Compare commits
35 Commits
dda1e98c04
...
b971f3852e
Author | SHA1 | Date |
---|---|---|
Yu Watanabe | b971f3852e | |
Yu Watanabe | e532319020 | |
Yu Watanabe | 559cc2bef9 | |
Yu Watanabe | e5eb3ad653 | |
Yu Watanabe | c9285f3ad7 | |
Yu Watanabe | e85a7545af | |
Yu Watanabe | 7669f20eed | |
Yu Watanabe | 9e05e33871 | |
Lennart Poettering | 95116bdfd5 | |
Lennart Poettering | 2bd290ca02 | |
Yu Watanabe | 1e9fb1d456 | |
Yu Watanabe | 56c761f8c6 | |
Yu Watanabe | b76730f3fe | |
Yu Watanabe | 3dda236c5c | |
Zbigniew Jędrzejewski-Szmek | 5598454a3f | |
Yu Watanabe | 2994ca354b | |
Yu Watanabe | eb14b993bb | |
Christian Hesse | c946b13575 | |
Lennart Poettering | e39cbb1442 | |
Marco Tomaschett | bc4a027f9c | |
Lennart Poettering | d209e197f8 | |
Antonio Alvarez Feijoo | 9ed090230e | |
Luca Boccassi | 9bf6ffe166 | |
Lennart Poettering | 47c5ca237b | |
Lennart Poettering | 7f8a4f12df | |
Lennart Poettering | e412fc5e04 | |
Lennart Poettering | cc6baba720 | |
Lennart Poettering | 3ae48d071c | |
Antonio Alvarez Feijoo | 2ccacdd57c | |
Yu Watanabe | d99198819c | |
Tobias Zimmermann | f70e5620b6 | |
Zbigniew Jędrzejewski-Szmek | 3127c71bf4 | |
Yuri Chornoivan | b153eebfb2 | |
Zbigniew Jędrzejewski-Szmek | 2c06e40ae9 | |
Zbigniew Jędrzejewski-Szmek | 5ca9149464 |
|
@ -1438,6 +1438,11 @@ evdev:input:b0003v046DpC309*
|
||||||
KEYBOARD_KEY_c01b6=images # My Pictures (F11)
|
KEYBOARD_KEY_c01b6=images # My Pictures (F11)
|
||||||
KEYBOARD_KEY_c01b7=audio # My Music (F12)
|
KEYBOARD_KEY_c01b7=audio # My Music (F12)
|
||||||
|
|
||||||
|
# Logitech MX Keys for Mac
|
||||||
|
evdev:input:b0003v046Dp4092*
|
||||||
|
KEYBOARD_KEY_70035=102nd # '<' key
|
||||||
|
KEYBOARD_KEY_70064=grave # '^' key
|
||||||
|
|
||||||
###########################################################
|
###########################################################
|
||||||
# Maxdata
|
# Maxdata
|
||||||
###########################################################
|
###########################################################
|
||||||
|
|
|
@ -953,6 +953,15 @@ sensor:modalias:acpi:MXC6655*:dmi:*:svnDefaultstring*:pnP612F:*
|
||||||
sensor:modalias:acpi:SMO8500*:dmi:*:svnPEAQ:pnPEAQPMMC1010MD99187:*
|
sensor:modalias:acpi:SMO8500*:dmi:*:svnPEAQ:pnPEAQPMMC1010MD99187:*
|
||||||
ACCEL_MOUNT_MATRIX=-1, 0, 0; 0, 1, 0; 0, 0, 1
|
ACCEL_MOUNT_MATRIX=-1, 0, 0; 0, 1, 0; 0, 0, 1
|
||||||
|
|
||||||
|
#########################################
|
||||||
|
# Pine64
|
||||||
|
#########################################
|
||||||
|
|
||||||
|
# PineTab2
|
||||||
|
|
||||||
|
sensor:modalias:of:NaccelerometerT_null_Csilan,sc7a20:*
|
||||||
|
ACCEL_MOUNT_MATRIX=0, 0, -1; 1, 0, 0; 0, -1, 0
|
||||||
|
|
||||||
#########################################
|
#########################################
|
||||||
# Pipo
|
# Pipo
|
||||||
#########################################
|
#########################################
|
||||||
|
|
|
@ -265,32 +265,11 @@
|
||||||
</refsect1>
|
</refsect1>
|
||||||
|
|
||||||
<refsect1>
|
<refsect1>
|
||||||
<title>Options</title>
|
<title>Unlocking</title>
|
||||||
|
|
||||||
<para>The following options are understood:</para>
|
<para>The following options are understood that may be used to unlock the device in preparation of the enrollment operations:</para>
|
||||||
|
|
||||||
<variablelist>
|
<variablelist>
|
||||||
<varlistentry>
|
|
||||||
<term><option>--password</option></term>
|
|
||||||
|
|
||||||
<listitem><para>Enroll a regular password/passphrase. This command is mostly equivalent to
|
|
||||||
<command>cryptsetup luksAddKey</command>, however may be combined with
|
|
||||||
<option>--wipe-slot=</option> in one call, see below.</para>
|
|
||||||
|
|
||||||
<xi:include href="version-info.xml" xpointer="v248"/></listitem>
|
|
||||||
</varlistentry>
|
|
||||||
|
|
||||||
<varlistentry>
|
|
||||||
<term><option>--recovery-key</option></term>
|
|
||||||
|
|
||||||
<listitem><para>Enroll a recovery key. Recovery keys are mostly identical to passphrases, but are
|
|
||||||
computer-generated instead of being chosen by a human, and thus have a guaranteed high entropy. The
|
|
||||||
key uses a character set that is easy to type in, and may be scanned off screen via a QR code.
|
|
||||||
</para>
|
|
||||||
|
|
||||||
<xi:include href="version-info.xml" xpointer="v248"/></listitem>
|
|
||||||
</varlistentry>
|
|
||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><option>--unlock-key-file=<replaceable>PATH</replaceable></option></term>
|
<term><option>--unlock-key-file=<replaceable>PATH</replaceable></option></term>
|
||||||
|
|
||||||
|
@ -328,7 +307,45 @@
|
||||||
|
|
||||||
<xi:include href="version-info.xml" xpointer="v256"/></listitem>
|
<xi:include href="version-info.xml" xpointer="v256"/></listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
</variablelist>
|
||||||
|
</refsect1>
|
||||||
|
|
||||||
|
<refsect1>
|
||||||
|
<title>Simple Enrollment</title>
|
||||||
|
|
||||||
|
<para>The following options are understood that may be used to enroll simple user input based
|
||||||
|
unlocking:</para>
|
||||||
|
|
||||||
|
<variablelist>
|
||||||
|
<varlistentry>
|
||||||
|
<term><option>--password</option></term>
|
||||||
|
|
||||||
|
<listitem><para>Enroll a regular password/passphrase. This command is mostly equivalent to
|
||||||
|
<command>cryptsetup luksAddKey</command>, however may be combined with
|
||||||
|
<option>--wipe-slot=</option> in one call, see below.</para>
|
||||||
|
|
||||||
|
<xi:include href="version-info.xml" xpointer="v248"/></listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term><option>--recovery-key</option></term>
|
||||||
|
|
||||||
|
<listitem><para>Enroll a recovery key. Recovery keys are mostly identical to passphrases, but are
|
||||||
|
computer-generated instead of being chosen by a human, and thus have a guaranteed high entropy. The
|
||||||
|
key uses a character set that is easy to type in, and may be scanned off screen via a QR code.
|
||||||
|
</para>
|
||||||
|
|
||||||
|
<xi:include href="version-info.xml" xpointer="v248"/></listitem>
|
||||||
|
</varlistentry>
|
||||||
|
</variablelist>
|
||||||
|
</refsect1>
|
||||||
|
|
||||||
|
<refsect1>
|
||||||
|
<title>PKCS#11 Enrollment</title>
|
||||||
|
|
||||||
|
<para>The following option is understood that may be used to enroll PKCS#11 tokens:</para>
|
||||||
|
|
||||||
|
<variablelist>
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><option>--pkcs11-token-uri=<replaceable>URI</replaceable></option></term>
|
<term><option>--pkcs11-token-uri=<replaceable>URI</replaceable></option></term>
|
||||||
|
|
||||||
|
@ -361,7 +378,15 @@
|
||||||
|
|
||||||
<xi:include href="version-info.xml" xpointer="v248"/></listitem>
|
<xi:include href="version-info.xml" xpointer="v248"/></listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
</variablelist>
|
||||||
|
</refsect1>
|
||||||
|
|
||||||
|
<refsect1>
|
||||||
|
<title>FIDO2 Enrollment</title>
|
||||||
|
|
||||||
|
<para>The following options are understood that may be used to enroll PKCS#11 tokens:</para>
|
||||||
|
|
||||||
|
<variablelist>
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><option>--fido2-credential-algorithm=<replaceable>STRING</replaceable></option></term>
|
<term><option>--fido2-credential-algorithm=<replaceable>STRING</replaceable></option></term>
|
||||||
<listitem><para>Specify COSE algorithm used in credential generation. The default value is
|
<listitem><para>Specify COSE algorithm used in credential generation. The default value is
|
||||||
|
@ -461,7 +486,15 @@
|
||||||
|
|
||||||
<xi:include href="version-info.xml" xpointer="v249"/></listitem>
|
<xi:include href="version-info.xml" xpointer="v249"/></listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
</variablelist>
|
||||||
|
</refsect1>
|
||||||
|
|
||||||
|
<refsect1>
|
||||||
|
<title>TPM2 Enrollment</title>
|
||||||
|
|
||||||
|
<para>The following options are understood that may be used to enroll TPM2 devices:</para>
|
||||||
|
|
||||||
|
<variablelist>
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><option>--tpm2-device=<replaceable>PATH</replaceable></option></term>
|
<term><option>--tpm2-device=<replaceable>PATH</replaceable></option></term>
|
||||||
|
|
||||||
|
@ -636,7 +669,15 @@
|
||||||
|
|
||||||
<xi:include href="version-info.xml" xpointer="v255"/></listitem>
|
<xi:include href="version-info.xml" xpointer="v255"/></listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
</variablelist>
|
||||||
|
</refsect1>
|
||||||
|
|
||||||
|
<refsect1>
|
||||||
|
<title>Other Options</title>
|
||||||
|
|
||||||
|
<para>The following additional options are understood:</para>
|
||||||
|
|
||||||
|
<variablelist>
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><option>--wipe-slot=<replaceable>SLOT<optional>,SLOT...</optional></replaceable></option></term>
|
<term><option>--wipe-slot=<replaceable>SLOT<optional>,SLOT...</optional></replaceable></option></term>
|
||||||
|
|
||||||
|
|
10
po/uk.po
10
po/uk.po
|
@ -9,8 +9,8 @@ msgid ""
|
||||||
msgstr ""
|
msgstr ""
|
||||||
"Report-Msgid-Bugs-To: \n"
|
"Report-Msgid-Bugs-To: \n"
|
||||||
"POT-Creation-Date: 2024-11-06 14:42+0000\n"
|
"POT-Creation-Date: 2024-11-06 14:42+0000\n"
|
||||||
"PO-Revision-Date: 2024-11-20 19:13+0000\n"
|
"PO-Revision-Date: 2024-11-21 19:38+0000\n"
|
||||||
"Last-Translator: Dmytro Markevych <hotr1pak@gmail.com>\n"
|
"Last-Translator: Yuri Chornoivan <yurchor@ukr.net>\n"
|
||||||
"Language-Team: Ukrainian <https://translate.fedoraproject.org/projects/"
|
"Language-Team: Ukrainian <https://translate.fedoraproject.org/projects/"
|
||||||
"systemd/main/uk/>\n"
|
"systemd/main/uk/>\n"
|
||||||
"Language: uk\n"
|
"Language: uk\n"
|
||||||
|
@ -120,11 +120,11 @@ msgstr "Для оновлення домашньої теки користува
|
||||||
|
|
||||||
#: src/home/org.freedesktop.home1.policy:53
|
#: src/home/org.freedesktop.home1.policy:53
|
||||||
msgid "Update your home area"
|
msgid "Update your home area"
|
||||||
msgstr "Оновіть свій домашній простір"
|
msgstr "Оновлення домашньої області"
|
||||||
|
|
||||||
#: src/home/org.freedesktop.home1.policy:54
|
#: src/home/org.freedesktop.home1.policy:54
|
||||||
msgid "Authentication is required to update your home area."
|
msgid "Authentication is required to update your home area."
|
||||||
msgstr "Для оновлення домашньої області потрібна автентифікація."
|
msgstr "Для оновлення домашньої області слід пройти розпізнавання."
|
||||||
|
|
||||||
#: src/home/org.freedesktop.home1.policy:63
|
#: src/home/org.freedesktop.home1.policy:63
|
||||||
msgid "Resize a home area"
|
msgid "Resize a home area"
|
||||||
|
@ -1215,7 +1215,7 @@ msgstr "Керування додатковими функціями"
|
||||||
|
|
||||||
#: src/sysupdate/org.freedesktop.sysupdate1.policy:76
|
#: src/sysupdate/org.freedesktop.sysupdate1.policy:76
|
||||||
msgid "Authentication is required to manage optional features"
|
msgid "Authentication is required to manage optional features"
|
||||||
msgstr "Для керування додатковими функціями потрібна автентифікація"
|
msgstr "Для керування додатковими можливостями слід пройти розпізнавання"
|
||||||
|
|
||||||
#: src/timedate/org.freedesktop.timedate1.policy:22
|
#: src/timedate/org.freedesktop.timedate1.policy:22
|
||||||
msgid "Set system time"
|
msgid "Set system time"
|
||||||
|
|
|
@ -38,19 +38,12 @@ __get_tpm2_devices() {
|
||||||
done
|
done
|
||||||
}
|
}
|
||||||
|
|
||||||
__get_block_devices() {
|
|
||||||
local i
|
|
||||||
for i in /dev/*; do
|
|
||||||
[ -b "$i" ] && printf '%s\n' "$i"
|
|
||||||
done
|
|
||||||
}
|
|
||||||
|
|
||||||
_systemd_cryptenroll() {
|
_systemd_cryptenroll() {
|
||||||
local comps
|
local comps
|
||||||
local cur=${COMP_WORDS[COMP_CWORD]} prev=${COMP_WORDS[COMP_CWORD-1]} words cword
|
local cur=${COMP_WORDS[COMP_CWORD]} prev=${COMP_WORDS[COMP_CWORD-1]} words cword
|
||||||
local -A OPTS=(
|
local -A OPTS=(
|
||||||
[STANDALONE]='-h --help --version
|
[STANDALONE]='-h --help --version
|
||||||
--password --recovery-key'
|
--password --recovery-key --list-devices'
|
||||||
[ARG]='--unlock-key-file
|
[ARG]='--unlock-key-file
|
||||||
--unlock-fido2-device
|
--unlock-fido2-device
|
||||||
--unlock-tpm2-device
|
--unlock-tpm2-device
|
||||||
|
@ -116,7 +109,7 @@ _systemd_cryptenroll() {
|
||||||
return 0
|
return 0
|
||||||
fi
|
fi
|
||||||
|
|
||||||
comps=$(__get_block_devices)
|
comps=$(systemd-cryptenroll --list-devices)
|
||||||
COMPREPLY=( $(compgen -W '$comps' -- "$cur") )
|
COMPREPLY=( $(compgen -W '$comps' -- "$cur") )
|
||||||
return 0
|
return 0
|
||||||
}
|
}
|
||||||
|
|
|
@ -21,7 +21,7 @@
|
||||||
#define AUTOFS_MIN_PROTO_VERSION 3
|
#define AUTOFS_MIN_PROTO_VERSION 3
|
||||||
#define AUTOFS_MAX_PROTO_VERSION 5
|
#define AUTOFS_MAX_PROTO_VERSION 5
|
||||||
|
|
||||||
#define AUTOFS_PROTO_SUBVERSION 5
|
#define AUTOFS_PROTO_SUBVERSION 6
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* The wait_queue_token (autofs_wqt_t) is part of a structure which is passed
|
* The wait_queue_token (autofs_wqt_t) is part of a structure which is passed
|
||||||
|
|
|
@ -1121,6 +1121,9 @@ enum bpf_attach_type {
|
||||||
|
|
||||||
#define MAX_BPF_ATTACH_TYPE __MAX_BPF_ATTACH_TYPE
|
#define MAX_BPF_ATTACH_TYPE __MAX_BPF_ATTACH_TYPE
|
||||||
|
|
||||||
|
/* Add BPF_LINK_TYPE(type, name) in bpf_types.h to keep bpf_link_type_strs[]
|
||||||
|
* in sync with the definitions below.
