Revert "network: use drop-ins for NetworkManager configuration (#1176)"

Apparently unmanaged devices are loaded only from main
NetworkManager.conf. Exactly the same line pasted (not typed!) to main
NetworkManager.conf works, but in
/etc/NetworkManager/conf.d/30-qubes.conf it doesn't.
BTW There was a typo in option name ("unmanaged_devices" instead of
"unmanaged-devices", but it wasn't the cause).

This reverts commit 6c4831339c85ebd1ed84593bb3f1a79d43c0a2a5.

QubesOS/qubes-issues#1176

Makefile

@@ -176,14 +176,13 @@ install-common:
 
 	install -m 0644 network/udev-qubes-network.rules $(DESTDIR)/etc/udev/rules.d/99-qubes-network.rules
 	install network/qubes-setup-dnat-to-ns $(DESTDIR)$(LIBDIR)/qubes
+	install network/qubes-fix-nm-conf.sh $(DESTDIR)$(LIBDIR)/qubes
 	install network/setup-ip $(DESTDIR)$(LIBDIR)/qubes/
 	install network/network-manager-prepare-conf-dir $(DESTDIR)$(LIBDIR)/qubes/
 	install -d $(DESTDIR)/etc/dhclient.d
 	ln -s /usr/lib/qubes/qubes-setup-dnat-to-ns $(DESTDIR)/etc/dhclient.d/qubes-setup-dnat-to-ns.sh
 	install -d $(DESTDIR)/etc/NetworkManager/dispatcher.d/
 	install network/{qubes-nmhook,30-qubes-external-ip} $(DESTDIR)/etc/NetworkManager/dispatcher.d/
-	install -m 0644 -D network/NetworkManager-qubes.conf \
-		$(DESTDIR)/etc/NetworkManager/conf.d/30-qubes.conf
 	install -D network/vif-route-qubes $(DESTDIR)/etc/xen/scripts/vif-route-qubes
 	install -m 0644 -D network/tinyproxy-updates.conf $(DESTDIR)/etc/tinyproxy/tinyproxy-updates.conf
 	install -m 0755 -D network/iptables-updates-proxy $(DESTDIR)$(LIBDIR)/qubes/iptables-updates-proxy

archlinux/PKGBUILD.install

@@ -78,6 +78,14 @@ configure_selinux() {
 
 update_qubesconfig() {
 
+	# Create NetworkManager configuration if we do not have it
+	if ! [ -e /etc/NetworkManager/NetworkManager.conf ]; then
+	echo '[main]' > /etc/NetworkManager/NetworkManager.conf
+	echo 'plugins = keyfile' >> /etc/NetworkManager/NetworkManager.conf
+	echo '[keyfile]' >> /etc/NetworkManager/NetworkManager.conf
+	fi
+	/usr/lib/qubes/qubes-fix-nm-conf.sh
+
 	# Remove ip_forward setting from sysctl, so NM will not reset it
 	# Archlinux now use sysctl.d/ instead of sysctl.conf
 	#sed 's/^net.ipv4.ip_forward.*/#\0/'  -i /etc/sysctl.conf

debian/qubes-core-agent.postinst

@@ -69,6 +69,14 @@ case "${1}" in
         if [ -z "${2}" ]; then
 
             debug "FIRST INSTALL..."
+            # Create NetworkManager configuration if we do not have it
+            if ! [ -e /etc/NetworkManager/NetworkManager.conf ]; then
+                echo '[main]' > /etc/NetworkManager/NetworkManager.conf
+                echo 'plugins = keyfile' >> /etc/NetworkManager/NetworkManager.conf
+                echo '[keyfile]' >> /etc/NetworkManager/NetworkManager.conf
+            fi
+            /usr/lib/qubes/qubes-fix-nm-conf.sh
+
             # Location of files which contains list of protected files
             PROTECTED_FILE_LIST='/etc/qubes/protected-files.d'
 

network/NetworkManager-qubes.conf

@@ -1,10 +0,0 @@
-## This file is part of Qubes OS
-## Changes in this file may be overriden on update
-## Please use "/etc/NetworkManager/conf.d/50-user.conf" for your custom
-## configuration.
-
-[main]
-plugins += keyfile
-
-[keyfile]
-unmanaged_devices=mac:fe:ff:ff:ff:ff:ff

network/network-manager-prepare-conf-dir

@@ -8,4 +8,12 @@ if [ -d $NM_CONFIG_DIR -a ! -h $NM_CONFIG_DIR ]; then
     ln -s /rw/config/NM-system-connections $NM_CONFIG_DIR
 fi
 
