Since commit a47c13a7a2, update_ip4_config() re-schedules
itself in case activate_stage5_ip4_config_commit is pending. Thus, there is no need to
cancel any queued queued_ip4_config_id.
Also as that does not properly fix the issue unlike a47c13a7a.
(cherry picked from commit 73cec4e912)
update_ip4_config() and update_ip6_config() are called from nm_device_capture_initial_config().
At that point, we don't expect any activation-source scheduled, thus the "if" should not
not be hit anyway.
So, this patch should actually make no difference, but it seems clearer
to me. Also, because it would be a bug to re-schedule the idle handler
that is already pending, but from inspecting nm_device_capture_initial_config()
it is not immediately clear that this cannot be the case.
(cherry picked from commit bac06c5ae6)
Just like `nmcli device connect` only allows one argument, don't allow
multiple device arguments for reapply.
Allowing multiple device names makes it more complicated to add
additional options to the command. For example, it would be useful
to have a
nmcli device reapply eth0 connection id other-connection
but when allowing multiple device names, it gets more complicated in
documentation, command line parsing and bash completion.
Note that the user can achieve a very similar outcome by using the
shell:
for DEV in eth0 eth1 eth2; do
nmcli device reapply $DEV &
done
wait
argubaly, this doesn't report the exit status properly. To properly
handle that would require more effort. Also, it is somewhat less
efficient, but well.
This is an API change, however it is very new API that probably nobody
is using much. Also, the documentation (man nmcli) didn't mention the
possibility to pass multiple device names.
(cherry picked from commit d742ea7817)
The applied connection must have no secrets. It's unclear whether
there are any secrets at this point (possibly). To be sure, clear them.
(cherry picked from commit b52d25e129)
To allow for trailing whitespace, we don't need to copy and trunacate
the input string. g_ascii_strtoll() conveniently returns the location via
the endptr argument.
(cherry picked from commit 05478e4f4c)
When performing NM package upgrade the new version of nmcli will be immediately
available while NM daemon will not, as it would not restart in order to avoid
to disrupt connectivity. This could create issues with tools leveraging
on nmcli output (till reboot). As apart from this case it is very unlikely
that a user can have this nmcli / NM daemon version mismatch situation,
the check could cause more harm than benefit in real user case
scenarios.
https://bugzilla.redhat.com/show_bug.cgi?id=1291785
(cherry picked from commit 3c67a1ec5e)
When a new dynamic configuration is received, it is stored in a member
of private structure (e.g. @dhcp6_ip6_config) and a commit is
scheduled. Before the commit is executed, an update_ipx_config() could
be called and it would change the configuration before it is
committed.
This race condition causes failures in assigning the addresses
received through DHCPv6 when the internal client is used (but
potentially other clients and methods are affected).
To fix it, postpone updates of IP configurations when a commit is
already pending.
(cherry picked from commit a47c13a7a2)
Closing the library will interfere badly as the glib types cannot be
unregistered. We must leak the library handle.
Switch to dlopen() instead of g_module_open(), because the former
supports RTLD_NOLOAD. This is useful for two reasons:
- checking the file prior loading only makes any sense when
dlopen() would actually load a file anew.
- if the library was loaded before, we want to return the handle.
On the other hand, if the library was not loaded, we leak the
handle.
Thereby, refactor the code from if-else blocks to return-early, because
the function nicely does individual steps and if one fails just error
out.
(cherry picked from commit 264189e756)
It can return NULL and makes Coverity upset:
CID 75369 (#1 of 1): Dereference null return value (NULL_RETURNS)
4. dereference: Dereferencing a null pointer ret.
(cherry picked from commit 76844c65d6)
We might receive the update of the device state to FAILED when the
active connection is still in ACTIVATING. Handle this case properly.
(cherry picked from commit a06487a6ae)
For some device types, we use the DEVTYPE from sysfs to determine the
link type. However, the way we read from sysfs can race with device
renames and we could miss the chance to read DEVTYPE correctly.
This doesn't completely fix the sysfs race, but cures the boot-time race
with systemd renaming the device while we are initializing the link.
We ideally should use GUDev for all sysfs accesses, but that would need
some more work for this particular case as currently we need the link type
before we have an udev device instance.
https://bugzilla.gnome.org/show_bug.cgi?id=764803
Co-Authored-By: Beniamino Galvani <bgalvani@redhat.com>
(cherry picked from commit dd4d8b24da)
g_object_get_data() and g_object_get_qdata() end up to be identical,
except that g_object_get_data() also requires to intern the string
on every lookup (which involves a hash lookup and locking).
(cherry picked from commit d350d72a2e)
The notification was missing from a long time. The issue has been exposed only
now due to the c57e5a6b66 fix which properly
implemented the "startup-complete" notification substituting out of place code
which masked the bug.
(cherry picked from commit 19350c8975)
The 'portname' sysfs attribute of s390 devices is deprecated since
kernel 4.4 and always set to 'no portname required'. But even on older
kernels such value must be interpreted as an unset portname and thus
ignored.
https://bugzilla.redhat.com/show_bug.cgi?id=1327204
(cherry picked from commit 0589e659ca)
Generate a stable connection UUID for the default-wired-connection.
Otherwise, on every reboot, the UUID changes although the generated
connection is the same.
But also hash into the UUID the machine-id, the device name and the
hardware address. So, the UUID is only the same if the connection is
identical in every aspect.
Also, the UUID is used as Network_ID for the stable-privacy address
generation mode. It is bad to re-create different UUIDs on every boot
as it causes different addresses.
(cherry picked from commit 89cf9429a7)
Otherwise the types links would be dangling or resolved to slightly
irrelevant documentation in libnm or completely irrelevant documentation
in libnm-util.
(cherry picked from commit db6ebe003d)
It isn't right in that context -- NMDevice is a libnm-core object,
not a bus object. In rendered documentation this would generate
a dangling link.
(cherry picked from commit c850868faf)
When mounting /proc with hidepid, we might fail to read the
start-time of the process from /proc/$PID/stat. In this case,
we should just accept a start-time of zero.
On the other side of authentication, polkit should accept a zero
start-time too.
nm_utils_get_start_time_for_pid() has other uses in NetworkManager,
mostly when killing a process from a PIDFILE or during
nm_utils_kill_process_sync(). In both these cases, this will only
succeed if we try to kill a process that also runs a root.
For processes started by the current instance, we don't care about the
PIDFILE and use nm_utils_kill_child_?sync() -- so there is no problem
with hidepid there.
https://bugzilla.gnome.org/show_bug.cgi?id=764502
(cherry picked from commit 3d505b3f87)
Pass an empty configuration file otherwise dnsmasq loads
"/etc/dnsmasq.conf".
We already allow for a config.d/ directory "/etc/NetworkManager/dnsmasq.d"
to allow the user to overwrite configuration. We don't want to consider
the global config file.
Fixes: 497a8aa5c6
(cherry picked from commit 3d3f71acec)
