Re: [systemd-devel] Fwd: [PATCH] Add support for detecting NIC partitions on Dell Servers

[Tom Gundersen]

On Tue, Nov 10, 2015 at 2:29 PM, Jordan Hargrave  wrote:
> On Tue, Nov 10, 2015 at 4:53 AM, Kay Sievers  wrote:
>> On Tue, Nov 10, 2015 at 5:49 AM, Jordan Hargrave  wrote:
>>> Cleaned up linux coding style
>>>
>>> This patch will integrate some of the features of biosdevname into systemd.
>>> The code detects the port and index for detecting NIC partitions. This 
>>> creates
>>> a new environment variable, ID_NET_NAME_PARTITION of the format
>>> _
>>>
>>> The patch will also decode SMBIOS slot number for NIC, and store in the 
>>> variable
>>> ID_NET_NAME_SMBIOS_SLOT.  Systemd does not have a method for naming
>>> ports on a multi-port card plugged into a slot.
>>
>> Again, I don't think systemd should carry an SMBIOS parser.
>>
>> Sorry,
>> Kay
>
> From a customer usability standpoint, having the slot numbers as part
> of systemd would be a very useful feature.

Sure, but I think Kay's point was that the needed info should be
exposed from the kernel in a sysattr, not be parsed from udev. Any
reason this cannot be done that way?

>  The current method only
> works for single-port NICs in a slot.  Multi-port NICs, especially
> ones with SR-IOV or multiple partitions get garbled names like

Just to make sure we are on the same page, when you say "garbled" you
mean that the naming scheme is not the one you want, but there are no
bugs here, right?

> enp4s0
> enp4s1
> enp4s0d1
> enp4s0f1
> enp4s0f2
> enp4s0f3
> enp4s0f4
> enp4s0f5
> enp4s0f6
> enp4s0f7
> enp4s0f1d1
> enp4s0f2d1
> enp4s0f3d1
> enp4s0f4d1
> enp4s0f5d1
> enp4s0f6d1
> enp4s0f7d1
> enp4s1d1
> enp68s0f0
> enp68s0f1
> enp69s0f0
> enp69s0f1
>
> That's another annoying thing with systemd names, the bus number is
> *decimal*.  lspci is in hex, so the customer has to do a conversion to
> figure out even what PCI device that is.

I guess too late to change that now.

> All enp4 are a dual-port NIC in Slot 3 with 8 SR-IOV devices.

Hm, there are 17 devices listed, shouldn't there be 16 based on your
description?

> All enp68xx and enp69xxx are a single quad-port NIC in slot 2.
> Systemd breaks here if trying to name using slot numbers with the
> existing method.  As there are 4 devices under the slot with same
> device numbers, systemd would name them
> ens2f0
> ens2f1
> ens2f0
> ens2f1
>
> Which causes name collision.  I was able to verify this as either they
> got named:
> ens2f0
> ens2f1
> enp69s0f0
> enp69s0f1
>
> or
> enp68s0f0
> enp68s0f1
> ens2f0
> ens2f1
>
> at startup.
>
> That's the best feature of biosdevname, being able to tell which slot
> the NIC is located just from the name.  Systemd still has some
> limitations and/or bugs in this regard.

So how would your proposed naming scheme look in the examples you
gave? Is the information needed to generate the name taken from the
device in question or any of its parent devices (but never from its
siblings or other devices) and hence independent of probe-ordering?

Cheers,

Tom
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Pruning journal on systemd 216

[Zbigniew Jędrzejewski-Szmek]

On Tue, Nov 10, 2015 at 09:23:50AM -0600, Ian Pilcher wrote:
> Running Fedora 21 with systemd 216, and just discovered that journal
> files are taking up 1.8G.  I see references to "journalctl
> --vacuum-time" on the interwebs, but that option doesn't seem to be
> present in my version.
> 
> So how should I go about cleaning out older journal data?
You can
a) simply remove files by hand
   (find /var/log/journal/ -type f -mtime +DAYS -delete)
b) set SystemMaxUse= or MaxRetentinoSec= in /etc/systemd/journald.conf
   and 'systemctl kill --signal=SIGUSR2 systemd-journald' to execute
   the new limit.

