-/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
-
+/* SPDX-License-Identifier: LGPL-2.1+ */
/***
This file is part of systemd.
***/
#include "sd-daemon.h"
-#include "capability.h"
+#include "sd-event.h"
+
+#include "capability-util.h"
+#include "networkd-conf.h"
+#include "networkd-manager.h"
#include "signal-util.h"
-#include "networkd.h"
+#include "user-util.h"
int main(int argc, char *argv[]) {
+ sd_event *event = NULL;
_cleanup_manager_free_ Manager *m = NULL;
const char *user = "systemd-network";
uid_t uid;
/* Always create the directories people can create inotify
* watches in. */
- r = mkdir_safe_label("/run/systemd/netif", 0755, uid, gid);
+ r = mkdir_safe_label("/run/systemd/netif", 0755, uid, gid, false);
if (r < 0)
log_warning_errno(r, "Could not create runtime directory: %m");
- r = mkdir_safe_label("/run/systemd/netif/links", 0755, uid, gid);
+ r = mkdir_safe_label("/run/systemd/netif/links", 0755, uid, gid, false);
if (r < 0)
log_warning_errno(r, "Could not create runtime directory 'links': %m");
- r = mkdir_safe_label("/run/systemd/netif/leases", 0755, uid, gid);
+ r = mkdir_safe_label("/run/systemd/netif/leases", 0755, uid, gid, false);
if (r < 0)
log_warning_errno(r, "Could not create runtime directory 'leases': %m");
- r = mkdir_safe_label("/run/systemd/netif/lldp", 0755, uid, gid);
+ r = mkdir_safe_label("/run/systemd/netif/lldp", 0755, uid, gid, false);
if (r < 0)
log_warning_errno(r, "Could not create runtime directory 'lldp': %m");
- r = drop_privileges(uid, gid,
- (1ULL << CAP_NET_ADMIN) |
- (1ULL << CAP_NET_BIND_SERVICE) |
- (1ULL << CAP_NET_BROADCAST) |
- (1ULL << CAP_NET_RAW));
+ /* Drop privileges, but only if we have been started as root. If we are not running as root we assume all
+ * privileges are already dropped. */
+ if (geteuid() == 0) {
+ r = drop_privileges(uid, gid,
+ (1ULL << CAP_NET_ADMIN) |
+ (1ULL << CAP_NET_BIND_SERVICE) |
+ (1ULL << CAP_NET_BROADCAST) |
+ (1ULL << CAP_NET_RAW));
+ if (r < 0)
+ goto out;
+ }
+
+ assert_se(sigprocmask_many(SIG_BLOCK, NULL, SIGTERM, SIGINT, -1) >= 0);
+
+ r = sd_event_default(&event);
if (r < 0)
goto out;
- assert_se(sigprocmask_many(SIG_BLOCK, SIGTERM, SIGINT, -1) == 0);
+ sd_event_set_watchdog(event, true);
+ sd_event_add_signal(event, NULL, SIGTERM, NULL, NULL);
+ sd_event_add_signal(event, NULL, SIGINT, NULL, NULL);
- r = manager_new(&m);
+ r = manager_new(&m, event);
if (r < 0) {
log_error_errno(r, "Could not create manager: %m");
goto out;
goto out;
}
+ r = manager_parse_config_file(m);
+ if (r < 0)
+ log_warning_errno(r, "Failed to parse configuration file: %m");
+
r = manager_load_config(m);
if (r < 0) {
log_error_errno(r, "Could not load configuration files: %m");
r = manager_rtnl_enumerate_addresses(m);
if (r < 0) {
- log_error_errno(r, "Could not enumerate links: %m");
+ log_error_errno(r, "Could not enumerate addresses: %m");
+ goto out;
+ }
+
+ r = manager_rtnl_enumerate_routes(m);
+ if (r < 0) {
+ log_error_errno(r, "Could not enumerate routes: %m");
+ goto out;
+ }
+
+ r = manager_rtnl_enumerate_rules(m);
+ if (r < 0) {
+ log_error_errno(r, "Could not enumerate rules: %m");
+ goto out;
+ }
+
+ r = manager_start(m);
+ if (r < 0) {
+ log_error_errno(r, "Could not start manager: %m");
goto out;
}
"READY=1\n"
"STATUS=Processing requests...");
- r = manager_run(m);
+ r = sd_event_loop(event);
if (r < 0) {
log_error_errno(r, "Event loop failed: %m");
goto out;
}
-
out:
sd_notify(false,
"STOPPING=1\n"
"STATUS=Shutting down...");
+ sd_event_unref(event);
+
return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
}