Compare commits
13 Commits
7a182f1034
...
bbfd9f513b
Author | SHA1 | Date |
---|---|---|
Chris Down | bbfd9f513b | |
Lennart Poettering | 4353974d75 | |
Anita Zhang | ffe61e19cb | |
Lennart Poettering | 65ad4ad89d | |
Iain Lane | 625077264b | |
Yu Watanabe | 214c5bae09 | |
Yu Watanabe | 1985c54ff3 | |
Lennart Poettering | f9aefc91f1 | |
Lennart Poettering | e9786a5c01 | |
Lennart Poettering | 6e0ed2865e | |
Daniel Shahaf | fa7ea86510 | |
Daniel Shahaf | 1d8385b415 | |
Daniel Shahaf | 51a3b72634 |
|
@ -1216,7 +1216,9 @@
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><varname>Gateway=</varname></term>
|
<term><varname>Gateway=</varname></term>
|
||||||
<listitem>
|
<listitem>
|
||||||
<para>As in the <literal>[Network]</literal> section.</para>
|
<para>Takes the gateway address or special value <literal>dhcp</literal>. If
|
||||||
|
<literal>dhcp</literal>, then the gateway address provided by DHCP (or in the IPv6 case,
|
||||||
|
provided by IPv6 RA) is used.</para>
|
||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
|
|
|
@ -3,8 +3,8 @@
|
||||||
|
|
||||||
(( $+functions[_systemctl_commands] )) || _systemctl_commands()
|
(( $+functions[_systemctl_commands] )) || _systemctl_commands()
|
||||||
{
|
{
|
||||||
local -a _systemctl_cmds
|
local -a unit_commands=(
|
||||||
_systemctl_cmds=(
|
# Unit Commands
|
||||||
"list-sockets:List sockets"
|
"list-sockets:List sockets"
|
||||||
"list-timers:List timers"
|
"list-timers:List timers"
|
||||||
"list-units:List units"
|
"list-units:List units"
|
||||||
|
@ -16,9 +16,6 @@
|
||||||
"try-restart:Restart one or more units if active"
|
"try-restart:Restart one or more units if active"
|
||||||
"reload-or-restart:Reload one or more units if possible, otherwise start or restart"
|
"reload-or-restart:Reload one or more units if possible, otherwise start or restart"
|
||||||
"force-reload:Reload one or more units if possible, otherwise restart if active"
|
"force-reload:Reload one or more units if possible, otherwise restart if active"
|
||||||
"hibernate:Hibernate the system"
|
|
||||||
"hybrid-sleep:Hibernate and suspend the system"
|
|
||||||
"suspend-then-hibernate:Suspend the system for a period of time, and then hibernate it"
|
|
||||||
"try-reload-or-restart:Reload one or more units if possible, otherwise restart if active"
|
"try-reload-or-restart:Reload one or more units if possible, otherwise restart if active"
|
||||||
"isolate:Start one unit and stop all others"
|
"isolate:Start one unit and stop all others"
|
||||||
"kill:Send signal to processes of a unit"
|
"kill:Send signal to processes of a unit"
|
||||||
|
@ -27,32 +24,64 @@
|
||||||
"status:Show runtime status of one or more units"
|
"status:Show runtime status of one or more units"
|
||||||
"show:Show properties of one or more units/jobs or the manager"
|
"show:Show properties of one or more units/jobs or the manager"
|
||||||
"cat:Show the source unit files and drop-ins"
|
"cat:Show the source unit files and drop-ins"
|
||||||
|
