nm_connection_replace_settings() replaces the connection's settings
but doesn't allow interception of the new settings. Plugins would then
send out the update signal, but secrets are scrubbed out of them to
ensure secrets aren't leaked out into D-Bus signals.
With NM 0.8 the system settings service was integrated into NM and
thus nm_connection_clear_secrets() acts directly on the system
settings plugins' NMConnection objects. So when NM cleared secrets
(for example after determining that they might be bad in a device's
stage2 handler), we completely lost the secrets forever.
Adding this function allows the system settings service to hook into
the connection updates when the plugin connection's backing storage
(like config files or whatever) changes and cache the secrets for
use in NMSettingsConnectionInterface get_secrets() requestes.
The old NMExportedConnection was used for both client and server-side classes,
which was a mistake and made the code very complicated to follow. Additionally,
all PolicyKit operations were synchronous, and PK operations can block for a
long time (ie for user input) before returning, so they need to be async. But
NMExportedConnection and NMSysconfigConnection didn't allow for async PK ops
at all.
Use this opportunity to clean up the mess and create GInterfaces that both
server and client objects implement, so that the connection editor and applet
can operate on generic objects like they did before (using the interfaces) but
can perform specific operations (like async PK verification of callers) depending
on whether they are local or remote or whatever.
The only thing that doesn't work yet is the system-settings service's
"auto eth" connections for ethernet devices that don't have an existing
connection. Might also have issues with unmanaged devices that can't
provide a MAC address until they are brought up, but we'll see.
Fix a few problems... No plugin should return secrets in the GetSettings method,
which some plugins did. When that was committed in the commit "system-settings:
don't return secrets in the settings", it broke those plugins that didn't implement
GetSecrets. Each plugin can actually use the same code for GetSettings and
GetSecrets, so implement those generically in the NMExportedConnection class and
remove plugin-specific implementations that all did the same thing.
0.7 requires dbus 1.1 or greater (for system bus activation), so make that
explicit, and remove compat code for D-Bus 0.6 and earlier. Consolidate
the various glib pkgconfig checks into one, since most anything will require
gthread, glib, and gobject anyway. Fixup the docs makefile to be more
automake-compatible and let 'make clean' actually work correctly when
docs are built.
Clean up handling of "special" keys in keyfiles, ie ones that
need more processing than the basic GKeyFile API supports. Add
MAC address reading (writing support to come).
Additionally, add some test bits for the keyfile plugin that get
run on 'make check'.
Patch from Tambet Ingo <tambet@gmail.com>
* libnm-util/nm-setting.c
libnm-util/nm-setting.h
- (NMSettingValueIterFn): instead of just a gboolean for secrets, take
all the GParamSpec flags of the property
* system-settings/plugins/keyfile/nm-keyfile-connection.c
system-settings/plugins/keyfile/reader.c
system-settings/plugins/keyfile/writer.c
- Update for NMSettingValueIterFn change
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@4322 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
* libnm-util/libnm-util.ver
libnm-util/nm-setting-connection.c
libnm-util/nm-setting-connection.h
- Add a 'read-only' property that indicates the connection cannot be
modified
* system-settings/plugins/ifcfg-fedora/reader.c
system-settings/plugins/ifcfg-suse/parser.c
system-settings/plugins/ifupdown/parser.c
- These plugins are read-only at the moment
* system-settings/plugins/keyfile/reader.c
system-settings/plugins/keyfile/writer.c
- Read-only shouldn't get saved out to files or read in from them
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@4227 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
* libnm-glib/nm-settings.c
libnm-glib/nm-settings.h
- Rename the "get_secrets" virtual function "service_get_secrets" to
clarify when it's used; NMExportedConnetion is a base-class for both
the client and service side, which is sort of confusing, and
get_secrets only makes sense on the service side.
