chiark / gitweb /
elogind.git
8 years agodev-setup: allow a path prefix for use in chroots
Dave Reisner [Wed, 15 Aug 2012 00:00:30 +0000 (20:00 -0400)]
dev-setup: allow a path prefix for use in chroots

With this adjustment, we can reuse this code elsewhere, such as in
nspawn.

8 years agoupdate TODO
Lennart Poettering [Tue, 21 Aug 2012 15:19:32 +0000 (17:19 +0200)]
update TODO

8 years agocore: fix error checking for PR_SET_CHILD_SUBREAPER
Lennart Poettering [Tue, 21 Aug 2012 14:47:14 +0000 (16:47 +0200)]
core: fix error checking for PR_SET_CHILD_SUBREAPER

8 years agobuild-sys: fix ntp-units.d path creation
Lennart Poettering [Tue, 21 Aug 2012 14:40:17 +0000 (16:40 +0200)]
build-sys: fix ntp-units.d path creation

Spotted by Dave Reisner

8 years agojournalctl: add a bit of color to the output
Lennart Poettering [Tue, 21 Aug 2012 13:53:48 +0000 (15:53 +0200)]
journalctl: add a bit of color to the output

8 years agojournal: properly handle EPIPE from /dev/kmsg
Lennart Poettering [Tue, 21 Aug 2012 13:34:41 +0000 (15:34 +0200)]
journal: properly handle EPIPE from /dev/kmsg

8 years agojournal: be more careful when keeping around mmaps we still need
Lennart Poettering [Tue, 21 Aug 2012 13:33:21 +0000 (15:33 +0200)]
journal: be more careful when keeping around mmaps we still need

8 years agoverify: optimize entry search a bit by using bisection
Lennart Poettering [Tue, 21 Aug 2012 13:32:51 +0000 (15:32 +0200)]
verify: optimize entry search a bit by using bisection

8 years agojournalctl: really include .journal~ files in listing
Lennart Poettering [Tue, 21 Aug 2012 00:13:21 +0000 (02:13 +0200)]
journalctl: really include .journal~ files in listing

8 years agojournal: initialize libgcrypt explicitly, before using HMAC
Lennart Poettering [Mon, 20 Aug 2012 23:43:37 +0000 (01:43 +0200)]
journal: initialize libgcrypt explicitly, before using HMAC

8 years agojournal: automatically evolve FSS key even when nothing is logged
Lennart Poettering [Mon, 20 Aug 2012 23:29:17 +0000 (01:29 +0200)]
journal: automatically evolve FSS key even when nothing is logged

8 years agojournalctl: reword things a bit
Lennart Poettering [Mon, 20 Aug 2012 23:02:08 +0000 (01:02 +0200)]
journalctl: reword things a bit

8 years agojournal: rearrange QR code output a bit to fi to 80x25 terminals
Lennart Poettering [Mon, 20 Aug 2012 20:22:05 +0000 (22:22 +0200)]
journal: rearrange QR code output a bit to fi to 80x25 terminals

8 years agojournald: add new Seal= configuration option
Lennart Poettering [Mon, 20 Aug 2012 20:13:22 +0000 (22:13 +0200)]
journald: add new Seal= configuration option

8 years agojournalctl: explain QR code use
Lennart Poettering [Mon, 20 Aug 2012 20:11:55 +0000 (22:11 +0200)]
journalctl: explain QR code use

8 years agojournal: include machine ID in QR code
Lennart Poettering [Mon, 20 Aug 2012 20:11:38 +0000 (22:11 +0200)]
journal: include machine ID in QR code

8 years agojournalctl: output FSS key as QR code on generating
Lennart Poettering [Mon, 20 Aug 2012 20:02:19 +0000 (22:02 +0200)]
journalctl: output FSS key as QR code on generating

8 years agojournal: add missing endianess conversion
Lennart Poettering [Mon, 20 Aug 2012 17:21:19 +0000 (19:21 +0200)]
journal: add missing endianess conversion

