summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* device: remove reading ipv6 privacy setting from sysctlth/connection-defaults-bgo695383Thomas Haller2015-06-043-83/+9
| | | | | | | | | | | | | | | | | | | | | Since introduction for support of ip6-privacy (use_tempaddr, RFC4941) with commit d376270bfe673c041e610a981bd6c77c7cb37ba1, the sysctl value from /etc was always read first. This is problematic, because an explicit setting in the connection should not be ignored over a global configuration. Drop that old behavior. It was also problematic, because we did not read any files under /etc/sysctl.d (except for sysctl.conf). Also, we did not honor per-interface configurations. Now we also use as last fallback the value from /proc/sys/net/ipv6/conf/default/use_tempaddr That has the advantage of falling back to the system default value so that NM doesn't need to have it's own default policy (Related: https://bugzilla.redhat.com/show_bug.cgi?id=1187525). This is a change in behavior.
* device: add global configuration default for ip6-privacy (use_tempaddr, RFC4941)Thomas Haller2015-06-043-19/+97
| | | | | | | | | | | | | | | | | | | | Support default value for setting 'ipv6.ip6-privacy' in NetworkManager.conf. If the global value is unset, preserve old behavior of looking into /etc/sycctl.conf first. That behavior was introduced with commit d376270bfe673c041e610a981bd6c77c7cb37ba1, since we support ip6-privacy setting. If the global value is set to "unknown", add a new fallback that instead reads the runtime value from "/proc/sys/net/ipv6/conf/default/use_tempaddr" This seems more sensible behavior because we fallback to sysctl, but instead of looking at static files in /etc, read /proc. But to preserve the old behavior, we only do that when a global value is configured at all. https://bugzilla.gnome.org/show_bug.cgi?id=721200
* libnm/doc: document behavior of setting ip6-privacy in /etc/sysctl.confThomas Haller2015-06-041-2/+6
| | | | https://bugzilla.gnome.org/show_bug.cgi?id=721200
* device: make route-metric configurable per-deviceThomas Haller2015-06-042-32/+51
| | | | | | | | | | The route-metric can be configured per connection via the ipv4.route-metric and ipv6.route-metric fields. When the value is left at -1 (the default), we would determine the route-metric based on the device type (nm_device_get_priority()). Extend that scheme by making the default value overwritable in NetworkManager.conf.
* config: support a [connection] section to NetworkManager.conf to specify ↵Thomas Haller2015-06-045-0/+272
| | | | | | | | | | | | | | | | | | | | | connection defaults Add support for a new section [connection] in NetworkManager.conf. If the connection leaves an option at "unknown"/"default", we can support overwriting the value from global configuration. We also support other sections that are named with "connection" as a prefix, such as [connection2], [connection-wifi]. This is to support multiple default values that can be applied depending on the used device. I think this has great potential. Only downside is that when the user looks at a connection value, it will see that it is unspecified. But the actually used value depends on the device type and might not be obvious. https://bugzilla.gnome.org/show_bug.cgi?id=695383 https://bugzilla.redhat.com/show_bug.cgi?id=1164677
* config: publish nm_config_keyfile_get_boolean() utility functionThomas Haller2015-06-042-8/+12
|
* device: add device-spec "type:"Thomas Haller2015-06-044-2/+46
| | | | | | | Support a device-spec to match by device-type. This matches on the value as shown by nmcli -f GENERAL.TYPE device show
* device: add nm_device_get_type_description() functionThomas Haller2015-06-045-1/+60
| | | | | | | | | | | | | Add a function to get a concise representation of the device type. libnm already has nm_device_get_type_description() for that and it is shown by nmcli -f GENERAL.TYPE device show Reimplement that function for nm-core. Just take care that the two implementations don't diverge.
