import UBI NetworkManager-1.52.0-3.el9_6
This commit is contained in:
parent
33c9aa78b2
commit
75d9dc9671
@ -1 +1 @@
|
||||
6423adef5f4bb2c0cc20c2173e03a7ac8b8565ca SOURCES/NetworkManager-1.48.10.tar.xz
|
||||
44942a87c9e4a62e84b5e5917e7a81ba41547067 SOURCES/NetworkManager-1.52.0.tar.xz
|
||||
|
2
.gitignore
vendored
2
.gitignore
vendored
@ -1 +1 @@
|
||||
SOURCES/NetworkManager-1.48.10.tar.xz
|
||||
SOURCES/NetworkManager-1.52.0.tar.xz
|
||||
|
@ -1,8 +1,8 @@
|
||||
diff --git a/src/core/devices/nm-device.c b/src/core/devices/nm-device.c
|
||||
index 16f8e1f261..036233e668 100644
|
||||
index 66eba20..ef3d45b 100644
|
||||
--- a/src/core/devices/nm-device.c
|
||||
+++ b/src/core/devices/nm-device.c
|
||||
@@ -1661,7 +1661,7 @@ _prop_get_ipv4_dad_timeout(NMDevice *self)
|
||||
@@ -1664,7 +1664,7 @@ _prop_get_ipv4_dad_timeout(NMDevice *self)
|
||||
self,
|
||||
0,
|
||||
NM_SETTING_IP_CONFIG_DAD_TIMEOUT_MAX,
|
||||
@ -12,10 +12,10 @@ index 16f8e1f261..036233e668 100644
|
||||
|
||||
static guint32
|
||||
diff --git a/src/libnm-core-impl/nm-setting-ip-config.c b/src/libnm-core-impl/nm-setting-ip-config.c
|
||||
index bfebe7d13d..de56ed74ea 100644
|
||||
index e79f25a..a7a2b69 100644
|
||||
--- a/src/libnm-core-impl/nm-setting-ip-config.c
|
||||
+++ b/src/libnm-core-impl/nm-setting-ip-config.c
|
||||
@@ -6655,7 +6655,7 @@ nm_setting_ip_config_class_init(NMSettingIPConfigClass *klass)
|
||||
@@ -6735,7 +6735,7 @@ nm_setting_ip_config_class_init(NMSettingIPConfigClass *klass)
|
||||
*
|
||||
* A zero value means that no duplicate address detection is performed, -1 means
|
||||
* the default value (either the value configured globally in NetworkManger.conf
|
||||
@ -25,10 +25,10 @@ index bfebe7d13d..de56ed74ea 100644
|
||||
* actual duration can be between half and the full time specified in this
|
||||
* property.
|
||||
diff --git a/src/libnmc-setting/settings-docs.h.in b/src/libnmc-setting/settings-docs.h.in
|
||||
index 77cde6620e..e42cb74e7f 100644
|
||||
index 091dcd6..6ab2c44 100644
|
||||
--- a/src/libnmc-setting/settings-docs.h.in
|
||||
+++ b/src/libnmc-setting/settings-docs.h.in
|
||||
@@ -162,7 +162,7 @@
|
||||
@@ -166,7 +166,7 @@
|
||||
#define DESCRIBE_DOC_NM_SETTING_INFINIBAND_TRANSPORT_MODE N_("The IP-over-InfiniBand transport mode. Either \"datagram\" or \"connected\".")
|
||||
#define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_ADDRESSES N_("A list of IPv4 addresses and their prefix length. Multiple addresses can be separated by comma. For example \"192.168.1.5/24, 10.1.0.5/24\". The addresses are listed in decreasing priority, meaning the first address will be the primary address.")
|
||||
#define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_AUTO_ROUTE_EXT_GW N_("VPN connections will default to add the route automatically unless this setting is set to FALSE. For other connection types, adding such an automatic route is currently not supported and setting this to TRUE has no effect.")
|
||||
@ -37,8 +37,8 @@ index 77cde6620e..e42cb74e7f 100644
|
||||
#define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_DHCP_CLIENT_ID N_("A string sent to the DHCP server to identify the local machine which the DHCP server may use to customize the DHCP lease and options. When the property is a hex string ('aa:bb:cc') it is interpreted as a binary client ID, in which case the first byte is assumed to be the 'type' field as per RFC 2132 section 9.14 and the remaining bytes may be an hardware address (e.g. '01:xx:xx:xx:xx:xx:xx' where 1 is the Ethernet ARP type and the rest is a MAC address). If the property is not a hex string it is considered as a non-hardware-address client ID and the 'type' field is set to 0. The special values \"mac\" and \"perm-mac\" are supported, which use the current or permanent MAC address of the device to generate a client identifier with type ethernet (01). Currently, these options only work for ethernet type of links. The special value \"ipv6-duid\" uses the DUID from \"ipv6.dhcp-duid\" property as an RFC4361-compliant client identifier. As IAID it uses \"ipv4.dhcp-iaid\" and falls back to \"ipv6.dhcp-iaid\" if unset. The special value \"duid\" generates a RFC4361-compliant client identifier based on \"ipv4.dhcp-iaid\" and uses a DUID generated by hashing /etc/machine-id. The special value \"stable\" is supported to generate a type 0 client identifier based on the stable-id (see connection.stable-id) and a per-host key. If you set the stable-id, you may want to include the \"${DEVICE}\" or \"${MAC}\" specifier to get a per-device key. The special value \"none\" prevents any client identifier from being sent. Note that this is normally not recommended. If unset, a globally configured default from NetworkManager.conf is used. If still unset, the default depends on the DHCP plugin. The internal dhcp client will default to \"mac\" and the dhclient plugin will try to use one from its config file if present, or won't sent any client-id otherwise.")
|
||||
#define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_DHCP_DSCP N_("Specifies the value for the DSCP field (traffic class) of the IP header. When empty, the global default value is used; if no global default is specified, it is assumed to be \"CS0\". Allowed values are: \"CS0\", \"CS4\" and \"CS6\". The property is currently valid only for IPv4, and it is supported only by the \"internal\" DHCP plugin.")
|
||||
#define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_DHCP_FQDN N_("If the \"dhcp-send-hostname\" property is TRUE, then the specified FQDN will be sent to the DHCP server when acquiring a lease. This property and \"dhcp-hostname\" are mutually exclusive and cannot be set at the same time.")
|
||||
@@ -192,7 +192,7 @@
|
||||
#define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_ADDR_GEN_MODE N_("Configure method for creating the IPv6 interface identifer of addresses with RFC4862 IPv6 Stateless Address Autoconfiguration and Link Local addresses. The permitted values are: \"eui64\" (0), \"stable-privacy\" (1), \"default\" (3) or \"default-or-eui64\" (2). If the property is set to \"eui64\", the addresses will be generated using the interface token derived from hardware address. This makes the host part of the address to stay constant, making it possible to track the host's presence when it changes networks. The address changes when the interface hardware is replaced. If a duplicate address is detected, there is also no fallback to generate another address. When configured, the \"ipv6.token\" is used instead of the MAC address to generate addresses for stateless autoconfiguration. If the property is set to \"stable-privacy\", the interface identifier is generated as specified by RFC7217. This works by hashing a host specific key (see NetworkManager(8) manual), the interface name, the connection's \"connection.stable-id\" property and the address prefix. This improves privacy by making it harder to use the address to track the host's presence and the address is stable when the network interface hardware is replaced. The special values \"default\" and \"default-or-eui64\" will fallback to the global connection default as documented in the NetworkManager.conf(5) manual. If the global default is not specified, the fallback value is \"stable-privacy\" or \"eui64\", respectively. If not specified, when creating a new profile the default is \"default\". Note that this setting is distinct from the Privacy Extensions as configured by \"ip6-privacy\" property and it does not affect the temporary addresses configured with this option.")
|
||||
@@ -198,7 +198,7 @@
|
||||
#define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_ADDR_GEN_MODE N_("Configure method for creating the IPv6 interface identifier of addresses with RFC4862 IPv6 Stateless Address Autoconfiguration and Link Local addresses. The permitted values are: \"eui64\" (0), \"stable-privacy\" (1), \"default\" (3) or \"default-or-eui64\" (2). If the property is set to \"eui64\", the addresses will be generated using the interface token derived from hardware address. This makes the host part of the address to stay constant, making it possible to track the host's presence when it changes networks. The address changes when the interface hardware is replaced. If a duplicate address is detected, there is also no fallback to generate another address. When configured, the \"ipv6.token\" is used instead of the MAC address to generate addresses for stateless autoconfiguration. If the property is set to \"stable-privacy\", the interface identifier is generated as specified by RFC7217. This works by hashing a host specific key (see NetworkManager(8) manual), the interface name, the connection's \"connection.stable-id\" property and the address prefix. This improves privacy by making it harder to use the address to track the host's presence and the address is stable when the network interface hardware is replaced. The special values \"default\" and \"default-or-eui64\" will fallback to the global connection default as documented in the NetworkManager.conf(5) manual. If the global default is not specified, the fallback value is \"stable-privacy\" or \"eui64\", respectively. If not specified, when creating a new profile the default is \"default\". Note that this setting is distinct from the Privacy Extensions as configured by \"ip6-privacy\" property and it does not affect the temporary addresses configured with this option.")
|
||||
#define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_ADDRESSES N_("A list of IPv6 addresses and their prefix length. Multiple addresses can be separated by comma. For example \"2001:db8:85a3::8a2e:370:7334/64, 2001:db8:85a3::5/64\". The addresses are listed in decreasing priority, meaning the first address will be the primary address. This can make a difference with IPv6 source address selection (RFC 6724, section 5).")
|
||||
#define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_AUTO_ROUTE_EXT_GW N_("VPN connections will default to add the route automatically unless this setting is set to FALSE. For other connection types, adding such an automatic route is currently not supported and setting this to TRUE has no effect.")
|
||||
-#define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_DAD_TIMEOUT N_("Maximum timeout in milliseconds used to check for the presence of duplicate IP addresses on the network. If an address conflict is detected, the activation will fail. The property is currently implemented only for IPv4. A zero value means that no duplicate address detection is performed, -1 means the default value (either the value configured globally in NetworkManger.conf or 200ms). A value greater than zero is a timeout in milliseconds. Note that the time intervals are subject to randomization as per RFC 5227 and so the actual duration can be between half and the full time specified in this property.")
|
||||
@ -47,10 +47,10 @@ index 77cde6620e..e42cb74e7f 100644
|
||||
#define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_DHCP_DUID N_("A string containing the DHCPv6 Unique Identifier (DUID) used by the dhcp client to identify itself to DHCPv6 servers (RFC 3315). The DUID is carried in the Client Identifier option. If the property is a hex string ('aa:bb:cc') it is interpreted as a binary DUID and filled as an opaque value in the Client Identifier option. The special value \"lease\" will retrieve the DUID previously used from the lease file belonging to the connection. If no DUID is found and \"dhclient\" is the configured dhcp client, the DUID is searched in the system-wide dhclient lease file. If still no DUID is found, or another dhcp client is used, a global and permanent DUID-UUID (RFC 6355) will be generated based on the machine-id. The special values \"llt\" and \"ll\" will generate a DUID of type LLT or LL (see RFC 3315) based on the current MAC address of the device. In order to try providing a stable DUID-LLT, the time field will contain a constant timestamp that is used globally (for all profiles) and persisted to disk. The special values \"stable-llt\", \"stable-ll\" and \"stable-uuid\" will generate a DUID of the corresponding type, derived from the connection's stable-id and a per-host unique key. You may want to include the \"${DEVICE}\" or \"${MAC}\" specifier in the stable-id, in case this profile gets activated on multiple devices. So, the link-layer address of \"stable-ll\" and \"stable-llt\" will be a generated address derived from the stable id. The DUID-LLT time value in the \"stable-llt\" option will be picked among a static timespan of three years (the upper bound of the interval is the same constant timestamp used in \"llt\"). When the property is unset, the global value provided for \"ipv6.dhcp-duid\" is used. If no global value is provided, the default \"lease\" value is assumed.")
|
||||
#define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_DHCP_HOSTNAME N_("If the \"dhcp-send-hostname\" property is TRUE, then the specified name will be sent to the DHCP server when acquiring a lease. This property and \"dhcp-fqdn\" are mutually exclusive and cannot be set at the same time.")
|
||||
diff --git a/src/nmcli/gen-metadata-nm-settings-nmcli.xml.in b/src/nmcli/gen-metadata-nm-settings-nmcli.xml.in
|
||||
index 8806bf2550..09648f3ff8 100644
|
||||
index 7f5bc2c..0ffa6fb 100644
|
||||
--- a/src/nmcli/gen-metadata-nm-settings-nmcli.xml.in
|
||||
+++ b/src/nmcli/gen-metadata-nm-settings-nmcli.xml.in
|
||||
@@ -1337,7 +1337,7 @@
|
||||
@@ -1369,7 +1369,7 @@
|
||||
values="-1 - 2147483647"
|
||||
special-values="default (-1), infinity (2147483647)" />
|
||||
<property name="dad-timeout"
|
||||
|
@ -1,45 +0,0 @@
|
||||
From 065584036f8072c994a8bdab210bcfd0ff483960 Mon Sep 17 00:00:00 2001
|
||||
From: Lubomir Rintel <lkundrak@v3.sk>
|
||||
Date: Tue, 27 Aug 2024 00:29:17 +0200
|
||||
Subject: [PATCH] cloud-setup: allow bigger restart bursts
|
||||
|
||||
On daemon startup, we may end up enqueueing many nm-cloud-setup.service
|
||||
restarts in very a short time. That is perfectly fine, just bump the
|
||||
thresholds so that systemd doesn't get in the way too quickly.
|
||||
|
||||
100 requests in 1 seconds seem like a fair choice -- little bit on the
|
||||
conservative side, yet still giving the service manager some room to
|
||||
interfere on a chance things really go awry.
|
||||
|
||||
https://issues.redhat.com/browse/RHEL-49694
|
||||
(cherry picked from commit 927cff9f178911b2a146259a89bfcc9727cbd8c3)
|
||||
(cherry picked from commit 4dc35c72744f8820575ab0ea4638c4ddd880547d)
|
||||
---
|
||||
src/nm-cloud-setup/nm-cloud-setup.service.in | 11 +++++++++++
|
||||
1 file changed, 11 insertions(+)
|
||||
|
||||
diff --git a/src/nm-cloud-setup/nm-cloud-setup.service.in b/src/nm-cloud-setup/nm-cloud-setup.service.in
|
||||
index e73654d892..ecb70e1c8e 100644
|
||||
--- a/src/nm-cloud-setup/nm-cloud-setup.service.in
|
||||
+++ b/src/nm-cloud-setup/nm-cloud-setup.service.in
|
||||
@@ -8,6 +8,17 @@ After=NetworkManager.service
|
||||
Type=oneshot
|
||||
ExecStart=@libexecdir@/nm-cloud-setup
|
||||
|
||||
+# The service restart gets triggered from dispatcher script
|
||||
+# (pre-up and dhcp4-change actions), possibly ending up with many
|
||||
+# restart requests at the same time (e.g. on initial daemon startup
|
||||
+# on a machine with multiple NICs). The systemd handles multiple
|
||||
+# concurrent restart requests gracefully (the newer requests supersede
|
||||
+# older, which wait for them to finish), but the default limits are way
|
||||
+# too low: 5 restarts in 10 seconds. Raise that high enough for us to
|
||||
+# be on the safe side.
|
||||
+StartLimitIntervalSec=1
|
||||
+StartLimitBurst=100
|
||||
+
|
||||
#Environment=NM_CLOUD_SETUP_LOG=TRACE
|
||||
|
||||
# Cloud providers are disabled by default. You need to
|
||||
--
|
||||
2.46.0
|
||||
|
@ -0,0 +1,85 @@
|
||||
From 3199dbc5cd688e8b9239a17ba6602779e7b1ba01 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?=C3=8D=C3=B1igo=20Huguet?= <ihuguet@redhat.com>
|
||||
Date: Thu, 3 Apr 2025 09:20:58 +0200
|
||||
Subject: [PATCH 1/2] core: fail early if we cannot get current FEC value
|
||||
|
||||
If we cannot get current FEC value probably we won't be able to set it a
|
||||
few lines later. Also, if it fails to set, we try to use the value of
|
||||
the old one that we tried to retrieve without success. In that case, the
|
||||
variable old_fec_mode would be uninitialized. Fix it by returning early
|
||||
if we cannot get the current value.
|
||||
|
||||
Fixes: 19bed3121fb6 ('ethtool: support Forward Error Correction(fec)')
|
||||
(cherry picked from commit cbdd0d9cca34f4e1cbd177e347e14265e1afaf6c)
|
||||
(cherry picked from commit b7e34f225a57b5374d39e095284d6ad03da59097)
|
||||
---
|
||||
src/core/devices/nm-device.c | 7 +++++--
|
||||
1 file changed, 5 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/core/devices/nm-device.c b/src/core/devices/nm-device.c
|
||||
index 801dc7cd76..8d7eaa5676 100644
|
||||
--- a/src/core/devices/nm-device.c
|
||||
+++ b/src/core/devices/nm-device.c
|
||||
@@ -2768,13 +2768,16 @@ _ethtool_fec_set(NMDevice *self,
|
||||
fec_mode = g_variant_get_uint32(variant);
|
||||
}
|
||||
|
||||
- nm_platform_ethtool_get_fec_mode(platform, ethtool_state->ifindex, &old_fec_mode);
|
||||
-
|
||||
/* The NM_SETTING_ETHTOOL_FEC_MODE_NONE is query only value, hence do nothing. */
|
||||
if (!fec_mode || fec_mode == NM_SETTING_ETHTOOL_FEC_MODE_NONE) {
|
||||
return;
|
||||
}
|
||||
|
||||
+ if (!nm_platform_ethtool_get_fec_mode(platform, ethtool_state->ifindex, &old_fec_mode)) {
|
||||
+ _LOGW(LOGD_DEVICE, "ethtool: failure setting FEC %d: cannot get current value", fec_mode);
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
if (!nm_platform_ethtool_set_fec_mode(platform, ethtool_state->ifindex, fec_mode))
|
||||
_LOGW(LOGD_DEVICE, "ethtool: failure setting FEC %d", fec_mode);
|
||||
else {
|
||||
--
|
||||
2.49.0
|
||||
|
||||
|
||||
From 85e98d98e5511e3b4faa5248b51c32d650a098af Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?=C3=8D=C3=B1igo=20Huguet?= <ihuguet@redhat.com>
|
||||
Date: Thu, 3 Apr 2025 09:32:26 +0200
|
||||
Subject: [PATCH 2/2] core: optimize hash table search in _ethtool_fec_set
|
||||
|
||||
Break the loop as soon as we've found the value.
|
||||
|
||||
Fixes: 19bed3121fb6 ('ethtool: support Forward Error Correction(fec)')
|
||||
(cherry picked from commit 245f0e0b35d385e966289080dbd2594e74a189b2)
|
||||
(cherry picked from commit 094a542546b158038473cc59f3f8ab03851e63eb)
|
||||
---
|
||||
src/core/devices/nm-device.c | 12 +++++-------
|
||||
1 file changed, 5 insertions(+), 7 deletions(-)
|
||||
|
||||
diff --git a/src/core/devices/nm-device.c b/src/core/devices/nm-device.c
|
||||
index 8d7eaa5676..c777d934d6 100644
|
||||
--- a/src/core/devices/nm-device.c
|
||||
+++ b/src/core/devices/nm-device.c
|
||||
@@ -2759,13 +2759,11 @@ _ethtool_fec_set(NMDevice *self,
|
||||
|
||||
g_hash_table_iter_init(&iter, hash);
|
||||
while (g_hash_table_iter_next(&iter, (gpointer *) &name, (gpointer *) &variant)) {
|
||||
- NMEthtoolID ethtool_id = nm_ethtool_id_get_by_name(name);
|
||||
-
|
||||
- if (!nm_ethtool_id_is_fec(ethtool_id))
|
||||
- continue;
|
||||
-
|
||||
- nm_assert(g_variant_is_of_type(variant, G_VARIANT_TYPE_UINT32));
|
||||
- fec_mode = g_variant_get_uint32(variant);
|
||||
+ if (nm_ethtool_id_is_fec(nm_ethtool_id_get_by_name(name))) {
|
||||
+ nm_assert(g_variant_is_of_type(variant, G_VARIANT_TYPE_UINT32));
|
||||
+ fec_mode = g_variant_get_uint32(variant);
|
||||
+ break;
|
||||
+ }
|
||||
}
|
||||
|
||||
/* The NM_SETTING_ETHTOOL_FEC_MODE_NONE is query only value, hence do nothing. */
|
||||
--
|
||||
2.49.0
|
||||
|
@ -1,140 +0,0 @@
|
||||
From 7183fbf6f35572f9fb0c2eeef5c155a3b9c82a54 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?=C3=8D=C3=B1igo=20Huguet?= <ihuguet@redhat.com>
|
||||
Date: Tue, 27 Aug 2024 12:08:16 +0200
|
||||
Subject: [PATCH] cloud-setup: azure: ensure that primary address is placed
|
||||
first
|
||||
|
||||
The primary address is that placed at position 0 of all the IP Addresses
|
||||
of the interface. Sometimes we put it in a different position in the
|
||||
ipv4s array because we insert them in the order we receive, but it might
|
||||
happen that the HTTP responses comes back in wrong order.
|
||||
|
||||
In order to solve this, we pass the index of the IPv4 address to the
|
||||
callback and the address is added in the right position directly.
