powerel9
/
NetworkManager
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

initial package creation 

Signed-off-by: Toshaan Bharvani <toshaan@powerel.org>
master
Toshaan Bharvani 2 years ago
commit
606ebe9c38
9 changed files with 4480 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 14
      SOURCES/00-server.conf
  2. 62
      SOURCES/1001-wwan-dns-fix-rh2059138.patch
  3. 332
      SOURCES/1002-checkpoint-preserve-external-bridge-ports-rh2035519.patch
  4. 52
      SOURCES/1003-fix-ovsdb-removal-ports-rhbz1935026.patch
  5. 10
      SOURCES/20-connectivity-fedora.conf
  6. 10
      SOURCES/20-connectivity-redhat.conf
  7. 15
      SOURCES/70-nm-connectivity.conf
  8. 52
      SOURCES/NetworkManager.conf
  9. 3933
      SPECS/NetworkManager.spec

14
SOURCES/00-server.conf
Unescape View File

@ -0,0 +1,14 @@ @@ -0,0 +1,14 @@
# This configuration file changes NetworkManager's behavior to
# what's expected on "traditional UNIX server" type deployments.
#
# See "man NetworkManager.conf" for more information about these
# and other keys.

[main]
# Do not do automatic (DHCP/SLAAC) configuration on ethernet devices
# with no other matching connections.
no-auto-default=*

# Ignore the carrier (cable plugged in) state when attempting to
# activate static-IP connections.
ignore-carrier=*

62
SOURCES/1001-wwan-dns-fix-rh2059138.patch
Unescape View File

@ -0,0 +1,62 @@ @@ -0,0 +1,62 @@
From 7ba52fdcfeeb1e5400bcecb9fa93b3099dcccb47 Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Fri, 25 Feb 2022 10:06:48 +0100
Subject: [PATCH] core: initialize l3cd dns-priority for ppp and wwan

For devices that configure IP by themselves (by returning
"->ready_for_ip_config() = TRUE" and implementing
->act_stage3_ip_config()), we skip manual configuration. Currently,
manual configuration is the only one that sets flag HAS_DNS_PRIORITY
into the resulting l3cd.

So, the merged l3cd for such devices misses a dns-priority and is
ignored by the DNS manager.

Explicitly initialize the priority to 0; in this way, the default
value for the device will be set in the final l3cd during the merge.

Fixes: 58287cbcc0c8 ('core: rework IP configuration in NetworkManager using layer 3 configuration')

https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/931
(cherry picked from commit b2e559fab2fa5adbf4e159fc1c2cadd3d965b01b)
(cherry picked from commit bfd3216584e9fe1eb0b6f3f81e3eb75a40877775)
---
src/core/devices/wwan/nm-modem-broadband.c | 2 ++
src/core/ppp/nm-ppp-manager.c | 1 +
2 files changed, 3 insertions(+)

diff --git a/src/core/devices/wwan/nm-modem-broadband.c b/src/core/devices/wwan/nm-modem-broadband.c
index f5336d3750..b585652e5d 100644
--- a/src/core/devices/wwan/nm-modem-broadband.c
+++ b/src/core/devices/wwan/nm-modem-broadband.c
@@ -1032,6 +1032,7 @@ stage3_ip_config_start(NMModem *modem, int addr_family, NMModemIPMethod ip_metho
l3cd = nm_l3_config_data_new(nm_platform_get_multi_idx(NM_PLATFORM_GET),
ifindex,
NM_IP_CONFIG_SOURCE_WWAN);
+ nm_l3_config_data_set_dns_priority(l3cd, AF_INET, 0);
address = (NMPlatformIP4Address){
.address = address_network,
@@ -1118,6 +1119,7 @@ stage3_ip_config_start(NMModem *modem, int addr_family, NMModemIPMethod ip_metho
l3cd = nm_l3_config_data_new(nm_platform_get_multi_idx(NM_PLATFORM_GET),
ifindex,
NM_IP_CONFIG_SOURCE_WWAN);
+ nm_l3_config_data_set_dns_priority(l3cd, AF_INET6, 0);
do_auto = TRUE;
diff --git a/src/core/ppp/nm-ppp-manager.c b/src/core/ppp/nm-ppp-manager.c
index dd6b1bc7f0..5761d59d39 100644
--- a/src/core/ppp/nm-ppp-manager.c
+++ b/src/core/ppp/nm-ppp-manager.c
@@ -545,6 +545,7 @@ impl_ppp_manager_set_ip4_config(NMDBusObject *obj,
NM_IP_CONFIG_SOURCE_PPP);
nm_l3_config_data_set_mtu(l3cd, mtu);
+ nm_l3_config_data_set_dns_priority(l3cd, AF_INET, 0);
address = (NMPlatformIP4Address){
.plen = 32,
--
2.34.1

