Merge pull request #16374 from keszybz/docs-and-networkd
Docs and networkd
This commit is contained in:
commit
c82012605b
|
@ -368,11 +368,11 @@ directory is first created, and defaults to `/etc/skel` if not defined.
|
||||||
access mask for the home directory when it is first created.
|
access mask for the home directory when it is first created.
|
||||||
|
|
||||||
`tasksMax` → Takes an unsigned 64bit integer indicating the maximum number of
|
`tasksMax` → Takes an unsigned 64bit integer indicating the maximum number of
|
||||||
tasks the user may start in parallel during system runtime. This value is
|
tasks the user may start in parallel during system runtime. This counts
|
||||||
enforced on all tasks (i.e. processes and threads) the user starts or that are
|
all tasks (i.e. threads, where each process is at least one thread) the user starts or that are
|
||||||
forked off these processes regardless if the change user identity (for example
|
forked from these processes even if the user identity is changed (for example
|
||||||
by setuid binaries/`su`/`sudo` and
|
by setuid binaries/`su`/`sudo` and similar).
|
||||||
similar). [`systemd-logind.service`](https://www.freedesktop.org/software/systemd/man/systemd-logind.service.html)
|
[`systemd-logind.service`](https://www.freedesktop.org/software/systemd/man/systemd-logind.service.html)
|
||||||
enforces this by setting the `TasksMax` slice property for the user's slice
|
enforces this by setting the `TasksMax` slice property for the user's slice
|
||||||
`user-$UID.slice`.
|
`user-$UID.slice`.
|
||||||
|
|
||||||
|
|
|
@ -504,10 +504,10 @@
|
||||||
<term><option>--tasks-max=</option><replaceable>TASKS</replaceable></term>
|
<term><option>--tasks-max=</option><replaceable>TASKS</replaceable></term>
|
||||||
|
|
||||||
<listitem><para>Takes a non-zero unsigned integer as argument. Configures the maximum numer of tasks
|
<listitem><para>Takes a non-zero unsigned integer as argument. Configures the maximum numer of tasks
|
||||||
(i.e. processes and threads) the user may have at any given time. This limit applies to all tasks
|
(i.e. threads, where each process is at least one thread) the user may have at any given time. This
|
||||||
forked off the user's sessions, even if they change user identity via <citerefentry
|
limit applies to all tasks forked off the user's sessions, even if they change user identity via
|
||||||
project='man-pages'><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></citerefentry> or a
|
<citerefentry project='man-pages'><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></citerefentry>
|
||||||
similar tool. Use <option>--rlimit=LIMIT_NPROC=</option> to place a limit on the tasks actually
|
or a similar tool. Use <option>--rlimit=LIMIT_NPROC=</option> to place a limit on the tasks actually
|
||||||
running under the UID of the user, thus excluding any child processes that might have changed user
|
running under the UID of the user, thus excluding any child processes that might have changed user
|
||||||
identity. This controls the <varname>TasksMax=</varname> setting of the per-user systemd slice unit
|
identity. This controls the <varname>TasksMax=</varname> setting of the per-user systemd slice unit
|
||||||
<filename>user-$UID.slice</filename>. See
|
<filename>user-$UID.slice</filename>. See
|
||||||
|
@ -532,7 +532,7 @@
|
||||||
<term><option>--cpu-weight=</option><replaceable>WEIGHT</replaceable></term>
|
<term><option>--cpu-weight=</option><replaceable>WEIGHT</replaceable></term>
|
||||||
<term><option>--io-weight=</option><replaceable>WEIGHT</replaceable></term>
|
<term><option>--io-weight=</option><replaceable>WEIGHT</replaceable></term>
|
||||||
|
|
||||||
<listitem><para>Set a CPU and IO scheduling weights of the processes of the user, including those of
|
<listitem><para>Set CPU and IO scheduling weights of the processes of the user, including those of
|
||||||
processes forked off by the user that changed user credentials. Takes a numeric value in the range
