Merge into snap-1.10 : remove-deps : lp:~alfonsosanchezbeato/network-manager : Git : Code : NetworkManager

Status:	Needs review
Proposed branch:	~alfonsosanchezbeato/network-manager:remove-deps
Merge into:	network-manager:snap-1.10
Diff against target:	196 lines (+56/-39) 4 files modified snap-common/bin/networkmanager (+4/-2) snap/snapcraft.yaml (+29/-35) tests/main/can-exec-iptables/task.yaml (+1/-2) unstage.txt (+22/-0)
Related bugs:	Link a bug report

Reviewer	Review Type	Date Requested	Status
System Enablement Bot	continuous-integration	2020-01-24	Approve on 2020-01-26
Review via email: mp+378045@code.launchpad.net

Commit message

Set rc-manager=symlink for UC18 and later
Otherwise, NM will call resolvconf even though it fails if UC version is
newer than 16. To properly set DNS we need to set both dns and
rc-manager options, but we were doing this only for the former. However,
this did not have adverse effects as, as said, the call to resolvconf
failed, while systemd-resolved was properly updated.

Do not call dhcp-lease-mover anymore
As it was not actually working anymore since we were not staging inotify
anymore since a while.

Specify explicitly copyrights to include
Previously there were copyright files included from non-staged
packages.

Add unstage.txt file
This file contains a list of debian package that we are not actually
staging, although snapcraft adds them to manifest.yaml. CI now
recognizes this file, and manually removes the listed packages from the
manifest when releasing a snap to the store.

Do not stage iptables/xtables
iptables and all needed libraries are now included in the core18 snap,
since revision 1049 (2019-06-27).

Do not stage libs already in core18
The libraries were not really included finally in the snap, but they
were triggering CVE warnings from the review tools that did not actually
apply.

Description of the change

Set rc-manager=symlink for UC18 and later
Otherwise, NM will call resolvconf even though it fails if UC version is
newer than 16. To properly set DNS we need to set both dns and
rc-manager options, but we were doing this only for the former. However,
this did not have adverse effects as, as said, the call to resolvconf
failed, while systemd-resolved was properly updated.

Do not call dhcp-lease-mover anymore
As it was not actually working anymore since we were not staging inotify
anymore since a while.

Specify explicitly copyrights to include
Previously there were copyright files included from non-staged
packages.

Add unstage.txt file
This file contains a list of debian package that we are not actually
staging, although snapcraft adds them to manifest.yaml. CI now
recognizes this file, and manually removes the listed packages from the
manifest when releasing a snap to the store.

Do not stage iptables/xtables
iptables and all needed libraries are now included in the core18 snap,
since revision 1049 (2019-06-27).

Do not stage libs already in core18
The libraries were not really included finally in the snap, but they
were triggering CVE warnings from the review tools that did not actually
apply.

Revision history for this message

System Enablement Bot (system-enablement-ci-bot) wrote on 2020-01-24:

#

Click here to trigger a rebuild:
https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build-prepare/470/rebuild

review: Needs Fixing (continuous-integration)

Reply

Revision history for this message

System Enablement Bot (system-enablement-ci-bot) wrote on 2020-01-24:

#

Click here to trigger a rebuild:
https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build-prepare/471/rebuild

review: Needs Fixing (continuous-integration)

Reply

Revision history for this message

System Enablement Bot (system-enablement-ci-bot) wrote on 2020-01-24:

#

Click here to trigger a rebuild:
https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build-prepare/472/rebuild

review: Needs Fixing (continuous-integration)

Reply

~alfonsosanchezbeato/network-manager:remove-deps updated on 2020-01-26

81895f7... by Alfonso Sanchez-Beato on 2020-01-26: tests: run iptables from core snap now

Revision history for this message

System Enablement Bot (system-enablement-ci-bot) wrote on 2020-01-26:

#

PASSED: Continuous integration, rev:81895f78bb6b2470e8967e03a862ab73e460f9b1
https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build-prepare/473/
Executed test runs:
    SUCCESS: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build/ARCHITECTURE=amd64/504
    SUCCESS: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build/ARCHITECTURE=arm64/504
    SUCCESS: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build/ARCHITECTURE=armhf/504
    SUCCESS: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build/ARCHITECTURE=i386/504
    SUCCESS: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-docs/1296
    SUCCESS: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-cleanup/1038
    None: https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-update-mp/1086/console

Click here to trigger a rebuild:
https://jenkins.canonical.com/system-enablement/job/snappy-hwe-snaps-snap-build-prepare/473/rebuild

review: Approve (continuous-integration)

Reply

Unmerged commits

81895f7... by Alfonso Sanchez-Beato on 2020-01-26

tests: run iptables from core snap now

ee83d3a... by Alfonso Sanchez-Beato on 2020-01-24

Set rc-manager=symlink for UC18 and later

Otherwise, NM will call resolvconf even though it fails if UC version is
newer than 16. To properly set DNS we need to set both dns and
rc-manager options, but we were doing this only for the former. However,
this did not have adverse effects as, as said, the call to resolvconf
failed, while systemd-resolved was properly updated.

e03fb45... by Alfonso Sanchez-Beato on 2020-01-24

Do not call dhcp-lease-mover anymore

As it was not actually working anymore since we were not staging inotify
anymore since a while.

