Martin Pitt [Fri, 19 Feb 2016 06:50:50 +0000 (07:50 +0100)]
Merge pull request #2648 from keszybz/dnssec-work
Better support for DANE, shell completion
Zbigniew Jędrzejewski-Szmek [Thu, 18 Feb 2016 20:32:22 +0000 (15:32 -0500)]
Merge pull request #2644 from 0xAX/check-alloc-overflow-macro
alloc-util: extract overflow check into inline function
Alexander Kuleshov [Tue, 16 Feb 2016 17:51:43 +0000 (23:51 +0600)]
alloc-util: cleanups
This patch contains a set of little cleanups for alloc-util.h:
1. The malloc_multiply(), realloc_multiply() and memdup_multiply()
functions check allocation related parameters on overflow. Let's
move them to the separate size_multiply_overflow() function for
simplicity, code duplication prevention and possible reuse in future.
2. use SIZE_MAX from stdlib instead of ((size_t) - 1) to be more
clear.
3. The 'a'/'b' variables are renamed to 'size' and 'need' to be
more clear.'
Martin Pitt [Thu, 18 Feb 2016 18:20:14 +0000 (19:20 +0100)]
Merge pull request #2621 from keszybz/wheel-group
build-sys: allow wheel group name to be specified
Zbigniew Jędrzejewski-Szmek [Tue, 16 Feb 2016 23:17:01 +0000 (18:17 -0500)]
systemd-resolve: initial shell completion
v2:
- use /sys/class/net to list interfaces,
also copy the same code to systemd-nspawn
v3:
- do not propose "any" twice for --type
Zbigniew Jędrzejewski-Szmek [Wed, 17 Feb 2016 01:55:23 +0000 (20:55 -0500)]
resolve: also allow SSHFP payload to be exported
Zbigniew Jędrzejewski-Szmek [Wed, 17 Feb 2016 01:36:10 +0000 (20:36 -0500)]
resolve: print TLSA packets in hexadecimal
https://tools.ietf.org/html/rfc6698#section-2.2 says:
> The certificate association data field MUST be represented as a string
> of hexadecimal characters. Whitespace is allowed within the string of
> hexadecimal characters
Zbigniew Jędrzejewski-Szmek [Thu, 18 Feb 2016 02:08:57 +0000 (21:08 -0500)]
systemd-resolve: easy querying of TLSA records
$ systemd-resolve --tlsa fedoraproject.org
_443._tcp.fedoraproject.org IN TLSA 0 0 1 GUAL5bejH7czkXcAeJ0vCiRxwMnVBsDlBMBsFtfLF8A=
-- Cert. usage: CA constraint
-- Selector: Full Certificate
-- Matching type: SHA-256
$ systemd-resolve --tlsa=tcp fedoraproject.org:443
_443._tcp.fedoraproject.org IN TLSA 0 0 1 GUAL5bejH7czkXcAeJ0vCiRxwMnVBsDlBMBsFtfLF8A=
...
$ systemd-resolve --tlsa=udp fedoraproject.org
_443._udp.fedoraproject.org: resolve call failed: '_443._udp.fedoraproject.org' not found
v2:
- use uint16_t
- refuse port 0
Zbigniew Jędrzejewski-Szmek [Thu, 18 Feb 2016 15:24:16 +0000 (10:24 -0500)]
Merge pull request #2646 from evverx/fix-2637
Fix #2637 (doubled specifier expansion in ExecStart=)
Martin Pitt [Thu, 18 Feb 2016 15:11:03 +0000 (16:11 +0100)]
Merge pull request #2653 from keszybz/test-dns-domain
build-sys: remove duplicated entry in tests
Zbigniew Jędrzejewski-Szmek [Thu, 18 Feb 2016 13:30:18 +0000 (08:30 -0500)]
build-sys: remove duplicated entry in tests
test-dns-domain should be built and run even without ENABLE_RESOLVED.
Evgeny Vereshchagin [Wed, 17 Feb 2016 22:32:36 +0000 (22:32 +0000)]
core: revert "core: resolve specifier in config_parse_exec()"
This reverts commit
cb48dfca6a8bc15d9081651001a16bf51e03838a.
