diff options
-rw-r--r-- | NEWS | 27 | ||||
-rw-r--r-- | man/networkctl.xml | 10 | ||||
-rw-r--r-- | src/libsystemd-network/lldp-neighbor.c | 6 | ||||
-rw-r--r-- | src/libsystemd-network/ndisc-router.c | 24 | ||||
-rw-r--r-- | src/systemd/sd-ndisc.h | 1 | ||||
-rwxr-xr-x | test/TEST-36-NUMAPOLICY/test.sh | 2 | ||||
-rwxr-xr-x | test/hwdb-test.sh | 2 | ||||
-rwxr-xr-x | test/test-rpm-macros.sh | 2 | ||||
-rwxr-xr-x | test/units/testsuite-15.sh | 4 | ||||
-rwxr-xr-x | test/units/testsuite-36.sh | 14 | ||||
-rwxr-xr-x | test/units/testsuite-46.sh | 2 | ||||
-rwxr-xr-x | tools/check-directives.sh | 4 | ||||
-rw-r--r-- | units/systemd-homed.service.in | 1 |
13 files changed, 58 insertions, 41 deletions
@@ -326,6 +326,33 @@ CHANGES WITH 251: manager. $SYSTEMD_ARCHITECTURE indicates which architecture the kernel is built for. + * PID 1 will now automatically pick up system credentials from qemu's + fw_cfg interface, thus allowing passing arbitrary data into VM + systems similar to how this is already supported for passing them + into `systemd-nspawn` containers. Credentials may now also be passed + in via the new kernel command line option `systemd.set_credential=` + (note that kernel command line options are world-readable during + runtime, and only useful for credentials that require no + confidentiality). The credentials that can be passed to unified + kernels that use the `systemd-stub` UEFI stub are now similarly + picked up automatically. Automatic importing of system credentials + this way can be turned off via the new + `systemd.import_credentials=no` kernel command line option. + + * LoadCredential= will now automatically search for credentials to + import in the /etc/credstore/, /run/credstore/, /usr/lib/credstore/ + directories if no or a relative source filename is passed. Similar + LoadCredentialEncrypted= will search in these same directories, plus + /etc/credstore.encrypted/, /run/credstore.encrypted/ and + /usr/lib/credstore.encrypted/. The idea is that these directories are + now the recommended system-wide location to place credentials for + automatic pick-up by services in. + + * System and service credentials are described in great detail in a new + document: + + https://systemd.io/CREDENTIALS + Changes in systemd-journald: * The journal JSON export format has been added to listed of stable diff --git a/man/networkctl.xml b/man/networkctl.xml index 23cd048de5..f67ad99adf 100644 --- a/man/networkctl.xml +++ b/man/networkctl.xml @@ -137,9 +137,9 @@ </listitem> </varlistentry> <varlistentry> - <term>failed</term> + <term>initialized</term> <listitem> - <para>networkd failed to manage the link</para> + <para>udev has processed the link, but we don't yet know if we will manage it</para> </listitem> </varlistentry> <varlistentry> @@ -161,6 +161,12 @@ </listitem> </varlistentry> <varlistentry> + <term>failed</term> + <listitem> + <para>networkd failed to manage the link</para> + </listitem> + </varlistentry> + <varlistentry> <term>linger</term> <listitem> <para>the link is gone, but has not yet been dropped by networkd</para> diff --git a/src/libsystemd-network/lldp-neighbor.c b/src/libsystemd-network/lldp-neighbor.c index b056019989..6672409d75 100644 --- a/src/libsystemd-network/lldp-neighbor.c +++ b/src/libsystemd-network/lldp-neighbor.c @@ -116,6 +116,9 @@ sd_lldp_neighbor *lldp_neighbor_unlink(sd_lldp_neighbor *n) { sd_lldp_neighbor *lldp_neighbor_new(size_t raw_size) { sd_lldp_neighbor *n; + if (raw_size > SIZE_MAX - ALIGN(sizeof(sd_lldp_neighbor))) + return NULL; + n = malloc0(ALIGN(sizeof(sd_lldp_neighbor)) + raw_size); if (!n) return NULL; @@ -649,7 +652,8 @@ int sd_lldp_neighbor_from_raw(sd_lldp_neighbor **ret, const void *raw, size_t ra if (!n) return -ENOMEM; - memcpy(LLDP_NEIGHBOR_RAW(n), raw, raw_size); + memcpy_safe(LLDP_NEIGHBOR_RAW(n), raw, raw_size); + r = lldp_neighbor_parse(n); if (r < 0) return r; diff --git a/src/libsystemd-network/ndisc-router.c b/src/libsystemd-network/ndisc-router.c index 464b002c2f..e4cbf714b9 100644 --- a/src/libsystemd-network/ndisc-router.c +++ b/src/libsystemd-network/ndisc-router.c @@ -21,6 +21,9 @@ DEFINE_PUBLIC_TRIVIAL_REF_UNREF_FUNC(sd_ndisc_router, sd_ndisc_router, mfree); sd_ndisc_router *ndisc_router_new(size_t raw_size) { sd_ndisc_router *rt; + if (raw_size > SIZE_MAX - ALIGN(sizeof(sd_ndisc_router))) + return NULL; + rt = malloc0(ALIGN(sizeof(sd_ndisc_router)) + raw_size); if (!rt) return NULL; @@ -31,27 +34,6 @@ sd_ndisc_router *ndisc_router_new(size_t raw_size) { return rt; } -int sd_ndisc_router_from_raw(sd_ndisc_router **ret, const void *raw, size_t raw_size) { - _cleanup_(sd_ndisc_router_unrefp) sd_ndisc_router *rt = NULL; - int r; - - assert_return(ret, -EINVAL); - assert_return(raw || raw_size <= 0, -EINVAL); - - rt = ndisc_router_new(raw_size); - if (!rt) - return -ENOMEM; - - memcpy(NDISC_ROUTER_RAW(rt), raw, raw_size); - r = ndisc_router_parse(NULL, rt); - if (r < 0) - return r; - - *ret = TAKE_PTR(rt); - - return r; -} - int sd_ndisc_router_get_address(sd_ndisc_router *rt, struct in6_addr *ret_addr) { assert_return(rt, -EINVAL); assert_return(ret_addr, -EINVAL); diff --git a/src/systemd/sd-ndisc.h b/src/systemd/sd-ndisc.h index ab9ff55ddb..d39a6ddb31 100644 --- a/src/systemd/sd-ndisc.h +++ b/src/systemd/sd-ndisc.h @@ -82,7 +82,6 @@ int sd_ndisc_set_ifname(sd_ndisc *nd, const char *interface_name); int sd_ndisc_get_ifname(sd_ndisc *nd, const char **ret); int sd_ndisc_set_mac(sd_ndisc *nd, const struct ether_addr *mac_addr); -int sd_ndisc_router_from_raw(sd_ndisc_router **ret, const void *raw, size_t raw_size); sd_ndisc_router *sd_ndisc_router_ref(sd_ndisc_router *rt); sd_ndisc_router *sd_ndisc_router_unref(sd_ndisc_router *rt); diff --git a/test/TEST-36-NUMAPOLICY/test.sh b/test/TEST-36-NUMAPOLICY/test.sh index 0eaaee9608..5f38bf1009 100755 --- a/test/TEST-36-NUMAPOLICY/test.sh +++ b/test/TEST-36-NUMAPOLICY/test.sh @@ -9,7 +9,7 @@ TEST_NO_NSPAWN=1 . "${TEST_BASE_DIR:?}/test-functions" if qemu_min_version "5.2.0"; then - QEMU_OPTIONS="-object memory-backend-ram,id=mem0,size=${QEMU_MEM:?QEMU_MEM is unset} -numa node,memdev=mem0,nodeid=0" + QEMU_OPTIONS="-object memory-backend-ram,id=mem0,size=${QEMU_MEM:?} -numa node,memdev=mem0,nodeid=0" else QEMU_OPTIONS="-numa node,nodeid=0" fi diff --git a/test/hwdb-test.sh b/test/hwdb-test.sh index 0551f26a2d..29183e6829 100755 --- a/test/hwdb-test.sh +++ b/test/hwdb-test.sh @@ -11,7 +11,7 @@ set -e export SYSTEMD_LOG_LEVEL=info ROOTDIR="$(dirname "$(dirname "$(readlink -f "$0")")")" -SYSTEMD_HWDB="${1:?missing argument}" +SYSTEMD_HWDB="${1:?}" if [ ! -x "$SYSTEMD_HWDB" ]; then echo "$SYSTEMD_HWDB is not executable" >&2 diff --git a/test/test-rpm-macros.sh b/test/test-rpm-macros.sh index 5843b72346..c7107dec3e 100755 --- a/test/test-rpm-macros.sh +++ b/test/test-rpm-macros.sh @@ -6,7 +6,7 @@ # rpmspec utility is required (so this test will work with RPM 4 but won't work with RPM 5). set -eu -BUILD_DIR="${1:?Missing argument: build directory}" +BUILD_DIR="${1:?