NetworkManager merge requestshttps://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests2022-12-16T17:02:35Zhttps://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1402core: wait for carrier before resolving hostname via DNS2022-12-16T17:02:35ZBeniamino Galvanicore: wait for carrier before resolving hostname via DNSIf there is no carrier on a device, don't try to resolve the hostname
on it. Instead, subscribe to carrier change notifications and retry
again once carrier goes up.
https://bugzilla.redhat.com/show_bug.cgi?id=2118817If there is no carrier on a device, don't try to resolve the hostname
on it. Instead, subscribe to carrier change notifications and retry
again once carrier goes up.
https://bugzilla.redhat.com/show_bug.cgi?id=2118817https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1403[th/uuid-generate-from-strings] rework nm_uuid_generate_from_strings() to sup...2022-10-03T16:04:29ZThomas Haller[th/uuid-generate-from-strings] rework nm_uuid_generate_from_strings() to support version 5 UUIDs`nm_uuid_generate_from_strings()` is a sensible function to generate a fixed UUID based on a list of strings.
Rework it:
- it now accepts a `uuid_type` argument. Previously, we would always generate version3 (MD5) UUIDs, which seems no...`nm_uuid_generate_from_strings()` is a sensible function to generate a fixed UUID based on a list of strings.
Rework it:
- it now accepts a `uuid_type` argument. Previously, we would always generate version3 (MD5) UUIDs, which seems not best for new code.
- add a `type_arg` namespace UUID. Previously, all callers were advised to choose a unique first string for namespacing. It seems nicer to have an explicit namespace UUID, which is awell-known concept when generating UUIDs (see python's `uuid.uuid5()` which has a mandatory namespace parameter).
Of course, existing uses keep generating the same version 3 UUIDs as before (after all, the main point of this function is to generate stable UUIDs). But this should encourage new users to switch to version 5 UUIDs and think about the necessity of the namespace argument.https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1404[th/memdup] add nm_memcpy(), nm_memdup_nul() and use in nm_str_buf_finalize()2022-10-24T06:49:52ZThomas Haller[th/memdup] add nm_memcpy(), nm_memdup_nul() and use in nm_str_buf_finalize()- add `nm_memcpy()` to avoid pitfalls with NULL/dangling src buffer.
- add nm_memdup_nul() helper as a replacement for g_strndup() -- which is not suitable for binary data or "strings" that contain NUL bytes.
- use both in nm_str_buf_fin...- add `nm_memcpy()` to avoid pitfalls with NULL/dangling src buffer.
- add nm_memdup_nul() helper as a replacement for g_strndup() -- which is not suitable for binary data or "strings" that contain NUL bytes.
- use both in nm_str_buf_finalize(). NMStrBuf tracks the length separately, so it can also support embedded NUL characters in their strings. See 520411623d874803c18c4f29d13eeea7d5d5a6ac.https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1405[th/build-gettext-update-po] build: don't "update-po" during make dist2022-10-03T15:54:00ZThomas Haller[th/build-gettext-update-po] build: don't "update-po" during make distInstead, hack gettext's Makefile.
gettext has an issue with parallel make. See [1] and [2].
Reproduce with:
```
git reset --hard &&
git clean -fdx &&
NOCONFIGURE=yes ./autogen.sh &&
./configure --enable-gtk-doc --enable-in...Instead, hack gettext's Makefile.
gettext has an issue with parallel make. See [1] and [2].
Reproduce with:
```
git reset --hard &&
git clean -fdx &&
NOCONFIGURE=yes ./autogen.sh &&
./configure --enable-gtk-doc --enable-introspection &&
make -j distcheck V=1
```
We worked around this by setting "DIST_DEPENDS_ON_UPDATE_PO = yes",
however that (obviously) results in regenerating source files during
dist. "Source files" in the sense that the po files are commited to git
and get distributed in the release. Doing this is very ugly.
In particular it's ugly, because `make -C po update-po` is not reproducible
and the output depends on the current time (*had one job*).
Otherwise, we could just regenerate the files before doing a release.
This means, running "release.sh" script ends up with a dirty tree
afterwards. Also, the distributed po files are not the ones from the source
tree when we did the release. Also, since "release.sh rc1" does two distributions
(once for the rc1 and once for the next devel snapshot), the commit for the
second distribution will have a large diff for the po files.
This reverts commit 978d8eb69923 ('po: make dist depend on update-po')
and hacks around the problem.
