feat(network-manager): run as daemon with D-Bus

This commit changes how NM is started inside the initrd. Instead of running NM in the special --configure-and-quit=initrd mode, which sets up network and quits, start it as a daemon. This has multiple advantages. First, we no longer need to run NM in a special mode that requires additional code and maintenance. NetworkManager works exactly as in the real root. One problem of the current configure-and-quit approach is that once NM has quit, dynamic addresses can expire if the initrd setup takes longer than the DHCP lease interval or than the IPv6 address lifetime. Running NM as a service solves this problem. Now NM runs with D-Bus support and therefore its API can be used by other modules. This open the possibility, for example, to integrate nm-cloud-setup to automatically configure networking based on cloud metadata. Use the NetworkManager-wait-online.service, ordered before dracut-initqueue.service, to delay the initqueue until NM has terminated its configuration.
dracutdevs · Apr 16, 2021 · 112f03f · 112f03f
1 parent 6a37c6f
commit 112f03f
Show file tree

Hide file tree

Showing 6 changed files with 65 additions and 3 deletions.
diff --git a/modules.d/35network-manager/initrd-no-auto-default.conf b/modules.d/35network-manager/initrd-no-auto-default.conf
@@ -0,0 +1,5 @@
+[.config]
+enable=env:initrd
+
+[main]
+no-auto-default=*
diff --git a/modules.d/35network-manager/module-setup.sh b/modules.d/35network-manager/module-setup.sh
@@ -10,6 +10,7 @@ check() {
 
 # called by dracut
 depends() {
+    echo dbus
     return 0
 }
 
@@ -33,8 +34,18 @@ install() {
     inst_multiple -o teamd dhclient
     inst_hook cmdline 99 "$moddir/nm-config.sh"
     if dracut_module_included "systemd"; then
-        inst_simple "${moddir}/nm-run.service" "${systemdsystemunitdir}/nm-run.service"
-        $SYSTEMCTL -q --root "$initdir" enable nm-run.service
+
+        inst "$dbussystem"/org.freedesktop.NetworkManager.conf
+        inst_multiple nmcli nm-online
+
+        # Install a configuration snippet to prevent the automatic creation of
+        # "Wired connection #" DHCP connections for Ethernet interfaces
+        inst_simple "$moddir"/initrd-no-auto-default.conf /usr/lib/NetworkManager/conf.d/
+
+        inst_simple "$moddir"/nm-initrd.service "$systemdsystemunitdir"/nm-initrd.service
+        inst_simple "$moddir"/nm-wait-online-initrd.service "$systemdsystemunitdir"/nm-wait-online-initrd.service
+
+        $SYSTEMCTL -q --root "$initdir" enable nm-initrd.service
     fi
 
     inst_hook initqueue/settled 99 "$moddir/nm-run.sh"

diff --git a/modules.d/35network-manager/nm-config.sh b/modules.d/35network-manager/nm-config.sh
@@ -10,6 +10,9 @@ if getargbool 0 rd.debug -d -y rdinitdebug -d -y rdnetdebug; then
     # shellcheck disable=SC2174
     mkdir -m 0755 -p /run/NetworkManager/conf.d
     (
+        echo '[.config]'
+        echo 'enable=env:initrd'
+        echo
         echo '[logging]'
         echo 'level=TRACE'
     ) > /run/NetworkManager/conf.d/initrd-logging.conf

diff --git a/modules.d/35network-manager/nm-initrd.service b/modules.d/35network-manager/nm-initrd.service
@@ -0,0 +1,26 @@
+[Unit]
+DefaultDependencies=no
+Wants=systemd-udev-settle.service
+After=systemd-udev-settle.service
+Before=network.target
+ConditionPathExists=/run/NetworkManager/initrd/neednet
+ConditionPathExistsGlob=|/usr/lib/NetworkManager/system-connections/*
+ConditionPathExistsGlob=|/run/NetworkManager/system-connections/*
+ConditionPathExistsGlob=|/etc/NetworkManager/system-connections/*
+ConditionPathExistsGlob=|/etc/sysconfig/network-scripts/ifcfg-*
+
+[Service]
+Type=dbus
+BusName=org.freedesktop.NetworkManager
+ExecReload=/usr/bin/busctl call org.freedesktop.NetworkManager /org/freedesktop/NetworkManager org.freedesktop.NetworkManager Reload u 0
+ExecStart=/usr/sbin/NetworkManager --debug
+KillMode=process
+StandardOutput=tty
+Environment=NM_CONFIG_ENABLE_TAG=initrd
+Restart=on-failure
+ProtectSystem=true
+ProtectHome=read-only
+
+[Install]
+WantedBy=initrd.target
+Also=nm-wait-online-initrd.service
diff --git a/modules.d/35network-manager/nm-lib.sh b/modules.d/35network-manager/nm-lib.sh
@@ -14,7 +14,7 @@ nm_generate_connections() {
             /etc/sysconfig/network-scripts/ifcfg-*; do
             [ -f "$i" ] || continue
             echo '[ -f /tmp/nm.done ]' > "$hookdir"/initqueue/finished/nm.sh
-            : > /run/NetworkManager/initrd/neednet # activate nm-run.service
+            : > /run/NetworkManager/initrd/neednet # activate NM services
             break
         done
     fi

diff --git a/modules.d/35network-manager/nm-wait-online-initrd.service b/modules.d/35network-manager/nm-wait-online-initrd.service
@@ -0,0 +1,17 @@
+[Unit]
+DefaultDependencies=no
+Requires=nm-initrd.service
+After=nm-initrd.service
+Before=network-online.target
+Before=dracut-initqueue.service
+ConditionPathExists=/run/NetworkManager/initrd/neednet
+
+[Service]
+Type=oneshot
+ExecStart=/usr/bin/nm-online -s -q
+RemainAfterExit=yes
+Environment=NM_ONLINE_TIMEOUT=3600
+
+[Install]
+WantedBy=initrd.target
+WantedBy=network-online.target