| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
TEST-41 verifies that the StartLimitBurst property will correctly
limit the number of unit restarts, but the test currently doesn't
adjust the StartLimitIntervalSec which defaults to 10 seconds.
On Ubuntu CI, running under un-accelerated qemu, it can take more than
10 seconds to perform all 3 restarts, which avoids the burst limit,
and fails the test.
Instead, specify a long StartLimitIntervalSec in the test, so we can
be sure to correctly test StartLimitBurst even on slow testbeds.
Fixes #13794.
|
|
This is a follow-up to #4843.
|
|
This test has been failing on Ubuntu CI since introduced, let's
blacklist it until we can debug what's causing it to fail.
|
|
|
|
core: support top level drop-ins through -.service.d for service units
|
|
Allow restart for oneshot units
|
|
Picked up from https://github.com/systemd/systemd/pull/7474 , so
coauthored by @robermorales.
|
|
network: DHCPv4 client- add support to send arbitary option and data
|
|
Closes #12830
|
|
|
|
|
|
|
|
Used to manipulate entries in the kernel's nexthop tables.
Example:
```
[NextHop]
Id=3
Gateway=192.168.5.1
```
|
|
As in the parent commit, this makes the name consistent with the
rest of the source tree and the actuall installation path.
|
|
|
|
test: add temporarily blacklisted tests
|
|
https://github.com/systemd/systemd/pull/13746#issuecomment-539410752:
> [grep] now matches the grep command itself, as it's logged into journal as well, thanks to set -x.
Also, use journalctl --grep and -t to make things a bit quicker.
|
|
Many tests were also masking systemd-machined.service. But machined
should only start when activated, so having it not masked shouldn't be
noticable. TEST-25-IMPORT needs it.
|
|
I *think* this was originally added to make it easier to see what was happening
in tests. Later we added the functionality to print the journal on failure, so
this redirection has stopped being useful.
In https://github.com/systemd/systemd/pull/13719#issuecomment-539292650
@filbranden shows that grep tries to write to stdout and fails. In general,
we should not assume that writing to the console it always possible. We have
special code to handle this in pid1 after all:
99 19:22:10.731965 fstat(1, <unfinished ...>
99 19:22:10.731993 <... fstat resumed>{st_mode=S_IFCHR|0620, st_rdev=makedev(0x88, 0), ...}) = 0
99 19:22:10.732070 write(1, "ExecStartPost={ path=/bin/echo ; argv[]=/bin/echo ${4_four_ex} ; ignore_errors=no ; start_time=[Mon 2019-10-07 19:22:10 PDT] ; stop_time=[Mon 209-10-07 19:22:10 PDT] ; pid=97 ; code=exited ; status=0 }\n", 203) = -1 EIO (Input/output error)
99 19:22:10.732174 write(2, "grep: ", 6) = -1 EIO (Input/output error)
99 19:22:10.732226 write(2, "write error", 11) = -1 EIO (Input/output error)
99 19:22:10.732263 write(2, ": Input/output error", 20) = -1 EIO (Input/output error)
99 19:22:10.732298 write(2, "\n", 1 <unfinished ...>
99 19:22:10.732325 <... write resumed>) = -1 EIO (Input/output error)
99 19:22:10.732349 exit_group(2) = ?
99 19:22:10.732424 +++ exited with 2 +++
Removing the redirection should make the tests less flakey.
Replaces #13719.
While at it, also drop NotifyAccess=all. I think it was added purposefully in
TEST-20-MAINPIDGAMES, and then cargo culted to newer tests.
|
|
It appears in nested LXC containers and broke the test in Ubuntu CI.
BugLink: https://bugs.launchpad.net/bugs/1845337
|
|
Add some docs explaining how blacklist individual test/TEST-*
tests in Ubuntu CI using per-test blacklist files.
|
|
This temporarily blacklists some tests when run under Ubuntu CI.
This is the upstream side of the Debian 'upstream' test MR:
https://salsa.debian.org/systemd-team/systemd/merge_requests/52
The tests blacklisted here should only be temporarily blacklisted
until they can be fixed; the intention is that these blacklist files
will be added and removed over time while debugging/fixing flaky
and/or regressed tests, without causing test failure noise for other
PRs.
|
|
network: disable kernel creating prefix route when RouteTable= is set
|
|
Add a way to differentiate restart from stop and keep dhcp config on restart
|
|
jobs
v2:
- if RestartKillSignal= is not specified, fall back to KillSignal=. This is necessary
to preserve backwards compatibility (and keep KillSignal= generally useful).
|
|
We should never have used an unprefixed environment variable name.
