Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
|
|
|
|
|
|
Add a new `main.rc-manager=auto` setting, that favours to use
systemd-resolved (and not touch "/etc/resolv.conf" but configure
it via D-Bus), or falls back to `resolvconf`/`netconfig` binaries
if they are installed and enabled at compile time.
As final fallback use "symlink", like before.
Note that on Fedora there is no "openresolv" package ([1]). Instead, "systemd"
package provides "/usr/sbin/resolvconf" as a wrapper for systemd-resolved's
"resolvectl". On such a system the fallback to resolvconf is always
wrong, because NetworkManager should either talk to systemd-resolved
directly or not but never call "/usr/sbin/resolvconf". So, the special handling
for resolvconf and netconfig is only done if NetworkManager was build with these
applications explicitly enabled.
Note that SUSE builds NetworkManager with
--with-netconfig=yes
--with-config-dns-rc-manager-default=netconfig
and the new option won't be used there either. But of course, netconfig
already does all the right things on SUSE.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=668153
Suggested-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
On Debian sid, pygobject no longer builds "python-gobject" for
python2. Still, python2 may be installed and detected preferably
by AM_PATH_PYTHON(). Add workaround.
|
|
|
|
|
|
jansson 2.7 was released October 2014. It's also in Ubuntu 16.06.
Other distros (like CentOS 7.5 and Debian Stretch/9) have both newer
versions.
Bump the requirement, simply because our CI does not use such old version
so it's not clear whether it works at all.
|
|
We anyway load libjansson with dlopen(), and already before it could
happen that libjansson is not available. In that case, we would not
crash, but simply proceed without json validation.
Since libnm-core no longer uses libjansson directly, but only via
"nm-glib-aux/nm-json.h", we can just always compile with that, and use
it at runtime. That means, libjansson is not a build dependency for
libnm anymore, so we don't need a compile time check.
Note that if you build without libjansson, then JANSSON_SONAME is
undefined, and loading it will still fail at runtime. So, even if
we now always build with all our code enabled, it only works if you
actually build with libjansson. Still, it's simpler to drop the
conditional build, as the only benefit is a (minimally) smaller
build.
|
|
There should be a comma after 'Otherwise' and 'Currently'.
https://bugzilla.redhat.com/show_bug.cgi?id=1852452
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/560
|
|
|
|
If python black is install then it would check the
formating of all of the python files and test the for it.
Otherwise, it would just simply ignore the python black
if python black is not installed.
|
|
Without it, we fail to use the pregenerated gtk-doc files.
Fixes: 8a78b15c9b29 ('docs: merge branch 'th/nm-settings-manual'')
(cherry picked from commit 56b15ca0b615a12e06df0e56a921b575c26a0019)
|
|
Without it, we fail to use the pregenerated gtk-doc files.
Fixes: 8a78b15c9b29 ('docs: merge branch 'th/nm-settings-manual'')
|
|
|
|
|
|
A significant part of NetworkManager's API are the connection profiles, documented
in `man nm-settings*`. But there are different aspects about profiles, depending
on what you are interested. There is the D-Bus API, nmcli options, keyfile format,
and ifcfg-rh format. Additionally, there is also libnm API.
Add distinct manual pages for the four aspects. Currently the two new manual
pages "nm-settings-dbus" and "nm-settings-nmcli" are still identical to the
former "nm-settings.5" manual. In the future, they will diverge to
account for the differences.
There are the following aspects:
- "dbus"
- "keyfile"
- "ifcfg-rh"
- "nmcli"
For "libnm" we don't generate a separate "nm-settings-libnm" manual
page. That is instead documented via gtk-doc.
