summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* sd-dhcp-client: do not call callback with SD_DHCP_CLIENT_EVENT_STOP if ↵Yu Watanabe2024-08-211-8/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | already stopped When an interface enters the failed state, even if the DHCP client is stopped, the acquired DHCP lease is not unreferenced, as the callback dhcp4_handler() do nothing in that case. When the failed interface is being reconfigured after that, the DHCP client is stopped again (though it is already stopped), and SD_DHCP_CLIENT_EVENT_STOP event is triggered and sd_dhcp_client_send_release() is called, and the assertion in the function is triggered. E.g. === systemd-networkd[98588]: wlp59s0: DHCPv4 address 192.168.86.250/24, gateway 192.168.86.1 acquired from 192.168.86.1 systemd-networkd[98588]: wlp59s0: Could not set DHCPv4 route: Nexthop has invalid gateway. Network is unreachable systemd-networkd[98588]: wlp59s0: Failed systemd-networkd[98588]: wlp59s0: State changed: configuring -> failed systemd-networkd[98588]: wlp59s0: The interface entered the failed state frequently, refusing to reconfigure it automatically. systemd-networkd[98588]: wlp59s0: DHCPv4 client: STOPPED systemd-networkd[98588]: wlp59s0: DHCPv4 client: State changed: bound -> stopped systemd-networkd[98588]: Got message type=method_call sender=:1.449 destination=org.freedesktop.network1 path=/org/freedesktop/network1 interface=org.freedesktop.network1.Manager member=ReconfigureLink ... systemd-networkd[98588]: wlp59s0: State changed: failed -> initialized systemd-networkd[98588]: wlp59s0: found matching network '/etc/systemd/network/50-wifi.network'. systemd-networkd[98588]: wlp59s0: Configuring with /etc/systemd/network/50-wifi.network. systemd-networkd[98588]: wlp59s0: DHCPv4 client: STOPPED systemd-networkd[98588]: Assertion 'sd_dhcp_client_is_running(client)' failed at src/libsystemd-network/sd-dhcp-client.c:2197, function sd_dhcp_client_send_release(). Aborting. ===
* network: log and enter failed state in link_reconfigure()Yu Watanabe2024-08-213-32/+23
| | | | No functional change, just refactoring.
* network: enter initialized state when the interface will be reconfiguredYu Watanabe2024-08-212-1/+6
| | | | | | | | | When the interface is in the failed state, link_getlink_handler_internal() will do nothing and return zero, thus the interface will not be reconfigured, especially when the reconfiguration is triggered in link_enter_failed(). Follow-up for c2eb7753dd47ec04ae0d66400e70bc87fbf1adcc.
* network: introduce reconfigure_data_free() and _freep()Yu Watanabe2024-08-211-17/+25
| | | | No functional change, just refactoring.
* Merge pull request #34018 from yuwata/network-address-labelYu Watanabe2024-08-2013-35/+269
|\ | | | | network: allow to configure IPv6 address label in networkd.conf
| * network/address-label: allow to configure IPv6 address label in networkd.confYu Watanabe2024-08-2010-25/+203
| | | | | | | | Closes #23159.
| * network/queue: introduce manager_queue_request_full()Yu Watanabe2024-08-202-0/+29
| | | | | | | | Currently it is not used, but will be used later.
| * network/address-label: split out address_label_fill_message()Yu Watanabe2024-08-201-9/+18
| | | | | | | | | | No functional change, just refactoring and preparation for later commits.
| * network/address-label: several cleanups for conf parsersYu Watanabe2024-08-201-5/+15
| | | | | | | | | | | | | | - Check userdata, instead of data, though they point to the same position. - Support an empty string. - Use UINT32_MAX, as the label is uint32_t.
| * network/address-label: introduce custom hash_opsYu Watanabe2024-08-202-2/+10
| | | | | | | | No functional change, just refactoring.
* | process-util: handle pidfd_spawn() returning E2BIGKornilios Kourtis2024-08-201-5/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In some kernels (specifically, 5.4) even though the clone3 syscall is supported, setting CLONE_INTO_CGROUP is not. The error message returned in this case is E2BIG. If posix_spawn_wrapper encounters this error, it does not retry, and cannot spawn any programs in said kernels. This commit adds a check for the E2BIG error and retries pidfd_spawn() without the POSIX_SPAWN_SETCGROUP flag. If we encounter an E2BIG error, and the pidfd_spawn() succeeds after removing the POSIX_SPAWN_SETCGROUP flag, then we cache the result so that we do not retry every time. Originally, this issue was reported in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077204. Signed-off-by: Kornilios Kourtis <kornilios@gmail.com>
* | tests: Don't override QemuKvm= value if TEST_NO_KVM=0Daan De Meyer2024-08-201-1/+1
|/ | | | | Let's disable KVM if TEST_NO_KVM=1 is set but let's not specify anything if it's not set so the QemuKvm= setting from mkosi.conf is used.