332
SOURCES/1002-checkpoint-preserve-external-bridge-ports-rh2035519.patch
Unescape View File

@ -0,0 +1,332 @@ @@ -0,0 +1,332 @@
From b55842ac0803b59fe8675464191180e44634ce1f Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Tue, 22 Feb 2022 22:08:18 +0100
Subject: [PATCH 1/2] core: reject unsupported flags for CheckpointCreate D-Bus
request

(cherry picked from commit df6ee44fb2b96cf05aaeeee500c75d7d91b37404)
(cherry picked from commit 4cfc2245d382b0b869bd52238eecd17f1c10af1c)
---
src/core/nm-manager.c | 34 +++++++++++++++++++++++++---------
1 file changed, 25 insertions(+), 9 deletions(-)

diff --git a/src/core/nm-manager.c b/src/core/nm-manager.c
index b440b22457f2..53ef1754bb72 100644
--- a/src/core/nm-manager.c
+++ b/src/core/nm-manager.c
@@ -7453,15 +7453,30 @@ impl_manager_checkpoint_create(NMDBusObject *obj,
GDBusMethodInvocation *invocation,
GVariant *parameters)
{
- NMManager *self = NM_MANAGER(obj);
- NMManagerPrivate *priv = NM_MANAGER_GET_PRIVATE(self);
- NMAuthChain *chain;
- char **devices;
- guint32 rollback_timeout;
- guint32 flags;
+ NMManager *self = NM_MANAGER(obj);
+ NMManagerPrivate *priv = NM_MANAGER_GET_PRIVATE(self);
+ NMAuthChain *chain;
+ gs_strfreev char **devices = NULL;
+ guint32 rollback_timeout;
+ guint32 flags;
G_STATIC_ASSERT_EXPR(sizeof(flags) <= sizeof(NMCheckpointCreateFlags));
+ g_variant_get(parameters, "(^aouu)", &devices, &rollback_timeout, &flags);
+
+ if ((NMCheckpointCreateFlags) flags != flags
+ || NM_FLAGS_ANY(flags,
+ ~((guint32) (NM_CHECKPOINT_CREATE_FLAG_DESTROY_ALL
+ | NM_CHECKPOINT_CREATE_FLAG_DELETE_NEW_CONNECTIONS
+ | NM_CHECKPOINT_CREATE_FLAG_DISCONNECT_NEW_DEVICES
+ | NM_CHECKPOINT_CREATE_FLAG_ALLOW_OVERLAPPING)))) {
+ g_dbus_method_invocation_return_error_literal(invocation,
+ NM_MANAGER_ERROR,
+ NM_MANAGER_ERROR_INVALID_ARGUMENTS,
+ "Invalid flags");
+ return;
+ }
+
chain = nm_auth_chain_new_context(invocation, checkpoint_auth_done_cb, self);
if (!chain) {
g_dbus_method_invocation_return_error_literal(invocation,
@@ -7471,11 +7486,12 @@ impl_manager_checkpoint_create(NMDBusObject *obj,
return;
}
- g_variant_get(parameters, "(^aouu)", &devices, &rollback_timeout, &flags);
-
c_list_link_tail(&priv->auth_lst_head, nm_auth_chain_parent_lst_list(chain));
nm_auth_chain_set_data(chain, "audit-op", NM_AUDIT_OP_CHECKPOINT_CREATE, NULL);
- nm_auth_chain_set_data(chain, "devices", devices, (GDestroyNotify) g_strfreev);
+ nm_auth_chain_set_data(chain,
+ "devices",
+ g_steal_pointer(&devices),
+ (GDestroyNotify) g_strfreev);
nm_auth_chain_set_data(chain, "flags", GUINT_TO_POINTER(flags), NULL);
nm_auth_chain_set_data(chain, "timeout", GUINT_TO_POINTER(rollback_timeout), NULL);
nm_auth_chain_add_call(chain, NM_AUTH_PERMISSION_CHECKPOINT_ROLLBACK, TRUE);
--
2.35.1


