Revert "network: use drop-ins for NetworkManager configuration (#1176)"

Apparently unmanaged devices are loaded only from main
NetworkManager.conf. Exactly the same line pasted (not typed!) to main
NetworkManager.conf works, but in
/etc/NetworkManager/conf.d/30-qubes.conf it doesn't.
BTW There was a typo in option name ("unmanaged_devices" instead of
"unmanaged-devices", but it wasn't the cause).

This reverts commit 6c4831339c.

QubesOS/qubes-issues#1176
This commit is contained in:
Marek Marczykowski-Górecki 2015-11-28 17:00:36 +01:00
parent 8482fbbd13
commit a11897a1d0
No known key found for this signature in database
GPG Key ID: 063938BA42CFA724
8 changed files with 54 additions and 16 deletions

View File

@ -176,14 +176,13 @@ install-common:
install -m 0644 network/udev-qubes-network.rules $(DESTDIR)/etc/udev/rules.d/99-qubes-network.rules install -m 0644 network/udev-qubes-network.rules $(DESTDIR)/etc/udev/rules.d/99-qubes-network.rules
install network/qubes-setup-dnat-to-ns $(DESTDIR)$(LIBDIR)/qubes install network/qubes-setup-dnat-to-ns $(DESTDIR)$(LIBDIR)/qubes
install network/qubes-fix-nm-conf.sh $(DESTDIR)$(LIBDIR)/qubes
install network/setup-ip $(DESTDIR)$(LIBDIR)/qubes/ install network/setup-ip $(DESTDIR)$(LIBDIR)/qubes/
install network/network-manager-prepare-conf-dir $(DESTDIR)$(LIBDIR)/qubes/ install network/network-manager-prepare-conf-dir $(DESTDIR)$(LIBDIR)/qubes/
install -d $(DESTDIR)/etc/dhclient.d install -d $(DESTDIR)/etc/dhclient.d
ln -s /usr/lib/qubes/qubes-setup-dnat-to-ns $(DESTDIR)/etc/dhclient.d/qubes-setup-dnat-to-ns.sh ln -s /usr/lib/qubes/qubes-setup-dnat-to-ns $(DESTDIR)/etc/dhclient.d/qubes-setup-dnat-to-ns.sh
install -d $(DESTDIR)/etc/NetworkManager/dispatcher.d/ install -d $(DESTDIR)/etc/NetworkManager/dispatcher.d/
install network/{qubes-nmhook,30-qubes-external-ip} $(DESTDIR)/etc/NetworkManager/dispatcher.d/ install network/{qubes-nmhook,30-qubes-external-ip} $(DESTDIR)/etc/NetworkManager/dispatcher.d/
install -m 0644 -D network/NetworkManager-qubes.conf \
$(DESTDIR)/etc/NetworkManager/conf.d/30-qubes.conf
install -D network/vif-route-qubes $(DESTDIR)/etc/xen/scripts/vif-route-qubes install -D network/vif-route-qubes $(DESTDIR)/etc/xen/scripts/vif-route-qubes
install -m 0644 -D network/tinyproxy-updates.conf $(DESTDIR)/etc/tinyproxy/tinyproxy-updates.conf install -m 0644 -D network/tinyproxy-updates.conf $(DESTDIR)/etc/tinyproxy/tinyproxy-updates.conf
install -m 0755 -D network/iptables-updates-proxy $(DESTDIR)$(LIBDIR)/qubes/iptables-updates-proxy install -m 0755 -D network/iptables-updates-proxy $(DESTDIR)$(LIBDIR)/qubes/iptables-updates-proxy

View File

@ -78,6 +78,14 @@ configure_selinux() {
update_qubesconfig() { update_qubesconfig() {
# Create NetworkManager configuration if we do not have it
if ! [ -e /etc/NetworkManager/NetworkManager.conf ]; then
echo '[main]' > /etc/NetworkManager/NetworkManager.conf
echo 'plugins = keyfile' >> /etc/NetworkManager/NetworkManager.conf
echo '[keyfile]' >> /etc/NetworkManager/NetworkManager.conf
fi
/usr/lib/qubes/qubes-fix-nm-conf.sh
# Remove ip_forward setting from sysctl, so NM will not reset it # Remove ip_forward setting from sysctl, so NM will not reset it
# Archlinux now use sysctl.d/ instead of sysctl.conf # Archlinux now use sysctl.d/ instead of sysctl.conf
#sed 's/^net.ipv4.ip_forward.*/#\0/' -i /etc/sysctl.conf #sed 's/^net.ipv4.ip_forward.*/#\0/' -i /etc/sysctl.conf

View File

@ -69,6 +69,14 @@ case "${1}" in
if [ -z "${2}" ]; then if [ -z "${2}" ]; then
debug "FIRST INSTALL..." debug "FIRST INSTALL..."
# Create NetworkManager configuration if we do not have it
if ! [ -e /etc/NetworkManager/NetworkManager.conf ]; then
echo '[main]' > /etc/NetworkManager/NetworkManager.conf
echo 'plugins = keyfile' >> /etc/NetworkManager/NetworkManager.conf
echo '[keyfile]' >> /etc/NetworkManager/NetworkManager.conf
fi
/usr/lib/qubes/qubes-fix-nm-conf.sh
# Location of files which contains list of protected files # Location of files which contains list of protected files
PROTECTED_FILE_LIST='/etc/qubes/protected-files.d' PROTECTED_FILE_LIST='/etc/qubes/protected-files.d'