|
||||||
|
*/
|
||||||
enum bpf_link_type {
|
enum bpf_link_type {
|
||||||
BPF_LINK_TYPE_UNSPEC = 0,
|
BPF_LINK_TYPE_UNSPEC = 0,
|
||||||
BPF_LINK_TYPE_RAW_TRACEPOINT = 1,
|
BPF_LINK_TYPE_RAW_TRACEPOINT = 1,
|
||||||
|
@ -2851,7 +2854,7 @@ union bpf_attr {
|
||||||
* **TCP_SYNCNT**, **TCP_USER_TIMEOUT**, **TCP_NOTSENT_LOWAT**,
|
* **TCP_SYNCNT**, **TCP_USER_TIMEOUT**, **TCP_NOTSENT_LOWAT**,
|
||||||
* **TCP_NODELAY**, **TCP_MAXSEG**, **TCP_WINDOW_CLAMP**,
|
* **TCP_NODELAY**, **TCP_MAXSEG**, **TCP_WINDOW_CLAMP**,
|
||||||
* **TCP_THIN_LINEAR_TIMEOUTS**, **TCP_BPF_DELACK_MAX**,
|
* **TCP_THIN_LINEAR_TIMEOUTS**, **TCP_BPF_DELACK_MAX**,
|
||||||
* **TCP_BPF_RTO_MIN**.
|
* **TCP_BPF_RTO_MIN**, **TCP_BPF_SOCK_OPS_CB_FLAGS**.
|
||||||
* * **IPPROTO_IP**, which supports *optname* **IP_TOS**.
|
* * **IPPROTO_IP**, which supports *optname* **IP_TOS**.
|
||||||
* * **IPPROTO_IPV6**, which supports the following *optname*\ s:
|
* * **IPPROTO_IPV6**, which supports the following *optname*\ s:
|
||||||
* **IPV6_TCLASS**, **IPV6_AUTOFLOWLABEL**.
|
* **IPV6_TCLASS**, **IPV6_AUTOFLOWLABEL**.
|
||||||
|
@ -5519,11 +5522,12 @@ union bpf_attr {
|
||||||
* **-EOPNOTSUPP** if the hash calculation failed or **-EINVAL** if
|
* **-EOPNOTSUPP** if the hash calculation failed or **-EINVAL** if
|
||||||
* invalid arguments are passed.
|
* invalid arguments are passed.
|
||||||
*
|
*
|
||||||
* void *bpf_kptr_xchg(void *map_value, void *ptr)
|
* void *bpf_kptr_xchg(void *dst, void *ptr)
|
||||||
* Description
|
* Description
|
||||||
* Exchange kptr at pointer *map_value* with *ptr*, and return the
|
* Exchange kptr at pointer *dst* with *ptr*, and return the old value.
|
||||||
* old value. *ptr* can be NULL, otherwise it must be a referenced
|
* *dst* can be map value or local kptr. *ptr* can be NULL, otherwise
|
||||||
* pointer which will be released when this helper is called.
|
* it must be a referenced pointer which will be released when this helper
|
||||||
|
* is called.
|
||||||
* Return
|
* Return
|
||||||
* The old value of kptr (which can be NULL). The returned pointer
|
* The old value of kptr (which can be NULL). The returned pointer
|
||||||
* if not NULL, is a reference which must be released using its
|
* if not NULL, is a reference which must be released using its
|
||||||
|
@ -6046,11 +6050,6 @@ enum {
|
||||||
BPF_F_MARK_ENFORCE = (1ULL << 6),
|
BPF_F_MARK_ENFORCE = (1ULL << 6),
|
||||||
};
|
};
|
||||||
|
|
||||||
/* BPF_FUNC_clone_redirect and BPF_FUNC_redirect flags. */
|
|
||||||
enum {
|
|
||||||
BPF_F_INGRESS = (1ULL << 0),
|
|
||||||
};
|
|
||||||
|
|
||||||
/* BPF_FUNC_skb_set_tunnel_key and BPF_FUNC_skb_get_tunnel_key flags. */
|
/* BPF_FUNC_skb_set_tunnel_key and BPF_FUNC_skb_get_tunnel_key flags. */
|
||||||
enum {
|
enum {
|
||||||
BPF_F_TUNINFO_IPV6 = (1ULL << 0),
|
BPF_F_TUNINFO_IPV6 = (1ULL << 0),
|
||||||
|
@ -6197,10 +6196,12 @@ enum {
|
||||||
BPF_F_BPRM_SECUREEXEC = (1ULL << 0),
|
BPF_F_BPRM_SECUREEXEC = (1ULL << 0),
|
||||||
};
|
};
|
||||||
|
|
||||||
/* Flags for bpf_redirect_map helper */
|
/* Flags for bpf_redirect and bpf_redirect_map helpers */
|
||||||
enum {
|
enum {
|
||||||
BPF_F_BROADCAST = (1ULL << 3),
|
BPF_F_INGRESS = (1ULL << 0), /* used for skb path */
|
||||||
BPF_F_EXCLUDE_INGRESS = (1ULL << 4),
|
BPF_F_BROADCAST = (1ULL << 3), /* used for XDP path */
|
||||||
|
BPF_F_EXCLUDE_INGRESS = (1ULL << 4), /* used for XDP path */
|
||||||
|
#define BPF_F_REDIRECT_FLAGS (BPF_F_INGRESS | BPF_F_BROADCAST | BPF_F_EXCLUDE_INGRESS)
|
||||||
};
|
};
|
||||||
|
|
||||||
#define __bpf_md_ptr(type, name) \
|
#define __bpf_md_ptr(type, name) \
|
||||||
|
@ -7080,6 +7081,7 @@ enum {
|
||||||
TCP_BPF_SYN = 1005, /* Copy the TCP header */
|
TCP_BPF_SYN = 1005, /* Copy the TCP header */
|
||||||
TCP_BPF_SYN_IP = 1006, /* Copy the IP[46] and TCP header */
|
TCP_BPF_SYN_IP = 1006, /* Copy the IP[46] and TCP header */
|
||||||
TCP_BPF_SYN_MAC = 1007, /* Copy the MAC, IP[46], and TCP header */
|
TCP_BPF_SYN_MAC = 1007, /* Copy the MAC, IP[46], and TCP header */
|
||||||
|
TCP_BPF_SOCK_OPS_CB_FLAGS = 1008, /* Get or Set TCP sock ops flags */
|
||||||
};
|
};
|
||||||
|
|
||||||
enum {
|
enum {
|
||||||
|
@ -7512,4 +7514,13 @@ struct bpf_iter_num {
|
||||||
__u64 __opaque[1];
|
__u64 __opaque[1];
|
||||||
} __attribute__((aligned(8)));
|
} __attribute__((aligned(8)));
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Flags to control BPF kfunc behaviour.
|
||||||
|
* - BPF_F_PAD_ZEROS: Pad destination buffer with zeros. (See the respective
|
||||||
|
* helper documentation for details.)
|
||||||
|
*/
|
||||||
|
enum bpf_kfunc_flags {
|
||||||
|
BPF_F_PAD_ZEROS = (1ULL << 0),
|
||||||
|
};
|
||||||
|
|
||||||
#endif /* __LINUX_BPF_H__ */
|
#endif /* __LINUX_BPF_H__ */
|
||||||
|
|
|
@ -28,6 +28,23 @@
|
||||||
#define _BITUL(x) (_UL(1) << (x))
|
#define _BITUL(x) (_UL(1) << (x))
|
||||||
#define _BITULL(x) (_ULL(1) << (x))
|
#define _BITULL(x) (_ULL(1) << (x))
|
||||||
|
|
||||||
|
#if !defined(__ASSEMBLY__)
|
||||||
|
/*
|
||||||
|
* Missing __asm__ support
|
||||||
|
*
|
||||||
|
* __BIT128() would not work in the __asm__ code, as it shifts an
|
||||||
|
* 'unsigned __init128' data type as direct representation of
|
||||||
|
* 128 bit constants is not supported in the gcc compiler, as
|
||||||
|
* they get silently truncated.
|
||||||
|
*
|
||||||
|
* TODO: Please revisit this implementation when gcc compiler
|
||||||
|
* starts representing 128 bit constants directly like long
|
||||||
|
* and unsigned long etc. Subsequently drop the comment for
|
||||||
|
* GENMASK_U128() which would then start supporting __asm__ code.
|
||||||
|
*/
|
||||||
|
#define _BIT128(x) ((unsigned __int128)(1) << (x))
|
||||||
|
#endif
|
||||||
|
|
||||||
#define __ALIGN_KERNEL(x, a) __ALIGN_KERNEL_MASK(x, (__typeof__(x))(a) - 1)
|
#define __ALIGN_KERNEL(x, a) __ALIGN_KERNEL_MASK(x, (__typeof__(x))(a) - 1)
|
||||||
#define __ALIGN_KERNEL_MASK(x, mask) (((x) + (mask)) & ~(mask))
|
#define __ALIGN_KERNEL_MASK(x, mask) (((x) + (mask)) & ~(mask))
|
||||||
|
|
||||||
|
|
|
@ -2531,4 +2531,20 @@ struct ethtool_link_settings {
|
||||||
* __u32 map_lp_advertising[link_mode_masks_nwords];
|
* __u32 map_lp_advertising[link_mode_masks_nwords];
|
||||||
*/
|
*/
|
||||||
};
|
};
|
||||||
|
|
||||||
|
/**
|
||||||
|
* enum phy_upstream - Represents the upstream component a given PHY device
|
||||||
|
* is connected to, as in what is on the other end of the MII bus. Most PHYs
|
||||||
|
* will be attached to an Ethernet MAC controller, but in some cases, there's
|
||||||
|
* an intermediate PHY used as a media-converter, which will driver another
|
||||||
|
* MII interface as its output.
|
||||||
|
* @PHY_UPSTREAM_MAC: Upstream component is a MAC (a switch port,
|
||||||
|
* or ethernet controller)
|
||||||
|
* @PHY_UPSTREAM_PHY: Upstream component is a PHY (likely a media converter)
|
||||||
|
*/
|
||||||
|
enum phy_upstream {
|
||||||
|
PHY_UPSTREAM_MAC,
|
||||||
|
PHY_UPSTREAM_PHY,
|
||||||
|
};
|
||||||
|
|
||||||
#endif /* _LINUX_ETHTOOL_H */
|
#endif /* _LINUX_ETHTOOL_H */
|
||||||
|
|
|
@ -67,6 +67,7 @@ enum {
|
||||||
FRA_IP_PROTO, /* ip proto */
|
FRA_IP_PROTO, /* ip proto */
|
||||||
FRA_SPORT_RANGE, /* sport */
|
FRA_SPORT_RANGE, /* sport */
|
||||||
FRA_DPORT_RANGE, /* dport */
|
FRA_DPORT_RANGE, /* dport */
|
||||||
|
FRA_DSCP, /* dscp */
|
||||||
__FRA_MAX
|
__FRA_MAX
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -230,8 +230,8 @@ struct tpacket_hdr_v1 {
|
||||||
* ts_first_pkt:
|
* ts_first_pkt:
|
||||||
* Is always the time-stamp when the block was opened.
|
* Is always the time-stamp when the block was opened.
|
||||||
* Case a) ZERO packets
|
* Case a) ZERO packets
|
||||||
* No packets to deal with but atleast you know the
|
* No packets to deal with but at least you know
|
||||||
* time-interval of this block.
|
* the time-interval of this block.
|
||||||
* Case b) Non-zero packets
|
* Case b) Non-zero packets
|
||||||
* Use the ts of the first packet in the block.
|
* Use the ts of the first packet in the block.
|
||||||
*
|
*
|
||||||
|
@ -265,7 +265,8 @@ enum tpacket_versions {
|
||||||
- struct tpacket_hdr
|
- struct tpacket_hdr
|
||||||
- pad to TPACKET_ALIGNMENT=16
|
- pad to TPACKET_ALIGNMENT=16
|
||||||
- struct sockaddr_ll
|
- struct sockaddr_ll
|
||||||
- Gap, chosen so that packet data (Start+tp_net) alignes to TPACKET_ALIGNMENT=16
|
- Gap, chosen so that packet data (Start+tp_net) aligns to
|
||||||
|
TPACKET_ALIGNMENT=16
|
||||||
- Start+tp_mac: [ Optional MAC header ]
|
- Start+tp_mac: [ Optional MAC header ]
|
||||||
- Start+tp_net: Packet data, aligned to TPACKET_ALIGNMENT=16.
|
- Start+tp_net: Packet data, aligned to TPACKET_ALIGNMENT=16.
