Lease expiry means that the DHCP configuration is no longer valid, and
that all attempts to renew/rebind the lease have failed. The IP config
needs to be removed. NetworkManager also sets prefered/valid lifetimes
on addresses, so the kernel will remove them when the lease expires
anyway. That causes removal of the default route, if the default route
was through the device whose config has now expired.
DHCP clients will typically move to the 'renew' or 'rebind' states when
nearing lease expiry, then if no answer is received move to the 'expire'
state. Eventually they move to the 'fail' state when all attempts to
contact the server have failed.
Previously, since NM ignored the 'expire' DHCP state it would not clear
out the DHCP IP4 config immediately when the lease expired, instead
waiting for the DHCP client to move to the 'fail' state. But if the
DHCP server appeared between the 'expire' and 'fail' states, NM would
not notice and the device's NMIP4Config would not change, and thus the
Policy would not get the "ip4-config-changed" signal to re-add the
default route that the kernel had previously removed due to the valid
lifetime reaching zero when the lease expired.
https://bugzilla.redhat.com/show_bug.cgi?id=1139326
If DHCP fails to renew or rebind a lease, fail the device since the
IP config is no longer valid. Commit e2b7c482 was actually wrong for
dhcp[4|6]_fail(), since (ip_state == IP_FAIL) will never be true if
DHCP has ever been started, as IP_FAIL is only set from
nm_device_activate_ip[4|6]_config_timeout(), which obviously will not
be called in DHCP code paths if DHCP has previously succeeded.
A device (e.g. of type tun) might not have a hwaddr. Avoid the assertion
in nm_utils_hwaddr_matches().
Backtrace:
#0 0x00007fd0920444e9 in g_logv (log_domain=0x5a5be3 "libnm", log_level=G_LOG_LEVEL_CRITICAL, format=<optimized out>, args=args@entry=0x7fff2551e590) at gmessages.c:989
#1 0x00007fd09204463f in g_log (log_domain=<optimized out>, log_level=<optimized out>, format=<optimized out>) at gmessages.c:1025
#2 0x0000000000555d31 in nm_utils_hwaddr_matches (hwaddr1=0x7fff2551e6a0, hwaddr1_len=6, hwaddr2=0x0, hwaddr2_len=-1) at ../libnm-core/nm-utils.c:2414
#3 0x000000000049e7a0 in have_connection_for_device (self=0x7fd084008710, device=0x168e5c0) at settings/nm-settings.c:1513
#4 0x000000000049e23d in nm_settings_device_added (self=0x7fd084008710, device=0x168e5c0) at settings/nm-settings.c:1599
#5 0x00000000004e6447 in add_device (self=0x1654150, device=0x168e5c0, try_assume=1) at nm-manager.c:1840
#6 0x00000000004e8fb6 in platform_link_added (self=0x1654150, ifindex=6, plink=0x165c328, reason=NM_PLATFORM_REASON_INTERNAL) at nm-manager.c:2163
#7 0x00000000004e3252 in platform_link_cb (platform=0x15b1870, ifindex=6, plink=0x165c328, change_type=NM_PLATFORM_SIGNAL_ADDED, reason=NM_PLATFORM_REASON_INTERNAL, user_data=0x1654150) at nm-manager.c:2178
#8 0x000000381dc05d8c in ffi_call_unix64 () at ../src/x86/unix64.S:76
#9 0x000000381dc056bc in ffi_call (cif=cif@entry=0x7fff2551ed00, fn=0x4e31e0 <platform_link_cb>, rvalue=0x7fff2551ec70, avalue=avalue@entry=0x7fff2551ebf0) at ../src/x86/ffi64.c:522
#10 0x00007fd092331ad8 in g_cclosure_marshal_generic (closure=0x1607710, return_gvalue=0x0, n_param_values=<optimized out>, param_values=<optimized out>, invocation_hint=<optimized out>, marshal_data=0x0) at gclosure.c:1454
#11 0x00007fd092331298 in g_closure_invoke (closure=0x1607710, return_value=return_value@entry=0x0, n_param_values=5, param_values=param_values@entry=0x7fff2551ef00, invocation_hint=invocation_hint@entry=0x7fff2551eea0)
at gclosure.c:777
#12 0x00007fd09234335d in signal_emit_unlocked_R (node=node@entry=0x15b03a0, detail=detail@entry=0, instance=instance@entry=0x15b1870, emission_return=emission_return@entry=0x0,
