Also move the description of IPv4DuplicateAddressDetectionTimeoutSec=
to the section about systemd-networkd. The change of the timeout doesn't
have to be described as "incompatible". It's more of a bugfix, the previous
timeout was just strangely large and hopefully nobody relied on this detail
of implementation.
Also, reword to say that MPLSRouting= just controls enablement, nothing more.
We recently added a new set of assertion macros such as ASSERT_GE, ASSERT_OK, ASSERT_EQ, ... which show not
only the expression that failed but also the values of the arguments of the expression. Let's use them.
On 64-bit POWER, there are multiple versions of the ELF ABI in use.
- little-endian powerpc64 is ELFv2
- big-endian powerpc64 is
- ELFv2 when using musl
- either ELFv1 or ELFv2 when using glibc
Previously, the BPF build was hard-coding `-D_CALL_ELF=2`, which is
ELFv2. This makes the build fail on ELFv1, similarly to the original
issue that necessitated the addition of this flag on powerpc64le.
To fix this:
1. Use ELFv1 as the default (when `_CALL_ELF` is not defined, this is
the assumption that should be made about the ABI version).
2. Check if the C compiler has `_CALL_ELF` defined, and if it does,
override the default with that.
That's technically not the *correct* compiler in this situation, but I'm
unsure how to get a compiler object for the BPF one from Meson to do the
`*_define('_CALL_ELF')` checks with, and they *should* both be targeting
the same ABI version anyway.
3. Add the ABI version to the `_CALL_ELF` definition for the BPF
compiler flags.
This makes a BPF-enabled build succeed on powerpc64 w/ ELFv1 glibc.
For meson options, say '-Dfoo=' to make them visually different.
Adjust grammar and punctuation in various places.
Break very long lines where feasible.
We require at least crypt_r() exists, and it is provided since glibc-2.0
(and dropped in glibc-2.39) or by libxcrypt, and the function is
provided in crypt.h regardless it is provided by glibc or libxcrypt.
Hence, we cannot fallback to unistd.h.
This makes the condition about crypt.h more strict, and stop compilation
earlier when crypt.h does not exist.
It is possible to boot directly a UKI from shim, and Fedora Cloud Base UKI
does exactly this.
This used to work fine until https://github.com/systemd/systemd/pull/37372
which broke compatibility when shim < 16.0 (no loader protocol override) is
used. Shim 15.8 is still in use in several distributions, and will be for
a long time.
Restore a part of the previous implementation, and if running with secure
boot enabled, and with shim but < 16.0, apply a security override.
Follow-up for cab9c7b5a4
Fixes https://github.com/systemd/systemd/issues/38104
We recently added a new set of assertion macros such as ASSERT_GE, ASSERT_OK, ASSERT_EQ, ... which show not
only the expression that failed but also the values of the arguments of the expression. Let's use them.
This makes the systemd.getty_auto= kernel command line option and the
$SYSTEMD_GETTY_AUTO environment variable takes the list of classes of
services: credential, container, console, builtin.
This also add getty.auto credential that can take the same value as the
kernel command line option.
Closes#37928.
Co-authored-by: Yu Watanabe <watanabe.yu+github@gmail.com>
This fixes the following log message:
Before:
```
Invalid container tty device specified, ignoring: (null)
```
After:
```
Invalid container tty device specified, ignoring: /dev/tty0
```
If a non-pts device path is passed to add_container_getty(), we call
add_getty_impl() with NULL tty, so previously (null) was logged.
Let's log the original path when an invalid tty is specified.
This pull-request adds support for IPv6 SIP servers, which can be
obtained from DHCPv6 options.
[RFC3319](https://www.rfc-editor.org/rfc/rfc3319.html) defines two
options for this: option 21 (SIP Servers Domain Name List) and option 22
(SIP Servers IPv6 Address List).
systemd-networkd currently only supports IPv4 SIP servers, but ISPs like
NTT EAST provide IPv6 SIP servers. Exposing this in the D-Bus API would
allow other programs, such as downstream DHCPv6 servers, to utilize it.
Usage:
```
[DHCPv6]
UseSIP=yes
```
Partial output of `run0 systemd-networkd-tests.py
NetworkdDHCPClientTests.test_dhcp_client_use_sip`:
```console
> networkctl status veth99
● 17: veth99
NetDev File: /run/systemd/network/25-veth.netdev
Link File: /usr/lib/systemd/network/99-default.link
Network File: /run/systemd/network/25-dhcp-client.network
└─/run/systemd/network/25-dhcp-client.network.d/override.conf
State: routable (configured)
Online state: online
Type: ether
Kind: veth
Driver: veth
Hardware Address: 12:34:56:78:9a:bc
MTU: 1500 (min: 68, max: 65535)
QDisc: noqueue
IPv6 Address Generation Mode: eui64
Number of Queues (Tx/Rx): 2/2
Auto negotiation: no
Speed: 10Gbps
Duplex: full
Port: tp
Address: 192.168.5.181 (DHCPv4 via 192.168.5.1)
2600::15
fe80::1034:56ff:fe78:9abc
Gateway: 192.168.5.1
fe80::1034:56ff:fe78:9abd
SIP: 192.168.5.1
2600::1
foo.example.com
Activation Policy: up
Required For Online: yes
DHCPv4 Client ID: IAID:0x7ec6b6c/DUID
DHCPv6 Client IAID: 0x7ec6b6c
DHCPv6 Client DUID: DUID-EN/Vendor:0000ab11617740de1342c3a2
```
This combines nicely with the X_SYSTEMD_UNIT_INACTIVE= notification
we send out, to ensure when all sshd units go down the actual
status is always reflected on the target.
To avoid the following error:
```
test_sd_device_one(/sys/devices/virtual/block/dm-9)
src/libsystemd/sd-device/test-sd-device.c:104: Assertion failed: Expected "sd_device_new_from_syspath(&dev, syspath)" to succeed, but got error: -19/ENODEV
```
This also updates outdates comment about CentOS CI.