Zbyszek
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

[systemd-devel] [PATCH] v3 Read NIC partitions on Dell Servers

[jharg93]

From: Jordan Hargrave 

I removed the SMBIOS-specific code, this code is for partition detection only.

This patch will read NIC partition info from VPD on Dell Servers

It creates a new environment variable 'ID_NET_NAME_PARTITION'
with the format '_'

Signed-off-by: Jordan Hargrave 
---
 src/udev/udev-builtin-net_id.c | 127 +
 1 file changed, 127 insertions(+)

diff --git a/src/udev/udev-builtin-net_id.c b/src/udev/udev-builtin-net_id.c
index ef9c398..69dd9fd 100644
--- a/src/udev/udev-builtin-net_id.c
+++ b/src/udev/udev-builtin-net_id.c
@@ -119,16 +119,131 @@ struct netnames {
 bool mac_valid;
 
 struct udev_device *pcidev;
+struct udev_device *physdev;
 char pci_slot[IFNAMSIZ];
 char pci_path[IFNAMSIZ];
 char pci_onboard[IFNAMSIZ];
 const char *pci_onboard_label;
+int  npar_port;
+int  npar_pfi;
 
 char usb_ports[IFNAMSIZ];
 char bcma_core[IFNAMSIZ];
 char ccw_group[IFNAMSIZ];
 };
 
+#define FLAG_IOV 0x80
+#define FLAG_NPAR 0x1000
+
+#define VPDI_TAG 0x82
+#define VPDR_TAG 0x90
+
+struct vpd_tag
+{
+char  cc[2];
+unsigned char len;
+char  data[1];
+};
+
+/* Read VPD tag ID */
+static int vpd_readtag(int fd, int *len)
+{
+unsigned char tag, tlen[2];
+
+if (read(fd, , 1) != 1)
+return -1;
+if (tag == 0x00 || tag == 0xFF || tag == 0x7F)
+return -1;
+if (tag & 0x80) {
+if (read(fd, tlen, 2) != 2)
+return -1;
+*len = tlen[0] + (tlen[1] << 8);
+return tag;
+}
+*len = (tag & 0x7);
+return (tag & ~0x7);
+}
+
+static void *vpd_findtag(void *buf, int len, const char *sig)
+{
+int off, siglen;
+struct vpd_tag *t;
+
+off = 0;
+siglen = strlen(sig);
+while (off < len) {
+t = (struct vpd_tag *)((unsigned char *)buf + off);
+if (!memcmp(t->data, sig, siglen))
+return t;
+off += (t->len + 3);
+}
+return NULL;
+}
+
+static void dev_pci_npar_dcm(struct udev_device *dev, struct netnames *names,
+ int len, const char *dcm,
+ const char *fmt, int step)
+{
+int domain, bus, slot, func, off, mydf;
+int port, df, pfi, flag;
+
+if (sscanf(udev_device_get_sysname(names->physdev), "%x:%x:%x.%u",
+   , , , ) != 4)
+return;
+mydf = (slot << 3) + func;
+for (off=3; offnpar_port = port;
+names->npar_pfi = pfi;
+}
+}
+}
+
+static void dev_pci_npar(struct udev_device *dev, struct netnames *names) {
+const char *filename;
+int len, fd;
+struct vpd_tag *dcm;
+void *buf;
+
+/* Search for VPD or IOV VPD */
+filename = strjoina(udev_device_get_syspath(names->physdev), "/vpd");
+if ((fd = open(filename, O_RDONLY)) < 0) {
+return;
+}
+if (vpd_readtag(fd, ) != VPDI_TAG) {
+goto done;
+}
+lseek(fd, len, SEEK_CUR);
+
+/* Check VPD-R */
+if (vpd_readtag(fd, ) != VPDR_TAG) {
+goto done;
+}
+buf = alloca(len);
+if (read(fd, buf, len) != len) {
+goto done;
+}
+
+/* Check for DELL VPD tag */
+if (!vpd_findtag(buf, len, "DSV1028VPDR.VER")) {
+goto done;
+}
+
+/* Find DCM/DC2 tag */
+if ((dcm = vpd_findtag(buf, len, "DCM")) != NULL) {
+dev_pci_npar_dcm(dev, names, dcm->len, dcm->data,
+ "%1x%1x%2x%6x", 10);
+}
+else if ((dcm = vpd_findtag(buf, len, "DC2")) != NULL) {
+dev_pci_npar_dcm(dev, names, dcm->len, dcm->data,
+ "%1x%2x%2x%6x", 11);
+}
+ done:
+close(fd);
+return;
+}
+
 /* retrieve on-board index number and label from firmware */
 static int dev_pci_onboard(struct udev_device *dev, struct netnames *names) {
 unsigned dev_port = 0;
@@ -277,6 +392,7 @@ out:
 
