| Age | Commit message (Collapse) | Author |
|---|
|
networkd: replace parse prefix with generic in_addr_prefix_from_string
|
|
Meson status and conditional simplification
|
|
Using conf.set() with a boolean argument does the right thing:
either #ifdef or #undef. This means that conf.set can be used unconditionally.
Previously I used '1' as the placeholder value, and that needs to be changed to
'true' for consistency (under meson 1 cannot be used in boolean context). All
checks need to be adjusted.
|
|
Bridge port priority in the kernel can only be between 0 and 63. Therefore
reject values above maximum.
Fixes: #5729
|
|
netdev to bond.
There are situations where a link can be in an "UP" state when
systemd-networkd attempts to add the link to a bond device.
This is a problem because the bonding driver will refuse to
enslave a link if it is in the "UP" state.
This check ensures systemd-networkd sets the link to "DOWN"
before attempting to add the link to the bond.
Fixes #5838.
|
|
|
|
networkd / sd-netlink: add support for address label
|
|
|
|
|
|
The only place where libiptc is needed is in libfirewall, which already
takes care of linking against libiptc.
|
|
|
|
IPv6 address labels are used for address selection; they are described in RFC 3484.
Precedence is managed by userspace, and only the label itself is stored in the kernel.
enp0s25.network
[Match]
Name=enp0s25
[Network]
DHCP=yes
Address = 2001:db8:f00:baa::b
[AddressLabel]
Label=199
Prefix=2001:db8:41::/64
[AddressLabel]
Label=11
Prefix=2001:db8:31::/64
[AddressLabel]
Label=123
Prefix=2001:db8:21::/64
[AddressLabel]
Label=124
Prefix=2001:db8:11::/64
[sus@maximus label]$ ip addrlabel list
prefix ::1/128 label 0
prefix ::/96 label 3
prefix ::ffff:0.0.0.0/96 label 4
prefix 2001:db8:41::/64 dev enp0s25 label 199
prefix 2001:db8:31::/64 dev enp0s25 label 11
prefix 2001:db8:21::/64 dev enp0s25 label 123
prefix 2001:db8:11::/64 dev enp0s25 label 124
prefix 2001::/32 label 6
prefix 2001:10::/28 label 7
prefix 3ffe::/16 label 12
prefix 2002::/16 label 2
prefix fec0::/10 label 11
prefix fc00::/7 label 5
prefix ::/0 label 1
|
|
config_parser: add util function config_parse_uint8
|
|
```
[107/1793] Compiling c object 'src/basic/basic@sta/log.c.o'
In file included from ../src/basic/log.c:44:0:
../src/basic/missing.h:762:6: warning: "HAVE_DECL_IFLA_GENEVE_LABEL" is not defined, evaluates to 0 [-Wundef]
^~~~~~~~~~~~~~~~~~~~~~~~~~~
[108/1793] Compiling c object 'src/basic/basic@sta/path-util.c.o'
In file included from ../src/basic/path-util.c:40:0:
../src/basic/missing.h:762:6: warning: "HAVE_DECL_IFLA_GENEVE_LABEL" is not defined, evaluates to 0 [-Wundef]
^~~~~~~~~~~~~~~~~~~~~~~~~~~
```
|
|
Probaly this happened during rebase.
|
|
|
|
meson: build systemd using meson
|
|
networkd: Introduce geneve GEneric NEtwork Virtualization Encapsulation
|
|
The work supports route preference configurable.
i.e. able to set low, medium and high.
|
|
This work enables cration of geneve tunnel
|
|
The indentation for emacs'es meson-mode is added .dir-locals.
All files are reindented automatically, using the lasest meson-mode from git.
Indentation should now be fairly consistent.
|
|
This simplifies things and leads to a smaller installation footprint.
libsystemd_internal and libsystemd_journal_internal are linked into
libystemd-shared and available to all programs linked to libsystemd-shared.
libsystemd_journal_internal is not needed anymore, and libsystemd-shared
is used everwhere. The few exceptions are: libsystemd.so, test-engine,
test-bus-error, and various loadable modules.
|
|
... including pkla installation on Debian.
v2:
- fix polkit-gobject-1 pkgconfig name
|
|
The tests are included under the conditional too, instead of specifying
'ENABLE_NETWORKD' in the test definition array, because libnetworkd_core
dependency is undefined if networkd is disabled.
|
|
With mesonbuid/meson#1545, meson does not propagate deps of a library
when linking with that library. That's of course the right thing to do,
but it exposes a bunch of missing deps.
This compiles with both meson-0.39.1 and meson-git + pr/1545.
|
|
Tests can be run with 'ninja-build test' or using 'mesontest'.
