dev-setup: generalize logic we use to create "inaccessible" device nodes
Let's generalize this, so that we can use this in nspawn later on, which
is pretty useful as we need to be able to mask files from the inner
child of nspawn too, where the host's /run/systemd/inaccessible
directory is not visible anymore. Moreover, if nspawn can create these
nodes on its own before the payload this means the payload can run with
fewer privileges.
cgroup: use device_path_parse_major_minor() also for block device paths
Not only when we populate the "devices" cgroup controller we need
major/minor numbers, but for the io/blkio one it's the same, hence let's
use the same logic for both.
stat-util: add new APIs device_path_make_{major_minor|canonical}() and device_path_parse_major_minor()
device_path_make_{major_minor|canonical) generate device node paths
given a mode_t and a dev_t. We have similar code all over the place,
let's unify this in one place. The former will generate a "/dev/char/"
or "/dev/block" path, and never go to disk. The latter then goes to disk
and resolves that path to the actual path of the device node.
device_path_parse_major_minor() reverses device_path_make_major_minor(),
also withozut going to disk.
We have similar code doing something like this at various places, let's
unify this in a single set of functions. This also allows us to teach
them special tricks, for example handling of the
/run/systemd/inaccessible/{blk|chr} device nodes, which we use for
masking device nodes, and which do not exist in /dev/char/* and
/dev/block/*
Previously we'd allow pattern expressions such as "char-input" to match
all input devices. Internally, this would look up the right major to
test in /proc/devices. With this commit the syntax is slightly extended:
- "char-*" can be used to match any kind of character device, and
similar "block-*. This expression would work previously already, but
instead of actually installing a wildcard match it would install many
individual matches for everything listed in /proc/devices.
- "char-<MAJOR>" with "<MAJOR>" being a numerical parameter works now
too. This allows clients to install whitelist items by specifying the
major directly.
The main reason to add these is to provide limited compat support for
clients that for some reason contain whitelists with major/minor numbers
(such as OCI containers).
core: add special handling for devices cgroup allow lists for /dev/block/* and /dev/char/* device nodes
This adds some code to hanlde /dev/block/* and /dev/char/* device node
paths specially: instead of actually stat()ing them we'll just parse the
major/minor name from the name. This is useful 'hack' to allow clients
to install whitelists for devices that don't actually have to exist.
Also, let's similarly handle /run/systemd/inaccessible/{blk|chr}. This
allows us to simplify our built-in default whitelist to not require a
"ignore_enoent" mode for these nodes.
In general we should be careful with hardcoding major/minor numbers, but
in this case this should safe.
path-util: port path_join() over to path_join_many()
We should probably drop path_join() entirely in the long run (and
then rename path_join_many() to it?), but for now let's make one a
wrapper for the other.
parse-util: rework parse_dev() based on safe_atou() and DEVICE_MAJOR_VALID()/DEVICE_MINOR_VALID()
Let's be a bit more careful when parsing major/minor pairs, and filter
out more corner cases. This also means using safe_atou() rather than
sscanf() to avoid weird negative unsigned handling and such.
stat-util: add macros for checking whether major and minor values are in range
As it turns out glibc and the Linux kernel have different ideas about
the size of dev_t and how many bits exist for the major and the minor.
When validating major/minor numbers we should check against the kernel's
actual sizes, hence add macros for this.
We'd print everything jumbled together:
$ machinectl --max-addresses=3
MACHINE CLASS SERVICE OS VERSION ADDRESSES
rawhide container systemd-nspawn fedora 30 169.254.40.164fe80::94aa:3aff:fe7b:d4b9
systemctl: if service manager couldn't load unit file, don't rely on it to tell us the fragment path
Previously, "systemctl edit" exclusively used the service manager's
per-unit FragmentPath property to figure out which file to edit, when
operating on a non-template unit. If for some reason loading the unit
file failed entirely though (LoadState=error), then FragmentPath would
be empty, and thus the unit not editable.
Let's fix this, by falling back to client-side unit file searching in
this case.
