since 376cd3b89c62f580a6f576cecfbbb28d3944118f LIST_FIND_TAIL accepts
an empty list. That removed an assert in LIST_FIND_TAIL and we now
theoretically risk a null pointer deref. This adds the assert directly
to protect against that.
When an address is configured to be all zeroes, networkd will now
automatically find a locally unused network of the right size from a
list of pre-configured pools. Currently those pools are 10.0.0.0/8,
172.16.0.0/12, 192.168.0.0/16 and fc00::/7, i.e. the network ranges for
private networks. They are compiled in, but should be configurable
eventually.
This allows applying the same configuration to a large number of
interfaces with each time a different IP range block, and management of
these IP ranges is fully automatic.
When allocating an address range from the pool it is made sure the range
is not used otherwise.
Michal Sekletar [Wed, 18 Jun 2014 16:14:51 +0000 (18:14 +0200)]
dhcp-network: remove TODO
There is no need to explicitly check version of L3 protocol in the
ethernet header because we bind socket with .sll_protocol set to
ETH_P_IP, thus we only receive IPv4 packets on the socket.
tmpfiles: remove line for automatic clean-ups for /var/cache/man/
Management of /var/cache/man should move to the distribution package
owning the directory (for example, man-db). As man pages are a
non-essential part of the system and unnecessary for minimal setups,
there's no point in having systemd ship these lines.
Distribution packages should make sure the appropriate package for their
distribution adopts this line. Ideally, the line is adopted by the
upstream package.
Tom Gundersen [Mon, 16 Jun 2014 13:24:28 +0000 (15:24 +0200)]
sd-dhcp: checksum - make endianess-neutral
For efficiency, we group bytes together before adding them up. This
is guaranteed to always work (regardless of the byte order) as long
as the i-th byte in each group lign up with the i-th byte in each
other group.
On big-endian machines this broke when handling the trailing few bytes
which did not make up a full group of 4 bytes. This patch fixes the
problem by explicitly creating a 4 byte zero-padded group out of the
trailing bytes.
Reported and tested by Thomas Ritter <th.ritter@gmx.at>.
networkd: don't pull in systemd-networkd-wait-online service from systemd-networkd when enabling
networkd-wait-online should never exist in the default transaction,
unless explicitly enable or pulled in via things like NFS. However, just
enabling networkd shouldn't enable networkd-wait-online, since it's
common to use the former without the latter.
This is useful so that distros have something to base their own policy
of. It also useful to make sure that minimal installs always get useful
configuration in place.
install: introduce new DefaultInstance= field for [Install] sections
The DefaultInstance= name is used when enabling template units when only
specifying the template name, but no instance.
Add DefaultInstance=tty1 to getty@.service, so that when the template
itself is enabled an instance for tty1 is created.
This is useful so that we "systemctl preset-all" can work properly,
because we can operate on getty@.service after finding it, and the right
instance is created.
install: beef up preset logic to limit to only enable or only disable, and do all-unit preset operations
The new "systemctl preset-all" command may now be used to put all
installed units back into the enable/disable state the vendor/admin
encoded in preset files.
Also, introduce "systemctl --preset-mode=enable-only" and "systemctl
--preset-mode=disable-only" to only apply the enable or only the disable
operations of a "systemctl preset" or "systemctl preset-all" operation.
Ruediger Oertel [Fri, 13 Jun 2014 14:41:06 +0000 (16:41 +0200)]
Reset signal-mask on re-exec to init=..
Process 1 (aka init) needs to be started with an empty signal mask.
That includes the process 1 that's started after the initrd is finished.
When the initrd is using systemd (as it does with dracut based initrds)
then it is systemd that calls the real init. Normally this is systemd
again, except when the user uses for instance "init=/bin/bash" on the
kernel command line.
David Herrmann [Fri, 13 Jun 2014 16:38:15 +0000 (18:38 +0200)]
util: fix multiply-alloc helpers with size==0
Passing 0 to malloc() is not required to return NULL. Therefore, don't
bail out if "b" is 0. This is not of importance to the existing helpers,
but the upcoming realloc_multiply() requires this. To keep consistence, we
keep the same behavior for the other helpers.
David Herrmann [Thu, 12 Jun 2014 15:54:48 +0000 (17:54 +0200)]
macro: add DISABLE_WARNING_SHADOW
As it turns out, we cannot use _Pragma in compound-statements. Therefore,
constructs like MIN(MAX(a, b), x) will warn due to shadowed variable
declarations. The DISABLE_WARNING_SHADOW macro can be used to suppress
these.
Note that using UNIQUE(_var) does not work either as GCC uses the last
line of a macro-expansion for __LINE__, therefore, still causing both
macros to have the same variables. We could use different variable-names
for MIN and MAX, but that just hides the problem and still fails for
MIN(something(MIN(a, b)), c).
The only working solution is to use __COUNTER__ and pass it pre-evaluated
as extra argument to a macro to use as name-prefix. This, however, makes
all these macros much more complicated so I'll go with manual
DISABLE_WARNING_SHADOW so far.
units: drop RefuseManualStart= from a couple of update services
The only update service we really need to guard like this is
systemd-tmpfiles-setup.service since if invoked manually might create
/var/run/nologin and thus blocking the user from login. The other
services are pretty much idempotent and don't suffer by this problem,
hence let's simplify them.
/etc/mtab should die die die. It's sad enough util-linux still contains
support for it, but we don't have to partake in that charade, so let's
turn this off.
This is in-line with the fact that since years we already have been
"tainting" systemd if we detect /etc/mtab not being a symlink...
Of course, util-linux is currently broken, and still touches /etc/mtab,
weven if we pass "--no-mtab" to it:
Tom Gundersen [Sat, 14 Jun 2014 16:52:46 +0000 (18:52 +0200)]
networkd: link - flush all pending NEWLINK events before trying to match
We could still have an old interface name and/or mac address when libudev
tells us that the device is initialized, as the up-to-date info could still
be on its way from the kernel.
Tom Gundersen [Sat, 14 Jun 2014 13:38:35 +0000 (15:38 +0200)]
networkd: netdev - allow setting MACAddress in .netdev files
It may sometimes be necessary to specify the MAC address of a netdev.
Let us set the correct one from the get-go, rather than having the
kernel generate a random one, and then change it after.