Compare commits

..

16 Commits

Author SHA1 Message Date
Kevin P. Fleming 3b355677b8 RequireMountsFor in systemd-nspawn should wait for machine mount
This patch modifies the RequireMountsFor setting in systemd-nspawn@.service to wait for the machine instance directory to be mounted, not just /var/lib/machines.

Closes #14931
2020-03-02 19:37:51 +09:00
Yu Watanabe ed78041033
Merge pull request #14991 from yuwata/man-fix-typo
assorted tiny fixes
2020-03-02 19:30:22 +09:00
HATAYAMA Daisuke 27f31daf3e shared/logs-show: Remove unused OUTPUT_FOLLOW
As of the commit aae9a96d4b removing --follow
option in systemctl command, OUTPUT_FOLLOW has never been set anywhere. Let's
remove it.

The condition expression of the if-statement in show_journal() that refers to
OUTPUT_FOLLOW now thus evaluates always to true. Hence, the call of
sd_journal_wait() is in dead code, and the outer infinite for-loop is
meaningless, which we remove as cleanup.

There is no functional change by this commit.
2020-03-02 18:27:55 +09:00
Yu Watanabe ef62949a23 network: make Type=ether match based on iftype
This makes Type= can match the type shown in networkctl.

Closes #14952.
2020-03-02 08:52:18 +01:00
Yu Watanabe 834ea1a466 test-network: remove unnecessary dummy interface 2020-03-02 15:44:03 +09:00
Susant Sahani 2cd6510661 man: fix typo 2020-03-02 15:43:42 +09:00
Yu Watanabe ed87ce1d5d
Merge pull request #14990 from keszybz/nss-homed-fix
Fix for lookup of groups defined by homed
2020-03-02 15:18:13 +09:00
Guillaume Douézan-Grard f4665664c4 units: disable ProtectKernelLogs for machined
machined needs access to the host mount namespace to propagate bind
mounts created with the "machinectl bind" command. However, the
"ProtectKernelLogs" directive relies on mount namespaces to make the
kernel ring buffer inaccessible. This commit removes the
"ProtectKernelLogs=yes" directive from machined service file introduced
in 6168ae5.

Closes #14559.
2020-03-02 14:49:14 +09:00
Romain Naour 123aeae206
random-seed: add missing header for GRND_NONBLOCK (#14988)
GRND_NONBLOCK has been introduced with the 3.17 kernel version [1]
while adding getrandom(2) system call.

The header missing_random.h is needed for random-seed.c when building
with old toolchain, such Sourcery CodeBench ARM 2014.05 (kernel headers
3.13).

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/454255917

[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=c6e9d6f38894798696f23c8084ca7edbf16ee895
2020-03-02 14:48:21 +09:00
Piotr Drąg 8632e87689 po: update Polish translation 2020-03-02 14:45:42 +09:00
AsciiWolf 4347f0abe2 l10n: update Czech Translation 2020-03-02 14:44:55 +09:00
Yu Watanabe a7b74efd1c
Merge pull request #14983 from ssahani/dhcp-use-routes-14982
network: Allow to configure GW even if UseRoutes=false
2020-03-02 14:44:00 +09:00
Yu Watanabe 4c2e1833ec test-network: add a test case for [DHCPv4] UseRoutes=no 2020-03-02 01:28:27 +09:00
Susant Sahani ad098b14c5 network: Allow to configure GW even UseRoutes=false
When use UseRoutes=False so the DHCP request itself does not request
for Classless Static Routes option.
As a result, the DHCP server will only respond with a Router option.
In this case since we are using the UseRoutes=False option the gateway
that comes in via the router option does not get configured.
This patch fixes theis behaviour.
2020-03-02 01:28:27 +09:00
Zbigniew Jędrzejewski-Szmek 6f22d57235 userdb: fix lookup of groups defined by homed 2020-03-01 12:24:56 +01:00
Zbigniew Jędrzejewski-Szmek 3e93027b5b Fix two typos 2020-03-01 12:24:25 +01:00
25 changed files with 273 additions and 224 deletions

View File

@ -121,9 +121,9 @@
<varlistentry id='type'>
<term><varname>Type=</varname></term>
<listitem>
<para>A whitespace-separated list of shell-style globs matching the device type, as exposed by
the udev property <literal>DEVTYPE</literal>. If the list is prefixed with a "!", the test is
inverted.</para>
<para>A whitespace-separated list of shell-style globs matching the device type, as exposed by
<command>networkctl status</command>. If the list is prefixed with a "!", the test is inverted.
</para>
</listitem>
</varlistentry>

View File

@ -2519,7 +2519,7 @@
<varlistentry>
<term><varname>PacketLimit=</varname></term>
<listitem>
<para>Specifies the hard lmit on the queue size in number of packets. When this limit is reached, incoming packets are
<para>Specifies the hard limit on the queue size in number of packets. When this limit is reached, incoming packets are
dropped. An unsigned integer ranges 0 to 4294967294. Defaults to unset and kernel's default is used.</para>
</listitem>
</varlistentry>

