If the connection has never been saved to disk, it won't have a path yet,
but that doesn't mean we should crash. Next, when reloading connections,
only try to do connection matching on connections that have paths, otherwise
all in-memory-only connections would be removed at the end of
read_connections().
teamd_cleanup() might get called multiple times, and since the rest
of the function is safe against multi-calls, make priv->tdc safe
against being called again too.
rh #1025371 reports a crash in handle_ip_config_timeout() because
nm_device_wifi_get_activation_ap() did not return any access point.
The handling of the AP in nm-device-wifi.c should be reworked and soon
will be fixed. For now, play it safe, and try to cope with any cases
where nm_device_wifi_get_activation_ap() might return NULL.
Later, this patch should be reverted and handling of the AP properly
cleaned up.
https://bugzilla.redhat.com/show_bug.cgi?id=1025371
Signed-off-by: Thomas Haller <thaller@redhat.com>
With the methods 'auto' and 'link-local' we check now, that the device
has a usable IPv6 LL address configured (after DAD, no longer tentative).
We wait for up to 5 seconds, for a suitable LL address to appear.
Currently, if the address does not get ready, we don't create one and
IPv6 configuration fails.
This is relevant for the methods 'link-local' and 'auto'. In the latter
case, because we cannot send router solitations without link local
address.
https://bugzilla.gnome.org/show_bug.cgi?id=707155
Signed-off-by: Thomas Haller <thaller@redhat.com>
The NMPlatformIP[46]Address and NMPlatformIP[46]Route structs have a
field 'dev'. Before this field was always printed in the *_to_string
functions and a missing device was signaled as ' dev -'.
This had the advantage, that the output contained the same fields
regardless whether there was a device set or not.
Change it, not to print the device if it is not set. This has the
advantage, that it looks better in the logfiles.
Signed-off-by: Thomas Haller <thaller@redhat.com>
In act_stage3_ip6_config_start, for IPv6 mode link-local, we check
if there is already an IPv6 address configured. If yes, we are
already done.
For now, as current workaround, if the LL does not exist, we
NM_ACT_STAGE_RETURN_STOP.
Later, we will POSTPONE and wait a timeout until we see a LL address
that is no longer TENTATIVE. The same should be done for method auto,
so that the device is usable to send router solitations (bgo#707155).
https://bugzilla.gnome.org/show_bug.cgi?id=707155https://bugzilla.gnome.org/show_bug.cgi?id=706618
Signed-off-by: Thomas Haller <thaller@redhat.com>
In the case of autoconnect VLANs or IB partitions, if the parent interface
hasn't been detected yet at startup, then the get_virtual_interface_name()
won't be able to find the parent yet. That's normal, and when the parent
is found, system_create_virtual_device() will be run again and the parent
will be found, and the autoconnect VLAN/IB partition will be created.
But we shouldn't warn that the parent can't be found when that might be
a normal occurance.
Also improve nm_ip4_config_dump to print all properties and make
use of nm_platform_*_to_string.
Also, ensure that never_default is set to gboolean 1 or 0.
Signed-off-by: Thomas Haller <thaller@redhat.com>
Do some minimal verification of hostnames that come in via D-Bus, for
length and content. Otherwise we'd get as far as asking glibc to set
the system hostname, which would reject us.
Master devices depend on their slaves/ports for carrier status, so the
carrier can't factor into whether a connection is available on that
device or not. If it did, then no connections could be activated
because the device doesn't have a carrier until slaves are attached.
Only NMSettingsConnections can be activated on device, and
get_connection() wasn't doing that. So the generated connection
must be added to NMSettings. That also triggers the
ConnectionProvider's 'connection-added' signal with the happy
result of adding the new connection to the device's
AvailableConnections list.
Acked-by: Dan Williams <dcbw@redhat.com>
Previously, ignore-carrier devices were always in the unavailable state
until they were activated. This required some complicated code to keep
track of whether the device was available or not based on what connections
existed, whether those connections were static-IP, and whether the device
was ignore-carrier. Various bits of the code used nm_device_can_activate()
for two different purposes: (1) to determine if the device was available
on an L2 basis, which nm_device_can_activate() wasn't well-suited to, and
(2) whether a specific connection could be activated at a given time
based on ignore-carrier and whether the connection was static IP or not.
Remove that complexity and confusion by making ignore-carrier devices
always move to DISCONNECTED state, and simply refuse to activate
connections that require connectivity, but allow connections that don't
require connectivity. Also, when the device has no carrier, don't
add connections that require connectivity to the AvailableConnections
device property.
