Compare commits
7 Commits
6161b35d5e
...
0d63e7dd0b
| Author | SHA1 | Date |
|---|---|---|
Lennart Poettering
|
0d63e7dd0b | |
|
Lennart Poettering
|
ecc04067f9 | |
|
Lennart Poettering
|
7ade8982ca | |
|
Yu Watanabe
|
c643bda5ec | |
|
Zbigniew Jędrzejewski-Szmek
|
927b9b8f63 | |
|
Zbigniew Jędrzejewski-Szmek
|
41a7c3bf5d | |
|
Zbigniew Jędrzejewski-Szmek
|
b68edd3006 |
|
|
@ -5,7 +5,7 @@
|
|||
|
||||
[Distribution]
|
||||
Distribution=fedora
|
||||
Release=31
|
||||
Release=32
|
||||
|
||||
[Output]
|
||||
Format=gpt_ext4
|
||||
|
|
|
|||
5
NEWS
5
NEWS
|
|
@ -357,6 +357,11 @@ CHANGES WITH 246 in spe:
|
|||
The optional positional argument to "systemctl reboot" is now
|
||||
being deprecated in favor of this option.
|
||||
|
||||
* Support for the .include syntax in unit files has been removed. The
|
||||
concept has been obsolete for 6 years and we started warning about
|
||||
its pending removal 2 years ago (also see NEWS file below). It's
|
||||
finally gone now.
|
||||
|
||||
CHANGES WITH 245:
|
||||
|
||||
* A new tool "systemd-repart" has been added, that operates as an
|
||||
|
|
|
|||
|
|
@ -1,8 +1,8 @@
|
|||
<?xml version='1.0'?>
|
||||
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
|
||||
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
|
||||
<!ENTITY fedora_latest_version "31">
|
||||
<!ENTITY fedora_cloud_release "1.9">
|
||||
<!ENTITY fedora_latest_version "32">
|
||||
<!ENTITY fedora_cloud_release "1.6">
|
||||
]>
|
||||
<!-- SPDX-License-Identifier: LGPL-2.1+ -->
|
||||
|
||||
|
|
|
|||
|
|
@ -228,22 +228,25 @@
|
|||
<term><filename>emergency.target</filename></term>
|
||||
<listitem>
|
||||
<para>A special target unit that starts an emergency shell on the main console. This
|
||||
target does not pull in any services or mounts. It is the most minimal version of
|
||||
target does not pull in other services or mounts. It is the most minimal version of
|
||||
starting the system in order to acquire an interactive shell; the only processes running
|
||||
are usually just the system manager (PID 1) and the shell process. This unit is supposed
|
||||
to be used with the kernel command line option <varname>systemd.unit=</varname>; it is
|
||||
also used when a file system check on a required file system fails, and boot-up cannot
|
||||
are usually just the system manager (PID 1) and the shell process. This unit may be used
|
||||
by specifying <varname>emergency</varname> on the kernel command line; it is
|
||||
also used when a file system check on a required file system fails and boot-up cannot
|
||||
continue. Compare with <filename>rescue.target</filename>, which serves a similar
|
||||
purpose, but also starts the most basic services and mounts all file systems.</para>
|
||||
|
||||
<para>Use the <literal>systemd.unit=emergency.target</literal> kernel command line
|
||||
option to boot into this mode. A short alias for this kernel command line option is
|
||||
<literal>emergency</literal>, for compatibility with SysV.</para>
|
||||
|
||||
<para>In many ways booting into <filename>emergency.target</filename> is similar to the
|
||||
effect of booting with <literal>init=/bin/sh</literal> on the kernel command line,
|
||||