}" RPM_MACROS_FILE="${BUILD_DIR:?}/src/rpm/macros.systemd" if ! command -v rpm >/dev/null || ! command -v rpmspec >/dev/null; then diff --git a/test/units/testsuite-15.sh b/test/units/testsuite-15.sh index 0446e71c38..f847adac74 100755 --- a/test/units/testsuite-15.sh +++ b/test/units/testsuite-15.sh @@ -4,7 +4,7 @@ set -eux set -o pipefail _clear_service () { - local SERVICE_NAME="${1:?_clear_service: missing argument}" + local SERVICE_NAME="${1:?}" systemctl stop "$SERVICE_NAME.service" 2>/dev/null || : rm -f /{etc,run,usr/lib}/systemd/system/"$SERVICE_NAME".service rm -fr /{etc,run,usr/lib}/systemd/system/"$SERVICE_NAME".service.d @@ -25,7 +25,7 @@ clear_services () { } create_service () { - local SERVICE_NAME="${1:?create_service: missing argument}" + local SERVICE_NAME="${1:?}" clear_services "$SERVICE_NAME" cat >/etc/systemd/system/"$SERVICE_NAME".service <<EOF diff --git a/test/units/testsuite-36.sh b/test/units/testsuite-36.sh index f9dfd0810c..6827a7665d 100755 --- a/test/units/testsuite-36.sh +++ b/test/units/testsuite-36.sh @@ -72,7 +72,7 @@ checkNUMA() { writePID1NUMAPolicy() { cat >"$confDir/numa.conf" <<EOF [Manager] -NUMAPolicy=${1:?missing argument: NUMAPolicy} +NUMAPolicy=${1:?} NUMAMask=${2:-""} EOF } @@ -85,7 +85,7 @@ writeTestUnit() { writeTestUnitNUMAPolicy() { cat >"$testUnitNUMAConf" <<EOF [Service] -NUMAPolicy=${1:?missing argument: NUMAPolicy} +NUMAPolicy=${1:?} NUMAMask=${2:-""} EOF systemctl daemon-reload @@ -106,25 +106,25 @@ pid1ReloadWithJournal() { pid1StartUnitWithStrace() { startStrace '-f' - systemctl start "${1:?missing unit name}" + systemctl start "${1:?}" sleep $sleepAfterStart stopStrace } pid1StartUnitWithJournal() { startJournalctl - systemctl start "${1:?missing unit name}" + systemctl start "${1:?}" sleep $sleepAfterStart stopJournalctl } pid1StopUnit() { - systemctl stop "${1:?missing unit name}" + systemctl stop "${1:?}" } systemctlCheckNUMAProperties() { - local UNIT_NAME="${1:?missing unit name}" - local NUMA_POLICY="${2:?missing NUMAPolicy}" + local UNIT_NAME="${1:?}" + local NUMA_POLICY="${2:?}" local NUMA_MASK="${3:-""}" local LOGFILE diff --git a/test/units/testsuite-46.sh b/test/units/testsuite-46.sh index d0bedc63d5..6ce988c4a9 100755 --- a/test/units/testsuite-46.sh +++ b/test/units/testsuite-46.sh @@ -15,7 +15,7 @@ inspect() { # avoid unexpected fails. To see the full outputs of both homectl & # userdbctl (for debugging purposes) drop the fields just before the # comparison. - local USERNAME="${1:?missing argument}" + local USERNAME="${1:?}" homectl inspect "$USERNAME" | tee /tmp/a userdbctl user "$USERNAME" | tee /tmp/b diff --git a/tools/check-directives.sh b/tools/check-directives.sh index 8894322278..767833285b 100755 --- a/tools/check-directives.sh +++ b/tools/check-directives.sh @@ -3,8 +3,8 @@ set -eu set -o pipefail -SOURCE_ROOT="${1:?Missing argument: project source root}" -BUILD_ROOT="${2:?Missing argument: project build root}" +SOURCE_ROOT="${1:?}" +BUILD_ROOT="${2:?}" command -v gawk &>/dev/null || exit 77 diff --git a/units/systemd-homed.service.in b/units/systemd-homed.service.in index c2f8548897..9ccfbfe5ab 100644 --- a/units/systemd-homed.service.in +++ b/units/systemd-homed.service.in @@ -11,7 +11,6 @@ Description=Home Area Manager Documentation=man:systemd-homed.service(8) Documentation=man:org.freedesktop.home1(5) - After=home.mount dbus.service [Service] |