public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Revert Merge #82310: nixos/systemd: apply .link

Browse Source 
...even when networkd is disabled

This reverts commit ce78f3ac70, reversing
changes made to dc34da0755.

I'm sorry; Hydra has been unable to evaluate, always returning
> error: unexpected EOF reading a line
and I've been unable to reproduce the problem locally.  Bisecting
pointed to this merge, but I still can't see what exactly was wrong.
This commit is contained in:
Vladimír Čunát 2020-03-13 21:47:07 +01:00
parent 506be57540
commit 0729b8c55e
No known key found for this signature in database
GPG Key ID: E747DF1F9575A3AA
4 changed files with 59 additions and 105 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
nixos/doc/manual/release-notes/rl-2003.xml
View File

@ -712,14 +712,6 @@ auth required pam_succeed_if.so uid >= 1000 quiet
For further reference, please read <link xlink:href="https://github.com/NixOS/nixpkgs/pull/68953">#68953</link> or the corresponding <link xlink:href="https://discourse.nixos.org/t/predictable-network-interface-names-in-initrd/4055">discourse thread</link>. For further reference, please read <link xlink:href="https://github.com/NixOS/nixpkgs/pull/68953">#68953</link> or the corresponding <link xlink:href="https://discourse.nixos.org/t/predictable-network-interface-names-in-initrd/4055">discourse thread</link>.
</para> </para>
</listitem> </listitem>
<listitem>
<para>
The <link linkend="opt-systemd.network.links">systemd.network.links</link> option is now respected
even when <link linkend="opt-systemd.network.enable">systemd-networkd</link> is disabled.
This mirrors the behaviour of systemd - It's udev that parses <literal>.link</literal> files,
not <command>systemd-networkd</command>.
</para>
</listitem>
</itemizedlist> </itemizedlist>
</section> </section>
</section> </section>

17
nixos/modules/services/networking/zerotierone.nix
View File

@ -69,14 +69,13 @@ in
environment.systemPackages = [ cfg.package ]; environment.systemPackages = [ cfg.package ];
# Prevent systemd from potentially changing the MAC address # Prevent systemd from potentially changing the MAC address
systemd.network.links."50-zerotier" = { environment.etc."systemd/network/50-zerotier.link".text = ''
matchConfig = { [Match]
OriginalName = "zt*"; OriginalName=zt*
};
linkConfig = { [Link]
AutoNegotiation = false; AutoNegotiation=false
MACAddressPolicy = "none"; MACAddressPolicy=none
}; '';
};
}; };
} }

79
nixos/modules/system/boot/networkd.nix
View File

@ -355,14 +355,6 @@ let
}; };
linkOptions = commonNetworkOptions // { linkOptions = commonNetworkOptions // {
# overwrite enable option from above
enable = mkOption {
default = true;
type = types.bool;
description = ''
Whether to enable this .link unit. It's handled by udev no matter if <command>systemd-networkd</command> is enabled or not
'';
};
linkConfig = mkOption { linkConfig = mkOption {
default = {}; default = {};
@ -1053,49 +1045,44 @@ in
}; };
config = mkMerge [ config = mkIf config.systemd.network.enable {
# .link units are honored by udev, no matter if systemd-networkd is enabled or not.
{
systemd.network.units = mapAttrs' (n: v: nameValuePair "${n}.link" (linkToUnit n v)) cfg.links;
environment.etc = unitFiles;
}
(mkIf config.systemd.network.enable { users.users.systemd-network.group = "systemd-network";
users.users.systemd-network.group = "systemd-network"; systemd.additionalUpstreamSystemUnits = [
"systemd-networkd.service" "systemd-networkd-wait-online.service"
];
systemd.additionalUpstreamSystemUnits = [ systemd.network.units = mapAttrs' (n: v: nameValuePair "${n}.link" (linkToUnit n v)) cfg.links
"systemd-networkd.service" "systemd-networkd-wait-online.service" // mapAttrs' (n: v: nameValuePair "${n}.netdev" (netdevToUnit n v)) cfg.netdevs
]; // mapAttrs' (n: v: nameValuePair "${n}.network" (networkToUnit n v)) cfg.networks;
systemd.network.units = mapAttrs' (n: v: nameValuePair "${n}.netdev" (netdevToUnit n v)) cfg.netdevs environment.etc = unitFiles;
// mapAttrs' (n: v: nameValuePair "${n}.network" (networkToUnit n v)) cfg.networks;
systemd.services.systemd-networkd = { systemd.services.systemd-networkd = {
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
restartTriggers = attrNames unitFiles; restartTriggers = attrNames unitFiles;
# prevent race condition with interface renaming (#39069) # prevent race condition with interface renaming (#39069)
requires = [ "systemd-udev-settle.service" ]; requires = [ "systemd-udev-settle.service" ];
after = [ "systemd-udev-settle.service" ]; after = [ "systemd-udev-settle.service" ];
};
systemd.services.systemd-networkd-wait-online = {
wantedBy = [ "network-online.target" ];
};
systemd.services."systemd-network-wait-online@" = {
description = "Wait for Network Interface %I to be Configured";
conflicts = [ "shutdown.target" ];
requisite = [ "systemd-networkd.service" ];
after = [ "systemd-networkd.service" ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
ExecStart = "${config.systemd.package}/lib/systemd/systemd-networkd-wait-online -i %I";
}; };
};
systemd.services.systemd-networkd-wait-online = { services.resolved.enable = mkDefault true;
wantedBy = [ "network-online.target" ]; };
};
systemd.services."systemd-network-wait-online@" = {
description = "Wait for Network Interface %I to be Configured";
conflicts = [ "shutdown.target" ];
requisite = [ "systemd-networkd.service" ];
after = [ "systemd-networkd.service" ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
ExecStart = "${config.systemd.package}/lib/systemd/systemd-networkd-wait-online -i %I";
};
};
services.resolved.enable = mkDefault true;
})
];
} }

