You can now use 'address=' even for IPv6 and it's the encouraged way
to set up a single address manually. For multiple addresses,
'address0=', 'address1=', etc, should be preferred.
Example:
address=10.0.0.15/24/10.0.0.1
address0=192.168.0.1/24
address1=10.0.0.16/32
Example (backward compatibility):
addresses=10.0.0.15/24/10.0.0.1
addresses0=192.168.0.1/24
addresses1=10.0.0.16/32
IPv4 and IPv6 address configuration is now handled together and supports
the following syntax (slashes can be replaced with semicolons):
address/plen
address/plen,gateway
IPv4 and IPv6 route configuration is also handled uniformly and supports
the following syntax:
address/plen (for device routes)
address/plen,gateway (for gateway routes)
address/plen,gateway,metric (for gateway routes with metric)
For compatibility reasons, slash (/), comma (,) and semicolon (;) are
considered equal by the parser. The /plen part is optional for both
addresses and routes for compatibility reasons.
Leaving out the prefix length is not considered a good idea. IPv6
addresses default to 64 and IPv4 now defaults to 24 which is the closest
possible IPv4 counterpart. Routes default to single addresses.
Example 1:
[ipv4]
method=manual
addresses1=192.168.56.5/24,192.168.56.1
addresses2=192.168.57.5/24
routes1=4.5.6.0/24
routes2=1.2.3.0/24,4.5.6.7
routes3=7.8.9.0/24,4.5.6.7,99
[ipv6]
method=manual
addresses1=2001:db8:a🅱️:3/64,2001:db8:a🅱️:1
addresses2=2001:db8:c:d::3/64
routes1=2001:db8:e:f::/64,2001:db8:a🅱️:4
Example 2 (equivalent):
[ipv4]
method=manual
addresses1=192.168.56.5;24;192.168.56.1
addresses2=192.168.57.5;24
routes1=4.5.6.0;24
routes2=1.2.3.0;24;4.5.6.7
routes3=7.8.9.0;24;4.5.6.7;99
[ipv6]
method=manual
addresses1=2001:db8:a🅱️:3;64;2001:db8:a🅱️:1
addresses2=2001:db8:c:d::3;64
routes1=2001:db8:e:f::;64;2001:db8:a🅱️:4
For writing, I have arbitrarily chosen one of the formats 'reader'
can parse. Address and prefix length are separated by slash (/),
everything else is separated by comma (,).
addresses1=address/plen,gateway
routes1=address/plen,gateway,metric
Note: The modified 'reader' exposes a bug in the 'writer' and ignores
out badly-formatted routes. This problem is also fixed by this
commit. Keyfile tests now pass.
It is emitted in nm_settings_connection_remove() called by plugins when the
connection was removed.
This prevents the signal from appearing twice on D-Bus.
Signed-off-by: Jiří Klimeš <jklimes@redhat.com>
Use autoconf/automake variables for NetworkManager paths. Use
NetworkManager subdirectory where appropriate.
Files in /var/run (or /run on some distros) are moved into a separate
directory as is usual with other daemons. It makes the filesystem
more readable and file prefixing unnecessary.
/var/run/NetworkManager.pid -> /var/run/NetworkManager/NetworkManager.pid
/var/run/nm-dns-dnsmasq.pid -> /var/run/NetworkManager/dnsmasq.pid
/var/run/nm-dns-dnsmasq.conf -> /var/run/NetworkManager/dnsmasq.conf
The /var/run/NetworkManager directory is created at runtime, if it doesn't
exist.
Note: Path-based security policies like SELinux and AppArmor may need to
be adapted.
When determining the system hostname, /etc/hostname should override
/etc/sysconfig/network, so monitor both files.
When setting the hostname, set it in /etc/hostname, and delete the
/etc/sysconfig/network HOSTNAME entry if present.
https://bugzilla.redhat.com/show_bug.cgi?id=831735
When updating connections, it is less confusing to reuse the existing file
instead of renaming files according to connection's ID. That reduces surprises
of moving connection files when a connection is edited.
We had separate checks for glib-2.0, gobject-2.0, gmodule-2.0, and
gio-unix-2.0. It doesn't make sense to link a binary against all 4
because gio-unix-2.0 depends on glib-2.0 and gobject-2.0. Doing this
actually breaks things in unusual circumstances.
Generally, few bits of NM actually just use glib, and not gio. We
might as well coalesce those requirements together, even if it means
in some cases we "overlink". Additionally, I chose for now to fold
gmodule-2.0 in as well, even though many fewer programs need it. The
cost of overlinking is quite small.
The benefit of this is less repeated junk in Makefile.am, as well as
more centralized control over GLib. A followup patch will allow us to
set -DGLIB_VERSION_MIN_REQUIRED in just one place, rather than having
to replicate it 4 times.
The NM configure is still suboptimal - for example, libpolkit-1
depends on gio-2.0, so really we should determine the compiler flags
all in one pass. But it doesn't matter too much for now.
This functionality is (mostly) obsoleted by the newer
GLIB_VERSION_MIN_REQUIRED and GLIB_VERSION_MAX_ALLOWED defines. With
this, your build doesn't all of a sudden blow up if we deprecate
something in GLib - you have to explicitly opt-in to the newer
version.
G_DISABLE_DEPRECATED does still apply for macros and things that can't
take __attribute__((deprecated)), but it's not really worth the pain
and cargo culting around just for that.
Distribution-specific builds are now handled by feature and not by
distro. This allows you to fine-tune the options to your liking and
also allowed us to reduce the number of specific values.
