This reverts commit: 5edb8335dc
The Networkmanager package must not depend on ModemManager. Only the
Networkmanager-wwan package should depend on the ModemManager package.
The mobile-broadband-provider-info is fully optional and it is often not
required for embedded devices. Let the user choose if it gets installed
or not. Adding it explicitely to IMAGE_INSTALL is simple. Adding an
RRECOMMENS would work as well. But adding an RDEPENDS is bad.
In general, NetworkManager packaging is intended to provide a set of
binary packages suitable for building many different images.
NetworkManager is designed to be used for binary packages distributions
where it is not possible to rebuild NetworkManager just to install
Modemmanager. Also for OE, where a rebuilding is possible, a rebuild is
a disadvantage. So please do not destroy this flexibility by adding
RDEPENDS, which are firstly wrong and secondly only suitable for your
specific needs.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
* Support matching a OVS system interface by MAC address.
* When looking up the system hostname from the reverse DNS lookup of
addresses configured on interfaces, NetworkManager now takes into
account the content of /etc/hosts.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
===========
* Support matching a OVS system interface by MAC address.
* Fix port reactivation when the controller is reactivating.
* Save connection timestamps when shutting down, so that the right
connection autoactivates after restart.
* Fix handling of VPN secrets for 2-factor authentication.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
* Adapt to the new way of handling the 2FA secret by the
daemon, needed by it to fix a bug with certain clients.
Requires NetworkManager >= 1.46.2.
* Update Slovenian and Hungarian translations.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
============
* Building with autotools is now deprecated and will be completely removed
in the next development cycle. We recommend using meson to build
NetworkManager -- for basic setup, see the CONTRIBUTING.md file.
To ignore this deprecation and still build with Autotools, you can specify
the '--disable-autotools-deprecation' argument when configuring.
* Support changing the OpenSSL ciphers for 802.1X authentication via
connection property "802-1x.openssl-ciphers".
* The reason why a device is unmanaged is now properly set in the
"StateReason" property of the "Device" D-Bus object. The property is
visible in nmcli via "nmcli -f all device show $DEV".
* Deprecated 802-11-wireless and 802-11-wired property 'mac-address-blacklist'
and introduced the 'mac-address-denylist' property.
* Properly restore in-memory connection profiles during the rollback
of a checkpoint.
* Fix detection of 6 GHz band capability for WiFi devices
* Allow IPv6 SLAAC and static IPv6 DNS server assignment for modem broadband
when IPv6 device address was not explicitly passed on by ModemManager
* Fix a performance issue that was leading to 100% CPU usage by NetworkManager
if external programs were doing a big amount of routes updates.
* Patch-level development releases (i.e. 1.48.1-dev) won't be used anymore.
From now on, all the patch releases whithin a stable branch will be normal
releases, like 1.48.0, 1.48.1, 1.48.2, 1.48.3 and so on.
Odd numbers in the minor version number still indicates if it's a development
branch like 1.49 or a stable one like 1.48.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Replace references of WORKDIR with UNPACKDIR where it makes sense to do
so in preparation for changing the default value of UNPACKDIR.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
===========
* Improve the support for 2FA dynamic challenge, not
saving the response into the profile.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
- also copy GLib*Typelib to STAGING_LIBDIR_NATIVE to avoid:
| gi.RepositoryError: Typelib file for namespace 'GLib', version '2.0' not found
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Basically what is done in:
https://git.openembedded.org/meta-openembedded/commit/?h=master-next&id=4c40897893f43a99e6ae12e652c0cf789d89df90
This fixes:
| gi.RepositoryError: Typelib file for namespace 'Gobject', version '2.0' not found
