1
0
mirror of https://github.com/systemd/systemd.git synced 2024-10-30 23:21:22 +03:00
Commit Graph

2470 Commits

Author SHA1 Message Date
Yu Watanabe
d3867133f0 udev/net: introduce WakeOnLanPassword=
Closes #20913.
2021-10-07 01:50:37 +09:00
Yu Watanabe
fe2a8b3d3f test-network: add tests for Token= in [IPv6Prefix] 2021-10-07 01:24:50 +09:00
Yu Watanabe
b48b6bd3b9 test-network: replace deprecated settings 2021-10-07 01:24:50 +09:00
Yu Watanabe
e609cd0694 network: introduce Token= setting in [IPv6Prefix]
Closes #20149.
2021-10-07 01:24:50 +09:00
Yu Watanabe
a73628e647 network: rename IPv6Token= in [Network] -> Token= in [IPv6AcceptRA]
The token is only used by received prefixes through RA.
2021-10-07 01:16:36 +09:00
Iago López Galeiras
e59ccd035c core: add RestrictFileSystems= fragment parser
It takes an allow or deny list of filesystems services should have
access to.
2021-10-06 10:52:14 +02:00
Henri Chain
29500cf8c4 core: fix SIGABRT on empty exec command argv
This verifies that the argv part of any exec_command parameters that
are sent through dbus is not empty at deserialization time.

There is an additional check in service.c service_verify() that again
checks if all exec_commands are correctly populated, after the service
has been loaded, whether through dbus or otherwise.

Fixes #20933.
2021-10-06 00:16:47 +09:00
Anita Zhang
a2ae2ba2ff
Merge pull request #20892 from yuwata/test-network-preferred-lifetime-zero
network: drop and warn duplicated address settings
2021-10-04 18:40:59 -07:00
Luca Boccassi
c82dc15b9f test: create and merge code coverage reports in integration tests
If -Db_coverage=true is used at build time, then ARTIFACT_DIRECTORY/TEST-XX-FOO.coverage-info
files are created with code coverage data, and run-integration-test.sh also
merges them into ARTIFACT_DIRECTORY/merged.coverage-info since the coveralls.io
helpers accept only a single file.
2021-10-04 16:40:49 +01:00
Yu Watanabe
40971657ce test-network: add tests for duplicated address setting
Also, add more tests for PreferredLifetime=0

C.f. #20891.
2021-10-04 18:26:35 +09:00
Zbigniew Jędrzejewski-Szmek
8f5bcd615b licensing: add forgotten spdx headers
Those are all "our" files, but we forgot to add the headers,
most likely because of non-standard file extensions.
2021-10-01 14:45:00 +02:00
Yu Watanabe
1924f26d2a
Merge pull request #20777 from benzea/benzea/fix-seccomp-filter
seccomp: Always install filters for native architecture
2021-10-01 15:12:55 +09:00
Michael Biebl
528dd6a423 networkd-test: fix resolved_domain_restricted_dns
megasearch.net was meant to be a non-existing bogus domain, and had been
for a long time. But it seems some domain grabber recently registered
it, and it's an actual thing now:

  $ host megasearch.net
  megasearch.net has address 207.148.248.143

This causes the test to fail randomly.

Use search.example.com instead which yields

  $ host search.example.com
  Host search.example.com not found: 3(NXDOMAIN)

Fixes: #18357
2021-10-01 14:34:00 +09:00
Frantisek Sumsal
e72be068b1 test: use a less restrictive portable profile when running w/ sanitizers
Since f833df3 we now actually use the seccomp rules defined in portable
profiles. However, the default one is too restrictive for sanitizers, as
it blocks certain syscall required by LSan. Mitigate this by using the
'trusted' profile when running TEST-29-PORTABLE under sanitizers.
2021-09-30 14:23:27 +02:00
Frantisek Sumsal
1c3f490f23 test: shellcheck-ify test scripts 2021-09-30 12:12:00 +02:00
Frantisek Sumsal
91c64ad620 test: drop an unused file 2021-09-30 12:11:27 +02:00
Benjamin Berg
e975a94559 test: Add failing/non-failing syscall filter test setting architecture
This adds a high level test verifying that syscall filtering in
combination with a simple architecture filter for the "native"
architecture works fine.
2021-09-30 08:06:25 +09:00
Yu Watanabe
78fac35811
Merge pull request #20823 from mrc0mmand/test-storage-iscsi
test: iSCSI-related udev tests
2021-09-29 23:17:43 +09:00
Anita Zhang
14bb729534 basic/unit-file: don't filter out names starting with dot
Fixes #20859
Reverts 3796bdc55d
2021-09-29 14:42:13 +02:00
Frantisek Sumsal
9cb41c3326 test: iSCSI-related udev tests 2021-09-29 10:05:21 +02:00
Frantisek Sumsal
aedb60043a test: save journals of only failing test cases in TEST-64 2021-09-29 10:05:21 +02:00
Frantisek Sumsal
7074c047c1 test: explicitly report if we fail to install a file into the image 2021-09-29 10:05:21 +02:00
Frantisek Sumsal
f4e64b6e34 test: add an iSCSI helper 2021-09-29 10:05:21 +02:00
Frantisek Sumsal
5f25c30ee8 test: sort the features alphabetically 2021-09-29 10:05:21 +02:00
Lennart Poettering
2c424ee0aa tests: extend TEST-50-DISSECT to look for verity signatures 2021-09-28 17:06:45 +02:00
Albert Brox
5918a93355 core: implement RuntimeMaxDeltaSec directive 2021-09-28 16:46:20 +02:00
alexlzhu
8c35c10d20 core: Add ExecSearchPath parameter to specify the directory relative to which binaries executed by Exec*= should be found
Currently there does not exist a way to specify a path relative to which
all binaries executed by Exec should be found. The only way is to
specify the absolute path.

This change implements the functionality to specify a path relative to which
binaries executed by Exec*= can be found.

Closes #6308
2021-09-28 14:52:27 +01:00
Yu Watanabe
94832e6e55 test: also rename {test,fuzz}-lldp.c 2021-09-27 23:55:11 +09:00
Lennart Poettering
49e9218ae3
Merge pull request #20768 from pdmorrow/shutdown_cgroup_ctrl
cgroups: apply StartupAllowedCPUs= and StartupAllowedMemoryNodes= during shutdown
2021-09-27 13:44:54 +02:00
Peter Morrow
1b75e5f343 fuzz: list directives in alphabetical order 2021-09-24 14:43:01 +01:00
Anita Zhang
2b33e41aaf link: connect 5 more properties to ethtool features
Sets up the follow properties and their corresponding ethtool feature:
- ReceiveVLANCTAGHardwareAcceleration == rx-vlan-hw-parse (or rxvlan)
- TransmitVLANCTAGHardwareAcceleration == tx-vlan-hw-insert (or txvlan)
- ReceiveVLANCTAGFilter == rx-vlan-filter
- TransmitVLANSTAGHardwareAcceleration == tx-vlan-stag-hw-insert
- NTupleFilter == rx-ntuple-filter (or ntuple)
2021-09-24 20:40:23 +09:00
Luca Boccassi
3a18c0e5f2
Merge pull request #20806 from fbuihuu/test-make-debug-tools-optional
test: make the installation of the debug tools optional in the image
2021-09-22 12:01:59 +01:00
Franck Bui
9fbb13acbc test: wc is needed by test/units/testsuite-50.sh 2021-09-22 09:04:52 +02:00
Franck Bui
f7d47cc862 test: make the installation of the debug tools optional in the image 2021-09-22 08:37:34 +02:00
Luca Boccassi
71a80dcc0b
Merge pull request #20690 from DaanDeMeyer/oomd-user-services
oom: Support for user services
2021-09-21 15:39:48 +01:00
Daan De Meyer
064a5c1438 oom: Add support for user unit ManagedOOM property updates
Compared to PID1 where systemd-oomd has to be the client to PID1
because PID1 is a more privileged process than systemd-oomd, systemd-oomd
is the more privileged process compared to a user manager so we have
user managers be the client whereas systemd-oomd is now the server.

