From 108c88014d6cf1f9e4612fb403e0044337a755d2 Mon Sep 17 00:00:00 2001 From: Maximilian Wilhelm Date: Thu, 17 Jun 2021 18:08:51 +0200 Subject: [PATCH 01/31] doc: Clarify expected config file format for wireguard. The configuration file format for use with 'wg-quick' and 'wg setconf' are imcompatible. Explicitly state which format is required and how to convert a present configuration. Signed-off-by: Maximilian Wilhelm --- doc/interfaces-wireguard.scd | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/doc/interfaces-wireguard.scd b/doc/interfaces-wireguard.scd index 900b900..79f4285 100644 --- a/doc/interfaces-wireguard.scd +++ b/doc/interfaces-wireguard.scd @@ -18,6 +18,15 @@ allow to set up Wireguard VPN tunnels. used. In the latter case _use wireguard_ has to be explicitly set to the interface configuration. + Be aware that the given configuration file will be loaded using + *wg setconf* and not with *wg-quick*. The file format for both + tools isn't compatible so you have to make sure you provide a + valid configuration file for the *wg* tool. If you already have + a configuration file for *wg-quick* you can set up the tunnel + manually once and then dump the configuration using *wg showconf* + and save this to _path_. + + # EXAMPLES A Wireguard VPN tunnel with explicit configuration file specified From 96fa8ccbf94e3aa36c1d89e85d2188699915554f Mon Sep 17 00:00:00 2001 From: Ariadne Conill Date: Sat, 10 Jul 2021 18:28:55 -0600 Subject: [PATCH 02/31] build: add EXECUTOR_SCRIPTS_NATIVE --- Makefile | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/Makefile b/Makefile index 5b41f7e..811950c 100644 --- a/Makefile +++ b/Makefile @@ -119,6 +119,8 @@ EXECUTOR_SCRIPTS ?= ${EXECUTOR_SCRIPTS_CORE} ${EXECUTOR_SCRIPTS_OPT} EXECUTOR_SCRIPTS_STUB ?= +EXECUTOR_SCRIPTS_NATIVE ?= + TARGET_LIBS = ${LIBIFUPDOWN_LIB} LIBS += ${TARGET_LIBS} ${LIBBSD_LIBS} @@ -153,6 +155,9 @@ install: all for i in ${EXECUTOR_SCRIPTS_STUB}; do \ install -D -m755 executor-scripts/stub/$$i ${DESTDIR}${EXECUTOR_PATH}/$$i; \ done + for i in ${EXECUTOR_SCRIPTS_NATIVE}; do \ + install -D -m755 executor-scripts/${LAYOUT}-native/$$i ${DESTDIR}${EXECUTOR_PATH}/$$i; \ + done install -D -m644 dist/ifupdown-ng.conf.example ${DESTDIR}${CONFIG_FILE}.example .scd.1 .scd.2 .scd.3 .scd.4 .scd.5 .scd.6 .scd.7 .scd.8: From b25448f42f2f58a8b32d34d69450a03d32b39207 Mon Sep 17 00:00:00 2001 From: Ariadne Conill Date: Sun, 8 Aug 2021 12:13:31 -0600 Subject: [PATCH 03/31] kyua is available on Debian now --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 7d86137..4b03d23 100644 --- a/README.md +++ b/README.md @@ -39,7 +39,7 @@ On glibc systems, you must install `libbsd-dev` or equivalent and additionally d make LIBBSD_CFLAGS="$(pkg-config --cflags libbsd-overlay)" LIBBSD_LIBS="$(pkg-config --cflags --libs libbsd-overlay)" make install -To run the tests, do `make check`. Running the checks requires `kyua` (`apk add kyua`, not packaged for Debian). +To run the tests, do `make check`. Running the checks requires `kyua` (`apk add kyua` / `apt install kyua`). To build the documentation, do `make docs` and `make install_docs`. Building the documentation requires scdoc (`apk add scdoc` / `apt install scdoc`). From 4033f6374fb5723bf1e394576f273e17dff11824 Mon Sep 17 00:00:00 2001 From: Maximilian Wilhelm Date: Wed, 1 Sep 2021 19:21:21 +0200 Subject: [PATCH 04/31] Update copyright notice Signed-off-by: Maximilian Wilhelm --- COPYING | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/COPYING b/COPYING index 537f879..7240951 100644 --- a/COPYING +++ b/COPYING @@ -1,4 +1,5 @@ -Copyright (c) 2020 Ariadne Conill +Copyright (c) 2020-2021 Ariadne Conill +Copyright (c) 2020-2021 Maximilian Wilhelm Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted, provided that the above From 0547924ee86f20afdaf5ed7ff8df2c3b2aa45a3a Mon Sep 17 00:00:00 2001 From: Maximilian Wilhelm Date: Sun, 12 Sep 2021 18:10:51 +0200 Subject: [PATCH 05/31] Fix delcaration/prototype for lif_compat_apply() Signed-off-by: Maximilian Wilhelm --- libifupdown/compat.c | 3 ++- libifupdown/compat.h | 1 + 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/libifupdown/compat.c b/libifupdown/compat.c index b6e5547..1c8f233 100644 --- a/libifupdown/compat.c +++ b/libifupdown/compat.c @@ -16,6 +16,7 @@ #include #include #include +#include "libifupdown/compat.h" #include "libifupdown/config-file.h" #include "libifupdown/dict.h" #include "libifupdown/interface.h" @@ -102,7 +103,7 @@ compat_ifupdown2_bridge_ports_inherit_vlans(struct lif_dict *collection) return true; } -extern bool +bool lif_compat_apply(struct lif_dict *collection) { if (lif_config.compat_ifupdown2_bridge_ports_inherit_vlans && diff --git a/libifupdown/compat.h b/libifupdown/compat.h index ebb668b..2bdfef2 100644 --- a/libifupdown/compat.h +++ b/libifupdown/compat.h @@ -17,6 +17,7 @@ #define LIBIFUPDOWN__COMPAT_H #include "libifupdown/config-file.h" +#include "libifupdown/dict.h" extern bool lif_compat_apply (struct lif_dict *collection); From 65e5e07c5f9ac6e8356a9ed5776dc2079a1aa651 Mon Sep 17 00:00:00 2001 From: Maximilian Wilhelm Date: Sun, 12 Sep 2021 18:11:43 +0200 Subject: [PATCH 06/31] Fix prototype of append_to_buffer() Signed-off-by: Maximilian Wilhelm --- libifupdown/lifecycle.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libifupdown/lifecycle.c b/libifupdown/lifecycle.c index f0bd2b3..4be5678 100644 --- a/libifupdown/lifecycle.c +++ b/libifupdown/lifecycle.c @@ -114,7 +114,7 @@ query_dependents_from_executors(const struct lif_execute_opts *opts, char *const return true; } -bool +static bool append_to_buffer(char **buffer, size_t *buffer_len, char **end, const char *value) { size_t value_len = strlen (value); From 67fc80fc78a46eafdc1ffb293231c14e4f6065ad Mon Sep 17 00:00:00 2001 From: Maximilian Wilhelm Date: Sun, 12 Sep 2021 18:26:07 +0200 Subject: [PATCH 07/31] Fix missingp prototypes for static functions Signed-off-by: Maximilian Wilhelm --- cmd/ifparse.c | 2 +- cmd/ifquery.c | 10 +++++----- cmd/ifupdown.c | 14 +++++++------- cmd/multicall.c | 4 ++-- 4 files changed, 15 insertions(+), 15 deletions(-) diff --git a/cmd/ifparse.c b/cmd/ifparse.c index d39379b..e8c0535 100644 --- a/cmd/ifparse.c +++ b/cmd/ifparse.c @@ -131,7 +131,7 @@ pp_impl_cmp(const void *a, const void *b) return strcmp(key, impl->name); } -int +static int ifparse_main(int argc, char *argv[]) { struct lif_dict state = {}; diff --git a/cmd/ifquery.c b/cmd/ifquery.c index 5931db9..86a3f64 100644 --- a/cmd/ifquery.c +++ b/cmd/ifquery.c @@ -22,7 +22,7 @@ #include "cmd/multicall.h" #include "cmd/pretty-print-iface.h" -void +static void print_interface_dot(struct lif_dict *collection, struct lif_interface *iface, struct lif_interface *parent) { if (!lif_lifecycle_query_dependents(&exec_opts, iface, iface->ifname)) @@ -57,7 +57,7 @@ print_interface_dot(struct lif_dict *collection, struct lif_interface *iface, st } } -void +static void print_interface_property(struct lif_interface *iface, const char *property) { struct lif_node *iter; @@ -83,7 +83,7 @@ print_interface_property(struct lif_interface *iface, const char *property) } } -void +static void list_interfaces(struct lif_dict *collection, struct match_options *opts) { struct lif_node *iter; @@ -126,7 +126,7 @@ list_interfaces(struct lif_dict *collection, struct match_options *opts) static bool listing = false, listing_stat = false, listing_running = false; static bool allow_undefined = false; -void +static void list_state(struct lif_dict *state, struct match_options *opts) { struct lif_node *iter; @@ -217,7 +217,7 @@ static struct if_option_group local_option_group = { .group = local_options }; -int +static int ifquery_main(int argc, char *argv[]) { struct lif_dict state = {}; diff --git a/cmd/ifupdown.c b/cmd/ifupdown.c index 1d39cd5..7ac3c88 100644 --- a/cmd/ifupdown.c +++ b/cmd/ifupdown.c @@ -27,7 +27,7 @@ static bool up; -bool +static bool is_ifdown() { if (strstr(argv0, "ifdown") != NULL) @@ -36,7 +36,7 @@ is_ifdown() return false; } -int +static int acquire_state_lock(const char *state_path, const char *lifname) { if (exec_opts.mock || exec_opts.no_lock) @@ -94,7 +94,7 @@ acquire_state_lock(const char *state_path, const char *lifname) return fd; } -bool +static bool skip_interface(struct lif_interface *iface, const char *ifname, struct lif_dict *state, bool update_state) { if (iface->is_template) @@ -146,7 +146,7 @@ skip_interface(struct lif_interface *iface, const char *ifname, struct lif_dict return false; } -bool +static bool change_interface(struct lif_interface *iface, struct lif_dict *collection, struct lif_dict *state, const char *ifname, bool update_state) { int lockfd = acquire_state_lock(exec_opts.state_file, ifname); @@ -194,7 +194,7 @@ change_interface(struct lif_interface *iface, struct lif_dict *collection, struc return true; } -bool +static bool change_auto_interfaces(struct lif_dict *collection, struct lif_dict *state, struct match_options *opts) { struct lif_node *iter; @@ -222,7 +222,7 @@ change_auto_interfaces(struct lif_dict *collection, struct lif_dict *state, stru return true; } -int +static int update_state_file_and_exit(int rc, struct lif_dict *state) { if (exec_opts.mock) @@ -243,7 +243,7 @@ update_state_file_and_exit(int rc, struct lif_dict *state) return rc; } -int +static int ifupdown_main(int argc, char *argv[]) { up = !is_ifdown(); diff --git a/cmd/multicall.c b/cmd/multicall.c index 653181a..7c3c849 100644 --- a/cmd/multicall.c +++ b/cmd/multicall.c @@ -62,7 +62,7 @@ struct if_applet *applet_table[] = { &ifupdown_applet, }; -int +static int applet_cmp(const void *a, const void *b) { const char *key = a; @@ -101,7 +101,7 @@ main(int argc, char *argv[]) return self_applet->main(argc, argv); } -int +static int multicall_main(int argc, char *argv[]) { if (argc < 2) From dd3a99cfa830d005ed05fd59fd2ea3ed855043b5 Mon Sep 17 00:00:00 2001 From: Maximilian Wilhelm Date: Sun, 12 Sep 2021 18:27:11 +0200 Subject: [PATCH 08/31] Fix prototypes for ifctrstat(-linux) Signed-off-by: Maximilian Wilhelm --- cmd/ifctrstat-linux.c | 5 +++-- cmd/ifctrstat-linux.h | 22 ++++++++++++++++++++++ cmd/ifctrstat.c | 5 ++--- 3 files changed, 27 insertions(+), 5 deletions(-) create mode 100644 cmd/ifctrstat-linux.h diff --git a/cmd/ifctrstat-linux.c b/cmd/ifctrstat-linux.c index e7dcfa3..8203fc4 100644 --- a/cmd/ifctrstat-linux.c +++ b/cmd/ifctrstat-linux.c @@ -17,7 +17,8 @@ #include #include #include -#include "multicall.h" +#include "cmd/multicall.h" +#include "cmd/ifctrstat-linux.h" struct counter_desc { const char *name; @@ -41,7 +42,7 @@ counter_compare(const void *key, const void *candidate) return strcasecmp((const char *)key, ((struct counter_desc *)candidate)->name); } -char * +const char * read_counter(const char *interface, const char *counter) { FILE *fp; diff --git a/cmd/ifctrstat-linux.h b/cmd/ifctrstat-linux.h new file mode 100644 index 0000000..3510013 --- /dev/null +++ b/cmd/ifctrstat-linux.h @@ -0,0 +1,22 @@ +/* + * cmd/ifctrstat-linux.c + * Purpose: Implement ifctrstat system-specific routines for Linux + * + * Copyright (c) 2021 Maximilian Wilhelm + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * This software is provided 'as is' and without any warranty, express or + * implied. In no event shall the authors be liable for any damages arising + * from the use of this software. + */ + + +#ifndef IFUPDOWN_IFCTRSTAT_LINUX__H__GUARD +#define IFUPDOWN_IFCTRSTAT_LINUX__H__GUARD + +extern const char * read_counter(const char *interface, const char *counter); + +#endif diff --git a/cmd/ifctrstat.c b/cmd/ifctrstat.c index 89aff80..8b0482f 100644 --- a/cmd/ifctrstat.c +++ b/cmd/ifctrstat.c @@ -20,12 +20,11 @@ #include #include "libifupdown/libifupdown.h" #include "cmd/multicall.h" +#include "cmd/ifctrstat-linux.h" extern struct counter_desc { const char *name; const void *data; } avail_counters[]; extern int avail_counters_count; -extern const char *read_counter(const char *interface, const char *counter); - static bool show_label = true; static bool @@ -96,7 +95,7 @@ ifctrstat_set_nolabel(const char *opt_arg) show_label = false; } -int +static int ifctrstat_main(int argc, char *argv[]) { if (optind >= argc) From 571786ae9100472d699fdd26eb040aed08e079aa Mon Sep 17 00:00:00 2001 From: Maximilian Wilhelm Date: Sun, 12 Sep 2021 18:27:41 +0200 Subject: [PATCH 09/31] Makefile: Make gcc be more pendantic and bail out on warnings Signed-off-by: Maximilian Wilhelm --- Makefile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 811950c..9fb6199 100644 --- a/Makefile +++ b/Makefile @@ -14,7 +14,8 @@ CONFIG_FILE := /etc/network/ifupdown-ng.conf EXECUTOR_PATH := /usr/libexec/ifupdown-ng CFLAGS ?