Franck Bui [Thu, 6 Jun 2019 13:58:14 +0000 (15:58 +0200)]
nspawn: use correct error variable when logging errors returned by send_one_fd()
Franck Bui [Fri, 7 Jun 2019 05:36:11 +0000 (07:36 +0200)]
namespace-util: make use of TAKE_FD()
No functional changes.
Franck Bui [Thu, 6 Jun 2019 12:05:27 +0000 (14:05 +0200)]
fs-util: no need for fchmod_and_chown() to access /proc/self/fd directly
fstat(2) is fine with O_PATH fds.
For changing owership of a file opened with O_PATH, there's fchownat(2).
Only changing permissions is problematic but we introduced fchmod_opath() for
that purpose.
Yu Watanabe [Tue, 18 Jun 2019 03:02:41 +0000 (12:02 +0900)]
Merge pull request #12807 from keszybz/net-naming-scheme-yet-again
Extend naming scheme to mac address policy and introduce NAMING_STABLE_VIRTUAL_MACS
Jan Pokorný [Mon, 17 Jun 2019 18:49:28 +0000 (20:49 +0200)]
docs: CGROUP_DELEGATION: fix a typo in "that"
Evgeny Vereshchagin [Mon, 17 Jun 2019 17:08:48 +0000 (19:08 +0200)]
travis: turn on all default UBSan checks except for pointer-overflow, object-size and float-cast-overflow
Lennart Poettering [Mon, 17 Jun 2019 08:51:25 +0000 (10:51 +0200)]
core: set fs.file-max sysctl to LONG_MAX rather than ULONG_MAX
Since kernel 5.2 the kernel thankfully returns proper errors when we
write a value out of range to the sysctl. Which however breaks writing
ULONG_MAX to request the maximum value. Hence let's write the new
maximum value instead, LONG_MAX.
/cc @brauner
Fixes: #12803
Lennart Poettering [Mon, 17 Jun 2019 12:54:18 +0000 (14:54 +0200)]
Merge pull request #12810 from evverx/nonnull-attribute
travis: turn on nonnull-attribute on Fuzzit
Zbigniew Jędrzejewski-Szmek [Mon, 17 Jun 2019 07:42:46 +0000 (09:42 +0200)]
udev: introduce NAMING_STABLE_VIRTUAL_MACS (retroactively)
This is for
6d3646406560. It turns out that this is causing more problems than
expected. Let's retroactively introduce naming scheme v241 to conditionalize
this change.
Follow-up for #12792 and
6d36464065601f7. See also
https://bugzilla.suse.com/show_bug.cgi?id=1136600.
$ SYSTEMD_LOG_LEVEL=debug NET_NAMING_SCHEME=v240 build/udevadm test-builtin net_setup_link /sys/class/net/br11
$ SYSTEMD_LOG_LEVEL=debug NET_NAMING_SCHEME=v241 build/udevadm test-builtin net_setup_link /sys/class/net/br11
...
@@ -20,11 +20,13 @@
link_config: could not set ethtool features for br11
Could not set offload features of br11: Operation not permitted
br11: Device has name_assign_type=3
-Using interface naming scheme 'v240'.
+Using interface naming scheme 'v241'.
br11: Policy *keep*: keeping existing userspace name
br11: Device has addr_assign_type=1
-br11: No stable identifying information found
-br11: Could not generate persistent MAC: No data available
+br11: Using "br11" as stable identifying information
+br11: Using generated persistent MAC address
+Could not set Alias=, MACAddress= or MTU= on br11: Operation not permitted
+br11: Could not apply link config, ignoring: Operation not permitted
Unload module index
Unloaded link configuration context.
ID_NET_DRIVER=bridge
Zbigniew Jędrzejewski-Szmek [Mon, 17 Jun 2019 11:38:40 +0000 (13:38 +0200)]
libsystemd-network: rename net_get_name() to net_get_name_persistent()
This reflect its role better.
(I didn't use …_persistent_name(), because which name is actually used
depends on the policy. So it's better not to make this sound like it returns
*the* persistent name.)
