[systemd-devel] lastlog and friends
systemd TODO: - Replace utmp, wtmp, btmp, and lastlog completely with journal Can someone elaborate and provide more details, ideas, .. ? The current lastlog is sparse file and it's difficult to use for backup programs or integrity checkers, etc. So requests from users/customers are pretty common. The idea (from someone from RH) is to have very simple and tiny library that provides unified API for different backends (classic lastlog, systemd journal, etc.) to keep applications portable. Something like: https://github.com/marmolak/liblastlog2 Frankly, I'd like to see something more than only lastlog, but also utmp, wtmp support. Note that I'm not involved in the project, but as login(1), last(1), ... maintainer I'd like to see a public discussion about this topic. Maybe all we need for things like lastlog and wtmp is journald and then a few #ifdef in applications like login(1), who(1) or PAM. Maybe it would be better than add an extra abstraction layer (by any library). Not sure, too many question :-) Karel -- Karel Zak k...@redhat.com http://karelzak.blogspot.com ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH] udevd: add --event-timeout commandline option
On Tue, Jul 29, 2014 at 9:06 AM, Hannes Reinecke h...@suse.de wrote: On large configurations some events take longer than the default 30 seconds. Killing those events will leave the machine halfway configured. So add a commandline option '--event-timeout' to handle these cases. Applied. But with a follow-up commit, I changed the timeout logic. We do not need or want several independent timeouts for the same thing. Please check. Thanks, Kay ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] lastlog and friends
On Tue, Jul 29, 2014 at 02:51:37PM +0200, Reindl Harald wrote: Maybe all we need for things like lastlog and wtmp is journald and then a few #ifdef in applications like login(1), who(1) or PAM. Maybe it would be better than add an extra abstraction layer (by any library). Not sure, too many question :-) please keep in mind that on servers Storage=volatile and forward to classic rsyslog is common and that won't change - so whatever you read from journal are only recent entries which won't survive a reboot That's why I'm asking, I guess that behind the TODO item is any idea which has to be implement in on journal side. I'd like to know the long-term goal to avoid some future misunderstanding/flames :-) Karel -- Karel Zak k...@redhat.com http://karelzak.blogspot.com ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH 3/3] socket: Add support for TCP defer accept
TCP_DEFER_ACCEPT Allow a listener to be awakened only when data arrives on the socket. If TCP_DEFER_ACCEPT set on a server-side listening socket, the TCP/IP stack will not to wait for the final ACK packet and not to initiate the process until the first packet of real data has arrived. After sending the SYN/ACK, the server will then wait for a data packet from a client. Now, only three packets will be sent over the network, and the connection establishment delay will be significantly reduced. --- man/systemd.socket.xml | 16 src/core/dbus-socket.c | 1 + src/core/socket.c | 11 +++ src/core/socket.h | 1 + 4 files changed, 29 insertions(+) diff --git a/man/systemd.socket.xml b/man/systemd.socket.xml index e6bbb2e..9ce94aa 100644 --- a/man/systemd.socket.xml +++ b/man/systemd.socket.xml @@ -539,6 +539,22 @@ /varlistentry varlistentry +termvarnameDeferAccept=/varname/term +listitemparaTakes time (in seconds) as argument +Allow a listener to be awakened only when data arrives on the socket. +If TCP_DEFER_ACCEPT set on a server-side listening socket, +the TCP/IP stack will not to wait for the final ACK packet and not to +initiate the process until the first packet of real data has arrived. +After sending the SYN/ACK, the server will then wait for a data packet +from a client. Now, only three packets will be sent over the network, +and the connection establishment delay will be significantly reduced. +This controls the TCP_DEFER_ACCEPT socket option (see + citerefentryrefentrytitlesocket/refentrytitlemanvolnum7/manvolnum/citerefentry +Defaults to +optiondisabled/option./para/listitem +/varlistentry + +varlistentry termvarnamePriority=/varname/term listitemparaTakes an integer argument controlling the priority for diff --git a/src/core/dbus-socket.c b/src/core/dbus-socket.c index f9ef7ef..1142ca5 100644 --- a/src/core/dbus-socket.c +++ b/src/core/dbus-socket.c @@ -101,6 +101,7 @@ const sd_bus_vtable bus_socket_vtable[] = { SD_BUS_PROPERTY(KeepAliveInterval, t, bus_property_get_usec, offsetof(Socket, keep_alive_interval), SD_BUS_VTABLE_PROPERTY_CONST), SD_BUS_PROPERTY(KeepAliveProbes, i, bus_property_get_int, offsetof(Socket, keep_alive_cnt), SD_BUS_VTABLE_PROPERTY_CONST), SD_BUS_PROPERTY(FastOpen , b, bus_property_get_bool, offsetof(Socket, fast_open), SD_BUS_VTABLE_PROPERTY_CONST), +SD_BUS_PROPERTY(DeferAccept , t, bus_property_get_usec, offsetof(Socket, defer_accept), SD_BUS_VTABLE_PROPERTY_CONST), SD_BUS_PROPERTY(Priority, i, bus_property_get_int, offsetof(Socket, priority), SD_BUS_VTABLE_PROPERTY_CONST), SD_BUS_PROPERTY(ReceiveBuffer, t, bus_property_get_size, offsetof(Socket, receive_buffer), SD_BUS_VTABLE_PROPERTY_CONST), SD_BUS_PROPERTY(SendBuffer, t, bus_property_get_size, offsetof(Socket, send_buffer), SD_BUS_VTABLE_PROPERTY_CONST), diff --git a/src/core/socket.c b/src/core/socket.c index b798d4e..32cadf9 100644 --- a/src/core/socket.c +++ b/src/core/socket.c @@ -610,6 +610,11 @@ static void socket_dump(Unit *u, FILE *f, const char *prefix) { %sKeepAliveProbes: %u\n, prefix, s-keep_alive_cnt); +if(s-defer_accept) +fprintf(f, +%sDeferAccept: %lo\n, +prefix, s-defer_accept / USEC_PER_SEC); + LIST_FOREACH(port, p, s-ports) { if (p-type == SOCKET_SOCKET) { @@ -831,6 +836,12 @@ static void socket_apply_socket_options(Socket *s, int fd) { log_warning_unit(UNIT(s)-id, TCP_FASTOPEN failed: %m); } +if (s-defer_accept) { +int value = s-defer_accept / USEC_PER_SEC; +if (setsockopt(fd, SOL_TCP, TCP_DEFER_ACCEPT, value, sizeof(value)) 0) +log_warning_unit(UNIT(s)-id, TCP_DEFER_ACCEPT failed: %m); +} + if (s-broadcast) { int one = 1; if (setsockopt(fd, SOL_SOCKET, SO_BROADCAST, one, sizeof(one)) 0) diff --git a/src/core/socket.h b/src/core/socket.h index 9cb82fa..7452d27 100644 --- a/src/core/socket.h +++ b/src/core/socket.h @@ -104,6 +104,7 @@ struct Socket { usec_t timeout_usec; usec_t keep_alive_time; usec_t keep_alive_interval; +usec_t defer_accept;
[systemd-devel] [PATCH 1/3] socket: Add Support for TCP keep alive variables
The tcp keep alive variables now can be configured via conf parameter. Follwing variables are now supported by this patch. tcp_keepalive_intvl: The number of seconds between TCP keep-alive probes tcp_keepalive_probes: The maximum number of TCP keep-alive probes to send before giving up and killing the connection if no response is obtained from the other end. tcp_keepalive_time: The number of seconds a connection needs to be idle before TCP begins sending out keep-alive probes. --- man/systemd.socket.xml| 36 +++ src/core/dbus-socket.c| 3 +++ src/core/load-fragment-gperf.gperf.m4 | 3 +++ src/core/socket.c | 33 src/core/socket.h | 3 +++ 5 files changed, 78 insertions(+) diff --git a/man/systemd.socket.xml b/man/systemd.socket.xml index 09a7311..6dbcc81 100644 --- a/man/systemd.socket.xml +++ b/man/systemd.socket.xml @@ -488,6 +488,42 @@ /varlistentry varlistentry + termvarnameKeepAliveTime=/varname/term + listitemparaTakes time (in seconds) as argument . The connection needs to remain + idle before TCP starts sending keepalive probes. This controls the TCP_KEEPIDLE + socket option (see + citerefentryrefentrytitlesocket/refentrytitlemanvolnum7/manvolnum/citerefentry + and the ulink + url=http://www.tldp.org/HOWTO/html_single/TCP-Keepalive-HOWTO/;TCP + Keepalive HOWTO/ulink for details.) + Defaults value is 7200 seconds (2 hours)./para/listitem +/varlistentry + +varlistentry + termvarnameKeepAliveInterval=/varname/term + listitemparaTakes time (in seconds) as argument between individual keepalive probes, + if the socket option SO_KEEPALIVE has been set on this socket seconds as argument. + This controls the TCP_KEEPINTVL socket option (see + citerefentryrefentrytitlesocket/refentrytitlemanvolnum7/manvolnum/citerefentry + and the ulink + url=http://www.tldp.org/HOWTO/html_single/TCP-Keepalive-HOWTO/;TCP + Keepalive HOWTO/ulink for details.) + Defaults value is 75 seconds./para/listitem +/varlistentry + +varlistentry + termvarnameKeepAliveProbes=/varname/term + listitemparaTakes interger as argument. It's the number of unacknowledged probes to + send before considering the connection dead and notifying the application layer. + This controls the TCP_KEEPCNT socket option (see + citerefentryrefentrytitlesocket/refentrytitlemanvolnum7/manvolnum/citerefentry + and the ulink + url=http://www.tldp.org/HOWTO/html_single/TCP-Keepalive-HOWTO/;TCP + Keepalive HOWTO/ulink for details.) + Defaults value is 9./para/listitem +/varlistentry + +varlistentry termvarnamePriority=/varname/term listitemparaTakes an integer argument controlling the priority for diff --git a/src/core/dbus-socket.c b/src/core/dbus-socket.c index ad135a1..348afbd 100644 --- a/src/core/dbus-socket.c +++ b/src/core/dbus-socket.c @@ -97,6 +97,9 @@ const sd_bus_vtable bus_socket_vtable[] = { SD_BUS_PROPERTY(DirectoryMode, u, bus_property_get_mode, offsetof(Socket, directory_mode), SD_BUS_VTABLE_PROPERTY_CONST), SD_BUS_PROPERTY(Accept, b, bus_property_get_bool, offsetof(Socket, accept), SD_BUS_VTABLE_PROPERTY_CONST), SD_BUS_PROPERTY(KeepAlive, b, bus_property_get_bool, offsetof(Socket, keep_alive), SD_BUS_VTABLE_PROPERTY_CONST), +SD_BUS_PROPERTY(KeepAliveTime, t, bus_property_get_usec, offsetof(Socket, keep_alive_time), SD_BUS_VTABLE_PROPERTY_CONST), +SD_BUS_PROPERTY(KeepAliveInterval, t, bus_property_get_usec, offsetof(Socket, keep_alive_interval), SD_BUS_VTABLE_PROPERTY_CONST), +SD_BUS_PROPERTY(KeepAliveProbes, i, bus_property_get_int, offsetof(Socket, keep_alive_cnt), SD_BUS_VTABLE_PROPERTY_CONST), SD_BUS_PROPERTY(Priority, i, bus_property_get_int, offsetof(Socket, priority), SD_BUS_VTABLE_PROPERTY_CONST), SD_BUS_PROPERTY(ReceiveBuffer, t, bus_property_get_size, offsetof(Socket, receive_buffer), SD_BUS_VTABLE_PROPERTY_CONST), SD_BUS_PROPERTY(SendBuffer,
Re: [systemd-devel] lastlog and friends
On Tue, 29.07.14 14:43, Karel Zak (k...@redhat.com) wrote: systemd TODO: - Replace utmp, wtmp, btmp, and lastlog completely with journal Can someone elaborate and provide more details, ideas, .. ? Basically, we just want to have a nice tool that can dump data similar to lastlog or last to stdout, originating from the journal. utmp (i.e. data about who is currently logged in) is actually mostly covered by loginctl already. Not sure where precisely that tool should actually live though. I am tempted to say it should just be a one or two additional verbs for loginctl (which should gain some journal integration anyway, for example to show log messages of a specific session and suchlike). While this funcionality should make equivalent data as lastlog or last available, this is explicitly not about providing interface compatibility. The current lastlog is sparse file and it's difficult to use for backup programs or integrity checkers, etc. So requests from users/customers are pretty common. The idea (from someone from RH) is to have very simple and tiny library that provides unified API for different backends (classic lastlog, systemd journal, etc.) to keep applications portable. Something like: https://github.com/marmolak/liblastlog2 Frankly, I'd like to see something more than only lastlog, but also utmp, wtmp support. Honestly, this sounds like something awfully peripheral to deserve a library of its own. Also, a library whose primary purpose is to be abstraction glue to support one backend that is supposed to be the backend of the future and one that is really something that should go away sounds like a bad idea. I mean, what would the benefit be? Eventually people should just use the modern API anyway. And until that day they can use the old utmp API. And asking them to port everything to a third API in between sounds like an excercise in creating more work for poor overworked developers... ;-) Note that accounts-service actually provides an API to query some details of utmp (for example used to populated the faces browser in gdm). Now, accounts-services was always intended to be a stopgap, but I am pretty sure querying lastlog/utmp info is best done in it, or in the subsystem that one day might replace it. I think lastlog/utmp/wtmp handling is just one detail of user management the way accounts-service is doing it. I hope that makes some sense. Lennart -- Lennart Poettering, Red Hat ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] switch-root: umount the old root correctly
