chiark / gitweb /
elogind.git
8 years agoshared: in code that might get called from suid programs use __secure_getenv() rather...
Lennart Poettering [Thu, 23 Aug 2012 16:47:01 +0000 (18:47 +0200)]
shared: in code that might get called from suid programs use __secure_getenv() rather than getenv()

It's better to be safe than sorry.

8 years agobuild-sys: xsltproc is required for man pages and gtk-doc
Zbigniew Jędrzejewski-Szmek [Fri, 24 Aug 2012 23:57:03 +0000 (01:57 +0200)]
build-sys: xsltproc is required for man pages and gtk-doc

8 years agojournal: add HAVE_XZ check to avoid build failure
Yin Kangkai [Fri, 24 Aug 2012 08:52:58 +0000 (16:52 +0800)]
journal: add HAVE_XZ check to avoid build failure

Without this, build fail with --disable-xz or xz not installed.

8 years agokeymaps: Add "e" key for Acer Aspire 5720
Martin Pitt [Fri, 24 Aug 2012 05:11:20 +0000 (07:11 +0200)]
keymaps: Add "e" key for Acer Aspire 5720

https://launchpad.net/bugs/1009836

8 years agojournald: add missing includes
Allin Cottrell [Thu, 23 Aug 2012 23:46:38 +0000 (01:46 +0200)]
journald: add missing includes

8 years agosd-journal: return null when mmap_cache_new fails
Lukas Nykryn [Thu, 23 Aug 2012 10:28:47 +0000 (12:28 +0200)]
sd-journal: return null when mmap_cache_new fails

8 years agohashmap: hashmap_contains does not need hashmap_entry
Lukas Nykryn [Thu, 23 Aug 2012 10:21:55 +0000 (12:21 +0200)]
hashmap: hashmap_contains does not need hashmap_entry

8 years agoreadahead-analyze: don't call fclose on null
Lukas Nykryn [Mon, 20 Aug 2012 13:15:40 +0000 (15:15 +0200)]
readahead-analyze: don't call fclose on null

8 years agocore: free word later in parse_proc_cmdline
Lukas Nykryn [Mon, 20 Aug 2012 12:52:07 +0000 (14:52 +0200)]
core: free word later in parse_proc_cmdline

8 years agologin: check return of parse_pid and parse_uid
Lukas Nykryn [Mon, 20 Aug 2012 12:39:08 +0000 (14:39 +0200)]
login: check return of parse_pid and parse_uid

8 years agoload-fragment: initialize bool invert before use
Lukas Nykryn [Mon, 20 Aug 2012 12:33:21 +0000 (14:33 +0200)]
load-fragment: initialize bool invert before use

8 years agobuild-sys: prepare release 189 v189
Lennart Poettering [Thu, 23 Aug 2012 00:46:22 +0000 (02:46 +0200)]
build-sys: prepare release 189

8 years agoservice: introduce a proper service result if the start limit is hit
Lennart Poettering [Wed, 22 Aug 2012 03:02:33 +0000 (05:02 +0200)]
service: introduce a proper service result if the start limit is hit

8 years agojournalctl: complain if unprivileged users attempt to access the journal and persista...
Lennart Poettering [Wed, 22 Aug 2012 02:45:17 +0000 (04:45 +0200)]
journalctl: complain if unprivileged users attempt to access the journal and persistant logging is off

8 years agojournal: the ratelimiter is part of journald
Lennart Poettering [Wed, 22 Aug 2012 01:43:45 +0000 (03:43 +0200)]
journal: the ratelimiter is part of journald

8 years agojournald: split off native protocol support into its own .c file
Lennart Poettering [Wed, 22 Aug 2012 01:42:23 +0000 (03:42 +0200)]
journald: split off native protocol support into its own .c file

8 years agojournald: split console transport stuff into its own file
Lennart Poettering [Wed, 22 Aug 2012 01:36:29 +0000 (03:36 +0200)]
journald: split console transport stuff into its own file

8 years agojournald: move stream protocol into its own .c file
Lennart Poettering [Wed, 22 Aug 2012 01:32:41 +0000 (03:32 +0200)]
journald: move stream protocol into its own .c file

8 years agojournal: move syslog specific calls out of util.c
Lennart Poettering [Wed, 22 Aug 2012 01:24:46 +0000 (03:24 +0200)]
journal: move syslog specific calls out of util.c

8 years agojournald: splitt of syslog protocol support into its own file
Lennart Poettering [Wed, 22 Aug 2012 01:21:03 +0000 (03:21 +0200)]
journald: splitt of syslog protocol support into its own file