From 3c417c8338bf44292d4869763587286c7d492c0c Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Tue, 22 Feb 2022 21:55:57 +0100
Subject: [PATCH 2/2] core: preserve external ports during checkpoint rollback

When we have a bridge interface with ports attached externally (that is,
not by NetworkManager itself), then it can make sense that during
checkpoint rollback we want to keep those ports attached.

During rollback, we may need to deactivate the bridge device and
re-activate it. Implement this, by setting a flag before deactivating,
which prevents external ports to be detached. The flag gets cleared,
when the device state changes to activated (the following activation)
or unmanaged.

This is an ugly solution, for several reasons.

For one, NMDevice tracks its ports in the "slaves" list. But what
it does is ugly. There is no clear concept to understand what it
actually tacks. For example, it tracks externally added interfaces
(nm_device_sys_iface_state_is_external()) that are attached while
not being connected. But it also tracks interfaces that we want to attach
during activation (but which are not yet actually enslaved). It also tracks
slaves that have no actual netdev device (OVS). So it's not clear what this
list contains and what it should contain at any point in time. When we skip
the change of the slaves states during nm_device_master_release_slaves_all(),
it's not really clear what the effects are. It's ugly, but probably correct
enough. What would be better, if we had a clear purpose of what the
lists (or several lists) mean. E.g. a list of all ports that are
currently, physically attached vs. a list of ports we want to attach vs.
a list of OVS slaves that have no actual netdev device.

Another problem is that we attach state on the device
("activation_state_preserve_external_ports"), which should linger there
during the deactivation and reactivation. How can we be sure that we don't
leave that flag dangling there, and that the desired following activation
is the one we cared about? If the follow-up activation fails short (e.g. an
unmanaged command comes first), will we properly disconnect the slaves?
Should we even? In practice, it might be correct enough.

Also, we only implement this for bridges. I think this is where it makes
the most sense. And after all, it's an odd thing to preserve unknown,
external things during a rollback -- unknown, because we have no knowledge
about why these ports are attached and what to do with them.

Also, the change doesn't remember the ports that were attached when the
checkpoint was created. Instead, we preserve all ports that are attached
during rollback. That seems more useful and easier to implement. So we
don't actually rollback to the configuration when the checkpoint was
created. Instead, we rollback, but keep external devices.

Also, we do this now by default and introduce a flag to get the previous
behavior.

https://bugzilla.redhat.com/show_bug.cgi?id=2035519
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/ # 909
(cherry picked from commit 98b3056604fc565f273c264b892086a75a4db0e9)
(cherry picked from commit 351ca13358f62f85af675672c3399141bec092cd)
---
src/core/devices/nm-device.c | 71 ++++++++++++++++++++++-
src/core/devices/nm-device.h | 2 +
src/core/nm-checkpoint.c | 5 ++
src/core/nm-manager.c | 3 +-
src/libnm-core-public/nm-dbus-interface.h | 16 +++--
5 files changed, 90 insertions(+), 7 deletions(-)

