Compare commits
17 Commits
f74067dfbd
...
eecf4f7e04
| Author | SHA1 | Date |
|---|---|---|
Zbigniew Jędrzejewski-Szmek
|
eecf4f7e04 | |
|
Luca Boccassi
|
c03fbd37d6 | |
|
Zbigniew Jędrzejewski-Szmek
|
9df91db5e0 | |
|
Frantisek Sumsal
|
80b44b38b5 | |
|
Balaji Punnuru
|
f6f4f5fe53 | |
|
Lennart Poettering
|
df3d3bdfe8 | |
|
Daan De Meyer
|
42f5c9a335 | |
|
Daan De Meyer
|
e5f1a3faab | |
|
Zbigniew Jędrzejewski-Szmek
|
2807b68019 | |
|
Zbigniew Jędrzejewski-Szmek
|
a00f28c554 | |
|
Dan Streetman
|
06c2b0c76b | |
|
Frantisek Sumsal
|
86b52a3958 | |
|
Frantisek Sumsal
|
e4ff03935c | |
|
Dan Streetman
|
244490f5e0 | |
|
Dan Streetman
|
7c0d36ff5f | |
|
Dan Streetman
|
589397a277 | |
|
Luca Boccassi
|
c5bc2c01ee |
6
NEWS
6
NEWS
|
|
@ -995,7 +995,7 @@ CHANGES WITH 243:
|
|||
space if there are multiple devices with the highest priority.
|
||||
|
||||
* /etc/crypttab support has learnt a new keyfile-timeout= per-device
|
||||
option that permits selecting the timout how long to wait for a
|
||||
option that permits selecting the timeout how long to wait for a
|
||||
device with an encryption key before asking for the password.
|
||||
|
||||
* IOWeight= has learnt to properly set the IO weight when using the
|
||||
|
|
@ -3520,7 +3520,7 @@ CHANGES WITH 233:
|
|||
that is removed when the container dies. Specifically, if the source
|
||||
directory is specified as empty string this mechanism is selected. An
|
||||
example usage is --overlay=+/var::/var, which creates an overlay
|
||||
mount based on the original /var contained in the image, overlayed
|
||||
mount based on the original /var contained in the image, overlaid
|
||||
with a temporary directory in the host's /var/tmp. This way changes
|
||||
to /var are automatically flushed when the container shuts down.
|
||||
|
||||
|
|
@ -6507,7 +6507,7 @@ CHANGES WITH 217:
|
|||
* Calendar time specifications in .timer units now also
|
||||
understand the strings "semi-annually", "quarterly" and
|
||||
"minutely" as shortcuts (in addition to the preexisting
|
||||
"anually", "hourly", ...).
|
||||
"annually", "hourly", ...).
|
||||
|
||||
* systemd-tmpfiles will now correctly create files in /dev
|
||||
at boot which are marked for creation only at boot. It is
|
||||
|
|
|
|||
10
TODO
10
TODO
|
|
@ -43,7 +43,7 @@ Features:
|
|||
* systemd-gpt-auto should probably set x-systemd.growfs on the mounts it
|
||||
creates
|
||||
|
||||
* homed/userdb: distuingish passwords and recovery keys in the records, since
|
||||
* homed/userdb: distinguish passwords and recovery keys in the records, since
|
||||
we probably want to use different PBKDF algorithms/settings for them:
|
||||
passwords have low entropy but recovery keys should have good entropy key
|
||||
hence we can make them quicker to work.
|
||||
|
|
@ -66,7 +66,7 @@ Features:
|
|||
systemd-makefs.service instead.
|
||||
|
||||
* socket units: allow creating a udev monitor socket with ListenDevices= or so,
|
||||
with matches, then actviate app thorugh that passing socket oveer
|
||||
with matches, then activate app through that passing socket over
|
||||
|
||||
* unify on openssl:
|
||||
- port sd_id128_get_machine_app_specific() over from khash
|
||||
|
|
@ -90,11 +90,11 @@ Features:
|
|||
that the device paths stay the same, regardless if crypto is used or not.
|
||||
|
||||
* systemd-repart: by default generate minimized partition tables (i.e. tables
|
||||
that only covere the space actually used, excluding any free space at the
|
||||
that only cover the space actually used, excluding any free space at the
|
||||
end), in order to maximize dd'ability. Requires libfdisk work, see
|
||||
https://github.com/karelzak/util-linux/issues/907
|
||||
|
||||
* systemd-repart: optionally, allow specifiying a path to initialize new
|
||||
* systemd-repart: optionally, allow specifying a path to initialize new
|
||||
partitions from, i.e. an fs image file or a source device node. This would
|
||||
then turn systemd-repart into a simple installer: with a few .repart files
|
||||
you could replicate the host system on another device. a full installer would
|
||||
|
|
@ -230,7 +230,7 @@ Features:
|
|||
systemd --user is shut down.
|
||||
- logind: maybe keep a "busy fd" as long as there's a non-released session around or the user@.service
|
||||
- maybe make automatic, read-only, time-based reflink-copies of LUKS disk images (think: time machine)
|
||||
- distuingish destroy / remove (i.e. currently we can unregister a user, unregister+remove their home directory, but not just remove their home directory)
|
||||
- distinguish destroy / remove (i.e. currently we can unregister a user, unregister+remove their home directory, but not just remove their home directory)
|
||||
- in systemd's PAMName= logic: query passwords with ssh-askpassword, so that we can make "loginctl set-linger" mode work
|
||||
- fingerprint authentication, pattern authentication, …
|
||||
- make sure "classic" user records can also be managed by homed
|
||||
|
|
|
|||
|
|
@ -1,6 +1,18 @@
|
|||
@@
|
||||
/* Avoid running this transformation on the strempty function itself */
|
||||
position p : script:python() { p[0].current_element != "strempty" };
|
||||
/* Avoid running this transformation on the strempty function itself and
|
||||
* on the "make_expression" macro in src/libsystemd/sd-bus/bus-convenience.c.
|
||||
* As Coccinelle's Location object doesn't support macro "detection", use
|
||||
* a pretty horrifying combo of specifying a file and a special "something_else"
|
||||
* position element, which is, apparently, the default value of
|
||||
* "current_element" before it's set (according to the source code), thus
|
||||
* matching any "top level" position, including macros. Let's hope we never
|
||||
* introduce a function called "something_else"...
|
||||
*/
|
||||
position p : script:python() {
|
||||
not (p[0].current_element == "strempty" or
|
||||
(p[0].file == "src/libsystemd/sd-bus/bus-convenience.c" and
|
||||
p[0].current_element == "something_else"))
|
||||
};
|
||||
expression s;
|
||||
@@
|
||||
(
|
||||
|
|
|
|||
|
|
@ -95,7 +95,7 @@ Note that the `$BOOT` partition is not supposed to be exclusive territory of
|
|||
this specification. This specification only defines semantics of the `/loader/`
|
||||
directory inside the file system (see below), but it doesn't intend to define
|
||||
ownership of the whole file system exclusively. Boot loaders, firmware, and
|
||||
other software implementating this specification may choose to place other
|
||||
other software implementing this specification may choose to place other
|
||||
files and directories in the same file system. For example, boot loaders that
|
||||
implement this specification might install their own boot code into the `$BOOT`
|
||||
partition. On systems where `$BOOT` is the ESP this is a particularly common
|
||||
|
|
|
|||
|
|
@ -39,7 +39,7 @@ The purpose of this grouping is to assign different priorities to the
|
|||
applications.