|
||||||
- Pad to align to TPACKET_ALIGNMENT=16
|
- Pad to align to TPACKET_ALIGNMENT=16
|
||||||
|
|
|
@ -141,7 +141,7 @@ struct in_addr {
|
||||||
*/
|
*/
|
||||||
#define IP_PMTUDISC_INTERFACE 4
|
#define IP_PMTUDISC_INTERFACE 4
|
||||||
/* weaker version of IP_PMTUDISC_INTERFACE, which allows packets to get
|
/* weaker version of IP_PMTUDISC_INTERFACE, which allows packets to get
|
||||||
* fragmented if they exeed the interface mtu
|
* fragmented if they exceed the interface mtu
|
||||||
*/
|
*/
|
||||||
#define IP_PMTUDISC_OMIT 5
|
#define IP_PMTUDISC_OMIT 5
|
||||||
|
|
||||||
|
|
|
@ -140,25 +140,6 @@
|
||||||
|
|
||||||
#endif /* _NETINET_IN_H */
|
#endif /* _NETINET_IN_H */
|
||||||
|
|
||||||
/* Coordinate with glibc netipx/ipx.h header. */
|
|
||||||
#if defined(__NETIPX_IPX_H)
|
|
||||||
|
|
||||||
#define __UAPI_DEF_SOCKADDR_IPX 0
|
|
||||||
#define __UAPI_DEF_IPX_ROUTE_DEFINITION 0
|
|
||||||
#define __UAPI_DEF_IPX_INTERFACE_DEFINITION 0
|
|
||||||
#define __UAPI_DEF_IPX_CONFIG_DATA 0
|
|
||||||
#define __UAPI_DEF_IPX_ROUTE_DEF 0
|
|
||||||
|
|
||||||
#else /* defined(__NETIPX_IPX_H) */
|
|
||||||
|
|
||||||
#define __UAPI_DEF_SOCKADDR_IPX 1
|
|
||||||
#define __UAPI_DEF_IPX_ROUTE_DEFINITION 1
|
|
||||||
#define __UAPI_DEF_IPX_INTERFACE_DEFINITION 1
|
|
||||||
#define __UAPI_DEF_IPX_CONFIG_DATA 1
|
|
||||||
#define __UAPI_DEF_IPX_ROUTE_DEF 1
|
|
||||||
|
|
||||||
#endif /* defined(__NETIPX_IPX_H) */
|
|
||||||
|
|
||||||
/* Definitions for xattr.h */
|
/* Definitions for xattr.h */
|
||||||
#if defined(_SYS_XATTR_H)
|
#if defined(_SYS_XATTR_H)
|
||||||
#define __UAPI_DEF_XATTR 0
|
#define __UAPI_DEF_XATTR 0
|
||||||
|
@ -240,23 +221,6 @@
|
||||||
#define __UAPI_DEF_IP6_MTUINFO 1
|
#define __UAPI_DEF_IP6_MTUINFO 1
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/* Definitions for ipx.h */
|
|
||||||
#ifndef __UAPI_DEF_SOCKADDR_IPX
|
|
||||||
#define __UAPI_DEF_SOCKADDR_IPX 1
|
|
||||||
#endif
|
|
||||||
#ifndef __UAPI_DEF_IPX_ROUTE_DEFINITION
|
|
||||||
#define __UAPI_DEF_IPX_ROUTE_DEFINITION 1
|
|
||||||
#endif
|
|
||||||
#ifndef __UAPI_DEF_IPX_INTERFACE_DEFINITION
|
|
||||||
#define __UAPI_DEF_IPX_INTERFACE_DEFINITION 1
|
|
||||||
#endif
|
|
||||||
#ifndef __UAPI_DEF_IPX_CONFIG_DATA
|
|
||||||
#define __UAPI_DEF_IPX_CONFIG_DATA 1
|
|
||||||
#endif
|
|
||||||
#ifndef __UAPI_DEF_IPX_ROUTE_DEF
|
|
||||||
#define __UAPI_DEF_IPX_ROUTE_DEF 1
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* Definitions for xattr.h */
|
/* Definitions for xattr.h */
|
||||||
#ifndef __UAPI_DEF_XATTR
|
#ifndef __UAPI_DEF_XATTR
|
||||||
#define __UAPI_DEF_XATTR 1
|
#define __UAPI_DEF_XATTR 1
|
||||||
|
|
|
@ -436,7 +436,7 @@ enum nft_set_elem_flags {
|
||||||
* @NFTA_SET_ELEM_KEY: key value (NLA_NESTED: nft_data)
|
* @NFTA_SET_ELEM_KEY: key value (NLA_NESTED: nft_data)
|
||||||
* @NFTA_SET_ELEM_DATA: data value of mapping (NLA_NESTED: nft_data_attributes)
|
* @NFTA_SET_ELEM_DATA: data value of mapping (NLA_NESTED: nft_data_attributes)
|
||||||
* @NFTA_SET_ELEM_FLAGS: bitmask of nft_set_elem_flags (NLA_U32)
|
* @NFTA_SET_ELEM_FLAGS: bitmask of nft_set_elem_flags (NLA_U32)
|
||||||
* @NFTA_SET_ELEM_TIMEOUT: timeout value (NLA_U64)
|
* @NFTA_SET_ELEM_TIMEOUT: timeout value, zero means never times out (NLA_U64)
|
||||||
* @NFTA_SET_ELEM_EXPIRATION: expiration time (NLA_U64)
|
* @NFTA_SET_ELEM_EXPIRATION: expiration time (NLA_U64)
|
||||||
* @NFTA_SET_ELEM_USERDATA: user data (NLA_BINARY)
|
* @NFTA_SET_ELEM_USERDATA: user data (NLA_BINARY)
|
||||||
* @NFTA_SET_ELEM_EXPR: expression (NLA_NESTED: nft_expr_attributes)
|
* @NFTA_SET_ELEM_EXPR: expression (NLA_NESTED: nft_expr_attributes)
|
||||||
|
@ -1694,7 +1694,7 @@ enum nft_flowtable_flags {
|
||||||
*
|
*
|
||||||
* @NFTA_FLOWTABLE_TABLE: name of the table containing the expression (NLA_STRING)
|
* @NFTA_FLOWTABLE_TABLE: name of the table containing the expression (NLA_STRING)
|
||||||
* @NFTA_FLOWTABLE_NAME: name of this flow table (NLA_STRING)
|
* @NFTA_FLOWTABLE_NAME: name of this flow table (NLA_STRING)
|
||||||
* @NFTA_FLOWTABLE_HOOK: netfilter hook configuration(NLA_U32)
|
* @NFTA_FLOWTABLE_HOOK: netfilter hook configuration (NLA_NESTED)
|
||||||
* @NFTA_FLOWTABLE_USE: number of references to this flow table (NLA_U32)
|
* @NFTA_FLOWTABLE_USE: number of references to this flow table (NLA_U32)
|
||||||
* @NFTA_FLOWTABLE_HANDLE: object handle (NLA_U64)
|
* @NFTA_FLOWTABLE_HANDLE: object handle (NLA_U64)
|
||||||
* @NFTA_FLOWTABLE_FLAGS: flags (NLA_U32)
|
* @NFTA_FLOWTABLE_FLAGS: flags (NLA_U32)
|
||||||
|
|
|
@ -16,10 +16,15 @@ struct nhmsg {
|
||||||
struct nexthop_grp {
|
struct nexthop_grp {
|
||||||
__u32 id; /* nexthop id - must exist */
|
__u32 id; /* nexthop id - must exist */
|
||||||
__u8 weight; /* weight of this nexthop */
|
__u8 weight; /* weight of this nexthop */
|
||||||
__u8 resvd1;
|
__u8 weight_high; /* high order bits of weight */
|
||||||
__u16 resvd2;
|
__u16 resvd2;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
static __inline__ __u16 nexthop_grp_weight(const struct nexthop_grp *entry)
|
||||||
|
{
|
||||||
|
return ((entry->weight_high << 8) | entry->weight) + 1;
|
||||||
|
}
|
||||||
|
|
||||||
enum {
|
enum {
|
||||||
NEXTHOP_GRP_TYPE_MPATH, /* hash-threshold nexthop group
|
NEXTHOP_GRP_TYPE_MPATH, /* hash-threshold nexthop group
|
||||||
* default type if not specified
|
* default type if not specified
|
||||||
|
@ -33,6 +38,9 @@ enum {
|
||||||
#define NHA_OP_FLAG_DUMP_STATS BIT(0)
|
#define NHA_OP_FLAG_DUMP_STATS BIT(0)
|
||||||
#define NHA_OP_FLAG_DUMP_HW_STATS BIT(1)
|
#define NHA_OP_FLAG_DUMP_HW_STATS BIT(1)
|
||||||
|
|
||||||
|
/* Response OP_FLAGS. */
|
||||||
|
#define NHA_OP_FLAG_RESP_GRP_RESVD_0 BIT(31) /* Dump clears resvd fields. */
|
||||||
|
|
||||||
enum {
|
enum {
|
||||||
NHA_UNSPEC,
|
NHA_UNSPEC,
|
||||||
NHA_ID, /* u32; id for nexthop. id == 0 means auto-assign */
|
NHA_ID, /* u32; id for nexthop. id == 0 means auto-assign */
|
||||||
|
|
|
@ -531,20 +531,24 @@ int is_idmapping_supported(const char *path) {
|
||||||
userns_fd = userns_acquire(uid_map, gid_map);
|
userns_fd = userns_acquire(uid_map, gid_map);
|
||||||
if (ERRNO_IS_NEG_NOT_SUPPORTED(userns_fd) || ERRNO_IS_NEG_PRIVILEGE(userns_fd))
|
if (ERRNO_IS_NEG_NOT_SUPPORTED(userns_fd) || ERRNO_IS_NEG_PRIVILEGE(userns_fd))
|
||||||
return false;
|
return false;
|
||||||
|
if (userns_fd == -ENOSPC) {
|
||||||
|
log_debug_errno(userns_fd, "Failed to acquire new user namespace, user.max_user_namespaces seems to be exhausted or maybe even zero, assuming ID-mapping is not supported: %m");
|
||||||
|
return false;
|
||||||
|
}
|
||||||
if (userns_fd < 0)
|
if (userns_fd < 0)
|
||||||
return log_debug_errno(userns_fd, "ID-mapping supported namespace acquire failed for '%s' : %m", path);
|
return log_debug_errno(userns_fd, "Failed to acquire new user namespace for checking if '%s' supports ID-mapping: %m", path);
|
||||||
|
|
||||||
dir_fd = RET_NERRNO(open(path, O_RDONLY | O_CLOEXEC | O_NOFOLLOW));
|
dir_fd = RET_NERRNO(open(path, O_RDONLY | O_CLOEXEC | O_NOFOLLOW));
|
||||||
if (ERRNO_IS_NEG_NOT_SUPPORTED(dir_fd))
|
if (ERRNO_IS_NEG_NOT_SUPPORTED(dir_fd))
|
||||||
return false;
|
return false;
|
||||||
if (dir_fd < 0)
|
if (dir_fd < 0)
|
||||||
return log_debug_errno(dir_fd, "ID-mapping supported open failed for '%s' : %m", path);
|
return log_debug_errno(dir_fd, "Failed to open '%s', cannot determine if ID-mapping is supported: %m", path);
|
||||||
|
|
||||||
mount_fd = RET_NERRNO(open_tree(dir_fd, "", AT_EMPTY_PATH | OPEN_TREE_CLONE | OPEN_TREE_CLOEXEC));
|
mount_fd = RET_NERRNO(open_tree(dir_fd, "", AT_EMPTY_PATH | OPEN_TREE_CLONE | OPEN_TREE_CLOEXEC));
|
||||||
if (ERRNO_IS_NEG_NOT_SUPPORTED(mount_fd) || ERRNO_IS_NEG_PRIVILEGE(mount_fd) || mount_fd == -EINVAL)
|
if (ERRNO_IS_NEG_NOT_SUPPORTED(mount_fd) || ERRNO_IS_NEG_PRIVILEGE(mount_fd) || mount_fd == -EINVAL)
|
||||||
return false;
|
return false;
|
||||||
if (mount_fd < 0)
|
if (mount_fd < 0)
|
||||||
return log_debug_errno(mount_fd, "ID-mapping supported open_tree failed for '%s' : %m", path);
|
return log_debug_errno(mount_fd, "Failed to open mount tree '%s', cannot determine if ID-mapping is supported: %m", path);
|
||||||
|
|
||||||
r = RET_NERRNO(mount_setattr(mount_fd, "", AT_EMPTY_PATH,
|
r = RET_NERRNO(mount_setattr(mount_fd, "", AT_EMPTY_PATH,
|
||||||
&(struct mount_attr) {
|
&(struct mount_attr) {
|
||||||
|
@ -554,7 +558,7 @@ int is_idmapping_supported(const char *path) {
|
||||||
if (ERRNO_IS_NEG_NOT_SUPPORTED(r) || ERRNO_IS_NEG_PRIVILEGE(r) || r == -EINVAL)
|
if (ERRNO_IS_NEG_NOT_SUPPORTED(r) || ERRNO_IS_NEG_PRIVILEGE(r) || r == -EINVAL)
|
||||||
return false;
|
return false;
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_debug_errno(r, "ID-mapping supported setattr failed for '%s' : %m", path);
|
return log_debug_errno(r, "Failed to set mount attribute to '%s', cannot determine if ID-mapping is supported: %m", path);
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
|
@ -3426,14 +3426,12 @@ static int service_deserialize_item(Unit *u, const char *key, const char *value,
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
r = service_add_fd_store(s, fd, fdn, do_poll);
|
r = service_add_fd_store(s, TAKE_FD(fd), fdn, do_poll);
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
log_unit_debug_errno(u, r,
|
log_unit_debug_errno(u, r,
|
||||||
"Failed to store deserialized fd '%s', ignoring: %m", fdn);
|
"Failed to store deserialized fd '%s', ignoring: %m", fdn);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
TAKE_FD(fd);
|
|
||||||
} else if (streq(key, "extra-fd")) {
|
} else if (streq(key, "extra-fd")) {
|
||||||
_cleanup_free_ char *fdv = NULL, *fdn = NULL;
|
_cleanup_free_ char *fdv = NULL, *fdn = NULL;
|
||||||
_cleanup_close_ int fd = -EBADF;
|
_cleanup_close_ int fd = -EBADF;
|
||||||
|
|
|
@ -193,7 +193,7 @@ static int help(void) {
|
||||||
"\n%3$sSimple Enrollment:%4$s\n"
|
"\n%3$sSimple Enrollment:%4$s\n"
|
||||||
" --password Enroll a user-supplied password\n"
|
" --password Enroll a user-supplied password\n"
|
||||||
" --recovery-key Enroll a recovery key\n"
|
" --recovery-key Enroll a recovery key\n"
|
||||||
"\n%3$sPKCS11 Enrollment:%4$s\n"
|
"\n%3$sPKCS#11 Enrollment:%4$s\n"
|
||||||
" --pkcs11-token-uri=URI\n"
|
" --pkcs11-token-uri=URI\n"
|
||||||
" Specify PKCS#11 security token URI\n"
|
" Specify PKCS#11 security token URI\n"
|
||||||
"\n%3$sFIDO2 Enrollment:%4$s\n"
|
"\n%3$sFIDO2 Enrollment:%4$s\n"
|
||||||
|
|
|
@ -98,16 +98,11 @@ static int parse_proc_cmdline_item(const char *key, const char *value, void *dat
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#if HAVE_SYSV_COMPAT
|
else if (streq(key, "fastboot") && !value)
|
||||||
else if (streq(key, "fastboot") && !value) {
|
|
||||||
log_warning("Please pass 'fsck.mode=skip' rather than 'fastboot' on the kernel command line.");
|
|
||||||
arg_skip = true;
|
arg_skip = true;
|
||||||
|
|
||||||
} else if (streq(key, "forcefsck") && !value) {
|
else if (streq(key, "forcefsck") && !value)
|
||||||
log_warning("Please pass 'fsck.mode=force' rather than 'forcefsck' on the kernel command line.");
|
|
||||||
arg_force = true;
|
arg_force = true;
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
|
@ -16,7 +16,7 @@ int varlink_get_peer_pidref(sd_varlink *v, PidRef *ret) {
|
||||||
|
|
||||||
int pidfd = sd_varlink_get_peer_pidfd(v);
|
int pidfd = sd_varlink_get_peer_pidfd(v);
|
||||||
if (pidfd < 0) {
|
if (pidfd < 0) {
|
||||||
if (!ERRNO_IS_NEG_NOT_SUPPORTED(pidfd))
|
if (!ERRNO_IS_NEG_NOT_SUPPORTED(pidfd) && pidfd != -EINVAL)
|
||||||
return pidfd;
|
return pidfd;
|
||||||
|
|
||||||
pid_t pid;
|
pid_t pid;
|
||||||
|
|
|
@ -1129,6 +1129,23 @@ void log_address_debug(const Address *address, const char *str, const Link *link
|
||||||
address->family == AF_INET ? strna(address->label) : "");
|
address->family == AF_INET ? strna(address->label) : "");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static void address_forget(Link *link, Address *address, bool removed_by_us, const char *msg) {
|
||||||
|
assert(link);
|
||||||
|
assert(address);
|
||||||
|
assert(msg);
|
||||||
|
|
||||||
|
Request *req;
|
||||||
|
if (address_get_request(link, address, &req) >= 0)
|
||||||
|
address_enter_removed(req->userdata);
|
||||||
|
|
||||||
|
if (!address->link && address_get(link, address, &address) < 0)
|
||||||
|
return;
|
||||||
|
|
||||||
|
address_enter_removed(address);
|
||||||
|
log_address_debug(address, msg, link);
|
||||||
|
(void) address_drop(address, removed_by_us);
|
||||||
|
}
|
||||||
|
|
||||||
static int address_set_netlink_message(const Address *address, sd_netlink_message *m, Link *link) {
|
static int address_set_netlink_message(const Address *address, sd_netlink_message *m, Link *link) {
|
||||||
uint32_t flags;
|
uint32_t flags;
|
||||||
int r;
|
int r;
|
||||||
|
@ -1181,16 +1198,8 @@ static int address_remove_handler(sd_netlink *rtnl, sd_netlink_message *m, Remov
|
||||||
(r == -EADDRNOTAVAIL || !address->link) ? LOG_DEBUG : LOG_WARNING,
|
(r == -EADDRNOTAVAIL || !address->link) ? LOG_DEBUG : LOG_WARNING,
|
||||||
r, "Could not drop address");
|
r, "Could not drop address");
|
||||||
|
|
||||||
if (address->link) {
|
|
||||||
/* If the address cannot be removed, then assume the address is already removed. */
|
/* If the address cannot be removed, then assume the address is already removed. */
|
||||||
log_address_debug(address, "Forgetting", link);
|
