8 files changed, 28 insertions, 4 deletions

diff --git a/src/basic/fileio.c b/src/basic/fileio.c
index 623e43e4ca..a9c0fd20e1 100644
--- a/src/basic/fileio.c
+++ b/src/basic/fileio.c
@@ -930,10 +930,10 @@ int warn_file_is_world_accessible(const char *filename, struct stat *st, const c
 
         if (unit)
                 log_syntax(unit, LOG_WARNING, filename, line, 0,
-                           "%s has %04o mode that is too permissive, please adjust the access mode.",
+                           "%s has %04o mode that is too permissive, please adjust the ownership and access mode.",
                            filename, st->st_mode & 07777);
         else
-                log_warning("%s has %04o mode that is too permissive, please adjust the access mode.",
+                log_warning("%s has %04o mode that is too permissive, please adjust the ownership and access mode.",
                             filename, st->st_mode & 07777);
         return 0;
 }
diff --git a/src/libsystemd/sd-network/sd-network.c b/src/libsystemd/sd-network/sd-network.c
index a3c0542d7a..8ff9382d90 100644
--- a/src/libsystemd/sd-network/sd-network.c
+++ b/src/libsystemd/sd-network/sd-network.c
@@ -229,6 +229,10 @@ _public_ int sd_network_link_get_timezone(int ifindex, char **ret) {
         return network_link_get_string(ifindex, "TIMEZONE", ret);
 }
 
+_public_ int sd_network_link_get_dhcp4_address(int ifindex, char **ret) {
+        return network_link_get_string(ifindex, "DHCP4_ADDRESS", ret);
+}
+
 _public_ int sd_network_link_get_dns(int ifindex, char ***ret) {
         return network_link_get_strv(ifindex, "DNS", ret);
 }
diff --git a/src/network/netdev/macsec.c b/src/network/netdev/macsec.c
index cf281e75a6..d1d65a69bf 100644
--- a/src/network/netdev/macsec.c
+++ b/src/network/netdev/macsec.c
@@ -981,6 +981,8 @@ static int macsec_read_key_file(NetDev *netdev, SecurityAssociation *sa) {
         if (!sa->key_file)
                 return 0;
 
+        (void) warn_file_is_world_accessible(sa->key_file, NULL, NULL, 0);
+
         r = read_full_file_full(sa->key_file, READ_FULL_FILE_SECURE | READ_FULL_FILE_UNHEX, (char **) &key, &key_len);
         if (r < 0)
                 return log_netdev_error_errno(netdev, r,
diff --git a/src/network/netdev/netdev.c b/src/network/netdev/netdev.c
index 7735b455b7..7853e197f1 100644
--- a/src/network/netdev/netdev.c
+++ b/src/network/netdev/netdev.c
@@ -844,7 +844,7 @@ int netdev_load(Manager *manager) {
         STRV_FOREACH(f, files) {
                 r = netdev_load_one(manager, *f);
                 if (r < 0)
-                        return r;
+                        log_error_errno(r, "Failed to load %s, ignoring: %m", *f);
         }
 
         return 0;
diff --git a/src/network/netdev/wireguard.c b/src/network/netdev/wireguard.c
index 913ee2a058..a40b32d148 100644
--- a/src/network/netdev/wireguard.c
+++ b/src/network/netdev/wireguard.c
@@ -901,6 +901,8 @@ static int wireguard_read_key_file(const char *filename, uint8_t dest[static WG_
 
         assert(dest);
 
+        (void) warn_file_is_world_accessible(filename, NULL, NULL, 0);
+
         r = read_full_file_full(filename, READ_FULL_FILE_SECURE | READ_FULL_FILE_UNBASE64, &key, &key_len);
         if (r < 0)
                 return r;
diff --git a/src/network/networkctl.c b/src/network/networkctl.c
index 3100a2e04e..a7cccbc690 100644
--- a/src/network/networkctl.c
+++ b/src/network/networkctl.c
@@ -678,6 +678,7 @@ static int dump_addresses(
                 int ifindex) {
 
         _cleanup_free_ struct local_address *local = NULL;
+        _cleanup_free_ char *dhcp4_address = NULL;
         int r, n, i;
 
         assert(rtnl);
@@ -687,6 +688,8 @@ static int dump_addresses(
         if (n < 0)
                 return n;
 
+        (void) sd_network_link_get_dhcp4_address(ifindex, &dhcp4_address);
+
         for (i = 0; i < n; i++) {
                 _cleanup_free_ char *pretty = NULL;
 
@@ -700,6 +703,15 @@ static int dump_addresses(
                 if (r < 0)
                         return r;
 
+                if (dhcp4_address && streq(pretty, dhcp4_address)) {
+                        _cleanup_free_ char *p = NULL;
+
+                        p = pretty;
+                        pretty = strjoin(pretty , " (DHCP4)");
+                        if (!pretty)
+                                return log_oom();
+                }
+
                 if (ifindex <= 0) {
                         char name[IF_NAMESIZE+1];
 
diff --git a/src/network/networkd-network.c b/src/network/networkd-network.c
index 2b8d0eb2fb..fe81f1b720 100644
--- a/src/network/networkd-network.c
+++ b/src/network/networkd-network.c
@@ -506,7 +506,7 @@ int network_load(Manager *manager) {
         STRV_FOREACH(f, files) {
                 r = network_load_one(manager, *f);
                 if (r < 0)
-                        return r;
+                        log_error_errno(r, "Failed to load %s, ignoring: %m", *f);
         }
 
         return 0;
diff --git a/src/systemd/sd-network.h b/src/systemd/sd-network.h
index c78f7c86bb..1cf4c2ec9d 100644
--- a/src/systemd/sd-network.h
+++ b/src/systemd/sd-network.h
@@ -110,6 +110,10 @@ int sd_network_link_get_network_file(int ifindex, char **filename);
  * IP addresses */
 int sd_network_link_get_dns(int ifindex, char ***ret);
 
+/* Get DHCP4 address for a given link. This is string representations of
+ * IPv4 address */
+int sd_network_link_get_dhcp4_address(int ifindex, char **ret);
+
 /* Get NTP entries for a given link. These are domain names or string
  * representations of IP addresses */
 int sd_network_link_get_ntp(int ifindex, char ***ret);