|
||||
|
||||
Co-authored-by: Fernando Fernandez Mancera <ffmancera@riseup.net>
|
||||
(cherry picked from commit 72014db629cff33611ade58190d45a714efa1bbf)
|
||||
(cherry picked from commit c976e212372da9683a1e2f8618e3bcfdf21d5e25)
|
||||
---
|
||||
src/nm-cloud-setup/nmcs-provider-azure.c | 43 ++++++++++++++++--------
|
||||
1 file changed, 29 insertions(+), 14 deletions(-)
|
||||
|
||||
diff --git a/src/nm-cloud-setup/nmcs-provider-azure.c b/src/nm-cloud-setup/nmcs-provider-azure.c
|
||||
index 771c43d9ad..78eda16cbb 100644
|
||||
--- a/src/nm-cloud-setup/nmcs-provider-azure.c
|
||||
+++ b/src/nm-cloud-setup/nmcs-provider-azure.c
|
||||
@@ -102,6 +102,11 @@ typedef struct {
|
||||
guint n_iface_data_pending;
|
||||
} AzureIfaceData;
|
||||
|
||||
+typedef struct {
|
||||
+ AzureIfaceData *iface_data;
|
||||
+ guint64 ipaddress_idx;
|
||||
+} AzureIpAddressReqData;
|
||||
+
|
||||
static void
|
||||
_azure_iface_data_destroy(AzureIfaceData *iface_data)
|
||||
{
|
||||
@@ -112,7 +117,8 @@ static void
|
||||
_get_config_fetch_done_cb(NMHttpClient *http_client,
|
||||
GAsyncResult *result,
|
||||
AzureIfaceData *iface_data,
|
||||
- GetConfigFetchType fetch_type)
|
||||
+ GetConfigFetchType fetch_type,
|
||||
+ guint64 ipaddress_idx)
|
||||
{
|
||||
NMCSProviderGetConfigTaskData *get_config_data;
|
||||
NMCSProviderGetConfigIfaceData *iface_get_config;
|
||||
@@ -149,9 +155,7 @@ _get_config_fetch_done_cb(NMHttpClient *http_client,
|
||||
_LOGD("interface[%" G_GSSIZE_FORMAT "]: received address %s",
|
||||
iface_data->intern_iface_idx,
|
||||
nm_inet4_ntop(tmp_addr, tmp_addr_str));
|
||||
- iface_get_config->ipv4s_arr[iface_get_config->ipv4s_len] = tmp_addr;
|
||||
- iface_get_config->has_ipv4s = TRUE;
|
||||
- iface_get_config->ipv4s_len++;
|
||||
+ iface_get_config->ipv4s_arr[ipaddress_idx] = tmp_addr;
|
||||
break;
|
||||
|
||||
case GET_CONFIG_FETCH_TYPE_IPV4_SUBNET_0_ADDRESS:
|
||||
@@ -203,10 +207,14 @@ _get_config_fetch_done_cb_ipv4_ipaddress_x_privateipaddress(GObject *source
|
||||
GAsyncResult *result,
|
||||
gpointer user_data)
|
||||
{
|
||||
+ AzureIpAddressReqData *ipaddress_req_data = user_data;
|
||||
+
|
||||
_get_config_fetch_done_cb(NM_HTTP_CLIENT(source),
|
||||
result,
|
||||
- user_data,
|
||||
- GET_CONFIG_FETCH_TYPE_IPV4_IPADDRESS_X_PRIVATEIPADDRESS);
|
||||
+ ipaddress_req_data->iface_data,
|
||||
+ GET_CONFIG_FETCH_TYPE_IPV4_IPADDRESS_X_PRIVATEIPADDRESS,
|
||||
+ ipaddress_req_data->ipaddress_idx);
|
||||
+ g_free(ipaddress_req_data);
|
||||
}
|
||||
|
||||
static void
|
||||
@@ -217,7 +225,8 @@ _get_config_fetch_done_cb_ipv4_subnet_0_address(GObject *source,
|
||||
_get_config_fetch_done_cb(NM_HTTP_CLIENT(source),
|
||||
result,
|
||||
user_data,
|
||||
- GET_CONFIG_FETCH_TYPE_IPV4_SUBNET_0_ADDRESS);
|
||||
+ GET_CONFIG_FETCH_TYPE_IPV4_SUBNET_0_ADDRESS,
|
||||
+ 0);
|
||||
}
|
||||
|
||||
static void
|
||||
@@ -228,7 +237,8 @@ _get_config_fetch_done_cb_ipv4_subnet_0_prefix(GObject *source,
|
||||
_get_config_fetch_done_cb(NM_HTTP_CLIENT(source),
|
||||
result,
|
||||
user_data,
|
||||
- GET_CONFIG_FETCH_TYPE_IPV4_SUBNET_0_PREFIX);
|
||||
+ GET_CONFIG_FETCH_TYPE_IPV4_SUBNET_0_PREFIX,
|
||||
+ 0);
|
||||
}
|
||||
|
||||
static void
|
||||
@@ -265,9 +275,10 @@ _get_config_ips_prefix_list_cb(GObject *source, GAsyncResult *result, gpointer u
|
||||
nm_sprintf_buf(iface_idx_str, "%" G_GSSIZE_FORMAT, iface_data->intern_iface_idx);
|
||||
|
||||
while (nm_utils_parse_next_line(&response_str, &response_len, &line, &line_len)) {
|
||||
- gint64 ips_prefix_idx;
|
||||
- gs_free char *uri = NULL;
|
||||
- char buf[100];
|
||||
+ AzureIpAddressReqData *ipaddress_req_data;
|
||||
+ gint64 ips_prefix_idx;
|
||||
+ gs_free char *uri = NULL;
|
||||
+ char buf[100];
|
||||
|
||||
if (line_len == 0)
|
||||
continue;
|
||||
@@ -284,8 +295,11 @@ _get_config_ips_prefix_list_cb(GObject *source, GAsyncResult *result, gpointer u
|
||||
if (ips_prefix_idx < 0)
|
||||
continue;
|
||||
|
||||
- iface_data->n_iface_data_pending++;
|
||||
+ ipaddress_req_data = g_new(AzureIpAddressReqData, 1);
|
||||
+ ipaddress_req_data->iface_data = iface_data;
|
||||
+ ipaddress_req_data->ipaddress_idx = ips_prefix_idx;
|
||||
|
||||
+ iface_data->n_iface_data_pending++;
|
||||
nm_http_client_poll_req(
|
||||
NM_HTTP_CLIENT(source),
|
||||
(uri = _azure_uri_interfaces(iface_idx_str,
|
||||
@@ -302,11 +316,12 @@ _get_config_ips_prefix_list_cb(GObject *source, GAsyncResult *result, gpointer u
|
||||
NULL,
|
||||
NULL,
|
||||
_get_config_fetch_done_cb_ipv4_ipaddress_x_privateipaddress,
|
||||
- iface_data);
|
||||
+ ipaddress_req_data);
|
||||
}
|
||||
|
||||
- iface_data->iface_get_config->ipv4s_len = 0;
|
||||
iface_data->iface_get_config->ipv4s_arr = g_new(in_addr_t, iface_data->n_iface_data_pending);
|
||||
+ iface_data->iface_get_config->has_ipv4s = TRUE;
|
||||
+ iface_data->iface_get_config->ipv4s_len = iface_data->n_iface_data_pending;
|
||||
|
||||
{
|
||||
gs_free char *uri = NULL;
|
||||
--
|
||||
2.46.0
|
||||
|
8073
SOURCES/1002-oci-update-disconnected-vnics-83198.patch
Normal file
8073
SOURCES/1002-oci-update-disconnected-vnics-83198.patch
Normal file
File diff suppressed because it is too large
Load Diff
@ -0,0 +1,195 @@
|
||||
From de4f4e870dae3aae3dd77953b9e47a7cef7f5f90 Mon Sep 17 00:00:00 2001
|
||||
From: Tomas Korbar <tkorbar@redhat.com>
|
||||
Date: Thu, 13 Mar 2025 12:31:14 +0100
|
||||
Subject: [PATCH 1/2] dns: Fix invalid memory access on Dnsconfd DBUS error
|
||||
|
||||
DBus errors were not properly handled after DBus calls and
|
||||
that caused SIGSEGV. Now they are checked.
|
||||
|
||||
Fixes #1738
|
||||
Fixes: b8714e86e4e7 ('dns: introduce configuration_serial support to the dnsconfd plugin')
|
||||
|
||||
(cherry picked from commit 4ad20787bbeb53559e96bdd74e06b8267a9d287b)
|
||||
---
|
||||
src/core/dns/nm-dns-dnsconfd.c | 13 ++++++++++++-
|
||||
1 file changed, 12 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/core/dns/nm-dns-dnsconfd.c b/src/core/dns/nm-dns-dnsconfd.c
|
||||
index 63b3060f3d..c994ec8bc9 100644
|
||||
--- a/src/core/dns/nm-dns-dnsconfd.c
|
||||
+++ b/src/core/dns/nm-dns-dnsconfd.c
|
||||
@@ -132,6 +132,13 @@ dnsconfd_serial_retrieval_done(GObject *source_object, GAsyncResult *res, gpoint
|
||||
self = user_data;
|
||||
priv = NM_DNS_DNSCONFD_GET_PRIVATE(self);
|
||||
|
||||
+ if (!response) {
|
||||
+ _LOGW("dnsconfd serial retrieval failed: %s", error->message);
|
||||
+ priv->plugin_state = DNSCONFD_PLUGIN_IDLE;
|
||||
+ _nm_dns_plugin_update_pending_maybe_changed(NM_DNS_PLUGIN(self));
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
nm_clear_g_cancellable(&priv->serial_cancellable);
|
||||
|
||||
g_variant_get(response, "(v)", &new_serial_variant);
|
||||
@@ -201,8 +208,12 @@ dnsconfd_update_done(GObject *source_object, GAsyncResult *res, gpointer user_da
|
||||
|
||||
nm_clear_g_cancellable(&priv->update_cancellable);
|
||||
|
||||
- if (!response)
|
||||
+ if (!response) {
|
||||
_LOGW("dnsconfd update failed: %s", error->message);
|
||||
+ priv->plugin_state = DNSCONFD_PLUGIN_IDLE;
|
||||
+ _nm_dns_plugin_update_pending_maybe_changed(NM_DNS_PLUGIN(self));
|
||||
+ return;
|
||||
+ }
|
||||
|
||||
/* By using &s we will get pointer to char data contained
|
||||
* in variant and thus no freing of dnsconfd_message is required */
|
||||
--
|
||||
2.49.0
|
||||
|
||||
From 873adc4dc04088542b107ebd6aa2289a4c4f6df9 Mon Sep 17 00:00:00 2001
|
||||
From: Tomas Korbar <tkorbar@redhat.com>
|
||||
Date: Thu, 13 Mar 2025 12:34:09 +0100
|
||||
Subject: [PATCH 2/2] dns: Refactor changing of Dnsconfd plugin state
|
||||
|
||||
(cherry picked from commit 7ba27f7a13afaa8a55e662cd1857d480c52a3a85)
|
||||
---
|
||||
src/core/dns/nm-dns-dnsconfd.c | 45 ++++++++++++++++------------------
|
||||
1 file changed, 21 insertions(+), 24 deletions(-)
|
||||
|
||||
diff --git a/src/core/dns/nm-dns-dnsconfd.c b/src/core/dns/nm-dns-dnsconfd.c
|
||||
index c994ec8bc9..c17fb9cf44 100644
|
||||
--- a/src/core/dns/nm-dns-dnsconfd.c
|
||||
+++ b/src/core/dns/nm-dns-dnsconfd.c
|
||||
@@ -71,6 +71,15 @@ typedef enum {
|
||||
|
||||
/*****************************************************************************/
|
||||
|
||||
+static void
|
||||
+dnsconfd_change_plugin_state(NMDnsDnsconfd *self, DnsconfdPluginState new_state)
|
||||
+{
|
||||
+ NMDnsDnsconfdPrivate *priv = NM_DNS_DNSCONFD_GET_PRIVATE(self);
|
||||
+
|
||||
+ priv->plugin_state = new_state;
|
||||
+ _nm_dns_plugin_update_pending_maybe_changed(NM_DNS_PLUGIN(self));
|
||||
+}
|
||||
+
|
||||
static void
|
||||
dnsconfd_serial_changed(NMDnsDnsconfd *self, guint new_serial)
|
||||
{
|
||||
@@ -78,12 +87,10 @@ dnsconfd_serial_changed(NMDnsDnsconfd *self, guint new_serial)
|
||||
priv->present_configuration_serial = new_serial;
|
||||
if (priv->plugin_state == DNSCONFD_PLUGIN_WAIT_SERIAL
|
||||
&& priv->awaited_configuration_serial == new_serial) {
|
||||
- priv->plugin_state = DNSCONFD_PLUGIN_IDLE;
|
||||
+ dnsconfd_change_plugin_state(self, DNSCONFD_PLUGIN_IDLE);
|
||||
/* Update finished, serials match */
|
||||
_LOGT("serials match, update finished");
|
||||
}
|
||||
-
|
||||
- _nm_dns_plugin_update_pending_maybe_changed(NM_DNS_PLUGIN(self));
|
||||
}
|
||||
|
||||
static void
|
||||
@@ -134,8 +141,7 @@ dnsconfd_serial_retrieval_done(GObject *source_object, GAsyncResult *res, gpoint
|
||||
|
||||
if (!response) {
|
||||
_LOGW("dnsconfd serial retrieval failed: %s", error->message);
|
||||
- priv->plugin_state = DNSCONFD_PLUGIN_IDLE;
|
||||
- _nm_dns_plugin_update_pending_maybe_changed(NM_DNS_PLUGIN(self));
|
||||
+ dnsconfd_change_plugin_state(self, DNSCONFD_PLUGIN_IDLE);
|
||||
return;
|
||||
}
|
||||
|
||||
@@ -210,8 +216,7 @@ dnsconfd_update_done(GObject *source_object, GAsyncResult *res, gpointer user_da
|
||||
|
||||
if (!response) {
|
||||
_LOGW("dnsconfd update failed: %s", error->message);
|
||||
- priv->plugin_state = DNSCONFD_PLUGIN_IDLE;
|
||||
- _nm_dns_plugin_update_pending_maybe_changed(NM_DNS_PLUGIN(self));
|
||||
+ dnsconfd_change_plugin_state(self, DNSCONFD_PLUGIN_IDLE);
|
||||
return;
|
||||
}
|
||||
|
||||
@@ -221,8 +226,7 @@ dnsconfd_update_done(GObject *source_object, GAsyncResult *res, gpointer user_da
|
||||
|
||||
if (!awaited_serial) {
|
||||
_LOGW("dnsconfd refused update: %s", dnsconfd_message);
|
||||
- priv->plugin_state = DNSCONFD_PLUGIN_IDLE;
|
||||
- _nm_dns_plugin_update_pending_maybe_changed(NM_DNS_PLUGIN(self));
|
||||
+ dnsconfd_change_plugin_state(self, DNSCONFD_PLUGIN_IDLE);
|
||||
return;
|
||||
}
|
||||
|
||||
@@ -231,14 +235,12 @@ dnsconfd_update_done(GObject *source_object, GAsyncResult *res, gpointer user_da
|
||||
|
||||
if (priv->awaited_configuration_serial == priv->present_configuration_serial) {
|
||||
/* Serials match, update finished */
|
||||
- priv->plugin_state = DNSCONFD_PLUGIN_IDLE;
|
||||
+ dnsconfd_change_plugin_state(self, DNSCONFD_PLUGIN_IDLE);
|
||||
_LOGT("after update serials match");
|
||||
} else {
|
||||
- priv->plugin_state = DNSCONFD_PLUGIN_WAIT_SERIAL;
|
||||
+ dnsconfd_change_plugin_state(self, DNSCONFD_PLUGIN_WAIT_SERIAL);
|
||||
_LOGT("after update serials don't match, waiting");
|
||||
}
|
||||
-
|
||||
- _nm_dns_plugin_update_pending_maybe_changed(NM_DNS_PLUGIN(self));
|
||||
}
|
||||
|
||||
static gboolean
|
||||
@@ -489,8 +491,7 @@ name_owner_changed(NMDnsDnsconfd *self, const char *name_owner)
|
||||
|| priv->plugin_state == DNSCONFD_PLUGIN_WAIT_SERIAL) {
|
||||
/* We were waiting for either serial or confirmation of update and name
|
||||
* disappeared, thus we need to retransmit */
|
||||
- priv->plugin_state = DNSCONFD_PLUGIN_WAIT_CONNECT;
|
||||
- _nm_dns_plugin_update_pending_maybe_changed(NM_DNS_PLUGIN(self));
|
||||
+ dnsconfd_change_plugin_state(self, DNSCONFD_PLUGIN_WAIT_CONNECT);
|
||||
}
|
||||
return;
|
||||
}
|
||||
@@ -501,15 +502,13 @@ name_owner_changed(NMDnsDnsconfd *self, const char *name_owner)
|
||||
if (!subscribe_serial(self)) {
|
||||
/* This means that in time between new name and subscribe serial call
|
||||
* we lost the name again thus wait again */
|
||||
- priv->plugin_state = DNSCONFD_PLUGIN_WAIT_CONNECT;
|
||||
+ dnsconfd_change_plugin_state(self, DNSCONFD_PLUGIN_WAIT_CONNECT);
|
||||
_LOGT("subscription failed, waiting to connect");
|
||||
} else {
|
||||
- priv->plugin_state = DNSCONFD_PLUGIN_WAIT_UPDATE_DONE;
|
||||
+ dnsconfd_change_plugin_state(self, DNSCONFD_PLUGIN_WAIT_UPDATE_DONE);
|
||||
_LOGT("sending update and waiting for its finish");
|
||||
send_dnsconfd_update(self);
|
||||
}
|
||||
-
|
||||
- _nm_dns_plugin_update_pending_maybe_changed(NM_DNS_PLUGIN(self));
|
||||
}
|
||||
|
||||
static void
|
||||
@@ -706,18 +705,16 @@ update(NMDnsPlugin *plugin,
|
||||
/* We need to consider only whether we are connected, because newer update call
|
||||
* overrides the old one */
|
||||
if (all_connected == CONNECTION_FAIL) {
|
||||
- priv->plugin_state = DNSCONFD_PLUGIN_IDLE;
|
||||
+ dnsconfd_change_plugin_state(self, DNSCONFD_PLUGIN_IDLE);
|
||||
_LOGT("failed to connect");
|
||||
} else if (all_connected == CONNECTION_WAIT) {
|
||||
- priv->plugin_state = DNSCONFD_PLUGIN_WAIT_CONNECT;
|
||||
+ dnsconfd_change_plugin_state(self, DNSCONFD_PLUGIN_WAIT_CONNECT);
|
||||
_LOGT("not connected, waiting to connect");
|
||||
} else {
|
||||
- priv->plugin_state = DNSCONFD_PLUGIN_WAIT_UPDATE_DONE;
|
||||
+ dnsconfd_change_plugin_state(self, DNSCONFD_PLUGIN_WAIT_UPDATE_DONE);
|
||||
_LOGT("connected, waiting for update to finish");
|
||||
}
|
||||
|
||||
- _nm_dns_plugin_update_pending_maybe_changed(plugin);
|
||||
-
|
||||
if (all_connected == CONNECTION_FAIL) {
|
||||
nm_utils_error_set(error,
|
||||
NM_UTILS_ERROR_UNKNOWN,
|
||||
--
|
||||
2.49.0
|
||||
|
@ -1,74 +0,0 @@
|
||||
From d9dd0aeff8ba2e1a0005c2e5751907c453927c5c Mon Sep 17 00:00:00 2001
|
||||
From: Gris Ge <fge@redhat.com>
|
||||
Date: Mon, 21 Oct 2024 21:13:29 +0800
|
||||
Subject: [PATCH] sriov: only valid sriov capacity when enabled
|
||||
|
||||
NetworkManager current code will refuse to activate a connection if its
|
||||
interface has no SRIOV capacity but holding a empty SRIOV settings.
|
||||
|
||||
This patch only valid SRIOV capacity when it is enabled(total_vfs > 0).
|
||||
|
||||
Resolves: https://issues.redhat.com/browse/RHEL-58397
|
||||
|
||||
Signed-off-by: Gris Ge <fge@redhat.com>
|
||||
(cherry picked from commit 421ccf8b4cb85c96db3bf1cb6a860e41a784c950)
|
||||
(cherry picked from commit c9e31e70cbf62c65cec460dc198712a61351e9f4)
|
||||
(cherry picked from commit 90a3b014683c3c98c9fb4bbe2add65510e7f1b31)
|
||||
---
|
||||
src/core/devices/nm-device.c | 19 ++++++++++---------
|
||||
1 file changed, 10 insertions(+), 9 deletions(-)
|
||||
|
||||
diff --git a/src/core/devices/nm-device.c b/src/core/devices/nm-device.c
|
||||
index 4780003a0a..e86c32a902 100644
|
||||
--- a/src/core/devices/nm-device.c
|
||||
+++ b/src/core/devices/nm-device.c
|
||||
@@ -9468,6 +9468,7 @@ check_connection_compatible(NMDevice *self,
|
||||
NMSettingMatch *s_match;
|
||||
const GSList *specs;
|
||||
gboolean has_match = FALSE;
|
||||
+ NMSettingSriov *s_sriov = NULL;
|
||||
|
||||
klass = NM_DEVICE_GET_CLASS(self);
|
||||
if (klass->connection_type_check_compatible) {
|
||||
@@ -9485,12 +9486,14 @@ check_connection_compatible(NMDevice *self,
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
- if (!nm_device_has_capability(self, NM_DEVICE_CAP_SRIOV)
|
||||
- && nm_connection_get_setting(connection, NM_TYPE_SETTING_SRIOV)) {
|
||||
- nm_utils_error_set_literal(error,
|
||||
- NM_UTILS_ERROR_CONNECTION_AVAILABLE_TEMPORARY,
|
||||
- "device does not support SR-IOV");
|
||||
- return FALSE;
|
||||
+ if (!nm_device_has_capability(self, NM_DEVICE_CAP_SRIOV)) {
|
||||
+ s_sriov = (NMSettingSriov *) nm_connection_get_setting(connection, NM_TYPE_SETTING_SRIOV);
|
||||
+ if (s_sriov && nm_setting_sriov_get_total_vfs(s_sriov)) {
|
||||
+ nm_utils_error_set_literal(error,
|
||||
+ NM_UTILS_ERROR_CONNECTION_AVAILABLE_TEMPORARY,
|
||||
+ "device does not support SR-IOV");
|
||||
+ return FALSE;
|
||||
+ }
|
||||
}
|
||||
|
||||
conn_iface = nm_manager_get_connection_iface(NM_MANAGER_GET, connection, NULL, NULL, &local);
|
||||
@@ -10101,7 +10104,7 @@ activate_stage1_device_prepare(NMDevice *self)
|
||||
s_sriov = nm_device_get_applied_setting(self, NM_TYPE_SETTING_SRIOV);
|
||||
}
|
||||
|
||||
- if (s_sriov) {
|
||||
+ if (s_sriov && nm_device_has_capability(self, NM_DEVICE_CAP_SRIOV)) {
|
||||
nm_auto_freev NMPlatformVF **plat_vfs = NULL;
|
||||
gs_free_error GError *error = NULL;
|
||||
NMSriovVF *vf;
|
||||
@@ -10109,8 +10112,6 @@ activate_stage1_device_prepare(NMDevice *self)
|
||||
guint num;
|
||||
guint i;
|
||||
|
||||
- nm_assert(nm_device_has_capability(self, NM_DEVICE_CAP_SRIOV));
|
||||
-
|
||||
autoprobe = nm_setting_sriov_get_autoprobe_drivers(s_sriov);
|
||||
if (autoprobe == NM_TERNARY_DEFAULT) {
|
||||
autoprobe = nm_config_data_get_connection_default_int64(
|
||||
--
|
||||
2.45.2
|
||||
|
@ -1,136 +0,0 @@
|
||||
From 3b1181dc02172033d8e2bb7fd2336b2ea0355a87 Mon Sep 17 00:00:00 2001
|
||||
From: Beniamino Galvani <bgalvani@redhat.com>
|
||||
Date: Mon, 23 Sep 2024 17:28:03 +0200
|
||||
Subject: [PATCH] device: fix bug when deactivating port connections
|
||||
asynchronously
|
||||
|
||||
When the attach_port()/detach_port() methods do not return immediately
|
||||
(currently, only for OVS ports), the following situation can arise:
|
||||
|
||||
- nm_device_controller_attach_port() starts the attachment by sending
|
||||
the command to ovsdb. Note that here we don't set
|
||||
`PortInfo->port_is_attached` to TRUE yet; that happens only after
|
||||
the asynchronous command returns;
|
||||
|
||||
- the activation of the port gets interrupted because the connection
|
||||
is deleted;
|
||||
|
||||
- the port device enters the deactivating state, triggering function
|
||||
port_state_changed()
|
||||
|
||||
- the function calls nm_device_controller_release_port() which checks
|
||||
whether the port is already attached; since
|
||||
`PortInfo->port_is_attached` is not set yet, it assumes the port
|
||||
doesn't need to be detached;
|
||||
|
||||
- in the meantime, the ovsdb operation succeeds. As a consequence,
|
||||
the kernel link is created even if the connection no longer exists.
