Merge pull request #127461 from maxeaubrey/NetworkManager-1.32.0
This commit is contained in:
commit
78b21f405c
@ -49,6 +49,7 @@ let
|
||||
rc-manager =
|
||||
if config.networking.resolvconf.enable then "resolvconf"
|
||||
else "unmanaged";
|
||||
firewall-backend = cfg.firewallBackend;
|
||||
})
|
||||
(mkSection "keyfile" {
|
||||
unmanaged-devices =
|
||||
@ -244,6 +245,15 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
firewallBackend = mkOption {
|
||||
type = types.enum [ "iptables" "nftables" "none" ];
|
||||
default = "iptables";
|
||||
description = ''
|
||||
Which firewall backend should be used for configuring masquerading with shared mode.
|
||||
If set to none, NetworkManager doesn't manage the configuration at all.
|
||||
'';
|
||||
};
|
||||
|
||||
logLevel = mkOption {
|
||||
type = types.enum [ "OFF" "ERR" "WARN" "INFO" "DEBUG" "TRACE" ];
|
||||
default = "WARN";
|
||||
|
@ -103,6 +103,7 @@ in
|
||||
}];
|
||||
boot.blacklistedKernelModules = [ "ip_tables" ];
|
||||
environment.systemPackages = [ pkgs.nftables ];
|
||||
networking.networkmanager.firewallBackend = mkDefault "nftables";
|
||||
systemd.services.nftables = {
|
||||
description = "nftables firewall";
|
||||
before = [ "network-pre.target" ];
|
||||
|
@ -1,20 +1,64 @@
|
||||
{ lib, stdenv, fetchurl, substituteAll, intltool, pkg-config, fetchpatch, dbus
|
||||
, gnome, systemd, libuuid, polkit, gnutls, ppp, dhcp, iptables, python3, vala
|
||||
, libgcrypt, dnsmasq, bluez5, readline, libselinux, audit
|
||||
, gobject-introspection, modemmanager, openresolv, libndp, newt, libsoup
|
||||
, ethtool, gnused, iputils, kmod, jansson, gtk-doc, libxslt
|
||||
, docbook_xsl, docbook_xml_dtd_412, docbook_xml_dtd_42, docbook_xml_dtd_43
|
||||
, openconnect, curl, meson, ninja, libpsl, mobile-broadband-provider-info, runtimeShell }:
|
||||
{ lib
|
||||
, stdenv
|
||||
, fetchurl
|
||||
, substituteAll
|
||||
, intltool
|
||||
, pkg-config
|
||||
, fetchpatch
|
||||
, dbus
|
||||
, gnome
|
||||
, systemd
|
||||
, libuuid
|
||||
, polkit
|
||||
, gnutls
|
||||
, ppp
|
||||
, dhcp
|
||||
, iptables
|
||||
, nftables
|
||||
, python3
|
||||
, vala
|
||||
, libgcrypt
|
||||
, dnsmasq
|
||||
, bluez5
|
||||
, readline
|
||||
, libselinux
|
||||
, audit
|
||||
, gobject-introspection
|
||||
, modemmanager
|
||||
, openresolv
|
||||
, libndp
|
||||
, newt
|
||||
, libsoup
|
||||
, ethtool
|
||||
, gnused
|
||||
, iputils
|
||||
, kmod
|
||||
, jansson
|
||||
, gtk-doc
|
||||
, libxslt
|
||||
, docbook_xsl
|
||||
, docbook_xml_dtd_412
|
||||
, docbook_xml_dtd_42
|
||||
, docbook_xml_dtd_43
|
||||
, openconnect
|
||||
, curl
|
||||
, meson
|
||||
, ninja
|
||||
, libpsl
|
||||
, mobile-broadband-provider-info
|
||||
, runtimeShell
|
||||
}:
|
||||
|
||||
let
|
||||
pythonForDocs = python3.withPackages (pkgs: with pkgs; [ pygobject3 ]);
|
||||
in stdenv.mkDerivation rec {
|
||||
in
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "networkmanager";
|
||||
version = "1.30.4";
|
||||
version = "1.32.4";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://gnome/sources/NetworkManager/${lib.versions.majorMinor version}/NetworkManager-${version}.tar.xz";
|
||||
sha256 = "sha256-YFC3JCEuo85zhhEzWb6pr6H2eaVPYNmZpZmYkuZywZA=";
|
||||
sha256 = "sha256-Kay9QceLfvh/+I/sU2DR6vi1tvy5BVXXORq8XjaSMVg=";
|
||||
};
|
||||
|
||||
outputs = [ "out" "dev" "devdoc" "man" "doc" ];
