1
0
mirror of https://github.com/systemd/systemd.git synced 2024-11-14 15:21:37 +03:00
Commit Graph

15524 Commits

Author SHA1 Message Date
Tom Gundersen
d9876a527f networkd: add assert
It should not be possible to have a DHCP lease on a link without also having
an associated network. Add assert() to avoid compiler warnings.

Reported by Thomas H. P. Andersen
2014-06-14 15:06:17 +02:00
Thomas Hindoe Paaboel Andersen
efdc73dae3 networkd: link - check returned value from set_lease_pool 2014-06-13 23:00:52 +02:00
Colin Ian King
855d111304 Fix spelling mistake, scirpt --> script 2014-06-13 23:00:48 +02:00
Lennart Poettering
5b4c013121 core: don't complain at early boot if /etc/mtab is not the right symlink
When we boot up with an empty /etc it's ok if the symlink doesn't exist.
We will create it later with tmpfiles.
2014-06-13 20:11:59 +02:00
Lennart Poettering
6d1d50f081 tmpfiles: always use relative symlinks from tmpfiles snippets 2014-06-13 20:11:59 +02:00
Lennart Poettering
5ae4d543cb os-release: define /usr/lib/os-release as fallback for /etc/os-release
The file should have been in /usr/lib/ in the first place, since it
describes the OS container in /usr (and not the configuration in /etc),
hence, let's support os-release files in /usr/lib as fallback if no
version in /etc exists, following the usual override logic.

A prior commit already enabled tmpfiles to create /etc/os-release as a
symlink to /usr/lib/os-release should it be missing, thus providing nice
compatibility with applications only checking in /etc.

While it's probably a good idea if all apps check both locations via a
fallback logic, it is only necessary in the early boot process, as long
as the /etc/os-release symlink has not been restored, in case we boot
with an empty /etc.
2014-06-13 20:11:59 +02:00
Lennart Poettering
b0284aba93 sysusers: always treat ENOENT as entry-not-found when doing NSS calls
For most NSS calls it is documented that they return NULL + errno=0 when
an entry is not found. However, in reality it appears to be common to
return NULL + errno=ENOENT, instead. Handle that correctly, and don't
consider ENOENT a systematic error.
2014-06-13 20:11:59 +02:00
Lennart Poettering
b532bdeae9 rpm: add RPM macros to apply sysusers, sysctl, and binfmt drop-ins
With this in place RPMs can make sure that whatever they drop in is
immeidately applied, and not delayed until next reboot.

This also moves systemd-sysusers back to /usr/bin, since hardcoding the
path to /usr/lib in the macros would mean compatibility breaks in
future, should we turn sysusers into a command that is actually OK for
people to call directly. And given that that is quite likely to happen
(since it is useful to prepare images with its --root= switch), let's
just prepare for it.
2014-06-13 20:11:59 +02:00
Lennart Poettering
8cf7c96517 rpm: don't hardcode the binary paths in the macros, rely on $PATH
this gives us a little bit more freedom to move things around later on,
as we don't hardcode the systemd paths in old RPMs that shall work with
new systemds.
2014-06-13 20:11:59 +02:00
Tom Gundersen
6f08fb7b34 sd-dhcp-server: test - skip when lacking perms 2014-06-13 19:11:31 +02:00
Andreas Henriksson
223217749e install: fix invalid free() in unit_file_mask()
int unit_file_mask(...) in ./src/shared/install.c calls
get_config_path(...) which can in 4 error cases return without setting
"ret", and thus "prefix" can be uninitialized when unit_file_mask(...)
finishes (which it does directly after the error is returned from
get_config_path(...)).
2014-06-13 19:01:07 +02:00
Andreas Henriksson
f8a0bb5285 udev: fix invalid free() in enable_name_policy()
static bool enable_name_policy(...) in ./src/udev/net/link-config.c
calls proc_cmdline(...) to get "line" initialized, but
proc_cmdline(...) does not guarantee that atleast when both
conditions (detect_container(NULL) > 0) and
read_full_file(...) returned < 0.
2014-06-13 19:00:42 +02:00
Andreas Henriksson
3e09eb5c83 core: fix invalid free() in killall()
static int killall(....) in ./src/core/killall.c tries to get "s"
initialized by calling get_process_comm(...) which calls
read_one_line_file(...) which if it fails will mean it is left
uninitialized.
It is then used in argument to strna(s) call where it is
dereferenced(!), in addition to nothing else initializing it before
the scope it is in finishes.
2014-06-13 19:00:13 +02:00
Andreas Henriksson
8186d9dda0 sd-dhcp-client: fix invalid free() in client_send_request()
static int client_send_request(...) in
./src/libsystemd-network/sd-dhcp-client.c tries to initialize
"request" by calling client_message_init(...), which has atleast
5 error cases where it can return without that happening.
This leads to the function finishing without "request" being initialized.
2014-06-13 18:57:33 +02:00
Tom Gundersen
97578344f3 networkd: link - left-align debug messages
Still add some whitespace betwen ifname and the message to get the
messages aligned (as I find it easier to spot specific messages this way).
2014-06-13 18:34:34 +02:00
Tom Gundersen
dd43110f78 networkd: add dhcp server support
When enabled in [Network] it will set up a dhcp server on the interface, listening
on one of its statically configured IPv4 addresses and with a fixed size pool of
leases determined from it.

