Merge ~alfonsosanchezbeato/network-manager:add-wifi-ap-support into network-manager:snap-1.10
- Git
- lp:~alfonsosanchezbeato/network-manager
- add-wifi-ap-support
- Merge into snap-1.10
Status: | Merged |
---|---|
Approved by: | Tony Espy |
Approved revision: | 7e79ba7d7a32bb4747cddd37a04ebc7eeaac7b6d |
Merged at revision: | 4eaf370bc6c1944c3d40bfbe0d074cb0ff121044 |
Proposed branch: | ~alfonsosanchezbeato/network-manager:add-wifi-ap-support |
Merge into: | network-manager:snap-1.10 |
Diff against target: |
249 lines (+189/-1) 6 files modified
debian/patches/series (+1/-0) debian/patches/set-ld-library-path-for-iptables.patch (+34/-0) snap-common/bin/networkmanager (+5/-0) snap-common/usr/share/doc/dnsmasq/copyright (+21/-0) snap-patch/dnsmasq.patch (+102/-0) snap/snapcraft.yaml (+26/-1) |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
System Enablement Bot | continuous-integration | Approve | |
Sebastien Bacher | Approve | ||
Konrad Zapałowicz (community) | Approve | ||
Review via email: mp+369325@code.launchpad.net |
Commit message
Add missing bits to enable sharing connections and be able to access points. Fixes LP: #1832494.
Description of the change
Add missing bits to enable sharing connections and be able to access points. Fixes LP: #1832494.
System Enablement Bot (system-enablement-ci-bot) wrote : | # |
System Enablement Bot (system-enablement-ci-bot) wrote : | # |
FAILED: Continuous integration, rev:18ee3b1c163
https:/
Executed test runs:
FAILURE: https:/
FAILURE: https:/
FAILURE: https:/
FAILURE: https:/
SUCCESS: https:/
SUCCESS: https:/
None: https:/
Click here to trigger a rebuild:
https:/
System Enablement Bot (system-enablement-ci-bot) wrote : | # |
PASSED: Continuous integration, rev:18ee3b1c163
https:/
Executed test runs:
SUCCESS: https:/
SUCCESS: https:/
SUCCESS: https:/
SUCCESS: https:/
SUCCESS: https:/
SUCCESS: https:/
None: https:/
Click here to trigger a rebuild:
https:/
Sebastien Bacher (seb128) wrote : | # |
Thanks for the work, I'm not maintaining that snap/having real knowledge about it but since we want to consolidate the deb&snap packaging at some point I'm going to comment from that angle
Please don't add undocumented patches, set-ld-
It would be also good to describe if the patch would be acceptable for the deb and see if that's something can could be upstreamed in some way
Alfonso Sanchez-Beato (alfonsosanchezbeato) wrote : | # |
@Sebastien thanks for the review, I will a description to the NM patch.
Re: deb, no, I do not think this patch should be used by the deb package, as what it does is making sure that iptables is able to locate the right libraries coming in the snap, which is not needed for the deb.