Exec*-settings resolve specifiers twice:
%%U -> config_parse_exec [
cb48dfca6a8] -> %U -> service_spawn -> 0
Fixes #2637
Martin Pitt [Thu, 18 Feb 2016 09:33:39 +0000 (10:33 +0100)]
Merge pull request #2652 from filbranden/testsresolved1
Do not build tests that depend on resolved when it has been disabled
Filipe Brandenburger [Thu, 18 Feb 2016 08:39:38 +0000 (00:39 -0800)]
build-sys: Do not build tests that depend on resolved when it has been disabled
If ./configure --disable-resolved has been used, do not try to build
test-dns-packet and test-resolve-tables which depend on it.
Previously, the SOURCES, LIBS and LDADDs for these tests were made conditional
while the main rules for them weren't, causing build failures trying to build a
binary with no sources.
This was uncovered when trying to build udeb for systemd in CI, which uses
--disable-resolved for a minimal build, which uncovered the issue.
Fixes #2651.
Zbigniew Jędrzejewski-Szmek [Mon, 15 Feb 2016 16:08:26 +0000 (11:08 -0500)]
build-sys: allow references to wheel group to be omitted
https://github.com/systemd/systemd/issues/2492
Evgeny Vereshchagin [Wed, 17 Feb 2016 22:20:56 +0000 (22:20 +0000)]
tests: add test for https://github.com/systemd/systemd/issues/2637
+ perl -e 'exit(!(qq{0} eq qq{\x25U}))'
exec-spec-interpolation.service: Main process exited, code=exited, status=1/FAILURE
exec-spec-interpolation.service: Unit entered failed state.
exec-spec-interpolation.service: Failed with result 'exit-code'.
PID: 11270
Start Timestamp: Wed 2016-02-17 22:21:31 UTC
Exit Timestamp: Wed 2016-02-17 22:21:31 UTC
Exit Code: exited
Exit Status: 1
Assertion 'service->main_exec_status.status == status_expected' failed at src/test/test-execute.c:65, function check(). Aborting.
Lennart Poettering [Wed, 17 Feb 2016 11:45:31 +0000 (12:45 +0100)]
Merge pull request #2640 from keszybz/dnssec-work-3
resolve: dumping of binary packets
Zbigniew Jędrzejewski-Szmek [Mon, 15 Feb 2016 23:22:11 +0000 (18:22 -0500)]
test-resolve-tables: verify that dns type/class length is within limits
DNS_TYPE_STRING_MAX causes a problem with the table autogeneration code,
change to _DNS_TYPE_STRING_MAX.
Zbigniew Jędrzejewski-Szmek [Sun, 14 Feb 2016 23:51:55 +0000 (18:51 -0500)]
Use provided buffer in dns_resource_key_to_string
When the buffer is allocated on the stack we do not have to check for
failure everywhere. This is especially useful in debug statements, because
we can put dns_resource_key_to_string() call in the debug statement, and
we do not need a seperate if (log_level >= LOG_DEBUG) for the conversion.
dns_resource_key_to_string() is changed not to provide any whitespace
padding. Most callers were stripping the whitespace with strstrip(),
and it did not look to well anyway. systemd-resolve output is not column
aligned anymore.
The result of the conversion is not stored in DnsTransaction object
anymore. It is used only for debugging, so it seems fine to generate it
when needed.
Various debug statements are extended to provide more information.
Zbigniew Jędrzejewski-Szmek [Sat, 13 Feb 2016 19:54:15 +0000 (14:54 -0500)]
Replace DNS_RESOURCE_KEY_NAME with a version which always returns "." for root
This fixes formatting of root domain in debug messages:
Old:
systemd-resolved[10049]: Requesting DS to validate transaction 19313 (., DNSKEY with key tag: 19036).
New:
systemd-resolved[10049]: Requesting DS to validate transaction 19313 (, DNSKEY with key tag: 19036).