= -ggdb3 -Os -CFLAGS += -Wall -Wextra +CFLAGS += -Wall -Wextra -Werror +CFLAGS += -Wmissing-declarations -Wmissing-prototypes -Wcast-align -Wpointer-arith -Wreturn-type CFLAGS += ${LIBBSD_CFLAGS} CPPFLAGS = -I. CPPFLAGS += -DINTERFACES_FILE=\"${INTERFACES_FILE}\" From 941d7c51d73f82b677d82e3080e191360d4678f5 Mon Sep 17 00:00:00 2001 From: Ariadne Conill Date: Sun, 19 Sep 2021 05:57:16 -0500 Subject: [PATCH 10/31] implement execution timeouts for executors Previously, it was possible for an executor to hang forever. To mitigate this, we now implement process execution timeouts for executors, by looping with waitpid(..., WNOHANG) and sleeping. This could be implemented more efficiently with process descriptors, see pidfd_open(2), but that interface is Linux-specific and is only available on Linux 5.3 or newer. --- cmd/multicall-exec-options.c | 14 +++++++++++++- libifupdown/execute.c | 35 +++++++++++++++++++++++++++-------- libifupdown/execute.h | 1 + libifupdown/lifecycle.c | 3 ++- 4 files changed, 43 insertions(+), 10 deletions(-) diff --git a/cmd/multicall-exec-options.c b/cmd/multicall-exec-options.c index f56228c..5350e62 100644 --- a/cmd/multicall-exec-options.c +++ b/cmd/multicall-exec-options.c @@ -21,10 +21,13 @@ #include #include "cmd/multicall.h" +#define DEFAULT_TIMEOUT 300 + struct lif_execute_opts exec_opts = { .interfaces_file = INTERFACES_FILE, .executor_path = EXECUTOR_PATH, - .state_file = STATE_FILE + .state_file = STATE_FILE, + .timeout = DEFAULT_TIMEOUT, }; static void @@ -74,6 +77,14 @@ set_force(const char *opt_arg) exec_opts.force = true; } +static void +set_timeout(const char *opt_arg) +{ + exec_opts.timeout = atoi(opt_arg); + if (exec_opts.timeout < 0) + exec_opts.timeout = DEFAULT_TIMEOUT; +} + static struct if_option exec_options[] = { {'f', "force", NULL, "force (de)configuration", false, set_force}, {'i', "interfaces", "interfaces FILE", "use FILE for interface definitions", true, set_interfaces_file}, @@ -82,6 +93,7 @@ static struct if_option exec_options[] = { {'v', "verbose", NULL, "show what commands are being run", false, set_verbose}, {'E', "executor-path", "executor-path PATH", "use PATH for executor directory", true, set_executor_path}, {'S', "state-file", "state-file FILE", "use FILE for state", true, set_state_file}, + {'T', "timeout", "timeout TIMEOUT", "wait TIMEOUT seconds for executors to complete", true, set_timeout}, }; struct if_option_group exec_option_group = { diff --git a/libifupdown/execute.c b/libifupdown/execute.c index 69af1c0..2f7229a 100644 --- a/libifupdown/execute.c +++ b/libifupdown/execute.c @@ -30,6 +30,31 @@ #define SHELL "/bin/sh" +/* TODO: Add support for Linux process descriptors once it is okay to require + * Linux 5.3 or newer. + */ +static inline bool +lif_process_monitor(const char *cmdbuf, pid_t child, int timeout_sec) +{ + int status; + int ticks = 0; + + while (ticks < timeout_sec) + { + if (waitpid(child, &status, WNOHANG) == child) + return WIFEXITED(status) && WEXITSTATUS(status) == 0; + + sleep(1); + ticks++; + } + + fprintf(stderr, "execution of '%s': timeout after %d seconds\n", cmdbuf, timeout_sec); + kill(child, SIGKILL); + waitpid(child, &status, 0); + + return false; +} + bool lif_execute_fmt(const struct lif_execute_opts *opts, char *const envp[], const char *fmt, ...) { @@ -55,10 +80,7 @@ lif_execute_fmt(const struct lif_execute_opts *opts, char *const envp[], const c return false; } - int status; - waitpid(child, &status, 0); - - return WIFEXITED(status) && WEXITSTATUS(status) == 0; + return lif_process_monitor(cmdbuf, child, opts->timeout); } bool @@ -118,11 +140,8 @@ lif_execute_fmt_with_result(const struct lif_execute_opts *opts, char *buf, size return false; } - int status; no_result: - waitpid(child, &status, 0); - - return WIFEXITED(status) && WEXITSTATUS(status) == 0; + return lif_process_monitor(cmdbuf, child, opts->timeout); } bool diff --git a/libifupdown/execute.h b/libifupdown/execute.h index 5a871a9..905cd84 100644 --- a/libifupdown/execute.h +++ b/libifupdown/execute.h @@ -27,6 +27,7 @@ struct lif_execute_opts { const char *executor_path; const char *interfaces_file; const char *state_file; + int timeout; }; extern bool lif_execute_fmt(const struct lif_execute_opts *opts, char *const envp[], const char *fmt, ...); diff --git a/libifupdown/lifecycle.c b/libifupdown/lifecycle.c index 4be5678..6bc9ffe 100644 --- a/libifupdown/lifecycle.c +++ b/libifupdown/lifecycle.c @@ -94,7 +94,8 @@ query_dependents_from_executors(const struct lif_execute_opts *opts, char *const struct lif_execute_opts exec_opts = { .verbose = opts->verbose, .executor_path = opts->executor_path, - .interfaces_file = opts->interfaces_file + .interfaces_file = opts->interfaces_file, + .timeout = opts->timeout, }; if (strcmp(entry->key, "use")) From 97b1a11be0457957a565f14debae7078f8c707bf Mon Sep 17 00:00:00 2001 From: Ariadne Conill Date: Sun, 19 Sep 2021 06:03:34 -0500 Subject: [PATCH 11/31] doc: document timeout parameter in manual pages --- doc/ifdown.scd | 4 ++++ doc/ifparse.scd | 4 ++++ doc/ifquery.scd | 4 ++++ doc/ifup.scd | 4 ++++ 4 files changed, 16 insertions(+) diff --git a/doc/ifdown.scd b/doc/ifdown.scd index 0215954..41f3b02 100644 --- a/doc/ifdown.scd +++ b/doc/ifdown.scd @@ -45,6 +45,10 @@ configured in the configuration database. *-S, --state-file* _FILE_ Use _FILE_ as the state database. +*-T, --timeout* _TIMEOUT_ + Wait up to _TIMEOUT_ seconds for executors to complete before + raising an error. + *-V, --version* Print the ifupdown-ng version and exit. diff --git a/doc/ifparse.scd b/doc/ifparse.scd index 7634b71..ff7b742 100644 --- a/doc/ifparse.scd +++ b/doc/ifparse.scd @@ -43,6 +43,10 @@ stanzas between different formats. *-S, --state-file* _FILE_ Use _FILE_ as the state database. +*-T, --timeout* _TIMEOUT_ + Wait up to _TIMEOUT_ seconds for executors to complete before + raising an error. + *-V, --version* Print the ifupdown-ng version and exit. diff --git a/doc/ifquery.scd b/doc/ifquery.scd index 83c8480..b721135 100644 --- a/doc/ifquery.scd +++ b/doc/ifquery.scd @@ -62,6 +62,10 @@ configuration file to the current format. *-S, --state-file* _FILE_ Use _FILE_ as the state database. +*-T, --timeout* _TIMEOUT_ + Wait up to _TIMEOUT_ seconds for executors to complete before + raising an error. + *-V, --version* Print the ifupdown-ng version and exit. diff --git a/doc/ifup.scd b/doc/ifup.scd index 0af9150..82978f2 100644 --- a/doc/ifup.scd +++ b/doc/ifup.scd @@ -48,6 +48,10 @@ configured in the configuration database. *-S, --state-file* _FILE_ Use _FILE_ as the state database. +*-T, --timeout* _TIMEOUT_ + Wait up to _TIMEOUT_ seconds for executors to complete before + raising an error. + *-V, --version* Print the ifupdown-ng version and exit. From 2477e7266cfa2a9e2045eceedcc1e0e0c8157953 Mon Sep 17 00:00:00 2001 From: Ariadne Conill Date: Sun, 19 Sep 2021 07:28:30 -0500 Subject: [PATCH 12/31] use process descriptors where available for readiness notification --- libifupdown/execute.c | 79 ++++++++++++++++++++++++++++++++++++------- 1 file changed, 67 insertions(+), 12 deletions(-) diff --git a/libifupdown/execute.c b/libifupdown/execute.c index 2f7229a..45870e7 100644 --- a/libifupdown/execute.c +++ b/libifupdown/execute.c @@ -30,23 +30,78 @@ #define SHELL "/bin/sh" -/* TODO: Add support for Linux process descriptors once it is okay to require - * Linux 5.3 or newer. - */ +#if defined(__linux__) +# include +#endif + +/* POSIX compatible fallback using waitpid(2) and usleep(3) */ +static inline bool +lif_process_monitor_busyloop(pid_t child, int timeout_sec, int *status) +{ + int ticks = 0; + + while (ticks < timeout_sec * 10) + { + /* Ugly hack: most executors finish very quickly, + * so give them a chance to finish