The unmount occurs after the pivot_root, so the path used to unmount should take into account the new root directory. This will allow the umount to actually succeed. --- src/core/switch-root.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/core/switch-root.c b/src/core/switch-root.c index f82243f..f508cc2 100644 --- a/src/core/switch-root.c +++ b/src/core/switch-root.c @@ -129,8 +129,8 @@ int switch_root(const char *new_root) { /* Immediately get rid of the old root. Since we are * running off it we need to do this lazily. */ -if (umount2(temporary_old_root, MNT_DETACH) 0) { -log_error(Failed to umount old root dir %s: %m, temporary_old_root); +if (umount2(/mnt, MNT_DETACH) 0) { +log_error(Failed to umount old root dir /mnt: %m); return -errno; } -- 1.9.3 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] lastlog and friends
On Tue, 29.07.14 14:51, Reindl Harald (h.rei...@thelounge.net) wrote: please keep in mind that on servers Storage=volatile and forward to classic rsyslog is common and that won't change - so whatever you read from journal are only recent entries which won't survive a reboot Well, whatever. If you turn off local journal storage, you get no local journal storage, and your login history stored within it will be truncated. But that's completely OK and simply what the admin configured. I see no reason to duplicate everything in utmp because some folks disable local storage... Lennart -- Lennart Poettering, Red Hat ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH] networkd: fix reporting errors from hostnamed
On Tue, Jul 22, 2014 at 1:23 AM, Michael Marineau michael.marin...@coreos.com wrote: The return value may be -EINVAL or a positive errno from the dbus message. Check both ranges, otherwise most errors are silently ignored. Applied. Thanks! -t --- src/network/networkd-link.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c index 7a0f30b..be879fd 100644 --- a/src/network/networkd-link.c +++ b/src/network/networkd-link.c @@ -845,7 +845,9 @@ static int set_hostname_handler(sd_bus *bus, sd_bus_message *m, void *userdata, r = sd_bus_message_get_errno(m); if (r 0) -log_warning_link(link, Could not set hostname: %s, strerror(-r)); +r = -r; +if (r 0) +log_warning_link(link, Could not set hostname: %s, strerror(r)); return 1; } -- 1.8.5.5 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] lastlog and friends
On 07/29/2014 07:28 PM, Lennart Poettering wrote: Not sure where precisely that tool should actually live though. I am tempted to say it should just be a one or two additional verbs for loginctl (which should gain some journal integration anyway, for example to show log messages of a specific session and suchlike). Hmm... Does it really need two new verbs? Cant list-sessions and list-users simply list active for the active user(s) and show timestamps for the rest which should cover the usefulness of who,last and lastlog? ( It's a bit redundant info seeing who has never logged as well as seeing who has ) loginctl list-sessions SESSIONUID USER SEATLast Active 1 1000 johannbg seat0ACTIVE 1 1001 suzyseat0$DATE And equivalent for list-users. I guess if that's not good enough show-active, show-last could be added to list-sessions, list-users JBG ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [215] bridge with static network does not work