* valgrind: add comment to valgrind suppression explaining how to reproduceThomas Haller2015-06-041-0/+3
|
* valgrind: add valgrind suppression for Fedora 22Thomas Haller2015-06-031-0/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes for example valgrind tests for ./libnm/tests/test-nm-client: ==25772== Conditional jump or move depends on uninitialised value(s) ==25772== at 0x40198D8: index (strchr.S:106) ==25772== by 0x400777C: expand_dynamic_string_token (dl-load.c:369) ==25772== by 0x400777C: fillin_rpath (dl-load.c:439) ==25772== by 0x4007FCF: _dl_init_paths (dl-load.c:816) ==25772== by 0x4002F38: dl_main (rtld.c:1194) ==25772== by 0x401750F: _dl_sysdep_start (dl-sysdep.c:249) ==25772== by 0x4004C20: _dl_start_final (rtld.c:306) ==25772== by 0x4004C20: _dl_start (rtld.c:412) ==25772== by 0x4000C97: ??? (in /usr/lib64/ld-2.21.so) ==25772== by 0x1: ??? ==25772== by 0xFFEFFF6B2: ??? ==25772== by 0xFFEFFF6EF: ??? ==25772== { <insert_a_suppression_name_here> Memcheck:Cond fun:index fun:expand_dynamic_string_token fun:fillin_rpath fun:_dl_init_paths fun:dl_main fun:_dl_sysdep_start fun:_dl_start_final fun:_dl_start obj:/usr/lib64/ld-2.21.so obj:* obj:* obj:* }
* libnm: fix take ownership of floating argument in ↵Thomas Haller2015-06-031-1/+2
| | | | | | | | | | | | | | NMSecretAgentOld:get_secrets_cb() The previous patch 9ffcecf86ad2230860cf8fdf5667884782ee64dd was completely wrong. It tried to fix callers that provided a floating GVariant reference. We require the caller to unref @secrets, so the correct fix it to ensure that the reference is not floating. Fixes: 9ffcecf86ad2230860cf8fdf5667884782ee64dd Fixes: 6793a32a8c5445103ba3680bb5e4c31727096099
* libnm: don't take ownership of input argument in ↵Thomas Haller2015-06-031-1/+1
| | | | | | NMSecretAgentOld:get_secrets_cb() Fixes: 6793a32a8c5445103ba3680bb5e4c31727096099
* build: correctly set DISTCHECK_CONFIGURE_FLAGSLubomir Rintel2015-06-031-3/+1
| | | | Fixes: 84021454eb0b126fda9cf29c46b7860f75c7ff8c
* device: don't assume by default IPv6LL-only connectionsBeniamino Galvani2015-06-024-0/+41
| | | | | | | | | | | | | | | | | | Add the new configuration option 'assume-ipv6ll-only' which specifies the devices for which NM will try to assume an existing IPv6LL-only configuration. The new default behavior is to ignore such configurations since IPv6LL addresses are automatically assigned by the kernel when the device is brought up and thus the presence of an IPv6LL address doesn't mean that the device was configured by the administrator. The previous behavior was to always assume IPv6LL-only configurations but this often had the unwanted effect of preventing other on-disk configurations to be activated. To preserve the old behavior the option must be set to '*'. https://bugzilla.redhat.com/show_bug.cgi?id=1138426
* ifcfg-rh: merge branch 'th/ifcfg-rh-fixes-bgo750231'Thomas Haller2015-06-028-92/+102
|\ | | | | | | | | Some fixes for loading ifcfg-rh files, related to alias files.
| * ifcfg-rh: better detect alias filesThomas Haller2015-06-023-45/+57
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Alias files have a ':' to separate the base name from their alias. But we didn't always ensure not to write-out files without colon, and also initscripts doesn't have that restriction. We should detect alias files and handle them properly (e.g. by reloading the base file). This fixes an error that a `nmcli con load` would have tried to load the alias file. Also extend load_connection() to support passing filenames other then the base file. We only have to handle this in plugin.c. Inside reader.c we always have the normalized base filename. Or detection of alias files only looks whether the filename has a ':' and whether a corresponding base file exists.
| * ifcfg-rh: escape colon in generated filenameThomas Haller2015-06-021-1/+1
| | | | | | | | A colon indicates an alias file. It should be escaped.
| * ifcfg-rh: refactor utils_should_ignore_file() to return earlyThomas Haller2015-06-021-25/+19
| |
| * ifcfg-rh: also read alias file for dhcp connectionsThomas Haller2015-06-021-5/+3
| | | | | | | | | | | | | | | | | | | | Previously, if the main ifcfg file doesn't define any static ip addresses, any alias files would be ignored. We should also allow alias files with (pure) 'dhcp' connections, just like initscripts do. Reported-by: Marek Hulan <mhulan@redhat.com>
| * ifcfg-rh: log warning when loading of connection failsThomas Haller2015-06-025-15/+21
|/ | | | | | | | | | | | | | | | | connection_from_file() used to log a warning about failure, but only when an @error argument was given. update_connection() didn't ensure that in several cases, so we would not log any failure reason when an ifcfg file failed to read. This behavior of controlling logging by passing @error (or not) is unexpected. Instead, refactor the code so that the caller can do appropriate logging. Another reason for this refactoring is that PARSE_WARNING() does not mention the file for which the failure is and uses some extra indention that looks wrong. IOW, connection_from_file() doesn't have the context to give the logging line a proper formatting.