|
||||
|
||||
Fix this by turning `port_is_attached` into a tri-state variable that
|
||||
also tracks when the port is attaching. When it is, we need to perform
|
||||
an explicit detach during deactivation.
|
||||
|
||||
Fixes: 9fcbc6b37dec ('device: make attach_port() asynchronous')
|
||||
|
||||
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/2043
|
||||
|
||||
Resolves: https://issues.redhat.com/browse/RHEL-58026
|
||||
(cherry picked from commit a8329587c8bdd53e2bc4513a4e82529727cfa5ef)
|
||||
(cherry picked from commit d809ca6db24b5145fcc1857b962afb7ae17d07a5)
|
||||
(cherry picked from commit ca6ca684b21235f706b02cee42075f2ee3cb1795)
|
||||
---
|
||||
src/core/devices/nm-device.c | 27 ++++++++++++++++++++++-----
|
||||
1 file changed, 22 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/src/core/devices/nm-device.c b/src/core/devices/nm-device.c
|
||||
index e86c32a902..f9a2e7e8fe 100644
|
||||
--- a/src/core/devices/nm-device.c
|
||||
+++ b/src/core/devices/nm-device.c
|
||||
@@ -126,12 +126,18 @@ typedef enum _nm_packed {
|
||||
ADDR_METHOD_STATE_FAILED,
|
||||
} AddrMethodState;
|
||||
|
||||
+typedef enum {
|
||||
+ PORT_STATE_NOT_ATTACHED,
|
||||
+ PORT_STATE_ATTACHED,
|
||||
+ PORT_STATE_ATTACHING,
|
||||
+} PortState;
|
||||
+
|
||||
typedef struct {
|
||||
CList lst_port;
|
||||
NMDevice *port;
|
||||
GCancellable *cancellable;
|
||||
gulong watch_id;
|
||||
- bool port_is_attached;
|
||||
+ PortState port_state;
|
||||
bool configure;
|
||||
} PortInfo;
|
||||
|
||||
@@ -6693,7 +6699,7 @@ attach_port_done(NMDevice *self, NMDevice *port, gboolean success)
|
||||
if (!info)
|
||||
return;
|
||||
|
||||
- info->port_is_attached = success;
|
||||
+ info->port_state = (success ? PORT_STATE_ATTACHED : PORT_STATE_NOT_ATTACHED);
|
||||
|
||||
nm_device_port_notify_attach_as_port(info->port, success);
|
||||
|
||||
@@ -6756,7 +6762,7 @@ nm_device_controller_attach_port(NMDevice *self, NMDevice *port, NMConnection *c
|
||||
if (!info)
|
||||
return;
|
||||
|
||||
- if (info->port_is_attached)
|
||||
+ if (info->port_state == PORT_STATE_ATTACHED)
|
||||
success = TRUE;
|
||||
else {
|
||||
configure = (info->configure && connection != NULL);
|
||||
@@ -6765,6 +6771,7 @@ nm_device_controller_attach_port(NMDevice *self, NMDevice *port, NMConnection *c
|
||||
|
||||
nm_clear_g_cancellable(&info->cancellable);
|
||||
info->cancellable = g_cancellable_new();
|
||||
+ info->port_state = PORT_STATE_ATTACHING;
|
||||
success = NM_DEVICE_GET_CLASS(self)->attach_port(self,
|
||||
port,
|
||||
connection,
|
||||
@@ -6819,6 +6826,7 @@ nm_device_controller_release_port(NMDevice *self,
|
||||
PortInfo *info;
|
||||
gs_unref_object NMDevice *self_free = NULL;
|
||||
gs_unref_object NMDevice *port_free = NULL;
|
||||
+ const char *port_state_str;
|
||||
|
||||
g_return_if_fail(NM_DEVICE(self));
|
||||
g_return_if_fail(NM_DEVICE(port));
|
||||
@@ -6830,11 +6838,20 @@ nm_device_controller_release_port(NMDevice *self,
|
||||
|
||||
info = find_port_info(self, port);
|
||||
|
||||
+ if (info->port_state == PORT_STATE_ATTACHED)
|
||||
+ port_state_str = "(attached)";
|
||||
+ else if (info->port_state == PORT_STATE_NOT_ATTACHED)
|
||||
+ port_state_str = "(not attached)";
|
||||
+ else {
|
||||
+ nm_assert(info->port_state == PORT_STATE_ATTACHING);
|
||||
+ port_state_str = "(attaching)";
|
||||
+ }
|
||||
+
|
||||
_LOGT(LOGD_CORE,
|
||||
"controller: release one port " NM_HASH_OBFUSCATE_PTR_FMT "/%s %s%s",
|
||||
NM_HASH_OBFUSCATE_PTR(port),
|
||||
nm_device_get_iface(port),
|
||||
- !info ? "(not registered)" : (info->port_is_attached ? "(attached)" : "(not attached)"),
|
||||
+ !info ? "(not registered)" : port_state_str,
|
||||
release_type == RELEASE_PORT_TYPE_CONFIG_FORCE
|
||||
? " (force-configure)"
|
||||
: (release_type == RELEASE_PORT_TYPE_CONFIG ? " (configure)" : "(no-config)"));
|
||||
@@ -6850,7 +6867,7 @@ nm_device_controller_release_port(NMDevice *self,
|
||||
nm_clear_g_cancellable(&info->cancellable);
|
||||
|
||||
/* first, let subclasses handle the release ... */
|
||||
- if (info->port_is_attached || nm_device_sys_iface_state_is_external(port)
|
||||
+ if (info->port_state != PORT_STATE_NOT_ATTACHED || nm_device_sys_iface_state_is_external(port)
|
||||
|| release_type >= RELEASE_PORT_TYPE_CONFIG_FORCE) {
|
||||
NMTernary ret;
|
||||
|
||||
--
|
||||
2.45.2
|
||||
|
@ -1,57 +0,0 @@
|
||||
From fd2768da4c3f966a215f01f09f8b5d7d534d0193 Mon Sep 17 00:00:00 2001
|
||||
From: Beniamino Galvani <bgalvani@redhat.com>
|
||||
Date: Tue, 24 Sep 2024 16:25:03 +0200
|
||||
Subject: [PATCH] libnm-core: fix validation of ovs-dpdk interface name
|
||||
|
||||
An ovs-dpdk interface doesn't have a kernel link and doesn't have the
|
||||
15-character limit on the name.
|
||||
|
||||
Fixes: 3efe070dfc7a ('libnm: validate "connection.interface-name" at one place only')
|
||||
|
||||
Resolves: https://issues.redhat.com/browse/RHEL-60233
|
||||
|
||||
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/2044
|
||||
(cherry picked from commit fda05b0af085d9f7e4cc5691075dae63e7bf02a6)
|
||||
(cherry picked from commit f6e4e537757a414cc896bc1b402da8c9c9e32eaa)
|
||||
(cherry picked from commit c7035db5b43beff7ad7e91685ff17982a540d8e2)
|
||||
---
|
||||
src/libnm-core-impl/nm-setting-connection.c | 4 ++--
|
||||
src/libnm-core-impl/tests/test-general.c | 2 +-
|
||||
2 files changed, 3 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/src/libnm-core-impl/nm-setting-connection.c b/src/libnm-core-impl/nm-setting-connection.c
|
||||
index b51cd46bdd..3298dce60a 100644
|
||||
--- a/src/libnm-core-impl/nm-setting-connection.c
|
||||
+++ b/src/libnm-core-impl/nm-setting-connection.c
|
||||
@@ -1379,13 +1379,13 @@ verify(NMSetting *setting, NMConnection *connection, GError **error)
|
||||
if (connection)
|
||||
goto after_interface_name;
|
||||
iface_type = NMU_IFACE_ANY;
|
||||
- } else if (NM_IN_STRSET(ovs_iface_type, "patch")) {
|
||||
+ } else if (NM_IN_STRSET(ovs_iface_type, "patch", "dpdk")) {
|
||||
/* this interface type is internal to OVS. */
|
||||
iface_type = NMU_IFACE_OVS;
|
||||
} else {
|
||||
/* This interface type also requires a netdev. We need to validate
|
||||
* for both OVS and KERNEL. */
|
||||
- nm_assert(NM_IN_STRSET(ovs_iface_type, "internal", "system", "dpdk"));
|
||||
+ nm_assert(NM_IN_STRSET(ovs_iface_type, "internal", "system"));
|
||||
iface_type = NMU_IFACE_OVS_AND_KERNEL;
|
||||
}
|
||||
} else
|
||||
diff --git a/src/libnm-core-impl/tests/test-general.c b/src/libnm-core-impl/tests/test-general.c
|
||||
index 0a39010c11..8d4ea069c5 100644
|
||||
--- a/src/libnm-core-impl/tests/test-general.c
|
||||
+++ b/src/libnm-core-impl/tests/test-general.c
|
||||
@@ -10832,7 +10832,7 @@ test_connection_ovs_ifname(gconstpointer test_data)
|
||||
/* good if bridge, port, or patch interface */
|
||||
g_object_set(s_con, NM_SETTING_CONNECTION_INTERFACE_NAME, "ovs123123123123130123123", NULL);
|
||||
|
||||
- if (!ovs_iface_type || nm_streq(ovs_iface_type, "patch"))
|
||||
+ if (!ovs_iface_type || NM_IN_STRSET(ovs_iface_type, "patch", "dpdk"))
|
||||
nmtst_assert_connection_verifies(con);
|
||||
else {
|
||||
nmtst_assert_connection_unnormalizable(con,
|
||||
--
|
||||
2.45.2
|
||||
|
@ -1,541 +0,0 @@
|
||||
From 9628d71b541635047807e3344b871f701bddf77e Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?=C3=8D=C3=B1igo=20Huguet?= <ihuguet@redhat.com>
|
||||
Date: Wed, 4 Dec 2024 14:24:38 +0100
|
||||
Subject: [PATCH 1/4] libnmc: fix bug checking VersionInfo's capabilities
|
||||
|
||||
Remove the `+ 31u` that was making that it would search for bit 1 at
|
||||
array's element 1, instead of element 0. Fixed comparison >len that
|
||||
shoudl be >=len. Fix a few typos.
|
||||
|
||||
Fixes: bc6098d44106 ('libnm: add internal nmc_client_has_{version_info_v,version_info_capability,capability}() helper')
|
||||
(cherry picked from commit 5a65170b49d38f5195da900f63710c847ce3364e)
|
||||
---
|
||||
src/libnm-client-aux-extern/nm-libnm-aux.c | 11 ++++-------
|
||||
src/libnm-client-impl/nm-client.c | 4 ++--
|
||||
2 files changed, 6 insertions(+), 9 deletions(-)
|
||||
|
||||
diff --git a/src/libnm-client-aux-extern/nm-libnm-aux.c b/src/libnm-client-aux-extern/nm-libnm-aux.c
|
||||
index 5855bc299b..77f4a19559 100644
|
||||
--- a/src/libnm-client-aux-extern/nm-libnm-aux.c
|
||||
+++ b/src/libnm-client-aux-extern/nm-libnm-aux.c
|
||||
@@ -169,14 +169,11 @@ nmc_client_has_version_info_capability(NMClient *nmc, NMVersionInfoCapability ca
|
||||
len--;
|
||||
ver++;
|
||||
|
||||
- idx = (gsize) capability;
|
||||
- if (idx >= G_MAXSIZE - 31u)
|
||||
- return FALSE;
|
||||
-
|
||||
- idx_hi = ((idx + 31u) / 32u);
|
||||
- idx_lo = (idx % 32u);
|
||||
+ idx = (gsize) capability;
|
||||
+ idx_hi = idx / 32u;
|
||||
+ idx_lo = idx % 32u;
|
||||
|
||||
- if (idx_hi > len)
|
||||
+ if (idx_hi >= len)
|
||||
return FALSE;
|
||||
|
||||
return NM_FLAGS_ANY(ver[idx_hi], (1ull << idx_lo));
|
||||
diff --git a/src/libnm-client-impl/nm-client.c b/src/libnm-client-impl/nm-client.c
|
||||
index 4ecc83899c..677f9aacab 100644
|
||||
--- a/src/libnm-client-impl/nm-client.c
|
||||
+++ b/src/libnm-client-impl/nm-client.c
|
||||
@@ -6315,7 +6315,7 @@ nm_client_get_capabilities(NMClient *client, gsize *length)
|
||||
*
|
||||
* If available, the first element in the array is NM_VERSION which
|
||||
* encodes the daemon version as "(major << 16 | minor << 8 | micro)".
|
||||
- * The following elements are a bitfield of %NMVersionInfoCapabilities
|
||||
+ * The following elements are a bitfield of %NMVersionInfoCapability
|
||||
* that indicate that the daemon supports a certain capability.
|
||||
*
|
||||
* Returns: (transfer none) (array length=length): the
|
||||
@@ -8312,7 +8312,7 @@ nm_client_class_init(NMClientClass *client_class)
|
||||
* Expose version info and capabilities of NetworkManager. If non-empty,
|
||||
* the first element is NM_VERSION, which encodes the version of the
|
||||
* daemon as "(major << 16 | minor << 8 | micro)". The following elements
|
||||
- * is a bitfields of %NMVersionInfoCapabilities. If a bit is set, then
|
||||
+ * is a bitfields of %NMVersionInfoCapability. If a bit is set, then
|
||||
* the running NetworkManager has the respective capability.
|
||||
*
|
||||
* Since: 1.42
|
||||
--
|
||||
2.47.1
|
||||
|
||||
|
||||
From 2498b7aa0b0e654d97c6ded907c20341b866af21 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?=C3=8D=C3=B1igo=20Huguet?= <ihuguet@redhat.com>
|
||||
Date: Wed, 27 Nov 2024 08:48:50 +0100
|
||||
Subject: [PATCH 2/4] platform: rename NM_IP_ROUTE_TABLE_SYNC_MODE_FULL ->
|
||||
ALL_EXCEPT_LOCAL
|
||||
|
||||
The difference between FULL and ALL was not obvious without reading the
|
||||
documentation. Moreover, a new mode is going to be introduced so the
|
||||
confusion could grow. Rename to a more explicit name.
|
||||
|
||||
(cherry picked from commit e1840ad5fbe4684cb8fce4a638617729969255e5)
|
||||
---
|
||||
src/libnm-platform/nm-platform.c | 4 ++--
|
||||
src/libnm-platform/nmp-base.h | 6 +++---
|
||||
2 files changed, 5 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/src/libnm-platform/nm-platform.c b/src/libnm-platform/nm-platform.c
|
||||
index af04f29fad..ac2ecb421c 100644
|
||||
--- a/src/libnm-platform/nm-platform.c
|
||||
+++ b/src/libnm-platform/nm-platform.c
|
||||
@@ -4890,7 +4890,7 @@ nm_platform_ip_route_get_prune_list(NMPlatform *self,
|
||||
nm_assert(NM_IN_SET(addr_family, AF_INET, AF_INET6));
|
||||
nm_assert(NM_IN_SET(route_table_sync,
|
||||
NM_IP_ROUTE_TABLE_SYNC_MODE_MAIN,
|
||||
- NM_IP_ROUTE_TABLE_SYNC_MODE_FULL,
|
||||
+ NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_EXCEPT_LOCAL,
|
||||
NM_IP_ROUTE_TABLE_SYNC_MODE_ALL,
|
||||
NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_PRUNE));
|
||||
|
||||
@@ -4915,7 +4915,7 @@ nm_platform_ip_route_get_prune_list(NMPlatform *self,
|
||||
if (!nm_platform_route_table_is_main(nm_platform_ip_route_get_effective_table(&rt->rx)))
|
||||
continue;
|
||||
break;
|
||||
- case NM_IP_ROUTE_TABLE_SYNC_MODE_FULL:
|
||||
+ case NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_EXCEPT_LOCAL:
|
||||
if (nm_platform_ip_route_get_effective_table(&rt->rx) == RT_TABLE_LOCAL)
|
||||
continue;
|
||||
break;
|
||||
diff --git a/src/libnm-platform/nmp-base.h b/src/libnm-platform/nmp-base.h
|
||||
index c7d487e23c..9e2e1063a1 100644
|
||||
--- a/src/libnm-platform/nmp-base.h
|
||||
+++ b/src/libnm-platform/nmp-base.h
|
||||
@@ -211,8 +211,8 @@ nmp_object_type_to_flags(NMPObjectType obj_type)
|
||||
* @NM_IP_ROUTE_TABLE_SYNC_MODE_NONE: indicate an invalid setting.
|
||||
* @NM_IP_ROUTE_TABLE_SYNC_MODE_MAIN: only the main table is synced. For all
|
||||
* other tables, NM won't delete any extra routes.
|
||||
- * @NM_IP_ROUTE_TABLE_SYNC_MODE_FULL: NM will sync all tables, except the
|
||||
- * local table (255).
|
||||
+ * @NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_EXCEPT_LOCAL: NM will sync all tables, except
|
||||
+ * the local table (255).
|
||||
* @NM_IP_ROUTE_TABLE_SYNC_MODE_ALL: NM will sync all tables, including the
|
||||
* local table (255).
|
||||
* @NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_PRUNE: NM will sync all tables (including
|
||||
@@ -222,7 +222,7 @@ nmp_object_type_to_flags(NMPObjectType obj_type)
|
||||
typedef enum {
|
||||
NM_IP_ROUTE_TABLE_SYNC_MODE_NONE,
|
||||
NM_IP_ROUTE_TABLE_SYNC_MODE_MAIN,
|
||||
- NM_IP_ROUTE_TABLE_SYNC_MODE_FULL,
|
||||
+ NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_EXCEPT_LOCAL,
|
||||
NM_IP_ROUTE_TABLE_SYNC_MODE_ALL,
|
||||
NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_PRUNE,
|
||||
} NMIPRouteTableSyncMode;
|
||||
--
|
||||
2.47.1
|
||||
|
||||
|
||||
From f970d505e9f5cfdc6b699105e404cd06c51439ca Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?=C3=8D=C3=B1igo=20Huguet?= <ihuguet@redhat.com>
|
||||
Date: Wed, 27 Nov 2024 13:53:02 +0100
|
||||
Subject: [PATCH 3/4] l3cfg: remove routes added by NM on reapply
|
||||
|
||||
By default, on reapply we were only syncing the main routes table. This
|
||||
causes that routes added by NM to other tables are not removed on
|
||||
reapply. This was done to preserve routes added externally, but routes
|
||||
added by NM itself should be removed.
|
||||
|
||||
Add a new route table syncing mode "main + NM routes". This mode
|
||||
maintains the normal behaviour of syncing completely the main table,
|
||||
and for other tables removes only routes that were added by us, leaving
|
||||
the rest untouched. Use this mode by default, as this is what a user
|
||||
would expect on reapply.
|
||||
|
||||
Note: this might not work if NM is restarted between the profile being
|
||||
modified and the reapply, because NM forgets what routes were added by
|
||||
itself because of the restart. This is a rare corner case, though.
|
||||
|
||||
Use the D-Bus property "VersionInfo" to expose a capability flag
|
||||
indicating that this bug is fixed. It is the first capability that we
|
||||
expose in this way. However, it is convenient to do it this way as it's
|
||||
something that clients like nmstate needs to know, so they can decide
|
||||
whether a conn down is needed or not. It is not enough to decide that by
|
||||
version number because it might be fixed via a downstream patch in distros
|
||||
like RHEL.
|
||||
|
||||
https://issues.redhat.com/browse/RHEL-67324
|
||||
https://issues.redhat.com/browse/RHEL-66262
|
||||
|
||||
Fixes: e9c17fcc9b33 ('l3cfg: default to 'main' route table sync mode')
|
||||
(cherry picked from commit e330eb9c4a721d158641701cb48cd8094246d258)
|
||||
---
|
||||
src/core/nm-l3cfg.c | 22 ++++++-
|
||||
src/core/nm-manager.c | 29 +++++----
|
||||
src/libnm-core-public/nm-dbus-interface.h | 13 ++--
|
||||
src/libnm-platform/nm-platform.c | 78 ++++++++++++++++++++++-
|
||||
src/libnm-platform/nm-platform.h | 5 +-
|
||||
src/libnm-platform/nmp-base.h | 4 ++
|
||||
6 files changed, 127 insertions(+), 24 deletions(-)
|
||||
|
||||
diff --git a/src/core/nm-l3cfg.c b/src/core/nm-l3cfg.c
|
||||
index 57baeac25d..9dd8275b1f 100644
|
||||
--- a/src/core/nm-l3cfg.c
|
||||
+++ b/src/core/nm-l3cfg.c
|
||||
@@ -4997,7 +4997,7 @@ _l3_commit_one(NML3Cfg *self,
|
||||
}
|
||||
|
||||
if (route_table_sync == NM_IP_ROUTE_TABLE_SYNC_MODE_NONE)
|
||||
- route_table_sync = NM_IP_ROUTE_TABLE_SYNC_MODE_MAIN;
|
||||
+ route_table_sync = NM_IP_ROUTE_TABLE_SYNC_MODE_MAIN_AND_NM_ROUTES;
|
||||
|
||||
if (any_dirty)
|
||||
_obj_states_track_prune_dirty(self, TRUE);
|
||||
@@ -5026,6 +5026,8 @@ _l3_commit_one(NML3Cfg *self,
|
||||
}
|
||||
|
||||
if (c_list_is_empty(&self->priv.p->blocked_lst_head_x[IS_IPv4])) {
|
||||
+ gs_unref_ptrarray GPtrArray *routes_old = NULL;
|
||||
+
|
||||
addresses_prune =
|
||||
nm_platform_ip_address_get_prune_list(self->priv.platform,
|
||||
addr_family,
|
||||
@@ -5033,10 +5035,26 @@ _l3_commit_one(NML3Cfg *self,
|
||||
nm_g_array_data(ipv6_temp_addrs_keep),
|
||||
nm_g_array_len(ipv6_temp_addrs_keep));
|
||||
|
||||
+ if (route_table_sync == NM_IP_ROUTE_TABLE_SYNC_MODE_MAIN_AND_NM_ROUTES) {
|
||||
+ NMDedupMultiIter iter;
|
||||
+ const NMPObject *rt_obj;
|
||||
+
|
||||
+ routes_old = g_ptr_array_new();
|
||||
+ nm_l3_config_data_iter_obj_for_each (&iter,
|
||||
+ l3cd_old,
|
||||
+ &rt_obj,
|
||||
+ NMP_OBJECT_TYPE_IP_ROUTE(IS_IPv4))
|
||||
+ g_ptr_array_add(routes_old, (gpointer) rt_obj);
|
||||
+
|
||||
+ nm_platform_route_objs_sort(routes_old, NM_PLATFORM_IP_ROUTE_CMP_TYPE_SEMANTICALLY);
|
||||
+ }
|
||||
+
|
||||
routes_prune = nm_platform_ip_route_get_prune_list(self->priv.platform,
|
||||
addr_family,
|
||||
self->priv.ifindex,
|
||||
- route_table_sync);
|
||||
+ route_table_sync,
|
||||
+ routes_old);
|
||||
+
|
||||
_obj_state_zombie_lst_prune_all(self, addr_family);
|
||||
}
|
||||
} else {
|
||||
diff --git a/src/core/nm-manager.c b/src/core/nm-manager.c
|
||||
index 0a7e7b2e4a..a673279712 100644
|
||||
--- a/src/core/nm-manager.c
|
||||
+++ b/src/core/nm-manager.c
|
||||
@@ -462,21 +462,24 @@ static GVariant *
|
||||
_version_info_get(void)
|
||||
{
|
||||
const guint32 arr[] = {
|
||||
+ /* The array contains as first element NM_VERSION, which can be
|
||||
+ * used to numerically compare the version (see also NM_ENCODE_VERSION,
|
||||
+ * nm_utils_version(), nm_encode_version() and nm_decode_version(). */
|
||||
NM_VERSION,
|
||||
- };
|
||||
|
||||
- /* The array contains as first element NM_VERSION, which can be
|
||||
- * used to numerically compare the version (see also NM_ENCODE_VERSION,
|
||||
- * nm_utils_version(), nm_encode_version() and nm_decode_version().