Hello, Setting up a bridge with systemd-networkd does not works for me. Doing things manually works. (no network, can not ping other hosts). Output of ip addr looks same in both cases. I am sure that I am doing things correctly, if not please let me know. Thanks. systemd-networkd config looks like: # cat br0.netdev [NetDev] Name=br0 Kind=bridge # cat br0.network [Match] Name=br0 [Network] Address=192.168.0.77/24 Gateway=192.168.0.1 # cat enp0s16.network [Match] Name=enp0s16 [Network] Bridge=br0 and manual commands for the same (works): ip link add name br0 type bridge ip addr add 192.168.0.77/24 broadcast + dev br0 ip link set dev enp0s16 master br0 ip link set dev br0 up ip link set dev enp0s16 up ip route add default via 192.168.0.1 In both cases the output of ip addr is: 2: enp0s16: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc pfifo_fast master br0 state UP group default qlen 1000 link/ether 00:17:31:bb:44:19 brd ff:ff:ff:ff:ff:ff inet6 fe80::217:31ff:febb:4419/64 scope link valid_lft forever preferred_lft forever 8: br0: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc noqueue state UP group default link/ether 00:17:31:bb:44:19 brd ff:ff:ff:ff:ff:ff inet 192.168.0.77/24 brd 192.168.0.255 scope global br0 valid_lft forever preferred_lft forever inet6 fe80::217:31ff:febb:4419/64 scope link valid_lft forever preferred_lft forever and bridge fdb: 01:00:5e:00:00:01 dev enp0s16 self permanent 33:33:00:00:00:01 dev enp0s16 self permanent 33:33:ff:bb:44:19 dev enp0s16 self permanent 00:19:3e:ea:c5:54 dev enp0s16 vlan 0 00:21:29:98:d4:f3 dev enp0s16 vlan 0 00:17:31:bb:44:19 dev enp0s16 vlan 0 permanent Have a nice day! signature.asc Description: OpenPGP digital signature ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] resolved: re-add support for getting local domain from DHCP
When the code for generating resolv.conf was moved from networkd to resolved the DHCP domain name code was dropped. --- This is a resend, rebased since some recent changes changed how this patch needed to be implemented. src/network/networkd-link.c| 13 + src/network/sd-network.c | 24 src/resolve/resolved-link.c| 20 src/resolve/resolved-link.h| 2 ++ src/resolve/resolved-manager.c | 10 +- src/systemd/sd-network.h | 3 +++ 6 files changed, 71 insertions(+), 1 deletion(-) diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c index 3b8b7ed..827c428 100644 --- a/src/network/networkd-link.c +++ b/src/network/networkd-link.c @@ -2451,6 +2451,19 @@ int link_save(Link *link) { (address + 1 ? : )); fputs(\n, f); + +fprintf(f, DOMAINNAME=); + +if (link-network-dhcp_domainname +link-dhcp_lease) { +const char *domainname; + +r = sd_dhcp_lease_get_domainname(link-dhcp_lease, domainname); +if (r = 0) +fputs(domainname, f); +} + +fputs(\n, f); } if (link-dhcp_lease) { diff --git a/src/network/sd-network.c b/src/network/sd-network.c index bfb8321..a427a27 100644 --- a/src/network/sd-network.c +++ b/src/network/sd-network.c @@ -175,6 +175,30 @@ _public_ int sd_network_get_ntp(int ifindex, char ***ret) { return network_get_strv(NTP, ifindex, ret); } +_public_ int sd_network_get_domainname(int ifindex, char **domainname) { +_cleanup_free_ char *s = NULL, *p = NULL; +int r; + +assert_return(ifindex 0, -EINVAL); +assert_return(domainname, -EINVAL); + +if (asprintf(p, /run/systemd/netif/links/%d, ifindex) 0) +return -ENOMEM; + +r = parse_env_file(p, NEWLINE, DOMAINNAME, s, NULL); +if (r == -ENOENT) +return -ENODATA; +else if (r 0) +return r; +else if (!s) +return -EIO; + +*domainname = s; +s = NULL; + +return 0; +} + static inline int MONITOR_TO_FD(sd_network_monitor *m) { return (int) (unsigned long) m - 1; } diff --git a/src/resolve/resolved-link.c b/src/resolve/resolved-link.c index 6ac7c5b..f6b7f6a 100644 --- a/src/resolve/resolved-link.c +++ b/src/resolve/resolved-link.c @@ -77,6 +77,7 @@ Link *link_free(Link *l) { while (l-dns_servers) dns_server_free(l-dns_servers); +free(l-domainname); free(l); return NULL; } @@ -191,10 +192,29 @@ clear: return r; } +static int link_update_domainname(Link *l) { +char *domainname = NULL; +int r; + +assert(l); + +free(l-domainname); +l-domainname = NULL; + +r = sd_network_get_domainname(l-ifindex, domainname); +if (r 0) +return r; + +l-domainname = domainname; + +return 0; +} + int link_update_monitor(Link *l) { assert(l); link_update_dns_servers(l); +link_update_domainname(l); link_allocate_scopes(l); link_add_rrs(l); diff --git