Zbigniew Jędrzejewski-Szmek [Mon, 17 Jun 2019 07:21:57 +0000 (09:21 +0200)]
man: clean up naming scheme description a bit
This is in preparation for later changes. Let's change the documentation of
net.naming-scheme= to also say that it applies to MAC addresses. This commit
doesn't actually implement that though.
Lennart Poettering [Mon, 17 Jun 2019 09:31:06 +0000 (11:31 +0200)]
sleep: properly pass verb to sleep script
Another fall-out from our rewriting of argv[] now.
Fixes: #12782
Evgeny Vereshchagin [Mon, 17 Jun 2019 10:49:07 +0000 (12:49 +0200)]
fuzzit: sort UBSan checks alphabetically
to make it easier to make sense of them
Yu Watanabe [Mon, 17 Jun 2019 01:22:54 +0000 (10:22 +0900)]
meson: fix error message
Yu Watanabe [Mon, 17 Jun 2019 01:19:50 +0000 (10:19 +0900)]
Merge pull request #12802 from irtimmer/fix-openssl
resolved: fix DNS-over-TLS when using OpenSSL
Evgeny Vereshchagin [Sat, 15 Jun 2019 21:12:24 +0000 (23:12 +0200)]
travis: turn on nonnull-attribute on Fuzzit
Iwan Timmer [Sat, 15 Jun 2019 20:05:00 +0000 (22:05 +0200)]
resolved: make no changes to OpenSSL BUF_MEM struct
Fix crash when using OpenSSL 1.1.1c
Fixes: #12763
Iwan Timmer [Sat, 15 Jun 2019 19:56:45 +0000 (21:56 +0200)]
Revert "resolved: Fix incorrect use of OpenSSL BUF_MEM"
This reverts commit
18bddeaaf225d5becfc10cd2c6a1d037c90574a2.
Revert this because it does not take the OpenSSL internal read pointer
into considoration. Resulting in padding in packetdata and therefore
broken SSL connections.
Zbigniew Jędrzejewski-Szmek [Sat, 15 Jun 2019 15:50:37 +0000 (17:50 +0200)]
Merge pull request #12753 from jrouleau/fix/hibernate-resume-timeout
hibernate-resume: fix resume device timeout
Yu Watanabe [Fri, 14 Jun 2019 00:42:51 +0000 (09:42 +0900)]
network: read link specific sysctl value
This introduce link_sysctl_ipv6_enabled() and replaces
manager_sysctl_ipv6_enabled() with it.
Zbigniew Jędrzejewski-Szmek [Sat, 15 Jun 2019 12:53:04 +0000 (14:53 +0200)]
Merge pull request #12796 from yuwata/test-network-use-wait-online
test-network: several cleanups
Zbigniew Jędrzejewski-Szmek [Sat, 15 Jun 2019 12:50:41 +0000 (14:50 +0200)]
Merge pull request #12794 from yuwata/network-configure-without-carrier
network: skip to check dynamic addresses when ConfigureWithoutCarrier=yes
Evgeny Vereshchagin [Sat, 15 Jun 2019 03:46:38 +0000 (06:46 +0300)]
Merge pull request #12761 from evverx/try-fuzzit
Turn on UBSan on Fuzzit
Evgeny Vereshchagin [Sat, 15 Jun 2019 00:07:17 +0000 (02:07 +0200)]
travis: add more ASan options
Evgeny Vereshchagin [Fri, 14 Jun 2019 23:16:07 +0000 (01:16 +0200)]
travis: clean up bash variables a bit
in preparation for adding more ASan options
Evgeny Vereshchagin [Fri, 14 Jun 2019 22:44:27 +0000 (00:44 +0200)]
travis: use UBSan checks from OSS-Fuzz
This should help to silence UBSan reports mentioned in
https://github.com/systemd/systemd/pull/12771#issuecomment-
502139157
for now.
