- it controls echoing passwords input on terminal
- it replaces --show-secrets in 'nmcli connection show', which is deprecated now
- it replaces --show-password in 'nmcli device wifi hotspot', which is deprecated now
If the supplicant supports it and the connection requests it, tell
the supplicant to randomize the MAC address for the association.
In addition, like both iOS, Android, and other OSs always randomize
the MAC address when performing a WiFi scan.
Synopsis:
nmcli connection clone [--temporary] [id|uuid|path] <ID> <new name>
It copies the <ID> connection as <new name>. The command is very useful
if there is a connection, but another one is needed for a related
configuration. One can copy the existing profile and modify it for the
new situation.
For example:
$ nmcli con clone main-eth second-eth
$ nmcli con modify second-eth connection.interface-name em4
https://bugzilla.gnome.org/show_bug.cgi?id=757627
The list of LLDP neighbors is available through the D-Bus interface
and libnm already provides functions to retrieve it; make the list
available through nmcli as well. Sample output:
$ nmcli device lldp
NEIGHBOR[0].DEVICE: eth0
NEIGHBOR[0].CHASSIS-ID: 00:13:21:58:CA:42
NEIGHBOR[0].PORT-ID: 1
NEIGHBOR[0].PORT-DESCRIPTION: 1
NEIGHBOR[0].SYSTEM-NAME: ProCurve Switch 2600-8-PWR
NEIGHBOR[0].SYSTEM-DESCRIPTION: ProCurve J8762A Switch 2600-8-PWR, revision H.08.89
NEIGHBOR[0].SYSTEM-CAPABILITIES: 20 (mac-bridge,router)
NEIGHBOR[1].DEVICE: eth2
NEIGHBOR[1].CHASSIS-ID: 00:01:30:F8:AD:A2
NEIGHBOR[1].PORT-ID: 1/1
NEIGHBOR[1].PORT-DESCRIPTION: Summit300-48-Port 1001
NEIGHBOR[1].SYSTEM-NAME: Summit300-48
NEIGHBOR[1].SYSTEM-DESCRIPTION: Summit300-48 - Version 7.4e.1 (Build 5)
NEIGHBOR[1].SYSTEM-CAPABILITIES: 20 (mac-bridge,router)
https://bugzilla.gnome.org/show_bug.cgi?id=757307
It is useful to show nmcli-generated hotspot password (if a user does not
provide his own password). Without the option the user would have to look into
the generated profile in order to find out the password.
Add the 'lldp' property to NMSettingConnection, which specifies
whether the reception and parsing of LLDP frames to discover neighbor
devices should be enabled.
No longer support disabling the global-dns configuration via the
"enable" option.
Instead, the user can put the entire dns-configuration in one separate
snippet, and disable it altogether with ".config.enable".
Support a new configuration option
[.config]
enable=<ENABLED>
for configuration snippets.
This new [.config] section is only relevant within the snippet itself
and it is not merged into the combined configuration.
Currently only the "enable" key is supported. If the "enable" key is
missing, it obviously defaults to being enabled. It allows snippets
to be skipped from loading. The main configuration "NetworkManager.conf"
cannot be skipped.
<ENABLED> can be a boolean value (false), to skip a configuration
snippet from loading.
It can also be a string to match against the NetworkManager version,
like "enable=nm-version-min:1.1,nm-version-min:1.0.6"
There are several motivations for this:
- the user can disable an entire configuration snippet by toggeling
one entry.
This generalizes the functionality of the global-dns.enable
setting, but in a way that applies to configuration on a per-file
basis.
- for developing, we often switch between different versions of
NetworkManager. Thus, we might want to use different configuration.
E.g. before global-dns options, I want to use "dns=none" and manage
resolv.conf myself. Now, I can use global-dns setting to do that.
That can be achieved with something like the following (not exactly,
it's an example only):
[.config]
enable=nm-version-min:1.1
[main]
dns=default
[global-dns-domain-*]
nameserver=127.0.0.1
Arguably, this would be more awesome, if we would bump our micro devel
version (1.1.0) more often while developing 1.2.0 (*hint*).
- in principle, packages could drop configuration snippets and enable
them based on the NetworkManager version.
- with the "env:" spec, you can enable/disable snippets by configuring
an environment variable. Again, useful for testing and developing.
When a script is a symbolic link to the 'no-wait.d' subdirectory, the
dispatcher now schedules it immediately and in parallel with other
no-wait scripts.
https://bugzilla.gnome.org/show_bug.cgi?id=746703
'ssid' can repeat when more SSIDs should be scanned, e.g.
$ nmcli dev wifi rescan ssid "hidden cafe" ssid AP12 ssid "my home Wi-Fi"
Bash completion fixed by thaller@redhat.com
Previously, when compiling NetworkManager with libaudit support, it
was disabled by default and only used after setting logging.audit=true.
Turn that around. If we compile NetworkManager with audit support, we also
enable it by default. The user can then explicitly disable it by
configuring logging.audit in NetworkManager.conf.
But also, add a configure option 'yes-disabled-by-default' to compile
with audit support, but have it disabled by default. This would be the
previous behavior, but it must be enabled explicitly.
Fixes: be49a59fb6
The only way to disable logging for a domain entirely is to
omit the domain from the "domains" list. For example:
"level=INFO, domains=PLATFORM,..."
Now add an explicit level "OFF" to facilitate configuration like:
"level=INFO, domains=ALL,WIFI_SCAN:OFF"
It also supports
"level=OFF, domains=PLATFORM:INFO"
but this is for the most part equivalent to
"level=INFO, domains=PLATFORM"
Introduce some primitives to deliver messages about relevant
configuration changes to the Linux audit subsystem through libaudit
(if enabled at build time) and to the logging system.