a/src/resolve/resolved-link.h b/src/resolve/resolved-link.h index f58bd54..9730aec 100644 --- a/src/resolve/resolved-link.h +++ b/src/resolve/resolved-link.h @@ -68,6 +68,8 @@ struct Link { RateLimit mdns_ratelimit; RateLimit llmnr_ratelimit; + +char *domainname; }; int link_new(Manager *m, Link **ret, int ifindex); diff --git a/src/resolve/resolved-manager.c b/src/resolve/resolved-manager.c index a8715bd..253a97e 100644 --- a/src/resolve/resolved-manager.c +++ b/src/resolve/resolved-manager.c @@ -522,6 +522,7 @@ int manager_write_resolv_conf(Manager *m) { const char *path = /run/systemd/resolve/resolv.conf; _cleanup_free_ char *temp_path = NULL; _cleanup_fclose_ FILE *f = NULL; +const char *domainname = NULL; unsigned count = 0; DnsServer *s; Iterator i; @@ -542,13 +543,20 @@ int manager_write_resolv_conf(Manager *m) { # resolv.conf(5) in a different way, replace the symlink by a\n # static file or a different symlink.\n\n, f); -HASHMAP_FOREACH(l, m-links, i) +HASHMAP_FOREACH(l, m-links, i) { LIST_FOREACH(servers, s, l-dns_servers) write_resolve_conf_server(s, f, count); +if (!domainname l-domainname) +domainname = l-domainname; +} + LIST_FOREACH(servers, s, m-dns_servers) write_resolve_conf_server(s, f, count); +if (domainname) +fprintf(f, domain %s\n, domainname); + r = fflush_and_check(f); if (r 0)
[systemd-devel] [PATCH] nspawn: fix truncation of machine names in interface names
When deriving the network interface name from machine name strncpy was not properly null terminating the string and the maximum string size as returned by strlen() is actually IFNAMSIZ-1, not IFNAMSIZ. --- src/nspawn/nspawn.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c index 7c47f6e..73eeed6 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c @@ -69,6 +69,7 @@ #include missing.h #include cgroup-util.h #include strv.h +#include strxcpyx.h #include path-util.h #include loopback-setup.h #include dev-setup.h @@ -1663,7 +1664,7 @@ static int setup_veth(pid_t pid, char iface_name[IFNAMSIZ], int *ifi) { memcpy(iface_name, vb-, 3); else memcpy(iface_name, ve-, 3); -strncpy(iface_name+3, arg_machine, IFNAMSIZ - 3); +strscpy(iface_name+3, IFNAMSIZ - 4, arg_machine); r = get_mac(mac); if (r 0) { -- 1.8.5.5 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH] resolved: re-add support for getting local domain from DHCP
On Tue, Jul 29, 2014 at 02:48:18PM -0700, Michael Marineau wrote: When the code for generating resolv.conf was moved from networkd to resolved the DHCP domain name code was dropped. --- This is a resend, rebased since some recent changes changed how this patch needed to be implemented. src/network/networkd-link.c| 13 + src/network/sd-network.c | 24 src/resolve/resolved-link.c| 20 src/resolve/resolved-link.h| 2 ++ src/resolve/resolved-manager.c | 10 +- src/systemd/sd-network.h | 3 +++ 6 files changed, 71 insertions(+), 1 deletion(-) diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c index 3b8b7ed..827c428 100644 --- a/src/network/networkd-link.c +++ b/src/network/networkd-link.c @@ -2451,6 +2451,19 @@ int link_save(Link *link) { (address + 1 ? : )); fputs(\n, f); + +fprintf(f, DOMAINNAME=); + +if (link-network-dhcp_domainname +link-dhcp_lease) { +const char *domainname; + +r = sd_dhcp_lease_get_domainname(link-dhcp_lease, domainname); +if (r = 0) +fputs(domainname, f); +} + +fputs(\n, f); Is it really necessary to write anything if the name is not available? Other parts of this function don't write anyting in similar cases. if (link-dhcp_lease) { diff --git a/src/network/sd-network.c b/src/network/sd-network.c index bfb8321..a427a27 100644 --- a/src/network/sd-network.c +++ b/src/network/sd-network.c @@ -175,6 +175,30 @@ _public_ int sd_network_get_ntp(int ifindex, char ***ret) { return network_get_strv(NTP, ifindex, ret); } +_public_ int sd_network_get_domainname(int ifindex, char **domainname) { +_cleanup_free_ char *s = NULL, *p = NULL; +int r; + +assert_return(ifindex 0, -EINVAL); +assert_return(domainname, -EINVAL); + +if (asprintf(p, /run/systemd/netif/links/%d, ifindex) 0) +return -ENOMEM; Not terribly important, but please spell that as: char