1
0
mirror of https://github.com/systemd/systemd.git synced 2024-10-31 16:21:26 +03:00
Commit Graph

1907 Commits

Author SHA1 Message Date
Luca Boccassi
95457dc13c
Merge pull request #18302 from bluca/mount_image_runtime
systemctl/core: add DBUS method to mount images without service restart
2021-01-22 17:49:11 +00:00
Luca Boccassi
6faecbd353 systemctl: add new option to mount image inside a running service namespace
Use the new DBUS method and follow the same pattern as the
systemctl bind command.
2021-01-21 19:08:40 +00:00
Dan Streetman
a853652ae9 save link activation policy to state file and display in networkctl 2021-01-21 12:05:17 -05:00
Dan Streetman
2236d75df9 test: add ActivationPolicy= unit tests 2021-01-21 12:05:17 -05:00
Dan Streetman
61135582e0 network: add ActivationPolicy= configuration parameter
This parameter allows configuring the activation policy for an interface,
meaning how it manages the interface's administrative state (IFF_UP flag).
The policy can be configured to bring the interface either up or down when
the interface is (re)configured, to always force the interface either up or
down, or to never change the interface administrative state.

If the interface is bound with BindCarrier=, its administrative state is
controlled by the interface(s) it's bound to, and this parameter is forced
to 'bound'.

This changes the default behavior of how systemd-networkd sets the IFF_UP
flag; previously, it was set up (if not already up) every time the
link_joined() function was called. Now, with the default ActivationPolicy=
setting of 'up', it will only set the IFF_UP flag once, the first time
link_joined() is called, during an interface's configuration; and on
the first link_joined() call each time the interface is reconfigured.

Fixes: #3031
Fixes: #17437
2021-01-21 11:49:43 -05:00
Zbigniew Jędrzejewski-Szmek
6eab0c6dba Revert "test-functions: make sure we test our own libudev instead of the host libudev"
This reverts commit 73484ecff9.

3976f372ae moved libudev.so to be built in the
main directory, so this addition to $LD_LIBRARY_PATH is now obsolete.

After that commit, we build the following shared libraries:

build/libnss_myhostname.so.2
build/libnss_mymachines.so.2
build/libnss_resolve.so.2
build/libnss_systemd.so.2
build/libsystemd.so.0.30.0
build/libudev.so.1.7.0
build/pam_systemd.so
build/pam_systemd_home.so
build/src/boot/efi/stub.so
build/src/boot/efi/systemd_boot.so
build/src/shared/libsystemd-shared-247.so

EFI stubs don't matter, and libsystemd-shared-nnn.so is loaded through rpath,
and is doesn't need to and shouldn't be in $LD_LIBRARY_PATH. In effect, we only
ever need to add the main build directory to the search path.
2021-01-20 14:04:52 +09:00
Lennart Poettering
b5e0c17654 test: improve a log message while building test images 2021-01-19 13:41:42 +01:00
Yu Watanabe
7e2757c42f
Merge pull request #18038 from yuwata/meson-split
meson: various cleanups
2021-01-19 12:22:34 +09:00
Yu Watanabe
4c6dd238b8
Merge pull request #18267 from lucaswerkmeister/truncate
Two StandardOutput=truncate:file improvements
2021-01-19 08:47:39 +09:00
Yu Watanabe
a79e17234d meson.build: drop unused variable 2021-01-19 07:04:19 +09:00
Yu Watanabe
0703d2f6c4 test: move test-systemd-tmpfiles.py from src/test to test
As the other test scripts, e.g. test-sysusers.sh, are located under
test rather than src/test.
2021-01-19 07:04:19 +09:00
Luca Boccassi
fa7a3cd00e test: run strace with -f and copy log out 2021-01-18 17:24:05 +00:00
Luca Boccassi
a9d34376e6 test: skip missing optional libraries in image install
Not all optional libraries might be available on developers machines,
so log and skip.
Also some pkg-config files are broken (eg: tss2 on Debian Stable) so
skip if the required variables are missing, and improve logs.
2021-01-18 17:24:05 +00:00
Luca Boccassi
5e8deb94c6 core: add DBUS method to bind mount new nodes without service restart
Allow to setup new bind mounts for a service at runtime (via either
DBUS or a new 'systemctl bind' verb) with a new helper that forks into
the unit's mount namespace.
Add a new integration test to cover this.

