Unfortunately, $(AM_CPPFLAGS) gets overridden by per-target _CPPFLAGS
variables, which $(INCLUDES) did not, so this requires some additional
changes.
In most places, I have just gotten rid of the per-target _CPPFLAGS
variables; in directories with a single target, the per-target
variable is unnecessary, and in directories with multiple targets, the
per-target variable is often undesirable, since it forces some files
to be compiled twice, even though there ends up being no difference
between the two files.
If BOOTPROTO is set to "none", user states that no ipv4 setting should
be set. So respect that.
Introduce helper is_any_ip4_address_defined() along the way to make the
code more readable.
Signed-off-by: Jiri Pirko <jiri@resnulli.us>
In nm_keyfile_plugin_connection_from_file(), disable the "bad owner"
check.
As root you can read all files anyway, or if necessary even chown them,
and for
other users the standard file permissions will do a fine job.
This fixes running "make check" as root.
https://bugzilla.gnome.org/show_bug.cgi?id=701112
Plugins that could save connections to disk previously depended on inotify
events from the kernel to know when to signal connection removal; that is
in response to a 'delete' request they would unlink the backing filesystem
resources, get the inotify signal, and cause NM_SETTINGS_CONNECTION_REMOVED
to be emitted.
Unsaved connections don't have any backing resources, so they would never
get the signal emitted, and NMSettings would never forget about them.
Also, when monitor-connection-files=false in the configuration, obviously
the inotify signals will never come in because they aren't set up.
Given that we can no longer rely on inotify, it's best to just explicitly
send out the NM_SETTINGS_CONNECTION_REMOVED signal whenever a connection
is deleted via the D-Bus interface or internally.
The initscripts do this:
MATCH='^.+\.[0-9]{1,4}$'
if [[ "${DEVICE}" =~ $MATCH ]]; then
VID=$(echo "${DEVICE}" | LC_ALL=C sed 's/^.*\.\([0-9]\+\)/\1/')
PHYSDEV=${DEVICE%.*}
fi
MATCH='^vlan[0-9]{1,4}?'
if [[ "${DEVICE}" =~ $MATCH ]]; then
VID=$(echo "${DEVICE}" | LC_ALL=C sed 's/^vlan0*//')
# PHYSDEV should be set in ifcfg-vlan* file
if test -z "$PHYSDEV"; then
net_log $"PHYSDEV should be set for device ${DEVICE}"
exit 1
fi
fi
which means that if the VLAN name starts with "vlan" then
PHYSDEV must be set, otherwise the parent interface cannot
be determined.
Since PHYSDEV, if set, reflects the explicit intentions of the
user instead of assuming the name from DEVICE, make PHYSDEV
take precedence over determining the parent interface from
heuristics.
If the agent has dropped off the bus then its proxy may already
be destroyed, so we'll get warnings when trying to make method
calls using it. Track proxy destruction and warn if we try to
use a destroyed proxy.
Turns out this function is useless, because it's only called when the
agent has dropped off the bus or when the whole request is being
freed. If the agent has dropped off the bus then there's no point
in asking it to cancel the request because there's nothing to ask.
So we can collapse request_cancel() into request_free().
If all agents can handle VPN hints, then we'll try to use
ConnectInteractive() to let the VPN plugin ask for secrets
interactively via the SecretsRequired signal. These hints
are then passed to agents during the connection process if
the plugin needs more secrets or different secrets, and when
the new secrets are returned, they are passed back to the VPN
plugin.
If at least one agent does not have the VPN hints capability,
we can't use ConnectInteractive(), but fall back to the old
Connect call, because that agent won't be able to send the
hints to the VPN plugin's authentication dialog, and thus
we won't get back the secrets the VPN plugin is looking for.
So, for interactive secrets to work correctly, you need:
1) A VPN plugin updated for interactive secrets requests
2) NM updated for interactive secrets requests
3) all agents to set the VPN_HINTS capability when
registering with NetworkManager and to pass hints
along to the VPN authentication dialog
4) a VPN authentication dialog updated to look for hints
and only return secrets corresponding to the hints
requested by the plugin
A couple functions depended on the passed-in error being !NULL to
correctly report errors, and we can't depend on that because it might
not be true. So fix up those functions' call chain to ensure that
errors get reported regardless of whether 'error' is !NULL.