View File

@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: systemd master\n"
"Report-Msgid-Bugs-To: https://github.com/systemd/systemd/issues\n"
"POT-Creation-Date: 2020-01-30 15:31+0000\n"
"PO-Revision-Date: 2020-02-03 16:18+0100\n"
"POT-Creation-Date: 2020-02-29 15:12+0000\n"
"PO-Revision-Date: 2020-03-01 13:58+0100\n"
"Last-Translator: Daniel Rusek <mail@asciiwolf.com>\n"
"Language-Team: Czech\n"
"Language: cs\n"
@ -17,7 +17,7 @@ msgstr ""
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=3; plural=(n==1 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 "
"|| n%100>=20) ? 1 : 2);\n"
"X-Generator: Poedit 2.2.4\n"
"X-Generator: Poedit 2.3\n"
#: src/core/org.freedesktop.systemd1.policy.in:22
msgid "Send passphrase back to system"
@ -115,7 +115,8 @@ msgid "Change password of a home area"
msgstr "Změnit heslo domovského adresáře"
#: src/home/org.freedesktop.home1.policy:64
msgid "Authentication is required to change the password of a user's home area."
msgid ""
"Authentication is required to change the password of a user's home area."
msgstr "Pro změnu hesla domovského adresáře uživatele je vyžadováno ověření."
#: src/hostname/org.freedesktop.hostname1.policy:20
@ -323,11 +324,10 @@ msgid "Flush device to seat attachments"
msgstr "Odstranit přiřazení zařízení ke stanovištím"
#: src/login/org.freedesktop.login1.policy:149
msgid ""
"Authentication is required to reset how devices are attached to seats."
msgid "Authentication is required to reset how devices are attached to seats."
msgstr ""
"Pro reset způsobu jak jsou zařízení přiřazována ke stanovištím je vyžadováno "
"ověření."
"Pro resetování způsobu jak jsou zařízení přiřazována ke stanovištím je "
"vyžadováno ověření."
#: src/login/org.freedesktop.login1.policy:158
msgid "Power off the system"
@ -355,8 +355,8 @@ msgstr "Vypnout systém, i když aplikace požádala o zákaz vypnutí"
#: src/login/org.freedesktop.login1.policy:181
msgid ""
"Authentication is required to power off the system while an application "
"is inhibiting this."
"Authentication is required to power off the system while an application is "
"inhibiting this."
msgstr ""
"Pro vypnutí systému, když aplikace požádala o zákaz vypnutí je vyžadováno "
"ověření."
@ -375,8 +375,8 @@ msgstr "Restartovat systém, i když jsou přihlášeni další uživatelé"
#: src/login/org.freedesktop.login1.policy:203
msgid ""
"Authentication is required to reboot the system while other users are "
"logged in."
"Authentication is required to reboot the system while other users are logged "
"in."
msgstr ""
"Pro restartování systému, když jsou přihlášeni další uživatelé je vyžadováno "
"ověření."
@ -387,8 +387,8 @@ msgstr "Restartovat systém, i když aplikace požádala o zákaz restartu"
#: src/login/org.freedesktop.login1.policy:214
msgid ""
"Authentication is required to reboot the system while an application "
"is inhibiting this."
"Authentication is required to reboot the system while an application is "
"inhibiting this."
msgstr ""
"Pro restartování systému, když aplikace požádala o zákaz restartu je "
"vyžadováno ověření."
@ -407,8 +407,8 @@ msgstr "Zastavit systém, i když jsou přihlášeni další uživatelé"
#: src/login/org.freedesktop.login1.policy:236
msgid ""
"Authentication is required to halt the system while other users are "
"logged in."
"Authentication is required to halt the system while other users are logged "
"in."
msgstr ""
"Pro zastavení systému, když jsou přihlášeni další uživatelé je vyžadováno "
"ověření."
@ -419,8 +419,8 @@ msgstr "Zastavit systém, i když aplikace požádala o zákaz zastavení"
#: src/login/org.freedesktop.login1.policy:247
msgid ""
"Authentication is required to halt the system while an application asked "
"to inhibit it."
"Authentication is required to halt the system while an application is "
"inhibiting this."
msgstr ""
"Pro zastavení systému, když aplikace požádala o zákaz zastavení je "
"vyžadováno ověření."
@ -451,8 +451,8 @@ msgstr "Uspat systém, i když aplikace požádala o zákaz uspání"
#: src/login/org.freedesktop.login1.policy:279
msgid ""
"Authentication is required to suspend the system while an application "
"is inhibiting this."
"Authentication is required to suspend the system while an application is "
"inhibiting this."
msgstr ""
"Pro uspání systému, když aplikace požádala o zákaz uspání je vyžadováno "
"ověření."
@ -483,8 +483,8 @@ msgstr "Hibernovat systém, i když aplikace požádala o zákaz hibernace"
#: src/login/org.freedesktop.login1.policy:311
msgid ""
"Authentication is required to hibernate the system while an application "
"is inhibiting this."
"Authentication is required to hibernate the system while an application is "
"inhibiting this."
msgstr ""
"Pro hibernaci systému, když aplikace požádala o zákaz hibernace je "
"vyžadováno ověření."
@ -494,8 +494,7 @@ msgid "Manage active sessions, users and seats"
msgstr "Spravovat aktivní sezení, uživatele a stanoviště"
#: src/login/org.freedesktop.login1.policy:322
msgid ""
"Authentication is required to manage active sessions, users and seats."
msgid "Authentication is required to manage active sessions, users and seats."
msgstr ""
"Pro správu aktivních sezení, uživatelů a stanovišť je vyžadováno ověření."
@ -854,43 +853,40 @@ msgid ""
"shall be enabled."
msgstr "Pro kontrolu synchronizace času ze sítě je vyžadováno ověření."
#: src/core/dbus-unit.c:355
#: src/core/dbus-unit.c:356
msgid "Authentication is required to start '$(unit)'."
msgstr "Pro spuštění „$(unit)” je vyžadováno ověření."
#: src/core/dbus-unit.c:356
#: src/core/dbus-unit.c:357
msgid "Authentication is required to stop '$(unit)'."
msgstr "Pro vypnutí „$(unit)” je vyžadováno ověření."
#: src/core/dbus-unit.c:357
#: src/core/dbus-unit.c:358
msgid "Authentication is required to reload '$(unit)'."
msgstr "Pro opětovné načtení „$(unit)” je vyžadováno ověření."
#: src/core/dbus-unit.c:358 src/core/dbus-unit.c:359
#: src/core/dbus-unit.c:359 src/core/dbus-unit.c:360
msgid "Authentication is required to restart '$(unit)'."
msgstr "Pro restart „$(unit)” je vyžadováno ověření."
#: src/core/dbus-unit.c:531
#: src/core/dbus-unit.c:532
msgid ""
"Authentication is required to send a UNIX signal to the processes of "
"'$(unit)'."
msgstr "Pro odeslání UNIX signálu procesům „$(unit)” je vyžadováno ověření."
#: src/core/dbus-unit.c:562
#: src/core/dbus-unit.c:563
msgid "Authentication is required to reset the \"failed\" state of '$(unit)'."
msgstr "Pro resetování chybného stavu „$(unit)” je vyžadováno ověření."
#: src/core/dbus-unit.c:595
#: src/core/dbus-unit.c:596
msgid "Authentication is required to set properties on '$(unit)'."
msgstr "Pro nastavení vlastností na „$(unit)” je vyžadováno ověření."
#: src/core/dbus-unit.c:704
#: src/core/dbus-unit.c:705
msgid ""
"Authentication is required to delete files and directories associated with "
"'$(unit)'."
msgstr ""
"Pro odstranění souborů nebo adresářů souvisejících s „$(unit)” je vyžadováno "
"ověření."
#~ msgid "Authentication is required to kill '$(unit)'."
#~ msgstr "Pro ukončení „$(unit)” je vyžadováno ověření."

