diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index d7f89ebcf4..3c14e0a2fc 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -14,7 +14,7 @@ # see https://docs.gitlab.com/ee/ci/yaml/#includefile -.templates_sha: &template_sha 184ca628f89f3193c249b4e34e45afee2773a833 +.templates_sha: &template_sha 98b1218f146a1ec96d65e3ce0041f9a6ec5cb5e6 @@ -39,6 +39,8 @@ include: - project: 'freedesktop/ci-templates' ref: *template_sha file: '/templates/ubuntu.yml' + - project: 'freedesktop/ci-templates' + file: '/templates/ci-fairy.yml' stages: - prep @@ -57,11 +59,11 @@ variables: # # This is done by running `ci-fairy generate-template` and possibly bumping # ".default_tag". - ALPINE_TAG: 'tag-4e88b0485a0b' - CENTOS_TAG: 'tag-49333ce03178' - DEBIAN_TAG: 'tag-40fb807bf9e5' - FEDORA_TAG: 'tag-49333ce03178' - UBUNTU_TAG: 'tag-40fb807bf9e5' + ALPINE_TAG: 'tag-ec99bc32ed7f' + CENTOS_TAG: 'tag-a76c3f2e9d0f' + DEBIAN_TAG: 'tag-3f6892bcd503' + FEDORA_TAG: 'tag-a76c3f2e9d0f' + UBUNTU_TAG: 'tag-3f6892bcd503' ALPINE_EXEC: 'bash .gitlab-ci/alpine-install.sh' CENTOS_EXEC: 'bash .gitlab-ci/fedora-install.sh' @@ -106,18 +108,10 @@ tier1:fedora:40@prep: FDO_DISTRIBUTION_VERSION: '40' FDO_DISTRIBUTION_TAG: $FEDORA_TAG FDO_DISTRIBUTION_EXEC: $FEDORA_EXEC + rules: + - if: $CI_PIPELINE_SOURCE != 'schedule' -tier1:fedora:rawhide@prep: - extends: - - .fdo.container-build@fedora - stage: prep - variables: - GIT_STRATEGY: none - FDO_DISTRIBUTION_VERSION: 'rawhide' - FDO_DISTRIBUTION_TAG: $FEDORA_TAG - FDO_DISTRIBUTION_EXEC: $FEDORA_EXEC - -tier1:centos:stream9@prep: +tier2:centos:stream9@prep: extends: - .fdo.container-build@centos stage: prep @@ -126,6 +120,24 @@ tier1:centos:stream9@prep: FDO_DISTRIBUTION_VERSION: 'stream9' FDO_DISTRIBUTION_TAG: $CENTOS_TAG FDO_DISTRIBUTION_EXEC: $CENTOS_EXEC + rules: + - if: $CI_PIPELINE_SOURCE != 'schedule' + when: manual + allow_failure: true + +tier2:fedora:rawhide@prep: + extends: + - .fdo.container-build@fedora + stage: prep + variables: + GIT_STRATEGY: none + FDO_DISTRIBUTION_VERSION: 'rawhide' + FDO_DISTRIBUTION_TAG: $FEDORA_TAG + FDO_DISTRIBUTION_EXEC: $FEDORA_EXEC + rules: + - if: $CI_PIPELINE_SOURCE != 'schedule' + when: manual + allow_failure: true tier2:debian:sid@prep: extends: @@ -136,7 +148,10 @@ tier2:debian:sid@prep: FDO_DISTRIBUTION_VERSION: 'sid' FDO_DISTRIBUTION_TAG: $DEBIAN_TAG FDO_DISTRIBUTION_EXEC: $DEBIAN_EXEC - when: manual + rules: + - if: $CI_PIPELINE_SOURCE != 'schedule' + when: manual + allow_failure: true tier2:debian:testing@prep: extends: @@ -147,7 +162,10 @@ tier2:debian:testing@prep: FDO_DISTRIBUTION_VERSION: 'testing' FDO_DISTRIBUTION_TAG: $DEBIAN_TAG FDO_DISTRIBUTION_EXEC: $DEBIAN_EXEC - when: manual + rules: + - if: $CI_PIPELINE_SOURCE != 'schedule' + when: manual + allow_failure: true tier2:ubuntu:devel@prep: extends: @@ -158,7 +176,10 @@ tier2:ubuntu:devel@prep: FDO_DISTRIBUTION_VERSION: 'devel' FDO_DISTRIBUTION_TAG: $UBUNTU_TAG FDO_DISTRIBUTION_EXEC: $UBUNTU_EXEC - when: manual + rules: + - if: $CI_PIPELINE_SOURCE != 'schedule' + when: manual + allow_failure: true tier2:alpine:edge@prep: extends: @@ -169,7 +190,10 @@ tier2:alpine:edge@prep: FDO_DISTRIBUTION_VERSION: 'edge' FDO_DISTRIBUTION_TAG: $ALPINE_TAG FDO_DISTRIBUTION_EXEC: $ALPINE_EXEC - when: manual + rules: + - if: $CI_PIPELINE_SOURCE != 'schedule' + when: manual + allow_failure: true tier3:fedora:39@prep: extends: @@ -180,7 +204,10 @@ tier3:fedora:39@prep: FDO_DISTRIBUTION_VERSION: '39' FDO_DISTRIBUTION_TAG: $FEDORA_TAG FDO_DISTRIBUTION_EXEC: $FEDORA_EXEC - when: manual + rules: + - if: $CI_PIPELINE_SOURCE != 'schedule' + when: manual + allow_failure: true tier3:ubuntu:20.04@prep: extends: @@ -191,7 +218,10 @@ tier3:ubuntu:20.04@prep: FDO_DISTRIBUTION_VERSION: '20.04' FDO_DISTRIBUTION_TAG: $UBUNTU_TAG FDO_DISTRIBUTION_EXEC: $UBUNTU_EXEC - when: manual + rules: + - if: $CI_PIPELINE_SOURCE != 'schedule' + when: manual + allow_failure: true tier3:ubuntu:22.04@prep: extends: @@ -202,7 +232,10 @@ tier3:ubuntu:22.04@prep: FDO_DISTRIBUTION_VERSION: '22.04' FDO_DISTRIBUTION_TAG: $UBUNTU_TAG FDO_DISTRIBUTION_EXEC: $UBUNTU_EXEC - when: manual + rules: + - if: $CI_PIPELINE_SOURCE != 'schedule' + when: manual + allow_failure: true tier3:ubuntu:24.04@prep: extends: @@ -213,7 +246,10 @@ tier3:ubuntu:24.04@prep: FDO_DISTRIBUTION_VERSION: '24.04' FDO_DISTRIBUTION_TAG: $UBUNTU_TAG FDO_DISTRIBUTION_EXEC: $UBUNTU_EXEC - when: manual + rules: + - if: $CI_PIPELINE_SOURCE != 'schedule' + when: manual + allow_failure: true tier3:ubuntu:rolling@prep: extends: @@ -224,7 +260,10 @@ tier3:ubuntu:rolling@prep: FDO_DISTRIBUTION_VERSION: 'rolling' FDO_DISTRIBUTION_TAG: $UBUNTU_TAG FDO_DISTRIBUTION_EXEC: $UBUNTU_EXEC - when: manual + rules: + - if: $CI_PIPELINE_SOURCE != 'schedule' + when: manual + allow_failure: true tier3:debian:stable@prep: extends: @@ -235,7 +274,10 @@ tier3:debian:stable@prep: FDO_DISTRIBUTION_VERSION: 'stable' FDO_DISTRIBUTION_TAG: $DEBIAN_TAG FDO_DISTRIBUTION_EXEC: $DEBIAN_EXEC - when: manual + rules: + - if: $CI_PIPELINE_SOURCE != 'schedule' + when: manual + allow_failure: true tier3:debian:oldstable@prep: extends: @@ -246,7 +288,10 @@ tier3:debian:oldstable@prep: FDO_DISTRIBUTION_VERSION: 'oldstable' FDO_DISTRIBUTION_TAG: $DEBIAN_TAG FDO_DISTRIBUTION_EXEC: $DEBIAN_EXEC - when: manual + rules: + - if: $CI_PIPELINE_SOURCE != 'schedule' + when: manual + allow_failure: true tier3:centos:stream8@prep: extends: @@ -257,7 +302,10 @@ tier3:centos:stream8@prep: FDO_DISTRIBUTION_VERSION: 'stream8' FDO_DISTRIBUTION_TAG: $CENTOS_TAG FDO_DISTRIBUTION_EXEC: $CENTOS_EXEC - when: manual + rules: + - if: $CI_PIPELINE_SOURCE != 'schedule' + when: manual + allow_failure: true tier3:alpine:latest@prep: extends: @@ -268,7 +316,10 @@ tier3:alpine:latest@prep: FDO_DISTRIBUTION_VERSION: 'latest' FDO_DISTRIBUTION_TAG: $ALPINE_TAG FDO_DISTRIBUTION_EXEC: $ALPINE_EXEC - when: manual + rules: + - if: $CI_PIPELINE_SOURCE != 'schedule' + when: manual + allow_failure: true ################################################################# # # @@ -295,13 +346,9 @@ t_fedora:40: parallel: matrix: - NM_TEST_SELECT_RUN: - - autotools+gcc+docs+valgrind - meson+gcc+docs+valgrind - - autotools+clang - meson+clang - - rpm+autotools - rpm+meson - - tarball+autotools - tarball+meson - tarball - subtree @@ -310,56 +357,36 @@ t_fedora:40: FDO_DISTRIBUTION_TAG: $FEDORA_TAG needs: - "tier1:fedora:40@prep" - -t_fedora:rawhide: - extends: - - .build@template - - .fdo.distribution-image@fedora - - .nm_artifacts - stage: tier1 - parallel: - matrix: - - NM_TEST_SELECT_RUN: - - autotools+gcc+docs+valgrind - - meson+gcc+docs+valgrind - - autotools+clang - - meson+clang - - rpm+autotools - - rpm+meson - - tarball+autotools - - tarball+meson - - tarball - - subtree - variables: - FDO_DISTRIBUTION_VERSION: 'rawhide' - FDO_DISTRIBUTION_TAG: $FEDORA_TAG - needs: - - "tier1:fedora:rawhide@prep" + rules: + - if: $CI_PIPELINE_SOURCE != 'schedule' t_centos:stream9: extends: - .build@template - .fdo.distribution-image@centos - .nm_artifacts_debug - stage: tier1 - parallel: - matrix: - - NM_TEST_SELECT_RUN: - - autotools+gcc+docs+valgrind - - meson+gcc+docs+valgrind - - autotools+clang - - meson+clang - - rpm+autotools - - rpm+meson - - tarball+autotools - - tarball+meson - - tarball - - subtree + stage: tier2 variables: FDO_DISTRIBUTION_VERSION: 'stream9' FDO_DISTRIBUTION_TAG: $CENTOS_TAG needs: - - "tier1:centos:stream9@prep" + - "tier2:centos:stream9@prep" + rules: + - if: $CI_PIPELINE_SOURCE != 'schedule' + +t_fedora:rawhide: + extends: + - .build@template + - .fdo.distribution-image@fedora + - .nm_artifacts_debug + stage: tier2 + variables: + FDO_DISTRIBUTION_VERSION: 'rawhide' + FDO_DISTRIBUTION_TAG: $FEDORA_TAG + needs: + - "tier2:fedora:rawhide@prep" + rules: + - if: $CI_PIPELINE_SOURCE != 'schedule' t_debian:sid: extends: @@ -372,6 +399,8 @@ t_debian:sid: FDO_DISTRIBUTION_TAG: $DEBIAN_TAG needs: - "tier2:debian:sid@prep" + rules: + - if: $CI_PIPELINE_SOURCE != 'schedule' t_debian:testing: extends: @@ -384,6 +413,8 @@ t_debian:testing: FDO_DISTRIBUTION_TAG: $DEBIAN_TAG needs: - "tier2:debian:testing@prep" + rules: + - if: $CI_PIPELINE_SOURCE != 'schedule' t_ubuntu:devel: extends: @@ -396,6 +427,8 @@ t_ubuntu:devel: FDO_DISTRIBUTION_TAG: $UBUNTU_TAG needs: - "tier2:ubuntu:devel@prep" + rules: + - if: $CI_PIPELINE_SOURCE != 'schedule' t_alpine:edge: extends: @@ -408,6 +441,8 @@ t_alpine:edge: FDO_DISTRIBUTION_TAG: $ALPINE_TAG needs: - "tier2:alpine:edge@prep" + rules: + - if: $CI_PIPELINE_SOURCE != 'schedule' t_fedora:39: extends: @@ -420,6 +455,8 @@ t_fedora:39: FDO_DISTRIBUTION_TAG: $FEDORA_TAG needs: - "tier3:fedora:39@prep" + rules: + - if: $CI_PIPELINE_SOURCE != 'schedule' t_ubuntu:20.04: extends: @@ -432,6 +469,8 @@ t_ubuntu:20.04: FDO_DISTRIBUTION_TAG: $UBUNTU_TAG needs: - "tier3:ubuntu:20.04@prep" + rules: + - if: $CI_PIPELINE_SOURCE != 'schedule' t_ubuntu:22.04: extends: @@ -444,6 +483,8 @@ t_ubuntu:22.04: FDO_DISTRIBUTION_TAG: $UBUNTU_TAG needs: - "tier3:ubuntu:22.04@prep" + rules: + - if: $CI_PIPELINE_SOURCE != 'schedule' t_ubuntu:24.04: extends: @@ -456,6 +497,8 @@ t_ubuntu:24.04: FDO_DISTRIBUTION_TAG: $UBUNTU_TAG needs: - "tier3:ubuntu:24.04@prep" + rules: + - if: $CI_PIPELINE_SOURCE != 'schedule' t_ubuntu:rolling: extends: @@ -468,6 +511,8 @@ t_ubuntu:rolling: FDO_DISTRIBUTION_TAG: $UBUNTU_TAG needs: - "tier3:ubuntu:rolling@prep" + rules: + - if: $CI_PIPELINE_SOURCE != 'schedule' t_debian:stable: extends: @@ -480,6 +525,8 @@ t_debian:stable: FDO_DISTRIBUTION_TAG: $DEBIAN_TAG needs: - "tier3:debian:stable@prep" + rules: + - if: $CI_PIPELINE_SOURCE != 'schedule' t_debian:oldstable: extends: @@ -492,6 +539,8 @@ t_debian:oldstable: FDO_DISTRIBUTION_TAG: $DEBIAN_TAG needs: - "tier3:debian:oldstable@prep" + rules: + - if: $CI_PIPELINE_SOURCE != 'schedule' t_centos:stream8: extends: @@ -504,6 +553,8 @@ t_centos:stream8: FDO_DISTRIBUTION_TAG: $CENTOS_TAG needs: - "tier3:centos:stream8@prep" + rules: + - if: $CI_PIPELINE_SOURCE != 'schedule' t_alpine:latest: extends: @@ -516,6 +567,8 @@ t_alpine:latest: FDO_DISTRIBUTION_TAG: $ALPINE_TAG needs: - "tier3:alpine:latest@prep" + rules: + - if: $CI_PIPELINE_SOURCE != 'schedule' ################################################################# # # @@ -531,6 +584,8 @@ check-patch: FDO_DISTRIBUTION_TAG: $FEDORA_TAG needs: - "tier1:fedora:40@prep" + rules: + - if: $CI_PIPELINE_SOURCE != 'schedule' stage: tier1 script: - date '+%Y%m%d-%H%M%S'; NM_CHECKPATCH_FETCH_UPSTREAM=1 contrib/scripts/checkpatch-feature-branch.sh @@ -544,6 +599,8 @@ check-tree: FDO_DISTRIBUTION_TAG: $FEDORA_TAG needs: - "tier1:fedora:40@prep" + rules: + - if: $CI_PIPELINE_SOURCE != 'schedule' stage: tier1 script: - date '+%Y%m%d-%H%M%S'; clang-format --version @@ -562,25 +619,44 @@ pages: expire_in: 20 days paths: - public - only: - - main + rules: + - if: $CI_PIPELINE_SOURCE == 'schedule' + when: never + - if: $CI_MERGE_REQUEST_SOURCE_BRANCH_NAME == 'main' dependencies: - - "t_fedora:40: [autotools+gcc+docs+valgrind]" + - "t_fedora:40: [meson+gcc+docs+valgrind]" needs: - - "t_fedora:40: [autotools+gcc+docs+valgrind]" + - "t_fedora:40: [meson+gcc+docs+valgrind]" triage:issues: stage: triage - image: ruby:2.7 + image: ruby:3 + rules: + - if: $CI_PIPELINE_SOURCE == "schedule" && $SCHEDULED_PIPELINE_NAME == "daily" + tags: + - placeholder-job # The job mostly waits on network requests, so use only one CPU: https://gitlab.freedesktop.org/freedesktop/freedesktop/-/issues/1358#note_2457416 script: - gem install gitlab-triage - - gitlab-triage -d --token $API_TOKEN --source-id $SOURCE_ID - only: - - schedules + - gitlab-triage --debug --token $API_TOKEN --source-id $CI_PROJECT_ID + +# Clean the generated images periodically to get updated snapshots of the distribution images. +# Create an scheduled pipeline to run it, passing an AUTHFILE environment variable of type +# 'File' with an authentication token with API access level. +clean-images: + extends: + - .fdo.ci-fairy + stage: prep + rules: + - if: $CI_PIPELINE_SOURCE == "schedule" && $SCHEDULED_PIPELINE_NAME == "weekly" + script: + - ci-fairy -v --authfile $AUTHFILE delete-image --project NetworkManager/NetworkManager --all # Have detached MR pipeline (https://docs.gitlab.com/ee/ci/pipelines/merge_request_pipelines.html) # https://gitlab.freedesktop.org/freedesktop/freedesktop/-/issues/540#what-it-means-for-me-a-maintainer-of-a-project-part-of-gitlabfreedesktoporg workflow: rules: - if: $CI_PIPELINE_SOURCE == 'merge_request_event' - - if: $CI_PIPELINE_SOURCE == 'push' + - if: $CI_PIPELINE_SOURCE == 'schedule' + - if: $CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS + when: never + - if: $CI_COMMIT_BRANCH diff --git a/.gitlab-ci/ci.template b/.gitlab-ci/ci.template index 192b771407..55df9d9ba6 100644 --- a/.gitlab-ci/ci.template +++ b/.gitlab-ci/ci.template @@ -16,7 +16,7 @@ # see https://docs.gitlab.com/ee/ci/yaml/#includefile -.templates_sha: &template_sha 184ca628f89f3193c249b4e34e45afee2773a833 +.templates_sha: &template_sha 98b1218f146a1ec96d65e3ce0041f9a6ec5cb5e6 {# Group distros by their common (name,) tuples.