address_forget(link, address, /* removed_by_us = */ true, "Forgetting");
|
||||||
|
|
||||||
Request *req;
|
|
||||||
if (address_get_request(link, address, &req) >= 0)
|
|
||||||
address_enter_removed(req->userdata);
|
|
||||||
|
|
||||||
(void) address_drop(address, /* removed_by_us = */ true);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
|
@ -1775,14 +1784,7 @@ int link_request_static_addresses(Link *link) {
|
||||||
}
|
}
|
||||||
|
|
||||||
int manager_rtnl_process_address(sd_netlink *rtnl, sd_netlink_message *message, Manager *m) {
|
int manager_rtnl_process_address(sd_netlink *rtnl, sd_netlink_message *message, Manager *m) {
|
||||||
_cleanup_(address_unrefp) Address *tmp = NULL;
|
int r;
|
||||||
struct ifa_cacheinfo cinfo;
|
|
||||||
Link *link;
|
|
||||||
uint16_t type;
|
|
||||||
Address *address = NULL;
|
|
||||||
Request *req = NULL;
|
|
||||||
bool is_new = false, update_dhcp4;
|
|
||||||
int ifindex, r;
|
|
||||||
|
|
||||||
assert(rtnl);
|
assert(rtnl);
|
||||||
assert(message);
|
assert(message);
|
||||||
|
@ -1796,6 +1798,7 @@ int manager_rtnl_process_address(sd_netlink *rtnl, sd_netlink_message *message,
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
uint16_t type;
|
||||||
r = sd_netlink_message_get_type(message, &type);
|
r = sd_netlink_message_get_type(message, &type);
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
log_warning_errno(r, "rtnl: could not get message type, ignoring: %m");
|
log_warning_errno(r, "rtnl: could not get message type, ignoring: %m");
|
||||||
|
@ -1805,6 +1808,7 @@ int manager_rtnl_process_address(sd_netlink *rtnl, sd_netlink_message *message,
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
int ifindex;
|
||||||
r = sd_rtnl_message_addr_get_ifindex(message, &ifindex);
|
r = sd_rtnl_message_addr_get_ifindex(message, &ifindex);
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
log_warning_errno(r, "rtnl: could not get ifindex from message, ignoring: %m");
|
log_warning_errno(r, "rtnl: could not get ifindex from message, ignoring: %m");
|
||||||
|
@ -1814,6 +1818,7 @@ int manager_rtnl_process_address(sd_netlink *rtnl, sd_netlink_message *message,
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Link *link;
|
||||||
r = link_get_by_index(m, ifindex, &link);
|
r = link_get_by_index(m, ifindex, &link);
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
/* when enumerating we might be out of sync, but we will get the address again, so just
|
/* when enumerating we might be out of sync, but we will get the address again, so just
|
||||||
|
@ -1823,6 +1828,7 @@ int manager_rtnl_process_address(sd_netlink *rtnl, sd_netlink_message *message,
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
_cleanup_(address_unrefp) Address *tmp = NULL;
|
||||||
r = address_new(&tmp);
|
r = address_new(&tmp);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_oom();
|
return log_oom();
|
||||||
|
@ -1890,28 +1896,22 @@ int manager_rtnl_process_address(sd_netlink *rtnl, sd_netlink_message *message,
|
||||||
assert_not_reached();
|
assert_not_reached();
|
||||||
}
|
}
|
||||||
|
|
||||||
update_dhcp4 = tmp->family == AF_INET6;
|
/* Then, find the managed Address object corresponding to the received address. */
|
||||||
|
Address *address = NULL;
|
||||||
/* Then, find the managed Address and Request objects corresponding to the received address. */
|
|
||||||
(void) address_get(link, tmp, &address);
|
(void) address_get(link, tmp, &address);
|
||||||
(void) address_get_request(link, tmp, &req);
|
|
||||||
|
|
||||||
if (type == RTM_DELADDR) {
|
if (type == RTM_DELADDR) {
|
||||||
if (address) {
|
if (address)
|
||||||
bool removed_by_us = FLAGS_SET(address->state, NETWORK_CONFIG_STATE_REMOVING);
|
address_forget(link, address,
|
||||||
|
/* removed_by_us = */ FLAGS_SET(address->state, NETWORK_CONFIG_STATE_REMOVING),
|
||||||
address_enter_removed(address);
|
"Forgetting removed");
|
||||||
log_address_debug(address, "Forgetting removed", link);
|
else
|
||||||
(void) address_drop(address, removed_by_us);
|
|
||||||
} else
|
|
||||||
log_address_debug(tmp, "Kernel removed unknown", link);
|
log_address_debug(tmp, "Kernel removed unknown", link);
|
||||||
|
|
||||||
if (req)
|
|
||||||
address_enter_removed(req->userdata);
|
|
||||||
|
|
||||||
goto finalize;
|
goto finalize;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
bool is_new = false;
|
||||||
if (!address) {
|
if (!address) {
|
||||||
/* If we did not know the address, then save it. */
|
/* If we did not know the address, then save it. */
|
||||||
r = address_attach(link, tmp);
|
r = address_attach(link, tmp);
|
||||||
|
@ -1931,6 +1931,8 @@ int manager_rtnl_process_address(sd_netlink *rtnl, sd_netlink_message *message,
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Also update information that cannot be obtained through netlink notification. */
|
/* Also update information that cannot be obtained through netlink notification. */
|
||||||
|
Request *req = NULL;
|
||||||
|
(void) address_get_request(link, tmp, &req);
|
||||||
if (req && req->waiting_reply) {
|
if (req && req->waiting_reply) {
|
||||||
Address *a = ASSERT_PTR(req->userdata);
|
Address *a = ASSERT_PTR(req->userdata);
|
||||||
|
|
||||||
|
@ -1978,6 +1980,7 @@ int manager_rtnl_process_address(sd_netlink *rtnl, sd_netlink_message *message,
|
||||||
} else if (r < 0)
|
} else if (r < 0)
|
||||||
log_link_debug_errno(link, r, "rtnl: failed to read IFA_FLAGS attribute, ignoring: %m");
|
log_link_debug_errno(link, r, "rtnl: failed to read IFA_FLAGS attribute, ignoring: %m");
|
||||||
|
|
||||||
|
struct ifa_cacheinfo cinfo;
|
||||||
r = sd_netlink_message_read_cache_info(message, IFA_CACHEINFO, &cinfo);
|
r = sd_netlink_message_read_cache_info(message, IFA_CACHEINFO, &cinfo);
|
||||||
if (r >= 0)
|
if (r >= 0)
|
||||||
address_set_lifetime(m, address, &cinfo);
|
address_set_lifetime(m, address, &cinfo);
|
||||||
|
@ -2000,7 +2003,7 @@ int manager_rtnl_process_address(sd_netlink *rtnl, sd_netlink_message *message,
|
||||||
link_enter_failed(link);
|
link_enter_failed(link);
|
||||||
|
|
||||||
finalize:
|
finalize:
|
||||||
if (update_dhcp4) {
|
if (tmp->family == AF_INET6) {
|
||||||
r = dhcp4_update_ipv6_connectivity(link);
|
r = dhcp4_update_ipv6_connectivity(link);
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
log_link_warning_errno(link, r, "Failed to notify IPv6 connectivity to DHCPv4 client: %m");
|
log_link_warning_errno(link, r, "Failed to notify IPv6 connectivity to DHCPv4 client: %m");
|
||||||
|
|
|
@ -705,10 +705,6 @@ Manager* manager_free(Manager *m) {
|
||||||
sd_netlink_unref(m->genl);
|
sd_netlink_unref(m->genl);
|
||||||
sd_resolve_unref(m->resolve);
|
sd_resolve_unref(m->resolve);
|
||||||
|
|
||||||
/* reject (e.g. unreachable) type routes are managed by Manager, but may be referenced by a
|
|
||||||
* link. E.g., DHCP6 with prefix delegation creates unreachable routes, and they are referenced
|
|
||||||
* by the upstream link. And the links may be referenced by netlink slots. Hence, two
|
|
||||||
* set_free() must be called after the above sd_netlink_unref(). */
|
|
||||||
m->routes = set_free(m->routes);
|
m->routes = set_free(m->routes);
|
||||||
|
|
||||||
m->nexthops_by_id = hashmap_free(m->nexthops_by_id);
|
m->nexthops_by_id = hashmap_free(m->nexthops_by_id);
|
||||||
|
|
|
@ -215,7 +215,7 @@ static int ndisc_remove_unused_nexthops(Link *link) {
|
||||||
|
|
||||||
#define NDISC_NEXTHOP_APP_ID SD_ID128_MAKE(76,d2,0f,1f,76,1e,44,d1,97,3a,52,5c,05,68,b5,0d)
|
#define NDISC_NEXTHOP_APP_ID SD_ID128_MAKE(76,d2,0f,1f,76,1e,44,d1,97,3a,52,5c,05,68,b5,0d)
|
||||||
|
|
||||||
static uint32_t ndisc_generate_nexthop_id(NextHop *nexthop, Link *link, sd_id128_t app_id, uint64_t trial) {
|
static uint32_t ndisc_generate_nexthop_id(const NextHop *nexthop, Link *link, sd_id128_t app_id, uint64_t trial) {
|
||||||
assert(nexthop);
|
assert(nexthop);
|
||||||
assert(link);
|
assert(link);
|
||||||
|
|
||||||
|
@ -232,7 +232,7 @@ static uint32_t ndisc_generate_nexthop_id(NextHop *nexthop, Link *link, sd_id128
|
||||||
return (uint32_t) ((result & 0xffffffff) ^ (result >> 32));
|
return (uint32_t) ((result & 0xffffffff) ^ (result >> 32));
|
||||||
}
|
}
|
||||||
|
|
||||||
static bool ndisc_nexthop_equal(NextHop *a, NextHop *b) {
|
static bool ndisc_nexthop_equal(const NextHop *a, const NextHop *b) {
|
||||||
assert(a);
|
assert(a);
|
||||||
assert(b);
|
assert(b);
|
||||||
|
|
||||||
|
@ -250,9 +250,11 @@ static bool ndisc_nexthop_equal(NextHop *a, NextHop *b) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
static bool ndisc_take_nexthop_id(NextHop *nexthop, NextHop *existing, Manager *manager) {
|
static bool ndisc_take_nexthop_id(NextHop *nexthop, const NextHop *existing, Manager *manager) {
|
||||||
assert(nexthop);
|
assert(nexthop);
|
||||||
|
assert(nexthop->id == 0);
|
||||||
assert(existing);
|
assert(existing);
|
||||||
|
assert(existing->id > 0);
|
||||||
assert(manager);
|
assert(manager);
|
||||||
|
|
||||||
if (!ndisc_nexthop_equal(nexthop, existing))
|
if (!ndisc_nexthop_equal(nexthop, existing))
|
||||||
|
@ -300,7 +302,7 @@ static int ndisc_nexthop_find_id(NextHop *nexthop, Link *link) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int ndisc_nexthop_new(Route *route, Link *link, NextHop **ret) {
|
static int ndisc_nexthop_new(const Route *route, Link *link, NextHop **ret) {
|
||||||
_cleanup_(nexthop_unrefp) NextHop *nexthop = NULL;
|
_cleanup_(nexthop_unrefp) NextHop *nexthop = NULL;
|
||||||
int r;
|
int r;
|
||||||
|
|
||||||
|
|
|
@ -247,6 +247,23 @@ static void log_neighbor_debug(const Neighbor *neighbor, const char *str, const
|
||||||
IN_ADDR_TO_STRING(neighbor->dst_addr.family, &neighbor->dst_addr.address));
|
IN_ADDR_TO_STRING(neighbor->dst_addr.family, &neighbor->dst_addr.address));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static void neighbor_forget(Link *link, Neighbor *neighbor, const char *msg) {
|
||||||
|
assert(link);
|
||||||
|
assert(neighbor);
|
||||||
|
assert(msg);
|
||||||
|
|
||||||
|
Request *req;
|
||||||
|
if (neighbor_get_request(link, neighbor, &req) >= 0)
|
||||||
|
neighbor_enter_removed(req->userdata);
|
||||||
|
|
||||||
|
if (!neighbor->link && neighbor_get(link, neighbor, &neighbor) < 0)
|
||||||
|
return;
|
||||||
|
|
||||||
|
neighbor_enter_removed(neighbor);
|
||||||
|
log_neighbor_debug(neighbor, "Forgetting", link);
|
||||||
|
neighbor_detach(neighbor);
|
||||||
|
}
|
||||||
|
|
||||||
static int neighbor_configure(Neighbor *neighbor, Link *link, Request *req) {
|
static int neighbor_configure(Neighbor *neighbor, Link *link, Request *req) {
|
||||||
_cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL;
|
_cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL;
|
||||||
int r;
|
int r;
|
||||||
|
@ -421,16 +438,8 @@ static int neighbor_remove_handler(sd_netlink *rtnl, sd_netlink_message *m, Remo
|
||||||
(r == -ESRCH || !neighbor->link) ? LOG_DEBUG : LOG_WARNING,
|
(r == -ESRCH || !neighbor->link) ? LOG_DEBUG : LOG_WARNING,
|
||||||
r, "Could not remove neighbor");
|
r, "Could not remove neighbor");
|
||||||
|
|
||||||
if (neighbor->link) {
|
|
||||||
/* If the neighbor cannot be removed, then assume the neighbor is already removed. */
|
/* If the neighbor cannot be removed, then assume the neighbor is already removed. */
|
||||||
log_neighbor_debug(neighbor, "Forgetting", link);
|
neighbor_forget(link, neighbor, "Forgetting");
|
||||||
|
|
||||||
Request *req;
|
|
||||||
if (neighbor_get_request(link, neighbor, &req) >= 0)
|
|
||||||
neighbor_enter_removed(req->userdata);
|
|
||||||
|
|
||||||
neighbor_detach(neighbor);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
|
@ -529,13 +538,7 @@ int link_drop_static_neighbors(Link *link) {
|
||||||
}
|
}
|
||||||
|
|
||||||
int manager_rtnl_process_neighbor(sd_netlink *rtnl, sd_netlink_message *message, Manager *m) {
|
int manager_rtnl_process_neighbor(sd_netlink *rtnl, sd_netlink_message *message, Manager *m) {
|
||||||
_cleanup_(neighbor_unrefp) Neighbor *tmp = NULL;
|
int r;
|
||||||
Neighbor *neighbor = NULL;
|
|
||||||
Request *req = NULL;
|
|
||||||
uint16_t type, state;
|
|
||||||
bool is_new = false;
|
|
||||||
int ifindex, r;
|
|
||||||
Link *link;
|
|
||||||
|
|
||||||
assert(rtnl);
|
assert(rtnl);
|
||||||
assert(message);
|
assert(message);
|
||||||
|
@ -549,6 +552,7 @@ int manager_rtnl_process_neighbor(sd_netlink *rtnl, sd_netlink_message *message,
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
uint16_t type;
|
||||||
r = sd_netlink_message_get_type(message, &type);
|
r = sd_netlink_message_get_type(message, &type);
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
log_warning_errno(r, "rtnl: could not get message type, ignoring: %m");
|
log_warning_errno(r, "rtnl: could not get message type, ignoring: %m");
|
||||||
|
@ -558,6 +562,7 @@ int manager_rtnl_process_neighbor(sd_netlink *rtnl, sd_netlink_message *message,
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
uint16_t state;
|
||||||
r = sd_rtnl_message_neigh_get_state(message, &state);
|
r = sd_rtnl_message_neigh_get_state(message, &state);
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
log_warning_errno(r, "rtnl: received neighbor message with invalid state, ignoring: %m");
|
log_warning_errno(r, "rtnl: received neighbor message with invalid state, ignoring: %m");
|
||||||
|
@ -566,6 +571,7 @@ int manager_rtnl_process_neighbor(sd_netlink *rtnl, sd_netlink_message *message,
|
||||||