except that emergency mode provides you with the full system and service manager, and
|
||||
allows starting individual units in order to continue the boot process in steps.</para>
|
||||
|
||||
<para>Note that depending on how <filename>emergency.target</filename> is reached, the root file
|
||||
system might be mounted read-only or read-write (no remounting is done specially for this
|
||||
target). For example, the system may boot with root mounted read-only when <varname>ro</varname>
|
||||
is used on the kernel command line and remain this way for <filename>emergency.target</filename>,
|
||||
or the system may transition to <filename>emergency.target</filename> after the system has been
|
||||
partially booted and disks have already been remounted read-write.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
<varlistentry>
|
||||
|
|
|
|||
|
|
@ -226,9 +226,6 @@
|
|||
<filename>foo-.service.d/10-override.conf</filename> would override
|
||||
<filename>service.d/10-override.conf</filename>.</para>
|
||||
|
||||
<!-- Note that we do not document .include here, as we consider it mostly obsolete, and want
|
||||
people to use .d/ drop-ins instead. -->
|
||||
|
||||
<para>Note that while systemd offers a flexible dependency system
|
||||
between units it is recommended to use this functionality only
|
||||
sparingly and instead rely on techniques such as bus-based or
|
||||
|
|
|
|||
|
|
@ -4864,7 +4864,7 @@ int unit_load_fragment(Unit *u) {
|
|||
r = config_parse(u->id, fragment, f,
|
||||
UNIT_VTABLE(u)->sections,
|
||||
config_item_perf_lookup, load_fragment_gperf_lookup,
|
||||
CONFIG_PARSE_ALLOW_INCLUDE,
|
||||
0,
|
||||
u,
|
||||
NULL);
|
||||
if (r == -ENOEXEC)
|
||||
|
|
|
|||
|
|
@ -74,7 +74,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
|
|||
name, name, f,
|
||||
UNIT_VTABLE(u)->sections,
|
||||
config_item_perf_lookup, load_fragment_gperf_lookup,
|
||||
CONFIG_PARSE_ALLOW_INCLUDE,
|
||||
0,
|
||||
u,
|
||||
NULL);
|
||||
|
||||
|
|
|
|||
|
|
@ -192,30 +192,34 @@ bool net_match_config(Set *match_mac,
|
|||
Set *match_permanent_mac,
|
||||
char * const *match_paths,
|
||||
char * const *match_drivers,
|
||||
char * const *match_types,
|
||||
char * const *match_iftypes,
|
||||
char * const *match_names,
|
||||
char * const *match_property,
|
||||
char * const *match_wifi_iftype,
|
||||
char * const *match_ssid,
|
||||
Set *match_bssid,
|
||||
unsigned short iftype,
|
||||
sd_device *device,
|
||||
const struct ether_addr *dev_mac,
|
||||
const struct ether_addr *dev_permanent_mac,
|
||||
const char *dev_driver,
|
||||
unsigned short dev_iftype,
|
||||
const char *dev_name,
|
||||
char * const *alternative_names,
|
||||
enum nl80211_iftype wifi_iftype,
|
||||
const char *ssid,
|
||||
const struct ether_addr *bssid) {
|
||||
enum nl80211_iftype dev_wifi_iftype,
|
||||
const char *dev_ssid,
|
||||
const struct ether_addr *dev_bssid) {
|
||||
|
||||
const char *dev_path = NULL, *dev_driver = NULL, *mac_str;
|
||||
_cleanup_free_ char *dev_type;
|
||||
_cleanup_free_ char *dev_iftype_str;
|
||||
const char *dev_path = NULL;
|
||||
|
||||
dev_type = link_get_type_string(iftype, device);
|
||||
dev_iftype_str = link_get_type_string(dev_iftype, device);
|
||||
|
||||
if (device) {
|
||||
const char *mac_str;