[1] https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1094#note_1435313
[2] https://lists.gnu.org/archive/html/bug-gettext/2022-06/msg00022.htmlhttps://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1406[th/device-release-ports] device: fix hanging port devices when controller go...2022-10-11T16:28:12ZThomas Haller[th/device-release-ports] device: fix hanging port devices when controller goes down while port is not fully attached
This partly reverts 1fe8166fc9fb ('device: only deactivate when the master
we've enslaved to goes away').
If the controller fails while the port is not yet fully attached,
before this patch the following happened:
```
<info> [166429...
This partly reverts 1fe8166fc9fb ('device: only deactivate when the master
we've enslaved to goes away').
If the controller fails while the port is not yet fully attached,
before this patch the following happened:
```
<info> [1664299566.1065] device (bond0): state change: ip-config -> failed (reason 'config-failed', sys-iface-state: 'managed')
...
<warn> [1664299566.1073] device (bond0): Activation: failed for connection 'bond0'
<trace> [1664299566.1073] device[6b76ac7314eb0b53] (bond0): master: release one slave a9f10ea824bb1725/eth1 (not enslaved) (configure)
<debug> [1664299566.1073] device[a9f10ea824bb1725] (eth1): unmanaged: flags set to [!sleeping,!by-type,!platform-init,!user-explicit,!user-settings,!user-conf=0x0/0x179/managed], forget [is-slave=0x800], reason removed)
...
<info> [1664299566.1080] device (eth1): state change: config -> ip-config (reason 'none', sys-iface-state: 'managed')
```
Note that now eth1 has no controller, but it lingers in "ip-config" state indefinitely.
If we look at a case where the port is already attached we see:
```
<info> [1664299540.9661] device (bond0): state change: secondaries -> failed (reason 'config-failed', sys-iface-state: 'managed')
...
<warn> [1664299540.9667] device (bond0): Activation: failed for connection 'bond0'
<trace> [1664299540.9667] device[6b76ac7314eb0b53] (bond0): master: release one slave a9f10ea824bb1725/eth1 (enslaved) (configure)
<debug> [1664299540.9667] platform: (eth1) link: releasing 10 from master 'bond0' (80)
...
<info> [1664299540.9740] device (bond0): detached bond port eth1
...
<debug> [1664299540.9749] device[a9f10ea824bb1725] (eth1): Activation: connection 'eth1' master failed
...
<warn> [1664299540.9749] device (eth1): queue-state[secondaries, reason:none, id:520]: replace previously queued state change
...
<debug> [1664299540.9750] device[a9f10ea824bb1725] (eth1): queue-state[deactivating, reason:dependency-failed, id:533]: queue state change
<debug> [1664299540.9751] device[a9f10ea824bb1725] (eth1): unmanaged: flags set to [!sleeping,!by-type,!platform-init,!user-explicit,!user-settings,!user-conf=0x0/0x179/managed], forget [is-slave=0x800], reason removed)
...
<debug> [1664299541.0201] device[a9f10ea824bb1725] (eth1): enslaved to unknown device 0 (??)
...
<debug> [1664299541.0227] device[a9f10ea824bb1725] (eth1): queue-state[deactivating, reason:dependency-failed, id:533]: change state
<info> [1664299541.0228] device (eth1): state change: ip-check -> deactivating (reason 'dependency-failed', sys-iface-state: 'managed')
```
Fix that by not ignoring the nm_device_slave_notify_release() call. Now we get:
```
<info> [1664391684.9757] device (bond0): state change: ip-config -> failed (reason 'config-failed', sys-iface-state: 'managed')
...
<debug> [1664391684.9759] active-connection[69c2b12d61f5b171]: set state deactivated (was activating)
<debug> [1664391684.9760] active-connection[142bb8240f6a696d]: check-master-ready: already signalled (state activating, master 0x56116f1480a0 is in state deactivated)
...
<debug> [1664391684.9762] manager: ActivatingConnection now (none)
...
<warn> [1664391684.9763] device (bond0): Activation: failed for connection 'bond0'
<trace> [1664391684.9763] device[142828814dec6e26] (bond0): master: release one slave 720791275fe8a68c/eth1 (not enslaved) (configure)
<debug> [1664391684.9763] device[720791275fe8a68c] (eth1): Activation: connection 'eth1' master failed
...
