[PATCH 0/6] Fix network-manager vpn plugins

  • Done
  • quality assurance status badge
Details
3 participants
  • Jelle Licht
  • Ludovic Courtès
  • Pierre Langlois
Owner
unassigned
Submitted by
Jelle Licht
Severity
normal

Debbugs page

Jelle Licht wrote 6 years ago
(address . guix-patches@gnu.org)
875zodk5lw.fsf@jlicht.xyz
Hello Guix!

This series should fix the OpenVPN network-manager plugin, as well as
add the network-manager-vpnc plugin. Other vpn plugins should also be
trivial to add.

Please review and test. If someone has a better idea for passing the
NM_OPENVPN_USER et al environment variables to network-manager, I am all
ears.

- Jelle
Jelle Licht wrote 6 years ago
[PATCH 1/6] gnu: network-manager: Fix plugin loading problem.
(address . 36542@debbugs.gnu.org)(name . Tomáš Čech)(address . sleep_walker@gnu.org)
20190707192848.10049-1-jlicht@fsfe.org
From: Tomáš Čech <sleep_walker@gnu.org>

* gnu/packages/patches/nm-plugin-path.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/gnome.scm (network-manager)[source](patches): New field.
---
gnu/local.mk | 1 +
gnu/packages/gnome.scm | 1 +
gnu/packages/patches/nm-plugin-path.patch | 51 +++++++++++++++++++++++
3 files changed, 53 insertions(+)
create mode 100644 gnu/packages/patches/nm-plugin-path.patch

Toggle diff (83 lines)
diff --git a/gnu/local.mk b/gnu/local.mk
index 734676f45a..4fa04937ca 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1115,6 +1115,7 @@ dist_patch_DATA = \
%D%/packages/patches/netsurf-longer-test-timeout.patch \
%D%/packages/patches/nfs-utils-missing-headers.patch \
%D%/packages/patches/ngircd-handle-zombies.patch \
+ %D%/packages/patches/nm-plugin-path.patch \
%D%/packages/patches/nss-increase-test-timeout.patch \
%D%/packages/patches/nss-pkgconfig.patch \
%D%/packages/patches/ntfs-3g-CVE-2019-9755.patch \
diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm
index 4b1dbbdb49..a4e6375542 100644
--- a/gnu/packages/gnome.scm
+++ b/gnu/packages/gnome.scm
@@ -5298,6 +5298,7 @@ users.")
(uri (string-append "mirror://gnome/sources/NetworkManager/"
(version-major+minor version) "/"
"NetworkManager-" version ".tar.xz"))
+ (patches (search-patches "nm-plugin-path.patch"))
(sha256
(base32
"1jn3g0f2x1irc88awqp8m3gnpdx1whqqqbdgkbgr4x55s702jki4"))
diff --git a/gnu/packages/patches/nm-plugin-path.patch b/gnu/packages/patches/nm-plugin-path.patch
new file mode 100644
index 0000000000..505ae31534
--- /dev/null
+++ b/gnu/packages/patches/nm-plugin-path.patch
@@ -0,0 +1,51 @@
+From d3026a6d331298003ccc6cd9d2e20dcb7fa9ae1d Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Tom=C3=A1=C5=A1=20=C4=8Cech?= <sleep_walker@gnu.org>
+Date: Wed, 3 Jul 2019 13:31:54 +0200
+Subject: [PATCH] respect NM_VPN_PLUGIN_DIR
+
+---
+ src/vpn/nm-vpn-manager.c | 14 ++++++++++++++
+ 1 file changed, 14 insertions(+)
+
+diff --git a/src/vpn/nm-vpn-manager.c b/src/vpn/nm-vpn-manager.c
+index d063916..d779166 100644
+--- a/src/vpn/nm-vpn-manager.c
++++ b/src/vpn/nm-vpn-manager.c
+@@ -223,6 +223,7 @@ nm_vpn_manager_init (NMVpnManager *self)
+ GSList *infos, *info;
+ const char *conf_dir_etc = _nm_vpn_plugin_info_get_default_dir_etc ();
+ const char *conf_dir_lib = _nm_vpn_plugin_info_get_default_dir_lib ();
++ const char *conf_dir_user = _nm_vpn_plugin_info_get_default_dir_user ();
+
+ /* Watch the VPN directory for changes */
+ file = g_file_new_for_path (conf_dir_lib);
+@@ -241,6 +242,14 @@ nm_vpn_manager_init (NMVpnManager *self)
+ G_CALLBACK (vpn_dir_changed), self);
+ }
+
++ file = g_file_new_for_path (conf_dir_user);
++ priv->monitor_etc = g_file_monitor_directory (file, G_FILE_MONITOR_NONE, NULL, NULL);
++ g_object_unref (file);
++ if (priv->monitor_etc) {
++ priv->monitor_id_etc = g_signal_connect (priv->monitor_etc, "changed",
++ G_CALLBACK (vpn_dir_changed), self);
++ }
++
+ /* first read conf_dir_lib. The name files are not really user configuration, but
+ * plugin configuration. Hence we expect ~newer~ plugins to install their files
+ * in /usr/lib/NetworkManager. We want to prefer those files.
+@@ -255,6 +264,11 @@ nm_vpn_manager_init (NMVpnManager *self)
+ try_add_plugin (self, info->data);
+ g_slist_free_full (infos, g_object_unref);
+
++ infos = _nm_vpn_plugin_info_list_load_dir (conf_dir_user, TRUE, 0, NULL, NULL);
++ for (info = infos; info; info = info->next)
++ try_add_plugin (self, info->data);
++ g_slist_free_full (infos, g_object_unref);
++
+ priv->active_services = g_hash_table_new_full (nm_str_hash, g_str_equal, g_free, NULL);
+ }
+
+--
+2.22.0
+
--
2.22.0
Jelle Licht wrote 6 years ago
[PATCH 2/6] services: network-manager: Properly load vpn plugins
(address . 36542@debbugs.gnu.org)(name . Jelle Licht)(address . jlicht@fsfe.org)
20190707192848.10049-2-jlicht@fsfe.org
Extends the dbus service when vpn plugins are enabled.