|
||||
|
||||
(void) sd_device_get_property_value(device, "ID_PATH", &dev_path);
|
||||
(void) sd_device_get_property_value(device, "ID_NET_DRIVER", &dev_driver);
|
||||
if (!dev_driver)
|
||||
(void) sd_device_get_property_value(device, "ID_NET_DRIVER", &dev_driver);
|
||||
if (!dev_name)
|
||||
(void) sd_device_get_sysname(device, &dev_name);
|
||||
if (!dev_mac &&
|
||||
|
|
@ -238,7 +242,7 @@ bool net_match_config(Set *match_mac,
|
|||
if (!net_condition_test_strv(match_drivers, dev_driver))
|
||||
return false;
|
||||
|
||||
if (!net_condition_test_strv(match_types, dev_type))
|
||||
if (!net_condition_test_strv(match_iftypes, dev_iftype_str))
|
||||
return false;
|
||||
|
||||
if (!net_condition_test_ifname(match_names, dev_name, alternative_names))
|
||||
|
|
@ -247,13 +251,13 @@ bool net_match_config(Set *match_mac,
|
|||
if (!net_condition_test_property(match_property, device))
|
||||
return false;
|
||||
|
||||
if (!net_condition_test_strv(match_wifi_iftype, wifi_iftype_to_string(wifi_iftype)))
|
||||
if (!net_condition_test_strv(match_wifi_iftype, wifi_iftype_to_string(dev_wifi_iftype)))
|
||||
return false;
|
||||
|
||||
if (!net_condition_test_strv(match_ssid, ssid))
|
||||
if (!net_condition_test_strv(match_ssid, dev_ssid))
|
||||
return false;
|
||||
|
||||
if (match_bssid && (!bssid || !set_contains(match_bssid, bssid)))
|
||||
if (match_bssid && (!dev_bssid || !set_contains(match_bssid, dev_bssid)))
|
||||
return false;
|
||||
|
||||
return true;
|
||||
|
|
|
|||
|
|
@ -17,23 +17,24 @@
|
|||
char *link_get_type_string(unsigned short iftype, sd_device *device);
|
||||
bool net_match_config(Set *match_mac,
|
||||
Set *match_permanent_mac,
|
||||
char * const *match_path,
|
||||
char * const *match_driver,
|
||||
char * const *match_type,
|
||||
char * const *match_name,
|
||||
char * const *match_paths,
|
||||
char * const *match_drivers,
|
||||
char * const *match_iftypes,
|
||||
char * const *match_names,
|
||||
char * const *match_property,
|
||||
char * const *match_wifi_iftype,
|
||||
char * const *match_ssid,
|
||||
Set *match_bssid,
|
||||
unsigned short iftype,
|
||||
sd_device *device,
|
||||
const struct ether_addr *dev_mac,
|
||||
const struct ether_addr *dev_permanent_mac,
|
||||
const char *dev_driver,
|
||||
unsigned short dev_iftype,
|
||||
const char *dev_name,
|
||||
char * const *alternative_names,
|
||||
enum nl80211_iftype wifi_iftype,
|
||||
const char *ssid,
|
||||
const struct ether_addr *bssid);
|
||||
enum nl80211_iftype dev_wifi_iftype,
|
||||
const char *dev_ssid,
|
||||
const struct ether_addr *dev_bssid);
|
||||
|
||||
CONFIG_PARSER_PROTOTYPE(config_parse_net_condition);
|
||||
CONFIG_PARSER_PROTOTYPE(config_parse_hwaddr);
|
||||
|
|
|
|||
|
|
@ -618,10 +618,14 @@ static int link_new(Manager *manager, sd_netlink_message *message, Link **ret) {
|
|||
if (r < 0)
|
||||
log_link_debug_errno(link, r, "MAC address not found for new device, continuing without");
|
||||
|
||||
r = ethtool_get_permanent_macaddr(NULL, link->ifname, &link->permanent_mac);
|
||||
r = ethtool_get_permanent_macaddr(&manager->ethtool_fd, link->ifname, &link->permanent_mac);
|
||||
if (r < 0)
|
||||
log_link_debug_errno(link, r, "Permanent MAC address not found for new device, continuing without: %m");