<debug> [1664391684.9764] device[720791275fe8a68c] (eth1): queue-state[deactivating, reason:dependency-failed, id:3047]: queue state change
<debug> [1664391684.9765] device[720791275fe8a68c] (eth1): unmanaged: flags set to [!sleeping,!by-type,!platform-init,!user-explicit,!user-settings,!user-conf=0x0/0x179/managed], forget [is-slave=0x800], reason removed)
...
<debug> [1664391684.9797] device[720791275fe8a68c] (eth1): queue-state[deactivating, reason:dependency-failed, id:3047]: change state
<info> [1664391684.9797] device (eth1): state change: config -> deactivating (reason 'dependency-failed', sys-iface-state: 'managed')
```
Commit 1fe8166fc9fb ('device: only deactivate when the master we've
enslaved to goes away') added the "return", but it seems to also add it
in cases where we need to handle this. Restrict the return to cases if
we do "no-config".
https://bugzilla.redhat.com/show_bug.cgi?id=2130287
Fixes: 1fe8166fc9fb ('device: only deactivate when the master we've enslaved to goes away')https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1407[th/cli-import-dupl-args] nmcli: don't print warning in `nmcli connection imp...2022-10-03T12:00:46ZThomas Haller[th/cli-import-dupl-args] nmcli: don't print warning in `nmcli connection import` about duplicate parametersIt seems uncommon that a command line tool warns about duplicate
paramters. Usually, the latter just overwrites the former. That is also
useful so that you can have for example an alias that sets a default
type
```
nmcli_import="nmcli ...It seems uncommon that a command line tool warns about duplicate
paramters. Usually, the latter just overwrites the former. That is also
useful so that you can have for example an alias that sets a default
type
```
nmcli_import="nmcli connection import type keyfile"
```
but still call it like
```
nmcli_import file $FILE type openvpn
```
This is a change in behavior. Not only stop we printing a warning, we
will now prefer the latter argument. Previously, the first was honored.
This change in behavior is a problem, but such uses were warned against
in the past, and hopefully nobody did this or relied on this.https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1408bond,bridge,team: use uuid for con.master when generating connection2022-10-06T13:33:38ZLubomir Rintelbond,bridge,team: use uuid for con.master when generating connectionAttempt at fixing @libnm_snapshot_reattach_unmanaged_ports_to_bridge,
https://bugzilla.redhat.com/show_bug.cgi?id=2125615
Let's see how tests go first.Attempt at fixing @libnm_snapshot_reattach_unmanaged_ports_to_bridge,
https://bugzilla.redhat.com/show_bug.cgi?id=2125615
Let's see how tests go first.https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1409nmcli: fix return code on "nmcli device connect" error2022-10-04T08:50:35ZBeniamino Galvaninmcli: fix return code on "nmcli device connect" errorBefore:
```
$ nmcli device connect veth0; echo $?
Error: Connection activation failed: (5) IP configuration could not be reserved (no available address, timeout, etc.).
0
```
```
After
$ nmcli device connect veth0; echo $?
Err...Before:
```
$ nmcli device connect veth0; echo $?
Error: Connection activation failed: (5) IP configuration could not be reserved (no available address, timeout, etc.).
0
```
```
After
$ nmcli device connect veth0; echo $?
Error: Connection activation failed: IP configuration could not be reserved (no available address, timeout, etc.).
4
```
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/902https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1410[th/generate-docs] rework "generate-docs-nm-property-infos.py" and do stricte...2022-10-06T11:42:53ZThomas Haller[th/generate-docs] rework "generate-docs-nm-property-infos.py" and do stricter parsingrework "generate-docs-nm-property-infos.py".
- whitespace and newlines are not preserved better.
- the parsing got stricter, and would fail for unexpected input. When there is a failure, we would log the offending file:line.
- various c...rework "generate-docs-nm-property-infos.py".
- whitespace and newlines are not preserved better.
- the parsing got stricter, and would fail for unexpected input. When there is a failure, we would log the offending file:line.
- various cleanups.https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1411[th/systemd] systemd: update code from upstream (2022-10-04)2022-10-05T07:23:22ZThomas Haller[th/systemd] systemd: update code from upstream (2022-10-04)reimportreimporthttps://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1412Update Ukrainian translation2022-10-05T07:25:09ZYuri ChornoivanUpdate Ukrainian translationTested for validity. Many thanks in advance for merging.Tested for validity. Many thanks in advance for merging.https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1413platform: set custom netlink buffer size when adding SR-IOV VFs2022-10-17T08:34:27ZBeniamino Galvaniplatform: set custom netlink buffer size when adding SR-IOV VFsWhen there are many VFs the default buffer size of 1 memory page is
not enough. Each VF can take up to ~120 bytes and so when the page
size is 4KiB at most ~34 VFs can be added.