Zbigniew Jędrzejewski-Szmek [Thu, 4 Feb 2016 02:37:11 +0000 (21:37 -0500)]
systemd-resolved: split out inner loop
With two nested loops and a switch statements, it's quite hard to
understand what break and continue mean.
Zbigniew Jędrzejewski-Szmek [Sun, 31 Jan 2016 05:06:49 +0000 (00:06 -0500)]
systemd-resolve: allow whole packets to be dumped in binary form
Zbigniew Jędrzejewski-Szmek [Thu, 28 Jan 2016 23:24:28 +0000 (18:24 -0500)]
systemd-resolve: allow keys to be dumped in binary form
$ systemd-resolve --raw --openpgp zbyszek@fedoraproject.org | pgpdump /dev/stdin
Zbigniew Jędrzejewski-Szmek [Mon, 15 Feb 2016 18:15:23 +0000 (13:15 -0500)]
systemd-resolve: reword --help output
The output didn't specify if the default for --cname/--search/--legend and
other options was yes or no. Change the description to be explicit about that.
Also make the --help output and man page closer.
Zbigniew Jędrzejewski-Szmek [Sat, 13 Feb 2016 18:53:18 +0000 (13:53 -0500)]
man: show output in example systemd-resolve commands
I think example output allows the reader of the man page to
see what functionlity is provided without running the commands
themselves. Specific values in the examples are bound to get out
of date but this is not a problem.
Zbigniew Jędrzejewski-Szmek [Tue, 16 Feb 2016 23:36:42 +0000 (18:36 -0500)]
Merge pull request #2623 from poettering/networkd-fixes
Networkd, resolved, build-sys fixes
Lennart Poettering [Tue, 16 Feb 2016 22:53:44 +0000 (23:53 +0100)]
Merge pull request #2626 from poettering/fionread-fix
networkd: FIONREAD is not reliable on some sockets
Lennart Poettering [Tue, 16 Feb 2016 19:22:07 +0000 (20:22 +0100)]
Merge pull request #2636 from 0xAX/not-edit-errno-manually
main: no need to set errno manually
Lennart Poettering [Tue, 16 Feb 2016 13:17:53 +0000 (14:17 +0100)]
resolved: make sure to normalize all domain names returned via the bus
Most domain names we deal with are normalized anyway (since we read them that
way from DNS packets), but some might not (because they are synthesized from
unnormalized configuration or so), hence make sure to normalize all names
before passing them out to clients, to be fully deterministic.
Note that internally we are process normalized and non-normalized names the
same way, and while comparing them ignore the differences due to unnormalized
names. However, that internal implementation detail really shouldn't spill out
the clients, hence make sure to clean it all up.
Lennart Poettering [Tue, 16 Feb 2016 13:03:47 +0000 (14:03 +0100)]
udev: fix cg_unified() return code checking
Fixes fall-out from
8b3aa503c171acdb9ec63484a8c50e2680d31e79.
Fixes: #2635
Lennart Poettering [Tue, 16 Feb 2016 12:18:36 +0000 (13:18 +0100)]
core: fix assertion check
Fixes: #2632
Lennart Poettering [Mon, 15 Feb 2016 20:25:33 +0000 (21:25 +0100)]
resolve: print a noisy warning if we show crypto keys that could not be authenticated
Doing DNS retrieval on non-authenticated crypt keys is useless, hence warn
loudly about it.
Lennart Poettering [Mon, 15 Feb 2016 18:11:18 +0000 (19:11 +0100)]
networkd: rework idle detection logic of networkd
This patch makes networkd stay around as long as there is more than just a
loopback interface around, or the loopback device isn't fully probed yet, or
the loopback device has a .network file attached.
In essence, this means networkd stays around now continously as it should,
unless it is running in some (container?) environment that really has no
interface except a loopback device.
Fixes #2577.
Lennart Poettering [Mon, 15 Feb 2016 18:06:01 +0000 (19:06 +0100)]
build-sys: fix type detection
Before this patch existence of char16_t, char32_t, key_serial_t was checked
with AC_CHECK_DECLS() which doesn't actually work for types. Correct this to
use AC_CHECK_TYPES() instead.