"set-property:Sets one or more properties of a unit"
|
||||||
|
"help:Show documentation for specified units"
|
||||||
"reset-failed:Reset failed state for all, one, or more units"
|
"reset-failed:Reset failed state for all, one, or more units"
|
||||||
|
"list-dependencies:Show unit dependency tree"
|
||||||
|
"clean:Remove configuration, state, cache, logs or runtime data of units"
|
||||||
|
)
|
||||||
|
|
||||||
|
local -a machine_commands=(
|
||||||
|
# Machine Commands
|
||||||
|
"list-machines:List the host and all running local containers"
|
||||||
|
)
|
||||||
|
|
||||||
|
local -a unit_file_commands=(
|
||||||
|
# Unit File Commands
|
||||||
"list-unit-files:List installed unit files"
|
"list-unit-files:List installed unit files"
|
||||||
"enable:Enable one or more unit files"
|
"enable:Enable one or more unit files"
|
||||||
"disable:Disable one or more unit files"
|
"disable:Disable one or more unit files"
|
||||||
"add-wants:Add Wants= dependencies to a unit"
|
|
||||||
"add-requires:Add Requires= dependencies to a unit"
|
|
||||||
"reenable:Reenable one or more unit files"
|
"reenable:Reenable one or more unit files"
|
||||||
"preset:Enable/disable one or more unit files based on preset configuration"
|
"preset:Enable/disable one or more unit files based on preset configuration"
|
||||||
"preset-all:Enable/disable all unit files based on preset configuration"
|
"preset-all:Enable/disable all unit files based on preset configuration"
|
||||||
"set-default:Set the default target"
|
"is-enabled:Check whether unit files are enabled"
|
||||||
"get-default:Query the default target"
|
|
||||||
"edit:Edit one or more unit files"
|
|
||||||
"is-system-running:Query overall status of the system"
|
|
||||||
"help:Show documentation for specified units"
|
|
||||||
"list-dependencies:Show unit dependency tree"
|
|
||||||
"mask:Mask one or more units"
|
"mask:Mask one or more units"
|
||||||
"unmask:Unmask one or more units"
|
"unmask:Unmask one or more units"
|
||||||
"link:Link one or more units files into the search path"
|
"link:Link one or more units files into the search path"
|
||||||
"is-enabled:Check whether unit files are enabled"
|
"revert:Revert unit files to their vendor versions"
|
||||||
|
"add-wants:Add Wants= dependencies to a unit"
|
||||||
|
"add-requires:Add Requires= dependencies to a unit"
|
||||||
|
"set-default:Set the default target"
|
||||||
|
"get-default:Query the default target"
|
||||||
|
"edit:Edit one or more unit files"
|
||||||
|
)
|
||||||
|
|
||||||
|
local -a job_commands=(
|
||||||
|
# Job Commands
|
||||||
"list-jobs:List jobs"
|
"list-jobs:List jobs"
|
||||||
"cancel:Cancel all, one, or more jobs"
|
"cancel:Cancel all, one, or more jobs"
|
||||||
|
)
|
||||||
|
|
||||||
|
local -a environment_commands=(
|
||||||
|
# Environment Commands
|
||||||
"show-environment:Dump environment"
|
"show-environment:Dump environment"
|
||||||
"set-environment:Set one or more environment variables"
|
"set-environment:Set one or more environment variables"
