1
0
mirror of https://github.com/systemd/systemd.git synced 2024-11-05 06:52:22 +03:00
Commit Graph

25 Commits

Author SHA1 Message Date
Dimitri John Ledkov
b56be2966a networkd: Add bridge port priority setting (#5545)
Allow setting bridge port priority in the Bridge section of the network file,
similar to e.g. port path cost setting.

Set the default to an invalid value of 128, and only set the port priority when
it's not 128. Unlike e.g. path cost, zero is a valid priority value.

Add a networkd-test.py to check that bridge port priority is correctly set.

Incidently, fix bridge port cost type and document valid ranges.
2017-04-11 23:17:31 +02:00
Martin Pitt
d26fdaa236 tests: show journal on systemd-resolved.service failures (#5297)
In networkd-test.py, show resolved's journal on failure, to debug issues
like https://github.com/systemd/systemd/pull/5283.
2017-02-09 21:30:44 -05:00
Martin Pitt
27e2e3231f tests: more precise negative check for dnsmasq log (#4982)
In test_resolved_domain_restricted_dns(), add dot domain separator to
negative .lab/.company tests, so that we don't catch these as part of
the host name (like "lxc-labjfr").

Caught in PR #4962
2016-12-26 12:19:25 +01:00
Martin Pitt
4050e04b2c resolved: correctly handle non-address RR types with /etc/hosts lookups (#4808)
Fix wrong condition test in manager_etc_hosts_lookup(), which caused it to
return an IPv4 answer when an IPv6 question was asked, and vice versa.
Also only return success if we actually found any A or AAAA record.

In systemd-resolved.service(8), point out that /etc/hosts mappings only
affect address-type lookups, not other types.

The test case currently disables DNSSEC in resolved, as there is a bug
where "-t MX" fails due to "DNSSEC validation failed" even after
"downgrading to non-DNSSEC mode". This should be dropped once that bug
gets fixed.

Fixes #4801
2016-12-22 07:58:02 +01:00
David Michael
618b196e9d network: support negation in matching patterns (#4809) 2016-12-07 19:12:10 +01:00
Zbigniew Jędrzejewski-Szmek
169f11d5da Merge pull request #4228 from dm0-/coreos-1554
networkd: support marking links unmanaged
2016-12-02 09:14:27 -05:00
Zbigniew Jędrzejewski-Szmek
cda39975dc python: use raw strings for regexp patterns
Behaviour is not changed, because "unknown" escapes like \s or \d were not
substituted, but it's much nicer to use raw strings to avoid ambiguity.
2016-12-01 19:11:10 -05:00
Zbigniew Jędrzejewski-Szmek
00d5eaafd1 python: adjust imports, indentation, unused variables following pylint advice 2016-12-01 18:55:23 -05:00
David Michael
a09dc5467a networkd: support marking links unmanaged 2016-12-01 14:41:51 -08:00
David Michael
ec89276c2a networkd-test: define a utility class to simplify tests 2016-12-01 14:25:58 -08:00
Martin Pitt
2926b130b6 test: retry checking for transient hostname in hostnamectl (#4769)
Sometimes setting the transient hostname does not happen synchronously, so
retry up to five times. It is not yet clear whether this is legitimate
behaviour or an underlying bug, but this will at least show whether the wrong
transient hostname is just a race condition or permanently wrong.

Fixes #4753
2016-11-30 08:02:49 +01:00
Martin Pitt
fd0cec0366 test: make transient hostname tests fail verbosely (#4754)
This test fails sometimes but it is hard to reproduce, so we need more
information what happens. Set journal log level to "debug" for the entirety of
networkd-test.py, and show networkd's and hostnamed's journals and the DHCP
server log on failure of the two test_transient_hostname* tests. Also sync the
journal before querying it to get more precise output.

This should help with tracking down issue #4753.
2016-11-28 14:35:49 +03:00
Martin Pitt
2c99aba726 networkd: allow networkd to set the timezone in timedated
systemd-networkd runs as user "systemd-network" and thus is not privileged to
set the timezone acquired from DHCP:

  systemd-networkd[4167]: test_eth42: Could not set timezone: Interactive authentication required.

Similarly to commit e8c0de912, add a polkit rule to grant
org.freedesktop.timedate1.set-timezone to the "systemd-network" system user.
Move the polkit rules from src/hostname/ to src/network/ to avoid too many
small distributed policy snippets (there might be more in the future), as it's
easier to specify the privileges for a particular subject in this case.

Add NetworkdClientTest.test_dhcp_timezone() test case to verify this (for
all people except those in Pacific/Honolulu, there the test doesn't prove
anything -- sorry ☺ ).
2016-11-23 16:32:06 +01:00
Martin Pitt
89748b0af1 tests: check transient hostname with and without static hostname
We expect a static hostname to win over a transient one, so test both cases.
2016-11-21 12:57:16 +01:00
Martin Pitt
e8c0de9127 hostnamed: allow networkd to set the transient hostname
systemd-networkd runs as user "systemd-network" and thus is not privileged to
set the transient hostname:

  systemd-networkd[516]: ens3: Could not set hostname: Interactive authentication required.

Standard polkit *.policy files do not have a syntax for granting privileges to
a user, so ship a pklocalauthority (for polkit < 106) and a JavaScript rules
file (for polkit >= 106) that grants the "systemd-network" system user that
privilege.

