diff options
46 files changed, 677 insertions, 191 deletions
diff --git a/Makefile-man.am b/Makefile-man.am index f436361074..8f48f38209 100644 --- a/Makefile-man.am +++ b/Makefile-man.am @@ -11,7 +11,6 @@ MANPAGES += \ man/bootup.7 \ man/busctl.1 \ man/daemon.7 \ - man/environment.d.5 \ man/file-hierarchy.7 \ man/halt.8 \ man/hostname.5 \ @@ -111,15 +110,12 @@ MANPAGES += \ man/systemd-debug-generator.8 \ man/systemd-delta.1 \ man/systemd-detect-virt.1 \ - man/systemd-environment-d-generator.8 \ man/systemd-escape.1 \ man/systemd-fsck@.service.8 \ man/systemd-fstab-generator.8 \ man/systemd-getty-generator.8 \ man/systemd-gpt-auto-generator.8 \ man/systemd-halt.service.8 \ - man/systemd-hibernate-resume-generator.8 \ - man/systemd-hibernate-resume@.service.8 \ man/systemd-inhibit.1 \ man/systemd-initctl.service.8 \ man/systemd-journald.service.8 \ @@ -130,7 +126,6 @@ MANPAGES += \ man/systemd-nspawn.1 \ man/systemd-path.1 \ man/systemd-remount-fs.service.8 \ - man/systemd-resolve.1 \ man/systemd-run.1 \ man/systemd-sleep.conf.5 \ man/systemd-socket-activate.1 \ @@ -148,7 +143,6 @@ MANPAGES += \ man/systemd.1 \ man/systemd.automount.5 \ man/systemd.device.5 \ - man/systemd.environment-generator.7 \ man/systemd.exec.5 \ man/systemd.generator.7 \ man/systemd.journal-fields.7 \ @@ -187,7 +181,6 @@ MANPAGES += \ man/udev_new.3 \ man/udevadm.8 MANPAGES_ALIAS += \ - man/30-systemd-environment-d-generator.8 \ man/SD_ALERT.3 \ man/SD_BUS_ERROR_ACCESS_DENIED.3 \ man/SD_BUS_ERROR_ADDRESS_IN_USE.3 \ @@ -463,7 +456,6 @@ MANPAGES_ALIAS += \ man/systemd-ask-password-wall.service.8 \ man/systemd-fsck-root.service.8 \ man/systemd-fsck.8 \ - man/systemd-hibernate-resume.8 \ man/systemd-hibernate.service.8 \ man/systemd-hybrid-sleep.service.8 \ man/systemd-initctl.8 \ @@ -547,7 +539,6 @@ MANPAGES_ALIAS += \ man/udev_ref.3 \ man/udev_unref.3 \ man/user.conf.d.5 -man/30-systemd-environment-d-generator.8: man/systemd-environment-d-generator.8 man/SD_ALERT.3: man/sd-daemon.3 man/SD_BUS_ERROR_ACCESS_DENIED.3: man/sd-bus-errors.3 man/SD_BUS_ERROR_ADDRESS_IN_USE.3: man/sd-bus-errors.3 @@ -823,7 +814,6 @@ man/systemd-ask-password-wall.path.8: man/systemd-ask-password-console.service.8 man/systemd-ask-password-wall.service.8: man/systemd-ask-password-console.service.8 man/systemd-fsck-root.service.8: man/systemd-fsck@.service.8 man/systemd-fsck.8: man/systemd-fsck@.service.8 -man/systemd-hibernate-resume.8: man/systemd-hibernate-resume@.service.8 man/systemd-hibernate.service.8: man/systemd-suspend.service.8 man/systemd-hybrid-sleep.service.8: man/systemd-suspend.service.8 man/systemd-initctl.8: man/systemd-initctl.service.8 @@ -907,9 +897,6 @@ man/udev_monitor_unref.3: man/udev_monitor_new_from_netlink.3 man/udev_ref.3: man/udev_new.3 man/udev_unref.3: man/udev_new.3 man/user.conf.d.5: man/systemd-system.conf.5 -man/30-systemd-environment-d-generator.html: man/systemd-environment-d-generator.html - $(html-alias) - man/SD_ALERT.html: man/sd-daemon.html $(html-alias) @@ -1735,9 +1722,6 @@ man/systemd-fsck-root.service.html: man/systemd-fsck@.service.html man/systemd-fsck.html: man/systemd-fsck@.service.html $(html-alias) -man/systemd-hibernate-resume.html: man/systemd-hibernate-resume@.service.html - $(html-alias) - man/systemd-hibernate.service.html: man/systemd-suspend.service.html $(html-alias) @@ -2043,6 +2027,19 @@ MANPAGES_ALIAS += \ endif +if ENABLE_ENVIRONMENT_D +MANPAGES += \ + man/environment.d.5 \ + man/systemd-environment-d-generator.8 \ + man/systemd.environment-generator.7 +MANPAGES_ALIAS += \ + man/30-systemd-environment-d-generator.8 +man/30-systemd-environment-d-generator.8: man/systemd-environment-d-generator.8 +man/30-systemd-environment-d-generator.html: man/systemd-environment-d-generator.html + $(html-alias) + +endif + if ENABLE_FIRSTBOOT MANPAGES += \ man/systemd-firstboot.1 @@ -2054,6 +2051,18 @@ man/systemd-firstboot.service.html: man/systemd-firstboot.html endif +if ENABLE_HIBERNATE +MANPAGES += \ + man/systemd-hibernate-resume-generator.8 \ + man/systemd-hibernate-resume@.service.8 +MANPAGES_ALIAS += \ + man/systemd-hibernate-resume.8 +man/systemd-hibernate-resume.8: man/systemd-hibernate-resume@.service.8 +man/systemd-hibernate-resume.html: man/systemd-hibernate-resume@.service.html + $(html-alias) + +endif + if ENABLE_HOSTNAMED MANPAGES += \ man/hostnamectl.1 \ @@ -2188,6 +2197,7 @@ MANPAGES += \ man/dnssec-trust-anchors.d.5 \ man/nss-resolve.8 \ man/resolved.conf.5 \ + man/systemd-resolve.1 \ man/systemd-resolved.service.8 MANPAGES_ALIAS += \ man/libnss_resolve.so.2.8 \ diff --git a/Makefile.am b/Makefile.am index 8339625a62..11b539da9b 100644 --- a/Makefile.am +++ b/Makefile.am @@ -5599,6 +5599,9 @@ GENERAL_ALIASES += \ nodist_pkgsysconf_DATA += \ src/resolve/resolved.conf +dist_rootlibexec_DATA += \ + src/resolve/resolv.conf + libnss_resolve_la_SOURCES = \ src/nss-resolve/nss-resolve.sym \ src/nss-resolve/nss-resolve.c @@ -5737,9 +5740,6 @@ EXTRA_DIST += \ units/systemd-resolved.service.m4.in \ src/resolve/resolved.conf.in -dist_rootlibexec_DATA += \ - src/resolve/resolv.conf - # ------------------------------------------------------------------------------ if ENABLE_NETWORKD rootlibexec_PROGRAMS += \ @@ -5812,6 +5812,8 @@ libnetworkd_core_la_SOURCES = \ src/network/networkd-network-bus.c \ src/network/networkd-address.h \ src/network/networkd-address.c \ + src/network/networkd-address-label.h \ + src/network/networkd-address-label.c \ src/network/networkd-route.h \ src/network/networkd-route.c \ src/network/networkd-fdb.h \ diff --git a/docs/sysvinit/meson.build b/docs/sysvinit/meson.build index 36b2f6f98c..a8f5b519a3 100644 --- a/docs/sysvinit/meson.build +++ b/docs/sysvinit/meson.build @@ -2,5 +2,8 @@ file = configure_file( input : 'README.in', output : 'README', configuration : substs) -install_data(file, - install_dir : sysvinit_path) + +if conf.get('HAVE_SYSV_COMPAT', 0) == 1 + install_data(file, + install_dir : sysvinit_path) +endif diff --git a/docs/var-log/meson.build b/docs/var-log/meson.build index 43078c40e9..c833f0f5b0 100644 --- a/docs/var-log/meson.build +++ b/docs/var-log/meson.build @@ -2,5 +2,8 @@ file = configure_file( input : 'README.in', output : 'README', configuration : substs) -install_data(file, - install_dir : varlogdir) + +if conf.get('HAVE_SYSV_COMPAT', 0) == 1 + install_data(file, + install_dir : varlogdir) +endif diff --git a/hwdb/60-evdev.hwdb b/hwdb/60-evdev.hwdb index 5b7d31ace1..f1a27506f7 100644 --- a/hwdb/60-evdev.hwdb +++ b/hwdb/60-evdev.hwdb @@ -338,6 +338,13 @@ evdev:name:ETPS/2 Elantech Touchpad:dmi:*svnSAMSUNGELECTRONICSCO.,LTD.:pn305V4A/ EVDEV_ABS_35=0:2480:28 EVDEV_ABS_36=0:1116:24 +# Samsung 880Z5E +evdev:name:ETPS/2 Elantech Touchpad:dmi:*svnSAMSUNGELECTRONICSCO.,LTD.:pn870Z5E/880Z5E/680Z5E* + EVDEV_ABS_00=::30 + EVDEV_ABS_01=::29 + EVDEV_ABS_35=::30 + EVDEV_ABS_36=::29 + ######################################### # Toshiba ######################################### diff --git a/man/environment.d.xml b/man/environment.d.xml index be7758a2f9..78b949160b 100644 --- a/man/environment.d.xml +++ b/man/environment.d.xml @@ -20,7 +20,8 @@ You should have received a copy of the GNU Lesser General Public License along with systemd; If not, see <http://www.gnu.org/licenses/>. --> -<refentry id="environment.d" xmlns:xi="http://www.w3.org/2001/XInclude"> +<refentry