8 years agojournal: make libgcrypt dependency optional
Lennart Poettering [Mon, 20 Aug 2012 14:51:46 +0000 (16:51 +0200)]
journal: make libgcrypt dependency optional

8 years agojournal: use a macro to check for file header flags
Lennart Poettering [Mon, 20 Aug 2012 14:11:42 +0000 (16:11 +0200)]
journal: use a macro to check for file header flags

8 years agojournal: fix tag ordering check
Lennart Poettering [Mon, 20 Aug 2012 13:59:33 +0000 (15:59 +0200)]
journal: fix tag ordering check

8 years agojournal: fix bisection algorithm
Lennart Poettering [Sun, 19 Aug 2012 13:16:32 +0000 (15:16 +0200)]
journal: fix bisection algorithm

8 years agojournal: validate timestamps as well
Lennart Poettering [Sun, 19 Aug 2012 13:15:59 +0000 (15:15 +0200)]
journal: validate timestamps as well

8 years agommap: resize arrays dynamically
Lennart Poettering [Fri, 17 Aug 2012 23:46:20 +0000 (01:46 +0200)]
mmap: resize arrays dynamically

8 years agojournal: even more simple static object tests
Lennart Poettering [Fri, 17 Aug 2012 23:45:39 +0000 (01:45 +0200)]
journal: even more simple static object tests

8 years agojournal: refuse verification of files with unknown flags
Lennart Poettering [Fri, 17 Aug 2012 22:40:48 +0000 (00:40 +0200)]
journal: refuse verification of files with unknown flags

8 years agojounral: write bit fiddling test
Lennart Poettering [Fri, 17 Aug 2012 22:40:03 +0000 (00:40 +0200)]
jounral: write bit fiddling test

This test goes through every single bit in a journal file, toggles it,
and checks if this change is detected by the verification.

8 years agojournal: fix verification without key
Lennart Poettering [Fri, 17 Aug 2012 22:38:57 +0000 (00:38 +0200)]
journal: fix verification without key

8 years agojournald: add additional simple static tests to verifier
Lennart Poettering [Fri, 17 Aug 2012 22:37:21 +0000 (00:37 +0200)]
journald: add additional simple static tests to verifier

8 years agojournal: be fine with opening rotated/corrupted journal files
Lennart Poettering [Fri, 17 Aug 2012 20:10:36 +0000 (22:10 +0200)]
journal: be fine with opening rotated/corrupted journal files

8 years agojournal: set secure deletion flags for FSS file
Lennart Poettering [Fri, 17 Aug 2012 20:10:11 +0000 (22:10 +0200)]
journal: set secure deletion flags for FSS file

8 years agojournal: after verification output validated time range
Lennart Poettering [Fri, 17 Aug 2012 01:30:22 +0000 (03:30 +0200)]
journal: after verification output validated time range

8 years agojournal: reword verification messages a bit
Lennart Poettering [Fri, 17 Aug 2012 01:01:07 +0000 (03:01 +0200)]
journal: reword verification messages a bit

8 years agojournal: ensure that entries and tags are properly ordered
Lennart Poettering [Fri, 17 Aug 2012 01:00:09 +0000 (03:00 +0200)]
journal: ensure that entries and tags are properly ordered

8 years agojournal: show new header fields in header dump
Lennart Poettering [Fri, 17 Aug 2012 00:29:20 +0000 (02:29 +0200)]
journal: show new header fields in header dump

8 years agojournal: don't write tag objects if nothing has been written since the last time
Lennart Poettering [Thu, 16 Aug 2012 23:19:32 +0000 (01:19 +0200)]
journal: don't write tag objects if nothing has been written since the last time

8 years agoman: add man pages for new FSS stuff
Lennart Poettering [Thu, 16 Aug 2012 23:09:43 +0000 (01:09 +0200)]
man: add man pages for new FSS stuff

8 years agojournal: rework terminology
Lennart Poettering [Thu, 16 Aug 2012 22:45:18 +0000 (00:45 +0200)]
journal: rework terminology

Let's clean up our terminology a bit. New terminology:

FSS = Forward Secure Sealing
FSPRG = Forward Secure Pseudo-Random Generator

FSS is the combination of FSPRG and a HMAC.

