Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

networkmanager: 1.22.10 → 1.24.2 #87286

Open
wants to merge 2 commits into
base: staging
from
Open

networkmanager: 1.22.10 → 1.24.2 #87286

wants to merge 2 commits into from

Conversation

@mweinelt
Copy link
Member

mweinelt commented May 8, 2020

Motivation for this change

Finally support for OWE/Enhanced Open.
(Though we'd need hostapd 2.10 for that to work)

https://gitlab.freedesktop.org/NetworkManager/NetworkManager/blob/1.24.0/NEWS

=============================================
NetworkManager-1.24
Overview of changes since NetworkManager-1.22
=============================================

* Add support for virtual routing and forwarding (VRF) interfaces.
* Add support for Opportunistic Wireless Encryption mode (OWE) for Wi-Fi networks.
* Add support for 31-bit prefixes on IPv4 point-to-point links according to
  RFC 3021.
* Drop dependencies for libpolkit-agent-1 and libpolkit-gobject-1.
* nmcli:
  - support setting removal via new command
    `nmcli connection modify $CON_NAME remove $setting`.
  - support backslash escape sequences for "vpn.data", "vpn.secrets",
    "bond.options", and "ethernet.s390-options".
* bridge: support new options "bridge.multicast-querier", "bridge.multicast-query-use-ifaddr",
  "bridge.multicast-router", "bridge.vlan-stats-enabled", "bridge.vlan-protocol",
  "bridge.group-address".
* IPv6 SLAAC: add support for "ipv6.ra-timeout" setting
* IPv6 DHCP: add support for "ipv6.dhcp-timeout" setting
* WWAN: NetworkManager now detects if a PIN-protected SIM card has been
  externally unlocked and automatically tries to activate a suitable
  connection on the modem.
* OVS:
  - add support for changing MTU of OVS interfaces.
  - remove length limitation for OVS Bridge, Patches and Interfaces
    (only Patch types) names.
* VPN: accept empty values for VPN data items and secrets.
* All nm-devices now expose the 'HwAddress' property via D-Bus.
* Slave devices now do not get created/activated if master is missing.
* Fixed multiple issues in the internal "nettools" DHCP client.
* Export NM_CAPABILITY_OVS capability on D-Bus and in libnm to
  indicate that the OVS plugin is loaded.
* Fixes for importing WireGuard profiles in nmcli and better handle
  configurations that enable ip4-auto-default-route with an explicit
  gateway.
* Various bug fixes and improvements.
Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS linux)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Ensured that relevant documentation is up to date
  • Fits CONTRIBUTING.md.

@Phreedom @domenkozar @obadz @worldofpeace

@jtojnar
Copy link
Contributor

jtojnar commented May 8, 2020

🤷‍♀️

  • Drop dependencies for libpolkit-agent-1 and libpolkit-gobject-1.

It still has a runtime dependency on polkit-agent-helper-1 and build-time dependencies on the pkg-config files.

Also do not like how easily it can fall through /usr:

https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/365/diffs?commit_id=df1d214b2ea7dc65cc8c20658c66a97eb222569a#0cc1139e3347f573ae1feee5b73dbc8a8a21fcfa_500_501

@mweinelt
Copy link
Member Author

mweinelt commented May 8, 2020

Also do not like how easily it can fall through /usr:

I'm not too familiar with meson, but would something like this be fine?

diff --git a/meson.build b/meson.build
index a2d925a7e..23c85f128 100644
--- a/meson.build
+++ b/meson.build
@@ -522,7 +522,7 @@ polkit_agent_dep = dependency('polkit-agent-1', version: '>= 0.97', required : f
 if polkit_agent_dep.found()
        config_h.set_quoted('POLKIT_PACKAGE_PREFIX', polkit_agent_dep.get_pkgconfig_variable('prefix'))
 else
-       config_h.set_quoted('POLKIT_PACKAGE_PREFIX', '/usr')
+       config_h.set_quoted('POLKIT_PACKAGE_PREFIX', '@polkit@')
 endif
@jtojnar
Copy link
Contributor

jtojnar commented May 8, 2020

Yes, if you substituted it in the patch.

Though maybe removing the required : false would be even more reliable. Ideally, we would came up with a patch that can fail fast and be acceptable to upstream.

@mweinelt mweinelt force-pushed the mweinelt:pr/nm branch from 03dcaf8 to 5811c38 May 8, 2020
@mweinelt
Copy link
Member Author

mweinelt commented May 8, 2020

I hope that works for you.

I'm not sure I can help coming up with a solution that would be acceptable upstream. I'm not even sure what the constraints would be.

@flokli flokli requested a review from jtojnar May 31, 2020
@worldofpeace worldofpeace self-assigned this Jul 8, 2020
@worldofpeace worldofpeace force-pushed the mweinelt:pr/nm branch from 5811c38 to 7daccdb Jul 8, 2020
@worldofpeace
Copy link
Member

worldofpeace commented Jul 8, 2020

@worldofpeace worldofpeace changed the title networkmanager: 1.22.10 → 1.24.0 networkmanager: 1.22.10 → 1.24.2 Jul 8, 2020
@worldofpeace
Copy link
Member

worldofpeace commented Jul 8, 2020

@jtojnar Was there anything unresolved with this? This was in my queue, so I pleased to see an open PR 😄 and maybe merge it.

config_h.set_quoted('POLKIT_PACKAGE_PREFIX', polkit_agent_dep.get_pkgconfig_variable('prefix'))
else
- config_h.set_quoted('POLKIT_PACKAGE_PREFIX', '/usr')
+ config_h.set_quoted('POLKIT_PACKAGE_PREFIX', '@polkit@')

This comment has been minimized.

Copy link
@jtojnar

jtojnar Jul 8, 2020

Contributor

Actually, looking at the use case, this is not even correct.

We need to patch https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/75bc21c4cf2c54e368d665302760cfe41b1b6814/clients/common/nm-polkit-listener.c#L555 to /run/wrappers/bin/polkit-agent-helper-1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

3 participants
You can’t perform that action at this time.