Commit e8331497 authored by Dan Streetman's avatar Dan Streetman Committed by Dimitri John Ledkov
Browse files

Import Debian changes 237-3ubuntu10.20

systemd (237-3ubuntu10.20) bionic; urgency=medium

  [ Ioanna Alifieraki ]
  * d/p/backport_network-fix-return-value-of-routing_policy_rule_get.patch,
    d/p/backport_network-remove-routing-policy-rule-from-foreign.patch,
    d/p/backport_network-do-not-remove-rule-when-requested-by-existing-links.patch:
    - Fix RoutingPolicyRule does not apply correctly (LP: #1818282)

  [ Dan Streetman ]
  * d/p/fix-test-22.patch
    - fix TEST-22 failures
  * d/p/networkd-Track-address-configuration.patch,
    d/p/networkd-Use-only-a-generic-CONFIGURING-state.patch,
    d/p/networkd-don-t-remove-route.patch,
    d/p/networkd-don-t-remove-ip-address.patch,
    d/p/Move-link_check_ready-to-later-in-the-file.patch,
    d/p/network-set-_configured-flags-to-false-before-reques.patch,
    d/p/Install-routes-after-addresses-are-ready.patch:
    - PreferredSource not working in *.network files (LP: #1812760)

  [ Dimitri John Ledkov ]
  * Specify Ubuntu's Vcs-Git
parent 1b7798f0
systemd (237-3ubuntu10.20) bionic; urgency=medium
[ Ioanna Alifieraki ]
* d/p/backport_network-fix-return-value-of-routing_policy_rule_get.patch,
d/p/backport_network-remove-routing-policy-rule-from-foreign.patch,
d/p/backport_network-do-not-remove-rule-when-requested-by-existing-links.patch:
- Fix RoutingPolicyRule does not apply correctly (LP: #1818282)
[ Dan Streetman ]
* d/p/fix-test-22.patch
- fix TEST-22 failures
* d/p/networkd-Track-address-configuration.patch,
d/p/networkd-Use-only-a-generic-CONFIGURING-state.patch,
d/p/networkd-don-t-remove-route.patch,
d/p/networkd-don-t-remove-ip-address.patch,
d/p/Move-link_check_ready-to-later-in-the-file.patch,
d/p/network-set-_configured-flags-to-false-before-reques.patch,
d/p/Install-routes-after-addresses-are-ready.patch:
- PreferredSource not working in *.network files (LP: #1812760)
[ Dimitri John Ledkov ]
* Specify Ubuntu's Vcs-Git
-- Dan Streetman <ddstreet@canonical.com> Thu, 04 Apr 2019 07:29:38 -0400
systemd (237-3ubuntu10.19) bionic-security; urgency=medium
* SECURITY UDPATE: Unsafe environment usage in pam_systemd.so leads to
......
......@@ -9,8 +9,10 @@ Uploaders: Michael Biebl <biebl@debian.org>,
Martin Pitt <mpitt@debian.org>
Standards-Version: 4.1.3
Rules-Requires-Root: no
Vcs-Git: https://salsa.debian.org/systemd-team/systemd.git
Vcs-Browser: https://salsa.debian.org/systemd-team/systemd
Vcs-Git: https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd -b ubuntu-bionic
Vcs-Browser: https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd
XS-Vcs-Debian-Git: https://salsa.debian.org/systemd-team/systemd.git
XS-Vcs-Debian-Browser: https://salsa.debian.org/systemd-team/systemd
Homepage: https://www.freedesktop.org/wiki/Software/systemd
Build-Depends: debhelper (>= 10.4~),
pkg-config,
......
From 6aa5773bfff0a92d64da70426cae833df6f84daf Mon Sep 17 00:00:00 2001
From: Daniel Axtens <dja@axtens.net>
Date: Wed, 5 Dec 2018 21:49:35 +1100
Subject: [PATCH] Install routes after addresses are ready
If an IPv6 route is added with a source address that is still
tentative, the kernel will refuse to install it.
Previously, once we sent the messages to the kernel to add the
addresses, we would immediately proceed to add the routes. The
addresses would usually still be tentative at this point, so
adding static IPv6 routes was broken - see issue #5882.
Now, only begin to configure routes once the addresses are ready,
by restructuring the state machine, and tracking when addresses are
ready, not just added.
