a new header file
Tom Gundersen [Wed, 21 Jan 2015 20:23:47 +0000 (21:23 +0100)]
network: dhcp - split out the duid structure into a new header file

We will use the same in both dhcp4 and dhcp6.

9 years agoupdate TODO
Lennart Poettering [Wed, 21 Jan 2015 19:05:24 +0000 (20:05 +0100)]
update TODO

9 years agoimport: simplify dkr importer, by making use of generic import-job logic, used by...
Lennart Poettering [Wed, 21 Jan 2015 19:03:57 +0000 (20:03 +0100)]
import: simplify dkr importer, by making use of generic import-job logic, used by the raw and tar importers

This gets us progress output as well xz/bzip2 support.

9 years agoimport: minor cleanups for the tar and raw importers
Lennart Poettering [Wed, 21 Jan 2015 19:02:30 +0000 (20:02 +0100)]
import: minor cleanups for the tar and raw importers

9 years agobuild: Add parallel-tests automake option
Martin Pitt [Wed, 21 Jan 2015 16:10:20 +0000 (17:10 +0100)]
build: Add parallel-tests automake option

We use PY_LOG_COMPILER in Makefile.am for running *.py tests, which requires
automake's parallel test runner. This has only been the default from 1.13 on.
As we only require automake 1.11, add it as an option explicitly.

9 years agosysv-generator: Replace Provides: symlinks with real units
Martin Pitt [Wed, 21 Jan 2015 09:25:14 +0000 (10:25 +0100)]
sysv-generator: Replace Provides: symlinks with real units

Since commit b7e7184 the SysV generator creates symlinks for all "Provides:" in
the LSB header. However, this is too greedy; there are cases where the
creation of a unit .service file fails because of an already existing
symlink with the same name:

 - Backup files such as /etc/init.d/foo.bak still have "Provides: foo", and
   thus get a foo.service -> foo.bak.service link. foo.bak would not be enabled
   in rcN.d/, but we (deliberately) create units for all executables in init.d/
   so that a manual "systemctl start" works. If foo.bak is processed before,
   the symlink already exists.

 - init.d/bar has "Provides: foo", while there also is a real init.d/foo. The
   former would create a link foo.service -> bar.service, while the latter
   would fail to create the real foo.service.

If we encounter an existing symlink, just remove it before writing a real unit.

Note that two init.d scripts "foo" and "bar" which both provide the same name
"common" already work. The first processed init script wins and creates the
"common.service" symlink, and the second just fails to create the symlink
again. Thus create an additional test case for this to ensure that it keeps
working sensibly.

https://bugs.debian.org/775404

9 years agosystemd-sysv-generator test: test scripts with hidden suffixes
Martin Pitt [Wed, 21 Jan 2015 14:30:01 +0000 (15:30 +0100)]
systemd-sysv-generator test: test scripts with hidden suffixes

We don't expect any unit generated from temporary package manager, swap, and
similar files.

9 years agoutil: Add some missing hidden_file() suffixes
Martin Pitt [Wed, 21 Jan 2015 14:26:13 +0000 (15:26 +0100)]
util: Add some missing hidden_file() suffixes

dpkg itself also uses *.dpkg-dist, while .dpkg-{bak,backup,remove} are being
used by dpkg-maintscript-helper.

9 years agosysv-generator: Handle .sh suffixes when translating Provides:
Martin Pitt [Tue, 20 Jan 2015 15:41:31 +0000 (16:41 +0100)]
sysv-generator: Handle .sh suffixes when translating Provides:

When deciding whether the provided name equals the file name in
sysv_translate_facility(), also consider them equal if the file name has a
".sh" suffix.

This was uncovered by commit b7e7184 which then created a symlink
"<name>.service" to itself for ".sh" suffixed init.d scripts.

For additional robustness, refuse to create symlinks to itself in add_alias().