/* Currently, we are interested in only static neighbors. */
|
/* Currently, we are interested in only static neighbors. */
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
|
int ifindex;
|
||||||
r = sd_rtnl_message_neigh_get_ifindex(message, &ifindex);
|
r = sd_rtnl_message_neigh_get_ifindex(message, &ifindex);
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
log_warning_errno(r, "rtnl: could not get ifindex from message, ignoring: %m");
|
log_warning_errno(r, "rtnl: could not get ifindex from message, ignoring: %m");
|
||||||
|
@ -575,12 +581,14 @@ int manager_rtnl_process_neighbor(sd_netlink *rtnl, sd_netlink_message *message,
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Link *link;
|
||||||
r = link_get_by_index(m, ifindex, &link);
|
r = link_get_by_index(m, ifindex, &link);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
/* when enumerating we might be out of sync, but we will get the neighbor again. Also,
|
/* when enumerating we might be out of sync, but we will get the neighbor again. Also,
|
||||||
* kernel sends messages about neighbors after a link is removed. So, just ignore it. */
|
* kernel sends messages about neighbors after a link is removed. So, just ignore it. */
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
|
_cleanup_(neighbor_unrefp) Neighbor *tmp = NULL;
|
||||||
r = neighbor_new(&tmp);
|
r = neighbor_new(&tmp);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_oom();
|
return log_oom();
|
||||||
|
@ -604,25 +612,20 @@ int manager_rtnl_process_neighbor(sd_netlink *rtnl, sd_netlink_message *message,
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Then, find the managed Neighbor and Request objects corresponding to the netlink notification. */
|
/* Then, find the managed Neighbor object corresponding to the netlink notification. */
|
||||||
|
Neighbor *neighbor = NULL;
|
||||||
(void) neighbor_get(link, tmp, &neighbor);
|
(void) neighbor_get(link, tmp, &neighbor);
|
||||||
(void) neighbor_get_request(link, tmp, &req);
|
|
||||||
|
|
||||||
if (type == RTM_DELNEIGH) {
|
if (type == RTM_DELNEIGH) {
|
||||||
if (neighbor) {
|
if (neighbor)
|
||||||
neighbor_enter_removed(neighbor);
|
neighbor_forget(link, neighbor, "Forgetting removed");
|
||||||
log_neighbor_debug(neighbor, "Forgetting removed", link);
|
else
|
||||||
neighbor_detach(neighbor);
|
|
||||||
} else
|
|
||||||
log_neighbor_debug(tmp, "Kernel removed unknown", link);
|
log_neighbor_debug(tmp, "Kernel removed unknown", link);
|
||||||
|
|
||||||
if (req)
|
|
||||||
neighbor_enter_removed(req->userdata);
|
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* If we did not know the neighbor, then save it. */
|
/* If we did not know the neighbor, then save it. */
|
||||||
|
bool is_new = false;
|
||||||
if (!neighbor) {
|
if (!neighbor) {
|
||||||
r = neighbor_attach(link, tmp);
|
r = neighbor_attach(link, tmp);
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
|
@ -634,6 +637,8 @@ int manager_rtnl_process_neighbor(sd_netlink *rtnl, sd_netlink_message *message,
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Also update information that cannot be obtained through netlink notification. */
|
/* Also update information that cannot be obtained through netlink notification. */
|
||||||
|
Request *req = NULL;
|
||||||
|
(void) neighbor_get_request(link, tmp, &req);
|
||||||
if (req && req->waiting_reply) {
|
if (req && req->waiting_reply) {
|
||||||
Neighbor *n = ASSERT_PTR(req->userdata);
|
Neighbor *n = ASSERT_PTR(req->userdata);
|
||||||
|
|
||||||
|
|
|
@ -261,6 +261,8 @@ static int nexthop_dup(const NextHop *src, NextHop **ret) {
|
||||||
dest->network = NULL;
|
dest->network = NULL;
|
||||||
dest->section = NULL;
|
dest->section = NULL;
|
||||||
dest->group = NULL;
|
dest->group = NULL;
|
||||||
|
dest->nexthops = NULL;
|
||||||
|
dest->routes = NULL;
|
||||||
|
|
||||||
HASHMAP_FOREACH(nhg, src->group) {
|
HASHMAP_FOREACH(nhg, src->group) {
|
||||||
_cleanup_free_ struct nexthop_grp *g = NULL;
|
_cleanup_free_ struct nexthop_grp *g = NULL;
|
||||||
|
@ -491,8 +493,11 @@ static void nexthop_forget_dependents(NextHop *nexthop, Manager *manager) {
|
||||||
/* If a nexthop is removed, the kernel silently removes routes that depend on the removed nexthop.
|
/* If a nexthop is removed, the kernel silently removes routes that depend on the removed nexthop.
|
||||||
* Let's forget them. */
|
* Let's forget them. */
|
||||||
|
|
||||||
Route *route;
|
for (;;) {
|
||||||
SET_FOREACH(route, nexthop->routes) {
|
_cleanup_(route_unrefp) Route *route = set_steal_first(nexthop->routes);
|
||||||
|
if (!route)
|
||||||
|
break;
|
||||||
|
|
||||||
Request *req;
|
Request *req;
|
||||||
if (route_get_request(manager, route, &req) >= 0)
|
if (route_get_request(manager, route, &req) >= 0)
|
||||||
route_enter_removed(req->userdata);
|
route_enter_removed(req->userdata);
|
||||||
|
@ -501,6 +506,26 @@ static void nexthop_forget_dependents(NextHop *nexthop, Manager *manager) {
|
||||||
log_route_debug(route, "Forgetting silently removed", manager);
|
log_route_debug(route, "Forgetting silently removed", manager);
|
||||||
route_detach(route);
|
route_detach(route);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
nexthop->routes = set_free(nexthop->routes);
|
||||||
|
}
|
||||||
|
|
||||||
|
static void nexthop_forget(Manager *manager, NextHop *nexthop, const char *msg) {
|
||||||
|
assert(manager);
|
||||||
|
assert(nexthop);
|
||||||
|
assert(msg);
|
||||||
|
|
||||||
|
Request *req;
|
||||||
|
if (nexthop_get_request_by_id(manager, nexthop->id, &req) >= 0)
|
||||||
|
nexthop_enter_removed(req->userdata);
|
||||||
|
|
||||||
|
if (!nexthop->manager && nexthop_get_by_id(manager, nexthop->id, &nexthop) < 0)
|
||||||
|
return;
|
||||||
|
|
||||||
|
nexthop_enter_removed(nexthop);
|
||||||
|
log_nexthop_debug(nexthop, msg, manager);
|
||||||
|
nexthop_forget_dependents(nexthop, nexthop->manager);
|
||||||
|
nexthop_detach(nexthop);
|
||||||
}
|
}
|
||||||
|
|
||||||
static int nexthop_remove_handler(sd_netlink *rtnl, sd_netlink_message *m, RemoveRequest *rreq) {
|
static int nexthop_remove_handler(sd_netlink *rtnl, sd_netlink_message *m, RemoveRequest *rreq) {
|
||||||
|
@ -518,18 +543,8 @@ static int nexthop_remove_handler(sd_netlink *rtnl, sd_netlink_message *m, Remov
|
||||||
(r == -ENOENT || !nexthop->manager) ? LOG_DEBUG : LOG_WARNING,
|
(r == -ENOENT || !nexthop->manager) ? LOG_DEBUG : LOG_WARNING,
|
||||||
r, "Could not drop nexthop, ignoring");
|
r, "Could not drop nexthop, ignoring");
|
||||||
|
|
||||||
nexthop_forget_dependents(nexthop, manager);
|
|
||||||
|
|
||||||
if (nexthop->manager) {
|
|
||||||
/* If the nexthop cannot be removed, then assume the nexthop is already removed. */
|
/* If the nexthop cannot be removed, then assume the nexthop is already removed. */
|
||||||
log_nexthop_debug(nexthop, "Forgetting", manager);
|
nexthop_forget(manager, nexthop, "Forgetting");
|
||||||
|
|
||||||
Request *req;
|
|
||||||
if (nexthop_get_request_by_id(manager, nexthop->id, &req) >= 0)
|
|
||||||
nexthop_enter_removed(req->userdata);
|
|
||||||
|
|
||||||
nexthop_detach(nexthop);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
|
@ -962,20 +977,6 @@ int link_drop_nexthops(Link *link, bool only_static) {
|
||||||
return r;
|
return r;
|
||||||
}
|
}
|
||||||
|
|
||||||
static void nexthop_forget_one(NextHop *nexthop) {
|
|
||||||
assert(nexthop);
|
|
||||||
assert(nexthop->manager);
|
|
||||||
|
|
||||||
Request *req;
|
|
||||||
if (nexthop_get_request_by_id(nexthop->manager, nexthop->id, &req) >= 0)
|
|
||||||
nexthop_enter_removed(req->userdata);
|
|
||||||
|
|
||||||
nexthop_enter_removed(nexthop);
|
|
||||||
log_nexthop_debug(nexthop, "Forgetting silently removed", nexthop->manager);
|
|
||||||
nexthop_forget_dependents(nexthop, nexthop->manager);
|
|
||||||
nexthop_detach(nexthop);
|
|
||||||
}
|
|
||||||
|
|
||||||
void link_forget_nexthops(Link *link) {
|
void link_forget_nexthops(Link *link) {
|
||||||
assert(link);
|
assert(link);
|
||||||
assert(link->manager);
|
assert(link->manager);
|
||||||
|
@ -992,7 +993,7 @@ void link_forget_nexthops(Link *link) {
|
||||||
if (nexthop->family != AF_INET)
|
if (nexthop->family != AF_INET)
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
nexthop_forget_one(nexthop);
|
nexthop_forget(link->manager, nexthop, "Forgetting silently removed");
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Remove all group nexthops their all members are removed in the above. */
|
/* Remove all group nexthops their all members are removed in the above. */
|
||||||
|
@ -1013,7 +1014,7 @@ void link_forget_nexthops(Link *link) {
|
||||||
if (!hashmap_isempty(nexthop->group))
|
if (!hashmap_isempty(nexthop->group))
|
||||||
continue; /* At least one group member still exists. */
|
continue; /* At least one group member still exists. */
|
||||||
|
|
||||||
nexthop_forget_one(nexthop);
|
nexthop_forget(link->manager, nexthop, "Forgetting silently removed");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1077,11 +1078,6 @@ static int nexthop_update_group(NextHop *nexthop, sd_netlink_message *message) {
|
||||||
}
|
}
|
||||||
|
|
||||||
int manager_rtnl_process_nexthop(sd_netlink *rtnl, sd_netlink_message *message, Manager *m) {
|
int manager_rtnl_process_nexthop(sd_netlink *rtnl, sd_netlink_message *message, Manager *m) {
|
||||||
uint16_t type;
|
|
||||||
uint32_t id, ifindex;
|
|
||||||
NextHop *nexthop = NULL;
|
|
||||||
Request *req = NULL;
|
|
||||||
bool is_new = false;
|
|
||||||
int r;
|
int r;
|
||||||
|
|
||||||
assert(rtnl);
|
assert(rtnl);
|
||||||
|
@ -1096,6 +1092,7 @@ int manager_rtnl_process_nexthop(sd_netlink *rtnl, sd_netlink_message *message,
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
uint16_t type;
|
||||||
r = sd_netlink_message_get_type(message, &type);
|
r = sd_netlink_message_get_type(message, &type);
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
log_warning_errno(r, "rtnl: could not get message type, ignoring: %m");
|
log_warning_errno(r, "rtnl: could not get message type, ignoring: %m");
|
||||||
|
@ -1105,6 +1102,7 @@ int manager_rtnl_process_nexthop(sd_netlink *rtnl, sd_netlink_message *message,
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
uint32_t id;
|
||||||
r = sd_netlink_message_read_u32(message, NHA_ID, &id);
|
r = sd_netlink_message_read_u32(message, NHA_ID, &id);
|
||||||
if (r == -ENODATA) {
|
if (r == -ENODATA) {
|
||||||
log_warning_errno(r, "rtnl: received nexthop message without NHA_ID attribute, ignoring: %m");
|
log_warning_errno(r, "rtnl: received nexthop message without NHA_ID attribute, ignoring: %m");
|
||||||
|
@ -1117,25 +1115,20 @@ int manager_rtnl_process_nexthop(sd_netlink *rtnl, sd_netlink_message *message,
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
NextHop *nexthop = NULL;
|
||||||
(void) nexthop_get_by_id(m, id, &nexthop);
|
(void) nexthop_get_by_id(m, id, &nexthop);
|
||||||
(void) nexthop_get_request_by_id(m, id, &req);
|
|
||||||
|
|
||||||
if (type == RTM_DELNEXTHOP) {
|
if (type == RTM_DELNEXTHOP) {
|
||||||
if (nexthop) {
|
if (nexthop)
|
||||||
nexthop_enter_removed(nexthop);
|
nexthop_forget(m, nexthop, "Forgetting removed");
|
||||||
log_nexthop_debug(nexthop, "Forgetting removed", m);
|
else
|
||||||
nexthop_forget_dependents(nexthop, m);
|
|
||||||
nexthop_detach(nexthop);
|
|
||||||
} else
|
|
||||||
log_nexthop_debug(&(const NextHop) { .id = id }, "Kernel removed unknown", m);
|
log_nexthop_debug(&(const NextHop) { .id = id }, "Kernel removed unknown", m);
|
||||||
|
|
||||||
if (req)
|
|
||||||
nexthop_enter_removed(req->userdata);
|
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* If we did not know the nexthop, then save it. */
|
/* If we did not know the nexthop, then save it. */
|
||||||
|
bool is_new = false;
|
||||||
if (!nexthop) {
|
if (!nexthop) {
|
||||||
r = nexthop_add_new(m, id, &nexthop);
|
r = nexthop_add_new(m, id, &nexthop);
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
|
@ -1147,6 +1140,8 @@ int manager_rtnl_process_nexthop(sd_netlink *rtnl, sd_netlink_message *message,
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Also update information that cannot be obtained through netlink notification. */
|
/* Also update information that cannot be obtained through netlink notification. */
|
||||||
|
Request *req = NULL;
|
||||||
|
(void) nexthop_get_request_by_id(m, id, &req);
|
||||||
if (req && req->waiting_reply) {
|
if (req && req->waiting_reply) {
|
||||||
NextHop *n = ASSERT_PTR(req->userdata);
|
NextHop *n = ASSERT_PTR(req->userdata);
|
||||||
|
|
||||||
|
@ -1182,6 +1177,7 @@ int manager_rtnl_process_nexthop(sd_netlink *rtnl, sd_netlink_message *message,
|
||||||
else
|
else
|
||||||
nexthop->blackhole = r;
|
nexthop->blackhole = r;
|
||||||
|
|
||||||
|
uint32_t ifindex;
|
||||||
r = sd_netlink_message_read_u32(message, NHA_OIF, &ifindex);
|
r = sd_netlink_message_read_u32(message, NHA_OIF, &ifindex);
|
||||||
if (r == -ENODATA)
|
if (r == -ENODATA)
|
||||||
nexthop->ifindex = 0;
|
nexthop->ifindex = 0;
|
||||||
|
@ -1192,10 +1188,12 @@ int manager_rtnl_process_nexthop(sd_netlink *rtnl, sd_netlink_message *message,
|
||||||
else
|
else
|
||||||
nexthop->ifindex = (int) ifindex;
|
nexthop->ifindex = (int) ifindex;
|
||||||
|
|
||||||
/* All blackhole or group nexthops are managed by Manager. Note that the linux kernel does not
|
/* The linux kernel does not set NHA_OID attribute when NHA_BLACKHOLE or NHA_GROUP is set.
