morgan/systemd - systemd - Gitea

morgan/systemd

mirror of https://github.com/morgan9e/systemd synced 2026-04-14 08:25:20 +09:00

Go to file

Florian Westphal bc5a9b82d5 firewall-util-nft: attempt table recreation when add operation fails

When someone runs 'nft flush ruleset' in the same net namespace
this will also tear down the systemd nat table.

Unlike iptables -t nat -F, which will remove all rules added by
the systemd iptables backend, iptables has builtin chains that cannot
be deleted. IOW, the next add operation will 'just work'.

In the nftables case however, the entire table gets removed.

When the systemd nat table is removed by an external entity next
attempt to add a set element will yield -ENOENT.

If this happens, recreate the table, and, if successful, re-do
the add operation.

Note that this doesn't protect against external sabotage such as
a running 'while true; nft flush ruleset;done'. However, there is
nothing that could be done short of extending the kernel to allow
tables to be "frozen" or otherwise tied to a process such as
systemd-networkd.

2020-12-16 01:07:11 +01:00

Add Pull Request Labeler

2020-12-14 09:43:38 +09:00

.lgtm/cpp-queries

lgtm: complain about accept() [people should use accept4() instead, due to O_CLOEXEC]

2019-04-10 20:03:38 +02:00

mkosi: Add strace to final images

2020-12-09 17:34:45 +00:00

license: LGPL-2.1+ -> LGPL-2.1-or-later

2020-11-09 13:23:58 +09:00

coccinelle: ignore specific cases to use SYNTHETIC_ERRNO() macro

2020-11-27 14:35:20 +09:00

docs/RELEASE: clarify which steps are done when

2020-11-26 13:54:37 +01:00

man: move 'files' module in NSS 'hosts:' line before myhostname

2020-08-17 18:55:59 +02:00

Update 60-keyboard.hwdb

2020-12-13 10:49:46 +00:00

network: Allow to configure interface promiscuous mode

2020-12-15 20:25:08 +00:00

license: LGPL-2.1+ -> LGPL-2.1-or-later

2020-11-09 13:23:58 +09:00

meson: add option to skip installing to $sysconfdir

2020-11-12 11:21:46 +01:00

Translated using Weblate (German)

2020-12-15 17:40:56 +01:00

license: LGPL-2.1+ -> LGPL-2.1-or-later

2020-11-09 13:23:58 +09:00

udev: Fix sound.target dependency

2020-12-10 14:29:50 +09:00

Revert "semaphore: temporarily disable the timedated test suite"

2020-12-04 18:47:12 +01:00

shell-completion

license: LGPL-2.1+ -> LGPL-2.1-or-later

2020-11-09 13:23:58 +09:00

firewall-util-nft: attempt table recreation when add operation fails

2020-12-16 01:07:11 +01:00

meson: add option to skip installing to $sysconfdir

2020-11-12 11:21:46 +01:00

license: LGPL-2.1+ -> LGPL-2.1-or-later

2020-11-09 13:23:58 +09:00

network: Allow to configure interface promiscuous mode

2020-12-15 20:25:08 +00:00

meson: add option to skip installing to $sysconfdir

2020-11-12 11:21:46 +01:00

meson: Respect MESON_INSTALL_QUIET

2020-12-06 22:11:11 +00:00

ci: also set -Dfuzz-tests=true if -Dslow-tests=true

2020-11-13 18:15:41 +09:00

unit: make systemd-networkd.service support reload command

2020-12-09 12:55:51 +09:00

scripts: use 4 space indentation

2019-04-12 08:30:31 +02:00

.clang-format

clang-format: set SpaceBeforeParens to ControlStatementsExceptForEachMacros

2020-11-16 16:57:51 +09:00

.ctags

editors: Prevent ctags from following symlinks

2019-02-15 11:01:20 -08:00

.dir-locals.el

scripts: use 4 space indentation

2019-04-12 08:30:31 +02:00

.editorconfig

editorconfig: add man configuration

2020-05-26 15:37:05 +02:00

.gitattributes

…

.gitignore

mkosi: Keep mkosi.default out of the repository.

2020-07-16 21:44:02 +01:00

.lgtm.yml

lgtm: drop the TMPDIR/meson workaround

2020-03-03 20:27:42 +01:00

.mailmap

NEWS: update contributors list for v246-pre

2020-07-23 17:30:54 +02:00

.travis.yml

coverity: switch back to Fedora 31

2020-07-12 22:00:16 +00:00

.vimrc

scripts: use 4 space indentation

2019-04-12 08:30:31 +02:00

.ycm_extra_conf.py

ycm: add doc string for all the functions in configuration file

2017-11-29 13:21:49 -07:00

azure-pipelines.yml

Free up some resources on Azure Pipelines

2019-07-17 13:28:38 +09:00

configure

treewide: more portable bash shebangs

2020-03-05 17:27:07 +01:00

LICENSE.GPL2

…

LICENSE.LGPL2.1

…

Makefile

…

meson_options.txt

Drop compat "gateway" name

2020-12-10 20:44:41 +01:00

meson.build

meson: Fix reallocarray check

2020-12-13 09:44:29 +01:00

mkosi.build

mkosi: Silence locale checking in mkosi.build

2020-12-06 22:11:11 +00:00

NEWS

tree-wide: fix typo

2020-12-14 12:05:55 +00:00

README

meson: add min version for libfdisk

2020-08-19 10:18:33 +02:00

README.md

README.md: update CentOS CI badges

2020-10-06 13:59:52 +02:00

TODO

Update TODO

2020-12-14 13:51:10 +01:00

zanata.xml

po: add basic fedora.zanata.org configuration

2018-02-19 13:56:57 +01:00

README.md

System and Service Manager

Details

Most documentation is available on systemd's web site.

Assorted, older, general information about systemd can be found in the systemd Wiki.

Information about build requirements is provided in the README file.

Consult our NEWS file for information about what's new in the most recent systemd versions.

Please see the Hacking guide for information on how to hack on systemd and test your modifications.

Please see our Contribution Guidelines for more information about filing GitHub Issues and posting GitHub Pull Requests.

When preparing patches for systemd, please follow our Coding Style Guidelines.

If you are looking for support, please contact our mailing list or join our IRC channel.

Stable branches with backported patches are available in the stable repo.