network: take explicit ownership of our own interfaces

This is a follow-up for #30786 and uses it to assign
ID_NET_MANAGED_BY=io.systemd.Network to all all network interfaces that
we consider ours to manage. This should hopefully have the effect that
other well-behaving managers won't fight for these devices.

This doesn't bother with network interfaces we match inside containers,
since udev is not available there anyway.

network/80-6rd-tunnel.link

@@ -0,0 +1,24 @@
+# SPDX-License-Identifier: MIT-0
+#
+# This config file is installed as part of systemd.
+# It may be freely copied and edited (following the MIT No Attribution license).
+#
+# To make local modifications, one of the following methods may be used:
+# 1. add a drop-in file that extends this file by creating the
+#    /etc/systemd/network/80-6rd-tunnel.link.d/ directory and creating a
+#    new .conf file there.
+# 2. copy this file into /etc/systemd/network/ or one of the other paths checked
+#    by systemd-udevd and edit it there.
+# This file should not be edited in place, because it'll be overwritten on upgrades.
+
+# This .link file matches 6rd-* SIT devices and marks them as managed by
+# systemd-networkd.
+
+[Match]
+Kind=sit
+Name=6rd-*
+
+[Network]
+NamePolicy=keep
+MACAddressPolicy=persistent
+Property=ID_NET_MANAGED_BY=io.systemd.Network

network/80-6rd-tunnel.network

@@ -7,11 +7,11 @@
 # 1. add a drop-in file that extends this file by creating the
 #    /etc/systemd/network/80-6rd-tunnel.network.d/ directory and creating a
 #    new .conf file there.
-# 2. copy this file into /etc/systemd/network or one of the other paths checked
+# 2. copy this file into /etc/systemd/network/ or one of the other paths checked
 #    by systemd-networkd and edit it there.
 # This file should not be edited in place, because it'll be overwritten on upgrades.
 
-# This network file matches 6rd-* SIT devices which is automatically created by
+# This .network file matches 6rd-* SIT devices which is automatically created by
 # systemd-networkd when DHCPv4 6RD option is received.
 
 [Match]

network/80-container-vb.link

@@ -0,0 +1,24 @@
+# SPDX-License-Identifier: MIT-0
+#
+# This config file is installed as part of systemd.
+# It may be freely copied and edited (following the MIT No Attribution license).
+#
+# To make local modifications, one of the following methods may be used:
+# 1. add a drop-in file that extends this file by creating the
+#    /etc/systemd/network/80-container-vb.link.d/ directory and creating a
+#    new .conf file there.
+# 2. copy this file into /etc/systemd/network/ or one of the other paths checked
+#    by systemd-udevd and edit it there.
+# This file should not be edited in place, because it'll be overwritten on upgrades.
+
+# This .link file matches the host-side of the virtual Ethernet link created
+# by systemd-nspawn's --network-veth switch with --network-bridge= or
+# --network-zone= switch. See systemd-nspawn(1) for details.
+
+[Match]
+Kind=veth
+Name=vb-*
+
+[Link]
+NamePolicy=keep
+Property=ID_NET_MANAGED_BY=io.systemd.Network

network/80-container-vb.network

@@ -7,13 +7,13 @@
 # 1. add a drop-in file that extends this file by creating the
 #    /etc/systemd/network/80-container-vb.network.d/ directory and creating a
 #    new .conf file there.
-# 2. copy this file into /etc/systemd/network or one of the other paths checked
+# 2. copy this file into /etc/systemd/network/ or one of the other paths checked
 #    by systemd-networkd and edit it there.
 # This file should not be edited in place, because it'll be overwritten on upgrades.
 
-# This network file matches the host-side of the virtual Ethernet link
-# created by systemd-nspawn's --network-veth switch with --network-bridge or
-# --network-zone switch. See systemd-nspawn(1) for details.
+# This .network file matches the host-side of the virtual Ethernet link created
+# by systemd-nspawn's --network-veth switch with --network-bridge= or
+# --network-zone= switch. See systemd-nspawn(1) for details.
 
