Autoconnect-slaves currently forces an activation of all slaves, even
if there is already an active connection for them. This is bad because
at boot slaves first try to autoconnect, then the autoconnect-slaves
of the master kicks in and disconnects/reactivates them.
The only reason why the forceful reactivation was added was to fix
[1]; in that scenario, a slave connection is already active as
non-slave; then it is updated to be a slave; later, the master with
autoconnect-slaves is manually activated. NetworkManager should detect
that the slave connection must now be activated by autoconnect-slaves.
Add a specific check for such situation, instead of always
reactivating all slaves.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1845018
Fixes: 4985ca5ada ('manager: allow autoconnect-slaves to reconnect the same connection')
(cherry picked from commit 024e983c8e)
(cherry picked from commit d07d515dd7)
(cherry picked from commit 4df63b205e)
Fixes: 2a4fb75d3b ('ifcfg: add support for "802-1x.system-ca-certs" setting')
(cherry picked from commit b4537f2c03)
(cherry picked from commit 5d8a0837b3)
(cherry picked from commit e11232de96)
Fixes: a83ab252ee ('ifcfg-rh: add support for 802-1x.password-raw property')
(cherry picked from commit 9fde21504e)
(cherry picked from commit 36ddd266a5)
(cherry picked from commit 52bb253f6b)
S390 options are stored in a separate [ethernet-s390-options] section.
This group must not be interpreted as a NMSetting name, otherwise we
log a bogus warning:
<warn> [1590523563.7757] keyfile: ethernet-s390-options: invalid setting name 'ethernet-s390-options'
Fixes: cf9b8d3bad ('libnm/keyfile: implement ethernet.s390-options in keyfile')
(cherry picked from commit 82a468c9ad)
(cherry picked from commit d611647997)
(cherry picked from commit e9f2831ab5)
For ip-tunnel modes that encapsulate layer2 packets (gretap and
ip6gretap) we allow the presence of an ethernet setting in the
connection and honor the cloned-mac-address specified in it.
For all other modes, the ethernet setting is removed during
normalization, but a value different from 'preserve' could be set via
global default.
The kernel doesn't allow setting a MAC for layer3 devices, don't do
it.
(cherry picked from commit 0494a84878)
(cherry picked from commit 78ed14166c)
(cherry picked from commit d69d92c658)
Otherwise the function is not usable via generated bindings.
Fixes: 9b9dce9486 ('all: add 'match' setting')
(cherry picked from commit 180cda7632)
(cherry picked from commit 805adec9ca)
(cherry picked from commit b5a66b88b3)
Expect a failure when writing to /proc if the file system is mounted
read-only.
(cherry picked from commit 211eb3ff8a)
(cherry picked from commit cd056b664b)
Sometimes these function may set errno to unexpected values like EAGAIN.
This causes confusion. Avoid that by using our own wrappers that retry
in that case. For example, in rhbz#1797915 we have failures like:
errno = 0;
v = g_ascii_strtoll ("10", 0, &end);
if (errno != 0)
g_assert_not_reached ();
as g_ascii_strtoll() would return 10, but also set errno to EAGAIN.
Work around that by using wrapper functions that retry. This certainly
should be fixed in glib (or glibc), but the issues are severe enough to
warrant a workaround.
Note that our workarounds are very defensive. We only retry 2 times, if
we get an unexpected errno value. This is in the hope to recover from
a spurious EAGAIN. It won't recover from other errors.
https://bugzilla.redhat.com/show_bug.cgi?id=1797915
(cherry picked from commit 7e49f4a199)
(cherry picked from commit eec2740d71)
Avoid g_ascii_strtoull() calling directly. It has subtle issues, which is why
we have a wrapper for it.
(cherry picked from commit 659ac9cc12)
(cherry picked from commit 62469c1401)
Be more graceful and allow whitespaces around the floating point number
for DEVTIMEOUT. Note that _nm_utils_ascii_str_to_int64() is already graceful
against whitespace, so also be it with the g_ascii_strtod() code path.
(cherry picked from commit 2e4771be5e)
(cherry picked from commit 5a44792e41)
Commit b2a0738765 ('man: improve manual page for nm-online') removed
the explanation of how may-fail can be used to wait for a specific
address family during boot. I found that part useful.
Note: this branch doesn't have commit 1e5206414a ('device: don't
delay startup complete for pending-actions "autoconf", "dhcp4" and
"dhcp6"') and so the text is different from branch nm-1-22 and later.
https://bugzilla.redhat.com/show_bug.cgi?id=1825666
(cherry picked from commit 25583de20b)
(cherry picked from commit 02a31e71af)
(cherry picked from commit 74c4494b3b)
With `./configure --enable-more-asserts`, we add extra -W flags to
AM_CFLAGS. This variable is only used, if the per-library override
libnm_core_libnm_core_la_CFLAGS is unspecified ([1]).