View File

@ -6,8 +6,8 @@ msgid ""
msgstr ""
"Project-Id-Version: systemd\n"
"Report-Msgid-Bugs-To: https://github.com/systemd/systemd/issues\n"
"POT-Creation-Date: 2020-01-30 15:31+0000\n"
"PO-Revision-Date: 2020-02-02 13:20+0100\n"
"POT-Creation-Date: 2020-02-29 15:12+0000\n"
"PO-Revision-Date: 2020-03-01 14:45+0100\n"
"Last-Translator: Piotr Drąg <piotrdrag@gmail.com>\n"
"Language-Team: Polish <trans-pl@lists.fedoraproject.org>\n"
"Language: pl\n"
@ -84,7 +84,8 @@ msgstr "Usunięcie przestrzeni domowej"
#: src/home/org.freedesktop.home1.policy:24
msgid "Authentication is required to remove a user's home area."
msgstr "Wymagane jest uwierzytelnienie, aby usunąć przestrzeń domową użytkownika."
msgstr ""
"Wymagane jest uwierzytelnienie, aby usunąć przestrzeń domową użytkownika."
#: src/home/org.freedesktop.home1.policy:33
msgid "Check credentials of a home area"
@ -104,7 +105,8 @@ msgstr "Aktualizacja przestrzeni domowej"
#: src/home/org.freedesktop.home1.policy:44
msgid "Authentication is required to update a user's home area."
msgstr ""
"Wymagane jest uwierzytelnienie, aby zaktualizować przestrzeń domową użytkownika."
"Wymagane jest uwierzytelnienie, aby zaktualizować przestrzeń domową "
"użytkownika."
#: src/home/org.freedesktop.home1.policy:53
msgid "Resize a home area"
@ -121,7 +123,8 @@ msgid "Change password of a home area"
msgstr "Zmiana hasła przestrzeni domowej"
#: src/home/org.freedesktop.home1.policy:64
msgid "Authentication is required to change the password of a user's home area."
msgid ""
"Authentication is required to change the password of a user's home area."
msgstr ""
"Wymagane jest uwierzytelnienie, aby zmienić hasło przestrzeni domowej "
"użytkownika."
@ -339,8 +342,7 @@ msgid "Flush device to seat attachments"
msgstr "Usunięcie podłączenia urządzeń do stanowisk"
#: src/login/org.freedesktop.login1.policy:149
msgid ""
"Authentication is required to reset how devices are attached to seats."
msgid "Authentication is required to reset how devices are attached to seats."
msgstr ""
"Wymagane jest uwierzytelnienie, aby ponownie ustawić sposób podłączenia "
"urządzeń do stanowisk."
@ -371,10 +373,11 @@ msgstr "Wyłączenie systemu, kiedy program je wstrzymuje"
#: src/login/org.freedesktop.login1.policy:181
msgid ""
"Authentication is required to power off the system while an application "
"is inhibiting this."
"Authentication is required to power off the system while an application is "
"inhibiting this."
msgstr ""
"Wymagane jest uwierzytelnienie, aby wyłączyć system, kiedy program to wstrzymuje."
"Wymagane jest uwierzytelnienie, aby wyłączyć system, kiedy program to "
"wstrzymuje."
#: src/login/org.freedesktop.login1.policy:191
msgid "Reboot the system"
@ -390,8 +393,8 @@ msgstr "Ponowne uruchomienie systemu, kiedy są zalogowani inni użytkownicy"
#: src/login/org.freedesktop.login1.policy:203
msgid ""
"Authentication is required to reboot the system while other users are "
"logged in."
"Authentication is required to reboot the system while other users are logged "
"in."
msgstr ""
"Wymagane jest uwierzytelnienie, aby ponownie uruchomić system, kiedy są "
"zalogowani inni użytkownicy."
@ -402,8 +405,8 @@ msgstr "Ponowne uruchomienie systemu, kiedy program je wstrzymuje"
#: src/login/org.freedesktop.login1.policy:214
msgid ""
"Authentication is required to reboot the system while an application "
"is inhibiting this."
"Authentication is required to reboot the system while an application is "
"inhibiting this."
msgstr ""
"Wymagane jest uwierzytelnienie, aby ponownie uruchomić system, kiedy program "
"to wstrzymuje."
@ -422,8 +425,8 @@ msgstr "Zatrzymanie systemu, kiedy są zalogowani inni użytkownicy"
#: src/login/org.freedesktop.login1.policy:236
msgid ""
"Authentication is required to halt the system while other users are "
"logged in."
"Authentication is required to halt the system while other users are logged "
"in."
msgstr ""
"Wymagane jest uwierzytelnienie, aby zatrzymać system, kiedy są zalogowani "
"inni użytkownicy."
