Age | Commit message (Collapse) | Author |
|
Otherwis, we get misleading error messages on links with MACs.
Reported by Leonid Isaev.
|
|
Introduced in abee28c56d.
Pointed-out-by: Werner Fink <werner@suse.de>
|
|
Without this, the underlying device would get freed (and hence
fail).
|
|
This patch adds peer address support for
networkd . In the [Address] a new configurable
param is Peer.
[Match]
Name=ipip-tun
[Address]
Address=10.0.0.1/32
Peer=10.0.0.2/32
|
|
Check that received DHCP packets actually include our MAC address in
chaddr field. BPF interpreter has 32 bit wide registers but MAC address
is 48 bits long so we have to do check in two steps.
|
|
|
|
This is useful to test the behaviour of the compressor for various buffer
sizes.
Time is limited to a minute per compression, since otherwise, when LZ4
takes more than a second which is necessary to reduce the noise, XZ
takes more than 10 minutes.
% build/test-compress-benchmark (without time limit)
XZ: compressed & decompressed 2535300963 bytes in 794.57s (3.04MiB/s), mean compresion 99.95%, skipped 3570 bytes
LZ4: compressed & decompressed 2535303543 bytes in 1.56s (1550.07MiB/s), mean compresion 99.60%, skipped 990 bytes
% build/test-compress-benchmark (with time limit)
XZ: compressed & decompressed 174321481 bytes in 60.02s (2.77MiB/s), mean compresion 99.76%, skipped 3570 bytes
LZ4: compressed & decompressed 2535303543 bytes in 1.63s (1480.83MiB/s), mean compresion 99.60%, skipped 990 bytes
It appears that there's a bug in lzma_end where it leaks 32 bytes.
|
|
Add liblz4 as an optional dependency when requested with --enable-lz4,
and use it in preference to liblzma for journal blob and coredump
compression. To retain backwards compatibility, XZ is used to
decompress old blobs.
Things will function correctly only with lz4-119.
Based on the benchmarks found on the web, lz4 seems to be the best
choice for "quick" compressors atm.
For pkg-config status, see http://code.google.com/p/lz4/issues/detail?id=135.
|
|
uncompress_startswith would always decode the whole stream, even
if it did not start with the given prefix.
Reallocation policy was also strange.
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=80685
|
|
|
|
Repotred by Ronny Chevalier
|
|
|
|
If client->lease is NULL, dhcp6_lease_clear_timers will cause a segmentation
fault.
|
|
(ephemeral) mode
Two modes are supported: --volatile=yes mounts only /usr into the
container, and a tmpfs as root directory. --volatile=state mounts the
full OS tree in, but overmounts /var with a tmpfs.
--volatile=yes hence boots with an unpopulated /etc and /var, starting
with pristine configuration and state.
--volatile=state hence boots with an unpopulated /var, only starting
with pristine state.
|
|
Previously, we checked whether /etc was completely empty. This makes it
difficult though for container managers such as nspawn to install a
small number of files (such as /etc/timezone), and have the system
otherwise populate its own tree.
Hence, change this by looking for /etc/machine-id, which should be a
good sign whether /etc is populated or not.
|
|
When doing a NEWADDR, the reply we get back is the NEWADDR itself, rather
than just an empty ack (unlike how NEWLINK works). For this reason, the
process that did the NEWADDR does not get the broadcast message.
We were only listening for broadcast messages, and hence not tracking the
addresses we added ourselves. This went unnoticed as the kernel will usually
send NEWADDR messages from time to time anyway, so things would mostly work,
but in the worst case we would not notice that a routable address was available
and consider ourselves offline.
|
|
|
|
the only correct name appears to be "crisv32"...
http://lists.freedesktop.org/archives/systemd-devel/2014-July/020899.html
|
|
|
|
|
|
|
|
|
|
set up
|
|
|
|
|
|
I don't have suitable hardware at hand, so this is based
on debian documentation:
https://wiki.debian.org/ArmEabiPort#GCC_preprocessor_macros_for_floating_point
|
|
|
|
|
|
|
|
This is really just about library locations, hence clarify that we don't
assume this to be anything but that.
|
|
We should follow the naming scheme waitid() uses, not come up with our
own reversed one...
|
|
|
|
|
|
THis way we can remove cgroup priviliges after setup, but get them back
for the next restart, as we need it.
|
|
When a machine is registered in machined with CreateMachine it is OK to
kill the machine when it is terminated, but when an existing unit is
simply registered via RegisterMachine we shouldn't do that, as the unit
is controlled by somebody else.
|
|
This does the inverse of RestartPreventExitStatus=: it forces a restart
of a service when a certain exit status is returned by a service
process.
|
|
Susant says:
> ip tuntap turns this off by default.
Let's follow ip(8) here as that should be the least surprising.
|
|
The group argument is a union. We need to
pass the correct type
|
|
|
|
|
|
It had a bug in the typing, fix that and also make it save the address family so we
can print proper error messages.
|
|
This patch introduces TUN/TAP device creation support
to networkd.
Example conf to create a tap device:
file: tap.netdev
------------------
[NetDev]
Name=tap-test
Kind=tap
[Tap]
OneQueue=true
MultiQueue=true
PacketInfo=true
User=sus
Group=sus
------------------
Test:
1. output of ip link
tap-test: tap pi one_queue UNKNOWN_FLAGS:900 user 1000 group 1000
id:
uid=1000(sus) gid=10(wheel) groups=10(wheel),1000(sus)
context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
Modifications:
Added:
1. file networkd-tuntap.c
3. netdev kind NETDEV_KIND_TUN and NETDEV_KIND_TAP
2. Tun and Tap Sections and config params to parse
conf and gperf conf parameters
[tomegun: tweak the 'kind' checking for received ifindex]
|
|
|
|
We should never call them again, so make sure they are cleaned up correctly.
|
|
Keeping the refcounting next to the sd_bus_call_async() makes it easier to check.
|
|
|
|
|
|
|
|
systemctl -H root@foobar:waldi
will now show a list of services running on container "waldi" on host
"foobar", using "root" for authenticating at "foobar".
Since entereing a container requires priviliges, this will only work
correctly for root logins.
|