|
||||
- *
|
||||
- * The following elements of the array are a bitfield of capabilities.
|
||||
- * These capabilities should only depend on compile-time abilities
|
||||
- * (unlike NM_MANAGER_CAPABILITIES, NMCapability). The supported values
|
||||
- * are from NMVersionInfoCapability enum. This way to expose capabilities
|
||||
- * is more cumbersome but more efficient compared to NM_MANAGER_CAPABILITIES.
|
||||
- * As such, it is cheap to add capabilities for something, where you would
|
||||
- * avoid it as NM_MANAGER_CAPABILITIES due to the overhead.
|
||||
- */
|
||||
+ /* The following elements of the array are a bitfield of capabilities.
|
||||
+ * These capabilities should only depend on compile-time abilities
|
||||
+ * (unlike NM_MANAGER_CAPABILITIES, NMCapability). The supported values
|
||||
+ * are from NMVersionInfoCapability enum. This way to expose capabilities
|
||||
+ * is more cumbersome but more efficient compared to NM_MANAGER_CAPABILITIES.
|
||||
+ * As such, it is cheap to add capabilities for something, where you would
|
||||
+ * avoid it as NM_MANAGER_CAPABILITIES due to the overhead.
|
||||
+ *
|
||||
+ * Each of the array's elements has 32 bits. This means that capabilities
|
||||
+ * with index 0-31 goes to element #1, with index 32-63 to element #2,
|
||||
+ * with index 64-95 to element #3 and so on. */
|
||||
+ 1 << NM_VERSION_INFO_CAPABILITY_SYNC_ROUTE_WITH_TABLE,
|
||||
+ };
|
||||
|
||||
return nm_g_variant_new_au(arr, G_N_ELEMENTS(arr));
|
||||
}
|
||||
diff --git a/src/libnm-core-public/nm-dbus-interface.h b/src/libnm-core-public/nm-dbus-interface.h
|
||||
index 5eedd7da3a..9c737dbea5 100644
|
||||
--- a/src/libnm-core-public/nm-dbus-interface.h
|
||||
+++ b/src/libnm-core-public/nm-dbus-interface.h
|
||||
@@ -93,16 +93,19 @@
|
||||
|
||||
/**
|
||||
* NMVersionInfoCapability:
|
||||
- * %_NM_VERSION_INFO_CAPABILITY_UNUSED: a dummy capability. It has no meaning,
|
||||
- * don't use it.
|
||||
+ * @NM_VERSION_INFO_CAPABILITY_SYNC_ROUTE_WITH_TABLE: Contains the fix to a bug that
|
||||
+ * caused that routes in table other than main were not removed on reapply nor
|
||||
+ * on connection down.
|
||||
+ * https://issues.redhat.com/browse/RHEL-66262
|
||||
+ * https://issues.redhat.com/browse/RHEL-67324
|
||||
*
|
||||
- * Currently no enum values are defined. These capabilities are exposed
|
||||
- * on D-Bus in the "VersionInfo" bit field.
|
||||
+ * The numeric values represent the bit index of the capability. These capabilities
|
||||
+ * can be queried in the "VersionInfo" D-Bus property.
|
||||
*
|
||||
* Since: 1.42
|
||||
*/
|
||||
typedef enum {
|
||||
- _NM_VERSION_INFO_CAPABILITY_UNUSED = 0x7FFFFFFFu,
|
||||
+ NM_VERSION_INFO_CAPABILITY_SYNC_ROUTE_WITH_TABLE = 0,
|
||||
} NMVersionInfoCapability;
|
||||
|
||||
/**
|
||||
diff --git a/src/libnm-platform/nm-platform.c b/src/libnm-platform/nm-platform.c
|
||||
index ac2ecb421c..6523fb8a98 100644
|
||||
--- a/src/libnm-platform/nm-platform.c
|
||||
+++ b/src/libnm-platform/nm-platform.c
|
||||
@@ -61,6 +61,8 @@ G_STATIC_ASSERT(sizeof(((NMPlatformLink *) NULL)->l_address.data) == _NM_UTILS_H
|
||||
G_STATIC_ASSERT(sizeof(((NMPlatformLink *) NULL)->l_perm_address.data) == _NM_UTILS_HWADDR_LEN_MAX);
|
||||
G_STATIC_ASSERT(sizeof(((NMPlatformLink *) NULL)->l_broadcast.data) == _NM_UTILS_HWADDR_LEN_MAX);
|
||||
|
||||
+static int _route_objs_cmp_values(gconstpointer a, gconstpointer b, gpointer user_data);
|
||||
+
|
||||
static const char *
|
||||
_nmp_link_port_data_to_string(NMPortKind port_kind,
|
||||
const NMPlatformLinkPortData *port_data,
|
||||
@@ -4872,11 +4874,24 @@ nm_platform_ip_address_get_prune_list(NMPlatform *self,
|
||||
return result;
|
||||
}
|
||||
|
||||
+static gboolean
|
||||
+_route_obj_find_bsearch(GPtrArray *sorted_routes_objs, const NMPObject *route_obj)
|
||||
+{
|
||||
+ gssize pos =
|
||||
+ nm_ptrarray_find_bsearch((gconstpointer *) sorted_routes_objs->pdata,
|
||||
+ sorted_routes_objs->len,
|
||||
+ route_obj,
|
||||
+ _route_objs_cmp_values,
|
||||
+ GINT_TO_POINTER((int) NM_PLATFORM_IP_ROUTE_CMP_TYPE_SEMANTICALLY));
|
||||
+ return pos >= 0;
|
||||
+}
|
||||
+
|
||||
GPtrArray *
|
||||
nm_platform_ip_route_get_prune_list(NMPlatform *self,
|
||||
int addr_family,
|
||||
int ifindex,
|
||||
- NMIPRouteTableSyncMode route_table_sync)
|
||||
+ NMIPRouteTableSyncMode route_table_sync,
|
||||
+ GPtrArray *sorted_old_routes_objs)
|
||||
{
|
||||
NMPLookup lookup;
|
||||
GPtrArray *routes_prune = NULL;
|
||||
@@ -4891,9 +4906,20 @@ nm_platform_ip_route_get_prune_list(NMPlatform *self,
|
||||
nm_assert(NM_IN_SET(route_table_sync,
|
||||
NM_IP_ROUTE_TABLE_SYNC_MODE_MAIN,
|
||||
NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_EXCEPT_LOCAL,
|
||||
+ NM_IP_ROUTE_TABLE_SYNC_MODE_MAIN_AND_NM_ROUTES,
|
||||
NM_IP_ROUTE_TABLE_SYNC_MODE_ALL,
|
||||
NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_PRUNE));
|
||||
|
||||
+ if (route_table_sync == NM_IP_ROUTE_TABLE_SYNC_MODE_MAIN_AND_NM_ROUTES) {
|
||||
+ nm_assert(sorted_old_routes_objs);
|
||||
+ nm_assert(nm_utils_ptrarray_is_sorted(
|
||||
+ (gconstpointer *) sorted_old_routes_objs->pdata,
|
||||
+ sorted_old_routes_objs->len,
|
||||
+ FALSE,
|
||||
+ _route_objs_cmp_values,
|
||||
+ GINT_TO_POINTER((int) NM_PLATFORM_IP_ROUTE_CMP_TYPE_SEMANTICALLY)));
|
||||
+ }
|
||||
+
|
||||
nmp_lookup_init_object_by_ifindex(&lookup,
|
||||
NMP_OBJECT_TYPE_IP_ROUTE(NM_IS_IPv4(addr_family)),
|
||||
ifindex);
|
||||
@@ -4915,6 +4941,11 @@ nm_platform_ip_route_get_prune_list(NMPlatform *self,
|
||||
if (!nm_platform_route_table_is_main(nm_platform_ip_route_get_effective_table(&rt->rx)))
|
||||
continue;
|
||||
break;
|
||||
+ case NM_IP_ROUTE_TABLE_SYNC_MODE_MAIN_AND_NM_ROUTES:
|
||||
+ if (!nm_platform_route_table_is_main(nm_platform_ip_route_get_effective_table(&rt->rx))
|
||||
+ && !_route_obj_find_bsearch(sorted_old_routes_objs, obj))
|
||||
+ continue;
|
||||
+ break;
|
||||
case NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_EXCEPT_LOCAL:
|
||||
if (nm_platform_ip_route_get_effective_table(&rt->rx) == RT_TABLE_LOCAL)
|
||||
continue;
|
||||
@@ -5284,7 +5315,8 @@ nm_platform_ip_route_flush(NMPlatform *self, int addr_family, int ifindex)
|
||||
routes_prune = nm_platform_ip_route_get_prune_list(self,
|
||||
AF_INET,
|
||||
ifindex,
|
||||
- NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_PRUNE);
|
||||
+ NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_PRUNE,
|
||||
+ NULL);
|
||||
success &= nm_platform_ip_route_sync(self, AF_INET, ifindex, NULL, routes_prune, NULL);
|
||||
}
|
||||
if (NM_IN_SET(addr_family, AF_UNSPEC, AF_INET6)) {
|
||||
@@ -5293,7 +5325,8 @@ nm_platform_ip_route_flush(NMPlatform *self, int addr_family, int ifindex)
|
||||
routes_prune = nm_platform_ip_route_get_prune_list(self,
|
||||
AF_INET6,
|
||||
ifindex,
|
||||
- NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_PRUNE);
|
||||
+ NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_PRUNE,
|
||||
+ NULL);
|
||||
success &= nm_platform_ip_route_sync(self, AF_INET6, ifindex, NULL, routes_prune, NULL);
|
||||
}
|
||||
return success;
|
||||
@@ -8767,6 +8800,45 @@ nm_platform_lnk_wireguard_cmp(const NMPlatformLnkWireGuard *a, const NMPlatformL
|
||||
return 0;
|
||||
}
|
||||
|
||||
+static int
|
||||
+_route_objs_cmp_values(gconstpointer a, gconstpointer b, gpointer user_data)
|
||||
+{
|
||||
+ const NMPObject *a_obj = a;
|
||||
+ const NMPObject *b_obj = b;
|
||||
+ NMPlatformIPRouteCmpType cmp_type = GPOINTER_TO_INT(user_data);
|
||||
+
|
||||
+ nm_assert(a_obj && b_obj);
|
||||
+ nm_assert(NMP_OBJECT_CAST_IP_ROUTE(a_obj) && NMP_OBJECT_CAST_IP_ROUTE(b_obj));
|
||||
+
|
||||
+ if (NMP_OBJECT_GET_ADDR_FAMILY(a_obj) != NMP_OBJECT_GET_ADDR_FAMILY(b_obj)) {
|
||||
+ return NMP_OBJECT_GET_ADDR_FAMILY(a_obj) == AF_INET ? 1 : -1;
|
||||
+ } else if (NMP_OBJECT_GET_ADDR_FAMILY(a_obj) == AF_INET) {
|
||||
+ return nm_platform_ip4_route_cmp(NMP_OBJECT_CAST_IP4_ROUTE(a_obj),
|
||||
+ NMP_OBJECT_CAST_IP4_ROUTE(b_obj),
|
||||
+ cmp_type);
|
||||
+ } else {
|
||||
+ return nm_platform_ip6_route_cmp(NMP_OBJECT_CAST_IP6_ROUTE(a_obj),
|
||||
+ NMP_OBJECT_CAST_IP6_ROUTE(b_obj),
|
||||
+ cmp_type);
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
+static int
|
||||
+_route_objs_cmp(gconstpointer a, gconstpointer b, gpointer user_data)
|
||||
+{
|
||||
+ nm_assert(a && b);
|
||||
+
|
||||
+ return _route_objs_cmp_values(*((const NMPObject **) a), *((const NMPObject **) b), user_data);
|
||||
+}
|
||||
+
|
||||
+void
|
||||
+nm_platform_route_objs_sort(GPtrArray *routes_objs, NMPlatformIPRouteCmpType cmp_type)
|
||||
+{
|
||||
+ nm_assert(routes_objs);
|
||||
+
|
||||
+ g_ptr_array_sort_with_data(routes_objs, _route_objs_cmp, GINT_TO_POINTER((int) cmp_type));
|
||||
+}
|
||||
+
|
||||
void
|
||||
nm_platform_ip4_rt_nexthop_hash_update(const NMPlatformIP4RtNextHop *obj,
|
||||
gboolean for_id,
|
||||
diff --git a/src/libnm-platform/nm-platform.h b/src/libnm-platform/nm-platform.h
|
||||
index e33be81356..22bf0fdbec 100644
|
||||
--- a/src/libnm-platform/nm-platform.h
|
||||
+++ b/src/libnm-platform/nm-platform.h
|
||||
@@ -2389,7 +2389,8 @@ int nm_platform_ip6_route_add(NMPlatform *self, NMPNlmFlags flags, const NMPlatf
|
||||
GPtrArray *nm_platform_ip_route_get_prune_list(NMPlatform *self,
|
||||
int addr_family,
|
||||
int ifindex,
|
||||
- NMIPRouteTableSyncMode route_table_sync);
|
||||
+ NMIPRouteTableSyncMode route_table_sync,
|
||||
+ GPtrArray *old_routes_objs);
|
||||
|
||||
gboolean nm_platform_ip_route_sync(NMPlatform *self,
|
||||
int addr_family,
|
||||
@@ -2495,6 +2496,8 @@ int nm_platform_lnk_wireguard_cmp(const NMPlatformLnkWireGuard *a, const NMPlatf
|
||||
|
||||
GHashTable *nm_platform_ip4_address_addr_to_hash(NMPlatform *self, int ifindex);
|
||||
|
||||
+void nm_platform_route_objs_sort(GPtrArray *routes_objs, NMPlatformIPRouteCmpType cmp_type);
|
||||
+
|
||||
int nm_platform_ip4_route_cmp(const NMPlatformIP4Route *a,
|
||||
const NMPlatformIP4Route *b,
|
||||
NMPlatformIPRouteCmpType cmp_type);
|
||||
diff --git a/src/libnm-platform/nmp-base.h b/src/libnm-platform/nmp-base.h
|
||||
index 9e2e1063a1..3784a78e9d 100644
|
||||
--- a/src/libnm-platform/nmp-base.h
|
||||
+++ b/src/libnm-platform/nmp-base.h
|
||||
@@ -211,6 +211,9 @@ nmp_object_type_to_flags(NMPObjectType obj_type)
|
||||
* @NM_IP_ROUTE_TABLE_SYNC_MODE_NONE: indicate an invalid setting.
|
||||
* @NM_IP_ROUTE_TABLE_SYNC_MODE_MAIN: only the main table is synced. For all
|
||||
* other tables, NM won't delete any extra routes.
|
||||
+ * @NM_IP_ROUTE_TABLE_SYNC_MODE_MAIN_AND_NM_ROUTES: only the main table is synced,
|
||||
+ * plus individual routes in other tables added by NM, leaving routes that
|
||||
+ * were not added by NM untouched.
|
||||
* @NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_EXCEPT_LOCAL: NM will sync all tables, except
|
||||
* the local table (255).
|
||||
* @NM_IP_ROUTE_TABLE_SYNC_MODE_ALL: NM will sync all tables, including the
|
||||
@@ -222,6 +225,7 @@ nmp_object_type_to_flags(NMPObjectType obj_type)
|
||||
typedef enum {
|
||||
NM_IP_ROUTE_TABLE_SYNC_MODE_NONE,
|
||||
NM_IP_ROUTE_TABLE_SYNC_MODE_MAIN,
|
||||
+ NM_IP_ROUTE_TABLE_SYNC_MODE_MAIN_AND_NM_ROUTES,
|
||||
NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_EXCEPT_LOCAL,
|
||||
NM_IP_ROUTE_TABLE_SYNC_MODE_ALL,
|
||||
NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_PRUNE,
|
||||
--
|
||||
2.47.1
|
||||
|
||||
|
||||
From 2ac691360f265d655b1e2e1caf9344ae0ec6a802 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?=C3=8D=C3=B1igo=20Huguet?= <ihuguet@redhat.com>
|
||||
Date: Tue, 10 Dec 2024 10:15:52 +0100
|
||||
Subject: [PATCH 4/4] l3cfg: get routes to prune from the list of routes
|
||||
configured by NM
|
||||
|
||||
We always sync routes in the main table, but routes in tables other
|
||||
than main are only pruned if were added by NM, by default. Get the list
|
||||
of routes to prune from other tables using obj_state->os_nm_configured,
|
||||
as this tracks what routes were effectively added by NM.
|
||||
|
||||
The list should be the same that the one obtained from l3cfg_old. It
|
||||
could be different if we commited the l3cfg with an NMIPRouteTableSyncMode
|
||||
of NM_IP_ROUTE_TABLE_SYNC_MODE_MAIN, thus not deleting some routes at
|
||||
commit time. However, since the previous commit, we never do it.
|
||||
|
||||
What all this shows is that starting to use different NMIPRouteTableSyncModes
|
||||
is probably a bad idea: it will be a source of bugs of routes not being
|
||||
always synced as users expect, and the use case for them is still to be
|
||||
known.
|
||||
|
||||
(cherry picked from commit c06d130c38a4d4238e18c06f0152f8f1a6bafa7f)
|
||||
---
|
||||
src/core/nm-l3cfg.c | 20 +++++++++++---------
|
||||
1 file changed, 11 insertions(+), 9 deletions(-)
|
||||
|
||||
diff --git a/src/core/nm-l3cfg.c b/src/core/nm-l3cfg.c
|
||||
index 9dd8275b1f..f29cfa1baf 100644
|
||||
--- a/src/core/nm-l3cfg.c
|
||||
+++ b/src/core/nm-l3cfg.c
|
||||
@@ -5036,15 +5036,17 @@ _l3_commit_one(NML3Cfg *self,
|
||||
nm_g_array_len(ipv6_temp_addrs_keep));
|
||||
|
||||
if (route_table_sync == NM_IP_ROUTE_TABLE_SYNC_MODE_MAIN_AND_NM_ROUTES) {
|
||||
- NMDedupMultiIter iter;
|
||||
- const NMPObject *rt_obj;
|
||||
-
|
||||
- routes_old = g_ptr_array_new();
|
||||
- nm_l3_config_data_iter_obj_for_each (&iter,
|
||||
- l3cd_old,
|
||||
- &rt_obj,
|
||||
- NMP_OBJECT_TYPE_IP_ROUTE(IS_IPv4))
|
||||
- g_ptr_array_add(routes_old, (gpointer) rt_obj);
|
||||
+ GHashTableIter h_iter;
|
||||
+ ObjStateData *obj_state;
|
||||
+
|
||||
+ /* Get list of all the routes that were configured by us */
|
||||
+ routes_old = g_ptr_array_new_with_free_func((GDestroyNotify) nmp_object_unref);
|
||||
+ g_hash_table_iter_init(&h_iter, self->priv.p->obj_state_hash);
|
||||
+ while (g_hash_table_iter_next(&h_iter, (gpointer *) &obj_state, NULL)) {
|
||||
+ if (NMP_OBJECT_GET_TYPE(obj_state->obj) == NMP_OBJECT_TYPE_IP_ROUTE(IS_IPv4)
|
||||
+ && obj_state->os_nm_configured)
|
||||
+ g_ptr_array_add(routes_old, (gpointer) nmp_object_ref(obj_state->obj));
|
||||
+ }
|
||||
|
||||
nm_platform_route_objs_sort(routes_old, NM_PLATFORM_IP_ROUTE_CMP_TYPE_SEMANTICALLY);
|
||||
}
|
||||
--
|
||||
2.47.1
|
||||
|
@ -1,60 +0,0 @@
|
||||
From d9addb0ded2da8b86fa4b6e1cdc4b96f83729afd Mon Sep 17 00:00:00 2001
|
||||
From: Gris Ge <fge@redhat.com>
|
||||
Date: Wed, 11 Dec 2024 22:22:59 +0800
|
||||
Subject: [PATCH 1/1] vpn: Place gateway route to table defined in
|
||||
ipvx.route-table
|
||||
|
||||
Previously, NM create direct route to gateway to main(254) route table
|
||||
regardless `ipvx.route-table` value.
|
||||
|
||||
Fixed by setting `NMPlatformIP4Route.table_any` to `TRUE`.
|
||||
|
||||
Resolves: https://issues.redhat.com/browse/RHEL-69901
|
||||
|
||||
Signed-off-by: Gris Ge <fge@redhat.com>
|
||||
(cherry picked from commit 6d06286f1db7421bef1c4dab5fada918c59daf87)
|
||||
(cherry picked from commit 29f23d3519dbb4dcffc9682fbdfb721cfc0b851c)
|
||||
(cherry picked from commit 0dc07c5ca4d32b5ea8e104cbad106da9bb5b096d)
|
||||
---
|
||||
src/core/vpn/nm-vpn-connection.c | 4 ++++
|
||||
1 file changed, 4 insertions(+)
|
||||
|
||||
diff --git a/src/core/vpn/nm-vpn-connection.c b/src/core/vpn/nm-vpn-connection.c
|
||||
index b5a7fc4c29..88c5703a69 100644
|
||||
--- a/src/core/vpn/nm-vpn-connection.c
|
||||
+++ b/src/core/vpn/nm-vpn-connection.c
|
||||
@@ -1242,6 +1242,7 @@ _parent_device_l3cd_add_gateway_route(NML3ConfigData *l3cd,
|
||||
.gateway = parent_gw.addr4,
|
||||
.rt_source = NM_IP_CONFIG_SOURCE_VPN,
|
||||
.metric_any = TRUE,
|
||||
+ .table_any = TRUE,
|
||||
};
|
||||
} else {
|
||||
route.r6 = (NMPlatformIP6Route){
|
||||
@@ -1251,6 +1252,7 @@ _parent_device_l3cd_add_gateway_route(NML3ConfigData *l3cd,
|
||||
.gateway = parent_gw.addr6,
|
||||
.rt_source = NM_IP_CONFIG_SOURCE_VPN,
|
||||
.metric_any = TRUE,
|
||||
+ .table_any = TRUE,
|
||||
};
|
||||
}
|
||||
nm_l3_config_data_add_route(l3cd, addr_family, NULL, &route.rx);
|
||||
@@ -1267,6 +1269,7 @@ _parent_device_l3cd_add_gateway_route(NML3ConfigData *l3cd,
|
||||
.plen = 32,
|
||||
.rt_source = NM_IP_CONFIG_SOURCE_VPN,
|
||||
.metric_any = TRUE,
|
||||
+ .table_any = TRUE,
|
||||
};
|
||||
} else {
|
||||
route.r6 = (NMPlatformIP6Route){
|
||||
@@ -1274,6 +1277,7 @@ _parent_device_l3cd_add_gateway_route(NML3ConfigData *l3cd,
|
||||
.plen = 128,
|
||||
.rt_source = NM_IP_CONFIG_SOURCE_VPN,
|
||||
.metric_any = TRUE,
|
||||
+ .table_any = TRUE,
|
||||
};
|
||||
}
|
||||
nm_l3_config_data_add_route(l3cd, addr_family, NULL, &route.rx);
|
||||
--
|
||||
2.45.0
|
||||
|
@ -1,238 +0,0 @@
|
||||
From 50331402dae72990a268704e4047d6c762572755 Mon Sep 17 00:00:00 2001
|
||||
From: Wen Liang <wenliang@redhat.com>
|
||||
Date: Fri, 20 Dec 2024 10:10:25 -0500
|
||||
Subject: [PATCH 1/1] vpn: fix routing rules support in vpn conenctions
|
||||
|
||||
This commit introduces the ability to manage routing rules specifically
|
||||
for VPN connections. These rules allow finer control over traffic
|
||||
routing by enabling the specification of policy-based routing for
|
||||
traffic over the VPN.