The same varlink protocol is used between user managers and systemd-oomd
to deliver ManagedOOM property updates. systemd-oomd now sets up a varlink
server that user managers connect to to send ManagedOOM property updates.

We also add extra validation to make sure that non-root senders don't
send updates for cgroups they don't own.

The integration test was extended to repeat the chill/bloat test using
a user manager instead of PID1.
2021-09-20 13:53:11 +01:00
Frantisek Sumsal
26a5ae8e95 test: dump the test output to console as well for easier debugging 2021-09-19 13:46:55 +02:00
Frantisek Sumsal
41187e716d test: regenerate module dependencies after installing all modules 2021-09-19 13:46:55 +02:00
Frantisek Sumsal
abfa9a0e7d test: fix error handling with set -e
Unfortunately, when checking the return/exit code using &&, ||, if,
while, etc., `set -e` is disabled for all nested functions as well,
which leads to incorrectly ignored errors, *sigh*.

Example:

```
set -eu
set -o pipefail

task() {
    echo "task init"
    echo "this should fail"
    false
    nonexistentcommand
    echo "task end (we shouldn't be here)"
}

if ! task; then
    echo >&2 "The task failed"
    exit 1
else
    echo "The task passed"
fi
```

```
$ bash test.sh
task init
this should fail
test.sh: line 10: nonexistentcommand: command not found
task end (we shouldn't be here)
The task passed
$ echo $?
0
```

But without the `if`, everything works "as expected":

```
set -eu
set -o pipefail

task() {
    echo "task init"
    echo "this should fail"
    false
    nonexistentcommand
    echo "task end (we shouldn't be here)"
}

task
```

```
$ bash test.sh
task init
this should fail
$ echo $?
1
```

Wonderful.
2021-09-19 13:46:55 +02:00
Frantisek Sumsal
b1471e559e test: btrfs-related udev tests 2021-09-19 13:46:49 +02:00
Frantisek Sumsal
677acd2101 test: check symlinks under /dev/mapper by default as well 2021-09-18 20:44:34 +02:00
Frantisek Sumsal
de11005c1a test: use subshells a bit more
to tweak shell flags in specific functions without affecting the rest of
the script.
2021-09-18 20:44:34 +02:00
Frantisek Sumsal
b216501a8e test: cleanup the intermediate disk images 2021-09-18 20:44:34 +02:00
Frantisek Sumsal
70ec7736f8 test: tidy up the feature handling 2021-09-18 20:44:34 +02:00
Frantisek Sumsal
babe935563 test: add a btrfs helper 2021-09-18 20:44:34 +02:00
Frantisek Sumsal
dbc04797c1 test: lower the number of iterations in LVM tests
as some of the operations take a really long time.
2021-09-18 20:44:34 +02:00
Frantisek Sumsal
776fc8c385 test: unify handling of supported "features" 2021-09-17 17:45:39 +02:00
Luca Boccassi
1dcd91ad11
Merge pull request #20758 from yuwata/test-17-udev-cleanups
test: several cleanups for TEST-17-UDEV
2021-09-16 09:45:10 +01:00
Yu Watanabe
2d253d7206
Merge pull request #20721 from mrc0mmand/test-storage-lvm
test: udev/LVM storage tests
2021-09-16 12:39:24 +09:00
Yu Watanabe
a871f3bb54 test: drop unnecessary sleep and 'udevadm settle'
After the triggered events are processed, all symlinks which store
watch handles should be valid.
2021-09-16 06:55:11 +09:00
Yu Watanabe
a9d8bebacd test: use --settle option for udevadm trigger 2021-09-16 06:55:11 +09:00
Yu Watanabe
e70f57796d test: use --settle option for udevadm trigger
Then, we can drop the loops.
This also drops unnecessary `udevadm control --reload`.
2021-09-16 06:55:04 +09:00
Yu Watanabe
9228ecaf8c test: use /dev/null instead of the loop back network interface
It should faster to be processed. So, we can shorten the timeout.
Also, this makes the test use `udevadm trigger`.
2021-09-16 06:46:19 +09:00
Yu Watanabe
26146d82db test: use --settle option for udevadm trigger 2021-09-16 06:39:48 +09:00
Frantisek Sumsal
0203b2e4be test: basic LVM tests 2021-09-15 20:17:50 +02:00
Luca Boccassi
e236711fd7 test: document autopkgtest CI infrastructure 2021-09-15 14:58:38 +02:00
Peter Morrow
88a56dc8d6 fuzz: add StartupAllowedCPUs and StartupAllowedMemoryNodes to directives
Signed-off-by: Peter Morrow <pemorrow@linux.microsoft.com>
2021-09-15 09:52:12 +01:00
Frantisek Sumsal
6df0259732 test: check if all paths passed to helper_check_device_symlinks() are valid 2021-09-14 19:15:13 +02:00
Frantisek Sumsal
a0560b93ea test: make helper_check_device_symlinks() less verbose 2021-09-14 19:15:13 +02:00
Frantisek Sumsal
df72bd45f3 test: handle arbitrary paths in helper_check_device_symlinks() 2021-09-14 19:15:13 +02:00
Frantisek Sumsal
4999f3688f test: add an LVM helper 2021-09-14 19:15:13 +02:00
Frantisek Sumsal
e3d9a2e74f test: install dmevent service and socket 2021-09-14 19:15:13 +02:00
Frantisek Sumsal
bac05644a7 test: specify the rootfs by label
otherwise the boot might fail when attaching multiple SATA devices to
the VM.
2021-09-14 19:15:13 +02:00
Yu Watanabe
e47bcb7d0b network: do not use RouteTable= in [DHCPv4] section for DHCPv6 routes
We forgot to add RouteTable= in [DHCPv6] section when we split [DHCP]
into two.
2021-09-14 17:51:19 +09:00
Yu Watanabe
8be102f8b8 test-network: kernel treats the lowest IP address as unicast since 5.14
See kernel's 94c821c74bf5fe0c25e09df5334a16f98608db90.
2021-09-13 21:41:16 +02:00
Frantisek Sumsal
35497c7c33 test: coverage for #19946 2021-09-12 18:55:58 +02:00
Frantisek Sumsal
d430e451c9 test: make sure all symlinks under /dev/disk/ are valid 2021-09-12 18:52:56 +02:00
Frantisek Sumsal
d0cbad16c5 test: add a basic multipath test + failover 2021-09-12 18:38:42 +02:00
Frantisek Sumsal
9e7c3bd48c test: add a multipath helper 2021-09-12 18:38:42 +02:00
Frantisek Sumsal
e205ae0d9c test: use one call to install necessary modules 2021-09-12 18:38:42 +02:00
Anita Zhang
7417f06187 test: tweak parameters for TEST-55-OOMD
Pressure remains > 1% after a kill for some time and could cause
testchill to get killed. Bumping the limit from 1% to 20% should help
with this.