@ -434,11 +437,11 @@ msgstr "Zatrzymanie systemu, kiedy program je wstrzymuje"
#: src/login/org.freedesktop.login1.policy:247
msgid ""
"Authentication is required to halt the system while an application asked "
"to inhibit it."
"Authentication is required to halt the system while an application is "
"inhibiting this."
msgstr ""
"Wymagane jest uwierzytelnienie, aby zatrzymać system, kiedy program zażądał "
"jego wstrzymania."
"Wymagane jest uwierzytelnienie, aby zatrzymać system, kiedy program to "
"wstrzymuje."
#: src/login/org.freedesktop.login1.policy:257
msgid "Suspend the system"
@ -466,10 +469,11 @@ msgstr "Uśpienie systemu, kiedy program je wstrzymuje"
#: src/login/org.freedesktop.login1.policy:279
msgid ""
"Authentication is required to suspend the system while an application "
"is inhibiting this."
"Authentication is required to suspend the system while an application is "
"inhibiting this."
msgstr ""
"Wymagane jest uwierzytelnienie, aby uśpić system, kiedy program to wstrzymuje."
"Wymagane jest uwierzytelnienie, aby uśpić system, kiedy program to "
"wstrzymuje."
#: src/login/org.freedesktop.login1.policy:289
msgid "Hibernate the system"
@ -497,19 +501,18 @@ msgstr "Hibernacja systemu, kiedy program ją wstrzymuje"
#: src/login/org.freedesktop.login1.policy:311
msgid ""
"Authentication is required to hibernate the system while an application "
"is inhibiting this."
"Authentication is required to hibernate the system while an application is "
"inhibiting this."
msgstr ""
"Wymagane jest uwierzytelnienie, aby zahibernować system, kiedy program "
"to wstrzymuje."
"Wymagane jest uwierzytelnienie, aby zahibernować system, kiedy program to "
"wstrzymuje."
#: src/login/org.freedesktop.login1.policy:321
msgid "Manage active sessions, users and seats"
msgstr "Zarządzanie aktywnymi sesjami, użytkownikami i stanowiskami"
#: src/login/org.freedesktop.login1.policy:322
msgid ""
"Authentication is required to manage active sessions, users and seats."
msgid "Authentication is required to manage active sessions, users and seats."
msgstr ""
"Wymagane jest uwierzytelnienie, aby zarządzać aktywnymi sesjami, "
"użytkownikami i stanowiskami."
@ -893,25 +896,25 @@ msgstr ""
"Wymagane jest uwierzytelnienie, aby kontrolować, czy włączyć synchronizację "
"czasu przez sieć."
#: src/core/dbus-unit.c:355
#: src/core/dbus-unit.c:356
msgid "Authentication is required to start '$(unit)'."
msgstr "Wymagane jest uwierzytelnienie, aby uruchomić jednostkę „$(unit)”."
#: src/core/dbus-unit.c:356
#: src/core/dbus-unit.c:357
msgid "Authentication is required to stop '$(unit)'."
msgstr "Wymagane jest uwierzytelnienie, aby zatrzymać jednostkę „$(unit)”."
#: src/core/dbus-unit.c:357
#: src/core/dbus-unit.c:358
msgid "Authentication is required to reload '$(unit)'."
msgstr ""
"Wymagane jest uwierzytelnienie, aby ponownie wczytać jednostkę „$(unit)”."
#: src/core/dbus-unit.c:358 src/core/dbus-unit.c:359
#: src/core/dbus-unit.c:359 src/core/dbus-unit.c:360
msgid "Authentication is required to restart '$(unit)'."
msgstr ""
"Wymagane jest uwierzytelnienie, aby ponownie uruchomić jednostkę „$(unit)”."
#: src/core/dbus-unit.c:531
#: src/core/dbus-unit.c:532
msgid ""
"Authentication is required to send a UNIX signal to the processes of "
"'$(unit)'."
@ -919,18 +922,18 @@ msgstr ""
"Wymagane jest uwierzytelnienie, aby wysłać sygnał uniksowy do procesów "
"jednostki „$(unit)”."
#: src/core/dbus-unit.c:562
#: src/core/dbus-unit.c:563
msgid "Authentication is required to reset the \"failed\" state of '$(unit)'."
msgstr ""
"Wymagane jest uwierzytelnienie, aby przywrócić stan „failed” (niepowodzenia) "
"jednostki „$(unit)”."
#: src/core/dbus-unit.c:595
#: src/core/dbus-unit.c:596
msgid "Authentication is required to set properties on '$(unit)'."
msgstr ""
"Wymagane jest uwierzytelnienie, aby ustawić właściwości jednostki „$(unit)”."
#: src/core/dbus-unit.c:704
#: src/core/dbus-unit.c:705
msgid ""
"Authentication is required to delete files and directories associated with "
"'$(unit)'."