|
||||||
"unset-environment:Unset one or more environment variables"
|
"unset-environment:Unset one or more environment variables"
|
||||||
|
"import-environment:Import environment variables set on the client"
|
||||||
|
)
|
||||||
|
|
||||||
|
local -a manager_state_commands=(
|
||||||
|
# Manager State Commands
|
||||||
"daemon-reload:Reload systemd manager configuration"
|
"daemon-reload:Reload systemd manager configuration"
|
||||||
"daemon-reexec:Reexecute systemd manager"
|
"daemon-reexec:Reexecute systemd manager"
|
||||||
|
"log-level:Get or set the log level"
|
||||||
|
"log-target:Get or set the log target"
|
||||||
|
"service-watchdogs:Get or set the state of software watchdogs"
|
||||||
|
)
|
||||||
|
|
||||||
|
local -a system_commands=(
|
||||||
|
# System Commands
|
||||||
|
"is-system-running:Query overall status of the system"
|
||||||
"default:Enter system default mode"
|
"default:Enter system default mode"
|
||||||
"rescue:Enter system rescue mode"
|
"rescue:Enter system rescue mode"
|
||||||
"emergency:Enter system emergency mode"
|
"emergency:Enter system emergency mode"
|
||||||
|
@ -63,8 +92,19 @@
|
||||||
"kexec:Shut down and reboot the system with kexec"
|
"kexec:Shut down and reboot the system with kexec"
|
||||||
"exit:Ask for user instance termination"
|
"exit:Ask for user instance termination"
|
||||||
"switch-root:Change root directory"
|
"switch-root:Change root directory"
|
||||||
"revert:Revert unit files to their vendor versions"
|
"hibernate:Hibernate the system"
|
||||||
"set-property:Sets one or more properties of a unit"
|
"hybrid-sleep:Hibernate and suspend the system"
|
||||||
|
"suspend-then-hibernate:Suspend the system for a period of time, and then hibernate it"
|
||||||
|
)
|
||||||
|
|
||||||
|
local -a _systemctl_cmds=(
|
||||||
|
"${unit_commands[@]}"
|
||||||
|
"${machine_commands[@]}"
|
||||||
|
"${unit_file_commands[@]}"
|
||||||
|
"${job_commands[@]}"
|
||||||
|
"${environment_commands[@]}"
|
||||||
|
"${manager_state_commands[@]}"
|
||||||
|
"${system_commands[@]}"
|
||||||
)
|
)
|
||||||
|
|
||||||
if (( CURRENT == 1 )); then
|
if (( CURRENT == 1 )); then
|
||||||
|
|
|
@ -1958,7 +1958,7 @@ static VOID config_entry_add_linux(
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (strcmpa((CHAR8 *)"VERSION_ID", key) == 0) {
|
if (strcmpa((CHAR8 *)"VERSION", key) == 0) {
|
||||||
FreePool(os_version);
|
FreePool(os_version);
|
||||||
os_version = stra_to_str(value);
|
os_version = stra_to_str(value);
|
||||||
continue;
|
continue;
|
||||||
|
|
|
@ -377,6 +377,23 @@ static int link_set_dhcp_routes(Link *link) {
|
||||||
return log_link_error_errno(link, r, "Could not set router: %m");
|
return log_link_error_errno(link, r, "Could not set router: %m");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Route *rt;
|
||||||
|
LIST_FOREACH(routes, rt, link->network->static_routes) {
|
||||||
|
if (!rt->gateway_from_dhcp)
|
||||||
|
continue;
|
||||||
|
|
||||||
|
if (rt->family != AF_INET)