id="environment.d" conditional='ENABLE_ENVIRONMENT_D' + xmlns:xi="http://www.w3.org/2001/XInclude"> <refentryinfo> <title>environment.d</title> diff --git a/man/rules/meson.build b/man/rules/meson.build index 21c996f9b4..1508b012df 100644 --- a/man/rules/meson.build +++ b/man/rules/meson.build @@ -12,7 +12,7 @@ manpages = [ '5', ['systemd.negative', 'systemd.positive'], 'ENABLE_RESOLVED'], - ['environment.d', '5', [], ''], + ['environment.d', '5', [], 'ENABLE_ENVIRONMENT_D'], ['file-hierarchy', '7', [], ''], ['halt', '8', ['poweroff', 'reboot'], ''], ['hostname', '5', [], ''], @@ -521,7 +521,7 @@ manpages = [ ['systemd-environment-d-generator', '8', ['30-systemd-environment-d-generator'], - ''], + 'ENABLE_ENVIRONMENT_D'], ['systemd-escape', '1', [], ''], ['systemd-firstboot', '1', ['systemd-firstboot.service'], 'ENABLE_FIRSTBOOT'], ['systemd-fsck@.service', @@ -538,8 +538,11 @@ manpages = [ 'systemd-reboot.service', 'systemd-shutdown'], ''], - ['systemd-hibernate-resume-generator', '8', [], ''], - ['systemd-hibernate-resume@.service', '8', ['systemd-hibernate-resume'], ''], + ['systemd-hibernate-resume-generator', '8', [], 'ENABLE_HIBERNATE'], + ['systemd-hibernate-resume@.service', + '8', + ['systemd-hibernate-resume'], + 'ENABLE_HIBERNATE'], ['systemd-hostnamed.service', '8', ['systemd-hostnamed'], 'ENABLE_HOSTNAMED'], ['systemd-hwdb', '8', [], 'ENABLE_HWDB'], ['systemd-importd.service', '8', ['systemd-importd'], 'ENABLE_IMPORTD'], @@ -585,7 +588,7 @@ manpages = [ ['systemd-random-seed'], 'ENABLE_RANDOMSEED'], ['systemd-remount-fs.service', '8', ['systemd-remount-fs'], ''], - ['systemd-resolve', '1', [], ''], + ['systemd-resolve', '1', [], 'ENABLE_RESOLVED'], ['systemd-resolved.service', '8', ['systemd-resolved'], 'ENABLE_RESOLVED'], ['systemd-rfkill.service', '8', @@ -644,7 +647,7 @@ manpages = [ ['systemd', '1', ['init'], ''], ['systemd.automount', '5', [], ''], ['systemd.device', '5', [], ''], - ['systemd.environment-generator', '7', [], ''], + ['systemd.environment-generator', '7', [], 'ENABLE_ENVIRONMENT_D'], ['systemd.exec', '5', [], ''], ['systemd.generator', '7', [], ''], ['systemd.journal-fields', '7', [], ''], diff --git a/man/systemd-environment-d-generator.xml b/man/systemd-environment-d-generator.xml index cc00a5256d..7950aa98a5 100644 --- a/man/systemd-environment-d-generator.xml +++ b/man/systemd-environment-d-generator.xml @@ -23,7 +23,7 @@ You should have received a copy of the GNU Lesser General Public License along with systemd; If not, see <http://www.gnu.org/licenses/>. --> -<refentry id="systemd-environment-d-generator"> +<refentry id="systemd-environment-d-generator" conditional='ENABLE_ENVIRONMENT_D'> <refentryinfo> <title>systemd-environment-d-generator</title> diff --git a/man/systemd-hibernate-resume-generator.xml b/man/systemd-hibernate-resume-generator.xml index d811b9b551..3bbb6ab989 100644 --- a/man/systemd-hibernate-resume-generator.xml +++ b/man/systemd-hibernate-resume-generator.xml @@ -19,7 +19,7 @@ You should have received a copy of the GNU Lesser General Public License along with systemd; If not, see <http://www.gnu.org/licenses/>. --> -<refentry id="systemd-hibernate-resume-generator"> +<refentry id="systemd-hibernate-resume-generator" conditional='ENABLE_HIBERNATE'> <refentryinfo> <title>systemd-hibernate-resume-generator</title> diff --git a/man/systemd-hibernate-resume@.service.xml b/man/systemd-hibernate-resume@.service.xml index 7d00827447..a968adf0a9 100644 --- a/man/systemd-hibernate-resume@.service.xml +++ b/man/systemd-hibernate-resume@.service.xml @@ -19,7 +19,7 @@ You should have received a copy of the GNU Lesser General Public License along with systemd; If not, see <http://www.gnu.org/licenses/>. --> -<refentry id="systemd-hibernate-resume@.service"> +<refentry id="systemd-hibernate-resume@.service" conditional='ENABLE_HIBERNATE'> <refentryinfo> <title>systemd-hibernate-resume@.service</title> diff --git a/man/systemd-resolve.xml b/man/systemd-resolve.xml index 50da971b07..e3ef26bb81 100644 --- a/man/systemd-resolve.xml +++ b/man/systemd-resolve.xml @@ -21,7 +21,7 @@ along with systemd; If not, see <http://www.gnu.org/licenses/>. --> -<refentry id="systemd-resolve" +<refentry id="systemd-resolve" conditional='ENABLE_RESOLVED' xmlns:xi="http://www.w3.org/2001/XInclude"> <refentryinfo> diff --git a/man/systemd.environment-generator.xml b/man/systemd.environment-generator.xml index fedbd60175..ff8be92833 100644 --- a/man/systemd.environment-generator.xml +++ b/man/systemd.environment-generator.xml @@ -24,7 +24,8 @@ along with systemd; If not, see <http://www.gnu.org/licenses/>. --> -<refentry id="systemd.environment-generator" xmlns:xi="http://www.w3.org/2001/XInclude"> +<refentry id="systemd.environment-generator" conditional='ENABLE_ENVIRONMENT_D' + xmlns:xi="http://www.w3.org/2001/XInclude"> <refentryinfo> <title>systemd.environment-generator</title> <productname>systemd</productname> diff --git a/man/systemd.network.xml b/man/systemd.network.xml index 4b80578333..ad0e0cf48a 100644 --- a/man/systemd.network.xml +++ b/man/systemd.network.xml @@ -796,6 +796,33 @@ </variablelist> </refsect1> + <refsect1> + <title>[IPv6AddressLabel] Section Options</title> + + <para>An <literal>[IPv6AddressLabel]</literal> section accepts the + following keys. Specify several <literal>[IPv6AddressLabel]</literal> + sections to configure several addresse labels. IPv6 address labels are + used for address selection. See <ulink url="https://tools.ietf.org/html/rfc3484">RFC 3484</ulink>. + Precedence is managed by userspace, and only the label itself is stored in the kernel</para> + + <variablelist class='network-directives'> + <varlistentry> + <term><varname>Label=</varname></term> + <listitem> + <para> The label for the prefix (an unsigned integer) ranges 0 to 4294967294. + 0xffffffff is reserved. This key is mandatory.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>Prefix=</varname></term> + <listitem> + <para>IPv6 prefix is an address with a prefix length, separated by a slash <literal>/</literal> character. + This key is mandatory. </para> + </listitem> + </varlistentry> + </variablelist> + </refsect1> + <refsect1> <title>[Route] Section Options</title> <para>The <literal>[Route]</literal> section accepts the diff --git a/meson.build b/meson.build index b18e645d39..79843c7319 100644 --- a/meson.build +++ b/meson.build @@ -246,10 +246,6 @@ foreach arg : ['-Wundef', '-Wendif-labels', '-Wstrict-aliasing=2', '-Wwrite-strings', - '-Wno-unused-parameter', - '-Wno-missing-field-initializers', - '-Wno-unused-result', - '-Wno-format-signedness', '-Werror=overflow', '-Wdate-time', '-Wnested-externs', @@ -268,6 +264,17 @@ foreach arg : ['-Wundef', endif endforeach +# "negative" arguments: gcc on purpose does not return an error for "-Wno-" +# arguments, just emits a warnings. So test for the "positive" version instead. +foreach arg : ['unused-parameter', + 'missing-field-initializers', + 'unused-result', + 'format-signedness'] + if cc.has_argument('-W' + arg) + add_project_arguments('-Wno-' + arg, language : 'c') + endif +endforeach + if cc.compiles(' #include <time.h> #include <inttypes.h> @@ -614,13 +621,19 @@ libm = cc.find_library('m') libdl = cc.find_library('dl') libcrypt = cc.find_library('crypt') -libcap = dependency('libcap') +libcap = dependency('libcap', required : false) +if not libcap.found() + # Compat with Ubuntu 14.04 which ships libcap w/o .pc file + libcap = cc.find_library('cap') +endif + libmount = dependency('mount', version : '>= 2.27') want_seccomp = get_option('seccomp') if want_seccomp != 'false' libseccomp = dependency('libseccomp', + version : '>= 2.3.1', required : want_seccomp == 'true') if libseccomp.found() conf.set('HAVE_SECCOMP', 1) @@ -1184,8 +1197,7 @@ executable('systemd', systemd_sources, include_directories : includes, link_with : [libcore, - libshared, - libudev], + libshared], dependencies : [threads, librt, libseccomp, @@ -1200,7 +1212,6 @@ exe = executable('systemd-analyze', systemd_analyze_sources, include_directories : includes, link_with : [libcore, - libudev, libshared], dependencies : [threads, librt, @@ -1216,8 +1227,7 @@ executable('systemd-journald', systemd_journald_sources, include_directories : includes, link_with : [libjournal_core, - libshared, - libudev], + libshared], dependencies : [threads, libxz, liblz4, @@ -1230,8 +1240,7 @@ exe = executable('systemd-cat', systemd_cat_sources, include_directories : includes, link_with : [libjournal_core, - libshared, - libudev], + libshared], dependencies : [threads], install_rpath : rootlibexecdir, install : true) @@ -1240,8 +1249,7 @@ public_programs += [exe] exe = executable('journalctl', journalctl_sources, include_directories : includes, - link_with : [libshared, - libudev], + link_with : [libshared], dependencies : [threads, libqrencode, libxz, @@ -1313,8 +1321,7 @@ if conf.get('HAVE_BLKID', 0) == 1 'src/gpt-auto-generator/gpt-auto-generator.c', 'src/basic/blkid-util.h', include_directories : includes, - link_with : [libshared, - libudev], + link_with : [libshared], dependencies : libblkid, install_rpath : rootlibexecdir, install : true, @@ -1365,8 +1372,7 @@ if conf.get('ENABLE_LOGIND', 0) == 1 systemd_logind_sources, include_directories : includes, link_with : [liblogind_core, - libshared, - libudev], + libshared], dependencies : [threads, libacl], install_rpath : rootlibexecdir, @@ -1376,8 +1382,7 @@ if conf.get('ENABLE_LOGIND', 0) == 1 exe = executable('loginctl', loginctl_sources, include_directories : includes, - link_with : [libshared, - libudev], + link_with : [libshared], dependencies : [threads, liblz4, libxz], @@ -1465,8 +1470,7 @@ if conf.get('ENABLE_BACKLIGHT', 0) == 1 executable('systemd-backlight', 'src/backlight/backlight.c', include_directories : includes, - link_with : [libshared, - libudev], + link_with : [libshared], install_rpath : rootlibexecdir, install : true, install_dir : rootlibexecdir) @@ -1476,8 +1480,7 @@ if conf.get('ENABLE_RFKILL', 0) == 1 executable('systemd-rfkill', 'src/rfkill/rfkill.c', include_directories : includes, - link_with : [libshared, - libudev], + link_with : [libshared], install_rpath : rootlibexecdir, install : true, install_dir : rootlibexecdir) @@ -1975,8 +1978,7 @@ executable('systemd-initctl', exe = executable('systemd-mount', 'src/mount/mount-tool.c', include_directories : includes, - link_with : [libshared, - libudev], + link_with : [libshared], install_rpath : rootlibexecdir, install : true) public_programs += [exe] @@ -2100,8 +2102,7 @@ public_programs += [exe] executable('systemd-shutdown', systemd_shutdown_sources, include_directories : includes, - link_with : [libshared, - libudev], + link_with : [libshared], install_rpath : rootlibexecdir, install : true, install_dir : rootlibexecdir) @@ -2146,9 +2147,7 @@ exe = executable('systemd-nspawn', 'src/core/loopback-setup.c', 'src/core/loopback-setup.h', include_directories : [includes, include_directories('src/nspawn')], - link_with : [libfirewall, - libshared, - libudev], + link_with : [libshared], dependencies : [libacl, libblkid, libseccomp, @@ -2162,7 +2161,6 @@ if conf.get('ENABLE_NETWORKD', 0) == 1 systemd_networkd_sources, include_directories : includes, link_with : [libnetworkd_core, - libfirewall, libsystemd_network, libudev_internal, libshared], diff --git a/src/boot/efi/measure.h b/src/boot/efi/measure.h index a2cfe817d0..43aa8a0058 100644 --- a/src/boot/efi/measure.h +++ b/src/boot/efi/measure.h @@ -13,9 +13,6 @@ #ifndef __SDBOOT_MEASURE_H #define __SDBOOT_MEASURE_H -#ifndef SD_TPM_PCR -#define SD_TPM_PCR 8 -#endif - EFI_STATUS tpm_log_event(UINT32 pcrindex, const EFI_PHYSICAL_ADDRESS buffer, UINTN buffer_size, const CHAR16 *description); + #endif diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build index 6c5c856d8c..6241cb1c19 100644 --- a/src/boot/efi/meson.build +++ b/src/boot/efi/meson.build @@ -62,6 +62,8 @@ if have_gnu_efi efi_conf = configuration_data() efi_conf.set_quoted('PACKAGE_VERSION', meson.project_version()) efi_conf.set_quoted('EFI_MACHINE_TYPE_NAME', EFI_MACHINE_TYPE_NAME) + efi_conf.set('SD_BOOT_LOG_TPM', get_option('tpm')) + efi_conf.set('SD_TPM_PCR', get_option('tpm-pcrindex')) efi_config_h = configure_file( output : 'efi_config.h', diff --git a/src/cgtop/cgtop.c b/src/cgtop/cgtop.c index 67f3a99860..7ebb02fa8c 100644 --- a/src/cgtop/cgtop.c +++ b/src/cgtop/cgtop.c @@ -75,6 +75,7 @@ static usec_t arg_delay = 1*USEC_PER_SEC; static char* arg_machine = NULL; static char* arg_root = NULL; static bool arg_recursive = true; +static bool arg_recursive_unset = false; static enum { COUNT_PIDS, @@ -732,7 +733,6 @@ static int parse_argv(int argc, char *argv[]) { {} }; - bool recursive_unset = false; int c, r; assert(argc >= 1); @@ -852,7 +852,7 @@ static int parse_argv(int argc, char *argv[]) { } arg_recursive = r; - recursive_unset = r == 0; + arg_recursive_unset = r == 0; break; case 'M': @@ -873,11 +873,6 @@ static int parse_argv(int argc, char *argv[]) { return -EINVAL; } - if (recursive_unset && arg_count == COUNT_PIDS) { - log_error("Non-recursive counting is only supported when counting processes, not tasks. Use -P or -k."); - return -EINVAL; - } - return 1; } @@ -902,6 +897,10 @@ int main(int argc, char *argv[]) { log_parse_environment(); log_open(); + r = parse_argv(argc, argv); + if (r <= 0) + goto finish; + r = cg_mask_supported(&mask); if (r < 0) { log_error_errno(r, "Failed to determine supported controllers: %m"); @@ -910,9 +909,10 @@ int main(int argc, char *argv[]) { arg_count = (mask & CGROUP_MASK_PIDS) ? COUNT_PIDS : COUNT_USERSPACE_PROCESSES; - r = parse_argv(argc, argv); - if (r <= 0) - goto finish; + if (arg_recursive_unset && arg_count == COUNT_PIDS) { + log_error("Non-recursive counting is only supported when counting processes, not tasks. Use -P or -k."); + return -EINVAL; + } r = show_cgroup_get_path_and_warn(arg_machine, arg_root, &root); if (r < 0) { diff --git a/src/core/main.c b/src/core/main.c index bcf9ea5f25..e6ae0bee31 100644 --- a/src/core/main.c +++ b/src/core/main.c @@ -1162,6 +1162,8 @@ static int prepare_reexecute(Manager *m, FILE **_f, FDSet **_fds, bool switching static int bump_rlimit_nofile(struct rlimit *saved_rlimit) { struct rlimit nl; int r; + int min_max; + _cleanup_free_ char *nr_open = NULL; assert(saved_rlimit); @@ -1182,8 +1184,16 @@ static int bump_rlimit_nofile(struct rlimit *saved_rlimit) { arg_default_rlimit[RLIMIT_NOFILE] = rl; } + /* Get current RLIMIT_NOFILE maximum compiled into the kernel. */ + r = read_one_line_file("/proc/sys/fs/nr_open", &nr_open); + if (r == 0) + r = safe_atoi(nr_open, &min_max); + /* If we