|
||||
@ -23,34 +67,46 @@ in stdenv.mkDerivation rec {
|
||||
# patch networkmanager to allow passing these path in config file. This will
|
||||
# remove unneeded build-time dependencies.
|
||||
mesonFlags = [
|
||||
"-Ddhclient=${dhcp}/bin/dhclient"
|
||||
# System paths
|
||||
"--sysconfdir=/etc"
|
||||
"--localstatedir=/var"
|
||||
"-Dsystemdsystemunitdir=${placeholder "out"}/etc/systemd/system"
|
||||
# to enable link-local connections
|
||||
"-Dudev_dir=${placeholder "out"}/lib/udev"
|
||||
"-Ddbus_conf_dir=${placeholder "out"}/share/dbus-1/system.d"
|
||||
"-Dkernel_firmware_dir=/run/current-system/firmware"
|
||||
|
||||
# Platform
|
||||
"-Dsession_tracking=systemd"
|
||||
"-Dlibaudit=yes-disabled-by-default"
|
||||
"-Dpolkit_agent_helper_1=/run/wrappers/bin/polkit-agent-helper-1"
|
||||
|
||||
# Features
|
||||
# Allow using iwd when configured to do so
|
||||
"-Diwd=true"
|
||||
"-Dpppd=${ppp}/bin/pppd"
|
||||
"-Diptables=${iptables}/bin/iptables"
|
||||
"-Dnft=${nftables}/bin/nft"
|
||||
"-Dmodem_manager=true"
|
||||
"-Dnmtui=true"
|
||||
"-Ddnsmasq=${dnsmasq}/bin/dnsmasq"
|
||||
"-Dqt=false"
|
||||
|
||||
# Handlers
|
||||
"-Dresolvconf=${openresolv}/bin/resolvconf"
|
||||
|
||||
# DHCP clients
|
||||
"-Ddhclient=${dhcp}/bin/dhclient"
|
||||
# Upstream prefers dhclient, so don't add dhcpcd to the closure
|
||||
"-Ddhcpcd=no"
|
||||
"-Ddhcpcanon=no"
|
||||
"-Dpppd=${ppp}/bin/pppd"
|
||||
"-Diptables=${iptables}/bin/iptables"
|
||||
# to enable link-local connections
|
||||
"-Dudev_dir=${placeholder "out"}/lib/udev"
|
||||
"-Dresolvconf=${openresolv}/bin/resolvconf"
|
||||
"-Ddbus_conf_dir=${placeholder "out"}/share/dbus-1/system.d"
|
||||
"-Dsystemdsystemunitdir=${placeholder "out"}/etc/systemd/system"
|
||||
"-Dkernel_firmware_dir=/run/current-system/firmware"
|
||||
"--sysconfdir=/etc"
|
||||
"--localstatedir=/var"
|
||||
"-Dcrypto=gnutls"
|
||||
"-Dsession_tracking=systemd"
|
||||
"-Dmodem_manager=true"
|
||||
"-Dnmtui=true"
|
||||
|
||||
# Miscellaneous
|
||||
"-Ddocs=true"
|
||||
"-Dtests=no"
|
||||
"-Dqt=false"
|
||||
"-Dpolkit_agent_helper_1=/run/wrappers/bin/polkit-agent-helper-1"
|
||||
# Allow using iwd when configured to do so
|
||||
"-Diwd=true"
|
||||
"-Dlibaudit=yes-disabled-by-default"
|
||||
# We don't use firewalld in NixOS
|
||||
"-Dfirewalld_zone=false"
|
||||
"-Dtests=no"
|
||||
"-Dcrypto=gnutls"
|
||||
];
|
||||
|
||||
patches = [
|
||||
@ -66,17 +122,44 @@ in stdenv.mkDerivation rec {
|
||||
];
|
||||
|
||||
buildInputs = [
|
||||
systemd libselinux audit libpsl libuuid polkit ppp libndp curl mobile-broadband-provider-info
|
||||
bluez5 dnsmasq gobject-introspection modemmanager readline newt libsoup jansson
|
||||
systemd
|
||||
libselinux
|
||||
audit
|
||||
libpsl
|
||||
libuuid
|
||||
polkit
|
||||
ppp
|
||||
libndp
|
||||
curl