| gi.RepositoryError: Typelib file for namespace 'Gio', version '2.0' not found
| gi.RepositoryError: Typelib file for namespace 'GModule', version '2.0' not found
- Remove uneeded do_compile:prepend. It was broken because of {B}} and seems to be unneeded anyway
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
ChangeLog:
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/1.46.0/NEWS
Highlights:
- Drop build with python2, python3 is now required
- Support randomizing the MAC address based on the Wi-Fi network
- IPv4 DAD (Duplicate Address Detection) enabled by default
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
* it uses gdbus-codegen from glib-2.0-native which depended
on python3-distutils-native until
https://lists.openembedded.org/g/openembedded-core/message/196136
but distutils on host was enforced by sanity check only until mickledore with:
https://git.openembedded.org/openembedded-core/commit/?id=8e3a5b0709384f2b455a82ac1e8e212686fe4456
so on hosts without distutils this was already failing with:
http://errors.yoctoproject.org/Errors/Details/754697/
gdbus-codegen \
--generate-c-code src/nm-fortisslvpn-pppd-service-dbus \
--c-namespace NMDBus \
--interface-prefix org.freedesktop.NetworkManager \
../NetworkManager-fortisslvpn-1.4.0/src/nm-fortisslvpn-pppd-service.xml
Traceback (most recent call last):
File "TOPDIR/tmp-glibc/work/core2-64-oe-linux/networkmanager-fortisslvpn/1.4.0/recipe-sysroot-native/usr/bin/gdbus-codegen", line 53, in <module>
from codegen import codegen_main
File "TOPDIR/tmp-glibc/work/core2-64-oe-linux/networkmanager-fortisslvpn/1.4.0/recipe-sysroot-native/usr/share/glib-2.0/codegen/codegen_main.py", line 29, in <module>
from . import dbustypes
File "TOPDIR/tmp-glibc/work/core2-64-oe-linux/networkmanager-fortisslvpn/1.4.0/recipe-sysroot-native/usr/share/glib-2.0/codegen/dbustypes.py", line 22, in <module>
from . import utils
File "TOPDIR/tmp-glibc/work/core2-64-oe-linux/networkmanager-fortisslvpn/1.4.0/recipe-sysroot-native/usr/share/glib-2.0/codegen/utils.py", line 22, in <module>
import distutils.version
ModuleNotFoundError: No module named 'distutils'
make: *** [Makefile:2081: src/nm-fortisslvpn-pppd-service-dbus.h] Error 1
and the glib-2.0-native change only changes the dependency from
distutils to packaging which results in:
http://errors.yoctoproject.org/Errors/Details/754693/
gdbus-codegen \
--generate-c-code src/nm-fortisslvpn-pppd-service-dbus \
--c-namespace NMDBus \
--interface-prefix org.freedesktop.NetworkManager \
../NetworkManager-fortisslvpn-1.4.0/src/nm-fortisslvpn-pppd-service.xml
Traceback (most recent call last):
File "TOPDIR/tmp-glibc/work/core2-64-oe-linux/networkmanager-fortisslvpn/1.4.0/recipe-sysroot-native/usr/bin/gdbus-codegen", line 53, in <module>
from codegen import codegen_main
File "TOPDIR/tmp-glibc/work/core2-64-oe-linux/networkmanager-fortisslvpn/1.4.0/recipe-sysroot-native/usr/share/glib-2.0/codegen/codegen_main.py", line 29, in <module>
from . import dbustypes
File "TOPDIR/tmp-glibc/work/core2-64-oe-linux/networkmanager-fortisslvpn/1.4.0/recipe-sysroot-native/usr/share/glib-2.0/codegen/dbustypes.py", line 22, in <module>
from . import utils
File "TOPDIR/tmp-glibc/work/core2-64-oe-linux/networkmanager-fortisslvpn/1.4.0/recipe-sysroot-native/usr/share/glib-2.0/codegen/utils.py", line 22, in <module>
import packaging.version
ModuleNotFoundError: No module named 'packaging'
make: *** [Makefile:2081: src/nm-fortisslvpn-pppd-service-dbus.h] Error 1
* packaging probably isn't as wide spread on host distros as old
distutils was, so make sure it's available by using
python3-native with python3-packaging-native from OE build
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
With the nmtui being now handled via tha PACKAGECONFIG, there is no need
for the global libnewt dependency, PACKAGECONFIG["nmtui"] handles it
correctrly. Drop the libnewt from DEPENDS list.
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
- to build and package nmtui
- to automatically append networkmanager-adsl and
networkmanager-wwan in recommended packages.
- to fix an invalid-packageconfig QA issue that is raised when
adsl and wwan are added in pkgconfig.