|
||||||
* set NHA_OID attribute when NHA_BLACKHOLE or NHA_GROUP is set. Just for safety. */
|
* But let's check that for safety. */
|
||||||
if (!nexthop_bound_to_link(nexthop))
|
if (!nexthop_bound_to_link(nexthop) && nexthop->ifindex != 0) {
|
||||||
|
log_debug("rtnl: received blackhole or group nexthop with NHA_OIF attribute, ignoring the attribute.");
|
||||||
nexthop->ifindex = 0;
|
nexthop->ifindex = 0;
|
||||||
|
}
|
||||||
|
|
||||||
nexthop_enter_configured(nexthop);
|
nexthop_enter_configured(nexthop);
|
||||||
if (req)
|
if (req)
|
||||||
|
|
|
@ -22,7 +22,7 @@ typedef int (*nexthop_netlink_handler_t)(
|
||||||
sd_netlink_message *m,
|
sd_netlink_message *m,
|
||||||
Request *req,
|
Request *req,
|
||||||
Link *link,
|
Link *link,
|
||||||
NextHop *address);
|
NextHop *nexthop);
|
||||||
|
|
||||||
struct NextHop {
|
struct NextHop {
|
||||||
Network *network;
|
Network *network;
|
||||||
|
|
|
@ -460,6 +460,23 @@ void log_route_debug(const Route *route, const char *str, Manager *manager) {
|
||||||
strna(proto), strna(scope), strna(route_type_to_string(route->type)), strna(flags));
|
strna(proto), strna(scope), strna(route_type_to_string(route->type)), strna(flags));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static void route_forget(Manager *manager, Route *route, const char *msg) {
|
||||||
|
assert(manager);
|
||||||
|
assert(route);
|
||||||
|
assert(msg);
|
||||||
|
|
||||||
|
Request *req;
|
||||||
|
if (route_get_request(manager, route, &req) >= 0)
|
||||||
|
route_enter_removed(req->userdata);
|
||||||
|
|
||||||
|
if (!route->manager && route_get(manager, route, &route) < 0)
|
||||||
|
return;
|
||||||
|
|
||||||
|
route_enter_removed(route);
|
||||||
|
log_route_debug(route, msg, manager);
|
||||||
|
route_detach(route);
|
||||||
|
}
|
||||||
|
|
||||||
static int route_set_netlink_message(const Route *route, sd_netlink_message *m) {
|
static int route_set_netlink_message(const Route *route, sd_netlink_message *m) {
|
||||||
int r;
|
int r;
|
||||||
|
|
||||||
|
@ -564,16 +581,8 @@ static int route_remove_handler(sd_netlink *rtnl, sd_netlink_message *m, RemoveR
|
||||||
LOG_DEBUG : LOG_WARNING,
|
LOG_DEBUG : LOG_WARNING,
|
||||||
r, "Could not drop route, ignoring");
|
r, "Could not drop route, ignoring");
|
||||||
|
|
||||||
if (route->manager) {
|
|
||||||
/* If the route cannot be removed, then assume the route is already removed. */
|
/* If the route cannot be removed, then assume the route is already removed. */
|
||||||
log_route_debug(route, "Forgetting", manager);
|
route_forget(manager, route, "Forgetting");
|
||||||
|
|
||||||
Request *req;
|
|
||||||
if (route_get_request(manager, route, &req) >= 0)
|
|
||||||
route_enter_removed(req->userdata);
|
|
||||||
|
|
||||||
route_detach(route);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
|
@ -1088,7 +1097,6 @@ static int process_route_one(
|
||||||
Route *tmp,
|
Route *tmp,
|
||||||
const struct rta_cacheinfo *cacheinfo) {
|
const struct rta_cacheinfo *cacheinfo) {
|
||||||
|
|
||||||
Request *req = NULL;
|
|
||||||
Route *route = NULL;
|
Route *route = NULL;
|
||||||
Link *link = NULL;
|
Link *link = NULL;
|
||||||
bool is_new = false, update_dhcp4;
|
bool is_new = false, update_dhcp4;
|
||||||
|
@ -1099,13 +1107,15 @@ static int process_route_one(
|
||||||
assert(IN_SET(type, RTM_NEWROUTE, RTM_DELROUTE));
|
assert(IN_SET(type, RTM_NEWROUTE, RTM_DELROUTE));
|
||||||
|
|
||||||
(void) route_get(manager, tmp, &route);
|
(void) route_get(manager, tmp, &route);
|
||||||
(void) route_get_request(manager, tmp, &req);
|
|
||||||
(void) route_get_link(manager, tmp, &link);
|
(void) route_get_link(manager, tmp, &link);
|
||||||
|
|
||||||
update_dhcp4 = link && tmp->family == AF_INET6 && tmp->dst_prefixlen == 0;
|
update_dhcp4 = link && tmp->family == AF_INET6 && tmp->dst_prefixlen == 0;
|
||||||
|
|
||||||
switch (type) {
|
switch (type) {
|
||||||
case RTM_NEWROUTE:
|
case RTM_NEWROUTE: {
|
||||||
|
Request *req = NULL;
|
||||||
|
(void) route_get_request(manager, tmp, &req);
|
||||||
|
|
||||||
if (!route) {
|
if (!route) {
|
||||||
if (!manager->manage_foreign_routes && !(req && req->waiting_reply)) {
|
if (!manager->manage_foreign_routes && !(req && req->waiting_reply)) {
|
||||||
route_enter_configured(tmp);
|
route_enter_configured(tmp);
|
||||||
|
@ -1159,20 +1169,14 @@ static int process_route_one(
|
||||||
(void) route_setup_timer(route, cacheinfo);
|
(void) route_setup_timer(route, cacheinfo);
|
||||||
|
|
||||||
break;
|
break;
|
||||||
|
}
|
||||||
case RTM_DELROUTE:
|
case RTM_DELROUTE:
|
||||||
if (route) {
|
if (route)
|
||||||
route_enter_removed(route);
|
route_forget(manager, route, "Forgetting removed");
|
||||||
log_route_debug(route, "Forgetting removed", manager);
|
else
|
||||||
route_detach(route);
|
|
||||||
} else
|
|
||||||
log_route_debug(tmp,
|
log_route_debug(tmp,
|
||||||
manager->manage_foreign_routes ? "Kernel removed unknown" : "Ignoring received",
|
manager->manage_foreign_routes ? "Kernel removed unknown" : "Ignoring received",
|
||||||
manager);
|
manager);
|
||||||
|
|
||||||
if (req)
|
|
||||||
route_enter_removed(req->userdata);
|
|
||||||
|
|
||||||
break;
|
break;
|
||||||
|
|
||||||
default:
|
default:
|
||||||
|
@ -1574,13 +1578,7 @@ void link_forget_routes(Link *link) {
|
||||||
if (!IN_SET(route->type, RTN_UNICAST, RTN_BROADCAST, RTN_ANYCAST, RTN_MULTICAST))
|
if (!IN_SET(route->type, RTN_UNICAST, RTN_BROADCAST, RTN_ANYCAST, RTN_MULTICAST))
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
Request *req;
|
route_forget(link->manager, route, "Forgetting silently removed");
|
||||||
if (route_get_request(link->manager, route, &req) >= 0)
|
|
||||||
route_enter_removed(req->userdata);
|
|
||||||
|
|
||||||
route_enter_removed(route);
|
|
||||||
log_route_debug(route, "Forgetting silently removed", link->manager);
|
|
||||||
route_detach(route);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -550,6 +550,23 @@ static void log_routing_policy_rule_debug(const RoutingPolicyRule *rule, const c
|
||||||
strna(rule->iif), strna(rule->oif), strna(table));
|
strna(rule->iif), strna(rule->oif), strna(table));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static void routing_policy_rule_forget(Manager *manager, RoutingPolicyRule *rule, const char *msg) {
|
||||||
|
assert(manager);
|
||||||
|
assert(rule);
|
||||||
|
assert(msg);
|
||||||
|
|
||||||
|
Request *req;
|
||||||
|
if (routing_policy_rule_get_request(manager, rule, rule->family, &req) >= 0)
|
||||||
|
routing_policy_rule_enter_removed(req->userdata);
|
||||||
|
|
||||||
|
if (!rule->manager && routing_policy_rule_get(manager, rule, rule->family, &rule) < 0)
|
||||||
|
return;
|
||||||
|
|
||||||
|
routing_policy_rule_enter_removed(rule);
|
||||||
|
log_routing_policy_rule_debug(rule, "Forgetting", NULL, manager);
|
||||||
|
routing_policy_rule_detach(rule);
|
||||||
|
}
|
||||||
|
|
||||||
static int routing_policy_rule_set_netlink_message(const RoutingPolicyRule *rule, sd_netlink_message *m) {
|
static int routing_policy_rule_set_netlink_message(const RoutingPolicyRule *rule, sd_netlink_message *m) {
|
||||||
int r;
|
int r;
|
||||||
|
|
||||||
|
@ -708,16 +725,8 @@ static int routing_policy_rule_remove_handler(sd_netlink *rtnl, sd_netlink_messa
|
||||||
(r == -ENOENT || !rule->manager) ? LOG_DEBUG : LOG_WARNING,
|
(r == -ENOENT || !rule->manager) ? LOG_DEBUG : LOG_WARNING,
|
||||||
r, "Could not drop routing policy rule, ignoring");
|
r, "Could not drop routing policy rule, ignoring");
|
||||||
|
|
||||||
if (rule->manager) {
|
|
||||||
/* If the rule cannot be removed, then assume the rule is already removed. */
|
/* If the rule cannot be removed, then assume the rule is already removed. */
|
||||||
log_routing_policy_rule_debug(rule, "Forgetting", NULL, manager);
|
routing_policy_rule_forget(manager, rule, "Forgetting");
|
||||||
|
|
||||||
Request *req;
|
|
||||||
if (routing_policy_rule_get_request(manager, rule, rule->family, &req) >= 0)
|
|
||||||
routing_policy_rule_enter_removed(req->userdata);
|
|
||||||
|
|
||||||
routing_policy_rule_detach(rule);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
|
@ -1046,10 +1055,6 @@ static bool routing_policy_rule_is_created_by_kernel(const RoutingPolicyRule *ru
|
||||||
}
|
}
|
||||||
|
|
||||||
int manager_rtnl_process_rule(sd_netlink *rtnl, sd_netlink_message *message, Manager *m) {
|
int manager_rtnl_process_rule(sd_netlink *rtnl, sd_netlink_message *message, Manager *m) {
|
||||||
_cleanup_(routing_policy_rule_unrefp) RoutingPolicyRule *tmp = NULL;
|
|
||||||
RoutingPolicyRule *rule = NULL;
|
|
||||||
Request *req = NULL;
|
|
||||||
uint16_t type;
|
|
||||||
int r;
|
int r;
|
||||||
|
|
||||||
assert(rtnl);
|
assert(rtnl);
|
||||||
|
@ -1063,6 +1068,7 @@ int manager_rtnl_process_rule(sd_netlink *rtnl, sd_netlink_message *message, Man
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
uint16_t type;
|
||||||
r = sd_netlink_message_get_type(message, &type);
|
r = sd_netlink_message_get_type(message, &type);
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
log_warning_errno(r, "rtnl: could not get message type, ignoring: %m");
|
log_warning_errno(r, "rtnl: could not get message type, ignoring: %m");
|
||||||
|
@ -1072,6 +1078,7 @@ int manager_rtnl_process_rule(sd_netlink *rtnl, sd_netlink_message *message, Man
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
_cleanup_(routing_policy_rule_unrefp) RoutingPolicyRule *tmp = NULL;
|
||||||
r = routing_policy_rule_new(&tmp);
|
r = routing_policy_rule_new(&tmp);
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
log_oom();
|
log_oom();
|
||||||
|
@ -1240,23 +1247,20 @@ int manager_rtnl_process_rule(sd_netlink *rtnl, sd_netlink_message *message, Man
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
RoutingPolicyRule *rule = NULL;
|
||||||
(void) routing_policy_rule_get(m, tmp, tmp->family, &rule);
|
(void) routing_policy_rule_get(m, tmp, tmp->family, &rule);
|
||||||
(void) routing_policy_rule_get_request(m, tmp, tmp->family, &req);
|
|
||||||
|
|
||||||
if (type == RTM_DELRULE) {
|
if (type == RTM_DELRULE) {
|
||||||
if (rule) {
|
if (rule)
|
||||||
routing_policy_rule_enter_removed(rule);
|
routing_policy_rule_forget(m, rule, "Forgetting removed");
|
||||||
log_routing_policy_rule_debug(rule, "Forgetting removed", NULL, m);
|
else
|
||||||
routing_policy_rule_detach(rule);
|
|
||||||
} else
|
|
||||||
log_routing_policy_rule_debug(tmp, "Kernel removed unknown", NULL, m);
|
log_routing_policy_rule_debug(tmp, "Kernel removed unknown", NULL, m);
|
||||||
|
|
||||||
if (req)
|
|
||||||
routing_policy_rule_enter_removed(req->userdata);
|
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Request *req = NULL;
|
||||||
|
(void) routing_policy_rule_get_request(m, tmp, tmp->family, &req);
|
||||||
|
|
||||||
bool is_new = false;
|
bool is_new = false;
|
||||||
if (!rule) {
|
if (!rule) {
|
||||||
if (!req && !m->manage_foreign_rules) {
|
if (!req && !m->manage_foreign_rules) {
|
||||||
|
|
|
@ -2280,10 +2280,9 @@ static int copy_devnode_one(const char *dest, const char *node, bool ignore_mkno
|
||||||
r = path_extract_directory(from, &parent);
|
r = path_extract_directory(from, &parent);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to extract directory from %s: %m", from);
|
return log_error_errno(r, "Failed to extract directory from %s: %m", from);
|
||||||
if (!path_equal(parent, "/dev/")) {