Evgeny Vereshchagin [Fri, 14 Jun 2019 22:09:15 +0000 (00:09 +0200)]
travis: turn on UBSan on Fuzzit
Evgeny Vereshchagin [Fri, 14 Jun 2019 20:28:56 +0000 (23:28 +0300)]
Merge pull request #12799 from evverx/fuzzit-follow-up
travis: run Coverity after Fuzzit-Fuzzing
Evgeny Vereshchagin [Fri, 14 Jun 2019 19:47:31 +0000 (21:47 +0200)]
travis: add 5 more fuzz targets
Evgeny Vereshchagin [Fri, 14 Jun 2019 19:16:41 +0000 (21:16 +0200)]
travis: always run the "Build & test" stage first
Now that the other stages are explicitly listed in the "stages"
section, we should include "Built & test" there to make sure
it's run first.
Evgeny Vereshchagin [Fri, 14 Jun 2019 18:56:10 +0000 (20:56 +0200)]
travis: skip the Fuzzit-Sanity stage when it's run by cron
Evgeny Vereshchagin [Fri, 14 Jun 2019 18:42:19 +0000 (20:42 +0200)]
travis: run Coverity after Fuzzit-Fuzzing
Coverity is unpredictable and, according to a notification I received
yeserday, it will be upgraded on June 17. During the upgrade
it might be offline for 3 days, af far as I understand. Anyway, Travis
stops as soon as a stage fails so it makes sense to put stages that
are likely to fail at the end so that the others have a chance to
do what they are supposed to do.
https://community.synopsys.com/s/topic/0TO2H0000001CN7WAM/coverity-scan-status
Jeka Pats [Tue, 11 Jun 2019 06:25:45 +0000 (09:25 +0300)]
Continuous Fuzzing Integration with Fuzzit
includes two travis ci steps:
1) Every pull-request/push all fuzzing targets will do a quick
sanity run on the generated corpus and crashes (via Fuzzit)
2) On a daily basis the fuzzing targets will be compiled (from
master) and will and their respectible fuzzing job on Fuzzit
will be updated to the new binary.
Yu Watanabe [Fri, 14 Jun 2019 14:15:55 +0000 (23:15 +0900)]
NEWS: add more hint about MACAddressPolicy= change
C.f. https://bugzilla.suse.com/show_bug.cgi?id=1136600
Yu Watanabe [Fri, 14 Jun 2019 07:50:07 +0000 (16:50 +0900)]
test-network: drop redundant operstate checking
Yu Watanabe [Fri, 14 Jun 2019 07:49:39 +0000 (16:49 +0900)]
test-network: replace check_link_exists() with wait_online()
Yu Watanabe [Fri, 14 Jun 2019 07:47:06 +0000 (16:47 +0900)]
test-network: explicitly set sleep time
Yu Watanabe [Fri, 14 Jun 2019 07:45:50 +0000 (16:45 +0900)]
test-network: suppress error message in cleanup process
Yu Watanabe [Thu, 13 Jun 2019 20:25:00 +0000 (05:25 +0900)]
test-network: add test for ConfigureWithoutCarrier=
Yu Watanabe [Thu, 13 Jun 2019 20:16:11 +0000 (05:16 +0900)]
network: skip to check dynamic addresses when ConfigureWithoutCarrier=yes
Otherwise, the interface cannot be in "configured" state, as ipv6 link local
addressing is enabled by default. Note that even if ConfigureWithoutCarrier=
is set, all dynamic configurations are checked when the interface has
carrier.
Arian van Putten [Wed, 12 Jun 2019 17:18:04 +0000 (19:18 +0200)]
Document that gpt-auto-generator supports decrypting rootfs
When systemd is running in initrd, we actually support decrypting a LUKS rootfs.
Fixes #12786
Yu Watanabe [Thu, 13 Jun 2019 04:27:42 +0000 (13:27 +0900)]
networkctl: fix use of uninitialized value
Yu Watanabe [Wed, 12 Jun 2019 22:45:01 +0000 (07:45 +0900)]
Merge pull request #12777 from yuwata/libudev-enumerate-issue-12776
libudev: rescan devices when filter is updated
Frantisek Sumsal [Wed, 12 Jun 2019 17:52:48 +0000 (17:52 +0000)]
Merge pull request #12783 from keszybz/a-few-unrelated-fixes
A few unrelated fixes
Zbigniew Jędrzejewski-Szmek [Wed, 12 Jun 2019 15:24:22 +0000 (17:24 +0200)]
journal: also disable memory tricks when hashing under msan
Might help with #11738.