instance_and_params=instance_and_params@entry=0x7fff2551ef00) at gsignal.c:3586
#13 0x00007fd09234b0f2 in g_signal_emit_valist (instance=<optimized out>, signal_id=<optimized out>, detail=<optimized out>, var_args=var_args@entry=0x7fff2551f0e0) at gsignal.c:3330
#14 0x00007fd09234b3af in g_signal_emit (instance=<optimized out>, signal_id=<optimized out>, detail=<optimized out>) at gsignal.c:3386
#15 0x000000000048353d in nm_platform_query_devices () at platform/nm-platform.c:345
#16 0x00000000004e12d2 in nm_manager_start (self=0x1654150) at nm-manager.c:4170
#17 0x000000000044349a in main (argc=1, argv=0x7fff2551f938) at main.c:661
Fixes: b019348fdd
Signed-off-by: Thomas Haller <thaller@redhat.com>
Since we already intenalize the @tag to a GQuark, just use
the constant string, instead of duplicating the string.
Signed-off-by: Thomas Haller <thaller@redhat.com>
Implement polkit requests by directly using the DBUS interface.
This makes NetworkManager independent from libpolkit-gobject-1 library.
https://bugzilla.gnome.org/show_bug.cgi?id=734146
Signed-off-by: Thomas Haller <thaller@redhat.com>
Let the user completly disable polkit authentication by
building NM with configure option '--enable-polkit=disabled'.
In that case, configuring 'main.auth-polkit=yes' will fail all
authentication requests (except root-requests, which are always granted).
This reduces the size of the NetworkManager binary by some 26KB (16KB
stripped).
Signed-off-by: Thomas Haller <thaller@redhat.com>
This makes NetworkManager independent of <polkit/polkit.h>
development headers and libpolkit-gobject-1.so library.
Instead communicate directly with polkit using its DBUS
interface.
PolicyKit support is now always compiled in. You can control
polkit authorization with the configuration option
[main]
auth-polkit=yes|no
If the configure option is omitted, a build time default
value is used. This default value can be set with the
configure option --enable-polkit.
This commit adds a new class NMAuthManager that reimplements the
relevant DBUS client parts. It takes source code from the polkit
library.
https://bugzilla.gnome.org/show_bug.cgi?id=734146
Signed-off-by: Thomas Haller <thaller@redhat.com>
Allow for the special values "1" and "0". Also, ignore the
letter case when comparing the configuration value.
Signed-off-by: Thomas Haller <thaller@redhat.com>
Add nm_utils_wifi_strength_bars(), which figures out whether the
terminal can display graphical wifi strength bars, and converts a
numerical value to the appropriate Unicode or ASCII characters.
This also now takes into consideration the fact that the console font
doesn't contain all of the necessary characters, so we can't display
the graphical bars there. (rh #1131491)
Use g_print() and g_printerr(), which wrap printf() and
fprintf(stderr,...), but handle conversion from UTF-8 if the locale is
using a different character set.
When a connection is updated by Update() and the new settings contain *no*
secrets, leave the previous secrets untouched. This makes updating connection
parameters much easier. Users (clients) need not to bother with secrets when
they only want adjust a parameter.
Use case:
- GetSettings()
- modify the settings
- Update()
E.g. nmcli con mod my-wifi connection.zone home
https://bugzilla.gnome.org/show_bug.cgi?id=728920
vxlan_info_data_parser() must take care of missing netlink attributes.
Otherwise, older kernels will crash NM.
Also, workaround compilation against old kernel headers which are
missing 'struct ifla_vxlan_port_range'. We do this by defining our
own 'struct nm_ifla_vxlan_port_range' version.
Reported-by: Javier Jardón <jjardon@gnome.org>
Signed-off-by: Thomas Haller <thaller@redhat.com>