Add test case which reproduces the bug.

https://bugs.debian.org/775889

9 years agoupdate TODO
Lennart Poettering [Wed, 21 Jan 2015 12:45:07 +0000 (13:45 +0100)]
update TODO

9 years agoimport: support downloading bzip2-encoded images
Lennart Poettering [Wed, 21 Jan 2015 12:43:55 +0000 (13:43 +0100)]
import: support downloading bzip2-encoded images

This way, we can import CoreOS images unmodified.

9 years agojournal: Fix syslog forwarding without CAP_SYS_ADMIN
Christian Seiler [Tue, 13 Jan 2015 10:53:25 +0000 (11:53 +0100)]
journal: Fix syslog forwarding without CAP_SYS_ADMIN

In case CAP_SYS_ADMIN is missing (like in containers), one cannot fake pid in
struct ucred (uid/gid are fine if CAP_SETUID/CAP_SETGID are present).

Ensure that journald will try again to forward the messages to syslog without
faking the SCM_CREDENTIALS pid (which isn't guaranteed to succeed anyway, since
it also does the same thing if the process has already exited).

With this patch, journald will no longer silently discard messages
that are supposed to be sent to syslog in these situations.

https://bugs.debian.org/775067

9 years agozsh-completion: Do not interpret escape sequences in _filter_units_by_property
Wieland Hoffmann [Sat, 17 Jan 2015 01:10:42 +0000 (02:10 +0100)]
zsh-completion: Do not interpret escape sequences in _filter_units_by_property

This makes all functions that rely on _filter_units_by_property() (like
_systemctl_{stop,kill,try_restart}) work with unit names that contain backslash
escaped sequences (like automount units with spaces that are escaped to
"\x20").

9 years agosystemd-sysv-generator test: fix enabled check
Martin Pitt [Wed, 21 Jan 2015 09:21:08 +0000 (10:21 +0100)]
systemd-sysv-generator test: fix enabled check

Fix hardcoded "foo.service", test for the actual unit parameter.

9 years agosystemd-sysv-generator test: don't parse symlinks
Martin Pitt [Wed, 21 Jan 2015 08:45:15 +0000 (09:45 +0100)]
systemd-sysv-generator test: don't parse symlinks

Generated services which are symlinks should be tested/handled differently from
files, so ignore them in run_generator()'s result parsing.

9 years agotest: add integration test for systemd-sysv-generator
Martin Pitt [Tue, 20 Jan 2015 15:08:05 +0000 (16:08 +0100)]
test: add integration test for systemd-sysv-generator

This covers the general functionality as well as regression tests for recent
fixes like commits b7e718 and 1ed0c19.

9 years agoimport: also add verification support to tar importer
Lennart Poettering [Wed, 21 Jan 2015 03:03:33 +0000 (04:03 +0100)]
import: also add verification support to tar importer

9 years agoimport: make verification code generic, in preparation for using it pull-tar
Lennart Poettering [Wed, 21 Jan 2015 02:46:01 +0000 (03:46 +0100)]
import: make verification code generic, in preparation for using it pull-tar

9 years agoimport: improve logging
Lennart Poettering [Wed, 21 Jan 2015 02:02:23 +0000 (03:02 +0100)]
import: improve logging

9 years agoimport: show download speed while downloading
Lennart Poettering [Wed, 21 Jan 2015 02:02:04 +0000 (03:02 +0100)]
import: show download speed while downloading

9 years agoimport: add image verification using gpg
Lennart Poettering [Wed, 21 Jan 2015 02:01:13 +0000 (03:01 +0100)]
import: add image verification using gpg

This also adds an initial keyring for the verification, that contains
Ubuntu's and Fedora's key. We should probably add more entries sooner or
later.

9 years agotest: eliminate shell wrapper for Python test
Martin Pitt [Tue, 20 Jan 2015 20:26:35 +0000 (21:26 +0100)]
test: eliminate shell wrapper for Python test

Use the parallel test runner's TEST_EXTENSIONS/*_LOG_COMPILER feature
(https://www.gnu.org/software/automake/manual/html_node/Parallel-Test-Harness.html)
to run *.py tests through $(PYTHON), and only if we have python
available/enabled.

This eliminates the need of having shell wrappers, thus drop
test/rules-test.sh.