2020-11-09 05:23:58 +01:00
|
|
|
/* SPDX-License-Identifier: LGPL-2.1-or-later */
|
2013-10-17 03:18:36 +02:00
|
|
|
|
2019-05-09 02:33:45 +02:00
|
|
|
#include <netinet/in.h>
|
2019-03-27 11:32:41 +01:00
|
|
|
#include <sys/stat.h>
|
|
|
|
#include <sys/types.h>
|
|
|
|
|
2013-11-23 02:47:12 +01:00
|
|
|
#include "sd-daemon.h"
|
2016-11-28 20:42:40 +01:00
|
|
|
#include "sd-event.h"
|
2015-10-25 22:32:30 +01:00
|
|
|
|
2015-10-26 23:32:16 +01:00
|
|
|
#include "capability-util.h"
|
2018-11-26 08:37:52 +01:00
|
|
|
#include "daemon-util.h"
|
2020-09-15 19:58:44 +02:00
|
|
|
#include "firewall-util.h"
|
2018-11-26 08:37:52 +01:00
|
|
|
#include "main-func.h"
|
2018-08-22 07:30:49 +02:00
|
|
|
#include "mkdir.h"
|
2016-03-31 01:33:55 +02:00
|
|
|
#include "networkd-conf.h"
|
2016-11-13 04:59:06 +01:00
|
|
|
#include "networkd-manager.h"
|
2015-10-25 22:32:30 +01:00
|
|
|
#include "signal-util.h"
|
|
|
|
#include "user-util.h"
|
2013-10-17 03:18:36 +02:00
|
|
|
|
2018-11-26 08:37:52 +01:00
|
|
|
static int run(int argc, char *argv[]) {
|
tree-wide: drop redundant _cleanup_ macros (#8810)
This drops a good number of type-specific _cleanup_ macros, and patches
all users to just use the generic ones.
In most recent code we abstained from defining type-specific macros, and
this basically removes all those added already, with the exception of
the really low-level ones.
Having explicit macros for this is not too useful, as the expression
without the extra macro is generally just 2ch wider. We should generally
emphesize generic code, unless there are really good reasons for
specific code, hence let's follow this in this case too.
Note that _cleanup_free_ and similar really low-level, libc'ish, Linux
API'ish macros continue to be defined, only the really high-level OO
ones are dropped. From now on this should really be the rule: for really
low-level stuff, such as memory allocation, fd handling and so one, go
ahead and define explicit per-type macros, but for high-level, specific
program code, just use the generic _cleanup_() macro directly, in order
to keep things simple and as readable as possible for the uninitiated.
Note that before this patch some of the APIs (notable libudev ones) were
already used with the high-level macros at some places and with the
generic _cleanup_ macro at others. With this patch we hence unify on the
latter.
2018-04-25 12:31:45 +02:00
|
|
|
_cleanup_(manager_freep) Manager *m = NULL;
|
2020-07-02 14:56:34 +02:00
|
|
|
_cleanup_(notify_on_cleanup) const char *notify_message = NULL;
|
2013-10-17 03:18:36 +02:00
|
|
|
int r;
|
|
|
|
|
2018-11-20 11:18:22 +01:00
|
|
|
log_setup_service();
|
2013-10-17 03:18:36 +02:00
|
|
|
|
|
|
|
umask(0022);
|
|
|
|
|
2018-11-26 08:37:52 +01:00
|
|
|
if (argc != 1)
|
|
|
|
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "This program takes no arguments.");
|
2013-10-17 03:18:36 +02:00
|
|
|
|
2017-08-26 18:40:47 +02:00
|
|
|
/* Drop privileges, but only if we have been started as root. If we are not running as root we assume all
|
2019-12-06 15:36:58 +01:00
|
|
|
* privileges are already dropped and we can't create our runtime directory. */
|
2017-08-26 18:40:47 +02:00
|
|
|
if (geteuid() == 0) {
|
2019-12-06 15:36:58 +01:00
|
|
|
const char *user = "systemd-network";
|
|
|
|
uid_t uid;
|
|
|
|
gid_t gid;
|
|
|
|
|
|
|
|
r = get_user_creds(&user, &uid, &gid, NULL, NULL, 0);
|
|
|
|
if (r < 0)
|
|
|
|
return log_error_errno(r, "Cannot resolve user name %s: %m", user);
|
|
|
|
|
|
|
|
/* Create runtime directory. This is not necessary when networkd is
|
|
|
|
* started with "RuntimeDirectory=systemd/netif", or after
|
|
|
|
* systemd-tmpfiles-setup.service. */
|
|
|
|
r = mkdir_safe_label("/run/systemd/netif", 0755, uid, gid, MKDIR_WARN_MODE);
|
|
|
|
if (r < 0)
|
|
|
|
log_warning_errno(r, "Could not create runtime directory: %m");
|
|
|
|
|
2017-08-26 18:40:47 +02:00
|
|
|
r = drop_privileges(uid, gid,
|
|
|
|
(1ULL << CAP_NET_ADMIN) |
|
|
|
|
(1ULL << CAP_NET_BIND_SERVICE) |
|
|
|
|
(1ULL << CAP_NET_BROADCAST) |
|
|
|
|
(1ULL << CAP_NET_RAW));
|
|
|
|
if (r < 0)
|
2018-11-26 08:37:52 +01:00
|
|
|
return log_error_errno(r, "Failed to drop privileges: %m");
|
2017-08-26 18:40:47 +02:00
|
|
|
}
|
2014-06-01 09:12:00 +02:00
|
|
|
|
2018-01-16 19:35:25 +01:00
|
|
|
/* Always create the directories people can create inotify watches in.
