summaryrefslogtreecommitdiffstats
path: root/src/network (unfollow)
Commit message (Collapse)AuthorFilesLines
2024-11-14network/netdev: enter ready state only when it is created by usYu Watanabe1-18/+19
Follow-up for PR #34909. This fixes an issue that network interfaces cannot join a master netdev, like bond or bridge, when the corresponding .netdev is reloaded. With PR #34909, networkd supports reloading .netdev files. However, When a .netdev file is modified and reloaded, ifindex is copied from the old NetDev object to the new one. Thus, even if the interface is successfully updated, netdev_set_ifindex_impl() will return 0 and netdev_enter_ready() will never called. If the netdev is a kind of master netdev, then port interfaces cannot join the master netdev, as REQUEST_TYPE_SET_LINK_MASTER requires that the master netdev is in the ready state.
2024-11-14network/netdev: do not update MAC address if netdev is already runningYu Watanabe8-7/+74
Follow-up for 17c5337f7b2993619d84acc2088b2ba1789e6477. Older kernels (older than v6.5) refuse RTM_NEWLINK messages with IFLA_ADDRESS attribute when the netdev already exists and is running, even if the MAC address is unchanged. So, let's not set IFLA_ADDRESS or IFLA_MTU if they are unchanged, and set the attributes only when we can update them.
2024-11-14network/netdev: set interface name only when creating a new netdevYu Watanabe1-3/+8
Otherwise, the kernel older than v6.2 will refuse the netlink message.
2024-11-13namespace-util: pin pid via pidfd during namespace_open()Lennart Poettering1-4/+6
2024-11-13ptyfwd: ellipsize overly long window titlesLennart Poettering1-4/+20
Apparently some terminal emulators have problems with overly long titles, hence truncate them at some safe length (128). Also, when parsing ANSI sequences ourselves accept longer sequences (192), after all we should be fine when parsing our own title sequences. Fixes: #35104
2024-11-13various: check meson feature flag earlyMike Yuan20-132/+149
Prompted by https://github.com/systemd/systemd/pull/35110#discussion_r1835885340
2024-11-12pe: use PE_SECTION_VECTOR_IS_SET() macro where appropriateLennart Poettering1-2/+2
2024-11-12pe: remove unnecessary log message about DT/HWIDLennart Poettering1-2/+1
Fixes: #35100
2024-11-12efi: don't log if EFI RNG isn't readyLennart Poettering2-1/+5
Apparently this happens IRL on some systems, let's handle this gracefully and don't log. Fixes: #35033
2024-11-12run0: when changing privileges to non-root, do not show superhero emojiLennart Poettering4-2/+6
Let's show an idcard logo instead, to indicate that we changed ids.
2024-11-12dbus-manager: add missing word 'unit' to PK messageLennart Poettering1-1/+1
2024-11-12process-util: more gracefully handle oom adjust parsing/settingLennart Poettering1-2/+10
Who knows what kind of mount shenanigans people employ, let's gracefully handle parse failures of proc files, like we alway do otherwsie.
2024-11-12audit-util: modernize use_audit() a bitLennart Poettering1-27/+26
Use ERRNO_IS_xyz() macros where appropriate. Also, reduce indentation a bit by inverted early check. And log in more error codepaths.
2024-11-12audit-util: return -ENODATA from audit_{session|loginuid}_from_pid() if ↵Lennart Poettering8-34/+96
invoked in a container The auditing subsystem is still not virtualized for containers, hence the two values don't really make sense inside them, they will just leak information from outside into the container. Hence don't make use of the data if we detect we are run inside of a container. This has visible effects: logind will no longer try to reuse the auditing session ids as its own session ids when run inside a container. While are at it, modernize the calls in more ways: 1. switch to pidref behaviour, all but one of our uses are using pidref anyway already. 2. use read_virtual_file() + proc_mounted() 3. reasonable distinguish ENOENT errors when reading the process proc files: distinguish the case where /proc is not mounted, from the case where the process is already gone, from where auditing is not enabled in the kernel build.
2024-11-12mkosi: ruff is not available on all distrosDavide Cavalca4-1/+10
Refactor to only install ruff where it is available
2024-11-12TODO: Fix typo (#35138)Maanya Goenka1-1/+1
Replace confex with confext
2024-11-12nspawn: fix indentation of run_container() parameter listLennart Poettering1-9/+9
2024-11-12mntwork: shorten codeLennart Poettering1-5/+1
2024-11-12dissect-image: remove dead codeLennart Poettering1-4/+0
2024-11-12mountfsd: drop unused variableLennart Poettering1-5/+0
2024-11-12sbsign: remove unused --no-pager optionAntonio Alvarez Feijoo2-9/+0
2024-11-12mkosi: Install tpm2-tss-devel to tools for CentOS and Fedora instead of ↵Davide Cavalca1-1/+1
tss2-devel tss2-devel is the IBM TPM stack, we want the Intel TPM stack, so let's use the correct package.