|
||||
|
||||
r = ethtool_get_driver(&manager->ethtool_fd, link->ifname, &link->driver);
|
||||
if (r < 0)
|
||||
log_link_debug_errno(link, r, "Failed to get driver, continuing without: %m");
|
||||
|
||||
r = sd_netlink_message_read_strv(message, IFLA_PROP_LIST, IFLA_ALT_IFNAME, &link->alternative_names);
|
||||
if (r < 0 && r != -ENODATA)
|
||||
return r;
|
||||
|
|
@ -725,6 +729,7 @@ static Link *link_free(Link *link) {
|
|||
strv_free(link->alternative_names);
|
||||
free(link->kind);
|
||||
free(link->ssid);
|
||||
free(link->driver);
|
||||
|
||||
(void) unlink(link->state_file);
|
||||
free(link->state_file);
|
||||
|
|
@ -3139,8 +3144,10 @@ static int link_reconfigure_internal(Link *link, sd_netlink_message *m, bool for
|
|||
strv_free_and_replace(link->alternative_names, s);
|
||||
}
|
||||
|
||||
r = network_get(link->manager, link->iftype, link->sd_device, link->ifname, link->alternative_names,
|
||||
&link->mac, &link->permanent_mac, link->wlan_iftype, link->ssid, &link->bssid, &network);
|
||||
r = network_get(link->manager, link->iftype, link->sd_device,
|
||||
link->ifname, link->alternative_names, link->driver,
|
||||
&link->mac, &link->permanent_mac,
|
||||
link->wlan_iftype, link->ssid, &link->bssid, &network);
|
||||
if (r == -ENOENT) {
|
||||
link_enter_unmanaged(link);
|
||||
return 0;
|
||||
|
|
@ -3275,8 +3282,10 @@ static int link_initialized_and_synced(Link *link) {
|
|||
if (r < 0)
|
||||
return r;
|
||||
|
||||
r = network_get(link->manager, link->iftype, link->sd_device, link->ifname, link->alternative_names,
|
||||
&link->mac, &link->permanent_mac, link->wlan_iftype, link->ssid, &link->bssid, &network);
|
||||
r = network_get(link->manager, link->iftype, link->sd_device,
|
||||
link->ifname, link->alternative_names, link->driver,
|
||||
&link->mac, &link->permanent_mac,
|
||||
link->wlan_iftype, link->ssid, &link->bssid, &network);
|
||||
if (r == -ENOENT) {
|
||||
link_enter_unmanaged(link);
|
||||
return 0;
|
||||
|
|
|
|||
|
|
@ -66,6 +66,7 @@ typedef struct Link {
|
|||
struct in6_addr ipv6ll_address;
|
||||
uint32_t mtu;
|
||||
sd_device *sd_device;
|
||||
char *driver;
|
||||
|
||||
/* wlan */
|
||||
enum nl80211_iftype wlan_iftype;
|
||||
|
|
|
|||
|
|
@ -1790,6 +1790,7 @@ int manager_new(Manager **ret) {
|
|||
*m = (Manager) {
|
||||
.speed_meter_interval_usec = SPEED_METER_DEFAULT_TIME_INTERVAL,
|
||||
.manage_foreign_routes = true,
|
||||
.ethtool_fd = -1,
|
||||
};
|
||||
|
||||
m->state_file = strdup("/run/systemd/netif/state");
|
||||
|
|
@ -1900,6 +1901,8 @@ void manager_free(Manager *m) {
|
|||
free(m->dynamic_timezone);
|
||||
free(m->dynamic_hostname);
|
||||
|
||||
safe_close(m->ethtool_fd);
|
||||
|
||||
free(m);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -26,6 +26,7 @@ struct Manager {
|
|||
sd_bus *bus;
|
||||
sd_device_monitor *device_monitor;
|
||||
Hashmap *polkit_registry;
|
||||
int ethtool_fd;
|
||||
|
||||
bool enumerating:1;
|
||||
bool dirty:1;
|
||||
|
|
|
|||
|
|
@ -776,8 +776,8 @@ int network_get_by_name(Manager *manager, const char *name, Network **ret) {
|
|||
}
|
||||
|
||||
int network_get(Manager *manager, unsigned short iftype, sd_device *device,
|
||||