|
||||
This could e.g. mean reserving memory to session processes,
|
||||
preferentially killing background tasks in out-of-memory situations
|
||||
or assinging different memory/CPU/IO priorities to ensure that the session
|
||||
or assigning different memory/CPU/IO priorities to ensure that the session
|
||||
runs smoothly under load.
|
||||
|
||||
TODO: Will there be a default to place units into e.g. `apps.slice` by default
|
||||
|
|
|
|||
|
|
@ -147,7 +147,7 @@ directory-based storage mechanisms (`directory`, `subvolume` and `fscrypt`)
|
|||
this is a bind mount, in case of `cifs` this is a CIFS network mount, and in
|
||||
case of the LUKS2 backend a regular block device mount of the file system
|
||||
contained in the LUKS2 image. By requiring a mount for all cases (even for
|
||||
those that already are a directory) a clear logic is defined to distuingish
|
||||
those that already are a directory) a clear logic is defined to distinguish
|
||||
active and inactive home directories, so that the directories become
|
||||
inaccessible under their regular path the instant they are
|
||||
deactivated. Moreover, the `nosuid`, `nodev` and `noexec` flags configured in
|
||||
|
|
|
|||
|
|
@ -95,7 +95,7 @@ services are listening there, that have special relevance:
|
|||
2. `io.systemd.Multiplexer` → This service multiplexes client queries to all
|
||||
other running services. It's supposed to simplify client development: in
|
||||
order to look up or enumerate user/group records it's sufficient to talk to
|
||||
one service instead of all of them in parallel. Note that it is not availabe
|
||||
one service instead of all of them in parallel. Note that it is not available
|
||||
during earliest boot and final shutdown phases, hence for programs running
|
||||
in that context it is preferable to implement the parallel lookup
|
||||
themselves.
|
||||
|
|
|
|||
|
|
@ -157,7 +157,7 @@ it creates ambiguity in traditional `chown` syntax (which is still accepted
|
|||
today) that uses it to separate user and group names in the command's
|
||||
parameter: without consulting the user/group databases it is not possible to
|
||||
determine if a `chown` invocation would change just the owning user or both the
|
||||
owning user and group. It also allows embeddeding `@` (which is confusing to
|
||||
owning user and group. It also allows embedding `@` (which is confusing to
|
||||
MTAs).
|
||||
|
||||
## Common Core
|
||||
|
|
|
|||
|
|
@ -170,7 +170,7 @@ emergency.service | | |
|
|||
user units. For non-graphical sessions, <filename>default.target</filename> is used. Whenever the user
|
||||
logs into a graphical session, the login manager will start the
|
||||
<filename>graphical-session.target</filename> target that is used to pull in units required for the
|
||||
grahpical session. A number of targets (shown on the right side) are started when specific hardware is
|
||||
graphical session. A number of targets (shown on the right side) are started when specific hardware is
|
||||
available to the user.</para>
|
||||
|
||||
<programlisting>
|
||||
|
|
|
|||
|
|
@ -50,7 +50,7 @@
|
|||
<listitem><para>An individual LUKS2 encrypted loopback file for a user, stored in
|
||||
<filename>/home/*.home</filename>. At login the file system contained in this files is mounted, after
|
||||
the LUKS2 encrypted volume has been attached. The user's password is identical to the encryption
|
||||
passphrase of the LUKS2 volume. Access to data without preceeding user authentication is thus not
|
||||
passphrase of the LUKS2 volume. Access to data without preceding user authentication is thus not
|
||||
possible, even for the system administrator. This storage mechanism provides the strongest data
|
||||
security and is thus recommended.</para></listitem>
|
||||
|
||||
|
|
@ -267,7 +267,7 @@
|
|||
matching the user in name and numeric UID/GID. Thus any groups listed here must be registered
|
||||
independently, for example with <citerefentry
|
||||
project='man-pages'><refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum></citerefentry>. If
|
||||
non-existant groups that are listed there are ignored. This option may be used more than once, in
|
||||
non-existent groups that are listed there are ignored. This option may be used more than once, in
|
||||
which case all specified group lists are combined.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
|
|
@ -467,7 +467,7 @@
|
|||
project='man-pages'><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></citerefentry> or a
|
||||
similar tool. Use <option>--rlimit=LIMIT_NPROC=</option> to place a limit on the tasks actually
|
||||
running under the UID of the user, thus excluding any child processes that might have changed user
|
||||
identity. This controls the <varname>TasksMax=</varname> settting of the per-user systemd slice unit
|
||||
identity. This controls the <varname>TasksMax=</varname> setting of the per-user systemd slice unit
|
||||
<filename>user-$UID.slice</filename>. See
|
||||
<citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>
|
||||
for further details.</para></listitem>
|
||||
|
|
@ -707,7 +707,7 @@
|
|||
<varlistentry>
|
||||
<term><command>passwd</command> <replaceable>USER</replaceable></term>
|
||||
|
||||
<listitem><para>Change the password of the specified home direcory/user account.</para></listitem>
|
||||
<listitem><para>Change the password of the specified home directory/user account.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
|
|
|
|||
|
|
@ -631,7 +631,7 @@
|
|||
<varlistentry>
|
||||
<term><option>--case-sensitive<optional>=BOOLEAN</optional></option></term>
|
||||
|
||||
<listitem><para>Make pattern matching case sensitive or case insenstive.</para>
|
||||
<listitem><para>Make pattern matching case sensitive or case insensitive.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
|
|
|
|||
|
|
@ -70,7 +70,7 @@
|
|||
|
||||
<para>Turning this option on by default is highly recommended for all sessions, but only if the
|
||||
service managing these sessions correctly implements the aforementioned re-authentication. Note that
|
||||
the re-authentication must take place from a component runing outside of the user's context, so that
|
||||
the re-authentication must take place from a component running outside of the user's context, so that
|
||||
it does not require access to the user's home directory for operation. Traditionally, most desktop
|
||||
environments do not implement screen locking this way, and need to be updated
|
||||
accordingly.</para></listitem>
|
||||
|
|
|
|||
|
|
@ -319,6 +319,7 @@ manpages = [
|
|||
['sd_bus_message_read', '3', ['sd_bus_message_readv'], ''],
|
||||
['sd_bus_message_read_array', '3', [], ''],
|
||||
['sd_bus_message_read_basic', '3', [], ''],
|
||||
['sd_bus_message_read_strv', '3', [], ''],
|
||||
['sd_bus_message_rewind', '3', [], ''],
|
||||
['sd_bus_message_seal', '3', [], ''],
|
||||
['sd_bus_message_sensitive', '3', [], ''],
|
||||
|
|
|
|||
|
|
@ -110,6 +110,7 @@
|
|||
<citerefentry><refentrytitle>sd_bus_message_read</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd_bus_message_read_array</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd_bus_message_read_basic</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd_bus_message_read_strv</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd_bus_message_rewind</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd_bus_message_seal</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd_bus_message_set_destination</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
|
|
|
|||
|
|
@ -194,7 +194,7 @@
|
|||
|
||||
<listitem><para>When set to <literal>1</literal>, this device automatically
|
||||
generates a new and independent seat, which is named after the path of the
|
||||
device. This is set for specialized USB hubs like the Plugable devices, which when
|
||||
device. This is set for specialized USB hubs like the Pluggable devices, which when
|
||||
plugged in should create a hotplug seat without further configuration.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
|
|
|||
|
|
@ -45,10 +45,9 @@
|
|||
<parameter>acquired</parameter> is not <constant>NULL</constant>, the function calls
|
||||
<ulink url="https://dbus.freedesktop.org/doc/dbus-specification.html#bus-messages-list-activatable-names">
