Merge pull request #127461 from maxeaubrey/NetworkManager-1.32.0

This commit is contained in:
Martin Weinelt 2021-07-21 20:03:32 +02:00 committed by GitHub
commit 78b21f405c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 217 additions and 80 deletions

View File

@ -49,6 +49,7 @@ let
rc-manager =
if config.networking.resolvconf.enable then "resolvconf"
else "unmanaged";
firewall-backend = cfg.firewallBackend;
})
(mkSection "keyfile" {
unmanaged-devices =
@ -244,6 +245,15 @@ in {
'';
};
firewallBackend = mkOption {
type = types.enum [ "iptables" "nftables" "none" ];
default = "iptables";
description = ''
Which firewall backend should be used for configuring masquerading with shared mode.
If set to none, NetworkManager doesn't manage the configuration at all.
'';
};
logLevel = mkOption {
type = types.enum [ "OFF" "ERR" "WARN" "INFO" "DEBUG" "TRACE" ];
default = "WARN";

View File

@ -103,6 +103,7 @@ in
}];
boot.blacklistedKernelModules = [ "ip_tables" ];
environment.systemPackages = [ pkgs.nftables ];
networking.networkmanager.firewallBackend = mkDefault "nftables";
systemd.services.nftables = {
description = "nftables firewall";
before = [ "network-pre.target" ];

