| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
DEFINE_PRIVATE_STRING_TABLE_LOOKUP_FROM_STRING_WITH_BOOLEAN()
|
| | |
|
| |
|
|
| |
Follow-up for #11484.
|
| |\
| |
| | |
Coverity inspired fixes
|
| | |
| |
| |
| | |
Coverity CID#1444703.
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
This use on %n was completely unnecessary: fprintf returns the number of
characters written. And the issue was that if fprintf failed for whatever
reason, it would not process the %n and m would be unitialized. Rework the
code a bit to simplify it.
Coverity CID#1444708.
|
| | |
| |
| |
| |
| |
| | |
Bug introduced in 4b5bc5396c090ee41c45cab9052372d296c4a2f4 :(
Coverity CID#1444709.
|
| | |
| |
| |
| | |
Coverity CID#1444710.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Coverity says:
CID 1446387 (#1 of 1): Bad bit shift operation (BAD_SHIFT)
8. negative_shift: In expression 1U << (int)cmd, shifting by a negative amount
has undefined behavior. The shift amount, cmd, is -22.
I don't think there's any issue, unless we forget to set token->data
appropriately. Let's add an assert.
|
| |\ \
| |/
|/| |
improve container detection
|
| | |
| |
| |
| | |
detect_container() is now able to detect if we're running in a cgroup namespace.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Docker doesn't set $container, so it cannot be detected that way. Instead, we
check for presence of /.dockerinit, which it creates. Podman does set
$container, but some Red Hat images (in particular, Fedora images) override
$container to equal "oci". So to correctly detect Podman containers, we check
for presence of /run/.containerenv, which is created by Podman and is now the
official way to get information about the container from within the container.
Fixes https://github.com/systemd/systemd/issues/15393
|
| |\ \
| | |
| | | |
sd-netlink seqnum fixes
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
An (imperfect) fix for #14760.
This makes collisions unlikely, but still theoretically possible.
Fixes: #14760
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Let's use uint32_t everywhere to maintain the seqno, since that's what
the kernel does. Prviously in the reply_callback logic we used 64bit,
for no apparent reason.
Using 32bit also provides us with the benefit that we can avoid using
uint64_hash_ops, and can use trivial_hash_ops instead for the reply
hashmap, so that we can store the seqno in the key pointer directly.
While we are at it, let's make sure we never run into serial collisions
internally (32bit is a lot, but not that much), and let's put a limit on
outstanding serials, to catch programming errors.
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Similar to DHCPv4's UseHostname option, add a UseFQDN config option in
[DHCPv6] to set the system's transient hostname if the FQDN option is
set in the DHCPv6 response from the server.
|
| |\ \ \
| |/ /
|/| | |
resolved: just the dnssec bypass logic
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Some folks argue that NOTIMP should only be returned if a specific QTYPE
is not supported. While I don#t think the RFCs are too clear about that,
let's use REFUSED instead, which appears to be a less controversial
choice of error code.
Prompted-by: #17218
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This substantially beefs up the local DNS stub feature set in order to
allow local clients to do DNSSEC validation through the stub.
Previously we'd return NOTIMP if we'd get a DO or DO+CD lookup. With
this change we'll instead:
1. If we get DO+CD requests (i.e. DNSSEC with no local checking) we'll
proxy DNS queries and response mostly unmodified to/from upstream DNS
servers if possible (this is called "bypass" mode). We will patch in
new request IDs, (and patch them back out on reply), so that we can
sanely keep track of things. We'll also maintain a minimal local
cache for such lookups, always keeping the whole DNS packets in it
(if we reply from cache we'll patch the TTLs of all included RRs).
2. If we get DO requests without CD (i.e. DNSSEC with local checking)
we'll resolve and validate locally. In this mode we will not proxy
packets, but generate our own. We will however cache the combination
of answer RRs (along with their packet section assignments) we got
back in the cache, and use this information to generate reply packets
from the DNS stub.
In both cases: if we determine a lookup is to be answered from LLMNR or
mDNS we'll always revert to non-DNSSEC, non-proxy operation as before.
Answers will lack the DO bit then, since the data cannot be validated
via DNSSEC by the clients.
To make this logic more debuggable, this also adds query flags for
turning off RR sources. i.e. cache/network/zone/trust anchor/local
synthesis may now be disabled individually for each lookup.