63c3a2e... by Alfonso Sanchez-Beato on 2020-01-24

Specify explicitly copyrights to include

Previously there were copyright files included from non-staged
packages.

f2d42ac... by Alfonso Sanchez-Beato on 2020-01-24

Add unstage.txt file

This file contains a list of debian package that we are not actually
staging, although snapcraft adds them to manifest.yaml. CI now
recognizes this file, and manually removes the listed packages from the
manifest when releasing a snap to the store.

3222766... by Alfonso Sanchez-Beato on 2020-01-24

Do not stage iptables/xtables

iptables and all needed libraries are now included in the core18 snap,
since revision 1049 (2019-06-27).

9ccd63f... by Alfonso Sanchez-Beato on 2020-01-24

Do not stage libs already in core18

The libraries were not really included finally in the snap, but they
were triggering CVE warnings from the review tools that did not actually
apply.

 diff --git a/snap-common/bin/networkmanager b/snap-common/bin/networkmanager
 index bb8131b..7d5315f 100755
 --- a/snap-common/bin/networkmanager
 +++ b/snap-common/bin/networkmanager
@@ -55,7 +55,8 @@ dns_conf_file="$SNAP_DATA"/conf.d/10-dns.conf
  if [ "$(get_series_major_version)" = "16" ]; then
      printf "[main]\ndns=default\nrc-manager=resolvconf\n" > "$dns_conf_file"
  else
--    printf "[main]\ndns=systemd-resolved\n" > "$dns_conf_file"
++    printf "[main]\ndns=systemd-resolved\nrc-manager=symlink\n" > \
++           "$dns_conf_file"
  fi
  # HACK: Until we've fixed probert to look in $SNAP_DATA/state/dhcp or
@@ -63,7 +64,8 @@ fi
  # our lease files and copy all over when something has changed. This
  # background process gets stopped when our systemd service unit gets
  # stopped.
--"$SNAP"/bin/dhcp-lease-mover &
++# Do not call: dhcp-lease-mover fails as we do not stage inotify anymore
++#"$SNAP"/bin/dhcp-lease-mover &
  # Identify if we are in debug mode or not
  LOG_LEVEL=INFO
 diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml
 index c5cb97e..51a5c33 100644
 --- a/snap/snapcraft.yaml
 +++ b/snap/snapcraft.yaml
@@ -53,10 +53,6 @@ apps:
      plugs: [modem-manager, ppp, network-setup-observe, wpa, firewall-control,
              hardware-observe, network-setup-control]
--layout:
--  /usr/lib/x86_64-linux-gnu/xtables:
--    bind: $SNAP/usr/lib/x86_64-linux-gnu/xtables
--
  parts:
    networkmanager-common:
      plugin: dump
@@ -155,7 +151,7 @@ parts:
        - --with-dhcpcd=no
        - --with-dhclient=no
        - --with-dnsmasq=no
--      - --with-iptables=/snap/$SNAPCRAFT_PROJECT_NAME/current/sbin/iptables
++      - --with-iptables=/sbin/iptables
        - --with-systemd-journal=yes
        - --libexecdir=/snap/$SNAPCRAFT_PROJECT_NAME/current/usr/lib/NetworkManager
        - --with-pppd=/snap/$SNAPCRAFT_PROJECT_NAME/current/usr/sbin/pppd
@@ -206,24 +202,17 @@ parts:
        # Run all tests NetworkManager ships by default
        make check
      stage-packages:
--      - iptables
        - iputils-arping
        - libasn1-8-heimdal
        - libdbus-glib-1-2
        - libcurl3-gnutls
        - libgssapi3-heimdal
--      - libgssapi-krb5-2
        - libhcrypto4-heimdal
        - libheimbase1-heimdal
        - libheimntlm0-heimdal
        - libhx509-5-heimdal
--      - libidn2-0
        - libjansson4
--      - libkeyutils1
--      - libkrb5-3
        - libkrb5-26-heimdal
--      - libkrb5support0
--      - libk5crypto3
        - libldap-2.4-2
        - libmm-glib0
        - libnewt0.52
@@ -231,29 +220,10 @@ parts:
        - libroken18-heimdal
        - libndp0
        - libpsl5
--      - libreadline7
        - librtmp1
        - libsasl2-2
        - libteamdctl0
--      - libunistring2
--      - libblkid1
--      - libgcrypt20
--      - libgpg-error0
--      - liblzma5
--      - libmount1
--      - libnl-3-200
--      - libpcre3
