Commit Graph

401 Commits

Author SHA1 Message Date
Lennart Poettering
76d4bef384 build-sys: bump package and library version 2014-05-27 19:02:22 +08:00
Zbigniew Jędrzejewski-Szmek
49e5c2b26a build-sys: fix typo in variable name 2014-05-24 18:50:21 -04:00
Lennart Poettering
f7dc3ab9f4 logind: don't apply RemoveIPC= to system users
We shouldn't destroy IPC objects of system users on logout.

http://lists.freedesktop.org/archives/systemd-devel/2014-April/018373.html

This introduces SYSTEM_UID_MAX defined to the maximum UID of system
users. This value is determined compile-time, either as configure switch
or from /etc/login.defs. (We don't read that file at runtime, since this
is really a choice for a system builder, not the end user.)

While we are at it we then also update journald to use SYSTEM_UID_MAX
when we decide whether to split out log data for a specific client.
2014-05-21 09:36:49 +09:00
Tom Gundersen
091a364c80 resolved: add daemon to manage resolv.conf
Also remove the equivalent functionality from networkd.
2014-05-19 18:14:56 +02:00
Cristian Rodríguez
2a4d1ec152 build: Compile everything with PIE 2014-05-19 01:14:35 +09:00
Tom Gundersen
7b4d796839 networkd: also add IPv6 DNS servers by default 2014-05-16 19:48:25 +02:00
Tom Gundersen
e16cb2e4ef networkd: hardcode a set of default dns servers
Similarly to NTP servers, this can be set at compile-time.
2014-05-16 17:19:04 +02:00
Lennart Poettering
4468835285 build-sys: at configure check for verifying that ln supports --relative 2014-05-16 16:51:42 +02:00
Cristian Rodríguez
679be2a742 network: fix build failure, missing KMOD_XXX flags
- Add KMOD_CFLAGS and KMOD_LIBS where appropiate
- networkd now requires kmod. make --disable-kmod --enable-networkd
to raise an error.
2014-05-15 18:51:54 +02:00
Zbigniew Jędrzejewski-Szmek
5ea846cc51 networkd, build-sys: spelling fix 2014-05-15 15:29:59 +02:00
Zbigniew Jędrzejewski-Szmek
de0671ee7f Remove unnecessary casts in printfs
No functional change expected :)
2014-05-15 15:29:58 +02:00
Lennart Poettering
661278ee29 timesyncd: never accept NTP time from server that is older than systemd's release time 2014-05-06 18:08:04 +02:00
Lennart Poettering
e8af69739a timesyncd: read server settings from a configuration file
Also, allow compiling in a default server list via a configure command
line item.
2014-05-06 17:02:11 +02:00
Lennart Poettering
43ba1b3e64 build-sys: enable timesyncd by default 2014-05-05 21:39:10 +02:00
Kay Sievers
a91df40e69 timesyncd: add unit and man page 2014-04-29 09:51:53 +02:00
Kay Sievers
687ed1237b rename timedate-sntp to timesync 2014-04-28 17:08:52 +02:00
Zbigniew Jędrzejewski-Szmek
ae0ceefc2f build-sys: add configure switch for -fsanitize=undefined
--enable-undefined-sanitizer mirrors --enable-memory-sanitizer.
2014-04-26 08:16:39 -04:00
Cristian Rodríguez
aca33b078c build: if -fstack-protector-strong is available, use it. 2014-04-12 11:56:07 -04:00
Lennart Poettering
3b5b000fbc build-sys: prepare 212 2014-03-25 20:22:41 +01:00
Lennart Poettering
7f8aa67131 core: remove tcpwrap support
tcpwrap is legacy code, that is barely maintained upstream. It's APIs
are awful, and the feature set it exposes (such as DNS and IDENT
access control) questionnable. We should not support this natively in
systemd.