* libnm-glib/nm-dbus-connection.c
- (get_secrets): remove, unused, and clients need to do extra work to
get secrets anyway since the call can block on the remote side
* system-settings/plugins/ifupdown/nm-ifupdown-connection.c
system-settings/plugins/keyfile/nm-keyfile-connection.c
- Fix up for get_secrets -> service_get_secrets
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@4192 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
* system-settings/plugins/keyfile/nm-keyfile-connection.c (update): Update the
connection with new settings before saving it.
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@4154 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
Implement support for honoring configured and automatic hostnames, and for
setting the configured hostname.
* introspection/nm-ip4-config.xml
src/nm-ip4-config.c
src/nm-ip4-config.h
src/dhcp-manager/nm-dhcp-manager.c
- Remove useless hostname property; it's not really part of the IPv4
config
* introspection/nm-settings-system.xml
libnm-glib/nm-dbus-settings-system.c
libnm-glib/nm-dbus-settings-system.h
- Add SetHostname() call to system settings D-Bus interface
- Add Hostname property to system settings D-Bus interface
- (nm_dbus_settings_system_save_hostname,
nm_dbus_settings_system_get_hostname): implement
* src/nm-device.c
src/nm-device.h
- (nm_device_get_dhcp4_config): implement
* src/nm-manager.c
src/nm-manager.h
- Fetch and track system settings service hostname changes, and proxy
the changes via a GObject property of the manager
* system-settings/src/nm-system-config-interface.c
system-settings/src/nm-system-config-interface.h
- Replace nm_system_config_interface_supports_add() with a capabilities
bitfield
* system-settings/src/nm-system-config-error.c
system-settings/src/nm-system-config-error.h
- Add additional errors
* system-settings/src/dbus-settings.c
system-settings/src/dbus-settings.h
- (get_property, nm_sysconfig_settings_class_init): add hostname
property; first plugin returning a hostname wins
- (impl_settings_add_connection): use plugin capabilities instead of
nm_system_config_interface_supports_add()
- (impl_settings_save_hostname): implement hostname saving
* src/NetworkManagerPolicy.c
- (lookup_thread_run_cb, lookup_thread_worker, lookup_thread_new,
lookup_thread_die): implement an asynchronous hostname lookup thread
which given an IPv4 address tries to look up the hostname for that
address with reverse DNS
- (get_best_device): split out best device code from
update_routing_and_dns()
- (update_etc_hosts): update /etc/hosts with the machine's new hostname
to preserve the 127.0.0.1 reverse mapping that so many things require
- (set_system_hostname): set a given hostname
- (update_system_hostname): implement hostname policy; a configured
hostname (from the system settings service) is used if available,
otherwise an automatically determined hostname from DHCP, VPN, etc.
If there was no automatically determined hostname, reverse DNS of
the best device's IP address will be used, and as a last resort the
hostname 'localhost.localdomain' is set.
- (update_routing_and_dns): use get_best_device(); update the system
hostname when the network config changes
- (hostname_changed): update system hostname if the system settings
service signals a hostname change
- (nm_policy_new): list for system settings service hostname changes
- (nm_policy_destroy): ensure that an in-progress hostname lookup thread
gets told to die
* system-settings/plugins/keyfile/plugin.c
system-settings/plugins/ifcfg-suse/plugin.c
- (get_property, sc_plugin_ifcfg_class_init): implement hostname and
capabilities properties
* system-settings/plugins/ifcfg-fedora/shvar.c
- (svOpenFile): re-enable R/W access of ifcfg files since the plugin
writes out /etc/sysconfig/network now
* system-settings/plugins/ifcfg-fedora/plugin.c
- (plugin_get_hostname): get hostname from /etc/sysconfig/network
- (plugin_set_hostname): save hostname to /etc/sysconfig/network
- (sc_network_changed_cb): handle changes to /etc/sysconfig/network
- (sc_plugin_ifcfg_init): monitor /etc/sysconfig/network for changes
- (get_property, set_property, sc_plugin_ifcfg_class_init): implement
hostname get/set and capabilities get
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@4077 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
* system-settings/plugins/keyfile/plugin.c