Zbigniew Jędrzejewski-Szmek [Wed, 12 Jun 2019 15:23:32 +0000 (17:23 +0200)]
test-bus-marshall: add a hopefully helpful comment
Zbigniew Jędrzejewski-Szmek [Tue, 11 Jun 2019 06:52:42 +0000 (08:52 +0200)]
zsh: add completion for systemctl preset-all
Zbigniew Jędrzejewski-Szmek [Fri, 7 Jun 2019 09:49:03 +0000 (11:49 +0200)]
system-update-generator: do not emit bogus warning if no /system-update symlink
We only need to check for the kernel cmdline override our symlink is there.
Yu Watanabe [Wed, 12 Jun 2019 06:15:06 +0000 (15:15 +0900)]
libudev: hide definition of struct udev_device
Yu Watanabe [Wed, 12 Jun 2019 02:10:52 +0000 (11:10 +0900)]
libudev: rescan devices when filter is updated
Fixes #12776.
Yu Watanabe [Wed, 12 Jun 2019 06:06:24 +0000 (15:06 +0900)]
libudev: re-implement libudev-list with LIST and hashmap
Yu Watanabe [Wed, 12 Jun 2019 04:03:19 +0000 (13:03 +0900)]
libudev: hide definition of struct udev_list from other libudev components
In the later commit, udev_list will be just a wrapper of hashmap or LIST.
So, allocating udev_list does not increase much cost.
Zbigniew Jędrzejewski-Szmek [Wed, 12 Jun 2019 12:28:09 +0000 (14:28 +0200)]
Merge pull request #12424 from poettering/logind-brightness
logind: add SetBrightness() bus call as minimal API for setting "leds" and "backlight" kernel class device brightness
Zbigniew Jędrzejewski-Szmek [Wed, 12 Jun 2019 12:20:32 +0000 (14:20 +0200)]
Merge pull request #12779 from pwithnall/minor-fixes
Minor fixes
Philip Withnall [Wed, 12 Jun 2019 07:24:45 +0000 (08:24 +0100)]
service: Fix typo in warning message
The directive is `RuntimeMaxSec=`, not `MaxRuntimeSec=`.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Philip Withnall [Wed, 12 Jun 2019 08:43:47 +0000 (09:43 +0100)]
pam_systemd: Fix some option names in error messages
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Philip Withnall [Wed, 12 Jun 2019 08:08:53 +0000 (09:08 +0100)]
man: Add missing <literal> tags in various man pages
A minor formatting improvement brought to you by the wonders of `git
grep`.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Philip Withnall [Wed, 12 Jun 2019 07:03:35 +0000 (08:03 +0100)]
man: Fix typo in sd_notify man page
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Yu Watanabe [Wed, 12 Jun 2019 03:30:05 +0000 (12:30 +0900)]
libudev: drop unused variable
Yu Watanabe [Wed, 12 Jun 2019 05:46:00 +0000 (14:46 +0900)]
Merge pull request #12774 from yuwata/network-ignore-ipv6-settings-when-sysctl-disable-ipv6
network: ignore ipv6 settings when sysctl disable ipv6
Tomas Mraz [Tue, 11 Jun 2019 13:10:21 +0000 (15:10 +0200)]
resolved: Fix incorrect use of OpenSSL BUF_MEM
Fixes: #12763
Yu Watanabe [Wed, 12 Jun 2019 02:01:32 +0000 (11:01 +0900)]
test-network: add more test cases when ipv6 is disabled
Yu Watanabe [Tue, 11 Jun 2019 14:33:22 +0000 (23:33 +0900)]
network: ignore requested ipv6 fdb entry when ipv6 is disabled by sysctl
Yu Watanabe [Tue, 11 Jun 2019 14:29:57 +0000 (23:29 +0900)]
network: ignore requested ipv6 routing policy rule when ipv6 is disabled by sysctl
Yu Watanabe [Tue, 11 Jun 2019 14:26:11 +0000 (23:26 +0900)]
network: ignore requested ipv6 route when ipv6 is disabled by sysctl
Yu Watanabe [Tue, 11 Jun 2019 14:20:56 +0000 (23:20 +0900)]
network: ignore requested ipv6 addresses when ipv6 is disabled by sysctl
Peter A. Bigot [Sun, 9 Jun 2019 17:15:09 +0000 (12:15 -0500)]
man: fix reference to sd_bus_add_fallback_vtable
Zbigniew Jędrzejewski-Szmek [Tue, 11 Jun 2019 07:52:26 +0000 (09:52 +0200)]
Merge pull request #12685 from yuwata/network-dhcp-assign-adn-remove-12676
network: assign new DHCP address before removing old lease address
Karel Zak [Mon, 10 Jun 2019 13:18:47 +0000 (15:18 +0200)]
systemd-mount: don't check for non-normalized WHAT for network FS
The WHAT string could be whatever for many filesystems. The common
example are network filesystems.
Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=1708996
Theo Ouzhinski [Sat, 8 Jun 2019 21:43:59 +0000 (17:43 -0400)]
man/systemd-veritysetup-generator: Fix grammar
Yu Watanabe [Fri, 7 Jun 2019 06:31:07 +0000 (15:31 +0900)]
network: assign new DHCP address before removing old lease address
Closes #12676.
Yu Watanabe [Fri, 7 Jun 2019 06:04:11 +0000 (15:04 +0900)]
network: ignore callback calls when link is in failed state
Yu Watanabe [Fri, 7 Jun 2019 05:28:09 +0000 (14:28 +0900)]
network: drop unnecessary link_enter_failed() calls
As the function called soon later anyway.
Yu Watanabe [Fri, 7 Jun 2019 05:22:13 +0000 (14:22 +0900)]
network: check earlier the existence of lifetime in lease
Yu Watanabe [Fri, 7 Jun 2019 05:18:55 +0000 (14:18 +0900)]
network: make all failures in route configuration fatal
Yu Watanabe [Fri, 7 Jun 2019 06:58:30 +0000 (15:58 +0900)]
Merge pull request #12756 from cdown/uninit
a couple of correctness fixups
Chris Down [Fri, 7 Jun 2019 05:28:10 +0000 (06:28 +0100)]
cgroup: Prevent theoretical nullptr deref in unit mask calculation
Chris Down [Fri, 7 Jun 2019 05:22:41 +0000 (06:22 +0100)]
systemctl: Prevent state_missing from being used uninit
Zbigniew Jędrzejewski-Szmek [Thu, 6 Jun 2019 16:53:20 +0000 (18:53 +0200)]
Merge pull request #12738 from yuwata/network-routing-policy-cleanup
network: several cleanups for routing policy rule
Zbigniew Jędrzejewski-Szmek [Thu, 6 Jun 2019 16:51:46 +0000 (18:51 +0200)]
Merge pull request #12511 from ssahani/high-avilability-12050
networkd: add new KeepConfiguration= setting
Yu Watanabe [Mon, 3 Jun 2019 04:21:13 +0000 (13:21 +0900)]
test-network: add tests for KeepConfiguration=
Yu Watanabe [Mon, 3 Jun 2019 06:37:25 +0000 (15:37 +0900)]
man: add documentation about KeepConfiguration
Yu Watanabe [Mon, 3 Jun 2019 03:33:13 +0000 (12:33 +0900)]
network: make KeepConfiguration=static drop DHCP addresses and routes
Also, KeepConfiguration=dhcp drops static foreign addresses and routes.
Yu Watanabe [Mon, 3 Jun 2019 17:05:26 +0000 (02:05 +0900)]
network: add KeepConfiguration=dhcp-on-stop
The option prevents to drop lease address on stop.
By setting this, we can safely restart networkd.