Sealing = process of adding authentication tags to the journal.
Verification = process of checking authentication tags to the journal.

Sealing Key = The key used for adding authentication tags to the journal.
Verification Key = The key used for checking authentication tags of the journal.
Key pair = The pair of Sealing Key and Verification Key

Internally, the Sealing Key is the combination of the FSPRG State plus
change interval/start time.

Internally, the Verification Key is the combination of the FSPRG Seed
plus change interval/start time.

8 years agojournal: add FSPRG journal authentication
Lennart Poettering [Thu, 16 Aug 2012 21:58:14 +0000 (23:58 +0200)]
journal: add FSPRG journal authentication

8 years agojournal: fix tag sequence number verification
Lennart Poettering [Thu, 16 Aug 2012 19:22:11 +0000 (21:22 +0200)]
journal: fix tag sequence number verification

8 years agojournalctl: immeidately terminate on invalid seed
Lennart Poettering [Thu, 16 Aug 2012 19:00:34 +0000 (21:00 +0200)]
journalctl: immeidately terminate on invalid seed

8 years agojournal: parse fsprg seed
Lennart Poettering [Thu, 16 Aug 2012 18:51:43 +0000 (20:51 +0200)]
journal: parse fsprg seed

8 years agojournal: count number of entry arrays in header
Lennart Poettering [Thu, 16 Aug 2012 18:51:24 +0000 (20:51 +0200)]
journal: count number of entry arrays in header

8 years agokeymap: fix map name reference
Kay Sievers [Thu, 16 Aug 2012 19:00:06 +0000 (21:00 +0200)]
keymap: fix map name reference

8 years agojournal: rename 'mmap' to 'mmap_cache' to appease gcc
Zbigniew Jędrzejewski-Szmek [Thu, 16 Aug 2012 17:30:36 +0000 (19:30 +0200)]
journal: rename 'mmap' to 'mmap_cache' to appease gcc

warning: declaration of 'mmap' shadows a global declaration [-Wshadow]

8 years agojournal: fix variable initialization
Lennart Poettering [Thu, 16 Aug 2012 15:39:00 +0000 (17:39 +0200)]
journal: fix variable initialization

8 years agojournal: fix unitialized var
Lennart Poettering [Thu, 16 Aug 2012 15:22:58 +0000 (17:22 +0200)]
journal: fix unitialized var

8 years agojournal: journal-send.h doesn't actually exist
Lennart Poettering [Thu, 16 Aug 2012 15:19:47 +0000 (17:19 +0200)]
journal: journal-send.h doesn't actually exist

8 years agojournal: verify structural consistency
Lennart Poettering [Thu, 16 Aug 2012 15:09:53 +0000 (17:09 +0200)]
journal: verify structural consistency

8 years agojournal: add color to verification progress bar
Lennart Poettering [Thu, 16 Aug 2012 01:45:10 +0000 (03:45 +0200)]
journal: add color to verification progress bar

8 years agojournal: verify compressed objects
Lennart Poettering [Thu, 16 Aug 2012 01:43:07 +0000 (03:43 +0200)]
journal: verify compressed objects

8 years agojournalctl: add --verify-seed= switch to specify seed value
Lennart Poettering [Thu, 16 Aug 2012 00:14:34 +0000 (02:14 +0200)]
journalctl: add --verify-seed= switch to specify seed value

8 years agojournal: verify hashes only during actual verification, not all the time
Lennart Poettering [Wed, 15 Aug 2012 23:59:25 +0000 (01:59 +0200)]
journal: verify hashes only during actual verification, not all the time