Fixes: #5882
Signed-off-by: Daniel Axtens <dja@axtens.net>
Origin: upstream, https://github.com/systemd/systemd/commit/6aa5773bfff0a92d64da70426cae833df6f84daf
Bug-Ubuntu: https://launchpad.net/bugs/1812760
---
src/network/networkd-link.c | 18 ++++++++++++------
src/network/networkd-link.h | 1 +
2 files changed, 13 insertions(+), 6 deletions(-)
--- a/src/network/networkd-link.c
+++ b/src/network/networkd-link.c
@@ -855,6 +855,15 @@
if (!link->addresses_configured)
return;
+ SET_FOREACH(a, link->addresses, i)
+ if (!address_is_ready(a))
+ return;
+
+ if (!link->addresses_ready) {
+ link->addresses_ready = true;
+ link_request_set_routes(link);
+ }
+
if (!link->static_routes_configured)
return;
@@ -886,10 +895,6 @@
return;
}
- SET_FOREACH(a, link->addresses, i)
- if (!address_is_ready(a))
- return;
-
if (link->state != LINK_STATE_CONFIGURED)
link_enter_configured(link);
@@ -940,7 +945,7 @@
if (link->address_messages == 0) {
log_link_debug(link, "Addresses set");
link->addresses_configured = true;
- link_request_set_routes(link);
+ link_check_ready(link);
}
return 1;
@@ -1097,6 +1102,7 @@
/* Reset all *_configured flags we are configuring. */
link->addresses_configured = false;
+ link->addresses_ready = false;
link->static_routes_configured = false;
link->routing_policy_rules_configured = false;
@@ -1248,7 +1254,7 @@
if (link->address_messages == 0) {
link->addresses_configured = true;
- link_request_set_routes(link);
+ link_check_ready(link);
} else
log_link_debug(link, "Setting addresses");
--- a/src/network/networkd-link.h
+++ b/src/network/networkd-link.h
@@ -98,6 +98,8 @@
bool addresses_configured;
+ bool addresses_ready;
+
sd_dhcp_client *dhcp_client;
sd_dhcp_lease *dhcp_lease;
char *lease_file;
From 6accfd3139a0ccef9859b742452c04926f52515c Mon Sep 17 00:00:00 2001
From: Daniel Axtens <dja@axtens.net>
Date: Wed, 5 Dec 2018 20:39:41 +1100
Subject: [PATCH] Move link_check_ready() to later in the file
We're about to need it to be later in the file for the next commit.
Moving it now means that when we change it in the next commit, it's
not intermingled with the move.
No functional change intended.
Signed-off-by: Daniel Axtens <dja@axtens.net>
Origin: upstream, https://github.com/systemd/systemd/commit/6accfd3139a0ccef9859b742452c04926f52515c
Bug-Ubuntu: https://launchpad.net/bugs/1812760
---
src/network/networkd-link.c | 114 ++++++++++++++++++------------------
1 file changed, 57 insertions(+), 57 deletions(-)
--- a/src/network/networkd-link.c
+++ b/src/network/networkd-link.c
@@ -741,62 +741,6 @@
link_dirty(link);
}
-void link_check_ready(Link *link) {
- Address *a;
- Iterator i;
-
- assert(link);
-
- if (IN_SET(link->state, LINK_STATE_FAILED, LINK_STATE_LINGER))
- return;
-
- if (!link->network)
- return;
-
- if (!link->addresses_configured)
- return;
-
- if (!link->static_routes_configured)
- return;
-
- if (!link->routing_policy_rules_configured)
- return;
-
- if (link_ipv4ll_enabled(link))
- if (!link->ipv4ll_address ||
- !link->ipv4ll_route)
- return;
-
- if (!link->network->bridge) {
-
- if (link_ipv6ll_enabled(link))
- if (in_addr_is_null(AF_INET6, (const union in_addr_union*) &link->ipv6ll_address) > 0)
- return;
-
- if ((link_dhcp4_enabled(link) && !link_dhcp6_enabled(link) &&
- !link->dhcp4_configured) ||
- (link_dhcp6_enabled(link) && !link_dhcp4_enabled(link) &&
- !link->dhcp6_configured) ||
- (link_dhcp4_enabled(link) && link_dhcp6_enabled(link) &&
- !link->dhcp4_configured && !link->dhcp6_configured))
- return;
-
- bool implicit = false;
- if (link_ipv6_accept_ra_enabled_implicit(link, &implicit) && !link->ndisc_configured)
- if (!implicit)
- return;
- }
-
- SET_FOREACH(a, link->addresses, i)
- if (!address_is_ready(a))
- return;
-
- if (link->state != LINK_STATE_CONFIGURED)