Use the new kernel physical_port_id interface property to recognize
when two devices are just virtual devices sharing the same physical
port, and refuse to bond/team multiple slaves on the same port.
If nm_device_enslave_slave() failed, the slave would log that it was
waiting for the master to activate (even if the master was already
active). Fix it to log an error and fail its activation instead.
rh #1025007 reports a crash on g_assert_no_error() in
connection_new_or_changed() of src/settings/plugins/ifcfg-rh/plugin.c.
From the back trace I am not 100% sure, what the problem was, but I
think that nm_settings_connection_replace_settings failed because of
nm_connection_update_secrets. Apparently such a situation can
happen and it should simply be accepted as valid.
What might have happened, is that the connection used to have
secrets (maybe it had 802.1x configured?) and then it got changed,
so update_secrets() fails because the connection no longer has a
setting to which the secrets would apply.
https://bugzilla.redhat.com/show_bug.cgi?id=1025007
Signed-off-by: Thomas Haller <thaller@redhat.com>
In Fedora, OVS ports are now identified in ifcfg files as
"TYPE=OVSPort", which NM doesn't recognize, and so it would ignore
those ifcfg files. Unfortunately, this meant that if auto-default
wasn't disabled, and there was no other configuration defined for the
device, then NM would create an NMDefaultWiredConnection for it and
screw things up.
So, add an "unrecognized-specs" settings plugin property, which allows
a plugin to indicate to NetworkManager that it knows of some
non-NetworkManager-supported connection defined for a device. This
will suppress default-wired connection creation for that device,
similar to the "no-auto-default" config file option, but determined by
the plugin instead of by manual configuration. Devices listed in
unrecognized-specs may still be managed by NetworkManager, unless they
are also listed in unmanaged-specs.
https://bugzilla.redhat.com/show_bug.cgi?id=1022256
Rather than having each connection-parsing function do its own
unmanaged-spec handling, just do it all directly from
connection_from_file(), and don't bother trying to fully parse the
file if it is unmanaged, since it won't ever be seen outside of the
plugin in that case anyway.
This also makes it possible to have an ifcfg file of an unrecognized
type be unmanaged.
We were accidentally removing the connection from priv->connections
(and thus from unmanaged-specs) when NM_CONTROLLED changed to no when
rereading a changed connection file.
If an ifcfg file changed from one non-NULL unmanaged-spec to another
(eg, if it previously had an interface-name: unmanaged-spec, and then
you add a HWADDR line, switching it to a mac: unmanaged-spec), we were
not updating the connection's unmanaged property, or emitting
unmanaged-specs-changed.
Also, remove the notify::unmanaged handler, since only plugin.c ever
changes an existing NMIfcfgConnection's unmanaged property, and it
always emits the signal itself afterward (and it needs to manually
emit the signal in other cases anyway, like when a connection is
removed).
When settings are NULL or empty in impl_manager_add_and_activate_connection(),
the connection is created and completed by nm_utils_complete_generic() or
nm_device_complete_connection().
Also, do not assert in nm_connection_is_type(). Returning FALSE there is
sufficient.
Related commit a878cd8145
When called with a connection path, activates that connection.
When called without a connection path, picks the best available
connection to activate for that device.
Doesn't work with VPN connections because they don't have devices.
Besides killing PendingActivation, this patch decouples ActiveConnection
creation from actually activating that connection. This allows the
ActiveConnection to complete authorization asynchronously. This will
also be used in the future for handling the DEACTIVATING state of devices
(for "pre-down" functionality).
ActiveConnections will (soon) not have a D-Bus path on creation, but
only when they are exported after authorization is complete. That
means we can't rely on their dbus path in the secondaries code.
Instead, track them directly since the path may be NULL.
The device may not be created yet (in the case of software devices)
when the ActiveConnection is created; in that case we still want to
proceed with authorization for the connection, but we'll create the
device when authorization is complete.
Both NMActRequest and NMVPNConnection need to track their device's state,
so instead of both subclasses having to do so, consolidate that code into
the superclass.
When ActiveConnections take over authentication, it may mean that the
master active connection is still handling authentication when the
slave starts to activate. Thus the master device may still be in
DISCONNECTED state and not ready to enslave the slave.
Add a 'master-ready' property to NMActiveConnection that NMDevice can
watch for to indicate that the master connection/device is ready to accept
slaves. Since the slave device's ActiveConnection is already tracking
its master connection, and since ActiveConnections don't enter the
ACTIVATING state until their device is ready for slaves, it's pretty
trivial to implement this property.