Also, while we are at it, change the check for memfd_create() to use
AC_CHECK_DECLS() instead of AC_CHECK_FUNCS(). This is a better choice, since a
couple of syscalls are defined by glibc but not exported in the header files
(pivot_root() for example), and we hence should probably be more picky with
memfd_create() too, which glibc might decide to expose one day, but not
necessarily in the headers too.
Lennart Poettering [Mon, 15 Feb 2016 17:40:02 +0000 (18:40 +0100)]
resolved: turn on DNSSEC by default, unless configured otherwise
Let's make sure DNSSEC gets more testing, by defaulting DNSSEC to
"allow-downgrade" mode. Since distros should probably not ship DNSSEC enabled
by default add a configure switch to disable this again.
DNSSEC in "allow-downgrade" mode should mostly work without affecting user
experience. There's one exception: some captive portal systems rewrite DNS in
order to redirect HTTP traffic to the captive portal. If these systems
implement DNS servers that are otherwise DNSSEC-capable (which in fact is
pretty unlikely, but still...), then this will result in the captive portal
being inaccessible. To fix this support in NetworkManager (or any other network
management solution that does captive portal detection) is required, which
simply turns off DNSSEC during the captive portal detection, and resets it back
to the default (i.e. on) after captive portal authentication is complete.
Alexander Kuleshov [Tue, 16 Feb 2016 12:42:45 +0000 (18:42 +0600)]
main: no need to set errno manually
If we are not PID 1 and started as init, we executing systemctl
with execv(). Here no need to set errno manually, because in a
failure case, because the execv() anyway will set errno depends
on a error.
Lennart Poettering [Tue, 16 Feb 2016 12:21:14 +0000 (13:21 +0100)]
Merge pull request #2630 from keszybz/systemctl-m-h
systemctl: fix style to avoid modification of array passed by caller
Lennart Poettering [Mon, 15 Feb 2016 21:50:01 +0000 (22:50 +0100)]
networkd: FIONREAD is not reliable on some sockets
Fixes: #2457
Zbigniew Jędrzejewski-Szmek [Tue, 16 Feb 2016 00:06:53 +0000 (19:06 -0500)]
systemctl: fix style to avoid modification of array passed by caller
Followup for
4524439edb7d.
Lennart Poettering [Mon, 15 Feb 2016 23:05:20 +0000 (00:05 +0100)]
Merge pull request #2628 from benjarobin/fix-pull-req-2611
time-util: Rename and fix call of deserialize_timestamp_value()
Benjamin Robin [Mon, 15 Feb 2016 22:26:34 +0000 (23:26 +0100)]
time-util: Rename and fix call of deserialize_timestamp_value()
The deserialize_timestamp_value() is renamed timestamp_deserialize() to be more
consistent with dual_timestamp_deserialize()
And add the NULL check back on realtime and monotonic
Lennart Poettering [Mon, 15 Feb 2016 22:07:24 +0000 (23:07 +0100)]
Merge pull request #2622 from keszybz/systemctl-m-h
systemctl: include -M or -H arguments in the hint
Zbigniew Jędrzejewski-Szmek [Mon, 15 Feb 2016 16:57:48 +0000 (11:57 -0500)]
systemctl: include -M or -H arguments in the hint
https://github.com/systemd/systemd/issues/2431
Some newlines are added, but the output will still exceed 80 columns in many
cases. The fallback for oom conditions is changed from "n/a" to something
"<service>", and a similar pattern is used for the new code. This way we
have a realistic fallback for oom, which seems nicer than making the whole
function return an error code which would then have to be propagated.
$ systemctl -M fedora-rawhide restart systemd-networkd.service
Job for systemd-networkd.service failed because start of the service was attempted too often.
See "systemctl -M fedora-rawhide status systemd-networkd.service" and "journalctl -M fedora-rawhide -xe" for details.
To force a start use "systemctl -M fedora-rawhide reset-failed systemd-networkd.service"
followed by "systemctl -M fedora-rawhide start systemd-networkd.service" again.