const char *ifname, char * const *alternative_names,
|
||||
const struct ether_addr *address, const struct ether_addr *permanent_address,
|
||||
const char *ifname, char * const *alternative_names, const char *driver,
|
||||
const struct ether_addr *mac, const struct ether_addr *permanent_mac,
|
||||
enum nl80211_iftype wlan_iftype, const char *ssid, const struct ether_addr *bssid,
|
||||
Network **ret) {
|
||||
Network *network;
|
||||
|
|
@ -791,7 +791,7 @@ int network_get(Manager *manager, unsigned short iftype, sd_device *device,
|
|||
network->match_path, network->match_driver,
|
||||
network->match_type, network->match_name, network->match_property,
|
||||
network->match_wlan_iftype, network->match_ssid, network->match_bssid,
|
||||
iftype, device, address, permanent_address,
|
||||
device, mac, permanent_mac, driver, iftype,
|
||||
ifname, alternative_names, wlan_iftype, ssid, bssid)) {
|
||||
if (network->match_name && device) {
|
||||
const char *attr;
|
||||
|
|
|
|||
|
|
@ -346,10 +346,11 @@ int network_load_one(Manager *manager, OrderedHashmap **networks, const char *fi
|
|||
int network_verify(Network *network);
|
||||
|
||||
int network_get_by_name(Manager *manager, const char *name, Network **ret);
|
||||
int network_get(Manager *manager, unsigned short iftype, sd_device *device, const char *ifname, char * const *alternative_names,
|
||||
int network_get(Manager *manager, unsigned short iftype, sd_device *device,
|
||||
const char *ifname, char * const *alternative_names, const char *driver,
|
||||
const struct ether_addr *mac, const struct ether_addr *permanent_mac,
|
||||
enum nl80211_iftype wlan_iftype, const char *ssid,
|
||||
const struct ether_addr *bssid, Network **ret);
|
||||
enum nl80211_iftype wlan_iftype, const char *ssid, const struct ether_addr *bssid,
|
||||
Network **ret);
|
||||
int network_apply(Network *network, Link *link);
|
||||
void network_apply_anonymize_if_set(Network *network);
|
||||
|
||||
|
|
|
|||
|
|
@ -126,7 +126,7 @@ static void test_network_get(Manager *manager, sd_device *loopback) {
|
|||
|
||||
/* Let's hope that the test machine does not have a .network file that applies to loopback device…
|
||||
* But it is still possible, so let's allow that case too. */
|
||||
r = network_get(manager, 0, loopback, "lo", NULL, &mac, &mac, 0, NULL, NULL, &network);
|
||||
r = network_get(manager, 0, loopback, "lo", NULL, NULL, &mac, &mac, 0, NULL, NULL, &network);
|
||||
if (r == -ENOENT)
|
||||
/* The expected case */
|
||||
assert_se(!network);
|
||||
|
|
|
|||
|
|
@ -159,7 +159,7 @@ static int parse_line(
|
|||
char *l,
|
||||
void *userdata) {
|
||||
|
||||
char *e, *include;
|
||||
char *e;
|
||||
|
||||
assert(filename);
|
||||
assert(line > 0);
|
||||
|
|
@ -173,35 +173,6 @@ static int parse_line(
|
|||
if (*l == '\n')
|
||||
return 0;
|
||||
|
||||
include = first_word(l, ".include");
|
||||
if (include) {
|
||||
_cleanup_free_ char *fn = NULL;
|
||||
|
||||
/* .includes are a bad idea, we only support them here
|
||||
* for historical reasons. They create cyclic include
|
||||
* problems and make it difficult to detect
|
||||
* configuration file changes with an easy
|
||||
* stat(). Better approaches, such as .d/ drop-in
|
||||
* snippets exist.
