| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Configuration can have [device*] and [connection*] settings and both
can include a 'match-device=' key, which is a list of device-specs.
Introduce a new 'allowed-connections' key for [device*] sections,
which specifies a list of connection-specs to indicate which
connections can be activated on the device.
With this, it becomes possible to have a device configuration like:
[device-enp1s0]
match-device=interface-name:enp1s0
allowed-connections=except:origin:nm-initrd-generator
so that NM in the real root ignores connections created by the
nm-initrd-generator, and starts activating a persistent
connection. This requires also setting 'keep-configuration=no' to not
generate an assumed connection.
|
|
|
|
|
|
| |
Add function nm_utils_connection_match_spec_list() to check whether a
connection matches a spec list. Also document the supported syntax in
the man page.
|
|
|
|
|
|
|
|
| |
Add a new 'keep-configuration' device option, set to 'yes' by
default. When set to 'no', on startup NetworkManager ignores that the
interface is pre-configured and doesn't try to keep its
configuration. Instead, it activates one of the persistent
connections.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Introduce a new "ib.pkey=<parent>.<pkey>" command line argument to
create a Infiniband partition.
The new connection has IPv4 and IPv6 enabled by default. Unlike for
VLANs, the generator doesn't create a connection for the parent
Infiniband interface.
See also: https://github.com/dracutdevs/dracut/pull/1538
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/884
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a tool for automatically configuring networking in Aliyun
cloud environment.
This add a provider implementation for Aliyun that when detected fetches
the private ip addressess and the subnet prefix of IPv4 CIDR block.
Once this information is fetched from the metadata server, it instructs
NetworkManager to add private ip addressess and subnet prefix for each
interface detected.
It is inspired by SuSE's cloud-netconfig ([1], [2]) and Aliyun Instance Metadata [3].
[1] https://www.suse.com/c/multi-nic-cloud-netconfig-ec2-azure/
[2] https://github.com/SUSE-Enceladus/cloud-netconfig
[3] https://www.alibabacloud.com/help/doc-detail/49122.htm
It is also intended to work without configuration. The main point is
that you boot an image with NetworkManager and nm-cloud-setup enabled,
and it just works.
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/885
Signed-off-by: Wen Liang <liangwen12year@gmail.com>
|
|
|
|
| |
connect|disconnect`
|
| |
|
|
|
|
|
|
|
| |
nmcli now accepts `nmcli device up|down` which works the same way as
`nmcli device connect|disconnect`
I also edited man pages of nmcli with new options.
|
|
|
|
|
|
| |
Change the logic in check_ip_state() to delay the connection ACTIVATED
state if an address family is pending and its required-timeout has not
expired.
|
|
|
|
|
|
|
|
|
| |
rd.znet support was added with commit 11d4412ee155 ("process s390
specific device info from rd.znet parameter in nm-initrd-generator").
Signed-off-by: Julian Wiedmann <jwi@linux.ibm.com>
https://github.com/NetworkManager/NetworkManager/pull/362
|
|
|
|
|
|
|
|
| |
`description-docbook` is the alternative tag to `description`, the
difference is that `description-docbook` expects docbook XML but not
plaintext.
Signed-off-by: Wen Liang <liangwen12year@gmail.com>
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Since the [main].iwd-config-path functionality, where NM watches for
NMSettingsConnection changes and update IWD network config files with
new settings, has proven to work without issues so far, enable it by
default. Instead of hardcoding /var/lib/iwd as the value, and since the
value can't be probed at NM compile time, query it from IWD's recently-
added D-Bus interface for settings when [main].iwd-config-path is either
missing or set to the new value "auto".
|
| |
|
|
|
|
|
| |
"iptables" and "nftables" will be supported. Currently, the code is
unused and only "iptables" is supported.
|
| |
|
|
|
|
|
|
|
|
|
| |
If the configuration contains dns=none and resolv.conf is updated
through a dispatcher script, currently there is no way to tell NM that
the content of resolv.conf changed, so that it can restart a hostname
resolution.
Use SIGUSR1 (and SIGHUP) for that.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The code never set "iface_get_config->cidr_addr", despite
setting "cidr_prefix" and "has_cidr". As a result, cloud-setup
would think that the subnet is "0.0.0.0/$PLEN", and calculate
the gateway as "0.0.0.1".