- (update_connection_settings): update connection manually, since
nm_exported_connection_update() does authentication
- (dir_changed): update_connection_settings() doesn't need to return
an error
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@4057 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
* libnm-util/nm-setting-vpn.c
libnm-util/nm-setting-vpn.h
- Split VPN secrets from VPN data so that settings services can actually
figure out that they are secrets and store them accordingly
* system-settings/plugins/keyfile/nm-keyfile-connection.c
system-settings/plugins/keyfile/reader.c
system-settings/plugins/keyfile/reader.h
system-settings/plugins/keyfile/writer.c
- Store VPN secrets separately from VPN data so that they can be fetched
on demand
- Implement the get_secrets() call so that (a) secrets don't leak out
to unprivileged callers, and (b) secrets can be sent to privileged
callers when needed
* vpn-daemons/vpnc/src/nm-vpnc-service.c
- Handle split VPN secrets
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@4031 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
* system-settings/plugins/keyfile/nm-keyfile-connection.c
- (update): Update filename of the connection if the connection id
was changed
* system-settings/plugins/keyfile/plugin.c
- (dir_changed): first pass at handling connection renames correctly
* system-settings/plugins/keyfile/writer.c
system-settings/plugins/keyfile/writer.h
- (write_connection): replace '/' with '*' when writing out the filename
from the connection id
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@4018 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
Add connection UUIDs, since connection names can be changed, and since
old-style connection IDs could change over the life of the connection. The
UUID should be assigned at connection creation time, be stable for a given
connection, and should be unique among all connections for a given settings
service.
* configure.in
libnm-util/Makefile.am
- Require libuuid
* introspection/nm-exported-connection.xml
- Remove "GetID" method
* libnm-glib/nm-dbus-connection.c
libnm-glib/nm-settings.c
libnm-glib/nm-settings.h
- Remove id-related stuff
* libnm-util/nm-utils.c
libnm-util/nm-utils.h
libnm-util/libnm-util.ver
- (nm_utils_uuid_generate, nm_utils_uuid_generate_from_string): Add
utility functions to generate UUIDs
* libnm-util/nm-setting-connection.c
libnm-util/nm-setting-connection.h
- Add 'uuid' member to the connection setting
- (verify): require valid 'uuid' for a valid connection
* system-settings/plugins/ifcfg-fedora/nm-ifcfg-connection.c
system-settings/plugins/ifcfg-fedora/reader.c
system-settings/plugins/ifcfg-suse/nm-suse-connection.c
system-settings/plugins/ifcfg-suse/parser.c
system-settings/plugins/keyfile/nm-keyfile-connection.c
system-settings/src/main.c
- Remove id-related stuff
- Give connections UUIDs where needed
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@4013 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
Revert most of the 'hostname' patch. Too much stuff still breaks when
hostname is updated at runtime. Distros or users who want hostname updates
can use dispatcher scripts to update the hostname if they need it.
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@3945 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
* introspection/nm-settings-system.xml
system-settings/src/dbus-settings.c
system-settings/src/dbus-settings.h
- Add a 'Hostname' property (rw) which represents the configured
hostname and domain of the system, if any
* system-settings/src/nm-system-config-error.c
system-settings/src/nm-system-config-error.h
system-settings/src/nm-system-config-interface.c
system-settings/src/nm-system-config-interface.h
- Add a 'hostname' property to the plugin interface
- Add a method to send updated hostname to plugins to save in their
backing configuration store
* system-settings/plugins/keyfile/nm-keyfile-connection.c
system-settings/plugins/keyfile/plugin.c
system-settings/plugins/keyfile/writer.c
system-settings/plugins/keyfile/writer.h
system-settings/plugins/ifcfg-suse/plugin.c
- Add minimal hostname support
* system-settings/plugins/ifcfg-fedora/plugin.c
- Add support for updating system hostname in /etc/sysconfig/network
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@3941 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