diff --git a/src/core/devices/nm-device.c b/src/core/devices/nm-device.c
index 35360ceebb7b..a11486d54be3 100644
--- a/src/core/devices/nm-device.c
+++ b/src/core/devices/nm-device.c
@@ -76,6 +76,7 @@
#include "nm-hostname-manager.h"
#include "nm-device-generic.h"
+#include "nm-device-bridge.h"
#include "nm-device-vlan.h"
#include "nm-device-vrf.h"
#include "nm-device-wireguard.h"
@@ -483,9 +484,12 @@ typedef struct _NMDevicePrivate {
NMUtilsStableType current_stable_id_type : 3;
+ bool activation_state_preserve_external_ports : 1;
+
bool nm_owned : 1; /* whether the device is a device owned and created by NM */
- bool assume_state_guess_assume : 1;
+ bool assume_state_guess_assume : 1;
+
char *assume_state_connection_uuid;
guint64 udi_id;
@@ -7666,8 +7670,19 @@ nm_device_master_release_slaves(NMDevice *self)
c_list_for_each_safe (iter, safe, &priv->slaves) {
SlaveInfo *info = c_list_entry(iter, SlaveInfo, lst_slave);
+ if (priv->activation_state_preserve_external_ports
+ && nm_device_sys_iface_state_is_external(info->slave)) {
+ _LOGT(LOGD_DEVICE,
+ "master: preserve external port %s",
+ nm_device_get_iface(info->slave));
+ continue;
+ }
nm_device_master_release_one_slave(self, info->slave, TRUE, FALSE, reason);
}
+
+ /* We only need this flag for a short time. It served its purpose. Clear
+ * it again. */
+ nm_device_activation_state_set_preserve_external_ports(self, FALSE);
}
/**
@@ -15386,6 +15401,16 @@ _set_state_full(NMDevice *self, NMDeviceState state, NMDeviceStateReason reason,
if (state > NM_DEVICE_STATE_DISCONNECTED)
nm_device_assume_state_reset(self);
+ if (state < NM_DEVICE_STATE_UNAVAILABLE
+ || (state >= NM_DEVICE_STATE_IP_CONFIG && state < NM_DEVICE_STATE_ACTIVATED)) {
+ /* preserve-external-ports is used by NMCheckpoint to activate a master
+ * device, and preserve already attached ports. This means, this state is only
+ * relevant during the deactivation and the following activation of the
+ * right profile. Once we are sufficiently far in the activation of the
+ * intended profile, we clear the state again. */
+ nm_device_activation_state_set_preserve_external_ports(self, FALSE);
+ }
+
if (state <= NM_DEVICE_STATE_UNAVAILABLE) {
if (available_connections_del_all(self))
_notify(self, PROP_AVAILABLE_CONNECTIONS);
@@ -15790,6 +15815,50 @@ nm_device_get_state(NMDevice *self)
return NM_DEVICE_GET_PRIVATE(self)->state;
}
+/*****************************************************************************/
+
+/**
+ * nm_device_activation_state_set_preserve_external_ports:
+ * @self: the NMDevice.
+ * @flag: whether to set or clear the the flag.
+ *
+ * This sets an internal flag to true, which does something specific.
+ * For non-master devices, it has no effect. For master devices, this
+ * will prevent to detach all external ports, until the next activation
+ * completes.
+ *
+ * This is used during checkpoint/rollback. We may want to preserve
+ * externally attached ports during the restore. NMCheckpoint will
+ * call this before doing a re-activation. By setting the flag,
+ * we basically preserve such ports.
+ *
+ * Once we reach again ACTIVATED state, the flag gets cleared. This
+ * only has effect for the next activation cycle. */
+void
+nm_device_activation_state_set_preserve_external_ports(NMDevice *self, gboolean flag)
+{
+ NMDevicePrivate *priv;
+
+ g_return_if_fail(NM_IS_DEVICE(self));
+
+ priv = NM_DEVICE_GET_PRIVATE(self);
+
+ if (!NM_IS_DEVICE_BRIDGE(self)) {
+ /* This is actually only implemented for bridge devices. While it might
+ * make sense for bond/team or OVS, it's not clear that it is actually
+ * useful or desirable. */
+ return;
+ }
+
+ if (priv->activation_state_preserve_external_ports == flag)
+ return;
+
+ priv->activation_state_preserve_external_ports = flag;