|
||||
|
||||
- Updated the connection backend to apply rules during VPN activation.
|
||||
- Ensured proper cleanup of routing rules upon VPN deactivation.
|
||||
|
||||
This enhancement improves VPN usability in scenarios requiring advanced
|
||||
routing configurations, such as split tunneling and traffic
|
||||
prioritization.
|
||||
|
||||
Resolves: https://issues.redhat.com/browse/RHEL-70160
|
||||
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/2092
|
||||
https://gitlab.freedesktop.org/NetworkManager/NetworkManager-ci/-/merge_requests/1842
|
||||
(cherry picked from commit 308e34a501482d01c1cc6c87c38791ad9f34dc1f)
|
||||
(cherry picked from commit a24b347e93e37b04aa0f5698efcb462c02517c09)
|
||||
(cherry picked from commit b5c46f8a8d644e1c5a6dc07e06d5dab3338e9a91)
|
||||
---
|
||||
src/core/devices/nm-device.c | 62 +++++++++++++++++++-------------
|
||||
src/core/devices/nm-device.h | 6 ++++
|
||||
src/core/vpn/nm-vpn-connection.c | 7 +++-
|
||||
3 files changed, 50 insertions(+), 25 deletions(-)
|
||||
|
||||
diff --git a/src/core/devices/nm-device.c b/src/core/devices/nm-device.c
|
||||
index f9a2e7e8fe..070ba46495 100644
|
||||
--- a/src/core/devices/nm-device.c
|
||||
+++ b/src/core/devices/nm-device.c
|
||||
@@ -10327,31 +10327,34 @@ lldp_setup(NMDevice *self, NMTernary enabled)
|
||||
* as externally added ones. Don't restart NetworkManager if
|
||||
* you care about that.
|
||||
*/
|
||||
-static void
|
||||
-_routing_rules_sync(NMDevice *self, NMTernary set_mode)
|
||||
+void
|
||||
+nm_routing_rules_sync(NMConnection *applied_connection,
|
||||
+ NMTernary set_mode,
|
||||
+ GPtrArray *(*get_extra_rules)(NMDevice *self),
|
||||
+ NMDevice *self,
|
||||
+ NMNetns *netns)
|
||||
{
|
||||
- NMDevicePrivate *priv = NM_DEVICE_GET_PRIVATE(self);
|
||||
- NMPGlobalTracker *global_tracker = nm_netns_get_global_tracker(nm_device_get_netns(self));
|
||||
- NMDeviceClass *klass = NM_DEVICE_GET_CLASS(self);
|
||||
+ NMPGlobalTracker *global_tracker = nm_netns_get_global_tracker(netns);
|
||||
gboolean untrack_only_dirty = FALSE;
|
||||
gboolean keep_deleted_rules;
|
||||
gpointer user_tag_1;
|
||||
gpointer user_tag_2;
|
||||
|
||||
- /* take two arbitrary user-tag pointers that belong to @self. */
|
||||
- user_tag_1 = &priv->v4_route_table;
|
||||
- user_tag_2 = &priv->v6_route_table;
|
||||
+ if (self) {
|
||||
+ user_tag_1 = ((guint32 *) self) + 1;
|
||||
+ user_tag_2 = ((guint32 *) self) + 2;
|
||||
+ } else {
|
||||
+ user_tag_1 = ((guint32 *) applied_connection) + 1;
|
||||
+ user_tag_2 = ((guint32 *) applied_connection) + 2;
|
||||
+ }
|
||||
|
||||
if (set_mode == NM_TERNARY_TRUE) {
|
||||
- NMConnection *applied_connection;
|
||||
NMSettingIPConfig *s_ip;
|
||||
guint i, num;
|
||||
int is_ipv4;
|
||||
|
||||
untrack_only_dirty = TRUE;
|
||||
|
||||
- applied_connection = nm_device_get_applied_connection(self);
|
||||
-
|
||||
for (is_ipv4 = 0; applied_connection && is_ipv4 < 2; is_ipv4++) {
|
||||
int addr_family = is_ipv4 ? AF_INET : AF_INET6;
|
||||
|
||||
@@ -10390,10 +10393,10 @@ _routing_rules_sync(NMDevice *self, NMTernary set_mode)
|
||||
}
|
||||
}
|
||||
|
||||
- if (klass->get_extra_rules) {
|
||||
+ if (get_extra_rules) {
|
||||
gs_unref_ptrarray GPtrArray *extra_rules = NULL;
|
||||
|
||||
- extra_rules = klass->get_extra_rules(self);
|
||||
+ extra_rules = get_extra_rules(self);
|
||||
if (extra_rules) {
|
||||
for (i = 0; i < extra_rules->len; i++) {
|
||||
nmp_global_tracker_track_rule(
|
||||
@@ -10408,7 +10411,7 @@ _routing_rules_sync(NMDevice *self, NMTernary set_mode)
|
||||
}
|
||||
|
||||
nmp_global_tracker_untrack_all(global_tracker, user_tag_1, !untrack_only_dirty, TRUE);
|
||||
- if (klass->get_extra_rules)
|
||||
+ if (get_extra_rules)
|
||||
nmp_global_tracker_untrack_all(global_tracker, user_tag_2, !untrack_only_dirty, TRUE);
|
||||
|
||||
keep_deleted_rules = FALSE;
|
||||
@@ -10468,8 +10471,8 @@ tc_commit(NMDevice *self)
|
||||
static void
|
||||
activate_stage2_device_config(NMDevice *self)
|
||||
{
|
||||
- NMDevicePrivate *priv = NM_DEVICE_GET_PRIVATE(self);
|
||||
- NMDeviceClass *klass;
|
||||
+ NMDevicePrivate *priv = NM_DEVICE_GET_PRIVATE(self);
|
||||
+ NMDeviceClass *klass = NM_DEVICE_GET_CLASS(self);
|
||||
NMActStageReturn ret;
|
||||
NMSettingWired *s_wired;
|
||||
gboolean no_firmware = FALSE;
|
||||
@@ -10494,7 +10497,11 @@ activate_stage2_device_config(NMDevice *self)
|
||||
priv->tc_committed = TRUE;
|
||||
}
|
||||
|
||||
- _routing_rules_sync(self, NM_TERNARY_TRUE);
|
||||
+ nm_routing_rules_sync(nm_device_get_applied_connection(self),
|
||||
+ NM_TERNARY_TRUE,
|
||||
+ klass->get_extra_rules,
|
||||
+ self,
|
||||
+ nm_device_get_netns(self));
|
||||
|
||||
if (!nm_device_sys_iface_state_is_external_or_assume(self)) {
|
||||
if (!nm_device_bring_up_full(self, FALSE, TRUE, &no_firmware)) {
|
||||
@@ -10506,7 +10513,6 @@ activate_stage2_device_config(NMDevice *self)
|
||||
}
|
||||
}
|
||||
|
||||
- klass = NM_DEVICE_GET_CLASS(self);
|
||||
if (klass->act_stage2_config_also_for_external_or_assume
|
||||
|| !nm_device_sys_iface_state_is_external_or_assume(self)) {
|
||||
NMDeviceStateReason failure_reason = NM_DEVICE_STATE_REASON_NONE;
|
||||
@@ -13881,7 +13887,11 @@ check_and_reapply_connection(NMDevice *self,
|
||||
|
||||
nm_device_activate_schedule_stage3_ip_config(self, FALSE);
|
||||
|
||||
- _routing_rules_sync(self, NM_TERNARY_TRUE);
|
||||
+ nm_routing_rules_sync(nm_device_get_applied_connection(self),
|
||||
+ NM_TERNARY_TRUE,
|
||||
+ klass->get_extra_rules,
|
||||
+ self,
|
||||
+ nm_device_get_netns(self));
|
||||
|
||||
reactivate_proxy_config(self);
|
||||
|
||||
@@ -16444,6 +16454,7 @@ static void
|
||||
nm_device_cleanup(NMDevice *self, NMDeviceStateReason reason, CleanupType cleanup_type)
|
||||
{
|
||||
NMDevicePrivate *priv;
|
||||
+ NMDeviceClass *klass = NM_DEVICE_GET_CLASS(self);
|
||||
int ifindex;
|
||||
|
||||
g_return_if_fail(NM_IS_DEVICE(self));
|
||||
@@ -16468,8 +16479,8 @@ nm_device_cleanup(NMDevice *self, NMDeviceStateReason reason, CleanupType cleanu
|
||||
}
|
||||
|
||||
/* Call device type-specific deactivation */
|
||||
- if (NM_DEVICE_GET_CLASS(self)->deactivate)
|
||||
- NM_DEVICE_GET_CLASS(self)->deactivate(self);
|
||||
+ if (klass->deactivate)
|
||||
+ klass->deactivate(self);
|
||||
|
||||
ifindex = nm_device_get_ip_ifindex(self);
|
||||
|
||||
@@ -16491,8 +16502,11 @@ nm_device_cleanup(NMDevice *self, NMDeviceStateReason reason, CleanupType cleanu
|
||||
|
||||
priv->tc_committed = FALSE;
|
||||
|
||||
- _routing_rules_sync(self,
|
||||
- cleanup_type == CLEANUP_TYPE_KEEP ? NM_TERNARY_DEFAULT : NM_TERNARY_FALSE);
|
||||
+ nm_routing_rules_sync(nm_device_get_applied_connection(self),
|
||||
+ cleanup_type == CLEANUP_TYPE_KEEP ? NM_TERNARY_DEFAULT : NM_TERNARY_FALSE,
|
||||
+ klass->get_extra_rules,
|
||||
+ self,
|
||||
+ nm_device_get_netns(self));
|
||||
|
||||
if (ifindex > 0)
|
||||
nm_platform_ip4_dev_route_blacklist_set(nm_device_get_platform(self), ifindex, NULL);
|
||||
@@ -16521,7 +16535,7 @@ nm_device_cleanup(NMDevice *self, NMDeviceStateReason reason, CleanupType cleanu
|
||||
/* for other device states (UNAVAILABLE, DISCONNECTED), allow the
|
||||
* device to overwrite the reset behavior, so that Wi-Fi can set
|
||||
* a randomized MAC address used during scanning. */
|
||||
- NM_DEVICE_GET_CLASS(self)->deactivate_reset_hw_addr(self);
|
||||
+ klass->deactivate_reset_hw_addr(self);
|
||||
}
|
||||
}
|
||||
|
||||
diff --git a/src/core/devices/nm-device.h b/src/core/devices/nm-device.h
|
||||
index 37eda5c0c8..c3a06c12e6 100644
|
||||
--- a/src/core/devices/nm-device.h
|
||||
+++ b/src/core/devices/nm-device.h
|
||||
@@ -848,4 +848,10 @@ void nm_device_clear_dns_lookup_data(NMDevice *self, const char *reason);
|
||||
|
||||
gboolean nm_device_get_allow_autoconnect_on_external(NMDevice *self);
|
||||
|
||||
+void nm_routing_rules_sync(NMConnection *applied_connection,
|
||||
+ NMTernary set_mode,
|
||||
+ GPtrArray *(*get_extra_rules)(NMDevice *self),
|
||||
+ NMDevice *self,
|
||||
+ NMNetns *netns);
|
||||
+
|
||||
#endif /* __NETWORKMANAGER_DEVICE_H__ */
|
||||
diff --git a/src/core/vpn/nm-vpn-connection.c b/src/core/vpn/nm-vpn-connection.c
|
||||
index 88c5703a69..c14682b8cc 100644
|
||||
--- a/src/core/vpn/nm-vpn-connection.c
|
||||
+++ b/src/core/vpn/nm-vpn-connection.c
|
||||
@@ -905,7 +905,8 @@ fw_call_cleanup(NMVpnConnection *self)
|
||||
static void
|
||||
vpn_cleanup(NMVpnConnection *self, NMDevice *parent_dev)
|
||||
{
|
||||
- const char *iface;
|
||||
+ NMVpnConnectionPrivate *priv = NM_VPN_CONNECTION_GET_PRIVATE(self);
|
||||
+ const char *iface;
|
||||
|
||||
/* Remove zone from firewall */
|
||||
iface = nm_vpn_connection_get_ip_iface(self, FALSE);
|
||||
@@ -917,6 +918,8 @@ vpn_cleanup(NMVpnConnection *self, NMDevice *parent_dev)
|
||||
fw_call_cleanup(self);
|
||||
|
||||
_l3cfg_l3cd_clear_all(self);
|
||||
+
|
||||
+ nm_routing_rules_sync(_get_applied_connection(self), NM_TERNARY_FALSE, NULL, NULL, priv->netns);
|
||||
}
|
||||
|
||||
static void
|
||||
@@ -2278,6 +2281,8 @@ _dbus_signal_ip_config_cb(NMVpnConnection *self, int addr_family, GVariant *dict
|
||||
|
||||
_l3cfg_l3cd_set(self, L3CD_TYPE_IP_X(IS_IPv4), l3cd);
|
||||
|
||||
+ nm_routing_rules_sync(_get_applied_connection(self), NM_TERNARY_TRUE, NULL, NULL, priv->netns);
|
||||
+
|
||||
_check_complete(self, TRUE);
|
||||
}
|
||||
|
||||
--
|
||||
2.45.0
|
||||
|
@ -1,120 +0,0 @@
|
||||
From a12b1dfdb0393687ae0fc505c57c76de2907209c Mon Sep 17 00:00:00 2001
|
||||
From: Beniamino Galvani <bgalvani@redhat.com>
|
||||
Date: Mon, 10 Feb 2025 15:15:18 +0100
|
||||
Subject: [PATCH 1/2] core: cleanup nm_manager_get_best_device_for_connection()
|
||||
|
||||
Rename "unavailable_devices" to "exclude_devices", as the
|
||||
"unavailable" term has a specific, different meaning in NetworkManager
|
||||
(i.e. the device is in the UNAVAILABLE state). Also, use
|
||||
nm_g_hash_table_contains() when needed.
|
||||
|
||||
(cherry picked from commit 6c1eb99d3258ac8cf969cb648a988565c205a205)
|
||||
(cherry picked from commit da866c4cda996b14d5ea8c3540c8ba0d5d798e9a)
|
||||
(cherry picked from commit 0045a0240cb64814126dc0f7adbcbaee9aca3b54)
|
||||
---
|
||||
src/core/nm-manager.c | 10 ++++------
|
||||
1 file changed, 4 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/src/core/nm-manager.c b/src/core/nm-manager.c
|
||||
index a673279712..cd79653078 100644
|
||||
--- a/src/core/nm-manager.c
|
||||
+++ b/src/core/nm-manager.c
|
||||
@@ -4536,7 +4536,7 @@ nm_manager_get_best_device_for_connection(NMManager *self,
|
||||
NMSettingsConnection *sett_conn,
|
||||
NMConnection *connection,
|
||||
gboolean for_user_request,
|
||||
- GHashTable *unavailable_devices,
|
||||
+ GHashTable *exclude_devices,
|
||||
GError **error)
|
||||
{
|
||||
NMManagerPrivate *priv = NM_MANAGER_GET_PRIVATE(self);
|
||||
@@ -4619,7 +4619,7 @@ nm_manager_get_best_device_for_connection(NMManager *self,
|
||||
|
||||
ac_device = nm_active_connection_get_device(ac);
|
||||
if (ac_device
|
||||
- && ((unavailable_devices && g_hash_table_contains(unavailable_devices, ac_device))
|
||||
+ && (nm_g_hash_table_contains(exclude_devices, ac_device)
|
||||
|| !nm_device_check_connection_available(ac_device, connection, flags, NULL, NULL)))
|
||||
ac_device = NULL;
|
||||
|
||||
@@ -4635,9 +4635,7 @@ nm_manager_get_best_device_for_connection(NMManager *self,
|
||||
NMDevice *ac_device2 = nm_active_connection_get_device(ac2);
|
||||
NMActiveConnectionState ac_state2;
|
||||
|
||||
- if (!ac_device2
|
||||
- || (unavailable_devices
|
||||
- && g_hash_table_contains(unavailable_devices, ac_device2))
|
||||
+ if (!ac_device2 || nm_g_hash_table_contains(exclude_devices, ac_device2)
|
||||
|| !nm_device_check_connection_available(ac_device2,
|
||||
connection,
|
||||
flags,
|
||||
@@ -4698,7 +4696,7 @@ found_better:
|
||||
GError *local = NULL;
|
||||
DeviceActivationPrio prio;
|
||||
|
||||
- if (unavailable_devices && g_hash_table_contains(unavailable_devices, device))
|
||||
+ if (nm_g_hash_table_contains(exclude_devices, device))
|
||||
continue;
|
||||
|
||||
/* determine the priority of this device. Currently, this priority is independent
|
||||
--
|
||||
2.48.1
|
||||
|
||||
|
||||
From 00a4e1cc0495e13ac72d0df82792654168e92781 Mon Sep 17 00:00:00 2001
|
||||
From: Beniamino Galvani <bgalvani@redhat.com>
|
||||
Date: Mon, 10 Feb 2025 15:27:43 +0100
|
||||
Subject: [PATCH 2/2] core: prevent the activation of unavailable devices
|
||||
|
||||
When autoconnecting ports of a controller, we look for all candidate
|
||||
(device,connection) tuples through the following call trace:
|
||||
|
||||
-> autoconnect_ports()
|
||||
-> find_ports()
|
||||
-> nm_manager_get_best_device_for_connection()
|
||||
-> nm_device_check_connection_available()
|
||||
-> _nm_device_check_connection_available()
|
||||
|
||||
The last function checks that a specific device is available to be
|
||||
activated with the given connection. For virtual devices, it only
|
||||
checks that the device is compatible with the connection based on the
|
||||
device type and characteristics, without considering any live network
|
||||
information.
|
||||
|
||||
For OVS interfaces, this doesn't work as expected. During startup, NM
|
||||
performs a cleanup of the ovsdb to remove entries that were previously
|
||||
added by NM. When the cleanup is terminated, NMOvsdb sets the "ready"
|
||||
flag and is ready to start the activation of new OVS interfaces. With
|
||||
the current mechanism, it is possible that a OVS-interface connection
|
||||
gets activated via the autoconnect-ports mechanism without checking
|
||||
the "ready" flag.
|
||||
|
||||
Fix that by also checking that the device is available for activation.
|
||||
|
||||
(cherry picked from commit 774badb1519a76fb3b7c0f60cf46ee5ea25bce69)
|
||||
(cherry picked from commit f459c7fecce8445515d052b5b48f10d808e97fff)
|
||||
(cherry picked from commit b495d6bd55f4068596d380ce81614eb3d86943a3)
|
||||
---
|
||||
src/core/nm-manager.c | 6 ++++++
|
||||
1 file changed, 6 insertions(+)
|
||||
|
||||
diff --git a/src/core/nm-manager.c b/src/core/nm-manager.c
|
||||
index cd79653078..36b8bda0f5 100644
|
||||
--- a/src/core/nm-manager.c
|
||||
+++ b/src/core/nm-manager.c
|
||||
@@ -4699,6 +4699,12 @@ found_better:
|
||||
if (nm_g_hash_table_contains(exclude_devices, device))
|
||||
continue;
|
||||
|
||||
+ if (!nm_device_is_available(device,
|
||||
+ for_user_request
|
||||
+ ? NM_DEVICE_CHECK_DEV_AVAILABLE_FOR_USER_REQUEST
|
||||
+ : NM_DEVICE_CHECK_DEV_AVAILABLE_NONE))
|
||||
+ continue;
|
||||
+
|
||||
/* determine the priority of this device. Currently, this priority is independent
|
||||
* of the profile (connection) and the device's details (aside the state).
|
||||
*
|
||||
--
|
||||
2.48.1
|
||||
|
@ -1,242 +0,0 @@
|
||||
From dd50a5199f1661c9d2226d8d5c01b0b485a9bc86 Mon Sep 17 00:00:00 2001
|
||||
From: Jan Vaclav <jvaclav@redhat.com>
|
||||
Date: Wed, 15 May 2024 12:57:41 +0200
|
||||
Subject: [PATCH 1/2] nmtui: add veth page
|
||||
|
||||
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1943
|
||||
(cherry picked from commit 187ff4c73b9ae1c3c020bd999633306b09eabead)
|
||||
---
|
||||
Makefile.am | 2 +
|
||||
src/nmtui/meson.build | 1 +
|
||||
src/nmtui/nmt-editor.c | 3 ++
|
||||
src/nmtui/nmt-page-veth.c | 92 +++++++++++++++++++++++++++++++++++++++
|
||||
src/nmtui/nmt-page-veth.h | 32 ++++++++++++++
|
||||
5 files changed, 130 insertions(+)
|
||||
create mode 100644 src/nmtui/nmt-page-veth.c
|
||||
create mode 100644 src/nmtui/nmt-page-veth.h
|
||||
|
||||
diff --git a/Makefile.am b/Makefile.am
|
||||
index a0daa95314..ee92a1de53 100644
|
||||
--- a/Makefile.am
|
||||
+++ b/Makefile.am
|
||||
@@ -5304,6 +5304,8 @@ src_nmtui_nmtui_SOURCES = \
|
||||
src/nmtui/nmt-page-team-port.h \
|
||||
src/nmtui/nmt-page-team.c \
|
||||
src/nmtui/nmt-page-team.h \
|
||||
+ src/nmtui/nmt-page-veth.c \
|
||||
+ src/nmtui/nmt-page-veth.h \
|
||||
src/nmtui/nmt-page-vlan.c \
|
||||
src/nmtui/nmt-page-vlan.h \
|
||||
src/nmtui/nmt-page-wifi.c \
|
||||
diff --git a/src/nmtui/meson.build b/src/nmtui/meson.build
|
||||
index 13aa864750..eecfaa9927 100644
|
||||
--- a/src/nmtui/meson.build
|
||||
+++ b/src/nmtui/meson.build
|
||||
@@ -32,6 +32,7 @@ executable(
|
||||
'nmt-page-ppp.c',
|
||||
'nmt-page-team.c',
|
||||
'nmt-page-team-port.c',
|
||||
+ 'nmt-page-veth.c',
|
||||
'nmt-page-vlan.c',
|
||||
'nmt-page-wifi.c',
|
||||
'nmt-page-wireguard.c',
|
||||
diff --git a/src/nmtui/nmt-editor.c b/src/nmtui/nmt-editor.c
|
||||
index 6e502778d1..6205736a78 100644
|
||||
--- a/src/nmtui/nmt-editor.c
|
||||
+++ b/src/nmtui/nmt-editor.c
|
||||
@@ -39,6 +39,7 @@
|
||||
#include "nmt-page-ppp.h"
|
||||
#include "nmt-page-team.h"
|
||||
#include "nmt-page-team-port.h"
|
||||
+#include "nmt-page-veth.h"
|
||||
#include "nmt-page-vlan.h"
|
||||
#include "nmt-page-wifi.h"
|
||||
#include "nmt-page-wireguard.h"
|
||||
@@ -369,6 +370,8 @@ nmt_editor_constructed(GObject *object)
|
||||
page = nmt_page_dsl_new(priv->edit_connection, deventry);
|
||||
else if (nm_connection_is_type(priv->edit_connection, NM_SETTING_TEAM_SETTING_NAME))
|
||||
page = nmt_page_team_new(priv->edit_connection, deventry);
|
||||
+ else if (nm_connection_is_type(priv->edit_connection, NM_SETTING_VETH_SETTING_NAME))
|
||||
+ page = nmt_page_veth_new(priv->edit_connection, deventry);
|
||||
else if (nm_connection_is_type(priv->edit_connection, NM_SETTING_VLAN_SETTING_NAME))
|
||||
page = nmt_page_vlan_new(priv->edit_connection, deventry);
|
||||
else if (nm_connection_is_type(priv->edit_connection, NM_SETTING_WIRED_SETTING_NAME))
|
||||
diff --git a/src/nmtui/nmt-page-veth.c b/src/nmtui/nmt-page-veth.c
|
||||
new file mode 100644
|
||||
index 0000000000..35d0d78d58
|
||||
--- /dev/null
|
||||
+++ b/src/nmtui/nmt-page-veth.c
|
||||
@@ -0,0 +1,92 @@
|
||||
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
|
||||
+/*
|
||||
+ * Copyright (C) 2024 Red Hat, Inc.