Example:

[Match]
Name=ve-arch-tree

[Network]
Address=192.168.12.5/24
DHCPServer=yes

[Route]
Gateway=192.168.12.5
Destination=192.168.12.0/24

In this case we will configure ve-arch-tree with the address 192.168.12.5 and
hand out addresses in the range 192.168.12.6 - 192.168.12.38.

In the future, we should (as suggested by Lennart) introduce a syntax to pick the
server address automatically.
2014-06-13 17:07:20 +02:00
Tom Gundersen
500792d818 sd-dhcp-server: add RELEASE support 2014-06-13 17:07:20 +02:00
Tom Gundersen
5b34277c20 sd-dhcp-server: add dummy DECLINE support 2014-06-13 17:07:20 +02:00
Tom Gundersen
87322b3aee sd-dhcp-server: track bound leases
Make sure we don't hand out the same IP twice. We still don't
handle lease expiry.
2014-06-13 17:07:19 +02:00
Tom Gundersen
c7d9ffe6d6 sd-dhcp-server: add support for clients requesting lease lifetime 2014-06-13 17:07:19 +02:00
Tom Gundersen
bd57b45029 sd-dhcp-server: add basic NAK support 2014-06-13 17:07:19 +02:00
Tom Gundersen
2dead8129f sd-dhcp-server: add basic REQUEST/ACK support 2014-06-13 17:07:19 +02:00
Tom Gundersen
4dc3556804 sd-dhcp-server: add basic DISCOVER/OFFER support 2014-06-13 17:07:19 +02:00
Tom Gundersen
969b009d94 sd-dhcp-server: add support for sending messages 2014-06-13 17:07:19 +02:00
Tom Gundersen
20af7091de sd-dhcp-server: add support for setting the server address 2014-06-13 17:07:19 +02:00
Tom Gundersen
8de4a226c7 sd-dhcp-server: bind to raw socket for sending
We would like to use the UDP socket, but we cannot as we need to specify
the MAC address manually.
2014-06-13 16:53:13 +02:00
Tom Gundersen
816e2e7af9 sd-dhcp-server: add basic message parsing
Parse the maximum message size the client can accept and the client id, falling back to
sane defaults if they are not set.
2014-06-13 16:53:13 +02:00
Tom Gundersen
be077570f7 sd-dhcp-server: add basic message handling and verification 2014-06-13 16:53:13 +02:00
Tom Gundersen
3a864fe4a8 sd-dhcp-server: bind to a given interface
We will (at least at first), restrict our focus to running the server
on at most one interface.
2014-06-13 16:53:13 +02:00
Tom Gundersen
ff734080aa sd-dhcp-server: add basic functionality for starting/stopping server
Bind to UDP socket and listen for messages, discarding anything we receive.
2014-06-13 16:53:13 +02:00
Tom Gundersen
b44cd88210 sd-dhcp-server: add basic functionality for creating/destroying server instance 2014-06-13 16:53:13 +02:00
Tom Gundersen
fef0e0f3b2 dhcp-network: allow UDP socket to listen on any address
For this to work nicely we need to use REUSEADDR so that more than one socket
can be open at the same time. Also, we request the ifindex to be appended
to incoming messages, so we know whence it came.
2014-06-13 16:53:13 +02:00
Lennart Poettering
55745f2054 tmpfiles: add minimal tmpfiles snippet to rebuild the most essential stuff from /etc 2014-06-13 13:29:25 +02:00
Lennart Poettering
ecde7065f7 units: rebuild /etc/passwd, the udev hwdb and the journal catalog files on boot
Only when necessary of course, nicely guarded with the new
ConditionNeedsUpdate= condition we added.
2014-06-13 13:26:32 +02:00
Lennart Poettering
a55654d598 core: add new ConditionNeedsUpdate= unit condition
This new condition allows checking whether /etc or /var are out-of-date
relative to /usr. This is the counterpart for the update flag managed by
systemd-update-done.service. Services that want to be started once after
/usr got updated should use:

        [Unit]
        ConditionNeedsUpdate=/etc
        Before=systemd-update-done.service

This makes sure that they are only run if /etc is out-of-date relative
to /usr. And that it will be executed after systemd-update-done.service
which is responsible for marking /etc up-to-date relative to the current
/usr.

ConditionNeedsUpdate= will also checks whether /etc is actually
writable, and not trigger if it isn't, since no update is possible then.
2014-06-13 13:26:32 +02:00
Lennart Poettering
8ea48dfcd3 update-done: add minimal tool to manage system updates for /etc and /var, if /usr has changed
In order to support offline updates to /usr, we need to be able to run
certain tasks on next boot-up to bring /etc and /var in line with the
updated /usr. Hence, let's devise a mechanism how we can detect whether
/etc or /var are not up-to-date with /usr anymore: we keep "touch
files" in /etc/.updated and /var/.updated that are mtime-compared with
/usr. This means:

Whenever the vendor OS tree in /usr is updated, and any services that
shall be executed at next boot shall be triggered, it is sufficient to
update the mtime of /usr itself. At next boot, if /etc/.updated and/or
/var/.updated is older than than /usr (or missing), we know we have to
run the update tools once. After that is completed we need to update the
mtime of these files to the one of /usr, to keep track that we made the
necessary updates, and won't repeat them on next reboot.

A subsequent commit adds a new ConditionNeedsUpdate= condition that
allows checking on boot whether /etc or /var are outdated and need
updating.

This is an early step to allow booting up with an empty /etc, with
automatic rebuilding of the necessary cache files or user databases
therein, as well as supporting later updates of /usr that then propagate
to /etc and /var again.
2014-06-13 13:26:32 +02:00
Lennart Poettering
dc92e62c6c condition: minor modernizations 2014-06-13 13:26:32 +02:00
Lennart Poettering
d4c049bfcd units: don't conditionalize sysctl service
We install two sysctl snippets ourselves, hence the condition will
always trigger, so no point in tryng to optimize things with this, it
just will make things slower, if anything.
2014-06-13 13:26:32 +02:00
Lennart Poettering
db62b5b37e units: remove conditions from systemd-tmpfiles-setup
There's no point in conditionalizing systemd-tmpfiles at boot, since we
ship tmpfiles snippets ourselves, hence they will always trigger anyway.

Also, there's no reason to pull in local-fs.target from the service,
hence drop that.
2014-06-13 13:26:32 +02:00
Lennart Poettering
9194c8e4c3 system-update-generator: modernizations 2014-06-13 13:26:32 +02:00
Lennart Poettering
7de77d1cf5 sysusers: hide generate .conf file 2014-06-13 13:26:32 +02:00
Lennart Poettering
dd25523073 update TODO 2014-06-13 13:26:32 +02:00
Lennart Poettering
48e93f88ff sysusers: move systemd-sysusers to libexec for now 2014-06-13 13:26:32 +02:00
Kay Sievers
6555ad8e9d tmpfiles: skip mknod() on -EPERM (device cgroup) 2014-06-13 04:12:50 +02:00
Kay Sievers
c1b6b04f0e sysusers: do not set todo to create a user when we only need a group 2014-06-13 03:28:54 +02:00
Thomas Hindoe Paaboel Andersen
f268f57f63 cryptsetup: check that password is not null
Beef up the assert to protect against passing null to strlen.

Found with scan-build.
2014-06-13 00:30:40 +02:00
Lennart Poettering
f8b5d99408 sysuser: generate default snippet incorporating TTY_GID properly
When the user specifies --with-tty-gid= then we should honour that and
write it to the snippet, too.
2014-06-12 23:22:27 +02:00
Lennart Poettering
7ec9fb4be9 sysusers: add new input group to default snippet 2014-06-12 23:08:51 +02:00
Lennart Poettering
753615e85d tmpfiles: minor modernizations 2014-06-12 23:07:34 +02:00
Lennart Poettering
034753ac13 machine: minor modernizations 2014-06-12 23:07:33 +02:00