| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
| |
The socket is only accessible to privileged clients anyway, no need to
add another (user unfriendly) restriction via opt-in setting. let's just
allow this for privileged clients, mirroring "busctl monitor", or
"tcpdump" and similar, which all just work if you have privs.
(This does not break API, since we never did a release witht the
"Monitor" dbus property or config setting in place, i.e. with
cb456374e096f0ebe9b70d7ddd98e16a4be24ee6)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* The new varlink interface exposes a method to subscribe to DNS
resolutions on the system. The socket permissions are open for owner and
group only.
* Notifications are sent to subscriber(s), if any, after successful
resolution of A and AAAA records.
This feature could be used by applications for auditing/logging services
downstream of the resolver. It could also be used to asynchronously
update the firewall. For example, a system that has a tightly configured
firewall could open up connections selectively to known good hosts based
on a known allow-list of hostnames. Of course, updating the firewall
asynchronously will require other design considerations (such as
queueing packets in the user space while a verdict is made).
See also:
https://lists.freedesktop.org/archives/systemd-devel/2022-August/048202.html
https://lists.freedesktop.org/archives/systemd-devel/2022-February/047441.html
|
| |
|
| |
|
|
|
|
| |
Lintian is opinionated about this and we get nagged
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
GetMulticastHosts() returns an array of hostnames/addresses discovered via
LLMNR or Multicast DNS. It does not trigger any discovery on its own.
Instead, it simply returns whatever is already in resolved's cache.
|
| |
|
| |
|
|
|
|
| |
Fixes #13799.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It can be one of "foreign", "missing", "stub", "static", "uplink",
depending on how /etc/resolv.conf is set up:
foreign → someone/something else manages /etc/resolv.conf,
systemd-resolved is just the consumer
missing → /etc/resolv.conf is missing altogether
stub/static/uplink → the file is managed by resolved, with the
well-known modes
Fixes: #17159
|
|
|
|
|
|
|
|
|
|
|
|
| |
We forgot to do this before the release :(
Relavant commits are:
4e11ddfdd3c1f93721b8ca534e33e16ced32ff06,
0bb007f7a23c41e23481373ded47ee3ddcf8f26b,
a3d19f5d99c44940831a33df8b5bece4aaf749f7,
bf760801804e55b045aed54bf9b1d0b0131be3f2,
4793c31083031e729e6eb17b87b540a3944bba3b.
Suitable for backporting.
|
|
|
|
| |
The "a" got dropped in eff7c2d3c905dec9ea4e1d5e53a0efd6af7d3d26.
|
|
|
|
| |
Removed in 4c4520789d2bfa3fa51b38b826cac2efb5a4d252.
|
|
|
|
|
|
| |
This has the advantage that the executables are always in place and we don't
need any units to exist on the bus, so we can eventually hook this up into
a normal build system. (Probably as a build time check.)
|
|
|
|
|
|
|
|
| |
It's not that I think that "hostname" is vastly superior to "host name". Quite
the opposite — the difference is small, and in some context the two-word version
does fit better. But in the tree, there are ~200 occurrences of the first, and
>1600 of the other, and consistent spelling is more important than any particular
spelling choice.
|
|
|
|
|
|
|
|
| |
Follow-up for f92c8d1c67bcdeba097e3203d8aafe3a31230ada.
directives.index:
- This index contains 3398 entries in 19 sections, referring to 333 individual
+ This index contains 4316 entries in 19 sections, referring to 333 individual
|
| |
|
|
|
|
|
|
|
| |
This is useful to raise the log level for a single transaction or a few,
without affecting other state of the resolved as a restart would.
The log level can only be set, I didn't bother with having the ability
to restore the original as in pid1.
|
|
|
|
| |
Also includes the issues pointed out by @boucman.
|
|
|
|
|
|
|
|
|
|
|
|
| |
This replaces the api export tables with updated versions, and inserts
comments for all "undocumented" items. The slow work of documented them
is left for later ;)
lxml does some formatting changes that are not significant for lxml processing,
but generate spurious difference in the diff (namely: ulinks become one-line,
and double quotes are used instead of single quotes for element attribute
values). This should be a one-time thing: subsequent renegeration should be
idempotent with regards to this.
|
|
|