fail, fallback to the hard-coded kernel limit of 1024 * 1024. */ + if (r < 0) + min_max = 1024 * 1024; + /* Bump up the resource limit for ourselves substantially */ - nl.rlim_cur = nl.rlim_max = 64*1024; + nl.rlim_cur = nl.rlim_max = min_max; r = setrlimit_closest(RLIMIT_NOFILE, &nl); if (r < 0) return log_warning_errno(r, "Setting RLIMIT_NOFILE failed, ignoring: %m"); diff --git a/src/core/service.c b/src/core/service.c index a63c6d8bc3..b45929e535 100644 --- a/src/core/service.c +++ b/src/core/service.c @@ -2163,7 +2163,6 @@ static int service_serialize_exec_command(Unit *u, FILE *f, ExecCommand *command unsigned idx; const char *type; char **arg; - _cleanup_strv_free_ char **escaped_args = NULL; _cleanup_free_ char *args = NULL, *p = NULL; size_t allocated = 0, length = 0; @@ -2306,7 +2305,7 @@ static int service_deserialize_exec_command(Unit *u, const char *key, const char bool control, found = false; ServiceExecCommand id = _SERVICE_EXEC_COMMAND_INVALID; ExecCommand *command = NULL; - _cleanup_free_ char *args = NULL, *path = NULL; + _cleanup_free_ char *path = NULL; _cleanup_strv_free_ char **argv = NULL; enum ExecCommandState { diff --git a/src/hostname/meson.build b/src/hostname/meson.build index 68275ba8f5..7cb5fc135a 100644 --- a/src/hostname/meson.build +++ b/src/hostname/meson.build @@ -1,9 +1,9 @@ -install_data('org.freedesktop.hostname1.conf', - install_dir : dbuspolicydir) -install_data('org.freedesktop.hostname1.service', - install_dir : dbussystemservicedir) - if conf.get('ENABLE_HOSTNAMED', 0) == 1 + install_data('org.freedesktop.hostname1.conf', + install_dir : dbuspolicydir) + install_data('org.freedesktop.hostname1.service', + install_dir : dbussystemservicedir) + custom_target( 'org.freedesktop.hostname1.policy', input : 'org.freedesktop.hostname1.policy.in', diff --git a/src/import/pull-common.c b/src/import/pull-common.c index 4c745288f5..78840dd882 100644 --- a/src/import/pull-common.c +++ b/src/import/pull-common.c @@ -394,7 +394,6 @@ int pull_verify(PullJob *main_job, PullJob *signature_job) { _cleanup_close_pair_ int gpg_pipe[2] = { -1, -1 }; - _cleanup_free_ char *fn = NULL; _cleanup_close_ int sig_file = -1; char sig_file_path[] = "/tmp/sigXXXXXX", gpg_home[] = "/tmp/gpghomeXXXXXX"; _cleanup_(sigkill_waitp) pid_t pid = 0; diff --git a/src/import/pull-raw.c b/src/import/pull-raw.c index fd2e472f09..a15eac1f1f 100644 --- a/src/import/pull-raw.c +++ b/src/import/pull-raw.c @@ -580,7 +580,6 @@ static int raw_pull_job_on_open_disk_generic( const char *extra, char **temp_path) { - _cleanup_free_ char *p = NULL; int r; assert(i); diff --git a/src/journal-remote/meson.build b/src/journal-remote/meson.build index 394be7068c..072fa14548 100644 --- a/src/journal-remote/meson.build +++ b/src/journal-remote/meson.build @@ -37,13 +37,13 @@ if conf.get('ENABLE_REMOTE', 0) == 1 and conf.get('HAVE_MICROHTTPD', 0) == 1 configuration : substs) install_data(journal_remote_conf, install_dir : pkgsysconfdir) -endif -install_data('browse.html', - install_dir : join_paths(pkgdatadir, 'gatewayd')) + install_data('browse.html', + install_dir : join_paths(pkgdatadir, 'gatewayd')) -meson.add_install_script('sh', '-c', - mkdir_p.format('/var/log/journal/remote')) -meson.add_install_script('sh', '-c', - 'chown 0:0 $DESTDIR/var/log/journal/remote && - chmod 755 $DESTDIR/var/log/journal/remote || :') + meson.add_install_script('sh', '-c', + mkdir_p.format('/var/log/journal/remote')) + meson.add_install_script('sh', '-c', + 'chown 0:0 $DESTDIR/var/log/journal/remote && + chmod 755 $DESTDIR/var/log/journal/remote || :') +endif diff --git a/src/libsystemd/sd-netlink/netlink-types.c b/src/libsystemd/sd-netlink/netlink-types.c index 248bc90788..923f7dd10c 100644 --- a/src/libsystemd/sd-netlink/netlink-types.c +++ b/src/libsystemd/sd-netlink/netlink-types.c @@ -26,6 +26,7 @@ #include <linux/veth.h> #include <linux/if_bridge.h> #include <linux/if_addr.h> +#include <linux/if_addrlabel.h> #include <linux/if.h> #include <linux/ip.h> #include <linux/if_link.h> @@ -586,22 +587,35 @@ static const NLTypeSystem rtnl_neigh_type_system = { .types = rtnl_neigh_types, }; +static const NLType rtnl_addrlabel_types[] = { + [IFAL_ADDRESS] = { .type = NETLINK_TYPE_IN_ADDR, .size = sizeof(struct in6_addr) }, + [IFAL_LABEL] = { .type = NETLINK_TYPE_U32 }, +}; + +static const NLTypeSystem rtnl_addrlabel_type_system = { + .count = ELEMENTSOF(rtnl_addrlabel_types), + .types = rtnl_addrlabel_types, +}; + static const NLType rtnl_types[] = { - [NLMSG_DONE] = { .type = NETLINK_TYPE_NESTED, .type_system = &empty_type_system, .size = 0 }, - [NLMSG_ERROR] = { .type = NETLINK_TYPE_NESTED, .type_system = &empty_type_system, .size = sizeof(struct nlmsgerr) }, - [RTM_NEWLINK] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_link_type_system, .size = sizeof(struct ifinfomsg) }, - [RTM_DELLINK] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_link_type_system, .size = sizeof(struct ifinfomsg) }, - [RTM_GETLINK] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_link_type_system, .size = sizeof(struct ifinfomsg) }, - [RTM_SETLINK] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_link_type_system, .size = sizeof(struct ifinfomsg) }, - [RTM_NEWADDR] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_address_type_system, .size = sizeof(struct ifaddrmsg) }, - [RTM_DELADDR] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_address_type_system, .size = sizeof(struct ifaddrmsg) }, - [RTM_GETADDR] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_address_type_system, .size = sizeof(struct ifaddrmsg) }, - [RTM_NEWROUTE] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_route_type_system, .size = sizeof(struct rtmsg) }, - [RTM_DELROUTE] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_route_type_system, .size = sizeof(struct rtmsg) }, - [RTM_GETROUTE] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_route_type_system, .size = sizeof(struct rtmsg) }, - [RTM_NEWNEIGH] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_neigh_type_system, .size = sizeof(struct ndmsg) }, - [RTM_DELNEIGH] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_neigh_type_system, .size = sizeof(struct ndmsg) }, - [RTM_GETNEIGH] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_neigh_type_system, .size = sizeof(struct ndmsg) }, + [NLMSG_DONE] = { .type = NETLINK_TYPE_NESTED, .type_system = &empty_type_system, .size = 0 }, + [NLMSG_ERROR] = { .type = NETLINK_TYPE_NESTED, .type_system = &empty_type_system, .size = sizeof(struct nlmsgerr) }, + [RTM_NEWLINK] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_link_type_system, .size = sizeof(struct ifinfomsg) }, + [RTM_DELLINK] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_link_type_system, .size = sizeof(struct ifinfomsg) }, + [RTM_GETLINK] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_link_type_system, .size = sizeof(struct ifinfomsg) }, + [RTM_SETLINK] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_link_type_system, .size = sizeof(struct ifinfomsg) }, + [RTM_NEWADDR] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_address_type_system, .size = sizeof(struct ifaddrmsg) }, + [RTM_DELADDR] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_address_type_system, .size = sizeof(struct ifaddrmsg) }, + [RTM_GETADDR] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_address_type_system, .size = sizeof(struct ifaddrmsg) }, + [RTM_NEWROUTE] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_route_type_system, .size = sizeof(struct rtmsg) }, + [RTM_DELROUTE] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_route_type_system, .size = sizeof(struct rtmsg) }, + [RTM_GETROUTE] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_route_type_system, .size = sizeof(struct rtmsg) }, + [RTM_NEWNEIGH] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_neigh_type_system, .size = sizeof(struct ndmsg) }, + [RTM_DELNEIGH] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_neigh_type_system, .size = sizeof(struct ndmsg) }, + [RTM_GETNEIGH] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_neigh_type_system, .size = sizeof(struct ndmsg) }, + [RTM_NEWADDRLABEL] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_addrlabel_type_system, .size = sizeof(struct ifaddrlblmsg) }, + [RTM_DELADDRLABEL] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_addrlabel_type_system, .size = sizeof(struct ifaddrlblmsg) }, + [RTM_GETADDRLABEL] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_addrlabel_type_system, .size = sizeof(struct ifaddrlblmsg) }, }; const NLTypeSystem type_system_root = { diff --git a/src/libsystemd/sd-netlink/netlink-util.h b/src/libsystemd/sd-netlink/netlink-util.h index f49bf4eaa6..49bb226ef3 100644 --- a/src/libsystemd/sd-netlink/netlink-util.h +++ b/src/libsystemd/sd-netlink/netlink-util.h @@ -32,6 +32,10 @@ bool rtnl_message_type_is_addr(uint16_t type); bool rtnl_message_type_is_route(uint16_t type); bool rtnl_message_type_is_neigh(uint16_t type); +static inline bool rtnl_message_type_is_addrlabel(uint16_t type) { + return IN_SET(type, RTM_NEWADDRLABEL, RTM_DELADDRLABEL, RTM_GETADDRLABEL); +} + int rtnl_set_link_name(sd_netlink **rtnl, int ifindex, const char *name); int rtnl_set_link_properties(sd_netlink **rtnl, int ifindex, const char *alias, const struct ether_addr *mac, unsigned mtu); diff --git a/src/libsystemd/sd-netlink/rtnl-message.c b/src/libsystemd/sd-netlink/rtnl-message.c index b543b5f20c..d5f8b7d15e 100644 --- a/src/libsystemd/sd-netlink/rtnl-message.c +++ b/src/libsystemd/sd-netlink/rtnl-message.c @@ -18,6 +18,7 @@ ***/ #include <netinet/in.h> +#include <linux/if_addrlabel.h> #include <stdbool.h> #include <unistd.h> @@ -700,3 +701,42 @@ int sd_rtnl_message_get_family(sd_netlink_message *m, int *family) { return -EOPNOTSUPP; } + +int sd_rtnl_message_new_addrlabel(sd_netlink *rtnl, sd_netlink_message **ret, uint16_t nlmsg_type, int ifindex, int ifal_family) { + struct ifaddrlblmsg *addrlabel; + int r; + + assert_return(rtnl_message_type_is_addrlabel(nlmsg_type), -EINVAL); + assert_return(ret, -EINVAL); + + r = message_new(rtnl, ret, nlmsg_type); + if (r < 0) + return r; + + if (nlmsg_type == RTM_NEWADDRLABEL) + (*ret)->hdr->nlmsg_flags |= NLM_F_CREATE | NLM_F_EXCL; + + addrlabel = NLMSG_DATA((*ret)->hdr); + + addrlabel->ifal_family = ifal_family; + addrlabel->ifal_index = ifindex; + + return 0; +} + +int sd_rtnl_message_addrlabel_set_prefixlen(sd_netlink_message *m, unsigned char prefixlen) { + struct ifaddrlblmsg *addrlabel; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_addrlabel(m->hdr->nlmsg_type), -EINVAL); + + addrlabel = NLMSG_DATA(m->hdr); + + if (prefixlen > 128) + return -ERANGE; + + addrlabel->ifal_prefixlen = prefixlen; + + return 0; +} diff --git a/src/locale/meson.build b/src/locale/meson.build index f722e0ed92..d03af4c0e2 100644 --- a/src/locale/meson.build +++ b/src/locale/meson.build @@ -27,9 +27,11 @@ endif kbd_model_map = join_paths(meson.current_source_dir(), 'kbd-model-map') language_fallback_map = join_paths(meson.current_source_dir(), 'language-fallback-map') -install_data('kbd-model-map', - 'language-fallback-map', - install_dir : pkgdatadir) +if conf.get('ENABLE_LOCALED', 0) == 1 + install_data('kbd-model-map', + 'language-fallback-map', + install_dir : pkgdatadir) +endif tests += [ [['src/locale/test-keymap-util.c', diff --git a/src/machine/meson.build b/src/machine/meson.build index 4ecb1cdb93..953774fdb6 100644 --- a/src/machine/meson.build +++ b/src/machine/meson.build @@ -39,8 +39,7 @@ endif tests += [ [['src/machine/test-machine-tables.c'], [libmachine_core, - libshared, - libudev], + libshared], [threads], 'ENABLE_MACHINED'], ] diff --git a/src/network/meson.build b/src/network/meson.build index 94bbb156aa..808f9eebbc 100644 --- a/src/network/meson.build +++ b/src/network/meson.build @@ -27,6 +27,8 @@ sources = files(''' netdev/vxlan.h netdev/geneve.c netdev/geneve.h + networkd-address-label.c + networkd-address-label.h networkd-address-pool.c networkd-address-pool.h networkd-address.c @@ -128,9 +130,8 @@ if conf.get('ENABLE_NETWORKD', 0) == 1 [libnetworkd_core, libudev_internal, libsystemd_network, - libshared, - libfirewall], - [libiptc]], + libshared], + []], [['src/network/test-network-tables.c', 'src/network/test-network-tables.c', @@ -139,8 +140,7 @@ if conf.get('ENABLE_NETWORKD', 0) == 1 libudev_internal, libudev_core, libsystemd_network, - libshared, - libfirewall], + libshared], [], '', '', [], [network_include_dir] + libudev_core_includes], diff --git a/src/network/netdev/geneve.h b/src/network/netdev/geneve.h index d97dac892c..f93b550b06 100644 --- a/src/network/netdev/geneve.h +++ b/src/network/netdev/geneve.h @@ -25,7 +25,6 @@ typedef struct Geneve Geneve; #include "netdev.h" #include "networkd-link.h" #include "networkd-network.h" -#include "netdev.h" #define GENEVE_VID_MAX (1u << 24) - 1 diff --git a/src/network/networkd-address-label.c b/src/network/networkd-address-label.c new file mode 100644 index 0000000000..1248719cf3 --- /dev/null +++ b/src/network/networkd-address-label.c @@ -0,0 +1,257 @@ +/*** + This file is part of systemd. + + Copyright 2017 Susant Sahani + + systemd is free software; you can redistribute it and/or modify it + under the terms of the GNU Lesser General Public License as published by + the Free Software Foundation; either version 2.1 of the License, or + (at your option) any later version. + + systemd is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public License + along with systemd; If not, see <http://www.gnu.org/licenses/>. +***/ + +#include <net/if.h> +#include <linux/if_addrlabel.h> + +#include "alloc-util.h" +#include "conf-parser.h" +#include "networkd-address-label.h" +#include "netlink-util.h" +#include "networkd-manager.h" +#include "parse-util.h" +#include "socket-util.h" + +int address_label_new(AddressLabel **ret) { + _cleanup_address_label_free_ AddressLabel *addrlabel = NULL; + + addrlabel = new0(AddressLabel, 1); + if (!addrlabel) + return -ENOMEM; + + *ret = addrlabel; + addrlabel = NULL; + + return 0; +} + +void address_label_free(AddressLabel *label) { + if (!label) + return; + + if (label->network) { + LIST_REMOVE(labels, label->network->address_labels, label); + assert(label->network->n_address_labels > 0); + label->network->n_address_labels--; + + if (label->section) { + hashmap_remove(label->network->address_labels_by_section, label->section); + network_config_section_free(label->section); + } + } + + free(label); +} + +static int address_label_new_static(Network *network, const char *filename, unsigned section_line, AddressLabel **ret) { + _cleanup_network_config_section_free_ NetworkConfigSection *n = NULL; + _cleanup_address_label_free_ AddressLabel *label = NULL; + int r; + + assert(network); + assert(ret); + assert(!!filename == (section_line > 0)); + + r = network_config_section_new(filename, section_line, &n); + if (r < 0) + return r; + + label = hashmap_get(network->address_labels_by_section, n); + if (label) { + *ret = label; + label = NULL; + + return 0; + } + + r = address_label_new(&label); + if (r < 0) + return r; + + label->section = n; + n = NULL; + + r = hashmap_put(network->address_labels_by_section, label->section, label); + if (r < 0) + return r; + + label->network = network; + LIST_APPEND(labels, network->address_labels, label); + network->n_address_labels++; + + *ret = label; + label = NULL; + + return 0; +} + +int address_label_configure( + AddressLabel *label, + Link *link, + sd_netlink_message_handler_t callback, + bool update) { + + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL; + int r; + + assert(label); + assert(link); + assert(link->ifindex > 0); + assert(link->manager); + assert(link->manager->rtnl); + + r = sd_rtnl_message_new_addrlabel(link->manager->rtnl, &req, RTM_NEWADDRLABEL, + link->ifindex, label->family); + if (r < 0) + return log_error_errno(r, "Could not allocate RTM_NEWADDR message: %m"); + + r = sd_rtnl_message_addrlabel_set_prefixlen(req, label->prefixlen); + if (r < 0) + return log_error_errno(r, "Could not set prefixlen: %m"); + + r = sd_netlink_message_append_u32(req, IFAL_LABEL, label->label); + if (r < 0) + return log_error_errno(r, "Could not append IFAL_LABEL attribute: %m"); + + r = sd_netlink_message_append_in6_addr(req, IFA_ADDRESS, &label->in_addr.in6); + if (r < 0) + return log_error_errno(r, "Could not append IFA_ADDRESS attribute: %m"); + + r = sd_netlink_call_async(link->manager->rtnl, req, callback, link, 0, NULL); + if (r < 0) + return log_error_errno(r, "Could not send rtnetlink message: %m"); + + link_ref(link); + + return 0; +} + +int config_parse_address_label_prefix(const char *unit, + const char *filename, + unsigned line, + const char *section, + unsigned section_line, + const char *lvalue, + int ltype, + const char *rvalue, + void *data, + void *userdata) { + + _cleanup_address_label_free_ AddressLabel *n = NULL; + Network *network = userdata; + const char *prefix, *e; + union in_addr_union buffer; + int r, f; + + assert(filename); + assert(section); + assert(lvalue); + assert(rvalue); + assert(data); + + r = address_label_new_static(network, filename, section_line, &n); + if (r < 0) + return r; + + /* AddressLabel=prefix/prefixlen */ + + /* prefixlen */ + e = strchr(rvalue, '/'); + if (e) { + unsigned i; + + r = safe_atou(e + 1, &i); + if (r < 0) { + log_syntax(unit, LOG_ERR, filename, line, r, "Prefix length is invalid, ignoring assignment: %s", e + 1); + return 0; + } + + if (i > 128) { + log_syntax(unit, LOG_ERR, filename, line, r, "Prefix length is out of range, ignoring assignment: %s", e + 1); + return 0; + } + + n->prefixlen = (unsigned char) i; + + prefix = strndupa(rvalue, e - rvalue); + } else + prefix = rvalue; + + r = in_addr_from_string_auto(prefix, &f, &buffer); + if (r < 0) { + log_syntax(unit, LOG_ERR, filename, line, r, "Address label is invalid, ignoring assignment: %s", prefix); + return 0; + } + + if (f != AF_INET6) { + log_syntax(unit, LOG_ERR, filename, line, 0, "Address label family is not IPv6, ignoring assignment: %s", prefix); + return 0; + } + + n->family = f; + n->in_addr = buffer; + + n = NULL; + + return 0; +} + +int config_parse_address_label( + const char *unit, + const char *filename, + unsigned line, + const char *section, + unsigned section_line, + const char *lvalue, + int ltype, + const char *rvalue, + void *data, + void *userdata) { + + _cleanup_address_label_free_ AddressLabel *n = NULL; + Network *network = userdata; + uint32_t k; + int r; + + assert(filename); + assert(section); + assert(lvalue); + assert(rvalue); + assert(data); + + r = address_label_new_static(network, filename, section_line, &n); + if (r < 0) + return r; + + r = safe_atou32(rvalue, &k); + if (r < 0) { + log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse address label, ignoring: %s", rvalue); + return 0; + } + + if (k == 0xffffffffUL) { + log_syntax(unit, LOG_ERR, filename, line, r, "Adress label is invalid, ignoring: %s", rvalue); + return 0; + } + + n->label = k; + n = NULL; + + return 0; +} diff --git a/src/network/networkd-address-label.h b/src/network/networkd-address-label.h new file mode 100644 index 0000000000..05bb24924c --- /dev/null +++ b/src/network/networkd-address-label.h @@ -0,0 +1,59 @@ +#pragma once + +/*** + This file is part of systemd. + + Copyright 2017 Susant Sahani + + systemd is free software; you can redistribute it and/or modify it + under the terms of the GNU Lesser General Public License as published by + the Free Software Foundation; either version 2.1 of the License, or + (at your option) any later version. + + systemd is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public License + along with systemd; If not, see <http://www.gnu.org/licenses/>. +***/ + +#include <inttypes.h> +#include <stdbool.h> + +#include "in-addr-util.h" + +typedef struct AddressLabel AddressLabel; + +#include "networkd-link.h" +#include "networkd-network.h" + +typedef struct Network Network; +typedef struct Link Link; +typedef struct NetworkConfigSection NetworkConfigSection; + +struct AddressLabel { + Network *network; + Link *link; + NetworkConfigSection *section; + + int family; + unsigned char prefixlen; + uint32_t label; + + union in_addr_union in_addr; + + LIST_FIELDS(AddressLabel, labels); +}; + +int address_label_new(AddressLabel **ret); +void address_label_free(AddressLabel *label); + +DEFINE_TRIVIAL_CLEANUP_FUNC(AddressLabel*, address_label_free); +#define _cleanup_address_label_free_ _cleanup_(address_label_freep) + +int address_label_configure(AddressLabel *address, Link *link, sd_netlink_message_handler_t callback, bool update); + +int config_parse_address_label(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); +int config_parse_address_label_prefix(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c index 1797f144b6..48ee12a317 100644 --- a/src/network/networkd-link.c +++ b/src/network/networkd-link.c @@ -853,6 +853,35 @@ static int address_handler(sd_netlink *rtnl, sd_netlink_message *m, void *userda return 1; } +static int address_label_handler(sd_netlink *rtnl, sd_netlink_message *m, void *userdata) { + _cleanup_link_unref_ Link *link = userdata; + int r; + + assert(rtnl); + assert(m); + assert(link); + assert(link->ifname); + assert(link->link_messages > 0); + + link->link_messages--; + + if (IN_SET(link->state, LINK_STATE_FAILED, LINK_STATE_LINGER)) + return 1; + + r = sd_netlink_message_get_errno(m); + if (r < 0 && r != -EEXIST) + log_link_warning_errno(link, r, "could not set address label: %m"); + else if (r >= 0) + manager_rtnl_process_address(rtnl, m, link->manager); + + if (link->link_messages == 0) { + log_link_debug(link, "Addresses label set"); + link_enter_set_routes(link); + } + + return 1; +} + static int link_push_uplink_dns_to_dhcp_server(Link *link, sd_dhcp_server *s) { _cleanup_free_ struct in_addr *addresses = NULL; size_t n_addresses = 0, n_allocated = 0; @@ -965,6 +994,7 @@ static int link_set_bridge_fdb(Link *link) { } static