NetworkManager

Merge ~alfonsosanchezbeato/network-manager:add-wifi-ap-support into network-manager:snap-1.10

  1. Git
  2. lp:~alfonsosanchezbeato/network-manager
  3. add-wifi-ap-support
  4. Merge into snap-1.10
Proposed by Alfonso Sanchez-Beato
Status: Merged
Approved by: Tony Espy
Approved revision: 7e79ba7d7a32bb4747cddd37a04ebc7eeaac7b6d
Merged at revision: 4eaf370bc6c1944c3d40bfbe0d074cb0ff121044
Proposed branch: ~alfonsosanchezbeato/network-manager:add-wifi-ap-support
Merge into: network-manager:snap-1.10
Diff against target: 249 lines (+189/-1)
6 files modified
debian/patches/series (+1/-0)
debian/patches/set-ld-library-path-for-iptables.patch (+34/-0)
snap-common/bin/networkmanager (+5/-0)
snap-common/usr/share/doc/dnsmasq/copyright (+21/-0)
snap-patch/dnsmasq.patch (+102/-0)
snap/snapcraft.yaml (+26/-1)
Reviewer Review Type Date Requested Status
System Enablement Bot continuous-integration Approve
Sebastien Bacher Approve
Konrad Zapałowicz (community) Approve
Review via email: mp+369325@code.launchpad.net

Commit message

Add missing bits to enable sharing connections and be able to access points. Fixes LP: #1832494.

Description of the change

Add missing bits to enable sharing connections and be able to access points. Fixes LP: #1832494.

To post a comment you must log in.
Revision history for this message
System Enablement Bot (system-enablement-ci-bot) wrote :

FAILED: Continuous integration, rev:18ee3b1c16386cbff7a84f9369bc15510c8f3e8a
https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build-prepare/402/
Executed test runs:
    FAILURE: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build/ARCHITECTURE=amd64/435/console
    FAILURE: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build/ARCHITECTURE=arm64/435/console
    FAILURE: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build/ARCHITECTURE=armhf/435/console
    FAILURE: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build/ARCHITECTURE=i386/435/console
    SUCCESS: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-docs/1227
    SUCCESS: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-cleanup/969
    None: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-update-mp/1015/console

Click here to trigger a rebuild:
https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build-prepare/402/rebuild

review: Needs Fixing (continuous-integration)
Revision history for this message
System Enablement Bot (system-enablement-ci-bot) wrote :

FAILED: Continuous integration, rev:18ee3b1c16386cbff7a84f9369bc15510c8f3e8a
https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build-prepare/403/
Executed test runs:
    FAILURE: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build/ARCHITECTURE=amd64/436/console
    FAILURE: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build/ARCHITECTURE=arm64/436/console
    FAILURE: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build/ARCHITECTURE=armhf/436/console
    FAILURE: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build/ARCHITECTURE=i386/436/console
    SUCCESS: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-docs/1228
    SUCCESS: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-cleanup/970
    None: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-update-mp/1016/console

Click here to trigger a rebuild:
https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build-prepare/403/rebuild

review: Needs Fixing (continuous-integration)
Revision history for this message
System Enablement Bot (system-enablement-ci-bot) wrote :

PASSED: Continuous integration, rev:18ee3b1c16386cbff7a84f9369bc15510c8f3e8a
https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build-prepare/404/
Executed test runs:
    SUCCESS: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build/ARCHITECTURE=amd64/437
    SUCCESS: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build/ARCHITECTURE=arm64/437
    SUCCESS: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build/ARCHITECTURE=armhf/437
    SUCCESS: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build/ARCHITECTURE=i386/437
    SUCCESS: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-docs/1229
    SUCCESS: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-cleanup/971
    None: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-update-mp/1017/console

Click here to trigger a rebuild:
https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build-prepare/404/rebuild

review: Approve (continuous-integration)
Revision history for this message
Sebastien Bacher (seb128) wrote :