All other systemd-nspawn variables have the "SYSTEMD_NSPAWN_" prefix,
and all other systemd variables have the "SYSTEMD_" prefix.
The new variable name takes precedence, but we fall back to checking the
old one. If only the old one is found, a warning is emitted.
In addition, SYSTEMD_NSPAWN_UNIFIED_HIERARCHY="" is accepted as an override
to avoid looking for the old variable name.
We have a variable with the same name ($UNIFIED_CGROUP_HIERARCHY) in tests,
which governs both systemd-nspawn and qemu behaviour. It is not renamed.
|
|
Add support for prefix hint lenth and prefix hint address
```
Frame 43: 177 bytes on wire (1416 bits), 177 bytes captured (1416 bits) on interface 0
Ethernet II, Src: f6:c1:08:4d:45:f1 (f6:c1:08:4d:45:f1), Dst: IPv6mcast_01:00:02 (33:33:00:01:00:02)
Internet Protocol Version 6, Src: fe80::d250:c82:7f6e:28d6, Dst: ff02::1:2
User Datagram Protocol, Src Port: 546, Dst Port: 547
DHCPv6
Message type: Solicit (1)
Transaction ID: 0x5c7902
Rapid Commit
Identity Association for Non-temporary Address
Fully Qualified Domain Name
Identity Association for Prefix Delegation
Option: Identity Association for Prefix Delegation (25)
Length: 41
Value: 1b97b1690000000000000000001a0019ffffffffffffffff…
IAID: 1b97b169
T1: 0
T2: 0
IA Prefix
Option: IA Prefix (26)
Length: 25
Value: ffffffffffffffff3c000000000000000000000000000000…
Preferred lifetime: infinity
Valid lifetime: infinity
Prefix length: 60
Prefix address: ::
Option Request
Client Identifier
Elapsed time
```
|
|
Introduce TEST_NESTED_KVM variable, which allows use of nested KVM for
QEMU VMs (which is disabled by default by KVM autodetection).
|
|
IPServiceType set to CS6 (network control) causes problems on some old
network setups that continue to interpret the field as IP TOS.
Make DHCP work on such networks by allowing this field to be set to
CS4 (Realtime) instead, as this maps to IPTOS_LOWDELAY.
Signed-off-by: Siddharth Chandrasekaran <csiddharth@vmware.com>
|
|
|
|
1. DHCP server trasmit
2. Client parses and saves in leases
Implements http://www.rfc-editor.org/rfc/rfc3361.txt
```
Frame 134: 348 bytes on wire (2784 bits), 348 bytes captured (2784 bits) on interface 0
Ethernet II, Src: 42:65:85:d6:4e:32 (42:65:85:d6:4e:32), Dst: 1e:04:f8:b8:2f:d4 (1e:04:f8:b8:2f:d4)
Internet Protocol Version 4, Src: 192.168.5.1, Dst: 192.168.5.11
User Datagram Protocol, Src Port: 67, Dst Port: 68
Dynamic Host Configuration Protocol (ACK)
Message type: Boot Reply (2)
Hardware type: Ethernet (0x01)
Hardware address length: 6
Hops: 0
Transaction ID: 0x7cc87cb4
Seconds elapsed: 0
Bootp flags: 0x0000 (Unicast)
Client IP address: 0.0.0.0
Your (client) IP address: 192.168.5.11
Next server IP address: 0.0.0.0
Relay agent IP address: 0.0.0.0
Client MAC address: 1e:04:f8:b8:2f:d4 (1e:04:f8:b8:2f:d4)
Client hardware address padding: 00000000000000000000
Server host name not given
Boot file name not given
Magic cookie: DHCP
Option: (53) DHCP Message Type (ACK)
Length: 1
DHCP: ACK (5)
Option: (51) IP Address Lease Time
Length: 4
IP Address Lease Time: (3600s) 1 hour
Option: (1) Subnet Mask (255.255.255.0)
Length: 4
Subnet Mask: 255.255.255.0
Option: (3) Router
Length: 4
Router: 192.168.5.1
Option: (6) Domain Name Server
Length: 4
Domain Name Server: 192.168.5.1
Option: (42) Network Time Protocol Servers
Length: 4
Network Time Protocol Server: 192.168.1.1
Option: (120) SIP Servers <=====here
Length: 9
SIP Server Encoding: IPv4 Address (1)
SIP Server Address: 192.168.1.1
SIP Server Address: 192.168.5.2
Option: (101) TCode
Length: 13
TZ TCode: Europe/Berlin
Option: (54) DHCP Server Identifier (192.168.5.1)
Length: 4
DHCP Server Identifier: 192.168.5.1
Option: (255) End
Option End: 255
```
```
cat /run/systemd/netif/state ✔ ⚡ 3148 16:40:51
OPER_STATE=routable
CARRIER_STATE=carrier
ADDRESS_STATE=routable
DNS=192.168.94.2 192.168.5.1
NTP=192.168.5.1
SIP=192.168.1.1 192.168.5.2
```
aa
|
|
|
|
|
|
Closes #13591.