* shared: invoke agents only when we have a controlling TTYLennart Poettering2024-08-202-0/+16
| | | | | | | | being connected to a TTY is not really enough to determine interactivity in many cases. Let's also check if we have a controlling TTY. Inspired by #34016
* Merge pull request #34044 from poettering/isatty-fixesYu Watanabe2024-08-2021-37/+47
|\ | | | | fixes around isatty() handling
| * tree-wide: use isatty_safe() moreLennart Poettering2024-08-2019-32/+36
| |
| * terminal-util: don't assume errno is correctly set when using isatty_safe()Lennart Poettering2024-08-203-5/+5
| | | | | | | | | | | | | | | | | | let's instead generate ENOTTY on our own. This is more correct with out coding style (since we generally do not propagate errors via errno), and also addresses #34039 as side effect. (#34039 really needs to be fixed in musl though, too, this is just a work-around as side-effect). Fixes: #34039
| * terminal-util: fix isatty_safe() on hung-up TTYsLennart Poettering2024-08-201-0/+6
| | | | | | | | | | | | | | | | | | | | glibc returs EIO on ttys that are hung up. That's not really correct, POSIX seems to disagree. Work around this in our code, and turn this into a clean "1", since a hung up tty doesn't stop being a tty just because it is hung up. Background: https://github.com/systemd/systemd/pull/34039
* | man: fix ID_NET_LABEL_ONBOARD= documentationLennart Poettering2024-08-201-4/+2
| | | | | | | | | | We do not prefix the field with anything, since 8c053c83ae3c18342c4faaa0043d787884056614.
* | Merge pull request #34009 from yuwata/network-resolve-polkitLuca Boccassi2024-08-2022-239/+466
|\ \ | | | | | | network,resolve: support interactive authentication
| * | run: also enable interactive authentication on opening ptyYu Watanabe2024-08-191-2/+4
| | |
| * | run: use sd_bus_set_allow_interactive_authorization()Yu Watanabe2024-08-191-12/+2
| | |
| * | mount: use sd_bus_set_allow_interactive_authorization()Yu Watanabe2024-08-191-12/+2
| | |
| * | timedatectl: drop unnecessary temporal variablesYu Watanabe2024-08-191-3/+2
| | | | | | | | | | | | Also drop unnecessary spaces.
| * | tree-wide: voidify polkit_agent_open_if_enabled()Yu Watanabe2024-08-199-42/+42
| | |
| * | timedatectl: enable interactive authentication for DBus methodsYu Watanabe2024-08-191-0/+2
| | |
| * | resolve: inherit server userdataYu Watanabe2024-08-191-24/+8
| | | | | | | | | | | | No functional change, just refactoring.
| * | resolve: support polkit authentication for io.systemd.Resolve.MonitorYu Watanabe2024-08-194-18/+138
| | | | | | | | | | | | | | | Then, non-privilege user can call e.g. 'resolvectl monitor' with authentication.
| * | sd-varlink: allow to dispatch method again on pending-method-more stateYu Watanabe2024-08-191-1/+1
| | | | | | | | | | | | | | | Otherwise, polkit authentication does not work for methods that require the MORE flag.
| * | resolvectl: acquire DBus connection only when necessaryYu Watanabe2024-08-191-51/+130
| | | | | | | | | | | | | | | When e.g. `resolvectl monitor` is called, it is not necessary to acquire DBus connection.
| * | resolvectl: several coding style cleanupsYu Watanabe2024-08-191-68/+57
| | | | | | | | | | | | Use RET_GATHER(), FOREACH_ARRAY(), and strv_skip().
| * | resolvectl: introduce --no-ask-password optionYu Watanabe2024-08-194-1/+20
| | |
| * | resolvectl: enable interactive authentication for dbus method callYu Watanabe2024-08-191-0/+23
| | | | | | | | | | | | | | | Even the server side supports polkit authentication, previously the client side did not support polkit authentication.
| * | networkctl: introduce --no-ask-password optionYu Watanabe2024-08-194-15/+33
| | |
| * | networkctl: enable interactive authentication for dbus method callYu Watanabe2024-08-192-0/+12
| | | | | | | | | | | | | | | Previously, e.g. 'networkctl reload' did not ask password through polkit.