|
|
|
|
* It is necessary to create the following subdirectories after drop_privileges()
|
|
|
|
* to support old kernels not supporting AmbientCapabilities=. */
|
2019-12-06 15:36:58 +01:00
|
|
|
r = mkdir_safe_label("/run/systemd/netif/links", 0755, UID_INVALID, GID_INVALID, MKDIR_WARN_MODE);
|
2018-01-16 19:35:25 +01:00
|
|
|
if (r < 0)
|
|
|
|
log_warning_errno(r, "Could not create runtime directory 'links': %m");
|
|
|
|
|
2019-12-06 15:36:58 +01:00
|
|
|
r = mkdir_safe_label("/run/systemd/netif/leases", 0755, UID_INVALID, GID_INVALID, MKDIR_WARN_MODE);
|
2018-01-16 19:35:25 +01:00
|
|
|
if (r < 0)
|
|
|
|
log_warning_errno(r, "Could not create runtime directory 'leases': %m");
|
|
|
|
|
2019-12-06 15:36:58 +01:00
|
|
|
r = mkdir_safe_label("/run/systemd/netif/lldp", 0755, UID_INVALID, GID_INVALID, MKDIR_WARN_MODE);
|
2018-01-16 19:35:25 +01:00
|
|
|
if (r < 0)
|
|
|
|
log_warning_errno(r, "Could not create runtime directory 'lldp': %m");
|
|
|
|
|
2015-06-15 20:13:23 +02:00
|
|
|
assert_se(sigprocmask_many(SIG_BLOCK, NULL, SIGTERM, SIGINT, -1) >= 0);
|
2014-07-07 23:11:03 +02:00
|
|
|
|
2018-07-18 05:37:50 +02:00
|
|
|
r = manager_new(&m);
|
2018-11-26 08:37:52 +01:00
|
|
|
if (r < 0)
|
|
|
|
return log_error_errno(r, "Could not create manager: %m");
|
2015-02-05 18:00:16 +01:00
|
|
|
|
|
|
|
r = manager_connect_bus(m);
|
2018-11-26 08:37:52 +01:00
|
|
|
if (r < 0)
|
|
|
|
return log_error_errno(r, "Could not connect to bus: %m");
|
2013-10-17 03:18:36 +02:00
|
|
|
|
2016-03-31 01:33:55 +02:00
|
|
|
r = manager_parse_config_file(m);
|
|
|
|
if (r < 0)
|
|
|
|
log_warning_errno(r, "Failed to parse configuration file: %m");
|
|
|
|
|
2014-03-10 23:40:34 +01:00
|
|
|
r = manager_load_config(m);
|
2018-11-26 08:37:52 +01:00
|
|
|
if (r < 0)
|
|
|
|
return log_error_errno(r, "Could not load configuration files: %m");
|
2014-01-05 23:01:10 +01:00
|
|
|
|
2020-09-29 09:44:41 +02:00
|
|
|
r = manager_enumerate(m);
|
2018-11-26 08:37:52 +01:00
|
|
|
if (r < 0)
|
2020-09-29 09:44:41 +02:00
|
|
|
return r;
|
2019-10-04 21:40:51 +02:00
|
|
|
|
2020-09-15 19:58:44 +02:00
|
|
|
r = fw_ctx_new(&m->fw_ctx);
|
|
|
|
if (r < 0)
|
|
|
|
log_warning_errno(r, "Could not initialize firewall, IPMasquerade= option not available: %m");
|
|
|
|
|
2016-11-28 20:42:40 +01:00
|
|
|
r = manager_start(m);
|
2018-11-26 08:37:52 +01:00
|
|
|
if (r < 0)
|
|
|
|
return log_error_errno(r, "Could not start manager: %m");
|
2016-11-28 20:42:40 +01:00
|
|
|
|
2015-02-04 09:47:50 +01:00
|
|
|
log_info("Enumeration completed");
|
|
|
|
|
2018-11-26 08:37:52 +01:00
|
|
|
notify_message = notify_start(NOTIFY_READY, NOTIFY_STOPPING);
|
2013-11-14 16:22:51 +01:00
|
|
|
|
2018-07-18 05:37:50 +02:00
|
|
|
r = sd_event_loop(m->event);
|
2018-11-26 08:37:52 +01:00
|
|
|
if (r < 0)
|
|
|
|
return log_error_errno(r, "Event loop failed: %m");
|
2013-10-17 03:18:36 +02:00
|
|
|
|
2018-11-26 08:37:52 +01:00
|
|
|
return 0;
|
2013-10-17 03:18:36 +02:00
|
|
|
}
|
2018-11-26 08:37:52 +01:00
|
|
|
|
|
|
|
DEFINE_MAIN_FUNCTION(run);
|