Hence, let's remove the code. If people want to continue making use of
this, they can do so by plugging in "tcpd" for the processes they start.
With that scheme things are as well or badly supported as they were from
traditional inetd, hence no functionality is really lost.
2014-03-24 20:07:42 +01:00
Lennart Poettering
5f381b355a missing: define LO_FLAGS_PARTSCAN if it is missing
https://bugs.freedesktop.org/show_bug.cgi?id=76335
2014-03-19 01:10:14 +01:00
Zbigniew Jędrzejewski-Szmek
3f57309664 build-sys: bump required µhttpd version
MHD_USE_EPOLL_LINUX_ONLY, MHD_USE_DUAL_STACK are only available in
next-but-last release.
2014-03-17 01:55:48 -04:00
Zbigniew Jędrzejewski-Szmek
f12be7e8ca journal-gatewayd: check if certificate is signed by CA
If --trust=ca.crt is used, only clients presenting certificates signed
by the ca will be allowed to proceed. No hostname matching is
performed, so any client wielding a signed certificate will be
authorized.

Error functions are moved from journal-gateway to microhttp-util and
made non-static, since now they are used in two source files.
2014-03-17 01:55:48 -04:00
Zbigniew Jędrzejewski-Szmek
6031319956 build-sys: add check on gnutls 2014-03-17 01:55:48 -04:00
Lennart Poettering
6bf6f402b6 build-sys: prepare release 211 2014-03-11 20:25:00 +01:00
Samuli Suominen
2d0efdf1af build-sys: Find the tools for users with no /sbin:/usr/sbin in PATH since some systems still make the distiction between bin and sbin. 2014-03-10 22:36:17 +01:00
Lennart Poettering
1c231f5648 logind: make $XDG_RUNTIME_DIR a per-user tmpfs
This way each user allocates from his own pool, with its own size limit.

This puts the size limit by default to 10% of the physical RAM size but
makes it configurable in logind.conf.
2014-03-04 20:02:50 +01:00
Lennart Poettering
62ca29b81b build-sys: bump revisions and version 2014-02-24 19:25:00 +01:00
Mike Gilbert
4ca39b280f configure: Do not require xsltproc for installation of man pages
The release tarballs ship with pre-generated man pages, so we do not
need xsltproc for a typical end-user build.

Developers will probably have xsltproc anyway, but if not they will now
encounter a build-time failure instead of an error in configure.
2014-02-24 00:20:25 -05:00
Jason A. Donenfeld
7a243b2204 configure: show if networkd is enabled in status 2014-02-21 09:36:04 -05:00
Michael Scherer
eef65bf3ee core: Add AppArmor profile switching
This permit to switch to a specific apparmor profile when starting a daemon. This
will result in a non operation if apparmor is disabled.
It also add a new build requirement on libapparmor for using this feature.
2014-02-21 03:44:20 +01:00
Lennart Poettering
fdc8509fb6 build-sys: don't use -Wcast-align anymore
We do a lot of these casts, and they are all OK, so let's get rid of the
warning, to make things quieter.

http://lists.freedesktop.org/archives/systemd-devel/2014-February/017174.html
2014-02-21 03:15:52 +01:00
Holger Schurig
3b79431414 build-sys: Add setns() functions if not in the C library.
Debian Stable is still using glibc 2.13, which doesn't provide the setns().
So we detect this and provide a tiny wrapper that issues the setns syscall
towards the kernel.
2014-02-21 03:06:29 +01:00
Lennart Poettering
e2044076bf build-sys: bump release in preparation for release 2014-02-19 21:03:55 +01:00
Lennart Poettering
6a6751fe24 core: warn when unit files with unsupported options are parsed 2014-02-17 17:49:09 +01:00
Lennart Poettering
17df7223be core: rework syscall filter
- Allow configuration of an errno error to return from blacklisted
  syscalls, instead of immediately terminating a process.

