mirror of
https://gitlab.freedesktop.org/NetworkManager/NetworkManager
synced 2024-10-04 15:21:12 +00:00
contrib/rpm: add "22-wifi-mac-addr.conf" to F40+
Install a configuration snippet on Fedora 40+, that sets the default for "wifi.cloned-mac-address" to "stable-ssid" (otherwise, the built-in default is "preserve"). This will mean, that on Wi-Fi profiles that don't explicitly override the property "wifi.cloned-mac-address", a stable address is generated. The benefit is, that Fedora will randomize the MAC address by default. Note that this also affects all pre-existing Wi-Fi profiles, that don't explicitly configure the property in the profile. Depending on how you see it, this is desirable. Randomization should be done, unless the user opts-out (not the other way around). Note that setting "wifi.cloned-mac-address=stable-ssid" is similar to setting a stable ID "${NETWORK_SSID}" and "wifi.cloned-mac-address=stable". The difference is that the latter also affects other properties, like - "ipv6.addr-gen-mode=stable-privacy" - "{ethernet,wifi}.cloned-mac-address=stable" - "ipv4.dhcp-client-id=stable" - "ipv6.dhcp-duid=stable-{llt,ll,uuid}" - "{ipv4,ipv6}.iaid=stable" Especially with "ipv6.addr-gen-mode=stable", changing the stable ID would mean that also all IPv6 addresses change. We want to avoid that by only changing the cloned-mac-address to "stable-ssid". This means, after upgrade to F40, different MAC addresses will be used on most users' Wi-Fi. This means, DHCP might hand out different IP addresses, sessions might expire, and configuration that depended on the previous MAC address will be affected. https://pagure.io/fedora-workstation/issue/350
This commit is contained in:
parent
d210923c0f
commit
ea8dbd7a6d
31
contrib/fedora/rpm/22-wifi-mac-addr.conf
Normal file
31
contrib/fedora/rpm/22-wifi-mac-addr.conf
Normal file
|
@ -0,0 +1,31 @@
|
|||
# This sets defaults for Wi-Fi profiles to set a generated, stable MAC address.
|
||||
#
|
||||
# Do not modify this file. You can hide/overwrite this file by placing a file
|
||||
# to "/etc/NetworkManager/conf.d/22-wifi-mac-addr.conf". You can also add
|
||||
# configuration snippets with higher priority that override this setting (see
|
||||
# `man 5 NetworkManager.conf`). Most importantly, this snippet only sets
|
||||
# default values for the profile. You can explicitly set the value for each
|
||||
# profile, so that this default value is not used.
|
||||
#
|
||||
# For example, on a particular profile/network set
|
||||
#
|
||||
# $ nmcli connection modify "$PROFILE" wifi.cloned-mac-address permanent
|
||||
#
|
||||
# to use the hardware MAC address. This prevents the default from this file
|
||||
# to take effect.
|
||||
#
|
||||
# Or
|
||||
#
|
||||
# $ nmcli connection modify "$PROFILE" wifi.cloned-mac-address stable connection.stable-id '${NETWORK_SSID}/${BOOT}'
|
||||
#
|
||||
# to get a generated MAC address that changes on each boot. Note how setting
|
||||
# "connection.stable-id" also affects other aspects of the profile.
|
||||
#
|
||||
# See `man 5 nm-settings` for "wifi.cloned-mac-address" and "connection.stable-id".
|
||||
|
||||
[connection.22-wifi-mac-addr]
|
||||
match-device=type:wifi
|
||||
wifi.cloned-mac-address=stable-ssid
|
||||
|
||||
[.config]
|
||||
enable=nm-version-min:1.45
|
|
@ -209,9 +209,10 @@ Source1: NetworkManager.conf
|
|||
Source2: 00-server.conf
|
||||
Source4: 20-connectivity-fedora.conf
|
||||
Source5: 20-connectivity-redhat.conf
|
||||
Source6: 70-nm-connectivity.conf
|
||||
Source7: readme-ifcfg-rh.txt
|
||||
Source8: readme-ifcfg-rh-migrated.txt
|
||||
Source6: 22-wifi-mac-addr.conf
|
||||
Source7: 70-nm-connectivity.conf
|
||||
Source8: readme-ifcfg-rh.txt
|
||||
Source9: readme-ifcfg-rh-migrated.txt
|
||||
|
||||
#Patch1: 0001-some.patch
|
||||
|
||||
|
@ -918,14 +919,18 @@ cp %{SOURCE4} %{buildroot}%{nmlibdir}/conf.d/
|
|||