Fixes #20118
2021-09-12 19:16:18 +09:00
Frantisek Sumsal
39e1753673 test: rename dracut_install to image_install
The `dracut_install` is a misnomer, since the systemd integration test
suite is based on the original dracut's test suite, and not all the
references to dracut has been edited out. Let's fix that.
2021-09-08 22:41:20 +09:00
Luca Boccassi
7728f6aa81 test: rename TEST-63-ANALYZE to solve conflict
Two PRs adding TEST-63-* were merged more or less at the
same time, and we missed the conflict.
2021-09-08 10:12:03 +09:00
Frantisek Sumsal
f2204ac27d test: udev storage tests 2021-09-08 04:31:24 +09:00
Kyle Laker
c1e6f21556
systemd-analyze: use config value in RestrictNamespaces id (#20645)
For most fields, the text shown by `.id` is the value that should be set
in the unit file; however, for RestrictNamespaces, it is not. Changing
this to show the actual text makes it more clear to a user what the
actual change that needs to be made to the unit file is.
2021-09-06 17:33:16 +02:00
Yu Watanabe
05403363ca tree-wide: fix typo 2021-09-05 09:09:13 +02:00
Yu Watanabe
b06469a66c test-network: add tests for KeepMaster= 2021-09-04 08:15:30 +09:00
Yu Watanabe
57aef9d737 network: introduce KeepMaster= setting
Closes #20624.
2021-09-04 00:23:20 +09:00
Franck Bui
ce380c2f09 test: make sure to include all haveged unit files
Recent versions of haveged relies on haveged-switch-root.service too.
2021-09-01 20:40:55 +01:00
Maanya Goenka
4b6221194d test: add integration tests for systemd-analyze 2021-08-31 08:02:08 -07:00
Tom Yan
c918b70a4d network: default LinkLocalAddresssing= to no for link stacked with a passthru mode MACVLAN/MACVTAP
For similar reason to the case of a bridge slave: we don't want any IP configuration for it.
2021-08-26 06:11:41 +09:00
Yu Watanabe
d11ff2a4f1
Merge pull request #20515 from yuwata/pid1-mount-apivfs-no
pid1: make find_executable() work with MountAPIVFS=no
2021-08-26 06:05:03 +09:00
Yu Watanabe
42867dfeef test-execute: add a testcase for MountAPIVFS=no 2021-08-26 02:54:37 +09:00
Daan De Meyer
9727f2427f core: Check unit start rate limiting earlier
Fixes #17433. Currently, if any of the validations we do before we
check start rate limiting fail, we can still enter a busy loop as
no rate limiting gets applied. A common occurence of this scenario
is path units triggering a service that fails a condition check.