|
||||||
|
continue;
|
||||||
|
|
||||||
|
rt->gw.in = router[0];
|
||||||
|
|
||||||
|
r = route_configure(rt, link, dhcp4_route_handler);
|
||||||
|
if (r < 0)
|
||||||
|
return log_link_error_errno(link, r, "Could not set gateway: %m");
|
||||||
|
if (r > 0)
|
||||||
|
link->dhcp4_messages++;
|
||||||
|
}
|
||||||
|
|
||||||
return link_set_dns_routes(link, &address);
|
return link_set_dns_routes(link, &address);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -480,6 +497,20 @@ static int dhcp_remove_router(Link *link, sd_dhcp_lease *lease, const struct in_
|
||||||
if (remove_all || !set_contains(link->dhcp_routes, route))
|
if (remove_all || !set_contains(link->dhcp_routes, route))
|
||||||
(void) route_remove(route, link, NULL);
|
(void) route_remove(route, link, NULL);
|
||||||
|
|
||||||
|
Route *rt;
|
||||||
|
LIST_FOREACH(routes, rt, link->network->static_routes) {
|
||||||
|
if (!rt->gateway_from_dhcp)
|
||||||
|
continue;
|
||||||
|
|
||||||
|
if (rt->family != AF_INET)
|
||||||
|
continue;
|
||||||
|
|
||||||
|
if (!remove_all && in4_addr_equal(router, &rt->gw.in))
|
||||||
|
continue;
|
||||||
|
|
||||||
|
(void) route_remove(rt, link, NULL);
|
||||||
|
}
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1039,6 +1039,8 @@ int link_request_set_routes(Link *link) {
|
||||||
/* First add the routes that enable us to talk to gateways, then add in the others that need a gateway. */
|
/* First add the routes that enable us to talk to gateways, then add in the others that need a gateway. */
|
||||||
for (phase = 0; phase < _PHASE_MAX; phase++)
|
for (phase = 0; phase < _PHASE_MAX; phase++)
|
||||||
LIST_FOREACH(routes, rt, link->network->static_routes) {
|
LIST_FOREACH(routes, rt, link->network->static_routes) {
|
||||||
|
if (rt->gateway_from_dhcp)
|
||||||
|
continue;
|
||||||
|
|
||||||
if ((in_addr_is_null(rt->family, &rt->gw) && ordered_set_isempty(rt->multipath_routes)) != (phase == PHASE_NON_GATEWAY))
|
if ((in_addr_is_null(rt->family, &rt->gw) && ordered_set_isempty(rt->multipath_routes)) != (phase == PHASE_NON_GATEWAY))
|
||||||
continue;
|
continue;
|
||||||
|
|
|
@ -169,6 +169,26 @@ static int ndisc_router_process_default(Link *link, sd_ndisc_router *rt) {
|
||||||
if (r > 0)
|
if (r > 0)
|
||||||
link->ndisc_messages++;
|
link->ndisc_messages++;
|
||||||
|
|
||||||
|
Route *route_gw;
|
||||||
|
LIST_FOREACH(routes, route_gw, link->network->static_routes) {
|
||||||
|
if (!route_gw->gateway_from_dhcp)
|
||||||
|
continue;
|
||||||
|
|
||||||
|
if (route_gw->family != AF_INET6)
|
||||||
|
continue;
|
||||||
|
|
||||||
|
route_gw->gw = gateway;
|
||||||
|
|
||||||
|
r = route_configure(route_gw, link, ndisc_netlink_route_message_handler);
|
||||||
|
if (r < 0) {
|
||||||
|
log_link_error_errno(link, r, "Could not set gateway: %m");
|
||||||
|
link_enter_failed(link);
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
if (r > 0)
|
||||||
|
link->ndisc_messages++;
|
||||||
|
}
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -998,11 +998,20 @@ int config_parse_gateway(