#} {% set distro_groups = [] %} @@ -43,6 +43,8 @@ include: ref: *template_sha file: '/templates/{{distro_group.name}}.yml' {% endfor %} + - project: 'freedesktop/ci-templates' + file: '/templates/ci-fairy.yml' stages: - prep @@ -113,8 +115,11 @@ tier{{distro.tier}}:{{distro.name}}:{{version}}@prep: FDO_DISTRIBUTION_VERSION: '{{version}}' FDO_DISTRIBUTION_TAG: ${{distro.name.upper()}}_TAG FDO_DISTRIBUTION_EXEC: ${{distro.name.upper()}}_EXEC + rules: + - if: $CI_PIPELINE_SOURCE != 'schedule' {% if distro.tier > 1 %} - when: manual + when: manual + allow_failure: true {% endif %} {% endfor %} {% endfor %} @@ -151,13 +156,9 @@ t_{{distro.name}}:{{version}}: parallel: matrix: - NM_TEST_SELECT_RUN: - - autotools+gcc+docs+valgrind - meson+gcc+docs+valgrind - - autotools+clang - meson+clang - - rpm+autotools - rpm+meson - - tarball+autotools - tarball+meson - tarball - subtree @@ -173,6 +174,8 @@ t_{{distro.name}}:{{version}}: {% endif %} needs: - "tier{{distro.tier}}:{{distro.name}}:{{version}}@prep" + rules: + - if: $CI_PIPELINE_SOURCE != 'schedule' {% endfor %} {% endfor %} @@ -190,6 +193,8 @@ check-patch: FDO_DISTRIBUTION_TAG: ${{default_distro.name.upper()}}_TAG needs: - "tier{{default_distro.tier}}:{{default_distro.name}}:{{default_distro.versions[0]}}@prep" + rules: + - if: $CI_PIPELINE_SOURCE != 'schedule' stage: tier1 script: - date '+%Y%m%d-%H%M%S'; NM_CHECKPATCH_FETCH_UPSTREAM=1 contrib/scripts/checkpatch-feature-branch.sh @@ -203,6 +208,8 @@ check-tree: FDO_DISTRIBUTION_TAG: ${{default_distro.name.upper()}}_TAG needs: - "tier{{default_distro.tier}}:{{default_distro.name}}:{{default_distro.versions[0]}}@prep" + rules: + - if: $CI_PIPELINE_SOURCE != 'schedule' stage: tier1 script: - date '+%Y%m%d-%H%M%S'; clang-format --version @@ -221,25 +228,44 @@ pages: expire_in: 20 days paths: - public - only: - - main + rules: + - if: $CI_PIPELINE_SOURCE == 'schedule' + when: never + - if: $CI_MERGE_REQUEST_SOURCE_BRANCH_NAME == 'main' dependencies: - - "t_{{default_distro.name}}:{{default_distro.versions[0]}}: [autotools+gcc+docs+valgrind]" + - "t_{{default_distro.name}}:{{default_distro.versions[0]}}: [meson+gcc+docs+valgrind]" needs: - - "t_{{default_distro.name}}:{{default_distro.versions[0]}}: [autotools+gcc+docs+valgrind]" + - "t_{{default_distro.name}}:{{default_distro.versions[0]}}: [meson+gcc+docs+valgrind]" triage:issues: stage: triage - image: ruby:2.7 + image: ruby:3 + rules: + - if: $CI_PIPELINE_SOURCE == "schedule" && $SCHEDULED_PIPELINE_NAME == "daily" + tags: + - placeholder-job # The job mostly waits on network requests, so use only one CPU: https://gitlab.freedesktop.org/freedesktop/freedesktop/-/issues/1358#note_2457416 script: - gem install gitlab-triage - - gitlab-triage -d --token $API_TOKEN --source-id $SOURCE_ID - only: - - schedules + - gitlab-triage --debug --token $API_TOKEN --source-id $CI_PROJECT_ID + +# Clean the generated images periodically to get updated snapshots of the distribution images. +# Create an scheduled pipeline to run it, passing an AUTHFILE environment variable of type +# 'File' with an authentication token with API access level. +clean-images: + extends: + - .fdo.ci-fairy + stage: prep + rules: + - if: $CI_PIPELINE_SOURCE == "schedule" && $SCHEDULED_PIPELINE_NAME == "weekly" + script: + - ci-fairy -v --authfile $AUTHFILE delete-image --project NetworkManager/NetworkManager --all # Have detached MR pipeline (https://docs.gitlab.com/ee/ci/pipelines/merge_request_pipelines.html) # https://gitlab.freedesktop.org/freedesktop/freedesktop/-/issues/540#what-it-means-for-me-a-maintainer-of-a-project-part-of-gitlabfreedesktoporg workflow: rules: - if: $CI_PIPELINE_SOURCE == 'merge_request_event' - - if: $CI_PIPELINE_SOURCE == 'push' + - if: $CI_PIPELINE_SOURCE == 'schedule' + - if: $CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS + when: never + - if: $CI_COMMIT_BRANCH diff --git a/.gitlab-ci/config.yml b/.gitlab-ci/config.yml index 4e97ecf187..c0f3538342 100644 --- a/.gitlab-ci/config.yml +++ b/.gitlab-ci/config.yml @@ -24,14 +24,17 @@ distributions: tier: 1 versions: - '40' - - rawhide - - name: centos - tier: 1 - versions: - - 'stream9' # TIER 2: distribution versions that will or might use the current NM version. # Run when doing a release. + - name: centos + tier: 2 + versions: + - 'stream9' + - name: fedora + tier: 2 + versions: + - rawhide - name: debian tier: 2 versions: diff --git a/.gitlab-ci/fedora-install.sh b/.gitlab-ci/fedora-install.sh index 5ffb461c5e..3bd4698366 100755 --- a/.gitlab-ci/fedora-install.sh +++ b/.gitlab-ci/fedora-install.sh @@ -5,6 +5,7 @@ set -ex IS_FEDORA=0 IS_CENTOS=0 CENTOS_VERSION=0 +FEDORA_VERSION=0 grep -q '^NAME=.*\(CentOS\)' /etc/os-release && IS_CENTOS=1 grep -q '^NAME=.*\(Fedora\)' /etc/os-release && IS_FEDORA=1 if [ $IS_CENTOS = 1 ]; then @@ -45,9 +46,22 @@ yum install -y glibc-langpack-pl ccache clang # to generate proper documentation. yum reinstall -y --setopt='tsflags=' glib2-doc +if [ $IS_FEDORA = 1 ]; then + FEDORA_VERSION=$(cat /etc/os-release | grep '^VERSION_ID=' | sed s\/"VERSION_ID="\/\/) +fi + if command -v dnf &>/dev/null; then dnf install -y python3-dnf-plugins-core - dnf debuginfo-install -y glib2 + # Fedora 41 migrated to DNF5 and the debuginfo-install plugin is not implemented yet + # therefore we need to enable the repo and install the debuginfo subpackage manually + if [ $FEDORA_VERSION -lt "41" ]; then + dnf debuginfo-install -y glib2 + else + dnf install -y dnf5-plugins + dnf config-manager setopt fedora-debuginfo.enabled=1 + dnf config-manager setopt rawhide-debuginfo.enabled=1 || true + dnf install -y glib2-debuginfo + fi else debuginfo-install -y glib2 fi diff --git a/.gitlab-ci/run-test.sh b/.gitlab-ci/run-test.sh index cd12220315..4091cdd40a 100755 --- a/.gitlab-ci/run-test.sh +++ b/.gitlab-ci/run-test.sh @@ -40,7 +40,7 @@ uname -a meson --version ! command -v dpkg &>/dev/null || dpkg -l -! command -v yum &>/dev/null || yum list installed +! command -v dnf &>/dev/null || dnf list --installed ! command -v apk &>/dev/null || apk -v info # We have a unit test that check that `ci-fairy generate-template` @@ -57,13 +57,9 @@ check_run_assert() { # These are the supported $NM_TEST_SELECT_RUN values. local _CHECK_RUN_LIST=( - autotools+gcc+docs+valgrind meson+gcc+docs+valgrind - autotools+clang meson+clang - rpm+autotools rpm+meson - tarball+autotools tarball+meson tarball subtree @@ -110,17 +106,13 @@ check_run_clean() { return 0 } -if check_run_clean autotools+gcc+docs+valgrind ; then - BUILD_TYPE=autotools CC=gcc WITH_DOCS=1 WITH_VALGRIND=1 contrib/scripts/nm-ci-run.sh - mv build/INST/share/gtk-doc/html "$ARTIFACT_DIR/docs-html" +if check_run_clean meson+gcc+docs+valgrind ; then + BUILD_TYPE=meson CC=gcc WITH_DOCS=1 WITH_VALGRIND=1 contrib/scripts/nm-ci-run.sh + mv INST/share/gtk-doc/html "$ARTIFACT_DIR/docs-html" fi -check_run_clean meson+gcc+docs+valgrind && BUILD_TYPE=meson CC=gcc WITH_DOCS=1 WITH_VALGRIND=1 contrib/scripts/nm-ci-run.sh -check_run_clean autotools+clang && BUILD_TYPE=autotools CC=clang WITH_DOCS=0 contrib/scripts/nm-ci-run.sh -check_run_clean meson+clang && BUILD_TYPE=meson CC=clang WITH_DOCS=0 contrib/scripts/nm-ci-run.sh - -check_run_clean rpm+autotools && test $IS_FEDORA = 1 -o $IS_CENTOS = 1 && ./contrib/fedora/rpm/build_clean.sh -g -w crypto_gnutls -w debug -w iwd -w test -W meson -check_run_clean rpm+meson && test $IS_FEDORA = 1 && ./contrib/fedora/rpm/build_clean.sh -g -w crypto_gnutls -w debug -w iwd -w test -w meson +check_run_clean meson+clang && BUILD_TYPE=meson CC=clang WITH_DOCS=0 contrib/scripts/nm-ci-run.sh +check_run_clean rpm+meson && test $IS_FEDORA = 1 && ./contrib/fedora/rpm/build_clean.sh -g -w crypto_gnutls -w debug -w iwd -w test -w meson if check_run_clean tarball && [ "$NM_BUILD_TARBALL" = 1 ]; then SIGN_SOURCE=0 ./contrib/fedora/rpm/build_clean.sh -r @@ -129,41 +121,7 @@ if check_run_clean tarball && [ "$NM_BUILD_TARBALL" = 1 ]; then do_clean fi -if check_run_clean tarball+autotools; then - BUILD_TYPE=autotools CC=gcc WITH_DOCS=1 CONFIGURE_ONLY=1 contrib/scripts/nm-ci-run.sh - pushd ./build - # dist & build with autotools - make distcheck -j$(nproc) - - # build with meson - DISTSRC="./distsrc-$RANDOM" - mkdir $DISTSRC - tar xvf ./NetworkManager-1*.tar.xz -C $DISTSRC --strip-components=1 - pushd $DISTSRC - BUILD_TYPE=meson CC=gcc WITH_DOCS=1 ../../contrib/scripts/nm-ci-run.sh - popd - popd - do_clean -fi - -if check_run_clean tarball+meson; then - BUILD_TYPE=meson CC=gcc WITH_DOCS=1 CONFIGURE_ONLY=1 contrib/scripts/nm-ci-run.sh - pushd ./build - # dist with meson/ninja - ninja dist - - # build with autotools - DISTSRC="./distsrc-$RANDOM" - mkdir $DISTSRC - tar xvf ./meson-dist/NetworkManager-1*.tar.xz -C $DISTSRC --strip-components=1 - pushd $DISTSRC - BUILD_TYPE=autotools CC=gcc WITH_DOCS=1 ../../contrib/scripts/nm-ci-run.sh - popd - rm -rf $DISTSRC - popd - do_clean -fi - +check_run_clean tarball+meson && BUILD_TYPE=meson CC=gcc WITH_DOCS=1 CONFIGURE_ONLY=1 contrib/scripts/nm-ci-run.sh ############################################################################### @@ -202,7 +160,7 @@ fi if [ "$NM_BUILD_TARBALL" = 1 ]; then do_clean - if check_run autotools+gcc+docs+valgrind ; then + if check_run meson+gcc+docs+valgrind ; then mv "$ARTIFACT_DIR/docs-html/" ./ fi if check_run tarball ; then diff --git a/.gitlab/issue_templates/Security_Vulnerability.md b/.gitlab/issue_templates/Security_Vulnerability.md new file mode 100644 index 0000000000..b8bb43b33e --- /dev/null +++ b/.gitlab/issue_templates/Security_Vulnerability.md @@ -0,0 +1,26 @@ +/confidential +/label ~"workflow::triage" + +## Summary + +(Summarize the security vulnerability encountered concisely) + +## Version affected + +(Which version of NetworkManager is affected (`nmcli --version`), which distro, and the version of any other relevant software involved) + +## Vulnerability details +* **Type:** (e.g., Buffer overflow, injection flaws, ...) +* **Severity:** (High/Medium/Low) +* **Any other vulnerability details:** + +## Steps to reproduce + +## Actual result + +## Expected result + +## Relevant logs + +(Please see the DEBUGGING section of "[man NetworkManager](https://networkmanager.pages.freedesktop.org/NetworkManager/NetworkManager/NetworkManager.html)" and attach any relevant log) + diff --git a/.triage-policies.yml b/.triage-policies.yml index 