To fix the issue, we simply move up start rate limiting checks to
be the first thing we do when starting a unit. To achieve this,
we add a new method to the unit vtable and implement it for the
relevant unit types so that we can do the start rate limit checks
earlier on.
2021-08-25 13:26:14 +01:00
Yu Watanabe
ab47f96041 test-network: add more testcases for *Allow/DenyList= 2021-08-23 20:37:36 +09:00
Yu Watanabe
180c5116b3 test-network: add testcases that gateway address is IPv6 link local 2021-08-22 15:35:22 +09:00
Yu Watanabe
0e0e57a484
Merge pull request #20484 from DaanDeMeyer/rx-gro-hw
Add rx-gro-hw support
2021-08-21 06:43:49 +09:00
Frantisek Sumsal
faca95e115 test: make sure test timeout has a higher priority than a pass
otherwise we might mark tests where something crashes during shutdown as
successful, as happened in one of the recent TEST-01-BASIC runs:

```
testsuite-01.service: About to execute rm -f /failed /testok
testsuite-01.service: Forked rm as 606
testsuite-01.service: Executing: rm -f /failed /testoktestsuite-01.service: Changed dead -> start-pre
         Starting TEST-01-BASIC...
...
Child 606 (rm) died (code=exited, status=0/SUCCESS)
testsuite-01.service: Child 606 belongs to testsuite-01.service.
testsuite-01.service: Control process exited, code=exited, status=0/SUCCESS (success)
testsuite-01.service: Got final SIGCHLD for state start-pre.
testsuite-01.service: Passing 0 fds to service
testsuite-01.service: About to execute sh -e -x -c "systemctl --state=failed --no-legend --no-pager >/failed ; systemctl daemon-reload ; echo OK >/testok"
testsuite-01.service: Forked sh as 607
testsuite-01.service: Changed start-pre -> start
testsuite-01.service: Executing: sh -e -x -c "systemctl --state=failed --no-legend --no-pager >/failed ; systemctl daemon-reload ; echo OK >/testok"systemd-journald.service: Got notification message from PID 560 (FDSTORE=1)S
...
testsuite-01.service: Child 607 belongs to testsuite-01.service.
testsuite-01.service: Main process exited, code=exited, status=0/SUCCESS (success)
testsuite-01.service: Deactivated successfully.
testsuite-01.service: Service will not restart (restart setting)
testsuite-01.service: Changed start -> dead
testsuite-01.service: Job 207 testsuite-01.service/start finished, result=done
[  OK  ] Finished TEST-01-BASIC.
...
end.service: About to execute /bin/sh -x -c "systemctl poweroff --no-block"
end.service: Forked /bin/sh as 623end.service: Executing: /bin/sh -x -c "systemctl poweroff --no-block"
...
end.service: Job 213 end.service/start finished, result=canceled
Caught <SEGV>, dumped core as pid 624.
Freezing execution.

CentOS Linux 8
Kernel 4.18.0-305.12.1.el8_4.x86_64 on an x86_64 (ttyS0)

H login: qemu-kvm: terminating on signal 15 from pid 80134 (timeout)
E: Test timed out after 600s
Spawning getter /root/systemd/build/journalctl -o export -D /var/tmp/systemd-test.0UYjAS/root/var/log/journal/ca6031c2491543fe8286c748258df8d1...
Finishing after writing 15125 entries
Spawning getter /root/systemd/build/journalctl -o export -D /var/tmp/systemd-test.0UYjAS/root/var/log/journal/remote...
Finishing after writing 0 entries
-rw-r-----. 1 root root 25165824 Aug 20 12:26 /var/tmp/systemd-test.0UYjAS/system.journal
TEST-01-BASIC RUN: Basic systemd setup [OK]
...
2021-08-21 06:40:25 +09:00
Daan De Meyer
8f821d90bf link: Add support for rx-gro-hw nic feature 2021-08-20 09:15:02 +01:00
Yu Watanabe
7d93b92f31 network: add UseMTU= in [IPv6AcceptRA]
Note that kernel has similar knob in sysctl: accept_ra_mtu.

Closes #18868.
2021-08-20 17:14:08 +09:00
Lennart Poettering
dc131951b5
Merge pull request #18385 from kinvolk/mauricio/restrict-network-interfaces
Add RestrictNetworkInterfaces=
2021-08-20 03:41:11 +02:00
Daan De Meyer
6c35ea5ef0 udev: Add support for configuring nic coalescing settings
These are configured via the corresponding ethtool ioctl.
2021-08-20 00:32:28 +01:00
Luca Boccassi
468d9bc901
Merge pull request #20436 from fbuihuu/add-no-build-support-on-opensuse
Add no build support on opensuse
2021-08-19 21:11:31 +01:00
Mauricio Vásquez
00d6fceeb3 tests: add integration test for RestrictNetworkInterfaces=
Signed-off-by: Mauricio Vásquez <mauricio@kinvolk.io>
2021-08-19 07:25:01 -05:00
Mauricio Vásquez
4f0c25c794 core: add load fragment implementation for RestrictNetworkInterfaces=
Signed-off-by: Mauricio Vásquez <mauricio@kinvolk.io>
2021-08-18 15:55:53 -05:00
Franck Bui
d93857ae09 test: if haveged is part of initrd it needs to be installed in the image too
Otherwise haveged won't survive when switching root from initrd to host making
haveged service in host fail.
2021-08-18 17:37:55 +02:00
Franck Bui
138f761904 test: adapt install_pam() for openSUSE
On openSUSE the default pam config files are shipped in /usr/etc/pam.d.

Also empty password is not allowed by default.
2021-08-18 17:37:55 +02:00
Franck Bui
d8167c5212 Revert "test: adapt TEST-13-NSPAWN-SMOKE for SUSE"
This reverts commit 491b736a49.

If the _static_ linked version of busybox is installed, openSUSE doesn't need
any specific code.

A following commit will make sure that the static linked version of busybox is
installed in the busybox container.
2021-08-18 17:37:55 +02:00
Franck Bui
5231ec50e9 test: on openSUSE the static linked version of busybox is named "busybox-static" 2021-08-18 17:37:55 +02:00
Franck Bui
6c8ba239d5 TEST-13-*: in busybox container sleep(1) takes a delay in seconds only 2021-08-18 17:37:55 +02:00
Franck Bui
dfd73ccb14 test: don't try to find BUILD_DIR when NO_BUILD is set
NO_BUILD=1 indicates that we want to test systemd from the local system and not
the one from the local build. Hence there should be no need to call
find-build-dir.sh when NO_BUID=1 especially since it's likely that the script
will fail to find a local build in this case.

This avoids find-build-dir.sh to emit 'Specify build directory with $BUILD_DIR'
message when NO_BUILD=1 and no local build can be found.

This introduces a behavior change though: systemd from the local system will
always be preferred when NO_BUILD=1 even if a local build can be found.
2021-08-18 17:37:55 +02:00
Franck Bui
abf062674e test: add support for NO_BUILD=1 on openSUSE 2021-08-18 17:37:24 +02:00
Yu Watanabe
c4f7a34756 network: do not assume the highest priority when Priority= is unspecified
Previously, when Priority= is unspecified, networkd configured the rule with
the highest (=0) priority. This commit makes networkd distinguish the case
the setting is unspecified and one explicitly specified as Priority=0.

Note.
1) If the priority is unspecified on configure, then kernel dynamically picks
   a priority for the rule.
2) The new behavior is consistent with 'ip rule' command.

Replaces #15606.
2021-08-18 15:57:45 +09:00
Luca Boccassi
9a4b883be2 extension-release: search for other files if expected name not found
In some cases image names are unpredictable - some orchestrators/deployment
tools like to mangle names to suit their internal formats. In these cases,
the requirement that the extension-release file matches exactly the image
name where it's contained cannot work.

Allow falling back to loading the first regular file which name starts with
'extension-release' located in /usr/lib/extension-release.d/ and tagged with
a user.extension-release.strict extended attribute with a true value, if the
one with the expected name cannot be found.
2021-08-17 13:04:44 +01:00
Yu Watanabe
aa10fa8d3a
Merge pull request #20442 from yuwata/network-can-introduce-many-settings
network: introduce several CAN interface related settings
2021-08-17 02:40:32 +09:00
Maxime de Roucy
d419ef0243 network: add address label on dhcpv4
Fixes: #13967
2021-08-17 02:40:18 +09:00
Yu Watanabe
b164b570b4 network: can: allow to specify bit-timing with TimeQuantaNSec= and friends
Closes #19424 and #20435.
2021-08-16 22:30:38 +09:00
Yu Watanabe
6dd84c9e86 network: can: add missing control modes 2021-08-16 18:42:48 +09:00
Yu Watanabe
1d0c9bd753 test-network: add a testcase for recreating stacked netdevs 2021-08-12 15:03:50 +09:00
Yu Watanabe
af0d4e6ef5 test-network: test static lease outside of pool 2021-08-11 16:43:26 +09:00
Michael Biebl
d84f316cce test: fix TEST-10-ISSUE-2467
Depending on the timing, socat will either get ECONNREFUSED oder EPIPE
from systemd. The latter will cause it to exit(1) and subsequently the
test to fail.
We are not actually interested in the return code of socat though. The
test is supposed to check, whether rate limiting of a socket unit works
properly.

So ignore any failures from the socat invocation and instead check, if
test10.socket is in state "failed" with result "trigger-limit-hit" after
it has been triggered.

TriggerLimitIntervalSec= by default is set to 2s. A "sleep 10" should
give systemd enough time even on slower machines, to reach the trigger
limit.

For better readability, break the test into separate ExecStart lines.

Fixes #19154.
2021-08-10 23:24:35 +09:00
Yu Watanabe
3bad5487e9 test-network: add a testcase to enter unmanaged state on reconfiguring 2021-08-10 14:44:47 +09:00
Frantisek Sumsal
46db176f8c test: use a correct kernel binary on ppc64le machines
Ubuntu calls the kernel binary as `vmlinux-*`, but RHEL/CentOS uses
the "standard" `vmlinuz-` prefix.

Follow-up to eaa602cb14.
2021-08-09 22:12:18 +01:00
Zbigniew Jędrzejewski-Szmek
4f11590f9b
Merge pull request #20399 from mrc0mmand/test-tweaks
test: yet another fix for ASan detection
2021-08-09 10:06:23 +02:00
Frantisek Sumsal
6476676b84 test: skip a harmless ldd error when installing test libs
Skip a harmless error when running the tests on a system with a significantly
older systemd version (ldd tries to resolve the unprefixed RPATH for libsystemd.so.0,
which is in this case older than the already installed libsystemd.so.0 in $initdir).
The issue is triggered by installing test dependencies in install_missing_libraries().

Spotted on CentOS 8.

