network: take explicit ownership of our own interfaces

This is a follow-up for #30786 and uses it to assign
ID_NET_MANAGED_BY=io.systemd.Network to all all network interfaces that
we consider ours to manage. This should hopefully have the effect that
other well-behaving managers won't fight for these devices.

This doesn't bother with network interfaces we match inside containers,
since udev is not available there anyway.

diff --git a/network/80-6rd-tunnel.link b/network/80-6rd-tunnel.link
new file mode 100644 (file)
index 0000000..eaaeb15
--- /dev/null
+++ b/network/80-6rd-tunnel.link
@@ -0,0 +1,24 @@
+# SPDX-License-Identifier: MIT-0
+#
+# This config file is installed as part of systemd.
+# It may be freely copied and edited (following the MIT No Attribution license).
+#
+# To make local modifications, one of the following methods may be used:
+# 1. add a drop-in file that extends this file by creating the
+#    /etc/systemd/network/80-6rd-tunnel.link.d/ directory and creating a
+#    new .conf file there.
+# 2. copy this file into /etc/systemd/network/ or one of the other paths checked
+#    by systemd-udevd and edit it there.
+# This file should not be edited in place, because it'll be overwritten on upgrades.
+
+# This .link file matches 6rd-* SIT devices and marks them as managed by
+# systemd-networkd.
+
+[Match]
+Kind=sit
+Name=6rd-*
+
+[Network]
+NamePolicy=keep
+MACAddressPolicy=persistent
+Property=ID_NET_MANAGED_BY=io.systemd.Network

diff --git a/network/80-6rd-tunnel.network b/network/80-6rd-tunnel.network
index 5374ec5b073a18a913f1b163c85801ab9bd930ad..96bf526f76585e47145444c676851ee473ce1a0b 100644 (file)
--- a/network/80-6rd-tunnel.network
+++ b/network/80-6rd-tunnel.network
@@ -7,11 +7,11 @@
 # 1. add a drop-in file that extends this file by creating the
 #    /etc/systemd/network/80-6rd-tunnel.network.d/ directory and creating a
 #    new .conf file there.
-# 2. copy this file into /etc/systemd/network or one of the other paths checked
+# 2. copy this file into /etc/systemd/network/ or one of the other paths checked
 #    by systemd-networkd and edit it there.
 # This file should not be edited in place, because it'll be overwritten on upgrades.
 
-# This network file matches 6rd-* SIT devices which is automatically created by
+# This .network file matches 6rd-* SIT devices which is automatically created by
 # systemd-networkd when DHCPv4 6RD option is received.
 
 [Match]

diff --git a/network/80-container-vb.link b/network/80-container-vb.link
new file mode 100644 (file)
index 0000000..9e934b8
--- /dev/null
+++ b/network/80-container-vb.link
@@ -0,0 +1,24 @@
+# SPDX-License-Identifier: MIT-0
+#
+# This config file is installed as part of systemd.
+# It may be freely copied and edited (following the MIT No Attribution license).
+#
+# To make local modifications, one of the following methods may be used:
+# 1. add a drop-in file that extends this file by creating the
+#    /etc/systemd/network/80-container-vb.link.d/ directory and creating a
+#    new .conf file there.
+# 2. copy this file into /etc/systemd/network/ or one of the other paths checked
+#    by systemd-udevd and edit it there.
+# This file should not be edited in place, because it'll be overwritten on upgrades.
+
+# This .link file matches the host-side of the virtual Ethernet link created
+# by systemd-nspawn's --network-veth switch with --network-bridge= or
+# --network-zone= switch. See systemd-nspawn(1) for details.
+
+[Match]
+Kind=veth
+Name=vb-*
+
+[Link]
+NamePolicy=keep
+Property=ID_NET_MANAGED_BY=io.systemd.Network

diff --git a/network/80-container-vb.network b/network/80-container-vb.network
index 806f834e18834d7d1f50f66d78a4b0072092574a..6d5ea41795681bd5577cf29920159b43f1717876 100644 (file)
--- a/network/80-container-vb.network
+++ b/network/80-container-vb.network
@@ -7,13 +7,13 @@
 # 1. add a drop-in file that extends this file by creating the
 #    /etc/systemd/network/80-container-vb.network.d/ directory and creating a
 #    new .conf file there.
-# 2. copy this file into /etc/systemd/network or one of the other paths checked
+# 2. copy this file into /etc/systemd/network/ or one of the other paths checked
 #    by systemd-networkd and edit it there.
 # This file should not be edited in place, because it'll be overwritten on upgrades.
 
-# This network file matches the host-side of the virtual Ethernet link
-# created by systemd-nspawn's --network-veth switch with --network-bridge or
-# --network-zone switch. See systemd-nspawn(1) for details.
+# This .network file matches the host-side of the virtual Ethernet link created
+# by systemd-nspawn's --network-veth switch with --network-bridge= or
+# --network-zone= switch. See systemd-nspawn(1) for details.
 
