NMPolicy was resetting the "don't autoconnect because we don't have
secrets" state on a connection when the autoconnect-retries timer
timed out, but this doesn't make sense, since the timeout doesn't
change the fact that there are no secrets.
https://bugzilla.gnome.org/show_bug.cgi?id=670631
NMPolicy was clearing the autoconnect-blocked state on a connection
any time a device with that connection changed state. This happened to
basically do the right thing, but it would be clearer if we only reset
the state after successfully getting past the NEED_AUTH stage.
NMSettings (and NMConnectionProvider) had a signal to indicate when it
had loaded the connections, but in reality this always happened before
nm_settings_new() returned (as a side effect of calling
unmanaged_specs_changed()) and so no one else would ever actually see
the signal. So just kill it.
In information-only mode (where RA is providing addresses), DHCPv6
may not give an address. NetworkManager was adding a blank one
anyway, which is invalid. Don't do that.
As nmcli changes the syntax for the 'connection show' command,
this patch for bash completion also breaks several cases when
completing for an old nmcli command.
Signed-off-by: Thomas Haller <thaller@redhat.com>
When there are multiple connection profiles of the same name, we used to take
and process only the first one.
We change the behaviour to process all the connections now in these commands:
nmcli connection show <duplicated name>
nmcli connection down <duplicated name>
nmcli connection delete <duplicated name>
Handle connection profiles in a single 'show' command instead of 'show active'
and 'show configured'.
nmcli con show [--active] [[id|uuid|path|apath] <bla>]
nmcli con show : display all connection profiles
nmcli con show --active : only display active connection profiles
(filters out inactive profiles)
nmcli con show myeth : display details of "myeth" profile, and also active
connection info (if the profile is active)
nmcli -f profile con show myeth : only display "myeth"'s static configuration
nmcli -f active con show myeth : only display active details of "myeth"
nmcli -f connection.id,ipv4,general con show myeth
: display "connection.id"a property
"ipv4" setting and "GENERAL" group
of active data
https://bugzilla.redhat.com/show_bug.cgi?id=997999
This commit adds two new functions for introspection users to get nameservers:
guint32 nm_ip6_config_get_num_nameservers (NMIP6Config *config)
const struct in6_addr *nm_ip6_config_get_nameserver (NMIP6Config *config, guint32 idx)
The existing function can't be used due to GObject introspection limitations:
const GSList *nm_ip6_config_get_nameservers (NMIP6Config *config);
https://bugzilla.redhat.com/show_bug.cgi?id=1056146
The change to per-domain log levels means that when setting just the
level, we need to re-set the log level for each domain (since it's the
"logging" bit array that actually determines what gets logged).
nm_logging_setup() was dealing correctly with domains=NULL, but not
domains="" (which is what happens when it is invoked with only a level
via D-Bus), so doing "nmcli gen log level DEBUG" would change the
"default" log level, but leave all of the domains still at their
previous level:
danw@laptop:NetworkManager> nmcli g log
LEVEL DOMAINS
INFO PLATFORM,RFKILL,ETHER,WIFI,BT,MB,DHCP4,DHCP6,PPP,IP4,IP6...
danw@laptop:NetworkManager> nmcli g log level DEBUG
danw@laptop:NetworkManager> nmcli g log
LEVEL DOMAINS
DEBUG PLATFORM:INFO,RFKILL:INFO,ETHER:INFO,WIFI:INFO,BT:INFO...
The sysctl values in the kernel (for those values for which
nm_platform_sysctl_get_uint() is currently used) are defined as s32.
Change nm_platform_sysctl_get_uint() to nm_platform_sysctl_get_int32()
and ensure, that a matching integer type is used thoroughly.
Signed-off-by: Thomas Haller <thaller@redhat.com>
Similar to "core: respect connection user permissions for activation/deactivation",
if a master connection is being activated because a slave connection requested
it, ensure that the user requesting the master connection is allowed to
activate it.
This appears to be a bug since the original 0.9.0 release when
connection permissions were implemented.
If all the following are true:
- the user is local (as determined by systemd or ConsoleKit)
- the user has been given the NETWORK_CONTROL PolicyKit permission
- the user is not listed in the connection's permissions
- the user knows the D-Bus object path of a connection which they
have no permissions for
then that user may activate/deactivate connections that are not
visible to that user as determined by the connection permissions.
Fix that by ensuring that these operations check whether the user
has permission.
These operations are *not* affected, and have always checked user
permissions before allowing the operation:
- modifying any connection details
- requesting any secrets or passwords for the connection
- deleting the connection
Use g_weak_ref_get() that either returns an object with reference increment or
returns NULL.
That fixes the problem. However, in the long run we should rework the editor
loop trying to merge that with GMainLoop, which could help for various issues.
https://bugzilla.redhat.com/show_bug.cgi?id=1011942
When receiving an IPv4/IPv6 address from the kernel, platform set the
timestamp to an invalid value before. The address timestamp must be set
to *now*, because the lifetime and preferred arguments are counting from
now.
Signed-off-by: Thomas Haller <thaller@redhat.com>
update_system_hostname() was bailing out if (there is no IP4 config or
the IP4 config has no addresses) AND (there is no IP6 config or the
IP6 config has no addresses), but it would then hit an assertion and
crash if there was a valid IP6 config along with an IP4 config with no
addresses. Fix that and get rid of some redundancy.
Sort of pointed out by Coverity.
When activating a never-before-used Wi-Fi network, we need to call
nm_client_add_and_activate_connection(), not
nm_client_activate_connection(). (We still pass a NULL connection,
since NM will attempt to auto-fill it for us, and will succeed as long
as it's not an 802.1x connection.)
We were using g_utf8_strlen() to measure strings for layout, but that
counts combining marks too, and also fails to deal with "fullwidth"
(ie, double-width) CJK characters.
Add a new utility function to do a better job of this (based on code
from vte), and use it everywhere.
"Cancel" didn't really make sense here, but changing it to "Quit" is
also weird because if you were going to use the "OK" button you'd have
to tab past "Quit" first... So make it be an option in the menu
instead.
