Age | Commit message (Collapse) | Author |
|
test: fix failing test-socket-util when running with ipv6.disable=1 kernel param
|
|
networkd: link - drop foreign config when configuring link
|
|
@evverx brought up that test-execute runs under MANAGER_USER which
forwards all its environment variables to the services. It turns out it
only forwards those that were in the environment at the time of manager
creation, so this test was still working.
It was still possible to attack it by running something like:
$ sudo VAR1=a VAR2=b VAR3=c ./test-execute
Prevent that attack by unsetting the three variables explicitly before
creating the manager for the test case.
Also add comments explaining the interactions with MANAGER_USER and,
while it has some caveats, this tests are still valid in that context.
Tested by checking that the test running with the variables set from the
external environment will still pass.
|
|
Check the base case, plus erasing the list, listing the same variable
name more than once and when variables are absent from the manager
execution environment.
Confirmed that `sudo ./test-execute` passes and that modifying the test
cases (or the values of the set variables in test-execute.c) is enough
to make the test cases fail.
|
|
|
|
This directive allows passing environment variables from the system
manager to spawned services. Variables in the system manager can be set
inside a container by passing `--set-env=...` options to systemd-spawn.
Tested with an on-disk test.service unit. Tested using multiple variable
names on a single line, with an empty setting to clear the current list
of variables, with non-existing variables.
Tested using `systemd-run -p PassEnvironment=VARNAME` to confirm it
works with transient units.
Confirmed that `systemctl show` will display the PassEnvironment
settings.
Checked that man pages are generated correctly.
No regressions in `make check`.
|
|
The ability to use inet_pton(AF_INET6, ...) doesn't depend on kernel
ipv6 support (inet_pton is a pure libc function), so make ipv6 address
parsing tests unconditional.
|
|
This is a change in behavior:
Before we would never remove any state, only add to it, we now drop unwanted
state from any link the moment we start managing it.
Note however, that we still will not remove any foreign state added at runtime,
to avoid any feedback loops. However, we make no guarantees about coexisting
with third-party tools that change the state of the links we manage.
|
|
|
|
This is managed by the kernel, but we should track whether or not we have
a configured IPv6LL address. This fixes two issues:
- we now wait for IPv6LL before considering the link ready
- we now wait for IPv6LL before attempting to do NDisc or DHCPv6
these protocols relies on an LL address being available.
|
|
Router Discovery is a core part of IPv6, which by default is handled by the kernel.
However, the kernel implementation is meant as a fall-back, and to fully support
the protocol a userspace implementation is desired.
The protocol essentially listens for Router Advertisement packets from routers
on the local link and use these to configure the client automatically. The four
main pieces of information are: what kind (if any) of DHCPv6 configuration should
be performed; a default gateway; the prefixes that should be considered to be on
the local link; and the prefixes with which we can preform SLAAC in order to pick
a global IPv6 address.
A lot of additional information is also available, which we do not yet fully
support, but which will eventually allow us to avoid the need for DHCPv6 in the
common case.
Short-term, the reason for wanting this is in userspace was the desire to fully
track all the addresses on links we manage, and that is not possible for addresses
managed by the kernel (as the kernel does not expose to us the fact that it
manages these addresses). Moreover, we would like to support stable privacy
addresses, which will soon be mandated and the legacy MAC-based global addresses
deprecated, to do this well we need to handle the generation in userspace. Lastly,
more long-term we wish to support more RA options than what the kernel exposes.
|
|
The previous behavior:
When DHCPv6 was enabled, router discover was performed first, and then DHCPv6 was
enabled only if the relevant flags were passed in the Router Advertisement message.
Moreover, router discovery was performed even if AcceptRouterAdvertisements=false,
moreover, even if router advertisements were accepted (by the kernel) the flags
indicating that DHCPv6 should be performed were ignored.
New behavior:
If RouterAdvertisements are accepted, and either no routers are found, or an
advertisement is received indicating DHCPv6 should be performed, the DHCPv6
client is started. Moreover, the DHCP option now truly enables the DHCPv6
client regardless of router discovery (though it will probably not be
very useful to get a lease withotu any routes, this seems the more consistent
approach).