|
||||||
/* we are not in an Route section, so treat
|
/* we are not in an Route section, so treat
|
||||||
* this as the special '0' section */
|
* this as the special '0' section */
|
||||||
r = route_new_static(network, NULL, 0, &n);
|
r = route_new_static(network, NULL, 0, &n);
|
||||||
} else
|
if (r < 0)
|
||||||
|
return r;
|
||||||
|
} else {
|
||||||
r = route_new_static(network, filename, section_line, &n);
|
r = route_new_static(network, filename, section_line, &n);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return r;
|
return r;
|
||||||
|
|
||||||
|
if (streq(rvalue, "dhcp")) {
|
||||||
|
n->gateway_from_dhcp = true;
|
||||||
|
TAKE_PTR(n);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if (n->family == AF_UNSPEC)
|
if (n->family == AF_UNSPEC)
|
||||||
r = in_addr_from_string_auto(rvalue, &n->family, &n->gw);
|
r = in_addr_from_string_auto(rvalue, &n->family, &n->gw);
|
||||||
else
|
else
|
||||||
|
|
|
@ -48,6 +48,7 @@ struct Route {
|
||||||
unsigned char pref;
|
unsigned char pref;
|
||||||
unsigned flags;
|
unsigned flags;
|
||||||
int gateway_onlink;
|
int gateway_onlink;
|
||||||
|
bool gateway_from_dhcp;
|
||||||
|
|
||||||
union in_addr_union gw;
|
union in_addr_union gw;
|
||||||
union in_addr_union dst;
|
union in_addr_union dst;
|
||||||
|
|
|
@ -15,20 +15,23 @@ test_setup() {
|
||||||
|
|
||||||
mask_supporting_services
|
mask_supporting_services
|
||||||
|
|
||||||
usermod --root $initdir -d /home/nobody -s /bin/bash nobody
|
# Allocate user for running test case under
|
||||||
mkdir $initdir/home $initdir/home/nobody
|
mkdir -p $initdir/etc/sysusers.d
|
||||||
# Ubuntu's equivalent is nogroup
|
cat >$initdir/etc/sysusers.d/testuser.conf <<EOF
|
||||||
chown nobody:nobody $initdir/home/nobody || chown nobody:nogroup $initdir/home/nobody
|
u testuser 4711 "Test User" /home/testuser
|
||||||
|
EOF
|
||||||
|
|
||||||
enable_user_manager nobody
|
mkdir -p $initdir/home/testuser -m 0700
|
||||||
|
chown 4711:4711 $initdir/home/testuser
|
||||||
|
|
||||||
nobody_uid=$(id -u nobody)
|
enable_user_manager testuser
|
||||||
|
|
||||||
# setup the testsuite service
|
# setup the testsuite service
|
||||||
cat >$initdir/etc/systemd/system/testsuite.service <<EOF
|
cat >$initdir/etc/systemd/system/testsuite.service <<EOF
|
||||||
[Unit]
|
[Unit]
|
||||||
Description=Testsuite service
|
Description=Testsuite service
|
||||||
After=systemd-logind.service user@$nobody_uid.service
|
After=systemd-logind.service user@4711.service
|
||||||
|
Wants=user@4711.service
|
||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
ExecStart=/testsuite.sh
|
ExecStart=/testsuite.sh
|
||||||
|
|
|
@ -7,15 +7,13 @@ systemd-analyze log-level debug
|
||||||
runas() {
|
runas() {
|
||||||
declare userid=$1
|
declare userid=$1
|
||||||
shift
|
shift
|
||||||
su "$userid" -c 'XDG_RUNTIME_DIR=/run/user/$UID "$@"' -- sh "$@"
|
su "$userid" -s /bin/sh -c 'XDG_RUNTIME_DIR=/run/user/$UID exec "$@"' -- sh "$@"
