Plugins could be already failed or disconnected when the helper fires.
E.g. they could send in an invalid IP4Config that would cause them to
fail and then follow with an IP6Config before they realize it's of no
use. We'd hit an assertion failure in that case, because the
NMVpnConnection would already be cleaned up.
With systemd < 219, restarting the journald service closes the stdout
and stderr streams associated with services.
The NM process has SIGPIPE ignored, but g_spawn_sync()/g_spawn_async()
re-enable it and so any child executed with those functions will
terminate by default if it tries to log anything to stdout/stderr.
The teamd instance launched by NM is affected by this problem since it
writes debug messages before actually ignoring SIGPIPE.
To fix this, use the @child_setup callback of g_spawn() to ignore
again SIGPIPE in the child process.
https://bugzilla.redhat.com/show_bug.cgi?id=1393853
Otherwise its path remains visible on D-Bus despite the object is gone,
making libnm sad and grumpy:
libnm-WARNING **: no object known for /org/freedesktop/NetworkManager/AccessPoint/666
On some architectures, it seems we don't properly expose
the symbol of these static variables from NetworkManager
binary.
Just avoid that and don't instead use a static array
inside the device plugin itself.
While at it, make the arrays all const, which possibly allows
the linker to put those symbols in the read-only section.
It could be that the client is just newer and it's just too harsh to
fail the whole request. Leave the unknown permission in unknown and
possibly proceed filling in the rest.
When the device has an IP interface different from the main one, we
previously took the MTU saved in priv->mtu (which is the MTU initially
set on the underlying interface) and applied it to the IP interface.
This is wrong as it forces the two MTUs to be equal and breaks
connectivity for devices with encapsulation (as PPP). Instead, track
the two MTUs in different variables.
https://bugzilla.redhat.com/show_bug.cgi?id=1385198
- a key
FOO=''
would still allocate a temporary GString and return the allocated
empty string. Don't do that. This saves the g_free() in
svGetValueString() for this common case. We should return
an allocated string only if it is necessary. It is not necessary
for the "" case, and it is inconsistent.
- when returning an empty string, always return the static string "".
No need to seek to the end of value, and return a pointer to that
string.
This happens for example in the case
FOO= # empty value, but trailing stuff
FOO=""
FOO=$'\Uxhallo'
This adds 0.4 seconds to the build time.
You can disable it by setting $NM_BUILD_NO_CREATE_EXPORTS environment
variable. This is useful in the unexpected case that the script
is broken.
Or, if you just want to use a different, non-generated version-script.
Or, if you want to save 0.4 seconds build-time.
Strange, didn't get this failure before...
./src/NetworkManager: symbol lookup error: ./src/devices/wifi/.libs/libnm-device-plugin-wifi.so: undefined symbol: _nm_device_factory_no_default_settings
It is a bit fragile not to clone the string because we depend on
nm_ip6_config_get_search(priv->ip6_config) to be stable.
In practice, it's no problem. Saves an additional strdup and the
effort to cleanup the memory afterwards.
- only record @now timestamp if we actually need it.
- use gint32 for @now. It seems wrong that NMNDiscDNSServer
uses guint32 for the timestamp. We keep
nm_utils_get_monotonic_timestamp_s() as gint32 for a reason.
- ensure the arrays are initialized to zero. E.g.
ndisc_addr->dad_counter was uninitalized.
- set the size for arrays outside the loop
- use g_array_unref(). I think that is usually better. It makes
only a difference when somebody else holds a reference to the
array. And in that case, it usually seems better not to clear
the array, just release your refrence.
You cannot assume that we are always able to lookup a corresponding
lnk object. In fact, there is no guarantee that link->ifindex still
exists in the platform cache at all.
The compiler warns us when we don't specify all enum values
in a switch(), provided that default: is missing.
Make use of that to get a warning when we add a new tunnel mode.
When an IP-tunnel connection with mode different from the implemented
ones was activated, an assertion failed in tunnel_mode_to_link_type().
Instead we should return NM_LINK_TYPE_UNKNOWN there and fail the
activation.
The policy listens to signals from shared devices that need subnets and
requesting devices that provide prefixes. Whenever a subnet is needed,
policy tries to obtain a subnets from all of default6 device's prefixes.
When it fails to get any, it asks for more prefixes.
This way we make it possible for the delegating router to either
provide us with a /64 for each of our shared interfaces, or provide a
larger prefix that we could subnet.
The policy also updates the shared device's DNS information to keep it in sync
with the best requesting device changes.
There's two parts of the configuration involved: the subnet addresses
and the DNS information.
For the addressing, the shared (downlink) device signals the policy needs for a
/64 subnet. When it gets one, it merges it into the autoconf configuration and
forwards to the NDisc. When more prefixes are needed, the (uplink) device asks
the DHCP manager and eventually signals delegation (reception) of a prefix.
The NMDevice only provides the mechanism, the actual subnetting needs to
be done by the NMPolicy.
For the DNS configuration, the shared device just copies it from
whichever device the policy deems suitable.
Utilizes RFC 3633 prefix option in role of requesting router to ask the
delegating router for prefixes. In future we'll be able to use the
addresses from those prefixes on ipv6.method=shared connections.
It will make sense to log the options even if we're not creating an
ip6_config (e.g. we got a prefix option, not an address).
Also, guard it with a logging enable conditional. That way we save
precious microseconds so that we'll feel less guilty about the demise of
mankind and universe.
This esentially causes us to announce the prefixes of the addresses we
own and the DNS configuration.
Currently the only way to get the IPv6 configuration on such device is
manual setting in the connection. This will change with IPv6 prefix
delegation.
The ndisc config can now be changed by NMDevice as well when the NDisc
is in ROUTER mode. But what we're really interested in is when we
receive a new one from the outside.
We'll soon not only do the router discovery, but announce ourselves as a
reouter. "Neighbor discovery" sounds to be a more appropriate name for
the class than "Router discovery".