Konrad Zapałowicz (kzapalowicz) : | # |
System Enablement Bot (system-enablement-ci-bot) wrote : | # |
FAILED: Continuous integration, rev:7e79ba7d7a3
https:/
Executed test runs:
FAILURE: https:/
SUCCESS: https:/
SUCCESS: https:/
SUCCESS: https:/
SUCCESS: https:/
SUCCESS: https:/
None: https:/
Click here to trigger a rebuild:
https:/
Sebastien Bacher (seb128) wrote : | # |
Looks fine to me but I know little about the snap so it should probably get another review from someone who does understand it better and knows how to do the testing
System Enablement Bot (system-enablement-ci-bot) wrote : | # |
FAILED: Continuous integration, rev:7e79ba7d7a3
https:/
Executed test runs:
FAILURE: https:/
SUCCESS: https:/
SUCCESS: https:/
SUCCESS: https:/
SUCCESS: https:/
SUCCESS: https:/
None: https:/
Click here to trigger a rebuild:
https:/
System Enablement Bot (system-enablement-ci-bot) wrote : | # |
PASSED: Continuous integration, rev:7e79ba7d7a3
https:/
Executed test runs:
SUCCESS: https:/
SUCCESS: https:/
SUCCESS: https:/
SUCCESS: https:/
SUCCESS: https:/
SUCCESS: https:/
None: https:/
Click here to trigger a rebuild:
https:/
Alfonso Sanchez-Beato (alfonsosanchezbeato) wrote : | # |
@Sebastien, well, that was already done by Konrad :)
Note also that automatic tests are passing: https:/
Preview Diff
1 | diff --git a/debian/patches/series b/debian/patches/series |
2 | index 3267d3c..3b31e47 100644 |
3 | --- a/debian/patches/series |
4 | +++ b/debian/patches/series |
5 | @@ -17,3 +17,4 @@ disable-libnm-glib-test-devices-array.patch |
6 | add-snap-support.patch |
7 | disable-tests-that-fail-under-launchpad-builds.patch |
8 | snap-support-ppp.patch |
9 | +set-ld-library-path-for-iptables.patch |
10 | diff --git a/debian/patches/set-ld-library-path-for-iptables.patch b/debian/patches/set-ld-library-path-for-iptables.patch |
11 | new file mode 100644 |
12 | index 0000000..065816c |
13 | --- /dev/null |
14 | +++ b/debian/patches/set-ld-library-path-for-iptables.patch |
15 | @@ -0,0 +1,34 @@ |
16 | +From: =?UTF-8?q?Alfonso=20S=C3=A1nchez-Beato?= <alfonso.sanchez-beato@canonical.com> |
17 | +Date: Thu, 18 Jul 2019 17:48:39 +0200 |
18 | +Subject: [PATCH] snap: pass NM env vars when calling iptables |
19 | + |
20 | +This is necessary so LD_LIBRARY_PATH is passed down to iptables so it is |
21 | +able to find the libraries included in the snap package. |
22 | +--- |
23 | + src/nm-act-request.c | 3 +-- |
24 | + 1 file changed, 1 insertion(+), 2 deletions(-) |
25 | + |
26 | +diff --git a/src/nm-act-request.c b/src/nm-act-request.c |
27 | +index 87070794..bcf3e0bb 100644 |
28 | +--- a/src/nm-act-request.c |
29 | ++++ b/src/nm-act-request.c |
30 | +@@ -309,7 +309,6 @@ nm_act_request_set_shared (NMActRequest *req, gboolean shared) |
31 | + /* Send the rules to iptables */ |
32 | + for (iter = list; iter; iter = g_slist_next (iter)) { |
33 | + ShareRule *rule = (ShareRule *) iter->data; |
34 | +- char *envp[1] = { NULL }; |
35 | + gs_strfreev char **argv = NULL; |
36 | + gs_free char *cmd = NULL; |
37 | + |
38 | +@@ -327,7 +326,7 @@ nm_act_request_set_shared (NMActRequest *req, gboolean shared) |
39 | + GError *error = NULL; |