p[sizeof(/run/systemd/netif/links/) + DECIMAL_STRING_MAX(int)]; snprintf(p, sizeof(p), /run/systemd/netif/links/%d, ifindex); +r = parse_env_file(p, NEWLINE, DOMAINNAME, s, NULL); +if (r == -ENOENT) +return -ENODATA; +else if (r 0) +return r; +else if (!s) +return -EIO; + +*domainname = s; +s = NULL; + +return 0; +} + static inline int MONITOR_TO_FD(sd_network_monitor *m) { return (int) (unsigned long) m - 1; } diff --git a/src/resolve/resolved-link.c b/src/resolve/resolved-link.c index 6ac7c5b..f6b7f6a 100644 --- a/src/resolve/resolved-link.c +++ b/src/resolve/resolved-link.c @@ -77,6 +77,7 @@ Link *link_free(Link *l) { while (l-dns_servers) dns_server_free(l-dns_servers); +free(l-domainname); free(l); return NULL; } @@ -191,10 +192,29 @@ clear: return r; } +static int link_update_domainname(Link *l) { +char *domainname = NULL; +int r; + +assert(l); + +free(l-domainname); +l-domainname = NULL; + +r = sd_network_get_domainname(l-ifindex, domainname); +if (r 0) +return r; + +l-domainname = domainname; + +return 0; +} + int link_update_monitor(Link *l) { assert(l); link_update_dns_servers(l); +link_update_domainname(l); link_allocate_scopes(l); link_add_rrs(l); diff --git a/src/resolve/resolved-link.h b/src/resolve/resolved-link.h index f58bd54..9730aec 100644 --- a/src/resolve/resolved-link.h +++ b/src/resolve/resolved-link.h @@ -68,6 +68,8 @@ struct Link { RateLimit mdns_ratelimit; RateLimit llmnr_ratelimit; + +char *domainname; }; int link_new(Manager *m, Link **ret, int ifindex); diff --git a/src/resolve/resolved-manager.c b/src/resolve/resolved-manager.c index a8715bd..253a97e 100644 --- a/src/resolve/resolved-manager.c +++ b/src/resolve/resolved-manager.c @@ -522,6 +522,7 @@ int manager_write_resolv_conf(Manager *m) { const char *path = /run/systemd/resolve/resolv.conf; _cleanup_free_ char *temp_path = NULL; _cleanup_fclose_ FILE *f = NULL; +const char *domainname = NULL; unsigned count = 0; DnsServer *s; Iterator i; @@ -542,13 +543,20 @@ int manager_write_resolv_conf(Manager *m) { # resolv.conf(5) in a different way, replace the symlink by a\n # static file or a different symlink.\n\n, f); -
Re: [systemd-devel] [215] bridge with static network does not work
On 07/29/2014 06:24 PM, Gerardo Exequiel Pozzi wrote: Hello, Setting up a bridge with systemd-networkd does not works for me. Doing things manually works. (no network, can not ping other hosts). Output of ip addr looks same in both cases. I am sure that I am doing things correctly, if not please let me know. Thanks. By the way, If after start networkd, I set br0 to promisc executing ip link set br0 promisc on, network works fine, but of course now br0 shows PROMISC under ip link. systemd-networkd config looks like: # cat br0.netdev [NetDev] Name=br0 Kind=bridge # cat br0.network [Match] Name=br0 [Network] Address=192.168.0.77/24 Gateway=192.168.0.1 # cat enp0s16.network [Match] Name=enp0s16 [Network] Bridge=br0 and manual commands for the same (works): ip link add name br0 type bridge ip addr add 192.168.0.77/24 broadcast + dev br0 ip link set dev enp0s16 master br0 ip link set dev br0 up ip link set dev enp0s16 up ip route add default via 192.168.0.1 In both cases the output of ip addr is: 2: enp0s16: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc pfifo_fast master br0 state UP group default qlen 1000 link/ether 00:17:31:bb:44:19 brd ff:ff:ff:ff:ff:ff inet6 fe80::217:31ff:febb:4419/64 scope link valid_lft forever preferred_lft forever 8: br0: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc noqueue state UP group default link/ether 00:17:31:bb:44:19 brd ff:ff:ff:ff:ff:ff inet 192.168.0.77/24 brd 192.168.0.255 scope global br0 valid_lft forever preferred_lft forever inet6 fe80::217:31ff:febb:4419/64 scope link valid_lft forever preferred_lft forever and bridge fdb: 01:00:5e:00:00:01 dev enp0s16 self permanent 33:33:00:00:00:01 dev enp0s16 self permanent 33:33:ff:bb:44:19 dev enp0s16 self permanent 00:19:3e:ea:c5:54 dev enp0s16 vlan 0 00:21:29:98:d4:f3 dev enp0s16 vlan 0 00:17:31:bb:44:19 dev enp0s16 vlan 0 permanent Have a nice day! signature.asc Description: OpenPGP digital signature ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH] resolved: re-add support for getting local domain from DHCP