View File

@ -12,7 +12,7 @@
bool suitable_user_name(const char *name) {
/* Checks whether the specified name is suitable for management via home aread. Note that client-side
/* Checks whether the specified name is suitable for management via homed. Note that client-side
* we usually validate with the simple valid_user_group_name(), while server-side we are a bit more
* restrictive, so that we can change the rules server-side without having to update things
* client-side too. */

View File

@ -8,6 +8,7 @@
#include "sd-ndisc.h"
#include "alloc-util.h"
#include "arphrd-list.h"
#include "condition.h"
#include "conf-parser.h"
#include "device-util.h"
@ -166,6 +167,27 @@ static const char *const wifi_iftype_table[NL80211_IFTYPE_MAX+1] = {
DEFINE_PRIVATE_STRING_TABLE_LOOKUP_TO_STRING(wifi_iftype, enum nl80211_iftype);
char *link_get_type_string(unsigned short iftype, sd_device *device) {
const char *t, *devtype;
char *p;
if (device &&
sd_device_get_devtype(device, &devtype) >= 0 &&
!isempty(devtype))
return strdup(devtype);
t = arphrd_to_name(iftype);
if (!t)
return NULL;
p = strdup(t);
if (!p)
return NULL;
ascii_strlower(p);
return p;
}
bool net_match_config(Set *match_mac,
Set *match_permanent_mac,
char * const *match_paths,
@ -176,6 +198,7 @@ bool net_match_config(Set *match_mac,
char * const *match_wifi_iftype,
char * const *match_ssid,
Set *match_bssid,
unsigned short iftype,
sd_device *device,
const struct ether_addr *dev_mac,
const struct ether_addr *dev_permanent_mac,
@ -185,13 +208,14 @@ bool net_match_config(Set *match_mac,
const char *ssid,
const struct ether_addr *bssid) {
const char *dev_path = NULL, *dev_driver = NULL, *dev_type = NULL, *mac_str;
const char *dev_path = NULL, *dev_driver = NULL, *mac_str;
_cleanup_free_ char *dev_type;
dev_type = link_get_type_string(iftype, device);
if (device) {
(void) sd_device_get_property_value(device, "ID_PATH", &dev_path);
(void) sd_device_get_property_value(device, "ID_NET_DRIVER", &dev_driver);
(void) sd_device_get_devtype(device, &dev_type);
if (!dev_name)
(void) sd_device_get_sysname(device, &dev_name);
if (!dev_mac &&

View File

@ -15,6 +15,7 @@
#define LINK_BRIDGE_PORT_PRIORITY_INVALID 128
#define LINK_BRIDGE_PORT_PRIORITY_MAX 63
char *link_get_type_string(unsigned short iftype, sd_device *device);
bool net_match_config(Set *match_mac,
Set *match_permanent_mac,
char * const *match_path,
@ -25,6 +26,7 @@ bool net_match_config(Set *match_mac,
char * const *match_wifi_iftype,
char * const *match_ssid,
Set *match_bssid,
unsigned short iftype,
sd_device *device,
const struct ether_addr *dev_mac,
const struct ether_addr *dev_permanent_mac,

View File

@ -203,6 +203,29 @@ int rtnl_resolve_link_alternative_name(sd_netlink **rtnl, const char *name) {
return ret;
}
int rtnl_get_link_iftype(sd_netlink **rtnl, int ifindex, unsigned short *ret) {
_cleanup_(sd_netlink_message_unrefp) sd_netlink_message *message = NULL, *reply = NULL;
int r;
if (!*rtnl) {
r = sd_netlink_open(rtnl);
if (r < 0)
return r;
}
r = sd_rtnl_message_new_link(*rtnl, &message, RTM_GETLINK, ifindex);
if (r < 0)
return r;
r = sd_netlink_call(*rtnl, message, 0, &reply);
if (r == -EINVAL)
return -ENODEV; /* The device does not exist */
if (r < 0)
return r;
return sd_rtnl_message_link_get_type(reply, ret);
}
int rtnl_message_new_synthetic_error(sd_netlink *rtnl, int error, uint32_t serial, sd_netlink_message **ret) {
struct nlmsgerr *err;
int r;

View File

@ -52,6 +52,7 @@ int rtnl_set_link_properties(sd_netlink **rtnl, int ifindex, const char *alias,
int rtnl_set_link_alternative_names(sd_netlink **rtnl, int ifindex, char * const *alternative_names);
int rtnl_set_link_alternative_names_by_ifname(sd_netlink **rtnl, const char *ifname, char * const *alternative_names);
int rtnl_resolve_link_alternative_name(sd_netlink **rtnl, const char *name);
int rtnl_get_link_iftype(sd_netlink **rtnl, int ifindex, unsigned short *ret);
int rtnl_log_parse_error(int r);
int rtnl_log_create_error(int r);

View File

@ -16,7 +16,6 @@
#include "sd-network.h"
#include "alloc-util.h"
#include "arphrd-list.h"
#include "bus-common-errors.h"
#include "bus-error.h"
#include "bus-util.h"
@ -35,6 +34,7 @@
#include "macro.h"
#include "main-func.h"
#include "netlink-util.h"
#include "network-internal.h"
#include "pager.h"
#include "parse-util.h"
#include "pretty-print.h"
@ -66,27 +66,6 @@ static bool arg_stats = false;
static bool arg_full = false;
static unsigned arg_lines = 10;
static char *link_get_type_string(unsigned short iftype, sd_device *d) {
const char *t, *devtype;
char *p;
if (d &&
sd_device_get_devtype(d, &devtype) >= 0 &&
!isempty(devtype))
return strdup(devtype);
t = arphrd_to_name(iftype);
if (!t)
return NULL;
p = strdup(t);
if (!p)
return NULL;
ascii_strlower(p);
return p;
}
static void operational_state_to_color(const char *name, const char *state, const char **on, const char **off) {
assert(on);
assert(off);