+# Do not manage xen-provided network devices
+unmanaged_devices=mac:fe:ff:ff:ff:ff:ff
+#for mac in `xenstore-ls device/vif | grep mac | cut -d= -f2 | tr -d '" '`; do
+#    unmanaged_devices="$unmanaged_devices;mac:$mac"
+#done
+sed -i -e "s/^unmanaged-devices=.*/unmanaged-devices=$unmanaged_devices/" /etc/NetworkManager/NetworkManager.conf
+sed -i -e "s/^plugins=.*/plugins=keyfile/" /etc/NetworkManager/NetworkManager.conf
+
 exit 0

network/qubes-fix-nm-conf.sh

@@ -0,0 +1,19 @@
+#!/bin/sh
+FILE=/etc/NetworkManager/NetworkManager.conf
+VIFMAC=mac:fe:ff:ff:ff:ff:ff
+if ! grep -q ^plugins.*keyfile $FILE ; then
+	sed -i 's/^plugins.*$/&,keyfile/' $FILE
+fi
+if grep -q ^plugins.*ifcfg-rh $FILE ; then
+	sed -i 's/^plugins=\(.*\)ifcfg-rh,\(.*\)$/plugins=\1\2/' $FILE
+fi
+if ! grep -q '^\[keyfile\]$' $FILE ; then
+	echo '[keyfile]' >> $FILE
+fi
+if ! grep -q ^unmanaged-devices $FILE ; then
+	sed -i 's/^\[keyfile\]$/\[keyfile\]\x0aunmanaged-devices='$VIFMAC/ $FILE
+fi
+if ! grep -q ^unmanaged-devices.*$VIFMAC $FILE ; then
+	sed -i 's/^unmanaged-devices.*$/&,'$VIFMAC/ $FILE
+fi
+exit 0

network/setup-ip

@@ -20,9 +20,6 @@ if [ x$ip != x ]; then
     if [ -f /var/run/qubes-service/network-manager ]; then
         nm_config=/etc/NetworkManager/system-connections/qubes-uplink-$INTERFACE
         cat > $nm_config <<__EOF__
-## This file is automatically generated by Qubes OS
-## Changes in this file will be overriden by /usr/lib/qubes/setup-ip script.
-
 [802-3-ethernet]
 duplex=full
 

rpm_spec/core-vm.spec

@@ -138,6 +138,15 @@ for F in plymouth-shutdown prefdm splash-manager start-ttys tty ; do
 	fi
 done
 
+# Create NetworkManager configuration if we do not have it
+if ! [ -e /etc/NetworkManager/NetworkManager.conf ]; then
+echo '[main]' > /etc/NetworkManager/NetworkManager.conf
+echo 'plugins = keyfile' >> /etc/NetworkManager/NetworkManager.conf
+echo '[keyfile]' >> /etc/NetworkManager/NetworkManager.conf
+fi
+/usr/lib/qubes/qubes-fix-nm-conf.sh
+
+
 # Remove ip_forward setting from sysctl, so NM will not reset it
 sed 's/^net.ipv4.ip_forward.*/#\0/'  -i /etc/sysctl.conf
 
@@ -289,7 +298,6 @@ rm -f %{name}-%{version}
 %{kde_service_dir}/qvm-dvm.desktop
 /etc/NetworkManager/dispatcher.d/30-qubes-external-ip
 /etc/NetworkManager/dispatcher.d/qubes-nmhook
-%config /etc/NetworkManager/conf.d/30-qubes.conf
 %config(noreplace) /etc/X11/xorg-preload-apps.conf
 /etc/dispvm-dotfiles.tbz
 /etc/dhclient.d/qubes-setup-dnat-to-ns.sh
@@ -363,6 +371,7 @@ rm -f %{name}-%{version}
 /usr/lib/qubes/qopen-in-vm
 /usr/lib/qubes/qrun-in-vm
 /usr/lib/qubes/qubes-download-dom0-updates.sh
+/usr/lib/qubes/qubes-fix-nm-conf.sh
 /usr/lib/qubes/qubes-setup-dnat-to-ns
 /usr/lib/qubes/qubes-trigger-sync-appmenus.sh
 /usr/lib/qubes/qvm-copy-to-vm.gnome