Currently the keyfile and ifcfg-rh manual pages only detail settings
which differ. But later I think also these manual pages should contain
all settings that apply.
|
|
|
|
|
|
Install a NM-specific firewalld zone to be used for interfaces that
are used for connection sharing. The zone blocks all traffic to the
local machine except some protocols (DHCP, DNS and ICMP) and allows
all forwarded traffic.
|
|
|
|
|
|
|
|
|
|
Signed-off-by: Gilles Dartiguelongue <eva@gentoo.org>
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/472
(cherry picked from commit e073491b9ce0bfd77d3c7e818fdd442a696726a9)
|
|
Signed-off-by: Gilles Dartiguelongue <eva@gentoo.org>
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/472
|
|
|
|
|
|
|
|
polkit-devel
Fixes: df1d214b2 (clients: polkit-agent: implement polkit agent without using libpolkit)
|
|
|
|
After 1.22.0 is released, merge it back into master so that
1.22.0 is part of the history of master. That means,
$ git log --first-parent master
will also traverse 1.22.0 and 1.22-rc*.
Also bump the micro version to 1.23.1-dev to indicate that this is
after 1.22.0 is out.
|
|
|
|
|
|
We always build with PolicyKit support enabled, because it has no
additional dependencies, beside some D-Bus calls.
However, in NetworkManager.conf the user could configure
"main.auth-polkit" to disable PolicyKit. However, previously it would
only allow to disable PolicyKit while granting access to all users.
I think it's useful to have an option that disables PolicyKit and grants
access only to root. I think we should not go too far in implementing
our own authorization mechanisms beside PolicyKit (e.g. you cannot
disable PolicyKit and grant access based on group membership of the
user). However, disabling PolicyKit can be useful sometimes, and it's
simple to implement a "root-only" setup.
Note one change is that when NetworkManager now runs without a D-Bus
connection (in initrd), it would deny all non-root requests. Previously
it would grant access. I think there should be little difference in
practice, because if we have no D-Bus we also don't have any requests to
authenticate.
(cherry picked from commit 6d7446e52f5bfe379c2b1f54f9244b33fd236e32)
|
|
We always build with PolicyKit support enabled, because it has no
additional dependencies, beside some D-Bus calls.
However, in NetworkManager.conf the user could configure
"main.auth-polkit" to disable PolicyKit. However, previously it would
only allow to disable PolicyKit while granting access to all users.
I think it's useful to have an option that disables PolicyKit and grants
access only to root. I think we should not go too far in implementing
our own authorization mechanisms beside PolicyKit (e.g. you cannot
disable PolicyKit and grant access based on group membership of the
user). However, disabling PolicyKit can be useful sometimes, and it's
simple to implement a "root-only" setup.
Note one change is that when NetworkManager now runs without a D-Bus
connection (in initrd), it would deny all non-root requests. Previously
it would grant access. I think there should be little difference in
practice, because if we have no D-Bus we also don't have any requests to
authenticate.
|
|
(cherry picked from commit 16223cff9172e8b1ea7974af4d613406b0f56607)
|
|
|
|
|
|
|
|
This is a tool for automatically configuring networking in a cloud
environment.
Currently it only supports IPv4 on EC2, but it's intended for extending
to other cloud providers (Azure). See [1] and [2] for how to configure
secondary IP addresses on EC2. This is what the tool currently aims to
do (but in the future it might do more).
[1] https://aws.amazon.com/premiumsupport/knowledge-center/ec2-ubuntu-secondary-network-interface/
It is inspired by SuSE's cloud-netconfig ([1], [2]) and ec2-net-utils
package on Amazon Linux ([3], [4]).
[1] https://www.suse.com/c/multi-nic-cloud-netconfig-ec2-azure/
[2] https://github.com/SUSE-Enceladus/cloud-netconfig
[3] https://github.com/aws/ec2-net-utils
[4] https://github.com/lorengordon/ec2-net-utils.git
It is also intended to work without configuration. The main point is
that you boot an image with NetworkManager and nm-cloud-setup enabled,
and it just works.
|
|
|
|
|
|
This allows the GSM connection to Just Work most of the time, as in:
"nmcli d connect ttyUSB0".
|
|
After 1.20.0 is released, merge it back into master so that
1.20.0 is part of the history of master. That means,
$ git log --first-parent master
will also traverse 1.20.0 and 1.20-rc*.
Also bump the micro version to 1.21.1-dev to indicate that this is
after 1.20.0 is out.
|
|
|
|
|
|
|
|
|