The default values of these options are still derived from *-version
and *-release files in /etc.
The following five distribution-specific features are now available
(and default on distributions in parenthesis):
--enable-ifcfg-rh (Fedora, RHEL and Mandriva)
--enable-ifcfg-suse (SUSE)
--enable-ifupdown (Debian and Ubuntu)
--enable-ifnet (Gentoo)
--with-netconfig (SUSE)
Since --with-distro is now removed, there is nothing to prevent generic
builds. If you build on an unknown distribution, all of the features
above will be disabled by default.
VLAN connections can have "hardware" settings in addition to the
VLAN-specific ones. ifcfg-rh was reading in wired settings for VLANs,
but was not writing them back out.
The ctype macros (eg, isalnum(), tolower()) are locale-dependent. Use
glib's ASCII-only versions instead.
Also, replace isascii() with g_ascii_isprint(), since isascii()
accepts control characters, which isn't what the code wanted in any of
the places where it was using it.
Currently there's no way to differentiate between a connection that has
never been activated, and a connection that has never been *successfully*
activated. In both cases nm_settings_connection_get_timestamp() returns
zero. But it's useful to know whether a connection hasn't even been
tried yet, so enhance the timestamp code to return whether or not the
timestamp has been found in the timestamp cache or not, and make the
NMDevice core set an explict timestamp of 0 if the connection failed
on the first attempt.
We'll use this later to conditionally autoconnect WiFi connections
depending on whether they've ever successfully connected or not, but
still allow preloaded connections without a timestamp to autoconnect
as they always have.
WiMAX failed distcheck if the iwmxsdk devel files were installed but
--enable-wimax=no was used, since the distcheck configure bits found
the iwmxsdk headers, defaulted WiMAX support to 'on', and then proceeded
to use the generated headers from the top srcdir, where of course
wimax was turned off (due to --enable-wimax=no). Instead, everything
should use the headers from the builddir, which reflects the options
that 'make distcheck' actually selects.
At the same time, re-order various includes everywhere to ensure that
the builddir paths come before the srcdir paths to prevent this from
happening in the future.
NM was requiring that bond slaves have either no IP config or an
explicit "none"/"disabled" config. But the system scripts just ignore
any IP config that is present on a slave, so change NM to do that too
(but warn about it).
https://bugzilla.redhat.com/show_bug.cgi?id=838907
Allows agents to provide different behavior depending on whether the
secrets request was initiated by a user (eg by picking a connection
from a UI menu or by 'nmcli con up') or was automatically started by
NetworkManager.
See https://bugzilla.gnome.org/show_bug.cgi?id=660293
When the last character of the PSK was a backslash and the whole PSK was
enclosed in single quotes, the unquoting/unescaping code mistakenly took
trailing \' as an escaped quote and thus changed \ to '.
See also 79757f10f3 (that introduced the code).
Commit 217c5bf6ac fixed processing of unix
signals: signals are blocked in all threads and a dedicated thread handles the
signals using sigwait().
However, the commit forgot that child processes inherit signal mask as well.
That is why we have to unblock signals for child processes we spawn from NM, so
that they can receive signals.
This is the "juice" of the patch series. Initial cut at carrier handling
(by polling /sys/class/atm/$iface/carrier) and also support for calling
pppd with the proper command-line to achieve a connection.
Also implement the necessary boilerplate for the NM state machine to
be happy with our device.
This is a "duct tape and gum" implementation, i.e., prefer copy&paste
over proper refactoring, due to limited time, but the foundations are
now there, so we can make it work right slowly-slowly :)
With this patch, you can already test carrier management but not yet
make a complete connection.
Relevant extract from logs:
<info> (ueagle-atm0): carrier now ON (device state 20)
<info> (ueagle-atm0): device state change: unavailable -> disconnected (reason 'carrier-changed') [20 30 40]
Signed-off-by: Pantelis Koukousoulas <pktoss@gmail.com>
Finding out interface type from interface name string is fragile. It is easily
broken, e.g. by biosdevname changing interface names to em<n> or p<n>*p<n>.
Sadly, Gentoo network configuration scripts are rather stupid, using format:
variable_${interface|mac|essid|apmac}.
http://www.gentoo.org/doc/en/handbook/2007.0/handbook-x86.xml?full=1#book_part4_chap2
The entries interface|mac|essid|apmac are basically indistinguishable. It's not
possible to say whether 'p1p1' is an interface or SSID, for example.
Fix the current behaviour a bit by checking whether the string is an interface.
If so, and it is not a Wi-Fi one, set the connection type as wired. Else it is
regarded as wireless.
Allows better encapsulation of the functionality of the NMSettings
object that we want to expose to the device class. They don't need
the whole object so to keep things simple and contained we'll just
give them a smaller interface to use.
A vlan DEVICE name must be either $(OTHERDEVICE).$(VLAN_ID) or
vlan$(VLAN_ID). Enforce that. In particular, don't:
(a) crash if the name has no "." and doesn't start with "vlan",
(b) loop forever if the $(VLAN_ID) part is non-numeric, or
(c) silently ignore non-numberic characters after the $(VLAN_ID).
The kernel is broken for Ad-Hoc WPA, and creates the connections
as open connections instead. Yeah, eventually we can use
wpa_supplicant with RSN support, but for now we just have to
disable Ad-Hoc WPA because it's a problem to say we're creating
a protected network but then have the kernel not do that for
us. Will be re-enabled once all the necessary bits have been
fixed.
Note that Ad-Hoc WPA has been broken since at least 2.6.32 with
mac80211-based drivers, which is what most users will be using.