2024-11-12test-network: several cleanupsYu Watanabe1-46/+43
- fix verifiers in test_router_preference() to make them actually check if unnecessary routes are removed, - stop radv in test_ndisc_vs_static_route() before checking if the static route is preserved even when the router sends a RA with zero lifetime, - make verifiers in NetworkdIPv6PrefixTests stricter.
2024-11-12network/ndisc: restore the original preference and priority before checking ↵Yu Watanabe1-0/+9
if existing route can be updated Follow-up for 972f1d17ab461a51142a142609dd3ec50bae8440. This fixes the logic of removing unnecessary routes configured by the previously received RAs. Previously, we wrongly handled existing routes could be updated, and unexpected routes would be kept.
2024-11-12network/ndisc: introduce ndisc_route_prepare() and ndisc_router_route_prepare()Yu Watanabe1-16/+46
These applies common parameters to the route to be requested or removed. No functional change, just refactoring and preparation for later commits.
2024-11-12network/ndisc: several cleanups for ndisc_remove_route()Yu Watanabe1-10/+4
- drop unnecessary call of ndisc_set_route_priority() at the beginning, as it is called later in the loop below, - use RET_GATHER() and remove all possible routes even if failed.
2024-11-12network/ndisc: introduce route_is_bound_to_link() helper function and use it ↵Yu Watanabe3-4/+17
where applicable No functional change, and preparation for later commits.
2024-11-12man/systemd-keyutil: fix rendering typoAntonio Alvarez Feijoo1-1/+1
2024-11-11man/systemd.special: fix a typoŠtěpán Němec1-1/+1
2024-11-11man: fix incorrect volume numbers in internal man page referencesŠtěpán Němec27-50/+50
Some ambiguity (e.g., same-named man pages in multiple volumes) makes it impossible to fully automate this, but the following Python snippet (run inside the man/ directory of the systemd repo) helped to generate the sed command lines (which were subsequently manually reviewed, run and the false positives reverted): from pathlib import Path import lxml from lxml import etree as ET man2vol: dict[str, str] = {} man2citerefs: dict[str, list] = {} for file in Path(".").glob("*.xml"): tree = ET.parse(file, lxml.etree.XMLParser(recover=True)) meta = tree.find("refmeta") if meta is not None: title = meta.findtext("refentrytitle") if title is not None: vol = meta.findtext("manvolnum") if vol is not None: man2vol[title] = vol citerefs = list(tree.iter("citerefentry")) if citerefs: man2citerefs[title] = citerefs for man, refs in man2citerefs.items(): for ref in refs: title = ref.findtext("refentrytitle") if title is not None: has = ref.findtext("manvolnum") try: should_have = man2vol[title] except KeyError: # Non-systemd man page reference? Ignore. continue if has != should_have: print( f"sed -i '\\|<citerefentry><refentrytitle>{title}" f"</refentrytitle><manvolnum>{has}</manvolnum>" f"</citerefentry>|s|<manvolnum>{has}</manvolnum>|" f"<manvolnum>{should_have}</manvolnum>|' {man}.xml" )
2024-11-11test-network: add test case for issue #35047Yu Watanabe4-0/+60
2024-11-11network/nexthop: also forget IPv4 nexthops when an interface went downYu Watanabe3-0/+57
Similar to the previous commit, but for nexthop.
2024-11-11network/route: forget IPv4 non-local routes when an interface went downYu Watanabe3-0/+35
When an interface went down, IPv4 non-local routes are removed by the kernel without any notifications. Let's forget the routes in that case. Fixes #35047.
2024-11-11network/nexthop: forget dependent routes without trying to removeYu Watanabe3-12/+16
When a nexthop is removed, routes depend on the removed nexthop are already removed. It is not necessary to remove them, as already commented. Let's forget them without trying to remove.
2024-11-11network/nexthop: do not remove depending nexthops when a nexthop is removedYu Watanabe2-16/+13
Previously, when a nexthop is removed, depending nexthops were removed, but that's not necessary, as the kernel keeps them, at least with v6.11.
2024-11-11network/route: update reference of the route from nexthopYu Watanabe1-0/+2
Follow-up for 6f09031e4d04727cc72164fefcbc763e37556493. The function has been introduced by the commit, but it has never been used...
