diff --git a/.NetworkManager.metadata b/.NetworkManager.metadata index e98f47c..5bc454a 100644 --- a/.NetworkManager.metadata +++ b/.NetworkManager.metadata @@ -1 +1 @@ -78682cdbe2de3f01e358d0bcb2fefabae82e4b35 SOURCES/NetworkManager-1.22.0.tar.xz +985cd602a89a10c4014a745e5f17e5b849242e06 SOURCES/NetworkManager-1.25.91.tar.xz diff --git a/.gitignore b/.gitignore index eaa4bf0..a6e6c34 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -SOURCES/NetworkManager-1.22.0.tar.xz +SOURCES/NetworkManager-1.25.91.tar.xz diff --git a/SOURCES/0001-cloud-setup-systemd-unit-rh1791758.patch b/SOURCES/0001-cloud-setup-systemd-unit-rh1791758.patch new file mode 100644 index 0000000..b356d93 --- /dev/null +++ b/SOURCES/0001-cloud-setup-systemd-unit-rh1791758.patch @@ -0,0 +1,37 @@ +From 04ad92e259cd81fb0a492bc0e2284877ccb297ea Mon Sep 17 00:00:00 2001 +From: Thomas Haller +Date: Thu, 16 Jan 2020 13:40:26 +0100 +Subject: [PATCH 1/1] cloud-setup: avoid unsupported systemd settings in + nm-cloud-setup.service init for rhel-8.2 + +https://bugzilla.redhat.com/show_bug.cgi?id=1791758 +--- + clients/cloud-setup/nm-cloud-setup.service.in | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/clients/cloud-setup/nm-cloud-setup.service.in b/clients/cloud-setup/nm-cloud-setup.service.in +index 69a1a29ccba1..92e427beb8a1 100644 +--- a/clients/cloud-setup/nm-cloud-setup.service.in ++++ b/clients/cloud-setup/nm-cloud-setup.service.in +@@ -21,15 +21,15 @@ PrivateDevices=yes + PrivateTmp=yes + ProtectControlGroups=yes + ProtectHome=yes +-ProtectHostname=yes +-ProtectKernelLogs=yes ++#ProtectHostname=yes ++#ProtectKernelLogs=yes + ProtectKernelModules=yes + ProtectKernelTunables=yes + ProtectSystem=strict + RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6 + RestrictNamespaces=yes + RestrictRealtime=yes +-RestrictSUIDSGID=yes ++#RestrictSUIDSGID=yes + SystemCallFilter=@system-service + + [Install] +-- +2.24.1 + diff --git a/SOURCES/1000-dhcp-nettools-search-domains-fix-rh1783981.patch b/SOURCES/1000-dhcp-nettools-search-domains-fix-rh1783981.patch deleted file mode 100644 index 7d86df4..0000000 --- a/SOURCES/1000-dhcp-nettools-search-domains-fix-rh1783981.patch +++ /dev/null @@ -1,36 +0,0 @@ -From 43922e1ffa2442486afe60bdca3f91fe619d5980 Mon Sep 17 00:00:00 2001 -From: Beniamino Galvani -Date: Tue, 17 Dec 2019 14:23:33 +0100 -Subject: [PATCH 1/1] dhcp: nettools: fix parsing of search domains option - -'first' was never modified and so the dot was never added. - -Fixes: 6adade6f21d5 ('dhcp: add nettools dhcp4 client') - -https://bugzilla.redhat.com/show_bug.cgi?id=1783981 -(cherry picked from commit 9aa00a8a14cb64f851234d025498ff2f9ec18e94) -(cherry picked from commit ea22135384edaf57a41293bd517ff1445b8c88a8) ---- - src/dhcp/nm-dhcp-nettools.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/dhcp/nm-dhcp-nettools.c b/src/dhcp/nm-dhcp-nettools.c -index e557c0048750..a537ee8272bc 100644 ---- a/src/dhcp/nm-dhcp-nettools.c -+++ b/src/dhcp/nm-dhcp-nettools.c -@@ -246,10 +246,10 @@ lease_option_print_domain_name (GString *str, uint8_t *cache, size_t *n_cachep, - return TRUE; - } - -- if (!first) { -+ if (!first) - g_string_append_c(str, '.'); -+ else - first = FALSE; -- } - - if (!lease_option_print_label (str, n_label, domainp, n_domainp)) - return FALSE; --- -2.23.0 - diff --git a/SOURCES/9999-fix-pregen-doc.patch b/SOURCES/9999-fix-pregen-doc.patch index 2bf3732..369c69b 100644 --- a/SOURCES/9999-fix-pregen-doc.patch +++ b/SOURCES/9999-fix-pregen-doc.patch @@ -1,7 +1,7 @@ -From a70e59b64daa78e5f7e801ec3dba99bc34ace51f Mon Sep 17 00:00:00 2001 +From 45d1bf8caf2d75c5728688c5cc0ac738b0078917 Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Tue, 27 Aug 2019 15:47:32 +0200 -Subject: [PATCH] patch documentation with the proper default values +Subject: [PATCH 1/1] patch documentation with the proper default values We don't regenerate the documentation for RHEL builds, but the docs from the tarball are generated with a certain set @@ -14,10 +14,10 @@ Patch the man pages with the proper values. 