The tests were checking that the keyfiles had permission
0600 and there was a check-local target to prepare the permissons
of the tests.
That is inconvenient, and it is unexpected to have a check-local
target for such a case.
Also, the tests were not testing that keyfile reader would
bail out on invalid permissions. So just skip the check for
testing.
In some places we use g_file_set_contents() after a umask() to limit
the permissions of the created file. Unfortunately if the containing
directory has a default ACL the umask will be ignored and the new file
will have a mode equal to the default ACL (since g_file_set_contents()
opens the file with mode 0666).
Calling a chmod() after the file gets created is insecure (see commit
60b7ed3bdc) and so the only solution seems to be to reimplement
g_file_set_contents() and accept a mode as parameter.
We already had similar functions in the tree, consolidate them into a
new generic utility function.
https://bugzilla.gnome.org/show_bug.cgi?id=769702
Don't have the test recompile parts of the settings plugin.
Instead, build one core library that is used both by the test
and the settings plugin.
Advantage: might save some compilation time, but more importantly: the
test use the same object code then NetworkManager itself, avoiding
different behavior due to compilation flags.
We don't need need separate unit tests for basic tests that can
just run in the same test-run. If you really need to run only
a particular set of tests, try
./src/settings/plugins/ifcfg-rh/tests/test-ifcfg-rh -p /settings/plugins/ifcfg-rh/utils
Results in less compilation (time), and less binaries to test during
`make check`.
First of all, G_LOG_DOMAIN only matters when using g_log() directly.
Inside core, we always want to log via nm-logging. Every call to a
g_log() is a bug in the first place (like a failed assertion that logs
a g_critical() during g_return_if_fail()).
So, for all practic purposes, the logging domain is not used.
For nm-logging, the G_LOG_DOMAIN has no effect. Unless we find a proper
use of this domain, G_LOG_DOMAIN should not differ from what the rest of
core.
The numeric value of NM_SETTING_PROXY_METHOD_NONE should be zero,
as that is the more natural default.
Also, cast all uses of the enum values in g_object_set() to
(int).
Unnecessary APIs have been removed from nm-setting-proxy, client like
nm-connection-editor are expected to create a PAC script snippet the load
the location of file in NM.
src: Fixes in nm-device.c and nm-vpn-connection.c to update PacRunner
at the right place and moment. When a device goes up PacRunner is
configured with the Device IPxConfigs and Proxy Config. When it goes
down the same configuration is removed from PacRunner.
ifcfg-rh: Fixed to read and write proxy settings to the ifcfg network
scripts.
- use _NM_GET_PRIVATE() and _NM_GET_PRIVATE_PTR() everywhere.
- reorder statements, to have GObject related functions (init, dispose,
constructed) at the bottom of each file and in a consistent order w.r.t.
each other.
- unify whitespaces in signal and properties declarations.
- use NM_GOBJECT_PROPERTIES_DEFINE() and _notify()
- drop unused signal slots in class structures
- drop unused header files for device factories
Since we possibly already link against libjansson, we can also expose some
helper utils which allows nmcli to do basic validation of JSON without
requiring to duplicate the effort of using libjansson.
Also, tighten up the cecks to ensure that we have a JSON object at hand.
We are really interested in that and not of arrays or literals.
An empty 802-11-wireless-security.proto is equivalent to
'wpa,rsn'. Previously we added the two protocols when reading the
connection and the variables were missing, with the result that an
empty value would be read as 'wpa,rsn' at the next restart. This is
harmless but makes the two connections appear as different, with bad
effects when 'monitor-connection-files' is enabled.
Ensure that the original value persists after a write/read cycle.
https://bugzilla.gnome.org/show_bug.cgi?id=770907