|
r = userns_mkdir(dest, parent, 0755, 0, 0);
|
||||||
if (userns_mkdir(dest, parent, 0755, 0, 0) < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to create directory %s: %m", parent);
|
return log_error_errno(r, "Failed to create directory %s: %m", parent);
|
||||||
}
|
|
||||||
|
|
||||||
if (mknod(to, st.st_mode, st.st_rdev) < 0) {
|
if (mknod(to, st.st_mode, st.st_rdev) < 0) {
|
||||||
r = -errno; /* Save the original error code. */
|
r = -errno; /* Save the original error code. */
|
||||||
|
@ -4654,7 +4653,7 @@ static int nspawn_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t r
|
||||||
|
|
||||||
ucred = CMSG_FIND_DATA(&msghdr, SOL_SOCKET, SCM_CREDENTIALS, struct ucred);
|
ucred = CMSG_FIND_DATA(&msghdr, SOL_SOCKET, SCM_CREDENTIALS, struct ucred);
|
||||||
if (!ucred || ucred->pid != inner_child_pid) {
|
if (!ucred || ucred->pid != inner_child_pid) {
|
||||||
log_debug("Received notify message without valid credentials. Ignoring.");
|
log_debug("Received notify message from process that is not the payload's PID 1. Ignoring.");
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -36,14 +36,9 @@ static int parse_proc_cmdline_item(const char *key, const char *value, void *dat
|
||||||
arg_skip = true;
|
arg_skip = true;
|
||||||
else
|
else
|
||||||
log_warning("Invalid quotacheck.mode= value, ignoring: %s", value);
|
log_warning("Invalid quotacheck.mode= value, ignoring: %s", value);
|
||||||
}
|
|
||||||
|
|
||||||
#if HAVE_SYSV_COMPAT
|
} else if (streq(key, "forcequotacheck") && !value)
|
||||||
else if (streq(key, "forcequotacheck") && !value) {
|
|
||||||
log_warning("Please use 'quotacheck.mode=force' rather than 'forcequotacheck' on the kernel command line. Proceeding anyway.");
|
|
||||||
arg_force = true;
|
arg_force = true;
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
|
@ -392,7 +392,7 @@ int tpm2_make_pcr_json_array(uint32_t pcr_mask, sd_json_variant **ret);
|
||||||
int tpm2_parse_pcr_json_array(sd_json_variant *v, uint32_t *ret);
|
int tpm2_parse_pcr_json_array(sd_json_variant *v, uint32_t *ret);
|
||||||
|
|
||||||
int tpm2_make_luks2_json(int keyslot, uint32_t hash_pcr_mask, uint16_t pcr_bank, const struct iovec *pubkey, uint32_t pubkey_pcr_mask, uint16_t primary_alg, const struct iovec blobs[], size_t n_blobs, const struct iovec policy_hash[], size_t n_policy_hash, const struct iovec *salt, const struct iovec *srk, const struct iovec *pcrlock_nv, TPM2Flags flags, sd_json_variant **ret);
|
int tpm2_make_luks2_json(int keyslot, uint32_t hash_pcr_mask, uint16_t pcr_bank, const struct iovec *pubkey, uint32_t pubkey_pcr_mask, uint16_t primary_alg, const struct iovec blobs[], size_t n_blobs, const struct iovec policy_hash[], size_t n_policy_hash, const struct iovec *salt, const struct iovec *srk, const struct iovec *pcrlock_nv, TPM2Flags flags, sd_json_variant **ret);
|
||||||
int tpm2_parse_luks2_json(sd_json_variant *v, int *ret_keyslot, uint32_t *ret_hash_pcr_mask, uint16_t *ret_pcr_bank, struct iovec *ret_pubkey, uint32_t *ret_pubkey_pcr_mask, uint16_t *ret_primary_alg, struct iovec **ret_blobs, size_t *ret_n_blobs, struct iovec **ret_policy_hash, size_t *ret_n_policy_hash, struct iovec *ret_salt, struct iovec *ret_srk, struct iovec *pcrlock_nv, TPM2Flags *ret_flags);
|
int tpm2_parse_luks2_json(sd_json_variant *v, int *ret_keyslot, uint32_t *ret_hash_pcr_mask, uint16_t *ret_pcr_bank, struct iovec *ret_pubkey, uint32_t *ret_pubkey_pcr_mask, uint16_t *ret_primary_alg, struct iovec **ret_blobs, size_t *ret_n_blobs, struct iovec **ret_policy_hash, size_t *ret_n_policy_hash, struct iovec *ret_salt, struct iovec *ret_srk, struct iovec *ret_pcrlock_nv, TPM2Flags *ret_flags);
|
||||||
|
|
||||||
/* Default to PCR 7 only */
|
/* Default to PCR 7 only */
|
||||||
#define TPM2_PCR_INDEX_DEFAULT UINT32_C(7)
|
#define TPM2_PCR_INDEX_DEFAULT UINT32_C(7)
|
||||||
|
|
|
@ -98,15 +98,17 @@ static int delete_dm(DeviceMapper *m) {
|
||||||
assert(major(m->devnum) != 0);
|
assert(major(m->devnum) != 0);
|
||||||
assert(m->path);
|
assert(m->path);
|
||||||
|
|
||||||
|
fd = open(m->path, O_RDONLY|O_CLOEXEC|O_NONBLOCK);
|
||||||
|
if (fd < 0)
|
||||||
|
log_debug_errno(errno, "Failed to open DM block device %s for syncing, ignoring: %m", m->path);
|
||||||
|
else {
|
||||||
|
(void) sync_with_progress(fd);
|
||||||
|
fd = safe_close(fd);
|
||||||
|
}
|
||||||
|
|
||||||
fd = open("/dev/mapper/control", O_RDWR|O_CLOEXEC);
|
fd = open("/dev/mapper/control", O_RDWR|O_CLOEXEC);
|
||||||
if (fd < 0)
|
if (fd < 0)
|
||||||
return -errno;
|
return log_debug_errno(errno, "Failed to open /dev/mapper/control: %m");
|
||||||
|
|
||||||
_cleanup_close_ int block_fd = open(m->path, O_RDONLY|O_CLOEXEC|O_NONBLOCK);
|
|
||||||
if (block_fd < 0)
|
|
||||||
log_debug_errno(errno, "Failed to open DM block device %s for syncing, ignoring: %m", m->path);
|
|
||||||
else
|
|
||||||
(void) sync_with_progress(block_fd);
|
|
||||||
|
|
||||||
return RET_NERRNO(ioctl(fd, DM_DEV_REMOVE, &(struct dm_ioctl) {
|
return RET_NERRNO(ioctl(fd, DM_DEV_REMOVE, &(struct dm_ioctl) {
|
||||||
.version = {
|
.version = {
|
||||||
|
|
|
@ -211,10 +211,8 @@ static int sync_making_progress(unsigned long long *prev_dirty) {
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
errno = 0;
|
errno = 0;
|
||||||
if (sscanf(line, "%*s %llu %*s", &ull) != 1) {
|
if (sscanf(line, "%*s %llu %*s", &ull) != 1)
|
||||||
log_warning_errno(errno_or_else(EIO), "Failed to parse /proc/meminfo field, ignoring: %m");
|
return log_warning_errno(errno_or_else(EIO), "Failed to parse /proc/meminfo field: %m");
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
val += ull;
|
val += ull;
|
||||||
}
|
}
|
||||||
|
|
|
@ -23,6 +23,7 @@
|
||||||
#include "user-util.h"
|
#include "user-util.h"
|
||||||
#include "userdb.h"
|
#include "userdb.h"
|
||||||
#include "verbs.h"
|
#include "verbs.h"
|
||||||
|
#include "virt.h"
|
||||||
|
|
||||||
static enum {
|
static enum {
|
||||||
OUTPUT_CLASSIC,
|
OUTPUT_CLASSIC,
|
||||||
|
@ -139,10 +140,16 @@ static int show_user(UserRecord *ur, Table *table) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static bool test_show_mapped(void) {
|
||||||
|
/* Show mapped user range only in environments where user mapping is a thing. */
|
||||||
|
return running_in_userns() > 0;
|
||||||
|
}
|
||||||
|
|
||||||
static const struct {
|
static const struct {
|
||||||
uid_t first, last;
|
uid_t first, last;
|
||||||
const char *name;
|
const char *name;
|
||||||
UserDisposition disposition;
|
UserDisposition disposition;
|
||||||
|
bool (*test)(void);
|
||||||
} uid_range_table[] = {
|
} uid_range_table[] = {
|
||||||
{
|
{
|
||||||
.first = 1,
|
.first = 1,
|
||||||
|
@ -175,11 +182,12 @@ static const struct {
|
||||||
.last = MAP_UID_MAX,
|
.last = MAP_UID_MAX,
|
||||||
.name = "mapped",
|
.name = "mapped",
|
||||||
.disposition = USER_REGULAR,
|
.disposition = USER_REGULAR,
|
||||||
|
.test = test_show_mapped,
|
||||||
},
|
},
|
||||||
};
|
};
|
||||||
|
|
||||||
static int table_add_uid_boundaries(Table *table, const UIDRange *p) {
|
static int table_add_uid_boundaries(Table *table, const UIDRange *p) {
|
||||||
int r;
|
int r, n_added = 0;
|
||||||
|
|
||||||
assert(table);
|
assert(table);
|
||||||
|
|
||||||
|
@ -192,6 +200,9 @@ static int table_add_uid_boundaries(Table *table, const UIDRange *p) {
|
||||||
if (!uid_range_covers(p, i->first, i->last - i->first + 1))
|
if (!uid_range_covers(p, i->first, i->last - i->first + 1))
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
|
if (i->test && !i->test())
|
||||||
|
continue;
|
||||||
|
|
||||||
name = strjoin(special_glyph(SPECIAL_GLYPH_ARROW_DOWN),
|
name = strjoin(special_glyph(SPECIAL_GLYPH_ARROW_DOWN),
|
||||||
" begin ", i->name, " users ",
|
" begin ", i->name, " users ",
|
||||||
special_glyph(SPECIAL_GLYPH_ARROW_DOWN));
|
special_glyph(SPECIAL_GLYPH_ARROW_DOWN));
|
||||||
|
@ -249,9 +260,11 @@ static int table_add_uid_boundaries(Table *table, const UIDRange *p) {
|
||||||
TABLE_INT, 1); /* sort after any other entry with the same UID */
|
TABLE_INT, 1); /* sort after any other entry with the same UID */
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return table_log_add_error(r);
|
return table_log_add_error(r);
|
||||||
|
|
||||||
|
n_added += 2;
|
||||||
}
|
}
|
||||||
|
|
||||||
return ELEMENTSOF(uid_range_table) * 2;
|
return n_added;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int add_unavailable_uid(Table *table, uid_t start, uid_t end) {
|
static int add_unavailable_uid(Table *table, uid_t start, uid_t end) {
|
||||||
|
@ -565,16 +578,22 @@ static int show_group(GroupRecord *gr, Table *table) {
|
||||||
}
|
}
|
||||||
|
|
||||||
static int table_add_gid_boundaries(Table *table, const UIDRange *p) {
|
static int table_add_gid_boundaries(Table *table, const UIDRange *p) {
|
||||||
int r;
|
int r, n_added = 0;
|
||||||
|
|
||||||
assert(table);
|
assert(table);
|
||||||
|
|
||||||
FOREACH_ELEMENT(i, uid_range_table) {
|
FOREACH_ELEMENT(i, uid_range_table) {
|
||||||
_cleanup_free_ char *name = NULL, *comment = NULL;
|
_cleanup_free_ char *name = NULL, *comment = NULL;
|
||||||
|
|
||||||
|
if (!FLAGS_SET(arg_disposition_mask, UINT64_C(1) << i->disposition))
|
||||||
|
continue;
|
||||||
|
|
||||||
if (!uid_range_covers(p, i->first, i->last - i->first + 1))
|
if (!uid_range_covers(p, i->first, i->last - i->first + 1))
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
|
if (i->test && !i->test())
|
||||||
|
continue;
|
||||||
|
|
||||||
name = strjoin(special_glyph(SPECIAL_GLYPH_ARROW_DOWN),
|
name = strjoin(special_glyph(SPECIAL_GLYPH_ARROW_DOWN),
|
||||||
" begin ", i->name, " groups ",
|
" begin ", i->name, " groups ",
|
||||||
special_glyph(SPECIAL_GLYPH_ARROW_DOWN));
|
special_glyph(SPECIAL_GLYPH_ARROW_DOWN));
|
||||||
|
@ -626,9 +645,11 @@ static int table_add_gid_boundaries(Table *table, const UIDRange *p) {
|
||||||
TABLE_INT, 1); /* sort after any other entry with the same GID */
|
TABLE_INT, 1); /* sort after any other entry with the same GID */
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return table_log_add_error(r);
|
return table_log_add_error(r);
|
||||||
|
|
||||||
|
n_added += 2;
|
||||||
}
|
}
|
||||||
|
|
||||||
return ELEMENTSOF(uid_range_table) * 2;
|
return n_added;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int add_unavailable_gid(Table *table, uid_t start, uid_t end) {
|
static int add_unavailable_gid(Table *table, uid_t start, uid_t end) {
|
||||||
|
|
|
@ -960,10 +960,13 @@ exec $(systemctl cat systemd-networkd.service | sed -n '/^ExecStart=/ {{ s/^.*=/
|
||||||
|
|
||||||
# wait until devices got created
|
# wait until devices got created
|
||||||
for _ in range(50):
|
for _ in range(50):
|
||||||
out = subprocess.check_output(['ip', 'a', 'show', 'dev', self.if_router])
|
if subprocess.run(['ip', 'link', 'show', 'dev', self.if_router],
|
||||||
if b'state UP' in out and b'scope global' in out:
|
stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL).returncode == 0:
|
||||||
break
|
break
|
||||||
time.sleep(0.1)
|
time.sleep(0.1)
|
||||||
|
else:
|
||||||
|
subprocess.call(['ip', 'link', 'show', 'dev', self.if_router])
|
||||||
|
self.fail('Timed out waiting for {ifr} created.'.format(ifr=self.if_router))
|
||||||
|
|
||||||
def shutdown_iface(self):
|
def shutdown_iface(self):
|
||||||
'''Remove test interface and stop DHCP server'''
|
'''Remove test interface and stop DHCP server'''