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/api/html/NetworkManager.conf.html b/docs/api/html/NetworkManager.conf.html -index 97287e90fe06..d8369008a47e 100644 +index 2778de44e660..fdb772c5d355 100644 --- a/docs/api/html/NetworkManager.conf.html +++ b/docs/api/html/NetworkManager.conf.html -@@ -569,7 +569,7 @@ unmanaged-devices=mac:00:22:68:1c:59:b1;mac:00:1E:65:30:D1:C4;interface-name:eth +@@ -574,7 +574,7 @@ unmanaged-devices=mac:00:22:68:1c:59:b1;mac:00:1E:65:30:D1:C4;interface-name:eth are "syslog" and "journal". When NetworkManager is started with "--debug" in addition all messages will be printed to stderr. @@ -27,10 +27,10 @@ index 97287e90fe06..d8369008a47e 100644 diff --git a/man/NetworkManager.conf.5 b/man/NetworkManager.conf.5 -index 6b1a3081a7a4..77ce8668cf4b 100644 +index 7f8b20abb0f3..d42437ec0f8e 100644 --- a/man/NetworkManager.conf.5 +++ b/man/NetworkManager.conf.5 -@@ -590,7 +590,7 @@ INFO\&. +@@ -598,7 +598,7 @@ INFO\&. .PP \fIbackend\fR .RS 4 @@ -40,5 +40,5 @@ index 6b1a3081a7a4..77ce8668cf4b 100644 .PP \fIaudit\fR -- -2.23.0 +2.26.2 diff --git a/SPECS/NetworkManager.spec b/SPECS/NetworkManager.spec index c564a55..65bd5fa 100644 --- a/SPECS/NetworkManager.spec +++ b/SPECS/NetworkManager.spec @@ -5,9 +5,9 @@ %global glib2_version %(pkg-config --modversion glib-2.0 2>/dev/null || echo bad) %global epoch_version 1 -%global rpm_version 1.22.0 -%global real_version 1.22.0 -%global release_version 2 +%global rpm_version 1.26.0 +%global real_version 1.25.91 +%global release_version 0.2 %global snapshot %{nil} %global git_sha %{nil} @@ -21,10 +21,10 @@ %global _hardened_build 1 -%if "x%{?snapshot}" != x +%if "x%{?snapshot}" != "x" %global snapshot_dot .%{snapshot} %endif -%if "x%{?git_sha}" != x +%if "x%{?git_sha}" != "x" %global git_sha_dot .%{git_sha} %endif @@ -76,6 +76,11 @@ %else %bcond_without iwd %endif +%if 0%{?fedora} > 31 || 0%{?rhel} > 7 +%bcond_without firewalld_zone +%else +%bcond_with firewalld_zone +%endif ############################################################################### @@ -115,9 +120,9 @@ # bpf(BPF_MAP_CREATE, ...) randomly fails with EPERM. That might # be related to `ulimit -l`. Anyway, this is not usable at the # moment. -%global ebpf_enabled no +%global ebpf_enabled "no" %else -%global ebpf_enabled no +%global ebpf_enabled "no" %endif ############################################################################### @@ -141,10 +146,10 @@ Source6: 70-nm-connectivity.conf # RHEL downstream patches that change behavior from upstream. # These are not bugfixes, hence they are also relevant after # the next rebase of the source tarball. -#Patch1: 0001-some-downstream-difference.patch +Patch1: 0001-cloud-setup-systemd-unit-rh1791758.patch # Bugfixes that are only relevant until next rebase of the package. -Patch1000: 1000-dhcp-nettools-search-domains-fix-rh1783981.patch +#Patch1000: 1000-some-patch.patch # The pregenerated docs contain default values and paths that depend # on the configure options when creating the source tarball. @@ -244,10 +249,17 @@ BuildRequires: polkit-devel BuildRequires: jansson-devel %if %{with sanitizer} BuildRequires: libasan -%if 0%{?fedora} +%if 0%{?fedora} || 0%{?rhel} >= 8 BuildRequires: libubsan %endif %endif +%if %{with firewalld_zone} +BuildRequires: firewalld-filesystem +%endif +BuildRequires: iproute +%if 0%{?fedora} || 0%{?rhel} > 7 +BuildRequires: iproute-tc +%endif Provides: %{name}-dispatcher%{?