Lennart Poettering
0a9707187b
util: split out memcmp()/memset() related calls into memory-util.[ch]
...
Just some source rearranging.
2019-03-13 12:16:43 +01:00
Lennart Poettering
eefc66aa8f
util: split out some stuff into a new file limits-util.[ch]
2019-03-13 12:16:43 +01:00
Lennart Poettering
0cb8e3d118
util: split out namespace related stuff into a new namespace-util.[ch] pair
...
Just some minor reorganiztion.
2019-03-13 12:16:38 +01:00
Frantisek Sumsal
3f50fff536
test: don't overwrite TESTDIR if already set
2019-03-13 10:30:25 +01:00
Lennart Poettering
96c45cc697
Merge pull request #11861 from yuwata/network-verify-2
...
network: config parser updates and wireguard refactoring
2019-03-13 10:15:27 +01:00
Lennart Poettering
3cca6cfd41
Merge pull request #11893 from yuwata/wait-online-take-operstate
...
wait-online: optionally take required minimum operational state
2019-03-13 10:10:43 +01:00
Lennart Poettering
58fa7019a5
Merge pull request #11283 from yuwata/fix-11276
...
core/namespace: introduce new mount mode READWRITE_IMPLICIT
2019-03-13 09:57:18 +01:00
Yu Watanabe
2c65512ee7
cryptsetup: add same-cpu-crypt and submit-from-crypt-cpus options
...
Closes #11946 .
2019-03-13 09:48:50 +01:00
Lennart Poettering
05044ebff9
Merge pull request #11933 from keszybz/coverity
...
Minor tweaks to boot/efi code inspired by coverity
2019-03-13 09:36:57 +01:00
Yu Watanabe
07e1ffe4ae
wait-online: use log_link_debug() or friends
2019-03-13 14:29:03 +09:00
Yu Watanabe
e67ae9f5e6
network: move log_link_debug() or friends to log-link.h
2019-03-13 14:29:03 +09:00
Yu Watanabe
8d6082e4dd
man: update wait-online and RequiredForOnline= setting
2019-03-13 14:29:03 +09:00
Yu Watanabe
f023184e6d
wait-online: support $REQUIRED_OPER_STATE_FOR_ONLINE= in state file
...
This also make wait-online optionally take operstate in -i option,
and adds '--operstate' option to wait-online which also takes operstate.
Also, this contains huge refactoring for wait-online.
2019-03-13 14:29:03 +09:00
Yu Watanabe
22eab27caa
sd-network: add sd_network_link_get_required_operstate_for_online()
...
It reads $REQUIRED_OPER_STATE_FOR_ONLINE in serialized link data.
2019-03-13 14:29:03 +09:00
Yu Watanabe
4ac77d63e9
network: make RequiredForOnline= also take operational state
...
This will be used by systemd-networkd-wait-online.
2019-03-13 14:29:03 +09:00
Yu Watanabe
f9974167e4
hashmap: add hashmap_free_free_keyp and friend
2019-03-13 14:29:03 +09:00
Yu Watanabe
c9cc038343
network: introduce 'degraded-carrier' operstate to order all states
...
Previously, 'degraded' state is ambiguous for bonding or bridge master:
1. one or more slave interfaces does not have carrier,
2. no link local address is assigned to the master,
3. combination of the above two.
This makes the above case 1 and 3 are in the new 'degraded-carrier'
state, and makes 'degraded' state as all slaves are active but no
link local address on master.
2019-03-13 14:29:00 +09:00
Yu Watanabe
2cd6b9326c
network: move LinkOperationalState and relevant functions to network-util.[ch]
2019-03-13 14:28:38 +09:00
Yu Watanabe
4ddbf08cfd
test-network: wait more and fix wrong operational state
...
Closes #11977 .
2019-03-13 14:27:39 +09:00
Yu Watanabe
39bcff3bca
test-network: add test for WireGuard.PrivateKeyFile=
2019-03-13 12:02:08 +09:00
Yu Watanabe
76df77794a
wireguard: add PrivateKeyFile= option
...
Closes #11878 .
2019-03-13 12:02:03 +09:00
Yu Watanabe
9cc9021aed
wireguard: check whether PrivateKey= and PublicKey= are set
2019-03-13 11:59:18 +09:00
Yu Watanabe
fedcb4c3eb
wireguard: drop unused arguments and rename parse_wireguard_key()
2019-03-13 11:59:18 +09:00
Yu Watanabe
583eb170f0
wireguard: do not log wireguard key
...
It may be PrivateKey=.
2019-03-13 11:59:18 +09:00
Yu Watanabe
85c987a82d
wireguard: reuse sd_event_source object
2019-03-13 11:59:18 +09:00
Yu Watanabe
f1368a333e
wireguard: use NetworkConfigSection to manage [WireGuardPeer] sections
...