As a result it would add a default route to table 30400 via 0.0.0.1,
which is obviously wrong.
How to detect the right gateway? Let's try obtain the subnet also via
the meta data. That seems mostly correct, except that we only access
subnet at index 0. What if there are multiple ones? I don't know.
https://bugzilla.redhat.com/show_bug.cgi?id=1912236
|
|
|
|
| |
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/797
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Watch for NMSettingConnection changes and creation signals and convert
them to IWD format and write them to the configured IWD profile storage
directory. The logic is off by default and gets enabled when the new
iwd-config-path setting in nm.conf's [main] group is set to a path to
an existing directory.
The idea here is that when a user edits an NM connection profile, the
change is immediately mirrored in IWD since IWD watches its
configuration directory using inotify. This way NM clients can be used
to edit 802.1x settings, the PSK passphrase or the SSID -- changes that
would previously not take effect with the IWD backend.
Some precautions are taken to not make connections owned by a user
available to other users, such connections are not converted at all.
In all other cases where a connection cannot be converted sufficiently
well to the IWD format, for various reasons, we also give up and not
mirror these connections.
Due to IWD limitations and design differences with NM this logic has
many problems where it may not do its task properly. It's meant to work
on a best-effort and "better than nothing" basis, but it should be safe
in that it shouldn't delete users data or reveal secrets, etc. The most
obvious limitation is that there can be multiple NM connections
referring to the same SSID+Security tuple and only one IWD profile can
exist because the filename is based on only the SSID+Security type. We
already had one NM connection selected for each IWD KnownNetwork and
referenced by a pointer, so we ignore changes in NM connections other
than that selected one.
|
| |
|
|
|
|
| |
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/784
|
| |
|
| |
|
|
|
|
|
|
| |
https://bugzilla.redhat.com/show_bug.cgi?id=1929513
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/765
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add support for `carrier-wait-timeout` setting from kernel cmdline.
This will create a new `15-carrier-timeout.conf` file in
/run/NetworkManager/conf.d with the parameter value as specified.
The setting also inserts `match-device` to `*`, matching all devices.
NB: The parameter on kernel cmdline is specified in seconds. This is
done to be backwards compatible with with network-legacy module. However
the generated setting will automatically multiply specified value by
1000 and store timeout value in ms.
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/626
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/730
|
|
|
|
|
|
|
|
|
|
| |
It's questionable whether the manual page should explain
exactly what it does.
However, it's a good exercise writing this up (to review
what happens). Also, a manual page that simply says "it configures
the network automatically" without going into how exactly, is
not very useful either.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These SPDX license identifiers are deprecated ([1]). Update them.
[1] https://spdx.org/licenses/
sed \
-e '1 s%^/\* SPDX-License-Identifier: \(GPL-2.0\|LGPL-2.1\)+ \*/$%/* SPDX-License-Identifier: \1-or-later */%' \
-e '1,2 s%^\(--\|#\|//\) SPDX-License-Identifier: \(GPL-2.0\|LGPL-2.1\)+$%\1 SPDX-License-Identifier: \2-or-later%' \
-i \
$(git grep -l SPDX-License-Identifier -- \
':(exclude)shared/c-*/' \
':(exclude)shared/n-*/' \
':(exclude)shared/systemd/src' \
':(exclude)src/systemd/src')
|
|
|
|
|
| |
https://bugzilla.redhat.com/show_bug.cgi?id=1867997
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/ ## 600
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
NetworkManager is now able to configure veth interfaces throught the
NMSettingVeth. Veth interfaces only have "peer" property.
In order to support Veth interfaces in NetworkManager the design need
to pass the following requirements:
* Veth setting only has "peer" attribute.
* Ethernet profiles must be applicable to Veth interfaces.
* When creating a veth interface, the peer will be managed by
NetworkManager but will not have a profile.
* Veth connection can reapply only if the peer has not been modified.
* In order to modify the veth peer, NetworkManager must deactivate the
connection and create a new one with peer modified.
In general, it should support the basis of veth interfaces but without
breaking any existing feature or use case. The users that are using veth
interfaces as ethernet should not notice anything changed unless they
specified the veth peer setting.
