IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
The original version of the test used netcat along with a standard
AF_UNIX socket, which caused issues across different netcat
implementations. The AF_UNIX socket was then replaced by a FIFO with a
simple echo, which, however, suffers from the same issue (some echo
implementations don't check if the write() was successful).
Let's revert back to the AF_UNIX socket, but replace netcat with socat,
which, hopefully, resolves the main issue.
Relevant commit: 9b45c2bf02
When there is bad link in the network the carrier goes up/down.
This makes networkd stops all the clients and drop config.
But if the remote router/dhcpserver running a prevention
of DHCP Starvation attack or DHCP Flood attack it does not allow
networkd to take a DHCP lease resulting failure in configuration.
This patch allows to keep the client running and keep the conf
also for this scenario.
Closes#9111
Currently /boot/initramfs-linux.img is used as the default initrd for ArchLinux.
Although, since the kernel modules that are not necessary for the host environment are removed from
initramfs-linux.img by mkinitcpio 's autodetect hook, the kernel modules necessary for qemu may be missing.
(ata_piix, ext4, and so on in my case.)
As a result, the test environment may not be built properly and the test will be failed.
initramfs-linux-fallback.img will skip this autodetect hook, so the test will run successfully in more
environments.
Both initramfs-linux.img and initramfs-linux-fallback.img are generated by default.
rescue.service pulls in /bin/plymouth, which doesn't exist on some
distributions (e.g. Arch Linux). Let's mark it as optional, as it's not
even required by the referencing unit and causes unwanted fails in the
integration testsuite.
The test is a bit messy because it must be done on a device that
enforces a tentative state for IPv6 addresses, and it appears
that the dummy device does not. So we use a bond instead.
Signed-off-by: Daniel Axtens <dja@axtens.net>
Nitpicky, but we've used a lot of random spacings and names in the past,
but we're trying to be completely consistent on "cgroup vN" now.
Generated by `fd -0 | xargs -0 -n1 sed -ri --follow-symlinks 's/cgroups? ?v?([0-9])/cgroup v\1/gI'`.
I manually ignored places where it's not appropriate to replace (eg.
"cgroup2" fstype and in src/shared/linux).
Commit 250e9fadbc introduced
support for %j/%J specifier in unit files. The function
unit_name_printf is used in unit dependency resolution,
such as Wants / After directives, but was missing support
for the %j. Add to allow directives such as:
[Unit]
Wants=bar-%j.target
Fixes: systemd/systemd#11217
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Previously, we'd return DNS_SCOPE_MAYBE for all domain lookups matching
LLMNR or mDNS. Let's upgrade this to DNS_SCOPE_YES, to make the binding
stronger.
The effect of this is that even if "local" is defined as routing domain
on some iface, we'll still lookup domains in local via mDNS — if mDNS is
turned on. This should not be limiting, as people who don't want such
lookups should turn off mDNS altogether, as it is useless if nothing is
routed to it.
This also has the nice benefit that mDNS/LLMR continue to work if people
use "~." as routing domain on some interface.
Similar for LLMNR and single label names.
Similar also for the link local IPv4 and IPv6 reverse lookups.
Fixes: #10125
There seems to be no error per se. RequiresMountsFor=%s%s%s..%s%s%s is expanded to
RequiresMountsFor=/bin/zsh/bin/zsh/bin/zsh/bin/zsh/..., which takes a bit of time,
and then we iterate over this a few times, creating a hashmap with a hashmap
for each prefix of the path, each with one item pointing back to the original unit.
Takes about 0.8 s on my machine.
When using networkd we currently have no way of ensuring that static
neighbor entries are set when our link comes up. This change adds a new
section to the network definition that allows multiple static neighbors
to be set on a link.
Fixes the following error:
Failed to mount test /run: No such file or directory
By the time command "./test-udev check" calls function "fake_filesystems",
directory "test/run" must be present.
When there is a failure to setup the environment, the following happens:
1. Command "./test-udev check" exits with non-zero code.
2. Perl function "system" returns the code.
3. The code is evaluated as true by Perl.
Then we stop the test.
This provides us with an easy command line to test this script. Because
the test was so difficult to get running noone ever did, hence it broke
badly quickly. Let's fix that.
Previously, the test would use the existing static hostname. However,
this woud not work as expected in the static hostname was "localhost"
because the transient hostname will override the static one in that case
anyway, as the assumption hostnamed makes is that "localhost" is a
non-initialized hostname.
Hence when testing this, let's first set the static hostname to
something specific first (that is not "localhost").