8 years agojournald: split /dev/kmsg related stuff into its own .c file
Lennart Poettering [Wed, 22 Aug 2012 01:09:44 +0000 (03:09 +0200)]
journald: split /dev/kmsg related stuff into its own .c file

8 years agojournald: write tags also to user journal files
Lennart Poettering [Wed, 22 Aug 2012 00:53:51 +0000 (02:53 +0200)]
journald: write tags also to user journal files

8 years agojournald: augment journal entries from the kernel with data from udev
Lennart Poettering [Wed, 22 Aug 2012 00:49:17 +0000 (02:49 +0200)]
journald: augment journal entries from the kernel with data from udev

8 years agounit: add new ConditionHost= condition type
Lennart Poettering [Tue, 21 Aug 2012 23:51:53 +0000 (01:51 +0200)]
unit: add new ConditionHost= condition type

8 years agomain: fix PR_SET_CHILD_SUBREAPER warning version
Lennart Poettering [Tue, 21 Aug 2012 21:07:21 +0000 (23:07 +0200)]
main: fix PR_SET_CHILD_SUBREAPER warning version

8 years agojournalctl: be more friendly when informing about seal verification
Lennart Poettering [Tue, 21 Aug 2012 21:03:20 +0000 (23:03 +0200)]
journalctl: be more friendly when informing about seal verification

8 years agoshared/util: add fstab support for partuuid/partlabel
Dave Reisner [Sat, 11 Aug 2012 17:32:29 +0000 (13:32 -0400)]
shared/util: add fstab support for partuuid/partlabel

udev has supported this since 172, so it should be a safe (and welcome)
addition for users of GPT partitioned disks.

8 years agoshared/util: refactor fstab_node_to_udev_node
Dave Reisner [Sat, 11 Aug 2012 17:31:50 +0000 (13:31 -0400)]
shared/util: refactor fstab_node_to_udev_node

Since this is purely duplicated logic, separate it out into a small
static function.

8 years agoupdate TODO
Lennart Poettering [Tue, 21 Aug 2012 15:38:29 +0000 (17:38 +0200)]
update TODO

8 years agodev-setup: make NULL as parameter for dev_setup() equivalent to ""
Lennart Poettering [Tue, 21 Aug 2012 15:23:03 +0000 (17:23 +0200)]
dev-setup: make NULL as parameter for dev_setup() equivalent to ""

8 years agonspawn: add /dev FD symlinks in container setup
Dave Reisner [Wed, 15 Aug 2012 00:00:31 +0000 (20:00 -0400)]
nspawn: add /dev FD symlinks in container setup

This creates /dev/fd, /dev/stdin, /dev/stdout, /dev/stderr, and
/dev/core as symlinks to /proc on container creation. Except for
/dev/core, these are needed for shells like bash to be fully functional.

8 years agodev-setup: allow a path prefix for use in chroots
Dave Reisner [Wed, 15 Aug 2012 00:00:30 +0000 (20:00 -0400)]
dev-setup: allow a path prefix for use in chroots

With this adjustment, we can reuse this code elsewhere, such as in
nspawn.

8 years agoupdate TODO
Lennart Poettering [Tue, 21 Aug 2012 15:19:32 +0000 (17:19 +0200)]
update TODO

8 years agocore: fix error checking for PR_SET_CHILD_SUBREAPER
Lennart Poettering [Tue, 21 Aug 2012 14:47:14 +0000 (16:47 +0200)]
core: fix error checking for PR_SET_CHILD_SUBREAPER

8 years agobuild-sys: fix ntp-units.d path creation
Lennart Poettering [Tue, 21 Aug 2012 14:40:17 +0000 (16:40 +0200)]
build-sys: fix ntp-units.d path creation

Spotted by Dave Reisner

8 years agojournalctl: add a bit of color to the output
Lennart Poettering [Tue, 21 Aug 2012 13:53:48 +0000 (15:53 +0200)]
journalctl: add a bit of color to the output

8 years agojournal: properly handle EPIPE from /dev/kmsg
Lennart Poettering [Tue, 21 Aug 2012 13:34:41 +0000 (15:34 +0200)]
journal: properly handle EPIPE from /dev/kmsg

8 years agojournal: be more careful when keeping around mmaps we still need
Lennart Poettering [Tue, 21 Aug 2012 13:33:21 +0000 (15:33 +0200)]
journal: be more careful when keeping around mmaps we still need

8 years agoverify: optimize entry search a bit by using bisection
Lennart Poettering [Tue, 21 Aug 2012 13:32:51 +0000 (15:32 +0200)]
verify: optimize entry search a bit by using bisection