Signed-off-by: Thomas Perrot <thomas.perrot@bootlin.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The SUMMARY and DESCRIPTION are taken from Arch Linux wiki page:
https://wiki.archlinux.org/title/NetworkManager
Signed-off-by: William Lyu <William.Lyu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
* Accepted was replaced with Backport in gatesgarth:
https://docs.yoctoproject.org/migration-guides/migration-3.2.html#miscellaneous-changes
* as detected with oe-core/scripts/contrib/patchreview.py:
meta-openembedded $ grep -A 3 Malformed *qa-patches
meta-gnome.qa-patches:Malformed Upstream-Status 'Malformed Upstream-Status in patch
meta-gnome.qa-patches-/OE/layers/meta-openembedded/meta-gnome/recipes-gnome/gnome-tweaks/gnome-tweaks/0002-meson-fix-invalid-positional-argument.patch
meta-gnome.qa-patches-Please correct according to https://docs.yoctoproject.org/contributor-guide/recipe-style-guide.html#patch-upstream-status :
meta-gnome.qa-patches-Upstream-Status: Accepted [dc9701e187]' (/OE/layers/meta-openembedded/meta-gnome/recipes-gnome/gnome-tweaks/gnome-tweaks/0002-meson-fix-invalid-positional-argument.patch)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
musl does not need _IO_stdin_used, since its not provided by toolchain
runtime ( crt files ) lld linker complains about undefined global symbol
on musl
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
* Introduce a new "link" setting that holds properties related to the
kernel link such as "tx-queue-length", "gso-max-size",
"gso-max-segments", "gro-max-size".
* Support sending a DHCPv6 prefix delegation hint via the
"ipv6.dhcp-pd-hint" connection property.
* Support new bond options: "arp_missed_max", "lacp_active",
"ns_ip6_target".
* Add new "initial-eps-bearer-configure" and "initial-eps-bearer-apn"
properties in the GSM setting.
* Setting "connection.stable-id=default${CONNECTION}" changed behavior to
be identical to the built-in default value when the stable-id is not set.
* Add a "[keyfile].rename" option to NetworkManager.conf to force renaming
profiles on disk when their name changes.
* The ifcfg-rh plugin is deprecated; it will only receive bugfixes and
no new features. A warning is emitted the log when a connection in
ifcfg-rh format is found.
* To automatically migrate existing ifcfg-rh connections to the
keyfile format, a new configuration option "main.migrate-ifcfg-rh"
is provided. Migration is disabled by default, but the default value
can be changed at build time via
"--with-config-migrate-ifcfg-rh-default=yes".
* When configuring hostnames in non-public TLD (like "example.local"), use
the TLD as default search domain instead of the full hostname.
* Always apply DNS options from the [global-dns] configuration section
* The NetworkManager daemon now acquires the D-Bus name only after
populating the D-Bus tree. This can add a delay during startup but
it is required to avoid race conditions with other services
depending on NM.
* Add a "version-id" argument to the Update2() D-Bus call to guard
against concurrent modifications of profiles.
* Don't use tentative IPv6 addresses to resolve the system hostname
via DNS.
* Track the number of autoconnect retries left for each device and
connection. Previously it was tracked only per connection and this
lead to unexpected behaviors in case of multiconnect profiles.
* Set VLAN filtering options on bridge via netlink instead of sysfs.
* nm-cloud-setup now supports IMDSv2 on Amazon EC2.
* nmtui now allows to enable or disable Wi-Fi and WWAN radios.
* Honor ignore-carrier=no for bond/bridge/team devices.
* Add version mismatch warning when running nmcli commands.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
* Add support for ppp 2.5.0.
* Fix nft rules for balance-slb bonding.
* Support port priority for bonding.
* Fix regression handling the PKEY_ID for infiniband profiles
in ifcfg-rh format.
* Fix race in nm-cloud-setup that caused partial configuration
and loss of connectivity with multiple interfaces.
* Don't touch "net.ipv6.conf.$IFACE.forwarding" unless explicitly
required for IPv6 sharing.
* Various bugfixes related to team, Wi-Fi P2P, IPv6LL.
* Automatically unblock autoconnect of profiles during reapply.
Signed-off-by: Petr Gotthard <petr.gotthard@advantech.cz>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The build of NM involves running Python that uses PyGObject, so add that
to DEPENDS.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
* Emit the dhcp-change dispatcher event also after a lease renewal.
* Fix assertion failure on DHCP renewal.
* Add support for EC2 IMDSv2 in nm-cloud-setup.
* Allow setting tunnel flags for ip6gre & ip6gretap connection
profiles.
* Improve the Wi-Fi hotspot functionality.
* Fix setting the Wi-Fi roaming policy based on the number of seen
BSSIDs.
* Support the "no-aaaa" resolv.conf option.