Thanks for the work, I'm not maintaining that snap/having real knowledge about it but since we want to consolidate the deb&snap packaging at some point I'm going to comment from that angle

Please don't add undocumented patches, set-ld-library-path-for-iptables.patch should have some header with a description on why the change is needed and references to upstream/downstream bugs as appropriate

It would be also good to describe if the patch would be acceptable for the deb and see if that's something can could be upstreamed in some way

review: Needs Fixing
Revision history for this message
Alfonso Sanchez-Beato (alfonsosanchezbeato) wrote :

@Sebastien thanks for the review, I will a description to the NM patch.

Re: deb, no, I do not think this patch should be used by the deb package, as what it does is making sure that iptables is able to locate the right libraries coming in the snap, which is not needed for the deb.

Revision history for this message
Konrad Zapałowicz (kzapalowicz) :
review: Approve
Revision history for this message
System Enablement Bot (system-enablement-ci-bot) wrote :

FAILED: Continuous integration, rev:7e79ba7d7a32bb4747cddd37a04ebc7eeaac7b6d
https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build-prepare/415/
Executed test runs:
    FAILURE: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build/ARCHITECTURE=amd64/447/console
    SUCCESS: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build/ARCHITECTURE=arm64/447
    SUCCESS: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build/ARCHITECTURE=armhf/447
    SUCCESS: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build/ARCHITECTURE=i386/447
    SUCCESS: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-docs/1239
    SUCCESS: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-cleanup/981
    None: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-update-mp/1028/console

Click here to trigger a rebuild:
https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build-prepare/415/rebuild

review: Needs Fixing (continuous-integration)
Revision history for this message
Sebastien Bacher (seb128) wrote :

Looks fine to me but I know little about the snap so it should probably get another review from someone who does understand it better and knows how to do the testing

review: Approve
Revision history for this message
System Enablement Bot (system-enablement-ci-bot) wrote :

FAILED: Continuous integration, rev:7e79ba7d7a32bb4747cddd37a04ebc7eeaac7b6d
https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build-prepare/416/
Executed test runs:
    FAILURE: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build/ARCHITECTURE=amd64/448/console
    SUCCESS: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build/ARCHITECTURE=arm64/448
    SUCCESS: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build/ARCHITECTURE=armhf/448
    SUCCESS: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build/ARCHITECTURE=i386/448
    SUCCESS: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-docs/1240
    SUCCESS: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-cleanup/982
    None: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-update-mp/1029/console

Click here to trigger a rebuild:
https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build-prepare/416/rebuild

review: Needs Fixing (continuous-integration)
Revision history for this message
System Enablement Bot (system-enablement-ci-bot) wrote :

PASSED: Continuous integration, rev:7e79ba7d7a32bb4747cddd37a04ebc7eeaac7b6d
https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build-prepare/417/
Executed test runs:
    SUCCESS: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build/ARCHITECTURE=amd64/449
    SUCCESS: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build/ARCHITECTURE=arm64/449
    SUCCESS: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build/ARCHITECTURE=armhf/449
    SUCCESS: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build/ARCHITECTURE=i386/449
    SUCCESS: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-docs/1241
    SUCCESS: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-cleanup/983
    None: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-update-mp/1030/console

Click here to trigger a rebuild:
https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build-prepare/417/rebuild

review: Approve (continuous-integration)
Revision history for this message
Alfonso Sanchez-Beato (alfonsosanchezbeato) wrote :

@Sebastien, well, that was already done by Konrad :)

Note also that automatic tests are passing: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-test/2205/console

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/debian/patches/series b/debian/patches/series
2index 3267d3c..3b31e47 100644
3--- a/debian/patches/series
4+++ b/debian/patches/series
5@@ -17,3 +17,4 @@ disable-libnm-glib-test-devices-array.patch
6 add-snap-support.patch
7 disable-tests-that-fail-under-launchpad-builds.patch
8 snap-support-ppp.patch
9+set-ld-library-path-for-iptables.patch
10diff --git a/debian/patches/set-ld-library-path-for-iptables.patch b/debian/patches/set-ld-library-path-for-iptables.patch
11new file mode 100644
12index 0000000..065816c
13--- /dev/null
14+++ b/debian/patches/set-ld-library-path-for-iptables.patch
15@@ -0,0 +1,34 @@
16+From: =?UTF-8?q?Alfonso=20S=C3=A1nchez-Beato?= <alfonso.sanchez-beato@canonical.com>
17+Date: Thu, 18 Jul 2019 17:48:39 +0200
18+Subject: [PATCH] snap: pass NM env vars when calling iptables
19+
20+This is necessary so LD_LIBRARY_PATH is passed down to iptables so it is
21+able to find the libraries included in the snap package.
22+---
23+ src/nm-act-request.c | 3 +--
24+ 1 file changed, 1 insertion(+), 2 deletions(-)
25+
26+diff --git a/src/nm-act-request.c b/src/nm-act-request.c
27+index 87070794..bcf3e0bb 100644
28+--- a/src/nm-act-request.c
29++++ b/src/nm-act-request.c
30+@@ -309,7 +309,6 @@ nm_act_request_set_shared (NMActRequest *req, gboolean shared)
31+ /* Send the rules to iptables */
32+ for (iter = list; iter; iter = g_slist_next (iter)) {
33+ ShareRule *rule = (ShareRule *) iter->data;
34+- char *envp[1] = { NULL };
35+ gs_strfreev char **argv = NULL;
36+ gs_free char *cmd = NULL;
37+
38+@@ -327,7 +326,7 @@ nm_act_request_set_shared (NMActRequest *req, gboolean shared)
39+ GError *error = NULL;
40+
41+ nm_log_info (LOGD_SHARING, "Executing: %s", cmd);
42+- if (!g_spawn_sync ("/", argv, envp, G_SPAWN_STDOUT_TO_DEV_NULL | G_SPAWN_STDERR_TO_DEV_NULL,
43++ if (!g_spawn_sync ("/", argv, NULL, G_SPAWN_STDOUT_TO_DEV_NULL | G_SPAWN_STDERR_TO_DEV_NULL,
44+ NULL, NULL, NULL, NULL, &status, &error)) {
45+ nm_log_warn (LOGD_SHARING, "Error executing command: %s",
46+ error->message);
47+--
48+2.17.1
49+
50diff --git a/snap-common/bin/networkmanager b/snap-common/bin/networkmanager
51index 0ee19a1..bb8131b 100755
52--- a/snap-common/bin/networkmanager
53+++ b/snap-common/bin/networkmanager
54@@ -31,6 +31,11 @@ mkdir -p "$SNAP_DATA"/conf.d
55 mkdir -p "$SNAP_DATA"/state
56 mkdir -p "$SNAP_DATA"/state/dhcp
57
58+# Folders needed by dnsmasq
59+mkdir -p "$SNAP_DATA"/var/lib/misc
60+mkdir -p "$SNAP_DATA"/etc
61+mkdir -p "$SNAP_DATA"/var/run
62+
63 # Apply current snapctl settings
64 . "$SNAP"/bin/snap-config.sh
65 apply_snap_config
66diff --git a/snap-common/usr/share/doc/dnsmasq/copyright b/snap-common/usr/share/doc/dnsmasq/copyright
67new file mode 100644
68index 0000000..d516e43
69--- /dev/null
70+++ b/snap-common/usr/share/doc/dnsmasq/copyright
71@@ -0,0 +1,21 @@
72+dnsmasq is Copyright (c) 2000-2018 Simon Kelley
73+
74+It was downloaded from: http://www.thekelleys.org.uk/dnsmasq/