before sleeping. + */ + usleep(50); + + if (waitpid(child, status, WNOHANG) == child) + return true; + + usleep(99950); + ticks++; + } + + return false; +} + +#if defined(__linux__) && defined(__NR_pidfd_open) + +/* TODO: remove this wrapper once musl and glibc gain pidfd_open() directly. */ +static inline int +lif_pidfd_open(pid_t pid, unsigned int flags) +{ + return syscall(__NR_pidfd_open, pid, flags); +} + +static inline bool +lif_process_monitor_procdesc(pid_t child, int timeout_sec, int *status) +{ + int pidfd = lif_pidfd_open(child, 0); + + /* pidfd_open() not available, fall back to busyloop */ + if (pidfd == -1 && errno == ENOSYS) + return lif_process_monitor_busyloop(child, timeout_sec, status); + + struct pollfd pfd = { + .fd = pidfd, + .events = POLLIN, + }; + + if (poll(&pfd, 1, timeout_sec * 1000) < 1) + return false; + + waitpid(child, status, 0); + close(pidfd); + return true; +} + +#endif + static inline bool lif_process_monitor(const char *cmdbuf, pid_t child, int timeout_sec) { int status; - int ticks = 0; - while (ticks < timeout_sec) - { - if (waitpid(child, &status, WNOHANG) == child) - return WIFEXITED(status) && WEXITSTATUS(status) == 0; - - sleep(1); - ticks++; - } +#if defined(__linux__) && defined(__NR_pidfd_open) + if (lif_process_monitor_procdesc(child, timeout_sec, &status)) + return WIFEXITED(status) && WEXITSTATUS(status) == 0; +#else + if (lif_process_monitor_busyloop(child, timeout_sec, &status)) + return WIFEXITED(status) && WEXITSTATUS(status) == 0; +#endif fprintf(stderr, "execution of '%s': timeout after %d seconds\n", cmdbuf, timeout_sec); kill(child, SIGKILL); From d83c8259e602055e11aa92ef6adc4b597301fbb2 Mon Sep 17 00:00:00 2001 From: Ariadne Conill Date: Sun, 19 Sep 2021 07:57:41 -0500 Subject: [PATCH 13/31] tighten fallback busyloop implementation --- libifupdown/execute.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libifupdown/execute.c b/libifupdown/execute.c index 45870e7..538e6e6 100644 --- a/libifupdown/execute.c +++ b/libifupdown/execute.c @@ -40,7 +40,7 @@ lif_process_monitor_busyloop(pid_t child, int timeout_sec, int *status) { int ticks = 0; - while (ticks < timeout_sec * 10) + while (ticks < timeout_sec * 20) { /* Ugly hack: most executors finish very quickly, * so give them a chance to finish before sleeping. @@ -50,7 +50,7 @@ lif_process_monitor_busyloop(pid_t child, int timeout_sec, int *status) if (waitpid(child, status, WNOHANG) == child) return true; - usleep(99950); + usleep(49950); ticks++; } From b75e509f3d33e95af9106f388996447e354b32ef Mon Sep 17 00:00:00 2001 From: Maximilian Wilhelm Date: Sat, 16 Oct 2021 15:15:35 +0200 Subject: [PATCH 14/31] vxlan: Add support for PTMP setups and rename options to vxlan-peer-{ip,group} MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This commit adds support for configuring static PTMP overlays with VXLAN by allowing to specify multiple IPs for »vxlan-peer-ips«. If more than one IP is given ifupdown-ng will set up additional FDB entries for all peer IPs and the Linux Kernel will do ingres / head-end replication for BUM traffic. For a cleaner naming schema and simliar names to commercial vendor CLIs the options to specify unicast or multicast peers have been renamed and aliases added for compatibility to previous versions of ifupdown-ng: * »vxlan-remote-ip« now is named »vxlan-peer-ips« * »vxlan-remote-group« now is called »vxlan-peer-group« Signed-off-by: Maximilian Wilhelm --- doc/interfaces-vxlan.scd | 54 ++++++++++++++++++++++++++++-------- executor-scripts/linux/vxlan | 29 +++++++++++++++---- libifupdown/interface-file.c | 6 ++-- tests/linux/vxlan_test | 19 ++++++++++--- 4 files changed, 84 insertions(+), 24 deletions(-) diff --git a/doc/interfaces-vxlan.scd b/doc/interfaces-vxlan.scd index f7f7783..e63b00e 100644 --- a/doc/interfaces-vxlan.scd +++ b/doc/interfaces-vxlan.scd @@ -39,19 +39,25 @@ other options are optional. For compatiblity with ifupdown2 _vxlan-local-tunnelip_ is an alias for this parameter. -*vxlan-remote-ip* _address_ - Specifies the unicast destination IP address to use in outgoing +*vxlan-peer-ips* _list of IP addresses_ + Specifies the unicast destination IP address(es) to use in outgoing packets when the destination link layer address is not known in - the VXLAN device forwarding database. This parameter cannot be - specified with the _vxlan-remote-group_ parameter. - For compatiblity with ifupdown2 _vxlan-remoteip_ is an alias for - this parameter. + the VXLAN device forwarding database. This option can be used to + form Point-to-Point as well as Point-to-Multipoint VXLAN tunnels/ + overlays depending on how many peer IPs are given. If more than one + IP address is given a Point-to-Multipoint overlay is being set up + and ingress / head-end replication will be used by the Linux Kernel. + This option cannot be used together with _vxlan-peer-group_ option. + For compatiblity with ifupdown2 _vxlan-remoteip_ is an alias for this option + and for compatibility with previos versions of ifupdown-ng _vxlan-remote-ip_ + is an alias for this option, too. -*vxlan-remote-group* _multicast group_ +*vxlan-peer-group* _multicast group_ Specifies the multicast group IP address to join. This parameter - cannot be specified with the _vxlan-remote-ip_ parameter. + cannot be specified with the _vxlan-peer-ip_ parameter. For compatibility with ifupdown2 _vxlan-svcnodeip_ is an alias for - this parameter. + this option and for compatibility with previos version of ifupdown-ng + _vxlan-remote-group_ is an alias, too. *vxlan-learning* _on/off_ Specifies if unknown source link layer addresses and IP addresses @@ -79,22 +85,46 @@ iface vx_v1001_padcty mtu 1560 ``` +The same works just fine with IPv6 in the underlay: + +``` +auto vx_v1400_padcty +iface vx_v1400_padcty + vxlan-id 917505 + vxlan-physdev vlan1400 + vxlan-peer-group ff42:1400::1 + # + hwaddress f2:00:0d:01:14:00 + mtu 1560 +``` + Note that the underlay must have an MTU of at least 1610 to -carry the encapsulated packets. +carry the encapsulated packets of the two VTEPs above. -A VTEP with one peer (point-to-point configuration): +A VTEP with one peer (unicast point-to-point configuration): ``` auto vx_ptp1 iface vx_ptp1 vxlan-id 2342 vxlan-local-ip 192.0.2.42 - vxlan-remote-ip 198.51.100.23 + vxlan-peer-ips 198.51.100.23 # hwaddress f2:00:c1:01:10:01 ``` + +A VTEP with multiple peers (unicast point-to-multipoint with ingress / head-end replication): + +``` +auto vx_her +iface vx_her + vxlan-id 1337 + vxlan-local-ip 2001:db8:1::1 + vxlan-peer-ips 2001:db8:2::23 2001:db8:3::42 2001:db8:4::84 +``` + # AUTHORS Maximilian Wilhelm diff --git a/executor-scripts/linux/vxlan b/executor-scripts/linux/vxlan index 2a74653..2910742 100755 --- a/executor-scripts/linux/vxlan +++ b/executor-scripts/linux/vxlan @@ -10,8 +10,8 @@ # IF_VXLAN_ID The VXLAN Network Identifier (VNI) # IF_VXLAN_PHYSDEV Specifies the physical device to use for tunnel endpoint communication # IF_VXLAN_LOCAL_IP Specifies the source IP address to use in outgoing packets -# IF_VXLAN_REMOTE_IP IP of the remote VTEP endpoint (for ptp mode) -# IF_VXLAN_REMOTE_GROUP Multicast group to use for this VNI (for ptmp mode) +# IF_VXLAN_PEER_IPS Space separated list of IPs of the remote VTEP endpoint (for ptp/ptmp mode with ingress replication) +# IF_VXLAN_PEER_GROUP Multicast group to use for this VNI (for ptmp mode with multicast) # IF_VXLAN_LEARNING Wether to activate MAC learning on this instance (on/off) # IF_VXLAN_AGEING Specifies the lifetime in seconds of FDB entries learnt by the kernel # IF_VXLAN_DSTPORT UDP destination port to communicate to the remote VXLAN tunnel endpoint (default 4789) @@ -36,17 +36,27 @@ case "$PHASE" in fi # Input validation - if [ "${IF_VXLAN_REMOTE_IP}" -a "${IF_VXLAN_REMOTE_GROUP}" ]; then - echo "Error on ${IFACE} (vxlan): Only one of 'remote' and 'group' can be given!" >&2 + if [ "${IF_VXLAN_PEER_IPS}" -a "${IF_VXLAN_PEER_GROUP}" ]; then + echo "Error on ${IFACE} (vxlan): Only one of 'vxlan-peer-ips' and 'vxlan-peer-group' can be used!" >&2 exit 1 fi + # Check if we should operate in unicast ptp or ptmp mode + if [ "${IF_VXLAN_PEER_IPS}" ]; then + # If it's only one thing which looks like an IPv4/IPv6 address we assume it's ptp + if echo "${IF_VXLAN_PEER_IPS}" | grep -q '^[[:space:]]*[[:xdigit:].:]\+[[:space:]]*$'; then + UCAST_MODE="ptp" + else + UCAST_MODE="ptmp" + fi + fi + # Gather arguments ARGS="" [ "${IF_VXLAN_PHYSDEV}" ] && ARGS="${ARGS} dev ${IF_VXLAN_PHYSDEV}" [ "${IF_VXLAN_LOCAL_IP}" ] && ARGS="${ARGS} local ${IF_VXLAN_LOCAL_IP}" - [ "${IF_VXLAN_REMOTE_IP}" ] && ARGS="${ARGS} remote ${IF_VXLAN_REMOTE_IP}" - [ "${IF_VXLAN_REMOTE_GROUP}" ] && ARGS="${ARGS} group ${IF_VXLAN_REMOTE_GROUP}" + [ "${UCAST_MODE}" = "ptp" ] && ARGS="${ARGS} remote ${IF_VXLAN_PEER_IPS}" + [ "${IF_VXLAN_PEER_GROUP}" ] && ARGS="${ARGS} group ${IF_VXLAN_PEER_GROUP}" [ "${IF_VXLAN_AGEING}" ] && ARGS="${ARGS} ageing ${IF_VXLAN_AGEING}" # Linux uses non-standard default port - WTF? @@ -67,6 +77,13 @@ case "$PHASE" in esac ${MOCK} ip link add "${IFACE}" type vxlan id "${IF_VXLAN_ID}" ${ARGS} + + # Set up FDB entries for peer VTEPs + if [ "${UCAST_MODE}" = "ptmp" ]; then + for peer in ${IF_VXLAN_PEER_IPS}; do + ${MOCK} bridge fdb append 00:00:00:00:00:00 dev "${IFACE}" dst "${peer}" self permanent + done + fi ;; destroy) diff --git a/libifupdown/interface-file.c b/libifupdown/interface-file.c index 06d76d7..d0fa233 100644 --- a/libifupdown/interface-file.c +++ b/libifupdown/interface-file.c @@ -100,8 +100,10 @@ static const struct remap_token tokens[] = { {"vendor", "dhcp-vendor"}, /* legacy ifupdown */ {"vrf", "vrf-member"}, /* ifupdown2 */ {"vxlan-local-tunnelip", "vxlan-local-ip"}, /* ifupdown2 */ - {"vxlan-remoteip", "vxlan-remote-ip"}, /* ifupdown2 */ - {"vxlan-svcnodeip", "vxlan-remote-group"}, /* ifupdown2 */ + {"vxlan-remote-group", "vxlan-peer-group"}, /* ifupdown-ng */ + {"vxlan-remoteip", "vxlan-peer-ips"}, /* ifupdown2 */ + {"vxlan-remote-ip", "vxlan-peer-ips"}, /* ifupdown-ng */ + {"vxlan-svcnodeip", "vxlan-peer-group"}, /* ifupdown2 */ }; static int diff --git a/tests/linux/vxlan_test b/tests/linux/vxlan_test index 011a856..f667c60 100755 --- a/tests/linux/vxlan_test +++ b/tests/linux/vxlan_test @@ -5,7 +5,8 @@ EXECUTOR="$(atf_get_srcdir)/../../executor-scripts/linux/vxlan" tests_init \ create_simple \ - create_ucast \ + create_ucast_ptp \ + create_ucast_ptmp \ create_mcast \ create_physdev \ create_dstport \ @@ -18,14 +19,24 @@ create_simple_body() { ${EXECUTOR} } -create_ucast_body() { - export IFACE=vx_foo PHASE=create MOCK=echo IF_VXLAN_ID=2342 IF_VXLAN_REMOTE_IP=192.2.0.42 +create_ucast_ptp_body() { + export IFACE=vx_foo PHASE=create MOCK=echo IF_VXLAN_ID=2342 IF_VXLAN_PEER_IPS=192.2.0.42 atf_check -s exit:0 -o match:'ip link add vx_foo type vxlan id 2342 remote 192.2.0.42' \ ${EXECUTOR} } +create_ucast_ptmp_body() { + export IFACE=vx_foo PHASE=create MOCK=echo IF_VXLAN_ID=2342 IF_VXLAN_PEER_IPS="10.0.0.1 10.0.0.2 10.0.0.3" + atf_check -s exit:0 \ + -o match:'ip link add vx_foo type vxlan id 2342 dstport 4789' \ + -o match:'bridge fdb append 00:00:00:00:00:00 dev vx_foo dst 10.0.0.1 self permanent' \ + -o match:'bridge fdb append 00:00:00:00:00:00 dev vx_foo dst 10.0.0.2 self permanent' \ + -o match:'bridge fdb append 00:00:00:00:00:00 dev vx_foo dst 10.0.0.3 self permanent' \ + ${EXECUTOR} +} + create_mcast_body() { - export IFACE=vx_foo PHASE=create MOCK=echo IF_VXLAN_ID=2342 IF_VXLAN_REMOTE_GROUP=225.0.8.15 + export IFACE=vx_foo PHASE=create MOCK=echo IF_VXLAN_ID=2342 IF_VXLAN_PEER_GROUP=225.0.8.15 atf_check -s exit:0 -o match:'ip link add vx_foo type vxlan id 2342 group 225.0.8.15' \ ${EXECUTOR} } From 0e99af7669329cace64a65ffe671fa38bbcabaf5 Mon Sep 17 00:00:00 2001 From: Maximilian Wilhelm Date: Sat, 16 Oct 2021 15:28:13 +0200 Subject: [PATCH 15/31] vxlan: Document that vxlan-phsydev is required for multicast setups Signed-off-by: Maximilian Wilhelm --- doc/interfaces-vxlan.scd | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/doc/interfaces-vxlan.scd b/doc/interfaces-vxlan.scd index e63b00e..a6dd8b6 100644 --- a/doc/interfaces-vxlan.scd +++ b/doc/interfaces-vxlan.scd @@ -32,7 +32,8 @@ other options are optional. *vxlan-physdev* _interface_ Specifies the physical ("underlay") device to use for tunnel - endpoint communication. + endpoint communication. This is required for setups using + multicast. *vxlan-local-ip* _address_ Specifies the source IP address to use in outgoing packets. @@ -53,11 +54,11 @@ other options are optional. is an alias for this option, too. *vxlan-peer-group* _multicast group_ - Specifies the multicast group IP address to join. This parameter - cannot be specified with the _vxlan-peer-ip_ parameter. - For compatibility with ifupdown2 _vxlan-svcnodeip_ is an alias for - this option and for compatibility with previos version of ifupdown-ng - _vxlan-remote-group_ is an alias, too. + Specifies the multicast group address to join, requires _vxlan-phsydev_ + to be set as well. This parameter cannot be specified in combination + with the _vxlan-peer-ips_ parameter. For compatibility with ifupdown2 + _vxlan-svcnodeip_ is an alias for this option and for compatibility + with previos version of ifupdown-ng _vxlan-remote-group_ is an alias, too. *vxlan-learning* _on/off_ Specifies if unknown source link layer addresses and IP addresses From e978d1a42c1fe6978ba55aaa733fcda3a7dc3717 Mon Sep 17 00:00:00 2001 From: Zola Date: Fri, 26 Nov 2021 01:40:00 +0000 Subject: [PATCH 16/31] Fix a bug in the wifi executor script When stopping wpa_supplicant, the code is supposed to