|
||||
org.freedesktop.DBus.ListActivableNames</ulink> to retrieve the list of all names on the bus that can be
|
||||
activated. Note that ownership of any string arrays returned by <function>sd_bus_list_names()</function>
|
||||
is transferred to the caller and hence, the caller is responsible for freeing any results stored by
|
||||
<function>sd_bus_list_names()</function> in <parameter>acquired</parameter> and
|
||||
<parameter>activatable</parameter>.</para>
|
||||
activated. Note that ownership of the arrays returned by <function>sd_bus_list_names()</function> in
|
||||
<parameter>acquired</parameter> and <parameter>activatable</parameter> is transferred to the caller and
|
||||
hence, the caller is responsible for freeing these arrays and their contents.</para>
|
||||
</refsect1>
|
||||
|
||||
<refsect1>
|
||||
|
|
|
|||
|
|
@ -105,7 +105,8 @@
|
|||
<para>
|
||||
<citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd-bus</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd_bus_message_read</refentrytitle><manvolnum>3</manvolnum></citerefentry>
|
||||
<citerefentry><refentrytitle>sd_bus_message_read</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd_bus_message_read_strv</refentrytitle><manvolnum>3</manvolnum></citerefentry>
|
||||
</para>
|
||||
</refsect1>
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,90 @@
|
|||
<?xml version='1.0'?>
|
||||
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
|
||||
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
|
||||
<!-- SPDX-License-Identifier: LGPL-2.1+ -->
|
||||
|
||||
<refentry id="sd_bus_message_read_strv">
|
||||
|
||||
<refentryinfo>
|
||||
<title>sd_bus_message_read_strv</title>
|
||||
<productname>systemd</productname>
|
||||
</refentryinfo>
|
||||
|
||||
<refmeta>
|
||||
<refentrytitle>sd_bus_message_read_strv</refentrytitle>
|
||||
<manvolnum>3</manvolnum>
|
||||
</refmeta>
|
||||
|
||||
<refnamediv>
|
||||
<refname>sd_bus_message_read_strv</refname>
|
||||
|
||||
<refpurpose>Access an array of strings in a message</refpurpose>
|
||||
</refnamediv>
|
||||
|
||||
<refsynopsisdiv>
|
||||
<funcsynopsis>
|
||||
<funcsynopsisinfo>#include <systemd/sd-bus.h></funcsynopsisinfo>
|
||||
|
||||
<funcprototype>
|
||||
<funcdef>int <function>sd_bus_message_read_strv</function></funcdef>
|
||||
<paramdef>sd_bus_message *<parameter>m</parameter></paramdef>
|
||||
<paramdef>char ***<parameter>l</parameter></paramdef>
|
||||
</funcprototype>
|
||||
</funcsynopsis>
|
||||
</refsynopsisdiv>
|
||||
|
||||
<refsect1>
|
||||
<title>Description</title>
|
||||
|
||||
<para><function>sd_bus_message_read_strv()</function> gives access to an array of strings in message
|
||||
<parameter>m</parameter>. The "read pointer" in the message must be right before an array of strings. On
|
||||
success, a pointer to the <constant>NULL</constant>-terminated array of strings is returned in the output
|
||||
parameter <parameter>l</parameter>. Note that ownership of this array is transferred to the caller.
|
||||
Hence, the caller is responsible for freeing this array and its contents.</para>
|
||||
</refsect1>
|
||||
|
||||
<refsect1>
|
||||
<title>Return Value</title>
|
||||
|
||||
<para>On success, <function>sd_bus_message_read_strv()</function> returns a non-negative integer. On
|
||||
failure, it returns a negative errno-style error code.</para>
|
||||
|
||||
<refsect2>
|
||||
<title>Errors</title>
|
||||
|
||||
<para>Returned errors may indicate the following problems:</para>
|
||||
|
||||
<variablelist>
|
||||
<varlistentry>
|
||||
<term><constant>-EINVAL</constant></term>
|
||||
|
||||
<listitem><para><parameter>m</parameter> or <parameter>l</parameter> are <constant>NULL</constant>.
|
||||
</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><constant>-EPERM</constant></term>
|
||||
|
||||
<listitem><para>The message is not sealed.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><constant>-EBADMSG</constant></term>
|
||||
|
||||
<listitem><para>The message cannot be parsed.</para></listitem>
|
||||
</varlistentry>
|
||||
</variablelist>
|
||||
</refsect2>
|
||||
</refsect1>
|
||||
|
||||
<refsect1>
|
||||
<title>See Also</title>
|
||||
|
||||
<para>
|
||||
<citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd-bus</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd_bus_message_read</refentrytitle><manvolnum>3</manvolnum></citerefentry>
|
||||
</para>
|
||||
</refsect1>
|
||||
|
||||
</refentry>
|
||||
|
|
@ -50,7 +50,7 @@
|
|||
<refsect1>
|
||||
<title>Return Value</title>
|
||||
|
||||
<para>On success, theis functions return 0 or a positive integer. On failure, it returns a
|
||||
<para>On success, this functions return 0 or a positive integer. On failure, it returns a
|
||||
negative errno-style error code.</para>
|
||||
|
||||
<refsect2>
|
||||
|
|
|
|||
|
|
@ -86,7 +86,7 @@
|
|||
|
||||
<para>The <function>SD_HWDB_FOREACH_PROPERTY</function> macro combines
|
||||
<function>sd_hwdb_seek()</function> and <function>sd_hwdb_enumerate()</function>. No error handling is
|
||||
performed and interation simply stops on error. See the example below.</para>
|
||||
performed and iteration simply stops on error. See the example below.</para>
|
||||
</refsect1>
|
||||
|
||||
<refsect1>
|
||||
|
|
|
|||
|
|
@ -66,7 +66,7 @@
|
|||
file. This function caches the machine ID internally to make retrieving the machine ID a cheap operation. This ID
|
||||
may be used wherever a unique identifier for the local system is needed. However, it is recommended to use this ID
|
||||
as-is only in trusted environments. In untrusted environments it is recommended to derive an application specific
|
||||
ID from this machine ID, in an irreversable (cryptographically secure) way. To make this easy
|
||||
ID from this machine ID, in an irreversible (cryptographically secure) way. To make this easy
|
||||
<function>sd_id128_get_machine_app_specific()</function> is provided, see below.</para>
|
||||
|
||||
<para><function>sd_id128_get_machine_app_specific()</function> is similar to
|
||||
|
|
|
|||
|
|
@ -1634,7 +1634,7 @@ RestrictNamespaces=~cgroup net</programlisting>
|
|||
points of the file system namespace created for each process of this unit. Other file system namespacing unit
|
||||
settings (see the discussion in <varname>PrivateMounts=</varname> above) will implicitly disable mount and
|
||||
unmount propagation from the unit's processes towards the host by changing the propagation setting of all mount
|
||||
points in the unit's file system namepace to <option>slave</option> first. Setting this option to
|
||||
points in the unit's file system namespace to <option>slave</option> first. Setting this option to
|
||||
<option>shared</option> does not reestablish propagation in that case.</para>
|
||||
|
||||
<para>If not set – but file system namespaces are enabled through another file system namespace unit setting –
|
||||
|
|
|
|||
|
|
@ -622,7 +622,7 @@
|
|||
trigger the start of the DHCPv6 client if the relevant flags are set in the RA data, or if no
|
||||
routers are found on the link. The default is to disable RA reception for bridge devices or when IP
|
||||
forwarding is enabled, and to enable it otherwise. Cannot be enabled on bond devices and when link
|
||||
local adressing is disabled.</para>
|
||||
local addressing is disabled.</para>
|
||||
|
||||
<para>Further settings for the IPv6 RA support may be configured in the
|
||||
<literal>[IPv6AcceptRA]</literal> section, see below.</para>
|
||||
|
|
@ -1491,8 +1491,9 @@
|
|||
<varlistentry>
|
||||
<term><varname>UseGateway=</varname></term>
|
||||
<listitem>
|
||||
<para>When true (the default), the gateway will be requested from the DHCP server and added to the
|
||||
routing table with a metric of 1024, and a scope of "link".</para>
|
||||
<para>When true, the gateway will be requested from the DHCP server and added to the routing table with a
|
||||
metric of 1024, and a scope of "link". When unset, the value specified with <option>UseRoutes=</option>
|
||||
is used.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
<varlistentry>
|
||||
|
|
@ -1624,7 +1625,7 @@
|
|||
<varlistentry>
|
||||
<term><varname>SendDecline=</varname></term>
|
||||
<listitem>
|
||||
<para>A boolen. When <literal>true</literal>, DHCPv4 clients receives IP address from DHCP server.