|
processes forked off by the user that changed user credentials. Takes a numeric value in the range
|
||||||
1…10000. This controls the <varname>CPUWeight=</varname> and <varname>IOWeight=</varname> settings of
|
1…10000. This controls the <varname>CPUWeight=</varname> and <varname>IOWeight=</varname> settings of
|
||||||
the per-user systemd slice unit <filename>user-$UID.slice</filename>. See
|
the per-user systemd slice unit <filename>user-$UID.slice</filename>. See
|
||||||
|
|
|
@ -3450,7 +3450,6 @@ static int link_load(Link *link) {
|
||||||
*dhcp4_address = NULL,
|
*dhcp4_address = NULL,
|
||||||
*ipv4ll_address = NULL;
|
*ipv4ll_address = NULL;
|
||||||
union in_addr_union address;
|
union in_addr_union address;
|
||||||
const char *p;
|
|
||||||
int r;
|
int r;
|
||||||
|
|
||||||
assert(link);
|
assert(link);
|
||||||
|
@ -3489,107 +3488,100 @@ static int link_load(Link *link) {
|
||||||
|
|
||||||
network_file_fail:
|
network_file_fail:
|
||||||
|
|
||||||
if (addresses) {
|
for (const char *p = addresses; p; ) {
|
||||||
p = addresses;
|
_cleanup_free_ char *address_str = NULL;
|
||||||
|
char *prefixlen_str;
|
||||||
|
int family;
|
||||||
|
unsigned char prefixlen;
|
||||||
|
|
||||||
for (;;) {
|
r = extract_first_word(&p, &address_str, NULL, 0);
|
||||||
_cleanup_free_ char *address_str = NULL;
|
if (r < 0)
|
||||||
char *prefixlen_str;
|
log_link_warning_errno(link, r, "failed to parse ADDRESSES: %m");
|
||||||
int family;
|
if (r <= 0)
|
||||||
unsigned char prefixlen;
|
break;
|
||||||
|
|
||||||
r = extract_first_word(&p, &address_str, NULL, 0);
|
prefixlen_str = strchr(address_str, '/');
|
||||||
if (r < 0) {
|
if (!prefixlen_str) {
|
||||||
log_link_debug_errno(link, r, "Failed to extract next address string: %m");
|
log_link_debug(link, "Failed to parse address and prefix length %s", address_str);
|
||||||
continue;
|
continue;
|
||||||
}
|
|
||||||
if (r == 0)
|
|
||||||
break;
|
|
||||||
|
|
||||||
prefixlen_str = strchr(address_str, '/');
|
|
||||||
if (!prefixlen_str) {
|
|
||||||
log_link_debug(link, "Failed to parse address and prefix length %s", address_str);
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
|
|
||||||
*prefixlen_str++ = '\0';
|
|
||||||
|
|
||||||
r = sscanf(prefixlen_str, "%hhu", &prefixlen);
|
|
||||||
if (r != 1) {
|
|
||||||
log_link_error(link, "Failed to parse prefixlen %s", prefixlen_str);
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
|
|
||||||
r = in_addr_from_string_auto(address_str, &family, &address);
|
|
||||||
if (r < 0) {
|
|
||||||
log_link_debug_errno(link, r, "Failed to parse address %s: %m", address_str);
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
|
|
||||||
r = address_add(link, family, &address, prefixlen, NULL);
|
|
||||||
if (r < 0)
|
|
||||||
return log_link_error_errno(link, r, "Failed to add address: %m");
|
|
||||||
}
|
}
|
||||||
|
*prefixlen_str++ = '\0';
|
||||||
|
|
||||||
|
r = sscanf(prefixlen_str, "%hhu", &prefixlen);
|
||||||
|
if (r != 1) {
|
||||||
|
log_link_error(link, "Failed to parse prefixlen %s", prefixlen_str);
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
r = in_addr_from_string_auto(address_str, &family, &address);
|
||||||
|
if (r < 0) {
|
||||||
|
log_link_debug_errno(link, r, "Failed to parse address %s: %m", address_str);
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
r = address_add(link, family, &address, prefixlen, NULL);
|
||||||
|
if (r < 0)
|
||||||
|
return log_link_error_errno(link, r, "Failed to add address: %m");
|
||||||
}
|
}
|
||||||
|
|
||||||
if (routes) {
|
for (const char *p = routes; p; ) {
|
||||||
p = routes;
|
_cleanup_(sd_event_source_unrefp) sd_event_source *expire = NULL;
|
||||||
|
_cleanup_(route_freep) Route *tmp = NULL;
|
||||||
|
_cleanup_free_ char *route_str = NULL;
|
||||||
|
char *prefixlen_str;
|
||||||
|
Route *route;
|
||||||
|
|
||||||
for (;;) {
|
r = extract_first_word(&p, &route_str, NULL, 0);