|
||||||
}
|
}
|
||||||
|
|
||||||
runas nobody systemctl --user --wait is-system-running
|
runas testuser systemd-run --user --unit=test-private-users \
|
||||||
|
|
||||||
runas nobody systemd-run --user --unit=test-private-users \
|
|
||||||
-p PrivateUsers=yes -P echo hello
|
-p PrivateUsers=yes -P echo hello
|
||||||
|
|
||||||
runas nobody systemd-run --user --unit=test-private-tmp-innerfile \
|
runas testuser systemd-run --user --unit=test-private-tmp-innerfile \
|
||||||
-p PrivateUsers=yes -p PrivateTmp=yes \
|
-p PrivateUsers=yes -p PrivateTmp=yes \
|
||||||
-P touch /tmp/innerfile.txt
|
-P touch /tmp/innerfile.txt
|
||||||
# File should not exist outside the job's tmp directory.
|
# File should not exist outside the job's tmp directory.
|
||||||
|
@ -23,31 +21,31 @@ test ! -e /tmp/innerfile.txt
|
||||||
|
|
||||||
touch /tmp/outerfile.txt
|
touch /tmp/outerfile.txt
|
||||||
# File should not appear in unit's private tmp.
|
# File should not appear in unit's private tmp.
|
||||||
runas nobody systemd-run --user --unit=test-private-tmp-outerfile \
|
runas testuser systemd-run --user --unit=test-private-tmp-outerfile \
|
||||||
-p PrivateUsers=yes -p PrivateTmp=yes \
|
-p PrivateUsers=yes -p PrivateTmp=yes \
|
||||||
-P test ! -e /tmp/outerfile.txt
|
-P test ! -e /tmp/outerfile.txt
|
||||||
|
|
||||||
# Confirm that creating a file in home works
|
# Confirm that creating a file in home works
|
||||||
runas nobody systemd-run --user --unit=test-unprotected-home \
|
runas testuser systemd-run --user --unit=test-unprotected-home \
|
||||||
-P touch /home/nobody/works.txt
|
-P touch /home/testuser/works.txt
|
||||||
test -e /home/nobody/works.txt
|
test -e /home/testuser/works.txt
|
||||||
|
|
||||||
# Confirm that creating a file in home is blocked under read-only
|
# Confirm that creating a file in home is blocked under read-only
|
||||||
runas nobody systemd-run --user --unit=test-protect-home-read-only \
|
runas testuser systemd-run --user --unit=test-protect-home-read-only \
|
||||||
-p PrivateUsers=yes -p ProtectHome=read-only \
|
-p PrivateUsers=yes -p ProtectHome=read-only \
|
||||||
-P bash -c '
|
-P bash -c '
|
||||||
test -e /home/nobody/works.txt
|
test -e /home/testuser/works.txt
|
||||||
! touch /home/nobody/blocked.txt
|
! touch /home/testuser/blocked.txt
|
||||||
'
|
'
|
||||||
test ! -e /home/nobody/blocked.txt
|
test ! -e /home/testuser/blocked.txt
|
||||||
|
|
||||||
# Check that tmpfs hides the whole directory
|
# Check that tmpfs hides the whole directory
|
||||||
runas nobody systemd-run --user --unit=test-protect-home-tmpfs \
|
runas testuser systemd-run --user --unit=test-protect-home-tmpfs \
|
||||||
-p PrivateUsers=yes -p ProtectHome=tmpfs \
|
-p PrivateUsers=yes -p ProtectHome=tmpfs \
|
||||||
-P test ! -e /home/nobody
|
-P test ! -e /home/testuser
|
||||||
|
|
||||||
# Confirm that home, /root, and /run/user are inaccessible under "yes"
|
# Confirm that home, /root, and /run/user are inaccessible under "yes"
|
||||||
runas nobody systemd-run --user --unit=test-protect-home-yes \
|
runas testuser systemd-run --user --unit=test-protect-home-yes \
|
||||||
-p PrivateUsers=yes -p ProtectHome=yes \
|
-p PrivateUsers=yes -p ProtectHome=yes \
|
||||||
-P bash -c '
|
-P bash -c '
|
||||||
test "$(stat -c %a /home)" = "0"
|
test "$(stat -c %a /home)" = "0"
|
||||||
|
@ -59,7 +57,7 @@ runas nobody systemd-run --user --unit=test-protect-home-yes \
|
||||||
# namespace (no CAP_SETGID in the parent namespace to write the additional
|