* | | Merge pull request #34014 from yuwata/network-ip-masqueradeLuca Boccassi2024-08-209-19/+193
|\ \ \ | | | | | | | | network: make IPMasquerade= imply global IP forwarding settings again
| * | | test: add test case that 'nspawn --network-veth' enables IP forwardingYu Watanabe2024-08-163-2/+67
| | | |
| * | | test: allow to skip matrix_run_one() if $TEST_MATCH_TESTCASE is setYu Watanabe2024-08-161-7/+11
| | | |
| * | | network: make IPMasquerade= imply global IP forwarding settings againYu Watanabe2024-08-163-10/+83
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | After 3976c430927e1bfefa0413f80ebac84ab9a64350 (#31423), IPMasquerade= implies only per-interface IP forwarding. That means, nspawn users need to manually enable IPv4/IPv6Forwarding= in networkd.conf when --network-veth or friend is used. Even the change was announced in NEWS, the change itself breaks backward compatibility and extremely reduces usability. Let's make the setting imply the global setting again. Fixes #34010.
| * | | network/lldp-tx: introduce link_lldp_tx_update_capabilities()Yu Watanabe2024-08-162-0/+31
| | | | | | | | | | | | | | | | Currently it is unused, but it will be used later.
| * | | sd-lldp-tx: insert missing empty lineYu Watanabe2024-08-161-0/+1
| | | |
* | | | Merge pull request #34021 from yuwata/network-routing-policy-ruleLuca Boccassi2024-08-206-198/+210
|\ \ \ \ | | | | | | | | | | network/routing-policy-rule: several cleanups
| * | | | network/routing-policy-rule: drop unused argumentYu Watanabe2024-08-191-5/+3
| | | | |
| * | | | network/routing-policy-rule: introduce ref and unref functions for ↵Yu Watanabe2024-08-193-43/+81
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | RoutingPolicyRule No functional change, just refactoring and preparation for later change.
| * | | | network/routing-policy-rule: manage all flagsYu Watanabe2024-08-193-11/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, only FIB_RULE_INVERT flag can be configurable, but for simplicity and future extension, let's manage all flags. No functional change, just refactoring.
| * | | | network/routing-policy-rule: use int32_t for suppress_prefixlenYu Watanabe2024-08-193-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The kernel parses FRA_SUPPRESS_PREFIXLEN as uint32_t, but internally handled as signed integer and negative values as unset. Let's explicitly specify the size of the variable. No functional change, just refactoring.
| * | | | network/routing-policy-rule: reorder elements of RoutingPolicyRule and add ↵Yu Watanabe2024-08-191-28/+27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | comments No functional change, just refactoring.
| * | | | network/routing-policy-rule: update hash and compare function for fib ruleYu Watanabe2024-08-191-109/+90
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Let's manage fib rules with the logic used by the kernel. Should not change any behavior.
* | | | | resolved: demote the global unicast scopeRonan Pigott2024-08-202-2/+6
| |_|_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This will greatly reduce the number of cases where the global unicast scope overlaps with link scopes configured as default-route, making it feasible to use the global DNS setting in conjunction with per-link dns servers configured by the network. This change is preferred over demoting links to default-route=no where the user prefers to use the network provided DNS servers, and I expect it is non-disruptive in that it should not degrade the efficacy of any existing configuration.
* | | | test-network: make kernel send NA with router flagYu Watanabe2024-08-201-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If the router interface send NA without router flag, client interface will drop SLAAC addresses. To make the router interface send NA with router flag, IPv6 forwarding needs to be enabled. === client: NDISC: Received Neighbor Advertisement from fe80::1034:56ff:fe78:9a99: Router=no, Solicited=yes, Override=no client: NDISC: Invoking callback for 'neighbor' event. client: Removing NDisc route (configured): dst: 2002:da8:1:99::/64, src: n/a, gw: n/a, prefsrc: n/a, table: main(254), priority: 1024, proto: ra, scope: global, type: unicast, flags: n/a client: Removing NDisc route (configured): dst: n/a, src: n/a, gw: fe80::1034:56ff:fe78:9a99, prefsrc: n/a, table: main(254), priority: 1024, proto: ra, scope: global, type: unicast, flags: n/a client: Removing NDisc address (configured): 2002:da8:1:99:1034:56ff:fe78:9a00/64 (valid for 23h 59min 58s, preferred for 3h 59min 58s), flags: manage-temporary-address,no-prefixroute, scope: global ===
* | | | namespace: Fix extension release memory leakmaia x.2024-08-201-8/+14
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | In apply_one_mount(), in the MOUNT_EXTENSION_DIRECTORY case, char **extension_release was used as a return pointer twice but only cleaned up once in the end. Fix it by removing duplicate code that was causing this issue. Fixes issue introduced in 55ea4ef096543d2bceea9315868d5aca945d7a57.
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-05 01:33:02 +0100