morgan/systemd
1
0
Fork 0
mirror of https://github.com/morgan9e/systemd synced 2026-04-15 00:47:10 +09:00
Code Issues Packages Projects Releases Wiki Activity
Files
8349bbdfd829c80fc5eabaca6c9d0afed28d1b3f
systemd/src/resolve
History
networkException de39202426 resolve: include interface name in org.freedesktop.resolve1 polkit checks 
this patch adds the interface name of the interface to be modified
to *details* when verifying dbus calls to the `org.freedesktop.resolve1`
D-Bus interface for all `Set*` and the `Revert` method.

when defining a polkit rule, this allows limiting the access to a specific
interface:

```js
// This rule prevents the user "vpn" to disable DNSoverTLS for any
// other interface than "vpn0". The vpn service should be allowed
// to disable DNSoverTLS on its own as it provides a local DNS
// server with search domains on the interface and this server does
// not support DNSoverTLS.
polkit.addRule(function(action, subject) {
  if (action.id == "org.freedesktop.resolve1.set-dns-over-tls" &&
      action.lookup("interface") == "vpn0" &&
      subject.user == "vpn") {
    return polkit.Result.YES;
  }
});
```
2024-01-31 19:06:45 +00:00
..
dns_type-to-name.awk
dns-type.c
typo: transer -> transfer
2023-12-19 11:46:47 +09:00
dns-type.h
resolve: add several comments for DNS type table
2023-12-31 04:51:42 +09:00
fuzz-dns-packet.c
fuzz: unify logging setup
2023-10-19 10:05:20 +01:00
fuzz-dns-packet.options
fuzz-etc-hosts.c
fuzz: unify logging setup
2023-10-19 10:05:20 +01:00
fuzz-resource-record.c
fuzz: unify logging setup
2023-10-19 10:05:20 +01:00
generate-dns_type-gperf.py
generate-dns_type-list.sed
meson.build
test: introduce a dummy DNS test server
2024-01-11 02:13:29 +09:00
org.freedesktop.resolve1.conf
org.freedesktop.resolve1.policy
org.freedesktop.resolve1.service
resolv.conf
resolvconf-compat.c
tree-wide: port various parsers over to read_stripped_line()
2023-10-17 14:36:54 +02:00
resolvconf-compat.h
resolvectl.c
resolvectl: add basic ANSI markup to --help text
2024-01-31 16:13:16 +01:00
resolvectl.h
resolved-bus.c
resolve: introduce DNSSEC_UPSTREAM_FAILURE
2024-01-11 02:10:32 +09:00
resolved-bus.h
resolved-conf.c
hexdecoct: make unbase64mem and unhexmem always use SIZE_MAX
2024-01-09 03:59:15 +09:00
resolved-conf.h
resolved-def.h
resolved: added serve stale feature implementation of RFC 8767
2023-06-16 10:20:15 +01:00
resolved-dns-answer.c
siphash24: introduce siphash24_compress_typesafe() macro
2023-12-25 15:38:59 +09:00
resolved-dns-answer.h
resolve: tolerate merging a zero-ttl RR and a nonzero-ttl RR if not mDNS
2023-10-02 16:47:36 +02:00
resolved-dns-cache.c
resolve/mdns: do not append goodby packet entries to known answers section
2024-01-03 13:16:43 +01:00
resolved-dns-cache.h
resolved: added serve stale feature implementation of RFC 8767
2023-06-16 10:20:15 +01:00
resolved-dns-dnssec.c
resolve: introduce DNSSEC_UPSTREAM_FAILURE
2024-01-11 02:10:32 +09:00
resolved-dns-dnssec.h
resolve: introduce DNSSEC_UPSTREAM_FAILURE
2024-01-11 02:10:32 +09:00
resolved-dns-packet.c
Merge pull request #30661 from rpigott/resolved-https-record
2024-01-17 16:20:35 +00:00
resolved-dns-packet.h
Merge pull request #30661 from rpigott/resolved-https-record
2024-01-17 16:20:35 +00:00
resolved-dns-query.c
resolve: make manager_monitor_send() take DnsQuery*
2024-01-11 02:10:32 +09:00
resolved-dns-query.h
resolve: several follow-ups for 9ca133e97a.
