picnoir/Systemd
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
9060 commits 2 branches 0 tags 166 MiB
Commit graph

9060 commits

This branch
This branch
All branches
Author SHA1 Message Date
Lennart Poettering c0ca7aeec9 journalctl: be more friendly when informing about seal verification 2012-08-21 23:03:20 +02:00
Dave Reisner 84cc2abf34 shared/util: add fstab support for partuuid/partlabel 
udev has supported this since 172, so it should be a safe (and welcome)
addition for users of GPT partitioned disks.
 2012-08-21 11:48:26 -04:00
Dave Reisner 383182b5c4 shared/util: refactor fstab_node_to_udev_node 
Since this is purely duplicated logic, separate it out into a small
static function.
 2012-08-21 11:48:26 -04:00
Lennart Poettering d8b78264a5 update TODO 2012-08-21 17:38:29 +02:00
Lennart Poettering 01ed0e2307 dev-setup: make NULL as parameter for dev_setup() equivalent to "" 2012-08-21 17:23:03 +02:00
Dave Reisner 4fc9982cb0 nspawn: add /dev FD symlinks in container setup 
This creates /dev/fd, /dev/stdin, /dev/stdout, /dev/stderr, and
/dev/core as symlinks to /proc on container creation. Except for
/dev/core, these are needed for shells like bash to be fully functional.
 2012-08-21 17:19:38 +02:00
Dave Reisner 8f0e73f250 dev-setup: allow a path prefix for use in chroots 
With this adjustment, we can reuse this code elsewhere, such as in
nspawn.
 2012-08-21 17:19:35 +02:00
Lennart Poettering 50b3e64e27 update TODO 2012-08-21 17:19:32 +02:00
Lennart Poettering 8b8ffe6828 core: fix error checking for PR_SET_CHILD_SUBREAPER 2012-08-21 16:48:02 +02:00
Lennart Poettering 2cfa886eb1 build-sys: fix ntp-units.d path creation 
Spotted by Dave Reisner
 2012-08-21 16:40:19 +02:00
Lennart Poettering cedb42bb69 journalctl: add a bit of color to the output 2012-08-21 15:53:48 +02:00
Lennart Poettering 24a598f889 journal: properly handle EPIPE from /dev/kmsg 2012-08-21 15:39:34 +02:00
Lennart Poettering fcde238921 journal: be more careful when keeping around mmaps we still need 2012-08-21 15:39:34 +02:00
Lennart Poettering 369f058921 verify: optimize entry search a bit by using bisection 2012-08-21 15:32:51 +02:00
Lennart Poettering a228a22fda journalctl: really include .journal~ files in listing 2012-08-21 02:13:21 +02:00
Lennart Poettering 72fbdd3349 journal: initialize libgcrypt explicitly, before using HMAC 2012-08-21 01:44:38 +02:00
Lennart Poettering 89fef99014 journal: automatically evolve FSS key even when nothing is logged 2012-08-21 01:29:17 +02:00
Lennart Poettering c05276f23e journalctl: reword things a bit 2012-08-21 01:02:08 +02:00
Lennart Poettering adac1c93ab journal: rearrange QR code output a bit to fi to 80x25 terminals 2012-08-20 22:22:05 +02:00
Lennart Poettering eb53b74f7e journald: add new Seal= configuration option 2012-08-20 22:13:22 +02:00
Lennart Poettering 197c0da225 journalctl: explain QR code use 2012-08-20 22:11:55 +02:00
Lennart Poettering 92221ed7cb journal: include machine ID in QR code 2012-08-20 22:11:38 +02:00
Lennart Poettering f6a971bc0b journalctl: output FSS key as QR code on generating 2012-08-20 22:02:19 +02:00
Lennart Poettering 3e4b9b506d journal: add missing endianess conversion 2012-08-20 19:21:19 +02:00
Lennart Poettering feb12d3ed2 journal: make libgcrypt dependency optional 2012-08-20 16:51:46 +02:00
Lennart Poettering 8088cbd3cf journal: use a macro to check for file header flags 2012-08-20 16:11:42 +02:00
Lennart Poettering f7fab8a5ae journal: fix tag ordering check 2012-08-20 15:59:33 +02:00
Lennart Poettering a2e99cdf94 journal: fix bisection algorithm 2012-08-19 15:16:32 +02:00
Lennart Poettering fc89a13992 journal: validate timestamps as well 2012-08-19 15:16:11 +02:00
Lennart Poettering 84168d8068 mmap: resize arrays dynamically 2012-08-18 01:46:20 +02:00
Lennart Poettering fb9a24b6b1 journal: even more simple static object tests 2012-08-18 01:45:39 +02:00
Lennart Poettering 97147f8c1f journal: refuse verification of files with unknown flags 2012-08-18 00:41:06 +02:00
Lennart Poettering b72631e59c jounral: write bit fiddling test 
This test goes through every single bit in a journal file, toggles it,
and checks if this change is detected by the verification.
 2012-08-18 00:40:03 +02:00
Lennart Poettering c586dbf110 journal: fix verification without key 2012-08-18 00:38:57 +02:00
Lennart Poettering db11ac1ab5 journald: add additional simple static tests to verifier 2012-08-18 00:37:21 +02:00
Lennart Poettering a010801297 journal: be fine with opening rotated/corrupted journal files 2012-08-17 22:10:36 +02:00
Lennart Poettering f982e6f761 journal: set secure deletion flags for FSS file 2012-08-17 22:10:11 +02:00
Lennart Poettering 6c7be122ac journal: after verification output validated time range 2012-08-17 03:30:22 +02:00
Lennart Poettering 356fe3e6c6 journal: reword verification messages a bit 2012-08-17 03:01:07 +02:00
Lennart Poettering 7b5fd91c54 journal: ensure that entries and tags are properly ordered 2012-08-17 03:00:09 +02:00
Lennart Poettering 3223f44f23 journal: show new header fields in header dump 2012-08-17 02:29:20 +02:00
Lennart Poettering e627440b41 journal: don't write tag objects if nothing has been written since the last time 2012-08-17 01:19:32 +02:00
Lennart Poettering 31094aae09 man: add man pages for new FSS stuff 2012-08-17 01:09:43 +02:00
Lennart Poettering baed47c3c2 journal: rework terminology 
Let's clean up our terminology a bit. New terminology:

FSS = Forward Secure Sealing
FSPRG = Forward Secure Pseudo-Random Generator

FSS is the combination of FSPRG and a HMAC.

Sealing = process of adding authentication tags to the journal.
Verification = process of checking authentication tags to the journal.

Sealing Key = The key used for adding authentication tags to the journal.
Verification Key = The key used for checking authentication tags of the journal.
Key pair = The pair of Sealing Key and Verification Key

Internally, the Sealing Key is the combination of the FSPRG State plus
change interval/start time.

Internally, the Verification Key is the combination of the FSPRG Seed
plus change interval/start time.
 2012-08-17 00:45:18 +02:00
Lennart Poettering 14d10188de journal: add FSPRG journal authentication 2012-08-16 23:58:14 +02:00
Lennart Poettering a8e5f51484 journal: fix tag sequence number verification 2012-08-16 21:22:11 +02:00
Lennart Poettering 56e81f7ca8 journalctl: immeidately terminate on invalid seed 2012-08-16 21:00:47 +02:00
Lennart Poettering b7c9ae91d1 journal: parse fsprg seed 2012-08-16 21:00:47 +02:00
Lennart Poettering 2dee23ebe0 journal: count number of entry arrays in header 2012-08-16 21:00:47 +02:00
Kay Sievers 45b51b6b71 keymap: fix map name reference 2012-08-16 21:00:06 +02:00