Susant Sahani [Mon, 3 Jun 2019 03:31:13 +0000 (12:31 +0900)]
networkd: add support to keep configuration
Yu Watanabe [Thu, 6 Jun 2019 13:23:09 +0000 (22:23 +0900)]
Merge pull request #12748 from keszybz/modernize-networkd-tests-style
Modernize networkd-tests.py style
Zbigniew Jędrzejewski-Szmek [Tue, 4 Jun 2019 08:41:46 +0000 (10:41 +0200)]
NEWS: add note about the CPUAffinity= changes
Yu Watanabe [Thu, 6 Jun 2019 12:31:19 +0000 (21:31 +0900)]
Merge pull request #12508 from keszybz/no-root-checks
Drop many root checks
Zbigniew Jędrzejewski-Szmek [Thu, 6 Jun 2019 12:08:01 +0000 (14:08 +0200)]
networkd-tests.py: properly escape pluses in regexps
Python warns that '\+' is an invalid escape. We need either '\\+' or r'\+'.
Zbigniew Jędrzejewski-Szmek [Wed, 5 Jun 2019 10:08:09 +0000 (12:08 +0200)]
networkd-tests.py: remove some java-style boilerplate
A class was used to put some utility functions under a namespace. But then this
namespace was inherited into classes, so the namespace split was undone. Let's
just define those functions in the module namespace.
(The Utilities class with a few functions still remain, because of the
unittest-style self.assert* craziness.)
Zbigniew Jędrzejewski-Szmek [Wed, 5 Jun 2019 10:03:01 +0000 (12:03 +0200)]
networkd-tests.py: use check_output() instead of unittests' assertEqual()
It's pretty much the same thing, but more in pytest style, without the
unittest boilerplate.
Zbigniew Jędrzejewski-Szmek [Wed, 5 Jun 2019 09:43:28 +0000 (11:43 +0200)]
networkd-tests.py: add helpers to common subprocess call patterns
For normal shell calls, python syntax is quite verbose. We don't need to punish
ourselves like that. In some places we would fork a shell to do argument splitting
for us. We know that our arguments can be safely split on whitespace, so let's do
that ourselves in all cases, without forking a shell.
We also expect command output to be valid text, so let's always set
universal_newlines=True.
This makes things shorter and easier to read. Development is also easier because
it's possible to paste many of the commands directly to/from a shell.
Zbigniew Jędrzejewski-Szmek [Wed, 5 Jun 2019 10:42:29 +0000 (12:42 +0200)]
networkd-tests.py: remove unused import
Jonathan Rouleau [Thu, 6 Jun 2019 00:59:05 +0000 (18:59 -0600)]
hibernate-resume: add resumeflags= kernel option
Adds the resumeflags= kernel command line option to allow setting a
custom device timeout for the resume device (defaults to the same as the
root device).
Jonathan Rouleau [Thu, 6 Jun 2019 00:31:14 +0000 (18:31 -0600)]
hibernate-resume: fix resume device timeout
Fixes #7242
Sets the systemd device timeout for the resume device to the same as
the root device. This prevents systemd-hibernate-resume@.service from
silently timing out and booting into a fresh session instead of the
saved hibernation state when the user is using luks, has set
rootflags=x-systemd.device-timeout=X to longer than the default timeout,
and the luks password is entered after the default timeout.
Yu Watanabe [Wed, 5 Jun 2019 15:42:05 +0000 (00:42 +0900)]
network: check stored object is euivalent to what we want to remove
When object A is stored in Manager::rules and B is in ::rules_foreign,
and compare function for the object cannot distinguish them,
then freeing A causes B to be removed from rules_foreign or vice versa.
Hopefully fixes #12731.
Michael Biebl [Wed, 5 Jun 2019 11:35:11 +0000 (13:35 +0200)]
Drop no longer needed halt-local.service.in
Follow-up for commit
44508946534eee032927c263b79464832656dd6e.
Zbigniew Jędrzejewski-Szmek [Wed, 5 Jun 2019 12:31:24 +0000 (14:31 +0200)]
Merge pull request #12744 from yuwata/test-network-stability-dhcp-tests
test-network: improve stability of DHCP client tests
Yu Watanabe [Tue, 4 Jun 2019 18:57:21 +0000 (03:57 +0900)]
test-network: do not directly compare two results of "ip address"
As it contains lifetime of the address.
Chris Down [Wed, 5 Jun 2019 09:02:00 +0000 (10:02 +0100)]
Merge pull request #11778 from anitazha/rfe_11654_dbus
core: add ExecStartXYZEx= with dbus support for executable prefixes