summaryrefslogtreecommitdiff
path: root/units/systemd-networkd.service.in
Commit message (Collapse)AuthorAgeFilesLines
* Revert "units: Add missing dependencies on initrd-switch-root.target"Daan De Meyer2023-05-151-2/+2
| | | | This reverts commit f0ad3e6b9652fe785245934ff8604cc897d3b8f4.
* units: Add missing dependencies on initrd-switch-root.targetDaan De Meyer2023-05-131-2/+2
| | | | | | | These are all services that valid to be run in the initrd, so let's make sure they have the appropriate dependencies on initrd-switch-root.target so that they are stopped when we're about to switch root.
* units: add/fix Documentation= about bus interfaceYu Watanabe2023-05-091-0/+1
|
* networkd: implement Type=notify-reload protocolLennart Poettering2023-01-101-2/+1
|
* network/tuntap: save tun or tap file descriptor in fd storeYu Watanabe2022-08-161-0/+1
|
* units: enable systemd-network-generator by defaultZbigniew Jędrzejewski-Szmek2021-12-161-0/+4
| | | | | | It is used by udevd and networkd. Since udevd is enabled statically, let's also change the preset to "on". networkd is opt-in, so let's pull in the generator when enabling networkd too.
* unit: networkd does not require AF_ALG anymoreYu Watanabe2021-10-151-1/+1
| | | | As khash is retired.
* units: adjust Descriptions of various unitsZbigniew Jędrzejewski-Szmek2021-06-301-1/+1
| | | | | | | | | | In general, it's not very usuful to repeat the unit name as the description. Especially when the word is a common name and if somebody doesn't understand the meaning immediately, they are not going to gain anything from the repeat either, e.g. "halt", "swap". In the status-unit-format=combined output parentheses are used around Description, so avoid using parenthesis in the Description itself.
* meson: use jinja2 for unit templatesZbigniew Jędrzejewski-Szmek2021-05-191-2/+2
| | | | | | | | | We don't need two (and half) templating systems anymore, yay! I'm keeping the changes minimal, to make the diff manageable. Some enhancements due to a better templating system might be possible in the future. For handling of '## ' — see the next commit.
* unit: make systemd-networkd.service support reload commandYu Watanabe2020-12-091-0/+1
|
* license: LGPL-2.1+ -> LGPL-2.1-or-laterYu Watanabe2020-11-091-1/+1
|
* unit: declare BusName= in all our units that are on the bus, event if they ↵Lennart Poettering2020-09-111-0/+1
| | | | | | | don't use Type=dbus This information is always useful, so let's always declare it, particular in the light of #16976.
* networkd: use socket activation when starting networkdMichael Biebl2020-08-261-2/+2
| | | | | | | | | | | | | | | Add After=systemd-networkd.socket to avoid a race condition and networkd falling back to the non-socket activation code. Also add Wants=systemd-networkd.socket, so the socket is started when networkd is started via `systemctl start systemd-networkd.service`. A Requires is not strictly necessary, as networkd still ships the non-socket activation code. Should this code be removed one day, the Wants should be bumped to Requires accordingly. See also 5544ee85163733eaa50f598fcf3bd9421d4a42f9. Fixes: #16809
* units: turn on ProtectProc= wherever suitableLennart Poettering2020-08-241-2/+3
|
* units: add ProtectClock=yesTopi Miettinen2020-04-071-0/+1
| | | | | | Add `ProtectClock=yes` to systemd units. Since it implies certain `DeviceAllow=` rules, make sure that the units have `DeviceAllow=` rules so they are still able to access other devices. Exclude timesyncd and timedated.
* unit: add AF_ALG to systemd-networkd.serviceYu Watanabe2020-01-281-1/+1
| | | | networkd uses khash, and khash requires AF_ALG.
* units: set ProtectKernelLogs=yes on relevant unitsKevin Kuehler2019-11-151-0/+1
| | | | | | We set ProtectKernelLogs=yes on all long running services except for udevd, since it accesses /dev/kmsg, and journald, since it calls syslog and accesses /dev/kmsg.