|
||||
<para>A boolean. When <literal>true</literal>, DHCPv4 clients receives IP address from DHCP server.
|
||||
After new IP is received, DHCPv4 performs IPv4 Duplicate Address Detection. If duplicate use of IP is detected
|
||||
the DHCPv4 client rejects the IP by sending a DHCPDECLINE packet DHCP clients try to obtain an IP address again.
|
||||
See <ulink url="https://tools.ietf.org/html/rfc5227">RFC 5224</ulink>.
|
||||
|
|
|
|||
|
|
@ -199,7 +199,7 @@
|
|||
option is used without <varname>RemainAfterExit=</varname> the service will never enter
|
||||
<literal>active</literal> unit state, but directly transition from <literal>activating</literal>
|
||||
to <literal>deactivating</literal> or <literal>dead</literal> since no process is configured that
|
||||
shall run continously. In particular this means that after a service of this type ran (and which
|
||||
shall run continuously. In particular this means that after a service of this type ran (and which
|
||||
has <varname>RemainAfterExit=</varname> not set) it will not show up as started afterwards, but
|
||||
as dead.</para></listitem>
|
||||
|
||||
|
|
@ -568,7 +568,7 @@
|
|||
|
||||
<para>If a service of <varname>Type=notify</varname> sends <literal>EXTEND_TIMEOUT_USEC=…</literal>, this may cause
|
||||
the start time to be extended beyond <varname>TimeoutStartSec=</varname>. The first receipt of this message
|
||||
must occur before <varname>TimeoutStartSec=</varname> is exceeded, and once the start time has exended beyond
|
||||
must occur before <varname>TimeoutStartSec=</varname> is exceeded, and once the start time has extended beyond
|
||||
<varname>TimeoutStartSec=</varname>, the service manager will allow the service to continue to start, provided
|
||||
the service repeats <literal>EXTEND_TIMEOUT_USEC=…</literal> within the interval specified until the service
|
||||
startup status is finished by <literal>READY=1</literal>. (see
|
||||
|
|
@ -595,7 +595,7 @@
|
|||
|
||||
<para>If a service of <varname>Type=notify</varname> sends <literal>EXTEND_TIMEOUT_USEC=…</literal>, this may cause
|
||||
the stop time to be extended beyond <varname>TimeoutStopSec=</varname>. The first receipt of this message
|
||||
must occur before <varname>TimeoutStopSec=</varname> is exceeded, and once the stop time has exended beyond
|
||||
must occur before <varname>TimeoutStopSec=</varname> is exceeded, and once the stop time has extended beyond
|
||||
<varname>TimeoutStopSec=</varname>, the service manager will allow the service to continue to stop, provided
|
||||
the service repeats <literal>EXTEND_TIMEOUT_USEC=…</literal> within the interval specified, or terminates itself
|
||||
(see <citerefentry><refentrytitle>sd_notify</refentrytitle><manvolnum>3</manvolnum></citerefentry>).
|
||||
|
|
@ -624,7 +624,7 @@
|
|||
<para>If a service of <varname>Type=notify</varname> handles <constant>SIGABRT</constant> itself (instead of relying
|
||||
on the kernel to write a core dump) it can send <literal>EXTEND_TIMEOUT_USEC=…</literal> to
|
||||
extended the abort time beyond <varname>TimeoutAbortSec=</varname>. The first receipt of this message
|
||||
must occur before <varname>TimeoutAbortSec=</varname> is exceeded, and once the abort time has exended beyond
|
||||
must occur before <varname>TimeoutAbortSec=</varname> is exceeded, and once the abort time has extended beyond
|
||||
<varname>TimeoutAbortSec=</varname>, the service manager will allow the service to continue to abort, provided
|
||||
the service repeats <literal>EXTEND_TIMEOUT_USEC=…</literal> within the interval specified, or terminates itself
|
||||
(see <citerefentry><refentrytitle>sd_notify</refentrytitle><manvolnum>3</manvolnum></citerefentry>).
|
||||
|
|
@ -650,7 +650,7 @@
|
|||
|
||||
<para>If a service of <varname>Type=notify</varname> sends <literal>EXTEND_TIMEOUT_USEC=…</literal>, this may cause
|
||||
the runtime to be extended beyond <varname>RuntimeMaxSec=</varname>. The first receipt of this message
|
||||
must occur before <varname>RuntimeMaxSec=</varname> is exceeded, and once the runtime has exended beyond
|
||||
must occur before <varname>RuntimeMaxSec=</varname> is exceeded, and once the runtime has extended beyond
|
||||
<varname>RuntimeMaxSec=</varname>, the service manager will allow the service to continue to run, provided
|
||||
the service repeats <literal>EXTEND_TIMEOUT_USEC=…</literal> within the interval specified until the service
|
||||
shutdown is achieved by <literal>STOPPING=1</literal> (or termination). (see
|
||||
|
|
|
|||
|
|
@ -40,7 +40,7 @@ shred -u plaintext.bin plaintext.base64
|
|||
rm pubkey.pem
|
||||
|
||||
# Test: Let's run systemd-cryptsetup to test if this all worked. The option string should contain the full
|
||||
# PKCS#11 URI we have in the clipboard, it tells the tool how to decypher the encrypted LUKS key.
|
||||
# PKCS#11 URI we have in the clipboard, it tells the tool how to decipher the encrypted LUKS key.
|
||||
sudo systemd-cryptsetup attach mytest /dev/sdXn /etc/encrypted-luks-key.bin 'pkcs11-uri=pkcs11:…'