|
||||
mobile-broadband-provider-info
|
||||
bluez5
|
||||
dnsmasq
|
||||
gobject-introspection
|
||||
modemmanager
|
||||
readline
|
||||
newt
|
||||
libsoup
|
||||
jansson
|
||||
];
|
||||
|
||||
propagatedBuildInputs = [ gnutls libgcrypt ];
|
||||
|
||||
nativeBuildInputs = [
|
||||
meson ninja intltool pkg-config
|
||||
vala gobject-introspection dbus
|
||||
meson
|
||||
ninja
|
||||
intltool
|
||||
pkg-config
|
||||
vala
|
||||
gobject-introspection
|
||||
dbus
|
||||
# Docs
|
||||
gtk-doc libxslt docbook_xsl docbook_xml_dtd_412 docbook_xml_dtd_42 docbook_xml_dtd_43 pythonForDocs
|
||||
gtk-doc
|
||||
libxslt
|
||||
docbook_xsl
|
||||
docbook_xml_dtd_412
|
||||
docbook_xml_dtd_42
|
||||
docbook_xml_dtd_43
|
||||
pythonForDocs
|
||||
];
|
||||
|
||||
doCheck = false; # requires /sys, the net
|
||||
@ -92,7 +175,7 @@ in stdenv.mkDerivation rec {
|
||||
# though, so we need to replace the absolute path with a local one during build.
|
||||
# We are using a symlink that will be overridden during installation.
|
||||
mkdir -p ${placeholder "out"}/lib
|
||||
ln -s $PWD/libnm/libnm.so.0 ${placeholder "out"}/lib/libnm.so.0
|
||||
ln -s $PWD/src/libnm-client-impl/libnm.so.0 ${placeholder "out"}/lib/libnm.so.0
|
||||
'';
|
||||
|
||||
passthru = {
|
||||
@ -107,7 +190,8 @@ in stdenv.mkDerivation rec {
|
||||
homepage = "https://wiki.gnome.org/Projects/NetworkManager";
|
||||
description = "Network configuration and management tool";
|
||||
license = licenses.gpl2Plus;
|
||||
maintainers = teams.freedesktop.members ++ (with maintainers; [ phreedom domenkozar obadz ]);
|
||||
changelog = "https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/raw/${version}/NEWS";
|
||||
maintainers = teams.freedesktop.members ++ (with maintainers; [ phreedom domenkozar obadz maxeaubrey ]);
|
||||
platforms = platforms.linux;
|
||||
};
|
||||
}
|
||||
|
@ -1,26 +1,5 @@
|
||||
diff --git a/clients/common/nm-vpn-helpers.c b/clients/common/nm-vpn-helpers.c
|
||||
index 15c47c3ec..4d1913aa6 100644
|
||||
--- a/clients/common/nm-vpn-helpers.c
|
||||
+++ b/clients/common/nm-vpn-helpers.c
|
||||
@@ -208,15 +208,7 @@ nm_vpn_openconnect_authenticate_helper(const char *host,
|
||||
NULL,
|
||||
};
|
||||
|
||||
- path = nm_utils_file_search_in_paths("openconnect",
|
||||
- "/usr/sbin/openconnect",
|
||||
- DEFAULT_PATHS,
|
||||
- G_FILE_TEST_IS_EXECUTABLE,
|
||||
- NULL,
|
||||
- NULL,
|
||||
- error);
|
||||
- if (!path)
|
||||
- return FALSE;
|
||||
+ path = "@openconnect@/bin/openconnect";
|
||||
|
||||
if (!g_spawn_sync(NULL,
|
||||
(char **) NM_MAKE_STRV(path, "--authenticate", host),
|
||||
diff --git a/data/84-nm-drivers.rules b/data/84-nm-drivers.rules
|
||||
index e398cb9f2..a43d61864 100644
|
||||
index e398cb9f2f..a43d61864f 100644
|
||||
--- a/data/84-nm-drivers.rules
|
||||
