Querying low-level DNS RRs should be done via resolved now, not via
glibc's awful res_query() API anymore. Let's not introduce an async
wrapper for it hence.
networkd: propagate DNS/NTP server from uplink to dhcp server
When handing out DHCP leases, try to propagate DNS/NTP server
information from "uplink". The "uplink" is automatically determined as
the network interface with the highest priority default route on it.
David Herrmann [Thu, 27 Aug 2015 14:43:02 +0000 (16:43 +0200)]
sd-bus: do not connect to dbus-1 socket when kdbus is available
We should not fall back to dbus-1 and connect to the proxy when kdbus
returns an error that indicates that kdbus is running but just does not
accept new connections because of quota limits or something similar.
David Herrmann [Thu, 27 Aug 2015 14:32:22 +0000 (16:32 +0200)]
Revert "sd-bus: do not connect to dbus-1 socket when kdbus is available"
This reverts commit d4d00020d6ad855d65d31020fefa5003e1bb477f. The idea of
the commit is broken and needs to be reworked. We really cannot reduce
the bus-addresses to a single address. We always will have systemd with
native clients and legacy clients at the same time, so we also need both
addresses at the same time.
David Herrmann [Thu, 27 Aug 2015 14:23:47 +0000 (16:23 +0200)]
selinux: drop mac_selinux_unit_access_check_strv()
It is not acceptable to load unit files during enable/disable operations
just to figure out the selinux labels. systemd implements lazy loading
for units, so the selinux hooks need to follow it.
This drops the mac_selinux_unit_access_check_strv() helper which
implements a non-acceptable policy check. If anyone cares for that
functionality, you really should pass a callback+userdata to the helpers
in src/shared/install.c which does policy checks on each touched file.
a) drop handling of obsolete or unused DHCP options time_offset,
mtu_aging_timeout, policy filter, mdr, ttl, ip forwarding settings.
Should this become useful one day we can readd support for this.
b) For subnet mask and broadcast it is not always clear whether 0 or
255.255.255.255 might be valid, hence maintain a boolean indicating
validity next to it.
c) serialize/deserialize broadcast address, lifetime, T1 and T2 together
with the rest of the fields in dhcp_lease_save() and
dhcp_lease_load().
d) consistently return ENODATA from getter functions for data that is
missing in the lease.
e) add missing getter calls for broadcast, lifetime, T1, T2.
f) when decoding DHCP options, generate debug messages on parse
failures, but try to proceed if possible.
g) Similar, when deserializing a lease in dhcp_lease_load(), make sure
we deal nicely with unparsable fields, to provide upgrade compat.
basic: document that people shouldn't use refcnt.h without reason
refcnt.h only exists for cases where objects are simultaneously handled
by different threads. Otherwise it should not be used. The only case
where this applies is sd_bus, really, and pretty much none of our APIs,
since we do not claim thread-safety for them.
When we make sd-dhcp public one day we really should not make
sd_dhcp_lease_save() and sd_dhcp_lease_load() public, since it's pretty
much only useful as internal utility for networkd itself.
dhcp: normalize DHCP host and domain names from leases
Previoulsy, we just checked whether the domain names specified in
incoming DHCP leases are valid. Given that validation code actually
internally normalizes anyway, it's a good idea to simply do the full
normalization and store that in the lease structure. This allows us to
remove the manual removal of a trailing dot, if there is one.
David Herrmann [Wed, 26 Aug 2015 10:37:56 +0000 (12:37 +0200)]
sd-dhcp6: fix domainname memleak
strv_extend() does not consume the passed entry, hence, we must properly
free it. Furthermore, we should *not* use strv_consume() as we do greedy
allocations on 'ret'; and greedy-allocations should only be used for short
lived objects or caches.
Fix the domainname parser to properly free temporary storage when done.
David Herrmann [Wed, 26 Aug 2015 10:30:56 +0000 (12:30 +0200)]
sd-dhcp: don't randomly ref objects
In our API design, getter-functions don't ref objects. Calls like
foo_get_bar() will not ref 'bar'. We never do that and there is no real
reason to do it in single threaded APIs. If you need a ref-count, you
better take it yourself *BEFORE* doing anything else on the parent object
(as this might invalidate your pointer).
Right now, sd_dhcp?_get_lease() refs the lease it returns. A lot of
code-paths in systemd do not expect this and thus leak the lease
reference. Fix this by changing the API to not ref returned objects.