|
||||
|
||||
# If that worked, let's now add the same line persistently to /etc/crypttab, for the future.
|
||||
|
|
|
|||
|
|
@ -692,28 +692,30 @@ int unlink_or_warn(const char *filename) {
|
|||
|
||||
int inotify_add_watch_fd(int fd, int what, uint32_t mask) {
|
||||
char path[STRLEN("/proc/self/fd/") + DECIMAL_STR_MAX(int) + 1];
|
||||
int r;
|
||||
int wd;
|
||||
|
||||
/* This is like inotify_add_watch(), except that the file to watch is not referenced by a path, but by an fd */
|
||||
xsprintf(path, "/proc/self/fd/%i", what);
|
||||
|
||||
r = inotify_add_watch(fd, path, mask);
|
||||
if (r < 0)
|
||||
wd = inotify_add_watch(fd, path, mask);
|
||||
if (wd < 0)
|
||||
return -errno;
|
||||
|
||||
return r;
|
||||
return wd;
|
||||
}
|
||||
|
||||
int inotify_add_watch_and_warn(int fd, const char *pathname, uint32_t mask) {
|
||||
int wd;
|
||||
|
||||
if (inotify_add_watch(fd, pathname, mask) < 0) {
|
||||
wd = inotify_add_watch(fd, pathname, mask);
|
||||
if (wd < 0) {
|
||||
if (errno == ENOSPC)
|
||||
return log_error_errno(errno, "Failed to add a watch for %s: inotify watch limit reached", pathname);
|
||||
|
||||
return log_error_errno(errno, "Failed to add a watch for %s: %m", pathname);
|
||||
}
|
||||
|
||||
return 0;
|
||||
return wd;
|
||||
}
|
||||
|
||||
static bool unsafe_transition(const struct stat *a, const struct stat *b) {
|
||||
|
|
|
|||
|
|
@ -1201,7 +1201,7 @@ static VOID config_entry_parse_tries(
|
|||
}
|
||||
|
||||
new_factor = factor * 10;
|
||||
if (new_factor < factor) /* overflow chck */
|
||||
if (new_factor < factor) /* overflow check */
|
||||
return;
|
||||
|
||||
factor = new_factor;
|
||||
|
|
|
|||
|
|
@ -1061,7 +1061,7 @@ int bus_foreach_bus(
|
|||
/* Send to all direct buses, unconditionally */
|
||||
SET_FOREACH(b, m->private_buses, i) {
|
||||
|
||||
/* Don't bother with enqueing these messages to clients that haven't started yet */
|
||||
/* Don't bother with enqueuing these messages to clients that haven't started yet */
|
||||
if (sd_bus_is_ready(b) <= 0)
|
||||
continue;
|
||||
|
||||
|
|
|
|||
|
|
@ -2566,7 +2566,7 @@ static bool insist_on_sandboxing(
|
|||
assert(n_bind_mounts == 0 || bind_mounts);
|
||||
|
||||
/* Checks whether we need to insist on fs namespacing. i.e. whether we have settings configured that
|
||||
* would alter the view on the file system beyond making things read-only or invisble, i.e. would
|
||||
* would alter the view on the file system beyond making things read-only or invisible, i.e. would
|
||||
* rearrange stuff in a way we cannot ignore gracefully. */
|
||||
|
||||
if (context->n_temporary_filesystems > 0)
|
||||
|
|
|
|||
|
|
@ -516,12 +516,20 @@ static bool job_is_runnable(Job *j) {
|
|||
return true;
|
||||
|
||||
HASHMAP_FOREACH_KEY(v, other, j->unit->dependencies[UNIT_AFTER], i)
|
||||
if (other->job && job_compare(j, other->job, UNIT_AFTER) > 0)
|
||||
if (other->job && job_compare(j, other->job, UNIT_AFTER) > 0) {
|
||||
log_unit_debug(j->unit,
|
||||
"starting held back, waiting for: %s",
|
||||
other->id);
|
||||
return false;
|
||||
}
|
||||
|
||||
HASHMAP_FOREACH_KEY(v, other, j->unit->dependencies[UNIT_BEFORE], i)
|
||||
if (other->job && job_compare(j, other->job, UNIT_BEFORE) > 0)
|
||||
if (other->job && job_compare(j, other->job, UNIT_BEFORE) > 0) {
|
||||
log_unit_debug(j->unit,
|
||||
"stopping held back, waiting for: %s",
|
||||
other->id);
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -313,9 +313,9 @@ static int manager_check_ask_password(Manager *m) {
|
|||
m->ask_password_inotify_fd, EPOLLIN,
|
||||
manager_dispatch_ask_password_fd, m);
|
||||
if (r < 0) {
|
||||
log_error_errno(errno, "Failed to add event source for /run/systemd/ask-password: %m");
|
||||
log_error_errno(r, "Failed to add event source for /run/systemd/ask-password: %m");
|
||||
manager_close_ask_password(m);
|
||||
return -errno;
|
||||
return r;
|
||||
}
|
||||
|
||||
(void) sd_event_source_set_description(m->ask_password_event_source, "manager-ask-password");
|
||||
|
|
|
|||
|
|
@ -2860,13 +2860,13 @@ bool unit_job_is_applicable(Unit *u, JobType j) {
|
|||
case JOB_START:
|
||||
case JOB_NOP:
|
||||
/* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not
|
||||
* startable by us but may appear due to external events, and it thus makes sense to permit enqueing
|
||||
* startable by us but may appear due to external events, and it thus makes sense to permit enqueuing
|
||||
* jobs for it. */
|
||||
return true;
|
||||
|
||||
case JOB_STOP:
|
||||
/* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to
|
||||
* external events), hence it makes no sense to permit enqueing such a request either. */
|
||||
* external events), hence it makes no sense to permit enqueuing such a request either. */
|
||||
return !u->perpetual;
|
||||
|
||||
case JOB_RESTART:
|
||||
|
|
|
|||
|
|
@ -883,6 +883,7 @@ int unit_can_clean(Unit *u, ExecCleanMask *ret_mask);
|
|||
#define log_unit_full(unit, level, error, ...) \
|
||||
({ \
|
||||
const Unit *_u = (unit); \
|
||||
(log_get_max_level() < LOG_PRI(level)) ? -ERRNO_VALUE(error) : \
|
||||
_u ? log_object_internal(level, error, PROJECT_FILE, __LINE__, __func__, _u->manager->unit_log_field, _u->id, _u->manager->invocation_log_field, _u->invocation_id_string, ##__VA_ARGS__) : \
|
||||
log_internal(level, error, PROJECT_FILE, __LINE__, __func__, ##__VA_ARGS__); \
|
||||
})
|
||||
|
|
|
|||
|
|
@ -1521,7 +1521,7 @@ static int home_may_change_password(
|
|||
|
||||
r = user_record_test_password_change_required(h->record);
|
||||
if (IN_SET(r, -EKEYREVOKED, -EOWNERDEAD, -EKEYEXPIRED))
|
||||
return 0; /* expired in some form, but chaning is allowed */
|
||||
return 0; /* expired in some form, but changing is allowed */
|
||||
if (IN_SET(r, -EKEYREJECTED, -EROFS))
|
||||
return sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Expiration settings of account %s do not allow changing of password.", h->user_name);
|
||||
if (r < 0)
|
||||
|
|
|
|||
|
|
@ -1038,10 +1038,9 @@ static int home_remove(UserRecord *h) {
|
|||
|
||||
if (deleted)
|
||||
log_info("Everything completed.");
|
||||
else {
|
||||