- link_enter_configured(link);
-
- return;
-}
-
static int link_set_routing_policy_rule(Link *link) {
RoutingPolicyRule *rule, *rrule = NULL;
int r;
@@ -892,6 +836,62 @@
return 0;
}
+void link_check_ready(Link *link) {
+ Address *a;
+ Iterator i;
+
+ assert(link);
+
+ if (IN_SET(link->state, LINK_STATE_FAILED, LINK_STATE_LINGER))
+ return;
+
+ if (!link->network)
+ return;
+
+ if (!link->addresses_configured)
+ return;
+
+ if (!link->static_routes_configured)
+ return;
+
+ if (!link->routing_policy_rules_configured)
+ return;
+
+ if (link_ipv4ll_enabled(link))
+ if (!link->ipv4ll_address ||
+ !link->ipv4ll_route)
+ return;
+
+ if (!link->network->bridge) {
+
+ if (link_ipv6ll_enabled(link))
+ if (in_addr_is_null(AF_INET6, (const union in_addr_union*) &link->ipv6ll_address) > 0)
+ return;
+
+ if ((link_dhcp4_enabled(link) && !link_dhcp6_enabled(link) &&
+ !link->dhcp4_configured) ||
+ (link_dhcp6_enabled(link) && !link_dhcp4_enabled(link) &&
+ !link->dhcp6_configured) ||
+ (link_dhcp4_enabled(link) && link_dhcp6_enabled(link) &&
+ !link->dhcp4_configured && !link->dhcp6_configured))
+ return;
+
+ bool implicit = false;
+ if (link_ipv6_accept_ra_enabled_implicit(link, &implicit) && !link->ndisc_configured)
+ if (!implicit)
+ return;
+ }
+
+ SET_FOREACH(a, link->addresses, i)
+ if (!address_is_ready(a))
+ return;
+
+ if (link->state != LINK_STATE_CONFIGURED)
+ link_enter_configured(link);
+
+ return;
+}
+
int link_route_remove_handler(sd_netlink *rtnl, sd_netlink_message *m, void *userdata) {
_cleanup_link_unref_ Link *link = userdata;
int r;
From 031fb59a984e5b51f3c72aa8125ecc50b08011fe Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Fri, 22 Feb 2019 13:32:47 +0900
Subject: [PATCH] network: do not remove rule when it is requested by existing
links
Otherwise, the first link once removes all saved rules in the foreign
rule database, and the second or later links create again...
Origin: upstream, https://github.com/systemd/systemd/pull/11795/commits/031fb59a984e5b51f3c72aa8125ecc50b08011fe
Bug: https://github.com/systemd/systemd/issues/11280
Bug-Ubuntu: https://launchpad.net/bugs/1818282
---
Index: systemd-237/src/network/networkd-routing-policy-rule.c
===================================================================
--- systemd-237.orig/src/network/networkd-routing-policy-rule.c
+++ systemd-237/src/network/networkd-routing-policy-rule.c
@@ -1045,6 +1045,26 @@ int routing_policy_load_rules(const char
return 0;
}
+static bool manager_links_have_routing_policy_rule(Manager *m, RoutingPolicyRule *rule) {
+ RoutingPolicyRule *link_rule;
+ Iterator i;
+ Link *link;
+
+ assert(m);
+ assert(rule);
+
+ HASHMAP_FOREACH(link, m->links, i) {
+ if (!link->network)
+ continue;
+
+ LIST_FOREACH(rules, link_rule, link->network->rules)
+ if (routing_policy_rule_compare_func(link_rule, rule) == 0)
+ return true;
+ }
+
+ return false;
+}
+
void routing_policy_rule_purge(Manager *m, Link *link) {
RoutingPolicyRule *rule, *existing;
Iterator i;
@@ -1058,6 +1078,12 @@ void routing_policy_rule_purge(Manager *
if (!existing)
continue; /* Saved rule does not exist anymore. */
+ if (manager_links_have_routing_policy_rule(m, existing))
+ continue; /* Existing links have the saved rule. */
+
+ /* Existing links do not have the saved rule. Let's drop the
+ * rule now, and re-configure it later when it is requested. */
+
r = routing_policy_rule_remove(rule, link, routing_policy_rule_remove_handler);
if (r < 0) {
log_warning_errno(r, "Could not remove routing policy rules: %m");
From e6b65ab76073338a620a0c425d4b17f2281c1eb0 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Thu, 1 Nov 2018 23:38:01 +0900
Subject: [PATCH] network: fix return value of routing_policy_rule_get()
To distinguish source of rule.