|
||||
+ */
|
||||
+/**
|
||||
+ * SECTION:nmt-page-veth
|
||||
+ * @short_description: The editor page for veth connections
|
||||
+ */
|
||||
+
|
||||
+#include "libnm-client-aux-extern/nm-default-client.h"
|
||||
+
|
||||
+#include <linux/if_ether.h>
|
||||
+
|
||||
+#include "nmt-page-veth.h"
|
||||
+
|
||||
+#include "libnm-core-aux-intern/nm-libnm-core-utils.h"
|
||||
+#include "nmt-device-entry.h"
|
||||
+#include "nmt-mac-entry.h"
|
||||
+#include "nmt-mtu-entry.h"
|
||||
+
|
||||
+G_DEFINE_TYPE(NmtPageVeth, nmt_page_veth, NMT_TYPE_EDITOR_PAGE_DEVICE)
|
||||
+
|
||||
+#define NMT_PAGE_VETH_GET_PRIVATE(o) _NM_GET_PRIVATE(self, NmtPageVeth, NMT_IS_PAGE_VETH)
|
||||
+
|
||||
+static void
|
||||
+nmt_page_veth_init(NmtPageVeth *veth)
|
||||
+{}
|
||||
+
|
||||
+NmtEditorPage *
|
||||
+nmt_page_veth_new(NMConnection *conn, NmtDeviceEntry *deventry)
|
||||
+{
|
||||
+ return g_object_new(NMT_TYPE_PAGE_VETH, "connection", conn, "device-entry", deventry, NULL);
|
||||
+}
|
||||
+
|
||||
+static void
|
||||
+nmt_page_veth_constructed(GObject *object)
|
||||
+{
|
||||
+ NmtPageVeth *veth = NMT_PAGE_VETH(object);
|
||||
+ NmtEditorSection *section;
|
||||
+ NmtEditorGrid *grid;
|
||||
+ NMSettingVeth *s_veth;
|
||||
+ NMSettingWired *s_wired;
|
||||
+ NmtNewtWidget *widget;
|
||||
+ NMConnection *conn;
|
||||
+
|
||||
+ conn = nmt_editor_page_get_connection(NMT_EDITOR_PAGE(veth));
|
||||
+ s_veth = _nm_connection_ensure_setting(conn, NM_TYPE_SETTING_VETH);
|
||||
+ s_wired = _nm_connection_ensure_setting(conn, NM_TYPE_SETTING_WIRED);
|
||||
+
|
||||
+ section = nmt_editor_section_new(_("VETH"), NULL, TRUE);
|
||||
+ grid = nmt_editor_section_get_body(section);
|
||||
+
|
||||
+ widget = nmt_newt_entry_new(40, 0);
|
||||
+ nmt_editor_grid_append(grid, _("Peer"), widget, NULL);
|
||||
+ g_object_bind_property(s_veth,
|
||||
+ NM_SETTING_VETH_PEER,
|
||||
+ widget,
|
||||
+ "text",
|
||||
+ G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
|
||||
+
|
||||
+ nmt_editor_page_add_section(NMT_EDITOR_PAGE(veth), section);
|
||||
+
|
||||
+ section = nmt_editor_section_new(_("ETHERNET"), NULL, FALSE);
|
||||
+ grid = nmt_editor_section_get_body(section);
|
||||
+
|
||||
+ widget = nmt_mac_entry_new(40, ETH_ALEN, NMT_MAC_ENTRY_TYPE_CLONED_ETHERNET);
|
||||
+ g_object_bind_property(s_wired,
|
||||
+ NM_SETTING_WIRED_CLONED_MAC_ADDRESS,
|
||||
+ widget,
|
||||
+ "mac-address",
|
||||
+ G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
|
||||
+ nmt_editor_grid_append(grid, _("Cloned MAC address"), widget, NULL);
|
||||
+
|
||||
+ widget = nmt_mtu_entry_new();
|
||||
+ g_object_bind_property(s_wired,
|
||||
+ NM_SETTING_WIRED_MTU,
|
||||
+ widget,
|
||||
+ "mtu",
|
||||
+ G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
|
||||
+ nmt_editor_grid_append(grid, _("MTU"), widget, NULL);
|
||||
+
|
||||
+ nmt_editor_page_add_section(NMT_EDITOR_PAGE(veth), section);
|
||||
+
|
||||
+ G_OBJECT_CLASS(nmt_page_veth_parent_class)->constructed(object);
|
||||
+}
|
||||
+
|
||||
+static void
|
||||
+nmt_page_veth_class_init(NmtPageVethClass *veth_class)
|
||||
+{
|
||||
+ GObjectClass *object_class = G_OBJECT_CLASS(veth_class);
|
||||
+ object_class->constructed = nmt_page_veth_constructed;
|
||||
+}
|
||||
diff --git a/src/nmtui/nmt-page-veth.h b/src/nmtui/nmt-page-veth.h
|
||||
new file mode 100644
|
||||
index 0000000000..8822f3a27d
|
||||
--- /dev/null
|
||||
+++ b/src/nmtui/nmt-page-veth.h
|
||||
@@ -0,0 +1,32 @@
|
||||
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
|
||||
+/*
|
||||
+ * Copyright (C) 2024 Red Hat, Inc.
|
||||
+ */
|
||||
+
|
||||
+#ifndef NMT_PAGE_VETH_H
|
||||
+#define NMT_PAGE_VETH_H
|
||||
+
|
||||
+#include "nmt-editor-page-device.h"
|
||||
+
|
||||
+#define NMT_TYPE_PAGE_VETH (nmt_page_veth_get_type())
|
||||
+#define NMT_PAGE_VETH(obj) (_NM_G_TYPE_CHECK_INSTANCE_CAST((obj), NMT_TYPE_PAGE_VETH, NmtPageVeth))
|
||||
+#define NMT_PAGE_VETH_CLASS(klass) \
|
||||
+ (G_TYPE_CHECK_CLASS_CAST((klass), NMT_TYPE_PAGE_VETH, NmtPageVethClass))
|
||||
+#define NMT_IS_PAGE_VETH(obj) (G_TYPE_CHECK_INSTANCE_TYPE((obj), NMT_TYPE_PAGE_VETH))
|
||||
+#define NMT_IS_PAGE_VETH_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass), NMT_TYPE_PAGE_VETH))
|
||||
+#define NMT_PAGE_VETH_GET_CLASS(obj) \
|
||||
+ (G_TYPE_INSTANCE_GET_CLASS((obj), NMT_TYPE_PAGE_VETH, NmtPageVethClass))
|
||||
+
|
||||
+typedef struct {
|
||||
+ NmtEditorPageDevice parent;
|
||||
+} NmtPageVeth;
|
||||
+
|
||||
+typedef struct {
|
||||
+ NmtEditorPageDeviceClass parent;
|
||||
+} NmtPageVethClass;
|
||||
+
|
||||
+GType nmt_page_veth_get_type(void);
|
||||
+
|
||||
+NmtEditorPage *nmt_page_veth_new(NMConnection *conn, NmtDeviceEntry *deventry);
|
||||
+
|
||||
+#endif /* NMT_PAGE_VETH_H */
|
||||
--
|
||||
2.47.1
|
||||
|
||||
|
||||
From 7d9ed27897d90e6dbd97aef6e7bbb0a181c961df Mon Sep 17 00:00:00 2001
|
||||
From: Jan Vaclav <jvaclav@redhat.com>
|
||||
Date: Mon, 20 May 2024 14:04:18 +0200
|
||||
Subject: [PATCH 2/2] nmtui: include veth devices in activation dialog
|
||||
|
||||
(cherry picked from commit e74f506b81595112893997f08cbad8482e7777aa)
|
||||
---
|
||||
src/libnm-core-impl/nm-connection.c | 2 ++
|
||||
src/nmtui/nmt-connect-connection-list.c | 1 +
|
||||
2 files changed, 3 insertions(+)
|
||||
|
||||
diff --git a/src/libnm-core-impl/nm-connection.c b/src/libnm-core-impl/nm-connection.c
|
||||
index 95fe89a87c..6dace2b73c 100644
|
||||
--- a/src/libnm-core-impl/nm-connection.c
|
||||
+++ b/src/libnm-core-impl/nm-connection.c
|
||||
@@ -3258,6 +3258,8 @@ nm_connection_get_virtual_device_description(NMConnection *connection)
|
||||
display_type = _("WireGuard");
|
||||
else if (nm_streq(type, NM_SETTING_TUN_SETTING_NAME))
|
||||
display_type = _("TUN/TAP");
|
||||
+ else if (nm_streq(type, NM_SETTING_VETH_SETTING_NAME))
|
||||
+ display_type = _("Veth");
|
||||
|
||||
if (!iface || !display_type)
|
||||
return NULL;
|
||||
diff --git a/src/nmtui/nmt-connect-connection-list.c b/src/nmtui/nmt-connect-connection-list.c
|
||||
index 70264d3ec2..1fd44b2957 100644
|
||||
--- a/src/nmtui/nmt-connect-connection-list.c
|
||||
+++ b/src/nmtui/nmt-connect-connection-list.c
|
||||
@@ -96,6 +96,7 @@ static const char *device_sort_order[] = {"NMDeviceEthernet",
|
||||
"NMDeviceInfiniband",
|
||||
"NMDeviceWifi",
|
||||
NM_SETTING_VLAN_SETTING_NAME,
|
||||
+ NM_SETTING_VETH_SETTING_NAME,
|
||||
NM_SETTING_BOND_SETTING_NAME,
|
||||
NM_SETTING_TEAM_SETTING_NAME,
|
||||
NM_SETTING_BRIDGE_SETTING_NAME,
|
||||
--
|
||||
2.47.1
|
||||
|
@ -1,136 +0,0 @@
|
||||
From d1545823e467aec816ed0073c4eec1bec669e98f Mon Sep 17 00:00:00 2001
|
||||
From: Fernando Fernandez Mancera <ffmancera@riseup.net>
|
||||
Date: Wed, 12 Feb 2025 10:58:39 +0100
|
||||
Subject: [PATCH] policy: always reset retries when unblocking children or
|
||||
ports
|
||||
|
||||
When calling activate_port_or_children_connections() we are unblocking
|
||||
the ports and children but we are not resetting the number of retries if
|
||||
it is an internal activation.
|
||||
|
||||
This is wrong as even if it's an internal activation the number of
|
||||
retries should be reset. It won't interferfe with other blocking reasons
|
||||
like USER_REQUESTED or MISSING_SECRETS.
|
||||
|
||||
(cherry picked from commit 7acc66699af9a1546c602082b6994b98cfea7c80)
|
||||
(cherry picked from commit 2daeef668d7d1e31d6165b89ef4222ce51ddeb89)
|
||||
(cherry picked from commit 52ed8567e2084a21727ac89c26dcd110be19c35a)
|
||||
(cherry picked from commit b870c94a4c319d1927f01107e01590c6ccc8342a)
|
||||
---
|
||||
src/core/nm-policy.c | 33 +++++++++------------------------
|
||||
1 file changed, 9 insertions(+), 24 deletions(-)
|
||||
|
||||
diff --git a/src/core/nm-policy.c b/src/core/nm-policy.c
|
||||
index 93b52526a2..e01a13fb8b 100644
|
||||
--- a/src/core/nm-policy.c
|
||||
+++ b/src/core/nm-policy.c
|
||||
@@ -1873,8 +1873,7 @@ unblock_autoconnect_for_children(NMPolicy *self,
|
||||
const char *parent_device,
|
||||
const char *parent_uuid_settings,
|
||||
const char *parent_uuid_applied,
|
||||
- const char *parent_mac_addr,
|
||||
- gboolean reset_devcon_autoconnect)
|
||||
+ const char *parent_mac_addr)
|
||||
{
|
||||
NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE(self);
|
||||
NMSettingsConnection *const *connections;
|
||||
@@ -1915,10 +1914,8 @@ unblock_autoconnect_for_children(NMPolicy *self,
|
||||
parent_mac_addr))
|
||||
continue;
|
||||
|
||||
- if (reset_devcon_autoconnect) {
|
||||
- if (nm_manager_devcon_autoconnect_retries_reset(priv->manager, NULL, sett_conn))
|
||||
- changed = TRUE;
|
||||
- }
|
||||
+ if (nm_manager_devcon_autoconnect_retries_reset(priv->manager, NULL, sett_conn))
|
||||
+ changed = TRUE;
|
||||
|
||||
/* unblock the devices associated with that connection */
|
||||
if (nm_manager_devcon_autoconnect_blocked_reason_set(
|
||||
@@ -1940,8 +1937,7 @@ static void
|
||||
unblock_autoconnect_for_ports(NMPolicy *self,
|
||||
const char *controller_device,
|
||||
const char *controller_uuid_settings,
|
||||
- const char *controller_uuid_applied,
|
||||
- gboolean reset_devcon_autoconnect)
|
||||
+ const char *controller_uuid_applied)
|
||||
{
|
||||
NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE(self);
|
||||
NMSettingsConnection *const *connections;
|
||||
@@ -1959,7 +1955,6 @@ unblock_autoconnect_for_ports(NMPolicy *self,
|
||||
"\"",
|
||||
""));
|
||||
|
||||
- changed = FALSE;
|
||||
connections = nm_settings_get_connections(priv->settings, NULL);
|
||||
for (i = 0; connections[i]; i++) {
|
||||
NMSettingsConnection *sett_conn = connections[i];
|
||||
@@ -1977,10 +1972,8 @@ unblock_autoconnect_for_ports(NMPolicy *self,
|
||||
controller_uuid_settings))
|
||||
continue;
|
||||
|
||||
- if (reset_devcon_autoconnect) {
|
||||
- if (nm_manager_devcon_autoconnect_retries_reset(priv->manager, NULL, sett_conn))
|
||||
- changed = TRUE;
|
||||
- }
|
||||
+ if (nm_manager_devcon_autoconnect_retries_reset(priv->manager, NULL, sett_conn))
|
||||
+ changed = TRUE;
|
||||
|
||||
/* unblock the devices associated with that connection */
|
||||
if (nm_manager_devcon_autoconnect_blocked_reason_set(
|
||||
@@ -2015,7 +2008,7 @@ unblock_autoconnect_for_ports_for_sett_conn(NMPolicy *self, NMSettingsConnection
|
||||
controller_uuid_settings = nm_setting_connection_get_uuid(s_con);
|
||||
controller_device = nm_setting_connection_get_interface_name(s_con);
|
||||
|
||||
- unblock_autoconnect_for_ports(self, controller_device, controller_uuid_settings, NULL, TRUE);
|
||||
+ unblock_autoconnect_for_ports(self, controller_device, controller_uuid_settings, NULL);
|
||||
}
|
||||
|
||||
static void
|
||||
@@ -2028,7 +2021,6 @@ activate_port_or_children_connections(NMPolicy *self,
|
||||
const char *controller_uuid_applied = NULL;
|
||||
const char *parent_mac_addr = NULL;
|
||||
NMActRequest *req;
|
||||
- gboolean internal_activation = FALSE;
|
||||
|
||||
controller_device = nm_device_get_iface(device);
|
||||
nm_assert(controller_device);
|
||||
@@ -2039,7 +2031,6 @@ activate_port_or_children_connections(NMPolicy *self,
|
||||
if (req) {
|
||||
NMConnection *connection;
|
||||
NMSettingsConnection *sett_conn;
|
||||
- NMAuthSubject *subject;
|
||||
|
||||
sett_conn = nm_active_connection_get_settings_connection(NM_ACTIVE_CONNECTION(req));
|
||||
if (sett_conn)
|
||||
@@ -2051,25 +2042,19 @@ activate_port_or_children_connections(NMPolicy *self,
|
||||
|
||||
if (nm_streq0(controller_uuid_settings, controller_uuid_applied))
|
||||
controller_uuid_applied = NULL;
|
||||
-
|
||||
- subject = nm_active_connection_get_subject(NM_ACTIVE_CONNECTION(req));
|
||||
- internal_activation =
|
||||
- subject && (nm_auth_subject_get_subject_type(subject) == NM_AUTH_SUBJECT_TYPE_INTERNAL);
|
||||
}
|
||||
|
||||
if (!activate_children_connections_only) {
|
||||
unblock_autoconnect_for_ports(self,
|
||||
controller_device,
|
||||
controller_uuid_settings,
|
||||
- controller_uuid_applied,
|
||||
- !internal_activation);
|
||||
+ controller_uuid_applied);
|
||||
}
|
||||
unblock_autoconnect_for_children(self,
|
||||
controller_device,
|
||||
controller_uuid_settings,
|
||||
controller_uuid_applied,
|
||||
- parent_mac_addr,
|
||||
- !internal_activation);
|
||||
+ parent_mac_addr);
|
||||
}
|
||||
|
||||
static gboolean
|
||||
--
|
||||
2.48.1
|
||||
|
@ -1,53 +0,0 @@
|
||||
From 11d2ec5d62fe061bb25db2343a51d9aa4239fb53 Mon Sep 17 00:00:00 2001
|
||||
From: Fernando Fernandez Mancera <ffmancera@riseup.net>
|
||||
Date: Mon, 17 Feb 2025 23:10:53 +0100
|
||||
Subject: [PATCH] core: prevent the activation of unavailable OVS interfaces
|
||||
only
|
||||
|
||||
Preventing the activation of unavailable devices for all device types is
|
||||
too aggresive and leads to race conditions, e.g when a non-virtual bond
|
||||
port gets a carrier, preventing the device to be a good candidate for
|
||||
the connection.
|
||||
|
||||
Instead, enforce this check only on OVS interfaces as NetworkManager
|
||||
just makes sure that ovsdb->ready is set to TRUE.
|
||||
|
||||
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/2139
|
||||
|
||||
Fixes: 774badb1519a ('core: prevent the activation of unavailable devices')
|
||||
(cherry picked from commit a1c05d2ce6f115c900ef21b69c3ee7e98ef4ddaf)
|
||||
(cherry picked from commit b8ef2a551e505b5ffb02cc5d4e3ab29e78ea1fac)
|
||||
(cherry picked from commit 8b39a79621435e0ea3c7b4caaa69640f268409ae)
|
||||
(cherry picked from commit 67e71a9d7f110607838c5633db81eb2ed0ea6992)
|
||||
---
|
||||
src/core/nm-manager.c | 14 ++++++++++----
|
||||
1 file changed, 10 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/src/core/nm-manager.c b/src/core/nm-manager.c
|
||||
index 36b8bda0f5..cae3dff613 100644
|
||||
--- a/src/core/nm-manager.c
|
||||
+++ b/src/core/nm-manager.c
|
||||
@@ -4699,10 +4699,16 @@ found_better:
|
||||
if (nm_g_hash_table_contains(exclude_devices, device))
|
||||
continue;
|
||||
|
||||
- if (!nm_device_is_available(device,
|
||||
- for_user_request
|
||||
- ? NM_DEVICE_CHECK_DEV_AVAILABLE_FOR_USER_REQUEST
|
||||
- : NM_DEVICE_CHECK_DEV_AVAILABLE_NONE))
|
||||
+ /* During startup, NM performs a cleanup of the ovsdb to remove previous entries.