```
$ ldd /var/tmp/systemd-test.nZO11F/root/lib/systemd/tests/test-sd-device-thread
/var/tmp/systemd-test.nZO11F/root/lib/systemd/tests/test-sd-device-thread: /lib64/libsystemd.so.0: version `LIBSYSTEMD_240' not found (required by /var/tmp/systemd-test.nZO11F/root/lib/systemd/tests/test-sd-device-thread)
        linux-vdso64.so.1 (0x00007fffb79d0000)
        libclang_rt.asan-powerpc64le.so => /usr/lib64/clang/11.0.0/lib/linux/libclang_rt.asan-powerpc64le.so (0x00007fffb6ef0000)
        libsystemd.so.0 => /lib64/libsystemd.so.0 (0x00007fffb6d20000)
        libpthread.so.0 => /lib64/libpthread.so.0 (0x00007fffb6cd0000)
        libc.so.6 => /lib64/libc.so.6 (0x00007fffb6ab0000)

$ LD_LIBRARY_PATH=/var/tmp/systemd-test.nZO11F/root/lib64/ ldd /var/tmp/systemd-test.nZO11F/root/lib/systemd/tests/test-sd-device-thread
        linux-vdso64.so.1 (0x00007fffaba80000)
        libclang_rt.asan-powerpc64le.so => /usr/lib64/clang/11.0.0/lib/linux/libclang_rt.asan-powerpc64le.so (0x00007fffaafa0000)
        libsystemd.so.0 => /var/tmp/systemd-test.nZO11F/root/lib64/libsystemd.so.0 (0x00007fffaa5f0000)
        libpthread.so.0 => /var/tmp/systemd-test.nZO11F/root/lib64/libpthread.so.0 (0x00007fffaa5a0000)
        libc.so.6 => /var/tmp/systemd-test.nZO11F/root/lib64/libc.so.6 (0x00007fffaa380000)

```
2021-08-09 10:04:40 +02:00
Frantisek Sumsal
25e399948b test: make busybox TEST-13-only dependency
to make running other tests a bit easier on distributions which don't have
busybox in repositories (CentOS).
2021-08-08 19:43:23 +02:00
Frantisek Sumsal
2d50e3c7bc test: yet another fix for ASan detection
This time for ppc64le:

```
100737c4:	5d 55 f9 4b 	bl      10008d20 <00000024.plt_call.__asan_report_load8>
100737f4:	4d 55 f9 4b 	bl      10008d40 <00000024.plt_call.__asan_handle_no_return>
10073884:	5d 50 f9 4b 	bl      100088e0 <00000024.plt_call.__asan_init>
1007388c:	75 54 f9 4b 	bl      10008d00 <00000024.plt_call.__asan_version_mismatch_check_v8>
100738a0:	41 36 f9 4b 	bl      10006ee0 <00000024.plt_call.__asan_register_globals>
100738f0:	71 4c f9 4b 	bl      10008560 <00000024.plt_call.__asan_unregister_globals>
```
2021-08-08 19:33:10 +02:00
Frantisek Sumsal
84817bfdb3 test: attempt to install only kernel modules for each subsystem
When `linux-headers` is installed on Arch Linux, it stores the module
source tree in the kernel module directory, which is then picked up by
`find` and we get a lot of harmless but annoying errors:

```
...
modprobe: FATAL: Module Kconfig.iosched not found in directory /lib/modules/5.13.7-arch1-1
modprobe: FATAL: Module Kconfig not found in directory /lib/modules/5.13.7-arch1-1
modprobe: FATAL: Module Kconfig not found in directory /lib/modules/5.13.7-arch1-1
modprobe: FATAL: Module dm-mpath.h not found in directory /lib/modules/5.13.7-arch1-1
modprobe: FATAL: Module dm-bio-prison-v2.h not found in directory /lib/modules/5.13.7-arch1-1
modprobe: FATAL: Module raid0.h not found in directory /lib/modules/5.13.7-arch1-1
...
```

Let's fix this by trying to install only kernel modules (*.ko files with
an optional compression).
2021-08-08 16:06:41 +01:00
Luca Boccassi
32a2ee2bb4
Merge pull request #20375 from yuwata/network-bridge-vlan-issue-20373
network: fix bridge and openvswitch issues
2021-08-05 11:18:03 +01:00
Yu Watanabe
801cf85935
Merge pull request #20377 from yuwata/network-bridge-fdb-20305
network: always append new bridge FDB entries
2021-08-05 02:44:24 +09:00
Yu Watanabe
988b0660aa test-network: add a test case for issue #20373 2021-08-04 23:22:20 +09:00
Yu Watanabe
4a906586f8 test-network: add a testcase for UplinkInterface= in [IPv6SendRA] 2021-08-04 22:21:00 +09:00
Yu Watanabe
63295b42ae network: introduce UplinkInterface= in [IPv6SendRA] 2021-08-04 22:20:56 +09:00
Yu Watanabe
cca07d910a test-network: add a testcase for vxlan with IPv6 local address 2021-08-04 18:33:23 +09:00
Frantisek Sumsal
8bf79f0553 test: correctly detect ASan on s390x
s390x uses BRAS(L) instead of CALL(Q), e.g.:

```
 1009528:	c0 e5 ff ff f8 a0 	brasl	%r14,1008668 <__asan_report_load1@plt>
 10095f0:	c0 e5 ff ff ea ec 	brasl	%r14,1006bc8 <__asan_stack_malloc_4@plt>
 10097f8:	c0 e5 ff ff f8 f8 	brasl	%r14,10089e8 <__asan_report_load8@plt>
```

x86_64 for reference:

```
  4011f3:	e8 48 fe ff ff       	callq  401040 <__asan_report_load1@plt>
  401227:	e8 24 fe ff ff       	callq  401050 <__asan_report_load8@plt>
  401251:	e8 da fd ff ff       	callq  401030 <__asan_init@plt>
```
2021-07-29 23:59:08 +01:00
Zbigniew Jędrzejewski-Szmek
fce9abb227 meson: use a/b instead of join_paths(a,b)
It is nicer and shorter.
2021-07-27 19:32:35 +02:00
Zbigniew Jędrzejewski-Szmek
0b5f1bd49e meson: use maps for udev program paths 2021-07-27 18:58:42 +02:00
Frantisek Sumsal
f571d9d5f0 test: make sure we don't access an unbound variable
```
testsuite-60.sh[759]: + grep -q '(mount-monitor-dispatch) entered rate limit'
testsuite-60.sh[571]: + sleep 5
testsuite-60.sh[761]: ++ date -u +%s
testsuite-60.sh[571]: + [[ 1627037066 -le 1627037061 ]]
testsuite-60.sh[571]: /usr/lib/systemd/tests/testdata/units/testsuite-60.sh: line 41: entered_rl: unbound variable
```
2021-07-23 16:20:42 +01:00
Luca Boccassi
942a69e3e3
Merge pull request #20225 from mrc0mmand/selinux-nspawn-sanity
test: add a sanity test for #19976
2021-07-15 22:21:11 +01:00
Yu Watanabe
4df8a8e809 test-network: add a testcase for semi-static route with Gateway=_dhcp4 when UseGateway=no 2021-07-15 04:17:14 +09:00
Yu Watanabe
87e62d32b4 test-network: adjust testcases to follow the previous changes 2021-07-15 04:17:14 +09:00
Frantisek Sumsal
dc916a167e test: add a sanity test for systemd/systemd#19976
which should ensure we can use nspawn containers with SELinux context set via
the `--selinux-context=` and `--selinux-apifs-context=` options.
2021-07-14 20:29:37 +02:00
Frantisek Sumsal
eca81d0792 test: don't explicitly disable SELinux
We don't install any policies by default, so it shouldn't interfere with
anything (and it would save me some headache).
2021-07-14 20:27:23 +02:00
Yu Watanabe
bedc15706e
Merge pull request #20120 from yuwata/test-oomd-debug
test: enable debug logging of oomd
2021-07-13 23:30:16 +09:00
Yu Watanabe
1d26d4cd14 test-network: add a testcase for ManageForeignRoutes=no 2021-07-12 20:59:42 +09:00
Frantisek Sumsal
7e8cfa4bb6 test: make the strace check a bit more clever
We still sometimes try to grep an empty strace log because strace is not
yet properly initialized. Let's make the check a bit clever and wait
until strace is attached to PID 1 by checking the `TracerPid` field in
`/proc/1/status`.
2021-07-09 15:26:07 +02:00
Frantisek Sumsal
e68e473ba2 test: strip binaries by default
Since 23f8e01 we always kept binaries unstripped, since $STRIP_BINARIES
is unset by default.
2021-07-09 14:59:11 +02:00
Frantisek Sumsal
7fb4ee7aa5 test: bump the test timeout to give ldconfig.service enough time to finish
Sometimes the ldconfig.service might take a bit longer to finish,
causing spurious test timeouts:

```
[ 1025.858923] systemd[24]: ldconfig.service: Executing: /sbin/ldconfig -X
...
[ 1043.883620] systemd[1]: ldconfig.service: Main process exited, code=exited, status=0/SUCCESS (success)
...
Trying to halt container. Send SIGTERM again to trigger immediate
termination.
Container TEST-52-HONORFIRSTSHUTDOWN terminated by signal KILL.
E: Test timed out after 20s
```
2021-07-09 14:47:29 +02:00
Lennart Poettering
c69620ef7f test: extend credentials test to cover encrypted credentials 2021-07-08 09:31:14 +02:00
Lennart Poettering
43144be4a1 pid1: add support for encrypted credentials 2021-07-08 09:30:56 +02:00
Frantisek Sumsal
23f8e01912 test: unify handling of boolean values
Let's unify handling of the boolean values throughout the test-functions
code, since we use 0/1, true/false, and yes/no almost randomly in many
places, so picking the right values during CI configuration can be a real
pain.
2021-07-04 21:12:39 +01:00
Dan Streetman
d3b8e38409 test: optionally, only save test journal for failing tests
Saving the journal for passing tests creates a huge amount of unneeded
data stored for each full test run. Add a env var to allow saving the
journal only for failed tests.
2021-07-03 10:48:31 +01:00
Yu Watanabe
7d5f4f1d4f test: also show the memory pressure of testchill.service
The memory pressure should be small, but let's log the value in
the journal of the test environment.
2021-07-03 05:05:36 +09:00
Yu Watanabe
fa7ff467b6 test: check memory pressure more frequently 2021-07-03 05:05:33 +09:00
Yu Watanabe
b7674ab206 test: enable debug logging of systemd-oomd 2021-07-03 05:04:59 +09:00
Lennart Poettering
4b6bc397b4 Revert "rules: ubi mtd - add link to named partitions"
This reverts commit 7f1e9c806b, PR #6750

Apparently the rule change never worked, see #20071.

Fixes #20071
2021-07-01 16:50:15 +02:00
Zbigniew Jędrzejewski-Szmek
807aa0b64b
Merge pull request #19980 from yuwata/sd-ipv4acd-filter-all-hwaddr
network: IPv4LL and ACD fixes
2021-06-30 22:22:47 +02:00
Zbigniew Jędrzejewski-Szmek
abaf5edd08 Revert "Introduce ExitType"
This reverts commit cb0e818f7c.

After this was merged, some design and implementation issues were discovered,
see the discussion in #18782 and #19385. They certainly can be fixed, but so
far nobody has stepped up, and we're nearing a release. Hopefully, this feature
can be merged again after a rework.

Fixes #19345.
2021-06-30 21:56:47 +02:00
Yu Watanabe
4492443124 test-network: update tests for ipv4acd 2021-07-01 00:49:03 +09:00
Yu Watanabe
33989b967e udev-test: add a testcase for string_escape=replace 2021-06-27 00:02:24 +09:00
Zbigniew Jędrzejewski-Szmek
07b1d28a16
Merge pull request #19883 from ddstreet/activation-policy-down-required-for-online-no
Activation policy down required for online no
2021-06-25 09:26:25 +02:00
Zbigniew Jędrzejewski-Szmek
a2e2917162
Merge pull request #19941 from bluca/condition_os_release
core: add ConditionOSRelease= directive
2021-06-25 09:22:50 +02:00
Frantisek Sumsal
eb70d9450c test: correctly mask supporting services in tests, take #2
Due to a little misunderstanding the last patch doesn't work as
expected, since test_create_image() is called only for the first image
(usually TEST-01-BASIC), and all subsequent images are then (possibly)
modified with test_append_files().

Follow-up to 179ca4d2b1.
2021-06-24 16:26:19 +01:00
Luca Boccassi
1e26f8a60b core: add ConditionOSRelease= directive 2021-06-24 13:57:48 +01:00
Dan Streetman
61764fe4e2 test: add test to verify RequiredForOnline= setting with ActivationPolicy=
Add test to verify that the RequiredForOnline= value is correct based on
the configuration of ActivationPolicy=
2021-06-24 08:33:29 -04:00
Yu Watanabe
b905f3bbba
Merge pull request #19990 from mrc0mmand/test-tweaks
A couple of stability-related test tweaks
2021-06-23 01:45:04 +09:00
Hristo Venev
2e8a32afbc networkd: Permit all-zero RoutingPolicyRule prefixes
For example this `From` address range is no longer ignored:

    [RoutingPolicyRule]
    From=0.0.0.0/8
2021-06-22 20:19:12 +09:00
Frantisek Sumsal
179ca4d2b1 test: correctly mask supporting services in tests
It turns out the "supporting services" were run in _all_ tests if
TEST-01-BASIC was run as the first test (which is usually the case),
since with the original condition in test_create_image() we would skip
the masking and then propagate the change to the default image used by
other tests. This has been causing multiple bogus test timeouts
(especially when the hwdb was being rebuilt in tests with short
timeouts, like TEST-52-HONORFIRSTSHUTDOWN).

Let's "fix" this by making the call to mask_supporting_services()
uncoditional and override the test_create_image() function in
TEST-01-BASIC to avoid the masking in this single case.
2021-06-22 12:34:31 +02:00
Frantisek Sumsal
907300c3c3 test: ignore the "freezing" & "thawing" intermediate states
When checking the unit state after `systemctl freeze|thaw` we can be
"too fast" and get the intermediate state (freezing/thawing) which we're
not interested in. Let's wait a bit and try to get the state again in
such cases to avoid unnecessary flakiness.