8 years agojournal: split up journal-file.c
Lennart Poettering [Wed, 15 Aug 2012 23:51:54 +0000 (01:51 +0200)]
journal: split up journal-file.c

8 years agojournal: add superficial structure verifier
Lennart Poettering [Wed, 15 Aug 2012 23:20:32 +0000 (01:20 +0200)]
journal: add superficial structure verifier

8 years agojournal: implement basic journal file verification logic
Lennart Poettering [Tue, 14 Aug 2012 23:54:09 +0000 (01:54 +0200)]
journal: implement basic journal file verification logic

8 years agoconf-parser: make parsing exit status lists non-fatal
Lennart Poettering [Tue, 14 Aug 2012 20:04:11 +0000 (22:04 +0200)]
conf-parser: make parsing exit status lists non-fatal

8 years agojournal: implement generic sharable mmap caching logic
Lennart Poettering [Tue, 14 Aug 2012 20:02:24 +0000 (22:02 +0200)]
journal: implement generic sharable mmap caching logic

instead of having one simple per-file cache implement an more
comprehensive one that works for multiple files and can actually
maintain multiple maps per file and per object type.

8 years agokeymap: Add Sony VGN
Martin Pitt [Wed, 15 Aug 2012 06:46:03 +0000 (08:46 +0200)]
keymap: Add Sony VGN

https://launchpad.net/bugs/939868

8 years agoconf-parser: simplify a few things by using set_ensure_allocated() rather than set_new()
Lennart Poettering [Tue, 14 Aug 2012 16:42:26 +0000 (18:42 +0200)]
conf-parser: simplify a few things by using set_ensure_allocated() rather than set_new()

8 years agoman: extend documentation for RestartPreventExitStatus= and SuccessExitStatus= a bit
Lennart Poettering [Tue, 14 Aug 2012 16:37:45 +0000 (18:37 +0200)]
man: extend documentation for RestartPreventExitStatus= and SuccessExitStatus= a bit

8 years agoservice: add options RestartPreventExitStatus and SuccessExitStatus
Lukas Nykryn [Mon, 13 Aug 2012 11:58:01 +0000 (13:58 +0200)]
service: add options RestartPreventExitStatus and SuccessExitStatus

In some cases, like wrong configuration, restarting after error
does not help, so administrator can specify statuses by RestartPreventExitStatus
which will not cause restart of a service.

Sometimes you have non-standart exit status, so this can be specified
by SuccessfulExitStatus.

8 years agojournal: include tag object header in hmac
Lennart Poettering [Mon, 13 Aug 2012 19:52:58 +0000 (21:52 +0200)]
journal: include tag object header in hmac

8 years agojournal: add all objects we add to HMAC
Lennart Poettering [Mon, 13 Aug 2012 18:57:38 +0000 (20:57 +0200)]
journal: add all objects we add to HMAC

8 years agojournald: initial version of FSPRG hookup
Lennart Poettering [Mon, 13 Aug 2012 18:31:10 +0000 (20:31 +0200)]
journald: initial version of FSPRG hookup

This adds forward-secure authentication of journal files. This patch
includes key generation as well as tagging of journal files,
Verification of journal files will be added in a later patch.

8 years agoumount: MS_MGC_VAL is so 90s
Lennart Poettering [Mon, 13 Aug 2012 14:30:10 +0000 (16:30 +0200)]
umount: MS_MGC_VAL is so 90s

8 years agoupdate TODO
Lennart Poettering [Mon, 13 Aug 2012 14:27:17 +0000 (16:27 +0200)]
update TODO

8 years agonspawn,namespaces: make sure we recursively bind mount things in
Lennart Poettering [Mon, 13 Aug 2012 14:25:03 +0000 (16:25 +0200)]
nspawn,namespaces: make sure we recursively bind mount things in

We want to make sure that everything from the host is also visible in
the sandbox.