 [Match]
 Kind=veth

network/80-container-ve.link

@@ -0,0 +1,24 @@
+# SPDX-License-Identifier: MIT-0
+#
+# This config file is installed as part of systemd.
+# It may be freely copied and edited (following the MIT No Attribution license).
+#
+# To make local modifications, one of the following methods may be used:
+# 1. add a drop-in file that extends this file by creating the
+#    /etc/systemd/network/80-container-ve.link.d/ directory and creating a
+#    new .conf file there.
+# 2. copy this file into /etc/systemd/network/ or one of the other paths checked
+#    by systemd-udevd and edit it there.
+# This file should not be edited in place, because it'll be overwritten on upgrades.
+
+# This .link file matches the host-side of the virtual Ethernet link
+# created by systemd-nspawn's --network-veth switch. See systemd-nspawn(1) for
+# details.
+
+[Match]
+Kind=veth
+Name=ve-*
+
+[Link]
+NamePolicy=keep
+Property=ID_NET_MANAGED_BY=io.systemd.Network

network/80-container-ve.network

@@ -7,11 +7,11 @@
 # 1. add a drop-in file that extends this file by creating the
 #    /etc/systemd/network/80-container-ve.network.d/ directory and creating a
 #    new .conf file there.
-# 2. copy this file into /etc/systemd/network or one of the other paths checked
+# 2. copy this file into /etc/systemd/network/ or one of the other paths checked
 #    by systemd-networkd and edit it there.
 # This file should not be edited in place, because it'll be overwritten on upgrades.
 
-# This network file matches the host-side of the virtual Ethernet link
+# This .network file matches the host-side of the virtual Ethernet link
 # created by systemd-nspawn's --network-veth switch. See systemd-nspawn(1) for
 # details.
 

network/80-container-vz.link

@@ -0,0 +1,23 @@
+# SPDX-License-Identifier: MIT-0
+#
+# This config file is installed as part of systemd.
+# It may be freely copied and edited (following the MIT No Attribution license).
+#
+# To make local modifications, one of the following methods may be used:
+# 1. add a drop-in file that extends this file by creating the
+#    /etc/systemd/network/80-container-vz.link.d/ directory and creating a
+#    new .conf file there.
+# 2. copy this file into /etc/systemd/network/ or one of the other paths checked
+#    by systemd-udevd and edit it there.
+# This file should not be edited in place, because it'll be overwritten on upgrades.
+
+# This .link file matches the bridge interface created by systemd-nspawn's
+# --network-zone= switch. See systemd-nspawn(1) for details.
+
+[Match]
+Kind=bridge
+Name=vz-*
+
+[Link]
+NamePolicy=keep
+Property=ID_NET_MANAGED_BY=io.systemd.Network

network/80-vm-vt.link

@@ -0,0 +1,23 @@
+# SPDX-License-Identifier: MIT-0
+#
+# This config file is installed as part of systemd.
+# It may be freely copied and edited (following the MIT No Attribution license).
+#
+# To make local modifications, one of the following methods may be used:
+# 1. add a drop-in file that extends this file by creating the
+#    /etc/systemd/network/80-vm-vt.link.d/ directory and creating a
+#    new .conf file there.
+# 2. copy this file into /etc/systemd/network/ or one of the other paths checked
+#    by systemd-udevd and edit it there.
+# This file should not be edited in place, because it'll be overwritten on upgrades.
+
+# This .link file matches vt-* TUN/TAP devices on the host and marks them as
+# managed by systemd-networkd.
+
+[Match]
+Kind=tun
+Name=vt-*
+
+[Link]
+NamePolicy=keep
+Property=ID_NET_MANAGED_BY=io.systemd.Network

network/meson.build

@@ -3,11 +3,16 @@
 if conf.get('ENABLE_NETWORKD') == 1
         install_data(
                 '80-6rd-tunnel.network',
+                '80-6rd-tunnel.link',
                 '80-container-host0.network',
                 '80-container-vb.network',
+                '80-container-vb.link',
                 '80-container-ve.network',
+                '80-container-ve.link',
                 '80-container-vz.network',
+                '80-container-vz.link',
                 '80-vm-vt.network',
+                '80-vm-vt.link',
                 '80-wifi-adhoc.network',
                 install_dir : networkdir)