 static int names_pci(struct udev_device *dev, struct netnames *names) {
 struct udev_device *parent;
+char path[256];
 
 assert(dev);
 assert(names);
@@ -301,8 +417,14 @@ static int names_pci(struct udev_device *dev, struct 
netnames *names) {
 if (!names->pcidev)
 return -ENOENT;
 }
+/* find SR-IOV parent device */
+snprintf(path, sizeof(path), "%s/physfn", 

[systemd-devel] "Failed to determine peer security context: Protocol not available" on kernels with disabled selinux

[Igor Zhbanov]

Hi!

I see lots of messages (with systemd debug enabled) on the kernel with
selinux disabled:
systemd[1]: Failed to determine peer security context: Protocol not available

As I understand, this happen because getsockopt() returns ENOPROTOOPT,
and systemd
checks for EOPNOTSUPP.

Consider getpeersec() in src/basic/socket-util.c:
int getpeersec(int fd, char **ret) {
socklen_t n = 64;
char *s;
int r;

assert(fd >= 0);
assert(ret);

s = new0(char, n);
if (!s)
return -ENOMEM;

r = getsockopt(fd, SOL_SOCKET, SO_PEERSEC, s, );
if (r < 0) {
free(s);

if (errno != ERANGE)
return -errno;

s = new0(char, n);
if (!s)
return -ENOMEM;

r = getsockopt(fd, SOL_SOCKET, SO_PEERSEC, s, );
if (r < 0) {
free(s);
return -errno;
}
}

if (isempty(s)) {
free(s);
return -EOPNOTSUPP;
}

*ret = s;
return 0;
}

and how it's used in bus_get_peercred() in src/libsystemd/sd-bus/bus-socket.c:
static void bus_get_peercred(sd_bus *b) {
int r;

assert(b);

/* Get the peer for socketpair() sockets */
b->ucred_valid = getpeercred(b->input_fd, >ucred) >= 0;

/* Get the SELinux context of the peer */
r = getpeersec(b->input_fd, >label);
if (r < 0 && r != -EOPNOTSUPP)
log_debug_errno(r, "Failed to determine peer security
context: %m");
}

When errno == ENOPROTOOPT (as in the case when both SMACK and selinux
are disabled),
debug message will be produced.