'-Dtests=unsafe' can be used to include the "unsafe" tests in the
test suite, same as with autotools.
v2:
- use more conf.get guards are optional components
- declare deps on generated headers for test-{af,arphrd,cap}-list
v3:
- define environment for tests
Most test don't need this, but to be consistent with autotools-based build, and
to avoid questions which tests need it and which don't, set the same environment
for all tests.
v4:
- rework test generation
Use a list of lists to define each test. This way we can reduce the
boilerplate somewhat, although the test listings are still pretty verbose. We
can also move the definitions of the tests to the subdirs. Unfortunately some
subdirs are included earlier than some of the libraries that test binaries
are linked to. So just dump all definitions of all tests that cannot be
defined earlier into src/test. The `executable` definitions are still at the
top level, so the binaries are compiled into the build root.
v5:
- tag test-dnssec-complex as manual
v6:
- fix HAVE_LIBZ typo
- add missing libgobject/libgio defs
- mark test-qcow2 as manual
|
|
It's crucial that we can build systemd using VS2010!
... er, wait, no, that's not the official reason. We need to shed old systems
by requring python 3! Oh, no, it's something else. Maybe we need to throw out
345 years of knowlege accumulated in autotools? Whatever, this new thing is
cool and shiny, let's use it.
This is not complete, I'm throwing it out here for your amusement and critique.
- rules for sd-boot are missing. Those might be quite complicated.
- rules for tests are missing too. Those are probably quite simple and
repetitive, but there's lots of them.
- it's likely that I didn't get all the conditions right, I only tested "full"
compilation where most deps are provided and nothing is disabled.
- busname.target and all .busname units are skipped on purpose.
Otherwise, installation into $DESTDIR has the same list of files and the
autoconf install, except for .la files.
It'd be great if people had a careful look at all the library linking options.
I added stuff until things compiled, and in the end there's much less linking
then in the old system. But it seems that there's still a lot of unnecessary
deps.
meson has a `shared_module` statement, which sounds like something appropriate
for our nss and pam modules. Unfortunately, I couldn't get it to work. For the
nss modules, we need an .so version of '2', but `shared_module` disallows the
version argument. For the pam module, it also didn't work, I forgot the reason.
The handling of .m4 and .in and .m4.in files is rather awkward. It's likely
that this could be simplified. If make support is ever dropped, I think it'd
make sense to switch to a different templating system so that two different
languages and not required, which would make everything simpler yet.
v2:
- use get_pkgconfig_variable
- use sh not bash
- use add_project_arguments
v3:
- drop required:true and fix progs/prog typo
v4:
- use find_library('bz2')
- add TTY_GID definition
- define __SANE_USERSPACE_TYPES__
- use join_paths(prefix, ...) is used on all paths to make them all absolute
v5:
- replace all declare_dependency's with []
- add more conf.get guards around optional components
v6:
- drop -pipe, -Wall which are the default in meson
- use compiler.has_function() and compiler.has_header_symbol instead of the
hand-rolled checks.
- fix duplication in 'liblibsystemd' library name
- use the right .sym file for pam_systemd
- rename 'compiler' to 'cc': shorter, and more idiomatic.
v7:
- use ENABLE_ENVIRONMENT_D not HAVE_ENVIRONMENT_D
- rename prefix to prefixdir, rootprefix to rootprefixdir
("prefix" is too common of a name and too easy to overwrite by mistake)
- wrap more stuff with conf.get('ENABLE...') == 1
- use rootprefix=='/' and rootbindir as install_dir, to fix paths under
split-usr==true.
v8:
- use .split() also for src/coredump. Now everything is consistent ;)
- add rootlibdir option and use it on the libraries that require it
v9:
- indentation
v10:
- fix check for qrencode and libaudit
v11:
- unify handling of executable paths, provide options for all progs
This makes the meson build behave slightly differently than the
autoconf-based one, because we always first try to find the executable in the
filesystem, and fall back to the default. I think different handling of
loadkeys, setfont, and telinit was just a historical accident.
In addition to checking in $PATH, also check /usr/sbin/, /sbin for programs.
In Fedora $PATH includes /usr/sbin, (and /sbin is is a symlink to /usr/sbin),
but in Debian, those directories are not included in the path.
C.f. https://github.com/mesonbuild/meson/issues/1576.
- call all the options 'xxx-path' for clarity.
- sort man/rules/meson.build properly so it's stable
|
|
This work based on Tom's original patch
teg@1312172
By setting GatewayOnlink=yes, the kernel will assume that the gateway is onlink
even if there is no route to it.
Resolves issue #1283.
|
|
Add support to configure GVRP.
Closes #5760
|
|
Fixes wrong indent introduced by the commit 43688c49d1fdb585196d94e2e30bb29755fa591b.
|
|
Allow setting bridge port priority in the Bridge section of the network file,
similar to e.g. port path cost setting.
Set the default to an invalid value of 128, and only set the port priority when
it's not 128. Unlike e.g. path cost, zero is a valid priority value.
Add a networkd-test.py to check that bridge port priority is correctly set.