Lennart Poettering [Mon, 15 Feb 2016 19:29:59 +0000 (20:29 +0100)]
Merge pull request #2611 from 0xAX/deserialize-clkid
time-util: introduce deserialize_timestamp_value()
Alexander Kuleshov [Mon, 15 Feb 2016 18:04:49 +0000 (00:04 +0600)]
logind: use deserialize_timestamp_value()
which is introduced in the
ebf30a086d commit.
Alexander Kuleshov [Mon, 15 Feb 2016 18:04:09 +0000 (00:04 +0600)]
machine: use deserialize_timestamp_value()
which is introduced in the
ebf30a086dfa commit.
Alexander Kuleshov [Mon, 15 Feb 2016 18:01:44 +0000 (00:01 +0600)]
time-util: introduce deserialize_timestamp_value()
The time-util.c provides dual_timestamp_deserialize() function to
convert value to usec_t and set it as value of ts->monotonic and
ts->realtime.
There are some places in code which do the same but only for one
clockid_t (realtime or monotonic), when dual_timestamp_deserialize()
sets value of both.
This patch introduces the deserialize_timestamp_value() which converts
a given value to usec_t and write it to a given timestamp.
Daniel Mack [Mon, 15 Feb 2016 15:50:55 +0000 (16:50 +0100)]
Merge pull request #2620 from bengal/assert-sd-event-now
dhcp: assert the success of sd_event_now()
Beniamino Galvani [Mon, 15 Feb 2016 15:11:51 +0000 (16:11 +0100)]
dhcp: assert the success of sd_event_now()
The function must never fail.
Lennart Poettering [Mon, 15 Feb 2016 13:54:09 +0000 (14:54 +0100)]
Merge pull request #2618 from zonque/busproxy-removal
remove bus-proxyd
Lennart Poettering [Mon, 15 Feb 2016 13:08:28 +0000 (14:08 +0100)]
Merge pull request #2596 from keszybz/move-activate-to-bin
Move activate to bin, extend --fdnames functionality
Daniel Mack [Mon, 15 Feb 2016 10:11:19 +0000 (11:11 +0100)]
Merge pull request #2617 from rabinv/master
missing.h: define IFLA_EXT_MASK
Rabin Vincent [Fri, 12 Feb 2016 07:41:44 +0000 (08:41 +0100)]
missing.h: define IFLA_EXT_MASK
We already define IFLA_PROMISCUITY and some other of these masks in
order to allow building with older headers. Define IFLA_EXT_MASK too,
which was added in the same kernel version as IFLA_PROMISCUITY (v3.10).
Zbigniew Jędrzejewski-Szmek [Fri, 12 Feb 2016 03:11:33 +0000 (22:11 -0500)]
Promote systemd-activate to /usr/bin/systemd-socket-activate
It has fairly wide functionality now and the interface has been
stable for a while. It it a useful testing tool.
The name is changed to better indicate what it does.
Zbigniew Jędrzejewski-Szmek [Sat, 13 Feb 2016 21:48:03 +0000 (16:48 -0500)]
Merge pull request #2608 from poettering/resolved-prop-fix
bus property name fix in resolved
Zbigniew Jędrzejewski-Szmek [Sat, 13 Feb 2016 21:38:58 +0000 (16:38 -0500)]
Merge pull request #2609 from 0xAX/service-dual-timestamp-serialization
service: remove unnecessary check that dual_timestamp is set
Lennart Poettering [Sat, 13 Feb 2016 19:32:11 +0000 (20:32 +0100)]
busctl: when formatting message contents, make sure to print all whitespaces
Previously we'd miss a necessary whitespace at the end of arrays, if more data
was following.
Lennart Poettering [Sat, 13 Feb 2016 19:26:30 +0000 (20:26 +0100)]
resolved: extend ResolveHostname() bus call so that it can parse IP addresses
If the hostname passed to ResolveHostname() is actually an IP address that is
correctly formatted as string parse it as such, avoid any DNS traffic and
return the data in parsed form.