View File

@ -1,20 +1,64 @@
{ lib, stdenv, fetchurl, substituteAll, intltool, pkg-config, fetchpatch, dbus
, gnome, systemd, libuuid, polkit, gnutls, ppp, dhcp, iptables, python3, vala
, libgcrypt, dnsmasq, bluez5, readline, libselinux, audit
, gobject-introspection, modemmanager, openresolv, libndp, newt, libsoup
, ethtool, gnused, iputils, kmod, jansson, gtk-doc, libxslt
, docbook_xsl, docbook_xml_dtd_412, docbook_xml_dtd_42, docbook_xml_dtd_43
, openconnect, curl, meson, ninja, libpsl, mobile-broadband-provider-info, runtimeShell }:
{ lib
, stdenv
, fetchurl
, substituteAll
, intltool
, pkg-config
, fetchpatch
, dbus
, gnome
, systemd
, libuuid
, polkit
, gnutls
, ppp
, dhcp
, iptables
, nftables
, python3
, vala
, libgcrypt
, dnsmasq
, bluez5
, readline
, libselinux
, audit
, gobject-introspection
, modemmanager
, openresolv
, libndp
, newt
, libsoup
, ethtool
, gnused
, iputils
, kmod
, jansson
, gtk-doc
, libxslt
, docbook_xsl
, docbook_xml_dtd_412
, docbook_xml_dtd_42
, docbook_xml_dtd_43
, openconnect
, curl
, meson
, ninja
, libpsl
, mobile-broadband-provider-info
, runtimeShell
}:
let
pythonForDocs = python3.withPackages (pkgs: with pkgs; [ pygobject3 ]);
in stdenv.mkDerivation rec {
in
stdenv.mkDerivation rec {
pname = "networkmanager";
version = "1.30.4";
version = "1.32.4";
src = fetchurl {
url = "mirror://gnome/sources/NetworkManager/${lib.versions.majorMinor version}/NetworkManager-${version}.tar.xz";
sha256 = "sha256-YFC3JCEuo85zhhEzWb6pr6H2eaVPYNmZpZmYkuZywZA=";
sha256 = "sha256-Kay9QceLfvh/+I/sU2DR6vi1tvy5BVXXORq8XjaSMVg=";
};
outputs = [ "out" "dev" "devdoc" "man" "doc" ];
@ -23,34 +67,46 @@ in stdenv.mkDerivation rec {
# patch networkmanager to allow passing these path in config file. This will
# remove unneeded build-time dependencies.
mesonFlags = [
"-Ddhclient=${dhcp}/bin/dhclient"
# System paths
"--sysconfdir=/etc"
"--localstatedir=/var"
"-Dsystemdsystemunitdir=${placeholder "out"}/etc/systemd/system"
# to enable link-local connections
"-Dudev_dir=${placeholder "out"}/lib/udev"
"-Ddbus_conf_dir=${placeholder "out"}/share/dbus-1/system.d"
"-Dkernel_firmware_dir=/run/current-system/firmware"
# Platform
"-Dsession_tracking=systemd"
"-Dlibaudit=yes-disabled-by-default"
"-Dpolkit_agent_helper_1=/run/wrappers/bin/polkit-agent-helper-1"
# Features
# Allow using iwd when configured to do so
"-Diwd=true"
"-Dpppd=${ppp}/bin/pppd"
"-Diptables=${iptables}/bin/iptables"
"-Dnft=${nftables}/bin/nft"
"-Dmodem_manager=true"
"-Dnmtui=true"
"-Ddnsmasq=${dnsmasq}/bin/dnsmasq"
"-Dqt=false"
# Handlers
"-Dresolvconf=${openresolv}/bin/resolvconf"
# DHCP clients
"-Ddhclient=${dhcp}/bin/dhclient"
# Upstream prefers dhclient, so don't add dhcpcd to the closure
"-Ddhcpcd=no"
"-Ddhcpcanon=no"
"-Dpppd=${ppp}/bin/pppd"
"-Diptables=${iptables}/bin/iptables"
# to enable link-local connections
"-Dudev_dir=${placeholder "out"}/lib/udev"
"-Dresolvconf=${openresolv}/bin/resolvconf"
"-Ddbus_conf_dir=${placeholder "out"}/share/dbus-1/system.d"
"-Dsystemdsystemunitdir=${placeholder "out"}/etc/systemd/system"
"-Dkernel_firmware_dir=/run/current-system/firmware"
"--sysconfdir=/etc"
"--localstatedir=/var"
"-Dcrypto=gnutls"
"-Dsession_tracking=systemd"
"-Dmodem_manager=true"
"-Dnmtui=true"
# Miscellaneous
"-Ddocs=true"
"-Dtests=no"
"-Dqt=false"
"-Dpolkit_agent_helper_1=/run/wrappers/bin/polkit-agent-helper-1"
# Allow using iwd when configured to do so
"-Diwd=true"
"-Dlibaudit=yes-disabled-by-default"
# We don't use firewalld in NixOS
"-Dfirewalld_zone=false"
"-Dtests=no"
"-Dcrypto=gnutls"
];
patches = [
@ -66,17 +122,44 @@ in stdenv.mkDerivation rec {
];
buildInputs = [
systemd libselinux audit libpsl libuuid polkit ppp libndp curl mobile-broadband-provider-info
bluez5 dnsmasq gobject-introspection modemmanager readline newt libsoup jansson
systemd
libselinux
audit
libpsl
libuuid
polkit
ppp
libndp
curl
mobile-broadband-provider-info
bluez5
dnsmasq
gobject-introspection
modemmanager
readline
newt
libsoup
jansson
];
propagatedBuildInputs = [ gnutls libgcrypt ];
nativeBuildInputs = [
meson ninja intltool pkg-config
vala gobject-introspection dbus
meson
ninja
intltool
pkg-config
vala
gobject-introspection
dbus
# Docs
gtk-doc libxslt docbook_xsl docbook_xml_dtd_412 docbook_xml_dtd_42 docbook_xml_dtd_43 pythonForDocs
gtk-doc
libxslt
docbook_xsl
docbook_xml_dtd_412
docbook_xml_dtd_42
docbook_xml_dtd_43
pythonForDocs
];
doCheck = false; # requires /sys, the net
@ -92,7 +175,7 @@ in stdenv.mkDerivation rec {
# though, so we need to replace the absolute path with a local one during build.
# We are using a symlink that will be overridden during installation.
mkdir -p ${placeholder "out"}/lib
ln -s $PWD/libnm/libnm.so.0 ${placeholder "out"}/lib/libnm.so.0
ln -s $PWD/src/libnm-client-impl/libnm.so.0 ${placeholder "out"}/lib/libnm.so.0
'';
passthru = {
@ -107,7 +190,8 @@ in stdenv.mkDerivation rec {
homepage = "https://wiki.gnome.org/Projects/NetworkManager";
description = "Network configuration and management tool";
license = licenses.gpl2Plus;
maintainers = teams.freedesktop.members ++ (with maintainers; [ phreedom domenkozar obadz ]);
changelog = "https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/raw/${version}/NEWS";
maintainers = teams.freedesktop.members ++ (with maintainers; [ phreedom domenkozar obadz maxeaubrey ]);
platforms = platforms.linux;
};
}