Add DnsmasqClientTest.test_transient_hostname() test to networkd-test.py to
cover this. Make do_test() a bit more flexible by interpreting "coldplug==None"
as "test sets up the interface by itself". Change DnsmasqClientTest to set up
test_eth42 with a fixed MAC address so that we can configure dnsmasq to send a
special host name for that.

Fixes #4646
2016-11-20 12:19:21 +01:00
Martin Pitt
9e0c296a16 test: clean up "dummy0" interface after each test case in networkd-test.py 2016-11-20 12:19:21 +01:00
Martin Pitt
b9fe94cad9 resolved: don't query domain-limited DNS servers for other domains (#3621)
DNS servers which have route-only domains should only be used for
the specified domains. Routing queries about other domains there is a privacy
violation, prone to fail (as that DNS server was not meant to be used for other
domains), and puts unnecessary load onto that server.

Introduce a new helper function dns_server_limited_domains() that checks if the
DNS server should only be used for some selected domains, i. e. has some
route-only domains without "~.". Use that when determining whether to query it
in the scope, and when writing resolv.conf.

Extend the test_route_only_dns() case to ensure that the DNS server limited to
~company does not appear in resolv.conf. Add test_route_only_dns_all_domains()
to ensure that a server that also has ~. does appear in resolv.conf as global
name server. These reproduce #3420.

Add a new test_resolved_domain_restricted_dns() test case that verifies that
domain-limited DNS servers are only being used for those domains. This
reproduces #3421.

Clarify what a "routing domain" is in the manpage.

Fixes #3420
Fixes #3421
2016-09-30 09:30:08 +02:00
Jean-Sébastien Bour
047a0dacde networkd: support drop-in directories for .network files
Fixes #3655.

[zj: Fix the tests.]
2016-09-16 10:31:58 -04:00
Zbigniew Jędrzejewski-Szmek
38d78d1ee9 networkd-test: add a helper function to always clean up temporary config files 2016-09-16 10:30:34 -04:00
Martin Pitt
30b42a9a36 test: check resolved generated resolv.conf in networkd-test (#3628)
* test: check resolved generated resolv.conf in networkd-test

Directly verify the contents of /run/systemd/resolve/resolv.conf instead of
/etc/resolv.conf. The latter might be a plain file or a symlink to something
else (like Debian's resolvconf output), and in these cases we cannot make
strong assumptions about the contents.

Drop the "/etc/resolv.conf is a symlink" conditions and the "resolv.conf can
have at most three nameservers" alternatives, as we know that resolved always
adds all nameservers.

Explicitly start resolved at the start of a test to ensure that it is running.

* test: get along with existing system search domains in resolv.conf

The previous change has uncovered a bug in the tests: Existing search domains
can exist in resolv.conf which test_search_domains{,_too_long} didn't take into account.

As existing domains take some of the "max 6 domains" and "max 255 chars" limit,
don't expect that the last items from our test data actually appears in the
output, just the first few.
2016-06-30 16:44:22 +03:00
Martin Pitt
94363cbbf3 resolved: add test for route-only domain filtering (#3609)
With commit 6f7da49d00 route-only domains do not get put into resolv.conf's
"search" list any more. Add a comment about the tri-state, to clarify its
semantics and why we are passing a bool parameter into an int type. Also add a
test case for it.
2016-06-28 18:18:27 +02:00
Lennart Poettering
f921f5739e networkd: rename IPv6AcceptRouterAdvertisements to IPv6AcceptRA
The long name is just too hard to type. We generally should avoid using
acronyms too liberally, if they aren't established enough, but it appears that
"RA" is known well enough. Internally we call the option "ipv6_accept_ra"
anyway, and the kernel also exposes it under this name. Hence, let's rename the
IPv6AcceptRouterAdvertisements= setting and the
[IPv6AcceptRouterAdvertisements] section to IPv6AcceptRA= and [IPv6AcceptRA].

The old setting IPv6AcceptRouterAdvertisements= is kept for compatibility with
older configuration. (However the section [IPv6AcceptRouterAdvertisements] is
not, as it was never available in a published version of systemd.
2016-06-07 11:24:30 +02:00
Martin Pitt
d2bc125132 resolved: fix comments in resolve.conf for search domain overflows (#3422)
Write comments about "too many search domains" and "Total length of all search
domains is too long" just once. Also put it on a separate line, as
resolv.conf(5) only specifies comments in a line by themselves.

This is ugly to do if write_resolv_conf_search() gets called once for every
search domain. So change it to receive the complete OrderedSet instead and do
the iteration by itself.

Add test cases to networkd-test.py.

https://launchpad.net/bugs/1588229
2016-06-03 11:15:44 +02:00
Martin Pitt
daad34dfa3 tests: document requirements of networkd integration tests (#3125)
Document the necessary dependencies and nspawn/lxd options to run
test/networkd-test.py.
2016-04-26 12:16:43 +02:00
Martin Pitt
4ddb85b18b tests: add networkd integration test
This uses temporary configuration in /run and temporary veth devices, and does
not write anything on disk or change any system configuration; but it assumes
(and checks at the beginning) that networkd is not currently running.

This can be run on a normal installation, in QEMU, nspawn, or LXC.

As this requires root privileges, this is not integrated into "make check".
2015-11-27 11:53:07 +01:00