systemd considers the startup time of NetworkManager until the D-Bus
service is claimed. By doing that earlier, this time is significantly
reduced.
This has the advantage, that services that are ordered to start
after NetworkManager can start earlier. Most notably, 'network.target'
orders itself After=NetworkManager.service and many services are ordered
After=network.target.
$ systemd-analyze blame | grep NetworkManager.service
Create the rundir earlier and before setting up nm-logging.
nm_main_utils_ensure_rundir() errors out with fprintf(stderr)
and does not need nm-logging.
And rename the function to nm_main_utils_ensure_not_running_pidfile()
to match the other _ensure_ functions that exit(1).
Also no longer pass @name to nm_main_utils_ensure_not_running_pidfile()
and use g_get_prgname() instead.
nm_main_utils_ensure_not_running_pidfile() checks that the running
process has the same program name, so this changes behavior if the
user renamed the binary. Before, we would check whether the running
process is named 'NetworkManager' ('nm-iface-helper'). Now we check
whether the process has the same name as the current process.
This means, that if you rename the binary to 'NetworkManager2' we
would now only detect a conflicting 'NetworkManager2'. Before we would
only detect conflicting 'NetworkManager' binaries.
Move call to nm_main_utils_early_setup() to a separate function.
Also move the @options array away from the main function, saving
a few bytes on the stack.
Now only do_early_setup() modifies the @global_opt structure.
Move the variables to a static struct so that we can factor
out some of the initialization code.
Also it's nice to have all options placed together in one struct so
that is is obvious which static variables are part of the command line
options, and which have other use.
Configuration commit is an unsafe thing to do for assumed connections,
it can remove an externally added address we don't know about yet.
The device already has a link-local address; for an assumed connection
it's the reason we assumed the method=link-local in the first place.
Paths to sysctls don't use ifindex and device names can be reused. If someone
removes a device and quickly creates a device with the same name, chances are
we're cleaning up the device that was just added.
Sadly, it seems there's no better API than sysctl-- neither netlink nor procfs
symlinks with ifindex or anything like that.
NetworkManager only responds to the last D-Bus call when called delete/down
for the same connection in quick succession. (It should be fixed later).
So do not issue the call multiple times to prevent that. Otherwise nmcli would
stall waiting for the response.
https://bugzilla.redhat.com/show_bug.cgi?id=1168657
There won't be any further requests, so there's no point in keeping
the connection alive. Even if the HTTP server doesn't care, proxy
servers in-between might keep the connection open for a couple seconds
for keepalive, and we might as well be nice to them and tell them we
don't need to keep it alive.
When a new connection is activated and presently active connection goes away,
the active-connection-removed signal is not emitted for the old connection.
This is what happens:
1.) Initially, nm-manager::active-connections = [ActiveConnection/old]
2.) First PropertyChange is signalled for the new connection addition:
nm-manager::active-connections = [ActiveConnection/old,ActiveConnection/new]
This triggers load of ActiveConnection/new object.
3.) Another PropertyChange is signalled for the old connection removal:
nm-manager::active-connections = [ActiveConnection/new]
This removes the ActiveConnection/old object from
nm-manager::active-connections and enqueues active-connection-removed
signal. The signal is not emmitted as there's a reload from 2.) in progress.
4.) ActiveConnection/new reload finished
object_property_complete() compares
[ActiveConnection/old,ActiveConnection/new] from its odata to current
nm-manager::active-connections and incorrectly concludes that
ActiveConnection/old was just added and removes the enqueued
active-connection-removed signal.
This patch fixes the issue by remembering the original
nm-manager::active-connections property value at 2.).
[thaller@redhat.com: fixed an integer overflow and odata->array unreffing]
https://bugzilla.redhat.com/show_bug.cgi?id=1079353
It would subtract the configuration from device confguration that's not yet
applied. This a the race where the loose the address while activating a
connection that has both IPv6 and IPv4 configuration.
Fixes: 557667df12https://bugzilla.gnome.org/show_bug.cgi?id=746066
These functions will sometimes get called on updates to the device's IP
config due to external changes, or when addresses get flushed from the
device when activating it. If the device is a slave device, then at
this point its NMConnection won't have an IP settings. Suppress the
warning that gets printed when s_ip == NULL, because it's expected.
It appears that the .isra and .part pieces can change depending on
how glib was built, so ignore those parts. Add some new suppressions
for newer glib too.
Move basic keyfile functionality from settings plugin to libnm-core.
This is a first step to have a semi-standard way to stringify
connections back and forth, which is also available to libnm users.
Still the new functions are internal API (nm-keyfile-internal.h).
Let's decide later how the public API should really look like.
https://bugzilla.gnome.org/show_bug.cgi?id=744699
keyfile should become our main import/export format. It is desirable,
that a keyfile can contain every aspect of a connection.
For blob certificates, the writer in core daemon would always write
them to a file and convert the scheme to path.
This behavior is not great for a (hyptetical) `nmcli connection export`
command because it would have to export them somehow outside of keyfile,
e.g. by writing them to temporary files.
Instead, if the write handler does not handle a certificate, use a
default implementation in nm_keyfile_write() which adds the blob inside
the keyfile.
Interestingly, keyfile reader already supported reading certificate
blobs. But this legacy format accepts the blob as arbitrary
binary without marking the format and without scheme prefix.
Instead of writing the binary data directly, write it with a new
uri scheme "data:;base64," and encode it in base64.
Also go through some lengths to make sure that whatever path
keyfile plugin writes, can be read back again. That is, because
keyfile writer preferably writes relative paths without prefix.
Add nm_keyfile_detect_unqualified_path_scheme() to encapsulate
the detection of pathnames without file:// prefix and use it to
check whether the path name must be fully qualified.
These headers are not entirely private to libnm-core as they are also
used by keyfile plugin. Merge them to a new header file
nm-keyfile-internal.h so that the name makes the internal nature of the
header more apparent.