# namespace (no CAP_SETGID in the parent namespace to write the additional
|
||||||
# mapping of the user supplied group and thus cannot change groups to an
|
# mapping of the user supplied group and thus cannot change groups to an
|
||||||
# unmapped group ID)
|
# unmapped group ID)
|
||||||
! runas nobody systemd-run --user --unit=test-group-fail \
|
! runas testuser systemd-run --user --unit=test-group-fail \
|
||||||
-p PrivateUsers=yes -p Group=daemon \
|
-p PrivateUsers=yes -p Group=daemon \
|
||||||
-P true
|
-P true
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,10 @@
|
||||||
|
[Match]
|
||||||
|
Name=veth99
|
||||||
|
|
||||||
|
[Network]
|
||||||
|
DHCP=ipv4
|
||||||
|
IPv6AcceptRA=no
|
||||||
|
|
||||||
|
[Route]
|
||||||
|
Gateway=dhcp
|
||||||
|
Destination=10.0.0.0/8
|
|
@ -0,0 +1,9 @@
|
||||||
|
[Match]
|
||||||
|
Name=veth99
|
||||||
|
|
||||||
|
[Network]
|
||||||
|
DHCP=ipv6
|
||||||
|
|
||||||
|
[Route]
|
||||||
|
Gateway=dhcp
|
||||||
|
Destination=2001:1234:5:9fff:ff:ff:ff:ff/128
|
|
@ -2659,6 +2659,8 @@ class NetworkdDHCPClientTests(unittest.TestCase, Utilities):
|
||||||
'25-vrf.network',
|
'25-vrf.network',
|
||||||
'dhcp-client-anonymize.network',
|
'dhcp-client-anonymize.network',
|
||||||
'dhcp-client-decline.network',
|
'dhcp-client-decline.network',
|
||||||
|
'dhcp-client-gateway-ipv4.network',
|
||||||
|
'dhcp-client-gateway-ipv6.network',
|
||||||
'dhcp-client-gateway-onlink-implicit.network',
|
'dhcp-client-gateway-onlink-implicit.network',
|
||||||
'dhcp-client-ipv4-dhcp-settings.network',
|
'dhcp-client-ipv4-dhcp-settings.network',
|
||||||
'dhcp-client-ipv4-only-ipv6-disabled.network',
|
'dhcp-client-ipv4-only-ipv6-disabled.network',
|
||||||
|
@ -3145,6 +3147,30 @@ class NetworkdDHCPClientTests(unittest.TestCase, Utilities):
|
||||||
print(output)
|
print(output)
|
||||||
self.assertEqual(output, '')
|
self.assertEqual(output, '')
|
||||||
|
|
||||||
|
def test_dhcp_client_gateway_ipv4(self):
|
||||||
|
copy_unit_to_networkd_unit_path('25-veth.netdev', 'dhcp-server-veth-peer.network',
|
||||||
|
'dhcp-client-gateway-ipv4.network')
|
||||||
|
start_networkd()
|
||||||
|
self.wait_online(['veth-peer:carrier'])
|
||||||
|
start_dnsmasq()
|
||||||
|
self.wait_online(['veth99:routable', 'veth-peer:routable'])
|
||||||
|
|
||||||
|
output = check_output('ip route list dev veth99 10.0.0.0/8')
|
||||||
|
print(output)
|
||||||
|
self.assertRegex(output, '10.0.0.0/8 via 192.168.5.1 proto static')
|
||||||
|
|
||||||
|
def test_dhcp_client_gateway_ipv6(self):
|
||||||
|
copy_unit_to_networkd_unit_path('25-veth.netdev', 'dhcp-server-veth-peer.network',
|
||||||
|
'dhcp-client-gateway-ipv6.network')
|
||||||
|
start_networkd()
|
||||||
|
self.wait_online(['veth-peer:carrier'])
|
||||||
|
start_dnsmasq()
|
||||||
|
self.wait_online(['veth99:routable', 'veth-peer:routable'])
|
||||||
|
|
||||||
|
output = check_output('ip -6 route list dev veth99 2001:1234:5:9fff:ff:ff:ff:ff')
|
||||||
|
print(output)
|
||||||
|
self.assertRegex(output, 'via fe80::1034:56ff:fe78:9abd')
|
||||||
|
|
||||||
def test_dhcp_client_gateway_onlink_implicit(self):
|
def test_dhcp_client_gateway_onlink_implicit(self):
|
||||||
copy_unit_to_networkd_unit_path('25-veth.netdev', 'dhcp-server-veth-peer.network',
|
copy_unit_to_networkd_unit_path('25-veth.netdev', 'dhcp-server-veth-peer.network',
|
||||||
'dhcp-client-gateway-onlink-implicit.network')
|
'dhcp-client-gateway-onlink-implicit.network')