log_notice("Nothing to remove.");
|
||||
return -EALREADY;
|
||||
}
|
||||
else
|
||||
return log_notice_errno(SYNTHETIC_ERRNO(EALREADY),
|
||||
"Nothing to remove.");
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -351,7 +351,7 @@ static int help(void) {
|
|||
" -p --priority=RANGE Show entries with the specified priority\n"
|
||||
" --facility=FACILITY... Show entries with the specified facilities\n"
|
||||
" -g --grep=PATTERN Show entries with MESSAGE matching PATTERN\n"
|
||||
" --case-sensitive[=BOOL] Force case sensitive or insenstive matching\n"
|
||||
" --case-sensitive[=BOOL] Force case sensitive or insensitive matching\n"
|
||||
" -e --pager-end Immediately jump to the end in the pager\n"
|
||||
" -f --follow Follow the journal\n"
|
||||
" -n --lines[=INTEGER] Number of journal entries to show\n"
|
||||
|
|
|
|||
|
|
@ -141,8 +141,8 @@ int sd_dhcp_lease_get_servers(
|
|||
return (int) lease->smtp_server_size;
|
||||
|
||||
default:
|
||||
log_debug("Uknown DHCP lease info item %d.", what);
|
||||
return -ENXIO;
|
||||
return log_debug_errno(SYNTHETIC_ERRNO(ENXIO),
|
||||
"Unknown DHCP lease info item %d.", what);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1162,8 +1162,8 @@ int sd_dhcp_server_set_servers(
|
|||
break;
|
||||
|
||||
default:
|
||||
log_debug("Uknown DHCP lease info item %d.", what);
|
||||
return -ENXIO;
|
||||
return log_debug_errno(SYNTHETIC_ERRNO(ENXIO),
|
||||
"Unknown DHCP lease info item %d.", what);
|
||||
}
|
||||
|
||||
if (*n_a == n_addresses &&
|
||||
|
|
|
|||
|
|
@ -106,7 +106,7 @@ _public_ struct udev *udev_unref(struct udev *udev) {
|
|||
assert(udev->n_ref > 0);
|
||||
udev->n_ref--;
|
||||
if (udev->n_ref > 0)
|
||||
/* This is different from our convetion, but let's keep backward
|
||||
/* This is different from our convention, but let's keep backward
|
||||
* compatibility. So, do not use DEFINE_PUBLIC_TRIVIAL_UNREF_FUNC()
|
||||
* macro to define this function. */
|
||||
return udev;
|
||||
|
|
|
|||
|
|
@ -128,7 +128,7 @@ static int link_push_uplink_to_dhcp_server(
|
|||
break;
|
||||
|
||||
default:
|
||||
assert_not_reached("Uknown DHCP lease info item");
|
||||
assert_not_reached("Unknown DHCP lease info item");
|
||||
}
|
||||
|
||||
char **a;
|
||||
|
|
|
|||
|
|
@ -325,9 +325,7 @@ static int link_set_dhcp_routes(Link *link) {
|
|||
}
|
||||
}
|
||||
|
||||
if (!link->network->dhcp_use_gateway)
|
||||
return 0;
|
||||
|
||||
if (link->network->dhcp_use_gateway) {
|
||||
r = sd_dhcp_lease_get_router(link->dhcp_lease, &router);
|
||||
if (IN_SET(r, 0, -ENODATA))
|
||||
log_link_info(link, "DHCP: No gateway received from DHCP server.");
|
||||
|
|
@ -398,6 +396,7 @@ static int link_set_dhcp_routes(Link *link) {
|
|||
if (r > 0)
|
||||
link->dhcp4_messages++;
|
||||
}
|
||||
}
|
||||
|
||||
return link_set_dns_routes(link, &address);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -164,7 +164,7 @@ DHCPv4.UseMTU, config_parse_bool,
|
|||
DHCPv4.UseHostname, config_parse_bool, 0, offsetof(Network, dhcp_use_hostname)
|
||||
DHCPv4.UseDomains, config_parse_dhcp_use_domains, 0, offsetof(Network, dhcp_use_domains)
|
||||
DHCPv4.UseRoutes, config_parse_bool, 0, offsetof(Network, dhcp_use_routes)
|
||||
DHCPv4.UseGateway, config_parse_bool, 0, offsetof(Network, dhcp_use_gateway)
|
||||
DHCPv4.UseGateway, config_parse_tristate, 0, offsetof(Network, dhcp_use_gateway)
|
||||
DHCPv4.RequestOptions, config_parse_dhcp_request_options, 0, 0
|
||||
DHCPv4.Anonymize, config_parse_bool, 0, offsetof(Network, dhcp_anonymize)
|
||||
DHCPv4.SendHostname, config_parse_bool, 0, offsetof(Network, dhcp_send_hostname)
|
||||
|
|
|
|||
|
|
@ -267,6 +267,9 @@ int network_verify(Network *network) {
|
|||
network->dhcp_use_mtu = false;
|
||||
}
|
||||
|
||||
if (network->dhcp_use_gateway < 0)
|
||||
network->dhcp_use_gateway = network->dhcp_use_routes;
|
||||
|
||||
if (network->dhcp_critical >= 0) {
|
||||
if (network->keep_configuration >= 0)
|
||||
log_warning("%s: Both KeepConfiguration= and deprecated CriticalConnection= are set. "
|
||||
|
|
@ -385,7 +388,7 @@ int network_load_one(Manager *manager, OrderedHashmap **networks, const char *fi
|
|||
.dhcp_use_dns = true,
|
||||
.dhcp_use_hostname = true,
|
||||
.dhcp_use_routes = true,
|
||||
.dhcp_use_gateway = true,
|
||||
.dhcp_use_gateway = -1,
|
||||
/* NOTE: this var might be overwritten by network_apply_anonymize_if_set */
|
||||
.dhcp_send_hostname = true,
|
||||
.dhcp_send_release = true,
|
||||
|
|
|
|||
|
|
@ -110,7 +110,7 @@ struct Network {
|
|||
bool dhcp_use_sip;
|
||||
bool dhcp_use_mtu;
|
||||
bool dhcp_use_routes;
|
||||
bool dhcp_use_gateway;
|
||||
int dhcp_use_gateway;
|
||||
bool dhcp_use_timezone;
|
||||
bool rapid_commit;
|
||||
bool dhcp_use_hostname;
|
||||
|
|
|
|||
|
|
@ -51,7 +51,7 @@
|
|||
* cgrouspv1 crap: kernel, kernelTCP, swapiness, disableOOMKiller, swap, devices, leafWeight
|
||||
* general: it shouldn't leak lower level abstractions this obviously
|
||||
* unmanagable cgroups stuff: realtimeRuntime/realtimePeriod
|
||||
* needs to say what happense when some option is not specified, i.e. which defautls apply
|
||||
* needs to say what happense when some option is not specified, i.e. which defaults apply
|
||||
* no architecture? no personality?
|
||||
* seccomp example and logic is simply broken: there's no constant "SCMP_ACT_ERRNO".
|
||||
* spec should say what to do with unknown props
|
||||
|
|
|
|||
|
|
@ -151,7 +151,7 @@ int bind_remount_recursive_with_mountinfo(
|
|||
* operation). If it isn't we first make it one. Afterwards we apply MS_BIND|MS_RDONLY (or remove MS_RDONLY) to
|
||||
* all submounts we can access, too. When mounts are stacked on the same mount point we only care for each
|
||||
* individual "top-level" mount on each point, as we cannot influence/access the underlying mounts anyway. We
|
||||
* do not have any effect on future submounts that might get propagated, they migt be writable. This includes
|
||||
* do not have any effect on future submounts that might get propagated, they might be writable. This includes
|
||||
* future submounts that have been triggered via autofs.
