feat(network-manager): run as daemon with D-Bus

This commit changes how NM is started inside the initrd. Instead of running NM in the special --configure-and-quit=initrd mode, which sets up network and quits, start it as a daemon. This has multiple advantages. First, we no longer need to run NM in a special mode that requires additional code and maintenance. NetworkManager works exactly as in the real root. One problem of the current configure-and-quit approach is that once NM has quit, dynamic addresses can expire if the initrd setup takes longer than the DHCP lease interval or than the IPv6 address lifetime. Running NM as a service solves this problem. Now NM runs with D-Bus support and therefore its API can be used by other modules. This open the possibility, for example, to integrate nm-cloud-setup to automatically configure networking based on cloud metadata. Use the NetworkManager-wait-online.service, ordered before dracut-initqueue.service, to delay the initqueue until NM has terminated its configuration.
2021-03-26 11:31:03 +01:00 · 2021-03-26 11:31:03 +01:00 · 112f03f9e2
parent 6a37c6f630
commit 112f03f9e2
6 changed files with 65 additions and 3 deletions
--- a/modules.d/35network-manager/initrd-no-auto-default.conf
+++ b/modules.d/35network-manager/initrd-no-auto-default.conf
@ -0,0 +1,5 @@
+[.config]
+enable=env:initrd
+
+[main]
+no-auto-default=*
--- a/modules.d/35network-manager/module-setup.sh
+++ b/modules.d/35network-manager/module-setup.sh
@ -10,6 +10,7 @@ check() {

 # called by dracut
 depends() {
+    echo dbus
    return 0
 }

@ -33,8 +34,18 @@ install() {
    inst_multiple -o teamd dhclient
    inst_hook cmdline 99 "$moddir/nm-config.sh"
    if dracut_module_included "systemd"; then
-        inst_simple "${moddir}/nm-run.service" "${systemdsystemunitdir}/nm-run.service"
-        $SYSTEMCTL -q --root "$initdir" enable nm-run.service
+
+        inst "$dbussystem"/org.freedesktop.NetworkManager.conf
+        inst_multiple nmcli nm-online
+
+        # Install a configuration snippet to prevent the automatic creation of
+        # "Wired connection #" DHCP connections for Ethernet interfaces
+        inst_simple "$moddir"/initrd-no-auto-default.conf /usr/lib/NetworkManager/conf.d/
+
+        inst_simple "$moddir"/nm-initrd.service "$systemdsystemunitdir"/nm-initrd.service
+        inst_simple "$moddir"/nm-wait-online-initrd.service "$systemdsystemunitdir"/nm-wait-online-initrd.service
+
+        $SYSTEMCTL -q --root "$initdir" enable nm-initrd.service
    fi

    inst_hook initqueue/settled 99 "$moddir/nm-run.sh"
--- a/modules.d/35network-manager/nm-config.sh
+++ b/modules.d/35network-manager/nm-config.sh
@ -10,6 +10,9 @@ if getargbool 0 rd.debug -d -y rdinitdebug -d -y rdnetdebug; then
    # shellcheck disable=SC2174
    mkdir -m 0755 -p /run/NetworkManager/conf.d
    (
+        echo '[.config]'
+        echo 'enable=env:initrd'
+        echo
        echo '[logging]'
        echo 'level=TRACE'
    ) > /run/NetworkManager/conf.d/initrd-logging.conf
--- a/modules.d/35network-manager/nm-initrd.service
+++ b/modules.d/35network-manager/nm-initrd.service
@ -0,0 +1,26 @@
+[Unit]
+DefaultDependencies=no
+Wants=systemd-udev-settle.service
+After=systemd-udev-settle.service
+Before=network.target
+ConditionPathExists=/run/NetworkManager/initrd/neednet
+ConditionPathExistsGlob=|/usr/lib/NetworkManager/system-connections/*
+ConditionPathExistsGlob=|/run/NetworkManager/system-connections/*
+ConditionPathExistsGlob=|/etc/NetworkManager/system-connections/*
+ConditionPathExistsGlob=|/etc/sysconfig/network-scripts/ifcfg-*
+
+[Service]
+Type=dbus
+BusName=org.freedesktop.NetworkManager
+ExecReload=/usr/bin/busctl call org.freedesktop.NetworkManager /org/freedesktop/NetworkManager org.freedesktop.NetworkManager Reload u 0
+ExecStart=/usr/sbin/NetworkManager --debug
+KillMode=process
+StandardOutput=tty
+Environment=NM_CONFIG_ENABLE_TAG=initrd
+Restart=on-failure
+ProtectSystem=true
+ProtectHome=read-only
+
+[Install]
+WantedBy=initrd.target
+Also=nm-wait-online-initrd.service
--- a/modules.d/35network-manager/nm-lib.sh
+++ b/modules.d/35network-manager/nm-lib.sh
@ -14,7 +14,7 @@ nm_generate_connections() {
            /etc/sysconfig/network-scripts/ifcfg-*; do
            [ -f "$i" ] || continue
            echo '[ -f /tmp/nm.done ]' > "$hookdir"/initqueue/finished/nm.sh
-            : > /run/NetworkManager/initrd/neednet # activate nm-run.service
+            : > /run/NetworkManager/initrd/neednet # activate NM services
            break
        done
    fi
--- a/modules.d/35network-manager/nm-wait-online-initrd.service
+++ b/modules.d/35network-manager/nm-wait-online-initrd.service
@ -0,0 +1,17 @@
+[Unit]
+DefaultDependencies=no
+Requires=nm-initrd.service
+After=nm-initrd.service
+Before=network-online.target
+Before=dracut-initqueue.service
+ConditionPathExists=/run/NetworkManager/initrd/neednet
+
+[Service]
+Type=oneshot
+ExecStart=/usr/bin/nm-online -s -q
+RemainAfterExit=yes
+Environment=NM_ONLINE_TIMEOUT=3600
+
+[Install]
+WantedBy=initrd.target
+WantedBy=network-online.target