Previously we tried to stick to a DNS server as long as it is available.
When /etc/resolv.conf changed, and the old DNS server we used was still
in there we'd continue to use it, even if it was at the end of the list.
With this change we'll now always start with the first DNS server in the
list again.
Rationale: certain network managing implementations (notably
NetworkManager) when connected to a VPN place both the VPN DNS server as
well as the local DNS server in /etc/resolv.conf. If we used the local
one before we would thus continue to use the local one, making VPN names
unresolvable. NetworkManager really should be fixed to only place the
VPN DNS servers in the file, but with this commit things are at least
similarly bad as they used to be...
If the format string contains %m, clearly errno must have a meaningful
value, so we might as well use log_*_errno to have ERRNO= logged.
Using:
find . -name '*.[ch]' | xargs sed -r -i -e \
's/log_(debug|info|notice|warning|error|emergency)\((".*%m.*")/log_\1_errno(errno, \2/'
Plus some whitespace, linewrap, and indent adjustments.
As a followup to 086891e5c1 "log: add an "error" parameter to all
low-level logging calls and intrdouce log_error_errno() as log calls
that take error numbers", use sed to convert the simple cases to use
the new macros:
find . -name '*.[ch]' | xargs sed -r -i -e \
's/log_(debug|info|notice|warning|error|emergency)\("(.*)%s"(.*), strerror\(-([a-zA-Z_]+)\)\);/log_\1_errno(-\4, "\2%m"\3);/'
Multi-line log_*() invocations are not covered.
And we also should add log_unit_*_errno().
We can simplify our code quite a bit if we explicitly check for the
ifindex being 1 on Linux as a loopback check. Apparently, this is
hardcoded on Linux on the kernel, and effectively exported to userspace
via rtnl and such, hence we should be able to rely on it.
Under an SELinux system, we want the file that is created to
have a proper context, different from the default for files in /run.
This is so that the policy can give access to almost everyone to
this file.
It is redundant to store 'hash' and 'compare' function pointers in
struct Hashmap separately. The functions always comprise a pair.
Store a single pointer to struct hash_ops instead.
systemd keeps hundreds of hashmaps, so this saves a little bit of
memory.
The MAXSIZE() macro takes two types and returns the size of the larger
one. It is much simpler to use than MAX(sizeof(A), sizeof(B)) and also
avoids any compiler-extensions, unlike CONST_MAX() and MAX() (which are
needed to avoid evaluating arguments more than once). This was suggested
by Daniele Nicolodi <daniele@grinta.net>.
Also make resolved use this macro instead of CONST_MAX(). This enhances
readability quite a bit.
We now maintain two lists of DNS servers: system servers and fallback
servers.
system servers are used in combination with any per-link servers.
fallback servers are only used if there are no system servers or
per-link servers configured.
The system server list is supposed to be populated from a foreign tool's
/etc/resolv.conf (not implemented yet).
Also adds a configuration switch for LLMNR, that allows configuring
whether LLMNR shall be used simply for resolving or also for responding.
String which ended in an unfinished quote were accepted, potentially
with bad memory accesses.
Reject anything which ends in a unfished quote, or contains
non-whitespace characters right after the closing quote.
_FOREACH_WORD now returns the invalid character in *state. But this return
value is not checked anywhere yet.
Also, make 'word' and 'state' variables const pointers, and rename 'w'
to 'word' in various places. Things are easier to read if the same name
is used consistently.
mbiebl_> am I correct that something like this doesn't work
mbiebl_> ExecStart=/usr/bin/encfs --extpass='/bin/systemd-ask-passwd "Unlock EncFS"'
mbiebl_> systemd seems to strip of the quotes
mbiebl_> systemctl status shows
mbiebl_> ExecStart=/usr/bin/encfs --extpass='/bin/systemd-ask-password Unlock EncFS $RootDir $MountPoint
mbiebl_> which is pretty weird
networkd will expose both statically configured DNS servers and servers
receieved over DHCP in sd_network_get_dns(), so no need to keep
the distinction in resolved.
Let's settle on a single type for all address family values, even if
UNIX is very inconsitent on the precise type otherwise. Given that
socket() is the primary entrypoint for the sockets API, and that uses
"int", and "int" is relatively simple and generic, we settle on "int"
for this.
Constructors should return the object they created as first parameter,
except when they are generated as a child/member object of some other
object in which case that should be first.
Special care is needed so that we get an error message if the
file failed to parse, but not when it is missing. To avoid duplicating
the same error check in every caller, add an additional 'warn' boolean
to tell config_parse whether a message should be issued.
This makes things both shorter and more robust wrt. to error reporting.
Let's turn resolved into a something truly useful: a fully asynchronous
DNS stub resolver that subscribes to network changes.
(More to come: caching, LLMNR, mDNS/DNS-SD, DNSSEC, IDN, NSS module)
