This helper class is supposed to encapsulate most logic about
configuring IPv6 link local addresses and exposes a simpler API in order
to simplify NMDevice. Currently this logic is spread out in NMDevice.
Also, NML3IPv6LL directly uses NML3Cfg, thereby freeing NMDevice to care
about that too much.
For several reasons, NML3IPv6LL works different than NML3IPv4LL.
For one, with IPv6 we need to configure the address in kernel, which does
DAD for us. So, NML3IPv6LL will tell NML3Cfg to configure those
addresses that it wants to probe. For IPv4, it only tells NML3Cfg to do
ACD, without configuring anything yet. That is left to the caller.
We have a copy of a few linux user space headers in `src/linux-headers`.
The idea is that we want to use recent kernel API, and not depend on the
kernel UAPI headers installed on the build system (and not need to
workaround that).
However, we may not be able to simply compile them, because they too
have dependencies. For example,
../src/linux-headers/ethtool.h:1389:2: error: implicit declaration of function '__KERNEL_DIV_ROUND_UP' [-Werror=implicit-function-declaration]
__u32 queue_mask[__KERNEL_DIV_ROUND_UP(MAX_NUM_QUEUE, 32)];
^
As workaround, don't include headers from "linux-headers" directly,
but only include the new "libnm-std-aux/nm-linux-compat.h" adapter
header, which tries to solve these incompatibilities.
Fixes: 34d48d2596 ('platform: clear all BASE types when setting advertised modes for ethernet autoneg')
libnm-platform.la depends on libnm-udev-aux and libnm-base.
Only by accident this was working, because we happened to use
no symbol in the test that required any of these dependencies.
A small change to the test can (and will soon) change that. Fix the
build to link the right library.
This approach does not seem to work with clang 3.4 (rhel-7). Instead,
make sure we actually use the symbol in NetworkManager so that it gets
preserved for the OVS device plugin.
This reverts commit 684f2acffe.
To talk to ovsdb, we use the unix socket at
/var/run/openvswitch/db.sock. But that socket is owned by another user
and NetworkManager would need dac_override capability to open it.
We want to drop dac_override, but we still need to talk to ovsdb. Add a
GetFD() method to nm-sudo.
We still first try to open the socket directly. Maybe it just works.
Note that SELinux may block passing file descriptors from nm-sudo. If it
doesn't work for you, test with SELinux permissive mode and wait for an
SELinux update.
NetworkManager runs as root and has lots of capabilities.
We want to reduce the attach surface by dropping capabilities,
but there is a genuine need to do certain things.
For example, we currently require dac_override capability, to open
the unix socket of ovsdb. Most users wouldn't use OVS, so we should
find a way to not require that dac_override capability. The solution
is to have a separate, D-Bus activate service (nm-sudo), which
has the capability to open and provide the file descriptor.
For authentication, we only rely on D-Bus. We watch the name owner
of NetworkManager, and only accept requests from that service. We trust
D-Bus to get it right a request from that name owner is really coming
from NetworkManager. If we couldn't trust that, how could PolicyKit
or any authentication via D-Bus work? For testing, the user can set
NM_SUDO_NO_AUTH_FOR_TESTING=1.
https://bugzilla.redhat.com/show_bug.cgi?id=1921826
NetworkManager (and NetworkManager-all-sym) must not only contain symbols
that are used by itself. Also the device and settings plugin are dlopen'd
by NetworkManager and use symobls form the binary.
That means, if a symbols is only used by a plugin, then we must make sure
that the linker keeps it in the binary. Add a mechanism for that.
I missed that we already have a gettid() wrapper. Drop the duplicated
again and use nm_utils_gettid().
Fixes: e874c5bf6b ('random: Provide missing gettid() declaration')
If the TC setting contains no qdiscs and filters, it is lost after a
write-read cycle. Fix this by adding a new property to indicate the
presence of the (empty) setting.
We will add a general "firewall-manager", so rename the firewalld related
file. This commit only renames the file. The next commit will change the
symbol naming.
"nm-device.c" is huge, and it does complicated things like handling the
state of the device and IP configuration.
It also contains simpler, individual functions, like converting enums to
strings. Let's move those trivial functions to a new module, so that the
remaining part is smaller.
"nm-device-utils.[ch]" should only contain simpler functions that have
no complex behavior or state.
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/840
In order to have more structured settings in man page and make it more
manageable to generate the docbook, it is recommended to use python
script to replace `./tools/generate-docs-nm-property-infos.pl` (this
tool is used to parse the comment section starting with `---nmcli---`,
`---dbus---`, `---keyfile---`, `---ifcfg-rh---`).
Signed-off-by: Wen Liang <liangwen12year@gmail.com>
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/824
We use util-linux's libuuid for handling UUIDs. But UUIDs are
really a trivial thing, at least the portion that we use.
Reimplement the parse/unparse/generate_random() methods and drop
the dependency. Note that no other libraries from our dependency chain
was dragging in libuuid, so thereby we really get rid of the dependency.
We still require libuuid for building, because it is used by an example
program. Maybe that should be changed, to avoid the build dependency.
But that can be done at a later time.
