This shows you the differences between two versions of the page.
Both sides previous revision Previous revision | Next revision Both sides next revision | ||
networkmanager [2021/05/23 00:52] Andrew Zaborowski Instructions for converting existing NM network profiles for IWD |
networkmanager [2021/05/23 01:00] Andrew Zaborowski Basic syntax highlighting for the code blocks, not ideal because the # shell prompts are treated as comments... |
||
---|---|---|---|
Line 19: | Line 19: | ||
Even though a distribution may ship an NM-1.12 or later package, the IWD backend may not have been enabled. This is done with with ''--with-iwd'' switch to ''./configure'' during the build process (or ''./autogen''). Pass other ''./configure'' options as required and follow with standard compilation and installation instructions. See the ''./configure --help'' output for the possible options, some will be required and some can not be used depending on what other packages are installed on your system and their settings -- this page will not cover other options. | Even though a distribution may ship an NM-1.12 or later package, the IWD backend may not have been enabled. This is done with with ''--with-iwd'' switch to ''./configure'' during the build process (or ''./autogen''). Pass other ''./configure'' options as required and follow with standard compilation and installation instructions. See the ''./configure --help'' output for the possible options, some will be required and some can not be used depending on what other packages are installed on your system and their settings -- this page will not cover other options. | ||
- | <code> | + | <code bash> |
$ wget https://github.com/NetworkManager/NetworkManager/archive/1.30.2.tar.gz | $ wget https://github.com/NetworkManager/NetworkManager/archive/1.30.2.tar.gz | ||
$ tar -xvzf 1.30.2.tar.gz | $ tar -xvzf 1.30.2.tar.gz | ||
Line 30: | Line 30: | ||
Note that on some distributions, including Ubuntu, an NM installation in ''/usr/local'' may be disallowed to launch the DHCP client subprocess by the Linux audit mechanism and a permission needs to be added through ''app_armor''. Before that is done, making connections, of any type, from Network Manager, will fail after about a 1 minute timeout (dmesg will show a line similar to this: ''[98438.542859] audit: type=1400 audit(1532953834.917:242): apparmor="DENIED" operation="open" profile="/sbin/dhclient" name="/usr/local/var/lib/NetworkManager/dhclient-wlp2s0.conf" pid=31241 comm="dhclient" requested_mask="r" denied_mask="r" fsuid=0 ouid=0''). You can either add necessary rules to ''/etc/apparmor.d/local/sbin.dhclient'' (see ''/etc/apparmor.d/sbin.dhclient'') or temporarily unload the dhclient-related rules with: | Note that on some distributions, including Ubuntu, an NM installation in ''/usr/local'' may be disallowed to launch the DHCP client subprocess by the Linux audit mechanism and a permission needs to be added through ''app_armor''. Before that is done, making connections, of any type, from Network Manager, will fail after about a 1 minute timeout (dmesg will show a line similar to this: ''[98438.542859] audit: type=1400 audit(1532953834.917:242): apparmor="DENIED" operation="open" profile="/sbin/dhclient" name="/usr/local/var/lib/NetworkManager/dhclient-wlp2s0.conf" pid=31241 comm="dhclient" requested_mask="r" denied_mask="r" fsuid=0 ouid=0''). You can either add necessary rules to ''/etc/apparmor.d/local/sbin.dhclient'' (see ''/etc/apparmor.d/sbin.dhclient'') or temporarily unload the dhclient-related rules with: | ||
- | <code># apparmor_parser -R /etc/apparmor.d/sbin.dhclient</code> | + | <code bash># apparmor_parser -R /etc/apparmor.d/sbin.dhclient</code> |
- | <code># /etc/init.d/apparmor stop</code> | + | <code bash># /etc/init.d/apparmor stop</code> |
==== NM configuration ==== | ==== NM configuration ==== | ||