check if a file named $PIDFILE exists and kill the process listed inside. Instead it was checking if a directory named $PIDFILE exists and because this was never the case, killing of the wpa_supplicant process would always silently fail. This would, after a few invocations of the ifup command, leave the system with large number of running wpa_supplicant processes, all trying to take control of the same interface. --- executor-scripts/linux/wifi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/executor-scripts/linux/wifi b/executor-scripts/linux/wifi index 93243f1..6524aa8 100755 --- a/executor-scripts/linux/wifi +++ b/executor-scripts/linux/wifi @@ -79,7 +79,7 @@ stop_wpa_supplicant() { [ -z "$IF_WIFI_CONFIG_PATH" ] && rm -- "$WIFI_CONFIG_PATH" # If there is no PIDFILE, there is nothing we can do - [ ! -d "$PIDFILE" ] && return + [ ! -f "$PIDFILE" ] && return pid=$(cat "$PIDFILE") rm -- "$PIDFILE" From a96648cfd36a05e0562ca0b1799ace4dfed6b694 Mon Sep 17 00:00:00 2001 From: lagertonne Date: Thu, 30 Dec 2021 20:50:17 +0100 Subject: [PATCH 17/31] Add initial debian foo --- debian/README.Debian | 6 ++++++ debian/README.source | 10 ++++++++++ debian/changelog | 5 +++++ debian/control | 16 ++++++++++++++++ debian/copyright | 43 ++++++++++++++++++++++++++++++++++++++++++ debian/postinst.ex | 39 ++++++++++++++++++++++++++++++++++++++ debian/postrm.ex | 37 ++++++++++++++++++++++++++++++++++++ debian/preinst.ex | 35 ++++++++++++++++++++++++++++++++++ debian/prerm.ex | 38 +++++++++++++++++++++++++++++++++++++ debian/rules | 25 ++++++++++++++++++++++++ debian/salsa-ci.yml.ex | 11 +++++++++++ debian/source/format | 1 + debian/watch.ex | 38 +++++++++++++++++++++++++++++++++++++ 13 files changed, 304 insertions(+) create mode 100644 debian/README.Debian create mode 100644 debian/README.source create mode 100644 debian/changelog create mode 100644 debian/control create mode 100644 debian/copyright create mode 100644 debian/postinst.ex create mode 100644 debian/postrm.ex create mode 100644 debian/preinst.ex create mode 100644 debian/prerm.ex create mode 100755 debian/rules create mode 100644 debian/salsa-ci.yml.ex create mode 100644 debian/source/format create mode 100644 debian/watch.ex diff --git a/debian/README.Debian b/debian/README.Debian new file mode 100644 index 0000000..8baaa2b --- /dev/null +++ b/debian/README.Debian @@ -0,0 +1,6 @@ +ifupdown-ng for Debian +--------------------- + + + + -- unknown Thu, 30 Dec 2021 20:41:21 +0100 diff --git a/debian/README.source b/debian/README.source new file mode 100644 index 0000000..c0c0ef3 --- /dev/null +++ b/debian/README.source @@ -0,0 +1,10 @@ +ifupdown-ng for Debian +--------------------- + + + + + + -- unknown Thu, 30 Dec 2021 20:41:21 +0100 + diff --git a/debian/changelog b/debian/changelog new file mode 100644 index 0000000..d7169c8 --- /dev/null +++ b/debian/changelog @@ -0,0 +1,5 @@ +ifupdown-ng (0.11.3-1) UNRELEASED; urgency=medium + + * Initial release (Closes: #nnnn) + + -- unknown Thu, 30 Dec 2021 20:41:21 +0100 diff --git a/debian/control b/debian/control new file mode 100644 index 0000000..e0b0d66 --- /dev/null +++ b/debian/control @@ -0,0 +1,16 @@ +Source: ifupdown-ng +Section: unknown +Priority: optional +Maintainer: unknown +Build-Depends: debhelper-compat (= 13), libbsd0, libbsd-dev +Standards-Version: 4.6.0 +Homepage: https://github.com/ifupdown-ng/ifupdown-ng +#Vcs-Browser: https://salsa.debian.org/debian/ifupdown-ng +#Vcs-Git: https://salsa.debian.org/debian/ifupdown-ng.git +Rules-Requires-Root: no + +Package: ifupdown-ng +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends} +Description: + ifupdown-ng is a network device manager that is largely compatible with Debian ifupdown, BusyBox ifupdown and Cumulus Networks' ifupdown2. diff --git a/debian/copyright b/debian/copyright new file mode 100644 index 0000000..17b299d --- /dev/null +++ b/debian/copyright @@ -0,0 +1,43 @@ +Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Upstream-Name: ifupdown-ng +Upstream-Contact: +Source: + +Files: * +Copyright: + +License: + + + . + + +# If you want to use GPL v2 or later for the /debian/* files use +# the following clauses, or change it to suit. Delete these two lines +Files: debian/* +Copyright: 2021 unknown +License: GPL-2+ + This package is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + . + This package is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + . + You should have received a copy of the GNU General Public License + along with this program. If not, see + . + On Debian systems, the complete text of the GNU General + Public License version 2 can be found in "/usr/share/common-licenses/GPL-2". + +# Please also look if there are files or directories which have a +# different copyright/license attached and list them here. +# Please avoid picking licenses with terms that are more restrictive than the +# packaged work, as it may make Debian's contributions unacceptable upstream. +# +# If you need, there are some extra license texts available in two places: +# /usr/share/debhelper/dh_make/licenses/ +# /usr/share/common-licenses/ diff --git a/debian/postinst.ex b/debian/postinst.ex new file mode 100644 index 0000000..ffd595a --- /dev/null +++ b/debian/postinst.ex @@ -0,0 +1,39 @@ +#!/bin/sh +# postinst script for ifupdown-ng +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `configure' +# * `abort-upgrade' +# * `abort-remove' `in-favour' +# +# * `abort-remove' +# * `abort-deconfigure' `in-favour' +# `removing' +# +# for details, see https://www.debian.org/doc/debian-policy/ or +# the debian-policy package + + +case "$1" in + configure) + ;; + + abort-upgrade|abort-remove|abort-deconfigure) + ;; + + *) + echo "postinst called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 diff --git a/debian/postrm.ex b/debian/postrm.ex new file mode 100644 index 0000000..3b43bb1 --- /dev/null +++ b/debian/postrm.ex @@ -0,0 +1,37 @@ +#!/bin/sh +# postrm script for ifupdown-ng +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `remove' +# * `purge' +# * `upgrade' +# * `failed-upgrade' +# * `abort-install' +# * `abort-install' +# * `abort-upgrade' +# * `disappear' +# +# for details, see https://www.debian.org/doc/debian-policy/ or +# the debian-policy package + + +case "$1" in + purge|remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) + ;; + + *) + echo "postrm called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 diff --git a/debian/preinst.ex b/debian/preinst.ex new file mode 100644 index 0000000..8d44fbc --- /dev/null +++ b/debian/preinst.ex @@ -0,0 +1,35 @@ +#!