Useful for zero-downtime addition to services that are running inside
mount namespaces, especially when using RootImage/RootDirectory.

If a service runs with a read-only root, a tmpfs is added on /run
to ensure we can create the airlock directory for incoming mounts
under /run/host/incoming.
2021-01-18 17:24:05 +00:00
Luca Boccassi
98f654fdea machine: enter target PID namespace when adding a live mount
machinectl fails since 21935150a0 as it's now
mounting onto a file descriptor in a target namespace, without joining the
target's PID namespace.
Note that it's not enough to setns CLONE_NEWPID, but a double-fork is required
as well, as implemented by namespace_fork().

Add a test case to TEST-13-NSPAWN to cover this use case.
2021-01-18 17:24:05 +00:00
Yu Watanabe
f9ead1a2f4
Merge pull request #18230 from ssahani/macvlan-bcqueuelen
network: macvlan - add support to configure rx queue for broadcast / multicast
2021-01-17 20:05:22 +09:00
Lennart Poettering
3dc536e0c5
Merge pull request #17576 from gportay/veritysetup-add-support-for-dm-verity-flags
veritysetup: add support for veritytab
2021-01-17 11:18:25 +01:00
Susant Sahani
dca0a4e131 network: macvlan - add support to configure rx queue for broadcast/multicast 2021-01-17 08:39:28 +01:00
Lucas Werkmeister
58b65c6d6d test: fix exec-standardoutput-truncate test
The cmp in ExecStartPost= was actually failing – ExecStartPost= has the
same StandardOutput as the rest of the service, so the output file is
truncated before cmp can compare it with the expected output – but the
test still passed because test_exec_standardoutput_truncate() calls
test(), which only checks the main result, rather than test_service(),
which checks the result of the whole service. Fix the test by merging
the ExecStartPost= into the ExecStart= – the cmp has to be part of the
same command line as the cat so that the file is not truncated between
the two processes.
2021-01-15 20:22:29 +01:00
Lucas Werkmeister
8d7dab1fda Add truncate: to StandardOutput= etc.
This adds the ability to specify truncate:PATH for StandardOutput= and
StandardError=, similar to the existing append:PATH. The code is mostly
copied from the related append: code. Fixes #8983.
2021-01-15 09:54:50 +01:00
Gaël PORTAY
0141102f10 veritysetup-generator: add support for verity root options
This adds support for a new kernel root verity command line option
"verity_root_options=" which controls the behaviour of dm-verity by
forwarding options directly to systemd-veritysetup.

See `veritysetup(8)` for more details.
2021-01-14 19:41:41 -05:00
Lennart Poettering
ce0079d75e
Merge pull request #18227 from yuwata/network-dhcp6-pd-manage-temporary-address
network: introduce ManageTemporaryAddress= setting in [DHCPv6PrefixDelegation] section
2021-01-13 21:52:44 +01:00
Yu Watanabe
cb2ae9f8b9
Merge pull request #18170 from OnkelUlla/udev_introduce_TxQueueLen=_setting
udev: introduce TxQueueLength= setting
2021-01-14 00:19:29 +09:00
Yu Watanabe
fec1b650ad network: introduce ManageTemporaryAddress= setting in [DHCPv6PrefixDelegation] section
The setting is enabled by default, as NDisc also enabled the flag by
default.

Closes #18208.
2021-01-14 00:17:05 +09:00
Ulrich Ölmann
ef4a91a7e8 udev: introduce TxQueueLength= setting
Enable udev to set the transmit queue length of a device via a new directive to
be used in link files. The kernel stores this parameter as an unsigned 32 bit
integer. As typical values currently range in the order of 10 to a few 10,000
packets reduce the domain of valid values for this directive to 0..4294967294
and take the excluded 4294967295 == UINT32_MAX to indicate that the directive
is unset.
2021-01-13 06:41:06 +01:00
Lennart Poettering
1cf96f68db test: add a test that ensures we don't regress on "argument" field handling in tmpfiles.d
Let's make sure what is now documented as fix for #17740 is not
accidentally changed anymore.
2021-01-12 22:00:35 +01:00
Yu Watanabe
048be097d2
Merge pull request #18157 from ssahani/vlan-qos
network: Allow to configure VLan egress qos maps
2021-01-13 05:42:53 +09:00
Yu Watanabe
7c5869530c
Merge pull request #17628 from ssahani/network-gso
udev: Add support to configure Generic Segment Offload
2021-01-13 05:42:23 +09:00
Karel Zak
4fcc033b54 udev-builtin-blkid: add support for --hint offsets
The next libblkid v2.37 is going to support session offsets for
multi-session CD/DVDs. This feature is implemented by "hint offsets".