The cache is substantially updated to make all this work: in addition to
caching simple RRs for lookup RR keys, we'll now cache the whole packets
and the whole combination of RRs, so that we can answer DO and DO+CD
replies sensibly according to the rules described above. This sounds
wasteful, but given that the
DnsResourceRecord/DnsResourceKey/DnsAnswer/DnsPacket
objects are all ref-counted and we try to merge references the actual
additional memory used should be limited (but this might be something to
optimize further later on).
To implement classic RR key lookups and new-style packet proxy lookups
(i.e. the ones necessary for DO+CD packet proxying, as described above)
DnsTransaction and DnsQuery objects now always maintain either a
DnsResourceKey/DnsQuestion as lookup key or a DnsPacket for "bypass"
mode.
Fixes: #4621 #17218
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
successfully added
This is useful later when handling the truncation case: if we can't add
all RRs we'd like to add we need to set the TC bit, but still report the
number of RRs we added (and not the number of RRs we would have liked to
add) to the packet.
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Let's beef up our parser a bit: let's store in the DnsAnswerFlags field
(that is stored as part of DnsAnswerItem) which DNS packet section (i.e.
answer, authoritative, additional) an RR originates from.
This is useful when propagating answers from an upstream DNS server
eventually, as we can place the data in the right sections downstream
too.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
DNS_ANSWER_FOREACH_ITEM()
The more fields DnsAnswerItem gains the less sense it makes to pass
every field of it as separate parameter to an iterator macro. Let's
simplify things here, in preparation of adding more fields to the
structure later on: let's just return the structure itself in the loop,
rather than the individual fields.
|
| | | |
| | |
| | |
| | |
| | | |
Let's follow our own coding style an initialized return values on all
cases of "success".
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
transaction
This is a simple search&replace excercise: instead of accessing the
"key" field of the transaction directly, let's use a small inline helper
that does this for us.
This appears pointless for now, but this will become useful later when
we introduce "bypass" transactions, that reuse the original client DNS
packet for queries instead of synthesizing a packet of our own. In that
case transactions either have regular "key" field initialized as before,
or the "bypass" packet field instead. The new dns_transaction_key()
helper allows us to hide the differences for most cases as we can later
teach it to access the "bypass" packet's question key transparently.
No change in behaviour.
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
I don't think it's realistic to operate without /proc/. Hence, let's
make this explicit.
If one day someone finds a way to do what we need without /proc/ we can
certainly drop this check again, but for now I think it's a lot
friendlier to users to make this explicitly early on instead continuing
to run and then not do what we need to do, oftentimes failing in cryptic
ways.
After all, invoking the tool without /proc/ is not an error that was
specific to some of the lines we process, but it's systematic error that
will show its ugly face in many codepaths down the line.
Fixes: #14745
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Whenever a unit deactivates sucessfully we so far generated a message
"unit xyz: succeeded". This is a bit confusing, since various unit types
cannot really "succeed", e.g. a device unit can't really "suceed", not
can a swap unit. In particular in the latter case people would probably
assume that a swap unit that "suceeded" would actually mean a swap was
active now, but the opposite is actually true.
Let's improve this by saying "Deactivated successfully", which hopefully
clears this up.
(I thought about saying "terminated" or "completed" or "finished" or so
instead, but that too doesn#t make sense if you think about unit types
like swaps or devices.)
|
| |\ \ \
| | | |
| | | | |
portable: add 'reattach' verb and DBUS interface
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Add 'reattach' verb to portablectl, and corresponding DBUS interface
to systemd-portabled.
Takes the same parameters as 'attach', but it will do a 'detach' (and
it will refuse to proceed if it cannot be done) first, matching on
the unversioned prefix of the new image. Eg:
portablectl reattach /tmp/foo_2.raw
will cause foo_1.raw to be detached, and foo_2.raw to be attached.
The key difference with a manual 'detach old' plus 'attach new' is that
the running units are not disturbed until after the attach completed,
and if --now is passed they are then restarted.
A 'detach' is not allowed normally if the units are running.
By using a restart-after-deploy method, 'reattach' allows for minimal
interruption of service and also for features that only work on restart
(eg: file descriptor store) to work as intended.
The DBUS interface returns two lists: first the removals from the detach
that were not immediately re-added in the attach, so that the caller
can stop the relevant units, and then the list of additions that are
either new or updates, so that the caller can restart/enable the
relevant units. portablectl already implements this with the existing
--now/--enable switches.
|
| | | |/
| |/| |
|
| |/ / |
|
| |\ \
| | |
| | | |
dynamic uid/gid reference handling simplifications
|
| | | |
| | |
| | |
| | | |
It should match what we do for manager_ref_uid() and in the .c file.
|