* Some oFono fixes.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
0001-libnm-std-aux-Adjust-signature-of-_nm_assert_fail_in.patch
removed since it's not available in 1.42.4
Changelog:
==========
* Fix a possible crash when [global-dns] is used and improve the
documentation.
* Documentation improvements.
* Add build option to set the mobile-broadband-provider-info database
path.
* Add new "ipv[46].replace-local-rule" setting to control whether to
remove the local route rule that is automatically generated.
* Add the DHCPv6 IAID to the lease information exposed in /run and on
D-Bus.
* Fix assuming team connections at boot.
* Fix race condition when setting the MAC address of an OVS interface.
* Fix constructing the IPv4 name servers variable passed to dispatcher
scripts.
* Don't use tentative IPv6 address to resolve the system hostname via DNS.
* Deprecate the "Master" property of the NMActiveConnection D-Bus object
in favor of the new "Controller" property.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
__assert_fail signature is assuming glibc which is fine for glibc
systems but we have to consider musl case too.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
============
* Added support for source load balancing for Ethernet Bonds.
* Allow specifying vhost name (SNI) for a manually DNS-over-TLS server.
Only works with systemd-resolved plugin.
* Connections can now be activated on a loopback interface.
* Added support of IPv4 ECMP routes. The ECMP routes will get merged
automatically but the user need to configure them as single-hop routes
specifying a valid weight.
* Add new "reapply" dispatcher event.
* Added support of VTI and VTI6 ip-tunnels along with a new property,
"ip-tunnel.fwmark".
* VLAN can now support 802.1ad tagging instead of 802.1Q.
* Invocations of iptables now use "--wait 2" to handle races with concurrent
calls. This fixes misbehavior with IPv4 shared mode.
* The DHCP client-id and DHCPv6 DUID are now exposed along with the lease
information.
* Optionally suppress adding direct route to an external VPN gateway
with the new "ipv[46].auto-route-ext-gw" property.
* Open vSwitch support gained new properties: "ovs-dpdk.n-rxq-desc",
"ovs-dpdk.n-txq-desc", "ovs-interface.ofport-request" and
"ovs-port.trunks".
* Added support of "other_config" for OVS bridge, port or interface. This
property is not supported by nmcli.
* nmtui now supports editing Wi-Fi WPA-Enterprise, Ethernet with 802.1X
authentication and MACsec connection profiles.
* nmcli now allows changing "connection.uuid" and "connection.type"
properties in offline mode and setting the UUID when creating a
connection.
* nmcli now accepts abbreviations for the UUID with the connection selector
in `nmcli connection $operator uuid $uuid`.
* DHCPv6 leases are now declined when addresses fail DAD.
* Documentation improvements.
* Many internal improvements and bug fixes.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
* Fix the evaluation of the autoconnect retries.
* nm-cloud-setup now preserves addresses added externally.
* Ensure that dnsmasq is stopped after changing the dns backend and
restarting the service.
* Fix honoring an explicit DHCPv6 DUID with dhclient.
* Other various fixes.
* Fixed a bug that caused devices (MACsec in particular) to be stuck in
UNAVAILABLE state and not transition to DISCONNECTED if the carrier was
ready too early.
* Improved interoperability of MACsec with some Aruba switches by allowing
CKN shorter than 64 characters.
* Fixed an assertion failure when restarting NetworkManager with MACsec
links configured.
* Fixed a possible DHCP helper crash when handling failure to connect to
D-Bus.
* Corrected calculation of expiration time for items configured from IPv6
neighbor discovery messages.
* Various fixes for platforms that don't allow unaligned memory access.
* team: also set empty port configuration so teamd
knows about the port.
* team: restore port configuration after teamd respawn.
* dhcp: revert restarting DHCP when MAC address changes,
for example during a bond fail over.
* various documentation fixes.
* fix non-exported ABI in libnm which was wrongly present
in the header files but unusable so far.
* ifcfg-rh: fix writing ethtool pause settings to file.
* core: set "proto static" for manual routing rules configured
by NetworkManager.
* Various minor bugfixes.
* Ensure that resolv.conf gets updated when the configuration changes.
* Fix setting as bond primary an interface that doesn't exist yet when the
bond is activated.
* The number of autoconnect retries is now accounted independently for each
device when there are profiles with multi-connect=multiple.
* Don't print duplicate entries in the output of "NetworkManager
--print-config"
* Fix the ifcfg-rh plugin to properly read infiniband P-Key connection
profiles without an explicit interface name.