These offsets are optional and prober specific (e.g., iso, udf, ...).
For this purpose, the library provides a new function
blkid_probe_set_hint(), and blkid(8) provides a new command-line
option --hint <name>=<offset>. For CD/DVD, the offset name is
"session_offset".

The difference between classic --offset and the new --hint is that
--offset is very restrictive and defines the probing area and the rest
of the device is invisible to the library. The new --hint works
like a suggestion, it provides a hint where the user assumes the
filesystem, but the rest of the device is still readable for the
library (for example, to get some additional superblock information
etc.).

If the --hint is without a value then it defaults to zero.

The option --hint implementation in udev-builtin-blkid.c is backwardly
compatible. If compiled against old libblkid, then the option is used in
the same way as --offset.

Addresses: https://github.com/karelzak/util-linux/issues/1161
Addresses: https://github.com/systemd/systemd/pull/17424
2021-01-13 00:58:43 +09:00
Susant Sahani
1e270127de link: Add support to configure Generic Segment Offload 2021-01-12 15:19:23 +01:00
Susant Sahani
ea07086285 network: Allow to configure VLan egress qos maps 2021-01-12 14:31:03 +01:00
Susant Sahani
0d9b8913e2 network: Allow to configure VLan egress qos maps 2021-01-12 14:30:56 +01:00
Yu Watanabe
1536b7b2d0 network: introduce new UseAddress= setting in [DHCPv6] section
If it is disabled, then the addresses provided by the DHCPv6 server will
be ignored.

Closes #18203.
2021-01-12 14:19:03 +09:00
Zbigniew Jędrzejewski-Szmek
a412ec5714 meson: fix git ls-files invocations during rebase
Normally ls-files prints the full path to files from the repo root. But when
$GIT_WORK_TREE is set, ls-files prints paths relative to the current
directory. When rebasing, $GIT_WORK_TREE is set in the commands executed from
'rebase -x'. This causes problems if meson config is touched and the meson
reconfigures itself. ($GIT_WORK_TREE shouldn't be relevant, since the paths that
ls-files reports don't depend on the work tree, but whatever.) Let's unset
GIT_WORK_TREE to avoid the issue.

$ (cd test; git --git-dir=$PWD/../.git ls-files ':/test/dmidecode-dumps/*.bin')
test/dmidecode-dumps/HP-Z600.bin
test/dmidecode-dumps/Lenovo-ThinkPad-X280.bin
test/dmidecode-dumps/Lenovo-Thinkcentre-m720s.bin

$ (cd test; GIT_WORK_TREE=$PWD/.. git --git-dir=$PWD/../.git ls-files ':/test/dmidecode-dumps/*.bin')
dmidecode-dumps/HP-Z600.bin
dmidecode-dumps/Lenovo-ThinkPad-X280.bin
dmidecode-dumps/Lenovo-Thinkcentre-m720s.bin