View File

@ -1,26 +1,5 @@
diff --git a/clients/common/nm-vpn-helpers.c b/clients/common/nm-vpn-helpers.c
index 15c47c3ec..4d1913aa6 100644
--- a/clients/common/nm-vpn-helpers.c
+++ b/clients/common/nm-vpn-helpers.c
@@ -208,15 +208,7 @@ nm_vpn_openconnect_authenticate_helper(const char *host,
NULL,
};
- path = nm_utils_file_search_in_paths("openconnect",
- "/usr/sbin/openconnect",
- DEFAULT_PATHS,
- G_FILE_TEST_IS_EXECUTABLE,
- NULL,
- NULL,
- error);
- if (!path)
- return FALSE;
+ path = "@openconnect@/bin/openconnect";
if (!g_spawn_sync(NULL,
(char **) NM_MAKE_STRV(path, "--authenticate", host),
diff --git a/data/84-nm-drivers.rules b/data/84-nm-drivers.rules
index e398cb9f2..a43d61864 100644
index e398cb9f2f..a43d61864f 100644
--- a/data/84-nm-drivers.rules
+++ b/data/84-nm-drivers.rules
@@ -7,6 +7,6 @@ ACTION!="add|change", GOTO="nm_drivers_end"
@ -32,7 +11,7 @@ index e398cb9f2..a43d61864 100644
LABEL="nm_drivers_end"
diff --git a/data/NetworkManager.service.in b/data/NetworkManager.service.in
index 91ebd9a36..5201a56c3 100644
index e23b3a5282..c7246a3b61 100644
--- a/data/NetworkManager.service.in
+++ b/data/NetworkManager.service.in
@@ -8,7 +8,7 @@ Before=network.target @DISTRO_NETWORK_SERVICE@
@ -44,23 +23,11 @@ index 91ebd9a36..5201a56c3 100644
#ExecReload=/bin/kill -HUP $MAINPID
ExecStart=@sbindir@/NetworkManager --no-daemon
Restart=on-failure
diff --git a/libnm/meson.build b/libnm/meson.build
index d0846419c..a7adb2cc6 100644
--- a/libnm/meson.build
+++ b/libnm/meson.build
@@ -280,7 +280,6 @@ if enable_introspection
output: 'nm-settings-docs-gir.xml',
command: [
generate_setting_docs_env,
- python.path(),
join_paths(meson.source_root(), 'tools', 'generate-docs-nm-settings-docs-gir.py'),
'--lib-path', meson.current_build_dir(),
'--gir', '@INPUT@',
diff --git a/src/core/devices/nm-device.c b/src/core/devices/nm-device.c
index 040dd0b4d..98aea3aa9 100644
index 21863b9533..c9b709659d 100644
--- a/src/core/devices/nm-device.c
+++ b/src/core/devices/nm-device.c
@@ -13957,14 +13957,14 @@ nm_device_start_ip_check(NMDevice *self)
@@ -13994,14 +13994,14 @@ nm_device_start_ip_check(NMDevice *self)
gw = nm_ip4_config_best_default_route_get(priv->ip_config_4);
if (gw) {
_nm_utils_inet4_ntop(NMP_OBJECT_CAST_IP4_ROUTE(gw)->gateway, buf);
@ -77,11 +44,31 @@ index 040dd0b4d..98aea3aa9 100644
log_domain = LOGD_IP6;
}
}
diff --git a/src/core/nm-core-utils.c b/src/core/nm-core-utils.c
index 9075c30dd..4b140e92b 100644
--- a/src/core/nm-core-utils.c
+++ b/src/core/nm-core-utils.c
@@ -333,7 +333,7 @@ nm_utils_modprobe(GError **error, gboolean suppress_error_logging, const char *a
diff --git a/src/libnm-client-impl/meson.build b/src/libnm-client-impl/meson.build