2024-11-11po: Translated using Weblate (Portuguese (Brazil))Gabriel Elyas1-7/+4
Currently translated at 96.1% (247 of 257 strings) Co-authored-by: Gabriel Elyas <gabrielelyas@protonmail.com> Translate-URL: https://translate.fedoraproject.org/projects/systemd/main/pt_BR/ Translation: systemd/main
2024-11-11Rename src/partition to src/repartZbigniew Jędrzejewski-Szmek12-9/+9
2024-11-11network: make 'networkctl reconfigure' work safely even when ↵Yu Watanabe7-57/+99
KeepConfiguration=dhcp or yes Previously, even if KeepConfiguration=dhcp or yes is specified in the new .network file, dynamic configurations like DHCP address and routes were dropped when 'networkctl reconfigure INTERFACE' is invoked. If the setting is specified, let's gracefully handle the dynamic configurations. Then, 'networkctl reconfigure' can be also used for an interface that has critical connections.
2024-11-11network: drop static configs laterYu Watanabe1-7/+0
Follow-up for dd6d53a8dc58c5e6e310b09ba7f7a22600a87ba9. Unnecessary static configs will be anyway dropped later in link_configure() -> link_drop_unmanaged_config(). Hence, even if we are reconfiguring an interface cleanly, it is not necessary to drop static configs here.
2024-11-11network/dhcp-pd: do not remove unreachable route when reconfiguring ↵Yu Watanabe4-23/+62
non-upstream interface Unreachable routes are not owned by any interfaces, and its ifindex is zero. Previously, if a non-upstream interface is reconfigured, all routes including unreachable routes configured by the upstream interface are removed. This makes unreachable routes are always handled by the upstream interface, and only removed when the delegated prefixes are changed or lost.
2024-11-11network: reorder dropping dynamic configurationYu Watanabe1-2/+2
Follow-up for 451c2baf30f50b95d73e648058c7c2348dbf0c31.
2024-11-11test-network: reconfigure interface cleanly to drop previous DHCP lease and ↵Yu Watanabe1-6/+12
friends Follow-up for 451c2baf30f50b95d73e648058c7c2348dbf0c31. With the commits, reloading .network files does not release previously acquired DHCP lease and friends if possible. On graceful reconfigure triggered by the reload, the interface may acquire a new DHCPv4 lease earlier than DHCPv6 lease. In that case, the check will fail as it is done with the new DHCPv4 lease and old DHCPv6 lease, which does not contain any IPv6 DNS servers or so. So, when switching from no -> yes, we need to wait a new lease with DNS servers or so. To achieve that, we need to clean reconfigure the interface.
2024-11-11network: reset 'configured' flags even if we keep DHCP lease and friends on ↵Yu Watanabe2-1/+9
reconfigure Follow-up for 451c2baf30f50b95d73e648058c7c2348dbf0c31. With the commits, reloading .network files does not release previously acquired DHCP lease and friends if possible. If previously a DHCP client was configured as not requesting DNS servers or so, then the previously acquired lease might not contain any DNS servers. In that case, if the new .network file enables UseDNS=, then the interface should enter the configured state after a new lease is acquired. To achieve that, we need to reset the flags. With this change, the workaround applied to the test by the commit 451c2baf30f50b95d73e648058c7c2348dbf0c31 can be dropped.
2024-11-11network: drop unnecessary size specifierYu Watanabe1-1/+1
It does not save any memory usage but increase code complexity.
2024-11-11netwrok: call link_drop_unmanaged_config() earlier in link_configure()Yu Watanabe1-4/+4
Otherwise, even if a link enters the configuring state at the beginning of link_configure(), link_check_ready() may be called before link_drop_unmanaged_config() is called, and the link may enter the configured state. Fixes #35092.
2024-11-10Move growfs+makefs to src/growfs/Zbigniew Jędrzejewski-Szmek5-8/+13
Those two programs are used together and it makes sense to keep them together. makefs is smaller, so name the directory after growfs.
2024-11-10login: fix session_kill(..., KILL_LEADER,...) (#35105)12paper1-3/+13
`loginctl kill-session --kill-whom=leader <N>` (or the D-Bus equivalent) doesn't work because logind ends up calling `KillUnit(..., "main", ...)` on a scope unit and these don't have a `MainPID` property. Here, I just make it send a signal to the `Leader` directly.
2024-11-09ukify: Fix broken assert when building a signed addonValentin David1-2/+1
An assert always expected a kernel when signature key was present in command line. That prevented building signed addons. Fixes #35041
2024-11-09po: Translated using Weblate (German)Weblate Translation Memory1-6/+7
Currently translated at 93.7% (241 of 257 strings) Co-authored-by: Weblate Translation Memory <noreply-mt-weblate-translation-memory@weblate.org> Translate-URL: https://translate.fedoraproject.org/projects/systemd/main/de/ Translation: systemd/main