Usually we avoid this problem be never specifying library_CFLAGS, but
placing all our per-library flags to library_CPPFLAGS. While that is a
bit of a hack and misuse of CPPFLAGS, it works well (enough).
This was broken recently. The effect was, that libnm-core was not
build with AM_CFLAGS flags. Fix it.
[1] https://www.gnu.org/software/automake/manual/html_node/Flag-Variables-Ordering.html
Fixes: d2d6a68697 ('build: use -fcommon when building libnm-core')
(cherry picked from commit 16df1c179d)
(cherry picked from commit 96f50cf9d8)
Fail the enslavement of the ovs port if the bridge device is not
found, instead of generating assertions and potentially crash later.
https://bugzilla.redhat.com/show_bug.cgi?id=1797696
Fixes: 101e65d2bb ('ovs: allow changing mac address of bridges and interfaces')
(cherry picked from commit c5c49995b1)
(cherry picked from commit 7494a2e37a)
The previous code tried to get the bridge active connection and it
used the port active connection instead in case of failure. This
doesn't seem right, as in nm-ovsdb.c the bridge AC is used to get the
bridge settings (including the uuid, interface name, and cloned mac).
In case of failure getting the bridge AC we should just fail.
Fixes: 830a5a14cb ('device: add support for OpenVSwitch devices')
(cherry picked from commit c8b5a3f91a)
(cherry picked from commit d8fb95d22b)
Since commit c1907a218a ('libnm-core: remove gateway when
never-default=yes in NMSettingIPConfig'), the gateway gets normalized
away when the profile has never-default set.
That means,
$ nmcli connection modify "$PROFILE" ipv4.never-default yes ipv4.gateway 192.168.77.1
does not set the gateway. Likewise, if your profile has already never-default
enabled,
$ nmcli connection modify "$PROFILE" ipv4.gateway 192.168.77.1
will have no effect. That is confusing and undesirable.
Note that we don't adjust the GObject property setter for "gateway" to clear
never-default. I feel, setting one property in libnm should preferably
not unset another (there are exceptions to the rule, like for team
properties). However, for nmcli it's clear in which order properties
are set, so this change is right for the client tool.
https://bugzilla.redhat.com/show_bug.cgi?id=1785039https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/475
(cherry picked from commit 411255d51f)
(cherry picked from commit fae37528d9)
(cherry picked from commit d2606cc49e)
Clang 10 doesn't like NM_IN_SET() with strings and is right about that:
../libnm-core/tests/test-general.c:7763:9: error: result of comparison against a string literal is unspecified (use an explicit string comparison function instead) [-Werror,-Wstring-compare]
(void) NM_IN_SET ("a", "1", "2", "3", "4", "5", "6", "7", "8", "9", "10", "11", "12", "13", "14", "15", "16");
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
However, NM_IN_STRSET() should work.
(cherry picked from commit c437d6c60a)
(cherry picked from commit c8f372b3a6)
Surisingly, the compiler may detect the remaining obj_type in
the default switch. Then, inlining nmp_class_from_type() it may detect
that this is only possible to hit with an out or range access to
_nmp_classes array.
Rework the code to avoid that compiler warning. It's either way not
supposed to happen.
Also, drop the default switch case and explicitly list the enum values.
Otherwise it is error prone to forget a switch case.
(cherry picked from commit 9848589fbf)
(cherry picked from commit 6f189da7b6)
curl_multi_setopt() accepts CURLMOPT_* options, not CURLOPT_*
ones. Found by GCC 10:
clients/cloud-setup/nm-http-client.c:700:38: error: implicit conversion from ‘enum <anonymous>’ to ‘CURLMoption’ [-Werror=enum-conversion]
700 | curl_multi_setopt (priv->mhandle, CURLOPT_VERBOSE, 1);
Fixes: 69f048bf0c ('cloud-setup: add tool for automatic IP configuration in cloud')
(cherry picked from commit c11ac34f4c)
(cherry picked from commit 7ba2040caa)
Properly initialize 'overload' when the space in the file section
ends.
shared/n-dhcp4/src/n-dhcp4-outgoing.c: In function ‘n_dhcp4_outgoing_append’:
shared/n-dhcp4/src/n-dhcp4-outgoing.c:198:17: error: ‘overload’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
(cherry picked from commit b2620e798a)
(cherry picked from commit 972b0db460)