2024-01-11 02:10:11 +09:00
resolved-dns-question.c
resolved: if ipv6 is off patch hostname→address query with unspec family to ipv4
2023-06-23 14:45:26 +02:00
resolved-dns-question.h
resolved-dns-rr.c
resolvectl: add SVCB and HTTPS json format
2024-01-16 11:26:37 -07:00
resolved-dns-rr.h
resolved: enable RFC9460 SVCB and HTTPS records
2024-01-16 10:49:26 -07:00
resolved-dns-scope.c
tree-wide: use hashmap_isempty() and friends
2023-12-22 01:27:09 +09:00
resolved-dns-scope.h
resolved: add DumpCache varlink call for acquiring a complete dump of all of resolved's RR caches
2023-06-12 22:21:26 +02:00
resolved-dns-search-domain.c
resolved-dns-search-domain.h
resolved-dns-server.c
siphash24: introduce siphash24_compress_typesafe() macro
2023-12-25 15:38:59 +09:00
resolved-dns-server.h
resolved: added show-server-state verb and DumpStatistics varlink method
2023-07-31 02:02:03 +09:00
resolved-dns-stream.c
iovec-util: make IOVEC_INCREMENT a regular function too
2023-10-20 10:43:50 +02:00
resolved-dns-stream.h
resolved-dns-stub.c
siphash24: introduce siphash24_compress_typesafe() macro
2023-12-25 15:38:59 +09:00
resolved-dns-stub.h
resolved-dns-synthesize.c
resolved-dns-synthesize.h
resolved-dns-transaction.c
resolve: on_transaction_stream_error() may free multiple transactions
2024-01-15 10:36:14 +00:00
resolved-dns-transaction.h
resolve: drop DNS_TRANSACTION_UPSTREAM_DNSSEC_FAILURE
2024-01-10 13:14:14 +09:00
resolved-dns-trust-anchor.c
hexdecoct: make unbase64mem and unhexmem always use SIZE_MAX
2024-01-09 03:59:15 +09:00
resolved-dns-trust-anchor.h
resolved-dns-zone.c
tree-wide: use hashmap_isempty() and friends
2023-12-22 01:27:09 +09:00
resolved-dns-zone.h
resolved-dnssd-bus.c
polkit: simplify bus_verify_polkit_async() + drop auth-by-cap dbus feature
2023-12-22 05:27:36 +09:00
resolved-dnssd-bus.h
resolved-dnssd-gperf.gperf
resolved-dnssd.c
conf-parser: Add root argument to config_parse_many()
2023-05-12 17:52:32 +02:00
resolved-dnssd.h
resolved-dnstls-gnutls.c
resolved: fix build failure with gnutls
2023-10-27 13:54:10 +01:00
resolved-dnstls-gnutls.h
resolved-dnstls-openssl.c
tree-wide: use the usual spelling of "cannot"
2023-11-13 13:27:36 +01:00
resolved-dnstls-openssl.h
resolved-dnstls.h
resolved-etc-hosts.c
resolved: fix the canonical name returned by hosts lookup by name
2023-07-14 13:13:53 +00:00
resolved-etc-hosts.h
resolved: keep track of first names listed for each address in /etc/hosts
2023-07-14 13:13:53 +00:00
resolved-gperf.gperf
resolved: added serve stale feature implementation of RFC 8767
2023-06-16 10:20:15 +01:00
resolved-link-bus.c
resolve: include interface name in org.freedesktop.resolve1 polkit checks
2024-01-31 19:06:45 +00:00
resolved-link-bus.h
resolved-link.c
Revert "tree-wide: Mount file descriptors via /proc/<pid>/fd"
2023-09-08 22:13:09 +01:00
resolved-link.h
resolve: refuse mdns scope for ipv4 broadcast addresses
2023-04-05 13:27:16 +02:00
resolved-llmnr.c
resolve: do not listen to IPv6 when disabled by sysctl
2024-01-03 04:03:30 +09:00
resolved-llmnr.h
resolved-manager.c
resolve: export sendmsg_loop()
2024-01-11 02:10:32 +09:00
resolved-manager.h
resolve: export sendmsg_loop()
2024-01-11 02:10:32 +09:00
resolved-mdns.c
resolve: do not listen to IPv6 when disabled by sysctl
2024-01-03 04:03:30 +09:00
resolved-mdns.h
resolved-resolv-conf.c
tree-wide: port various parsers over to read_stripped_line()
2023-10-17 14:36:54 +02:00
resolved-resolv-conf.h
resolved-socket-graveyard.c
resolved-socket-graveyard.h
resolved-util.c
resolved-util: NUL-terminate host label
2023-12-17 16:56:43 +09:00
resolved-util.h
resolved-varlink.c
resolve: introduce DNSSEC_UPSTREAM_FAILURE
2024-01-11 02:10:32 +09:00
resolved-varlink.h
resolved.c
label: Introduce LabelOps to do pre/post labelling operations
2023-05-31 13:15:53 +02:00
resolved.conf.in
config files: update their header to reflect that they can be installed in /usr
2023-09-21 18:54:39 +02:00
RFCs
test-dns-packet.c
test: always call test_setup_logging()
2023-11-18 03:04:27 +09:00
test-dnssec-complex.c
test: always call test_setup_logging()
2023-11-18 03:04:27 +09:00
test-dnssec.c
test-resolve-tables.c
test: always call test_setup_logging()
2023-11-18 03:04:27 +09:00
test-resolved-dummy-server.c
test-resolved-dummy-server: several modernization
2024-01-11 02:13:32 +09:00
test-resolved-etc-hosts.c
resolved: keep track of first names listed for each address in /etc/hosts
2023-07-14 13:13:53 +00:00
test-resolved-packet.c
test-resolved-stream.c
process-util: add new FORK_DEATHSIG_SIGKILL flag, rename FORK_DEATHSIG → FORK_DEATHSIG_SIGTERM
2023-11-02 14:09:23 +01:00