Incidently, fix bridge port cost type and document valid ranges.
|
|
conflict
If a conflict occurs on a claimed ipv4ll address, the device releases
the address and then does not attempt to acquire a new ipv4ll
address. According to RFC3927, releasing the address in this
situation is correct. However, this should be followed by an attempt
to configure a new ipv4ll address.
This commit restarts the ipv4ll address acquisition state machine
after releasing the conflicting address.
From RFC3927 Section 2.5 conflict defense method (b):
...
However, if this is not the first conflicting ARP packet the host has
seen, and the time recorded for the previous conflicting ARP packet is
recent, within DEFEND_INTERVAL seconds, then the host MUST immediately
cease using this address and configure a new IPv4 Link-Local address
as described above.
...
Signed-off-by: Jason Reeder <jasonreeder@gmail.com>
|
|
Previously, `lifetime_valid` of a Router Advertisement was not handled
the way RFC4862 has specified.
In particular: Sections 5.5.3.d and 5.5.3.e
|
|
networkd: vxlan support setting IPv6 flow label
|
|
fixes: #5664
|
|
This work adds support for setting the IPv6 flow label for vxlan.
vxlan.netdev
NetDev]
Description=vxlan-test
Name=vxlan1
Kind=vxlan
[VXLAN]
Id=33
Local=2405:204:920b:29ac:7e7a:91ff:fe6d:ffe2
Remote=FF02:0:0:0:0:0:1:9
FlowLabel=104
ip -d link show vxlan1
8: vxlan1: <BROADCAST,MULTICAST> mtu 1430 qdisc noop state DOWN mode DEFAULT group default qlen 1000
link/ether be:83:aa:db:6b:cb brd ff:ff:ff:ff:ff:ff promiscuity 0
vxlan id 33 group ff02::1:9 local 2405:204:920b:29ac:7e7a:91ff:fe6d:ffe2 dev enp0s25 srcport 0 0 dstport 8472 flowlabel 0x68 ageing 300 noudpcsum noudp6zerocsumtx noudp6zerocsumrx addrgenmode eui64 numtxqueues 1 numrxqueues 1
|
|
socket-util: introduce address_label_valid
|
|
networkd: add symlinks for Makefile (netdev and wait-online) , vxlan enhancements.
|
|
|
|
GRE6 and IP6TNL address should be a IPv6.
fix :
```
Assertion 't->family == AF_INET6' failed at src/network/netdev/tunnel.c:170,
function netdev_ip6gre_fill_message_create(). Aborting.
```
|
|
|
|
This patch add supports to configure IFLA_VXLAN_LOCAL
and IFLA_VXLAN_GROUP.
The "Group" is renamed to "Remote" which is a multicast address.`
```
Description=vxlan-test
Name=vxlan1
Kind=vxlan
[VXLAN]
Id=33
Local=2001:db8:2f4:4bff:fa71:1a56
Remote=FF02:0:0:0:0:0:1:9
```
output
```
ip -d link show vxlan1
16: vxlan1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1430 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/ether fe:b4:97:03:f8:e5 brd ff:ff:ff:ff:ff:ff promiscuity 0
vxlan id 33 group ff02::1:9 local 2001:db8:02f4:4bff:fa71:1a56 dev enp0s3 srcport 0 0 dstport 8472 ageing 300 noudpcsum noudp6zerocsumtx noudp6zerocsumrx addrgenmode none numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535
```
|
|
We not looking for hashmap_put return error code.
|
|
fd45e52 sets
n to NULL which leads to crash.
fixes: #5418
|
|
section_line and filename should be set together or not at all. Change the
if to test filename, since it's the first of the pair and it seems more natural
to test that.
|
|
The code was not incorrect previously, but I think it's easier to follow the
ownership (and the code is more likely to remain correct when updated later on),
if freeing of NetworkConfigSection* is immediately made the responsibility of
route_free(), so instead of relying on route_free() not freeing ->section
if adding to the network hashmap failed, make this freeing unconditional.
|
|
Now we track the sections for example [Address] via line number.
Which was fine till we din't had dropins dir. If we have multiple
sections which have the ideantical line number in diffrent files
we are overwriting these since line number is the key.
This patch fixes this by taking filename and line number as key.
This fixes [Address] and [Route] section overwriting.
fixes: #5141
|
|
IPv6 Neighbor discovery proxy is the IPv6 equivalent to proxy ARP for IPv4.
It is required when ISPs do not unconditional route IPv6 subnets
to their designated target, but expect neighbor solicitation messages
for every address on a link.
A variable IPv6ProxyNDPAddress= is introduced to the [Network] section,
each representing a IPv6 neighbour proxy entry in the neighbour table.
|
|
IFA_LABEL does not need much of a validation except the length
that is IFNAMSIZ as seen from kernel code.
|
|
RDNSS and DNSLL options received in RA are always used, possibly breaking the resolution of private domains hosted on a local DNS server. When setting UseDNS=no in a [IPv6AcceptRA] section of a .network file, both RDNSS and DNSLL options in received RA should be ignored.
Fixes: #5040
|