|
||||
+ * Before the device is suitable for the connection, it must have ovsdb->ready set
|
||||
+ * to TRUE. Performing this check in all kind of interfaces is too agressive and leads
|
||||
+ * to race conditions, e.g when a non-virtual bond port gets a carrier, preventing the
|
||||
+ * device to be a good candidate for the connection. */
|
||||
+ if (nm_device_get_device_type(device) == NM_DEVICE_TYPE_OVS_INTERFACE
|
||||
+ && !nm_device_is_available(device,
|
||||
+ for_user_request
|
||||
+ ? NM_DEVICE_CHECK_DEV_AVAILABLE_FOR_USER_REQUEST
|
||||
+ : NM_DEVICE_CHECK_DEV_AVAILABLE_NONE))
|
||||
continue;
|
||||
|
||||
/* determine the priority of this device. Currently, this priority is independent
|
||||
--
|
||||
2.48.1
|
||||
|
@ -4,9 +4,10 @@
|
||||
%global glib2_version %(pkg-config --modversion glib-2.0 2>/dev/null || echo bad)
|
||||
|
||||
%global epoch_version 1
|
||||
%global real_version 1.48.10
|
||||
%global real_version 1.52.0
|
||||
%global git_tag_version_suffix %{nil}
|
||||
%global rpm_version %{real_version}
|
||||
%global release_version 8
|
||||
%global release_version 3
|
||||
%global snapshot %{nil}
|
||||
%global git_sha %{nil}
|
||||
%global bcond_default_debug 0
|
||||
@ -39,12 +40,19 @@
|
||||
%global systemd_units_cloud_setup nm-cloud-setup.service nm-cloud-setup.timer
|
||||
|
||||
###############################################################################
|
||||
|
||||
%bcond_with meson
|
||||
%if 0%{?fedora} > 40 || 0%{?rhel} >= 10
|
||||
%bcond_with dhclient
|
||||
%else
|
||||
%bcond_without dhclient
|
||||
%endif
|
||||
%bcond_without adsl
|
||||
%bcond_without bluetooth
|
||||
%bcond_without wwan
|
||||
%if 0%{?rhel} >= 10
|
||||
%bcond_with team
|
||||
%else
|
||||
%bcond_without team
|
||||
%endif
|
||||
%bcond_without wifi
|
||||
%bcond_without ovs
|
||||
%bcond_without ppp
|
||||
@ -62,7 +70,7 @@
|
||||
%bcond_with test
|
||||
%endif
|
||||
%if "%{?bcond_default_lto}" == ""
|
||||
%if 0%{?fedora} >= 33 || 0%{?rhel} >= 9
|
||||
%if 0%{?fedora} || 0%{?rhel} >= 9
|
||||
%bcond_without lto
|
||||
%else
|
||||
%bcond_with lto
|
||||
@ -80,44 +88,21 @@
|
||||
%else
|
||||
%bcond_with connectivity_fedora
|
||||
%endif
|
||||
%if 0%{?rhel} && 0%{?rhel} >= 8
|
||||
%if 0%{?rhel}
|
||||
%bcond_without connectivity_redhat
|
||||
%else
|
||||
%bcond_with connectivity_redhat
|
||||
%endif
|
||||
%if 0%{?fedora} >= 29 || 0%{?rhel} >= 8
|
||||
%bcond_without crypto_gnutls
|
||||
%else
|
||||
%bcond_with crypto_gnutls
|
||||
%endif
|
||||
%if 0%{?rhel}
|
||||
%bcond_with iwd
|
||||
%else
|
||||
%bcond_without iwd
|
||||
%endif
|
||||
%if 0%{?fedora} >= 32 || 0%{?rhel} >= 8
|
||||
%bcond_without firewalld_zone
|
||||
%else
|
||||
%bcond_with firewalld_zone
|
||||
%endif
|
||||
|
||||
###############################################################################
|
||||
|
||||
%if 0%{?fedora} || 0%{?rhel} >= 8
|
||||
%global dbus_version 1.9.18
|
||||
%global dbus_sys_dir %{_datadir}/dbus-1/system.d
|
||||
%else
|
||||
%global dbus_version 1.1
|
||||
%global dbus_sys_dir %{_sysconfdir}/dbus-1/system.d
|
||||
%endif
|
||||
|
||||
# Older libndp versions use select() (rh#1933041). On well known distros,
|
||||
# choose a version that has the necessary fix.
|
||||
%if 0%{?rhel} && 0%{?rhel} == 8
|
||||
%global libndp_version 1.7-4
|
||||
%else
|
||||
%global libndp_version %{nil}
|
||||
%endif
|
||||
|
||||
%if %{with bluetooth} || %{with wwan}
|
||||
%global with_modem_manager_1 1
|
||||
@ -125,46 +110,39 @@
|
||||
%global with_modem_manager_1 0
|
||||
%endif
|
||||
|
||||
%if 0%{?fedora} >= 31 || 0%{?rhel} >= 8
|
||||
%global dhcp_default internal
|
||||
%else
|
||||
%global dhcp_default dhclient
|
||||
%endif
|
||||
|
||||
%if 0%{?fedora} || 0%{?rhel} >= 8
|
||||
%global logging_backend_default journal
|
||||
%if 0%{?fedora} || 0%{?rhel} >= 9
|
||||
%global dns_rc_manager_default auto
|
||||
%else
|
||||
%global dns_rc_manager_default symlink
|
||||
%endif
|
||||
%else
|
||||
%global logging_backend_default syslog
|
||||
%global dns_rc_manager_default file
|
||||
%endif
|
||||
|
||||
%if 0%{?fedora} >= 33 || 0%{?rhel} >= 9
|
||||
%global config_plugins_default_ifcfg_rh 0
|
||||
%bcond_with default_ifcfg_rh
|
||||
%else
|
||||
%global config_plugins_default_ifcfg_rh 1
|
||||
%bcond_without default_ifcfg_rh
|
||||
%endif
|
||||
|
||||
%if 0%{?fedora} >= 36 || 0%{?rhel} >= 10
|
||||
%global split_ifcfg_rh 1
|
||||
%if 0%{?rhel} >= 10 || 0%{?fedora} >= 41
|
||||
%bcond_with ifcfg_rh
|
||||
%bcond_with split_ifcfg_rh
|
||||
%elif 0%{?fedora} >= 36
|
||||
%bcond_without ifcfg_rh
|
||||
%bcond_without split_ifcfg_rh
|
||||
%else
|
||||
%global split_ifcfg_rh 0
|
||||
%bcond_without ifcfg_rh
|
||||
%bcond_with split_ifcfg_rh
|
||||
%endif
|
||||
|
||||
%if (0%{?fedora} >= 36 && 0%{?fedora} < 39) || 0%{?rhel} >= 9
|
||||
%global ifcfg_warning 1
|
||||
%if (0%{?fedora} >= 36 && 0%{?fedora} < 39) || 0%{?rhel} == 9
|
||||
%bcond_without ifcfg_warning
|
||||
%else
|
||||
%global ifcfg_warning 0
|
||||
%bcond_with ifcfg_warning
|
||||
%endif
|
||||
|
||||
%if 0%{?fedora} >= 39
|
||||
%global ifcfg_migrate 1
|
||||
%if %{with ifcfg_rh} && 0%{?fedora} >= 39
|
||||
%bcond_without ifcfg_migrate
|
||||
%else
|
||||
%global ifcfg_migrate 0
|
||||
%bcond_with ifcfg_migrate
|
||||
%endif
|
||||
|
||||
%if 0%{?fedora}
|
||||
@ -194,7 +172,7 @@ Group: System Environment/Base
|
||||
License: GPL-2.0-or-later AND LGPL-2.1-or-later
|
||||
URL: https://networkmanager.dev/
|
||||
|
||||
Source: https://download.gnome.org/sources/NetworkManager/%{real_version_major}/%{name}-%{real_version}.tar.xz
|
||||
Source: https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/releases/%{real_version}%{git_tag_version_suffix}/downloads/%{name}-%{real_version}.tar.xz
|
||||
Source1: NetworkManager.conf
|
||||
Source2: 00-server.conf
|
||||
Source4: 20-connectivity-fedora.conf
|
||||
@ -211,23 +189,13 @@ Source9: readme-ifcfg-rh-migrated.txt
|
||||
Patch0001: 0001-revert-change-default-value-for-ipv4.dad-timeout-from-0-to-200ms.patch
|
||||
|
||||
# Bugfixes that are only relevant until next rebase of the package.
|
||||
Patch1001: 1001-cloud-setup-allow-bigger-restart-bursts-rhel-56740.patch
|
||||
Patch1002: 1002-cloud-setup-ensure-azure-places-primary-address-first-rhel-56387.patch
|
||||
Patch1003: 1003-only-validate-sriov-capability-when-enabled-rhel-58397.patch
|
||||
Patch1004: 1004-fix-bug-when-deactivating-port-connections-rhel-50747.patch
|
||||
Patch1005: 1005-fix-validation-of-ovs-dpdk-interface-name-rhel-60022.patch
|
||||
Patch1006: 1006-remove-routes-added-by-nm-on-reapply-rhel-73013.patch
|
||||
Patch1007: 1007-vpn-place-gateway-route-to-table-defined-in-ipvx-route-table-rhel-73166.patch
|
||||
Patch1008: 1008-vpn-support-routing-rules-in-vpn-conenctions-rhel-73167.patch
|
||||
Patch1009: 1009-core-prevent-the-activation-of-unavailable-devices-rhel-78745.patch
|
||||
Patch1010: 1010-fix-nmtui-segfault-adding-veth-rhel-75763.patch
|
||||
Patch1011: 1011-policy-always-reset-retries-when-unblocking-children-or-ports-rhel-78748.patch
|
||||
Patch1012: 1012-core-prevent-the-activation-of-unavailable-ovs-interfaces-only-rhel-79995.patch
|
||||
# Patch1001: 1001-some.patch
|
||||
Patch1001: 1001-core-fail-early-if-we-cannot-get-current-FEC-value-86851.patch
|
||||
Patch1002: 1002-oci-update-disconnected-vnics-83198.patch
|
||||
Patch1003: 1003-dns-Fix-invalid-memory-access-on-Dnsconfd-DBUS-error-84692.patch
|
||||
|
||||
Requires(post): systemd
|
||||
%if 0%{?fedora} || 0%{?rhel} >= 8
|
||||
Requires(post): systemd-udev
|
||||
%endif
|
||||
Requires(post): /usr/sbin/update-alternatives
|
||||
Requires(preun): systemd
|
||||
Requires(preun): /usr/sbin/update-alternatives
|
||||
@ -236,23 +204,40 @@ Requires(postun): systemd
|
||||
Requires: dbus >= %{dbus_version}
|
||||
Requires: glib2 >= %{glib2_version}
|
||||
Requires: %{name}-libnm%{?_isa} = %{epoch}:%{version}-%{release}
|
||||
%if "%{libndp_version}" != ""
|
||||
Requires: libndp >= %{libndp_version}
|
||||
|
||||
Recommends: iputils
|
||||
|
||||
%if 0%{?rhel} == 8
|
||||
# Older libndp versions use select() (rh#1933041). On well known distros,
|
||||
# choose a version that has the necessary fix.
|
||||
Requires: libndp >= 1.7-4
|
||||
%endif
|
||||
|
||||
Obsoletes: NetworkManager < %{obsoletes_device_plugins}
|
||||
Obsoletes: NetworkManager < %{obsoletes_ppp_plugin}
|
||||
Obsoletes: NetworkManager-wimax < 1:1.2
|
||||
%if 0%{?rhel} && 0%{?rhel} == 8
|
||||
%if 0%{?rhel} == 8
|
||||
Suggests: NetworkManager-initscripts-updown
|
||||
%endif
|
||||
Obsoletes: NetworkManager < %{obsoletes_initscripts_updown}
|
||||
%if 0%{?split_ifcfg_rh}
|
||||
%if %{with split_ifcfg_rh}
|
||||
Obsoletes: NetworkManager < %{obsoletes_ifcfg_rh}
|
||||
%endif
|
||||
|
||||
%if 0%{?rhel} && 0%{?rhel} <= 7
|
||||
# Kept for RHEL to ensure that wired 802.1x works out of the box
|
||||
Requires: wpa_supplicant >= 1:1.1
|
||||
%if 0%{?rhel} >= 10
|
||||
%if 0%{without team}
|
||||
Obsoletes: NetworkManager-team < 1:1.47.5-3
|
||||
%endif
|
||||
Obsoletes: NetworkManager-initscripts-ifcfg-rh < 1:1.47.5-3
|
||||
Obsoletes: NetworkManager-dispatcher-routing-rules < 1:1.47.5-3
|
||||
%endif
|
||||
|
||||
%if 0%{?fedora} >= 41
|
||||
%if %{without ifcfg_rh}
|
||||
Obsoletes: NetworkManager-initscripts-ifcfg-rh < 1:1.49-3.1
|
||||
Obsoletes: NetworkManager-dispatcher-routing-rules < 1:1.49.3-1
|
||||
Obsoletes: NetworkManager-initscripts-updown < 1:1.49.3-1
|
||||
%endif
|
||||
%endif
|
||||
|
||||
Conflicts: NetworkManager-vpnc < 1:0.7.0.99-1
|
||||
@ -260,17 +245,18 @@ Conflicts: NetworkManager-openvpn < 1:0.7.0.99-1
|
||||
Conflicts: NetworkManager-pptp < 1:0.7.0.99-1
|
||||
Conflicts: NetworkManager-openconnect < 0:0.7.0.99-1
|
||||
Conflicts: kde-plasma-networkmanagement < 1:0.9-0.49.20110527git.nm09
|
||||
%if 0%{?rhel} >= 10
|
||||
%if 0%{without team}
|
||||
Conflicts: NetworkManager-team <= 1:1.47.5-3
|
||||
%endif
|
||||
Conflicts: NetworkManager-initscripts-ifcfg-rh <= 1:1.47.5-3
|
||||
Conflicts: NetworkManager-dispatcher-routing-rules <= 1:1.47.5-3
|
||||
%endif
|
||||
|
||||
BuildRequires: make
|
||||
BuildRequires: gcc
|
||||
BuildRequires: libtool
|
||||
BuildRequires: pkgconfig
|
||||
%if %{with meson}
|
||||
BuildRequires: meson
|
||||
%else
|
||||
BuildRequires: automake
|
||||
BuildRequires: autoconf
|
||||
%endif
|
||||
BuildRequires: gettext-devel >= 0.19.8
|
||||
|
||||
BuildRequires: dbus-devel >= %{dbus_version}
|
||||
@ -279,11 +265,7 @@ BuildRequires: gobject-introspection-devel >= 0.10.3
|
||||
%if %{with ppp}
|
||||
BuildRequires: ppp-devel >= 2.4.5
|
||||
%endif
|
||||
%if %{with crypto_gnutls}
|
||||
BuildRequires: gnutls-devel >= 2.12
|
||||
%else
|
||||
BuildRequires: nss-devel >= 3.11.7
|
||||
%endif
|
||||
BuildRequires: readline-devel
|
||||
BuildRequires: audit-libs-devel
|
||||
%if %{with regen_docs}
|
||||
@ -321,17 +303,11 @@ BuildRequires: polkit-devel
|
||||
BuildRequires: jansson-devel
|
||||
%if %{with sanitizer}
|
||||
BuildRequires: libasan
|
||||
%if 0%{?fedora} || 0%{?rhel} >= 8
|
||||
BuildRequires: libubsan
|
||||
%endif
|
||||
%endif
|
||||
%if %{with firewalld_zone}
|
||||
BuildRequires: firewalld-filesystem
|
||||
%endif
|
||||
BuildRequires: iproute
|
||||
%if 0%{?fedora} || 0%{?rhel} >= 8
|
||||
BuildRequires: iproute-tc
|
||||
%endif
|
||||
|
||||
Provides: %{name}-dispatcher%{?_isa} = %{epoch}:%{version}-%{release}
|
||||
|
||||
@ -374,12 +350,7 @@ Summary: Bluetooth device plugin for NetworkManager
|
||||
Group: System Environment/Base
|
||||
Requires: %{name}%{?_isa} = %{epoch}:%{version}-%{release}
|
||||
Requires: NetworkManager-wwan = %{epoch}:%{version}-%{release}
|
||||
%if 0%{?rhel} && 0%{?rhel} <= 7
|
||||
# No Requires:bluez to prevent it being installed when updating
|
||||
# to the split NM package
|
||||
%else
|
||||
Requires: bluez >= 4.101-5
|
||||
%endif
|
||||
Obsoletes: NetworkManager < %{obsoletes_device_plugins}
|
||||
|
||||
%description bluetooth
|
||||
@ -394,12 +365,10 @@ Group: System Environment/Base
|
||||
BuildRequires: teamd-devel
|
||||
Requires: %{name}%{?_isa} = %{epoch}:%{version}-%{release}
|
||||
Obsoletes: NetworkManager < %{obsoletes_device_plugins}
|
||||
%if 0%{?fedora} || 0%{?rhel} >= 8
|
||||
# Team was split from main NM binary between 0.9.10 and 1.0
|
||||
# We need this Obsoletes in addition to the one above
|
||||
# (git:3aede801521ef7bff039e6e3f1b3c7b566b4338d).
|
||||
Obsoletes: NetworkManager < 1:1.0.0
|
||||
%endif
|
||||
|
||||
%description team
|
||||
This package contains NetworkManager support for team devices.
|
||||
@ -418,13 +387,10 @@ Requires: wireless-regdb
|
||||
Requires: crda
|
||||
%endif
|
||||
|
||||
%if %{with iwd} && (0%{?fedora} >= 25 || 0%{?rhel} >= 8)
|
||||
%if %{with iwd}
|
||||
Requires: (wpa_supplicant >= %{wpa_supplicant_version} or iwd)
|
||||
Suggests: wpa_supplicant
|
||||
%else
|
||||
# Just require wpa_supplicant on platforms that don't support boolean
|
||||
# dependencies even though the plugin supports both supplicant and
|
||||
# iwd backend.
|
||||
Requires: wpa_supplicant >= %{wpa_supplicant_version}
|
||||
%endif
|
||||
|
||||
@ -440,12 +406,7 @@ This package contains NetworkManager support for Wifi and OLPC devices.
|
||||
Summary: Mobile broadband device plugin for NetworkManager
|
||||
Group: System Environment/Base
|
||||
Requires: %{name}%{?_isa} = %{epoch}:%{version}-%{release}
|
||||
%if 0%{?rhel} && 0%{?rhel} <= 7
|
||||
# No Requires:ModemManager to prevent it being installed when updating
|
||||
# to the split NM package
|
||||
%else
|
||||
Requires: ModemManager
|
||||
%endif
|
||||
Obsoletes: NetworkManager < %{obsoletes_device_plugins}
|
||||
|
||||
%description wwan
|
||||
@ -548,10 +509,11 @@ This package is intended to be installed by default for server
|
||||
deployments.
|
||||
|
||||
|
||||
%if %{with ifcfg_rh}
|
||||
%package dispatcher-routing-rules
|
||||
Summary: NetworkManager dispatcher file for advanced routing rules
|
||||
Group: System Environment/Base
|
||||
%if 0%{?split_ifcfg_rh}
|
||||
%if %{with split_ifcfg_rh}
|
||||
Requires: %{name}-initscripts-ifcfg-rh
|
||||
%endif
|
||||
Requires: ipcalc
|
||||
@ -563,6 +525,7 @@ Obsoletes: %{name}-config-routing-rules < 1:1.31.0
|
||||
This adds a NetworkManager dispatcher file to support networking
|
||||
configurations using "/etc/sysconfig/network-scripts/rule-NAME" files
|
||||
(eg, to do policy-based routing).
|
||||
%endif
|
||||
|
||||
|
||||
%if %{with nmtui}
|
||||
@ -579,7 +542,7 @@ by nm-connection-editor and nm-applet in a non-graphical environment.
|
||||
%endif
|
||||
|
||||
|
||||
%if 0%{?split_ifcfg_rh}
|
||||
%if %{with split_ifcfg_rh}
|
||||
%package initscripts-ifcfg-rh
|
||||
Summary: NetworkManager plugin for reading and writing connections in ifcfg-rh format
|
||||
Group: System Environment/Base
|
||||
@ -606,6 +569,7 @@ like Aliyun, Azure, EC2, GCP are supported.
|
||||
%endif
|
||||
|
||||
|
||||
%if %{with ifcfg_rh}
|
||||
%package initscripts-updown
|
||||
Summary: Legacy ifup/ifdown scripts for NetworkManager that replace initscripts (network-scripts)
|
||||
Group: System Environment/Base
|
||||
@ -618,6 +582,7 @@ Obsoletes: NetworkManager < %{obsoletes_initscripts_updown}
|
||||
Installs alternative ifup/ifdown scripts that talk to NetworkManager.
|
||||
This is only for backward compatibility with initscripts (network-scripts).
|
||||
Preferably use nmcli instead.
|
||||
%endif
|
||||
|
||||
|
||||
%prep
|
||||
@ -625,7 +590,6 @@ Preferably use nmcli instead.
|
||||
|
||||
|
||||
%build
|
||||
%if %{with meson}
|
||||
%meson \
|
||||
-Db_ndebug=false \
|
||||
--warnlevel 2 \
|
||||
@ -634,15 +598,13 @@ Preferably use nmcli instead.
|
||||
%endif
|
||||
-Dnft=%{_sbindir}/nft \
|
||||
-Diptables=%{_sbindir}/iptables \
|
||||
%if %{with dhclient}
|
||||
-Ddhclient=%{_sbindir}/dhclient \
|
||||
-Ddhcpcanon=no \
|
||||
-Ddhcpcd=no \
|
||||
-Dconfig_dhcp_default=%{dhcp_default} \
|
||||
%if %{with crypto_gnutls}
|
||||
-Dcrypto=gnutls \
|
||||
%else
|
||||
-Dcrypto=nss \
|
||||
-Ddhclient=no \
|
||||
%endif
|
||||
-Ddhcpcd=no \
|
||||
-Dcrypto=gnutls \
|
||||
%if %{with debug}
|
||||
-Dmore_logging=true \
|
||||
-Dmore_asserts=10000 \
|
||||
@ -732,7 +694,11 @@ Preferably use nmcli instead.
|
||||
-Ddbus_conf_dir=%{dbus_sys_dir} \
|
||||
-Dtests=yes \
|
||||
-Dvalgrind=no \
|
||||
%if %{with ifcfg_rh}
|
||||
-Difcfg_rh=true \
|
||||
%else
|
||||
-Difcfg_rh=false \
|
||||
%endif
|
||||
-Difupdown=false \
|
||||
%if %{with ppp}
|
||||
-Dppp=true \
|
||||
@ -740,183 +706,30 @@ Preferably use nmcli instead.