8 years agomachine-id: properly mount transient machine ID read-only
Lennart Poettering [Mon, 13 Aug 2012 14:24:30 +0000 (16:24 +0200)]
machine-id: properly mount transient machine ID read-only

8 years agonspawn: unset a few unnecessary params to mount()
Lennart Poettering [Mon, 13 Aug 2012 14:23:31 +0000 (16:23 +0200)]
nspawn: unset a few unnecessary params to mount()

8 years agoupdate TODO
Lennart Poettering [Mon, 13 Aug 2012 13:39:25 +0000 (15:39 +0200)]
update TODO

8 years agonamespace: rework namespace support
Lennart Poettering [Mon, 13 Aug 2012 13:27:04 +0000 (15:27 +0200)]
namespace: rework namespace support

- don't use pivot_root() anymore, just reuse root hierarchy
- first create all mounts, then mark them read-only so that we get the
  right behaviour when people want writable mounts inside of
  read-only mounts
- don't pass invalid combinations of MS_ constants to the kernel

8 years agonspawn: inherit mounts from real root, don't propagate mounts to real root
Lennart Poettering [Mon, 13 Aug 2012 13:23:10 +0000 (15:23 +0200)]
nspawn: inherit mounts from real root, don't propagate mounts to real root

8 years agoswitch-root: remount to MS_PRIVATE
Lennart Poettering [Sat, 11 Aug 2012 23:29:41 +0000 (01:29 +0200)]
switch-root: remount to MS_PRIVATE

The kernel does not allow switching roots if things are mounted
MS_SHARED. As a work-around, remount things MS_PRIVATE before switching
roots.

This should be fixed in the kernel for good.

https://bugzilla.redhat.com/show_bug.cgi?id=847418

8 years agoudev: export udev_device_new_from_device_id()
Kay Sievers [Fri, 10 Aug 2012 17:56:57 +0000 (19:56 +0200)]
udev: export udev_device_new_from_device_id()

8 years agosystemctl: fix issue with systemctl daemon-reexec
Simon Peeters [Fri, 10 Aug 2012 15:32:19 +0000 (17:32 +0200)]
systemctl: fix issue with systemctl daemon-reexec

8 years agoshared/utf8: mark char* as const
Dave Reisner [Fri, 10 Aug 2012 15:02:04 +0000 (11:02 -0400)]
shared/utf8: mark char* as const

Avoids compiler warning:

  src/shared/utf8.c: In function 'ascii_filter':
  src/shared/utf8.c:278:16: warning: assignment discards 'const' qualifier
      from pointer target type [enabled by default]

8 years agoshutdown: recursively mark root as private before pivot
Dave Reisner [Fri, 10 Aug 2012 15:02:03 +0000 (11:02 -0400)]
shutdown: recursively mark root as private before pivot

Because root is now recursively marked as shared on bootup, we need to
recursively mark root as private. This prevents a pivot_root failure on
shutdown:

  Cannot finalize remaining file systems and devices, giving up.
  pivot failed: Invalid argument

8 years agoid128: don't use C99 bool in public headers
Lennart Poettering [Fri, 10 Aug 2012 15:58:46 +0000 (17:58 +0200)]
id128: don't use C99 bool in public headers

8 years agojournald: never read the same kernel msg twice, and generate message when we lose one
Lennart Poettering [Thu, 9 Aug 2012 15:52:05 +0000 (17:52 +0200)]
journald: never read the same kernel msg twice, and generate message when we lose one

8 years agoupdate TODO
Lennart Poettering [Thu, 9 Aug 2012 15:25:22 +0000 (17:25 +0200)]
update TODO

8 years agoman: document kernel journal fields
Lennart Poettering [Thu, 9 Aug 2012 15:12:07 +0000 (17:12 +0200)]
man: document kernel journal fields

8 years agojournalctl: support device node matches as shortcut
Lennart Poettering [Thu, 9 Aug 2012 15:05:29 +0000 (17:05 +0200)]
journalctl: support device node matches as shortcut