```
[   29.390203] testsuite-38.sh[218]: + state=thawing
[   29.390203] testsuite-38.sh[218]: + '[' thawing = running ']'
[   29.390203] testsuite-38.sh[218]: + echo 'error: unexpected freezer state, expected: running, actual: thawing'
[   29.390203] testsuite-38.sh[218]: error: unexpected freezer state, expected: running, actual: thawing
[   29.390203] testsuite-38.sh[218]: + exit 1
```
2021-06-22 12:12:34 +02:00
Luca Boccassi
b152adbfa9 test-loop-block: run in qemu
test-loop-block needs to run in qemu, so we are currently not
testing it in the CI. Run it by itself in a separate job from
TEST-02-UNITTESTS to avoid slowing that suite down.

Fixes https://github.com/systemd/systemd/issues/19966

Disable it in the bionic-* CI for now, as it's affected by
the same uevent ordering issue as TEST-50-DISSECT which makes
it flaky.
2021-06-21 20:55:19 +01:00
Luca Boccassi
fa1fdd3099 test: move custom result checks from TEST-02-UNITTESTS to test-functions 2021-06-21 20:45:56 +01:00
Luca Boccassi
85d3f13254 test: allow to call units/testsuite-02.sh from other scripts 2021-06-21 19:47:38 +01:00
Luca Boccassi
1d5574516f test: do not fail TEST-02-UNITTESTS if they are all skipped
The return code is initialized to fail if /testok is not found, but
that also covers the case where all tests are skipped.
2021-06-21 19:47:38 +01:00
Luca Boccassi
7d3f9bf493 test: do not lose logs of late failures in TEST-02-UNITTESTS
Due to set -e, if the wait() fails (eg: because of an assert in the
waited task), report_result() never runs and logs are lost
2021-06-21 19:47:38 +01:00
Luca Boccassi
35cde9e935 test: install nls modules, required by vfat
kernel: FAT-fs (loop0p2): codepage cp437 not found
kernel: FAT-fs (loop0p2): IO charset ascii not found
2021-06-21 19:47:38 +01:00
Frantisek Sumsal
5384e84c46 test: wait until the unit leaves the 'inactive' state as well
In many CI runs I noticed a race where we check the "active" state a bit
too early where the unit is still in the "inactive" state, causing the
`is-failed` check to fail. Mitigate this by waiting even if the unit is
in the inactive state and introduce a "safe net" which checks whether
the unit is not restarting indefinitely or more than it should (as
described in the original issue #3166).

Example:
```
[    5.757784] testsuite-11.sh[216]: + systemctl --no-block start fail-on-restart.service
[    5.853657] testsuite-11.sh[222]: ++ systemctl show --value --property ActiveState fail-on-restart.service
[    5.946044] testsuite-11.sh[216]: + active_state=inactive
[    5.946044] testsuite-11.sh[216]: + [[ inactive == \a\c\t\i\v\a\t\i\n\g ]]
[    5.946044] testsuite-11.sh[216]: + [[ inactive == \a\c\t\i\v\e ]]
[    5.946044] testsuite-11.sh[216]: + systemctl is-failed fail-on-restart.service
[    5.946816] systemd[1]: fail-on-restart.service: Passing 0 fds to service
[    5.946913] systemd[1]: fail-on-restart.service: About to execute false
[    5.947011] systemd[1]: fail-on-restart.service: Forked false as 228
[    5.947093] systemd[1]: fail-on-restart.service: Changed dead -> start
[    5.947172] systemd[1]: Starting Fail on restart...
[    5.947272] systemd[228]: fail-on-restart.service: Executing: false
[    5.960553] testsuite-11.sh[227]: activating
[    5.965188] testsuite-11.sh[216]: + exit 1
[    6.011838] systemd[1]: Received SIGCHLD from PID 228 (4).
[    6.012510] systemd[1]: fail-on-restart.service: Main process exited, code=exited, status=1/FAILURE
[    6.012638] systemd[1]: fail-on-restart.service: Failed with result 'exit-code'.
[    6.012834] systemd[1]: fail-on-restart.service: Service will restart (restart setting)
[    6.012963] systemd[1]: fail-on-restart.service: Changed running -> failed
[    6.013081] systemd[1]: fail-on-restart.service: Unit entered failed state.
```
2021-06-18 13:46:29 +09:00
Frantisek Sumsal
29bff80b5c test: drop the mawk-incompatible expression
The three-argument match() is a GNU AWK extension, thus breaking the
compatibility with mawk (used on Ubuntu/Debian, for example). Let's
replace it with a (hopefully) more portable sed expression to drop the
inadvertently introduced gawk dependency.

Fixes: #19957
2021-06-17 21:44:32 +01:00
Luca Boccassi
63878c52be test: do not run 'meson configure' if NO_BUILD is set
There is no build tree and packages are used, so it cannot work. Unlikely
that static linking has been set for those builds anyway.

Fixes https://github.com/systemd/systemd/issues/19955
2021-06-17 17:21:17 +09:00
Frantisek Sumsal
e7848266da test: add a testcase for issue #19895 2021-06-15 23:18:06 +01:00
Luca Boccassi
e4948b0f0a
Merge pull request #19921 from yuwata/service-verify-bus-type
core/service: fix assertion when Type=dbus but BusName= is not specified
2021-06-15 12:21:53 +01:00
Frantisek Sumsal
785256a320 test: correctly configure the NUMA node memory pool
The currently hardcoded value works with the default configuration, but
breaks when QEMU_MEM != 512M (in sanitizer runs, for example).