int link_enter_set_addresses(Link *link) { + AddressLabel *label; Address *ad; int r; @@ -989,6 +1019,17 @@ static int link_enter_set_addresses(Link *link) { link->link_messages++; } + LIST_FOREACH(labels, label, link->network->address_labels) { + r = address_label_configure(label, link, address_label_handler, false); + if (r < 0) { + log_link_warning_errno(link, r, "Could not set address label: %m"); + link_enter_failed(link); + return r; + } + + link->link_messages++; + } + /* now that we can figure out a default address for the dhcp server, start it */ if (link_dhcp4_server_enabled(link)) { diff --git a/src/network/networkd-network-gperf.gperf b/src/network/networkd-network-gperf.gperf index 3743113825..6c4530fbd4 100644 --- a/src/network/networkd-network-gperf.gperf +++ b/src/network/networkd-network-gperf.gperf @@ -79,6 +79,8 @@ Address.DuplicateAddressDetection, config_parse_address_flags, Address.ManageTemporaryAddress, config_parse_address_flags, 0, 0 Address.PrefixRoute, config_parse_address_flags, 0, 0 Address.AutoJoin, config_parse_address_flags, 0, 0 +IPv6AddressLabel.Prefix, config_parse_address_label_prefix, 0, 0 +IPv6AddressLabel.Label, config_parse_address_label, 0, 0 Route.Gateway, config_parse_gateway, 0, 0 Route.Destination, config_parse_destination, 0, 0 Route.Source, config_parse_destination, 0, 0 diff --git a/src/network/networkd-network.c b/src/network/networkd-network.c index dd29b4ca48..0c0e661909 100644 --- a/src/network/networkd-network.c +++ b/src/network/networkd-network.c @@ -114,6 +114,7 @@ static int network_load_one(Manager *manager, const char *filename) { LIST_HEAD_INIT(network->static_routes); LIST_HEAD_INIT(network->static_fdb_entries); LIST_HEAD_INIT(network->ipv6_proxy_ndp_addresses); + LIST_HEAD_INIT(network->address_labels); network->stacked_netdevs = hashmap_new(&string_hash_ops); if (!network->stacked_netdevs) @@ -131,6 +132,10 @@ static int network_load_one(Manager *manager, const char *filename) { if (!network->fdb_entries_by_section) return log_oom(); + network->address_labels_by_section = hashmap_new(&network_config_hash_ops); + if (!network->address_labels_by_section) + return log_oom(); + network->filename = strdup(filename); if (!network->filename) return log_oom(); @@ -192,6 +197,7 @@ static int network_load_one(Manager *manager, const char *filename) { "Link\0" "Network\0" "Address\0" + "IPv6AddressLabel\0" "Route\0" "DHCP\0" "DHCPv4\0" /* compat */ @@ -271,6 +277,7 @@ void network_free(Network *network) { Address *address; FdbEntry *fdb_entry; IPv6ProxyNDPAddress *ipv6_proxy_ndp_address; + AddressLabel *label; Iterator i; if (!network) @@ -318,9 +325,13 @@ void network_free(Network *network) { while ((ipv6_proxy_ndp_address = network->ipv6_proxy_ndp_addresses)) ipv6_proxy_ndp_address_free(ipv6_proxy_ndp_address); + while ((label = network->address_labels)) + address_label_free(label); + hashmap_free(network->addresses_by_section); hashmap_free(network->routes_by_section); hashmap_free(network->fdb_entries_by_section); + hashmap_free(network->address_labels_by_section); if (network->manager) { if (network->manager->networks) diff --git a/src/network/networkd-network.h b/src/network/networkd-network.h index d6f418d521..28ef285be6 100644 --- a/src/network/networkd-network.h +++ b/src/network/networkd-network.h @@ -28,6 +28,7 @@ #include "resolve-util.h" #include "networkd-address.h" +#include "networkd-address-label.h" #include "networkd-brvlan.h" #include "networkd-fdb.h" #include "networkd-lldp-tx.h" @@ -202,15 +203,18 @@ struct Network { LIST_HEAD(Route, static_routes); LIST_HEAD(FdbEntry, static_fdb_entries); LIST_HEAD(IPv6ProxyNDPAddress, ipv6_proxy_ndp_addresses); + LIST_HEAD(AddressLabel, address_labels); unsigned n_static_addresses; unsigned n_static_routes; unsigned n_static_fdb_entries; unsigned n_ipv6_proxy_ndp_addresses; + unsigned n_address_labels; Hashmap *addresses_by_section; Hashmap *routes_by_section; Hashmap *fdb_entries_by_section; + Hashmap *address_labels_by_section; struct in_addr_data *dns; unsigned n_dns; diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c index fd00d0957a..905dbc4c74 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c @@ -1158,6 +1158,10 @@ static int parse_argv(int argc, char *argv[]) { arg_caps_retain = (arg_caps_retain | plus | (arg_private_network ? 1ULL << CAP_NET_ADMIN : 0)) & ~minus; + r = cg_unified_flush(); + if (r < 0) + return log_error_errno(r, "Failed to determine whether the unified cgroups hierarchy is used: %m"); + e = getenv("SYSTEMD_NSPAWN_CONTAINER_SERVICE"); if (e) arg_container_service_name = e; @@ -3545,10 +3549,6 @@ int main(int argc, char *argv[]) { log_parse_environment(); log_open(); - r = cg_unified_flush(); - if (r < 0) - return log_error_errno(r, "Failed to determine whether the unified cgroups hierarchy is used: %m"); - /* Make sure rename_process() in the stub init process can work */ saved_argv = argv; saved_argc = argc; diff --git a/src/resolve/meson.build b/src/resolve/meson.build index 46a417e766..347ffaaeca 100644 --- a/src/resolve/meson.build +++ b/src/resolve/meson.build @@ -135,10 +135,10 @@ if conf.get('ENABLE_RESOLVED', 0) == 1 configuration : substs) install_data(resolved_conf, install_dir : pkgsysconfdir) -endif -install_data('resolv.conf', - install_dir : rootlibexecdir) + install_data('resolv.conf', + install_dir : rootlibexecdir) +endif tests += [ [['src/resolve/test-resolve-tables.c', diff --git a/src/shared/efivars.c b/src/shared/efivars.c index 8631a5a5d9..8229e6b183 100644 --- a/src/shared/efivars.c +++ b/src/shared/efivars.c @@ -269,6 +269,7 @@ int efi_set_variable( _cleanup_close_ int fd = -1; assert(name); + assert(value); if (asprintf(&p, "/sys/firmware/efi/efivars/%s-%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x", diff --git a/src/shared/meson.build b/src/shared/meson.build index 8968127d3f..f1d73d1b3f 100644 --- a/src/shared/meson.build +++ b/src/shared/meson.build @@ -34,6 +34,7 @@ shared_sources = ''' efivars.h fdset.c fdset.h + firewall-util.h fstab-util.c fstab-util.h gcrypt-util.c @@ -114,6 +115,10 @@ if conf.get('HAVE_SECCOMP', 0) == 1 shared_sources += ['seccomp-util.c'] endif +if conf.get('HAVE_LIBIPTC', 0) == 1 + shared_sources += ['firewall-util.c'] +endif + libshared_name = 'systemd-shared-@0@'.format(meson.project_version()) libshared = shared_library( @@ -122,10 +127,10 @@ libshared = shared_library( basic_sources, journal_internal_sources, libsystemd_internal_sources, + libudev_sources, include_directories : includes, link_args : ['-shared'], c_args : ['-fvisibility=default'], - link_with : [libudev], dependencies : [threads, librt, libcap, @@ -152,21 +157,9 @@ libshared_static = static_library( libcap, libacl, libcryptsetup, - libiptc, libseccomp, libselinux, libidn, libxz, liblz4, libblkid]) - -if conf.get('HAVE_LIBIPTC', 0) == 1 - libfirewall = static_library( - 'firewall', - 'firewall-util.h', - 'firewall-util.c', - include_directories : includes, - dependencies : [libiptc]) -else - libfirewall = [] -endif diff --git a/src/shared/pager.c b/src/shared/pager.c index 22d7603ec6..4d7b02c63c 100644 --- a/src/shared/pager.c +++ b/src/shared/pager.c @@ -176,12 +176,14 @@ void pager_close(void) { /* Inform pager that we are done */ (void) fflush(stdout); - if (stdout_redirected && ((stored_stdout < 