|
||||
*
|
||||
* Support for them should be eventually removed. */
|
||||
|
||||
if (!(flags & CONFIG_PARSE_ALLOW_INCLUDE)) {
|
||||
log_syntax(unit, LOG_ERR, filename, line, 0, ".include not allowed here. Ignoring.");
|
||||
return 0;
|
||||
}
|
||||
|
||||
log_syntax(unit, LOG_WARNING, filename, line, 0,
|
||||
".include directives are deprecated, and support for them will be removed in a future version of systemd. "
|
||||
"Please use drop-in files instead.");
|
||||
|
||||
fn = file_in_same_dir(filename, strstrip(include));
|
||||
if (!fn)
|
||||
return -ENOMEM;
|
||||
|
||||
return config_parse(unit, fn, NULL, sections, lookup, table, flags, userdata, NULL);
|
||||
}
|
||||
|
||||
if (!utf8_is_valid(l))
|
||||
return log_syntax_invalid_utf8(unit, LOG_WARNING, filename, line, l);
|
||||
|
||||
|
|
|
|||
|
|
@ -16,8 +16,7 @@
|
|||
|
||||
typedef enum ConfigParseFlags {
|
||||
CONFIG_PARSE_RELAXED = 1 << 0, /* Do not warn about unknown non-extension fields */
|
||||
CONFIG_PARSE_ALLOW_INCLUDE = 1 << 1, /* Allow the deprecated .include stanza */
|
||||
CONFIG_PARSE_WARN = 1 << 2, /* Emit non-debug messages */
|
||||
CONFIG_PARSE_WARN = 1 << 1, /* Emit non-debug messages */
|
||||
} ConfigParseFlags;
|
||||
|
||||
/* Argument list for parsers of specific configuration settings. */
|
||||
|
|
|
|||
|
|
@ -1304,7 +1304,7 @@ static int unit_file_load(
|
|||
"-Target\0"
|
||||
"-Timer\0",
|
||||
config_item_table_lookup, items,
|
||||
CONFIG_PARSE_ALLOW_INCLUDE, info,
|
||||
0, info,
|
||||
NULL);
|
||||
if (r < 0)
|
||||
return log_debug_errno(r, "Failed to parse %s: %m", info->name);
|
||||
|
|
|
|||
|
|
@ -2002,6 +2002,22 @@ static int seccomp_restrict_sxid(scmp_filter_ctx seccomp, mode_t m) {
|
|||
else
|
||||
any = true;
|
||||
|
||||
#if defined(__SNR_openat2)
|
||||
/* The new openat2() system call can't be filtered sensibly, since it moves the flags parameter into
|
||||
* an indirect structure. Let's block it entirely for now. That should be a reasonably OK thing to do
|
||||
* for now, since openat2() is very new and code generally needs fallback logic anyway to be
|
||||
* compatible with kernels that are not absolutely recent. */
|
||||
r = seccomp_rule_add_exact(
|
||||
seccomp,
|
||||
SCMP_ACT_ERRNO(EPERM),
|
||||
SCMP_SYS(openat2),
|
||||
0);
|
||||
if (r < 0)
|
||||
log_debug_errno(r, "Failed to add filter for openat2: %m");
|
||||
else
|
||||
any = true;
|
||||
#endif
|
||||
|
||||
r = seccomp_rule_add_exact(
|
||||
seccomp,
|
||||
SCMP_ACT_ERRNO(EPERM),
|
||||
|
|
|
|||
|
|
@ -270,7 +270,7 @@ int link_config_get(link_config_ctx *ctx, sd_device *device, link_config **ret)
|
|||
LIST_FOREACH(links, link, ctx->links) {
|
||||
if (net_match_config(link->match_mac, link->match_permanent_mac, link->match_path, link->match_driver,
|
||||
link->match_type, link->match_name, link->match_property, NULL, NULL, NULL,
|
||||
iftype, device, NULL, &permanent_mac, NULL, NULL, 0, NULL, NULL)) {
|
||||
device, NULL, &permanent_mac, NULL, iftype, NULL, NULL, 0, NULL, NULL)) {
|
||||
if (link->match_name && !strv_contains(link->match_name, "*")) {
|
||||
unsigned name_assign_type = NET_NAME_UNKNOWN;
|
||||
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@
|
|||
# (at your option) any later version.
|
||||
|
||||
[Unit]
|
||||
Description=Rule-based manager for device events and files
|
||||
Description=Rule-based Manager for Device Events and Files
|
||||
Documentation=man:systemd-udevd.service(8) man:udev(7)
|
||||
DefaultDependencies=no
|
||||
After=systemd-sysusers.service systemd-hwdb-update.service
|
||||
|
|
|
|||
Loading…
Reference in New Issue