60
nixos/tests/networking.nix
View File

@ -5,10 +5,11 @@
, networkd }: , networkd }:
with import ../lib/testing-python.nix { inherit system pkgs; }; with import ../lib/testing-python.nix { inherit system pkgs; };
with pkgs.lib;
let let
router = { config, pkgs, lib, ... }: router = { config, pkgs, ... }:
with lib; with pkgs.lib;
let let
vlanIfs = range 1 (length config.virtualisation.vlans); vlanIfs = range 1 (length config.virtualisation.vlans);
in { in {
@ -84,7 +85,7 @@ let
static = { static = {
name = "Static"; name = "Static";
nodes.router = router; nodes.router = router;
nodes.client = { pkgs, lib, ... }: with lib; { nodes.client = { pkgs, ... }: with pkgs.lib; {
virtualisation.vlans = [ 1 2 ]; virtualisation.vlans = [ 1 2 ];
networking = { networking = {
useNetworkd = networkd; useNetworkd = networkd;
@ -136,7 +137,7 @@ let
dhcpSimple = { dhcpSimple = {
name = "SimpleDHCP"; name = "SimpleDHCP";
nodes.router = router; nodes.router = router;
nodes.client = { pkgs, lib, ... }: with lib; { nodes.client = { pkgs, ... }: with pkgs.lib; {
virtualisation.vlans = [ 1 2 ]; virtualisation.vlans = [ 1 2 ];
networking = { networking = {
useNetworkd = networkd; useNetworkd = networkd;
@ -192,7 +193,7 @@ let
dhcpOneIf = { dhcpOneIf = {
name = "OneInterfaceDHCP"; name = "OneInterfaceDHCP";
nodes.router = router; nodes.router = router;
nodes.client = { pkgs, lib, ... }: with lib; { nodes.client = { pkgs, ... }: with pkgs.lib; {
virtualisation.vlans = [ 1 2 ]; virtualisation.vlans = [ 1 2 ];
networking = { networking = {
useNetworkd = networkd; useNetworkd = networkd;
@ -231,7 +232,7 @@ let
''; '';
}; };
bond = let bond = let
node = address: { pkgs, lib, ... }: with lib; { node = address: { pkgs, ... }: with pkgs.lib; {
virtualisation.vlans = [ 1 2 ]; virtualisation.vlans = [ 1 2 ];
networking = { networking = {
useNetworkd = networkd; useNetworkd = networkd;
@ -267,7 +268,7 @@ let
''; '';
}; };
bridge = let bridge = let
node = { address, vlan }: { pkgs, lib, ... }: with lib; { node = { address, vlan }: { pkgs, ... }: with pkgs.lib; {
virtualisation.vlans = [ vlan ]; virtualisation.vlans = [ vlan ];
networking = { networking = {
useNetworkd = networkd; useNetworkd = networkd;
@ -280,7 +281,7 @@ let
name = "Bridge"; name = "Bridge";
nodes.client1 = node { address = "192.168.1.2"; vlan = 1; }; nodes.client1 = node { address = "192.168.1.2"; vlan = 1; };
nodes.client2 = node { address = "192.168.1.3"; vlan = 2; }; nodes.client2 = node { address = "192.168.1.3"; vlan = 2; };
nodes.router = { pkgs, lib, ... }: with lib; { nodes.router = { pkgs, ... }: with pkgs.lib; {
virtualisation.vlans = [ 1 2 ]; virtualisation.vlans = [ 1 2 ];
networking = { networking = {
useNetworkd = networkd; useNetworkd = networkd;
@ -317,7 +318,7 @@ let
macvlan = { macvlan = {
name = "MACVLAN"; name = "MACVLAN";
nodes.router = router; nodes.router = router;
nodes.client = { pkgs, lib, ... }: with lib; { nodes.client = { pkgs, ... }: with pkgs.lib; {