* gnu/services/networking.scm (network-manager-service-type): Load vpn plugins
when extending dbus service.
---
gnu/services/networking.scm | 16 ++++++++++------
1 file changed, 10 insertions(+), 6 deletions(-)

Toggle diff (48 lines)
diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm
index 13cffd9feb..7423bac1aa 100644
--- a/gnu/services/networking.scm
+++ b/gnu/services/networking.scm
@@ -10,6 +10,7 @@
;;; Copyright © 2018 Chris Marusich <cmmarusich@gmail.com>
;;; Copyright © 2018 Arun Isaac <arunisaac@systemreboot.net>
;;; Copyright © 2019 Florian Pelz <pelzflorian@pelzflorian.de>
+;;; Copyright © 2019 Maxim Cournoyer <maxim.cournoyer@gmail.com>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -942,24 +943,27 @@ and @command{wicd-curses} user interfaces."
(define network-manager-service-type
(let
- ((config->package
+ ((config->packages
(match-lambda
- (($ <network-manager-configuration> network-manager)
- (list network-manager)))))
+ (($ <network-manager-configuration> network-manager _ vpn-plugins)
+ `(,network-manager ,@vpn-plugins)))))
(service-type
(name 'network-manager)
(extensions
(list (service-extension shepherd-root-service-type
network-manager-shepherd-service)
- (service-extension dbus-root-service-type config->package)
- (service-extension polkit-service-type config->package)
+ (service-extension dbus-root-service-type config->packages)
+ (service-extension polkit-service-type
+ (compose
+ list
+ network-manager-configuration-network-manager))
(service-extension activation-service-type
network-manager-activation)
(service-extension session-environment-service-type
network-manager-environment)
;; Add network-manager to the system profile.
- (service-extension profile-service-type config->package)))
+ (service-extension profile-service-type config->packages)))
(default-value (network-manager-configuration))
(description
"Run @uref{https://wiki.gnome.org/Projects/NetworkManager,
--
2.22.0
Jelle Licht wrote 6 years ago
[PATCH 3/6] services: network-manager: Clear default OpenVPN user.
(address . 36542@debbugs.gnu.org)(name . Jelle Licht)(address . jlicht@fsfe.org)
20190707192848.10049-3-jlicht@fsfe.org
* gnu/services/networking.scm (network-manager-shepherd-service): Clear
'NM_OPENVPN_USER' and 'NM_OPENVPN_GROUP' in #:environment-variables.
---
gnu/services/networking.scm | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)