```
# QEMU_MEM=1G make -C test/TEST-36-NUMAPOLICY/ run
make: Entering directory '/home/fsumsal/repos/@systemd/systemd/test/TEST-36-NUMAPOLICY'
TEST-36-NUMAPOLICY RUN: test NUMAPolicy= and NUMAMask= options
+ /bin/qemu-kvm -smp 8 -net none -m 1G -nographic -kernel /boot/vmlinuz-5.12.5-300.fc34.x86_64 -drive format=raw'
qemu-kvm: total memory for NUMA nodes (0x20000000) should equal RAM size (0x40000000)
E: QEMU failed with exit code 1
```
2021-06-15 05:37:28 +09:00
Yu Watanabe
2429808b29 test: add a test case for #19920 2021-06-15 03:06:09 +09:00
Luca Boccassi
2fbb5df8e9
Merge pull request #19898 from yuwata/network-multipath-route-without-interface-name
network: set link ifindex when multi-path routes specified without interface name
2021-06-14 14:27:50 +01:00
Luca Boccassi
feaf43158a
Merge pull request #19894 from yuwata/network-fix-configure-without-carrier
network: always check dynamic address assignments before entering con…
2021-06-14 14:23:09 +01:00
Zbigniew Jędrzejewski-Szmek
dce95d0b15 test/TEST-17-UDEV: use default image
No need to build a separate 700MB image to save 3080 bytes in the default image.
2021-06-12 11:19:04 +02:00
Yu Watanabe
740b638267 test-network: disable dynamic addressing protocols when ConfigureWithoutCarrier= is enabled 2021-06-12 08:51:16 +09:00
Yu Watanabe
705c7b1860 test-network: refuse routable state when no-carrier is expected
If we do not set the maximum operstate in wait-online, then routable
state is allowed when no-carrier state is expected.
2021-06-12 08:51:16 +09:00
Yu Watanabe
7a0fef8688 test-network: add a testcase for MultiPathRoute= without interface name 2021-06-12 05:37:57 +09:00
Luca Boccassi
7ad9bad71b
Merge pull request #19811 from anitazha/revert_mount_rl
sd-event: fix failure to exit rate limiting state
2021-06-10 23:41:55 +01:00
Anita Zhang
0c81900965 test: add extended test for triggering mount rate limit
It's hard to trigger the failure to exit the rate limit state in
isolation as it needs multiple event sources in order to show that it
gets stuck in the queue. Hence why this is an extended test.
2021-06-09 12:04:56 -07:00
Yu Watanabe
4681ab5547 test-network: add a test case for IPv6StableSecretAddress= 2021-06-09 04:56:52 +09:00
Yu Watanabe
9e1432d5cc network: introduce IPv6StableSecretAddress= setting
Previously, IPv6LinkLocalAddressGenerationMode= is not set, then we
define the address generation mode based on the result of reading
stable_secret sysctl value. This makes the mode is determined by whether
a secret address is specified in the new setting.

Closes #19622.
2021-06-09 04:56:48 +09:00
Srinidhi Kaushik
7f7a50dd15 tmpfiles: extend "Age" to accept an "age-by" argument
For "systemd-tmpfiles --cleanup", when the "Age" parameter
is specified, the criteria for deletion is determined from
the path's last modification timestamp ("mtime"), its last
access timestamp ("atime") and its last status change
timestamp ("ctime").

For instance, if one of those paths to be cleaned up are
opened, it results in the modification of "atime", which
results file system entry to not be removed because the
default aging algorithm would skip the entry.

Add an optional "age-by" argument by extending the "Age"
parameter to restrict the clean-up for a particular type
of file timestamp, which can be specified in "tmpfiles.d"
as follows:

  [age-by:]cleanup-age, where age-by is "[abcmACBM]+"

For example:

  d /foo/bar - - - abM:1m -

Would clean-up any files that were not accessed and created,
or directories that were not modified less than a minute ago
in "/foo/bar".

Fixes: #17002
2021-06-08 18:24:58 +02:00
Allen Webb
c46c323385 tmpfiles: add '=' action modifier.
Add the '=' action modifier that instructs tmpfiles.d to check the file
type of a path and remove objects that do not match before trying to
open or create the path.

BUG=chromium:1186405
TEST=./test/test-systemd-tmpfiles.py "$(which systemd-tmpfiles)"

Change-Id: If807dc0db427393e9e0047aba640d0d114897c26
2021-06-08 17:23:26 +02:00
Yu Watanabe
9373f5a812 test-network: fix setting name
This fixes an issue introduced by 72ffb9133d.
2021-06-08 06:33:27 +09:00
Yu Watanabe
4e0006cc4b test-network: add a testcase for UplinkInterface= for DHCP server 2021-06-08 06:33:27 +09:00
Yu Watanabe
165d7c5c42 network: introduce UplinkInterface= setting for DHCP server 2021-06-08 06:33:27 +09:00
Yu Watanabe
a8f76a8db7
Merge pull request #19766 from keszybz/fuzz-fixes
Fuzz fixes
2021-06-01 11:14:45 +09:00
Zbigniew Jędrzejewski-Szmek
a88f9dbae2 systemctl: unset const char* arguments in static destructors
When fuzzing, the following happens:
- we parse 'data' and produce an argv array,
- one of the items in argv is assigned to arg_host,
- the argv array is subsequently freed by strv_freep(), and arg_host has a dangling symlink.

In normal use, argv is static, so arg_host can never become a dangling pointer.
In fuzz-systemctl-parse-argv, if we repeatedly parse the same array, we
have some dangling pointers while we're in the middle of parsing. If we parse
the same array a second time, at the end all the dangling pointers will have been
replaced again. But for a short time, if parsing one of the arguments uses another
argument, we would use a dangling pointer.

Such a case occurs when we have --host=… --boot-loader-entry=help. The latter calls
acquire_bus() which uses arg_host.

I'm not particularly happy with making the code more complicated just for
fuzzing, but I think it's better to resolve this, even if the issue cannot
occur in normal invocations, than to deal with fuzzer reports.

Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31714.
2021-05-31 19:29:07 +02:00
Dan Streetman
05575a104b test/networkd-test: in bridge test, wait for online after restart systemd-networkd
without waiting for online, there is a race condition between systemd-networkd
actually setting the new values and the test checking those values

This also sets the link down before restarting systemd-networkd, to avoid
the wait for online being a no-op
2021-05-28 12:26:33 +09:00
borna-blazevic
ffaece68bc test-network: add a testcase for DHCP static lease 2021-05-27 15:57:33 +09:00
borna-blazevic
c517a49bf7 network: dhcp-server: introduce [DHCPServerStaticLease] section 2021-05-27 15:51:26 +09:00
Yu Watanabe
06043c7821 test-network: refuse RA if not necessary 2021-05-26 21:22:13 +09:00
Yu Watanabe
618da3e7d5 test-network: wait for that the link is in configuring state at the beginning 2021-05-26 21:13:56 +09:00
Lennart Poettering
c473437862
Merge pull request #19322 from poettering/dep-split
core: rework dependency system to be based on atoms + add three new dep types
2021-05-25 22:07:11 +02:00
Lennart Poettering
0760363274 test: add test for OnSuccess= + Uphold= + PropagatesStopTo= + BindsTo= 2021-05-25 16:06:30 +02:00
Lennart Poettering
0bc488c99a core: implement Uphold= dependency type
This is like a really strong version of Wants=, that keeps starting the
specified unit if it is ever found inactive.

This is an alternative to Restart= inside a unit, acknowledging the fact
that whether to keep restarting the unit is sometimes not a property of
the unit itself but the state of the system.

This implements a part of what #4263 requests. i.e. there's no
distinction between "always" and "opportunistic". We just dumbly
implement "always" and become active whenever we see no job queued for
an inactive unit that is supposed to be upheld.
2021-05-25 16:03:03 +02:00
Lennart Poettering
294446dcb9 core: add new OnSuccess= dependency type
This is similar to OnFailure= but is activated whenever a unit returns
into inactive state successfully.

I was always afraid of adding this, since it effectively allows building
loops and makes our engine Turing complete, but it pretty much already
was it was just hidden.

Given that we have per-unit ratelimits as well as an event loop global
ratelimit I feel safe to add this finally, given it actually is useful.

Fixes: #13386
2021-05-25 16:03:03 +02:00
Lennart Poettering
ffec78c05b core: add new PropagateStopTo= dependency (and inverse)
This takes inspiration from PropagatesReloadTo=, but propagates
stop jobs instead of restart jobs.

This is defined based on exactly two atoms: UNIT_ATOM_PROPAGATE_STOP +
UNIT_ATOM_RETROACTIVE_STOP_ON_STOP. The former ensures that when the
unit the dependency is originating from is stopped based on user
request, we'll propagate the stop job to the target unit, too. In
addition, when the originating unit suddenly stops from external causes
the stopping is propagated too. Note that this does *not* include the
UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT atom (which is used by BoundBy=),
i.e. this dependency is purely about propagating "edges" and not
"levels", i.e. it's about propagating specific events, instead of
continious states.

This is supposed to be useful for dependencies between .mount units and
their backing .device units. So far we either placed a BindsTo= or
Requires= dependency between them. The former gave a very clear binding
of the to units together, however was problematic if users establish
mounnts manually with different block device sources than our
configuration defines, as we there might come to the conclusion that the
backing device was absent and thus we need to umount again what the user
mounted. By combining Requires= with the new StopPropagatedFrom= (i.e.
the inverse PropagateStopTo=) we can get behaviour that matches BindsTo=
in every single atom but one: UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT is
absent, and hence the level-triggered logic doesn't apply.

Replaces: #11340
2021-05-25 16:03:03 +02:00
Luca Boccassi
c5fd89adcd core: make libbpf a dlopen() dependency 2021-05-25 12:59:26 +01:00