IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Tests are modified to check behaviour with relax and without relax.
New tests are added for hostname_cleanup().
Tests are moved a new file (test-hostname-util) because there's
now a bunch of them.
New parameter is not used anywhere, except in tests, so there should
be no observable change.
We should avoid using CLOCK_BOOTTIME directly unless we actually can
sensible distuingish it from CLOCK_MONOTONIC. CLOCK_BOOTTIME is only
fully feature on very recent Linux kernels, hence we should stick to a
fallback logic, which is already available in the
clock_boottime_or_monotonic() call.
Some places invoked fflush() directly with their own manual error
checking, let's unify all that by using fflush_and_check().
This also unifies the general error paths of fflush()+rename() file
writers.
This patch fixes the size of networkd
Bug #775
before:
size systemd-networkd
text data bss dec hex filename
1493755 8424392 2337 9920484 975fe4 systemd-networkd
After
$ size systemd-networkd
text data bss dec hex filename
1493555 35752 2337 1531644 175efc systemd-networkd
We must consider 'pending' links as if they may be managed by networkd, as this
is the state we enter before deciding wether networkd should manage the link
or not, so we better wait for this decision being made.
Even when we use shortened, combined words, we still should uppercase
where a new word starts. I couldn't find a canonically capitalized
version of this term, hence I think we should follow our naming rules
here.
Justification is similar to BPDUGuard rename. "Positive" values
are easier. This is a rather uncommon option, so using a slightly
longer name should not be a problem, and may in fact may make it
easier to guess what the option does without reading the
documentation.
Looking at the kernel commit, "on" seems to be the default value:
commit 867a59436fc35593ae0e0efcd56cc6d2f8506586
Author: Vlad Yasevich <vyasevic@redhat.com>
Date: Wed Jun 5 10:08:01 2013 -0400
bridge: Add a flag to control unicast packet flood.
Add a flag to control flood of unicast traffic. By default, flood is
on and the bridge will flood unicast traffic if it doesn't know
the destination. When the flag is turned off, unicast traffic
without an FDB will not be forwarded to the specified port.
... and it seems to be the reasonable thing to do by default.
Rename to follow the follow the style of other options.
In general "positive" options are preferred to "negative" ones,
because they are easier to describe and easier for humans to
parse (c.f. the shortening on the man page entry).
Old name was slightly misleading, because this flag does not determine
whether DSCP is used overall, but only if it is copied to the
decapsulated packet. Rename to better reflect that.
"Copy" does not imply direction. This is on purpose, because we might
later on enhance the setting to allow/disallow copying in the other
direction, to the encapsulated packet. If that is implemented,
CopyDSCP could understand additional values. This is nicer than
having two separate settings and follows the example of DHCP=.
Also, we try to avoid abbreviations, but we allow acronyms
like MTU, in DiscoverPathMTU=.
This setting was recently added, so it's fine to rename it without
backwards compat.
This patch adds support to configure IFF_VNET_HDR flag
for a tap device. It allows whether sending and receiving
large pass larger (GSO) packets. This greatly increases the
achievable throughput.
It is no different to return 0 over 1 in the property
callback. It is confusing to return 1 which made me think
1 has a special purpose. This way code is consistent with
the rest of the tree.
Merge write_string_file(), write_string_file_no_create() and
write_string_file_atomic() into write_string_file() and provide a flags mask
that allows combinations of atomic writing, newline appending and automatic
file creation. Change all users accordingly.
- Make sure that the IPv6PrivacyExtensions=yes results in
prefer-temporary, not prefer-public.
- Introduce special enum value "kernel" to leave setting unset, similar
how we have it for the IP forwarding settings.
- Bring the enum values in sync with the the strings we parse for them,
to the level this makes sense (specifically, rename "disabled" to
"no", and "prefer-temporary" to "yes").
- Make sure we really set the value to to "no" by default, the way it is
already documented in the man page.
- Fix whitespace error.
- Make sure link_ipv6_privacy_extensions() actually returns the correct
enum type, rather than implicitly casting it to "bool".