|
|
Closes #13578.
|
|
The "Ex" variant was originally only added for ExecStartXYZ= but it makes
sense to have feature parity for the rest of the exec command properties
as well (e.g. ExecReload=, ExecStop=, etc).
|
|
|
|
network: make networkd able to advertise IPv6 routes on links
|
|
|
|
Implements https://tools.ietf.org/html/rfc4191
cat veth99.network
```
[Match]
Name=veth99
[Network]
DHCP=no
IPv6PrefixDelegation=yes
Address=2001:db8:0:1::1/64
[IPv6Prefix]
Prefix=2001:db8:0:1::4/64
[IPv6RoutePrefix]
Route=2001:db0:fff::/48
```
Wireshark
```
Frame 481: 142 bytes on wire (1136 bits), 142 bytes captured (1136 bits) on interface 0
Ethernet II, Src: 1e:04:f8:b8:2f:d4 (1e:04:f8:b8:2f:d4), Dst: IPv6mcast_01 (33:33:00:00:00:01)
Internet Protocol Version 6, Src: fe80::1c04:f8ff:feb8:2fd4, Dst: ff02::1
Internet Control Message Protocol v6
Type: Router Advertisement (134)
Code: 0
Checksum: 0xec77 [correct]
[Checksum Status: Good]
Cur hop limit: 0
Flags: 0x00, Prf (Default Router Preference): Medium
Router lifetime (s): 0
Reachable time (ms): 0
Retrans timer (ms): 0
ICMPv6 Option (Source link-layer address : 1e:04:f8:b8:2f:d4)
Type: Source link-layer address (1)
Length: 1 (8 bytes)
Link-layer address: 1e:04:f8:b8:2f:d4 (1e:04:f8:b8:2f:d4)
ICMPv6 Option (MTU : 1500)
Type: MTU (5)
Length: 1 (8 bytes)
Reserved
MTU: 1500
ICMPv6 Option (Prefix information : 2001:db8:0:1::4/64)
Type: Prefix information (3)
Length: 4 (32 bytes)
Prefix Length: 64
Flag: 0xc0, On-link flag(L), Autonomous address-configuration flag(A)
Valid Lifetime: 2592000
Preferred Lifetime: 604800
Reserved
Prefix: 2001:db8:0:1::4
ICMPv6 Option (Route Information : Medium 2001:db0:fff::/48)
Type: Route Information (24)
Length: 3 (24 bytes)
Prefix Length: 48
Flag: 0x00, Route Preference: Medium
...0 0... = Route Preference: Medium (0)
000. .000 = Reserved: 0
Route Lifetime: 604800
Prefix: 2001:db0:fff::
```
|
|
test: introduce TEST-37-EXECRELOAD
|
|
|
|
When nspawn container with private network starts, networkd creates
the default route for the interface. The route may cause problem on
the host side, and it can be created with DefaultRouteOnDevice= now.
Hence, this makes networkd not create the route implicitly any more.
Closes #13418.
|
|
core: support systemctl clean more
|
|
|
|
Add a fido_id program meant to be run for devices in the hidraw
subsystem via an IMPORT directive. The program parses the HID report
descriptor and assigns the ID_SECURITY_TOKEN environment variable if a
declared usage matches the FIDO_CTAPHID_USAGE declared in the FIDO CTAP
specification. This replaces the previous approach of whitelisting all
known security token models manually.
This commit is accompanied by a test suite and a fuzzer target for the
descriptor parsing routine.
Fixes: #11996.
|
|
|
|
core: also remove private directories by systemctl clean
|
|
core: make RuntimeDirectoryPreserve= works with non-service units
|
|
|