75+
76+ This program is free software; you can redistribute it and/or modify
77+ it under the terms of the GNU General Public License as published by
78+ the Free Software Foundation; version 2 dated June, 1991, or
79+ (at your option) version 3 dated 29 June, 2007.
80+
81+ This program is distributed in the hope that it will be useful,
82+ but WITHOUT ANY WARRANTY; without even the implied warranty of
83+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
84+ GNU General Public License for more details.
85+
86+On Debian GNU/Linux systems, the text of the GNU general public license is
87+available in the file /usr/share/common-licenses/GPL-2 or
88+/usr/share/common-licenses/GPL-3
89+
90+The Debian package of dnsmasq was created by Simon Kelley with assistance
91+from Lars Bahner.
92+
93diff --git a/snap-patch/dnsmasq.patch b/snap-patch/dnsmasq.patch
94new file mode 100644
95index 0000000..fbd6904
96--- /dev/null
97+++ b/snap-patch/dnsmasq.patch
98@@ -0,0 +1,102 @@
99+From 8e829e18fc739f05b1a25cc40ce1722f65831950 Mon Sep 17 00:00:00 2001
100+From: =?UTF-8?q?Alfonso=20S=C3=A1nchez-Beato?=
101+ <alfonso.sanchez-beato@canonical.com>
102+Date: Tue, 25 Jun 2019 17:36:41 +0200
103+Subject: [PATCH] snap: do not tinker with uid/gid, change fixed paths
104+
105+---
106+ src/config.h | 6 +++---
107+ src/dnsmasq.c | 30 +++++++++++++++---------------
108+ 2 files changed, 18 insertions(+), 18 deletions(-)
109+
110+diff --git a/src/config.h b/src/config.h
111+index ecefb87..25b92ba 100644
112+--- a/src/config.h
113++++ b/src/config.h
114+@@ -190,7 +190,7 @@ RESOLVFILE
115+ # elif defined(__ANDROID__)
116+ # define LEASEFILE "/data/misc/dhcp/dnsmasq.leases"
117+ # else
118+-# define LEASEFILE "/var/lib/misc/dnsmasq.leases"
119++# define LEASEFILE "/var/snap/network-manager/current/var/lib/misc/dnsmasq.leases"
120+ # endif
121+ #endif
122+
123+@@ -198,7 +198,7 @@ RESOLVFILE
124+ # if defined(__FreeBSD__)
125+ # define CONFFILE "/usr/local/etc/dnsmasq.conf"
126+ # else
127+-# define CONFFILE "/etc/dnsmasq.conf"
128++# define CONFFILE "/var/snap/network-manager/current/etc/dnsmasq.conf"
129+ # endif
130+ #endif
131+
132+@@ -214,7 +214,7 @@ RESOLVFILE
133+ # if defined(__ANDROID__)
134+ # define RUNFILE "/data/dnsmasq.pid"
135+ # else
136+-# define RUNFILE "/var/run/dnsmasq.pid"
137++# define RUNFILE "/var/snap/network-manager/current/var/run/dnsmasq.pid"
138+ # endif
139+ #endif
140+
141+diff --git a/src/dnsmasq.c b/src/dnsmasq.c
142+index ce44809..17c451b 100644
143+--- a/src/dnsmasq.c
144++++ b/src/dnsmasq.c
145+@@ -548,8 +548,8 @@ int main (int argc, char **argv)
146+ of the directory containing the file. That directory will
147+ need to by owned by the dnsmasq user, and the ownership of the
148+ file has to match, to keep systemd >273 happy. */
149+- if (getuid() == 0 && ent_pw && ent_pw->pw_uid != 0 && fchown(fd, ent_pw->pw_uid, ent_pw->pw_gid) == -1)
150+- chown_warn = errno;
151++ /* if (getuid() == 0 && ent_pw && ent_pw->pw_uid != 0 && fchown(fd, ent_pw->pw_uid, ent_pw->pw_gid) == -1) */