/bin/sh +# preinst script for ifupdown-ng +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `install' +# * `install' +# * `upgrade' +# * `abort-upgrade' +# for details, see https://www.debian.org/doc/debian-policy/ or +# the debian-policy package + + +case "$1" in + install|upgrade) + ;; + + abort-upgrade) + ;; + + *) + echo "preinst called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 diff --git a/debian/prerm.ex b/debian/prerm.ex new file mode 100644 index 0000000..20a8a7b --- /dev/null +++ b/debian/prerm.ex @@ -0,0 +1,38 @@ +#!/bin/sh +# prerm script for ifupdown-ng +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `remove' +# * `upgrade' +# * `failed-upgrade' +# * `remove' `in-favour' +# * `deconfigure' `in-favour' +# `removing' +# +# for details, see https://www.debian.org/doc/debian-policy/ or +# the debian-policy package + + +case "$1" in + remove|upgrade|deconfigure) + ;; + + failed-upgrade) + ;; + + *) + echo "prerm called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 diff --git a/debian/rules b/debian/rules new file mode 100755 index 0000000..59ea751 --- /dev/null +++ b/debian/rules @@ -0,0 +1,25 @@ +#!/usr/bin/make -f +# See debhelper(7) (uncomment to enable) +# output every command that modifies files on the build system. +#export DH_VERBOSE = 1 + + +# see FEATURE AREAS in dpkg-buildflags(1) +#export DEB_BUILD_MAINT_OPTIONS = hardening=+all + +# see ENVIRONMENT in dpkg-buildflags(1) +# package maintainers to append CFLAGS +#export DEB_CFLAGS_MAINT_APPEND = -Wall -pedantic +# package maintainers to append LDFLAGS +#export DEB_LDFLAGS_MAINT_APPEND = -Wl,--as-needed + + +%: + dh $@ + + +# dh_make generated override targets +# This is example for Cmake (See https://bugs.debian.org/641051 ) +#override_dh_auto_configure: +# dh_auto_configure -- \ +# -DCMAKE_LIBRARY_PATH=$(DEB_HOST_MULTIARCH) diff --git a/debian/salsa-ci.yml.ex b/debian/salsa-ci.yml.ex new file mode 100644 index 0000000..a6fb8bd --- /dev/null +++ b/debian/salsa-ci.yml.ex @@ -0,0 +1,11 @@ +# For more information on what jobs are run see: +# https://salsa.debian.org/salsa-ci-team/pipeline +# +# To enable the jobs, go to your repository (at salsa.debian.org) +# and click over Settings > CI/CD > Expand (in General pipelines). +# In "CI/CD configuration file" write debian/salsa-ci.yml and click +# in "Save Changes". The CI tests will run after the next commit. +--- +include: + - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/salsa-ci.yml + - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/pipeline-jobs.yml diff --git a/debian/source/format b/debian/source/format new file mode 100644 index 0000000..163aaf8 --- /dev/null +++ b/debian/source/format @@ -0,0 +1 @@ +3.0 (quilt) diff --git a/debian/watch.ex b/debian/watch.ex new file mode 100644 index 0000000..662c214 --- /dev/null +++ b/debian/watch.ex @@ -0,0 +1,38 @@ +# Example watch control file for uscan +# Rename this file to "watch" and then you can run the "uscan" command +# to check for upstream updates and more. +# See uscan(1) for format + +# Compulsory line, this is a version 4 file +version=4 + +# PGP signature mangle, so foo.tar.gz has foo.tar.gz.sig +#opts="pgpsigurlmangle=s%$%.sig%" + +# HTTP site (basic) +#http://example.com/downloads.html \ +# files/ifupdown-ng-([\d\.]+)\.tar\.gz debian uupdate + +# Uncomment to examine an FTP server +#ftp://ftp.example.com/pub/ifupdown-ng-(.*)\.tar\.gz debian uupdate + +# SourceForge hosted projects +# http://sf.net/ifupdown-ng/ ifupdown-ng-(.*)\.tar\.gz debian uupdate + +# GitHub hosted projects +#opts="filenamemangle=s%(?:.*?)?v?(\d[\d.]*)\.tar\.gz%-$1.tar.gz%" \ +# https://github.com//ifupdown-ng/tags \ +# (?:.*?/)?v?(\d[\d.]*)\.tar\.gz debian uupdate + +# PyPI +# https://pypi.debian.net/ifupdown-ng/ifupdown-ng-(.+)\.(?:zip|tgz|tbz|txz|(?:tar\.(?:gz|bz2|xz))) + +# Direct Git +# opts="mode=git" http://git.example.com/ifupdown-ng.git \ +# refs/tags/v([\d\.]+) debian uupdate + + + + +# Uncomment to find new files on GooglePages +# http://example.googlepages.com/foo.html ifupdown-ng-(.*)\.tar\.gz From e3f066af120119ad74bcf8be5604396f3b55cf79 Mon Sep 17 00:00:00 2001 From: lagertonne Date: Thu, 30 Dec 2021 20:50:35 +0100 Subject: [PATCH 18/31] Add basic automatic building --- .drone.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 .drone.yml diff --git a/.drone.yml b/.drone.yml new file mode 100644 index 0000000..c4a36c6 --- /dev/null +++ b/.drone.yml @@ -0,0 +1,12 @@ +kind: pipeline +name: default + +steps: + - name: Build + image: debian:bullseye + commands: + - apt update + - apt install build-essentials equivs devscripts + - mk-build-deps -i -r debian/control + - dbian-buildpackage -b -uc + - find . From 51813d88b171db951b18f915a9e75c067d977065 Mon Sep 17 00:00:00 2001 From: lagertonne Date: Thu, 30 Dec 2021 20:52:44 +0100 Subject: [PATCH 19/31] drone: Add upgrade. --- .drone.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.drone.yml b/.drone.yml index c4a36c6..49b5a5e 100644 --- a/.drone.yml +++ b/.drone.yml @@ -6,6 +6,7 @@ steps: image: debian:bullseye commands: - apt update + - apt upgrade - apt install build-essentials equivs devscripts - mk-build-deps -i -r debian/control - dbian-buildpackage -b -uc From 96ae8cced22da339c7c39bd76b4694026d5e59ee Mon Sep 17 00:00:00 2001 From: lagertonne Date: Thu, 30 Dec 2021 20:55:54 +0100 Subject: [PATCH 20/31] drone: Fix indetation --- .drone.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.drone.yml b/.drone.yml index 49b5a5e..90abf34 100644 --- a/.drone.yml +++ b/.drone.yml @@ -2,12 +2,12 @@ kind: pipeline name: default steps: - - name: Build - image: debian:bullseye - commands: - - apt update + - name: Build + image: debian:bullseye + commands: + - apt update - apt upgrade - - apt install build-essentials equivs devscripts + - apt install build-essentials equivs devscripts - mk-build-deps -i -r debian/control - dbian-buildpackage -b -uc - find . From cd11e6d1d71d7198fcc671c534dd61265e48e777 Mon Sep 17 00:00:00 2001 From: lagertonne Date: Thu, 30 Dec 2021 20:56:53 +0100 Subject: [PATCH 21/31] drone: Fix automation --- .drone.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.drone.yml b/.drone.yml index 90abf34..551bef0 100644 --- a/.drone.yml +++ b/.drone.yml @@ -6,8 +6,8 @@ steps: image: debian:bullseye commands: - apt update - - apt upgrade - - apt install build-essentials equivs devscripts + - apt -y upgrade + - apt -y install build-essentials equivs devscripts - mk-build-deps -i -r debian/control - dbian-buildpackage -b -uc - find . From a4761889e93853648f5e478936d082b1b1337d2e Mon Sep 17 00:00:00 2001 From: lagertonne Date: Thu, 30 Dec 2021 20:58:32 +0100 Subject: [PATCH 22/31] drone: Fix typo --- .drone.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.drone.yml b/.drone.yml index 551bef0..8d385a2 100644 --- a/.drone.yml +++ b/.drone.yml @@ -7,7 +7,7 @@ steps: commands: - apt update - apt -y upgrade - - apt -y install build-essentials equivs devscripts + - apt -y install build-essential equivs devscripts - mk-build-deps -i -r debian/control - dbian-buildpackage -b -uc - find . From b81b059b43658ae2a0a90938910eb61fab387957 Mon Sep 17 00:00:00 2001 From: lagertonne Date: Thu, 30 Dec 2021 21:11:35 +0100 Subject: [PATCH 23/31] drone: Install less packages and fix typo --- .drone.