+ _LOGD(LOGD_DEVICE,
+ "activation-state: preserve-external-ports %s",
+ flag ? "enabled" : "disabled");
+}
+
/*****************************************************************************/
/* NMConfigDevice interface related stuff */
diff --git a/src/core/devices/nm-device.h b/src/core/devices/nm-device.h
index cfcd4ade6d80..a7badb861087 100644
--- a/src/core/devices/nm-device.h
+++ b/src/core/devices/nm-device.h
@@ -444,6 +444,8 @@ NMDeviceType nm_device_get_device_type(NMDevice *dev);
NMLinkType nm_device_get_link_type(NMDevice *dev);
NMMetered nm_device_get_metered(NMDevice *dev);
+void nm_device_activation_state_set_preserve_external_ports(NMDevice *self, gboolean flag);
+
guint32 nm_device_get_route_table(NMDevice *self, int addr_family);
guint32 nm_device_get_route_metric(NMDevice *dev, int addr_family);
diff --git a/src/core/nm-checkpoint.c b/src/core/nm-checkpoint.c
index 0153af970de7..5b48f91aa515 100644
--- a/src/core/nm-checkpoint.c
+++ b/src/core/nm-checkpoint.c
@@ -282,6 +282,11 @@ restore_and_activate_connection(NMCheckpoint *self, DeviceCheckpoint *dev_checkp
* an internal subject. */
if (nm_device_get_state(dev_checkpoint->device) > NM_DEVICE_STATE_DISCONNECTED
&& nm_device_get_state(dev_checkpoint->device) < NM_DEVICE_STATE_DEACTIVATING) {
+ if (!NM_FLAGS_HAS(priv->flags, NM_CHECKPOINT_CREATE_FLAG_NO_PRESERVE_EXTERNAL_PORTS)) {
+ nm_device_activation_state_set_preserve_external_ports(dev_checkpoint->device,
+ TRUE);
+ }
+
nm_device_state_changed(dev_checkpoint->device,
NM_DEVICE_STATE_DEACTIVATING,
NM_DEVICE_STATE_REASON_NEW_ACTIVATION);
diff --git a/src/core/nm-manager.c b/src/core/nm-manager.c
index 53ef1754bb72..6c73d237c845 100644
--- a/src/core/nm-manager.c
+++ b/src/core/nm-manager.c
@@ -7469,7 +7469,8 @@ impl_manager_checkpoint_create(NMDBusObject *obj,
~((guint32) (NM_CHECKPOINT_CREATE_FLAG_DESTROY_ALL
| NM_CHECKPOINT_CREATE_FLAG_DELETE_NEW_CONNECTIONS
| NM_CHECKPOINT_CREATE_FLAG_DISCONNECT_NEW_DEVICES
- | NM_CHECKPOINT_CREATE_FLAG_ALLOW_OVERLAPPING)))) {
+ | NM_CHECKPOINT_CREATE_FLAG_ALLOW_OVERLAPPING
+ | NM_CHECKPOINT_CREATE_FLAG_NO_PRESERVE_EXTERNAL_PORTS)))) {
g_dbus_method_invocation_return_error_literal(invocation,
NM_MANAGER_ERROR,
NM_MANAGER_ERROR_INVALID_ARGUMENTS,
diff --git a/src/libnm-core-public/nm-dbus-interface.h b/src/libnm-core-public/nm-dbus-interface.h
index fe2a6c09db58..0d23c7d7a793 100644
--- a/src/libnm-core-public/nm-dbus-interface.h
+++ b/src/libnm-core-public/nm-dbus-interface.h
@@ -959,17 +959,23 @@ typedef enum {
* overlapping younger checkpoints. This opts-in that the
* checkpoint can be automatically destroyed by the rollback
* of an older checkpoint. Since: 1.12.
+ * @NM_CHECKPOINT_CREATE_FLAG_NO_PRESERVE_EXTERNAL_PORTS: during rollback,
+ * by default externally added ports attached to bridge devices are preserved.
+ * With this flag, the rollback detaches all external ports.
+ * This only has an effect for bridge ports. Before 1.38, 1.36.2, this was the default
+ * behavior. Since: 1.38, 1.36.2.
*
* The flags for CheckpointCreate call
*
* Since: 1.4 (gi flags generated since 1.12)
*/
typedef enum { /*< flags >*/
- NM_CHECKPOINT_CREATE_FLAG_NONE = 0,
- NM_CHECKPOINT_CREATE_FLAG_DESTROY_ALL = 0x01,
- NM_CHECKPOINT_CREATE_FLAG_DELETE_NEW_CONNECTIONS = 0x02,
- NM_CHECKPOINT_CREATE_FLAG_DISCONNECT_NEW_DEVICES = 0x04,
- NM_CHECKPOINT_CREATE_FLAG_ALLOW_OVERLAPPING = 0x08,
+ NM_CHECKPOINT_CREATE_FLAG_NONE = 0,
+ NM_CHECKPOINT_CREATE_FLAG_DESTROY_ALL = 0x01,
+ NM_CHECKPOINT_CREATE_FLAG_DELETE_NEW_CONNECTIONS = 0x02,
+ NM_CHECKPOINT_CREATE_FLAG_DISCONNECT_NEW_DEVICES = 0x04,
+ NM_CHECKPOINT_CREATE_FLAG_ALLOW_OVERLAPPING = 0x08,
+ NM_CHECKPOINT_CREATE_FLAG_NO_PRESERVE_EXTERNAL_PORTS = 0x10,
} NMCheckpointCreateFlags;
/**
--
2.35.1