The recommended default setting should be to set DHCP=ipv4 and to leave
IPv6AcceptRouterAdvertisements unset.
|
|
Enabling address acquisition, configuring the client and starting the client are now
split out. This to better handle the client being repeatedly enabled due to router
advertisements.
|
|
As the data passed is very different, we introduce four different callbacks:
- Generic - router discovery timed out or state machine stopped
- Router - router and link configuration received
- Prefix onlink - configuration for an onlink prefix received
- Prefix autonomous - configuration for to configure a SLAAC address for a prefix received
|
|
Also, stop the state machine when we get into a broken state, rather than just notify the user.
|
|
|
|
This way we do not rely on the size MAX* constants from the kernel headers, as these will
be out-of-sync in case we have old headers and new defines in missing.h.
|
|
|
|
|
|
Instead instantiate the kernel flags to TENTATIVE until the kernel
updates us with the real value.
|
|
|
|
|
|
Of course, ideally we'd just use normal synchronous bus calls, but this
is out of the question as long as we rely on dbus-daemon (which logs to
journald, and thus cannot use to avoid cyclic sync loops). Hence,
instead, reuse the wait logic already implemented for --sync, and use a
signal in one direction, and a mtime watch file for the reply.
|
|
With this new "--sync" switch we add a synchronous way to sync
everything queued to disk, and return only after that's complete. This
command gives the guarantee that anything queued before has hit the disk
before the command returns.
While we are at it, also improve the man pages and help text for
journalctl a bit.
|
|
main()
To avoid confusion as outlined in #1845.
|
|
actually enabled
Otherwise we might end up mistaking a SMACK label for an selinux label.
Also, fixes unexpect debug messages:
http://lists.freedesktop.org/archives/systemd-devel/2015-November/034913.html
|
|
This reverts commit 6a32563caa883bd11da1b255c38358e481c42ad7.
|
|
Motivated by https://github.com/systemd/systemd/issues/1829 where negative
numbers were mis-handled on 32 bit platforms by safe_atou*().
|
|
variety of fixes
|
|
systemctl: fix cancel
|
|
Remove snapshot unit type
|
|
network: port to extract_first_word
|
|
|
|
Snapshots were never useful or used for anything. Many systemd
developers that I spoke to at systemd.conf2015, didn't even know they
existed, so it is fairly safe to assume that this type can be deleted
without harm.
The fundamental problem with snapshots is that the state of the system
is dynamic, devices come and go, users log in and out, timers fire...
and restoring all units to some state from the past would "undo"
those changes, which isn't really possible.
Tested by creating a snapshot, running the new binary, and checking
that the transition did not cause errors, and the snapshot is gone,
and snapshots cannot be created anymore.
New systemctl says:
Unknown operation snapshot.
Old systemctl says:
Failed to create snapshot: Support for snapshots has been removed.
IgnoreOnSnaphost settings are warned about and ignored:
Support for option IgnoreOnSnapshot= has been removed and it is ignored
http://lists.freedesktop.org/archives/systemd-devel/2015-November/034872.html
|
|
http://www.freedesktop.org/software/systemd/man/systemctl.html#cancel%20JOB...
> If no job ID is specified, cancel all pending jobs
|
|
If quota is not enabled on a btrfs file system, accept that, and only
log a debug message, but do not consider this a reason for failure.
Fixes: #1809
|
|
When quota is disabled there's no quota tree on the fs, which results in
the SEARCH ioctl to return ENOENT. Handle this nicely: treat this the
same way as the case where the quota tree is around but doesn't carry
the searched for fields.
|
|
The event might be flagged with stuff we don't expect, hence don't
be needlessly picky, just rely on the kernel passing us sensible events.
|
|
We can't handle errors of thisc all sanely anyway, and we never actually
return any errors from the unit type that implements the call. Hence,
let's make this void, in order to simplify things.
|
|
|
|
We cannot handle enumeration failures in a sensible way, hence let's try
hard to continue without making such failures fatal, and log about it
with precise error messages.
|
|
This is pretty much a work-around for a security vulnerability in
kernels that allow unprivileged user namespaces.
Fixes #1822.
|
|
Lots of small fixes
|
|
core: unit deps port to extract_first_word
|
|
More refactorings in extract_first_word
|
|
core: still make progress when throttling the manager loop
|
|
|
|
|
|
|
|
x86-32
strtoull() doesn't make it particularly easy to detect passed-in
negative numbers, as it silently converts them to positive ones without
generating any error. Since we are not interested in negative values we
should hence explicitly filter them out by looking at the string
directly and returning ERANGE if we see a leading "-".
Fixes: #1829
|