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
# the Free Software Foundation; either version 2.1 of the License, or
|
# the Free Software Foundation; either version 2.1 of the License, or
|
||||||
# (at your option) any later version.
|
# (at your option) any later version.
|
||||||
|
|
||||||
# See tmpfiles.d(5) for details
|
# See tmpfiles.d(5) for details.
|
||||||
|
|
||||||
{% if LINK_SHELL_EXTRA_DROPIN %}
|
{% if LINK_SHELL_EXTRA_DROPIN %}
|
||||||
L$ {{SHELLPROFILEDIR}}/70-systemd-shell-extra.sh - - - - {{LIBEXECDIR}}/profile.d/70-systemd-shell-extra.sh
|
L$ {{SHELLPROFILEDIR}}/70-systemd-shell-extra.sh - - - - {{LIBEXECDIR}}/profile.d/70-systemd-shell-extra.sh
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
# the Free Software Foundation; either version 2.1 of the License, or
|
# the Free Software Foundation; either version 2.1 of the License, or
|
||||||
# (at your option) any later version.
|
# (at your option) any later version.
|
||||||
|
|
||||||
# See tmpfiles.d(5) for details
|
# See tmpfiles.d(5) for details.
|
||||||
|
|
||||||
{% if LINK_SSH_PROXY_DROPIN %}
|
{% if LINK_SSH_PROXY_DROPIN %}
|
||||||
L$ {{SSHCONFDIR}}/20-systemd-ssh-proxy.conf - - - - {{LIBEXECDIR}}/ssh_config.d/20-systemd-ssh-proxy.conf
|
L$ {{SSHCONFDIR}}/20-systemd-ssh-proxy.conf - - - - {{LIBEXECDIR}}/ssh_config.d/20-systemd-ssh-proxy.conf
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
# the Free Software Foundation; either version 2.1 of the License, or
|
# the Free Software Foundation; either version 2.1 of the License, or
|
||||||
# (at your option) any later version.
|
# (at your option) any later version.
|
||||||
|
|
||||||
# See tmpfiles.d(5) for details
|
# See tmpfiles.d(5) for details.
|
||||||
|
|
||||||
# Copy systemd-stub provided metadata such as PCR signature and public key file
|
# Copy systemd-stub provided metadata such as PCR signature and public key file
|
||||||
# from initrd into /run/, so that it will survive the initrd stage
|
# from initrd into /run/, so that it will survive the initrd stage
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
# the Free Software Foundation; either version 2.1 of the License, or
|
# the Free Software Foundation; either version 2.1 of the License, or
|
||||||
# (at your option) any later version.
|
# (at your option) any later version.
|
||||||
|
|
||||||
# See tmpfiles.d(5) for details
|
# See tmpfiles.d(5) for details.
|
||||||
|
|
||||||
{% if LINK_SSHD_USERDB_DROPIN %}
|
{% if LINK_SSHD_USERDB_DROPIN %}
|
||||||
L {{SSHDCONFDIR}}/20-systemd-userdb.conf - - - - {{LIBEXECDIR}}/sshd_config.d/20-systemd-userdb.conf
|
L {{SSHDCONFDIR}}/20-systemd-userdb.conf - - - - {{LIBEXECDIR}}/sshd_config.d/20-systemd-userdb.conf
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
# the Free Software Foundation; either version 2.1 of the License, or
|
# the Free Software Foundation; either version 2.1 of the License, or
|
||||||
# (at your option) any later version.
|
# (at your option) any later version.
|
||||||
|
|
||||||
# See tmpfiles.d(5) for details
|
# See tmpfiles.d(5) for details.
|
||||||
|
|
||||||
d /etc/credstore 0700 root root
|
d /etc/credstore 0700 root root
|
||||||
d /etc/credstore.encrypted 0700 root root
|
d /etc/credstore.encrypted 0700 root root
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
# the Free Software Foundation; either version 2.1 of the License, or
|
# the Free Software Foundation; either version 2.1 of the License, or
|
||||||
# (at your option) any later version.
|
# (at your option) any later version.
|
||||||
|
|
||||||
# See tmpfiles.d(5) for details
|
# See tmpfiles.d(5) for details.
|
||||||
|
|
||||||
L /etc/os-release - - - - ../usr/lib/os-release
|
L /etc/os-release - - - - ../usr/lib/os-release
|
||||||
L+ /etc/mtab - - - - ../proc/self/mounts
|
L+ /etc/mtab - - - - ../proc/self/mounts
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
# the Free Software Foundation; either version 2.1 of the License, or
|
# the Free Software Foundation; either version 2.1 of the License, or
|
||||||
# (at your option) any later version.
|
# (at your option) any later version.
|
||||||
|
|
||||||
# See tmpfiles.d(5) for details
|
# See tmpfiles.d(5) for details.
|
||||||
|
|
||||||
Q /home 0755 - - -
|
Q /home 0755 - - -
|
||||||
q /srv 0755 - - -
|
q /srv 0755 - - -
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
# the Free Software Foundation; either version 2.1 of the License, or
|
# the Free Software Foundation; either version 2.1 of the License, or
|
||||||
# (at your option) any later version.
|
# (at your option) any later version.
|
||||||
|
|
||||||
# See tmpfiles.d(5) for details
|
# See tmpfiles.d(5) for details.
|
||||||
|
|
||||||
# Set the NOCOW attribute for directories of journal files. This flag
|
# Set the NOCOW attribute for directories of journal files. This flag
|
||||||
# is inherited by their new files and sub-directories. Matters only
|
# is inherited by their new files and sub-directories. Matters only
|
||||||
|
|
|
@ -5,26 +5,28 @@
|
||||||
# the Free Software Foundation; either version 2.1 of the License, or
|
# the Free Software Foundation; either version 2.1 of the License, or
|
||||||
# (at your option) any later version.
|
# (at your option) any later version.
|
||||||
|
|
||||||
# See tmpfiles.d(5) for details
|
# See tmpfiles.d(5) for details.
|
||||||
|
|
||||||
# These files are considered legacy and are unnecessary on legacy-free
|
# The functionality provided by these files and directories has been replaced
|
||||||
# systems.
|
# by newer interfaces. Their use is discouraged on legacy-free systems. This
|
||||||
|
# configuration is provided to maintain backward compatibility.
|
||||||
|
|
||||||
d /run/lock 0755 root root -
|
d /run/lock 0755 root root -
|
||||||
L /var/lock - - - - ../run/lock
|
L /var/lock - - - - ../run/lock
|
||||||
|
|
||||||
|
{% if HAVE_SYSV_COMPAT %}
|
||||||
{% if CREATE_LOG_DIRS %}
|
{% if CREATE_LOG_DIRS %}
|
||||||
L$ /var/log/README - - - - ../..{{DOC_DIR}}/README.logs
|
L$ /var/log/README - - - - ../..{{DOC_DIR}}/README.logs
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
# /run/lock/subsys is used for serializing SysV service execution, and
|
# /run/lock/subsys is used for serializing SysV service execution, and
|
||||||
# hence without use on SysV-less systems.
|
# hence without use on SysV-less systems.
|
||||||
|
|
||||||
d /run/lock/subsys 0755 root root -
|
d /run/lock/subsys 0755 root root -
|
||||||
|
|
||||||
# /forcefsck, /fastboot and /forcequotacheck are deprecated in favor of the
|
# /forcefsck, /fastboot and /forcequotacheck are deprecated in favor of the
|
||||||
# kernel command line options 'fsck.mode=force', 'fsck.mode=skip' and
|
# kernel command line options 'fsck.mode=force', 'fsck.mode=skip' and
|
||||||
# 'quotacheck.mode=force'
|
# 'quotacheck.mode=force'
|
||||||
|
|
||||||
r! /forcefsck
|
r! /forcefsck
|
||||||
r! /fastboot
|
r! /fastboot
|
||||||
r! /forcequotacheck
|
r! /forcequotacheck
|
||||||
|
{% endif %}
|
||||||
|
|
|
@ -35,7 +35,7 @@ in_files = [
|
||||||
['20-systemd-stub.conf', 'ENABLE_EFI'],
|
['20-systemd-stub.conf', 'ENABLE_EFI'],
|
||||||
['20-systemd-userdb.conf', 'ENABLE_SSH_USERDB_CONFIG'],
|
['20-systemd-userdb.conf', 'ENABLE_SSH_USERDB_CONFIG'],
|
||||||
['etc.conf'],
|
['etc.conf'],
|
||||||
['legacy.conf', 'HAVE_SYSV_COMPAT'],
|
['legacy.conf'],
|
||||||
['static-nodes-permissions.conf'],
|
['static-nodes-permissions.conf'],
|
||||||
['systemd.conf'],
|
['systemd.conf'],
|
||||||
['var.conf'],
|
['var.conf'],
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
# SPDX-License-Identifier: LGPL-2.1-or-later
|
# SPDX-License-Identifier: LGPL-2.1-or-later
|
||||||
# See tmpfiles.d(5) for details
|
# See tmpfiles.d(5) for details.
|
||||||
|
|
||||||
Q /var/lib/portables 0700
|
Q /var/lib/portables 0700
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
# the Free Software Foundation; either version 2.1 of the License, or
|
# the Free Software Foundation; either version 2.1 of the License, or
|
||||||
# (at your option) any later version.
|
# (at your option) any later version.
|
||||||
|
|
||||||
# See tmpfiles.d(5) for details
|
# See tmpfiles.d(5) for details.
|
||||||
|
|
||||||
# Provision additional login messages from credentials, if they are set. Note
|
# Provision additional login messages from credentials, if they are set. Note
|
||||||
# that these lines are NOPs if the credentials are not set or if the files
|
# that these lines are NOPs if the credentials are not set or if the files
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
# the Free Software Foundation; either version 2.1 of the License, or
|
# the Free Software Foundation; either version 2.1 of the License, or
|
||||||
# (at your option) any later version.
|
# (at your option) any later version.
|
||||||
|
|
||||||
# See tmpfiles.d(5) for details
|
# See tmpfiles.d(5) for details.
|
||||||
|
|
||||||
d$ /run/systemd/netif 0755 systemd-network systemd-network -
|
d$ /run/systemd/netif 0755 systemd-network systemd-network -
|
||||||
d$ /run/systemd/netif/links 0755 systemd-network systemd-network -
|
d$ /run/systemd/netif/links 0755 systemd-network systemd-network -
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
# the Free Software Foundation; either version 2.1 of the License, or
|
# the Free Software Foundation; either version 2.1 of the License, or
|
||||||
# (at your option) any later version.
|
# (at your option) any later version.
|
||||||
|
|
||||||
# See tmpfiles.d(5) for details
|
# See tmpfiles.d(5) for details.
|
||||||
|
|
||||||
Q /var/lib/machines 0700 - - -
|
Q /var/lib/machines 0700 - - -
|
||||||
|
|
||||||
|
|
|
@ -5,6 +5,6 @@
|
||||||
# the Free Software Foundation; either version 2.1 of the License, or
|
# the Free Software Foundation; either version 2.1 of the License, or
|
||||||
# (at your option) any later version.
|
# (at your option) any later version.
|
||||||
|
|
||||||
# See tmpfiles.d(5) for details
|
# See tmpfiles.d(5) for details.
|
||||||
|
|
||||||
L! /etc/resolv.conf - - - - ../run/systemd/resolve/stub-resolv.conf
|
L! /etc/resolv.conf - - - - ../run/systemd/resolve/stub-resolv.conf
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
# the Free Software Foundation; either version 2.1 of the License, or
|
# the Free Software Foundation; either version 2.1 of the License, or
|
||||||
# (at your option) any later version.
|
# (at your option) any later version.
|
||||||
|
|
||||||
# See tmpfiles.d(5) for details
|
# See tmpfiles.d(5) for details.
|
||||||
|
|
||||||
# Exclude namespace mountpoints created with PrivateTmp=yes
|
# Exclude namespace mountpoints created with PrivateTmp=yes
|
||||||
x /tmp/systemd-private-%b-*
|
x /tmp/systemd-private-%b-*
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
# the Free Software Foundation; either version 2.1 of the License, or
|
# the Free Software Foundation; either version 2.1 of the License, or
|
||||||
# (at your option) any later version.
|
# (at your option) any later version.
|
||||||
|
|
||||||
# See tmpfiles.d(5) for details
|
# See tmpfiles.d(5) for details.
|
||||||
|
|
||||||
d /run/user 0755 root root -
|
d /run/user 0755 root root -
|
||||||
{% if ENABLE_UTMP %}
|
{% if ENABLE_UTMP %}
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
# the Free Software Foundation; either version 2.1 of the License, or
|
# the Free Software Foundation; either version 2.1 of the License, or
|
||||||
# (at your option) any later version.
|
# (at your option) any later version.
|
||||||
|
|
||||||
# See tmpfiles.d(5) for details
|
# See tmpfiles.d(5) for details.
|
||||||
|
|
||||||
# Clear tmp directories separately, to make them easier to override
|
# Clear tmp directories separately, to make them easier to override
|
||||||
q /tmp 1777 root root 10d
|
q /tmp 1777 root root 10d
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
# the Free Software Foundation; either version 2.1 of the License, or
|
# the Free Software Foundation; either version 2.1 of the License, or
|
||||||
# (at your option) any later version.
|
# (at your option) any later version.
|
||||||
|
|
||||||
# See tmpfiles.d(5) for details
|
# See tmpfiles.d(5) for details.
|
||||||
|
|
||||||
q /var 0755 - - -
|
q /var 0755 - - -
|
||||||
|
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
# the Free Software Foundation; either version 2.1 of the License, or
|
# the Free Software Foundation; either version 2.1 of the License, or
|
||||||
# (at your option) any later version.
|
# (at your option) any later version.
|
||||||
|
|
||||||
# See tmpfiles.d(5) for details
|
# See tmpfiles.d(5) for details.
|
||||||
|
|
||||||
# Make sure these are created by default so that nobody else can
|
# Make sure these are created by default so that nobody else can
|
||||||
# or empty them at startup
|
# or empty them at startup
|
||||||
|
|
Loading…
Reference in New Issue