--      - libselinux1
--      - libuuid1
--      - zlib1g
--      - libgmp10
--      - libgnutls30
--      - libhogweed4
--      - liblz4-1
--      - libnettle6
--      - libp11-kit0
        - libslang2
--      - libtasn1-6
        - libwind0-heimdal
        - ppp
        - resolvconf
@@ -269,7 +239,6 @@ parts:
      # here are the results of the network manager build.
      filesets:
        binaries:
--        - sbin/*tables*
          - sbin/resolvconf
          - usr/bin/arping
          - usr/bin/nmcli
@@ -286,7 +255,34 @@ parts:
          - etc/NetworkManager/*
          - etc/resolvconf/update.d/libc
        docs:
--        - usr/share/doc/*/copyright
++        - usr/share/doc/dnsmasq/copyright
++        - usr/share/doc/iputils-arping/copyright
++        - usr/share/doc/libasn1-8-heimdal/copyright
++        - usr/share/doc/libcurl3-gnutls/copyright
++        - usr/share/doc/libdbus-glib-1-2/copyright
++        - usr/share/doc/libgssapi3-heimdal/copyright
++        - usr/share/doc/libhcrypto4-heimdal/copyright
++        - usr/share/doc/libheimbase1-heimdal/copyright
++        - usr/share/doc/libheimntlm0-heimdal/copyright
++        - usr/share/doc/libhx509-5-heimdal/copyright
++        - usr/share/doc/libjansson4/copyright
++        - usr/share/doc/libkrb5-26-heimdal/copyright
++        - usr/share/doc/libldap-2.4-2/copyright
++        - usr/share/doc/libmm-glib0/copyright
++        - usr/share/doc/libndp0/copyright
++        - usr/share/doc/libnewt0.52/copyright
++        - usr/share/doc/libnghttp2-14/copyright
++        - usr/share/doc/libpcap0.8/copyright
++        - usr/share/doc/libpsl5/copyright
++        - usr/share/doc/libroken18-heimdal/copyright
++        - usr/share/doc/librtmp1/copyright
++        - usr/share/doc/libsasl2-2/copyright
++        - usr/share/doc/libslang2/copyright
++        - usr/share/doc/libteamdctl0/copyright
++        - usr/share/doc/libwind0-heimdal/copyright
++        - usr/share/doc/network-manager/copyright
++        - usr/share/doc/ppp/copyright
++        - usr/share/doc/resolvconf/copyright
        libs:
          - lib/resolvconf/list-records
          - lib/*/libnewt*
@@ -319,8 +315,6 @@ parts:
          - usr/lib/*/libsasl2*
          - usr/lib/*/libteamdctl*
          - usr/lib/*/libwind*
--        - usr/lib/*/libxtables*
--        - usr/lib/*/xtables/*
        unwanted:
          # We don't use dhclient so we don't need this helper
          - -usr/lib/NetworkManager/nm-dhcp-helper
 diff --git a/tests/main/can-exec-iptables/task.yaml b/tests/main/can-exec-iptables/task.yaml
 index eeffe75..c210bbe 100644
 --- a/tests/main/can-exec-iptables/task.yaml
 +++ b/tests/main/can-exec-iptables/task.yaml
@@ -6,6 +6,5 @@ execute: |
      # from the core snap or not.
      snap run --shell network-manager.networkmanager <<EOF
      set -ex
--    export LD_LIBRARY_PATH=/snap/network-manager/current/lib:/snap/network-manager/current/usr/lib:/snap/network-manager/current/lib/$(arch)-linux-gnu:/snap/network-manager/current/usr/lib/$(arch)-linux-gnu:/snap/network-manager/current/usr/lib/NetworkManager
--    /snap/network-manager/current/sbin/iptables -L
++    iptables -L
      EOF
 diff --git a/unstage.txt b/unstage.txt
 new file mode 100644
 index 0000000..e8997c1
 --- /dev/null
 +++ b/unstage.txt
@@ -0,0 +1,22 @@
++init-system-helpers
++libcom-err2
++libdbus-1-3
++libffi6
++libglib2.0-0
++libgmp10
++libgnutls30
++libgssapi-krb5-2
++libhogweed4
++libidn2-0
++libk5crypto3
++libkeyutils1
++libkrb5-3
++libkrb5support0
++libldap-common
++libnettle6
++libp11-kit0
++libsasl2-modules-db
++libsqlite3-0
++libssl1.1
++libtasn1-6
++libunistring2

NetworkManager

Merge ~alfonsosanchezbeato/network-manager:remove-deps into network-manager:snap-1.10

Commit message

Description of the change

Unmerged commits

Preview Diff

Subscribers