|
||||||
_cleanup_(sd_event_source_unrefp) sd_event_source *expire = NULL;
|
if (r < 0)
|
||||||
_cleanup_(route_freep) Route *tmp = NULL;
|
log_link_debug_errno(link, r, "failed to parse ROUTES: %m");
|
||||||
_cleanup_free_ char *route_str = NULL;
|
if (r <= 0)
|
||||||
char *prefixlen_str;
|
break;
|
||||||
Route *route;
|
|
||||||
|
|
||||||
r = extract_first_word(&p, &route_str, NULL, 0);
|
prefixlen_str = strchr(route_str, '/');
|
||||||
if (r < 0) {
|
if (!prefixlen_str) {
|
||||||
log_link_debug_errno(link, r, "Failed to extract next route string: %m");
|
log_link_debug(link, "Failed to parse route %s", route_str);
|
||||||
continue;
|
continue;
|
||||||
}
|
|
||||||
if (r == 0)
|
|
||||||
break;
|
|
||||||
|
|
||||||
prefixlen_str = strchr(route_str, '/');
|
|
||||||
if (!prefixlen_str) {
|
|
||||||
log_link_debug(link, "Failed to parse route %s", route_str);
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
|
|
||||||
*prefixlen_str++ = '\0';
|
|
||||||
|
|
||||||
r = route_new(&tmp);
|
|
||||||
if (r < 0)
|
|
||||||
return log_oom();
|
|
||||||
|
|
||||||
r = sscanf(prefixlen_str, "%hhu/%hhu/%"SCNu32"/%"PRIu32"/"USEC_FMT, &tmp->dst_prefixlen, &tmp->tos, &tmp->priority, &tmp->table, &tmp->lifetime);
|
|
||||||
if (r != 5) {
|
|
||||||
log_link_debug(link,
|
|
||||||
"Failed to parse destination prefix length, tos, priority, table or expiration %s",
|
|
||||||
prefixlen_str);
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
|
|
||||||
r = in_addr_from_string_auto(route_str, &tmp->family, &tmp->dst);
|
|
||||||
if (r < 0) {
|
|
||||||
log_link_debug_errno(link, r, "Failed to parse route destination %s: %m", route_str);
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
|
|
||||||
r = route_add(link, tmp, &route);
|
|
||||||
if (r < 0)
|
|
||||||
return log_link_error_errno(link, r, "Failed to add route: %m");
|
|
||||||
|
|
||||||
if (route->lifetime != USEC_INFINITY && !kernel_route_expiration_supported()) {
|
|
||||||
r = sd_event_add_time(link->manager->event, &expire, clock_boottime_or_monotonic(), route->lifetime,
|
|
||||||
0, route_expire_handler, route);
|
|
||||||
if (r < 0)
|
|
||||||
log_link_warning_errno(link, r, "Could not arm route expiration handler: %m");
|
|
||||||
}
|
|
||||||
|
|
||||||
sd_event_source_unref(route->expire);
|
|
||||||
route->expire = TAKE_PTR(expire);
|
|
||||||
}
|
}
|
||||||
|
*prefixlen_str++ = '\0';
|
||||||
|
|
||||||
|
r = route_new(&tmp);
|
||||||
|
if (r < 0)
|
||||||
|
return log_oom();
|
||||||
|
|
||||||
|
r = sscanf(prefixlen_str,
|
||||||
|
"%hhu/%hhu/%"SCNu32"/%"PRIu32"/"USEC_FMT,
|
||||||
|
&tmp->dst_prefixlen,
|
||||||
|
&tmp->tos,
|
||||||
|
&tmp->priority,
|
||||||
|
&tmp->table,
|
||||||
|
&tmp->lifetime);
|
||||||
|
if (r != 5) {
|
||||||
|
log_link_debug(link,
|
||||||
|
"Failed to parse destination prefix length, tos, priority, table or expiration %s",
|
||||||
|
prefixlen_str);
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
r = in_addr_from_string_auto(route_str, &tmp->family, &tmp->dst);
|
||||||
|
if (r < 0) {
|
||||||
|
log_link_debug_errno(link, r, "Failed to parse route destination %s: %m", route_str);
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
r = route_add(link, tmp, &route);
|
||||||
|
if (r < 0)
|
||||||
|
return log_link_error_errno(link, r, "Failed to add route: %m");
|
||||||
|
|
||||||
|
if (route->lifetime != USEC_INFINITY && !kernel_route_expiration_supported()) {
|
||||||
|
r = sd_event_add_time(link->manager->event, &expire,
|
||||||
|
clock_boottime_or_monotonic(),
|
||||||
|
route->lifetime, 0, route_expire_handler, route);
|
||||||
|
if (r < 0)
|
||||||
|
log_link_warning_errno(link, r, "Could not arm route expiration handler: %m");
|
||||||
|
}
|
||||||
|
|
||||||
|
sd_event_source_unref(route->expire);
|
||||||
|
route->expire = TAKE_PTR(expire);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (dhcp4_address) {
|
if (dhcp4_address) {
|
||||||
|
|
Loading…
Reference in a new issue