_isa} = %{epoch}:%{version}-%{release} @@ -395,19 +407,18 @@ This package contains NetworkManager support for PPP. %package libnm -Summary: Libraries for adding NetworkManager support to applications (new API). +Summary: Libraries for adding NetworkManager support to applications. Group: Development/Libraries Conflicts: NetworkManager-glib < %{epoch}:%{version}-%{release} License: LGPLv2+ %description libnm This package contains the libraries that make it easier to use some -NetworkManager functionality from applications. This is the new -NetworkManager API. See also NetworkManager-glib. +NetworkManager functionality from applications. %package libnm-devel -Summary: Header files for adding NetworkManager support to applications (new API). +Summary: Header files for adding NetworkManager support to applications. Group: Development/Libraries Requires: %{name}-libnm%{?_isa} = %{epoch}:%{version}-%{release} Requires: glib2-devel @@ -416,8 +427,7 @@ License: LGPLv2+ %description libnm-devel This package contains the header and pkg-config files for development -applications using NetworkManager functionality from applications. This -is the new NetworkManager API. See also NetworkManager-glib-devel. +applications using NetworkManager functionality from applications. %if %{with connectivity_fedora} @@ -592,7 +602,6 @@ This tool is still experimental. -Dselinux=true \ -Dpolkit=true \ -Dconfig_auth_polkit_default=true \ - -Dpolkit_agent=true \ -Dmodify_system=true \ -Dconcheck=true \ %if 0%{?fedora} @@ -600,7 +609,7 @@ This tool is still experimental. %else -Dlibpsl=false \ %endif -%if %{ebpf_enabled} != yes +%if %{ebpf_enabled} != "yes" -Debpf=false \ %else -Debpf=true \ @@ -618,6 +627,11 @@ This tool is still experimental. -Dpppd_plugin_dir=%{_libdir}/pppd/%{ppp_version} \ -Dppp=true \ %endif +%if %{with firewalld_zone} + -Dfirewalld_zone=true \ +%else + -Dfirewalld_zone=false \ +%endif -Ddist_version=%{version}-%{release} \ -Dconfig_plugins_default=%{config_plugins_default} \ -Dconfig_dns_rc_manager_default=%{dns_rc_manager_default} \ @@ -648,8 +662,10 @@ intltoolize --automake --copy --force %endif %if %{with sanitizer} --with-address-sanitizer=exec \ -%if 0%{?fedora} +%if 0%{?fedora} || 0%{?rhel} >= 8 --enable-undefined-sanitizer \ +%else + --disable-undefined-sanitizer \ %endif %else --with-address-sanitizer=no \ @@ -723,7 +739,6 @@ intltoolize --automake --copy --force %endif --with-selinux=yes \ --enable-polkit=yes \ - --enable-polkit-agent \ --enable-modify-system=yes \ --enable-concheck \ %if 0%{?fedora} @@ -750,6 +765,11 @@ intltoolize --automake --copy --force --with-pppd-plugin-dir=%{_libdir}/pppd/%{ppp_version} \ --enable-ppp=yes \ %endif +%if %{with firewalld_zone} + --enable-firewalld-zone \ +%else + --disable-firewalld-zone \ +%endif --with-dist-version=%{version}-%{release} \ --with-config-plugins-default=%{config_plugins_default} \ --with-config-dns-rc-manager-default=%{dns_rc_manager_default} \ @@ -832,6 +852,9 @@ fi %post /usr/bin/udevadm control --reload-rules || : /usr/bin/udevadm trigger --subsystem-match=net || : +%if %{with firewalld_zone} +%firewalld_reload +%endif %systemd_post %{systemd_units} @@ -873,6 +896,9 @@ fi %postun /usr/bin/udevadm control --reload-rules || : /usr/bin/udevadm trigger --subsystem-match=net || : +%if %{with firewalld_zone} +%firewalld_reload +%endif %systemd_postun %{systemd_units} @@ -938,6 +964,9 @@ fi %{_datadir}/dbus-1/system-services/org.freedesktop.nm_dispatcher.service %{_datadir}/polkit-1/actions/*.policy %{_prefix}/lib/udev/rules.d/*.rules +%if %{with firewalld_zone} +%{_prefix}/lib/firewalld/zones/nm-shared.xml +%endif # systemd stuff %{systemd_dir}/NetworkManager.service %{systemd_dir}/NetworkManager-wait-online.service @@ -1068,6 +1097,83 @@ fi %changelog +* Sun Jun 28 2020 Beniamino Galvani - 1:1.26.0-0.2 +- update to 1.26-rc2 (1.25.91) +- initrd: set ipv6.method=auto when using IPv4 static configuration (rh #1848943) +- cloud-setup: add support for Google Cloud load-balancing routes (rh #1821787) + +* Mon Jun 15 2020 Thomas Haller - 1:1.26.0-0.1 +- update to 1.26-rc1 (1.25.90) +- core: support more tc qdiscs (tbf and sfq) (rh #1546802) +- core: support match devices for connection profile by PCI address (ID_PATH) (rh #1673321) +- ovs: fix peer property for OVS patch interface (rh #1845216) +- doc: add manual pages nm-settings-dbus and nm-settings-nmcli (rh #1614726) +- wifi: don't block autoconnect for profiles that never succeeded to connect (rh #1781253) +- dbus,nmcli: highlight externally managed devices (rh #1816202) + +* Fri May 29 2020 Beniamino Galvani - 1:1.25.2-1 +- update to 1.25.2 (development) +- support ethtool coalesce and ring options (rh #1614700) +- core: improve synchronization of qdiscs with kernel (rh #1815875) +- team: support running without D-Bus (rh #1784363) +- core: fix potential crash when autoactivating child connections (rh #1778073) +- ethernet: reset original autonegotiation/speed/duplex settings on deactivation (rh #1807171) +- core: fix setting IPv6 token in kernel (rh #1819680) + +* Fri May 8 2020 Thomas Haller - 1:1.25.1-1 +- update to 1.25.1 (development) +- improve documentation (rh #1651594, rh #1819259) +- vrf: add support (rh #1773908) +- bond: improve setting default options for miimon and updelay (rh #1805184, rh #1806549) +- bluetooth: fix crash handling DUN modem (rh #1826635) +- core: fix potential infinite loop with prefix delegation (rh #1488030) +- initrd: fixes for running NetworkManager in initrd (rh #1627820, #1710935, #1744935, #1771792) +- core: prevent multiple attempts to create default wired connection (rh #1687937) +- bridge: support more options (rh #1755768) +- libnm,dbus: expose HwAddress for all device types (rh #1786937) +- core: fix route priority for IPv6 (rh #1814557) +- core: fix crash during reapply (rh #1816067) +- core: clear IP address from bridge slave (rh #1816517) +- ovs: support changing MTU of OVS interfaces (rh #1820052) +- nm-online: support setting timeout for NetworkManager-wait-online (rh #1828458) + +* Fri Mar 6 2020 Thomas Haller - 1:1.22.8-4 +- core: fix leaking device state files in /run (rh #1810153) +- dhcp: fix crash in nettools client when leaking GSource (rh #1810188) + +* Mon Feb 24 2020 Beniamino Galvani - 1:1.22.8-3 +- dhcp: keep trying after a send failure (rh #1806516) +- ovs: fail port enslavement when the bridge is not found (rh #1797696) + +* Wed Feb 19 2020 Thomas Haller - 1:1.22.8-2 +- bond: fix setting arp_validate option for other bonding modes (rh #1789437) + +* Tue Feb 18 2020 Antonio Cardace - 1:1.22.8-1 +- Update to 1.22.8 +- Added configuration option to customize IPv6 RA timeout (rh #1801158) +- Removed length limitation for OVS Bridge, Patches and Interfaces (only Patch types) names (rh #1788432) +- Reworked asynchronous deactivation of OVS interfaces (rh #1787989, rh #1782701) +- Fixed failure when creating team interfaces (rh #1798947) +- ifcfg-rh: fix clearing ovs slave type from ifcfg-rh file (rh #1804167) +- Fixed bug causing virtual devices to not be available after AddConnection()/Update() (rh #1804350) + +* Fri Jan 31 2020 Antonio Cardace - 1:1.22.6-1 +- Update to 1.22.6 +- nm-device: add new pending action to keep the device busy when in between states (rh #1759956) +- cloud-setup: avoid unsupported settings in systemd service unit (rh #1791758) +- do not create virtual device if master is not present (rh #1795919) +- allow IPv6 RA timeout to be set to a value higher than 120 seconds (rh #1795957) +- fix behaviour when 'ipv4.dhcp-timeout' option is set to 'infinity' (rh #1791378) + +* Fri Jan 10 2020 Beniamino Galvani - 1:1.22.4-1 +- Update to 1.22.4 +- dhcp: fix behavior of internal DHCP client when the server sends a NAK (rh #1787219) + +* Sat Dec 28 2019 Thomas Haller - 1:1.22.2-1 +- Update to 1.22.2 +- core,libnm: expose capability for OVS support (rh #1785147) +- dhcp: various bugfixes for nettools n-dhcp4 plugin + * Tue Dec 17 2019 Thomas Haller - 1:1.22.0-2 - dhcp: fix parsing of DNS search domain with nettools plugin (rh #1783981)