$ make src/libnm-systemd-shared/src/fundamental/libnm_systemd_shared_la-string-util-fundamental.lo
CC src/libnm-systemd-shared/src/fundamental/libnm_systemd_shared_la-string-util-fundamental.lo
In file included from ./src/libnm-glib-aux/nm-default-glib.h:11,
from ./src/libnm-systemd-shared/nm-default-systemd-shared.h:11,
from ./src/libnm-systemd-shared/sd-adapt-shared/nm-sd-adapt-shared.h:9,
from src/libnm-systemd-shared/src/fundamental/string-util-fundamental.c:3:
./src/libnm-std-aux/nm-default-std.h:32:10: fatal error: config-extra.h: No such file or directory
32 | #include "config-extra.h"
| ^~~~~~~~~~~~~~~~
compilation terminated.
make: *** [Makefile:15660: src/libnm-systemd-shared/src/fundamental/libnm_systemd_shared_la-string-util-fundamental.lo] Error 1
Fixes: 2a88de2280 ('systemd: merge branch systemd into master')
Better fix for https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/732
The original issue was that when compiling NetworkManager with slibtool
the create-exports-NetworkManager.sh script gave the NetworkManager-all-sym
slibtool wrapper script to nm(1) instead of the actual binary. This is
because slibtool and GNU libtool do not place the compiled programs in
the same location. The original fix was to test both locations, but this
is bit of a hack especially since the build system should not be using the
.libs directory directly. However with $(LIBTOOL) --mode=execute this is
not a problem since both implementations can figure out where the correct
binary is.
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/805
initscripts don't support "$VLAN_ID". They actually support "$VID",
which NetworkManager doesn't.
"$VLAN_ID" was introduced by commit 10b32be37b ('ifcfg-rh: various VLAN
cleanups'). It has a comment about "backward compatibility" for the case
where the reader would ignore "$VLAN_ID" if "$DEVICE"'s name contains
a suffix that is parsable as VLAN ID.
That is wrong. If a new feature gets introduce (like NetworkManager
supporting "$VLAN_ID"), then there is no way that an older version of the
tool -- which doesn't know the new feature yet (initscripts) -- supports it.
This is not what backward compatibility means. Backward compatibility
means that if a user has an old ifcfg-file without "$VLAN_ID", then we
continue parsing it as before.
Consider, when a user (or NetworkManager) writes a configuration
DEVICE=vlan9
PHYSDEV=eth0
VLAN_ID=10
then it makes no sense to ignore VLAN_ID=10 and use "9" instead.
Otherwise the user (or NetworkManager) should not have written the
file this way.
Also, NetworkManager profiles support "connection.interface-name=vlan9"
together with "vlan.id=10". Such a configuration is valid and must be
expressible in ifcfg-rh format. The ifcfg-rh writer code did not somehow
restrict the setting of "$VLAN_ID" to account for this odd behavior. Whenever
NetworkManager in the past wrote VLAN_ID variable to file, it really meant
it.
https://bugzilla.redhat.com/show_bug.cgi?id=1907960https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/794
In file included from ./src/libnm-glib-aux/nm-default-glib.h:11:0,
from ./src/libnm-glib-aux/nm-default-glib-i18n-lib.h:13,
from src/libnm-log-null/nm-logging-null.c:6:
./src/libnm-std-aux/nm-default-std.h:32:26: fatal error: config-extra.h: No such file or directory
#include "config-extra.h"
^
compilation terminated.
make[1]: *** [src/libnm-log-null/src_libnm_log_null_libnm_log_null_la-nm-logging-null.lo] Error 1
We should write our CONTRIBUTING files in markdown syntax, because
it's nice to read a plain text and gets nicely rendered.
However, if the file doesn't have a ".md" extension, gitlab's
web interface shows it as plain text file.
Rename the file.
This possibly breaks links like [1], but referring to a branch name
(and not a commit ID or a tag) is anyway fragile. Hence, I don't try
to fix that by adding a symlink or similar, because I think that just
makes it more confusing.
[1] https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/master/CONTRIBUTING
CC src/libnm-platform/wifi/libnm_platform_la-nm-wifi-utils-wext.lo
In file included from ../src/libnm-platform/wifi/nm-wifi-utils-wext.c:7:
In file included from ../src/libnm-glib-aux/nm-default-glib-i18n-lib.h:13:
In file included from ../src/libnm-glib-aux/nm-default-glib.h:11:
../src/libnm-std-aux/nm-default-std.h:30:10: fatal error: config-extra.h file not found
#include "config-extra.h"
^~~~~~~~~~~~~~~~
...
GEN config-extra.h
Note that "test-client.py" currently only tests nmcli. But what it does
is to spawn test-networkmanager-service.py and run nmcli against it.
As such, it could really be used to test any NetworkManager client
against the stub service. Hence this test is not under
"src/nmcli/tests", but under "src/tests/client/" where it is more
general.
Note that we take defines from "src/core/nm-config.h" which
are GPL-2.0-or-later licensed.
libnm-base we want to include in other LGPL licensed sources,
we it must also be LGPL.
"relicense" the code that I take. I don't think it's a problem, because:
- these are only plain defines. To which extend is that even
copyrightable?
- as far as I see, all the code was contributed by people who agreed
to such relicensing. See RELICENSE.md file.
Internally we set CPPFLAGS, because setting CFLAGS disables inheriting AM_CFLAGS --
which we use for example for "-Wno-pragmas" from the configure script.
