diff --git a/.gitignore b/.gitignore index 82c44e1..c458948 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,2 @@ -SOURCES/nmstate-1.4.4.tar.gz -SOURCES/nmstate-vendor-1.4.4.tar.xz +SOURCES/nmstate-1.4.5.tar.gz +SOURCES/nmstate-vendor-1.4.5.tar.xz diff --git a/.nmstate.metadata b/.nmstate.metadata index e49bbc8..8630de5 100644 --- a/.nmstate.metadata +++ b/.nmstate.metadata @@ -1,2 +1,2 @@ -17340fe66e024e69e4c051e6a1bbd3d1974ca4ed SOURCES/nmstate-1.4.4.tar.gz -91a01d73ca8db5e882defaabc7529e97f4dd596a SOURCES/nmstate-vendor-1.4.4.tar.xz +cd4f8e938eabaf7e70fb251c06e477ba3bc9d8c8 SOURCES/nmstate-1.4.5.tar.gz +4735ef08c31684624a7844832cc2ba20e67983f6 SOURCES/nmstate-vendor-1.4.5.tar.xz diff --git a/SOURCES/BZ_2203277-ip-Support-static-route-with-auto-ip.patch b/SOURCES/BZ_2203277-ip-Support-static-route-with-auto-ip.patch deleted file mode 100644 index 44b8fd5..0000000 --- a/SOURCES/BZ_2203277-ip-Support-static-route-with-auto-ip.patch +++ /dev/null @@ -1,183 +0,0 @@ -0001-covscan-Remove-dead-code.patch -0002-Run-cargo-clippy.patch -0003-ip-Support-static-route-with-auto-ip.patch -0004-test-Refresh-the-expired-CA-keys.patch -From 6ea4790a368260b43c207d19f20c728698ac2184 Mon Sep 17 00:00:00 2001 -From: Gris Ge -Date: Tue, 25 Apr 2023 14:52:59 +0800 -Subject: [PATCH 1/4] covscan: Remove dead code - -Removing the dead code found by covscan. - -Signed-off-by: Gris Ge ---- - libnmstate/dns.py | 1 - - 1 file changed, 1 deletion(-) - -diff --git a/libnmstate/dns.py b/libnmstate/dns.py -index 853ece80..043c74a5 100644 ---- a/libnmstate/dns.py -+++ b/libnmstate/dns.py -@@ -173,7 +173,6 @@ class DnsState: - }, - }, - } -- return {} - - def _find_ifaces_for_name_servers( - self, ifaces, route_state, ignored_dns_ifaces --- -2.40.1 - - -From 0329b87b7856e244a4a2d34864a6e6eefa49b226 Mon Sep 17 00:00:00 2001 -From: Gris Ge -Date: Fri, 19 May 2023 17:57:51 +0800 -Subject: [PATCH 2/4] Run cargo clippy - -Signed-off-by: Gris Ge ---- - rust/src/lib/nispor/linux_bridge.rs | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/rust/src/lib/nispor/linux_bridge.rs b/rust/src/lib/nispor/linux_bridge.rs -index c03f03d6..c4cd104b 100644 ---- a/rust/src/lib/nispor/linux_bridge.rs -+++ b/rust/src/lib/nispor/linux_bridge.rs -@@ -63,7 +63,7 @@ pub(crate) fn append_bridge_port_config( - port_confs.push(port_conf); - } - -- if let Some(mut br_conf) = br_iface.bridge.as_mut() { -+ if let Some(br_conf) = br_iface.bridge.as_mut() { - br_conf.port = Some(port_confs); - } - } --- -2.40.1 - - -From 7c80a3acdb67eb09c3dcbeee7138315b3f855c7f Mon Sep 17 00:00:00 2001 -From: Gris Ge -Date: Fri, 19 May 2023 18:12:54 +0800 -Subject: [PATCH 3/4] ip: Support static route with auto ip - -Supporting assigning static route to interface with auto ip. For -example: - -```yml ---- -interfaces: - - name: eth1 - type: ethernet - state: up - ipv4: - dhcp: true - enabled: true - ipv6: - dhcp: true - autoconf: true - enabled: true -routes: - config: - - destination: 198.51.100.0/24 - metric: 150 - next-hop-address: 192.0.2.1 - next-hop-interface: eth1 - table-id: 254 - - destination: 2001:db8:2::/64 - metric: 151 - next-hop-address: 2001:db8:1::2 - next-hop-interface: eth1 -``` - -Integration test case included and been marked as tier1. - -Signed-off-by: Gris Ge ---- - libnmstate/route.py | 52 ++++++------- - tests/integration/dynamic_ip_test.py | 105 +++++++++++++++++++-------- - tests/lib/route_test.py | 28 +------ - 3 files changed, 105 insertions(+), 80 deletions(-) - -diff --git a/libnmstate/route.py b/libnmstate/route.py -index d3734279..c92cbbb6 100644 ---- a/libnmstate/route.py -+++ b/libnmstate/route.py -@@ -1,21 +1,4 @@ --# --# Copyright (c) 2020 Red Hat, Inc. --# --# This file is part of nmstate --# --# This program is free software: you can redistribute it and/or modify --# it under the terms of the GNU Lesser General Public License as published by --# the Free Software Foundation, either version 2.1 of the License, or --# (at your option) any later version. --# --# This program is distributed in the hope that it will be useful, --# but WITHOUT ANY WARRANTY; without even the implied warranty of --# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --# GNU Lesser General Public License for more