52
SOURCES/1003-fix-ovsdb-removal-ports-rhbz1935026.patch
Unescape View File

@ -0,0 +1,52 @@ @@ -0,0 +1,52 @@
From 482f9671c69800de2077d2dab9352a9b385115d3 Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkundrak@v3.sk>
Date: Tue, 22 Feb 2022 16:18:40 +0100
Subject: [PATCH] ovs-port: fix removal of ovsdb entry if the interface goes
away

Hope third time is the charm.

The idea here is to remove the OVSDB entry if the device actually went away
violently (like, the it was actually removed from the platform), but keep it if
we're shutting down.

Fixes-test: @ovs_nmstate
Fixes: 966413e78f14 ('ovs-port: avoid removing the OVSDB entry if we're shutting down')
Fixes: ecc73eb239e6 ('ovs-port: always remove the OVSDB entry on slave release')

https://bugzilla.redhat.com/show_bug.cgi?id=2055665
(cherry picked from commit 65fdfb25006acc3c67059792579dd7a770d04768)
(cherry picked from commit fee7328c86e5fe8171f8382492f147e7d263891b)
---
src/core/devices/ovs/nm-device-ovs-port.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/src/core/devices/ovs/nm-device-ovs-port.c b/src/core/devices/ovs/nm-device-ovs-port.c
index 8406c3648cef..116f58c43ace 100644
--- a/src/core/devices/ovs/nm-device-ovs-port.c
+++ b/src/core/devices/ovs/nm-device-ovs-port.c
@@ -188,8 +188,10 @@ del_iface_cb(GError *error, gpointer user_data)
static void
release_slave(NMDevice *device, NMDevice *slave, gboolean configure)
{
- NMDeviceOvsPort *self = NM_DEVICE_OVS_PORT(device);
- bool slave_removed = nm_device_sys_iface_state_get(slave) == NM_DEVICE_SYS_IFACE_STATE_REMOVED;
+ NMDeviceOvsPort *self = NM_DEVICE_OVS_PORT(device);
+ bool slave_not_managed = !NM_IN_SET(nm_device_sys_iface_state_get(slave),
+ NM_DEVICE_SYS_IFACE_STATE_MANAGED,
+ NM_DEVICE_SYS_IFACE_STATE_ASSUME);
_LOGI(LOGD_DEVICE, "releasing ovs interface %s", nm_device_get_ip_iface(slave));
@@ -197,7 +199,7 @@ release_slave(NMDevice *device, NMDevice *slave, gboolean configure)
* removed and thus we're called with configure=FALSE), we still need
* to make sure its OVSDB entry is gone.
*/
- if (configure || slave_removed) {
+ if (configure || slave_not_managed) {
nm_ovsdb_del_interface(nm_ovsdb_get(),
nm_device_get_iface(slave),
del_iface_cb,
--
2.35.1