Specify the buffer size when allocating the message.When there are many VFs the default buffer size of 1 memory page is
not enough. Each VF can take up to ~120 bytes and so when the page
size is 4KiB at most ~34 VFs can be added.
Specify the buffer size when allocating the message.https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1414[th/nmclient-wait-shutdown] libnm: add nm_client_wait_shutdown() function for...2022-10-14T15:53:56ZThomas Haller[th/nmclient-wait-shutdown] libnm: add nm_client_wait_shutdown() function for cleaning up NMClientIt's not entirely trivial to let the user handle this. Also, because
glib provides no convenient API to integrate a GMainContext in another
GMainContext (like `nm_utils_g_main_context_create_integrate_source()`).
Add a fire-and-forget f...It's not entirely trivial to let the user handle this. Also, because
glib provides no convenient API to integrate a GMainContext in another
GMainContext (like `nm_utils_g_main_context_create_integrate_source()`).
Add a fire-and-forget function to make that simpler.
The following test script will run out of file descriptors,
when wait_shutdown() is not used:
```
#!/bin/python
import gi
gi.require_version("NM", "1.0")
from gi.repository import NM, GLib
for i in range(1200):
print(f">>>{i}")
ctx = GLib.MainContext()
ctx.push_thread_default()
nmc = NM.Client.new()
ctx.pop_thread_default()
def cb(unused, result, i):
try:
NM.Client.wait_shutdown_finish(result)
except Exception:
# cannot happen
assert False
else:
print(f">>>>> {i} complete")
nmc.wait_shutdown(True, None, cb, i)
while GLib.MainContext.default().iteration(False):
pass
```https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1415core: don't restrict DNS interface when performing connectivity check2022-10-20T16:17:07ZMichael Catanzarocore: don't restrict DNS interface when performing connectivity checkCurrently, when performing DNS resolution with systemd-resolved,
NetworkManager tells systemd-resolved to consider only DNS configuration
for the network interface that the connectivity check request will be
routed through. But this is n...Currently, when performing DNS resolution with systemd-resolved,
NetworkManager tells systemd-resolved to consider only DNS configuration
for the network interface that the connectivity check request will be
routed through. But this is not correct because DNS and routing are
configured entirely separately. For example, say we have a VPN that
receives all DNS but only a subset of routing. NetworkManager will
configure systemd-resolved with no DNS servers on any interface except
for the VPN interface, but will still route traffic through other
interfaces. This is entirely legitimate and works fine in practice,
except for the connectivity check.
To fix this, we just drop the restriction and allow systemd-resolved to
consider its full configuration, which is what gets used normally
anyway. This allows our connectivity check to match the real
configuration instead of failing spuriously.
Fixes #1107https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1416[th/gslice] replace GSlice (by NMSlice?)2022-10-17T20:11:54ZThomas Haller[th/gslice] replace GSlice (by NMSlice?)glib has for a long time the GSlice API. The *only* reason to have and
use it, is the hope that it might perform better. After all, it's API
is more limited, as it doesn't support realloc() and requires the caller
to provide the memory s...glib has for a long time the GSlice API. The *only* reason to have and
use it, is the hope that it might perform better. After all, it's API
is more limited, as it doesn't support realloc() and requires the caller
to provide the memory size during free.
It's hard to accurately benchmark whether an allocator clearly performs better,
as it depends on usage and the system allocator that we compare against.
But there are some doubts whether it's faster ([1]), and it might be even
slower which totally defeats the purpose of having this.
Also, there is an long open bug to deprecate the GSlice API ([2]).
Move forward an redirect GSlice to the system allocator.
Don't completely the call patter however. For one, that would require
manual changes (or a good script). But more importantly, we already use
the GSlice API, and at the places where we do, we acknowledge to use a
more limited behavior (no realloc()) and we know the deallocation size.
Replacing all GSlice uses right away with malloc()/free() uses that
information and there is no easy way back. But the more limited API
*might* have performance benefits in the future. For example, C++
has sized allocation for this reason ([3]).
So don't drop a slice API entirely. Instead, add our own nm_slice*()
for now, which redirects to g_malloc()/g_free().