025333f403..6176b9195a 100644 --- a/.triage-policies.yml +++ b/.triage-policies.yml @@ -3,21 +3,167 @@ host_url: https://gitlab.freedesktop.org resource_rules: issues: rules: + - name: Set initial workflow stage + conditions: + state: opened + forbidden_labels: + - workflow::triage + - workflow::investigation + - workflow::devel + actions: + labels: + - workflow::triage + + - name: Ensure that only one workflow label is used (1/2) + conditions: + state: opened + labels: + - workflow::triage + - workflow::investigation + forbidden_labels: + - workflow::devel + actions: + remove_labels: + - workflow::triage + + - name: Ensure that only one workflow label is used (1/2) + conditions: + state: opened + labels: + - workflow::{triage, investigation} + - workflow::devel + actions: + remove_labels: + - workflow::triage + - workflow::investigation + + - name: Remove help-needed::* and unassigned labels on assigned issue + conditions: + state: opened + ruby: resource["assignees"].length > 0 + labels: + - help-needed::{triage, investigation, devel} + - unassigned + actions: + remove_labels: + - help-needed::triage + - help-needed::investigation + - help-needed::devel + - unassigned + + - name: Add help-needed::triage and unassigned labels on unassigned issues + conditions: + state: opened + ruby: resource["assignees"].length == 0 + labels: + - workflow::triage + forbidden_labels: + - help-needed::triage + - unassigned + actions: + labels: + - help-needed::triage + - unassigned + + - name: Remove wrong help-needed::* labels for issues on triage stage + conditions: + state: opened + labels: + - workflow::triage + - help-needed::{investigation, devel} + actions: + remove_labels: + - help-needed::investigation + - help-needed::devel + + - name: Add help-needed::investigation and unassigned labels on unassigned issues + conditions: + state: opened + ruby: resource["assignees"].length == 0 + labels: + - workflow::investigation + forbidden_labels: + - help-needed::investigation + - unassigned + actions: + labels: + - help-needed::investigation + - unassigned + + - name: Remove wrong help-needed::* labels for issues on investigation stage + conditions: + state: opened + labels: + - workflow::investigation + - help-needed::{triage, devel} + actions: + remove_labels: + - help-needed::triage + - help-needed::devel + + - name: Add help-needed::devel and unassigned labels on unassigned issues + conditions: + state: opened + ruby: resource["assignees"].length == 0 + labels: + - workflow::devel + forbidden_labels: + - help-needed::devel + - unassigned + actions: + labels: + - help-needed::devel + - unassigned + + - name: Remove wrong help-needed::* labels for issues on devel stage + conditions: + state: opened + labels: + - workflow::devel + - help-needed::{triage, investigation} + actions: + remove_labels: + - help-needed::triage + - help-needed::investigation + + - name: Remove triage::* labels if the issue is not triaged + conditions: + state: opened + labels: + - workflow::triage + - triaged::{bug, RFE} + actions: + remove_labels: + - triaged::bug + - triaged::RFE + + - name: Ensure that only one triaged::* label is used + conditions: + state: opened + labels: + - triaged::bug + - triaged::RFE + actions: + remove_labels: + - triaged::RFE + - name: Mark issue as stale with no activity for 4 months conditions: + state: opened date: attribute: updated_at condition: older_than interval_type: months interval: 4 - state: opened forbidden_labels: - stale actions: - comment: | - This issue has been inactive for 4 months and got stale. Contributions welcome to move it forward. + comment: >- + This issue has been inactive for 4 months and got stale. + Contributions welcome to move it forward. labels: - - stale + - stale + merge_requests: rules: - name: Mark merge-request as stale after no activity for 2 months @@ -31,7 +177,8 @@ resource_rules: forbidden_labels: - stale actions: - comment: | - This merge-request has been inactive for 2 months and got stale. Work is necessary to move it forward. + comment: >- + This merge-request has been inactive for 2 months and got stale. + Work is necessary to move it forward. labels: - - stale + - stale diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index e1851f2f58..215298e16b 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -33,8 +33,35 @@ and you still need to review them. You can also personally hand over the logfile to a NM developer to treat it confidential. -Contribute ----------- +Help with issues triage +----------------------- + +The big amount of reported issues is difficult to handle by the small team of +developers actively working on the project. Many bugs remain unfixed because +there is no enough time to investigate them. + +Working on issues triage and investigation is a very useful help that many +people can provide very effectively, even if they can't do the fix in the +code afterwards. + +This is the kind of help that may facilitate other developers to prepare a fix: +- Investigate if it's a real bug or if it's expected behaviour. +- Provide information and context to explain why it is a bug and what the + expected behaviour would be. +- Create reproducers. +- Investigate where the failure might be in the code, even if you don't know + how to fix it. +- In a general sense, provide any information that might be useful later. + +Find issues with the `help-needed::triage` and `help-needed::investigation` +label in our [issue tracker](https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues) +and help with them. Issues in "investigation" stage has been triaged, i.e. +identified as a bug, but there is not enough information to start working on it +yet. + + +Contribute patches +------------------ Send patches to our repository at [gitlab.freedesktop.org](https://gitlab.freedesktop.org/NetworkManager/NetworkManager/). If you are willing to contribute, please read these guidelines first: @@ -43,11 +70,8 @@ If you are willing to contribute, please read these guidelines first: - Work on any issue you want, but please put a comment to indicate that you are willing to work on it so others don't do the same work in parallel, or to - check whether anyone is already doing so. - -- Issues marked as `help-wanted` are those where the NetworkManager developers - are explicitly asking for contributors' help, probably due to lack of capacity - to work on it. + check whether anyone is already doing so. You can find issues waiting for a + developer to work on it searching for the `help-needed::devel` label. - Issues marked as `good-first-issue` indicate that they are probably quite simple fixes, well suited for first time contributors. diff --git a/MAINTAINERS.md b/MAINTAINERS.md index 2eeb75b0ec..5a75ee81fe 100644 --- a/MAINTAINERS.md +++ b/MAINTAINERS.md @@ -6,38 +6,51 @@ Issue tracker: https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/is Help other maintainers with the triage following these guidelines. This way, it will be easier to find issues that require attention. -- Assign an issue to yourself if you are going to take care of providing the - required help. Assign it to another person if he/she is more suitable to help, - but do this quite rarely so we take care of not overloading to anyone. +- Workflow: indicate the current stage with the corresponding label: -- Add suitable labels to indicate the state of open issues: + - `workflow::triage`: needs triage to determine whether is a bug, an RFE or we + should close it. + + - `workflow::investigation`: has been triaged but more info is needed to start + working on a fix. This step can be skipped if enough information is provided + during triage. + + - `workflow::devel`: on development (or waiting for it). + + - Closed: the issue is already solved, either via a code fix or via providing + the required info. Also if the request is clearly incorrect or doesn't fit + at all in the project. + +- Assignee: assign the issue to the person that is working on it. This will + remove the `unassigned` and `help-needed::*` labels. + +- Manual labels: add suitable labels to indicate the state of open issues: - `need-info`: waiting for info or feedback from anyone. + - `good-first-issue`: the task is simple and well suited for a first time + contributor. + + - `triaged::bug` / `triaged::RFE`: type of issue. + - `need-discussion`: something is not clear about what to do, or about if something has to be done at all. The problem should be discussed by the maintainers and/or with the reporter and/or other interested parts. - - `triaged`: if the problem is properly explained and understood. Add also - one of the labels `bug` or `RFE` as corresponds. - - - `help-wanted`: request external contributors to work on this. If it's a - simple fix, add `good-first-issue` too. - - - `work-in-progress`: anyone is already working on a Merge Request, so others. - - `blocked`: the issue is waiting for something that blocks its progress - `close-proposed`: there are good reasons to reject the request (explain - those reasons when adding the label). If after a reasonable time there is no - additional info that is good enouch to reconsider it, the issue will be - closed. - It is not mandatory to always use this tag before closing an issue, but - usually desirable. + those reasons when adding the label) but a chance to others to provide + reasons against it is desired. + It is not mandatory to always use this tag. + + - `Spam`: mark as spam, blocking the author. See [damspam](https://gitlab.freedesktop.org/freedesktop/damspam/-/blob/main/README.md?ref_type=heads). -- Close an issue if the problem is already solved, either via a code fix or via - some information that has been provided. Also if the request is clearly - incorrect or doesn't fit at all in the project. +- Automatic labels: some labels are automatically added and removed by a bot and + the maintainers don't need to care much about them. The label `stale` is + used for issues without activity for a long time. The labels `unassigned` and + `help-needed::{triage, investigation, devel}` are used for issues without an + assignee. Merging Merge Requests @@ -159,14 +172,114 @@ In practice when we want to backport new API from main we have two options: 19d7e66099ee43f47d6be0e740dc710fc365d200. Then, on main we add duplicate symbols with commit 5eade4da11ee38a0e7faf4a87b2c2b5af07c5eeb. -### Reimporting systemd + +NetworkManager release process +------------------------------ + +It's mostly automated by [release.sh](contrib/fedora/rpm/release.sh). + +Before running the script: +- For stable releases, remember to backport all commits with "Fixes:" tag that + are applicable. Use the [find-backports](contrib/scripts/find-backports) + script to find them. +- Start all the jobs in the latest Gitlab pipeline of the right branch. The + script checks that they ran successfully. + Tiers 1 and 2 must pass, failed Tier 3 jobs can be fixed after the release. + +The script also takes care of choosing the right version number depending on the +release type that you specify, like devel, rc1, rc, major, major-post, etc. +Run the script with `--help` to see all options. + +Notes: +- You need access to master.gnome.org, see [here](https://handbook.gnome.org/infrastructure/accounts.html). +- The GPG key used to sign the tags must be exported to a keyserver. + +Versioning scheme, automatically handled by the script (version numbers are +called MAJOR.MINOR.MICRO): +- Development releases has an odd MINOR version number (i.e. `1.47.2`). +- Stable releases has an even MINOR version number (i.e. `1.48.1`). +- Release candidates (RC) are tagged like `1.48-rc1`, `1.48-rc2`, etc. But in + NM's internal code they looks like `1.47.90`, `1.47.91`, etc. (MINOR is one + number less, and MICRO is >= 90). + +The main differences between the different kind of releases are: +- Development releases: for depelopment and testing purposes only. +- Release candidates (RC): stabilization phase before a stable release. Normally + there are one or two RCs with ~2 weeks cadence. More RCs can be releases if + they are needed. +- Stable releases: Releases within the same stable branch should remain very + stable while fixing important bugs, backported from `main`. New features are + added very rarely. + +Stable branches are branched out from `main` to prepare the first release +candidate (RC) of the next stable branch. These branches are called `nm-MAJOR-MINOR` +(i.e. `nm-1-48`). As they are used to release stable versions, the last number +is always even. + +There are some additional tasks that the script doesn't handle: +- For RC releases: + - The NEWS file should reflect a curated summary of the changes that the new + stable release will include. + - The release should be announced on the mailing list. +- For stable releases: + - The official documentation must be updated on the website when there is a new + stable release. Use the [import-docs.sh](https://gitlab.freedesktop.org/NetworkManager/networkmanager.pages.freedesktop.org/-/blob/main/scripts/import-docs.sh) + script from the website's repo. + - The release should be announced on the mailing list. + + +VPN plugins and nm-applet release process +----------------------------------------- + +The same versioning scheme and release process is used for the VPN plugins, +nm-applet (including nm-connection-editor) and libnma. + +Note that each of them is hosted in its own repository, but this is documented +here to avoid duplication, as the process is the same for all (at least for +those that we maintain). + +Also note that there are no stable branches or development versions. Everything +is developed on main, and releases are done on main. + +Versioning scheme (version numbers are called MAJOR.MINOR.MICRO): +- Small changes increments only the MICRO number. +- Bigger changes or new features increments the MINOR number. +- There is no strict criteria to define what change is small or big, but try to + adhere mostly to [semantic versioning](https://semver.org/). +- Use only even numbers for MINOR, skipping odd ones. That way we use the same + versioning scheme than the main NM project despite there are no development + versions here. + +When doing a release, follow this process: +1. Ensure that `NEWS` file is up to date. +2. Increment the version in `configure.ac`, commit and tag the commit. Example: + `git tag -s 1.2.8 -m 'Tag 1.2.8'`. +3. Ensure that you are on the right commit and create the tarball: + `git clean -fdx && ./autogen.sh && make distcheck` +4. Upload the tarball: `scp ./*-*.tar.xz "$user@master.gnome.org:"` +5. Login to `master.gnome.org` and run `ftpadmin install`. + Ensure the new tarballs show up at https://download.gnome.org/sources/ + (happens after a short delay) +6. Announce the release on the mailing list. + +Notes: +- You need access to master.gnome.org, see [here](https://handbook.gnome.org/infrastructure/accounts.html). +- The GPG key used to sign the tags must be exported to a keyserver. + + +Reimporting systemd +------------------- See [here](src/libnm-systemd-shared/README.md#reimport-upstream-code). -### Copr repository + +Copr repository +--------------- See [here](contrib/scripts/nm-copr-build.sh). -### gitlab-ci Pipelines + +Gitlab-ci Pipelines +------------------- See [here](.gitlab-ci/README.md). diff --git a/NEWS b/NEWS index e403b62fa9..716b90546a 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,15 @@ +============================================= +NetworkManager-1.50 +Overview of changes since NetworkManager-1.48 +============================================= + +This is a snapshot of NetworkManager development. The API is +subject to change and not guaranteed to be compatible with +the later release. +USE AT YOUR OWN RISK. NOT RECOMMENDED FOR PRODUCTION USE! + +* Support matching a OVS system interface by MAC address. + ============================================= NetworkManager-1.48 Overview of changes since NetworkManager-1.46 @@ -791,7 +803,7 @@ This is a new stable release of NetworkManager. Notable changes include: * The libnm-glib library, deprecated in favor of libnm since NetworkManager 1.0, and disabled by default since NetworkManager 1.12, has now been removed. -* The DHCP client now defaults to "internal". The default can be overriden +* The DHCP client now defaults to "internal". The default can be overridden at build time by using the --with-config-dhcp-default option of the configure script or at run time by setting the main.dhcp option in the configuration file. diff --git a/README.md b/README.md index 7eed9c9f80..f536295a9f 100644 --- a/README.md +++ b/README.md @@ -133,7 +133,12 @@ Report bugs or feature request in our [issue tracker](https://gitlab.freedesktop See [Report issues](https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/main/CONTRIBUTING.md?ref_type=heads#report-issues) for details about how to do it. -To get involved, see [CONTRIBUTING.md](CONTRIBUTING.md) + +Contribute +---------- + +To get involved, see [CONTRIBUTING.md](CONTRIBUTING.md) to find different ways +to contribute. License diff --git a/configure.ac b/configure.ac index 56ffa24a88..16970b2456 100644 --- a/configure.ac +++ b/configure.ac @@ -7,8 +7,8 @@ dnl - add corresponding NM_VERSION_x_y_z macros in dnl "shared/nm-version-macros.h.in" dnl - update number in meson.build m4_define([nm_major_version], [1]) -m4_define([nm_minor_version], [48]) -m4_define([nm_micro_version], [0]) +m4_define([nm_minor_version], [49]) +m4_define([nm_micro_version], [1]) m4_define([nm_version], [nm_major_version.nm_minor_version.nm_micro_version]) diff --git a/contrib/fedora/rpm/22-wifi-mac-addr.conf b/contrib/fedora/rpm/22-wifi-mac-addr.conf index 2e329c8895..7389a3de73 100644 --- a/contrib/fedora/rpm/22-wifi-mac-addr.conf +++ b/contrib/fedora/rpm/22-wifi-mac-addr.conf @@ -23,7 +23,7 @@ # # See `man 5 nm-settings` for "wifi.cloned-mac-address" and "connection.stable-id". -[connection.22-wifi-mac-addr] +[connection-22-wifi-mac-addr] match-device=type:wifi wifi.cloned-mac-address=stable-ssid diff --git a/contrib/fedora/rpm/NetworkManager.spec b/contrib/fedora/rpm/NetworkManager.spec index 9e17053a76..ee67a05d3e 100644 --- a/contrib/fedora/rpm/NetworkManager.spec +++ b/contrib/fedora/rpm/NetworkManager.spec @@ -48,7 +48,7 @@ %global systemd_units_cloud_setup nm-cloud-setup.service nm-cloud-setup.timer ############################################################################### -%if 0%{?fedora} > 40 +%if 0%{?fedora} > 40 || 0%{?rhel} >= 10 %bcond_without meson %else %bcond_with meson @@ -259,11 +259,26 @@ Obsoletes: NetworkManager < %{obsoletes_ifcfg_rh} Requires: wpa_supplicant >= 1:1.1 %endif +%if 0%{?rhel} && 0%{?rhel} >= 10 +%if 0%{without team} +Obsoletes: NetworkManager-team < 1:1.47.5-3 +%endif +Obsoletes: NetworkManager-initscripts-ifcfg-rh < 1:1.47.5-3 +Obsoletes: NetworkManager-dispatcher-routing-rules < 1:1.47.5-3 +%endif + Conflicts: NetworkManager-vpnc < 1:0.7.0.99-1 Conflicts: NetworkManager-openvpn < 1:0.7.0.99-1 Conflicts: NetworkManager-pptp < 1:0.7.0.99-1 Conflicts: NetworkManager-openconnect < 0:0.7.0.99-1 Conflicts: kde-plasma-networkmanagement < 1:0.9-0.49.20110527git.nm09 +%if 0%{?rhel} && 0%{?rhel} >= 10 +%if 0%{without team} +Conflicts: NetworkManager-team <= 1:1.47.5-3 +%endif +Conflicts: NetworkManager-initscripts-ifcfg-rh <= 1:1.47.5-3 +Conflicts: NetworkManager-dispatcher-routing-rules <= 1:1.47.5-3 +%endif BuildRequires: make BuildRequires: gcc diff --git a/contrib/fedora/rpm/configure-for-system.sh b/contrib/fedora/rpm/configure-for-system.sh index 1af647d51c..37966ae40c 100755 --- a/contrib/fedora/rpm/configure-for-system.sh +++ b/contrib/fedora/rpm/configure-for-system.sh @@ -30,7 +30,7 @@ vars_with_vals() { } usage() { - echo "$ $0 [-m|--meson] [-a|--autotools] [-s|--show] [-B|--no-build] [-h|--help]" + echo "$ $0 [-m|--meson ] [-a|--autotools] [-s|--show] [-B|--no-build] [-h|--help]" echo "" echo "Configure NetworkManager in a way that is similar to when building" echo "RPMs of NetworkManager for Fedora/RHEL. The effect is that \`make install\`" @@ -149,7 +149,9 @@ P_NOBUILD="${NOBUILD-0}" P_DEBUG="${DEBUG-1}" -P_BUILD_TYPE="${BUILD_TYPE-}" +P_BUILD_TYPE="${BUILD_TYPE-meson}" +P_MESON_BUILDDIR="${MESON_BUILDDIR-./build}" +[ -n "$MESON_BUILDDIR" ] && P_MESON_BUILDDIR_FORCE=1 P_CFLAGS="${CFLAGS-}" P_CC="${CC-$((! command -v gcc && command -v clang) &>/dev/null && echo clang || echo gcc)}" @@ -306,22 +308,15 @@ else P_CFLAGS="-g -O2 -fexceptions${P_CFLAGS:+ }$P_CFLAGS" fi -if [ -z "$P_BUILD_TYPE" ] ; then - if [ -d ./build -a ! -f ./configure ] ; then - P_BUILD_TYPE=meson - elif [ ! -d ./build -a -f ./configure ] ; then - P_BUILD_TYPE=autotools - else - P_BUILD_TYPE=autotools - fi -fi - while [[ $# -gt 0 ]] ; do A="$1" shift case "$A" in --meson|-m) P_BUILD_TYPE=meson + P_MESON_BUILDDIR="$1" + P_MESON_BUILDDIR_FORCE=1 + shift ;; --autotools|-a) P_BUILD_TYPE=autotools @@ -343,11 +338,19 @@ while [[ $# -gt 0 ]] ; do esac done +if [ "$P_BUILD_TYPE" = meson -a "$P_MESON_BUILDDIR_FORCE" != 1 ]; then + if [ -d "$P_MESON_BUILDDIR" ]; then + echo "Build directory '$P_MESON_BUILDDIR' chosen by default, but it exists and will be overwritten." \ + "If you really want that, pass '--meson \"$P_MESON_BUILDDIR\"'." >&2 + exit 1 + fi +fi + vars_with_vals if [ "$P_BUILD_TYPE" == meson ] ; then MESON_RECONFIGURE= - if test -d "./build/" ; then + if test -d "$P_MESON_BUILDDIR" ; then MESON_RECONFIGURE="--reconfigure" fi @@ -355,7 +358,8 @@ if [ "$P_BUILD_TYPE" == meson ] ; then env \ CC="$P_CC" \ CFLAGS="$P_CFLAGS" \ - meson \ + meson setup\ + $MESON_RECONFIGURE \ --buildtype=plain \ --prefix="$D_PREFIX" \ --libdir="$D_LIBDIR" \ @@ -372,11 +376,6 @@ if [ "$P_BUILD_TYPE" == meson ] ; then --sharedstatedir="$D_SHAREDSTATEDIR" \ --wrap-mode=nodownload \ --auto-features=enabled \ - \ - build \ - \ - $MESON_RECONFIGURE \ - \ -Db_ndebug=false \ --warnlevel 2 \ $(args_enable "$P_TEST" --werror) \ @@ -429,6 +428,8 @@ if [ "$P_BUILD_TYPE" == meson ] ; then -Dnetconfig=no \ -Dconfig_dns_rc_manager_default="$P_DNS_RC_MANAGER_DEFAULT" \ -Dconfig_logging_backend_default="$P_LOGGING_BACKEND_DEFAULT" \ + \ + "$P_MESON_BUILDDIR" \ ; else if ! test -x ./configure ; then @@ -520,7 +521,7 @@ fi if ! bool "$P_NOBUILD" ; then if [ "$P_BUILD_TYPE" == meson ] ; then - $SHOW_CMD ninja -C build + $SHOW_CMD ninja -C "$P_MESON_BUILDDIR" else $SHOW_CMD make -j 10 fi diff --git a/data/NetworkManager.service.in b/data/NetworkManager.service.in index f09ae86ceb..8cd2ac87a3 100644 --- a/data/NetworkManager.service.in +++ b/data/NetworkManager.service.in @@ -19,7 +19,6 @@ KillMode=process # With a huge number of interfaces, starting can take a long time. TimeoutStartSec=600 -# CAP_DAC_OVERRIDE: required to open /run/openvswitch/db.sock socket. CapabilityBoundingSet=CAP_NET_ADMIN CAP_DAC_OVERRIDE CAP_NET_RAW CAP_NET_BIND_SERVICE CAP_SETGID CAP_SETUID CAP_SYS_MODULE CAP_AUDIT_WRITE CAP_KILL CAP_SYS_CHROOT ProtectSystem=true diff --git a/man/NetworkManager.conf.xml b/man/NetworkManager.conf.xml index d86523c139..36e10061de 100644 --- a/man/NetworkManager.conf.xml +++ b/man/NetworkManager.conf.xml @@ -492,7 +492,7 @@ no-auto-default=* files without preserving their contents. - The path can also be overriden by pointing to a specific + The path can also be overridden by pointing to a specific existing and writable directory. On the other hand setting this to an empty string or any other value