environment.systemPackages = [ pkgs.iptables ]; # to debug firewall rules environment.systemPackages = [ pkgs.iptables ]; # to debug firewall rules
virtualisation.vlans = [ 1 ]; virtualisation.vlans = [ 1 ];
networking = { networking = {
@ -371,7 +372,7 @@ let
''; '';
}; };
sit = let sit = let
node = { address4, remote, address6 }: { pkgs, lib, ... }: with lib; { node = { address4, remote, address6 }: { pkgs, ... }: with pkgs.lib; {
virtualisation.vlans = [ 1 ]; virtualisation.vlans = [ 1 ];
networking = { networking = {
useNetworkd = networkd; useNetworkd = networkd;
@ -413,7 +414,7 @@ let
''; '';
}; };
vlan = let vlan = let
node = address: { pkgs, lib, ... }: with lib; { node = address: { pkgs, ... }: with pkgs.lib; {
#virtualisation.vlans = [ 1 ]; #virtualisation.vlans = [ 1 ];
networking = { networking = {
useNetworkd = networkd; useNetworkd = networkd;
@ -526,7 +527,7 @@ let
''; '';
}; };
}; };
nodes.client_with_privacy = { pkgs, lib, ... }: with lib; { nodes.client_with_privacy = { pkgs, ... }: with pkgs.lib; {
virtualisation.vlans = [ 1 ]; virtualisation.vlans = [ 1 ];
networking = { networking = {
useNetworkd = networkd; useNetworkd = networkd;
@ -539,7 +540,7 @@ let
}; };
}; };
}; };
nodes.client = { pkgs, lib, ... }: with lib; { nodes.client = { pkgs, ... }: with pkgs.lib; {
virtualisation.vlans = [ 1 ]; virtualisation.vlans = [ 1 ];
networking = { networking = {
useNetworkd = networkd; useNetworkd = networkd;
@ -602,9 +603,9 @@ let
testScript = '' testScript = ''
targetIPv4Table = """ targetIPv4Table = """
10.0.0.0/16 proto static scope link mtu 1500 10.0.0.0/16 proto static scope link mtu 1500
192.168.1.0/24 proto kernel scope link src 192.168.1.2 192.168.1.0/24 proto kernel scope link src 192.168.1.2
192.168.2.0/24 via 192.168.1.1 proto static 192.168.2.0/24 via 192.168.1.1 proto static
""".strip() """.strip()
targetIPv6Table = """ targetIPv6Table = """
@ -654,33 +655,8 @@ let
), "The IPv6 routing table has not been properly cleaned:\n{}".format(ipv6Residue) ), "The IPv6 routing table has not been properly cleaned:\n{}".format(ipv6Residue)
''; '';
}; };
# even with disabled networkd, systemd.network.links should work
# (as it's handled by udev, not networkd)
link = {
name = "Link";
nodes.client = { pkgs, ... }: {
virtualisation.vlans = [ 1 ];
networking = {
useNetworkd = networkd;
useDHCP = false;
};
systemd.network.links."50-foo" = {
matchConfig = {
Name = "foo";
Driver = "dummy";
};
linkConfig.MTUBytes = "1442";
};
};
testScript = ''
print(client.succeed("ip l add name foo type dummy"))
print(client.succeed("stat /etc/systemd/network/50-foo.link"))
client.succeed("udevadm settle")
assert "mtu 1442" in client.succeed("ip l show dummy0")
'';
};
}; };
in pkgs.lib.mapAttrs (pkgs.lib.const (attrs: makeTest (attrs // { in mapAttrs (const (attrs: makeTest (attrs // {
name = "${attrs.name}-Networking-${if networkd then "Networkd" else "Scripted"}"; name = "${attrs.name}-Networking-${if networkd then "Networkd" else "Scripted"}";
}))) testCases }))) testCases