- If ".git/nm-in-container-host" exists, bind mount all of "/" to
"/Host".
- also honor all ".git/nm-data-link-*" files for additional
directories to bind mount.
- as before, honor ".git/NetworkManager-ci" symlink.
Note that directories also get symlinked from "/". Like
"/NetworkManager-ci" which symlinks links to the bind mount location.
Install a configuration snippet on Fedora 40+, that sets the default for
"wifi.cloned-mac-address" to "stable-ssid" (otherwise, the built-in default
is "preserve").
This will mean, that on Wi-Fi profiles that don't explicitly override
the property "wifi.cloned-mac-address", a stable address is generated.
The benefit is, that Fedora will randomize the MAC address by default.
Note that this also affects all pre-existing Wi-Fi profiles, that don't
explicitly configure the property in the profile. Depending on how you
see it, this is desirable. Randomization should be done, unless the user
opts-out (not the other way around).
Note that setting "wifi.cloned-mac-address=stable-ssid" is similar to
setting a stable ID "${NETWORK_SSID}" and "wifi.cloned-mac-address=stable".
The difference is that the latter also affects other properties, like
- "ipv6.addr-gen-mode=stable-privacy"
- "{ethernet,wifi}.cloned-mac-address=stable"
- "ipv4.dhcp-client-id=stable"
- "ipv6.dhcp-duid=stable-{llt,ll,uuid}"
- "{ipv4,ipv6}.iaid=stable"
Especially with "ipv6.addr-gen-mode=stable", changing the stable ID
would mean that also all IPv6 addresses change. We want to avoid that by
only changing the cloned-mac-address to "stable-ssid".
This means, after upgrade to F40, different MAC addresses will be used
on most users' Wi-Fi. This means, DHCP might hand out different IP
addresses, sessions might expire, and configuration that depended on the
previous MAC address will be affected.
https://pagure.io/fedora-workstation/issue/350
Add a new "stable-ssid" mode that generates the MAC address based on the
Wi-Fi's SSID.
Note that this gives the same MAC address as setting
connection.stable-id="${NETWORK_SSID}"
wifi.cloned-mac-address="stable"
The difference is that changing the stable ID of a profile also affects
"ipv6.addr-gen-mode=stable-privacy" and other settings.
For Wi-Fi profiles, this will encode the SSID in the stable-id.
For other profiles, this encodes the connection UUID (but the SSID and
the UUID will always result in distinct stable IDs).
Also escape the SSID, so that the generated stable-id is always valid
UTF-8.
We have many properties, and we aim that they have a small set of
"types". The purpose is that we can treat similar properties (with the
same type) alike.
One type are "direct" strv properties. Those still require some
C functions, like get-length(), clear(), add(), get-at-index().
The implementation of those functions should also be similar, so that
strv properties behave similar.
For that, make use of helper functions, so that little duplicate logic
is there.
Use some new nm_strvarray_*() functions, and unify/cleanup some code.
All related to strv properties in NMSetting classes.
The check "sizeof(const char *const *) ==
g_array_get_element_size((GArray *) strv)" is wrong, but probably
harmless, because most likely on our supported architectures all pointer
sizes are the same size.
Also, just use `sizeof(char *)` instead of `sizeof(const char *)`. Not
that it matters, but the GArray holds pointers of `char *`.
Also, consistently place the "sizeof()" on the left side of the
comparison.
CentOS Linux 8 is long gone. We were only running tests on this old
build environment, to see how we fare in such environment.
The test was broken for 4+ months. Instead of fixing it, disable it.
It's partly caused by RHEL8, as it is somewhat cumbersome to even build
on CentOS 8. That's because some devel packages (like libteam-devel) are
not installable. As workaround for that, we re-build such packages in a
copr ([1]). The problem is, that we only have one copr build for e.g.
CentOS 8. If we rebuild against latest CentOS 8 Stream, then libteam is
build against newer dependencies, which are not installable on CentOS
Linux 8.1.1911 (etc). We would have to build libteam in a way, that
does not drag newer dependencies that are missing on CentOS Linux 8.
For example, trying to use copr [1] on CentOS Linux 8 and installing
"teamd" gives:
Error:
Problem: package teamd-devel-1.31-4.el8.x86_64 requires teamd = 1.31-4.el8, but none of the providers can be installed
- conflicting requests
- nothing provides libjansson.so.4(libjansson.so.4)(64bit) needed by teamd-1.31-4.el8.x86_64
This could be hacked around, for example by having libteamd-devel not
depend on any teamd package. Instead, just drop it. It's gone.
Arguable, CentOS 8 Stream should be reasonably close (in terms of
versions of gcc, glibc, glib) so we don't miss too much.