View File

@ -240,9 +240,6 @@ static int link_set_dhcp_routes(Link *link) {
if (!link->network) /* link went down while we configured the IP addresses? */
return 0;
if (!link->network->dhcp_use_routes)
return 0;
if (!link_has_carrier(link) && !link->network->configure_without_carrier)
/* During configuring addresses, the link lost its carrier. As networkd is dropping
* the addresses now, let's not configure the routes either. */
@ -290,37 +287,39 @@ static int link_set_dhcp_routes(Link *link) {
}
}
for (i = 0; i < n; i++) {
_cleanup_(route_freep) Route *route = NULL;
if (link->network->dhcp_use_routes) {
for (i = 0; i < n; i++) {
_cleanup_(route_freep) Route *route = NULL;
/* if the DHCP server returns both a Classless Static Routes option and a Static Routes option,
the DHCP client MUST ignore the Static Routes option. */
if (classless_route &&
sd_dhcp_route_get_option(static_routes[i]) != SD_DHCP_OPTION_CLASSLESS_STATIC_ROUTE)
continue;
/* if the DHCP server returns both a Classless Static Routes option and a Static Routes option,
the DHCP client MUST ignore the Static Routes option. */
if (classless_route &&
sd_dhcp_route_get_option(static_routes[i]) != SD_DHCP_OPTION_CLASSLESS_STATIC_ROUTE)
continue;
r = route_new(&route);
if (r < 0)
return log_link_error_errno(link, r, "Could not allocate route: %m");
r = route_new(&route);
if (r < 0)
return log_link_error_errno(link, r, "Could not allocate route: %m");
route->family = AF_INET;
route->protocol = RTPROT_DHCP;
assert_se(sd_dhcp_route_get_gateway(static_routes[i], &route->gw.in) >= 0);
assert_se(sd_dhcp_route_get_destination(static_routes[i], &route->dst.in) >= 0);
assert_se(sd_dhcp_route_get_destination_prefix_length(static_routes[i], &route->dst_prefixlen) >= 0);
route->priority = link->network->dhcp_route_metric;
route->table = table;
route->mtu = link->network->dhcp_route_mtu;
route->scope = route_scope_from_address(route, &address);
if (IN_SET(route->scope, RT_SCOPE_LINK, RT_SCOPE_UNIVERSE))
route->prefsrc.in = address;
route->family = AF_INET;
route->protocol = RTPROT_DHCP;
assert_se(sd_dhcp_route_get_gateway(static_routes[i], &route->gw.in) >= 0);
assert_se(sd_dhcp_route_get_destination(static_routes[i], &route->dst.in) >= 0);
assert_se(sd_dhcp_route_get_destination_prefix_length(static_routes[i], &route->dst_prefixlen) >= 0);
route->priority = link->network->dhcp_route_metric;
route->table = table;
route->mtu = link->network->dhcp_route_mtu;
route->scope = route_scope_from_address(route, &address);
if (IN_SET(route->scope, RT_SCOPE_LINK, RT_SCOPE_UNIVERSE))
route->prefsrc.in = address;
if (set_contains(link->dhcp_routes, route))
continue;
if (set_contains(link->dhcp_routes, route))
continue;
r = dhcp_route_configure(&route, link);
if (r < 0)
return log_link_error_errno(link, r, "Could not set route: %m");
r = dhcp_route_configure(&route, link);
if (r < 0)
return log_link_error_errno(link, r, "Could not set route: %m");
}
}
r = sd_dhcp_lease_get_router(link->dhcp_lease, &router);

View File

@ -3041,7 +3041,7 @@ static int link_reconfigure_internal(Link *link, sd_netlink_message *m, bool for
strv_free_and_replace(link->alternative_names, s);
}
r = network_get(link->manager, link->sd_device, link->ifname, link->alternative_names,
r = network_get(link->manager, link->iftype, link->sd_device, link->ifname, link->alternative_names,
&link->mac, &link->permanent_mac, link->wlan_iftype, link->ssid, &link->bssid, &network);
if (r == -ENOENT) {
link_enter_unmanaged(link);
@ -3177,7 +3177,7 @@ static int link_initialized_and_synced(Link *link) {
if (r < 0)
return r;
r = network_get(link->manager, link->sd_device, link->ifname, link->alternative_names,
r = network_get(link->manager, link->iftype, link->sd_device, link->ifname, link->alternative_names,
&link->mac, &link->permanent_mac, link->wlan_iftype, link->ssid, &link->bssid, &network);
if (r == -ENOENT) {
link_enter_unmanaged(link);

View File

@ -730,7 +730,7 @@ int network_get_by_name(Manager *manager, const char *name, Network **ret) {
return 0;
}
int network_get(Manager *manager, sd_device *device,
int network_get(Manager *manager, unsigned short iftype, sd_device *device,
const char *ifname, char * const *alternative_names,
const struct ether_addr *address, const struct ether_addr *permanent_address,
enum nl80211_iftype wlan_iftype, const char *ssid, const struct ether_addr *bssid,
@ -746,7 +746,7 @@ int network_get(Manager *manager, sd_device *device,
network->match_path, network->match_driver,
network->match_type, network->match_name, network->match_property,
network->match_wlan_iftype, network->match_ssid, network->match_bssid,
device, address, permanent_address,
iftype, device, address, permanent_address,
ifname, alternative_names, wlan_iftype, ssid, bssid)) {
if (network->match_name && device) {
const char *attr;

View File

@ -303,7 +303,7 @@ int network_load_one(Manager *manager, OrderedHashmap **networks, const char *fi
int network_verify(Network *network);
int network_get_by_name(Manager *manager, const char *name, Network **ret);
int network_get(Manager *manager, sd_device *device, const char *ifname, char * const *alternative_names,
int network_get(Manager *manager, unsigned short iftype, sd_device *device, const char *ifname, char * const *alternative_names,
const struct ether_addr *mac, const struct ether_addr *permanent_mac,
enum nl80211_iftype wlan_iftype, const char *ssid,
const struct ether_addr *bssid, Network **ret);

View File

@ -126,7 +126,7 @@ static void test_network_get(Manager *manager, sd_device *loopback) {
/* Let's hope that the test machine does not have a .network file that applies to loopback device…
* But it is still possible, so let's allow that case too. */
r = network_get(manager, loopback, "lo", NULL, &mac, &mac, 0, NULL, NULL, &network);
r = network_get(manager, 0, loopback, "lo", NULL, &mac, &mac, 0, NULL, NULL, &network);
if (r == -ENOENT)
/* The expected case */
assert_se(!network);