152++ /* chown_warn = errno; */
153+
154+ if (!read_write(fd, (unsigned char *)daemon->namebuff, strlen(daemon->namebuff), 0))
155+ err = 1;
156+@@ -595,16 +595,16 @@ int main (int argc, char **argv)
157+ if (!option_bool(OPT_DEBUG) && getuid() == 0)
158+ {
159+ int bad_capabilities = 0;
160+- gid_t dummy;
161++ /* gid_t dummy; */
162+
163+ /* remove all supplementary groups */
164+- if (gp &&
165+- (setgroups(0, &dummy) == -1 ||
166+- setgid(gp->gr_gid) == -1))
167+- {
168+- send_event(err_pipe[1], EVENT_GROUP_ERR, errno, daemon->groupname);
169+- _exit(0);
170+- }
171++ /* if (gp && */
172++ /* (setgroups(0, &dummy) == -1 || */
173++ /* setgid(gp->gr_gid) == -1)) */
174++ /* { */
175++ /* send_event(err_pipe[1], EVENT_GROUP_ERR, errno, daemon->groupname); */
176++ /* _exit(0); */
177++ /* } */
178+
179+ if (ent_pw && ent_pw->pw_uid != 0)
180+ {
181+@@ -654,11 +654,11 @@ int main (int argc, char **argv)
182+ }
183+
184+ /* finally drop root */
185+- if (setuid(ent_pw->pw_uid) == -1)
186+- {
187+- send_event(err_pipe[1], EVENT_USER_ERR, errno, daemon->username);
188+- _exit(0);
189+- }
190++ /* if (setuid(ent_pw->pw_uid) == -1) */
191++ /* { */
192++ /* send_event(err_pipe[1], EVENT_USER_ERR, errno, daemon->username); */
193++ /* _exit(0); */
194++ /* } */
195+
196+ #ifdef HAVE_LINUX_NETWORK
197+ if (is_dad_listeners() || option_bool(OPT_CLEVERBIND))
198+--
199+2.17.1
200+
201diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml
202index da71965..7480dc5 100644
203--- a/snap/snapcraft.yaml
204+++ b/snap/snapcraft.yaml
205@@ -50,11 +50,35 @@ apps:
206 command: bin/networkmanager
207 daemon: simple
208 slots: [service]
209- plugs: [modem-manager, ppp, network-setup-observe, wpa, firewall-control, hardware-observe]
210+ plugs: [modem-manager, ppp, network-setup-observe, wpa, firewall-control, hardware-observe, kernel-module-control]
211+
212+layout:
213+ /usr/lib/x86_64-linux-gnu/xtables:
214+ bind: $SNAP/usr/lib/x86_64-linux-gnu/xtables
215+
216 parts:
217 networkmanager-common:
218 plugin: dump
219 source: snap-common
220+
221+ dnsmasq:
222+ plugin: make
223+ source: https://git.launchpad.net/ubuntu/+source/dnsmasq
224+ source-type: git
225+ source-branch: applied/ubuntu/bionic
226+ build-packages:
227+ - build-essential
228+ make-parameters:
229+ - PREFIX=/
230+ override-build: |
231+ git apply ../../../snap-patch/dnsmasq.patch
232+ snapcraftctl build
233+ filesets:
234+ binaries:
235+ - sbin/dnsmasq
236+ prime:
237+ - $binaries
238+
239 #
240 # TODO: investigate whether this HACK is still needed. The script
241 # dhcp-lease-mover relies on inotifywait to determine if any DHCP
242@@ -288,6 +312,7 @@ parts:
243 - usr/lib/*/libteamdctl*
244 - usr/lib/*/libwind*
245 - usr/lib/*/libxtables*
246+ - usr/lib/*/xtables/*
247 unwanted:
248 # We don't use dhclient so we don't need this helper
249 - -usr/lib/NetworkManager/nm-dhcp-helper

Subscribers

People subscribed via source and target branches