40 | + |
41 | + nm_log_info (LOGD_SHARING, "Executing: %s", cmd); |
42 | +- if (!g_spawn_sync ("/", argv, envp, G_SPAWN_STDOUT_TO_DEV_NULL | G_SPAWN_STDERR_TO_DEV_NULL, |
43 | ++ if (!g_spawn_sync ("/", argv, NULL, G_SPAWN_STDOUT_TO_DEV_NULL | G_SPAWN_STDERR_TO_DEV_NULL, |
44 | + NULL, NULL, NULL, NULL, &status, &error)) { |
45 | + nm_log_warn (LOGD_SHARING, "Error executing command: %s", |
46 | + error->message); |
47 | +-- |
48 | +2.17.1 |
49 | + |
50 | diff --git a/snap-common/bin/networkmanager b/snap-common/bin/networkmanager |
51 | index 0ee19a1..bb8131b 100755 |
52 | --- a/snap-common/bin/networkmanager |
53 | +++ b/snap-common/bin/networkmanager |
54 | @@ -31,6 +31,11 @@ mkdir -p "$SNAP_DATA"/conf.d |
55 | mkdir -p "$SNAP_DATA"/state |
56 | mkdir -p "$SNAP_DATA"/state/dhcp |
57 | |
58 | +# Folders needed by dnsmasq |
59 | +mkdir -p "$SNAP_DATA"/var/lib/misc |
60 | +mkdir -p "$SNAP_DATA"/etc |
61 | +mkdir -p "$SNAP_DATA"/var/run |
62 | + |
63 | # Apply current snapctl settings |
64 | . "$SNAP"/bin/snap-config.sh |
65 | apply_snap_config |
66 | diff --git a/snap-common/usr/share/doc/dnsmasq/copyright b/snap-common/usr/share/doc/dnsmasq/copyright |
67 | new file mode 100644 |
68 | index 0000000..d516e43 |
69 | --- /dev/null |
70 | +++ b/snap-common/usr/share/doc/dnsmasq/copyright |
71 | @@ -0,0 +1,21 @@ |
72 | +dnsmasq is Copyright (c) 2000-2018 Simon Kelley |
73 | + |
74 | +It was downloaded from: http://www.thekelleys.org.uk/dnsmasq/ |
75 | + |
76 | + This program is free software; you can redistribute it and/or modify |
77 | + it under the terms of the GNU General Public License as published by |
78 | + the Free Software Foundation; version 2 dated June, 1991, or |
79 | + (at your option) version 3 dated 29 June, 2007. |
80 | + |
81 | + This program is distributed in the hope that it will be useful, |
82 | + but WITHOUT ANY WARRANTY; without even the implied warranty of |
83 | + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
84 | + GNU General Public License for more details. |
85 | + |
86 | +On Debian GNU/Linux systems, the text of the GNU general public license is |
87 | +available in the file /usr/share/common-licenses/GPL-2 or |
88 | +/usr/share/common-licenses/GPL-3 |
89 | + |
90 | +The Debian package of dnsmasq was created by Simon Kelley with assistance |
91 | +from Lars Bahner. |
92 | + |
93 | diff --git a/snap-patch/dnsmasq.patch b/snap-patch/dnsmasq.patch |
94 | new file mode 100644 |
95 | index 0000000..fbd6904 |
96 | --- /dev/null |
97 | +++ b/snap-patch/dnsmasq.patch |
98 | @@ -0,0 +1,102 @@ |
99 | +From 8e829e18fc739f05b1a25cc40ce1722f65831950 Mon Sep 17 00:00:00 2001 |
100 | +From: =?UTF-8?q?Alfonso=20S=C3=A1nchez-Beato?= |
101 | + <alfonso.sanchez-beato@canonical.com> |
102 | +Date: Tue, 25 Jun 2019 17:36:41 +0200 |
103 | +Subject: [PATCH] snap: do not tinker with uid/gid, change fixed paths |
104 | + |
105 | +--- |
106 | + src/config.h | 6 +++--- |
107 | + src/dnsmasq.c | 30 +++++++++++++++--------------- |
108 | + 2 files changed, 18 insertions(+), 18 deletions(-) |
109 | + |
110 | +diff --git a/src/config.h b/src/config.h |
