Some devices (s390 and ipvlan) use the same MAC address for
different interfaces, but dev_id differentiates them. So we
must use dev_id to avoid IID conflicts.
https://bugzilla.redhat.com/show_bug.cgi?id=1101809
Some device types (s390 OSA and ipvlan) can use the same link-layer address
for multiple virtual interfaces, and the kernel used the dev_id property
to differentiate these devices when constructing the IID. NM should do
this too to prevent IID clashes.
https://bugzilla.redhat.com/show_bug.cgi?id=1101809
The sort order of nm_setting_enumerate_values() affects the
order in which keyfile writer serializes the properties.
Have a defined, stable sort order by sorting the properties
by name (with prefering id,uuid,type for NMSettingConnection).
(cherry picked from commit 58f08c8c9c)
nm_connection_for_each_setting_value() is used by keyfile writer to iterate
over the settings and write the keyfile entires. The order there is important
as g_key_file_to_data() prints the groups in the order they were created.
To have a stable order and to have the [connection] entry first, sort the
settings.
(cherry picked from commit e50fbe466b)
libnm-core treated the UNKNOWN WEP key type as KEY. Relax that
and try to guess the correct type based on the key.
This is for example important if you have a valid connection with
wep-key-type=0 (unknown)
If you request passwords for such a connection, the user cannot
enter them in password format -- but there is no UI indication
that the password must be KEY.
(cherry picked from commit 628f47285d)
We must never fail verification of a connection based on a password
because the password is re-requested during activation.
Otherwise, if the user enters an invalid password for a (previously)
valid connection, the connection becomes invalid. NetworkManager does
not expect or handle that requesting password can make a connection
invalid.
Invalid passwords should be treated as wrong passwords. Only a UI
(such as nm-connection-editor or nmcli) should validate passwords
against a certain scheme.
Note that there is need_secrets() which on the contrary must check for
valid passwords.
Error scenario:
Connect to a WEP Wi-Fi, via `nmcli device wifi connect SSID`. The
generated connection has wep-key-type=0 (UNKNOWN) and wep-key-flags=0.
When trying to connect, NM will ask for secrets and set the wep-key0
field. After that, verification can fail (e.g. if the password is longer
then 64 chars).
(cherry picked from commit dbbedce21f)
Some refactoring of the main() functions for NetworkManager and
nm-iface-helper. Most notably, start the D-Bus service earlier so
that NetworkManager starts faster.
https://bugzilla.gnome.org/show_bug.cgi?id=746254
(cherry picked from commit 6ce7b7df96)
systemd considers the startup time of NetworkManager until the D-Bus
service is claimed. By doing that earlier, this time is significantly
reduced.
This has the advantage, that services that are ordered to start
after NetworkManager can start earlier. Most notably, 'network.target'
orders itself After=NetworkManager.service and many services are ordered
After=network.target.
$ systemd-analyze blame | grep NetworkManager.service
(cherry picked from commit 21562052ec)
Conflicts:
src/main.c
Create the rundir earlier and before setting up nm-logging.
nm_main_utils_ensure_rundir() errors out with fprintf(stderr)
and does not need nm-logging.
(cherry picked from commit 49cfe64874)
With this change, `NetworkManager --help` and `NetworkManager --version`
work for non-root user.
(cherry picked from commit 95786a4e4e)
Conflicts:
src/main-utils.c
src/main-utils.h
g_type_init() is independent of all NetworkManager
functionality. Just get it done early on.
(cherry picked from commit 0587dbe96c)
Conflicts:
src/nm-iface-helper.c
And rename the function to nm_main_utils_ensure_not_running_pidfile()
to match the other _ensure_ functions that exit(1).
Also no longer pass @name to nm_main_utils_ensure_not_running_pidfile()
and use g_get_prgname() instead.
nm_main_utils_ensure_not_running_pidfile() checks that the running
process has the same program name, so this changes behavior if the
user renamed the binary. Before, we would check whether the running
process is named 'NetworkManager' ('nm-iface-helper'). Now we check
whether the process has the same name as the current process.
This means, that if you rename the binary to 'NetworkManager2' we
would now only detect a conflicting 'NetworkManager2'. Before we would
only detect conflicting 'NetworkManager' binaries.
(cherry picked from commit 12ad2c7fe7)
Move call to nm_main_utils_early_setup() to a separate function.
Also move the @options array away from the main function, saving
a few bytes on the stack.
