summaryrefslogtreecommitdiffstats
path: root/src/import (follow)
Commit message (Collapse)AuthorAgeFilesLines
* tree-wide: use -EINVAL for enum invalid valuesZbigniew Jędrzejewski-Szmek2021-02-104-4/+4
| | | | | | | | | As suggested in https://github.com/systemd/systemd/pull/11484#issuecomment-775288617. This does not touch anything exposed in src/systemd. Changing the defines there would be a compatibility break. Note that tests are broken after this commit. They will be fixed in the next one.
* Merge pull request #18375 from yuwata/cli-tools-also-read-kernel-command-lineZbigniew Jędrzejewski-Szmek2021-02-081-1/+6
|\ | | | | tree-wide: make CLI tools also read kernel command line when run as service
| * import,home: update $SYSTEMD_EXEC_PID= if it is setYu Watanabe2021-01-311-0/+5
| | | | | | | | | | The subsequent execv() or execl() always calls tools provided by systemd. So, it is safe to update the variable.
| * tree-wide: enable colorized logging for daemons when run in consoleYu Watanabe2021-01-311-1/+1
| | | | | | | | It may be useful when debugging daemons.
* | import: use +i (immutable) chattr flag for marking OS images read-onlyLennart Poettering2021-02-041-14/+25
| | | | | | | | | | This is what nspawn and machine-image.[ch] actually look for, hence us it here too.
* | import: fix etag detection supportLennart Poettering2021-02-041-16/+29
| | | | | | | | | | | | | | | | Let's make sure we still look at the etags reported by http 304 (i.e. the cache management code). Otherwise we won't properly realize we already downloaded this before. This fixes a bug introduced in 6792cbbcf84b730f465decbeaf247c6b1ccf1c18
* | shared: rename machine-image.[ch] → discover-image.[ch]Lennart Poettering2021-02-034-4/+4
|/ | | | | | | | | | The old name originates when this was used to discover "machine" images, as managed by machined/machinectl. But nowadays this is also used by portable services and system extensions, hence let's use a more generic name for this API. Taking inspiration from "dissect-image.[ch]", let's call this "discover-image.[ch]". This is pure renaming, no other changes.
* import: properly verify roothash_signature + verity download, tooLennart Poettering2021-01-294-17/+28
| | | | | | | | | Follow-up for 133b34f69a72dc90d4e336837d699245390c9f50 where this was forgotten. While we are at it, bring the parameters into the same order as we declare them in the PullRaw/PullTar objects, i.e. match them to the canonical order.
* import: make sure we can import empty filesLennart Poettering2021-01-294-36/+45
|
* import: don't invoke compress callbacks with empty dataLennart Poettering2021-01-291-9/+15
| | | | | It's pointless if no data was generated. (This happens if an empty file is compressed)
* import: use unlink_and_free() + rm_rf_subvolume_and_free() moreLennart Poettering2021-01-292-8/+2
|
* import: fix typo in help textLennart Poettering2021-01-291-1/+2
|
* import-common: when mangling OS trees, propagate ownership/mode from subdir ↵Lennart Poettering2021-01-261-3/+22
| | | | | | | | to parent After all we want to remove the top-level dir, and make it look like the only subdir, hence propagate the attributes from the subdir to the top-level dir.
* import-common: fix log message stringLennart Poettering2021-01-261-2/+2
| | | | | The trees do look like directory trees, obviously. But they don't like OS trees.
* import: downgrade error messages we ignore to LOG_WARNINGLennart Poettering2021-01-221-2/+2
|
* import: set up btrfs qgroups on correct hierarchyLennart Poettering2021-01-223-2/+7
| | | | | Also, simplify import_assign_pool_quota_and_warn(), don't do the same thing twice. Let's just allow the caller call this twice.
* import: drop redundant {}, as per coding styleLennart Poettering2021-01-221-4/+2
|
* import: introduce ImportFlags flags fieldLennart Poettering2021-01-226-24/+32
| | | | | | | | | | | This merges the two flags that are passed to the ImportTar/ImportRaw objects into a single flags parameter, which we then can extend more easily later on. No change in behaviour. This is inspired by 133b34f69a72dc90d4e336837d699245390c9f50 which does the same for PullTar/PullRaw.
* import: don't apply empty_or_dash_to_null() to stuff we know is NULL anywayLennart Poettering2021-01-221-8/+4
|
* import: refactor how we do gpg validationLennart Poettering2021-01-194-67/+82
| | | | | Let's split out the actual gpg logic into a helper function, so that we can add alternative validations later on.
* import: optionally pull .verity + .roothash.p7s data when downloadingLennart Poettering2021-01-197-138/+254
| | | | | | | | | | | We already had support for downlading a .nspawn and a .roothash file, let's make the set complete, and also download .verity + roothash.p7s if it exists, as nspawn consumes that. Since there are now four kinds of additional resources to acquire, let's introduce a PullFlags flags value for this instead of separate 'bool' variables, it's just too many to always pass those around on the function parameter list.
* import: ignore non-successful HTTP codes for collecing image metadataLennart Poettering2021-01-191-1/+15
| | | | | | Previously we'd collect the data from redirects too, which wasn't particularly terrible, since these typically don't carry the data we were interested in, but it's still incorrect to do so.
* import: turn on HTTP logging in debug modeLennart Poettering2021-01-191-1/+2
|
* import: small memory management simplificationLennart Poettering2021-01-191-4/+2
|
* import: reset PullJob properlyLennart Poettering2021-01-191-0/+19
| | | | | | Properly reset all fields that have to do with the current GET job when we restart things. Previously we freed/reset only some stuff, leaking some memory even.