Otherwise networkd isn't happy.
Let's also make addition of the "systemd-network" non-fatal. The user
exists on many machines anyway, hence it shouldn't fail if it already
exists.
Some controllers (like the CPU controller) have a performance cost that
is non-trivial on certain workloads. While this can be mitigated and
improved to an extent, there will for some controllers always be some
overheads associated with the benefits gained from the controller.
Inside Facebook, the fix applied has been to disable the CPU controller
forcibly with `cgroup_disable=cpu` on the kernel command line.
This presents a problem: to disable or reenable the controller, a reboot
is required, but this is quite cumbersome and slow to do for many
thousands of machines, especially machines where disabling/enabling a
stateful service on a machine is a matter of several minutes.
Currently systemd provides some configuration knobs for these in the
form of `[Default]CPUAccounting`, `[Default]MemoryAccounting`, and the
like. The limitation of these is that Default*Accounting is overrideable
by individual services, of which any one could decide to reenable a
controller within the hierarchy at any point just by using a controller
feature implicitly (eg. `CPUWeight`), even if the use of that CPU
feature could just be opportunistic. Since many services are provided by
the distribution, or by upstream teams at a particular organisation,
it's not a sustainable solution to simply try to find and remove
offending directives from these units.
This commit presents a more direct solution -- a DisableControllers=
directive that forcibly disallows a controller from being enabled within
a subtree.
Otherwise, some tests may disturb others, e.g.,
NetworkdNetWorkTests.test_routing_policy_rule_port_range and
NetworkdNetWorkTests.test_routing_policy_rule.
Not sure how I missed this, but we of course need to wait for the
"systemd-run" commands to finish before we can check the output files
this generated.
It tests importing and exporting, and a few other machinectl commands.
It currently does not test pulling (i.e. http downloads), but we might
want to add that later on.
For netdev, config files are loaded twice, and the first time,
only Match and NetDev setions are read. So, the test given by
the previous commit covers only the second loading.
This adds another test that also covers the first loading.
systemd only uses functions that are as of Linux 4.15+ provided
externally to the CPU controller (currently usage_usec), so if we have a
new enough kernel, we don't need to set CGROUP_MASK_CPU for
CPUAccounting=true as the CPU controller does not need to necessarily be
enabled in this case.
Part of this patch is modelled on an earlier patch by Ryutaroh Matsumoto
(see PR #9665).
It's possible for sscanf to receive strings containing all three fields
and not matching the template at the same time. When this happens the
value of k doesn't change, which basically means that process_audit_string
tries to access memory randomly. Sometimes it works and sometimes it doesn't :-)
See also https://bugzilla.redhat.com/show_bug.cgi?id=1059314.
This removes the ability to configure which cgroup controllers to mount
together. Instead, we'll now hardcode that "cpu" and "cpuacct" are
mounted together as well as "net_cls" and "net_prio".
The concept of mounting controllers together has no future as it does
not exist to cgroupsv2. Moreover, the current logic is systematically
broken, as revealed by the discussions in #10507. Also, we surveyed Red
Hat customers and couldn't find a single user of the concept (which
isn't particularly surprising, as it is broken...)
This reduced the (already way too complex) cgroup handling for us, since
we now know whenever we make a change to a cgroup for one controller to
which other controllers it applies.
Fedora Rawhide renamed dbus.service to dbus-daemon.service - that
breaks tests which require working DBus (e.g. TEST-03-JOBS)
Excerpt from the dbus.spec:
The 'dbus' package is only retained for compatibility purposes. It will
eventually be removed and then replaced by 'Provides: dbus' in the
dbus-daemon package. It will then exclusively be used for other packages to
describe their dependency on a system and user bus. It does not pull in any
particular dbus *implementation*, nor any libraries. These should be pulled
in, if required, via explicit dependencies.
Unfortunately we can't check the 6rd attribute, because it's not
exposed in /sys or anywhere other than netlink... But at least we
can check that networkd brings up an interface that looks right.
This should help the fuzzers to discover code paths faster.
In case anyone is interested, they were generated with the following script
```
perl -aF'/[\s,]+/' -ne '
if (my ($s, $d) = ($F[0] =~ /^([^\s\.]+)\.([^\s\.]+)$/)) { $d{$s}{$d} = 1; }
END { while (my ($key, $value) = each %d) {
printf "[%s]\n%s\n", $key, join("\n", keys(%$value))
}}'
```
by passing src/network/networkd-network-gperf.gperf and
src/network/netdev/netdev-gperf.gperf to it.