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.drone.yml b/.drone.yml index 8d385a2..bfe36be 100644 --- a/.drone.yml +++ b/.drone.yml @@ -7,7 +7,7 @@ steps: commands: - apt update - apt -y upgrade - - apt -y install build-essential equivs devscripts + - apt -y install --no-install-recommends build-essential equivs devscripts - mk-build-deps -i -r debian/control - - dbian-buildpackage -b -uc + - debian-buildpackage -b -uc - find . From e4f92a48f0fe3d2ab100f4fdb847b8bcc8f16528 Mon Sep 17 00:00:00 2001 From: lagertonne Date: Sat, 1 Jan 2022 10:29:38 +0100 Subject: [PATCH 24/31] drone: Install deps noninteractively --- .drone.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.drone.yml b/.drone.yml index bfe36be..1f6e772 100644 --- a/.drone.yml +++ b/.drone.yml @@ -8,6 +8,6 @@ steps: - apt update - apt -y upgrade - apt -y install --no-install-recommends build-essential equivs devscripts - - mk-build-deps -i -r debian/control + - mk-build-deps --install --tool='apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends --yes' debian/control - debian-buildpackage -b -uc - find . From 8d6a744a91681ab9987e6a481dedb4770f84d0ae Mon Sep 17 00:00:00 2001 From: lagertonne Date: Sat, 1 Jan 2022 10:32:41 +0100 Subject: [PATCH 25/31] drone: Fix build command --- .drone.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.drone.yml b/.drone.yml index 1f6e772..e131090 100644 --- a/.drone.yml +++ b/.drone.yml @@ -9,5 +9,5 @@ steps: - apt -y upgrade - apt -y install --no-install-recommends build-essential equivs devscripts - mk-build-deps --install --tool='apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends --yes' debian/control - - debian-buildpackage -b -uc + - dpkg-buildpackage -b -uc - find . From e6fb603bf9245d038a8162784712e282bda4c04e Mon Sep 17 00:00:00 2001 From: lagertonne Date: Sat, 1 Jan 2022 10:53:59 +0100 Subject: [PATCH 26/31] debian: Add needed env variables --- debian/rules | 2 ++ 1 file changed, 2 insertions(+) diff --git a/debian/rules b/debian/rules index 59ea751..a1fa31a 100755 --- a/debian/rules +++ b/debian/rules @@ -15,6 +15,8 @@ %: + export LIBBSD_CFLAGS="$(pkg-config --cflags libbsd-overlay)" + export LIBBSD_LIBS="$(pkg-config --cflags --libs libbsd-overlay)" dh $@ From e54997251bdd9e0d51ca40ec96b337b086951aa3 Mon Sep 17 00:00:00 2001 From: lagertonne Date: Sat, 1 Jan 2022 10:58:48 +0100 Subject: [PATCH 27/31] debian: Build package without auto_build --- debian/control | 2 +- debian/rules | 6 ++++-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/debian/control b/debian/control index e0b0d66..4a381f1 100644 --- a/debian/control +++ b/debian/control @@ -2,7 +2,7 @@ Source: ifupdown-ng Section: unknown Priority: optional Maintainer: unknown -Build-Depends: debhelper-compat (= 13), libbsd0, libbsd-dev +Build-Depends: debhelper-compat (= 13), libbsd0, libbsd-dev, pkg-config Standards-Version: 4.6.0 Homepage: https://github.com/ifupdown-ng/ifupdown-ng #Vcs-Browser: https://salsa.debian.org/debian/ifupdown-ng diff --git a/debian/rules b/debian/rules index a1fa31a..3af708a 100755 --- a/debian/rules +++ b/debian/rules @@ -15,10 +15,12 @@ %: - export LIBBSD_CFLAGS="$(pkg-config --cflags libbsd-overlay)" - export LIBBSD_LIBS="$(pkg-config --cflags --libs libbsd-overlay)" dh $@ +override_dh_auto_build: + make \ + LIBBSD_CFLAGS="-isystem /usr/include/bsd -DLIBBSD_OVERLAY -lbsd " \ + LIBBSD_LIBS="-isystem /usr/include/bsd -DLIBBSD_OVERLAY -lbsd " # dh_make generated override targets # This is example for Cmake (See https://bugs.debian.org/641051 ) From de12939f585df5bbd44c88a623b1dbc659e23b22 Mon Sep 17 00:00:00 2001 From: lagertonne Date: Sat, 1 Jan 2022 11:15:55 +0100 Subject: [PATCH 28/31] debian: Add kyua as build dependency for check --- debian/control | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/debian/control b/debian/control index 4a381f1..02574db 100644 --- a/debian/control +++ b/debian/control @@ -2,7 +2,7 @@ Source: ifupdown-ng Section: unknown Priority: optional Maintainer: unknown -Build-Depends: debhelper-compat (= 13), libbsd0, libbsd-dev, pkg-config +Build-Depends: debhelper-compat (= 13), libbsd0, libbsd-dev, pkg-config, kyua Standards-Version: 4.6.0 Homepage: https://github.com/ifupdown-ng/ifupdown-ng #Vcs-Browser: https://salsa.debian.org/debian/ifupdown-ng From 0a63ec863a928f1df0d368918b9694568df0a422 Mon Sep 17 00:00:00 2001 From: lagertonne Date: Sat, 1 Jan 2022 11:30:27 +0100 Subject: [PATCH 29/31] debian: Do not run any tests --- debian/rules | 2 ++ 1 file changed, 2 insertions(+) diff --git a/debian/rules b/debian/rules index 3af708a..45a271d 100755 --- a/debian/rules +++ b/debian/rules @@ -22,6 +22,8 @@ override_dh_auto_build: LIBBSD_CFLAGS="-isystem /usr/include/bsd -DLIBBSD_OVERLAY -lbsd " \ LIBBSD_LIBS="-isystem /usr/include/bsd -DLIBBSD_OVERLAY -lbsd " +override_dh_auto_test: + # dh_make generated override targets # This is example for Cmake (See https://bugs.debian.org/641051 ) #override_dh_auto_configure: From 122ac098abe7d92c6de08ecc15571261214b8fde Mon Sep 17 00:00:00 2001 From: lagertonne Date: Sat, 1 Jan 2022 11:39:07 +0100 Subject: [PATCH 30/31] Debugging. --- .drone.yml | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/.drone.yml b/.drone.yml index e131090..f84219b 100644 --- a/.drone.yml +++ b/.drone.yml @@ -10,4 +10,10 @@ steps: - apt -y install --no-install-recommends build-essential equivs devscripts - mk-build-deps --install --tool='apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends --yes' debian/control - dpkg-buildpackage -b -uc - - find . + - find .. + #- name: gitea_release + # image: plugins/gitea-release + # settings: + # api_key: + # base_url: https://git.neulandlabor.de + # files: ifupdown-ng From dd5f5d1024178f6be05bbe0a900d891bf2b06d90 Mon Sep 17 00:00:00 2001 From: lagertonne Date: Sat, 1 Jan 2022 15:36:13 +0100 Subject: [PATCH 31/31] drone: Add gitea releases --- .drone.yml | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/.drone.yml b/.drone.yml index f84219b..5f40e87 100644 --- a/.drone.yml +++ b/.drone.yml @@ -11,9 +11,12 @@ steps: - mk-build-deps --install --tool='apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends --yes' debian/control - dpkg-buildpackage -b -uc - find .. - #- name: gitea_release - # image: plugins/gitea-release - # settings: - # api_key: - # base_url: https://git.neulandlabor.de - # files: ifupdown-ng + - name: gitea_release + image: plugins/gitea-release + settings: + api_key: + from_secret: GITEA_KEY + base_url: https://git.neulandlabor.de/ + files: ../ifupdown-ng_*_amd64.deb + when: + event: tag