delta/NetworkManager.git/src/nm-manager.h, branch th/strsplit gitlab.freedesktop.org: NetworkManager/NetworkManager.git core: improve and fix keeping connection active based on "connection.permissions" 2018-12-09T13:47:32+00:00 Thomas Haller thaller@redhat.com 2018-11-21T12:30:16+00:00 b635b4d4194514baf6bf5b32f1116210c8822668 By setting "connection.permissions", a profile is restricted to a particular user. That means for example, that another user cannot see, modify, delete, activate or deactivate the profile. It also means, that the profile will only autoconnect when the user is logged in (has a session). Note that root is always able to activate the profile. Likewise, the user is also allowed to manually activate the own profile, even if no session currently exists (which can easily happen with `sudo`). When the user logs out (the session goes away), we want do disconnect the profile, however there are conflicting goals here: 1) if the profile was activate by root user, then logging out the user should not disconnect the profile. The patch fixes that by not binding the activation to the connection, if the activation is done by the root user. 2) if the profile was activated by the owner when it had no session, then it should stay alive until the user logs in (once) and logs out again. This is already handled by the previous commit. Yes, this point is odd. If you first do $ sudo -u $OTHER_USER nmcli connection up $PROFILE the profile activates despite not having a session. If you then $ ssh guest@localhost nmcli device you'll still see the profile active. However, the moment the SSH session ends, a session closes and the profile disconnects. It's unclear, how to solve that any better. I think, a user who cares about this, should not activate the profile without having a session in the first place. There are quite some special cases, in particular with internal activations. In those cases we need to decide whether to bind the activation to the profile's visibility. Also, expose the "bind" setting in the D-Bus API. Note, that in the future this flag may be modified via D-Bus API. Like we may also add related API that allows to tweak the lifetime of the activation. Also, I think we broke handling of connection visiblity with 37e8c53eeed "core: Introduce helper class to track connection keep alive". This should be fixed now too, with improved behavior. Fixes: 37e8c53eeed579fe34a68819cd12f3295d581394 https://bugzilla.redhat.com/show_bug.cgi?id=1530977 
By setting "connection.permissions", a profile is restricted to a
particular user.
That means for example, that another user cannot see, modify, delete,
activate or deactivate the profile. It also means, that the profile
will only autoconnect when the user is logged in (has a session).

Note that root is always able to activate the profile. Likewise, the
user is also allowed to manually activate the own profile, even if no
session currently exists (which can easily happen with `sudo`).

When the user logs out (the session goes away), we want do disconnect
the profile, however there are conflicting goals here:

1) if the profile was activate by root user, then logging out the user
   should not disconnect the profile. The patch fixes that by not
   binding the activation to the connection, if the activation is done
   by the root user.

2) if the profile was activated by the owner when it had no session,
   then it should stay alive until the user logs in (once) and logs
   out again. This is already handled by the previous commit.

   Yes, this point is odd. If you first do

      $ sudo -u $OTHER_USER nmcli connection up $PROFILE

   the profile activates despite not having a session. If you then

      $ ssh guest@localhost nmcli device

   you'll still see the profile active. However, the moment the SSH session
   ends, a session closes and the profile disconnects. It's unclear, how to
   solve that any better. I think, a user who cares about this, should not
   activate the profile without having a session in the first place.

There are quite some special cases, in particular with internal
activations. In those cases we need to decide whether to bind the
activation to the profile's visibility.

Also, expose the "bind" setting in the D-Bus API. Note, that in the future
this flag may be modified via D-Bus API. Like we may also add related API
that allows to tweak the lifetime of the activation.

Also, I think we broke handling of connection visiblity with 37e8c53eeed
"core: Introduce helper class to track connection keep alive". This
should be fixed now too, with improved behavior.

Fixes: 37e8c53eeed579fe34a68819cd12f3295d581394

https://bugzilla.redhat.com/show_bug.cgi?id=1530977
core: add nm_manager_for_each_active_connection_safe() and nm_manager_for_each_device_safe() 2018-12-09T13:47:31+00:00 Thomas Haller thaller@redhat.com 2018-11-21T09:47:51+00:00 936c6d0b0a9fd43cf8431f0a271dc07b317ce7d6 Analog to c_list_for_each_safe(), which allows to delete the current instance while iterating. Note that modifying the list any other way is unsafe. 
Analog to c_list_for_each_safe(), which allows to delete the current instance
while iterating. Note that modifying the list any other way is unsafe.
device/shared: set ANDROID_METERED option 43 for shared connections 2018-12-03T11:28:45+00:00 Thomas Haller thaller@redhat.com 2018-11-29T09:58:59+00:00 1a2e767f1fd2d8b550ab61cdfabc721280cf923e The problem is that updating the metered value of a shared connection is not implemented. The user needs to fully reactivate the profile for changes to take effect. That is unfortunate, especially because reapplying the route metric works in other other cases. 
The problem is that updating the metered value of a shared connection is
not implemented. The user needs to fully reactivate the profile for changes
to take effect.

That is unfortunate, especially because reapplying the route metric
works in other other cases.
core: extend nm_manager_get_activatable_connections() for autoconnect and multi-connect 2018-08-08T09:24:29+00:00 Thomas Haller thaller@redhat.com 2018-06-27T12:20:57+00:00 07a421913b162eab46da07ef77270e06c9ec6257 In general, a activatable connection is one that is currently not active, or supports to be activatable multiple times according to multi-connect setting. In addition, during autoconnect, a profile which is marked as multi-connect=manual-multiple will not be avalable. Hence, add an argument "for_auto_activation". The code is mostly unused but will be used next (except for connections, which set connection.multi-connect=multiple). 
In general, a activatable connection is one that is currently not
active, or supports to be activatable multiple times according to
multi-connect setting. In addition, during autoconnect, a profile
which is marked as multi-connect=manual-multiple will not be avalable.
Hence, add an argument "for_auto_activation".