|
||||||
|
|
|
@ -35,6 +35,7 @@ units = [
|
||||||
['local-fs.target', ''],
|
['local-fs.target', ''],
|
||||||
['machine.slice', 'ENABLE_MACHINED'],
|
['machine.slice', 'ENABLE_MACHINED'],
|
||||||
['machines.target', 'ENABLE_MACHINED'],
|
['machines.target', 'ENABLE_MACHINED'],
|
||||||
|
['modprobe@.service', ''],
|
||||||
['multi-user.target', '',
|
['multi-user.target', '',
|
||||||
'runlevel2.target runlevel3.target runlevel4.target'],
|
'runlevel2.target runlevel3.target runlevel4.target'],
|
||||||
['network-online.target', ''],
|
['network-online.target', ''],
|
||||||
|
|
|
@ -0,0 +1,16 @@
|
||||||
|
# SPDX-License-Identifier: LGPL-2.1+
|
||||||
|
#
|
||||||
|
# This file is part of systemd.
|
||||||
|
#
|
||||||
|
# systemd is free software; you can redistribute it and/or modify it
|
||||||
|
# under the terms of the GNU Lesser General Public License as published by
|
||||||
|
# the Free Software Foundation; either version 2.1 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
|
||||||
|
[Unit]
|
||||||
|
Description=Load kernel module %i
|
||||||
|
Documentation=man:modprobe(8)
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=oneshot
|
||||||
|
ExecStart=-/sbin/modprobe -abq %I
|
|
@ -12,8 +12,8 @@ Description=Login Service
|
||||||
Documentation=man:systemd-logind.service(8) man:logind.conf(5)
|
Documentation=man:systemd-logind.service(8) man:logind.conf(5)
|
||||||
Documentation=https://www.freedesktop.org/wiki/Software/systemd/logind
|
Documentation=https://www.freedesktop.org/wiki/Software/systemd/logind
|
||||||
Documentation=https://www.freedesktop.org/wiki/Software/systemd/multiseat
|
Documentation=https://www.freedesktop.org/wiki/Software/systemd/multiseat
|
||||||
Wants=user.slice
|
Wants=user.slice modprobe@drm.service
|
||||||
After=nss-user-lookup.target user.slice
|
After=nss-user-lookup.target user.slice modprobe@drm.service
|
||||||
|
|
||||||
# Ask for the dbus socket.
|
# Ask for the dbus socket.
|
||||||
Wants=dbus.socket
|
Wants=dbus.socket
|
||||||
|
@ -29,7 +29,6 @@ DeviceAllow=char-input rw
|
||||||
DeviceAllow=char-tty rw
|
DeviceAllow=char-tty rw
|
||||||
DeviceAllow=char-vcs rw
|
DeviceAllow=char-vcs rw
|
||||||
# Make sure the DeviceAllow= lines above can work correctly when referenceing char-drm
|
# Make sure the DeviceAllow= lines above can work correctly when referenceing char-drm
|
||||||
ExecStartPre=-/sbin/modprobe -abq drm
|
|
||||||
ExecStart=@rootlibexecdir@/systemd-logind
|
ExecStart=@rootlibexecdir@/systemd-logind
|
||||||
FileDescriptorStoreMax=512
|
FileDescriptorStoreMax=512
|
||||||
IPAddressDeny=any
|
IPAddressDeny=any
|
||||||
|
|
|
@ -10,14 +10,14 @@
|
||||||
[Unit]
|
[Unit]
|
||||||
Description=Container %i
|
Description=Container %i
|
||||||
Documentation=man:systemd-nspawn(1)
|
Documentation=man:systemd-nspawn(1)
|
||||||
|
Wants=modprobe@tun.service modprobe@loop.service modprobe@dm-mod.service
|
||||||
PartOf=machines.target
|
PartOf=machines.target
|
||||||
Before=machines.target
|
Before=machines.target
|
||||||
After=network.target systemd-resolved.service
|
After=network.target systemd-resolved.service modprobe@tun.service modprobe@loop.service modprobe@dm-mod.service
|
||||||
RequiresMountsFor=/var/lib/machines
|
RequiresMountsFor=/var/lib/machines
|
||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
# Make sure the DeviceAllow= lines below can properly resolve the 'block-loop' expression (and others)
|
# Make sure the DeviceAllow= lines below can properly resolve the 'block-loop' expression (and others)
|
||||||
ExecStartPre=-/sbin/modprobe -abq tun loop dm-mod
|
|
||||||
ExecStart=@bindir@/systemd-nspawn --quiet --keep-unit --boot --link-journal=try-guest --network-veth -U --settings=override --machine=%i
|
ExecStart=@bindir@/systemd-nspawn --quiet --keep-unit --boot --link-journal=try-guest --network-veth -U --settings=override --machine=%i
|
||||||
KillMode=mixed
|
KillMode=mixed
|
||||||
Type=notify
|
Type=notify
|
||||||
|
|
Loading…
Reference in New Issue