diff options
| author | Thomas Haller <thaller@redhat.com> | 2016-09-01 16:18:34 +0200 |
|---|---|---|
| committer | Thomas Haller <thaller@redhat.com> | 2016-09-12 14:01:57 +0200 |
| commit | fae5ecec5a4d9987a1915441602cb78275a9f490 (patch) | |
| tree | 67f2567d79d3fa5264e007f6caec6040b84d785a /man | |
| parent | eb8da4c2820690a55e1ced721f710eb616fecb60 (diff) | |
| download | NetworkManager-fae5ecec5a4d9987a1915441602cb78275a9f490.tar.gz | |
device: change default value for cloned-mac-address to "preserve" (bgo#770611)
Long ago before commit 1b49f94, NetworkManager did not touch the
MAC address at all. Since 0.8.2 NetworkManager would modify the
MAC address, and eventually it would reset the permanent MAC address
of the device.
This prevents a user from externally setting the MAC address via tools
like macchanger and rely on NetworkManager not to reset it to the
permanent MAC address. This is considered a security regression in
bgo#708820.
This only changed with commit 9a354cd and 1.4.0. Since then it is possible
to configure "cloned-mac-address=preserve", which instead uses the "initial"
MAC address when the device activates.
That also changed that the "initial" MAC address is the address which was
externally configured on the device as last. In other words, the
"initial" MAC address is picked up from external changes, unless it
was NetworkManager itself who configured the address when activating a
connection.
However, in absence of an explicit configuration the default for
"cloned-mac-address" is still "permanent". Meaning, the user has to
explicitly configure that NetworkManager should not touch the MAC address.
It makes sense to change the upstream default to "preserve". Although this
is a change in behavior since 0.8.2, it seems a better default.
This change has the drastic effect that all the existing connections
out there with "cloned-mac-address=$(nil)" change behavior after upgrade.
I think most users won't notice, because their devices have the permanent
address set by default anyway. I would think that there are few users
who intentionally configured "cloned-mac-address=" to have NetworkManager
restore the permanent address.
https://bugzilla.gnome.org/show_bug.cgi?id=770611
Diffstat (limited to 'man')
| -rw-r--r-- | man/NetworkManager.conf.xml | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/man/NetworkManager.conf.xml b/man/NetworkManager.conf.xml index 7d68fb343c..32ce5b477c 100644 --- a/man/NetworkManager.conf.xml +++ b/man/NetworkManager.conf.xml @@ -571,7 +571,7 @@ ipv6.ip6-privacy=0 </varlistentry> <varlistentry> <term><varname>ethernet.cloned-mac-address</varname></term> - <listitem><para>If left unspecified, it defaults to "permanent".</para></listitem> + <listitem><para>If left unspecified, it defaults to "preserve".</para></listitem> </varlistentry> <varlistentry> <term><varname>ethernet.generate-mac-address-mask</varname></term> @@ -605,7 +605,7 @@ ipv6.ip6-privacy=0 </varlistentry> <varlistentry> <term><varname>wifi.cloned-mac-address</varname></term> - <listitem><para>If left unspecified, it defaults to "permanent".</para></listitem> + <listitem><para>If left unspecified, it defaults to "preserve".</para></listitem> </varlistentry> <varlistentry> <term><varname>wifi.generate-mac-address-mask</varname></term> |