View File

@ -1,10 +0,0 @@
## This file is part of Qubes OS
## Changes in this file may be overriden on update
## Please use "/etc/NetworkManager/conf.d/50-user.conf" for your custom
## configuration.
[main]
plugins += keyfile
[keyfile]
unmanaged_devices=mac:fe:ff:ff:ff:ff:ff

View File

@ -8,4 +8,12 @@ if [ -d $NM_CONFIG_DIR -a ! -h $NM_CONFIG_DIR ]; then
ln -s /rw/config/NM-system-connections $NM_CONFIG_DIR ln -s /rw/config/NM-system-connections $NM_CONFIG_DIR
fi fi
# Do not manage xen-provided network devices
unmanaged_devices=mac:fe:ff:ff:ff:ff:ff
#for mac in `xenstore-ls device/vif | grep mac | cut -d= -f2 | tr -d '" '`; do
# unmanaged_devices="$unmanaged_devices;mac:$mac"
#done
sed -i -e "s/^unmanaged-devices=.*/unmanaged-devices=$unmanaged_devices/" /etc/NetworkManager/NetworkManager.conf
sed -i -e "s/^plugins=.*/plugins=keyfile/" /etc/NetworkManager/NetworkManager.conf
exit 0 exit 0

19
network/qubes-fix-nm-conf.sh Executable file
View File

@ -0,0 +1,19 @@
#!/bin/sh
FILE=/etc/NetworkManager/NetworkManager.conf
VIFMAC=mac:fe:ff:ff:ff:ff:ff
if ! grep -q ^plugins.*keyfile $FILE ; then
sed -i 's/^plugins.*$/&,keyfile/' $FILE
fi
if grep -q ^plugins.*ifcfg-rh $FILE ; then
sed -i 's/^plugins=\(.*\)ifcfg-rh,\(.*\)$/plugins=\1\2/' $FILE
fi
if ! grep -q '^\[keyfile\]$' $FILE ; then
echo '[keyfile]' >> $FILE
fi
if ! grep -q ^unmanaged-devices $FILE ; then
sed -i 's/^\[keyfile\]$/\[keyfile\]\x0aunmanaged-devices='$VIFMAC/ $FILE
fi
if ! grep -q ^unmanaged-devices.*$VIFMAC $FILE ; then
sed -i 's/^unmanaged-devices.*$/&,'$VIFMAC/ $FILE
fi
exit 0

View File

@ -20,9 +20,6 @@ if [ x$ip != x ]; then
if [ -f /var/run/qubes-service/network-manager ]; then if [ -f /var/run/qubes-service/network-manager ]; then
nm_config=/etc/NetworkManager/system-connections/qubes-uplink-$INTERFACE nm_config=/etc/NetworkManager/system-connections/qubes-uplink-$INTERFACE
cat > $nm_config <<__EOF__ cat > $nm_config <<__EOF__
## This file is automatically generated by Qubes OS
## Changes in this file will be overriden by /usr/lib/qubes/setup-ip script.
[802-3-ethernet] [802-3-ethernet]
duplex=full duplex=full

View File

@ -138,6 +138,15 @@ for F in plymouth-shutdown prefdm splash-manager start-ttys tty ; do
fi fi
done done
# Create NetworkManager configuration if we do not have it
if ! [ -e /etc/NetworkManager/NetworkManager.conf ]; then
echo '[main]' > /etc/NetworkManager/NetworkManager.conf
echo 'plugins = keyfile' >> /etc/NetworkManager/NetworkManager.conf
echo '[keyfile]' >> /etc/NetworkManager/NetworkManager.conf
fi
/usr/lib/qubes/qubes-fix-nm-conf.sh
# Remove ip_forward setting from sysctl, so NM will not reset it # Remove ip_forward setting from sysctl, so NM will not reset it
sed 's/^net.ipv4.ip_forward.*/#\0/' -i /etc/sysctl.conf sed 's/^net.ipv4.ip_forward.*/#\0/' -i /etc/sysctl.conf
@ -289,7 +298,6 @@ rm -f %{name}-%{version}
%{kde_service_dir}/qvm-dvm.desktop %{kde_service_dir}/qvm-dvm.desktop
/etc/NetworkManager/dispatcher.d/30-qubes-external-ip /etc/NetworkManager/dispatcher.d/30-qubes-external-ip
/etc/NetworkManager/dispatcher.d/qubes-nmhook /etc/NetworkManager/dispatcher.d/qubes-nmhook
%config /etc/NetworkManager/conf.d/30-qubes.conf
%config(noreplace) /etc/X11/xorg-preload-apps.conf %config(noreplace) /etc/X11/xorg-preload-apps.conf
/etc/dispvm-dotfiles.tbz /etc/dispvm-dotfiles.tbz
/etc/dhclient.d/qubes-setup-dnat-to-ns.sh /etc/dhclient.d/qubes-setup-dnat-to-ns.sh
@ -363,6 +371,7 @@ rm -f %{name}-%{version}
/usr/lib/qubes/qopen-in-vm /usr/lib/qubes/qopen-in-vm
/usr/lib/qubes/qrun-in-vm /usr/lib/qubes/qrun-in-vm
/usr/lib/qubes/qubes-download-dom0-updates.sh /usr/lib/qubes/qubes-download-dom0-updates.sh
/usr/lib/qubes/qubes-fix-nm-conf.sh
/usr/lib/qubes/qubes-setup-dnat-to-ns /usr/lib/qubes/qubes-setup-dnat-to-ns
/usr/lib/qubes/qubes-trigger-sync-appmenus.sh /usr/lib/qubes/qubes-trigger-sync-appmenus.sh
/usr/lib/qubes/qvm-copy-to-vm.gnome /usr/lib/qubes/qvm-copy-to-vm.gnome