* meson: allow WatchdogSec= in services to be configuredZbigniew Jędrzejewski-Szmek2019-10-251-1/+1
| | | | | | | | | | | | | | | | As discussed on systemd-devel [1], in Fedora we get lots of abrt reports about the watchdog firing [2], but 100% of them seem to be caused by resource starvation in the machine, and never actual deadlocks in the services being monitored. Killing the services not only does not improve anything, but it makes the resource starvation worse, because the service needs cycles to restart, and coredump processing is also fairly expensive. This adds a configuration option to allow the value to be changed. If the setting is not set, there is no change. My plan is to set it to some ridiculusly high value, maybe 1h, to catch cases where a service is actually hanging. [1] https://lists.freedesktop.org/archives/systemd-devel/2019-October/043618.html [2] https://bugzilla.redhat.com/show_bug.cgi?id=1300212
* networkd: use SIGUSR2 to do a restartZbigniew Jędrzejewski-Szmek2019-10-021-0/+1
| | | | | | | The code supports SIGTERM and SIGINT to termiante the process. It would be possible to reporpose one of those signals for the restart operation, but I think it's better to use a completely different signal to avoid misunderstandings.
* units: deny access to block devicesTopi Miettinen2019-06-201-0/+1
| | | | | | While the need for access to character devices can be tricky to determine for the general case, it's obvious that most of our services have no need to access block devices. For logind and timedated this can be tightened further.
* units: turn on RestrictSUIDSGID= in most of our long-running daemonsLennart Poettering2019-04-021-0/+1
|
* units: turn of ProtectHostname= again for services hat need to know about ↵Lennart Poettering2019-03-081-1/+0
| | | | | | | | | | | | | | system hostname changes ProtectHostname= turns off hostname change propagation from host to service. This means for services that care about the hostname and need to be able to notice changes to it it's not suitable (though it is useful for most other cases still). Let's turn it off hence for journald (which logs the current hostname) for networkd (which optionally sends the current hostname to dhcp servers) and resolved (which announces the current hostname via llmnr/mdns).
* units: enable ProtectHostname=yesTopi Miettinen2019-02-201-0/+1
|
* units: set NoNewPrivileges= for all long-running servicesLennart Poettering2018-11-121-16/+17
| | | | | | | | | | | | | | | | | Previously, setting this option by default was problematic due to SELinux (as this would also prohibit the transition from PID1's label to the service's label). However, this restriction has since been lifted, hence let's start making use of this universally in our services. On SELinux system this change should be synchronized with a policy update that ensures that NNP-ful transitions from init_t to service labels is permitted. An while we are at it: sort the settings in the unit files this touches. This might increase the size of the change in this case, but hopefully should result in stabler patches later on. Fixes: #1219
* Revert "network: set DynamicUser= to systemd-networkd.service"Zbigniew Jędrzejewski-Szmek2018-09-201-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit d4e9e574ea0b5d23598a317e68399584d229568b. (systemd.conf.m4 part was already reverted in 5b5d82615011b9827466b7cd5756da35627a1608.) Together those reverts should "fix" #10025 and #10011. ("fix" is in quotes because this doesn't really fix the underlying issue, which is combining DynamicUser= with strict container sandbox, but it avoids the problem by not using that feature in our default installation.) Dynamic users don't work well if the service requires matching configuration in other places, for example dbus policy. This is true for those three services. In effect, distros create the user statically [1, 2]. Dynamic users make more sense for "add-on" services where not creating the user, or more precisely, creating the user lazily, can save resources. For "basic" services, if we are going to create the user on package installation anyway, setting DynamicUser= just creates unneeded confusion. The only case where it is actually used is when somebody forgets to do system configuration. But it's better to have the service fail cleanly in this case too. If we want to turn on some side-effect of DynamicUser=yes for those services, we should just do that directly through fine-grained options. By not using DynamicUser= we also avoid the need to restart dbus. [1] https://salsa.debian.org/systemd-team/systemd/commit/bd9bf307274faca24699c0c2d67cb86f18c0b2cb [2] https://src.fedoraproject.org/rpms/systemd/blob/48ac1cebdedb055d9daf3dfe28c7bde80103f7a1/f/systemd.spec#_473 (Fedora does not create systemd-timesync user.)