111 | +index ecefb87..25b92ba 100644 |
112 | +--- a/src/config.h |
113 | ++++ b/src/config.h |
114 | +@@ -190,7 +190,7 @@ RESOLVFILE |
115 | + # elif defined(__ANDROID__) |
116 | + # define LEASEFILE "/data/misc/dhcp/dnsmasq.leases" |
117 | + # else |
118 | +-# define LEASEFILE "/var/lib/misc/dnsmasq.leases" |
119 | ++# define LEASEFILE "/var/snap/network-manager/current/var/lib/misc/dnsmasq.leases" |
120 | + # endif |
121 | + #endif |
122 | + |
123 | +@@ -198,7 +198,7 @@ RESOLVFILE |
124 | + # if defined(__FreeBSD__) |
125 | + # define CONFFILE "/usr/local/etc/dnsmasq.conf" |
126 | + # else |
127 | +-# define CONFFILE "/etc/dnsmasq.conf" |
128 | ++# define CONFFILE "/var/snap/network-manager/current/etc/dnsmasq.conf" |
129 | + # endif |
130 | + #endif |
131 | + |
132 | +@@ -214,7 +214,7 @@ RESOLVFILE |
133 | + # if defined(__ANDROID__) |
134 | + # define RUNFILE "/data/dnsmasq.pid" |
135 | + # else |
136 | +-# define RUNFILE "/var/run/dnsmasq.pid" |
137 | ++# define RUNFILE "/var/snap/network-manager/current/var/run/dnsmasq.pid" |
138 | + # endif |
139 | + #endif |
140 | + |
141 | +diff --git a/src/dnsmasq.c b/src/dnsmasq.c |
142 | +index ce44809..17c451b 100644 |
143 | +--- a/src/dnsmasq.c |
144 | ++++ b/src/dnsmasq.c |
145 | +@@ -548,8 +548,8 @@ int main (int argc, char **argv) |
146 | + of the directory containing the file. That directory will |
147 | + need to by owned by the dnsmasq user, and the ownership of the |
148 | + file has to match, to keep systemd >273 happy. */ |
149 | +- if (getuid() == 0 && ent_pw && ent_pw->pw_uid != 0 && fchown(fd, ent_pw->pw_uid, ent_pw->pw_gid) == -1) |
150 | +- chown_warn = errno; |
151 | ++ /* if (getuid() == 0 && ent_pw && ent_pw->pw_uid != 0 && fchown(fd, ent_pw->pw_uid, ent_pw->pw_gid) == -1) */ |
152 | ++ /* chown_warn = errno; */ |
153 | + |
154 | + if (!read_write(fd, (unsigned char *)daemon->namebuff, strlen(daemon->namebuff), 0)) |
155 | + err = 1; |
156 | +@@ -595,16 +595,16 @@ int main (int argc, char **argv) |
157 | + if (!option_bool(OPT_DEBUG) && getuid() == 0) |
158 | + { |
159 | + int bad_capabilities = 0; |
160 | +- gid_t dummy; |
161 | ++ /* gid_t dummy; */ |
162 | + |
163 | + /* remove all supplementary groups */ |
164 | +- if (gp && |
165 | +- (setgroups(0, &dummy) == -1 || |
166 | +- setgid(gp->gr_gid) == -1)) |
167 | +- { |
168 | +- send_event(err_pipe[1], EVENT_GROUP_ERR, errno, daemon->groupname); |
169 | +- _exit(0); |
170 | +- } |
171 | ++ /* if (gp && */ |
172 | ++ /* (setgroups(0, &dummy) == -1 || */ |
173 | ++ /* setgid(gp->gr_gid) == -1)) */ |
174 | ++ /* { */ |
175 | ++ /* send_event(err_pipe[1], EVENT_GROUP_ERR, errno, daemon->groupname); */ |
176 | ++ /* _exit(0); */ |
177 | ++ /* } */ |
178 | + |
179 | + if (ent_pw && ent_pw->pw_uid != 0) |
180 | + { |
181 | +@@ -654,11 +654,11 @@ int main (int argc, char **argv) |
182 | + } |
183 | + |
184 | + /* finally drop root */ |
185 | +- if (setuid(ent_pw->pw_uid) == -1) |
186 | +- { |
187 | +- send_event(err_pipe[1], EVENT_USER_ERR, errno, daemon->username); |
188 | +- _exit(0); |
189 | +- } |
190 | ++ /* if (setuid(ent_pw->pw_uid) == -1) */ |
191 | ++ /* { */ |