* Allow the removal of a bond port connection profile from the bond via
nmcli.
* Fix race condition during the activation of veth profiles when the peer
already exists.
* Decline the DHCPv6 lease if all addresses fail IPv6 duplicate address
detection (DAD).
* Wait that devices get carrier before trying to resolve the system hostname
on them via DNS.
* Fix race condition during the initial activation of OVS interfaces.
* Profiles generated by nm-initrd-generator now have lower than default
priority.
* Fix error when adding many SR-IOV virtual functions (VFs).
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The current handling of /etc/resolv.conf by NM has some problems.
When networkd is not configuring network, and there's 'ip=dhcp'
in kernel command line, the /run/NetworkManager/resolv.conf file
is not created, resulting in /etc/resolv.conf being a dead symlink.
This is because NM is treating the network interface as externally
configured and will not try to reconfigure it again.
This means if we want NM to work properly with /etc/resolv.conf,
we've got to either ensure there's no 'ip=dhcp' in kernel command
line, or we've got to ensure networkd is configuring network. This
is weird because normally we should not enable two network managers
at the same time. Note that NM syncs part of its codes with networkd,
which is the reason I think it happens to work when these two network
configuration tools are configuring the same interface at the same
time.
In fact, NM now works well with resolved. It sends the DNS info it
gets to resolved unconditionally by default (the behavior could be
disabled in configuration file).
Looking at the original commit that sets up the update-alternatives
mechanism, it says:
"""
This brings the networkmanager in sync with how systemd-resolved and connman
work. Additionally this allows it to function with a read-only rootFS.
"""
I guess the author was using systemd but disabling resolved, and the author
wanted to use read-only rootFS. In order to keep such combination still works,
change to use PACKAGECONFIG to handle things, and when 'man-resolv-conf' is
enabled, the above combination could still work.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The current location has no effect, because NetworkManager
is not looking for config files there.
In meson.build, we have:
nm_pkglibdir = join_paths(nm_prefix, 'lib', nm_name)
config_extra_h.set_quoted('NMLIBDIR', nm_pkglibdir)
It's clear that the configuration directory should be
nonarch_libdir instead of libdir.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Without this patch, even if dhcpcd is enabled, the NetworkManager
cannot find it. Below are the messages from NetworkMananger:
dhcp: init: DHCP client 'dhcpcd' not available
dhcp: init: Using DHCP client 'internal'
The problem is that dhcpcd needs to be specified as a path, otherwise
NetworkManager tries to find it in /usr/sbin/dhcpcd.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
=========
* IP condfiguration is no longer required in TAP mode.
* Fix initialization of secret flags.
* Add support for DOMAIN-SEARCH option.
* Set data-ciphers option with chosen cipher.
* Update Brazilian Portuguese, Croatian, Danish, Georgian, Polish, Serbian,
Slovenian, Swedish, Turkish and Ukrainian translations.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
=============
* Add support for "allow-compression" parameter.
* Fix a regression in preserving the "tls-auth" settings.
* Add support for "tls-min" and "tls-cipher" parameters.
* Include the new gnome-control-center name in the AppData file.
* Drop libnm-glib support, nobody is likely using it anymore.
* Fix importing profiles with a PKCS#12 CA.
* Make sure the plugin object links with glib.
* Dropped dependency on intltool.
* Updated Basque, Brazilian Portuguese, Chinese (China), Croatian, Czech,
Danish, Dutch, Georgian, Indonesian, Polish, Serbian, Spanish, Swedish,
Turkish and Ukrainian translations.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
NetworkManager:
* Drop unused, internal systemd DHCPv4 client. This is long
replaced by nettools' n-dhcp4 implementation.
* The nmcli command now supports --offline argument with "add" and
"modify" commands, allowing operation on keyfile-formatted connection
profiles without the service running (e.g. during system provisioning).
* The device state file /run/NetworkManager/devices/$ifindex now has
new sections [dhcp4] and [dhcp6] containing the DHCP options for the
current lease.
* Add multipath TCP (MPTCP) support. NetworkManager can now configure IP addresses
as MPTCP endpoints. This is configurable via the "connection.mptcp-flags"
property. The default setting is such that MPTCP handling is automatically
enabled if the kernel sysctl "/proc/sys/net/mptcp/enabled" indicates so.
