Instead of doing something like
<get caller UID>
if (root) {
perform_operation()
other boilerplate stuff
return;
}
nm_auth_chain_new(perform_operation)
...
just have root also go through the auth chain, which is now
short circuited for root. This ensures we always use the same
code paths for root and non-root, and that fixes made in one path
are also executed for the other.
dbus-glib has had dbus_g_connection_lookup_g_object() since 0.72
(circa 2006) so instead of parsing the object paths ourselves, let
dbus-glib tell us what object it is, and rely on GObject property
permissions to block writes at the object level, and dbus-glib to
block writes at the D-Bus level based on the introspection XML.
Plus, we can use the various ways to get the caller UID that were
added in previous patches to simplify authentication.
For cases where NM may run without a bus daemon in root-only
environments, like an initramfs. For disconnection, since private
connection just get a disconnect message instead of NameOwnerChanged
signals broadcast by a bus daemon, just synthesize the NameOwnerChanged
signals using our fake owner name. It's just easier to do this rather
than modify any code that cares about disconnects.
Note that the new private socket is only enabled if built with
dbus-glib >= 0.100 as there are bugs in previous versions in the
implementation of dbus_g_proxy_new_for_peer() which clients must
use to talk to the private socket.
When providing a service on the bus daemon and a private connection,
we'll need to track objects so we can register them with the
private connection too. Thus all registration/unregistration
calls have to go through the NMDBusManager, not straight to
dbus-glib.
The error is now pushed to things that request PK auth so that we don't
lose it, because we don't want to unconditionally log it from NM, but
still want things to know that their request couldn't be fulfilled
because PK wasn't running.
Don't create a GError with a domain of 0, which causes a glib warning,
and make it clearer when we're early-finishing with an error and when
we're not.
test-keyfile.c: In function 'test_read_string_ssid':
test-keyfile.c:1154:51: error: argument to 'sizeof' in 'memcmp' call is the
same expression as the second source; did you mean to provide an explicit
length? [-Werror=sizeof-pointer-memaccess]
ASSERT (memcmp (array->data, expected_ssid, sizeof (expected_ssid)) == 0,
Make the main/dns config key be a single value rather than a list of
plugins. Since there is currently only one valid value for it
("dnsmasq"), this is backward-compatible.
In the future, it will be possible to specify custom DNS-configuring
scripts here, which is a more flexible way of handling complicated
behavior than trying to create chainable internal plugins.
Remove the unused NMDnsPlugin::init method, some unused #includes, and
an out-of-date comment.
Use the correct macro for the default "/etc/resolv.conf" path.
Simplify NMDnsManager::dispose() a bit.
Make nm_dns_dnsmasq_new() return an NMDnsPlugin* rather than
NMDnsDnsmasq*.
Add an ignore-carrier option to NetworkManager.conf, for specifying
devices where carrier state should be ignored for purposes of
activating/deactivating connections.
Add a new configuration directory ($nmconfdir/conf.d by default,
overridable via the --config-dir command-line option) that can contain
".conf" files that will be parsed in asciibetical order to override
the main NetworkManager.conf file.
In addition to simple overrides, the conf files also support appending
to the value of a previously-set list-valued key, by doing, eg,
"plugins+=foo"
https://bugzilla.gnome.org/show_bug.cgi?id=688857
Add some new API to NMConfig so that NMSettings and its plugins can
use NMConfig to look up values rather than reparsing the config file
themselves.
Also, move the no-auto-default cache from NetworkManager.conf to
$NMSTATEDIR/no-auto-default.state, so NM isn't rewriting its own
config file at runtime.
NMSettings would try to create an NMDefaultWiredConnection for any
NMDeviceWired subclass, and there was some code to deal with
InfiniBand in the code. But nm_default_wired_connection_new() required
the hwaddr length to be ETH_ALEN, so InfiniBand would never have
worked (and probably shouldn't have, since people generally don't want
the auto-default behavior on servers anyway). And we certainly never
intended for this code to apply to bridges and bonds. So fix it to
only apply to ethernet devices, and remove the vestigial
InfiniBand-related code.
Most of the various nm_foo_manager_get/new() calls never return NULL,
so just g_assert() that fact rather than logging a separate error
message for each one.
Rather than passing specific bits of data to NMDHCPManager and
NMDnsManager, just let them call nm_config_get() and then get the data
themselves.
Also, remove the GError argument from nm_dhcp_manager_new(), since the
function never returned NULL. This in turn means there is no longer
any need for a distinction between nm_dhcp_manager_new() and
nm_dhcp_manager_get(), so remove the former.
Add NMConfigDevice, which is mostly just a wrapper around
nm_device_get_hw_address() and nm_device_spec_match_list(), and
implement it in NMDevice. This will be used for config options that
match devices. (We can't use NMDevice directly for dependency
reasons.)
There is no reason to configure the connectivity-check options from
the command line rather than from the config file. Keep the options,
for backward-compatibility, but remove them from the man page and hide
them from --help.
The list of log domains in the --log-domains documentation had gotten
out of date. Fix this by adding nm_logging_all_domain_to_string()
(and, for completeness, nm_logging_all_levels_to_string()), and use
those to fill in the help string.
Rather than having main.c parse them and then hand them all to
nm_config_new(), just let nm-config provide its own GOptionEntry
array to merge in with main's.
It's a singleton that always exists. Callers shouldn't have to
refcount it.
Also, move its cleanup code from dispose() to finalize(), and remove
some unnecessary checks in it.
to match other property removal functions, like nm_setting_bond_remove_option()
or nm_setting_wired_remove_s390_option().
Note:
This is an API change, make sure to bump soname when releasing libnm-util.
gcc 4.8.0 has a new warning that triggers on
static void
compute_hash (NMDnsManager *self, guint8 buffer[HASH_LEN])
{
...
memset (buffer, 0, sizeof (buffer));
...
}
because "sizeof (buffer)" is *not* HASH_LEN, it's sizeof(guint8*). The
memset() was not necessary anyway since the g_checksum_get_digest()
after it will always end up filling in buffer, so just remove it.
https://bugzilla.gnome.org/show_bug.cgi?id=697041
It now works with sufficiently recent python 2.x or python 3.x, whatever
is the distribution default. This patch fixes 'make check' for
distributions where 'python' means python 3.x, like Gentoo.
The setting names used when inserting a setting into the hash
table are const since they are derived from GObject internals,
so there's no need to strdup them.