[1] https://copr.fedorainfracloud.org/coprs/nmstate/nm-build-deps/https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1793
There are various properties related to EEE, that we might want to add
support for in the future (for example, "ethtool.eee-advertise").
Don't use up the base name "eee", instead make it "eee-enabled". All
properties should have different prefixes, and "ethtool.eee" would be a
prefix of "ethtool.eee-advertise".
Also, the #define is already called NM_ETHTOOL_OPTNAME_EEE_ENABLED. This
also should be consistent.
Rename.
Fixes: 3165d9a2de ('ethtool: introduce EEE support')
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1792
Previously, we first sort by the device's state, then by the active
connection's state. Contrast to `nmcli connection`, which first sorts
by the active connection's state.
It means, the sort order is somewhat different. Fix that.
In most cases, that shouldn't make a difference, because the
device's state and the active-connection's state should
correspond. However, it matters as we now treat external activations
different, and that is tied to the active connection.
CMP() is a confusing pattern. Sure enough, the sort order was wrong, for
example, `nmcli connection` would show
$ nmcli -f STATE,UUID,DEVICE c
STATE UUID DEVICE
activating 3098c902-c59c-45f4-9e5a-e4cdb79cfe1b nm-bond
activated e4fc23ac-54ab-4b1a-932a-ebed12c96d9b eth1
("activating" shown before "activated").
With `nmcli device`, we sort with compare_devices(). This first sorts by
device state (with "connected" being sorted first). Only when the device
state is equal, we fallback to nmc_active_connection_cmp(). So with
`nmcli device` we usually get "connected" devices first, and we don't
really notice that there is a problem with nmc_active_connection_cmp().
On the other hand, `nmcli connection` likes to sort first via
nmc_active_connection_cmp(), which gets it wrong. Profiles in
"activating" state are sorted first. That's inconsistent with `nmcli
device`, but it's also not what is intended.
Fix that.
Note the change in the test output. Both eth1 and eth0 are connected to
to the same profile, but one "eth0" the active-connection's state is
DEACTIVATING, while on "eth1" it's ACTIVATED (but both device's states
are "CONNECTED"). That's why "eth1" is now sorted first (as desired).
Fixes: a1b25a47b0 ('cli: rework printing of `nmcli connection` for multiple active connections')
- test for "-order" option with `nmcli connection show`.
- test for order of activated devices. Optimally, the devices
should be in activating vs. activated state. I fail to do that,
the mock implementation is cumbersome to use. It still seems useful
to have this (maybe it could be improved).
NM variants:
- evaluate arguments only once
- have a static assertion that the signedness of the argument agrees.
Like MIN()/MAX(), NM_MIN()/NM_MAX() now also evaluate to a constant
expression, if the arguments are already constant. That means, the only
reason why MIN()/MAX() was preferable over NM_MIN()/NM_MAX() is no
longer relevant. Except there are a few places where NM_MIN()/NM_MAX()
cannot be used. In those places use NM_MIN_CONST()/NM_MAX_CONST().
glib's MIN()/MAX() will be replaced by NM_MIN()/NM_MAX().
There are however a few places where NM_MIN()/NM_MAX() cannot
be used.
Adjust those places to use NM_MIN_CONST()/NM_MAX_CONST() instead.
Glib's MIN()/MAX() should not be used, in favor of NM_MIN()/NM_MAX().
That's because the NM variants
- evaluate arguments only once
- have a static assertion that the signedness of the arguments matches
However, previously those macros never evaluated to a compile time
constant. Unlike the glib variants, which do so when the arguments are
compile time constants. That is sometimes important when using the
macros in a context that requires a constant.
Extend NM_MIN()/NM_MAX() to be a compile time constant, when possible.
Note that there are still a few places where NM_MIN()/NM_MAX() cannot be
used due to the expression statement. For those cases, there is
NM_MIN_CONST()/NM_MAX_CONST().
Comparing integers of different signedness gives often unexpected
results. Adjust usages of MIN()/MAX() to ensure that the arguments agree
in signedness.
nm_hash_siphash42() uses a randomized seed like nm_hash*(). In this case,
we want to always generate the same fake timestamp, based on the host-id.
In practice, it doesn't really matter, because this is only the fallback
path for something gone horribly wrong already.
c_siphash_init() requires a 16 bytes array. That is cumbersome to use.
We have NM_HASH_SEED_16() macro for helping with that. It's still
cumbersome.
Most of the time, the caller just wants to pick an arbitrarily chosen,
fixed number. Add NM_HASH_SEED_16_U64() which takes a number and gives
a 16 seed array. The argument is in host endianness, but the resulting
seed array has it encoded in big endianness, to be architecture
independent.