disables the profile conversion mechanism. diff --git a/meson.build b/meson.build index da78cdba38..6f3d937978 100644 --- a/meson.build +++ b/meson.build @@ -6,7 +6,7 @@ project( # - add corresponding NM_VERSION_x_y_z macros in # "src/libnm-core-public/nm-version-macros.h.in" # - update number in configure.ac - version: '1.48.0', + version: '1.49.1', license: 'GPL2+', default_options: [ 'buildtype=debugoptimized', diff --git a/po/ca.po b/po/ca.po index 476101788f..828a201627 100644 --- a/po/ca.po +++ b/po/ca.po @@ -7801,7 +7801,7 @@ msgstr "" #: src/libnmc-setting/settings-docs.h.in:190 msgid "" -"Configure method for creating the IPv6 interface identifer of addresses with " +"Configure method for creating the IPv6 interface identifier of addresses with " "RFC4862 IPv6 Stateless Address Autoconfiguration and Link Local addresses. " "The permitted values are: \"eui64\" (0), \"stable-privacy\" (1), " "\"default\" (3) or \"default-or-eui64\" (2). If the property is set to " diff --git a/po/de.po b/po/de.po index 53b82b8d26..5616c7c190 100644 --- a/po/de.po +++ b/po/de.po @@ -8278,7 +8278,7 @@ msgstr "" #: src/libnmc-setting/settings-docs.h.in:192 msgid "" -"Configure method for creating the IPv6 interface identifer of addresses with " +"Configure method for creating the IPv6 interface identifier of addresses with " "RFC4862 IPv6 Stateless Address Autoconfiguration and Link Local addresses. The " "permitted values are: \"eui64\" (0), \"stable-privacy\" (1), \"default\" (3) " "or \"default-or-eui64\" (2). If the property is set to \"eui64\", the " diff --git a/po/ka.po b/po/ka.po index 9245b74c32..577fa66cd7 100644 --- a/po/ka.po +++ b/po/ka.po @@ -7259,7 +7259,7 @@ msgstr "" #: src/libnmc-setting/settings-docs.h.in:190 msgid "" -"Configure method for creating the IPv6 interface identifer of addresses with " +"Configure method for creating the IPv6 interface identifier of addresses with " "RFC4862 IPv6 Stateless Address Autoconfiguration and Link Local addresses. " "The permitted values are: \"eui64\" (0), \"stable-privacy\" (1), " "\"default\" (3) or \"default-or-eui64\" (2). If the property is set to " diff --git a/po/ru.po b/po/ru.po index 2844510ec0..8688e7ee2c 100644 --- a/po/ru.po +++ b/po/ru.po @@ -8634,7 +8634,7 @@ msgstr "Список, через запятую, правил маршрутиз #: src/libnmc-setting/settings-docs.h.in:191 msgid "" -"Configure method for creating the IPv6 interface identifer of addresses with " +"Configure method for creating the IPv6 interface identifier of addresses with " "RFC4862 IPv6 Stateless Address Autoconfiguration and Link Local addresses. " "The permitted values are: \"eui64\" (0), \"stable-privacy\" (1), " "\"default\" (3) or \"default-or-eui64\" (2). If the property is set to " diff --git a/po/sv.po b/po/sv.po index cafc42dca5..ea74c7b479 100644 --- a/po/sv.po +++ b/po/sv.po @@ -8600,7 +8600,7 @@ msgstr "En kommaseparerad lista med routingregler för policyrouting." #: src/libnmc-setting/settings-docs.h.in:195 msgid "" -"Configure method for creating the IPv6 interface identifer of addresses with " +"Configure method for creating the IPv6 interface identifier of addresses with " "RFC4862 IPv6 Stateless Address Autoconfiguration and Link Local addresses. " "The permitted values are: \"eui64\" (0), \"stable-privacy\" (1), " "\"default\" (3) or \"default-or-eui64\" (2). If the property is set to " diff --git a/po/tr.po b/po/tr.po index afc3a6cf6c..603bd35caa 100644 --- a/po/tr.po +++ b/po/tr.po @@ -7839,7 +7839,7 @@ msgstr "" #: src/libnmc-setting/settings-docs.h.in:197 msgid "" -"Configure method for creating the IPv6 interface identifer of addresses with " +"Configure method for creating the IPv6 interface identifier of addresses with " "RFC4862 IPv6 Stateless Address Autoconfiguration and Link Local addresses. " "The permitted values are: \"eui64\" (0), \"stable-privacy\" (1), " "\"default\" (3) or \"default-or-eui64\" (2). If the property is set to " diff --git a/po/uk.po b/po/uk.po index a8d14a7de3..02ff3f9d76 100644 --- a/po/uk.po +++ b/po/uk.po @@ -8535,7 +8535,7 @@ msgstr "Список відокремлених комами правил мар #: src/libnmc-setting/settings-docs.h.in:190 msgid "" -"Configure method for creating the IPv6 interface identifer of addresses with " +"Configure method for creating the IPv6 interface identifier of addresses with " "RFC4862 IPv6 Stateless Address Autoconfiguration and Link Local addresses. " "The permitted values are: \"eui64\" (0), \"stable-privacy\" (1), \"default" "\" (3) or \"default-or-eui64\" (2). If the property is set to \"eui64\", the " diff --git a/src/core/devices/nm-device-bridge.c b/src/core/devices/nm-device-bridge.c index 2405beeaed..82314f1364 100644 --- a/src/core/devices/nm-device-bridge.c +++ b/src/core/devices/nm-device-bridge.c @@ -299,13 +299,11 @@ typedef struct { } Option; #define OPTION(_name, _sysname, ...) \ - { \ - .name = ""_name \ - "", \ - .sysname = ""_sysname \ - "", \ - __VA_ARGS__ \ - } + {.name = ""_name \ + "", \ + .sysname = ""_sysname \ + "", \ + __VA_ARGS__} #define OPTION_TYPE_INT(min, max, def) .nm_min = (min), .nm_max = (max), .nm_default = (def) diff --git a/src/core/devices/nm-device.c b/src/core/devices/nm-device.c index b96adefbd0..f3441508ab 100644 --- a/src/core/devices/nm-device.c +++ b/src/core/devices/nm-device.c @@ -17205,6 +17205,14 @@ nm_device_get_state(NMDevice *self) return NM_DEVICE_GET_PRIVATE(self)->state; } +NMDeviceStateReason +nm_device_get_state_reason(NMDevice *self) +{ + g_return_val_if_fail(NM_IS_DEVICE(self), NM_DEVICE_STATE_REASON_NONE); + + return NM_DEVICE_GET_PRIVATE(self)->state_reason; +} + /*****************************************************************************/ /** diff --git a/src/core/devices/nm-device.h b/src/core/devices/nm-device.h index ffe6b1af99..ba45497ce2 100644 --- a/src/core/devices/nm-device.h +++ b/src/core/devices/nm-device.h @@ -561,7 +561,8 @@ int nm_device_spec_match_list_full(NMDevice *self, const GSList *specs, int gboolean nm_device_is_activating(NMDevice *dev); gboolean nm_device_autoconnect_allowed(NMDevice *self); -NMDeviceState nm_device_get_state(NMDevice *device); +NMDeviceState nm_device_get_state(NMDevice *device); +NMDeviceStateReason nm_device_get_state_reason(NMDevice *device); gboolean nm_device_get_enabled(NMDevice *device); diff --git a/src/core/devices/ovs/nm-ovsdb.c b/src/core/devices/ovs/nm-ovsdb.c index 68366f7398..8e32cff57c 100644 --- a/src/core/devices/ovs/nm-ovsdb.c +++ b/src/core/devices/ovs/nm-ovsdb.c @@ -461,7 +461,7 @@ ovsdb_call_method(NMOvsdb *self, "new: add-interface bridge=%s port=%s interface=%s", nm_connection_get_interface_name(call->payload.add_interface.bridge), nm_connection_get_interface_name(call->payload.add_interface.port), - nm_connection_get_interface_name(call->payload.add_interface.interface)); + nm_device_get_iface(call->payload.add_interface.interface_device)); break; case OVSDB_DEL_INTERFACE: call->payload.del_interface.ifname = g_strdup(payload->del_interface.ifname); @@ -945,7 +945,7 @@ _insert_interface(json_t *params, row = json_pack("{s:s, s:s, s:o, s:o, s:o}", "name", - nm_connection_get_interface_name(interface), + nm_device_get_iface(interface_device), "type", type ?: "", "options", @@ -1196,7 +1196,7 @@ _add_interface(NMOvsdb *self, bridge_name = nm_connection_get_interface_name(bridge); port_name = nm_connection_get_interface_name(port); - interface_name = nm_connection_get_interface_name(interface); + interface_name = nm_device_get_iface(interface_device); interface_is_local = nm_streq0(bridge_name, interface_name); /* Determine cloned MAC addresses */ diff --git a/src/core/devices/wifi/nm-device-iwd.c b/src/core/devices/wifi/nm-device-iwd.c index 89444640f8..d6e3ed0808 100644 --- a/src/core/devices/wifi/nm-device-iwd.c +++ b/src/core/devices/wifi/nm-device-iwd.c @@ -3483,7 +3483,7 @@ nm_device_iwd_parse_netconfig(NMDeviceIwd *self, int addr_family, GVariantIter * /* Use SOURCE_DHCP as shorthand for the various autoconfiguration protocols */ source = NM_IP_CONFIG_SOURCE_DHCP; else - _LOGW(LOGD_WIFI, "iwd_parse_netconfig: Uknown Method value \"%s\"", str_value); + _LOGW(LOGD_WIFI, "iwd_parse_netconfig: Unknown Method value \"%s\"", str_value); } if (nm_streq(key, "Addresses")) { @@ -3527,7 +3527,7 @@ nm_device_iwd_parse_netconfig(NMDeviceIwd *self, int addr_family, GVariantIter * else if (nm_streq(str_value, "resolve")) mdns = NM_SETTING_CONNECTION_MDNS_RESOLVE; else - _LOGW(LOGD_WIFI, "iwd_parse_netconfig: Uknown MDNS value \"%s\"", str_value); + _LOGW(LOGD_WIFI, "iwd_parse_netconfig: Unknown MDNS value \"%s\"", str_value); } } diff --git a/src/core/devices/wifi/nm-device-wifi-p2p.c b/src/core/devices/wifi/nm-device-wifi-p2p.c index 981811a3b1..f06383b102 100644 --- a/src/core/devices/wifi/nm-device-wifi-p2p.c +++ b/src/core/devices/wifi/nm-device-wifi-p2p.c @@ -54,6 +54,7 @@ typedef struct { guint peer_missing_id; bool is_waiting_for_supplicant : 1; + bool enabled : 1; } NMDeviceWifiP2PPrivate; struct _NMDeviceWifiP2P { @@ -774,7 +775,6 @@ supplicant_group_iface_is_ready(NMDeviceWifiP2P *self) return; } - _set_is_waiting_for_supplicant(self, FALSE); check_group_iface_ready(self); } @@ -875,7 +875,6 @@ supplicant_iface_group_started_cb(NMSupplicantInterface *iface, state = nm_supplicant_interface_get_state(priv->group_iface); if (state == NM_SUPPLICANT_INTERFACE_STATE_STARTING) { - _set_is_waiting_for_supplicant(self, TRUE); return; } @@ -917,7 +916,7 @@ supplicant_interfaces_release(NMDeviceWifiP2P *self, gboolean set_is_waiting) supplicant_group_interface_release(self); - if (set_is_waiting) + if (set_is_waiting && priv->enabled) _set_is_waiting_for_supplicant(self, TRUE); } @@ -948,9 +947,10 @@ device_state_changed(NMDevice *device, case NM_DEVICE_STATE_UNMANAGED: break; case NM_DEVICE_STATE_UNAVAILABLE: - if (!priv->mgmt_iface - || !nm_supplicant_interface_state_is_operational( - nm_supplicant_interface_get_state(priv->mgmt_iface))) + if (priv->enabled + && (!priv->mgmt_iface + || !nm_supplicant_interface_state_is_operational( + nm_supplicant_interface_get_state(priv->mgmt_iface)))) _set_is_waiting_for_supplicant(self, TRUE); break; case NM_DEVICE_STATE_NEED_AUTH: @@ -1122,6 +1122,32 @@ impl_device_wifi_p2p_stop_find(NMDBusObject *obj, NULL); } +static gboolean +get_enabled(NMDevice *device) +{ + return NM_DEVICE_WIFI_P2P_GET_PRIVATE(device)->enabled; +} + +static void +set_enabled(NMDevice *device, gboolean enabled) +{ + NMDeviceWifiP2P *self = NM_DEVICE_WIFI_P2P(device); + NMDeviceWifiP2PPrivate *priv = NM_DEVICE_WIFI_P2P_GET_PRIVATE(self); + + enabled = !!enabled; + + if (priv->enabled == enabled) + return; + + priv->enabled = enabled; + + _LOGD(LOGD_DEVICE | LOGD_WIFI, "device now %s", enabled ? "enabled" : "disabled"); + + if (!enabled) { + _set_is_waiting_for_supplicant(self, FALSE); + } +} + /*****************************************************************************/ NMSupplicantInterface * @@ -1172,10 +1198,12 @@ done: nm_device_queue_recheck_available(NM_DEVICE(self), NM_DEVICE_STATE_REASON_SUPPLICANT_AVAILABLE, NM_DEVICE_STATE_REASON_SUPPLICANT_FAILED); - _set_is_waiting_for_supplicant(self, - !priv->mgmt_iface - || !nm_supplicant_interface_state_is_operational( - nm_supplicant_interface_get_state(priv->mgmt_iface))); + _set_is_waiting_for_supplicant( + self, + priv->enabled + && (!priv->mgmt_iface + || !nm_supplicant_interface_state_is_operational( + nm_supplicant_interface_get_state(priv->mgmt_iface)))); } void @@ -1338,6 +1366,8 @@ nm_device_wifi_p2p_class_init(NMDeviceWifiP2PClass *klass) device_class->get_configured_mtu = get_configured_mtu; device_class->get_auto_ip_config_method = get_auto_ip_config_method; device_class->act_stage3_ip_config = act_stage3_ip_config; + device_class->set_enabled = set_enabled; + device_class->get_enabled = get_enabled; device_class->deactivate = deactivate; device_class->unmanaged_on_quit = unmanaged_on_quit; diff --git a/src/core/dhcp/nm-dhcp-options.c b/src/core/dhcp/nm-dhcp-options.c index 7c47c82e05..f89237c51f 100644 --- a/src/core/dhcp/nm-dhcp-options.c +++ b/src/core/dhcp/nm-dhcp-options.c @@ -11,9 +11,11 @@ /*****************************************************************************/ -#define REQ(_num, _name, _include) \ - { \ - .name = NM_DHCP_OPTION_REQPREFIX ""_name, .option_num = _num, .include = _include, \ +#define REQ(_num, _name, _include) \ + { \ + .name = NM_DHCP_OPTION_REQPREFIX ""_name, \ + .option_num = _num, \ + .include = _include, \ } const NMDhcpOption _nm_dhcp_option_dhcp4_options[] = { diff --git a/src/core/nm-active-connection.c b/src/core/nm-active-connection.c index b08d26c28b..7d89251caa 100644 --- a/src/core/nm-active-connection.c +++ b/src/core/nm-active-connection.c @@ -50,6 +50,7 @@ typedef struct _NMActiveConnectionPrivate { NMAuthSubject *subject; NMActiveConnection *controller; + NMDevice *controller_dev; NMActiveConnection *parent; @@ -826,6 +827,31 @@ master_state_cb(NMActiveConnection *master, GParamSpec *pspec, gpointer user_dat } } +static void +controller_dev_state_cb(NMDevice *controller_dev, + NMDeviceState new_state, + NMDeviceState old_state, + NMDeviceStateReason reason, + gpointer user_data) +{ + NMActiveConnection *self = NM_ACTIVE_CONNECTION(user_data); + NMActiveConnectionPrivate *priv = NM_ACTIVE_CONNECTION_GET_PRIVATE(self); + NMActRequest *controller_act_request; + NMActiveConnection *controller_ac; + + if (new_state >= NM_DEVICE_STATE_PREPARE && new_state <= NM_DEVICE_STATE_ACTIVATED) { + controller_act_request = nm_device_get_act_request(controller_dev); + if (controller_act_request) { + controller_ac = NM_ACTIVE_CONNECTION(controller_act_request); + g_signal_handlers_disconnect_by_func(controller_dev, + G_CALLBACK(controller_dev_state_cb), + self); + g_clear_object(&priv->controller_dev); + nm_active_connection_set_controller(self, controller_ac); + } + } +} + /** * nm_active_connection_set_controller: * @self: the #NMActiveConnection @@ -867,6 +893,36 @@ nm_active_connection_set_controller(NMActiveConnection *self, NMActiveConnection check_controller_ready(self); } +void +nm_active_connection_set_controller_dev(NMActiveConnection *self, NMDevice *controller_dev) +{ + NMActiveConnectionPrivate *priv; + + g_return_if_fail(NM_IS_ACTIVE_CONNECTION(self)); + g_return_if_fail(NM_IS_DEVICE(controller_dev)); + + priv = NM_ACTIVE_CONNECTION_GET_PRIVATE(self); + + /* Controller device is write-once, and must be set before exporting the object */ + g_return_if_fail(priv->controller_dev == NULL); + g_return_if_fail(!nm_dbus_object_is_exported(NM_DBUS_OBJECT(self))); + if (priv->device) { + g_return_if_fail(priv->device != controller_dev); + } + + _LOGD("set controller device %p, %s(%s), state %s", + controller_dev, + nm_device_get_iface(controller_dev), + nm_device_get_type_desc(controller_dev), + nm_device_state_to_string(nm_device_get_state(controller_dev))); + + priv->controller_dev = g_object_ref(controller_dev); + g_signal_connect(priv->controller_dev, + NM_DEVICE_STATE_CHANGED, + G_CALLBACK(controller_dev_state_cb), + self); +} + NMActivationType nm_active_connection_get_activation_type(NMActiveConnection *self) { @@ -1533,7 +1589,13 @@ dispose(GObject *object) if (priv->controller) { g_signal_handlers_disconnect_by_func(priv->controller, G_CALLBACK(master_state_cb), self); } + if (priv->controller_dev) { + g_signal_handlers_disconnect_by_func(priv->controller_dev, + G_CALLBACK(controller_dev_state_cb), + self); + } g_clear_object(&priv->controller); + g_clear_object(&priv->controller_dev); if (priv->parent) unwatch_parent(self, TRUE); diff --git a/src/core/nm-active-connection.h b/src/core/nm-active-connection.h index 12cb311c97..ba32830257 100644 --- a/src/core/nm-active-connection.h +++ b/src/core/nm-active-connection.h @@ -175,6 +175,7 @@ NMActiveConnection *nm_active_connection_get_controller(NMActiveConnection *self gboolean nm_active_connection_get_controller_ready(NMActiveConnection *self); void nm_active_connection_set_controller(NMActiveConnection *self, NMActiveConnection *controller); +void nm_active_connection_set_controller_dev(NMActiveConnection *self, NMDevice *controller_dev); void nm_active_connection_set_parent(NMActiveConnection *self, NMActiveConnection *parent); diff --git a/src/core/nm-manager.c b/src/core/nm-manager.c index b2a827e38b..ddbd20218b 100644 --- a/src/core/nm-manager.c +++ b/src/core/nm-manager.c @@ -5943,7 +5943,20 @@ _internal_activate_device(NMManager *self, NMActiveConnection *active, GError ** NM_DEVICE_STATE_REASON_USER_REQUESTED); } - nm_active_connection_set_controller(active, master_ac); + /* If controller NMActiveConnection is deactivating, we should wait on + * controller's NMDevice to have new NMActiveConnection after + * controller device state change to between NM_DEVICE_STATE_PREPARE and + * NM_DEVICE_STATE_ACTIVATED. + */ + if ((nm_active_connection_get_state(master_ac) >= NM_ACTIVE_CONNECTION_STATE_DEACTIVATING) + && master_device + && (nm_device_get_state_reason(master_device) + == NM_DEVICE_STATE_REASON_NEW_ACTIVATION)) { + nm_active_connection_set_controller_dev(active, master_device); + } else { + nm_active_connection_set_controller(active, master_ac); + } + _LOGD(LOGD_CORE, "Activation of '%s' depends on active connection %p %s", nm_settings_connection_get_id(sett_conn), @@ -7947,6 +7960,7 @@ nm_manager_write_device_state_all(NMManager *self) NMManagerPrivate *priv = NM_MANAGER_GET_PRIVATE(self); gs_unref_hashtable GHashTable *preserve_ifindexes = NULL; NMDevice *device; + NMActiveConnection *ac; preserve_ifindexes = g_hash_table_new(nm_direct_hash, NULL); @@ -7958,6 +7972,14 @@ nm_manager_write_device_state_all(NMManager *self) } } + /* Save to disk the timestamps of active connections as if we were bringing them down. + * Otherwise they will be wrong on next start and affect the activation order. + */ + c_list_for_each_entry (ac, &priv->active_connections_lst_head, active_connections_lst) { + NMSettingsConnection *sett = nm_active_connection_get_settings_connection(ac); + nm_settings_connection_update_timestamp(sett, (guint64) time(NULL)); + } + nm_config_device_state_prune_stale(preserve_ifindexes, NULL); } diff --git a/src/core/platform/tests/test-common.c b/src/core/platform/tests/test-common.c index fde7dc0de7..99b8bc45fe 100644 --- a/src/core/platform/tests/test-common.c +++ b/src/core/platform/tests/test-common.c @@ -59,10 +59,8 @@ typedef struct { } IPTunnelModInfo; -#define INF(_module_name, _iftype, _ifname, ...) \ - { \ - .module_name = ""_module_name, .iftype = _iftype, .ifname = ""_ifname, __VA_ARGS__ \ - } +#define INF(_module_name, _iftype, _ifname, ...) \ + {.module_name = ""_module_name, .iftype = _iftype, .ifname = ""_ifname, __VA_ARGS__} static const IPTunnelModInfo ip_tunnel_mod_infos[] = { INF("ip_gre", NM_LINK_TYPE_GRE, "gre0"), diff --git a/src/core/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.c b/src/core/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.c index 277d0d5fab..50484405b8 100644 --- a/src/core/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.c +++ b/src/core/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.c @@ -700,9 +700,10 @@ nms_ifcfg_rh_utils_is_numbered_tag_impl(const char *key, /*****************************************************************************/ -#define _KEY_TYPE(key, flags) \ - { \ - .key_name = "" key "", .key_flags = ((NMS_IFCFG_KEY_TYPE_WELL_KNOWN) | (flags)), \ +#define _KEY_TYPE(key, flags) \ + { \ + .key_name = "" key "", \ + .key_flags = ((NMS_IFCFG_KEY_TYPE_WELL_KNOWN) | (flags)), \ } const NMSIfcfgKeyTypeInfo nms_ifcfg_well_known_keys[] = { diff --git a/src/core/supplicant/nm-supplicant-settings-verify.c b/src/core/supplicant/nm-supplicant-settings-verify.c index c7aaf47d9f..7632854153 100644 --- a/src/core/supplicant/nm-supplicant-settings-verify.c +++ b/src/core/supplicant/nm-supplicant-settings-verify.c @@ -20,21 +20,30 @@ struct Opt { typedef gboolean (*validate_func)(const struct Opt *, const char *, const guint32); -#define OPT_INT(_key, _int_low, _int_high) \ - { \ - .key = _key, .type = NM_SUPPL_OPT_TYPE_INT, .int_high = _int_high, .int_low = _int_low, \ +#define OPT_INT(_key, _int_low, _int_high) \ + { \ + .key = _key, \ + .type = NM_SUPPL_OPT_TYPE_INT, \ + .int_high = _int_high, \ + .int_low = _int_low, \ } -#define OPT_BYTES(_key, _int_high) \ - { \ - .key = _key, .type = NM_SUPPL_OPT_TYPE_BYTES, .int_high = _int_high, \ +#define OPT_BYTES(_key, _int_high) \ + { \ + .key = _key, \ + .type = NM_SUPPL_OPT_TYPE_BYTES, \ + .int_high = _int_high, \ } -#define OPT_UTF8(_key, _int_high) \ - { \ - .key = _key, .type = NM_SUPPL_OPT_TYPE_UTF8, .int_high = _int_high, \ +#define OPT_UTF8(_key, _int_high) \ + { \ + .key = _key, \ + .type = NM_SUPPL_OPT_TYPE_UTF8, \ + .int_high = _int_high, \ } -#define OPT_KEYWORD(_key, _str_allowed) \ - { \ - .key = _key, .type = NM_SUPPL_OPT_TYPE_KEYWORD, .str_allowed = _str_allowed, \ +#define OPT_KEYWORD(_key, _str_allowed) \ + { \ + .key = _key, \ + .type = NM_SUPPL_OPT_TYPE_KEYWORD, \ + .str_allowed = _str_allowed, \ } static const struct Opt opt_table[] = { diff --git a/src/libnm-client-impl/nm-libnm-utils.h b/src/libnm-client-impl/nm-libnm-utils.h index d56d0fc136..53fa36be18 100644 --- a/src/libnm-client-impl/nm-libnm-utils.h +++ b/src/libnm-client-impl/nm-libnm-utils.h @@ -379,11 +379,10 @@ typedef struct { } NMLDBusMetaProperty; #define NML_DBUS_META_PROPERTY_INIT(v_dbus_property_name, v_dbus_type, v_obj_properties_idx, ...) \ - { \ - .dbus_property_name = "" v_dbus_property_name "", \ - .dbus_type = NM_G_VARIANT_TYPE("" v_dbus_type ""), \ - .obj_properties_idx = v_obj_properties_idx, ##__VA_ARGS__ \ - } + {.dbus_property_name = "" v_dbus_property_name "", \ + .dbus_type = NM_G_VARIANT_TYPE("" v_dbus_type ""), \ + .obj_properties_idx = v_obj_properties_idx, \ + ##__VA_ARGS__} #define _NML_DBUS_META_PROPERTY_INIT_DEFAULT(v_dbus_type, \ v_exp_type, \ @@ -568,10 +567,10 @@ struct _NMLDBusMetaIface { (sizeof((const NMLDBusMetaProperty[]){__VA_ARGS__}) / sizeof(NMLDBusMetaProperty)) #define NML_DBUS_META_IFACE_INIT(v_dbus_iface_name, v_get_type_fcn, v_interface_prio, ...) \ - { \ - .dbus_iface_name = "" v_dbus_iface_name "", .get_type_fcn = v_get_type_fcn, \ - .interface_prio = v_interface_prio, ##__VA_ARGS__ \ - } + {.dbus_iface_name = "" v_dbus_iface_name "", \ + .get_type_fcn = v_get_type_fcn, \ + .interface_prio = v_interface_prio, \ + ##__VA_ARGS__} #define NML_DBUS_META_IFACE_INIT_PROP(v_dbus_iface_name, v_get_type_fcn, v_interface_prio, ...) \ NML_DBUS_META_IFACE_INIT(v_dbus_iface_name, \ diff --git a/src/libnm-client-impl/tests/test-libnm.c b/src/libnm-client-impl/tests/test-libnm.c index 687e6c1717..f677ad8e6a 100644 --- a/src/libnm-client-impl/tests/test-libnm.c +++ b/src/libnm-client-impl/tests/test-libnm.c @@ -57,9 +57,11 @@ _test_fixup_string(const TestFixupData *data, guint n_data, char *(*func)(const } } -#define T_DATA(_desc, _expected) \ - { \ - .desc = _desc, .expected = _expected, .line = __LINE__, \ +#define T_DATA(_desc, _expected) \ + { \ + .desc = _desc, \ + .expected = _expected, \ + .line = __LINE__, \ } static void diff --git a/src/libnm-core-impl/nm-setting-ip6-config.c b/src/libnm-core-impl/nm-setting-ip6-config.c index 2dbf7a3493..eddac9f103 100644 --- a/src/libnm-core-impl/nm-setting-ip6-config.c +++ b/src/libnm-core-impl/nm-setting-ip6-config.c @@ -1097,7 +1097,7 @@ nm_setting_ip6_config_class_init(NMSettingIP6ConfigClass *klass) * property: addr-gen-mode * format: one of "eui64" (0), "stable-privacy" (1), "default" (3) or "default-or-eui64" (2) * description: Configure method for creating the - * IPv6 interface identifer of addresses with RFC4862 IPv6 Stateless + * IPv6 interface identifier of addresses with RFC4862 IPv6 Stateless * Address Autoconfiguration and Link Local addresses. * * The permitted values are: "eui64" (0), "stable-privacy" (1), "default" diff --git a/src/libnm-core-impl/nm-setting-private.h b/src/libnm-core-impl/nm-setting-private.h index a1ae6825ed..7d49324845 100644 --- a/src/libnm-core-impl/nm-setting-private.h +++ b/src/libnm-core-impl/nm-setting-private.h @@ -484,10 +484,7 @@ void _nm_setting_class_commit(NMSettingClass *setting_class, #define NM_SETT_INFO_SETT_DETAIL(...) (&((const NMSettInfoSettDetail){__VA_ARGS__})) -#define NM_SETT_INFO_PROPERT_TYPE_DBUS_INIT(_dbus_type, ...) \ - { \ - .dbus_type = _dbus_type, __VA_ARGS__ \ - } +#define NM_SETT_INFO_PROPERT_TYPE_DBUS_INIT(_dbus_type, ...) {.dbus_type = _dbus_type, __VA_ARGS__} #define NM_SETT_INFO_PROPERT_TYPE_GPROP_INIT(_dbus_type, ...) \ NM_SETT_INFO_PROPERT_TYPE_DBUS_INIT(_dbus_type, \ diff --git a/src/libnm-core-impl/nm-setting-vpn.c b/src/libnm-core-impl/nm-setting-vpn.c index b867d01860..65a14866c8 100644 --- a/src/libnm-core-impl/nm-setting-vpn.c +++ b/src/libnm-core-impl/nm-setting-vpn.c @@ -577,14 +577,48 @@ verify(NMSetting *setting, NMConnection *connection, GError **error) return TRUE; } +static gboolean +_parse_secret_hint_tag(const char *secret_name, + const char **out_secret_name, + NMSettingSecretFlags *out_implied_flags) +{ + NMSettingSecretFlags implied_flags = NM_SETTING_SECRET_FLAG_NONE; + gboolean ret = FALSE; + + nm_assert(secret_name); + + if (g_str_has_prefix(secret_name, NM_SECRET_TAG_DYNAMIC_CHALLENGE)) { + secret_name += NM_STRLEN(NM_SECRET_TAG_DYNAMIC_CHALLENGE); + implied_flags |= NM_SETTING_SECRET_FLAG_NOT_SAVED; + ret = TRUE; + } else if (g_str_has_prefix(secret_name, NM_SECRET_TAG_DYNAMIC_CHALLENGE_ECHO)) { + secret_name += NM_STRLEN(NM_SECRET_TAG_DYNAMIC_CHALLENGE_ECHO); + implied_flags |= NM_SETTING_SECRET_FLAG_NOT_SAVED; + ret = TRUE; + } + + NM_SET_OUT(out_secret_name, secret_name); + NM_SET_OUT(out_implied_flags, implied_flags); + return ret; +} + static NMSettingUpdateSecretResult update_secret_string(NMSetting *setting, const char *key, const char *value, GError **error) { NMSettingVpnPrivate *priv = NM_SETTING_VPN_GET_PRIVATE(setting); + NMSettingSecretFlags hint_implied_flags, flags; g_return_val_if_fail(key && key[0], NM_SETTING_UPDATE_SECRET_ERROR); g_return_val_if_fail(value, NM_SETTING_UPDATE_SECRET_ERROR); + /* If the name is prefixed with a hint tag, process it before saving: + * remove the prefix and apply the flags that it implies */ + _parse_secret_hint_tag(key, &key, &hint_implied_flags); + if (hint_implied_flags) { + nm_setting_get_secret_flags(setting, key, &flags, NULL); + nm_setting_set_secret_flags(setting, key, flags | hint_implied_flags, NULL); + } + if (nm_streq0(nm_g_hash_table_lookup(priv->secrets, key), value)) return NM_SETTING_UPDATE_SECRET_SUCCESS_UNCHANGED; @@ -599,6 +633,7 @@ update_secret_dict(NMSetting *setting, GVariant *secrets, GError **error) GVariantIter iter; const char *name, *value; NMSettingUpdateSecretResult result = NM_SETTING_UPDATE_SECRET_SUCCESS_UNCHANGED; + NMSettingSecretFlags hint_implied_flags, flags; g_return_val_if_fail(secrets != NULL, NM_SETTING_UPDATE_SECRET_ERROR); @@ -618,6 +653,14 @@ update_secret_dict(NMSetting *setting, GVariant *secrets, GError **error) /* Now add the items to the settings' secrets list */ g_variant_iter_init(&iter, secrets); while (g_variant_iter_next(&iter, "{&s&s}", &name, &value)) { + /* If the name is prefixed with a hint tag, process it before saving: + * remove the prefix and apply the flags that it implies */ + _parse_secret_hint_tag(name, &name, &hint_implied_flags); + if (hint_implied_flags) { + nm_setting_get_secret_flags(setting, name, &flags, NULL); + nm_setting_set_secret_flags(setting, name, flags | hint_implied_flags, NULL); + } + if (nm_streq0(nm_g_hash_table_lookup(priv->secrets, name), value)) continue; @@ -727,6 +770,7 @@ get_secret_flags(NMSetting *setting, GError **error) { NMSettingVpnPrivate *priv = NM_SETTING_VPN_GET_PRIVATE(setting); + NMSettingSecretFlags implied_flags = NM_SETTING_SECRET_FLAG_NONE; gs_free char *flags_key_free = NULL; const char *flags_key; const char *flags_val; @@ -734,6 +778,10 @@ get_secret_flags(NMSetting *setting, nm_assert(secret_name); + /* Secrets received via D-Bus from VPN plugins might be prefixed by a hint tag. If + * that's the case, process it first: remove the tag and get the flags that it implies */ + _parse_secret_hint_tag(secret_name, &secret_name, &implied_flags); + if (!secret_name[0]) { g_set_error(error, NM_CONNECTION_ERROR, @@ -746,7 +794,7 @@ get_secret_flags(NMSetting *setting, if (!priv->data || !g_hash_table_lookup_extended(priv->data, flags_key, NULL, (gpointer *) &flags_val)) { - NM_SET_OUT(out_flags, NM_SETTING_SECRET_FLAG_NONE); + NM_SET_OUT(out_flags, implied_flags); /* having no secret flag for the secret is fine, as long as there * is the secret itself... */ @@ -772,7 +820,7 @@ get_secret_flags(NMSetting *setting, return TRUE; } - NM_SET_OUT(out_flags, (NMSettingSecretFlags) i64); + NM_SET_OUT(out_flags, (NMSettingSecretFlags) i64 | implied_flags); return TRUE; } @@ -783,7 +831,8 @@ set_secret_flags(NMSetting *setting, GError **error) { nm_assert(secret_name); - + nm_assert(!_parse_secret_hint_tag(secret_name, NULL, NULL)); /* Accept hint tags only via D-Bus, + saved by update_one_secret */ if (!secret_name[0]) { g_set_error(error, NM_CONNECTION_ERROR, diff --git a/src/libnm-core-impl/nm-setting.c b/src/libnm-core-impl/nm-setting.c index bbaa6fcda2..a97edc2aae 100644 --- a/src/libnm-core-impl/nm-setting.c +++ b/src/libnm-core-impl/nm-setting.c @@ -3745,6 +3745,7 @@ nm_setting_to_string(NMSetting *setting) value_str = g_variant_print(value, FALSE); g_string_append_printf(string, "\t%s : %s\n", name, value_str); + g_variant_unref(child); } return g_string_free(string, FALSE); diff --git a/src/libnm-core-impl/nm-team-utils.c b/src/libnm-core-impl/nm-team-utils.c index 83452569b0..171194e03f 100644 --- a/src/libnm-core-impl/nm-team-utils.c +++ b/src/libnm-core-impl/nm-team-utils.c @@ -2235,7 +2235,7 @@ _team_setting_verify_properties(const NMTeamSetting *self, GError **error) g_set_error(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_SETTING, - _("value out or range")); + _("value out of range")); _team_setting_prefix_error_plain(self->d.is_port, attr_data->property_name, error); diff --git a/src/libnm-core-impl/nm-utils.c b/src/libnm-core-impl/nm-utils.c index b6e2414106..745b1f3322 100644 --- a/src/libnm-core-impl/nm-utils.c +++ b/src/libnm-core-impl/nm-utils.c @@ -329,9 +329,10 @@ good: typedef const char *const StrvArray4Type[4]; -#define LL(l, ...) \ - { \ - .name = l, .value = {__VA_ARGS__, NULL}, \ +#define LL(l, ...) \ + { \ + .name = l, \ + .value = {__VA_ARGS__, NULL}, \ } /* 5-letter language codes */ diff --git a/src/libnm-glib-aux/nm-prioq.h b/src/libnm-glib-aux/nm-prioq.h index 51e5b059fb..1c16452baa 100644 --- a/src/libnm-glib-aux/nm-prioq.h +++ b/src/libnm-glib-aux/nm-prioq.h @@ -25,11 +25,12 @@ typedef struct { } _priv; } NMPrioq; -#define NM_PRIOQ_ZERO \ - { \ - ._priv = { \ - .compare_func = NULL, \ - }, \ +#define NM_PRIOQ_ZERO \ + { \ + ._priv = \ + { \ + .compare_func = NULL, \ + }, \ } void nm_prioq_init(NMPrioq *q, GCompareFunc compare_func); diff --git a/src/libnm-glib-aux/nm-shared-utils.h b/src/libnm-glib-aux/nm-shared-utils.h index 804034d237..d350d32e41 100644 --- a/src/libnm-glib-aux/nm-shared-utils.h +++ b/src/libnm-glib-aux/nm-shared-utils.h @@ -198,14 +198,15 @@ typedef struct { #define _NM_ETHER_ADDR_INIT(a0, a1, a2, a3, a4, a5) \ { \ - .ether_addr_octet = { \ - (a0), \ - (a1), \ - (a2), \ - (a3), \ - (a4), \ - (a5), \ - }, \ + .ether_addr_octet = \ + { \ + (a0), \ + (a1), \ + (a2), \ + (a3), \ + (a4), \ + (a5), \ + }, \ } #define NM_ETHER_ADDR_INIT(...) ((NMEtherAddr) _NM_ETHER_ADDR_INIT(__VA_ARGS__)) @@ -806,7 +807,8 @@ typedef struct { #define NM_UTILS_FLAGS2STR(f, n) \ { \ - .flag = f, .name = "" n, \ + .flag = f, \ + .name = "" n, \ } #define NM_UTILS_FLAGS2STR_DEFINE(fcn_name, flags_type, ...) \ @@ -1749,10 +1751,7 @@ typedef struct { }; } NMUtilsNamedValue; -#define NM_UTILS_NAMED_VALUE_INIT(n, v) \ - { \ - .name = (n), .value_ptr = (v) \ - } +#define NM_UTILS_NAMED_VALUE_INIT(n, v) {.name = (n), .value_ptr = (v)} NMUtilsNamedValue *nm_utils_hash_to_array_full(GHashTable *hash, guint *out_len, @@ -2444,10 +2443,7 @@ int nm_utils_fd_read_loop_exact(int fd, void *buf, size_t nbytes, bool do_po __VA_ARGS__ NULL, \ })) -#define NM_DEFINE_GDBUS_SIGNAL_INFO_INIT(name_, ...) \ - { \ - .ref_count = -1, .name = name_, __VA_ARGS__ \ - } +#define NM_DEFINE_GDBUS_SIGNAL_INFO_INIT(name_, ...) {.ref_count = -1, .name = name_, __VA_ARGS__} #define NM_DEFINE_GDBUS_SIGNAL_INFO(name_, ...) \ ((GDBusSignalInfo *) (&( \ @@ -2458,10 +2454,7 @@ int nm_utils_fd_read_loop_exact(int fd, void *buf, size_t nbytes, bool do_po __VA_ARGS__ NULL, \ })) -#define NM_DEFINE_GDBUS_METHOD_INFO_INIT(name_, ...) \ - { \ - .ref_count = -1, .name = name_, __VA_ARGS__ \ - } +#define NM_DEFINE_GDBUS_METHOD_INFO_INIT(name_, ...) {.ref_count = -1, .name = name_, __VA_ARGS__} #define NM_DEFINE_GDBUS_METHOD_INFO(name_, ...) \ ((GDBusMethodInfo *) (&( \ @@ -2473,9 +2466,7 @@ int nm_utils_fd_read_loop_exact(int fd, void *buf, size_t nbytes, bool do_po })) #define NM_DEFINE_GDBUS_INTERFACE_INFO_INIT(name_, ...) \ - { \ - .ref_count = -1, .name = name_, __VA_ARGS__ \ - } + {.ref_count = -1, .name = name_, __VA_ARGS__} #define NM_DEFINE_GDBUS_INTERFACE_INFO(name_, ...) \ ((GDBusInterfaceInfo *) (&( \ diff --git a/src/libnm-log-core/nm-logging.c b/src/libnm-log-core/nm-logging.c index 0909e7992a..a2bd2a272a 100644 --- a/src/libnm-log-core/nm-logging.c +++ b/src/libnm-log-core/nm-logging.c @@ -92,7 +92,6 @@ typedef struct { typedef struct { NMLogLevel log_level; bool uses_syslog : 1; - bool init_pre_done : 1; bool init_done : 1; bool debug_stderr : 1; const char *prefix; @@ -926,40 +925,6 @@ nm_logging_syslog_enabled(void) return gl.imm.uses_syslog; } -void -nm_logging_init_pre(const char *syslog_identifier, char *prefix_take) -{ - /* this function may be called zero or one times, and only - * - on the main thread - * - not after nm_logging_init(). */ - - NM_ASSERT_ON_MAIN_THREAD(); - - if (gl.imm.init_pre_done) - g_return_if_reached(); - - if (gl.imm.init_done) - g_return_if_reached(); - - if (!