- Fix parsing logic when libseccomp support is turned off

- Only keep the actual syscall set in the ExecContext, and generate the
  string version only on demand.
2014-02-12 18:30:36 +01:00
Ronny Chevalier
c0467cf387 syscallfilter: port to libseccomp 2014-02-12 18:30:36 +01:00
Zbigniew Jędrzejewski-Szmek
32dcef3ab1 build-sys: make lxml required when generating indices
Since the manpage indices generated without lxml would be missing some
parts, it doesn't make sense to keep lxml optional anymore.
2014-02-12 03:04:57 -05:00
Zbigniew Jędrzejewski-Szmek
53e856e16a build-sys: create "compatibility libraries" section
Compat stuff is moved to src/compat-libs/.
Warnings are issued when programs are linked with the deprecated library.
2014-01-25 18:10:08 -05:00
Zbigniew Jędrzejewski-Szmek
39c4ead232 build-sys: default to gold linker
gold doesn't exhibit the problems with linking of compatibility
libraries.

It is also slightly faster:

make clean && make -j5   bfd       gold

real                   34.885s     33.707s
user                   34.486s     32.189s
sys                    9.929s      10.845s

real                   35.128s     33.508s
user                   34.660s     31.858s
sys                    10.798s     10.341s

real                   35.405s     33.748s
user                   34.765s     32.384s
sys                    11.635s     10.998s

real                   35.250s     33.795s
user                   34.704s     32.253s
sys                    11.220s     11.469s

touch src/libsystemd/sd-bus.c && make -j5
                        bfd        gold

real                   10.224s      9.030s
user                   11.664s      9.877s
sys                    3.431s       2.878s

real                   10.021s      9.165s
user                   11.526s      9.990s
sys                    3.061s       3.015s

real                   10.233s      8.961s
user                   11.657s      9.973s
sys                    3.467s       2.202s

real                   10.160s      9.086s
user                   11.637s      9.950s
sys                    3.188s       2.859s
2014-01-25 18:10:08 -05:00
Chengwei Yang
8114dedc59 build-sys: fix --enable-dbus
The incorrect shell code of AS_IF always get false value, so it always
build without dbus though build with "--enable-dbus" explicitely.
2014-01-16 00:16:02 -05:00
Dave Reisner
146ccaafd5 configure: use POSIX conformant syntax for test
In shells like bash, == and = are equivalent in test contexts. In POSIX
compliant shells, == isn't a valid operator.
2014-01-05 11:57:05 -05:00
Zbigniew Jędrzejewski-Szmek
ac6b760cee build-sys: add --disable-dbus autoconf option 2014-01-02 19:45:47 -05:00
Zbigniew Jędrzejewski-Szmek
ccd06097c7 Use format patterns for usec_t, pid_t, nsec_t, usec_t
It is nicer to predefine patterns using configure time check instead of
using casts everywhere.

Since we do not need to use any flags, include "%" in the format instead
of excluding it like PRI* macros.
2014-01-02 19:45:47 -05:00
Zbigniew Jędrzejewski-Szmek
4acbce7979 build-sys: fix generation of user@.service 2013-12-27 12:12:41 -05:00
Lennart Poettering
25ad866460 build-sys: the pure/const warning options are probably too much as default, but let's make it available via "autogen.sh a" 2013-12-25 19:00:38 +01:00
Lennart Poettering
693eb9a2d4 bus: rename message "serial" to "cookie"
Even if the lower-leveld dbus1 protocol calls it "serial", let's expose
the word "cookie" for this instead, as this is what kdbus uses and since
it doesn't imply monotonicity the same way "serial" does.
2013-12-25 18:04:04 +01:00
Lennart Poettering
cd49e2f664 build-sys: build bus-driverd if kdbus support is enabled 2013-12-17 01:36:59 +01:00
Daniel Mack
294c866023 Add bus-driverd
systemd-bus-driverd is a small daemon that connects to kdbus and
implements the org.freedesktop.DBus interface. IOW, it provides the bus
functions  traditionally taken care for by dbus-daemon.

Calls are proxied to kdbus, either via libsystemd-bus (were applicable)
or with the open-coded use of ioctl().

Note that the implementation is not yet finished as the functions to
add and remove matches and to start services by name are still missing.
2013-12-16 22:34:48 +01:00
Lennart Poettering
213298fb82 build-sys: warn if builds are not byte-by-byte reproducible due to usage of __DATE__ and suchlike 2013-12-16 04:58:20 +01:00