NetworkManager does not enable the MPTCP sysctl or adjust the limits (ip mptcp limits).
The administrator or the distribution is supposed to configure the desired system
settings.
Note that strict reverse path filtering (rp_filter) breaks many MPTCP use cases.
With MPTCP handling enabled, NetworkManager will relax a strict (1) rp_filter
to loose (2). Otherwise rp_filter is untouched by NetworkManager.
* NetworkManager expanded log messages for invalid DHCP options.
* Fix the requirement of hardware address for DHCPv6, by dropping it.
* Increase the PMK lifetime for Wi-Fi connections using WPA-EAP.
* "nmcli networking off" now waits for deactivations to complete.
* Improve the appearance of nm-settings-nmcli man page by preserving
paragraphs.
* Support enabling ipv4ll alongside DHCPv4 and static addressing.
* Support configuring "ipv6.mtu".
* Honor "nm.debug" kernel command line to enable debug logging of
NetworkManager.
* NetworkManager reads the kernel command line "/proc/cmdline" for several
purposes, including "nm.debug" for enabling debugging and the
"match.kernel-command-line" setting in the profile. NetworkManager now
first looks now for "/run/NetworkManager/proc-cmdline", which allows to
overwrite the command line.
* Improve the reapply of non-bridge properties.
* Honor adding a Bluetooth NAP connection with all available methods.
* Improve carrier detection.
* During the build, stop relying on intltool for i18n and use gettext only.
* Undeprecate nm_remote_connection_get_secrets() in libnm.
* NetworkManager now will restart DHCP if the MAC changes on a device.
* Several internal improvements.
Recipe:
* Drop the last patch :-). -Difcfg_rh=false is now honored and the
distro detection patch is no longer needed.
* Fix: move /etc/resolv-conf.NetworkManager to daemon package
* Fix: remove ppp rdepends from daemon. The ppp plugin rdepends on ppp.
* ifupdown plugin requires now bash not sh. But the ifupdown is an
optional plugin anyway.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The NetworkManager meson.build is searching for iptables and nft by
passing absolute paths to meson's find_program. The result is that it
locates tools on the host machine when they exist at those locations. If
they don't, it uses default locations. This often works out, but in some
cases, such as when the host uses a merged usr scheme and the build
target does not, the paths will be incorrect and the tools won't be
found at runtime.
These could be PACKAGECONFIG options, but since they have fallback
values, completely disabling the use of either iptables or nft would
require patching the meson.build or setting a bogus location.
Note that this meson.build file follows the same pattern elsewhere, but
most cases are already covered by PACKAGECONFIG options.
Signed-off-by: Jim Broadus <jim@thruwave.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
If 'ppp' packageconfig option is enabled, but the build system does NOT
have pppd binary installed, the build fails with:
| Has header "pppd/pppd.h" : YES
| Program pppd /sbin/pppd /usr/sbin/pppd found: NO
|
| ../NetworkManager-1.36.2/meson.build:570:4: ERROR: Assert failed: pppd required but not found, please provide a valid pppd path or use -Dppp=false to disable it
This is due to meson trying to look for the 'pppd' binary in the build
system when it should not. If the build system does not contain pppd,
the build fails.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
* Add support for route type "throw".
* Fix bug setting priority for IP addresses.
* Static IPv6 addresses from "ipv6.addresses" are now preferred over
addresses from DHCPv6, which are preferred over addresses from autoconf.
This affects IPv6 source address selection, if the rules from
RFC 6724, section 5 don't give a exhaustive match.
* Static IPv6 addresses from "ipv6.addresses" are now interpreted with
first address being preferred. Their order got inverted. This is now
consistent with IPv4.
* Wi-Fi hotspots will use a (stable) random channel number unless one is
chosen manually.
* Don't use unsupported SAE/WPA3 mode for AP mode.
* NetworkManager will no longer advertise frequencies as supported when
they're disallowed in configured regulatory domain.
* Attempt to connect to WEP-encrypted Wi-Fi network will now fail
gracefully with a recent version of wpa_supplicant when built
without WEP support. As long as wpa_supplicant supports WEP,
NetworkManager will continue to work.
* Disable WPA3 transition mode for wifi.key-mgmt=wpa-psk if the NIC
does not support PMF. This is known to cause problems in some setups. It
is still possible to explicitly configure wifi.key-mgmt=sae for WPA3.
