When 'nm-dispatcher' is not running because its systemd service
'NetworkManager-dispatcher.service' is not enabled, any calls to the dispatcher
will fail with an error of typ DBUS_ERROR:DBUS_GERROR_REMOTE_EXCEPTION (32):
"Unit dbus-org.freedesktop.nm-dispatcher.service failed to load: No such file or directory."
This clutters the logfile with warnings, although the user probably
disabled the service on purpose.
Special case this particular (recurring) failure and downgrade the warning
to debug level.
Signed-off-by: Thomas Haller <thaller@redhat.com>
Remove all remaining GParamSpec name and blurb strings (and fix
indentation while we're there), and add G_PARAM_STATIC_STRINGS to all
paramspecs that were lacking it.
If the timestamp is set to zero, the to_string() functions treat the lifetime
as based on *now*. For nm_platform_ip_address_cmp_expiry() this makes no
sense, because there is no absolute exiry to compare. Instead compare
them as expire earlier then the other address.
Signed-off-by: Thomas Haller <thaller@redhat.com>
The "lifetime" part when printing an address in nm_platform_ip[46]_address_to_string()
is supposed to show the raw, internal values of the address.
We already have the "lft" and "pref" output that presents the expiries based on now.
These fields are already crafted to show what the user probably wants
to see when looking at debugging log. "lifetime" should not do any
special casing and just print the raw values.
Signed-off-by: Thomas Haller <thaller@redhat.com>
When printing an address in nm_platform_ip4_address_to_string()
and nm_platform_ip6_address_to_string() treat an unset @timestamp
as counting from @now.
This is useful, if you just have the remaining lifetime at hand
and want to print an address. In general it is not a good idea to
leave the timestamp not anchored to an absolute @timestamp.
Signed-off-by: Thomas Haller <thaller@redhat.com>
Previous patch 8310a039d8 modified
platform to set the timestamp of addresses always to 1.
So, when adding an address platform logging looked like:
signal: address 4 added: 192.168.232.3/24 lft 2000sec pref 1000sec lifetime 12345-1[13344,14344] dev em1 src kernel
This is confusing in the log file and during debugging. Instead set the
timestamp to the last modification time of the address so that it will
look like:
signal: address 4 added: 192.168.232.3/24 lft 2000sec pref 1000sec lifetime 12345-12345[1000,2000] dev em1 src kernel
Signed-off-by: Thomas Haller <thaller@redhat.com>
When setting the timestamp to 1, we have to subtract(!) one second
from a_valid and a_preferred.
Due to this error, NM saw the lifetimes of addresses from system as two
seconds larger then the actual value.
Signed-off-by: Thomas Haller <thaller@redhat.com>
nm_dhcp_dhclient_read_lease_ip_configs() calculates the remaining time
until the address expires. It must anchor the lifetimes by setting the
@timestamp to nm_utils_get_monotonic_timestamp_s().
Signed-off-by: Thomas Haller <thaller@redhat.com>
Previously, we would not check the content of the script directory.
This meant, that "/etc/NetworkManager/dispatcher.d" almost always
contained something, namely the "pre-up.d" and "pre-down.d" directories.
Improve that by searching the directories for at least one
executable file.
Also, debug log the detected state of the dispatcher directories.
Signed-off-by: Thomas Haller <thaller@redhat.com>
Only truncate the script name to "basename" if the directory is the expected
one. Otherwise we print the raw value as returned by the dispatcher service.
Signed-off-by: Thomas Haller <thaller@redhat.com>
Before, there was only one combined variable checking whether any dispatcher scripts
are present at all. This meant for example, that a call to PRE_UP was still sent out
even if no scripts were in pre-up.d/ directory.
Optimize this, by distinguishing between the dispatcher type and the script directories.
Signed-off-by: Thomas Haller <thaller@redhat.com>
- ensure, that dispatcher_results_process() logs a line even if no scripts
were run. This way we alyways know when the callout returns.
- log a line when cancelling a dispatcher call
Signed-off-by: Thomas Haller <thaller@redhat.com>
When delaying the deactivation of a device during dispatcher-pre-down,
we must preseve the reason to pass it on.