To switch NM from the wpa_supplicant backend to the IWD backend the following lines need to be added in ''nm.conf''. This file is normally located at ''/etc/NetworkManager/conf.d/nm.conf'' but if you've built NM from source it may be in your ''/usr/local/etc/NetworkManager/conf.d/'' instead. | To switch NM from the wpa_supplicant backend to the IWD backend the following lines need to be added in ''nm.conf''. This file is normally located at ''/etc/NetworkManager/conf.d/nm.conf'' but if you've built NM from source it may be in your ''/usr/local/etc/NetworkManager/conf.d/'' instead. | ||
- | <code> | + | <code ini> |
[device] | [device] | ||
wifi.backend=iwd | wifi.backend=iwd | ||
Line 53: | Line 53: | ||
//(Since 1.30)// Selects between IWD-driven (when ''yes'', default) or NM-driven (when ''no'') autoconnect logic: | //(Since 1.30)// Selects between IWD-driven (when ''yes'', default) or NM-driven (when ''no'') autoconnect logic: | ||
- | <code> | + | <code ini> |
[device] | [device] | ||
wifi.iwd.autoconnect=yes | wifi.iwd.autoconnect=yes | ||
Line 63: | Line 63: | ||
//(Currently in master, to arrive in 1.32 or 1.34)// Tells NM to re-write IWD network configurations whenever an NM network profile is changed thus enabling editing settings such as EAP authentication from //nm-connection-editor// GUI. With IWD versions 1.15 and later this is on by default (set to ''no'' or an empty string to disable). With IWD versions 1.14 you must specify a valid path (''iwd-config-path=/var/lib/iwd'') to enable. //Warning:// when enabled NM profiles are the authoritative ones and IWD's ''/var/lib/iwd'' files can get overwritten any time: | //(Currently in master, to arrive in 1.32 or 1.34)// Tells NM to re-write IWD network configurations whenever an NM network profile is changed thus enabling editing settings such as EAP authentication from //nm-connection-editor// GUI. With IWD versions 1.15 and later this is on by default (set to ''no'' or an empty string to disable). With IWD versions 1.14 you must specify a valid path (''iwd-config-path=/var/lib/iwd'') to enable. //Warning:// when enabled NM profiles are the authoritative ones and IWD's ''/var/lib/iwd'' files can get overwritten any time: | ||
- | <code> | + | <code ini> |
[main] | [main] | ||
iwd-config-path=auto | iwd-config-path=auto | ||
Line 79: | Line 79: | ||
This can look something like this: | This can look something like this: | ||
- | <code> | + | <code bash> |
- | # cd /etc/NetworkManager/system-connections | + | cd /etc/NetworkManager/system-connections |
- | # mkdir ../system-connections-iwd | + | mkdir ../system-connections-iwd |
- | # for f in *; do grep -v '^\(mac-address\|interface-name\|permissions\)=' "$f" > ../system-connections-iwd/"$f"; done | + | for f in *; do grep -v '^\(mac-address\|interface-name\|permissions\)=' "$f" > ../system-connections-iwd/"$f"; done |
- | # chmod 0600 ../system-connections-iwd/* | + | chmod 0600 ../system-connections-iwd/* |
- | # cd /etc/NetworkManager | + | cd /etc/NetworkManager |
- | # mv system-connections system-connections-backup | + | mv system-connections system-connections-backup |
- | # dbus-send --system --print-reply --dest=org.freedesktop.NetworkManager /org/freedesktop/NetworkManager/Settings org.freedesktop.NetworkManager.Settings.ReloadConnections | + | dbus-send --system --print-reply --dest=org.freedesktop.NetworkManager /org/freedesktop/NetworkManager/Settings org.freedesktop.NetworkManager.Settings.ReloadConnections |
- | # sleep 1 | + | sleep 1 |
- | # mv system-connections-iwd system-connections | + | mv system-connections-iwd system-connections |
- | # dbus-send --system --print-reply --dest=org.freedesktop.NetworkManager /org/freedesktop/NetworkManager/Settings org.freedesktop.NetworkManager.Settings.ReloadConnections | + | dbus-send --system --print-reply --dest=org.freedesktop.NetworkManager /org/freedesktop/NetworkManager/Settings org.freedesktop.NetworkManager.Settings.ReloadConnections |
</code> | </code> | ||