* Add new dummy crypto backend "null" that does nothing. NetworkManager
uses the crypto library when handling certificates for 802.1x profiles.
* Veth devices with name "eth*" are now managed by default via the
udev rule. This is to support managing the network in LXD containers.
* The hostname received from DHCP is now shortened to the first dot
(or to 64 characters, whatever comes first) if it's too long.
* As the insecure WEP encryption for Wi-Fi network is phased out,
nmcli now discourages its use when activating or modifying a
profile.
* Fix connectivity checks in case the check endpoint address resolves to
multiple addresses.
* Workaround libcurl blocking NetworkManager while resolving DNS names.
* nmcli: indicate missing Wi-Fi hardware when showing rfkill setting.
* nmcli: add connection migrate command to move a profile to a specified
settings plugin. This allows to convert profiles in the deprecated ifcfg-rh
format to keyfile.
* Set "src" attribute for routes from DHCPv4 to the leased address. This
helps with source address selection.
* Updated translations.
* Various bugfixes and internal improvements.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
From NEWS file of netowrkmanager 1.32:
firewall: add nftables firewall backend for configuring IPv4 NAT with
shared mode. Now two backends are supported, "iptables" and "nftables".
The default gets detected based on whether /usr/sbin/nft or
/usr/sbin/iptables is installed, with nftables preferred.
With this change nftables is not the prefered backend also with OE. But
it's still possible to set NETWORKMANAGER_FIREWALL_DEFAULT back to
iptables.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The main motivation for this rework is to support compiling the
NetworkManager with many plugins, but to install only a few of them in
a firmware image. This is advantageous when different products with
different network interfaces should be supported by only one binary
distribution. This is more in line with the way NetworkManager is
designed and used by other binary Linux distributions. Basically this
is already supported since the last rework of the networkmanager recipe.
However, the rrecomments from networkmanager to all available plugins is
not straight forward to be used in such a scenario. Installing only a
subset of the compiled plugins required to override the rrecommends
from networkmanager to the plugins in some way. To simplify the usage
the networkmanager package is now an empty meta package and
networkmanager itself gets moved to a new networkmanager-daemon package.
This allows to keep backward compatibility: Installing the
networkmanager package still adds all compiled plugins to the firmware.
But with the new package splitting it's also possible to install for
example only the networkmanager-wifi but not the networkmanager-wwan
package even if networkamanger has been compiled with the modemmanager
PACAKGECONFIG flag enabled as well.
The relation from plugins to services is now a stronger rdepends which
reflects better how NetworkManager is supposed to be used. If a plugin
is installed but the required service is not the plugin periodically
tries to connect to the service and reports error messages to the syslog
if the service is not available. Therefore it's better to make the
installation of the plugin optional but not the installation of the
services.
The bash-completion package adds support for the nmcli command line
utility. This change also moves the bash completion configuration to a
new package networkmanager-nmcli-bash-completion. This is more
consistent anyway but gets even more important when the networkmanager
package gets optional.
To simplify the usage of all these packages a SUMMARY:${PN}-.. for each
packages has been added.
The separation of the doc packages has been removed.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Plugins of networkmanager redpends on related services. If for example
modemmanager or wpa-supplicant is not installed but the related
networkmanager plugin is, the plugin writes error messages to the
syslog.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Add dependency libnm_client_public_dep to libnm-client-test to fix
parallel build error:
| In file included from ../NetworkManager-1.36.0/src/libnm-client-test/nm-test-utils-impl.c:10:
| ../NetworkManager-1.36.0/src/libnm-client-public/NetworkManager.h:47:10: fatal error: nm-enum-types.h: No such file or directory
| 47 | #include "nm-enum-types.h"
| | ^~~~~~~~~~~~~~~~~
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
0001-do-not-ask-host-for-ifcfg-defaults.patch refreshed for new version
Changelog:
==========
* When the list of plugins is not specified via "main.plugins" in
NetworkManager.conf and no build-time default is set with
"--with-config-plugins-default" configure argument, now all known
plugins found in the plugin directory are loaded (and the built-in
"keyfile" plugin is preferred over others).
* Preserve external ports during checkpoint rollback
* Fix removal of ovsdb entry when an OVS interface goes away
* Fix DNS configuration for WWAN connections
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
* Gtk4 version of the editor plugin is now available (for use with Control
Center of GNOME 42 or later).
* Update Catalan, Croatian, Czech, Hebrew and Slovenian translations.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