This is useful for clients which can simply call the bus function now without
caring about the precise formatting of specified hostnames. This mimics
getaddrinfo()'s behaviour with the AI_NUMERICHOST flag set.
Note that this logic is only implemented for ResolveHostname(), but not for
calls such as ResolveRecord(), for which only DNS domain names may be used as
input.
The "authenticated" flag is set for look-ups of this type, after all no
untrusted network traffic is involved.
Lennart Poettering [Sat, 13 Feb 2016 19:03:01 +0000 (20:03 +0100)]
resolved: rename "SearchDomains" property in the Manager interface to "Domains"
Another property name fuck-up. The property contains both search and routing
domains and hence should be exposed as "Domains" rather than "SearchDomains".
The counterpart in the Link object was correctly named, and the
SetLinkDomains() and SetDomains() setter calls too, hence let's get this right,
too.
(Yepp, a minor API break actually, but given that this was so far not
documented, and only 3 days public let's fix this now)
Lennart Poettering [Sat, 13 Feb 2016 19:02:30 +0000 (20:02 +0100)]
resolved: fix definition of SD_RESOLVED_FLAGS_MAKE
Lennart Poettering [Sat, 13 Feb 2016 19:01:52 +0000 (20:01 +0100)]
resolved: drop references to two bus error codes no longer used
Lennart Poettering [Sat, 13 Feb 2016 17:22:25 +0000 (18:22 +0100)]
update TODO
Alexander Kuleshov [Sat, 13 Feb 2016 17:55:15 +0000 (23:55 +0600)]
service: remove unnecessary check
We call dual_timestamp_serialize() only if the s->watchdog_timestamp is
set. But the dual_timestamp_serialize() already checks a given dual
timestamp by the call of the dual_timestamp_is_set(). So we can remove
this check safely.
Lennart Poettering [Sat, 13 Feb 2016 17:19:14 +0000 (18:19 +0100)]
resolved: fix DNSSECSupported Link object property name
By mistake the "DNSSECSupported" bus property of the Link object got named
"DNSSECSupport". Internally, it's named correctly, and the counterpart on the
"Manager" object got named correctly too.
Technically this rename is an API break, but given that the interface is not
documented or widely announced yet, and just 3 days in a published release,
let's just fix this, and hope nobody notices.
Zbigniew Jędrzejewski-Szmek [Fri, 12 Feb 2016 04:33:09 +0000 (23:33 -0500)]
activate: allow multiple, possibly invalid, fd names
Previous code only allowed a single name to be passed, and duplicated
it over all descriptors. For the sake of testing, allow different
names and in arbitrary number. If just one is given, duplicate it
to match the number of sockets. This matches previuos behaviour.
Since this is a testing tool, it seems useful to allow passing invalid
names to test application behaviour with invalid names. Hence, only
warn. When warning, escape the name.
Zbigniew Jędrzejewski-Szmek [Fri, 12 Feb 2016 04:24:14 +0000 (23:24 -0500)]
basic/strv: fix strv_join for first empty argument
Empty strings were ignored in strv_join, but only if they were at the beginning
of the string. Empty strings after at least one non-empty item were treated
normally.
Previously:
{"x"} → "x"
{"x", ""} → "x"
{"x", "", ""} → "x::"
{""} → ""
{"", ""} → ""
{"", "", ""} → ""
{"", "x"} → "x"
{"", "x", ""} → "x:"
Now:
{"x"} → "x"
{"x", ""} → "x"
{"x", "", ""} → "x::"
{""} → ""
{"", ""} → ":"
{"", "", ""} → "::"
{"", "x"} → ":x"
{"", "x", ""} → ":x:"
Zbigniew Jędrzejewski-Szmek [Sat, 13 Feb 2016 15:36:02 +0000 (10:36 -0500)]
Merge pull request #2603 from poettering/drop-compat-libs
Some spring cleaning
Lennart Poettering [Sat, 13 Feb 2016 11:28:28 +0000 (12:28 +0100)]
tree-wide: make more global variables static
let's export as little as we can
Lennart Poettering [Sat, 13 Feb 2016 11:28:04 +0000 (12:28 +0100)]
util: drop two unused calls from src/basic/
Lennart Poettering [Sat, 13 Feb 2016 11:03:16 +0000 (12:03 +0100)]
build-sys: drop aufs-util.[ch]
Left over cruft from the dkr excercise.