index 21a01e0b04..091c98428f 100644
--- a/src/libnm-client-impl/meson.build
+++ b/src/libnm-client-impl/meson.build
@@ -162,7 +162,6 @@ if enable_introspection
input: libnm_core_settings_sources,
output: 'nm-propery-infos-' + info + '.xml',
command: [
- python.path(),
join_paths(meson.source_root(), 'tools', 'generate-docs-nm-property-infos.py'),
info,
'@OUTPUT@',
@@ -219,7 +218,6 @@ if enable_introspection
'env',
'GI_TYPELIB_PATH=' + gi_typelib_path,
'LD_LIBRARY_PATH=' + ld_library_path,
- python.path(),
join_paths(meson.source_root(), 'tools', 'generate-docs-nm-settings-docs-gir.py'),
'--lib-path', meson.current_build_dir(),
'--gir', '@INPUT@',
diff --git a/src/libnm-platform/nm-platform-utils.c b/src/libnm-platform/nm-platform-utils.c
index 6435dcc482..214d01194e 100644
--- a/src/libnm-platform/nm-platform-utils.c
+++ b/src/libnm-platform/nm-platform-utils.c
@@ -2097,7 +2097,7 @@ nmp_utils_modprobe(GError **error, gboolean suppress_error_logging, const char *
/* construct the argument list */
argv = g_ptr_array_sized_new(4);
@ -90,3 +77,58 @@ index 9075c30dd..4b140e92b 100644
g_ptr_array_add(argv, "--use-blacklist");
g_ptr_array_add(argv, (char *) arg1);
diff --git a/src/libnmc-base/nm-vpn-helpers.c b/src/libnmc-base/nm-vpn-helpers.c
index 72691e34c2..95495b6585 100644
--- a/src/libnmc-base/nm-vpn-helpers.c
+++ b/src/libnmc-base/nm-vpn-helpers.c
@@ -198,25 +198,8 @@ nm_vpn_openconnect_authenticate_helper(const char *host,
gs_free const char **output_v = NULL;
const char *const * iter;
const char * path;
- const char *const DEFAULT_PATHS[] = {
- "/sbin/",
- "/usr/sbin/",
- "/usr/local/sbin/",
- "/bin/",
- "/usr/bin/",
- "/usr/local/bin/",
- NULL,
- };
- path = nm_utils_file_search_in_paths("openconnect",
- "/usr/sbin/openconnect",
- DEFAULT_PATHS,
- G_FILE_TEST_IS_EXECUTABLE,
- NULL,
- NULL,
- error);
- if (!path)
- return FALSE;
+ path = "@openconnect@/bin/openconnect";
if (!g_spawn_sync(NULL,
(char **) NM_MAKE_STRV(path, "--authenticate", host),
diff --git a/src/libnmc-setting/meson.build b/src/libnmc-setting/meson.build
index 8f07ae634e..a1326b3403 100644
--- a/src/libnmc-setting/meson.build
+++ b/src/libnmc-setting/meson.build
@@ -6,7 +6,6 @@ if enable_docs
input: [nm_settings_docs_xml_gir, nm_property_infos_xml['nmcli']],
output: 'settings-docs-input.xml',
command: [
- python.path(),
join_paths(meson.source_root(), 'tools', 'generate-docs-nm-settings-docs-merge.py'),
'@OUTPUT@',
nm_property_infos_xml['nmcli'],
diff --git a/src/tests/client/meson.build b/src/tests/client/meson.build
index b2e455bbbd..a12ebf212a 100644
--- a/src/tests/client/meson.build
+++ b/src/tests/client/meson.build
@@ -6,7 +6,6 @@ test(
args: [
build_root,
source_root,
- python.path(),
],
timeout: 120,
)