Kay Sievers
4db539b270
rules: sound - set ID_ID for firewire devices
2012-03-22 03:46:16 +01:00
Kay Sievers
8482018afc
libudev: monitor - do not memset() receive buffer
2012-03-22 03:46:16 +01:00
Lennart Poettering
75c8e3cffd
logind: close FIFO before ending sessions cleanly
...
For clean session endings ask logind explicitly to get rid of the FIFO
before closing it so that the FIFO logic doesn't result in su/sudo to be
terminated immediately.
2012-03-22 02:06:40 +01:00
Lennart Poettering
c9d8629baa
logind: extend comment about X11 socket symlink
2012-03-22 01:43:36 +01:00
Lennart Poettering
6ba383fa49
update TODO
2012-03-22 01:42:34 +01:00
Frederic Crozat
4fd052aede
add sparse support to detect endianness bug
...
le16/32/64_t type should be used when storing little-endian value
header to integrate with sparse from Josh Triplett <josh@joshtriplett.org>
2012-03-22 01:09:37 +01:00
Lennart Poettering
170dcb7bd5
binfmt: fix apply loop
...
Noticed by Sergey Ptashnick
2012-03-22 00:35:42 +01:00
Lennart Poettering
9adf646d0a
man: systemd-cat(1) typo fix
...
Noticed by Sergey Ptashnick
2012-03-22 00:35:19 +01:00
Roberto Sassu
8161158639
main: added support for loading IMA custom policies
...
This is an S/MIME signed message
The new function ima_setup() loads an IMA custom policy from a file in the
default location '/etc/ima/ima-policy', if present, and writes it to the
path 'ima/policy' in the security filesystem. This function is executed
at early stage in order to avoid that some file operations are not measured
by IMA and it is placed after the initialization of SELinux because IMA
needs the latter (or other security modules) to understand LSM-specific
rules. This feature is enabled by default and can be disabled by providing
the option '--disable-ima' to the configure script.
Signed-off-by: Roberto Sassu <roberto.sassu@polito.it>
Acked-by: Gianluca Ramunno <ramunno@polito.it>
2012-03-22 00:20:58 +01:00
Roberto Sassu
160481f68d
systemd: mount the securityfs filesystem at early stage
...
This is an S/MIME signed message
The mount of the securityfs filesystem is now performed in the main systemd
executable as it is used by IMA to provide the interface for loading custom
policies. The unit file 'units/sys-kernel-security.mount' has been removed
because it is not longer necessary.
Signed-off-by: Roberto Sassu <roberto.sassu@polito.it>
Acked-by: Gianluca Ramunno <ramunno@polito.it>
2012-03-22 00:20:48 +01:00
Lennart Poettering
7264278fbb
journal: PAGE_SIZE is not known on ppc and other archs
...
Let's use NAME_MAX, as suggested by Dan Walsh
2012-03-21 23:47:44 +01:00
Lennart Poettering
0071d9f1db
journal: react with immediate rotation to a couple of more errors
2012-03-21 23:40:51 +01:00
Lennart Poettering
95f77929d8
man: updates to sysctl.d(5)
2012-03-21 23:32:02 +01:00
Vaidas Jablonskis
abac5c7976
keymap: Add Samsung 90X3A
...
Signed-off-by: Martin Pitt <martin.pitt@ubuntu.com>
2012-03-21 14:51:39 +01:00
Kay Sievers
427c9ba24a
rules: sound - add vendor/model strings for firewire devices
2012-03-21 02:09:42 +01:00
Lennart Poettering
de19ece738
sysctl: accept multiple passed configuration files
2012-03-20 15:31:09 +01:00
Lennart Poettering
4e2075ceea
modules-load: drop /lib from search path if we don't have it split off
2012-03-20 15:30:42 +01:00
Lennart Poettering
133176702a
bmfmt: allow passing more than one config file name
2012-03-20 15:29:49 +01:00
Lennart Poettering
bd08f24224
man: fix parameter name for sd_uid_xxx()
2012-03-20 15:28:35 +01:00
Michal Schmidt
ee4cbc2c85
remove GTK pieces
...
They've moved to systemd-ui.