Lennart Poettering [Sat, 13 Feb 2016 10:55:47 +0000 (11:55 +0100)]
gitignore: remove stuff long lost
Drop some entries of stuff we long removed from the main git repo, either
because it was split out or removed altogether.
Lennart Poettering [Fri, 12 Feb 2016 22:44:22 +0000 (23:44 +0100)]
build-sys: drop Makefile symlink in src/basic/linux
The dir is not used otherwise, hence let's drop the Makefile, so that the dir
stops to exist, too.
Lennart Poettering [Fri, 12 Feb 2016 22:29:57 +0000 (23:29 +0100)]
core: drop Capabilities= setting
The setting is hardly useful (since its effect is generally reduced to zero due
to file system caps), and with the advent of ambient caps an actually useful
replacement exists, hence let's get rid of this.
I am pretty sure this was unused and our man page already recommended against
its use, hence this should be a safe thing to remove.
Lennart Poettering [Fri, 12 Feb 2016 22:10:23 +0000 (23:10 +0100)]
util-lib: drop json parser
This was used by the dkr logic, which is gone now, hence remove this too.
Should we need it one day again the git history never forgets...
Note that this only covers the JSON parser. The JSON generator used by
"journalctl -o json" remains, as its much much simpler and requires no
infrastructure except printf() and the most basic escaping.
Lennart Poettering [Fri, 12 Feb 2016 21:51:55 +0000 (22:51 +0100)]
build-sys: drop libsystemd-{id128,daemon,login,journal}.so compat libs
They have long been obsolete, and upstream distros and packages have mostly
switched over, let's get rid of it for good.
Lennart Poettering [Sat, 13 Feb 2016 10:15:41 +0000 (11:15 +0100)]
Merge pull request #2589 from keszybz/resolve-tool-2
Better support of OPENPGPKEY, CAA, TLSA packets and tests
Zbigniew Jędrzejewski-Szmek [Sat, 13 Feb 2016 01:36:19 +0000 (20:36 -0500)]
Merge pull request #2601 from poettering/systemd-analyze-dump-align
core: fix indenting in dump output
Zbigniew Jędrzejewski-Szmek [Tue, 2 Feb 2016 02:35:44 +0000 (21:35 -0500)]
resolve: always align flags to 8th column and print CAA flags
Left-over unknown flags are printed numerically. Otherwise,
it wouldn't be known what bits are remaining without knowning
what the known bits are.
A test case is added to verify the flag printing code:
============== src/resolve/test-data/fake-caa.pkts ==============
google.com. IN CAA 0 issue "symantec.com"
google.com. IN CAA 128 issue "symantec.com"
-- Flags: critical
google.com. IN CAA 129 issue "symantec.com"
-- Flags: critical 1
google.com. IN CAA 22 issue "symantec.com"
-- Flags: 22
Zbigniew Jędrzejewski-Szmek [Sun, 31 Jan 2016 21:21:00 +0000 (16:21 -0500)]
resolve: parse CAA records
Zbigniew Jędrzejewski-Szmek [Sun, 31 Jan 2016 21:23:00 +0000 (16:23 -0500)]
Fix hashing of TLSA packets
Also add example files with TLSA and SSHFP records.
Zbigniew Jędrzejewski-Szmek [Thu, 11 Feb 2016 14:18:32 +0000 (09:18 -0500)]
test-dns-packet: allow running without arguments
Zbigniew Jędrzejewski-Szmek [Sun, 31 Jan 2016 05:10:42 +0000 (00:10 -0500)]
test-dns-packet: add framework to read and dump packets
Packets are stored in a simple format:
<size> <packet-wire-format> <size> <packet-wire-format> ...
Packets for some example domains are dumped, to test rr code for various
record types. Currently:
A
AAAA
CAA
DNSKEY
LOC
MX
NS
NSEC
OPENPGPKEY
SOA
SPF
TXT
The hashing code is executed, but results are not checked.
