networkd: add support to configure IP Rule (#5725)

[thirdparty/systemd.git] / src / network / networkd.c

diff --git a/src/network/networkd.c b/src/network/networkd.c
index 3a2615e6fde7370329bff05047480ab0933947ec..d5ba6893e339bd76cc68dd7ffe7f0a1e580e1877 100644 (file)
--- a/src/network/networkd.c
+++ b/src/network/networkd.c
@@ -18,13 +18,16 @@
 ***/
 
 #include "sd-daemon.h"
+#include "sd-event.h"
 
 #include "capability-util.h"
-#include "networkd.h"
+#include "networkd-conf.h"
+#include "networkd-manager.h"
 #include "signal-util.h"
 #include "user-util.h"
 
 int main(int argc, char *argv[]) {
+        sd_event *event = NULL;
         _cleanup_manager_free_ Manager *m = NULL;
         const char *user = "systemd-network";
         uid_t uid;
@@ -67,17 +70,29 @@ int main(int argc, char *argv[]) {
         if (r < 0)
                 log_warning_errno(r, "Could not create runtime directory 'lldp': %m");
 
-        r = drop_privileges(uid, gid,
-                            (1ULL << CAP_NET_ADMIN) |
-                            (1ULL << CAP_NET_BIND_SERVICE) |
-                            (1ULL << CAP_NET_BROADCAST) |
-                            (1ULL << CAP_NET_RAW));
+        /* Drop privileges, but only if we have been started as root. If we are not running as root we assume all
+         * privileges are already dropped. */
+        if (geteuid() == 0) {
+                r = drop_privileges(uid, gid,
+                                    (1ULL << CAP_NET_ADMIN) |
+                                    (1ULL << CAP_NET_BIND_SERVICE) |
+                                    (1ULL << CAP_NET_BROADCAST) |
+                                    (1ULL << CAP_NET_RAW));
+                if (r < 0)
+                        goto out;
+        }
+
+        assert_se(sigprocmask_many(SIG_BLOCK, NULL, SIGTERM, SIGINT, -1) >= 0);
+
+        r = sd_event_default(&event);
         if (r < 0)
                 goto out;
 
-        assert_se(sigprocmask_many(SIG_BLOCK, NULL, SIGTERM, SIGINT, -1) >= 0);
+        sd_event_set_watchdog(event, true);
+        sd_event_add_signal(event, NULL, SIGTERM, NULL, NULL);
+        sd_event_add_signal(event, NULL, SIGINT, NULL, NULL);
 
-        r = manager_new(&m);
+        r = manager_new(&m, event);
         if (r < 0) {
                 log_error_errno(r, "Could not create manager: %m");
                 goto out;
@@ -89,6 +104,10 @@ int main(int argc, char *argv[]) {
                 goto out;
         }
 
+        r = manager_parse_config_file(m);
+        if (r < 0)
+                log_warning_errno(r, "Failed to parse configuration file: %m");
+
         r = manager_load_config(m);
         if (r < 0) {
                 log_error_errno(r, "Could not load configuration files: %m");
@@ -113,22 +132,35 @@ int main(int argc, char *argv[]) {
                 goto out;
         }
 
+        r = manager_rtnl_enumerate_rules(m);
+        if (r < 0) {
+                log_error_errno(r, "Could not enumerate rules: %m");
+                goto out;
+        }
+
+        r = manager_start(m);
+        if (r < 0) {
+                log_error_errno(r, "Could not start manager: %m");
+                goto out;
+        }
+
         log_info("Enumeration completed");
 
         sd_notify(false,
                   "READY=1\n"
                   "STATUS=Processing requests...");
 
-        r = manager_run(m);
+        r = sd_event_loop(event);
         if (r < 0) {
                 log_error_errno(r, "Event loop failed: %m");
                 goto out;
         }
-
 out:
         sd_notify(false,
                   "STOPPING=1\n"
                   "STATUS=Shutting down...");
 
+        sd_event_unref(event);
+
         return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
 }