When called with a connection path, activates that connection.
When called without a connection path, picks the best available
connection to activate for that device.
Doesn't work with VPN connections because they don't have devices.
This branch decouples NMActiveConnection creation from device activation
so that the NMActiveConnection object tracks the entire activation request
(either internally-requested by the Policy or externally via D-Bus) from
start to finish, instead of the previous situation where the PendingActivation
handled D-Bus requests separately. This also will allow implementation of
the DEACTIVATING state in the future. The NMActiveConnection object tracking
the activation is not actually exported to D-Bus until the device or VPN
activation is completely authorized and actually begins.
It also encapsulates all the details needed to authorize a request into
a new NMAuthSubject class, replacing various "dbus_sender" and "user_requested"
arguments throughout the code.
Besides killing PendingActivation, this patch decouples ActiveConnection
creation from actually activating that connection. This allows the
ActiveConnection to complete authorization asynchronously. This will
also be used in the future for handling the DEACTIVATING state of devices
(for "pre-down" functionality).
ActiveConnections will (soon) not have a D-Bus path on creation, but
only when they are exported after authorization is complete. That
means we can't rely on their dbus path in the secondaries code.
Instead, track them directly since the path may be NULL.
The device may not be created yet (in the case of software devices)
when the ActiveConnection is created; in that case we still want to
proceed with authorization for the connection, but we'll create the
device when authorization is complete.
Both NMActRequest and NMVPNConnection need to track their device's state,
so instead of both subclasses having to do so, consolidate that code into
the superclass.
When ActiveConnections take over authentication, it may mean that the
master active connection is still handling authentication when the
slave starts to activate. Thus the master device may still be in
DISCONNECTED state and not ready to enslave the slave.
Add a 'master-ready' property to NMActiveConnection that NMDevice can
watch for to indicate that the master connection/device is ready to accept
slaves. Since the slave device's ActiveConnection is already tracking
its master connection, and since ActiveConnections don't enter the
ACTIVATING state until their device is ready for slaves, it's pretty
trivial to implement this property.
We need to track the master active connection, since it may require authentication
or other operations to complete before the device actually starts activating.
We want to create the object earlier now, and figuring out the master is
a lot of code that we don't want to run before creating the object. The
master still must be set before exporting the object over D-Bus though,
as before.
Eventually the manager will create both NMActRequest and
NMVPNConnection subclasses directly, instead of leaving
NMVPNConnection creation to the VPN manager.
This also ensures that VPN connections get their user_requested
attribute set correctly, which wasn't happening before in the
case of secondary VPN connections.
When we eventually do authorization in the ActiveConnection itself,
we want to make sure the AC doesn't get exported until everything
is authorized. Thus let the manager handle exporting the objects
since it knows when the AC will be authorized or not.
NM uses "/" to mean a NULL object path, since you can't pass
NULL object paths through D-Bus. The AC code didn't handle that
and we'll soon be passing object paths from D-Bus into it.
Do less authentication in the PA and make the DBusGMethodInvocation
opaque to the PA. This pushes the responsibility for replying to
the D-Bus method call closer to the D-Bus method handler instead
of stuffing it all into the PA. This does mean we need to get
the D-Bus sender name and the sender UID and pass that into the
pending_activation_new(), but we'll clean that up in a bit.
Move the connection completion code out of the PendingActivation
object and into the D-Bus method handler for AddAndActivate. This is
part of simplifying PendingActivation so we can fold its functionality
into NMActiveConnection and use the AC objects to track all activation
requests from start to finish.
This also requires a bit of reorganization since the PA used to handle
some of the request validation but that now needs to be handled by
each DBus method itself.
Previously the PA tracked the connection path, but that's really
quite unecessary, we might as well just track the actual connection
object itself. This allows us to only validate the path once, instead
of three times like the code did before. This does require a boolean
"add_and_activate" variable though, because the PA handles the DBus
method return and it needs to know whether the request came from
ActivateConnection or AddAndActivateConnection, which was previously
handled by checking pending->connection, which only AddAndActivate set.
Add DCB setting and associated logic to propagate those settings to
dcbtool. At the moment we don't use dcbnl to talk directly to the
kernel, because some devices do parts of DCB/LLDP in userland and
thus need lldpad running, which dcbtool talks to.
This command allows activating the edited connection.
Monitoring the progress of the activation is a bit complicated by the fact
that the callback activate_connection_editor_cb() is invoked in main loop
thread, and not in the editor thread itself.
https://bugzilla.redhat.com/show_bug.cgi?id=1004883