Creating a Veth interface in NetworkManager is useful even without the
support for namespaces for some use cases, e.g "connecting one side of
the veth to an OVS bridge and the other side to a Linux bridge" this is
done when using OVN kubernetes [1][2]. In addition, it would provide
persistent configuration and rollback support for Veth interfaces.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1885605
[2] https://bugzilla.redhat.com/show_bug.cgi?id=1894139
Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If this setting it true (or missing) we skip most of the D-Bus
Disconnect() calls whoe purpose was to keep IWD's internal autoconnect
mechanism always disabled. We use the IWD's Station.State property
updates, and secrets requets through our IWD agent, to find out when IWD
is trying to connect and create "assumed" activations on the NM side to
mirror the IWD state. This is quite complicated due to the many
possible combinations of NMDevice's state and IWD's state. A lot of
them are "impossible" but we try to be careful to consider all the
different possibilities.
NM has a nice API for "assuming connections" but it's designed for
slightly different use cases than what we have here and for now we
created normal "managed"-type activations when assuming an IWD automatic
connection.
|
|
|
|
| |
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/444
|
| |
|
|
|
|
|
| |
Add a new setting that contains properties related to how NM should
get the hostname from the connection.
|
| |
|
| |
|
|
|
|
| |
Fixes: 0aa09da5f46d ('man: explain "/var/lib/NetworkManager/secret-key" in `man NetworkManager`')
|
| |
|
|
|
|
|
| |
https://bugzilla.redhat.com/show_bug.cgi?id=1871042
Signed-off-by: Antonio Cardace <acardace@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a new `main.rc-manager=auto` setting, that favours to use
systemd-resolved (and not touch "/etc/resolv.conf" but configure
it via D-Bus), or falls back to `resolvconf`/`netconfig` binaries
if they are installed and enabled at compile time.
As final fallback use "symlink", like before.
Note that on Fedora there is no "openresolv" package ([1]). Instead, "systemd"
package provides "/usr/sbin/resolvconf" as a wrapper for systemd-resolved's
"resolvectl". On such a system the fallback to resolvconf is always
wrong, because NetworkManager should either talk to systemd-resolved
directly or not but never call "/usr/sbin/resolvconf". So, the special handling
for resolvconf and netconfig is only done if NetworkManager was build with these
applications explicitly enabled.
Note that SUSE builds NetworkManager with
--with-netconfig=yes
--with-config-dns-rc-manager-default=netconfig
and the new option won't be used there either. But of course, netconfig
already does all the right things on SUSE.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=668153
Suggested-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/594
|
|
|
|
| |
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/582
|
|
|
|
| |
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/565
|
|
|
|
|
|
|
|
| |
There should be a comma after 'Otherwise' and 'Currently'.
https://bugzilla.redhat.com/show_bug.cgi?id=1852452
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/560
|
|
|
|
|
| |
Add a new 'ap-isolation' property to the wifi setting, useful to
prevent communication between wireless clients.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix the following build error with meson:
/usr/bin/python3 /home/bgalvani/work/NetworkManager/tools/generate-docs-nm-settings-docs-merge.py man/nm-settings-docs-nmcli.xml --only-from-first clients/cli/generate-docs-nm-settings-nmcli.xml libnm/nm-propery-infos-nmcli.xml libnm/nm-settings-docs-gir.xml
Traceback (most recent call last):
File "/home/bgalvani/work/NetworkManager/tools/generate-docs-nm-settings-docs-merge.py", line 120, in <module>
xml_roots = list([ET.parse(f).getroot() for f in gl_input_files])
File "/home/bgalvani/work/NetworkManager/tools/generate-docs-nm-settings-docs-merge.py", line 120, in <listcomp>
xml_roots = list([ET.parse(f).getroot() for f in gl_input_files])
File "/usr/lib64/python3.8/xml/etree/ElementTree.py", line 1202, in parse
tree.parse(source, parser)
File "/usr/lib64/python3.8/xml/etree/ElementTree.py", line 584, in parse
source = open(source, "rb")
FileNotFoundError: [Errno 2] No such file or directory: '--only-from-first'
Fixes: 3c11116c484d ('docs: in "generate-docs-nm-settings-docs-merge.py" only take properties from first setting')
|