8 years agojournalctl: really include .journal~ files in listing
Lennart Poettering [Tue, 21 Aug 2012 00:13:21 +0000 (02:13 +0200)]
journalctl: really include .journal~ files in listing

8 years agojournal: initialize libgcrypt explicitly, before using HMAC
Lennart Poettering [Mon, 20 Aug 2012 23:43:37 +0000 (01:43 +0200)]
journal: initialize libgcrypt explicitly, before using HMAC

8 years agojournal: automatically evolve FSS key even when nothing is logged
Lennart Poettering [Mon, 20 Aug 2012 23:29:17 +0000 (01:29 +0200)]
journal: automatically evolve FSS key even when nothing is logged

8 years agojournalctl: reword things a bit
Lennart Poettering [Mon, 20 Aug 2012 23:02:08 +0000 (01:02 +0200)]
journalctl: reword things a bit

8 years agojournal: rearrange QR code output a bit to fi to 80x25 terminals
Lennart Poettering [Mon, 20 Aug 2012 20:22:05 +0000 (22:22 +0200)]
journal: rearrange QR code output a bit to fi to 80x25 terminals

8 years agojournald: add new Seal= configuration option
Lennart Poettering [Mon, 20 Aug 2012 20:13:22 +0000 (22:13 +0200)]
journald: add new Seal= configuration option

8 years agojournalctl: explain QR code use
Lennart Poettering [Mon, 20 Aug 2012 20:11:55 +0000 (22:11 +0200)]
journalctl: explain QR code use

8 years agojournal: include machine ID in QR code
Lennart Poettering [Mon, 20 Aug 2012 20:11:38 +0000 (22:11 +0200)]
journal: include machine ID in QR code

8 years agojournalctl: output FSS key as QR code on generating
Lennart Poettering [Mon, 20 Aug 2012 20:02:19 +0000 (22:02 +0200)]
journalctl: output FSS key as QR code on generating

8 years agojournal: add missing endianess conversion
Lennart Poettering [Mon, 20 Aug 2012 17:21:19 +0000 (19:21 +0200)]
journal: add missing endianess conversion

8 years agojournal: make libgcrypt dependency optional
Lennart Poettering [Mon, 20 Aug 2012 14:51:46 +0000 (16:51 +0200)]
journal: make libgcrypt dependency optional

8 years agojournal: use a macro to check for file header flags
Lennart Poettering [Mon, 20 Aug 2012 14:11:42 +0000 (16:11 +0200)]
journal: use a macro to check for file header flags

8 years agojournal: fix tag ordering check
Lennart Poettering [Mon, 20 Aug 2012 13:59:33 +0000 (15:59 +0200)]
journal: fix tag ordering check

8 years agojournal: fix bisection algorithm
Lennart Poettering [Sun, 19 Aug 2012 13:16:32 +0000 (15:16 +0200)]
journal: fix bisection algorithm

8 years agojournal: validate timestamps as well
Lennart Poettering [Sun, 19 Aug 2012 13:15:59 +0000 (15:15 +0200)]
journal: validate timestamps as well

8 years agommap: resize arrays dynamically
Lennart Poettering [Fri, 17 Aug 2012 23:46:20 +0000 (01:46 +0200)]
mmap: resize arrays dynamically

8 years agojournal: even more simple static object tests
Lennart Poettering [Fri, 17 Aug 2012 23:45:39 +0000 (01:45 +0200)]
journal: even more simple static object tests

8 years agojournal: refuse verification of files with unknown flags
Lennart Poettering [Fri, 17 Aug 2012 22:40:48 +0000 (00:40 +0200)]
journal: refuse verification of files with unknown flags

8 years agojounral: write bit fiddling test
Lennart Poettering [Fri, 17 Aug 2012 22:40:03 +0000 (00:40 +0200)]
jounral: write bit fiddling test

This test goes through every single bit in a journal file, toggles it,
and checks if this change is detected by the verification.

8 years agojournal: fix verification without key
Lennart Poettering [Fri, 17 Aug 2012 22:38:57 +0000 (00:38 +0200)]
journal: fix verification without key

8 years agojournald: add additional simple static tests to verifier
Lennart Poettering [Fri, 17 Aug 2012 22:37:21 +0000 (00:37 +0200)]
journald: add additional simple static tests to verifier

8 years agojournal: be fine with opening rotated/corrupted journal files
Lennart Poettering [Fri, 17 Aug 2012 20:10:36 +0000 (22:10 +0200)]
journal: be fine with opening rotated/corrupted journal files

8 years agojournal: set secure deletion flags for FSS file
Lennart Poettering [Fri, 17 Aug 2012 20:10:11 +0000 (22:10 +0200)]
journal: set secure deletion flags for FSS file