|
||||
-Dpppd_plugin_dir="%{_libdir}/pppd/%{ppp_version}" \
|
||||
%else
|
||||
-Dppp=false \
|
||||
%endif
|
||||
%if %{with firewalld_zone}
|
||||
-Dfirewalld_zone=true \
|
||||
%else
|
||||
-Dfirewalld_zone=false \
|
||||
%endif
|
||||
-Ddist_version=%{version}-%{release} \
|
||||
%if %{?config_plugins_default_ifcfg_rh}
|
||||
%if %{with default_ifcfg_rh}
|
||||
-Dconfig_plugins_default=ifcfg-rh \
|
||||
%endif
|
||||
%if %{?ifcfg_migrate}
|
||||
%if %{with ifcfg_migrate}
|
||||
-Dconfig_migrate_ifcfg_rh_default=true \
|
||||
%endif
|
||||
-Dresolvconf=no \
|
||||
-Dnetconfig=no \
|
||||
-Dconfig_dns_rc_manager_default=%{dns_rc_manager_default} \
|
||||
-Dconfig_logging_backend_default=%{logging_backend_default}
|
||||
-Dconfig_logging_backend_default=journal
|
||||
|
||||
%meson_build
|
||||
# Limit number of jobs on ppc64 to prevent high RAM usage
|
||||
%ifarch ppc64le
|
||||
%global numjobs 4
|
||||
%else
|
||||
%global numjobs %{_smp_build_ncpus}
|
||||
%endif
|
||||
|
||||
%else
|
||||
# autotools
|
||||
%if %{with regen_docs}
|
||||
gtkdocize
|
||||
%endif
|
||||
autoreconf --install --force
|
||||
%configure \
|
||||
--with-runstatedir=%{_rundir} \
|
||||
--enable-silent-rules=no \
|
||||
--enable-static=no \
|
||||
--with-nft=%{_sbindir}/nft \
|
||||
--with-iptables=%{_sbindir}/iptables \
|
||||
--with-dhclient=%{_sbindir}/dhclient \
|
||||
--with-dhcpcd=no \
|
||||
--with-dhcpcanon=no \
|
||||
--with-config-dhcp-default=%{dhcp_default} \
|
||||
%if %{with crypto_gnutls}
|
||||
--with-crypto=gnutls \
|
||||
%else
|
||||
--with-crypto=nss \
|
||||
%endif
|
||||
%if %{with sanitizer}
|
||||
--with-address-sanitizer=exec \
|
||||
%if 0%{?fedora} || 0%{?rhel} >= 8
|
||||
--enable-undefined-sanitizer=yes \
|
||||
%else
|
||||
--enable-undefined-sanitizer=no \
|
||||
%endif
|
||||
%else
|
||||
--with-address-sanitizer=no \
|
||||
--enable-undefined-sanitizer=no \
|
||||
%endif
|
||||
%if %{with debug}
|
||||
--enable-more-logging=yes \
|
||||
--with-more-asserts=10000 \
|
||||
%else
|
||||
--enable-more-logging=no \
|
||||
--with-more-asserts=0 \
|
||||
%endif
|
||||
--enable-ld-gc=yes \
|
||||
%if %{with lto}
|
||||
--enable-lto=yes \
|
||||
%else
|
||||
--enable-lto=no \
|
||||
%endif
|
||||
--with-libaudit=yes-disabled-by-default \
|
||||
%if 0%{?with_modem_manager_1}
|
||||
--with-modem-manager-1=yes \
|
||||
%else
|
||||
--with-modem-manager-1=no \
|
||||
%endif
|
||||
%if %{with wifi}
|
||||
--enable-wifi=yes \
|
||||
%if 0%{?fedora}
|
||||
--with-wext=yes \
|
||||
%else
|
||||
--with-wext=no \
|
||||
%endif
|
||||
%else
|
||||
--enable-wifi=no \
|
||||
%endif
|
||||
%if %{with iwd}
|
||||
--with-iwd=yes \
|
||||
%else
|
||||
--with-iwd=no \
|
||||
%endif
|
||||
%if %{with bluetooth}
|
||||
--enable-bluez5-dun=yes \
|
||||
%else
|
||||
--enable-bluez5-dun=no \
|
||||
%endif
|
||||
%if %{with nmtui}
|
||||
--with-nmtui=yes \
|
||||
%else
|
||||
--with-nmtui=no \
|
||||
%endif
|
||||
%if %{with nm_cloud_setup}
|
||||
--with-nm-cloud-setup=yes \
|
||||
%else
|
||||
--with-nm-cloud-setup=no \
|
||||
%endif
|
||||
--enable-vala=yes \
|
||||
--enable-introspection=yes \
|
||||
%if %{with regen_docs}
|
||||
--enable-gtk-doc=yes \
|
||||
%else
|
||||
--enable-gtk-doc=no \
|
||||
%endif
|
||||
%if %{with team}
|
||||
--enable-teamdctl=yes \
|
||||
%else
|
||||
--enable-teamdctl=no \
|
||||
%endif
|
||||
%if %{with ovs}
|
||||
--enable-ovs=yes \
|
||||
%else
|
||||
--enable-ovs=no \
|
||||
%endif
|
||||
--with-selinux=yes \
|
||||
--enable-polkit=yes \
|
||||
--enable-modify-system=yes \
|
||||
--enable-concheck=yes \
|
||||
%if 0%{?fedora}
|
||||
--with-libpsl=yes \
|
||||
%else
|
||||
--with-libpsl=no \
|
||||
%endif
|
||||
--with-ebpf=%{ebpf_enabled} \
|
||||
--with-session-tracking=systemd \
|
||||
--with-suspend-resume=systemd \
|
||||
--with-systemdsystemunitdir=%{_unitdir} \
|
||||
--with-system-ca-path=/etc/pki/tls/cert.pem \
|
||||
--with-dbus-sys-dir=%{dbus_sys_dir} \
|
||||
--with-tests=yes \
|
||||
%if %{with test}
|
||||
--enable-more-warnings=error \
|
||||
%else
|
||||
--enable-more-warnings=yes \
|
||||
%endif
|
||||
--with-valgrind=no \
|
||||
--enable-ifcfg-rh=yes \
|
||||
--enable-ifupdown=no \
|
||||
%if %{with ppp}
|
||||
--enable-ppp=yes \
|
||||
--with-pppd="%{_sbindir}/pppd" \
|
||||
--with-pppd-plugin-dir="%{_libdir}/pppd/%{ppp_version}" \
|
||||
%else
|
||||
--enable-ppp=no \
|
||||
%endif
|
||||
%if %{with firewalld_zone}
|
||||
--enable-firewalld-zone=yes \
|
||||
%else
|
||||
--enable-firewalld-zone=no \
|
||||
%endif
|
||||
--with-dist-version=%{version}-%{release} \
|
||||
%if %{?config_plugins_default_ifcfg_rh}
|
||||
--with-config-plugins-default=ifcfg-rh \
|
||||
%endif
|
||||
%if %{?ifcfg_migrate}
|
||||
--with-config-migrate-ifcfg-rh-default=yes \
|
||||
%endif
|
||||
--with-resolvconf=no \
|
||||
--with-netconfig=no \
|
||||
--with-config-dns-rc-manager-default=%{dns_rc_manager_default} \
|
||||
--with-config-logging-backend-default=%{logging_backend_default} \
|
||||
--disable-autotools-deprecation
|
||||
|
||||
%make_build
|
||||
|
||||
%endif
|
||||
%meson_build -j %{numjobs}
|
||||
|
||||
%install
|
||||
%if %{with meson}
|
||||
%meson_install
|
||||
%else
|
||||
%make_install
|
||||
%endif
|
||||
|
||||
cp %{SOURCE1} %{buildroot}%{_sysconfdir}/%{name}/
|
||||
|
||||
@ -936,16 +749,18 @@ cp %{SOURCE7} %{buildroot}%{_sysctldir}
|
||||
cp %{SOURCE6} %{buildroot}%{nmlibdir}/conf.d/
|
||||
%endif
|
||||
|
||||
%if 0%{?ifcfg_warning}
|
||||
%if %{with ifcfg_warning}
|
||||
cp %{SOURCE8} %{buildroot}%{_sysconfdir}/sysconfig/network-scripts
|
||||
%endif
|
||||
%if 0%{?ifcfg_migrate}
|
||||
%if %{with ifcfg_migrate}
|
||||
cp %{SOURCE9} %{buildroot}%{_sysconfdir}/sysconfig/network-scripts/readme-ifcfg-rh.txt
|
||||
%endif
|
||||
|
||||
%if %{with ifcfg_rh}
|
||||
cp examples/dispatcher/10-ifcfg-rh-routes.sh %{buildroot}%{nmlibdir}/dispatcher.d/
|
||||
ln -s ../no-wait.d/10-ifcfg-rh-routes.sh %{buildroot}%{nmlibdir}/dispatcher.d/pre-up.d/
|
||||
ln -s ../10-ifcfg-rh-routes.sh %{buildroot}%{nmlibdir}/dispatcher.d/no-wait.d/
|
||||
%endif
|
||||
|
||||
%find_lang %{name}
|
||||
|
||||
@ -954,33 +769,25 @@ rm -f %{buildroot}%{_libdir}/pppd/%{ppp_version}/*.la
|
||||
rm -f %{buildroot}%{nmplugindir}/*.la
|
||||
|
||||
# Ensure the documentation timestamps are constant to avoid multilib conflicts
|
||||
find %{buildroot}%{_datadir}/gtk-doc -exec touch --reference configure.ac '{}' \+
|
||||
find %{buildroot}%{_datadir}/gtk-doc -exec touch --reference meson.build '{}' \+
|
||||
|
||||
%if 0%{?__debug_package} && ! 0%{?flatpak}
|
||||
mkdir -p %{buildroot}%{_prefix}/src/debug/NetworkManager-%{real_version}
|
||||
cp valgrind.suppressions %{buildroot}%{_prefix}/src/debug/NetworkManager-%{real_version}
|
||||
%endif
|
||||
|
||||
%if %{with ifcfg_rh}
|
||||
touch %{buildroot}%{_sbindir}/ifup
|
||||
touch %{buildroot}%{_sbindir}/ifdown
|
||||
%endif
|
||||
|
||||
|
||||
%check
|
||||
%if %{with meson}
|
||||
%if %{with test}
|
||||
%meson_test
|
||||
%else
|
||||
%ninja_test -C %{_vpath_builddir} || :
|
||||
%endif
|
||||
%else
|
||||
# autotools
|
||||
%if %{with test}
|
||||
make -k %{?_smp_mflags} check
|
||||
%else
|
||||
make -k %{?_smp_mflags} check || :
|
||||
%endif
|
||||
%endif
|
||||
|
||||
|
||||
%pre
|
||||
if [ -f "%{_unitdir}/network-online.target.wants/NetworkManager-wait-online.service" ] ; then
|
||||
@ -999,13 +806,12 @@ if [ -S /run/udev/control ]; then
|
||||
/usr/bin/udevadm control --reload-rules || :
|
||||
/usr/bin/udevadm trigger --subsystem-match=net || :
|
||||
fi
|
||||
%if %{with firewalld_zone}
|
||||
%firewalld_reload
|
||||
%endif
|
||||
|
||||
%systemd_post %{systemd_units}
|
||||
|
||||
|
||||
%if %{with ifcfg_rh}
|
||||
%post initscripts-updown
|
||||
if [ -f %{_sbindir}/ifup -a ! -L %{_sbindir}/ifup ]; then
|
||||
# initscripts package too old, won't let us set an alternative
|
||||
@ -1014,6 +820,7 @@ else
|
||||
/usr/sbin/update-alternatives --install %{_sbindir}/ifup ifup %{_libexecdir}/nm-ifup 50 \
|
||||
--slave %{_sbindir}/ifdown ifdown %{_libexecdir}/nm-ifdown
|
||||
fi
|
||||
%endif
|
||||
|
||||
|
||||
%if %{with nm_cloud_setup}
|
||||
@ -1033,10 +840,12 @@ fi
|
||||
%systemd_preun NetworkManager-wait-online.service NetworkManager-dispatcher.service nm-priv-helper.service
|
||||
|
||||
|
||||
%if %{with ifcfg_rh}
|
||||
%preun initscripts-updown
|
||||
if [ $1 -eq 0 ]; then
|
||||
/usr/sbin/update-alternatives --remove ifup %{_libexecdir}/nm-ifup >/dev/null 2>&1 || :
|
||||
fi
|
||||
%endif
|
||||
|
||||
|
||||
%if %{with nm_cloud_setup}
|
||||
@ -1048,19 +857,11 @@ fi
|
||||
%postun
|
||||
/usr/bin/udevadm control --reload-rules || :
|
||||
/usr/bin/udevadm trigger --subsystem-match=net || :
|
||||
%if %{with firewalld_zone}
|
||||
%firewalld_reload
|
||||
%endif
|
||||
|
||||
%systemd_postun %{systemd_units}
|
||||
|
||||
|
||||
%if (0%{?fedora} && 0%{?fedora} < 28) || 0%{?rhel}
|
||||
%post libnm -p /sbin/ldconfig
|
||||
%postun libnm -p /sbin/ldconfig
|
||||
%endif
|
||||
|
||||
|
||||
%if %{with nm_cloud_setup}
|
||||
%postun cloud-setup
|
||||
%systemd_postun %{systemd_units_cloud_setup}
|
||||
@ -1071,7 +872,7 @@ fi
|
||||
%{dbus_sys_dir}/org.freedesktop.NetworkManager.conf
|
||||
%{dbus_sys_dir}/nm-dispatcher.conf
|
||||
%{dbus_sys_dir}/nm-priv-helper.conf
|
||||
%if 0%{?split_ifcfg_rh} == 0
|
||||
%if %{with ifcfg_rh} && %{without split_ifcfg_rh}
|
||||
%{dbus_sys_dir}/nm-ifcfg-rh.conf
|
||||
%endif
|
||||
%{_sbindir}/%{name}
|
||||
@ -1099,7 +900,7 @@ fi
|
||||
%{_libexecdir}/nm-priv-helper
|
||||
%dir %{_libdir}/%{name}
|
||||
%dir %{nmplugindir}
|
||||
%if 0%{?split_ifcfg_rh} == 0
|
||||
%if %{with ifcfg_rh} && %{without split_ifcfg_rh}
|
||||
%{nmplugindir}/libnm-settings-plugin-ifcfg-rh.so
|
||||
%endif
|
||||
%if %{with nmtui}
|
||||
@ -1121,14 +922,14 @@ fi
|
||||
%{_mandir}/man8/NetworkManager-dispatcher.8*
|
||||
%{_mandir}/man8/NetworkManager-wait-online.service.8*
|
||||
%dir %{_localstatedir}/lib/NetworkManager
|
||||
%if %{with ifcfg_rh}
|
||||
%dir %{_sysconfdir}/sysconfig/network-scripts
|
||||
%endif
|
||||
%{_datadir}/dbus-1/system-services/org.freedesktop.nm_dispatcher.service
|
||||
%{_datadir}/dbus-1/system-services/org.freedesktop.nm_priv_helper.service
|
||||
%{_datadir}/polkit-1/actions/*.policy
|
||||
%{_prefix}/lib/udev/rules.d/*.rules
|
||||
%if %{with firewalld_zone}
|
||||
%{_prefix}/lib/firewalld/zones/nm-shared.xml
|
||||
%endif
|
||||
# systemd stuff
|
||||
%{_unitdir}/NetworkManager.service
|
||||
%{_unitdir}/NetworkManager-wait-online.service
|
||||
@ -1136,7 +937,7 @@ fi
|
||||
%{_unitdir}/nm-priv-helper.service
|
||||
%dir %{_datadir}/doc/NetworkManager/examples
|
||||
%{_datadir}/doc/NetworkManager/examples/server.conf
|
||||
%if 0%{?ifcfg_warning} || 0%{?ifcfg_migrate}
|
||||
%if %{with ifcfg_warning} || %{with ifcfg_migrate}
|
||||
%{_sysconfdir}/sysconfig/network-scripts/readme-ifcfg-rh.txt
|
||||
%endif
|
||||
%doc NEWS AUTHORS README.md CONTRIBUTING.md
|
||||
@ -1236,10 +1037,12 @@ fi
|
||||
%{nmlibdir}/conf.d/00-server.conf
|
||||
|
||||
|
||||
%if %{with ifcfg_rh}
|
||||
%files dispatcher-routing-rules
|
||||
%{nmlibdir}/dispatcher.d/10-ifcfg-rh-routes.sh
|
||||
%{nmlibdir}/dispatcher.d/no-wait.d/10-ifcfg-rh-routes.sh
|
||||
%{nmlibdir}/dispatcher.d/pre-up.d/10-ifcfg-rh-routes.sh
|
||||
%endif
|
||||
|
||||
|
||||
%if %{with nmtui}
|
||||
@ -1252,7 +1055,7 @@ fi
|
||||
%endif
|
||||
|
||||
|
||||
%if 0%{?split_ifcfg_rh}
|
||||
%if %{with split_ifcfg_rh}
|
||||
%files initscripts-ifcfg-rh
|
||||
%{nmplugindir}/libnm-settings-plugin-ifcfg-rh.so
|
||||
%{dbus_sys_dir}/nm-ifcfg-rh.conf
|
||||
@ -1271,39 +1074,98 @@ fi
|
||||
%endif
|
||||
|
||||
|
||||
%if %{with ifcfg_rh}
|
||||
%files initscripts-updown
|
||||
%{_libexecdir}/nm-ifup
|
||||
%ghost %attr(755, root, root) %{_sbindir}/ifup
|
||||
%{_libexecdir}/nm-ifdown
|
||||
%ghost %attr(755, root, root) %{_sbindir}/ifdown
|
||||
%endif
|
||||
|
||||
|
||||
%changelog
|
||||
* Tue Feb 18 2025 Fernando Fernandez Mancera <ferferna@redhat.com> - 1:1.48.10-8
|
||||
- policy: always reset retries when unblocking children or ports (RHEL-78748)
|
||||
- core: prevent the activation of unavailable OVS interfaces only (RHEL-79995)
|
||||
* Fri Apr 11 2025 Vladimír Beneš <vbenes@redhat.com> - 1:1.52.0-3
|
||||
- Invalid memory access on Dnsconfd DBUS error (RHEL-84692)
|
||||
- Support IP configuration for secondary interfaces on Oracle VM from metadata (RHEL-84695)
|
||||
|
||||
* Thu Feb 13 2025 Íñigo Huguet <ihuguet@redhat.com> - 1:1.48.10-7
|
||||
- nmtui: fix segfault when adding veth interface (RHEL-75763)
|
||||
* Wed Apr 09 2025 Wen Liang <wenliang@redhat.com> - 1:1.52.0-2
|
||||
- core: fail early if we cannot get current FEC value (RHEL-86851)
|
||||
|
||||
* Wed Feb 12 2025 Fernando Fernandez Mancera <ferferna@redhat.com> - 1:1.48.10-6
|
||||
- core: prevent the activation of unavailable devices (RHEL-77167)
|
||||
* Mon Mar 03 2025 Íñigo Huguet <ihuguet@redhat.com> - 1:1.52.0-1
|
||||
- Update to 1.52.0
|
||||
- Add support for creating VLANs for secondary VNICs in nm-cloud-setup (RHEL-36423)
|
||||
- Always reset retries when unblocking children or ports (RHEL-78122)
|
||||
- Prevent the activation of unavailable OVS interfaces (RHEL-79997)
|
||||
|
||||
* Thu Jan 09 2025 Wen Liang <wenliang@redhat.com> - 1:1.48.10-5
|
||||
- vpn: Support routing rules in vpn conenctions (RHEL-73167)
|
||||
- vpn: Place gateway route to table defined in ipvx.route-table (RHEL-73166)
|
||||
* Mon Fed 17 2025 Beniamino Galvani <bgalvani@redhat.com> - 1:1.51.90-2
|
||||
- Fix state handling in the dnsconfd DNS plugin (RHEL-79693)
|
||||
|
||||
* Wed Jan 08 2025 Íñigo Huguet <ihuguet@redhat.com> - 1:1.48.10-4
|
||||
- Remove routes added by NetworkManager when doing reapply, also those not in main table (RHEL-73013)
|
||||
* Wed Feb 12 2025 Filip Pokryvka <fpokryvk@redhat.com> - 1:1.51.90-1
|
||||
- Fix balance-slb ports rarely not being active after reboot (RHEL-77167)
|
||||
|
||||
* Tue Nov 12 2024 Beniamino Galvani <bgalvani@redhat.com> - 1:1.48.10-3
|
||||
- Only validate the SR-IOV device capability when SR-IOV is enabled (RHEL-58397)
|
||||
- Fix bug when deactivating port connections (RHEL-50747)
|
||||
- Fix validation of ovs-dpdk interface name (RHEL-60022)
|
||||
* Mon Feb 10 2025 Íñigo Huguet <ihuguet@redhat.com> - 1:1.51.7-2
|
||||
- Remove the build argument -flto-partition to avoid compilation crashes due
|
||||
to high memory usage.
|
||||
|
||||
* Fri Aug 30 2024 Fernando Fernandez Mancera <ferferna@redhat.com> - 1:1.48.10-2
|
||||
- cloud-setup: Allow bigger restart bursts (RHEL-56740)
|
||||
- cloud-setup: Fix Azure swap of primary and secondary IP addresses (RHEL-56387)
|
||||
* Fri Feb 07 2025 Vladimír Beneš <vbenes@redhat.com> - 1:1.51.7-1
|
||||
- Update to 1.51.7 (dev)
|
||||
- Add support in initramfs generator for parsing NM eDNS configuration (RHEL-70420)
|
||||
- Add new dnsconfd DNS backend (RHEL-67917)
|
||||
|
||||
* Mon Jan 20 2025 Beniamino Galvani <bgalvani@redhat.com> - 1:1.51.6-1
|
||||
- Update to 1.51.6 (dev)
|
||||
- Honor the routing-rules property for VPN connections (RHEL-69899)
|
||||
- Fix potential crash when ipv4.dhcp-send-release is enabled (RHEL-67918)
|
||||
- Support encrypted DNS servers (RHEL-66260)
|
||||
- Fix configuration of VLAN ingress/egress QoS mapping (RHEL-72475)
|
||||
|
||||
* Fri Dec 27 2024 Íñigo Huguet <ihuguet@redhat.com> - 1:1.51.5-1
|
||||
- Upgrade to 1.51.5 (dev)
|
||||
- Never retry ACD on NOARP interfaces (RHEL-47301)
|
||||
- Delete routes added by NM to tables different than main (RHEL-67324)
|
||||
- Honor route-table property for the route to VPN server (RHEL-69901)
|
||||
- Send GARP on bonding-slb failover (RHEL-59558)
|
||||
|
||||
* Fri Nov 15 2024 Íñigo Huguet <ihuguet@redhat.com> - 1:1.51.4-1
|
||||
- Upgrade to 1.51.4 (dev)
|
||||
- Add iputils as recommended dependency for ping command
|
||||
- Fix configs shown with NetworkManger --print-config (RHEL-14438)
|
||||
- Added ip-ping-addresses to check other hosts presence on activation (RHEL-21160)
|
||||
- Support ethtool Forward Error Correction (FEC) (RHEL-24055)
|
||||
|
||||
* Mon Nov 04 2024 Fernando Fernandez Mancera <ferferna@redhat.com> - 1:1.51.3-1
|
||||
- Upgrade to 1.51.3 (dev)
|
||||
- Support configuring dhcp-send-hostname globally (RHEL-32685)
|
||||
- cloud-setup: Support OCI (Oracle Cloud) provider (RHEL-62729)
|
||||
- Support automatically adding DNS routes (RHEL-56555)
|
||||
- Support IPv6-Only Preferred DHCPv4 option (RHEL-58660)
|
||||
- Only validate SR-IOV capacity when enabled (RHEL-58397)
|
||||
- Steer IGMP/MLD queries to the active bond balance-slb primary port (RHEL-59559)
|
||||
|
||||
* Fri Oct 11 2024 Íñigo Huguet <ihuguet@redhat.com> - 1:1.51.2-2
|
||||
- Add ipcalc as dependency of NetworkManager-dispatcher-routing-rules again (RHEL-62201)
|
||||
|
||||
* Mon Sep 30 2024 Fernando Fernandez Mancera <ferferna@redhat.com> - 1:1.51.2-1
|
||||
- Upgrade to 1.51.2 (dev)
|
||||
- Fix race condition on OVS interface deletion (RHEL-50747)
|
||||
- Fix validation of DPDK interface name (RHEL-60022)
|
||||
- Support IPVLAN interface (RHEL-47334)
|
||||
|
||||
* Mon Sep 16 2024 Fernando Fernandez Mancera <ferferna@redhat.com> - 1:1.51.1-1
|
||||
- Upgrade to 1.51.1 (dev)
|
||||
- Use meson and remove autotools configuration
|
||||
- Fix crashes (SIGABRT) in several functions (RHEL-17840)
|
||||
|
||||
* Tue Sep 10 2024 Fernando Fernandez Mancera <ferferna@redhat.com> - 1:1.51.0-1
|
||||
- Upgrade to 1.51.0
|
||||
- cloud-setup: Fix primary and secondary address swap in Azure (RHEL-50855)
|
||||
|
||||
* Fri Aug 30 2024 Lubomir Rintel <lkundrak@v3.sk> - 1:1.49.90-1
|
||||
- Upgrade to 1.50 pre-release (rc1)
|
||||
- Retry reverse hostname resolution when it fails (RHEL-17972)
|
||||
- Allow VPNs to supply IP configurations with routes but no addresses (RHEL-21875)
|
||||
- Warn of dhclient deprecation when it's explicitly chose (RHEL-24622)
|
||||
- Allow cloud-setup to restart more rapidly (RHEL-49694)
|
||||
|
||||
* Thu Aug 22 2024 Íñigo Huguet <ihuguet@redhat.com> - 1:1.48.10-1
|
||||
- Unblock the autoconnect for children when parent is available (RHEL-46904)
|
||||
|
Loading…
Reference in New Issue
Block a user