(Also, various other clean-ups to make the relevant functions follow our
coding style)
Merge pull request #10797 from poettering/run-generator
add new "systemd-run-generator" for running arbitrary commands from the kernel command line as system services using the "systemd.run=" kernel command line switch
Yu Watanabe [Wed, 28 Nov 2018 19:03:56 +0000 (20:03 +0100)]
test-network: clear state file before starting networkd
Otherwise, some tests may disturb others, e.g.,
NetworkdNetWorkTests.test_routing_policy_rule_port_range and
NetworkdNetWorkTests.test_routing_policy_rule.
Lubomir Rintel [Wed, 28 Nov 2018 10:44:20 +0000 (11:44 +0100)]
sysctl.d: switch net.ipv4.conf.all.rp_filter from 1 to 2
This switches the RFC3704 Reverse Path filtering from Strict mode to Loose
mode. The Strict mode breaks some pretty common and reasonable use cases,
such as keeping connections via one default route alive after another one
appears (e.g. plugging an Ethernet cable when connected via Wi-Fi).
The strict filter also makes it impossible for NetworkManager to do
connectivity check on a newly arriving default route (it starts with a
higher metric and is bumped lower if there's connectivity).
Kernel's default is 0 (no filter), but a Loose filter is good enough. The
few use cases where a Strict mode could make sense can easily override
this.
The distributions that don't care about the client use cases and prefer a
strict filter could just ship a custom configuration in
/usr/lib/sysctl.d/ to override this.
Susant Sahani [Tue, 27 Nov 2018 05:28:54 +0000 (10:58 +0530)]
networkd: add support to configure ip rule port range and protocol.
Please see:
iprule: support for ip_proto, sport and dport match options
https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit/?id=f686f764682745daf6a93b0a6330ba42a961f858
Victor Tapia [Wed, 21 Nov 2018 13:01:04 +0000 (14:01 +0100)]
resolved: Increase size of TCP stub replies
DNS_PACKET_PAYLOAD_SIZE_MAX is limiting the size of the stub replies to
512 with EDNS off or 4096 with EDNS on, without checking the protocol
used. This makes TCP replies for clients without EDNS support to be
limited to 512, making the truncate flag useless if the query result is
bigger than 512 bytes.
This commit increases the size of TCP replies to DNS_PACKET_SIZE_MAX
install: when enabling a template unit without DefaultInstance= nor specified instance don't do anything
Previously, we'd link the unit file into /etc in this case, but that
should only be done if the unit file is not in the search path anyway,
and this is already done implicitly anyway for all enabled unit files,
hence no reason to duplicate this here.
Quite often when we generate objects some fields should only be
generated in some conditions. Let's add high-level support for that.
Matching the existing JSON_BUILD_PAIR() this adds
JSON_BUILD_PAIR_CONDITIONAL() which is very similar, but takes an
additional parameter: a boolean condition. If "true" this acts like
JSON_BUILD_PAIR(), but if false then the whole pair is suppressed.
This sounds simply, but requires a tiny bit of complexity: when complex
sub-variants are used in fields, then we also need to suppress them.
travis: make sure that *.perf and directives.* files are in sync
New features are constantly added to networkd. Apparently, not everybody
knows that the "directives" files should be updated too to make
the fuzzers aware of them.
Not sure how I missed this, but we of course need to wait for the
"systemd-run" commands to finish before we can check the output files
this generated.
tests: suppress "unwanted log lines" in several fuzzers
According to https://oss-fuzz.com/fuzzer-stats/by-fuzzer/fuzzer/libFuzzer/job/libfuzzer_asan_systemd,
fuzz-network-parser, fuzz-netdev-parser and fuzz-journal-remote produce
a lot of unwanted log lines. Let's set the maximum log level to LOG_CRIT
as we do in the other fuzzers.
Thomas Haller [Tue, 27 Nov 2018 11:09:52 +0000 (12:09 +0100)]
network: add sd_dhcp_route_get_option() accessor
Since sd_dhcp_lease_get_routes() returns the list of all routes,
the caller may need to differenciate whether the route was option
33 (static-routes) or 121 (classless-static-route).
This will now run the command line inside a small Type=oneshot service
and even propagate the exit code of the command back to the parent. And
all that with the full system booted up.
By default this causes the system to shutdown right after the command
completed, but this can be tweaked with systemd.run_success_action= and
systemd.run_failure_action=.
Note that when used in VMs the exit status can of course not be
propagate, as VMs don't really know a concept for that.
projects / thirdparty / systemd.git / log