192 | ++ /* send_event(err_pipe[1], EVENT_USER_ERR, errno, daemon->username); */ |
193 | ++ /* _exit(0); */ |
194 | ++ /* } */ |
195 | + |
196 | + #ifdef HAVE_LINUX_NETWORK |
197 | + if (is_dad_listeners() || option_bool(OPT_CLEVERBIND)) |
198 | +-- |
199 | +2.17.1 |
200 | + |
201 | diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml |
202 | index da71965..7480dc5 100644 |
203 | --- a/snap/snapcraft.yaml |
204 | +++ b/snap/snapcraft.yaml |
205 | @@ -50,11 +50,35 @@ apps: |
206 | command: bin/networkmanager |
207 | daemon: simple |
208 | slots: [service] |
209 | - plugs: [modem-manager, ppp, network-setup-observe, wpa, firewall-control, hardware-observe] |
210 | + plugs: [modem-manager, ppp, network-setup-observe, wpa, firewall-control, hardware-observe, kernel-module-control] |
211 | + |
212 | +layout: |
213 | + /usr/lib/x86_64-linux-gnu/xtables: |
214 | + bind: $SNAP/usr/lib/x86_64-linux-gnu/xtables |
215 | + |
216 | parts: |
217 | networkmanager-common: |
218 | plugin: dump |
219 | source: snap-common |
220 | + |
221 | + dnsmasq: |
222 | + plugin: make |
223 | + source: https://git.launchpad.net/ubuntu/+source/dnsmasq |
224 | + source-type: git |
225 | + source-branch: applied/ubuntu/bionic |
226 | + build-packages: |
227 | + - build-essential |
228 | + make-parameters: |
229 | + - PREFIX=/ |
230 | + override-build: | |
231 | + git apply ../../../snap-patch/dnsmasq.patch |
232 | + snapcraftctl build |
233 | + filesets: |
234 | + binaries: |
235 | + - sbin/dnsmasq |
236 | + prime: |
237 | + - $binaries |
238 | + |
239 | # |
240 | # TODO: investigate whether this HACK is still needed. The script |
241 | # dhcp-lease-mover relies on inotifywait to determine if any DHCP |
242 | @@ -288,6 +312,7 @@ parts: |
243 | - usr/lib/*/libteamdctl* |
244 | - usr/lib/*/libwind* |
245 | - usr/lib/*/libxtables* |
246 | + - usr/lib/*/xtables/* |
247 | unwanted: |
248 | # We don't use dhclient so we don't need this helper |
249 | - -usr/lib/NetworkManager/nm-dhcp-helper |
FAILED: Continuous integration, rev:18ee3b1c163 86cbff7a84f9369 bc15510c8f3e8a /jenkins. canonical. com/system- enablement/ job/snappy- hwe-snaps- snap-build- prepare/ 402/ /jenkins. canonical. com/system- enablement/ job/snappy- hwe-snaps- snap-build/ ARCHITECTURE= amd64/435/ console /jenkins. canonical. com/system- enablement/ job/snappy- hwe-snaps- snap-build/ ARCHITECTURE= arm64/435/ console /jenkins. canonical. com/system- enablement/ job/snappy- hwe-snaps- snap-build/ ARCHITECTURE= armhf/435/ console /jenkins. canonical. com/system- enablement/ job/snappy- hwe-snaps- snap-build/ ARCHITECTURE= i386/435/ console /jenkins. canonical. com/system- enablement/ job/snappy- hwe-snaps- snap-docs/ 1227 /jenkins. canonical. com/system- enablement/ job/snappy- hwe-snaps- snap-cleanup/ 969 /jenkins. canonical. com/system- enablement/ job/snappy- hwe-snaps- snap-update- mp/1015/ console
https:/
Executed test runs:
FAILURE: https:/
FAILURE: https:/
FAILURE: https:/
FAILURE: https:/
SUCCESS: https:/
SUCCESS: https:/
None: https:/
Click here to trigger a rebuild: /jenkins. canonical. com/system- enablement/ job/snappy- hwe-snaps- snap-build- prepare/ 402/rebuild
https:/