Among other cleanups this introduces a threshold for the size of binary
blobs we serialize as integer arrays in the JSON output. THis can be
disabled via --all.
The old code used a timestamp to print a timespan for unsealed journalfiles,
incorrectly showing things like 2230 days of unsealed entries. Print the timespan
between the first and last entry instead.
This requires a little bit of tip-toeing around to explicitly avoid
touching the environment from a sig handler. Instead, simply create a
function to reset the var to its "unset" state, allowing the next call
to columns() to recalculate and cache the new value.
This splits the JSON output mode into different modes: json and
json-pretty. The former printing one entry per line, the latter showing
JSON objects nicely indented and in multiple lines to make it easier to
read for humans.
Let's clean up our terminology a bit. New terminology:
FSS = Forward Secure Sealing
FSPRG = Forward Secure Pseudo-Random Generator
FSS is the combination of FSPRG and a HMAC.
Sealing = process of adding authentication tags to the journal.
Verification = process of checking authentication tags to the journal.
Sealing Key = The key used for adding authentication tags to the journal.
Verification Key = The key used for checking authentication tags of the journal.
Key pair = The pair of Sealing Key and Verification Key
Internally, the Sealing Key is the combination of the FSPRG State plus
change interval/start time.
Internally, the Verification Key is the combination of the FSPRG Seed
plus change interval/start time.
This adds forward-secure authentication of journal files. This patch
includes key generation as well as tagging of journal files,
Verification of journal files will be added in a later patch.
also a number of minor fixups and bug fixes: spelling, oom errors
that didn't print errors, not properly forwarding error codes,
few more consistency issues, et cetera
glibc/glib both use "out of memory" consistantly so maybe we should
consider that instead of this.
Eliminates one string out of a number of binaries. Also fixes extra newline
in udev/scsi_id
There are other reasons for not opening the pager then the --no-pager
or --follow options (described below). If the pager is not used,
messages must be ellipsized.
On Fri, Jul 20, 2012 at 05:42:44AM +0000, Shawn Landen wrote:
> "Pager to use when --no-pager is not given; overrides $PAGER.
> Setting this to an empty string or the value cat is equivalent to passing --no-pager."
If a pager is used, ellipsization is redundant — the pager does
that better by hiding the part that cannot be shown. Pager's advantage
is that the user can press → to view the hidden part of a message,
and then ← to return.
Previously, when the main data hash table grows too full the performance
simply started to decrease drastically. Instead, now simply rotate to a
new journal file as the hash table gets to full, so that we can start
with a new fresh empty hash table.
we now can take multiple matches, and they will apply as AND if they
apply to different fields and OR if they apply to the same fields. Also,
terms of this kind can be combined with an overreaching OR.
There's now sd_journal_new_directory() for watching specific journal
directories. This is exposed in journalctl -D.
sd_journal_wait() and sd_journal_process() now return whether changes in
the journal are invalidating or just appending.
We now create inotify kernel watches only when we actually need them