_syslog_identifier_valid_domain(syslog_identifier)) - g_return_if_reached(); - - if (!prefix_take || !prefix_take[0]) - g_return_if_reached(); - - G_LOCK(log); - - gl.mut.init_pre_done = TRUE; - - gl.mut.syslog_identifier = g_strdup_printf("SYSLOG_IDENTIFIER=%s", syslog_identifier); - nm_assert(_syslog_identifier_assert(gl.imm.syslog_identifier)); - - /* we pass the allocated string on and never free it. */ - gl.mut.prefix = prefix_take; - - G_UNLOCK(log); -} - void nm_logging_init(const char *logging_backend, gboolean debug) { diff --git a/src/libnm-log-core/nm-logging.h b/src/libnm-log-core/nm-logging.h index 8071967552..82d8fc2d9a 100644 --- a/src/libnm-log-core/nm-logging.h +++ b/src/libnm-log-core/nm-logging.h @@ -145,8 +145,6 @@ const char *nm_logging_all_domains_to_string(void); gboolean nm_logging_setup(const char *level, const char *domains, char **bad_domains, GError **error); -void nm_logging_init_pre(const char *syslog_identifier, char *prefix_take); - void nm_logging_init(const char *logging_backend, gboolean debug); gboolean nm_logging_syslog_enabled(void); diff --git a/src/libnm-platform/nm-platform-utils.c b/src/libnm-platform/nm-platform-utils.c index 6074c3421f..6f3ad05c94 100644 --- a/src/libnm-platform/nm-platform-utils.c +++ b/src/libnm-platform/nm-platform-utils.c @@ -68,9 +68,10 @@ typedef struct { char ifname[IFNAMSIZ]; } SocketHandle; -#define SOCKET_HANDLE_INIT(_ifindex) \ - { \ - .fd = -1, .ifindex = (_ifindex), \ +#define SOCKET_HANDLE_INIT(_ifindex) \ + { \ + .fd = -1, \ + .ifindex = (_ifindex), \ } static void @@ -430,10 +431,11 @@ ethtool_get_stringset_index(SocketHandle *shandle, int stringset_id, const char /*****************************************************************************/ static const NMEthtoolFeatureInfo _ethtool_feature_infos[_NM_ETHTOOL_ID_FEATURE_NUM] = { -#define ETHT_FEAT(eid, ...) \ - { \ - .ethtool_id = eid, .n_kernel_names = NM_NARG(__VA_ARGS__), \ - .kernel_names = ((const char *const[]){__VA_ARGS__}), \ +#define ETHT_FEAT(eid, ...) \ + { \ + .ethtool_id = eid, \ + .n_kernel_names = NM_NARG(__VA_ARGS__), \ + .kernel_names = ((const char *const[]){__VA_ARGS__}), \ } /* the order does only matter for one thing: if it happens that more than one NMEthtoolID diff --git a/src/libnm-platform/nmp-object.c b/src/libnm-platform/nmp-object.c index cb4e9764d1..4ba9773c2c 100644 --- a/src/libnm-platform/nmp-object.c +++ b/src/libnm-platform/nmp-object.c @@ -2002,7 +2002,8 @@ _vt_dedup_obj_clone(const NMDedupMultiObj *obj) #define DEDUP_MULTI_OBJ_CLASS_INIT() \ { \ - .obj_clone = _vt_dedup_obj_clone, .obj_destroy = _vt_dedup_obj_destroy, \ + .obj_clone = _vt_dedup_obj_clone, \ + .obj_destroy = _vt_dedup_obj_destroy, \ .obj_full_hash_update = \ (void (*)(const NMDedupMultiObj *obj, NMHashState *h)) nmp_object_hash_update, \ .obj_full_equal = (gboolean(*)(const NMDedupMultiObj *obj_a, \ diff --git a/src/libnm-platform/nmp-object.h b/src/libnm-platform/nmp-object.h index 19cace3de8..9406f65161 100644 --- a/src/libnm-platform/nmp-object.h +++ b/src/libnm-platform/nmp-object.h @@ -38,11 +38,12 @@ G_STATIC_ASSERT(sizeof(NMSockAddrUnion) == sizeof(((NMSockAddrUnion *) NULL)->in /* we initialize the largest union member, to ensure that all fields are initialized. */ -#define NM_SOCK_ADDR_UNION_INIT_UNSPEC \ - { \ - .in6 = { \ - .sin6_family = AF_UNSPEC, \ - }, \ +#define NM_SOCK_ADDR_UNION_INIT_UNSPEC \ + { \ + .in6 = \ + { \ + .sin6_family = AF_UNSPEC, \ + }, \ } int nm_sock_addr_union_cmp(const NMSockAddrUnion *a, const NMSockAddrUnion *b); diff --git a/src/libnmc-base/nm-secret-agent-simple.c b/src/libnmc-base/nm-secret-agent-simple.c index 4bb77c9802..9d1a2ae962 100644 --- a/src/libnmc-base/nm-secret-agent-simple.c +++ b/src/libnmc-base/nm-secret-agent-simple.c @@ -431,7 +431,7 @@ add_vpn_secrets(RequestData *request, GPtrArray *secrets, char **msg) const NmcVpnPasswordName *p; const char *vpn_msg = NULL; char **iter; - char *secret_name; + char *ui_name; bool is_challenge = FALSE; bool force_echo; @@ -442,19 +442,19 @@ add_vpn_secrets(RequestData *request, GPtrArray *secrets, char **msg) vpn_msg = &(*iter)[NM_STRLEN(NM_SECRET_TAG_VPN_MSG)]; } else { if (NM_STR_HAS_PREFIX(*iter, NM_SECRET_TAG_DYNAMIC_CHALLENGE)) { - secret_name = &(*iter)[NM_STRLEN(NM_SECRET_TAG_DYNAMIC_CHALLENGE)]; + ui_name = &(*iter)[NM_STRLEN(NM_SECRET_TAG_DYNAMIC_CHALLENGE)]; is_challenge = TRUE; force_echo = FALSE; } else if (NM_STR_HAS_PREFIX(*iter, NM_SECRET_TAG_DYNAMIC_CHALLENGE_ECHO)) { - secret_name = &(*iter)[NM_STRLEN(NM_SECRET_TAG_DYNAMIC_CHALLENGE_ECHO)]; + ui_name = &(*iter)[NM_STRLEN(NM_SECRET_TAG_DYNAMIC_CHALLENGE_ECHO)]; is_challenge = TRUE; force_echo = TRUE; } else { - secret_name = *iter; - force_echo = FALSE; + ui_name = *iter; + force_echo = FALSE; } - add_vpn_secret_helper(secrets, s_vpn, secret_name, secret_name, force_echo); + add_vpn_secret_helper(secrets, s_vpn, *iter, ui_name, force_echo); } } } diff --git a/src/libnmc-setting/settings-docs.h.in b/src/libnmc-setting/settings-docs.h.in index f83cfd437f..8d08faa023 100644 --- a/src/libnmc-setting/settings-docs.h.in +++ b/src/libnmc-setting/settings-docs.h.in @@ -195,7 +195,7 @@ #define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_ROUTE_TABLE N_("Enable policy routing (source routing) and set the routing table used when adding routes. This affects all routes, including device-routes, IPv4LL, DHCP, SLAAC, default-routes and static routes. But note that static routes can individually overwrite the setting by explicitly specifying a non-zero routing table. If the table setting is left at zero, it is eligible to be overwritten via global configuration. If the property is zero even after applying the global configuration value, policy routing is disabled for the address family of this connection. Policy routing disabled means that NetworkManager will add all routes to the main table (except static routes that explicitly configure a different table). Additionally, NetworkManager will not delete any extraneous routes from tables except the main table. This is to preserve backward compatibility for users who manage routing tables outside of NetworkManager.") #define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_ROUTES N_("A list of IPv4 destination addresses, prefix length, optional IPv4 next hop addresses, optional route metric, optional attribute. The valid syntax is: \"ip[/prefix] [next-hop] [metric] [attribute=val]...[,ip[/prefix]...]\". For example \"192.0.2.0/24 10.1.1.1 77, 198.51.100.0/24\".") #define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_ROUTING_RULES N_("A comma separated list of routing rules for policy routing.") -#define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_ADDR_GEN_MODE N_("Configure method for creating the IPv6 interface identifer of addresses with RFC4862 IPv6 Stateless Address Autoconfiguration and Link Local addresses. The permitted values are: \"eui64\" (0), \"stable-privacy\" (1), \"default\" (3) or \"default-or-eui64\" (2). If the property is set to \"eui64\", the addresses will be generated using the interface token derived from hardware address. This makes the host part of the address to stay constant, making it possible to track the host's presence when it changes networks. The address changes when the interface hardware is replaced. If a duplicate address is detected, there is also no fallback to generate another address. When configured, the \"ipv6.token\" is used instead of the MAC address to generate addresses for stateless autoconfiguration. If the property is set to \"stable-privacy\", the interface identifier is generated as specified by RFC7217. This works by hashing a host specific key (see NetworkManager(8) manual), the interface name, the connection's \"connection.stable-id\" property and the address prefix. This improves privacy by making it harder to use the address to track the host's presence and the address is stable when the network interface hardware is replaced. The special values \"default\" and \"default-or-eui64\" will fallback to the global connection default as documented in the NetworkManager.conf(5) manual. If the global default is not specified, the fallback value is \"stable-privacy\" or \"eui64\", respectively. If not specified, when creating a new profile the default is \"default\". Note that this setting is distinct from the Privacy Extensions as configured by \"ip6-privacy\" property and it does not affect the temporary addresses configured with this option.") +#define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_ADDR_GEN_MODE N_("Configure method for creating the IPv6 interface identifier of addresses with RFC4862 IPv6 Stateless Address Autoconfiguration and Link Local addresses. The permitted values are: \"eui64\" (0), \"stable-privacy\" (1), \"default\" (3) or \"default-or-eui64\" (2). If the property is set to \"eui64\", the addresses will be generated using the interface token derived from hardware address. This makes the host part of the address to stay constant, making it possible to track the host's presence when it changes networks. The address changes when the interface hardware is replaced. If a duplicate address is detected, there is also no fallback to generate another address. When configured, the \"ipv6.token\" is used instead of the MAC address to generate addresses for stateless autoconfiguration. If the property is set to \"stable-privacy\", the interface identifier is generated as specified by RFC7217. This works by hashing a host specific key (see NetworkManager(8) manual), the interface name, the connection's \"connection.stable-id\" property and the address prefix. This improves privacy by making it harder to use the address to track the host's presence and the address is stable when the network interface hardware is replaced. The special values \"default\" and \"default-or-eui64\" will fallback to the global connection default as documented in the NetworkManager.conf(5) manual. If the global default is not specified, the fallback value is \"stable-privacy\" or \"eui64\", respectively. If not specified, when creating a new profile the default is \"default\". Note that this setting is distinct from the Privacy Extensions as configured by \"ip6-privacy\" property and it does not affect the temporary addresses configured with this option.") #define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_ADDRESSES N_("A list of IPv6 addresses and their prefix length. Multiple addresses can be separated by comma. For example \"2001:db8:85a3::8a2e:370:7334/64, 2001:db8:85a3::5/64\". The addresses are listed in decreasing priority, meaning the first address will be the primary address. This can make a difference with IPv6 source address selection (RFC 6724, section 5).") #define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_AUTO_ROUTE_EXT_GW N_("VPN connections will default to add the route automatically unless this setting is set to FALSE. For other connection types, adding such an automatic route is currently not supported and setting this to TRUE has no effect.") #define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_DAD_TIMEOUT N_("Maximum timeout in milliseconds used to check for the presence of duplicate IP addresses on the network. If an address conflict is detected, the activation will fail. The property is currently implemented only for IPv4. A zero value means that no duplicate address detection is performed, -1 means the default value (either the value configured globally in NetworkManger.conf or 200ms). A value greater than zero is a timeout in milliseconds. Note that the time intervals are subject to randomization as per RFC 5227 and so the actual duration can be between half and the full time specified in this property.") diff --git a/src/nmcli/gen-metadata-nm-settings-nmcli.c b/src/nmcli/gen-metadata-nm-settings-nmcli.c index babf1f064b..1764da735c 100644 --- a/src/nmcli/gen-metadata-nm-settings-nmcli.c +++ b/src/nmcli/gen-metadata-nm-settings-nmcli.c @@ -34,6 +34,8 @@ static void G_GNUC_PRINTF(3, 4) prop_info->property_name, (int) prop_info->property_type->doc_format, msg); + va_end(vaargs); + if (fatal) g_error("%s", msg_full); else diff --git a/src/nmcli/gen-metadata-nm-settings-nmcli.xml.in b/src/nmcli/gen-metadata-nm-settings-nmcli.xml.in index 7ac049fc3c..27de789302 100644 --- a/src/nmcli/gen-metadata-nm-settings-nmcli.xml.in +++ b/src/nmcli/gen-metadata-nm-settings-nmcli.xml.in @@ -1468,7 +1468,7 @@ values="0 - 2147483647" special-values="default (0)" /> /var/lib/NetworkManager/secret_key RUN chmod 600 /var/lib/NetworkManager/secret_key -RUN sed 's/.*RateLimitBurst=.*/RateLimitBurst=0/' /etc/systemd/journald.conf -i +RUN mkdir -p /etc/systemd/journald.conf.d/ && \ + echo "RateLimitBurst=0" > /etc/systemd/journald.conf.d/no-rate-limit.conf $RUN_LN_BASEDIR_NM $RUN_LN_SYMLINK_CMDS