Origin: upstream, https://github.com/systemd/systemd/commit/e6b65ab76073338a620
Bug: https://github.com/systemd/systemd/issues/11280
Bug-Ubuntu: https://launchpad.net/bugs/1818282
---
Index: systemd-237/src/network/networkd-link.c
===================================================================
--- systemd-237.orig/src/network/networkd-link.c
+++ systemd-237/src/network/networkd-link.c
@@ -804,7 +804,7 @@ static int link_set_routing_policy_rule(
LIST_FOREACH(rules, rule, link->network->rules) {
r = routing_policy_rule_get(link->manager, rule->family, &rule->from, rule->from_prefixlen, &rule->to,
rule->to_prefixlen, rule->tos, rule->fwmark, rule->table, rule->iif, rule->oif, &rrule);
- if (r == 1) {
+ if (r == 0) {
(void) routing_policy_rule_make_local(link->manager, rrule);
continue;
}
Index: systemd-237/src/network/networkd-routing-policy-rule.c
===================================================================
--- systemd-237.orig/src/network/networkd-routing-policy-rule.c
+++ systemd-237/src/network/networkd-routing-policy-rule.c
@@ -212,7 +212,7 @@ int routing_policy_rule_get(Manager *m,
if (existing) {
if (ret)
*ret = existing;
- return 1;
+ return 0;
}
}
From 92cd00b9749141907a1110044cc7d1f01caff545 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Fri, 22 Feb 2019 13:27:44 +0900
Subject: [PATCH] network: remove routing policy rule from foreign rule
database when it is removed
Previously, When the first link configures rules, it removes all saved
rules, which were configured by networkd previously, in the foreign rule
database, but the rules themselves are still in the database.
Thus, when the second or later link configures rules, it errnously
treats the rules already exist.
This is the root of issue #11280.
This removes rules from the foreign database when they are removed.
Fixes #11280.
Origin: upstream, https://github.com/systemd/systemd/pull/11795/commits/92cd00b9749141907a1110044cc7d1f01caff545
Bug: https://github.com/systemd/systemd/issues/11280
Bug-Ubuntu: https://launchpad.net/bugs/1818282
---
Index: systemd-237/src/network/networkd-routing-policy-rule.c
===================================================================
--- systemd-237.orig/src/network/networkd-routing-policy-rule.c
+++ systemd-237/src/network/networkd-routing-policy-rule.c
@@ -1055,15 +1055,18 @@ void routing_policy_rule_purge(Manager *
SET_FOREACH(rule, m->rules_saved, i) {
existing = set_get(m->rules_foreign, rule);
- if (existing) {
+ if (!existing)
+ continue; /* Saved rule does not exist anymore. */
- r = routing_policy_rule_remove(rule, link, routing_policy_rule_remove_handler);
- if (r < 0) {
- log_warning_errno(r, "Could not remove routing policy rules: %m");
- continue;
- }
-
- link->routing_policy_rule_remove_messages++;
+ r = routing_policy_rule_remove(rule, link, routing_policy_rule_remove_handler);
+ if (r < 0) {
+ log_warning_errno(r, "Could not remove routing policy rules: %m");
+ continue;
}
+
+ link->routing_policy_rule_remove_messages++;
+
+ assert_se(set_remove(m->rules_foreign, existing) == existing);
+ routing_policy_rule_free(existing);
}
}
Author: Dan Streetman <ddstreet@canonical.com>
Subject: fix TEST-22
Forwarded: not-needed
This fixes the constant failure of TEST-22.
--- a/src/tmpfiles/tmpfiles.c
+++ b/src/tmpfiles/tmpfiles.c
@@ -1679,6 +1679,10 @@
}
if (r < 0)
return log_error_errno(r, "is_dir() failed on path %s: %m", path);
+ if (r == 0) {
+ log_error("'%s' already exists and is not a directory.", path);
+ return -EEXIST;
+ }
return path_set_perms(i, path);
}
@@ -1998,7 +2002,7 @@
break;
case EMPTY_DIRECTORY:
- r = empty_directory(i, i->path);
+ r = glob_item(i, empty_directory);
if (r < 0)
return r;
diff --git a/test/TEST-22-TMPFILES/run-tmpfiles-tests.sh b/test/TEST-22-TMPFILES/run-tmpfiles-tests.sh
old mode 100644
new mode 100755
diff --git a/test/TEST-22-TMPFILES/test-01.sh b/test/TEST-22-TMPFILES/test-01.sh
old mode 100644
new mode 100755
diff --git a/test/TEST-22-TMPFILES/test.sh b/test/TEST-22-TMPFILES/test.sh
old mode 100644
new mode 100755
From 2428613f854f46b6624199c2dc58d02617320133 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Sun, 30 Dec 2018 22:08:10 +0900
Subject: [PATCH] network: set *_configured flags to false before requesting
addresses or freinds
Fixes #11272.