This is especially important, because nm_device_slave_notify_release()
checks for the reason, and does not deactivate the slave if no reason is
given. This error caused slaves the be left up when deactivating the master.
Also update the call to nm_device_slave_notify_release() to ensure we
have a valid state reason when configuring the slave. This would have
pointed out the issue and would even work around it.
Regression introduced by commit d00e2147de.
Signed-off-by: Thomas Haller <thaller@redhat.com>
NM fails to activate a slave if the master device already exists
but has not active connection.
One way to reproduce, create a bond master/slave configuration and
ensure that the master device exists (e.g. by activating the bond, and
killing NM without taking down the device, or externally via `ip link add`).
If you try to activate the slave it will fail with the following message
(in nmcli):
"Error: Connection activation failed: The active connection on MASTER is not a valid master for 'SLAVE'"
although MASTER is not active.
This also triggers the following assertion:
#0 0x0000003370c504e9 in g_logv () from /lib64/libglib-2.0.so.0
#1 0x0000003370c5063f in g_log () from /lib64/libglib-2.0.so.0
#2 0x000000000047646a in is_compatible_with_slave (master=0x0, slave=slave@entry=0xc4aa60) at nm-manager.c:2193
#3 0x000000000047e289 in ensure_master_active_connection (self=self@entry=0xc8d150, subject=0x7f23b80059e0, connection=connection@entry=0xc4aa60, device=device@entry=0xcac380, master_connection=master_connection@entry=0x0,
master_device=master_device@entry=0xc9e800, error=error@entry=0x7fffa5cc4958) at nm-manager.c:2395
#4 0x000000000047eb4a in _internal_activate_device (self=self@entry=0xc8d150, active=active@entry=0xcc33b0, error=error@entry=0x7fffa5cc4958) at nm-manager.c:2665
#5 0x000000000047ecf2 in _internal_activate_generic (self=self@entry=0xc8d150, active=active@entry=0xcc33b0, error=error@entry=0x7fffa5cc4958) at nm-manager.c:2712
#6 0x000000000047ef2b in _internal_activation_auth_done (active=0xcc33b0, success=<optimized out>, error_desc=0x0, user_data1=0xc8d150, user_data2=<optimized out>) at nm-manager.c:2848
#7 0x0000000000466fa1 in auth_done (chain=0xcef020, error=0x0, unused=<optimized out>, user_data=<optimized out>) at nm-active-connection.c:603
#8 0x00000000004753da in auth_chain_finish (user_data=0xcef020) at nm-manager-auth.c:88
#9 0x0000003370c492a6 in g_main_context_dispatch () from /lib64/libglib-2.0.so.0
#10 0x0000003370c49628 in g_main_context_iterate.isra () from /lib64/libglib-2.0.so.0
#11 0x0000003370c49a3a in g_main_loop_run () from /lib64/libglib-2.0.so.0
#12 0x0000000000429e65 in main (argc=1, argv=0x7fffa5cc4e48) at main.c:678
Signed-off-by: Thomas Haller <thaller@redhat.com>
If a valid connection was updated and still valid, and then was
updated and become invalid, the connection would not be properly
removed from the ifnet plugin's priv->connections hash, and thus
would never be disposed.
This was due to using the direct pointer to the connection's UUID
as the key for the hash table. When a connection is updated and
its settings are replaced, the old UUID is freed and replaced with
a new pointer. But the ifnet plugin hash table still uses the
old (now freed) UUID pointer as the key. Thus when the connection
is updated and becomes invalid, looking up the UUID in the hash
table fails to find the connection, and the connection is not
removed from the hash.
This bug could cause a crash in some cases, if two keys of the
GHashTable hashed to the same value, in which case GLib would
call g_str_equal() on the freed pointer.
Since code other than in the ifnet plugin replaces settings,
we cannot be guaranteed that the pointer won't change. Avoid all
that and just strdup() the UUID when using it as a key.
