From: Nick Rosbrook Date: Tue, 29 Apr 2025 19:14:32 +0000 (-0400) Subject: resolved: support socket activation via varlink sockets X-Git-Tag: v258-rc1~709^2~2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0fa188307b1c286e7b86201b1cfb91014b970092;p=thirdparty%2Fsystemd.git resolved: support socket activation via varlink sockets Add two new socket units, one for each of systemd-resolved's varlink servers: systemd-resolved-varlink.socket systemd-resolved-monitor.socket Add logic to grab socket fds via sd_varlink_server_listen_name(), but fallback to the existing sd_varlink_server_listen_address() calls if no fds were given. This will be used to make systemd-networkd-wait-online --dns more robust against systemd-resolved restarts etc. --- diff --git a/src/resolve/resolved-varlink.c b/src/resolve/resolved-varlink.c index dd4c137c75c..1a50f64a85b 100644 --- a/src/resolve/resolved-varlink.c +++ b/src/resolve/resolved-varlink.c @@ -1423,9 +1423,14 @@ static int varlink_monitor_server_init(Manager *m) { if (r < 0) return log_error_errno(r, "Failed to register varlink disconnect handler: %m"); - r = sd_varlink_server_listen_address(server, "/run/systemd/resolve/io.systemd.Resolve.Monitor", 0666); + r = sd_varlink_server_listen_name(server, "varlink-monitor"); if (r < 0) - return log_error_errno(r, "Failed to bind to varlink socket: %m"); + return log_error_errno(r, "Failed to get varlink listen fd: %m"); + if (r == 0) { + r = sd_varlink_server_listen_address(server, "/run/systemd/resolve/io.systemd.Resolve.Monitor", 0666); + if (r < 0) + return log_error_errno(r, "Failed to bind to varlink socket: %m"); + } r = sd_varlink_server_attach_event(server, m->event, SD_EVENT_PRIORITY_NORMAL); if (r < 0) @@ -1472,9 +1477,14 @@ static int varlink_main_server_init(Manager *m) { if (r < 0) return log_error_errno(r, "Failed to register varlink disconnect handler: %m"); - r = sd_varlink_server_listen_address(s, "/run/systemd/resolve/io.systemd.Resolve", 0666); + r = sd_varlink_server_listen_auto(s); if (r < 0) - return log_error_errno(r, "Failed to bind to varlink socket: %m"); + return log_error_errno(r, "Failed to get varlink listen fd: %m"); + if (r == 0) { + r = sd_varlink_server_listen_address(s, "/run/systemd/resolve/io.systemd.Resolve", 0666); + if (r < 0) + return log_error_errno(r, "Failed to bind to varlink socket: %m"); + } r = sd_varlink_server_attach_event(s, m->event, SD_EVENT_PRIORITY_NORMAL); if (r < 0) diff --git a/units/meson.build b/units/meson.build index cacb1524d69..3dd135942d3 100644 --- a/units/meson.build +++ b/units/meson.build @@ -662,6 +662,14 @@ units = [ 'file' : 'systemd-resolved.service.in', 'conditions' : ['ENABLE_RESOLVE'], }, + { + 'file' : 'systemd-resolved-varlink.socket', + 'conditions' : ['ENABLE_RESOLVE'], + }, + { + 'file' : 'systemd-resolved-monitor.socket', + 'conditions' : ['ENABLE_RESOLVE'], + }, { 'file' : 'systemd-rfkill.service.in', 'conditions' : ['ENABLE_RFKILL'], diff --git a/units/systemd-resolved-monitor.socket b/units/systemd-resolved-monitor.socket new file mode 100644 index 00000000000..a778e60dd29 --- /dev/null +++ b/units/systemd-resolved-monitor.socket @@ -0,0 +1,24 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Resolve Monitor Varlink Socket +Documentation=man:systemd-resolved.service(8) +DefaultDependencies=no +Before=sockets.target shutdown.target +Conflicts=shutdown.target + +[Socket] +Service=systemd-resolved.service +ListenStream=/run/systemd/resolve/io.systemd.Resolve.Monitor +FileDescriptorName=varlink-monitor +SocketMode=0666 + +[Install] +WantedBy=sockets.target diff --git a/units/systemd-resolved-varlink.socket b/units/systemd-resolved-varlink.socket new file mode 100644 index 00000000000..7ac83e5ec9a --- /dev/null +++ b/units/systemd-resolved-varlink.socket @@ -0,0 +1,24 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Resolve Service Varlink Socket +Documentation=man:systemd-resolved.service(8) +DefaultDependencies=no +Before=sockets.target shutdown.target +Conflicts=shutdown.target + +[Socket] +Service=systemd-resolved.service +ListenStream=/run/systemd/resolve/io.systemd.Resolve +FileDescriptorName=varlink +SocketMode=0666 + +[Install] +WantedBy=sockets.target diff --git a/units/systemd-resolved.service.in b/units/systemd-resolved.service.in index f18fbd89e80..a9224f09dae 100644 --- a/units/systemd-resolved.service.in +++ b/units/systemd-resolved.service.in @@ -15,10 +15,10 @@ Documentation=https://systemd.io/WRITING_NETWORK_CONFIGURATION_MANAGERS Documentation=https://systemd.io/WRITING_RESOLVER_CLIENTS DefaultDependencies=no -After=systemd-sysctl.service systemd-sysusers.service +After=systemd-sysctl.service systemd-sysusers.service systemd-resolved-varlink.socket systemd-resolved-monitor.socket Before=sysinit.target network.target nss-lookup.target shutdown.target initrd-switch-root.target Conflicts=shutdown.target initrd-switch-root.target -Wants=nss-lookup.target +Wants=nss-lookup.target systemd-resolved-varlink.socket systemd-resolved-monitor.socket [Service] AmbientCapabilities=CAP_SETPCAP CAP_NET_RAW CAP_NET_BIND_SERVICE @@ -57,3 +57,4 @@ ImportCredential=network.search_domains [Install] WantedBy=sysinit.target Alias=dbus-org.freedesktop.resolve1.service +Also=systemd-resolved-varlink.socket systemd-resolved-monitor.socket