* merge: fix build & tests with older toolingLubomir Rintel2015-06-0214-9/+43
|\
| * build: don't default to -Werrorlr/ancient-ubuntuLubomir Rintel2015-06-023-3/+3
| | | | | | | | | | | | | | | | | | | | It seems like a poor default for various downstream toolchains. We can't anticipate the compiler warnings for future compiler versions and older ones are prone to false positives. Also, older gdbus-codegen is known to generate code that triggers compiler warnings. Let's keep it enabled for maintainer builds and distcheck so that we're sure a tool chain that builds releases without warnings exists.
| * build: don't abort configure if there's no systemd devel headersLubomir Rintel2015-06-021-3/+10
| | | | | | | | Just disable systemd-logind session tracking instead.
| * tests: avoid calling GLib.IOChannel.unix_new()Lubomir Rintel2015-06-021-1/+1
| | | | | | | | | | The Ubuntu 12.04 introspection data don't contain it. However, the default constructor works just well and even looks a bit more Python-y.
| * libnm-core,libnm-util: avoid calling a constructorLubomir Rintel2015-06-022-2/+14
| | | | | | | | | | | | It yields completely unpredictable results on Ubuntu 12.04 (the global variable successfully comparing to NULL despite demonstrably not NULL). Possibly a toolchain bug.
| * systemd-dhcp: fix build with Linux 3.2.0 headersLubomir Rintel2015-06-021-0/+5
| | | | | | | | | | | | | | | | | | Fixes build on Ubuntu 12.04. systemd/src/libsystemd-network/dhcp-network.c: In function '_bind_raw_socket': systemd/src/libsystemd-network/dhcp-network.c:75:17: error: 'BPF_XOR' undeclared (first use in this function) systemd/src/libsystemd-network/dhcp-network.c:75:17: note: each undeclared identifier is reported only once for each function it appears in make[4]: *** [libsystemd_nm_la-dhcp-network.lo] Error 1
| * ppp-manager: fix build with Linux 3.2.0 headersLubomir Rintel2015-06-021-0/+1
| | | | | | | | | | | | | | | | Fixes build with Ubuntu 12.04. In file included from ppp-manager/nm-ppp-manager.c:42:0: /usr/include/linux/if_ppp.h:103:16: error: field 'b' has incomplete type /usr/include/linux/if_ppp.h:108:21: error: field 'b' has incomplete type
| * build: use compat version of g_clear_pointer()Lubomir Rintel2015-06-025-0/+9
|/ | | | Ubuntu 12.04 has an ancient version of glib, which we nevertheless support.
* core: don't assume the loopback interface is called "lo"Lubomir Rintel2015-06-011-1/+1
| | | | | I did a "ip link set lo name yolo" and now my NetworkManager triggers an assertion failure. :( Nevertheless, the loopback interface is always ifindex=1.
* platform-linux: allow netlink messages from non-privileged user namespacesLubomir Rintel2015-06-011-3/+2
| | | | Just check they're from kernel.
* build: rename file "include/nm-utils-internal.h" to "nm-macros-internal.h"Thomas Haller2015-06-0114-16/+16
| | | | | | | | | | | We already have "nm-utils*.h" and "NetworkManagerUtils.h" headers. Rename "include/nm-utils-internal.h" to "nm-macros-internal.h". I think that name is better, because this file is header-only, internal, and repository-wide. Also, it will never contain non-header-only declarations because there is no backing object file under "include/". It will only contain macros and inline functions.
* utils: move NM_FLAGS_*() macros to header file "include/nm-utils-internal.h"Thomas Haller2015-05-292-9/+10
|
* default-route: merge branch 'th/default-route-fixes-rh1205405'Thomas Haller2015-05-293-21/+69
|\ | | | | | | | | | | | | Two improvements for handling default-routes. https://bugzilla.redhat.com/show_bug.cgi?id=1224291 https://bugzilla.redhat.com/show_bug.cgi?id=1205405
| * default-route: also configure default-routes for assumed connectionsThomas Haller2015-05-291-7/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously for assumed connections we would never configure a default route. That has serious problems for example in the following two scenarios: - the default-route might have a limited lifetime from a previous SLAAC/accept_ra setting. In this case, once we assume the connection we must also ensure that we extend the lifetime of the default route. - the gateway could be received via DHCP/RA and it might change. If we ignore default-routes for assumed connection we miss that change. The problem is that the notion of "assumed connection" wrongly combines two conflicting goals (related bug bgo#746440): a) have an external device that is entirely unmanged by NM. b) do a seamless takeover of a previously managed connection at start, but still fully manage. This patch changes the handling of default-routes towards meaning b). https://bugzilla.redhat.com/show_bug.cgi?id=1224291
| * default-route: for devices with 'never-default' enforce the default-route ↵Thomas Haller2015-05-291-2/+34
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | only once Since da708059dabb2854d11eed1a403398327b31535b, we would pickup the default-route as configured externally, except at those moments when NM re-applys the IP configuration of the interface, such as during a DHCP lease. That allows the user to add/remove the default-route externally (iproute). But still, at random times (DHCP lease), we will revert those external changes. Extend this, that if the connection is explicitly configured as 'never-default=yes', that it tells NM not to interfere with externally added default-routes on this device. That means, NM will only remove any preexisting default-routes when configuring the device a first time. On any later attempts, NM will assume whatever is configured there. That makes sense because the user indicated not wanting NM to manage a default-route on that device, so if something externally added a default-route, assume that is what the user wants. This only affects non-assumed connections, with 'never-default=yes'. https://bugzilla.redhat.com/show_bug.cgi?id=1205405
| * default-route: add @out_is_never_default argument to has_default_route()Thomas Haller2015-05-293-18/+28
|/ | | | | | Also accept a NULL connection in nm_default_route_manager_ip4_connection_has_default_route() and nm_default_route_manager_ip6_connection_has_default_route().