* import: rework how verification worksLennart Poettering2021-01-196-38/+133
| | | | | | | | | | | | | | | | | | | | | | Previously the PullJob object took internal care of rerequested the SHA256SUMS file, if requesting <image>.sha256 didn't work. This was a weird a non-abstraction only used when actually getting the checksum files. Let's move this out of the PullJob, so that it is generic again, and does roughly the same stuff for all resources it is used for: let's define a generic .on_not_found() handler that can be set on a PullJob object, and is called whenever with see HTTP 404, and may be used to provide a new URL to try if the first didn't work. This is also preparation for later work to support PKCS#7 signatures instead of gpg signatures, where a similar logic is needed, and we thus should have a generic infrastructure place. This gets rid of the VerificationStyle field in the PullJob object: instead of storing this non-generic field we just derive the same information from the URL itself, which is safe, since we generated it ourselves earlier.
* import: use TAKE_PTR() where availableLennart Poettering2021-01-191-4/+2
|
* import: make scope of variable smallerLennart Poettering2021-01-191-1/+1
|
* import: comment indent fixLennart Poettering2021-01-191-1/+1
|
* machine-image: properly support searching for images below some --root= pathLennart Poettering2021-01-194-7/+7
| | | | | systemd-sysext supports --root= for everything but the image discovery. Fix that.
* Merge pull request #18038 from yuwata/meson-splitYu Watanabe2021-01-191-2/+2
|\ | | | | meson: various cleanups
| * meson: make the second and third elements of tests or fuzzers optionalYu Watanabe2021-01-181-2/+2
| | | | | | | | Then, we can shorten many test definitions.
* | import: use - hashmap_ensure_putSusant Sahani2021-01-181-5/+1
|/
* import: mangle untarred OS images after pull-tar, tooLennart Poettering2021-01-121-3/+6
| | | | | | | We do this for import-tar and import-fs, we should do it for pull-tar, too. Fixes: #17563
* hostname-util: flagsify hostname_is_valid(), drop machine_name_is_valid()Lennart Poettering2020-12-159-15/+15
| | | | | | | | | | | | Let's clean up hostname_is_valid() a bit: let's turn the second boolean argument into a more explanatory flags field, and add a flag that accepts the special name ".host" as valid. This is useful for the container logic, where the special hostname ".host" refers to the "root container", i.e. the host system itself, and can be specified at various places. let's also get rid of machine_name_is_valid(). It was just an alias, which is confusing and even more so now that we have the flags param.
* curl-util: fix callback prototypeEtienne Doms2020-11-231-1/+1
| | | CURLMOPT_SOCKETFUNCTION callback is an easy handle, not a multi.
* curl-util: fix type CURL -> CURLMYu Watanabe2020-11-202-2/+2
|
* license: LGPL-2.1+ -> LGPL-2.1-or-laterYu Watanabe2020-11-0934-34/+34
|
* tree-wide: assorted coccinelle fixesFrantisek Sumsal2020-10-094-46/+47
|
* Add CLOSE_AND_REPLACE helperZbigniew Jędrzejewski-Szmek2020-09-182-6/+2
| | | | | | Similar to free_and_replace. I think this should be uppercase to make it clear that this is a macro. free_and_replace should probably be uppercased too.
* tree-wide: define iterator inside of the macroZbigniew Jędrzejewski-Szmek2020-09-081-8/+4
|
* import: make sure gnu tar complains on tar files with trailing garbageLennart Poettering2020-09-021-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | By default GNU tar will only read the first archive if multiple archives are concatenated and ignore the rest. If an archive contains trailing garbage this will hence not be recognized by tar as error, it simply stops reading when the first archive is done (which might escalate to SIGPIPE when invoked via a pipe). Let's add --ignore-zeros to the tar command line when extracting. This means: 1) if a tar archive was concatenated (i.e. generated with tar -A) we'll process it correctly. 2) if a tar archive contains trailing garbage tar will now generate an error message about it, instead of just throwing EPIPE, which makes things easier to debug as broken files are not silently processed. I think it's OK for gnu tar to ignore trailing garbage when dealing with classic tapes drives, i.e. mediums that do not have a size limit built-in. However, this is not what we are dealing with: we are dealing with OS images here, that hopefully someone generated with a clean build system, that were signed and validated and hence should not contain trailing garbage. Hence it's better to refuse and complain thant to silently eat up like for classic tape drives. Fixes: #16605
* tree-wide: make use of new relative time events in sd-event.hLennart Poettering2020-07-281-3/+3
|
* import: always prefer GNU tar, to avoid cmdline incompatibilitiesLennart Poettering2020-07-211-4/+34
| | | | Fixes: #16506
* shared: split out property get helpersLennart Poettering2020-06-301-2/+2
| | | | No code changes, just some refactoring.
* tree-wide: Replace assert() by assert_se() when there is side effectBenjamin Robin2020-05-101-2/+2
|
* tree-wide: make sure our control buffers are properly alignedLennart Poettering2020-05-071-5/+2
| | | | | | | | | | | | | We always need to make them unions with a "struct cmsghdr" in them, so that things properly aligned. Otherwise we might end up at an unaligned address and the counting goes all wrong, possibly making the kernel refuse our buffers. Also, let's make sure we initialize the control buffers to zero when sending, but leave them uninitialized when reading. Both the alignment and the initialization thing is mentioned in the cmsg(3) man page.
* tree-wide: Fix, replace assert() by assert_se() when there is side effectBenjamin Robin2020-05-061-2/+2
|
* importd,logind: add --bus-introspect= optionZbigniew Jędrzejewski-Szmek2020-05-051-0/+2
|
* importd: convert to the new schemeZbigniew Jędrzejewski-Szmek2020-05-051-84/+83
|
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-04 05:38:20 +0100