|
||||
*
|
||||
* If the "blacklist" parameter is specified it may contain a list of subtrees to exclude from the
|
||||
|
|
|
|||
|
|
@ -1334,7 +1334,7 @@ int varlink_invoke(Varlink *v, const char *method, JsonVariant *parameters) {
|
|||
if (v->state == VARLINK_DISCONNECTED)
|
||||
return -ENOTCONN;
|
||||
|
||||
/* We allow enqueing multiple method calls at once! */
|
||||
/* We allow enqueuing multiple method calls at once! */
|
||||
if (!IN_SET(v->state, VARLINK_IDLE_CLIENT, VARLINK_AWAITING_REPLY))
|
||||
return -EBUSY;
|
||||
|
||||
|
|
|
|||
|
|
@ -124,7 +124,7 @@ usec_t watchdog_runtime_wait(void) {
|
|||
if (!timestamp_is_set(watchdog_timeout))
|
||||
return USEC_INFINITY;
|
||||
|
||||
/* Sleep half the watchdog timeout since the last succesful ping at most */
|
||||
/* Sleep half the watchdog timeout since the last successful ping at most */
|
||||
if (timestamp_is_set(watchdog_last_ping)) {
|
||||
ntime = now(clock_boottime_or_monotonic());
|
||||
assert(ntime >= watchdog_last_ping);
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@
|
|||
|
||||
_SD_BEGIN_DECLARATIONS;
|
||||
|
||||
/* Neightbor Discovery Options, RFC 4861, Section 4.6 and
|
||||
/* Neighbor Discovery Options, RFC 4861, Section 4.6 and
|
||||
* https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml#icmpv6-parameters-5 */
|
||||
enum {
|
||||
SD_NDISC_OPTION_SOURCE_LL_ADDRESS = 1,
|
||||
|
|
|
|||
|
|
@ -1058,7 +1058,8 @@ static void verify_one(
|
|||
r = unit_file_verify_alias(i, alias, &alias2);
|
||||
log_info_errno(r, "alias %s ← %s: %d/%m (expected %d)%s%s%s",
|
||||
i->name, alias, r, expected,
|
||||
alias2 ? " [" : "", alias2 ?: "", alias2 ? "]" : "");
|
||||
alias2 ? " [" : "", strempty(alias2),
|
||||
alias2 ? "]" : "");
|
||||
assert(r == expected);
|
||||
|
||||
/* This is is test for "instance propagation". This propagation matters mostly for WantedBy= and
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@ static void test_proc_cmdline_override(void) {
|
|||
log_info("/* %s */", __func__);
|
||||
|
||||
assert_se(putenv((char*) "SYSTEMD_PROC_CMDLINE=foo_bar=quux wuff-piep=tuet zumm some_arg_with_space='foo bar' and_one_more=\"zzz aaa\"") == 0);
|
||||
assert_se(putenv((char*) "SYSTEMD_EFI_OPTIONS=differnt") == 0);
|
||||
assert_se(putenv((char*) "SYSTEMD_EFI_OPTIONS=different") == 0);
|
||||
|
||||
/* First test if the overrides for /proc/cmdline still work */
|
||||
_cleanup_free_ char *line = NULL, *value = NULL;
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
#!/usr/bin/env bash
|
||||
set -e
|
||||
TEST_DESCRIPTION="Test that KillMode=mixed does not leave left over proccesses with ExecStopPost="
|
||||
TEST_DESCRIPTION="Test that KillMode=mixed does not leave left over processes with ExecStopPost="
|
||||
. $TEST_BASE_DIR/test-functions
|
||||
|
||||
do_test "$@" 47
|
||||
|
|
|
|||
|
|
@ -234,6 +234,7 @@ run_qemu() {
|
|||
|
||||
CONSOLE=ttyS0
|
||||
|
||||
rm -f "$initdir"/{testok,failed,skipped}
|
||||
# make sure the initdir is not mounted to avoid concurrent access
|
||||
cleanup_initdir
|
||||
umount_loopback
|
||||
|
|
@ -362,6 +363,7 @@ $QEMU_OPTIONS \
|
|||
# success), or 1 if nspawn is not available.
|
||||
run_nspawn() {
|
||||
[[ -d /run/systemd/system ]] || return 1
|
||||
rm -f "$initdir"/{testok,failed,skipped}
|
||||
|
||||
local _nspawn_cmd=(
|
||||
--register=no
|
||||
|
|
@ -2014,7 +2016,6 @@ test_setup() {
|
|||
|
||||
test_run() {
|
||||
mount_initdir
|
||||
rm -f "$initdir"/{testok,failed,skipped}
|
||||
|
||||
if [ -z "$TEST_NO_QEMU" ]; then
|
||||
if run_qemu "$1"; then
|
||||
|
|
|
|||
|
|
@ -1,9 +0,0 @@
|
|||
[Match]
|
||||
Name=veth99
|
||||
|
||||
[Network]
|
||||
DHCP=ipv4
|
||||
IPv6AcceptRA=false
|
||||
|
||||
[DHCPv4]
|
||||
UseGateway=no
|
||||
|
|
@ -4,6 +4,3 @@ Name=veth99
|
|||
[Network]
|
||||
DHCP=ipv4
|
||||
IPv6AcceptRA=false
|
||||
|
||||
[DHCPv4]
|
||||
UseRoutes=no
|
||||
|
|
@ -0,0 +1,2 @@
|
|||
[DHCPv4]
|
||||
RoutesToDNS=no
|
||||
|
|
@ -0,0 +1,2 @@
|
|||
[DHCPv4]
|
||||
RoutesToDNS=yes
|
||||
|
|
@ -0,0 +1,2 @@
|
|||
[DHCPv4]
|
||||
UseGateway=no
|
||||
|
|
@ -0,0 +1,2 @@
|
|||
[DHCPv4]
|
||||
UseGateway=yes
|
||||
|
|
@ -0,0 +1,2 @@
|
|||
[DHCPv4]
|
||||
UseRoutes=no
|
||||
|
|
@ -0,0 +1,2 @@
|
|||
[DHCPv4]
|
||||
UseRoutes=yes
|
||||
|
|
@ -3,6 +3,7 @@
|
|||
# systemd-networkd tests
|
||||
|
||||
import argparse
|
||||
import itertools
|
||||
import os
|
||||
import re
|
||||
import shutil
|
||||
|
|
@ -2921,8 +2922,7 @@ class NetworkdDHCPClientTests(unittest.TestCase, Utilities):
|
|||
'dhcp-client-ipv4-dhcp-settings.network',
|
||||
'dhcp-client-ipv4-only-ipv6-disabled.network',
|
||||
'dhcp-client-ipv4-only.network',
|
||||
'dhcp-client-ipv4-use-gateway-no.network',
|
||||
'dhcp-client-ipv4-use-routes-no.network',
|
||||
'dhcp-client-ipv4-use-routes-use-gateway.network',
|
||||
'dhcp-client-ipv6-only.network',
|
||||
'dhcp-client-ipv6-rapid-commit.network',
|
||||
'dhcp-client-keep-configuration-dhcp-on-stop.network',
|
||||
|
|
@ -2937,7 +2937,6 @@ class NetworkdDHCPClientTests(unittest.TestCase, Utilities):
|
|||
'dhcp-client-use-dns-no.network',
|
||||
'dhcp-client-use-dns-yes.network',
|
||||
'dhcp-client-use-domains.network',
|
||||
'dhcp-client-use-routes-no.network',
|
||||
'dhcp-client-vrf.network',
|
||||
'dhcp-client-with-ipv4ll-fallback-with-dhcp-server.network',
|
||||
'dhcp-client-with-ipv4ll-fallback-without-dhcp-server.network',
|
||||
|
|
@ -2946,7 +2945,6 @@ class NetworkdDHCPClientTests(unittest.TestCase, Utilities):
|
|||
'dhcp-server-decline.network',
|
||||
'dhcp-server-veth-peer.network',
|
||||
'dhcp-v4-server-veth-peer.network',
|
||||
'dhcp-client-use-domains.network',
|
||||
'static.network']
|
||||
|
||||
def setUp(self):
|
||||
|
|
@ -3027,8 +3025,23 @@ class NetworkdDHCPClientTests(unittest.TestCase, Utilities):
|
|||