2012-03-20 13:10:22 +01:00
Kay Sievers
a3a304ddc0
release 182
2012-03-18 19:59:41 +01:00
Kay Sievers
183215e7cd
build-sys: place build binaries in the root
2012-03-18 17:04:47 +01:00
Michal Schmidt
5ebff53375
util: never follow symlinks in rm_rf_children()
...
The function checks if the entry is a directory before recursing, but
there is a window between the check and the open, during which the
directory could be replaced with a symlink.
CVE-2012-1174
https://bugzilla.redhat.com/show_bug.cgi?id=803358
2012-03-16 18:33:02 +01:00
Lennart Poettering
16f1239e1e
build-sys: prepare release 44
2012-03-16 01:57:47 +01:00
Lennart Poettering
5ee9f21e86
build-sys: don't build distcheck version with split /usr
2012-03-16 01:44:16 +01:00
Lennart Poettering
38cacf5acd
man: make sure we ship HTML versions of the man pages in the tarball
2012-03-16 01:25:32 +01:00
Lennart Poettering
5c3246b1a6
man: document journal features of systemctl(1)
2012-03-16 01:00:23 +01:00
Lennart Poettering
2af777ba96
man: document systemd-journalctl(1)
2012-03-16 00:50:52 +01:00
Lennart Poettering
b47ffcfdfd
man: document systemd-journald.conf(5)
2012-03-15 23:25:14 +01:00
Lennart Poettering
44f44a29cc
man: document systemd-machine-id-setup(1)
2012-03-15 22:36:33 +01:00
Lennart Poettering
9aac0b2c19
man: document systemd-cat(1)
2012-03-15 22:19:36 +01:00
Frederic Crozat
ccdbaf9111
journal: only use uint8_t for state
2012-03-15 20:53:03 +01:00
Lennart Poettering
34a35eced4
a couple of fixes to make llvm-analyze quiet
2012-03-15 20:49:25 +01:00
Tero Roponen
490e567dbb
journalctl: add a missing 'break'
...
There is a 'break' missing in the -q handling
so, for example, 'systemd-journalctl --new-id128 -q'
does nothing.
This patch fixes the problem.
2012-03-15 14:12:30 +01:00
Kay Sievers
d3c7d7dd77
update TODO
2012-03-15 12:43:53 +01:00
Lennart Poettering
27d1ae066c
journald: don't try to roatet corrupted files when we open read-only anyway
2012-03-15 03:01:09 +01:00
Lennart Poettering
5e62067d08
journald: adjust permissions for rotated files
2012-03-15 03:01:09 +01:00
Lennart Poettering
c042179388
journald: take corrupted files into account when calculating disk space
2012-03-15 03:01:09 +01:00
Lennart Poettering
e7bf07b3d4
journald: be a bit more verbose
2012-03-15 03:01:09 +01:00
Lennart Poettering
a3a52c0fd0
journald: fix calculation of disk space
2012-03-15 03:01:09 +01:00
Lennart Poettering
15944db871
journald: copy metrics/compression state from template when rotating
2012-03-15 03:01:09 +01:00
Lennart Poettering
71100051c5
journald: increase max file size to 128MB
2012-03-15 02:57:39 +01:00
Lennart Poettering
5c70eab445
journal: vacuum corrupted files, too
2012-03-15 01:35:03 +01:00
Lennart Poettering
9447a7f1de
journal: if we encounter a corrupted file, rotate and go on
2012-03-15 01:13:01 +01:00
Lennart Poettering
4d1c38b807
nspawn: mount /etc/timezone into nspawn environment too
2012-03-15 00:45:02 +01:00
Lennart Poettering
6bc1ce40e5
journald: fix typo
2012-03-15 00:44:26 +01:00
Lennart Poettering
4f4d6a7073
journalctl: suppress messages about adm group if ACL support is not enabled
2012-03-15 00:44:10 +01:00
Lennart Poettering
fb0864e7b9
virt: the pidns controller does not exist anymore
2012-03-15 00:43:47 +01:00
Lennart Poettering
67aa455172
journald: set SO_PASSEC only if selinux is enabled
2012-03-14 20:07:50 +01:00
Lennart Poettering
4367379907
journalctl: warn if the user is not in the adm group
2012-03-14 19:54:22 +01:00