Toggle diff (18 lines)
diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm
index 7423bac1aa..376b4ccc4e 100644
--- a/gnu/services/networking.scm
+++ b/gnu/services/networking.scm
@@ -938,7 +938,10 @@ and @command{wicd-curses} user interfaces."
"--no-daemon")
#:environment-variables
(list (string-append "NM_VPN_PLUGIN_DIR=" #$vpn
- "/lib/NetworkManager/VPN"))))
+ "/lib/NetworkManager/VPN")
+ ;; Override non-existent default users
+ "NM_OPENVPN_USER="
+ "NM_OPENVPN_GROUP=")))
(stop #~(make-kill-destructor))))))))
(define network-manager-service-type
--
2.22.0
Jelle Licht wrote 6 years ago
[PATCH 4/6] gnu: network-manager-openvpn: Pass '--localstatedir=/var'.
(address . 36542@debbugs.gnu.org)(name . Jelle Licht)(address . jlicht@fsfe.org)
20190707192848.10049-4-jlicht@fsfe.org
* gnu/packages/gnome.scm (network-manager-openvpn)[arguments]: Pass
'--localstatedir=/var' to #:configure-flags.
---
gnu/packages/gnome.scm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

Toggle diff (15 lines)
diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm
index a4e6375542..df273d4dad 100644
--- a/gnu/packages/gnome.scm
+++ b/gnu/packages/gnome.scm
@@ -5448,7 +5448,7 @@ services.")
"0gyrv46h9k17qym48qacq4zpxbap6hi17shn921824zm98m2bdvr"))))
(build-system gnu-build-system)
(arguments
- '(#:configure-flags '("--enable-absolute-paths")))
+ '(#:configure-flags '("--enable-absolute-paths" "--localstatedir=/var")))
(native-inputs
`(("pkg-config" ,pkg-config)
("intltool" ,intltool)))
--
2.22.0
Jelle Licht wrote 6 years ago
[PATCH 5/6] gnu: network-manager-openvpn: Patch hardcoded paths.
(address . 36542@debbugs.gnu.org)(name . Jelle Licht)(address . jlicht@fsfe.org)
20190707192848.10049-5-jlicht@fsfe.org
* gnu/packages/gnome.scm (network-manager-openvpn)[arguments]: Add custom
'patch-path' phase to replace references to openvpn and modprobe.
[inputs]: Add kmod.
---
gnu/packages/gnome.scm | 22 +++++++++++++++++++++-
1 file changed, 21 insertions(+), 1 deletion(-)

Toggle diff (47 lines)
diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm
index df273d4dad..b68aed804f 100644
--- a/gnu/packages/gnome.scm
+++ b/gnu/packages/gnome.scm
@@ -37,6 +37,7 @@
;;; Copyright © 2019 Marius Bakke <mbakke@fastmail.com>
;;; Copyright © 2019 Florian Pelz <pelzflorian@pelzflorian.de>
;;; Copyright © 2019 Giacomo Leidi <goodoldpaul@autistici.org>
+;;; Copyright © 2019 Jelle Licht <jlicht@fsfe.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -5448,12 +5449,31 @@ services.")
"0gyrv46h9k17qym48qacq4zpxbap6hi17shn921824zm98m2bdvr"))))
(build-system gnu-build-system)
(arguments
- '(#:configure-flags '("--enable-absolute-paths" "--localstatedir=/var")))
+ `(#:configure-flags '("--enable-absolute-paths" "--localstatedir=/var")
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'configure 'patch-path
+ (lambda* (#:key inputs outputs #:allow-other-keys #:rest args)
+ (let* ((ovpn (string-append (assoc-ref inputs "openvpn")
+ "/sbin/openvpn"))
+ (modprobe (string-append (assoc-ref inputs "kmod")
+ "/bin/modprobe"))
+ (pretty-ovpn (string-append "\"" ovpn "\"")))
+ (for-each
+ (lambda (file)
+ (substitute* file
+ (("\"/usr/local/sbin/openvpn\"") pretty-ovpn)
+ (("\"/usr/sbin/openvpn\"") pretty-ovpn)
+ (("\"/sbin/openvpn\"") pretty-ovpn)
+ (("/sbin/modprobe") modprobe)))
+ '("src/nm-openvpn-service.c" "properties/nm-openvpn-editor.c")))
+ #t)))))
(native-inputs
`(("pkg-config" ,pkg-config)
("intltool" ,intltool)))
(inputs
`(("gtk+" ,gtk+)
+ ("kmod" ,kmod)
("openvpn" ,openvpn)
("network-manager" ,network-manager)
("network-manager-applet" ,network-manager-applet) ;for libnma
--
2.22.0
Jelle Licht wrote 6 years ago
[PATCH 6/6] gnu: Add network-manager-vpnc.
(address . 36542@debbugs.gnu.org)(name . Jelle Licht)(address . jlicht@fsfe.org)
20190707192848.10049-6-jlicht@fsfe.org
* gnu/packages/gnome.scm (network-manager-vpnc): New variable.
---
gnu/packages/gnome.scm | 49 ++++++++++++++++++++++++++++++++++++++++++
1 file changed, 49 insertions(+)

Toggle diff (62 lines)
diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm
index b68aed804f..0a17848c2b 100644
--- a/gnu/packages/gnome.scm
+++ b/gnu/packages/gnome.scm
@@ -5486,6 +5486,55 @@ to virtual private networks (VPNs) via OpenVPN.")
(license license:gpl2+)
(properties `((upstream-name . "NetworkManager-openvpn")))))
+(define-public network-manager-vpnc
+ (package
+ (name "network-manager-vpnc")
+ (version "1.2.6")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append
+ "mirror://gnome/sources/NetworkManager-vpnc/"
+ (version-major+minor version)
+ "/NetworkManager-vpnc-" version ".tar.xz"))
+ (sha256
+ (base32
+ "1js5lwcsqws4klgypfxl4ikmakv7v7xgddij1fj6b0y0qicx0kyy"))))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:configure-flags '("--enable-absolute-paths" "--localstatedir=/var")
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'configure 'patch-path
+ (lambda* (#:key inputs outputs #:allow-other-keys #:rest args)
+ (let* ((vpnc (string-append (assoc-ref inputs "vpnc")
+ "/sbin/vpnc"))
+ (modprobe (string-append (assoc-ref inputs "kmod")
+ "/bin/modprobe"))
+ (pretty-ovpn (string-append "\"" vpnc "\"")))
+ (substitute* "src/nm-vpnc-service.c"
+ (("\"/usr/local/sbin/vpnc\"") pretty-ovpn)
+ (("\"/usr/sbin/vpnc\"") pretty-ovpn)
+ (("\"/sbin/vpnc\"") pretty-ovpn)
+ (("/sbin/modprobe") modprobe)))
+ #t)))))
+ (native-inputs
+ `(("pkg-config" ,pkg-config)
+ ("intltool" ,intltool)))
+ (inputs
+ `(("gtk+" ,gtk+)
+ ("kmod" ,kmod)
+ ("vpnc" ,vpnc)
+ ("network-manager" ,network-manager)
+ ("network-manager-applet" ,network-manager-applet) ;for libnma
+ ("libsecret" ,libsecret)))
+ (home-page "https://wiki.gnome.org/Projects/NetworkManager/VPN")
+ (synopsis "VPNC plug-in for NetworkManager")
+ (description
+ "Support for configuring virtual private networks based on VPNC.
+Compatible with Cisco VPN concentrators configured to use IPsec.")
+ (license license:gpl2+)
+ (properties `((upstream-name . "NetworkManager-vpnc")))))
+
(define-public mobile-broadband-provider-info
(package
(name "mobile-broadband-provider-info")
--
2.22.0
Pierre Langlois wrote 6 years ago
Re: [bug#36542] [PATCH 0/6] Fix network-manager vpn plugins
(address . guix-patches@gnu.org)(address . 36542@debbugs.gnu.org)
87a7dpo7de.fsf@gmx.com
Hi,

Jelle Licht writes:

Toggle quote (6 lines)
> Hello Guix!
>
> This series should fix the OpenVPN network-manager plugin, as well as
> add the network-manager-vpnc plugin. Other vpn plugins should also be
> trivial to add.

Nice! I have needed this just recently. I've just applied this series
locally and tested the OpenVPN plugin in gnome and it works like a
charm!

Thanks for working on this!

Pierre
Ludovic Courtès wrote 6 years ago
Re: [bug#36542] [PATCH 1/6] gnu: network-manager: Fix plugin loading problem.
(name . Jelle Licht)(address . jlicht@fsfe.org)
87r26ub6oi.fsf@gnu.org
Hello,

I haven’t tested it yet, but the whole series LGTM. Really happy this
is finally fixed!

Jelle Licht <jlicht@fsfe.org> skribis:

Toggle quote (6 lines)
> From: Tomáš Čech <sleep_walker@gnu.org>
>
> * gnu/packages/patches/nm-plugin-path.patch: New file.
> * gnu/local.mk (dist_patch_DATA): Add it.
> * gnu/packages/gnome.scm (network-manager)[source](patches): New field.

[...]

Toggle quote (10 lines)
> +++ b/gnu/packages/patches/nm-plugin-path.patch
> @@ -0,0 +1,51 @@
> +From d3026a6d331298003ccc6cd9d2e20dcb7fa9ae1d Mon Sep 17 00:00:00 2001
> +From: =?UTF-8?q?Tom=C3=A1=C5=A1=20=C4=8Cech?= <sleep_walker@gnu.org>
> +Date: Wed, 3 Jul 2019 13:31:54 +0200
> +Subject: [PATCH] respect NM_VPN_PLUGIN_DIR
> +
> +---
> + src/vpn/nm-vpn-manager.c | 14 ++++++++++++++

Is this patch meant to be submitted upstream? Perhaps it would be worth
mentioning it here.

Thank you!

Ludo’.
Jelle Licht wrote 6 years ago
(name . Ludovic Courtès)(address . ludo@gnu.org)
87k1chuhxx.fsf@jlicht.xyz
Pushed to master the 5 commits preceding
d376129f0b2a163671fb67578d497769b6051f95.

Ludovic Courtès <ludo@gnu.org> writes:

Toggle quote (28 lines)
> Hello,
>
> I haven’t tested it yet, but the whole series LGTM. Really happy this
> is finally fixed!
>
> Jelle Licht <jlicht@fsfe.org> skribis:
>
>> From: Tomáš Čech <sleep_walker@gnu.org>
>>
>> * gnu/packages/patches/nm-plugin-path.patch: New file.
>> * gnu/local.mk (dist_patch_DATA): Add it.
>> * gnu/packages/gnome.scm (network-manager)[source](patches): New field.
>
> [...]
>
>> +++ b/gnu/packages/patches/nm-plugin-path.patch
>> @@ -0,0 +1,51 @@
>> +From d3026a6d331298003ccc6cd9d2e20dcb7fa9ae1d Mon Sep 17 00:00:00 2001
>> +From: =?UTF-8?q?Tom=C3=A1=C5=A1=20=C4=8Cech?= <sleep_walker@gnu.org>
>> +Date: Wed, 3 Jul 2019 13:31:54 +0200
>> +Subject: [PATCH] respect NM_VPN_PLUGIN_DIR
>> +
>> +---
>> + src/vpn/nm-vpn-manager.c | 14 ++++++++++++++
>
> Is this patch meant to be submitted upstream? Perhaps it would be worth
> mentioning it here.

This makes sense! I am currently in contact with the people running the
show behind nm, but I do not expect this to be upstreamed quickly.
Toggle quote (4 lines)
>
> Thank you!
>
> Ludo’.
Closed
?
Your comment

This issue is archived.

To comment on this conversation send an email to 36542@debbugs.gnu.org

To respond to this issue using the mumi CLI, first switch to it
mumi current 36542
Then, you may apply the latest patchset in this issue (with sign off)
mumi am -- -s
Or, compose a reply to this issue
mumi compose
Or, send patches to this issue
mumi send-email *.patch
You may also tag this issue. See list of standard tags. For example, to set the confirmed and easy tags
mumi command -t +confirmed -t +easy
Or, remove the moreinfo tag and set the help tag
mumi command -t -moreinfo -t +help