- properly size formatting buffer for ipv6 sysctl value
- Don't complain if /proc/sys isn't writable
- Document that the enum follows the kernel's own values (0 = off, 1 =
prefer-public, 2 = prefer-temporary)
- Drop redundant negating of error code passed to log_syntax()
- Manpage fixes
This fixes a number of issues from PR #417
1) never bother with setting the flag for loopback devices
2) if we fail to write the flag due to EROFS (which is likely to happen
in containers where /proc/sys is read-only) or any other error, check
if the flag already has the right value. If so, don't complain.
Closes#469
This patch add support for ipv6 privacy extensions.
The variable /proc/sys/net/ipv6/conf/<if>/use_tempaddr
can be changed via the boolean
IPv6PrivacyExtensions=[yes/no/prefer-temporary]
When true enables privacy extensions, but prefer public addresses over
temporary addresses.
prefer-temporary prefers temporary adresses over public addresses.
Defaults to false.
[Match]
Name=enp0s25
[Network]
IPv6PrivacyExtensions=prefer-temporary
If a link is attempted t obe enslaved by a netdev that has already failed, we
must fail immediately and not save the callback for later, as it will then
never get triggered.
This only happens when something has gone wrong, so is not easy to hit. However,
if a bridge (say) is configured on a system without bridge support we will hit
this.
Fixes issue #299.
The kernel bonding layer allows passing an array of ARP IP targets as
bond-configuration. Due to the weird implementation of arrays in netlink
(which we haven't figure out a generic way to support, yet), we usually
hard-code the supported array-sizes. However, this should not be exported
from sd-netlink.
Instead, make sure the caller just uses it's current hack of enumerating
the types, and the sd-netlink core will have it's own list of supported
array-sizes (to be removed in future extensions, btw!). If either does not
match, we will just return a normal error.
Note that we provide 2 constants for ARP_IP_TARGETS_MAX now. However, both
have very different reasons:
- the constant in netdev-bond.c is used to warn the user that the given
number of targets might not be supported by the kernel (even though the
kernel might increase that number at _any_ time)
- the constant in sd-netlink is solely used due to us missing a proper
array implementation. Once that's supported in the type-system, it can
be removed without notice
Last but not least, this patch turns the log_error() into a log_warning().
Given that the previous condition was off-by-one, anyway, it never hit at
the right time. Thus, it was probably of no real use.
This ports a lot of manual code over to sigprocmask_many() and friends.
Also, we now consistly check for sigprocmask() failures with
assert_se(), since the call cannot realistically fail unless there's a
programming error.
Also encloses a few sd_event_add_signal() calls with (void) when we
ignore the return values for it knowingly.
In 5a8bcb674f, IPForwarding was introduced
to set forwarding flags on interfaces in .network files. networkd sets
forwarding options regardless of the previous setting, even if it was
set by e.g. sysctl. This commit creates a new option for IPForwarding,
"kernel", that preserves the sysctl settings rather than always setting
them.
See https://bugs.freedesktop.org/show_bug.cgi?id=89509 for the initial
bug report.
previously hostname_is_valid was used to validate domain names, which
would silently drop perfectly valid dns names that were longer than a
single dns label.
In 5a8bcb674f, IPForwarding was introduced
to set forwarding flags on interfaces in .network files. networkd sets
forwarding options regardless of the previous setting, even if it was
set by e.g. sysctl. This commit creates a new option for IPForwarding,
"kernel", that preserves the sysctl settings rather than always setting
them.
See https://bugs.freedesktop.org/show_bug.cgi?id=89509 for the initial
bug report.
This reverts commit 43c6d5abac
(and a small part of 4046d8361c)
It turns out we don't actually need to set the global ip_forward setting.
The only relevant setting is the one on each interface.
What the global toggle actually does is switch forwarding on/off for all
currently present interfaces and change the default for new ones.
That means that by setting the global ip_forward we
- Introduce a race condition, because if the interface with IPForward=yes
is brought up after one with IPForward=no, both will have forwarding
enabled, because the global switch turns it on for all interfaces.
If the other interface comes up first networkd correctly sets forward=0
and it doesn't get overridden.