8 years agojournal: after verification output validated time range
Lennart Poettering [Fri, 17 Aug 2012 01:30:22 +0000 (03:30 +0200)]
journal: after verification output validated time range

8 years agojournal: reword verification messages a bit
Lennart Poettering [Fri, 17 Aug 2012 01:01:07 +0000 (03:01 +0200)]
journal: reword verification messages a bit

8 years agojournal: ensure that entries and tags are properly ordered
Lennart Poettering [Fri, 17 Aug 2012 01:00:09 +0000 (03:00 +0200)]
journal: ensure that entries and tags are properly ordered

8 years agojournal: show new header fields in header dump
Lennart Poettering [Fri, 17 Aug 2012 00:29:20 +0000 (02:29 +0200)]
journal: show new header fields in header dump

8 years agojournal: don't write tag objects if nothing has been written since the last time
Lennart Poettering [Thu, 16 Aug 2012 23:19:32 +0000 (01:19 +0200)]
journal: don't write tag objects if nothing has been written since the last time

8 years agoman: add man pages for new FSS stuff
Lennart Poettering [Thu, 16 Aug 2012 23:09:43 +0000 (01:09 +0200)]
man: add man pages for new FSS stuff

8 years agojournal: rework terminology
Lennart Poettering [Thu, 16 Aug 2012 22:45:18 +0000 (00:45 +0200)]
journal: rework terminology

Let's clean up our terminology a bit. New terminology:

FSS = Forward Secure Sealing
FSPRG = Forward Secure Pseudo-Random Generator

FSS is the combination of FSPRG and a HMAC.

Sealing = process of adding authentication tags to the journal.
Verification = process of checking authentication tags to the journal.

Sealing Key = The key used for adding authentication tags to the journal.
Verification Key = The key used for checking authentication tags of the journal.
Key pair = The pair of Sealing Key and Verification Key

Internally, the Sealing Key is the combination of the FSPRG State plus
change interval/start time.

Internally, the Verification Key is the combination of the FSPRG Seed
plus change interval/start time.

8 years agojournal: add FSPRG journal authentication
Lennart Poettering [Thu, 16 Aug 2012 21:58:14 +0000 (23:58 +0200)]
journal: add FSPRG journal authentication

8 years agojournal: fix tag sequence number verification
Lennart Poettering [Thu, 16 Aug 2012 19:22:11 +0000 (21:22 +0200)]
journal: fix tag sequence number verification

8 years agojournalctl: immeidately terminate on invalid seed
Lennart Poettering [Thu, 16 Aug 2012 19:00:34 +0000 (21:00 +0200)]
journalctl: immeidately terminate on invalid seed

8 years agojournal: parse fsprg seed
Lennart Poettering [Thu, 16 Aug 2012 18:51:43 +0000 (20:51 +0200)]
journal: parse fsprg seed

8 years agojournal: count number of entry arrays in header
Lennart Poettering [Thu, 16 Aug 2012 18:51:24 +0000 (20:51 +0200)]
journal: count number of entry arrays in header

8 years agokeymap: fix map name reference
Kay Sievers [Thu, 16 Aug 2012 19:00:06 +0000 (21:00 +0200)]
keymap: fix map name reference

8 years agojournal: rename 'mmap' to 'mmap_cache' to appease gcc
Zbigniew Jędrzejewski-Szmek [Thu, 16 Aug 2012 17:30:36 +0000 (19:30 +0200)]
journal: rename 'mmap' to 'mmap_cache' to appease gcc

warning: declaration of 'mmap' shadows a global declaration [-Wshadow]

8 years agojournal: fix variable initialization
Lennart Poettering [Thu, 16 Aug 2012 15:39:00 +0000 (17:39 +0200)]
journal: fix variable initialization

8 years agojournal: fix unitialized var
Lennart Poettering [Thu, 16 Aug 2012 15:22:58 +0000 (17:22 +0200)]
journal: fix unitialized var

8 years agojournal: journal-send.h doesn't actually exist
Lennart Poettering [Thu, 16 Aug 2012 15:19:47 +0000 (17:19 +0200)]
journal: journal-send.h doesn't actually exist

8 years agojournal: verify structural consistency
Lennart Poettering [Thu, 16 Aug 2012 15:09:53 +0000 (17:09 +0200)]
journal: verify structural consistency

8 years agojournal: add color to verification progress bar
Lennart Poettering [Thu, 16 Aug 2012 01:45:10 +0000 (03:45 +0200)]
journal: add color to verification progress bar