[1] https://wiki.gnome.org/Projects/GLib/GSlicePeformanceTests
[2] https://gitlab.gnome.org/GNOME/glib/-/issues/ ## 1079
[3] https://open-std.org/jtc1/sc22/wg21/docs/papers/2013/n3778.html
---
The alternative is to drop GSlice and use malloc/free directly.
We can do a (mostly) automated conversion from GSlice to malloc/free, but not the other way around. That is, the current places that use GSlice have a more special use-case, and converting to malloc/free entirely seems to loose that information.https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1417[th/uuid-generate-strv-null] fix nm_uuid_generate_from_strings() to support N...2022-10-11T07:06:55ZThomas Haller[th/uuid-generate-strv-null] fix nm_uuid_generate_from_strings() to support NULL stringsWhen you call
```
nm_uuid_generate_from_strings_strv(uuid_type, type_arg, v1, v2);
```
you'd probably expect that both values are honored in some way.
However, if `v1` happened to be NULL, then `v2` would have been ignored.
Extend `nm...When you call
```
nm_uuid_generate_from_strings_strv(uuid_type, type_arg, v1, v2);
```
you'd probably expect that both values are honored in some way.
However, if `v1` happened to be NULL, then `v2` would have been ignored.
Extend `nm_uuid_generate_from_strings()` to accept also NULL values and
pass on the length.
Also extend `nm_uuid_generate_from_strings_strv()` to take a length
argument. It still accepts "-1" to take the input strv as a NULL
terminated array.
The existing users of the previous behavior got renamed to
`nm_uuid_generate_from_strings_old()`.https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1418Remove inheritance of unmanaged condition from the parent device, on all devices2022-10-19T14:29:58ZAna CabralRemove inheritance of unmanaged condition from the parent device, on all devicesIt is not possible to configure a VLAN interface on unmanaged NIC.
This forces users who only want to create a VLAN interface to take
ownership over possibly shared underlying NIC.
In OpenShift, the SR-IOV operator is currently not usin...It is not possible to configure a VLAN interface on unmanaged NIC.
This forces users who only want to create a VLAN interface to take
ownership over possibly shared underlying NIC.
In OpenShift, the SR-IOV operator is currently not using
NetworkManager to configure VFs. When it starts working with a NIC,
it explicitly makes it unmanaged. Then, users cannot create a VLAN
interface on PFs managed by the operator.
One of the commits here eliminates this issue by allowing configuring
VLAN on an interface without requesting it to be managed by NetworkManager.
The behavior of inheriting unmanaged condition from the parent was
removed from all devices with this Merge Request.
https://bugzilla.redhat.com/show_bug.cgi?id=2110307https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1419man/nmcli: document variables affecting fancy output2022-10-11T14:35:28ZLubomir Rintelman/nmcli: document variables affecting fancy outputNotably, PAGER, TERM and NO_COLORS.Notably, PAGER, TERM and NO_COLORS.https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1420[th/cli-fork-safety] avoid setenv() after fork2022-10-24T16:52:18ZThomas Haller[th/cli-fork-safety] avoid setenv() after forkafter fork (before exec) only functions from `man signal-safety` can be used. Avoid using `setenv()` to setup the pager.
`setenv()` actually cannot be used safely anywhere, because glib applications are frequently multithreaded (e.g. if...after fork (before exec) only functions from `man signal-safety` can be used. Avoid using `setenv()` to setup the pager.
`setenv()` actually cannot be used safely anywhere, because glib applications are frequently multithreaded (e.g. if they use GDBus, which can happen already before `main()` starts). In any case, it's *also* unsafe after fork.https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1421team: set port configuration even if it's empty2022-11-28T07:52:19ZLubomir Rintelteam: set port configuration even if it's emptyCall teamdctl_port_config_update_raw() when we're attaching a port even
if all of team-slave setting properties are default.
This is done to ensure teamd "knows" about the port (that is,
"teamdctl ... port present" returns success) whe...Call teamdctl_port_config_update_raw() when we're attaching a port even
if all of team-slave setting properties are default.
This is done to ensure teamd "knows" about the port (that is,
"teamdctl ... port present" returns success) when we're done activating
the slave connection. It will pick it up anyway from netlink, but that
can happen after the activation is done, resulting in a possible race.
Fixes-test: @remove_active_team_profile
https://bugzilla.redhat.com/show_bug.cgi?id=2102375