Fixes #18148.
2021-01-09 09:22:26 +09:00
Yu Watanabe
66bf4617b1
Merge pull request #18169 from OnkelUlla/can_bus_error_reporting
network: can: add support for bus error reporting
2021-01-09 09:21:54 +09:00
Ulrich Ölmann
77b674049b network: can: add support for bus error reporting
Enhance systemd-networkd to be able to control a CAN device's berr-reporting
flag via the new boolean directive BusErrorReporting= to be used in network
files.
2021-01-08 20:23:12 +01:00
Yu Watanabe
0b5dc24953 test-network: add tests for route advmss 2021-01-09 00:01:53 +09:00
Susant Sahani
007cac09a2 network: route - add support to configure tcp advmss 2021-01-08 14:06:13 +00:00
Susant Sahani
0a9fb9bad8 network: Allow to set device's receive queues and transmit queues 2021-01-05 12:46:28 +09:00
Luca Boccassi
eb3785f367 tests: add TEST_PREFER_NSPAWN variable to run as many as possible under nspawn
By default the test suite prefers qemu, and uses nspawn only if
a test specifically says it doesn't support qemu.
Add a variable to allow flipping the default, and run as many
tests under nspawn as possible.
2021-01-01 21:33:16 +00:00
Luca Boccassi
51d56d3be0 tests: add TEST_QEMU_ONLY variable to run only tests where qemu is mandatory
Allows to split the test run in two parts. Most tests can run under
nspawn which is much faster, and they can be ran in one chunk with
TEST_NO_QEMU=1. The qemu-only tests, which are just a handful, can
be ran in another chunk with TEST_QEMU_ONLY=1.

Allows autopkgtest to be split in two parts.
2021-01-01 21:33:16 +00:00
Luca Boccassi
84d9358586 Do not run ninja in run-integration-tests.sh
It is typically ran as root, while builds are done as normal users.
It is documented anyway to build beforehand.
2021-01-01 21:33:16 +00:00
Luca Boccassi
aeac20fc69 test: shortcut skip if both TEST_NO_QEMU and TEST_NO_NSPAWN are set
Allows to run all tests in bulk with TEST_NO_QEMU, skipping those where it is
mandatory, without wasting time building the image.
2021-01-01 21:33:16 +00:00
Luca Boccassi
0515e4c17d test: check for binariers in [usr/][s]bin
The image build function greps for ExecStart lines in unit files, but some
of them (eg: systemd-firstboot) do not use a full path.
It then falls back to 'type -P' but that only works if you have the binary
installed. For optional binaries like systemd-firstboot, the installation
can then fail.

Manually check if the binary already exists in /[usr/][s]bin.
2021-01-01 21:33:16 +00:00
Luca Boccassi
53a1c94480 test: use pkg-config to get user unit dir when installing dbus user socket
Usually on Debian ROOTLIBDIR is /lib/<arch triplet>, which is not the right place.
Use pkg-config since we define it, and then fallback to /usr/lib/systemd/user which is
the canonical location.
On both Debian&friends and Fedora dbus/dbus-broker install the user socket/service
under /usr/lib/systemd/user, not /lib/systemd/systemd/user.
2021-01-01 21:33:16 +00:00
Luca Boccassi
bb64bec589 test: update test_create_image
Run mask_supporting_services, which was missing, and remove setup_nspawn_root which
is now already called outside test_create_image
2021-01-01 21:33:16 +00:00
Luca Boccassi
68147f9371
Merge pull request #18109 from yuwata/network-routing-policy-rule-family-both-fixes
network: fixes related to Family=both in [RoutingPolicyRule]
2020-12-30 11:27:24 +00:00
Yu Watanabe
ae45e1a383 resolve: slightly optimize dns_answer_add()
Previously, dns_answer_add() was O(n^2).
With this change dns_packet_extract() becomes ~15 times faster for some
extremal case.

Before:
```
$ time ./fuzz-dns-packet ~/downloads/clusterfuzz-testcase-minimized-fuzz-dns-packet-5631106733047808
/home/watanabe/downloads/clusterfuzz-testcase-minimized-fuzz-dns-packet-5631106733047808... ok

real    0m15.453s
user    0m15.430s
sys     0m0.007s
```

After:
```
$ time ./fuzz-dns-packet ~/downloads/clusterfuzz-testcase-minimized-fuzz-dns-packet-5631106733047808
/home/watanabe/downloads/clusterfuzz-testcase-minimized-fuzz-dns-packet-5631106733047808... ok

real    0m0.831s
user    0m0.824s
sys     0m0.006s
```

Hopefully fixes oss-fuzz#19227.
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19227
2020-12-30 04:14:22 +09:00
Yu Watanabe
49ff3f34d5 test-network: add tests for fib rules with Family=both vs networkctl reload or reconfigure 2020-12-30 03:32:07 +09:00
Yu Watanabe
1e5fd3216a network: set FRA_PROTOCOL to RTPROT_STATIC by default 2020-12-29 16:03:26 +09:00