 [Match]
 Kind=veth

diff --git a/network/80-container-ve.link b/network/80-container-ve.link
new file mode 100644 (file)
index 0000000..8e17cb7
--- /dev/null
+++ b/network/80-container-ve.link
@@ -0,0 +1,24 @@
+# SPDX-License-Identifier: MIT-0
+#
+# This config file is installed as part of systemd.
+# It may be freely copied and edited (following the MIT No Attribution license).
+#
+# To make local modifications, one of the following methods may be used:
+# 1. add a drop-in file that extends this file by creating the
+#    /etc/systemd/network/80-container-ve.link.d/ directory and creating a
+#    new .conf file there.
+# 2. copy this file into /etc/systemd/network/ or one of the other paths checked
+#    by systemd-udevd and edit it there.
+# This file should not be edited in place, because it'll be overwritten on upgrades.
+
+# This .link file matches the host-side of the virtual Ethernet link
+# created by systemd-nspawn's --network-veth switch. See systemd-nspawn(1) for
+# details.
+
+[Match]
+Kind=veth
+Name=ve-*
+
+[Link]
+NamePolicy=keep
+Property=ID_NET_MANAGED_BY=io.systemd.Network

diff --git a/network/80-container-ve.network b/network/80-container-ve.network
index 076213adc66668880898dc69d25fbf4b0c6b7a25..21a5eacc4e4e0c5170d7eae4dc0d42702c004b66 100644 (file)
--- a/network/80-container-ve.network
+++ b/network/80-container-ve.network
@@ -7,11 +7,11 @@
 # 1. add a drop-in file that extends this file by creating the
 #    /etc/systemd/network/80-container-ve.network.d/ directory and creating a
 #    new .conf file there.
-# 2. copy this file into /etc/systemd/network or one of the other paths checked
+# 2. copy this file into /etc/systemd/network/ or one of the other paths checked
 #    by systemd-networkd and edit it there.
 # This file should not be edited in place, because it'll be overwritten on upgrades.
 
-# This network file matches the host-side of the virtual Ethernet link
+# This .network file matches the host-side of the virtual Ethernet link
 # created by systemd-nspawn's --network-veth switch. See systemd-nspawn(1) for
 # details.
 

diff --git a/network/80-container-vz.link b/network/80-container-vz.link
new file mode 100644 (file)
index 0000000..320f0d3
--- /dev/null
+++ b/network/80-container-vz.link
@@ -0,0 +1,23 @@
+# SPDX-License-Identifier: MIT-0
+#
+# This config file is installed as part of systemd.
+# It may be freely copied and edited (following the MIT No Attribution license).
+#
+# To make local modifications, one of the following methods may be used:
+# 1. add a drop-in file that extends this file by creating the
+#    /etc/systemd/network/80-container-vz.link.d/ directory and creating a
+#    new .conf file there.
+# 2. copy this file into /etc/systemd/network/ or one of the other paths checked
+#    by systemd-udevd and edit it there.
+# This file should not be edited in place, because it'll be overwritten on upgrades.
+
+# This .link file matches the bridge interface created by systemd-nspawn's
+# --network-zone= switch. See systemd-nspawn(1) for details.
+
+[Match]
+Kind=bridge
+Name=vz-*
+
+[Link]
+NamePolicy=keep
+Property=ID_NET_MANAGED_BY=io.systemd.Network

diff --git a/network/80-vm-vt.link b/network/80-vm-vt.link
new file mode 100644 (file)
index 0000000..83bb80e
--- /dev/null
+++ b/network/80-vm-vt.link
@@ -0,0 +1,23 @@
+# SPDX-License-Identifier: MIT-0
+#
+# This config file is installed as part of systemd.
+# It may be freely copied and edited (following the MIT No Attribution license).
+#
+# To make local modifications, one of the following methods may be used:
+# 1. add a drop-in file that extends this file by creating the
+#    /etc/systemd/network/80-vm-vt.link.d/ directory and creating a
+#    new .conf file there.
+# 2. copy this file into /etc/systemd/network/ or one of the other paths checked
+#    by systemd-udevd and edit it there.
+# This file should not be edited in place, because it'll be overwritten on upgrades.
+
+# This .link file matches vt-* TUN/TAP devices on the host and marks them as
+# managed by systemd-networkd.
+
+[Match]
+Kind=tun
+Name=vt-*
+
+[Link]
+NamePolicy=keep
+Property=ID_NET_MANAGED_BY=io.systemd.Network

diff --git a/network/meson.build b/network/meson.build
index 2a472f4f516b3d6b94ffce85122c14a64d39a500..9df0bea76096d79971edd0bcba1b5a2e47657176 100644 (file)
--- a/network/meson.build
+++ b/network/meson.build
@@ -3,11 +3,16 @@
 if conf.get('ENABLE_NETWORKD') == 1
         install_data(
                 '80-6rd-tunnel.network',
+                '80-6rd-tunnel.link',
                 '80-container-host0.network',
                 '80-container-vb.network',
+                '80-container-vb.link',
                 '80-container-ve.network',
+                '80-container-ve.link',
                 '80-container-vz.network',
+                '80-container-vz.link',
                 '80-vm-vt.network',
+                '80-vm-vt.link',
                 '80-wifi-adhoc.network',
                 install_dir : networkdir)