Previously I didn't think they'd be used for anything other than connection secrets
which only have one hint, but in the future we'll want to pass more information.
Split the agent secrets request tracking structure into a generic
structure for tracking any agent request, and a connection-specific
subclass. We'll use the generic structure in the future for device
secrets and other stuff.
Bonding options are written straight into [bond] group like:
[bond]
interface-name=bbb
mode-active-backup
miimon=300
So we have to handle them explicitly.
We have to copy the UUID (key) because otherwise the pointer can be invalidated
when the connection is destroyed and problems will start.
The issue showed up as an unability to delete a conenction via D-Bus.
Reproducer:
$ nmcli con add type eth con-name AAA ifname blah
$ nmcli con delete AAA
$ nmcli con add type eth con-name AAA ifname blah
$ nmcli con delete AAA
-- here the connection is not removed from NM
(even though ifcfg- file) was removed --
Add a "monitor-connection-files" config option, which can be set to
"false" to disable automatic reloading of connections on file change.
To go with this, add a new ReloadConnections method on
o.fd.NM.Settings that can be used to manually reload connections, and
add an nm-cli command to call it.
Some plugins may emit :new-connection or :unmanaged-specs-changed
while reading connections, so don't connect to those signals until
after the initial load_connections() (and just unconditionally emit
:unmanaged-specs-changed at that point).
In ifcfg-rh's get_unmanaged_specs(), don't bother to try to read the
connections first; if they haven't been read yet, just return NULL;
NMSettings will call it again after the connections have been read.
ifcfg-rh didn't let you unmanage an InfiniBand device by hardware
address because it was recording the hardware address with uppercase
letters, while nm_match_spec_hwaddr() required lowercase. Fix this by
making nm_match_spec_hwaddr() match case-insensitively (and remove the
manual lowercasing that several other places were doing to work around
this.)
keyfile didn't let you unmanage an InfiniBand device by hardware
address because it only accepted ARPHRD_ETHER hardware addresses. Fix
that by using nm_utils_hwaddr_valid() instead.
Originally it was to keep logical balance, since NMSettings exports
the NMSettingsConnection to D-Bus, but it's kind of pointless to
spend some LoC just for that.
Could cause a crash when updating a connection, since dbus-glib may
clear DBusGMethodInvocation resources during this method. Since
update_complete() is actually our completion/cleanup handler for
this operation chain, we can remove the standalone call to
dbus_g_method_return().
We don't always want to immediately write new connections to disk, to
facilitate "runtime" or "temporary" connections where an interface's
runtime config isn't backed by on-disk config. Also, just because
an interface's configuration is changed doesn't necessarily mean
that new configuration should be written to disk either.
Add D-Bus methods for adding new connections and for updating existing
connections that don't immediately save the connection to disk.
Also add infrastructure to indicate to plugins that the new connection
shouldn't be immediately saved if the connection was added with the
new method.
We'll need this for later with unsaved connections. The ifnet
plugin previously tracked connections by the "conn_name" which
was derived from keys in the /etc/conf.d/net file. These keys
take two forms:
1) interface name
config_eth0=(
"192.168.4.121/24"
"dhcp6"
)
2) wifi SSID, either text or hex-encoded:
config_myssid=("dhcp")
config_0xab3ace=("dhcp")
The conf.d net connection name is apparently usually an interface
name, so when writing to /etc/conf.d/net the NM connection name is
changed from eg "Ethernet connection 1" to the next available
interface name based on the type of connection, eg "eth0".
The ifnet plugin actively removed connections that were not present
in /etc/conf.d/net during the reload_connections() call, but in the
future we'll want to allow unsaved connections which in the case of
ifnet clearly won't yet be written to the file. Since only
connections written to the file have a "conn_name", tracking
connections by conn_name no longer works.
Use the new NMConnection 'changed' signal to mark connections
as dirty/unsaved, and reset that when they get flushed to disk.
Previously, the 'Updated' signal was emitted only when the
connection was changed and flushed to disk, but now we have
more granular needs, and the signal is emitted whenever the
connection actually *is* changed, regardless of whether its
flushed to disk or not.
With carrier handling moved to NMDevice, the only thing left in
NMDeviceWired was speed, which was actually ethernet-specific anyway.
So move that to NMDeviceEthernet, and then kill NMDeviceWired.
If a kernel interface changes its MAC address, and NM is not
supposed to manage that interface, ifupdown needs to notice
that MAC address change and tell NM that the unmanaged devices
have changed, so that NM continues to not touch the device
after the MAC has changed.
well_known_interfaces -> eni_ifaces, since it's a hash of any
interfaces read from /etc/network/interfaces.
well_known_ifaces -> kernel_ifaces, since it's a hash of any
network subsystem interface the kernel knows about
'iface_connections' is really the list of all NMIfupdownConnections
known to the plugin, read from /e/n/i and hashed by block name. Since
ifupdown doesn't store anything *except* connections from /e/n/i,
just rename it to 'connections' to reduce confusion with the
well_known_interfaces and well_known_ifaces hashes.
Although having different parts of NM in different subdirectories
keeps the source tree neat, it has made the build messy, particularly
because of cross-dependencies between the subdirs.
Reorganize to build all of the pieces of the NetworkManager binary
from src/Makefile, and only use recursive make for test programs,
helper binaries, and plugins.
As part of this, get rid of all the per-directory convenience
libraries, and switch to building a single top-level
libNetworkManager.la, containing everything except main.c, which all
of the test programs can then link against.
Settings with all-default values are not written to reduce
complexity of the keyfile (and be more human-readable friendly)
and that includes VLAN settings with a VLAN ID of zero. So
when reading this file back, if there is no 'base type' setting
(eg, the setting specified by the connection::type property)
then just add that setting. nm_connection_verify() will catch
cases where an empty 'base type' setting is invalid.
The code to check if an ethernet device had a matching connection was
not taking NMSettingConnection:interface-name into account, meaning it
might think a device had a matching connection when that connection
actually only matched a different device.
Fix this by calling nm_setting_connection_get_interface_name() rather
than nm_connection_get_virtual_iface_name() (which would always be
NULL for ethernet connections anyway).
Also, simplify the code a bit.
https://bugzilla.gnome.org/show_bug.cgi?id=696722
Add these aliases for the setting names '802-3-ethernet',
'802-11-wireless', and '802-11-wireless-security' and write them by
default. It's much friendlier for administrators to type, and a lot
less ugly.
Also works for:
[connection]
type=ethernet
Most callers of nm_auth_chain_new() call nm_dbus_manager_get_caller_info()
right before that, so just fold the get_caller_info() call into
nm_auth_chain_new() to reduce code complexity in callers. Yes, this
means sometimes we call nm_dbus_manager_get_caller_info() twice,
but that's not really a problem.
Normally, users which are not part of a login session can't access
connections. Root won't always be part of a login session, so
allow root to bypass visibility checks. The code already bypassed
the ACL checks for root, but in multiple places. Consolidate those
checks into one function.