Origin: upstream, https://github.com/systemd/systemd/commit/2428613f854f46b6624199c2dc58d02617320133
Bug-Ubuntu: https://launchpad.net/bugs/1812760
---
src/network/networkd-link.c | 15 +++++++++++++--
1 file changed, 13 insertions(+), 2 deletions(-)
--- a/src/network/networkd-link.c
+++ b/src/network/networkd-link.c
@@ -748,6 +748,9 @@
assert(link);
assert(link->network);
+ link_set_state(link, LINK_STATE_CONFIGURING);
+ link->routing_policy_rules_configured = false;
+
LIST_FOREACH(rules, rule, link->network->rules) {
r = routing_policy_rule_get(link->manager, rule->family, &rule->from, rule->from_prefixlen, &rule->to,
rule->to_prefixlen, rule->tos, rule->fwmark, rule->table, rule->iif, rule->oif, &rrule);
@@ -813,6 +816,7 @@
assert(link->state != _LINK_STATE_INVALID);
link_set_state(link, LINK_STATE_CONFIGURING);
+ link->static_routes_configured = false;
(void) link_set_routing_policy_rule(link);
@@ -1089,12 +1093,17 @@
assert(link->network);
assert(link->state != _LINK_STATE_INVALID);
+ link_set_state(link, LINK_STATE_CONFIGURING);
+
+ /* Reset all *_configured flags we are configuring. */
+ link->addresses_configured = false;
+ link->static_routes_configured = false;
+ link->routing_policy_rules_configured = false;
+
r = link_set_bridge_fdb(link);
if (r < 0)
return r;
- link_set_state(link, LINK_STATE_CONFIGURING);
-
LIST_FOREACH(addresses, ad, link->network->static_addresses) {
r = address_configure(ad, link, address_handler, false);
if (r < 0) {
From c42ff3a1a7bfea66dc4655096c79bd481159091b Mon Sep 17 00:00:00 2001
From: "William A. Kennington III" <william@wkennington.com>
Date: Fri, 30 Nov 2018 15:54:45 -0800
Subject: [PATCH] networkd: Track address configuration
This will be useful to assert that our static route configuration always
happens after address configuration once our individual configure state
goes away.
Origin: upstream, https://github.com/systemd/systemd/commit/c42ff3a1a7bfea66dc4655096c79bd481159091b
Bug-Ubuntu: https://launchpad.net/bugs/1812760
---
src/network/networkd-link.c | 11 +++++++++--
src/network/networkd-link.h | 2 ++
2 files changed, 11 insertions(+), 2 deletions(-)
--- a/src/network/networkd-link.c
+++ b/src/network/networkd-link.c
@@ -753,6 +753,9 @@
if (!link->network)
return;
+ if (!link->addresses_configured)
+ return;
+
if (!link->static_routes_configured)
return;
@@ -862,6 +865,8 @@
assert(link);
assert(link->network);
+ assert(link->addresses_configured);
+ assert(link->address_messages == 0);
assert(link->state == LINK_STATE_SETTING_ADDRESSES);
(void) link_set_routing_policy_rule(link);
@@ -931,6 +936,7 @@
if (link->address_messages == 0) {
log_link_debug(link, "Addresses set");
+ link->addresses_configured = true;
link_enter_set_routes(link);
}
@@ -1232,9 +1238,10 @@
log_link_debug(link, "Offering DHCPv4 leases");
}
- if (link->address_messages == 0)
+ if (link->address_messages == 0) {
+ link->addresses_configured = true;
link_enter_set_routes(link);
- else
+ } else
log_link_debug(link, "Setting addresses");
return 0;
--- a/src/network/networkd-link.h
+++ b/src/network/networkd-link.h
@@ -98,6 +98,8 @@
Set *routes;
Set *routes_foreign;
+ bool addresses_configured;
+
sd_dhcp_client *dhcp_client;
sd_dhcp_lease *dhcp_lease;
char *lease_file;
From 289e6774d0daefe86771171b8f4f97b63354683e Mon Sep 17 00:00:00 2001
From: "William A. Kennington III" <william@wkennington.com>
Date: Fri, 30 Nov 2018 15:36:33 -0800
Subject: [PATCH] networkd: Use only a generic CONFIGURING state