* units: switch from system call blacklist to whitelistLennart Poettering2018-06-141-1/+2
| | | | | | | | | | | | | | | | | | | | | This is generally the safer approach, and is what container managers (including nspawn) do, hence let's move to this too for our own services. This is particularly useful as this this means the new @system-service system call filter group will get serious real-life testing quickly. This also switches from firing SIGSYS on unexpected syscalls to returning EPERM. This would have probably been a better default anyway, but it's hard to change that these days. When whitelisting system calls SIGSYS is highly problematic as system calls that are newly introduced to Linux become minefields for services otherwise. Note that this enables a system call filter for udev for the first time, and will block @clock, @mount and @swap from it. Some downstream distributions might want to revert this locally if they want to permit unsafe operations on udev rules, but in general this shiuld be mostly safe, as we already set MountFlags=shared for udevd, hence at least @mount won't change anything.
* network: set DynamicUser= to systemd-networkd.serviceYu Watanabe2018-05-221-2/+2
|
* units: set RestrictNamespaces=yes to networkd and resolvedYu Watanabe2018-05-101-0/+1
| | | | Closes #8949.
* Add SPDX license headers to unit filesZbigniew Jędrzejewski-Szmek2017-11-191-0/+2
|
* units: set LockPersonality= for all our long-running services (#6819)Lennart Poettering2017-09-141-0/+1
| | | | Let's lock things down. Also, using it is the only way how to properly test this to the fullest extent.
* units: make use of !! ExecStart= prefix in systemd-networkd.serviceYu Watanabe2017-08-271-3/+6
| | | | | Let's make use of !! to run networkd with ambient capabilities on systems supporting them.
* units: do not perform m4 if not necessary (#6575)Yu Watanabe2017-08-091-0/+46
|
* units: make networkd pull in its own .busname unitTom Gundersen2015-05-151-32/+0
| | | | | | | | The daemon requires the busname unit to operate (on kdbus systems), since it contains the policy that allows it to acquire its service name. This fixes https://bugs.freedesktop.org/show_bug.cgi?id=90287
* Revert "units: add SecureBits"Lennart Poettering2015-02-111-1/+0
| | | | | | | | This reverts commit 6a716208b346b742053cfd01e76f76fb27c4ea47. Apparently this doesn't work. http://lists.freedesktop.org/archives/systemd-devel/2015-February/028212.html
* units: add SecureBitsTopi Miettinen2015-02-111-0/+1
| | | | | | No setuid programs are expected to be executed, so add SecureBits=noroot noroot-locked to unit files.
* networkd: exit on idleTom Gundersen2015-02-051-1/+1
| | | | | | We will be woken up on rtnl or dbus activity, so let's just quit if some time has passed and that is the only thing that can happen. Note that we will always stay around if we expect network activity (e.g. DHCP is enabled), as we are not restarted on that.
* networkd: support socket activationTom Gundersen2015-02-021-0/+1
| | | | | Still keep the non-socket activation code around for starting from the commandline, but will likely drop that too in the future.
* units: networkd - order after udevTom Gundersen2014-09-081-1/+3
| | | | | This way we are sure that /dev/net/tun has been given the right permissions before we try to connect to it. Ideally, we should create tun/tap devices over netlink, and then this whole issue would go away.
* units: minor cleanupsLennart Poettering2014-06-171-2/+3
|
* networkd: don't pull in systemd-networkd-wait-online service from ↵Lennart Poettering2014-06-171-1/+0
| | | | | | | | | systemd-networkd when enabling networkd-wait-online should never exist in the default transaction, unless explicitly enable or pulled in via things like NFS. However, just enabling networkd shouldn't enable networkd-wait-online, since it's common to use the former without the latter.
* units: rebuild /etc/passwd, the udev hwdb and the journal catalog files on bootLennart Poettering2014-06-131-1/+1
| | | | | Only when necessary of course, nicely guarded with the new ConditionNeedsUpdate= condition we added.