10
SOURCES/20-connectivity-fedora.conf
Unescape View File

@ -0,0 +1,10 @@ @@ -0,0 +1,10 @@
# Enable connectivity checking for NetworkManager.
# See `man NetworkManager.conf`.
#
# Note that connectivity checking works badly with rp_filter set to
# strict. Check "/proc/sys/net/ipv4/conf/*/rp_filter".
[connectivity]
enabled=true
uri=http://fedoraproject.org/static/hotspot.txt
response=OK
interval=300

10
SOURCES/20-connectivity-redhat.conf
Unescape View File

@ -0,0 +1,10 @@ @@ -0,0 +1,10 @@
# Enable connectivity checking for NetworkManager.
# See `man NetworkManager.conf`.
#
# Note that connectivity checking works badly with rp_filter set to
# strict. Check "/proc/sys/net/ipv4/conf/*/rp_filter".
[connectivity]
enabled=true
uri=http://static.redhat.com/test/rhel-networkmanager.txt
response=OK
interval=300

15
SOURCES/70-nm-connectivity.conf
Unescape View File

@ -0,0 +1,15 @@ @@ -0,0 +1,15 @@
# The Strict mode of RFC3704 Reverse Path filtering breaks some pretty
# common and reasonable use cases.
#
# Notably, it makes it impossible for NetworkManager to do connectivity
# check on a newly arriving default route (it starts with a higher metric
# and is bumped lower if there's connectivity).
#
# Kernel's default is 0 (no filter), systemd configures a Loose filter since
# commit 230450d4e4f1 ('sysctl.d: switch net.ipv4.conf.all.rp_filter from 1
# to 2'). However, RHEL systemd package happens to default to Strict mode
# for historic reasons. Let's override it if we're doing connectivity
# checking.

# Source route verification
net.ipv4.conf.all.rp_filter = 0

52
SOURCES/NetworkManager.conf
Unescape View File

@ -0,0 +1,52 @@ @@ -0,0 +1,52 @@
# Configuration file for NetworkManager.
#
# See "man 5 NetworkManager.conf" for details.
#
# The directories /usr/lib/NetworkManager/conf.d/ and /run/NetworkManager/conf.d/
# can contain additional .conf snippets installed by packages. These files are
# read before NetworkManager.conf and have thus lowest priority.
# The directory /etc/NetworkManager/conf.d/ can contain additional .conf
# snippets. Those snippets are merged last and overwrite the settings from this main
# file.
#
# The files within one conf.d/ directory are read in asciibetical order.
#
# You can prevent loading a file /usr/lib/NetworkManager/conf.d/NAME.conf
# by having a file NAME.conf in either /run/NetworkManager/conf.d/ or /etc/NetworkManager/conf.d/.
# Likewise, snippets from /run can be prevented from loading by placing
# a file with the same name in /etc/NetworkManager/conf.d/.
#
# If two files define the same key, the one that is read afterwards will overwrite
# the previous one.

[main]
#plugins=keyfile,ifcfg-rh


[logging]
# When debugging NetworkManager, enabling debug logging is of great help.
#
# Logfiles contain no passwords and little sensitive information. But please
# check before posting the file online. You can also personally hand over the
# logfile to a NM developer to treat it confidential. Meet us on #nm on Libera.Chat.
#
# You can also change the log-level at runtime via
# $ nmcli general logging level TRACE domains ALL
# However, usually it's cleaner to enable debug logging
# in the configuration and restart NetworkManager so that
# debug logging is enabled from the start.
#
# You will find the logfiles in syslog, for example via
# $ journalctl -u NetworkManager
#
# Please post full logfiles for bug reports without pre-filtering or truncation.
# Also, for debugging the entire `journalctl` output can be interesting. Don't
# limit unnecessarily with `journalctl -u`. Exceptions are if you are worried
# about private data. Check before posting logfiles!
#
# Note that debug logging of NetworkManager can be quite verbose. Some messages
# might be rate-limited by the logging daemon (see RateLimitIntervalSec, RateLimitBurst
# in man journald.conf). Please disable rate-limiting before collecting debug logs!
#
#level=TRACE
#domains=ALL

3933
SPECS/NetworkManager.spec
View File

File diff suppressed because it is too large Load Diff
Write Preview
Loading…
Cancel
Save