On Tue, Jul 29, 2014 at 3:37 PM, Zbigniew Jędrzejewski-Szmek zbys...@in.waw.pl wrote: On Tue, Jul 29, 2014 at 02:48:18PM -0700, Michael Marineau wrote: When the code for generating resolv.conf was moved from networkd to resolved the DHCP domain name code was dropped. --- This is a resend, rebased since some recent changes changed how this patch needed to be implemented. src/network/networkd-link.c| 13 + src/network/sd-network.c | 24 src/resolve/resolved-link.c| 20 src/resolve/resolved-link.h| 2 ++ src/resolve/resolved-manager.c | 10 +- src/systemd/sd-network.h | 3 +++ 6 files changed, 71 insertions(+), 1 deletion(-) diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c index 3b8b7ed..827c428 100644 --- a/src/network/networkd-link.c +++ b/src/network/networkd-link.c @@ -2451,6 +2451,19 @@ int link_save(Link *link) { (address + 1 ? : )); fputs(\n, f); + +fprintf(f, DOMAINNAME=); + +if (link-network-dhcp_domainname +link-dhcp_lease) { +const char *domainname; + +r = sd_dhcp_lease_get_domainname(link-dhcp_lease, domainname); +if (r = 0) +fputs(domainname, f); +} + +fputs(\n, f); Is it really necessary to write anything if the name is not available? Other parts of this function don't write anyting in similar cases. I was just matching the above lines which may write DNS= or NTP= with blank values. I don't think it matters either way. Omitting DOMAINNAME= if it is blank certainly looks a little cleaner since the writes get squashed into a single fprintf. Will update. if (link-dhcp_lease) { diff --git a/src/network/sd-network.c b/src/network/sd-network.c index bfb8321..a427a27 100644 --- a/src/network/sd-network.c +++ b/src/network/sd-network.c @@ -175,6 +175,30 @@ _public_ int sd_network_get_ntp(int ifindex, char ***ret) { return network_get_strv(NTP, ifindex, ret); } +_public_ int sd_network_get_domainname(int ifindex, char **domainname) { +_cleanup_free_ char *s = NULL, *p = NULL; +int r; + +assert_return(ifindex 0, -EINVAL); +assert_return(domainname, -EINVAL); + +if (asprintf(p, /run/systemd/netif/links/%d, ifindex) 0) +return -ENOMEM; Not terribly important, but please spell that as: char p[sizeof(/run/systemd/netif/links/) + DECIMAL_STRING_MAX(int)]; snprintf(p, sizeof(p), /run/systemd/netif/links/%d, ifindex); This was copied verbatim from similar functions in this file, should I update the style of the others to match your suggestion? Why the preference of manually calculating a buffer length than using asprintf? +r = parse_env_file(p, NEWLINE, DOMAINNAME, s, NULL); +if (r == -ENOENT) +return -ENODATA; +else if (r 0) +return r; +else if (!s) +return -EIO; + +*domainname = s; +s = NULL; + +return 0; +} + static inline int MONITOR_TO_FD(sd_network_monitor *m) { return (int) (unsigned long) m - 1; } diff --git a/src/resolve/resolved-link.c b/src/resolve/resolved-link.c index 6ac7c5b..f6b7f6a 100644 --- a/src/resolve/resolved-link.c +++ b/src/resolve/resolved-link.c @@ -77,6 +77,7 @@ Link *link_free(Link *l) { while (l-dns_servers) dns_server_free(l-dns_servers); +free(l-domainname); free(l); return NULL; } @@ -191,10 +192,29 @@ clear: return r; } +static int link_update_domainname(Link *l) { +char *domainname = NULL; +int r; + +assert(l); + +free(l-domainname); +l-domainname = NULL; + +r = sd_network_get_domainname(l-ifindex, domainname); +if (r 0) +return r; + +l-domainname = domainname; + +return 0; +} + int link_update_monitor(Link *l) { assert(l); link_update_dns_servers(l); +link_update_domainname(l); link_allocate_scopes(l); link_add_rrs(l); diff --git a/src/resolve/resolved-link.h b/src/resolve/resolved-link.h index f58bd54..9730aec 100644 --- a/src/resolve/resolved-link.h +++ b/src/resolve/resolved-link.h @@ -68,6 +68,8 @@ struct Link { RateLimit mdns_ratelimit; RateLimit llmnr_ratelimit; + +char *domainname; }; int link_new(Manager *m, Link **ret, int ifindex); diff --git a/src/resolve/resolved-manager.c b/src/resolve/resolved-manager.c index a8715bd..253a97e 100644 --- a/src/resolve/resolved-manager.c +++ b/src/resolve/resolved-manager.c @@ -522,6 +522,7 @@ int