8 years agojournald: properly unescape messages from /dev/kmsg
Lennart Poettering [Thu, 9 Aug 2012 14:49:28 +0000 (16:49 +0200)]
journald: properly unescape messages from /dev/kmsg

8 years agojournald: also parse kernel key/value fields and store them prefixed with _KERNEL_...
Lennart Poettering [Thu, 9 Aug 2012 14:29:16 +0000 (16:29 +0200)]
journald: also parse kernel key/value fields and store them prefixed with _KERNEL_ as journal fields

8 years agojournald: basic support for /dev/kmsg parsing
Lennart Poettering [Thu, 9 Aug 2012 13:57:24 +0000 (15:57 +0200)]
journald: basic support for /dev/kmsg parsing

8 years agoman: clarify the order of seats in sd_get_seats() is undefined
Lennart Poettering [Thu, 9 Aug 2012 13:57:01 +0000 (15:57 +0200)]
man: clarify the order of seats in sd_get_seats() is undefined

8 years agoupdate mailmap
Lennart Poettering [Thu, 9 Aug 2012 10:52:49 +0000 (12:52 +0200)]
update mailmap

8 years agobuild-sys: use more generic regular expression to generate syscall-list.txt correctly
Huang Hang [Thu, 9 Aug 2012 03:22:08 +0000 (11:22 +0800)]
build-sys: use more generic regular expression to generate syscall-list.txt correctly

Currently MIPS and ARM define syscall numbers for multiple ABI in one
<asm/unistd.h>. The #define statments for each syscall are formated as:

 #define __NR_scname (BASE_OFFSET + sc_number)

Thus we need a more generic regular expression to match these in awk.

8 years agoupdate TODO
Lennart Poettering [Thu, 9 Aug 2012 00:10:44 +0000 (02:10 +0200)]
update TODO

8 years agofix a couple of issues found with llvm-analyze
Lennart Poettering [Wed, 8 Aug 2012 21:54:21 +0000 (23:54 +0200)]
fix a couple of issues found with llvm-analyze

8 years agobuild-sys: prepare release 188 v188
Lennart Poettering [Wed, 8 Aug 2012 19:49:01 +0000 (21:49 +0200)]
build-sys: prepare release 188

8 years agoupdate TODO
Lennart Poettering [Wed, 8 Aug 2012 17:30:18 +0000 (19:30 +0200)]
update TODO

8 years agobuild-sys: add CFLAGS to CPP calls
Peter Alfredsen [Wed, 8 Aug 2012 19:33:42 +0000 (21:33 +0200)]
build-sys: add CFLAGS to CPP calls

It changes the defines WORDSIZE and __I386, CFLAGS=-m32.

8 years agobuild-sys: really override CFLAGS for gtk-doc
Zbigniew Jędrzejewski-Szmek [Wed, 8 Aug 2012 17:00:35 +0000 (19:00 +0200)]
build-sys: really override CFLAGS for gtk-doc

In 29a00c41 an override was added, but commandline variables have
higher precedence than Makefile variables, so the override was not
effective for commandline variables.

While at it, duplicate for libudev.

8 years agoupdate TODO
Lennart Poettering [Wed, 8 Aug 2012 17:19:45 +0000 (19:19 +0200)]
update TODO

8 years agoupdate TODO
Lennart Poettering [Wed, 8 Aug 2012 17:09:59 +0000 (19:09 +0200)]
update TODO

8 years agoMerge remote-tracking branch 'simonpe/cleanup'
Lennart Poettering [Wed, 8 Aug 2012 16:44:15 +0000 (18:44 +0200)]
Merge remote-tracking branch 'simonpe/cleanup'

8 years agoupdate TODO
Lennart Poettering [Wed, 8 Aug 2012 16:10:35 +0000 (18:10 +0200)]
update TODO

8 years agoudev: fix typo in copyright
Kay Sievers [Wed, 8 Aug 2012 16:24:50 +0000 (18:24 +0200)]
udev: fix typo in copyright