Now only do_early_setup() modifies the @global_opt structure.
(cherry picked from commit 5775df9a6d)
(cherry picked from commit 8e58fc7425)
Conflicts:
src/main.c
src/nm-iface-helper.c
Move the variables to a static struct so that we can factor
out some of the initialization code.
Also it's nice to have all options placed together in one struct so
that is is obvious which static variables are part of the command line
options, and which have other use.
(cherry picked from commit 1fc5aba42a)
Conflicts:
src/nm-iface-helper.c
Configuration commit is an unsafe thing to do for assumed connections,
it can remove an externally added address we don't know about yet.
The device already has a link-local address; for an assumed connection
it's the reason we assumed the method=link-local in the first place.
(cherry picked from commit 396dc2b3b4)
Paths to sysctls don't use ifindex and device names can be reused. If someone
removes a device and quickly creates a device with the same name, chances are
we're cleaning up the device that was just added.
Sadly, it seems there's no better API than sysctl-- neither netlink nor procfs
symlinks with ifindex or anything like that.
(cherry picked from commit f85513b8e4)
There won't be any further requests, so there's no point in keeping
the connection alive. Even if the HTTP server doesn't care, proxy
servers in-between might keep the connection open for a couple seconds
for keepalive, and we might as well be nice to them and tell them we
don't need to keep it alive.
(cherry picked from commit 90692e3eff)
It appears that the .isra and .part pieces can change depending on
how glib was built, so ignore those parts. Add some new suppressions
for newer glib too.
(cherry picked from commit 3cde821344)
When a new connection is activated and presently active connection goes away,
the active-connection-removed signal is not emitted for the old connection.
This is what happens:
1.) Initially, nm-manager::active-connections = [ActiveConnection/old]
2.) First PropertyChange is signalled for the new connection addition:
nm-manager::active-connections = [ActiveConnection/old,ActiveConnection/new]
This triggers load of ActiveConnection/new object.
3.) Another PropertyChange is signalled for the old connection removal:
nm-manager::active-connections = [ActiveConnection/new]
This removes the ActiveConnection/old object from
nm-manager::active-connections and enqueues active-connection-removed
signal. The signal is not emmitted as there's a reload from 2.) in progress.
4.) ActiveConnection/new reload finished
object_property_complete() compares
[ActiveConnection/old,ActiveConnection/new] from its odata to current
nm-manager::active-connections and incorrectly concludes that
ActiveConnection/old was just added and removes the enqueued
active-connection-removed signal.
This patch fixes the issue by remembering the original
nm-manager::active-connections property value at 2.).
[thaller@redhat.com: fixed an integer overflow and odata->array unreffing]
https://bugzilla.redhat.com/show_bug.cgi?id=1079353
(cherry picked from commit dba4e8ece8)
Backport several memleak fixes from master and enable
VALGRIND for most tests.
With valgrind enabled, I get sometimes non-reproducible failures
in src/tests/test-general-with-expect (monotonic_timestamp_get())
and libnm/tests/test-nm-client.c:911.
Still, merge it to have tests enabled in the first place. Possibly
fix them later.
https://mail.gnome.org/archives/networkmanager-list/2015-March/msg00041.html
We don't need the bus for the tests and the manager may warn when it
is not available.
$ (cd src/tests/config/; env -i DBUS_SYSTEM_BUS_ADDRESS=meow ./test-config)
/config/parse-error: OK
/config/no-auto-default: NetworkManager-Message: <info> Could not connect to the system bus; only the private D-Bus socket will be available.
/bin/sh: line 5: 29997 Trace/breakpoint trap ${dir}$tst
FAIL: test-config
This reverts commit 6994454461 for the
most part. It's not sufficient to disable logging warnings. Creating
a DBus Manager might affect the system in undesired ways.
(cherry picked from commit 5040a8a851)
The class itself is not thread-safe, so no need for guarding
the creation with g_once_init_*().
Also, assert against multiple creation and log a line when
creating the singleton. The getter is now more similar to what
is created by NM_DEFINE_SINGLETON_GETTER().
(cherry picked from commit 99465a34ca)
Don't have the singleton instance of NMDBusManager owned by
the main function. Instead use NM_DEFINE_SINGLETON_DESTRUCTOR()
which also logs what's happening.
(cherry picked from commit 1208c0dd13)
Conflicts:
src/main.c