- Change the forwarding setting for interfaces that networkd is not
configured to touch, even if the user disabled forwarding via sysctl,
either globally or per-interface
As forwarding works fine without this, as long as all relevant interfacest
individually set IPForward=yes: just drop it
This means that non-networkd interfaces use the global default while
networkd interfaces default to off if IPForward isn't given.
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
When setting IPv6 addresses acquired by DHCPv6, systemd-networkd sets
the IFA_F_NOPREFIXROUTE flag in the IFA_FLAGS netlink attribute. As
the flag and the attribute are present starting with Linux 3.14, older
kernels will need systemd-network to manage prefix route expiry.
By default, DHCPv6 addresses are first assigned setting the
IFA_F_NOPREFIXROUTE flag in the IFA_FLAGS netlink attribute. Should
the address assignment fail, the same assignment is tried without
the IFA_FLAGS attribute. Should also the second attempt fail, an error
is printed and address assignment ends with failure. As successful use
of the IFA_FLAGS netlink attribute is recorded in the Link structure,
the DHCPv6 code will know if the kernel or systemd-network fallback
code handles expiring prefixes.
The prefix expiration and IPv6 address updating fallback code is
resurrected from the parts deleted with commit
47d45d3cde.
This patch can be removed once the minimum kernel requirements are
greater than or equal to 3.14.
This patch add support to create vti6 tunnel
test:
vt6.network
[Match]
Name=wlan0
[Network]
Tunnel=ip6vti
vti6.netdev
[NetDev]
Name=ip6vti
Kind=vti6
[Tunnel]
Local=2a00:ffde:4567:edde::4987
Remote=2001:473:fece:cafe::5179
ip link
11: ip6_vti0@NONE: <NOARP> mtu 1500 qdisc noop state DOWN mode DEFAULT
group default
link/tunnel6 :: brd ::
12: ip6vti@wlan0: <POINTOPOINT,NOARP> mtu 1500 qdisc noop state DOWN
mode DEFAULT group default
link/tunnel6 2a00:ffde:4567:edde::4987 peer 2001:473:fece:cafe::5179
This should simplify the prototype a bit. The bus parameter is redundant
in most cases, and in the few where it matters it can be derived from
the message via sd_bus_message_get_bus().
This makes adds a couple of fixes:
- Introduces log_netdev_error_errno() and friends, which takes an error
number, and matches what log_link_error_errno() and friends do.
- Replaces a lof ot strerror() usage with log_netdev_error_errno(),
log_link_error_errno() and log_erro_errno()
- Uppercases the first character of many log messages, after all this is
supposed to be english language
- Drops manual negating of error codes before passing them to log
functions, the log functions all do that internally anyway.
Some other minor fixes.
Behaviour should not change really.
Add UDPCheckSum option to enable transmitting UDP checksums when doing
VXLAN/IPv4. Add UDP6ZeroChecksumRx, and UDP6ZeroChecksumTx
options to enable sending zero checksums and receiving zero
checksums in VXLAN/IPv6
[tomegun: rebase manpage due to whitespace changes]
like:
src/shared/install.c: In function ‘unit_file_lookup_state’:
src/shared/install.c:1861:16: warning: ‘r’ may be used uninitialized in
this function [-Wmaybe-uninitialized]
return r < 0 ? r : state;
^
src/shared/install.c:1796:13: note: ‘r’ was declared here
int r;
^
Expiring prefixes need not be handled anymore as the kernel has been
instructed not to create routes for DHCPv6 assigned addresses via the
IFA_F_NOPREFIXROUTE flag.
The IFA_F_NOPREFIXROUTE flag prevents the kernel from creating new onlink
prefixes when a DHCPv6 IPv6 address with a prefix length is set from user
space. IPv6 routing will follow the onlink status from Router Advertisment
Prefix Information options or any manually set route, which is the correct
thing to do.
As this flag has a larger value than what fits into an unsigned char, update
the flag attribute to an uint32_t and set it with an IFA_FLAGS attribute
when writing netlink messages to the kernel.