self.assertRegex(output, r'192.168.5.7 proto dhcp scope link src 192.168.5.181 metric 1024')
|
||||
self.assertRegex(output, r'192.168.5.8 proto dhcp scope link src 192.168.5.181 metric 1024')
|
||||
|
||||
def test_dhcp_client_ipv4_use_routes_no(self):
|
||||
copy_unit_to_networkd_unit_path('25-veth.netdev', 'dhcp-server-veth-peer.network', 'dhcp-client-ipv4-use-routes-no.network')
|
||||
def test_dhcp_client_ipv4_use_routes_gateway(self):
|
||||
for (routes, gateway, dnsroutes) in itertools.product([True, False, None], repeat=3):
|
||||
self.setUp()
|
||||
with self.subTest(routes=routes, gateway=gateway, dnsroutes=dnsroutes):
|
||||
self._test_dhcp_client_ipv4_use_routes_gateway(routes, gateway, dnsroutes)
|
||||
self.tearDown()
|
||||
|
||||
def _test_dhcp_client_ipv4_use_routes_gateway(self, routes, gateway, dnsroutes):
|
||||
testunit = 'dhcp-client-ipv4-use-routes-use-gateway.network'
|
||||
testunits = ['25-veth.netdev', 'dhcp-server-veth-peer.network', testunit]
|
||||
if routes != None:
|
||||
testunits.append(f'{testunit}.d/use-routes-{routes}.conf');
|
||||
if gateway != None:
|
||||
testunits.append(f'{testunit}.d/use-gateway-{gateway}.conf');
|
||||
if dnsroutes != None:
|
||||
testunits.append(f'{testunit}.d/use-dns-routes-{dnsroutes}.conf');
|
||||
copy_unit_to_networkd_unit_path(*testunits, dropins=False)
|
||||
|
||||
start_networkd()
|
||||
self.wait_online(['veth-peer:carrier'])
|
||||
|
|
@ -3037,23 +3050,32 @@ class NetworkdDHCPClientTests(unittest.TestCase, Utilities):
|
|||
|
||||
output = check_output('ip route show dev veth99')
|
||||
print(output)
|
||||
self.assertNotRegex(output, r'192.168.5.5')
|
||||
self.assertRegex(output, r'default via 192.168.5.1 proto dhcp src 192.168.5.181 metric 1024')
|
||||
self.assertRegex(output, r'192.168.5.1 proto dhcp scope link src 192.168.5.181 metric 1024')
|
||||
|
||||
def test_dhcp_client_ipv4_use_gateway_no(self):
|
||||
copy_unit_to_networkd_unit_path('25-veth.netdev', 'dhcp-server-veth-peer.network', 'dhcp-client-ipv4-use-gateway-no.network')
|
||||
# UseRoutes= defaults to true
|
||||
useroutes = routes in [True, None]
|
||||
# UseGateway= defaults to useroutes
|
||||
usegateway = useroutes if gateway == None else gateway
|
||||
|
||||
start_networkd()
|
||||
self.wait_online(['veth-peer:carrier'])
|
||||
start_dnsmasq(additional_options='--dhcp-option=option:dns-server,192.168.5.6,192.168.5.7', lease_time='2m')
|
||||
self.wait_online(['veth99:routable', 'veth-peer:routable'])
|
||||
|
||||
output = check_output('ip route show dev veth99')
|
||||
print(output)
|
||||
# Check UseRoutes=
|
||||
if useroutes:
|
||||
self.assertRegex(output, r'192.168.5.0/24 via 192.168.5.5 proto dhcp src 192.168.5.181 metric 1024')
|
||||
else:
|
||||
self.assertNotRegex(output, r'192.168.5.5')
|
||||
|
||||
# Check UseGateway=
|
||||
if usegateway:
|
||||
self.assertRegex(output, r'default via 192.168.5.1 proto dhcp src 192.168.5.181 metric 1024')
|
||||
else:
|
||||
self.assertNotRegex(output, r'default via 192.168.5.1')
|
||||
|
||||
# Check RoutesToDNS=, which defaults to false
|
||||
if dnsroutes:
|
||||
self.assertRegex(output, r'192.168.5.6 proto dhcp scope link src 192.168.5.181 metric 1024')
|
||||
self.assertRegex(output, r'192.168.5.7 proto dhcp scope link src 192.168.5.181 metric 1024')
|
||||
else:
|
||||
self.assertNotRegex(output, r'192.168.5.6')
|
||||
self.assertNotRegex(output, r'192.168.5.7')
|
||||
|
||||
def test_dhcp_client_ipv4_ipv6(self):
|
||||
copy_unit_to_networkd_unit_path('25-veth.netdev', 'dhcp-server-veth-peer.network', 'dhcp-client-ipv6-only.network',
|
||||
'dhcp-client-ipv4-only.network')
|
||||
|
|
|
|||
|
|
@ -119,13 +119,13 @@ machinectl remove scratch4
|
|||
! test -f /var/lib/machines/scratch4
|
||||
! machinectl image-status scratch4
|
||||
|
||||
# Test import-tar hypen/stdin pipe behavior
|
||||
# Test import-tar hyphen/stdin pipe behavior
|
||||
cat /var/tmp/scratch.tar.gz | machinectl import-tar - scratch5
|
||||
test -d /var/lib/machines/scratch5
|
||||
machinectl image-status scratch5
|
||||
diff -r /var/tmp/scratch/ /var/lib/machines/scratch5
|
||||
|
||||
# Test export-tar hypen/stdout pipe behavior
|
||||
# Test export-tar hyphen/stdout pipe behavior
|
||||
mkdir -p /var/tmp/extract
|
||||
machinectl export-tar scratch5 - | tar xvf - -C /var/tmp/extract/
|
||||
diff -r /var/tmp/scratch/ /var/tmp/extract/
|
||||
|
|
|
|||
|
|
@ -163,7 +163,7 @@ TEMPLATE = '''\
|
|||
<refsect1>
|
||||
<title>D-Bus interfaces</title>
|
||||
|
||||
<para>Interaces exposed over D-Bus.</para>
|
||||
<para>Interfaces exposed over D-Bus.</para>
|
||||
|
||||
<variablelist id='dbus-interface' />
|
||||
</refsect1>
|
||||
|
|
|
|||
|
|
@ -279,7 +279,7 @@ def process(page):
|
|||
subst_output(xml, pl)
|
||||
|
||||
out_text = etree.tostring(xml, encoding='unicode')
|
||||
# massage format to avoid some lxml whitespace handling idiosyncracies
|
||||
# massage format to avoid some lxml whitespace handling idiosyncrasies
|
||||
# https://bugs.launchpad.net/lxml/+bug/526799
|
||||
out_text = (src[:src.find('<refentryinfo')] +
|
||||
out_text[out_text.find('<refentryinfo'):] +
|
||||
|
|
|
|||
|
|
@ -36,7 +36,7 @@ else
|
|||
FUZZIT_BRANCH="PR-${TRAVIS_PULL_REQUEST}"
|
||||
fi
|
||||
|
||||
# Because we want Fuzzit to run on every pull-request and Travis/Azure doesnt support encrypted keys
|
||||
# Because we want Fuzzit to run on every pull-request and Travis/Azure doesn't support encrypted keys
|
||||
# on pull-request we use a write-only key which is ok for now. maybe there will be a better solution in the future
|
||||
export FUZZIT_API_KEY=af6992074353998676713818cc6435ef4a750439932dab58b51e9354d6742c54d740a3cd9fc1fc001db82f51734a24bc
|
||||
FUZZIT_ADDITIONAL_FILES="./out/src/shared/libsystemd-shared-*.so"
|
||||
|
|
|
|||
Loading…
Reference in New Issue