HATAYAMA Daisuke [Wed, 26 Aug 2015 03:07:31 +0000 (12:07 +0900)]
selinux: fix regression of systemctl subcommands when absolute unit file paths are specified
The commit 4938696301a914ec26bcfc60bb99a1e9624e3789 overlooked the
fact that unit files can be specified as unit file paths, not unit
file names, wrongly passing a unit file path to the 1st argument of
manager_load_unit() that handles it as a unit file name. As a result,
the following 4 systemctl subcommands:
enable
disable
reenable
link
mask
unmask
fail with the following error message:
# systemctl enable /usr/lib/systemd/system/kdump.service
Failed to execute operation: Unit name /usr/lib/systemd/system/kdump.service is not valid.
# systemctl disable /usr/lib/systemd/system/kdump.service
Failed to execute operation: Unit name /usr/lib/systemd/system/kdump.service is not valid.
# systemctl reenable /usr/lib/systemd/system/kdump.service
Failed to execute operation: Unit name /usr/lib/systemd/system/kdump.service is not valid.
# cp /usr/lib/systemd/system/kdump.service /tmp/
# systemctl link /tmp/kdump.service
Failed to execute operation: Unit name /tmp/kdump.service is not valid.
# systemctl mask /usr/lib/systemd/system/kdump.service
Failed to execute operation: Unit name /usr/lib/systemd/system/kdump.service is not valid.
# systemctl unmask /usr/lib/systemd/system/kdump.service
Failed to execute operation: Unit name /usr/lib/systemd/system/kdump.service is not valid.
To fix the issue, first check whether a unit file is passed as a unit
file name or a unit file path, and then pass the unit file to the
appropreate argument of manager_load_unit().
By the way, even with this commit mask and unmask reject unit file
paths as follows and this is a correct behavior:
# systemctl mask /usr/lib/systemd/system/kdump.service
Failed to execute operation: Invalid argument
# systemctl unmask /usr/lib/systemd/system/kdump.service
Failed to execute operation: Invalid argument
Internally, the root cgroup is stored as the empty string in
Unit.cgroup_path, and "no cgroup" as NULL. Unfortunately, D-Bus does not
know a NULL concept, hence when reporting the cgroup to clients we
should turn the root cgroup into "/", and leave the empty string for the
"no cgroup" case.
This should make sure that "systemctl status -- -.slice" works correctly
and shows the entire cgroup tree.
sd-bus: introduce new match type "arg0has=" for matching arrays of strings
Previously, sd-bus inofficially already supported bus matches that
tested a string against an array of strings ("as"). This was done via an
enhanced way to interpret "arg0=" matches. This is problematic however,
since clients have no way to determine if their respective
implementation understood strv matches or not, thus allowing invalid
matches to be installed without a way to detect that.
This patch changes the logic to only allow such matches with a new
"arg0has=" syntax. This has the benefit that non-conforming
implementations will return a parse error and a client application may
thus efficiently detect support for the match type.
Matches of this type are useful for "udev"-like systems that "tag" objects
with a number of strings, and clients need to be able to match against
any of these "tags".
The name "has" takes inspiration from Python's ".has_key()" construct.
resolved: make packet flags logic more expressive again
This partially reverts 106784ebb7b303ae471851100a773ad2aebf5b80, ad
readds separate DNS_PACKET_MAKE_FLAGS() invocations for the LLMNR and
DNS case. This is important since SOme flags have different names and
meanings on LLMNR and on DNS and we should clarify that via the comments
and how we put things together.
This hopefully makes this a bit more expressive and clarifies that the
fd is not used for the DNS TCP socket. This also mimics how the LLMNR
UDP fd is named in the manager object.
Daniel Mack [Tue, 4 Aug 2015 11:53:02 +0000 (13:53 +0200)]
resolved: allow dns_cache_put() without a question
Currently, dns_cache_put() does a number of things:
1) It unconditionally removes all keys contained in the passed
question before adding keys from the newly arrived answers.
2) It puts positive entries into the cache for all RRs contained
in the answer.
3) It creates negative entries in the cache for all keys in the
question that are not answered.
Allow passing q = NULL in the parameters and skip 1) and 3), so
we can use that function for mDNS responses. In this case, the
question is irrelevant, we are interested in all answers we got.