0) || (dup2(stored_stdout, STDOUT_FILENO) < 0))) - (void) close(STDOUT_FILENO); + if (stdout_redirected) + if (stored_stdout < 0 || dup2(stored_stdout, STDOUT_FILENO) < 0) + (void) close(STDOUT_FILENO); stored_stdout = safe_close(stored_stdout); (void) fflush(stderr); - if (stderr_redirected && ((stored_stderr < 0) || (dup2(stored_stderr, STDERR_FILENO) < 0))) - (void) close(STDERR_FILENO); + if (stderr_redirected) + if (stored_stderr < 0 || dup2(stored_stderr, STDERR_FILENO) < 0) + (void) close(STDERR_FILENO); stored_stderr = safe_close(stored_stderr); stdout_redirected = stderr_redirected = false; diff --git a/src/systemd/sd-netlink.h b/src/systemd/sd-netlink.h index 7efa8ebe5a..aa39e0a0db 100644 --- a/src/systemd/sd-netlink.h +++ b/src/systemd/sd-netlink.h @@ -155,6 +155,9 @@ int sd_rtnl_message_neigh_get_ifindex(sd_netlink_message *m, int *family); int sd_rtnl_message_neigh_get_state(sd_netlink_message *m, uint16_t *state); int sd_rtnl_message_neigh_get_flags(sd_netlink_message *m, uint8_t *flags); +int sd_rtnl_message_new_addrlabel(sd_netlink *rtnl, sd_netlink_message **ret, uint16_t nlmsg_type, int ifindex, int ifal_family); +int sd_rtnl_message_addrlabel_set_prefixlen(sd_netlink_message *m, unsigned char prefixlen); + _SD_DEFINE_POINTER_CLEANUP_FUNC(sd_netlink, sd_netlink_unref); _SD_DEFINE_POINTER_CLEANUP_FUNC(sd_netlink_message, sd_netlink_message_unref); diff --git a/src/test/meson.build b/src/test/meson.build index 6c0fd4dca9..4ae1210fe1 100644 --- a/src/test/meson.build +++ b/src/test/meson.build @@ -55,8 +55,7 @@ tests += [ [['src/test/test-job-type.c'], [libcore, - libshared, - libudev], + libshared], [threads, librt, libseccomp, @@ -66,8 +65,7 @@ tests += [ [['src/test/test-ns.c'], [libcore, - libshared, - libudev], + libshared], [threads, librt, libseccomp, @@ -88,8 +86,7 @@ tests += [ [['src/test/test-hostname.c'], [libcore, - libshared, - libudev], + libshared], [threads, librt, libseccomp, @@ -110,8 +107,7 @@ tests += [ [['src/test/test-unit-name.c'], [libcore, - libshared, - libudev], + libshared], [threads, librt, libseccomp, @@ -121,8 +117,7 @@ tests += [ [['src/test/test-unit-file.c'], [libcore, - libshared, - libudev], + libshared], [threads, librt, libseccomp, @@ -285,8 +280,7 @@ tests += [ [['src/test/test-namespace.c'], [libcore, - libshared, - libudev], + libshared], [threads, libblkid]], @@ -415,8 +409,7 @@ tests += [ [['src/test/test-firewall-util.c'], - [libfirewall, - libshared], + [libshared], [], 'HAVE_LIBIPTC'], @@ -461,8 +454,7 @@ tests += [ [['src/test/test-cgroup-mask.c'], [libcore, - libshared, - libudev], + libshared], [threads, librt, libseccomp, @@ -492,8 +484,7 @@ tests += [ [['src/test/test-path.c'], [libcore, - libshared, - libudev], + libshared], [threads, librt, libseccomp, @@ -503,8 +494,7 @@ tests += [ [['src/test/test-execute.c'], [libcore, - libshared, - libudev], + libshared], [threads, librt, libseccomp, @@ -532,8 +522,7 @@ tests += [ [['src/test/test-sched-prio.c'], [libcore, - libshared, - libudev], + libshared], [threads, librt, libseccomp, @@ -564,8 +553,7 @@ tests += [ []], [['src/test/test-libudev.c'], - [libshared, - libudev], + [libshared], []], [['src/test/test-udev.c'], @@ -615,8 +603,7 @@ tests += [ [['src/journal/test-journal-syslog.c'], [libjournal_core, - libshared, - libudev], + libshared], [threads, libxz, liblz4, @@ -818,8 +805,7 @@ tests += [ 'src/libsystemd-network/dhcp-internal.h', 'src/systemd/sd-dhcp-client.h'], [libshared, - libsystemd_network, - libudev], + libsystemd_network], []], [['src/libsystemd-network/test-dhcp-server.c'], @@ -855,8 +841,7 @@ tests += [ 'src/systemd/sd-dhcp6-client.h', 'src/systemd/sd-ndisc.h'], [libshared, - libsystemd_network, - libudev], + libsystemd_network], []], [['src/libsystemd-network/test-dhcp6-client.c', @@ -865,8 +850,7 @@ tests += [ 'src/libsystemd-network/dhcp6-internal.h', 'src/systemd/sd-dhcp6-client.h'], [libshared, - libsystemd_network, - libudev], + libsystemd_network], []], [['src/libsystemd-network/test-lldp.c'], @@ -889,7 +873,6 @@ tests += [ [['src/login/test-login-tables.c'], [liblogind_core, - libshared, - libudev], + libshared], [threads]], ] diff --git a/src/update-done/update-done.c b/src/update-done/update-done.c index d466e1b759..06e2d7b71b 100644 --- a/src/update-done/update-done.c +++ b/src/update-done/update-done.c @@ -17,8 +17,10 @@ along with systemd; If not, see <http://www.gnu.org/licenses/>. ***/ +#include "alloc-util.h" #include "fd-util.h" #include "fileio.h" +#include "fs-util.h" #include "io-util.h" #include "selinux-util.h" #include "util.h" @@ -36,6 +38,7 @@ static int apply_timestamp(const char *path, struct timespec *ts) { _cleanup_fclose_ FILE *f = NULL; int fd = -1; int r; + _cleanup_(unlink_and_freep) char *tmp = NULL; assert(path); assert(ts); @@ -50,20 +53,20 @@ static int apply_timestamp(const char *path, struct timespec *ts) { if (r < 0) return log_error_errno(r, "Failed to set SELinux context for %s: %m", path); - fd = open(path, O_CREAT|O_WRONLY|O_TRUNC|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW, 0644); + fd = open_tmpfile_linkable(path, O_WRONLY|O_CLOEXEC, &tmp); mac_selinux_create_file_clear(); if (fd < 0) { if (errno == EROFS) - return log_debug("Can't create timestamp file %s, file system is read-only.", path); + return log_debug("Can't create temporary timestamp file %s, file system is read-only.", tmp); - return log_error_errno(errno, "Failed to create/open timestamp file %s: %m", path); + return log_error_errno(errno, "Failed to create/open temporary timestamp file %s: %m", tmp); } f = fdopen(fd, "we"); if (!f) { safe_close(fd); - return log_error_errno(errno, "Failed to fdopen() timestamp file %s: %m", path); + return log_error_errno(errno, "Failed to fdopen() timestamp file %s: %m", tmp); } (void) fprintf(f, @@ -76,7 +79,15 @@ static int apply_timestamp(const char *path, struct timespec *ts) { return log_error_errno(r, "Failed to write timestamp file: %m"); if (futimens(fd, twice) < 0) - return log_error_errno(errno, "Failed to update timestamp on %s: %m", path); + return log_error_errno(errno, "Failed to update timestamp on %s: %m", tmp); + + /* fix permissions */ + (void) fchmod(fd, 0644); + r = link_tmpfile(fd, tmp, path); + if (r < 0) + return log_error_errno(r, "Failed to move \"%s\" to \"%s\": %m", tmp, path); + + tmp = mfree(tmp); return 0; } diff --git a/test/README.testsuite b/test/README.testsuite index fa7e73ce3a..58f67f50fd 100644 --- a/test/README.testsuite +++ b/test/README.testsuite @@ -3,7 +3,7 @@ subdirectories named "test/TEST-??-*", which are run one by one. To run the extended testsuite do the following: -$ make all +$ make all # Avoid the "sudo make" below building anything as root $ cd test $ sudo make clean check ... diff --git a/units/meson.build b/units/meson.build index 0cc5f8861a..9411891c7f 100644 --- a/units/meson.build +++ b/units/meson.build @@ -80,8 +80,8 @@ units = [ 'sockets.target.wants/'], ['systemd-initctl.socket', '', 'sockets.target.wants/'], - ['systemd-journal-gatewayd.socket', ''], - ['systemd-journal-remote.socket', ''], + ['systemd-journal-gatewayd.socket', 'ENABLE_REMOTE HAVE_MICROHTTPD'], + ['systemd-journal-remote.socket', 'ENABLE_REMOTE HAVE_MICROHTTPD'], ['systemd-journald-audit.socket', '', 'sockets.target.wants/'], ['systemd-journald-dev-log.socket', '', |