I think, it could be fixed like this:
--- socket-util.c   2015-11-10 19:21:47.73043 +
+++ socket-util-new.c   2015-11-10 19:52:19.169268637 +
@@ -844,6 +844,9 @@ int getpeersec(int fd, char **ret) {
 if (r < 0) {
 free(s);

+if (errno == ENOPROTOOPT)
+return -EOPNOTSUPP;
+
 if (errno != ERANGE)
 return -errno;
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Systemd-nspawn networkd configuration

[Lennart Poettering]

On Tue, 10.11.15 15:17, Dmitry Kulida (v...@bk.ru) wrote:

> Hi guys!
> 
> I'm running few systemd-nspawn containers with veth network interfaces. I'd
> like to configure separate subnet for each container but all I've found in
> config files is using DHCP server for each container and no option to use
> fixed IP/SUBNET for each container. Could anyone please help to find option
> to configure exact IP/SUBNET for each container instead of system
> address/subnet selection?
> 
> 
> 80-container-ve.network
> [Match]
> Name=ve-*
> Driver=veth
> 
> [Network]
> # Default to using a /28 prefix, giving up to 13 addresses per container.
> Address=1.1.1.0/30
> LinkLocalAddressing=yes
> DHCPServer=yes
> IPMasquerade=yes


Add a couple of separate files: 80-container-foo.network,
80-container-bar.network, 80-container-waldo.network, ... and then
make sure the [Match] section matches against exactly the veth link
towards one specific container, and configure the IP address range for
each one individually in the Address= line.

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] [PATCH] v3 Read NIC partitions on Dell Servers

[systemd github import bot]

Patchset imported to github.
To create a pull request, one of the main developers has to initiate one via:


--
Generated by https://github.com/haraldh/mail2git
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Fwd: [PATCH] Add support for detecting NIC partitions on Dell Servers

[Jordan Hargrave]

On Tue, Nov 10, 2015 at 4:53 AM, Kay Sievers  wrote:
> On Tue, Nov 10, 2015 at 5:49 AM, Jordan Hargrave  wrote:
>> Cleaned up linux coding style
>>
>> This patch will integrate some of the features of biosdevname into systemd.
>> The code detects the port and index for detecting NIC partitions. This 
>> creates
>> a new environment variable, ID_NET_NAME_PARTITION of the format
>> _
>>
>> The patch will also decode SMBIOS slot number for NIC, and store in the 
>> variable
>> ID_NET_NAME_SMBIOS_SLOT.  Systemd does not have a method for naming
>> ports on a multi-port card plugged into a slot.
>
> Again, I don't think systemd should carry an SMBIOS parser.
>
> Sorry,
> Kay

From a customer usability standpoint, having the slot numbers as part
of systemd would be a very useful feature.  The current method only
works for single-port NICs in a slot.  Multi-port NICs, especially
ones with SR-IOV or multiple partitions get garbled names like

enp4s0
enp4s1
enp4s0d1
enp4s0f1
enp4s0f2
enp4s0f3
enp4s0f4
enp4s0f5
enp4s0f6
enp4s0f7
enp4s0f1d1
enp4s0f2d1
enp4s0f3d1
enp4s0f4d1
enp4s0f5d1
enp4s0f6d1
enp4s0f7d1
enp4s1d1
enp68s0f0
enp68s0f1
enp69s0f0
enp69s0f1

That's another annoying thing with systemd names, the bus number is
*decimal*.  lspci is in hex, so the customer has to do a conversion to
figure out even what PCI device that is.

All enp4 are a dual-port NIC in Slot 3 with 8 SR-IOV devices.

All enp68xx and enp69xxx are a single quad-port NIC in slot 2.
Systemd breaks here if trying to name using slot numbers with the
existing method.  As there are 4 devices under the slot with same
device numbers, systemd would name them
ens2f0
ens2f1
ens2f0
ens2f1

Which causes name collision.  I was able to verify this as either they
got named:
ens2f0
ens2f1
enp69s0f0
enp69s0f1

or
enp68s0f0
enp68s0f1
ens2f0
ens2f1

at startup.

That's the best feature of biosdevname, being able to tell which slot
the NIC is located just from the name.  Systemd still has some
limitations and/or bugs in this regard.
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel