NetworkManager

Merge ~slyon/network-manager:netplan-integration into network-manager:ubuntu/master

Proposed by Lukas Märdian on 2022-06-01

Status:

Merged

Merged at revision:

bcd43413ecea3493bfbcf091b95508a4120ba7d3

Proposed branch:

~slyon/network-manager:netplan-integration

Merge into:

network-manager:ubuntu/master

Diff against target:

1558 lines (+1454/-1)

11 files modified

debian/changelog (+14/-0)
debian/control (+4/-0)
debian/network-manager.postinst (+33/-0)
debian/network-manager.preinst (+18/-0)
debian/patches/netplan/0001-netplan-Adopt-buildsystems-for-Netplan-integration.patch (+134/-0)
debian/patches/netplan/0002-netplan-make-use-of-libnetplan-for-YAML-backend.patch (+525/-0)
debian/patches/series (+2/-0)
debian/rules (+2/-1)
debian/tests/control (+4/-0)
debian/tests/nm.py (+1/-0)
debian/tests/nm_netplan.py (+717/-0)

Medium

Invalid

Link a bug report

Reviewer	Date Requested	Status
Sebastien Bacher	2023-05-04	Approve on 2023-05-15
Danilo Egea Gondolfo (community)	2023-05-02	Approve on 2023-05-15
Lukas Märdian		Abstain on 2023-05-15
Review via email: mp+423735@code.launchpad.net

Description of the change

Deploying the NetworkManager-Netplan integration (a.k.a "Netplan everywhere") on Ubuntu Desktop by default.

This depends on libnetplan >= v0.106 and we cannot depend on libnetplan on i386, so we're dropping the patch to the NetworkManager daemon binary on i386, using quilt (that binary isn't built on i386 anyway).

On installation of the package any existing configuration from /etc/NetworkManager/system-connections will be backed up in /root/NetworkManaker.bak

On updade of the package, any existing configuration from /etc/NetworkManager/system-connections will be migrated to /etc/netplan and translated into corresponding YAML files. Missing settings will be handled usinng the "passthrough" and "nm-devices" fallback mechanism.

Netplan patches are managed via git-buildpackage patch-queue (Using "Gbp-Pq: Topic netplan")

Revision history for this message

Olivier Gayot (ogayot) wrote on 2022-06-09:

Thanks! A few comments inline.

Revision history for this message

Danilo Egea Gondolfo (danilogondolfo) wrote on 2023-05-03:

Left one comment inline about the migration script.

review: Needs Fixing

Revision history for this message

Sebastien Bacher (seb128) wrote on 2023-05-08:

Confirming the issue raised by Danilo, the script failed to migrate several connections using a ca-cert and pointing to a filename stored in directory with a 'é' in its name

it also displayed some warnings (translated from french so the wording might not be the correct english one)

> Warning: there is another connection with the name '...'. Refer to the connection using its uuid '...'

review: Needs Fixing

Revision history for this message

Sebastien Bacher (seb128) wrote on 2023-05-08:

Unsure if that's specific to the change there or a new mantic issue but the autopkgtest against a ppa testbuild failed

https://autopkgtest.ubuntu.com/results/autopkgtest-mantic-ubuntu-desktop-transitions/mantic/amd64/n/network-manager/20230508_144934_e64d7@/log.gz

'Error: failed to reload connections: GDBus.Error:org.freedesktop.DBus.Error.UnknownMethod: Object does not exist at path “/org/freedesktop/NetworkManager/Settings”.
dpkg: error processing package network-manager (--configure):
installed network-manager package post-installation script subprocess returned error exit status 1'

Revision history for this message

Lukas Märdian (slyon) wrote on 2023-05-09:

Thanks!

I've fixed the utf-8 (non-ASCII keyfiles) issue reported by @seb128 and @danilogondolfo as suggested by Danilo (i.e. checking for the "text/plain" mime type instead).

Thanks Sebastien for the "Error: failed to reload connections: GDBus.Error:org.freedesktop.DBus.Error.UnknownMethod" error, that's a good catch! It didn't happen on my Lunar autopkgtests, but I could reproduce it on Mantic, too. Seems to be some kind of race condition when debhelper tries to re-start NetworkManager.service after upgrade and then the postinst script is calling into "nmcli", while NM is not yet fully up. I've added a small "nm-online -s" line in there to make it wait for NM, which now passes the autopkgtests on Mantic again:
```
autopkgtest [15:07:36]: @@@@@@@@@@@@@@@@@@@@ summary
wpa-dhclient PASS
nm.py PASS
killswitches-no-urfkill PASS
urfkill-integration PASS
nm_netplan.py PASS
qemu-system-x86_64: terminating on signal 15 from pid 1944756 (/usr/bin/python3)
```

For the "Warning: there is another connection with the name '...'. Refer to the connection using its uuid '...'" message, I don't really know where it comes from, as we're only modifying connections through nmcli, using their UUID identifiers... Could you try to provide a reproducer for that?

PTAL.

Revision history for this message

Sebastien Bacher (seb128) wrote on 2023-05-10:

Thanks for the tweaks, I restored the connections from the backup dir, tried to the new revision and now hit

+ echo Migrating Ziggo (03c8f2a7-268d-4765-b626-efcc02dd686c) to /etc/netplan
Migrating Ziggo (03c8f2a7-268d-4765-b626-efcc02dd686c) to /etc/netplan
+ nmcli con mod 03c8f2a7-268d-4765-b626-efcc02dd686c con-name Ziggo.NETPLAN_MIGRATE
Erreur : la modification de la connexion « Ziggo.NETPLAN_MIGRATE » a échoué : Remote peer disconnected
dpkg: erreur de traitement du paquet network-manager (--install) :
le sous-processus paquet network-manager script post-installation installé a renvoyé un état de sortie d'erreur 1

there is a NetworkManager crash report from that time in /var/crash, it hit the
nms-keyfile-writer.c assert on l538 which is part of this changeset, the journal includes

> <error> [1683703791.7570] BUG: the profile cannot be stored in keyfile format without becoming unusable: invalid connection: 802-1x.identity: la propriété est manquante
and
> <warn> [1683703795.8560] keyfile: load: "/run/NetworkManager/system-connections/netplan-NM-03c8f2a7-268d-4765-b626-efcc02dd686c-Ziggo.nmconnection": failed to load connection: invalid connection: 802-1x.identity: la propriété est manquante

I'm sending the corresponding file via email

So it seems we have a bug there that n-m is hitting an assertion, also it feels wrong than failing to migrate one connection is failing the package installation and letting the packaging system in a state where most users will not be able to recover from easily

review: Needs Fixing

Revision history for this message

Lukas Märdian (slyon) wrote on 2023-05-10:

Thank you very much for the valuable feedback! I've rebased the branch to properly include the current fixes and moved forward to a v4 Netplan-integration patch, which makes use of "#if WITH_NETPLAN" inside the NM codebase, to allow "--enable-netplan"/"--disable-netplan" buildflags (enabled by default), so we can easily disable it on i386 and don't need that quilt hack anymore.

Also, thanks for providing the test files by email. I agree we shouldn't fail the installation of the package when the migration of a single connection profile fails, it should just skip that connection and keep it as a keyfile. I'll be working on that!

I'll also investigate that crash, but I think we should not block on that one (once we are able to skip non-migrated connections). I'll try to collect all the information and create a corresponding bug report.

Revision history for this message

Lukas Märdian (slyon) wrote on 2023-05-10:

So Danilo found the root cause of the "802-1x.identity" issue (crash), which is a bug in libnetplan (Netplan's keyfile parser). This will be handled via in bug #2016625 (details to follow there)

Revision history for this message

Lukas Märdian (slyon) wrote on 2023-05-11:

I've just pushed another update to the branch, which handles migration failures gracefully:
Before migration it will create a temporary backup of the keyfile in and restore that keyfile backup, should the migration fail.

We're working on the crash (libnetplan bug) separately, as mentioned above. I've pushed the current state of this branch into the "Netplan Everywhere" PPA via https://code.launchpad.net/~canonical-foundations/+recipe/network-manager-netplan-lunar-gu

Let me know what you think!

Revision history for this message

Sebastien Bacher (seb128) wrote on 2023-05-12:

Thanks, I can confirm that the new changes make the package install without error and that it rollbacks the problematic connection. The autopkgtests issue is also resolve

The warning I mentioned earlier about the exiting name/refer by uid is printing by

> nmcli con mod daffb72f-c980-4ede-95cf-31fb7d24484d con-name Hotspot

There is another connection with the same name. The command is correctly issued with the uid so I think the warning is safe to ignore

I will upload the changes to mantic today unless you would prefer to see the netplan fix landing first?

review: Approve

Revision history for this message

Danilo Egea Gondolfo (danilogondolfo) on 2023-05-12:

Revision history for this message

Danilo Egea Gondolfo (danilogondolfo) wrote on 2023-05-12:

I left an inline comment about some code we probably want to remove from the #if #endif block.

Revision history for this message

Lukas Märdian (slyon) wrote on 2023-05-15:

Thank you for the additional reviews!

@seb128, please go ahead and upload the changes into Mantic, we'll be fixing (lib-)netplan in parallel.

@danilogondolfo, you're right it is NetworkManager code. But in fact we're not patching it out, but rather creating a copy of that block for the Netplan codepath. So we should be safe ignoring that whole block inside #if WITH_NETPLAN ... #endif if the Netplan buildflag is disabled. It is visible in the GitHub diff, see: https://github.com/slyon/NetworkManager/commit/aaa791cb61b24a9416db18f2290f711bc9a8f26e#diff-e46473e1ac3ce2315efbd5fbad59951998e274ca21244f6b9e807f20e67db58aL344

review: Abstain

Revision history for this message

Danilo Egea Gondolfo (danilogondolfo) on 2023-05-15:

review: Approve

Revision history for this message

Sebastien Bacher (seb128) wrote on 2023-05-15:

Thanks, merged and uploaded to Ubuntu now!

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Aron Xu

Lukas Märdian

Tony Espy

 diff --git a/debian/changelog b/debian/changelog
 index f362bb1..e2e79df 100644
 --- a/debian/changelog
 +++ b/debian/changelog
@@ -1,3 +1,17 @@
++network-manager (1.42.4-1ubuntu3) mantic; urgency=medium
++
++  [ Lukas Märdian ]
++  * d/{control,rules,patches}: Prepare libnetplan build (non i386)
++  * debian/patches/netplan: Add libnetplan backend integration patch
++  * d/network-manager.preinst: backup previous configuration automatically
++  * d/network-manager.postinst: Trigger Netplan migration on install/upgrade
++
++  [ Danilo Egea Gondolfo ]
++  * d/t/nm.py: Fix autopkgtests when Netplan is in use
++  * d/t/nm_netplan.py: Add autopkgtests for the netplan integration
++
++ -- Lukas Märdian <slyon@ubuntu.com>  Wed, 10 May 2023 11:56:58 +0200
++
  network-manager (1.42.4-1ubuntu2) lunar; urgency=medium
    * d/t/nm.py: Fix autopkgtests with NM-1.42's 'lo' connection (LP: #2009543)
 diff --git a/debian/control b/debian/control
 index 603370d..dd8bf9d 100644
 --- a/debian/control
 +++ b/debian/control
@@ -38,6 +38,9 @@ Build-Depends: debhelper-compat (= 13),
                 python3-dbus <!nocheck>,
                 python3-pexpect <!nocheck>,
                 iproute2 <!nocheck>,
++               libyaml-dev [!i386],
++               libnetplan-dev (>= 0.106~) [!i386],
++               netplan.io (>= 0.106~) [!i386] <!nocheck>,
  Standards-Version: 4.6.2
  Rules-Requires-Root: no
  XS-Debian-Vcs-Git: https://salsa.debian.org/utopia-team/network-manager.git
@@ -51,6 +54,7 @@ Architecture: linux-any
  Pre-Depends: ${misc:Pre-Depends}
  Depends: ${shlibs:Depends},
           ${misc:Depends},
++         netplan.io (>= 0.106~) [!i386],
           libnm0 (= ${binary:Version}),
           isc-dhcp-client,
           default-dbus-system-bus | dbus-system-bus,
 diff --git a/debian/network-manager.postinst b/debian/network-manager.postinst
 index e2cb049..0db377b 100644
 --- a/debian/network-manager.postinst
 +++ b/debian/network-manager.postinst
@@ -81,3 +81,36 @@ esac
  #DEBHELPER#
++# Run "Netplan Everywhere" migration after debhelper (re-)started
++# NetworkManager.service for us. On every package upgrade.
++DIR="/etc/NetworkManager/system-connections"
++if [ "$1" = "configure" ] && [ -d "$DIR" ]; then
++    mkdir -p /run/netplan/nm-migrate
++    for CON in /etc/NetworkManager/system-connections/*; do
++        TYPE=$(file -bi "$CON" | cut -s -d ";" -f 1)
++        [ "$TYPE" = "text/plain" ] || continue # skip non-keyfiles
++        UUID=$(grep "^uuid=" "$CON" | cut -c 6-)
++        if [ -n "$UUID" ]
++        then
++            # Wait for NetworkManager startup to complete,
++            # so we can safely use nmcli. Wait in every interation to handle
++            # a crashed NetworkManager in the previous migraiton step.
++            nm-online -qs || (echo "SKIP: NetworkManager is not ready ..." 1>&2 && continue)
++            BACKUP="/run/netplan/nm-migrate/"$(basename "$CON")
++            cp "$CON" "$BACKUP"
++            ORIG_NAME=$(nmcli --get-values connection.id con show "$UUID")
++            echo "Migrating $ORIG_NAME ($UUID) to /etc/netplan" 1>&2
++            # Touch the connection's ID (con-name) to trigger its migration.
++            # The Netplan integration will translate the original NM keyfile from
++            # /etc/NetworkManager/system-connections/* to a YAML file located in
++            # /etc/netplan/90-NM-*.yaml and re-generate a corresponding keyfile in
++            # /run/NetworkManager/system-connections/netplan-NM-*.nmconnection
++            nmcli con mod "$UUID" con-name "$ORIG_NAME" || \
++                (echo "FAILED. Restoring backup ..." 1>&2 && mv "$BACKUP" "$CON" && \
++                 rm -f "/etc/netplan/90-NM-$UUID"*.yaml)
++            rm -f "$BACKUP" # clear backup (if it still exists)
++       fi
++    done
++    rm -rf /run/netplan/nm-migrate # cleanup after ourselves
++    (nm-online -qs && nmcli con reload) || echo "WARNING: NetworkManager could not reload connections ..." 1>&2
++fi
 diff --git a/debian/network-manager.preinst b/debian/network-manager.preinst
 new file mode 100644
 index 0000000..886ab77
 --- /dev/null
 +++ b/debian/network-manager.preinst
@@ -0,0 +1,18 @@
++#!/bin/sh
++
++set -e
++
++#DEBHELPER#
++
++DIR="/etc/NetworkManager/system-connections"
++CNT=$(ls -1 "$DIR" | wc -l)
++if ([ "$1" = "upgrade" ] || [ "$1" = "install" ]) && [ -d "$DIR" ] && [ "$CNT" -ge 1 ]; then
++    # create backup directory if it does not yet exist
++    mkdir -p /root/NetworkManager.bak || true
++    BAK="/root/NetworkManager.bak/system-connections_$2"
++    if [ -d "$BAK" ]; then
++	rm -r "$BAK"
++    fi
++    # copy current system-connections to the backup directory
++    cp -r "$DIR" "$BAK"
++fi
 diff --git a/debian/patches/netplan/0001-netplan-Adopt-buildsystems-for-Netplan-integration.patch b/debian/patches/netplan/0001-netplan-Adopt-buildsystems-for-Netplan-integration.patch
 new file mode 100644
 index 0000000..f3ae212
 --- /dev/null
 +++ b/debian/patches/netplan/0001-netplan-Adopt-buildsystems-for-Netplan-integration.patch
@@ -0,0 +1,134 @@
++From 9dd31963bd89ccba5e96f26506996e792177bdab Mon Sep 17 00:00:00 2001
++From: Lukas Märdian <slyon@ubuntu.com>
++Date: Tue, 9 May 2023 17:09:48 +0200
++Subject: [PATCH 1/2] netplan: Adopt buildsystems for Netplan integration
++
++Autotools and Meson will define a "WITH_NETPLAN" variable with the
++values 1 or 0 accordingly, using the config.h header.
++---
++ Makefile.am          |  4 +++-
++ configure.ac         | 17 +++++++++++++++++
++ meson.build          | 10 ++++++++++
++ meson_options.txt    |  1 +
++ src/core/meson.build |  1 +
++ 5 files changed, 32 insertions(+), 1 deletion(-)
++
++diff --git a/Makefile.am b/Makefile.am
++index a452cacac4..677c078655 100644
++--- a/Makefile.am
+++++ b/Makefile.am
++@@ -2588,7 +2588,8 @@ $(src_core_libNetworkManagerBase_la_OBJECTS): $(src_libnm_core_public_mkenums_h)
++
++ ###############################################################################
++
++-src_core_libNetworkManager_la_CPPFLAGS = $(src_core_cppflags)
+++src_core_libNetworkManager_la_CPPFLAGS = $(src_core_cppflags) \
+++	$(NETPLAN_CFLAGS)
++
++ src_core_libNetworkManager_la_SOURCES = \
++ 	\
++@@ -2803,6 +2804,7 @@ src_core_libNetworkManager_la_LIBADD = \
++ 	$(LIBAUDIT_LIBS) \
++ 	$(LIBPSL_LIBS) \
++ 	$(LIBCURL_LIBS) \
+++	$(NETPLAN_LIBS) \
++ 	$(NULL)
++
++ $(src_core_libNetworkManager_la_OBJECTS): $(src_libnm_core_public_mkenums_h)
++diff --git a/configure.ac b/configure.ac
++index b0cf78dc03..6b4c1467b6 100644
++--- a/configure.ac
+++++ b/configure.ac
++@@ -880,6 +880,22 @@ else
++     AC_DEFINE(WITH_OPENVSWITCH, 0, [Whether we build with OVS plugin])
++ fi
++
+++# Netplan integration
+++AC_ARG_ENABLE(netplan, AS_HELP_STRING([--enable-netplan], [Enable Netplan integration]))
+++if test "${enable_netplan}" != "no"; then
+++	PKG_CHECK_MODULES(NETPLAN, [netplan >= 0.106], [enable_netplan=yes], [enable_netplan=no])
+++	if test "$enable_netplan" != "yes"; then
+++		AC_MSG_ERROR(Netplan is required)
+++	fi
+++	enable_netplan='yes'
+++fi
+++AM_CONDITIONAL(WITH_NETPLAN, test "${enable_netplan}" = "yes")
+++if test "${enable_netplan}" = "yes" ; then
+++    AC_DEFINE(WITH_NETPLAN, 1, [Whether we build with Netplan integration])
+++else
+++    AC_DEFINE(WITH_NETPLAN, 0, [Whether we build with Netplan integration])
+++fi
+++
++ # DHCP client support
++ AC_ARG_WITH([dhclient],
++             AS_HELP_STRING([--with-dhclient=yes|no|path], [Enable dhclient support]))
++@@ -1400,6 +1416,7 @@ echo "  ofono: $with_ofono"
++ echo "  concheck: $enable_concheck"
++ echo "  libteamdctl: $enable_teamdctl"
++ echo "  ovs: $enable_ovs"
+++echo "  netplan: $enable_netplan"
++ echo "  nmcli: $build_nmcli"
++ echo "  nmtui: $build_nmtui"
++ echo "  nm-cloud-setup: $with_nm_cloud_setup"
++diff --git a/meson.build b/meson.build
++index 6813e52ac1..e808729c22 100644
++--- a/meson.build
+++++ b/meson.build
++@@ -274,6 +274,8 @@ config_h.set10('HAVE_LIBSYSTEMD', libsystemd_dep.found())
++ systemd_dep = dependency('systemd', required: false)
++ have_systemd_200 = systemd_dep.found() and systemd_dep.version().version_compare('>= 200')
++
+++libnetplan_dep = dependency('netplan', version: '>= 0.106', required: false)
+++
++ gio_unix_dep = dependency('gio-unix-2.0', version: '>= 2.40')
++
++ glib_dep = declare_dependency(
++@@ -646,6 +648,13 @@ if enable_ovs
++ endif
++ config_h.set10('WITH_OPENVSWITCH', enable_ovs)
++
+++# Netplan integration
+++enable_netplan = get_option('netplan')
+++if enable_netplan
+++  assert(libnetplan_dep.found(), 'libnetplan is needed for Netplan integration.')
+++endif
+++config_h.set10('WITH_NETPLAN', enable_netplan)
+++
++ # DNS resolv.conf managers
++ config_dns_rc_manager_default = get_option('config_dns_rc_manager_default')
++ config_h.set_quoted('NM_CONFIG_DEFAULT_MAIN_RC_MANAGER', config_dns_rc_manager_default)
++@@ -1064,6 +1073,7 @@ output += '  ofono: ' + enable_ofono.to_string() + '\n'
++ output += '  concheck: ' + enable_concheck.to_string() + '\n'
++ output += '  libteamdctl: ' + enable_teamdctl.to_string() + '\n'
++ output += '  ovs: ' + enable_ovs.to_string() + '\n'
+++output += '  netplan: ' + enable_netplan.to_string() + '\n'
++ output += '  nmcli: ' + enable_nmcli.to_string() + '\n'
++ output += '  nmtui: ' + enable_nmtui.to_string() + '\n'
++ output += '  nm-cloud-setup: ' + enable_nm_cloud_setup.to_string() + '\n'
++diff --git a/meson_options.txt b/meson_options.txt
++index 4e359f9e92..9f52b4f6e4 100644
++--- a/meson_options.txt
+++++ b/meson_options.txt
++@@ -37,6 +37,7 @@ option('ofono', type: 'boolean', value: false, description: 'Enable oFono suppor
++ option('concheck', type: 'boolean', value: true, description: 'enable connectivity checking support')
++ option('teamdctl', type: 'boolean', value: false, description: 'enable Teamd control support')
++ option('ovs', type: 'boolean', value: true, description: 'enable Open vSwitch support')
+++option('netplan', type: 'boolean', value: true, description: 'Enable Netplan integration')
++ option('nmcli', type: 'boolean', value: true, description: 'Build nmcli')
++ option('nmtui', type: 'boolean', value: true, description: 'Build nmtui')
++ option('nm_cloud_setup', type: 'boolean', value: false, description: 'Build nm-cloud-setup, a tool for automatically configure networking in cloud (EXPERIMENTAL!)')
++diff --git a/src/core/meson.build b/src/core/meson.build
++index 6c1d463ed1..35ece13f06 100644
++--- a/src/core/meson.build
+++++ b/src/core/meson.build
++@@ -71,6 +71,7 @@ nm_deps = [
++   libndp_dep,
++   libudev_dep,
++   logind_dep,
+++  libnetplan_dep,
++ ]
++
++ if enable_concheck
++--
++2.39.2
++
 diff --git a/debian/patches/netplan/0002-netplan-make-use-of-libnetplan-for-YAML-backend.patch b/debian/patches/netplan/0002-netplan-make-use-of-libnetplan-for-YAML-backend.patch
 new file mode 100644
 index 0000000..1d959f2
 --- /dev/null
 +++ b/debian/patches/netplan/0002-netplan-make-use-of-libnetplan-for-YAML-backend.patch
@@ -0,0 +1,525 @@
++From aaa791cb61b24a9416db18f2290f711bc9a8f26e Mon Sep 17 00:00:00 2001
++From: Lukas Märdian <lukas.maerdian@canonical.com>
++Date: Tue, 2 Feb 2021 15:52:05 +0100
++Subject: [PATCH 2/2] netplan: make use of libnetplan for YAML backend
++
++Origin: https://github.com/slyon/NetworkManager/tree/netplan-nm-1.42
++Forwarded: no, https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/556
++Last-Update: 2023-05-11
++
++This patch modifies NetworkManager's nms-keyfile-plugin in a way to
++write YAML connections (according to the netplan spec) to
++/etc/netplan/*.yaml instead of NM's native keyfile connection profiles
++in /etc/NetworkManager/system-connections/*.nmconnection.
++
++Whenever a connection profile is to be written (add/modify) the keyfile,
++generated internally by NM, is passed into libnetplan's
++"netplan_parser_load_keyfile()" API, validated via
++"netplan_state_import_parser_results()" and converted to a netplan YAML
++config by calling libnetplan's "netplan_netdef_write_yaml()" API. The
++internal keyfile is thrown away afterwards.
++
++Whenever a connection profile is to be deleted the netplan-/netdef-id is
++extracted from the ephemeral keyfile in /run/NetworkManager/system-connections
++via "netplan_get_id_from_nm_filepath()" and the corresponding YAML is
++updated/deleted by calling "netplan_delete_connection()".
++
++Each time the YAML data was modified, NetworkManager calls
++"netplan generate" to produce new ephemeral keyfile connections in
++/run/NetworkManager/system-connections for NM to read-back. This way the
++netplan generator can be used as intended (no need for duplicated
++keyfile export functionality) and the nms-keyfile-writer can be re-used
++without any patching needed.
++
++V2:
+++ ported to NetworkManager 1.36.6 (Ubuntu Jammy LTS/Core 22.04)
+++ test-keyfile-settings.c: clear netplan YAML config from previous runs
+++ nms-keyfile-writer.c: avoid double-free of `path` on exit, caused by gs_free
++
++V3:
+++ ported to NM 1.40.6 (Ubuntu Lunar), using new libnetplan API (v0.106)
+++ ignore .nm-generated connections (LP: #1998207)
++
++V4:
+++ encapsulated all Netplan code in "#if WITH_NETPLAN" as provided by the
++  buildsystems via config.h (see previous commit)
+++ nms-keyfile-writer.c: increase buffer size to account for ".nmconnection"
++  suffix in netplan_netdef_get_output_filename()
++
++Co-authored-by: Alfonso Sanchez-Beato <alfonso.sanchez-beato@canonical.com>
++Co-authored-by: Danilo Egea Gondolfo <danilo.egea.gondolfo@canonical.com>
++---
++ .../plugins/keyfile/nms-keyfile-plugin.c      |  34 ++++
++ .../plugins/keyfile/nms-keyfile-utils.c       |  18 ++
++ .../plugins/keyfile/nms-keyfile-utils.h       |   4 +
++ .../plugins/keyfile/nms-keyfile-writer.c      | 173 ++++++++++++++++++
++ .../keyfile/tests/test-keyfile-settings.c     |  61 +++++-
++ 5 files changed, 286 insertions(+), 4 deletions(-)
++
++diff --git a/src/core/settings/plugins/keyfile/nms-keyfile-plugin.c b/src/core/settings/plugins/keyfile/nms-keyfile-plugin.c
++index 1d7de8d24b..4b986dc0c8 100644
++--- a/src/core/settings/plugins/keyfile/nms-keyfile-plugin.c
+++++ b/src/core/settings/plugins/keyfile/nms-keyfile-plugin.c
++@@ -12,6 +12,9 @@
++ #include <unistd.h>
++ #include <sys/types.h>
++ #include <sys/time.h>
+++#if WITH_NETPLAN
+++#include <netplan/util.h>
+++#endif
++
++ #include "libnm-std-aux/c-list-util.h"
++ #include "libnm-glib-aux/nm-c-list.h"
++@@ -309,6 +312,12 @@ _load_file(NMSKeyfilePlugin     *self,
++     gs_free char                 *full_filename    = NULL;
++     struct stat                   st;
++
+++    #if WITH_NETPLAN
+++    // Handle all netplan generated connections via STORAGE_TYPE_ETC, as they live in /etc/netplan
+++    if (g_str_has_prefix(filename, "netplan-"))
+++        storage_type = NMS_KEYFILE_STORAGE_TYPE_ETC;
+++    #endif
+++
++     if (_ignore_filename(storage_type, filename)) {
++         gs_free char *nmmeta                    = NULL;
++         gs_free char *loaded_path               = NULL;
++@@ -584,6 +593,9 @@ reload_connections(NMSettingsPlugin                      *plugin,
++         NM_SETT_UTIL_STORAGES_INIT(storages_new, nms_keyfile_storage_destroy);
++     int i;
++
+++    #if WITH_NETPLAN
+++    generate_netplan(NULL);
+++    #endif
++     _load_dir(self, NMS_KEYFILE_STORAGE_TYPE_RUN, priv->dirname_run, &storages_new);
++     if (priv->dirname_etc)
++         _load_dir(self, NMS_KEYFILE_STORAGE_TYPE_ETC, priv->dirname_etc, &storages_new);
++@@ -1008,6 +1020,15 @@ delete_connection(NMSettingsPlugin *plugin, NMSettingsStorage *storage_x, GError
++     previous_filename = nms_keyfile_storage_get_filename(storage);
++     uuid              = nms_keyfile_storage_get_uuid(storage);
++
+++    #if WITH_NETPLAN
+++    nm_auto_unref_keyfile GKeyFile *key_file = NULL;
+++    key_file = g_key_file_new ();
+++    if (!g_key_file_load_from_file (key_file, previous_filename, G_KEY_FILE_NONE, error))
+++        return FALSE;
+++    g_autofree gchar* ssid = NULL;
+++    ssid = g_key_file_get_string(key_file, "wifi", "ssid", NULL);
+++    #endif
+++
++     if (!NM_IN_SET(storage->storage_type,
++                    NMS_KEYFILE_STORAGE_TYPE_ETC,
++                    NMS_KEYFILE_STORAGE_TYPE_RUN)) {
++@@ -1033,6 +1054,19 @@ delete_connection(NMSettingsPlugin *plugin, NMSettingsStorage *storage_x, GError
++     } else
++         operation_message = "deleted from disk";
++
+++    #if WITH_NETPLAN
+++    g_autofree gchar *netplan_id = NULL;
+++    ssize_t           netplan_id_size = 0;
+++
+++    netplan_id = g_malloc0(strlen(previous_filename));
+++    netplan_id_size = netplan_get_id_from_nm_filepath(previous_filename, ssid, netplan_id, strlen(previous_filename) - 1);
+++    if (netplan_id_size > 0) {
+++        _LOGI ("deleting netplan connection: %s", netplan_id);
+++        netplan_delete_connection(netplan_id, NULL);
+++        generate_netplan(NULL);
+++    }
+++    #endif
+++
++     _LOGT("commit: deleted \"%s\", %s %s (%s%s%s%s)",
++           previous_filename,
++           storage->is_meta_data ? "meta-data" : "profile",
++diff --git a/src/core/settings/plugins/keyfile/nms-keyfile-utils.c b/src/core/settings/plugins/keyfile/nms-keyfile-utils.c
++index 7c0e329e2d..a91ee6997a 100644
++--- a/src/core/settings/plugins/keyfile/nms-keyfile-utils.c
+++++ b/src/core/settings/plugins/keyfile/nms-keyfile-utils.c
++@@ -399,3 +399,21 @@ nms_keyfile_utils_check_file_permissions(NMSKeyfileFiletype filetype,
++     NM_SET_OUT(out_st, st);
++     return TRUE;
++ }
+++
+++#if WITH_NETPLAN
+++gboolean
+++generate_netplan(const char* rootdir)
+++{
+++    /* TODO: call the io.netplan.Netplan.Generate() DBus method directly, after
+++     * finding a way to pass the --root-dir parameter via DBus, to make it work
+++     * inside NM's unit-tests where netplan needs to read & generate outside of
+++     * /etc/netplan and /run/{systemd,NetworkManager} */
+++    const gchar *argv[] = { "netplan", "generate", NULL , NULL, NULL };
+++    if (rootdir) {
+++        argv[2] = "--root-dir";
+++        argv[3] = rootdir;
+++    }
+++    return g_spawn_sync(NULL, (gchar**)argv, NULL, G_SPAWN_SEARCH_PATH,
+++                        NULL, NULL, NULL, NULL, NULL, NULL);
+++}
+++#endif
++diff --git a/src/core/settings/plugins/keyfile/nms-keyfile-utils.h b/src/core/settings/plugins/keyfile/nms-keyfile-utils.h
++index 0fd83bdf35..9ed25d9cfd 100644
++--- a/src/core/settings/plugins/keyfile/nms-keyfile-utils.h
+++++ b/src/core/settings/plugins/keyfile/nms-keyfile-utils.h
++@@ -68,4 +68,8 @@ gboolean nms_keyfile_utils_check_file_permissions(NMSKeyfileFiletype filetype,
++                                                   struct stat       *out_st,
++                                                   GError           **error);
++
+++#if WITH_NETPLAN
+++gboolean generate_netplan(const char* rootdir);
+++#endif
+++
++ #endif /* __NMS_KEYFILE_UTILS_H__ */
++diff --git a/src/core/settings/plugins/keyfile/nms-keyfile-writer.c b/src/core/settings/plugins/keyfile/nms-keyfile-writer.c
++index ad6f277ce3..e5015ab74b 100644
++--- a/src/core/settings/plugins/keyfile/nms-keyfile-writer.c
+++++ b/src/core/settings/plugins/keyfile/nms-keyfile-writer.c
++@@ -12,6 +12,14 @@
++ #include <sys/stat.h>
++ #include <unistd.h>
++
+++#if WITH_NETPLAN
+++#include <net/if.h>
+++#include <netplan/parse.h>
+++#include <netplan/parse-nm.h>
+++#include <netplan/util.h>
+++#include <netplan/netplan.h>
+++#endif
+++
++ #include "libnm-core-intern/nm-keyfile-internal.h"
++
++ #include "nms-keyfile-utils.h"
++@@ -201,6 +209,9 @@ _internal_write_connection(NMConnection                   *connection,
++                            char                          **out_path,
++                            NMConnection                  **out_reread,
++                            gboolean                       *out_reread_same,
+++                           #if WITH_NETPLAN
+++                           const char                     *rootdir,
+++                           #endif
++                            GError                        **error)
++ {
++     nm_auto_unref_keyfile GKeyFile *kf_file        = NULL;
++@@ -409,11 +420,161 @@ _internal_write_connection(NMConnection                   *connection,
++     if (existing_path && !existing_path_read_only && !nm_streq(path, existing_path))
++         unlink(existing_path);
++
+++    #if WITH_NETPLAN
+++    NetplanParser *npp      = NULL;
+++    NetplanState  *np_state = NULL;
+++
+++    /* NETPLAN: write only non-temporary files to /etc/netplan/... */
+++    if (!is_volatile && !is_nm_generated && !is_external &&
+++        strstr(keyfile_dir, "/etc/NetworkManager/system-connections")) {
+++        g_autofree gchar *ssid = g_key_file_get_string(kf_file, "wifi", "ssid", NULL);
+++        g_autofree gchar *escaped_ssid = ssid ?
+++                                         g_uri_escape_string(ssid, NULL, TRUE) : NULL;
+++        g_autofree gchar *netplan_id = NULL;
+++        ssize_t netplan_id_size = 0;
+++        NetplanNetDefinition *netdef = NULL;
+++        NetplanStateIterator state_iter;
+++        const gchar* kf_path = path;
+++
+++        if (existing_path && strstr(existing_path, "system-connections/netplan-")) {
+++            netplan_id = g_malloc0(strlen(existing_path));
+++            netplan_id_size = netplan_get_id_from_nm_filepath(existing_path, ssid, netplan_id, strlen(existing_path) - 1);
+++            if (netplan_id_size <= 0) {
+++                g_free(netplan_id);
+++                netplan_id = NULL;
+++            }
+++        }
+++
+++        if (netplan_id && existing_path) {
+++            GFile* from = g_file_new_for_path(path);
+++            GFile* to = g_file_new_for_path(existing_path);
+++            g_file_copy(from, to, G_FILE_COPY_OVERWRITE, NULL, NULL, NULL, NULL);
+++            kf_path = existing_path;
+++        }
+++
+++        // push keyfile into libnetplan for parsing (using existing_path, if available,
+++        // to be able to extract the original netdef_id and override existing settings)
+++        npp = netplan_parser_new();
+++
+++        if (!netplan_parser_load_keyfile(npp, kf_path, &local_err)) {
+++            g_set_error (error, NM_SETTINGS_ERROR, NM_SETTINGS_ERROR_FAILED,
+++                         "netplan: YAML translation failed: %s", local_err->message);
+++            goto netplan_parser_error;
+++        }
+++
+++        np_state = netplan_state_new();
+++        if (!netplan_state_import_parser_results(np_state, npp, &local_err)) {
+++            g_set_error (error, NM_SETTINGS_ERROR, NM_SETTINGS_ERROR_FAILED,
+++                         "netplan: YAML validation failed: %s", local_err->message);
+++            goto netplan_error;
+++        }
+++
+++        netplan_state_iterator_init(np_state, &state_iter);
+++        /* At this point we have a single netdef in the netplan state */
+++        netdef = netplan_state_iterator_next(&state_iter);
+++
+++        if (!netdef) {
+++            g_set_error (error, NM_SETTINGS_ERROR, NM_SETTINGS_ERROR_FAILED,
+++                         "netplan: Netplan state has no network definitions");
+++            goto netplan_error;
+++        }
+++
+++        if (!netplan_netdef_write_yaml(np_state, netdef, rootdir, &local_err)) {
+++            g_set_error (error, NM_SETTINGS_ERROR, NM_SETTINGS_ERROR_FAILED,
+++                         "netplan: Failed to generate YAML: %s", local_err->message);
+++            goto netplan_error;
+++        }
+++
+++        /* Delete same connection-profile provided by legacy netplan plugin.
+++         * TODO: drop legacy connection handling after 24.04 LTS */
+++        g_autofree gchar* legacy_path = NULL;
+++        legacy_path = g_strdup_printf("/etc/netplan/NM-%s.yaml", nm_connection_get_uuid (connection));
+++        if (g_file_test(legacy_path, G_FILE_TEST_EXISTS | G_FILE_TEST_IS_REGULAR)) {
+++            g_debug("Deleting legacy netplan connection: %s", legacy_path);
+++            unlink(legacy_path);
+++        }
+++
+++        /* Clear original keyfile in /etc/NetworkManager/system-connections/,
+++         * we've written the /etc/netplan/*.yaml file instead. */
+++        unlink(path);
+++        if (!generate_netplan(rootdir)) {
+++            g_set_error (error, NM_SETTINGS_ERROR, NM_SETTINGS_ERROR_FAILED,
+++                         "netplan generate failed");
+++            goto netplan_error;
+++        }
+++
+++        // Calculating the maximum space needed to store the new keyfile path
+++        ssize_t path_size = strlen(path) + strlen(nm_connection_get_uuid(connection)) + IF_NAMESIZE + 1;
+++        if (escaped_ssid)
+++            path_size += strlen(escaped_ssid);
+++        path_size += 50; // give some extra buffer, e.g. when going from  ConName to ConName.nmconnection
+++
+++        g_free(path);
+++        path = g_malloc0(path_size);
+++        path_size = netplan_netdef_get_output_filename(netdef, ssid, path, path_size);
+++
+++        if (path_size <= 0) {
+++            g_set_error (error, NM_SETTINGS_ERROR, NM_SETTINGS_ERROR_FAILED,
+++                         "netplan: couldn't determine the keyfile path");
+++            goto netplan_error;
+++        }
+++
+++        if (rootdir) {
+++            char* final_path = g_build_path(G_DIR_SEPARATOR_S, rootdir, path, NULL);
+++            g_free(path);
+++            path = final_path;
+++        }
+++
+++        netplan_state_clear(&np_state);
+++        netplan_parser_clear(&npp);
+++
+++        /* re-read again: this time the connection profile newly generated by netplan in /run/... */
+++        if (   out_reread
+++            || out_reread_same) {
+++            gs_free_error GError *reread_error = NULL;
+++
+++            //XXX: why does the _from_keyfile function behave differently?
+++            //reread = nms_keyfile_reader_from_keyfile (kf_file, path, NULL, profile_dir, FALSE, &reread_error);
+++            reread = nms_keyfile_reader_from_file (path, profile_dir, NULL, NULL, NULL, NULL, NULL, NULL, &reread_error);
+++
+++            if (   !reread
+++                || !nm_connection_normalize (reread, NULL, NULL, &reread_error)) {
+++                nm_log_err (LOGD_SETTINGS, "BUG: the profile cannot be stored in keyfile format without becoming unusable: %s", reread_error->message);
+++                g_set_error (error, NM_SETTINGS_ERROR, NM_SETTINGS_ERROR_FAILED,
+++                             "keyfile writer produces an invalid connection: %s",
+++                             reread_error->message);
+++                nm_assert_not_reached ();
+++                return FALSE;
+++            }
+++
+++            if (out_reread_same) {
+++                reread_same = !!nm_connection_compare (reread, connection, NM_SETTING_COMPARE_FLAG_EXACT);
+++
+++                nm_assert (reread_same == nm_connection_compare (connection, reread, NM_SETTING_COMPARE_FLAG_EXACT));
+++                nm_assert (reread_same == ({
+++                                                gs_unref_hashtable GHashTable *_settings = NULL;
+++
+++                                                (   nm_connection_diff (reread, connection, NM_SETTING_COMPARE_FLAG_EXACT, &_settings)
+++                                                 && !_settings);
+++                                           }));
+++            }
+++        }
+++    }
+++    #endif
+++
++     NM_SET_OUT(out_reread, g_steal_pointer(&reread));
++     NM_SET_OUT(out_reread_same, reread_same);
++     NM_SET_OUT(out_path, g_steal_pointer(&path));
++
++     return TRUE;
+++
+++#if WITH_NETPLAN
+++netplan_error:
+++    netplan_state_clear(&np_state);
+++netplan_parser_error:
+++    netplan_parser_clear(&npp);
+++    return FALSE;
+++#endif
++ }
++
++ gboolean
++@@ -454,6 +615,9 @@ nms_keyfile_writer_connection(NMConnection                   *connection,
++                                       out_path,
++                                       out_reread,
++                                       out_reread_same,
+++                                      #if WITH_NETPLAN
+++                                      NULL,
+++                                      #endif
++                                       error);
++ }
++
++@@ -467,6 +631,12 @@ nms_keyfile_writer_test_connection(NMConnection  *connection,
++                                    gboolean      *out_reread_same,
++                                    GError       **error)
++ {
+++    #if WITH_NETPLAN
+++    gchar *rootdir = g_strdup(keyfile_dir);
+++    if (g_str_has_suffix (keyfile_dir, "/run/NetworkManager/system-connections")) {
+++        rootdir[strlen(rootdir)-38] = '\0'; /* 38 = strlen("/run/NetworkManager/...") */
+++    }
+++    #endif
++     return _internal_write_connection(connection,
++                                       FALSE,
++                                       FALSE,
++@@ -486,5 +656,8 @@ nms_keyfile_writer_test_connection(NMConnection  *connection,
++                                       out_path,
++                                       out_reread,
++                                       out_reread_same,
+++                                      #if WITH_NETPLAN
+++                                      rootdir,
+++                                      #endif
++                                       error);
++ }
++diff --git a/src/core/settings/plugins/keyfile/tests/test-keyfile-settings.c b/src/core/settings/plugins/keyfile/tests/test-keyfile-settings.c
++index 83019babb1..eb59a91eab 100644
++--- a/src/core/settings/plugins/keyfile/tests/test-keyfile-settings.c
+++++ b/src/core/settings/plugins/keyfile/tests/test-keyfile-settings.c
++@@ -24,8 +24,15 @@
++
++ #include "nm-test-utils-core.h"
++
+++#if WITH_NETPLAN
+++#define TEST_KEYFILES_DIR_OLD   NM_BUILD_SRCDIR"/src/core/settings/plugins/keyfile/tests/keyfiles"
+++#define TEST_SCRATCH_DIR_OLD    NM_BUILD_BUILDDIR"/src/core/settings/plugins/keyfile/tests/keyfiles"
+++#define TEST_KEYFILES_DIR       TEST_KEYFILES_DIR_OLD"/run/NetworkManager/system-connections"
+++#define TEST_SCRATCH_DIR        TEST_SCRATCH_DIR_OLD"/run/NetworkManager/system-connections"
+++#else
++ #define TEST_KEYFILES_DIR NM_BUILD_SRCDIR "/src/core/settings/plugins/keyfile/tests/keyfiles"
++ #define TEST_SCRATCH_DIR  NM_BUILD_BUILDDIR "/src/core/settings/plugins/keyfile/tests/keyfiles"
+++#endif
++
++ /*****************************************************************************/
++
++@@ -113,6 +120,11 @@ assert_reread_and_unlink(NMConnection *connection,
++ static void
++ assert_reread_same(NMConnection *connection, NMConnection *reread)
++ {
+++    #if WITH_NETPLAN
+++    // Netplan does some normalization already, so compare normalized connections
+++    nm_connection_normalize (connection, NULL, NULL, NULL);
+++    nm_connection_normalize (reread, NULL, NULL, NULL);
+++    #endif
++     nmtst_assert_connection_verifies_without_normalization(reread);
++     nmtst_assert_connection_equals(connection, TRUE, reread, FALSE);
++ }
++@@ -789,6 +801,10 @@ test_write_wireless_connection(void)
++                  bssid,
++                  NM_SETTING_WIRELESS_SSID,
++                  ssid,
+++                 #if WITH_NETPLAN
+++                 //XXX: netplan uses explicit "infrastructure" mode
+++                 NM_SETTING_WIRELESS_MODE, NM_SETTING_WIRELESS_MODE_INFRA,
+++                 #endif
++                  NM_SETTING_WIRED_MTU,
++                  1000,
++                  NULL);
++@@ -870,7 +886,12 @@ test_write_string_ssid(void)
++     nm_connection_add_setting(connection, NM_SETTING(s_wireless));
++
++     ssid = g_bytes_new(tmpssid, sizeof(tmpssid));
++-    g_object_set(s_wireless, NM_SETTING_WIRELESS_SSID, ssid, NULL);
+++    g_object_set(s_wireless, NM_SETTING_WIRELESS_SSID, ssid,
+++                 #if WITH_NETPLAN
+++                 //XXX: netplan uses explicit "infrastructure" mode
+++                 NM_SETTING_WIRELESS_MODE, NM_SETTING_WIRELESS_MODE_INFRA,
+++                 #endif
+++                 NULL);
++     g_bytes_unref(ssid);
++
++     /* IP4 setting */
++@@ -953,7 +974,12 @@ test_write_intlist_ssid(void)
++     nm_connection_add_setting(connection, NM_SETTING(s_wifi));
++
++     ssid = g_bytes_new(tmpssid, sizeof(tmpssid));
++-    g_object_set(s_wifi, NM_SETTING_WIRELESS_SSID, ssid, NULL);
+++    g_object_set(s_wifi, NM_SETTING_WIRELESS_SSID, ssid,
+++                 #if WITH_NETPLAN
+++                 //XXX: netplan uses explicit "infrastructure" mode
+++                 NM_SETTING_WIRELESS_MODE, NM_SETTING_WIRELESS_MODE_INFRA,
+++                 #endif
+++                 NULL);
++     g_bytes_unref(ssid);
++
++     /* IP4 setting */
++@@ -1053,7 +1079,12 @@ test_write_intlike_ssid(void)
++     nm_connection_add_setting(connection, NM_SETTING(s_wifi));
++
++     ssid = g_bytes_new(tmpssid, sizeof(tmpssid));
++-    g_object_set(s_wifi, NM_SETTING_WIRELESS_SSID, ssid, NULL);
+++    g_object_set(s_wifi, NM_SETTING_WIRELESS_SSID, ssid,
+++                 #if WITH_NETPLAN
+++                 //XXX: netplan uses explicit "infrastructure" mode
+++                 NM_SETTING_WIRELESS_MODE, NM_SETTING_WIRELESS_MODE_INFRA,
+++                 #endif
+++                 NULL);
++     g_bytes_unref(ssid);
++
++     /* IP4 setting */
++@@ -1115,7 +1146,12 @@ test_write_intlike_ssid_2(void)
++     nm_connection_add_setting(connection, NM_SETTING(s_wifi));
++
++     ssid = g_bytes_new(tmpssid, sizeof(tmpssid));
++-    g_object_set(s_wifi, NM_SETTING_WIRELESS_SSID, ssid, NULL);
+++    g_object_set(s_wifi, NM_SETTING_WIRELESS_SSID, ssid,
+++                 #if WITH_NETPLAN
+++                 //XXX: netplan uses explicit "infrastructure" mode
+++                 NM_SETTING_WIRELESS_MODE, NM_SETTING_WIRELESS_MODE_INFRA,
+++                 #endif
+++                 NULL);
++     g_bytes_unref(ssid);
++
++     /* IP4 setting */
++@@ -2845,12 +2881,29 @@ main(int argc, char **argv)
++
++     nmtst_init_assert_logging(&argc, &argv, "INFO", "DEFAULT");
++
+++    #if WITH_NETPLAN
+++    if (g_mkdir_with_parents(TEST_SCRATCH_DIR_OLD, 0755) != 0) {
+++        errsv = errno;
+++        g_error("failure to create test directory \"%s\": %s",
+++                TEST_SCRATCH_DIR_OLD,
+++                nm_strerror_native(errsv));
+++    }
+++    // Prepare netplan test directories
+++    g_mkdir_with_parents (TEST_SCRATCH_DIR_OLD"/etc/netplan", 0755);
+++    g_mkdir_with_parents (TEST_SCRATCH_DIR_OLD"/run/NetworkManager", 0755);
+++    // link "keyfiles/" to "run/NetworkManager/system-connections"
+++    const gchar *args[] = { "/bin/ln", "-s", TEST_KEYFILES_DIR_OLD, TEST_KEYFILES_DIR, NULL };
+++    g_spawn_sync(NULL, (gchar**)args, NULL, G_SPAWN_DEFAULT, NULL, NULL, NULL, NULL, NULL, NULL);
+++    // clear netplan YAML config from previous runs
+++    g_spawn_command_line_sync("/bin/sh -c 'rm -f " TEST_KEYFILES_DIR_OLD "/etc/netplan/*.yaml'", NULL, NULL, NULL, NULL);
+++    #else
++     if (g_mkdir_with_parents(TEST_SCRATCH_DIR, 0755) != 0) {
++         errsv = errno;
++         g_error("failure to create test directory \"%s\": %s",
++                 TEST_SCRATCH_DIR,
++                 nm_strerror_native(errsv));
++     }
+++    #endif
++
++     /* The tests */
++     g_test_add_func("/keyfile/test_read_valid_wired_connection", test_read_valid_wired_connection);
++--
++2.39.2
++
 diff --git a/debian/patches/series b/debian/patches/series
 index c2344eb..2e570aa 100644
 --- a/debian/patches/series
 +++ b/debian/patches/series
@@ -3,3 +3,5 @@ Force-online-state-with-unmanaged-devices.patch
  # Ubuntu patches
  Provide-access-to-some-of-NM-s-interfaces-to-whoopsie.patch
  Update-dnsmasq-parameters.patch
++netplan/0001-netplan-Adopt-buildsystems-for-Netplan-integration.patch
++netplan/0002-netplan-make-use-of-libnetplan-for-YAML-backend.patch
 diff --git a/debian/rules b/debian/rules
 index edcb573..7d336f1 100755
 --- a/debian/rules
 +++ b/debian/rules
@@ -4,6 +4,7 @@ include /usr/share/dpkg/architecture.mk
  ifeq ($(shell dpkg-vendor --is Ubuntu && echo yes) $(DEB_HOST_ARCH), yes i386)
     BUILD_PACKAGES += -Nnetwork-manager
++   NETPLAN += --disable-netplan
  endif
  # Disable lto here regardless of whether we enable the configure flag
@@ -61,7 +62,7 @@ override_dh_auto_configure:
  		--enable-lto \
  		--disable-more-warnings \
  		--disable-modify-system \
--		--disable-ovs
++		--disable-ovs $(NETPLAN)
  override_dh_install:
  	find debian/tmp -name '*.la' -print -delete
 diff --git a/debian/tests/control b/debian/tests/control
 index 795b9ba..1985292 100644
 --- a/debian/tests/control
 +++ b/debian/tests/control
@@ -13,3 +13,7 @@ Restrictions: needs-root allow-stderr isolation-machine skippable
  Tests: urfkill-integration
  Depends: network-manager, build-essential, linux-headers-generic [!i386], rfkill, urfkill
  Restrictions: needs-root allow-stderr isolation-machine skippable
++
++Tests: nm_netplan.py
++Depends: python3, gir1.2-nm-1.0, network-manager, netplan.io, openvpn, easy-rsa, network-manager-openvpn
++Restrictions: needs-root allow-stderr isolation-container
 diff --git a/debian/tests/nm.py b/debian/tests/nm.py
 index 47345db..f7a03b7 100755
 --- a/debian/tests/nm.py
 +++ b/debian/tests/nm.py
@@ -70,6 +70,7 @@ class NetworkManagerTest(network_test_base.NetworkTestBase):
              "/etc/NetworkManager",
              "/var/lib/NetworkManager",
              "/run/NetworkManager",
++            "/etc/netplan",
          ]:
              subprocess.check_call(["mount", "-n", "-t", "tmpfs", "none", d])
              self.addCleanup(subprocess.call, ["umount", d])
 diff --git a/debian/tests/nm_netplan.py b/debian/tests/nm_netplan.py
 new file mode 100644
 index 0000000..cc86bcf
 --- /dev/null
 +++ b/debian/tests/nm_netplan.py
@@ -0,0 +1,717 @@
++#!/usr/bin/python3
++
++__author__ = "Danilo Egea Gondolfo <danilo.egea.gondolfo@canonical.com>"
++__copyright__ = "(C) 2023 Canonical Ltd."
++__license__ = "GPL v2 or later"
++
++from glob import glob
++import json
++import shutil
++import socket
++import subprocess
++import sys
++import os
++from time import sleep
++import unittest
++import yaml
++
++import gi
++gi.require_version("NM", "1.0")
++from gi.repository import NM, GLib, Gio
++
++nmclient = NM.Client.new()
++
++class TestNetplan(unittest.TestCase):
++
++    def setUp(self):
++        self._stop_network_manager()
++
++        self._start_nm()
++        sleep(1)
++        self.nmclient = NM.Client.new()
++
++    def tearDown(self):
++        pass
++
++    def _start_nm(self, auto_connect=True):
++        """This method is basically a copy of start_nm() from nm.py
++        without the parts we don't need
++        """
++
++        if not os.path.exists("/run/NetworkManager"):
++            os.mkdir("/run/NetworkManager")
++        for d in [
++            "/etc/NetworkManager",
++            "/var/lib/NetworkManager",
++            "/run/NetworkManager",
++            "/etc/netplan",
++        ]:
++            subprocess.check_call(["mount", "-n", "-t", "tmpfs", "none", d])
++            self.addCleanup(subprocess.call, ["umount", d])
++        os.mkdir("/etc/NetworkManager/system-connections")
++
++        denylist = ""
++        for iface in os.listdir("/sys/class/net"):
++            if iface in ['bonding_masters']:
++                continue
++            with open("/sys/class/net/%s/address" % iface) as f:
++                if denylist:
++                    denylist += ";"
++                denylist += "mac:%s" % f.read().strip()
++
++        conf = "/etc/NetworkManager/NetworkManager.conf"
++        extra_main = ""
++        if not auto_connect:
++            extra_main += "no-auto-default=*\n"
++
++        with open(conf, "w") as f:
++            f.write(
++                "[main]\nplugins=keyfile\n%s\n[keyfile]\nunmanaged-devices=%s\n"
++                % (extra_main, denylist)
++            )
++
++        log = "/tmp/NetworkManager.log"
++        f_log = os.open(log, os.O_CREAT | os.O_WRONLY | os.O_SYNC)
++
++        # build NM command line
++        argv = ["NetworkManager", "--log-level=debug", "--debug", "--config=" + conf]
++        # allow specifying extra arguments
++        argv += os.environ.get("NM_TEST_DAEMON_ARGS", "").strip().split()
++
++        p = subprocess.Popen(argv, stdout=f_log, stderr=subprocess.STDOUT)
++        # automatically terminate process at end of test case
++        self.addCleanup(p.wait)
++        self.addCleanup(p.terminate)
++        self.addCleanup(os.close, f_log)
++        self.addCleanup(self._clear_connections)
++
++        self._process_glib_events()
++
++    def _process_glib_events(self):
++        """Process pending GLib main loop events"""
++
++        context = GLib.MainContext.default()
++        while context.iteration(False):
++            pass
++
++    def _restart_network_manager(self):
++        cmd = ['systemctl', 'restart', 'NetworkManager']
++        subprocess.call(cmd, stdout=subprocess.DEVNULL)
++
++    def _stop_network_manager(self):
++        cmd = ['systemctl', 'stop', 'NetworkManager']
++        subprocess.call(cmd, stdout=subprocess.DEVNULL)
++
++    def _add_connection(self, connection):
++        main_loop = GLib.MainLoop()
++        def add_cb(client, result, data):
++            self.nmclient.add_connection_finish(result)
++            main_loop.quit()
++
++        self.nmclient.add_connection_async(connection, True, None, add_cb, None)
++        main_loop.run()
++
++    def _delete_connection(self, connection):
++        uuid = connection.get_uuid()
++        cmd = ['nmcli', 'con', 'del', uuid]
++        subprocess.call(cmd, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL)
++
++    def _delete_interface(self, connection):
++        iface = connection.get_interface_name()
++        if iface:
++            cmd = ['ip', 'link', 'del', iface]
++            subprocess.call(cmd, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL)
++
++    def _nmcli(self, parameters):
++        cmd = ['nmcli'] + parameters
++        subprocess.call(cmd, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL)
++
++    def _bridge_show(self, bridge):
++        cmd = ['bridge', '-j', 'link', 'show', bridge]
++        ret = subprocess.run(cmd, capture_output=True)
++        return json.loads(ret.stdout)
++
++    def _load_netplan_yaml_for_connection(self, connection):
++        filename = '/etc/netplan/90-NM-' + connection.get_uuid() + '.yaml'
++
++        file = open(filename)
++        data = yaml.safe_load(file)
++        file.close()
++        return data
++
++    def _get_number_of_yaml_files(self):
++        return len(self._get_list_of_yaml_files())
++
++    def _get_list_of_yaml_files(self):
++        return glob("/etc/netplan/90-NM-*")
++
++    def _commit_and_save_connection(self, connection):
++        main_loop = GLib.MainLoop()
++
++        def commit_cb(client, result, data):
++            connection.commit_changes_finish(result)
++            main_loop.quit()
++
++        connection.commit_changes_async(True, None, commit_cb, None)
++        main_loop.run()
++
++    def _clear_connections(self):
++        for conn in self.nmclient.get_connections():
++            self._delete_connection(conn)
++            self._delete_interface(conn)
++
++    def _netplan_generate(self):
++        cmd = ['netplan', 'generate']
++        ret = subprocess.run(cmd, capture_output=True)
++
++    def _nmcli_con_reload(self):
++        self._nmcli(['con', 'reload'])
++
++    # Tests
++
++    def test_create_a_simple_bridge_with_dhcp(self):
++
++        conn = NM.SimpleConnection.new()
++        settings = NM.SettingConnection.new()
++        settings.set_property(NM.SETTING_CONNECTION_ID, "bridge0")
++        settings.set_property(NM.SETTING_CONNECTION_INTERFACE_NAME, "bridge0")
++        settings.set_property(NM.SETTING_CONNECTION_TYPE, "bridge")
++
++        bridge = NM.SettingBridge.new()
++        ipv4 = NM.SettingIP4Config.new()
++        ipv4.set_property(NM.SETTING_IP_CONFIG_METHOD, "auto")
++        ipv6 = NM.SettingIP6Config.new()
++        ipv6.set_property(NM.SETTING_IP_CONFIG_METHOD, "auto")
++
++        conn.add_setting(settings)
++        conn.add_setting(ipv4)
++        conn.add_setting(ipv6)
++        conn.add_setting(bridge)
++
++        # There should be zero netplan NM yaml before adding a connection
++        self.assertEqual(self._get_number_of_yaml_files(), 0)
++
++        self._add_connection(conn)
++
++        # There should be one netplan NM yaml after adding a connection
++        self.assertEqual(self._get_number_of_yaml_files(), 1)
++
++        connection = self.nmclient.get_connection_by_id("bridge0")
++        yaml_data = self._load_netplan_yaml_for_connection(connection)
++
++        # Validating some of the expected flags
++        self.assertTrue(yaml_data['network']['bridges']['bridge0']['dhcp4'])
++        self.assertTrue(yaml_data['network']['bridges']['bridge0']['dhcp6'])
++
++        self._delete_connection(connection)
++
++        # There should be zero netplan NM yaml after deleting a connection
++        self.assertEqual(self._get_number_of_yaml_files(), 0)
++
++    def test_create_a_simple_bridge_with_ip_addresses(self):
++        conn = NM.SimpleConnection.new()
++        settings = NM.SettingConnection.new()
++        settings.set_property(NM.SETTING_CONNECTION_ID, "bridge0")
++        settings.set_property(NM.SETTING_CONNECTION_INTERFACE_NAME, "bridge0")
++        settings.set_property(NM.SETTING_CONNECTION_TYPE, "bridge")
++
++        bridge = NM.SettingBridge.new()
++
++        ipv4 = NM.SettingIP4Config.new()
++        ipv4.set_property(NM.SETTING_IP_CONFIG_METHOD, "manual")
++        ip4_addr1 = NM.IPAddress.new(socket.AF_INET, "10.20.30.40", 24)
++        ip4_addr2 = NM.IPAddress.new(socket.AF_INET, "10.20.30.41", 24)
++        ipv4.add_address(ip4_addr1)
++        ipv4.add_address(ip4_addr2)
++
++        ipv6 = NM.SettingIP6Config.new()
++        ipv6.set_property(NM.SETTING_IP_CONFIG_METHOD, "manual")
++        ip6_addr1 = NM.IPAddress.new(socket.AF_INET6, "dead:beef::1", 64)
++        ip6_addr2 = NM.IPAddress.new(socket.AF_INET6, "dead:beef::2", 64)
++        ipv6.add_address(ip6_addr1)
++        ipv6.add_address(ip6_addr2)
++
++        conn.add_setting(settings)
++        conn.add_setting(ipv4)
++        conn.add_setting(ipv6)
++        conn.add_setting(bridge)
++
++        # There should be zero netplan NM yaml before adding a connection
++        self.assertEqual(self._get_number_of_yaml_files(), 0)
++
++        self._add_connection(conn)
++
++        # There should be one netplan NM yaml after adding a connection
++        self.assertEqual(self._get_number_of_yaml_files(), 1)
++
++        connection = self.nmclient.get_connection_by_id("bridge0")
++        yaml_data = self._load_netplan_yaml_for_connection(connection)
++
++        # Validating some of the expected flags
++        self.assertNotIn('dhcp4', yaml_data['network']['bridges']['bridge0'])
++        self.assertNotIn('dhcp6', yaml_data['network']['bridges']['bridge0'])
++
++        addresses = yaml_data['network']['bridges']['bridge0']['addresses']
++        expected_addresses = ['10.20.30.40/24', '10.20.30.41/24', 'dead:beef::1/64', 'dead:beef::2/64']
++
++        self.assertListEqual(addresses, expected_addresses)
++
++        self._delete_connection(connection)
++
++        # There should be zero netplan NM yaml after deleting a connection
++        self.assertEqual(self._get_number_of_yaml_files(), 0)
++
++    def test_create_a_simple_bridge_with_ip_and_member(self):
++
++        conn = NM.SimpleConnection.new()
++        settings = NM.SettingConnection.new()
++        settings.set_property(NM.SETTING_CONNECTION_ID, "bridge0")
++        settings.set_property(NM.SETTING_CONNECTION_INTERFACE_NAME, "bridge0")
++        settings.set_property(NM.SETTING_CONNECTION_TYPE, "bridge")
++
++        bridge = NM.SettingBridge.new()
++
++        ipv4 = NM.SettingIP4Config.new()
++        ipv4.set_property(NM.SETTING_IP_CONFIG_METHOD, "manual")
++        ip4_addr1 = NM.IPAddress.new(socket.AF_INET, "10.20.30.40", 24)
++        ip4_addr2 = NM.IPAddress.new(socket.AF_INET, "10.20.30.41", 24)
++        ipv4.add_address(ip4_addr1)
++        ipv4.add_address(ip4_addr2)
++
++        ipv6 = NM.SettingIP6Config.new()
++        ipv6.set_property(NM.SETTING_IP_CONFIG_METHOD, "manual")
++        ip6_addr1 = NM.IPAddress.new(socket.AF_INET6, "dead:beef::1", 64)
++        ip6_addr2 = NM.IPAddress.new(socket.AF_INET6, "dead:beef::2", 64)
++        ipv6.add_address(ip6_addr1)
++        ipv6.add_address(ip6_addr2)
++
++        conn.add_setting(settings)
++        conn.add_setting(ipv4)
++        conn.add_setting(ipv6)
++        conn.add_setting(bridge)
++
++        # There should be zero netplan NM yaml before adding a connection
++        self.assertEqual(self._get_number_of_yaml_files(), 0)
++
++        # Adding the bridge
++        self._add_connection(conn)
++
++        # There should be one netplan NM yaml after adding a connection
++        self.assertEqual(self._get_number_of_yaml_files(), 1)
++
++        # Creating a tap0 device to be a bridge member
++        tap0 = NM.SimpleConnection.new()
++        tap0_conn_settings = NM.SettingConnection.new()
++        tap0_conn_settings.set_property(NM.SETTING_CONNECTION_ID, "tap0")
++        tap0_conn_settings.set_property(NM.SETTING_CONNECTION_INTERFACE_NAME, "tap0")
++        tap0_conn_settings.set_property(NM.SETTING_CONNECTION_TYPE, "tun")
++        tap0_conn_settings.set_property(NM.SETTING_CONNECTION_SLAVE_TYPE, "bridge")
++        tap0_conn_settings.set_property(NM.SETTING_CONNECTION_MASTER, "bridge0")
++
++        tap0_settings = NM.SettingTun.new()
++        tap0_settings.set_property(NM.SETTING_TUN_MODE, NM.SettingTunMode.TAP)
++
++        tap0.add_setting(tap0_conn_settings)
++        tap0.add_setting(tap0_settings)
++        self._add_connection(tap0)
++
++        # There should be two netplan NM yaml after adding the tap
++        self.assertEqual(self._get_number_of_yaml_files(), 2)
++
++        bridge0_connection = self.nmclient.get_connection_by_id("bridge0")
++        yaml_data = self._load_netplan_yaml_for_connection(bridge0_connection)
++
++        # Validating some of the bridge expected flags
++        addresses = yaml_data['network']['bridges']['bridge0']['addresses']
++        expected_addresses = ['10.20.30.40/24', '10.20.30.41/24', 'dead:beef::1/64', 'dead:beef::2/64']
++
++        self.assertListEqual(addresses, expected_addresses)
++
++        # Validating if tap0 is attached to the bridge
++        # It might take a while for the new interface be created...
++        limit = 10
++        while (show_bridge := self._bridge_show('bridge0')) == [] and limit > 0:
++            sleep(1)
++            limit = limit - 1
++        self.assertEqual(show_bridge[0]['master'], 'bridge0')
++        self.assertEqual(show_bridge[0]['ifname'], 'tap0')
++
++        tap0_connection = self.nmclient.get_connection_by_id("tap0")
++        tap_yaml = self._load_netplan_yaml_for_connection(tap0_connection)
++
++        tap0_uuid = tap0_connection.get_uuid()
++        # Validating that the bridge information is in the tap yaml
++        self.assertEqual(tap_yaml['network']['nm-devices']['NM-' + tap0_uuid]['networkmanager']['passthrough']['connection.master'], 'bridge0')
++
++        self._delete_connection(tap0_connection)
++        # There should be one netplan NM yaml after deleting the tap
++        self.assertEqual(self._get_number_of_yaml_files(), 1)
++
++        self._delete_connection(bridge0_connection)
++        # There should be zero netplan NM yaml after deleting the bridge
++        self.assertEqual(self._get_number_of_yaml_files(), 0)
++
++    @unittest.skip('XXX: the netplan yaml file will be deleted when we try to change the connetion')
++    def test_create_an_interface_and_change_it(self):
++        """Add a tap interface and change it after create adding IP addresses to it."""
++
++        # Creating a tap0 device to be a bridge member
++        tap0 = NM.SimpleConnection.new()
++        tap0_conn_settings = NM.SettingConnection.new()
++        tap0_conn_settings.set_property(NM.SETTING_CONNECTION_ID, "tap0")
++        tap0_conn_settings.set_property(NM.SETTING_CONNECTION_INTERFACE_NAME, "tap0")
++        tap0_conn_settings.set_property(NM.SETTING_CONNECTION_TYPE, "tun")
++
++        tap0_settings = NM.SettingTun.new()
++        tap0_settings.set_property(NM.SETTING_TUN_MODE, NM.SettingTunMode.TAP)
++
++        tap0.add_setting(tap0_conn_settings)
++        tap0.add_setting(tap0_settings)
++        self._add_connection(tap0)
++
++        # There should be one netplan NM yaml after adding a connection
++        self.assertEqual(self._get_number_of_yaml_files(), 1)
++
++        tap0_connection = self.nmclient.get_connection_by_id("tap0")
++
++        ipv4_settings = tap0_connection.get_setting_ip4_config()
++        ipv4_settings.set_property(NM.SETTING_IP_CONFIG_METHOD, "manual")
++        ip4_addr1 = NM.IPAddress.new(socket.AF_INET, "10.20.30.40", 24)
++        ip4_addr2 = NM.IPAddress.new(socket.AF_INET, "10.20.30.41", 24)
++        ipv4_settings.add_address(ip4_addr1)
++        ipv4_settings.add_address(ip4_addr2)
++
++        ipv6_settings = tap0_connection.get_setting_ip6_config()
++        ipv6_settings.set_property(NM.SETTING_IP_CONFIG_METHOD, "manual")
++        ip6_addr1 = NM.IPAddress.new(socket.AF_INET6, "dead:beef::1", 64)
++        ip6_addr2 = NM.IPAddress.new(socket.AF_INET6, "dead:beef::2", 64)
++        ipv6_settings.add_address(ip6_addr1)
++        ipv6_settings.add_address(ip6_addr2)
++
++        self._commit_and_save_connection(tap0_connection)
++
++        # There should be one netplan NM yaml files after chaging the only existing connection
++        self.assertEqual(self._get_number_of_yaml_files(), 1)
++
++        self._delete_connection(tap0_connection)
++
++        # There should be zero netplan NM yaml files after removing the only existing connection
++        self.assertEqual(self._get_number_of_yaml_files(), 0)
++
++    def test_nmcli_add_device_and_change_it(self):
++        """Uses the nmcli to add a connection and validates if the
++        Netplan YAML file has the expected configuration.
++        It also changes the configuration changing the ipv4 method from auto
++        to manual and adding an IP address. After the change the Netplan YAML
++        file should have the same name.
++        """
++
++        self.assertEqual(self._get_number_of_yaml_files(), 0)
++
++        nmcli_add = ['con', 'add', 'type', 'tun', 'mode', 'tap', 'ifname', 'tap0', 'ipv4.method', 'auto']
++        self._nmcli(nmcli_add)
++
++        self.assertEqual(self._get_number_of_yaml_files(), 1)
++
++        files_before = self._get_list_of_yaml_files()
++
++        # After OOB changes, the client must be refreshed apparently
++        self.nmclient = NM.Client.new()
++
++        conn = self.nmclient.get_connection_by_id("tun-tap0")
++        uuid = conn.get_uuid()
++        data = self._load_netplan_yaml_for_connection(conn)
++
++        ip4_method = data.get('network') \
++                         .get('nm-devices') \
++                         .get('NM-' + uuid) \
++                         .get('networkmanager') \
++                         .get('passthrough') \
++                         .get('ipv4.method')
++
++        self.assertEqual(ip4_method, 'auto')
++
++        nmcli_mod = ['con', 'mod', 'tun-tap0', 'ipv4.method', 'manual', 'ipv4.addresses', '10.20.30.40/24']
++        self._nmcli(nmcli_mod)
++
++        self.assertEqual(self._get_number_of_yaml_files(), 1)
++
++        files_after = self._get_list_of_yaml_files()
++
++        self.assertListEqual(files_before, files_after)
++
++        data = self._load_netplan_yaml_for_connection(conn)
++
++        ip4_method = data.get('network') \
++                         .get('nm-devices') \
++                         .get('NM-' + uuid) \
++                         .get('networkmanager') \
++                         .get('passthrough') \
++                         .get('ipv4.method')
++
++        ip4_addr = data.get('network') \
++                         .get('nm-devices') \
++                         .get('NM-' + uuid) \
++                         .get('networkmanager') \
++                         .get('passthrough') \
++                         .get('ipv4.address1')
++
++        self.assertEqual(ip4_method, 'manual')
++        self.assertEqual(ip4_addr, '10.20.30.40/24')
++
++        self._delete_connection(conn)
++        self.assertEqual(self._get_number_of_yaml_files(), 0)
++
++    def test_nmcli_add_wifi_connection(self):
++        """Create a wifi connection via nmcli and check if the expected
++        fields were added to the netplan yaml file."""
++
++        ssid = 'My network SSID'
++        passwd = 'secretpasswd'
++        method = 'wpa-psk'
++        ip = '10.20.30.40/24'
++        nmcli_add = ['con', 'add', 'type', 'wifi', 'ssid', ssid,
++                     'wifi-sec.key-mgmt', method, 'wifi-sec.psk', passwd,
++                     'ipv4.method', 'manual', 'ipv4.addresses', ip]
++
++        self.assertEqual(self._get_number_of_yaml_files(), 0)
++
++        self._nmcli(nmcli_add)
++
++        self.assertEqual(self._get_number_of_yaml_files(), 1)
++
++        # After OOB changes, the client must be refreshed apparently
++        self.nmclient = NM.Client.new()
++
++        conn = self.nmclient.get_connection_by_id("wifi")
++        uuid = conn.get_uuid()
++        data = self._load_netplan_yaml_for_connection(conn)
++
++        ap_name = list(data.get('network') \
++                .get('wifis') \
++                .get('NM-' + uuid) \
++                .get('access-points') \
++                .keys())[0]
++
++        ip_addr = data.get('network') \
++                .get('wifis') \
++                .get('NM-' + uuid) \
++                .get('addresses')
++
++        auth_method = data.get('network') \
++                .get('wifis') \
++                .get('NM-' + uuid) \
++                .get('access-points') \
++                .get(ap_name) \
++                .get('auth') \
++                .get('key-management')
++
++        auth_passwd = data.get('network') \
++                .get('wifis') \
++                .get('NM-' + uuid) \
++                .get('access-points') \
++                .get(ap_name) \
++                .get('auth') \
++                .get('password')
++
++        self.assertEqual(ap_name, ssid)
++        self.assertListEqual(ip_addr, [ip])
++        self.assertEqual(auth_method, 'psk')
++        self.assertEqual(auth_passwd, passwd)
++
++        self._delete_connection(conn)
++        self.assertEqual(self._get_number_of_yaml_files(), 0)
++
++    def test_create_connection_via_netplan(self):
++        """
++        Create a connection via netplan generate and check if NM will pick it up
++        """
++
++        netplan_yaml = '''network:
++  renderer: NetworkManager
++  ethernets:
++    eth123:
++      dhcp4: true'''
++
++        with open('/etc/netplan/10-test.yaml', 'w') as f:
++            f.write(netplan_yaml)
++
++        self._netplan_generate();
++        self._nmcli_con_reload()
++        self.nmclient = NM.Client.new()
++
++        expected = None
++        for conn in self.nmclient.get_connections():
++            if conn.get_id() == 'netplan-eth123':
++                expected = conn
++
++        self.assertIsNotNone(expected)
++
++    def test_create_connection_via_netplan_and_remove_via_nmcli(self):
++        """
++        Create a connection via netplan generate and remove it with nmcli.
++
++        The interface should be removed from the yaml file.
++        """
++
++        netplan_yaml = '''network:
++  renderer: NetworkManager
++  ethernets:
++    eth123:
++      dhcp4: true
++    eth456:
++      dhcp4: true'''
++
++        with open('/etc/netplan/10-test.yaml', 'w') as f:
++            f.write(netplan_yaml)
++
++        self._netplan_generate();
++        self._nmcli_con_reload()
++        self.nmclient = NM.Client.new()
++
++        expected1 = None
++        expected2 = None
++        for conn in self.nmclient.get_connections():
++            if conn.get_id() == 'netplan-eth123':
++                expected1 = conn
++            if conn.get_id() == 'netplan-eth456':
++                expected2 = conn
++
++        self.assertIsNotNone(expected1)
++        self.assertIsNotNone(expected1)
++
++        self._delete_connection(expected1)
++
++        with open('/etc/netplan/10-test.yaml', 'r') as f:
++            yaml_data = yaml.safe_load(f)
++
++            # eth123 shouldn't exist anymore
++            self.assertIsNone(yaml_data.get('network').get('ethernets').get('eth123'))
++
++            self.assertIsNotNone(yaml_data.get('network').get('ethernets').get('eth456'))
++
++    def test_create_connection_via_netplan_and_change_it_via_nmcli(self):
++        """
++        Create a connection via netplan generate and change it via nmcli.
++        """
++
++        netplan_yaml = '''network:
++  renderer: NetworkManager
++  ethernets:
++    eth123:
++      dhcp4: false
++      dhcp6: false
++    eth456:
++      dhcp4: true'''
++
++        with open('/etc/netplan/10-test.yaml', 'w') as f:
++            f.write(netplan_yaml)
++
++        self._netplan_generate();
++        self._nmcli_con_reload()
++        self._nmcli(['con', 'mod', 'netplan-eth123', 'ipv4.method', 'auto'])
++
++        # eth123.dhcp4 should be overriden by 90-NM-<UUID>.yaml (from 10-test.yaml)
++        # The output of 'netplan get' should account for that.
++        out = subprocess.check_output(['netplan', 'get'], universal_newlines=True)
++        yaml_data = yaml.safe_load(out)
++        dhcp = yaml_data.get('network').get('ethernets').get('eth123').get('dhcp4')
++        self.assertTrue(dhcp)
++
++    def test_openvpn_connection(self):
++        """ Test case for LP#1998207"""
++
++        server_config = """dev tun
++ca /tmp/openvpn/pki/ca.crt
++cert /tmp/openvpn/pki/issued/server.crt
++key /tmp/openvpn/pki/private/server.key
++dh /tmp/openvpn/pki/dh.pem
++server 10.8.0.0 255.255.255.0
++keepalive 10 120
++cipher AES-256-GCM
++compress lz4-v2
++push "compress lz4-v2"
++user root
++log /tmp/openvpn.log
++group root
++"""
++
++        client_config = """client
++dev tun
++remote 127.0.0.1 1194
++nobind
++ca /tmp/openvpn/pki/ca.crt
++cert /tmp/openvpn/pki/issued/client.crt
++key /tmp/openvpn/pki/private/client.key
++cipher AES-256-GCM
++"""
++
++        # The minimum DH size accepted by OpenVPN these days is 2048.
++        # It might take a while to be generated (like almost a minute)
++        # It would be faster to use shared keys instead of TLS but it
++        # seems it's not an option anymore in OpenVPN
++        openvpn_spinup_script = """/usr/share/easy-rsa/easyrsa init-pki
++EASYRSA_BATCH=1 /usr/share/easy-rsa/easyrsa build-ca nopass
++EASYRSA_BATCH=1 /usr/share/easy-rsa/easyrsa build-server-full server nopass
++EASYRSA_BATCH=1 /usr/share/easy-rsa/easyrsa build-client-full client nopass
++/usr/share/easy-rsa/easyrsa gen-dh
++"""
++
++        tmpdir = '/tmp/openvpn'
++        self.addCleanup(shutil.rmtree, tmpdir)
++        os.mkdir(tmpdir)
++        os.chdir(tmpdir)
++
++        with open('openvpn_spinup.sh', 'w') as f:
++            f.write(openvpn_spinup_script)
++
++        with open('server.conf', 'w') as f:
++            f.write(server_config)
++
++        with open('client.conf', 'w') as f:
++            f.write(client_config)
++
++        cmd = ['bash', 'openvpn_spinup.sh']
++        subprocess.call(cmd, stdout=subprocess.DEVNULL)
++
++        openvpn_server_cmd = ['openvpn', '--config', 'server.conf']
++        p_server = subprocess.Popen(openvpn_server_cmd, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL)
++        sleep(1) # Let's give OpenVPN a second to start
++
++        # Add a useless default route to the loopback interface so NM will allow starting the VPN connection.
++        # Apparently, if it doesn't own an *active connection* with a default route, it will not allow
++        # us to start the VPN client.
++        # As we set the main ethernet device as unmanaged, NM will not 'own' a default route when it starts.
++        # Unfortunately, by doing this, NM will take over the interface 'lo' and add a new yaml file to /etc/netplan
++        self._nmcli(['con', 'mod', 'lo', 'ipv4.gateway', '10.8.0.254'])
++
++        # Create an OpenVPN connection based on the configuration found in client.conf
++        self._nmcli(['con', 'import', 'type', 'openvpn', 'file', 'client.conf'])
++
++        # At this point we should have 2 yaml files
++        # One for the tun0 NM took over and one for the VPN connection
++        self.assertEqual(self._get_number_of_yaml_files(), 2,
++                         msg='More than expected YAML files were found after creating the connection')
++
++        self._nmcli(['con', 'up', 'client'])
++        sleep(2) # Let's give NM a couple of seconds to settle down
++        # We still should have 2 files after starting the client
++        self.assertEqual(self._get_number_of_yaml_files(), 2,
++                         msg='More than expected YAML files were found after starting the connection')
++
++        self._nmcli(['con', 'down', 'client'])
++        sleep(2) # Let's give NM a couple of seconds to settle down
++        # We still should have 2 files after stopping the client
++        self.assertEqual(self._get_number_of_yaml_files(), 2,
++                         msg='More than expected YAML files were found after stopping the connection')
++
++        p_server.terminate()
++        p_server.wait()
++        # We still should have 2 files after stopping the server
++        self.assertEqual(self._get_number_of_yaml_files(), 2,
++                         msg='More than expected YAML files were found after stopping the OpenVPN server')
++
++
++if __name__ == '__main__':
++    runner = unittest.TextTestRunner(stream=sys.stdout, verbosity=2)
++    unittest.main(testRunner=runner)

NetworkManager

Merge ~slyon/network-manager:netplan-integration into network-manager:ubuntu/master

Commit message

Description of the change

Preview Diff

Subscribers