8 years agojournal: verify compressed objects
Lennart Poettering [Thu, 16 Aug 2012 01:43:07 +0000 (03:43 +0200)]
journal: verify compressed objects

8 years agojournalctl: add --verify-seed= switch to specify seed value
Lennart Poettering [Thu, 16 Aug 2012 00:14:34 +0000 (02:14 +0200)]
journalctl: add --verify-seed= switch to specify seed value

8 years agojournal: verify hashes only during actual verification, not all the time
Lennart Poettering [Wed, 15 Aug 2012 23:59:25 +0000 (01:59 +0200)]
journal: verify hashes only during actual verification, not all the time

8 years agojournal: split up journal-file.c
Lennart Poettering [Wed, 15 Aug 2012 23:51:54 +0000 (01:51 +0200)]
journal: split up journal-file.c

8 years agojournal: add superficial structure verifier
Lennart Poettering [Wed, 15 Aug 2012 23:20:32 +0000 (01:20 +0200)]
journal: add superficial structure verifier

8 years agojournal: implement basic journal file verification logic
Lennart Poettering [Tue, 14 Aug 2012 23:54:09 +0000 (01:54 +0200)]
journal: implement basic journal file verification logic

8 years agoconf-parser: make parsing exit status lists non-fatal
Lennart Poettering [Tue, 14 Aug 2012 20:04:11 +0000 (22:04 +0200)]
conf-parser: make parsing exit status lists non-fatal

8 years agojournal: implement generic sharable mmap caching logic
Lennart Poettering [Tue, 14 Aug 2012 20:02:24 +0000 (22:02 +0200)]
journal: implement generic sharable mmap caching logic

instead of having one simple per-file cache implement an more
comprehensive one that works for multiple files and can actually
maintain multiple maps per file and per object type.

8 years agokeymap: Add Sony VGN
Martin Pitt [Wed, 15 Aug 2012 06:46:03 +0000 (08:46 +0200)]
keymap: Add Sony VGN

https://launchpad.net/bugs/939868

8 years agoconf-parser: simplify a few things by using set_ensure_allocated() rather than set_new()
Lennart Poettering [Tue, 14 Aug 2012 16:42:26 +0000 (18:42 +0200)]
conf-parser: simplify a few things by using set_ensure_allocated() rather than set_new()

8 years agoman: extend documentation for RestartPreventExitStatus= and SuccessExitStatus= a bit
Lennart Poettering [Tue, 14 Aug 2012 16:37:45 +0000 (18:37 +0200)]
man: extend documentation for RestartPreventExitStatus= and SuccessExitStatus= a bit

8 years agoservice: add options RestartPreventExitStatus and SuccessExitStatus
Lukas Nykryn [Mon, 13 Aug 2012 11:58:01 +0000 (13:58 +0200)]
service: add options RestartPreventExitStatus and SuccessExitStatus

In some cases, like wrong configuration, restarting after error
does not help, so administrator can specify statuses by RestartPreventExitStatus
which will not cause restart of a service.

Sometimes you have non-standart exit status, so this can be specified
by SuccessfulExitStatus.

8 years agojournal: include tag object header in hmac
Lennart Poettering [Mon, 13 Aug 2012 19:52:58 +0000 (21:52 +0200)]
journal: include tag object header in hmac

8 years agojournal: add all objects we add to HMAC
Lennart Poettering [Mon, 13 Aug 2012 18:57:38 +0000 (20:57 +0200)]
journal: add all objects we add to HMAC

8 years agojournald: initial version of FSPRG hookup
Lennart Poettering [Mon, 13 Aug 2012 18:31:10 +0000 (20:31 +0200)]
journald: initial version of FSPRG hookup

This adds forward-secure authentication of journal files. This patch
includes key generation as well as tagging of journal files,
Verification of journal files will be added in a later patch.

8 years agoumount: MS_MGC_VAL is so 90s
Lennart Poettering [Mon, 13 Aug 2012 14:30:10 +0000 (16:30 +0200)]
umount: MS_MGC_VAL is so 90s

8 years agoupdate TODO
Lennart Poettering [Mon, 13 Aug 2012 14:27:17 +0000 (16:27 +0200)]
update TODO

8 years agonspawn,namespaces: make sure we recursively bind mount things in
Lennart Poettering [Mon, 13 Aug 2012 14:25:03 +0000 (16:25 +0200)]
nspawn,namespaces: make sure we recursively bind mount things in

We want to make sure that everything from the host is also visible in
the sandbox.

8 years agomachine-id: properly mount transient machine ID read-only
Lennart Poettering [Mon, 13 Aug 2012 14:24:30 +0000 (16:24 +0200)]
machine-id: properly mount transient machine ID read-only