We already handle foreign routing policy rules correctly by the previous
commit. So, the serialization/deserialization of rules are not necessary
anymore.
networkd already drop foreign address, routes, and nexthops on startup,
except those created by kernel. However, previously, routing policy
rules were not. The logic of serialization/deserialization of rules only
works for rules created by previous invocation of networkd, and does not
work for one created by other tools like `ip rule`.
This makes networkd drop foreign routing policy rules except created by
kernel on startup. Also, remove rules created by networkd when the
corresponding links are dropped or networkd is stopping.
Let's link the three man pages together more tightly and explain what
the two targets are about, emphasizing local/quick/reliable/approximate
vs remote/slow/unreliable/accurate synchronization.
Follow-up for: 1431b2f701fe934b42e4
When compiling with CFLAGS='-Werror=maybe-uninitialized -Og' we get a
warning about uninitialized "next_timeout" variable.
Avoid the warning by adding an (unreachable) "default" label.
Fixes: c24288d21e ("sd-dhcp-client: correct dhcpv4 renew/rebind retransmit timeouts")
In situations where a service fails to start, systemd suggests the user to
use "journalctl -xe" to get details about the failure. While running this
command does provide some additional details, most of the information is
similar to what was already printed when the service fails.
often the actual reason for the failure can be found in the logs of the
service that fails to start.
This patch updates the wording to suggest using "-u" to view the service
logs instead.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This commit adds support for disabling the read and write
workqueues with the new crypttab options no-read-workqueue
and no-write-workqueue. These correspond to the cryptsetup
options --perf-no_read_workqueue and --perf-no_write_workqueue
respectively.
Explicitly document the behavior introduced in #7437: when picking a new
UID shift base with "-U", a hash of the machine name will be tried
before falling back to fully random UID base candidates.
cdrom_id udev helper does not parse all MMC profiles. Following change
fixes this issue and parse all 34 profiles from all MMC standard versions.
Also it replaces magic constants by macros provided by linux/cdrom.h and
fixes cd_profiles_old_mmc() to issue READ_DISC_INFO command in two steps,
like it is doing kernel and also mkudffs.
`AllowedIPs=` only affects "routing inside the network interface
itself", as in, which wireguard peer packets with a specific destination
address are sent to, and what source addresses are accepted from which
peer.
To cause packets to be sent via wireguard in first place, a route via
that interface needs to be added - either in the `[Routes]` section on
the `.network` matching the wireguard interface, or outside of networkd.
This is a common cause of misunderstanding, because tools like wg-quick
also add routes to the interface. However, those tools are meant as a
"extremely simple script for easily bringing up a WireGuard interface,
suitable for a few common use cases (from their manpage).
Networkd also should support other usecases - like setting AllowedIPs to
0.0.0.0/0 and ::/0 and having a dynamic routing protocol setting more
specific routes (or the user manually setting them).
Reported-In: https://github.com/systemd/systemd/issues/14176
It's often useful to have an editor available to edit some random
config file in the final image. Let's install some basic editors
that don't take up too much space.
Recently, mkosi gained support for specifying an --install-directory
option to save the contents of the install directory between bulids.
By enabling the --only-changed meson install option, meson won't
overwrite the contents of files that haven't changed since the last
build when using --install-directory.
* man: Advertise systemd-time-wait-sync.service more
The description of time-sync.target says that NTP services *should* pull
that target, but doesn't mention that e.g. systemd-timesyncd.service
doesn't actually do that. As a result, time-sync.target is reached way
earlier than people expect; see #5097, #8861, #11008.
systemd provides systemd-time-wait-sync.service to ameliorate this
problem, but doesn't feature it prominently in relevant manpages. In
fact, it's only mentioned in passing in systemd-timesyncd.service(8). As
a result, I ended up re-implementing that service, and I'm not the first
one: https://github.com/NixOS/nixpkgs/pull/51338
This patch adds a mention right in the description of time-sync.target,
which will hopefully raise awareness of this helper service.
Yu Watanabe