+++ b/data/84-nm-drivers.rules
|
||||
@@ -7,6 +7,6 @@ ACTION!="add|change", GOTO="nm_drivers_end"
|
||||
@ -32,7 +11,7 @@ index e398cb9f2..a43d61864 100644
|
||||
|
||||
LABEL="nm_drivers_end"
|
||||
diff --git a/data/NetworkManager.service.in b/data/NetworkManager.service.in
|
||||
index 91ebd9a36..5201a56c3 100644
|
||||
index e23b3a5282..c7246a3b61 100644
|
||||
--- a/data/NetworkManager.service.in
|
||||
+++ b/data/NetworkManager.service.in
|
||||
@@ -8,7 +8,7 @@ Before=network.target @DISTRO_NETWORK_SERVICE@
|
||||
@ -44,23 +23,11 @@ index 91ebd9a36..5201a56c3 100644
|
||||
#ExecReload=/bin/kill -HUP $MAINPID
|
||||
ExecStart=@sbindir@/NetworkManager --no-daemon
|
||||
Restart=on-failure
|
||||
diff --git a/libnm/meson.build b/libnm/meson.build
|
||||
index d0846419c..a7adb2cc6 100644
|
||||
--- a/libnm/meson.build
|
||||
+++ b/libnm/meson.build
|
||||
@@ -280,7 +280,6 @@ if enable_introspection
|
||||
output: 'nm-settings-docs-gir.xml',
|
||||
command: [
|
||||
generate_setting_docs_env,
|
||||
- python.path(),
|
||||
join_paths(meson.source_root(), 'tools', 'generate-docs-nm-settings-docs-gir.py'),
|
||||
'--lib-path', meson.current_build_dir(),
|
||||
'--gir', '@INPUT@',
|
||||
diff --git a/src/core/devices/nm-device.c b/src/core/devices/nm-device.c
|
||||
index 040dd0b4d..98aea3aa9 100644
|
||||
index 21863b9533..c9b709659d 100644
|
||||
--- a/src/core/devices/nm-device.c
|
||||
+++ b/src/core/devices/nm-device.c
|
||||
@@ -13957,14 +13957,14 @@ nm_device_start_ip_check(NMDevice *self)
|
||||
@@ -13994,14 +13994,14 @@ nm_device_start_ip_check(NMDevice *self)
|
||||
gw = nm_ip4_config_best_default_route_get(priv->ip_config_4);
|
||||
if (gw) {
|
||||
_nm_utils_inet4_ntop(NMP_OBJECT_CAST_IP4_ROUTE(gw)->gateway, buf);
|
||||
@ -77,11 +44,31 @@ index 040dd0b4d..98aea3aa9 100644
|
||||
log_domain = LOGD_IP6;
|
||||
}
|
||||
}
|
||||
diff --git a/src/core/nm-core-utils.c b/src/core/nm-core-utils.c
|
||||
index 9075c30dd..4b140e92b 100644
|
||||
--- a/src/core/nm-core-utils.c
|
||||
+++ b/src/core/nm-core-utils.c
|
||||
@@ -333,7 +333,7 @@ nm_utils_modprobe(GError **error, gboolean suppress_error_logging, const char *a
|
||||
diff --git a/src/libnm-client-impl/meson.build b/src/libnm-client-impl/meson.build
|
||||
index 21a01e0b04..091c98428f 100644
|
||||
--- a/src/libnm-client-impl/meson.build
|
||||
+++ b/src/libnm-client-impl/meson.build
|
||||
@@ -162,7 +162,6 @@ if enable_introspection
|
||||
input: libnm_core_settings_sources,
|
||||
output: 'nm-propery-infos-' + info + '.xml',
|
||||
command: [
|
||||
- python.path(),
|
||||
join_paths(meson.source_root(), 'tools', 'generate-docs-nm-property-infos.py'),
|
||||
info,
|
||||
'@OUTPUT@',
|
||||
@@ -219,7 +218,6 @@ if enable_introspection
|
||||
'env',
|
||||
'GI_TYPELIB_PATH=' + gi_typelib_path,
|
||||