View File

@ -195,7 +195,7 @@ enum nss_status _nss_systemd_getgrnam_r(
if (!valid_user_group_name(name))
return NSS_STATUS_NOTFOUND;
/* Synthesize records for root and nobody, in case they are missing form /etc/group */
/* Synthesize records for root and nobody, in case they are missing from /etc/group */
if (getenv_bool_secure("SYSTEMD_NSS_BYPASS_SYNTHETIC") <= 0) {
if (streq(name, root_group.gr_name)) {

View File

@ -290,7 +290,7 @@ enum nss_status userdb_getgrgid(
*errnop = -r;
return NSS_STATUS_UNAVAIL;
}
if (r)
if (!r)
return NSS_STATUS_NOTFOUND;
r = groupdb_by_gid(gid, nss_glue_userdb_flags(), &g);

View File

@ -19,6 +19,7 @@
#include "io-util.h"
#include "log.h"
#include "main-func.h"
#include "missing_random.h"
#include "missing_syscall.h"
#include "mkdir.h"
#include "parse-util.h"

View File

@ -1181,85 +1181,74 @@ int show_journal(
}
for (;;) {
for (;;) {
usec_t usec;
usec_t usec;
if (need_seek) {
r = sd_journal_next(j);
if (r < 0)
return log_error_errno(r, "Failed to iterate through journal: %m");
}
if (r == 0)
break;
need_seek = true;
if (not_before > 0) {
r = sd_journal_get_monotonic_usec(j, &usec, NULL);
/* -ESTALE is returned if the
timestamp is not from this boot */
if (r == -ESTALE)
continue;
else if (r < 0)
return log_error_errno(r, "Failed to get journal time: %m");
if (usec < not_before)
continue;
}
line++;
maybe_print_begin_newline(f, &flags);
r = show_journal_entry(f, j, mode, n_columns, flags, NULL, NULL, ellipsized);
if (need_seek) {
r = sd_journal_next(j);
if (r < 0)
return r;
return log_error_errno(r, "Failed to iterate through journal: %m");
}
if (warn_cutoff && line < how_many && not_before > 0) {
sd_id128_t boot_id;
usec_t cutoff = 0;
/* Check whether the cutoff line is too early */
r = sd_id128_get_boot(&boot_id);
if (r < 0)
return log_error_errno(r, "Failed to get boot id: %m");
r = sd_journal_get_cutoff_monotonic_usec(j, boot_id, &cutoff, NULL);
if (r < 0)
return log_error_errno(r, "Failed to get journal cutoff time: %m");
if (r > 0 && not_before < cutoff) {
maybe_print_begin_newline(f, &flags);
/* If we logged *something* and no permission error happened, than we can
* reliably emit the warning about rotation. If we didn't log anything and
* access errors happened, emit hint about permissions. Otherwise, give a
* generic message, since we can't diagnose the issue. */
bool noaccess = journal_access_blocked(j);
if (line == 0 && noaccess)
fprintf(f, "Warning: some journal files were not opened due to insufficient permissions.");
else if (!noaccess)
fprintf(f, "Warning: journal has been rotated since unit was started, output may be incomplete.\n");
else
fprintf(f, "Warning: journal has been rotated since unit was started and some journal "
"files were not opened due to insufficient permissions, output may be incomplete.\n");
}
warn_cutoff = false;
}
if (!(flags & OUTPUT_FOLLOW))
if (r == 0)
break;
r = sd_journal_wait(j, USEC_INFINITY);
if (r < 0)
return log_error_errno(r, "Failed to wait for journal: %m");
need_seek = true;
if (not_before > 0) {
r = sd_journal_get_monotonic_usec(j, &usec, NULL);
/* -ESTALE is returned if the timestamp is not from this boot */
if (r == -ESTALE)
continue;
else if (r < 0)
return log_error_errno(r, "Failed to get journal time: %m");
if (usec < not_before)
continue;
}
line++;
maybe_print_begin_newline(f, &flags);
r = show_journal_entry(f, j, mode, n_columns, flags, NULL, NULL, ellipsized);
if (r < 0)
return r;
}
if (warn_cutoff && line < how_many && not_before > 0) {
sd_id128_t boot_id;
usec_t cutoff = 0;
/* Check whether the cutoff line is too early */
r = sd_id128_get_boot(&boot_id);
if (r < 0)
return log_error_errno(r, "Failed to get boot id: %m");
r = sd_journal_get_cutoff_monotonic_usec(j, boot_id, &cutoff, NULL);
if (r < 0)
return log_error_errno(r, "Failed to get journal cutoff time: %m");
if (r > 0 && not_before < cutoff) {
maybe_print_begin_newline(f, &flags);
/* If we logged *something* and no permission error happened, than we can reliably
* emit the warning about rotation. If we didn't log anything and access errors
* happened, emit hint about permissions. Otherwise, give a generic message, since we
* can't diagnose the issue. */
bool noaccess = journal_access_blocked(j);
if (line == 0 && noaccess)
fprintf(f, "Warning: some journal files were not opened due to insufficient permissions.");
else if (!noaccess)
fprintf(f, "Warning: journal has been rotated since unit was started, output may be incomplete.\n");
else
fprintf(f, "Warning: journal has been rotated since unit was started and some journal "
"files were not opened due to insufficient permissions, output may be incomplete.\n");
}
warn_cutoff = false;
}
return 0;