Also build other tests in src/resolve only with --enable-resolve.
Zbigniew Jędrzejewski-Szmek [Sat, 13 Feb 2016 00:14:25 +0000 (19:14 -0500)]
Merge pull request #2600 from poettering/s390-alarm-clock
time-util: map ALARM clockids to non-ALARM clockids in now()
Lennart Poettering [Fri, 12 Feb 2016 20:33:39 +0000 (21:33 +0100)]
core: fix indenting in dump output
Fixes: #2593
Lennart Poettering [Fri, 12 Feb 2016 20:29:01 +0000 (21:29 +0100)]
time-util: map ALARM clockids to non-ALARM clockids in now()
Fixes: #2597
Daniel Mack [Fri, 12 Feb 2016 14:25:27 +0000 (15:25 +0100)]
remove bus-proxyd
As kdbus won't land in the anticipated way, the bus-proxy is not needed in
its current form. It can be resurrected at any time thanks to the history,
but for now, let's remove it from the sources. If we'll have a similar tool
in the future, it will look quite differently anyway.
Note that stdio-bridge is still available. It was restored from a version
prior to
f252ff17, and refactored to make use of the current APIs.
Martin Pitt [Fri, 12 Feb 2016 08:26:18 +0000 (09:26 +0100)]
Merge pull request #2594 from keszybz/spelling
Spelling
Zbigniew Jędrzejewski-Szmek [Fri, 12 Feb 2016 04:40:11 +0000 (23:40 -0500)]
Merge pull request #2595 from l10n-tw/master
Update zh_TW translation.
Jeff Huang [Fri, 12 Feb 2016 03:47:11 +0000 (11:47 +0800)]
Update zh_TW translation.
Zbigniew Jędrzejewski-Szmek [Fri, 12 Feb 2016 02:58:46 +0000 (21:58 -0500)]
Merge pull request #2590 from zonque/bus-endpoint-removal
Remove kdbus custom endpoint support
Zbigniew Jędrzejewski-Szmek [Fri, 12 Feb 2016 02:52:02 +0000 (21:52 -0500)]
Typo
Zbigniew Jędrzejewski-Szmek [Wed, 10 Feb 2016 14:09:36 +0000 (09:09 -0500)]
NEWS: journal device support is limited to current boot, grammar
Reword some sentences for better flow.
Zbigniew Jędrzejewski-Szmek [Fri, 12 Feb 2016 02:47:54 +0000 (21:47 -0500)]
Merge pull request #2592 from mbiebl/typo-fixes
Typo fixes
Michael Biebl [Thu, 11 Feb 2016 23:26:37 +0000 (00:26 +0100)]
Typo fixes
Michael Biebl [Thu, 11 Feb 2016 23:19:51 +0000 (00:19 +0100)]
Merge pull request #2591 from jwilk/spelling
man: fix typos
Jakub Wilk [Thu, 11 Feb 2016 23:01:16 +0000 (00:01 +0100)]
man: fix typos
Daniel Mack [Thu, 11 Feb 2016 21:12:04 +0000 (22:12 +0100)]
Remove kdbus custom endpoint support
This feature will not be used anytime soon, so remove a bit of cruft.
The BusPolicy= config directive will stay around as compat noop.
Lennart Poettering [Thu, 11 Feb 2016 19:38:03 +0000 (20:38 +0100)]
Merge pull request #2587 from haraldh/tpmv3
sd-boot: put hashed kernel command line in a PCR of the TPM
Zbigniew Jędrzejewski-Szmek [Thu, 11 Feb 2016 18:17:42 +0000 (13:17 -0500)]
Merge pull request #2588 from phomes/core-enum-fix
core: use correct enum
Zbigniew Jędrzejewski-Szmek [Sat, 30 Jan 2016 21:42:16 +0000 (16:42 -0500)]
resolved: add cleanup function to rewind packets
This makes the behaviour more consistent. Before we would not rewind
after some errors, but this seems to have been an unintentional
omission.