* units: introduce network-pre.target as place to hook in firewallsLennart Poettering2014-06-111-1/+1
| | | | | | | | | | | | network-pre.target is a passive target that should be pulled in by services that want to be executed before any network is configured (for example: firewall scrips). network-pre.target should be ordered before all network managemet services (but not be pulled in by them). network-pre.target should be order after all services that want to be executed before any network is configured (and be pulled in by them).
* core: rename ReadOnlySystem= to ProtectSystem= and add a third value for ↵Lennart Poettering2014-06-041-2/+2
| | | | | | | | | | also mounting /etc read-only Also, rename ProtectedHome= to ProtectHome=, to simplify things a bit. With this in place we now have two neat options ProtectSystem= and ProtectHome= for protecting the OS itself (and optionally its configuration), and for protecting the user's data.
* core: add new ReadOnlySystem= and ProtectedHome= settings for service unitsLennart Poettering2014-06-031-0/+2
| | | | | | | | | | | | | | ReadOnlySystem= uses fs namespaces to mount /usr and /boot read-only for a service. ProtectedHome= uses fs namespaces to mount /home and /run/user inaccessible or read-only for a service. This patch also enables these settings for all our long-running services. Together they should be good building block for a minimal service sandbox, removing the ability for services to modify the operating system or access the user's private data.
* networkd: drop CAP_SYS_MODULETom Gundersen2014-06-031-1/+1
| | | | | | | | | | | | | | | | | | | Rely on modules being built-in or autoloaded on-demand. As networkd is a network facing service, we want to limits its capabilities, as much as possible. Also, we may not have CAP_SYS_MODULE in a container, and we want networkd to work the same there. Module autoloading does not always work, but should be fixed by the kernel patch f98f89a0104454f35a: 'net: tunnels - enable module autoloading', which is currently in net-next and which people may consider backporting if they want tunneling support without compiling in the modules. Early adopters may also use a module-load.d snippet and order systemd-modules-load.service before networkd to force the module loading of tunneling modules. This sholud fix the various build issues people have reported.
* networkd: run as unpriviliged "systemd-network" userLennart Poettering2014-06-011-1/+1
| | | | | | This allows us to run networkd mostly unpriviliged with the exception of CAP_NET_* and CAP_SYS_MODULE. I'd really like to get rid of the latter though...
* units: remove CAP_SYS_PTRACE capability from hostnamed/networkdLennart Poettering2014-06-011-1/+1
| | | | | | | The ptrace capability was only necessary to detect virtualizations environments. Since we changed the logic to determine this to not require priviliges, there's no need to carry the CAP_SYS_PTRACE capability anymore.
* Revert "networkd: order after udev kernel socket"Tom Gundersen2014-05-161-1/+1
| | | | | | This reverts commit a555350d47c4b70d716a63424933b34902c98300. This did not fix the problem, just made it harder to hit.
* networkd: unit - add cap to load modulesTom Gundersen2014-05-121-1/+1
| | | | Remember to drop this when the kernel gains autoloading for all netdev kinds.
* networkd-wait-online: improve interoptability and enable by defaultTom Gundersen2014-04-241-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | To make sure we don't delay boot on systems where (some) network links are managed by someone else we don't block if something else has successfully brought up a link. We will still block until all links we are aware of that are managed by networkd have been configured, but if no such links exist, and someone else have configured a link sufficiently that it has a carrier, it may be that the link is ready so we should no longer block. Note that in all likelyhood the link is not ready (no addresses/routes configured), so whatever network managment daemon configured it should provide a similar wait-online service to block network-online.target until it is ready. The aim is to block as long as we know networking is not fully configured, but no longer. This will allow systemd-networkd-wait-online.service to be enabled on any system, even if we don't know whether networkd is the main/only network manager. Even in the case networking is fully configured by networkd, the default behavior may not be sufficient: if two links need to be configured, but the first is fully configured before the second one appears we will assume the network is up. To work around that, we allow specifying specific devices to wait for before considering the network up. This unit is enabled by default, just like systemd-networkd, but will only be pulled in if anyone pulls in network-online.target.
View Lorry Controller Status