View File

@ -33,15 +33,14 @@ static inline bool OUTPUT_MODE_IS_JSON(OutputMode m) {
typedef enum OutputFlags {
OUTPUT_SHOW_ALL = 1 << 0,
OUTPUT_FOLLOW = 1 << 1,
OUTPUT_WARN_CUTOFF = 1 << 2,
OUTPUT_FULL_WIDTH = 1 << 3,
OUTPUT_COLOR = 1 << 4,
OUTPUT_CATALOG = 1 << 5,
OUTPUT_BEGIN_NEWLINE = 1 << 6,
OUTPUT_UTC = 1 << 7,
OUTPUT_KERNEL_THREADS = 1 << 8,
OUTPUT_NO_HOSTNAME = 1 << 9,
OUTPUT_WARN_CUTOFF = 1 << 1,
OUTPUT_FULL_WIDTH = 1 << 2,
OUTPUT_COLOR = 1 << 3,
OUTPUT_CATALOG = 1 << 4,
OUTPUT_BEGIN_NEWLINE = 1 << 5,
OUTPUT_UTC = 1 << 6,
OUTPUT_KERNEL_THREADS = 1 << 7,
OUTPUT_NO_HOSTNAME = 1 << 8,
} OutputFlags;
JsonFormatFlags output_mode_to_json_format_flags(OutputMode m);

View File

@ -236,9 +236,10 @@ bool link_config_should_reload(link_config_ctx *ctx) {
int link_config_get(link_config_ctx *ctx, sd_device *device, link_config **ret) {
struct ether_addr permanent_mac = {};
unsigned short iftype = 0;
link_config *link;
const char *name;
int r;
int ifindex, r;
assert(ctx);
assert(device);
@ -248,6 +249,14 @@ int link_config_get(link_config_ctx *ctx, sd_device *device, link_config **ret)
if (r < 0)
return r;
r = sd_device_get_ifindex(device, &ifindex);
if (r < 0)
return r;
r = rtnl_get_link_iftype(&ctx->rtnl, ifindex, &iftype);
if (r < 0)
return r;
r = ethtool_get_permanent_macaddr(&ctx->ethtool_fd, name, &permanent_mac);
if (r < 0)
log_device_debug_errno(device, r, "Failed to get permanent MAC address, ignoring: %m");
@ -255,7 +264,7 @@ int link_config_get(link_config_ctx *ctx, sd_device *device, link_config **ret)
LIST_FOREACH(links, link, ctx->links) {
if (net_match_config(link->match_mac, link->match_permanent_mac, link->match_path, link->match_driver,
link->match_type, link->match_name, link->match_property, NULL, NULL, NULL,
device, NULL, &permanent_mac, NULL, NULL, 0, NULL, NULL)) {
iftype, device, NULL, &permanent_mac, NULL, NULL, 0, NULL, NULL)) {
if (link->match_name && !strv_contains(link->match_name, "*")) {
unsigned name_assign_type = NET_NAME_UNKNOWN;

View File

@ -0,0 +1,9 @@
[Match]
Name=veth99
[Network]
DHCP=ipv4
IPv6AcceptRA=false
[DHCPv4]
UseRoutes=no

View File

@ -149,6 +149,7 @@ def expectedFailureIfAlternativeNameIsNotAvailable():
def f(func):
call('ip link add dummy98 type dummy', stderr=subprocess.DEVNULL)
rc = call('ip link prop add dev dummy98 altname hogehogehogehogehoge', stderr=subprocess.DEVNULL)
call('ip link del dummy98', stderr=subprocess.DEVNULL)
if rc == 0:
return func
else:
@ -2825,6 +2826,7 @@ class NetworkdDHCPClientTests(unittest.TestCase, Utilities):
'dhcp-client-ipv4-dhcp-settings.network',
'dhcp-client-ipv4-only-ipv6-disabled.network',
'dhcp-client-ipv4-only.network',
'dhcp-client-ipv4-use-routes-no.network',
'dhcp-client-ipv6-only.network',
'dhcp-client-ipv6-rapid-commit.network',
'dhcp-client-keep-configuration-dhcp-on-stop.network',
@ -2929,6 +2931,20 @@ class NetworkdDHCPClientTests(unittest.TestCase, Utilities):
self.assertRegex(output, r'192.168.5.7 proto dhcp scope link src 192.168.5.181 metric 1024')
self.assertRegex(output, r'192.168.5.8 proto dhcp scope link src 192.168.5.181 metric 1024')
def test_dhcp_client_ipv4_use_routes_no(self):
copy_unit_to_networkd_unit_path('25-veth.netdev', 'dhcp-server-veth-peer.network', 'dhcp-client-ipv4-use-routes-no.network')
start_networkd()
self.wait_online(['veth-peer:carrier'])
start_dnsmasq(additional_options='--dhcp-option=option:dns-server,192.168.5.6,192.168.5.7', lease_time='2m')
self.wait_online(['veth99:routable', 'veth-peer:routable'])
output = check_output('ip route show dev veth99')
print(output)
self.assertNotRegex(output, r'192.168.5.5')
self.assertRegex(output, r'default via 192.168.5.1 proto dhcp src 192.168.5.181 metric 1024')
self.assertRegex(output, r'192.168.5.1 proto dhcp scope link src 192.168.5.181 metric 1024')
def test_dhcp_client_ipv4_ipv6(self):
copy_unit_to_networkd_unit_path('25-veth.netdev', 'dhcp-server-veth-peer.network', 'dhcp-client-ipv6-only.network',
'dhcp-client-ipv4-only.network')

View File

@ -24,7 +24,6 @@ LockPersonality=yes
MemoryDenyWriteExecute=yes
NoNewPrivileges=yes
ProtectHostname=yes
ProtectKernelLogs=yes
RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6
RestrictRealtime=yes
SystemCallArchitectures=native

View File

@ -14,7 +14,7 @@ Wants=modprobe@tun.service modprobe@loop.service modprobe@dm-mod.service
PartOf=machines.target
Before=machines.target
After=network.target systemd-resolved.service modprobe@tun.service modprobe@loop.service modprobe@dm-mod.service
RequiresMountsFor=/var/lib/machines
RequiresMountsFor=/var/lib/machines/%i
[Service]
# Make sure the DeviceAllow= lines below can properly resolve the 'block-loop' expression (and others)