Previously I didn't think they'd be used for anything other than connection secrets
which only have one hint, but in the future we'll want to pass more information.
Split the agent secrets request tracking structure into a generic
structure for tracking any agent request, and a connection-specific
subclass. We'll use the generic structure in the future for device
secrets and other stuff.
Bonding options are written straight into [bond] group like:
[bond]
interface-name=bbb
mode-active-backup
miimon=300
So we have to handle them explicitly.
We have to copy the UUID (key) because otherwise the pointer can be invalidated
when the connection is destroyed and problems will start.
The issue showed up as an unability to delete a conenction via D-Bus.
Reproducer:
$ nmcli con add type eth con-name AAA ifname blah
$ nmcli con delete AAA
$ nmcli con add type eth con-name AAA ifname blah
$ nmcli con delete AAA
-- here the connection is not removed from NM
(even though ifcfg- file) was removed --
Add a "monitor-connection-files" config option, which can be set to
"false" to disable automatic reloading of connections on file change.
To go with this, add a new ReloadConnections method on
o.fd.NM.Settings that can be used to manually reload connections, and
add an nm-cli command to call it.
Some plugins may emit :new-connection or :unmanaged-specs-changed
while reading connections, so don't connect to those signals until
after the initial load_connections() (and just unconditionally emit
:unmanaged-specs-changed at that point).
In ifcfg-rh's get_unmanaged_specs(), don't bother to try to read the
connections first; if they haven't been read yet, just return NULL;
NMSettings will call it again after the connections have been read.
ifcfg-rh didn't let you unmanage an InfiniBand device by hardware
address because it was recording the hardware address with uppercase
letters, while nm_match_spec_hwaddr() required lowercase. Fix this by
making nm_match_spec_hwaddr() match case-insensitively (and remove the
manual lowercasing that several other places were doing to work around
this.)
keyfile didn't let you unmanage an InfiniBand device by hardware
address because it only accepted ARPHRD_ETHER hardware addresses. Fix
that by using nm_utils_hwaddr_valid() instead.
Originally it was to keep logical balance, since NMSettings exports
the NMSettingsConnection to D-Bus, but it's kind of pointless to
spend some LoC just for that.
Could cause a crash when updating a connection, since dbus-glib may
clear DBusGMethodInvocation resources during this method. Since
update_complete() is actually our completion/cleanup handler for
this operation chain, we can remove the standalone call to
dbus_g_method_return().
We don't always want to immediately write new connections to disk, to
facilitate "runtime" or "temporary" connections where an interface's
runtime config isn't backed by on-disk config. Also, just because
an interface's configuration is changed doesn't necessarily mean
that new configuration should be written to disk either.
Add D-Bus methods for adding new connections and for updating existing
connections that don't immediately save the connection to disk.
Also add infrastructure to indicate to plugins that the new connection
shouldn't be immediately saved if the connection was added with the
new method.
We'll need this for later with unsaved connections. The ifnet
plugin previously tracked connections by the "conn_name" which
was derived from keys in the /etc/conf.d/net file. These keys
take two forms:
1) interface name
config_eth0=(
"192.168.4.121/24"
"dhcp6"
)
2) wifi SSID, either text or hex-encoded:
config_myssid=("dhcp")
config_0xab3ace=("dhcp")
The conf.d net connection name is apparently usually an interface
name, so when writing to /etc/conf.d/net the NM connection name is
changed from eg "Ethernet connection 1" to the next available
interface name based on the type of connection, eg "eth0".
The ifnet plugin actively removed connections that were not present
in /etc/conf.d/net during the reload_connections() call, but in the
future we'll want to allow unsaved connections which in the case of
ifnet clearly won't yet be written to the file. Since only
connections written to the file have a "conn_name", tracking
connections by conn_name no longer works.