'LD_LIBRARY_PATH=' + ld_library_path,
|
||||
- python.path(),
|
||||
join_paths(meson.source_root(), 'tools', 'generate-docs-nm-settings-docs-gir.py'),
|
||||
'--lib-path', meson.current_build_dir(),
|
||||
'--gir', '@INPUT@',
|
||||
diff --git a/src/libnm-platform/nm-platform-utils.c b/src/libnm-platform/nm-platform-utils.c
|
||||
index 6435dcc482..214d01194e 100644
|
||||
--- a/src/libnm-platform/nm-platform-utils.c
|
||||
+++ b/src/libnm-platform/nm-platform-utils.c
|
||||
@@ -2097,7 +2097,7 @@ nmp_utils_modprobe(GError **error, gboolean suppress_error_logging, const char *
|
||||
|
||||
/* construct the argument list */
|
||||
argv = g_ptr_array_sized_new(4);
|
||||
@ -90,3 +77,58 @@ index 9075c30dd..4b140e92b 100644
|
||||
g_ptr_array_add(argv, "--use-blacklist");
|
||||
g_ptr_array_add(argv, (char *) arg1);
|
||||
|
||||
diff --git a/src/libnmc-base/nm-vpn-helpers.c b/src/libnmc-base/nm-vpn-helpers.c
|
||||
index 72691e34c2..95495b6585 100644
|
||||
--- a/src/libnmc-base/nm-vpn-helpers.c
|
||||
+++ b/src/libnmc-base/nm-vpn-helpers.c
|
||||
@@ -198,25 +198,8 @@ nm_vpn_openconnect_authenticate_helper(const char *host,
|
||||
gs_free const char **output_v = NULL;
|
||||
const char *const * iter;
|
||||
const char * path;
|
||||
- const char *const DEFAULT_PATHS[] = {
|
||||
- "/sbin/",
|
||||
- "/usr/sbin/",
|
||||
- "/usr/local/sbin/",
|
||||
- "/bin/",
|
||||
- "/usr/bin/",
|
||||
- "/usr/local/bin/",
|
||||
- NULL,
|
||||
- };
|
||||
|
||||
- path = nm_utils_file_search_in_paths("openconnect",
|
||||
- "/usr/sbin/openconnect",
|
||||
- DEFAULT_PATHS,
|
||||
- G_FILE_TEST_IS_EXECUTABLE,
|
||||
- NULL,
|
||||
- NULL,
|
||||
- error);
|
||||
- if (!path)
|
||||
- return FALSE;
|
||||
+ path = "@openconnect@/bin/openconnect";
|
||||
|
||||
if (!g_spawn_sync(NULL,
|
||||
(char **) NM_MAKE_STRV(path, "--authenticate", host),
|
||||
diff --git a/src/libnmc-setting/meson.build b/src/libnmc-setting/meson.build
|
||||
index 8f07ae634e..a1326b3403 100644
|
||||
--- a/src/libnmc-setting/meson.build
|
||||
+++ b/src/libnmc-setting/meson.build
|
||||
@@ -6,7 +6,6 @@ if enable_docs
|
||||
input: [nm_settings_docs_xml_gir, nm_property_infos_xml['nmcli']],
|
||||
output: 'settings-docs-input.xml',
|
||||
command: [
|
||||
- python.path(),
|
||||
join_paths(meson.source_root(), 'tools', 'generate-docs-nm-settings-docs-merge.py'),
|
||||
'@OUTPUT@',
|
||||
nm_property_infos_xml['nmcli'],
|
||||
diff --git a/src/tests/client/meson.build b/src/tests/client/meson.build
|
||||
index b2e455bbbd..a12ebf212a 100644
|
||||
--- a/src/tests/client/meson.build
|
||||
+++ b/src/tests/client/meson.build
|
||||
@@ -6,7 +6,6 @@ test(
|
||||
args: [
|
||||
build_root,
|
||||
source_root,
|
||||
- python.path(),
|
||||
],
|
||||
timeout: 120,
|
||||
)
|
||||
|
Loading…
Reference in New Issue
Block a user