%if %{with connectivity_redhat}
|
||||
cp %{SOURCE5} %{buildroot}%{nmlibdir}/conf.d/
|
||||
mkdir -p %{buildroot}%{_sysctldir}
|
||||
cp %{SOURCE6} %{buildroot}%{_sysctldir}
|
||||
cp %{SOURCE7} %{buildroot}%{_sysctldir}
|
||||
%endif
|
||||
|
||||
%if 0%{?fedora} >= 40
|
||||
cp %{SOURCE6} %{buildroot}%{nmlibdir}/conf.d/
|
||||
%endif
|
||||
|
||||
%if 0%{?ifcfg_warning}
|
||||
cp %{SOURCE7} %{buildroot}%{_sysconfdir}/sysconfig/network-scripts
|
||||
cp %{SOURCE8} %{buildroot}%{_sysconfdir}/sysconfig/network-scripts
|
||||
%endif
|
||||
%if 0%{?ifcfg_migrate}
|
||||
cp %{SOURCE8} %{buildroot}%{_sysconfdir}/sysconfig/network-scripts/readme-ifcfg-rh.txt
|
||||
cp %{SOURCE9} %{buildroot}%{_sysconfdir}/sysconfig/network-scripts/readme-ifcfg-rh.txt
|
||||
%endif
|
||||
|
||||
cp examples/dispatcher/10-ifcfg-rh-routes.sh %{buildroot}%{nmlibdir}/dispatcher.d/
|
||||
|
@ -1072,6 +1077,9 @@ fi
|
|||
%dir %{_sysconfdir}/%{name}/dnsmasq-shared.d
|
||||
%dir %{_sysconfdir}/%{name}/system-connections
|
||||
%config(noreplace) %{_sysconfdir}/%{name}/NetworkManager.conf
|
||||
%if 0%{?fedora} >= 40
|
||||
%{nmlibdir}/conf.d/22-wifi-mac-addr.conf.conf
|
||||
%endif
|
||||
%ghost %{_sysconfdir}/%{name}/VPN
|
||||
%{_bindir}/nm-online
|
||||
%{_libexecdir}/nm-dhcp-helper
|
||||
|
|
|
@ -145,6 +145,7 @@ SOURCE_NETWORKMANAGER_CONF="$(abs_path "$SOURCE_NETWORKMANAGER_CONF" "$SCRIPTDIR
|
|||
SOURCE_CONFIG_SERVER="$(abs_path "$SOURCE_CONFIG_SERVER" "$SCRIPTDIR/00-server.conf")" || die "invalid \$SOURCE_CONFIG_SERVER argument"
|
||||
SOURCE_CONFIG_CONNECTIVITY_FEDORA="$(abs_path "$SOURCE_CONFIG_CONNECTIVITY_FEDORA" "$SCRIPTDIR/20-connectivity-fedora.conf")" || die "invalid \$SOURCE_CONFIG_CONNECTIVITY_FEDORA argument"
|
||||
SOURCE_CONFIG_CONNECTIVITY_REDHAT="$(abs_path "$SOURCE_CONFIG_CONNECTIVITY_REDHAT" "$SCRIPTDIR/20-connectivity-redhat.conf")" || die "invalid \$SOURCE_CONFIG_CONNECTIVITY_REDHAT argument"
|
||||
SOURCE_CONFIG_WIFI_MAC_ADDR="$(abs_path "$SOURCE_CONFIG_WIFI_MAC_ADDR" "$SCRIPTDIR/22-wifi-mac-addr.conf")" || die "invalid \$SOURCE_CONFIG_WIFI_MAC_ADDR argument"
|
||||
SOURCE_SYSCTL_RP_FILTER_REDHAT="$(abs_path "$SOURCE_SYSCTL_RP_FILTER_REDHAT" "$SCRIPTDIR/70-nm-connectivity.conf")" || die "invalid \$SOURCE_SYSCTL_RP_FILTER_REDHAT argument"
|
||||
SOURCE_README_IFCFG_FILES="$(abs_path "$SOURCE_README_IFCFG_FILES" "$SCRIPTDIR/readme-ifcfg-rh.txt")" || die "invalid \$SOURCE_README_IFCFG_FILES argument"
|
||||
SOURCE_README_IFCFG_MIGRATED="$(abs_path "$SOURCE_README_IFCFG_MIGRATED" "$SCRIPTDIR/readme-ifcfg-rh-migrated.txt")" || die "invalid \$SOURCE_README_IFCFG_MIGRATED argument"
|
||||
|
@ -203,6 +204,7 @@ cp "$SOURCE_NETWORKMANAGER_CONF" "$TEMP/SOURCES/NetworkManager.conf" || die "Cou
|
|||
cp "$SOURCE_CONFIG_SERVER" "$TEMP/SOURCES/00-server.conf" || die "Could not copy source $SOURCE_CONFIG_SERVER to $TEMP/SOURCES"
|
||||
cp "$SOURCE_CONFIG_CONNECTIVITY_FEDORA" "$TEMP/SOURCES/20-connectivity-fedora.conf" || die "Could not copy source $SOURCE_CONFIG_CONNECTIVITY_FEDORA to $TEMP/SOURCES"
|
||||
cp "$SOURCE_CONFIG_CONNECTIVITY_REDHAT" "$TEMP/SOURCES/20-connectivity-redhat.conf" || die "Could not copy source $SOURCE_CONFIG_CONNECTIVITY_REDHAT to $TEMP/SOURCES"
|
||||
cp "$SOURCE_CONFIG_WIFI_MAC_ADDR" "$TEMP/SOURCES/22-wifi-mac-addr.conf" || die "Could not copy source $SOURCE_CONFIG_WIFI_MAC_ADDR to $TEMP/SOURCES"
|
||||
cp "$SOURCE_SYSCTL_RP_FILTER_REDHAT" "$TEMP/SOURCES/70-nm-connectivity.conf" || die "Could not copy source $SOURCE_SYSCTL_RP_FILTER_REDHAT to $TEMP/SOURCES"
|
||||
cp "$SOURCE_README_IFCFG_FILES" "$TEMP/SOURCES/readme-ifcfg-rh.txt" || die "Could not copy source $SOURCE_README_IFCFG_FILES to $TEMP/SOURCES"
|
||||
cp "$SOURCE_README_IFCFG_MIGRATED" "$TEMP/SOURCES/readme-ifcfg-rh-migrated.txt" || die "Could not copy source $SOURCE_README_IFCFG_MIGRATED to $TEMP/SOURCES"
|
||||
|
|
Loading…
Reference in a new issue