The code is mostly unused but will be used next (except for connections,
which set connection.multi-connect=multiple).
manager: rename nm_manager_write_device_state() 2018-08-02T14:39:44+00:00 Beniamino Galvani bgalvani@redhat.com 2018-07-06T19:09:58+00:00 060f2138ee988255f160371d2a4bc2a45f942ced Rename nm_manager_write_device_state() to nm_manager_write_device_state_all(), and split out the code to write a single device state to a new function. 
Rename nm_manager_write_device_state() to
nm_manager_write_device_state_all(), and split out the code to write a
single device state to a new function.
all: remove consecutive empty lines 2018-04-30T14:24:52+00:00 Beniamino Galvani bgalvani@redhat.com 2018-04-30T11:46:24+00:00 1b5925ce881370a1aba347cea0afe61e6316e81a Normalize coding style by removing consecutive empty lines from C sources and headers. https://github.com/NetworkManager/NetworkManager/pull/108 
Normalize coding style by removing consecutive empty lines from C
sources and headers.

https://github.com/NetworkManager/NetworkManager/pull/108
shared: drop duplicate c-list.h header 2018-04-18T13:22:14+00:00 Beniamino Galvani bgalvani@redhat.com 2018-04-06T14:40:23+00:00 19876b4cfed86f79c43ba8d6e57f6383deb43e6f Use the one from the project just imported. 
Use the one from the project just imported.
core: specify an activation reason for active connections 2018-04-08T07:40:14+00:00 Beniamino Galvani bgalvani@redhat.com 2018-03-28T15:18:04+00:00 43a0f47ea20b4a55dac9d914c76fff67d9b3d750 Specify a reason when creating active connections. The reason will be used in the next commit to tell whether slaves must be reconnected or not if a master has autoconnect-slaves=yes. 
Specify a reason when creating active connections. The reason will be
used in the next commit to tell whether slaves must be reconnected or
not if a master has autoconnect-slaves=yes.
core: add macro for iterating CList of devices of NMManager 2018-04-04T12:02:13+00:00 Thomas Haller thaller@redhat.com 2018-03-29T06:52:45+00:00 8de522fad0144e1ae2ba80dfb9d6b1da31b42866 I find it slightly nicer and explict. Also, the list elements are strictly speaking private, we should better not explicitly use them outside of NMManager/NMDevice. The macro hides this. 
I find it slightly nicer and explict. Also, the list elements
are strictly speaking private, we should better not explicitly
use them outside of NMManager/NMDevice. The macro hides this.
core: track devices in manager via embedded CList 2018-03-27T07:49:43+00:00 Thomas Haller thaller@redhat.com 2018-03-23T20:51:07+00:00 4a705e1a0ce0eac24e55369f49fdb60db0b22b10 Instead of using a GSList for tracking the devices, use a CList. I think a CList is in most cases the more suitable data structure then GSList: - you can find out in O(1) whether the object is linked. That is nice, for example to assert in NMDevice's destructor that the object was unlinked, and we will use that later in nm_manager_get_device_by_path(). - you can unlink the element in O(1) and you can unlink the element without having access to the link's head - Contrary to GSList, this does not require an extra slice allocation for the link node. It quite possibliy consumes slightly less memory because the CList structure is embedded in a struct that we already allocate. Even if slice allocation would be perfect to only consume 2*sizeof(gpointer) for the link note, it would at most be as-good as CList. Quite possibly, there is an overhead though. - CList possibly has better memory locality, because the link structure and the data are close to each other. Something which could be seen as disavantage, is that with CList one device can only be tracked in one NMManager instance at a time. But that is fine. There exists only one NMManager instance for now, and even if we would ever introduce multiple managers, we probably would not associate one NMDevice instance with multiple managers. The advantages are arguably not huge, but CList is IMHO clearly the more suited data structure. No need to stick to a suboptimal data structure for the job. Refactor it. 
Instead of using a GSList for tracking the devices, use a CList.
I think a CList is in most cases the more suitable data structure
then GSList:

 - you can find out in O(1) whether the object is linked. That
   is nice, for example to assert in NMDevice's destructor that
   the object was unlinked, and we will use that later in
   nm_manager_get_device_by_path().
 - you can unlink the element in O(1) and you can unlink the
   element without having access to the link's head
 - Contrary to GSList, this does not require an extra slice
   allocation for the link node. It quite possibliy consumes
   slightly less memory because the CList structure is embedded
   in a struct that we already allocate. Even if slice allocation
   would be perfect to only consume 2*sizeof(gpointer) for the link
   note, it would at most be as-good as CList. Quite possibly,
   there is an overhead though.
 - CList possibly has better memory locality, because the link
   structure and the data are close to each other.

Something which could be seen as disavantage, is that with CList
one device can only be tracked in one NMManager instance at a time.
But that is fine. There exists only one NMManager instance for now,
and even if we would ever introduce multiple managers, we probably
would not associate one NMDevice instance with multiple managers.

The advantages are arguably not huge, but CList is IMHO clearly the
more suited data structure. No need to stick to a suboptimal data
structure for the job. Refactor it.