This also contains huge refactoring of wireguard support.
2019-03-13 11:59:18 +09:00
Yu Watanabe
bbb5aebe3e
test-network: add tests for invalid Address sections
2019-03-13 11:59:18 +09:00
Yu Watanabe
96db641250
test: make network_verify() public and use it in test-networkd-conf
2019-03-13 11:59:18 +09:00
Yu Watanabe
fcbf4cb727
network: drop sections contain invalid settings in network_verify()
...
If e.g., an [Address] section has an invalid setting, then
previously assigned settings in the section is freed, and
only later settings are stored. That may cause partially broken
section stored in Network object.
This makes if an invalid setting is found, then set 'invalid' flag
instead of freeing it. And invalid sections are dropped later by
network_verify().
2019-03-13 11:59:18 +09:00
Yu Watanabe
9560e5b323
network: make all xxx_new_static() static
...
These functions are called from only config parsers, and the parsers are
in the same files. So, let's make them static.
2019-03-13 11:59:18 +09:00
Yu Watanabe
fa7cd7117f
network: add IPv4LL route right after .network file is parsed
...
Previously, the route is added when the .network config is assigned
to a Link. So, if multiple links match the .network file, the route
entry becomes duplicated in the corresponding Network object.
2019-03-13 11:59:18 +09:00
Yu Watanabe
48315d3dca
network: move NetworkConfigSection and related functions to networkd-util.[ch]
2019-03-13 11:59:18 +09:00
Yu Watanabe
95dba43542
network: use ltype to determine netdev kind in config_parse_stacked_netdev()
2019-03-13 11:59:18 +09:00
Yu Watanabe
7e46b29bd3
test: add a testcase for ProtectHome=tmpfs vs ProtectSystem=strict
2019-03-13 11:53:59 +09:00
Yu Watanabe
5beb8688e0
core/namespace: logs mount mode when the entry is dropped
2019-03-13 11:53:22 +09:00
Yu Watanabe
1e05071d27
core/namespace: introduce new mount mode READWRITE_IMPLICIT
...
ProtectSystem=strict or ProtectKernelTunable=yes create implicit
read-write mounts, but they are not overridable by TemporaryFileSystem=.
This makes such implicit read-write mounts use the new mount mode.
So, they can be override by TemproraryFileSystem= now.
A typical usecase is that ProtectSystem=strict and ProtectHome=tmpfs.
Fixes #11276 .
2019-03-13 11:51:09 +09:00
Lennart Poettering
fbaefc3ff9
Merge pull request #11919 from poettering/login-simplify
...
various fixes to $HOME and $SHELL validation
2019-03-12 18:33:14 +01:00
Lennart Poettering
f3ae265f5c
update TODO
2019-03-12 16:10:55 +01:00
Lennart Poettering
f3b5c814ab
login: drop redundant newline
2019-03-12 16:10:55 +01:00
Lennart Poettering
b2a3953f81
user-util: extra paranoia, make sure $SHELL can't be fucked with in suid programs
...
It's better to be safe than sorry, let's not allow overriding of the
user shell in suid binaries. Similar for $USER.
2019-03-12 16:10:55 +01:00
Lennart Poettering
9e73208afc
execute: no need to synthesize $HOME for uid==0 again, get_home_dir() already does that
2019-03-12 16:10:55 +01:00
Lennart Poettering
7bbead1d0b
execute: simplify paths we set as HOME/SHELL for invoked programs
2019-03-12 16:10:55 +01:00
Lennart Poettering
db246781a0
user-util: simplify paths retrieved from $HOME and $SHELL
...
Let's add some extra paranoia, after #11910
2019-03-12 16:10:55 +01:00
Lennart Poettering
d575f88bbe
user-util: be more strict when reading $HOME and $SHELL
2019-03-12 16:10:55 +01:00
Lennart Poettering
47436d30bb
user-util: paranoia — add overflow check on ERANGE loop
2019-03-12 16:10:55 +01:00
Lennart Poettering
11de56b9fa
user-util: use SYNTHETIC_ERRNO() where we can
2019-03-12 16:08:57 +01:00
Lennart Poettering
0b78b1370c
path-util: minimize variable scope
2019-03-12 16:08:57 +01:00
Lennart Poettering
458e60b3a9
path-util: check validity before normalization in path_simplify_and_warn()
...
As the normalization check includes a validation check the order
matters.
2019-03-12 16:08:57 +01:00
Lennart Poettering
71ae7b576c
user-util: filter out invalid user record data a bit more thorougly
2019-03-12 16:08:57 +01:00
Lennart Poettering
cd13d971dc
logind: normalize home path when creating user object
...
Triggered by: #11910
2019-03-12 16:08:57 +01:00