* merge: increase 'max_replies_per_connection' limit in D-Bus configurationJiří Klimeš2015-05-292-0/+11
|\ | | | | | | | | The limit seems to be too low and causes problems in libnm-glib. We increase the limit and warn in libnm-glib if it was exceeded.
| * libnm-glib: print a bold warning about reaching a D-Bus limitJiří Klimeš2015-05-291-0/+9
| | | | | | | | | | This causes incorrect application behaviour, so libnm-glib should warn at least.
| * dbus: increase 'max_replies_per_connection' limit in D-Bus configurationJiří Klimeš2015-05-291-0/+2
|/ | | | | | | | | | | | | | | | | | | D-Bus default limit of replies per connection has been lowered to 128 due to CVE-2014-3638, see: http://cgit.freedesktop.org/dbus/dbus/commit/?id=5bc7f9519ebc6117ba300c704794b36b87c2194b https://bugs.freedesktop.org/show_bug.cgi?id=81053 The limit seems to be too low and causes problems in libnm-glib, that will not return all NetworkManager connection profiles if there are too many of them (roughly more than the limit). As a consequence, libnm-glib based clients will not work properly. Lets increase the limit in our D-Bus org.freedesktop.NetworkManager.conf configuration as we had it before. See also older commit d5b31d55fa1536a5bd08cf85929ac63a8f723467 that did the opposite thing (removing the limit because the default D-Bus limit was 8192 at that time).
* builds: only enable TAP driver for glib >= 2.37.6Lubomir Rintel2015-05-2818-35/+5
| | | | | No TAP support for previous versions and --tap argument is silently ignored, confusing the TAP driver.
* nm-import-openvpn: import 'float' OpenVPN optionJiří Klimeš2015-05-281-0/+1
| | | | | | https://bugzilla.gnome.org/show_bug.cgi?id=737108 Signed-off-by: Jiří Klimeš <jklimes@redhat.com>
* build: support runstatedir configure optionPavel Šimerda2015-05-284-4/+9
| | | | | | https://bugzilla.gnome.org/show_bug.cgi?id=737139 [thaller@redhat.com: modified original patch]
* merge: offer valid values for enum-style properties in nmcli (rh #1034126)Jiří Klimeš2015-05-285-93/+219
|\ | | | | | | | | | | | | | | | | | | Values for enumeration-style properties are displayed when setting a property, and also TAB-completion offers the values. Later, we plan to improve the handling even more by adding meta-data to libnm. That would enable offering yes/no values, for example. https://bugzilla.redhat.com/show_bug.cgi?id=1034126
| * cli: TAB-completion for enum-style property values (rh #1034126)Jiří Klimeš2015-05-281-45/+170
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Valid values for enumeration-style properties are offered in TAB-completion in the editor. Thus the user has a quick overview of the possible values and can edit properties more easily. Example: $ nmcli con edit type wifi nmcli> set wifi-sec.group <TAB> ccmp tkip wep104 wep40 nmcli> ... https://bugzilla.redhat.com/show_bug.cgi?id=1034126
| * cli: add missing nmc_property_802_1X_allowed_eap() functionJiří Klimeš2015-05-281-2/+5
| |
| * cli: change function for allowed values to return array of stringsJiří Klimeš2015-05-283-39/+28
| |
| * cli: add @brackets parameter to nmc_util_strv_for_displayJiří Klimeš2015-05-283-5/+7
| |
| * cli: print valid-values hint in property menu for empty "set" commandJiří Klimeš2015-05-281-2/+9
|/ | | | | | nmcli 802-11-wireless.mode> set Allowed values for 'mode' property: infrastructure, adhoc, ap Enter 'mode' value:
* core/cli: add missing device state-reason to string conversionsJiří Klimeš2015-05-272-0/+8
| | | | | | | for NM_DEVICE_STATE_REASON_PARENT_CHANGED and NM_DEVICE_STATE_REASON_PARENT_MANAGED_CHANGED Fixes: cd3df12c8f8ed6c868c12bc4e7fe6ba162dafc5b
* device: log the device we were searching in udevJiří Klimeš2015-05-271-3/+5
|
View Lorry Controller Status