If there is a temporary connection failure (e.g. due to unavailable DHCP), the
connection is marked as invalid after several retries. Reset the flag after
5 mins to allow next auto-reconnection.
'vperic' had an interesting problem on IRC where every 10 minutes
the ethernet would change state from ACTIVATED -> DISCONNECTED with
a reason code of 0; the only thing I can find is that something was
telling NM to activate a connection periodically, becasue that appears
to be the only place that changes state to DISCONNECTED with a
reason code of 0. No logging; no apparent carrier changes.
So log this condition just in case we run into it later.
Retries counter was not initialized when connections were loaded. That forced
the counter to start from -1 and continue decreasing on connection failures.
And connection attempts never stopped.
For VPN connections, the interface name would be that of the VPN's
IP interface, but the script environment would be the that of the
VPN's parent device. Enhance the environment by adding any VPN
specific details as additional environment variables prefixed by
"VPN_". Leave the existing environment setup intact for backwards
compatiblity.
Additionally, the dispatcher never got updated for IPv6 support,
so push IPv6 configuration and DHCPv6 configuration into the
environment too.
Even better, push everything the dispatcher needs to it instead
of making the dispatcher make D-Bus requests back to NM, which
sometimes fails if NM has already torn down the device or the
connection which the device was using.
And add some testcases to ensure that we don't break backwards compat,
the testcases here were grabbed from a 0.8.4 machine with a hacked up
dispatcher to dump everything it was given from NM.
Instead of having two of these, just use the autoconnect retries as
the invalid tag. Make sure the auto-retries tag always exists by
secretly adding +1 behind the scenes (so the data we set is never NULL).
This should make the code clearer, and will enable the next commit
for authentication failures to decrease the auto retries count.
If the user canceled a secrets request, or we simply can't get
secrets for the connection, invalidate it and make sure it doesn't
get tried automatically again right after it fails.
Two problems here:
1) code that called nm_vpn_service_get_active_connections() wasn't freeing
the returned list, leaking it
2) No real reason to reference each item in the returned list in
nm_vpn_manager_get_active_connections(), it just makes it easier to
forget to unref things later
When a user makes an explicit request for secrets via GetSecrets
or activates a device, don't ask other users' agents for secrets.
Restrict secrets request to agents owned by the user that made the
initial activate or GetSecrets request.
Automatic activations still request secrets from any available agent.
It's a leftover from when /etc/hosts got fixed up, and since that
isn't being done anymore, there's no reason to touch the hostname
on exit. It will already have been updated in response to device
deactivation (if the hostname was DHCP-provided for example) so
it shouldn't need to be touched on exit.
This also removes a potential crash on shutdown when systemd or
another startup manager kills D-Bus before NetworkManager, which
made the dispatcher code angry (which got executed on hostname
change).
Handling of /etc/hosts is highly site- and admin- specific in
many more complex cases, and it's exceedingly hard and error-
prone for NetworkManager to handle all those cases. So remove
this functionality entirely. That's not a big loss, as it
turns out there's a much more elegant solution.
The only requirement is that the machine's hostname map back
to an IP address owned by the machine. That requirement can
be satisifed by nss-myhostname or even possibly the distro's
installer. If the user does not want nss-myhostname then it
can be uninstalled. Distros should use a "recommends" feature
in their packaging system so that the NetworkManager package
does *not* have a hard requirement on nss-myhostname. Thus
everyone is happy; things Just Work when nss-myhostname is
installed, but more advanced users can uninstall it and
customize /etc/hosts as they wish.
Another alternative is a dispatcher script that listents for
the 'hostname' event, and updates /etc/hosts according to the
administrator's preference.
Presently, when automatic connecting fails, the connection is marked
as invalid and is not retried again. This commit adds a configuration
parameter to specify how many times the connection should be re-tried.
NMSysconfigSettings has the authoritative list of connections, no reason
to duplicate all that tracking code in NMManager. Add the missing bits
that the manager had to NMSysconfigSettings, and point NMPolicy at the
settings object instead of NMManager for that.
config.h defines _GNU_SOURCE, which in turn defines the bits necessary
for kill, isblank, and isascii. So wherever we use those, we need
to make sure config.h is included.
NM-added mappings for active IP addresses were not getting properly
removed when the address disappeared of NM quit, because the bits
of code that determine whether or not /etc/hosts should change were
not taking the disappearance of the IP address into account, and
were leaving the file unchanged.
To fix that, if there is no default IP address, but there are NM-added
IP address entries in /etc/hosts, make sure we update /etc/hosts and
remove them.
Remove all references to connection scope and user-settings services
from the various internal APIs of the daemon. The external DBus API
remains unchanged, albeit in stub form for scope stuff.
It turns out that user settings services are strange and complicated
beasts. We will remove support for them, and we will later implement
security mechanisms on the system settings service that will do what
user settings services were intended to do.
This commit is a bulk removal of nm-manager's internal support code for
user settings services. The external API is largely unchanged, but
errors are returned if anyone ties to do something with user settings.
Work remaining includes some possible flattening of nm-manager's
internal code, along with code removal and API changes in other modules.
This reverts commit b172519045.
When something like NTP updates the system clock, that can cause
dhclient to expire the lease, and at that point we just want NM
to let dhclient re-aquire the lease instead of failing the
whole connection.
Add the current domain name (from the hostname) to the searches list.
The bug report is that when the hostname is set to something like
'dcbw.foobar.com' (ie an FQDN) that pinging 'dcbw' doesn't work
because the resolver doesn't have anything to append to 'dcbw' when
looking it up.
In preparation for updating /etc/hosts to assign the current hostname
to the current IP address to allow programs that (somewhat incorrectly)
do DNS lookups on the machine's current hostname to find out its
IP address.
Since forever we've used sleep/wake as the way to implement
Networking Enabled. When the state file was introduced to make the
networking and wifi states persistent, we ran into a bug where
a failed suspend (like if the machine ran out of power while
suspended) would result in networking being disabled on reboot
since suspend/resume used the same knob as enable/disable.
This patch adds a distinct call for enable/disable networking
which changes the state file, while sleep/wake no longer change
the state file.
