We need access to /dev/net/tun, hence make sure we can actually see
/dev/. Also make sure the module is properly loaded before we operate,
given that we run with limit caps. But then again give the CAP_NET_ADMIN
cap, since we need to configure the network tap/tun devices.
Follow-up for: 1365034727
The commit cdcb1eeeb8 adds
ID_NET_NAME_INCLUDE_DOMAIN property support in net_id builtin.
The property is basically set through hwdb. However, previously hwdb was
imported after calling net_id builtin, hence when net_id is called, the
property was never set.
This makes hwdb is imported before calling net_id builtin, so that the
property is set when net_id is called if hwdb has an entry about that
for the interface.
Follow-up for cdcb1eeeb8.
Fixes#37758.
BOOTP can be used to sign a static IP to clients. Instead of using the
four message exchange, and Option 53 (DHCP Message Type) there is only a
two message exchange.
Add the following network option to enable BOOTP:
[DHCPv4]
BOOTP=yes
This will allow a two message request / reply sequence that doesn't
require DHCP message types.
Fixes: #34885
Add the following network option to enable BOOTP:
[DHCPv4]
Bootp=yes
This will allow a two message request / reply sequence that doesn't
require DHCP message types.
Co-authored-by: Avram Dorfman <dorfman@est.org>
BOOTP can be used to sign a static IP to clients. Instead of using the
four message exchange, and Option 53 (DHCP Message Type) there is only a
two message exchange. This adds the support for this exchange.
Co-authored-by: Avram Dorfman <dorfman@est.org>
Co-authored-by: Yu Watanabe <watanabe.yu+github@gmail.com>
Previously, the property was checked only when an uevent is received,
so even if an interface has ID_NET_MANAGED_BY property, the interface
will be configured by networkd when reconfiguration is triggered e.g.
when interface state is changed.
Follow-up for ba87a61d05.
Fixes#36997.
mDNS replies always have to come from the mDNS port (unlike mDNS
queries, which are also allowed from non-mDNS ports). Hence refuse this.
Fixes: #33806
The pkcs7_new() function currently uses the hash algorithm from the X509
certificate's signature, but the content signature may use a different
hash algorithm. This adds a parameter to allow specifying what hash
algorithm the content signature generation used.
The pkcs7_new() function currently uses the hash algorithm from the X509
certificate's signature, but the content signature may use a different hash
algorithm. This adds a parameter to allow specifying what hash algorithm the
content signature generation used.