Since the pointer to the connection's path could change any time
commit_changes() is called, it's not safe to use it as the hash
table key directly. strdup it instead.
Prevents:
Connection failed to verify: (unknown)
invalid or missing connection property 'blah blah/foo bar'
Simply removing the warning in reader.c is fine, because callers that
care already log the warning themselves. Also make the warning in
update_connection() the same as the warning in new_connection().
If a valid connection was updated and still valid, and then was
updated and become invalid, the connection would not be properly
removed from the keyfile plugin's priv->connections hash, and thus
would never be disposed.
This was due to using the direct pointer to the connection's UUID
as the key for the hash table. When a connection is updated and
its settings are replaced, the old UUID is freed and replaced with
a new pointer. But the keyfile plugin hash table still uses the
old (now freed) UUID pointer as the key. Thus when the connection
is updated and becomes invalid, looking up the UUID in the hash
table fails to find the connection, and the connection is not
removed from the hash.
This bug could cause a crash in some cases, if two keys of the
GHashTable hashed to the same value, in which case GLib would
call g_str_equal() on the freed pointer.
Since code other than in the keyfile plugin replaces settings,
we cannot be guaranteed that the pointer won't change. Avoid all
that and just strdup() the UUID when using it as a key.
(also collapses _internal_new_connection() into its only caller)
Coverity gets confused and thinks we are potentially leaking bssid_str
here. Given that nm_utils_hwaddr_ntoa() never returns NULL anyway,
just drop the check.
When connected to a phone via bluetooth and turning bluetooth off on the
computer NetworkManegr crashed due to accessing invalid device.
Reproducer:
- activate bluetooth on a computer and a phone
- pair the devices
- $ nmcli con add type blue con-name phone bt-type panu addr 00:17:EA:84:E7:41
- turn off bluetooth on computer (either with a hardware or software switch)
https://bugzilla.redhat.com/show_bug.cgi?id=1059494
Without this header Buildroot's build complains about unknown
types like GFile etc.
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
_rebase_relative_time_on_now() is used both by _address_get_lifetime()/nm_platform_ip[46]_address_sync()
and the to_string() functions.
In the latter case, we want to print the original value, without padding. Otherwise in
the addresses are printed in the logs with an additional 5 seconds
padding, which is confusing.
For adding addresses in platform however, we still want to keep the
padding. So pass it on as additional parameter.
Signed-off-by: Thomas Haller <thaller@redhat.com>
Something changed at some point so that NMManager was now recomputing
its state after a connection was activated, but before NMPolicy had
decided whether to give that connection the default route, meaning
NMManager would set the state to CONNECTED_LOCAL rather than
CONNECTED_GLOBAL.
Fix this by watching the active connection :default and :default6
properties too, so we do the right thing regardless of what order the
AC properties change in.
To ensure that NetworkManager does not block needlessly for events
which have no scripts, require scripts that respond to blocking
events to opt into the action.
Since the event loop isn't running on quit, but we want to ensure that
scripts can fully process the DOWN event, block on scripts completing
when disconnecting the VPN when quitting.
This event runs before a connection/device is announced as
"activated" or "connected", to enable scripts to do things
before applications begin using connectivity. For example,
this could be used to manage /etc/resolv.conf outside of
NetworkManager and ensure that resolv.conf had correct
information before DNS is used.
Note that this is different than the Debian or Gentoo "pre-up"
event used in /etc/network/interfaces, as that event runs before
any L2 configuration has started. If we really need an event
like that, we'll add it later as "lower-up".
Thomas pointed out that using the address of the DispatcherInfo
structure as the dispatcher call ID could cause a mis-cancelation
if malloc re-used the same block in the future. While the code
should be correctly clearing call IDs after the callback runs
or is canceled, just use numeric IDs to avoid potential crashses.
On shutdown we can't defer the response to a callback, so we need to
use synchronous D-Bus calls. Second, sometimes we want to block on
the dispatcher response, like for pre-down.
If there are no dispatcher scripts, don't bother dispatching any
events. This saves some time configuring networking if the event
would have no effect anyway.