details. --# --# You should have received a copy of the GNU Lesser General Public License --# along with this program. If not, see . --# -+# SPDX-License-Identifier: LGPL-2.1-or-later - - from collections import defaultdict - import logging -@@ -146,13 +129,6 @@ class RouteEntry(StateEntry): - f"Route {self.to_dict()} next hop to down/absent interface" - ) - return False -- if iface.is_dynamic( -- Interface.IPV6 if self.is_ipv6 else Interface.IPV4 -- ): -- self._invalid_reason = ( -- f"Route {self.to_dict()} next hop to interface with dynamic IP" -- ) -- return False - if self.is_ipv6: - if not iface.is_ipv6_enabled(): - self._invalid_reason = ( -@@ -194,7 +170,10 @@ class RouteState: - rt = RouteEntry(entry) - self._cur_routes[rt.next_hop_interface].add(rt) - if not ifaces or rt.is_valid(ifaces): -- self._routes[rt.next_hop_interface].add(rt) -+ # When user converting static IP to auto IP, we should -+ # not merge current static routes besides desired ones. -+ if not iface_switch_from_static_to_auto_ip(ifaces, rt): -+ self._routes[rt.next_hop_interface].add(rt) - else: - logging.debug( - f"The current route {entry} has been discarded due" -@@ -299,3 +278,24 @@ class RouteState: - {Route.KEY: {Route.CONFIG: cur_routes_info}}, - ) - ) -+ -+ -+def iface_switch_from_static_to_auto_ip(ifaces, rt): -+ iface_name = rt.next_hop_interface -+ if not iface_name or not ifaces: -+ return False -+ -+ if is_ipv6_address(rt.destination): -+ family = Interface.IPV6 -+ else: -+ family = Interface.IPV4 -+ -+ cur_iface = ifaces.get_cur_iface(iface_name, None) -+ des_iface = ifaces.get_iface(iface_name, None) -+ if ( -+ cur_iface -+ and des_iface -+ and not cur_iface.is_dynamic(family) -+ and des_iface.is_dynamic(family) -+ ): -+ return True --- -2.40.1 - diff --git a/SOURCES/BZ_2231843-nm-do-not-attach-ovs-bridge-to-itself-when-creating-.patch b/SOURCES/BZ_2231843-nm-do-not-attach-ovs-bridge-to-itself-when-creating-.patch deleted file mode 100644 index 874a1cb..0000000 --- a/SOURCES/BZ_2231843-nm-do-not-attach-ovs-bridge-to-itself-when-creating-.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 88b785ee3424fb010da3e70c4337b3b5ebdf5f5e Mon Sep 17 00:00:00 2001 -From: Fernando Fernandez Mancera -Date: Thu, 24 Aug 2023 17:28:26 +0200 -Subject: [PATCH] nm: do not attach ovs-bridge to itself when creating a - profile - -If ovs-bridge and ovs-interface shares name and ovs-interface is -modified, during the creation of the ovs-bridge profile we are setting -itself as a controller. - -That is wrong and NetworkManager is reporting the following error: - -``` -libnmstate.error.NmstateLibnmError: Update profile -uuid:ba206f8f-2ed6-486d-a339-9d1f62c5cb84 iface:br1 type:ovs-bridge -failed with error=nm-connection-error-quark: connection.slave-type: -Cannot set 'master' without 'slave-type' (6) -``` - -In order to solve that, before setting the controller we check that it -is not itself. - -Signed-off-by: Fernando Fernandez Mancera ---- - libnmstate/nm/ovs.py | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/libnmstate/nm/ovs.py b/libnmstate/nm/ovs.py -index f7c589b6..6f732207 100644 ---- a/libnmstate/nm/ovs.py -+++ b/libnmstate/nm/ovs.py -@@ -375,5 +375,8 @@ def set_ovs_iface_controller_info(iface_infos): - - for iface_info in iface_infos: - ctrl_name = pending_changes.get(iface_info[Interface.NAME]) -- if ctrl_name: -+ if ctrl_name and not ( -+ ctrl_name == iface_info[Interface.NAME] -+ and iface_info[Interface.TYPE] == InterfaceType.OVS_BRIDGE -+ ): - iface_info[Interface.CONTROLLER] = ctrl_name --- -2.41.0 - diff --git a/SOURCES/RHEL-13992-dns-opt-fix.patch b/SOURCES/RHEL-13992-dns-opt-fix.patch new file mode 100644 index 0000000..abcbb2d --- /dev/null +++ b/SOURCES/RHEL-13992-dns-opt-fix.patch @@ -0,0 +1,157 @@ +From c95e26154cfe105faedb6fe6187e89da658e6d02 Mon Sep 17 00:00:00 2001 +From: Gris Ge +Date: Tue, 14 Nov 2023 16:08:35 +0800 +Subject: [PATCH 1/2] dns: Fix DNS option `ndots`, `timeout` and `attempts` + +The `ndots`, `timeout` and `attempts` DNS options are allowed to +hold a integer value in the format of `:`. Previously, +nmstate is treating them as invalid DNS option. This patch fix it. + +Now this YAML is supported: + +```yml +dns-resolver: + config: + options: + - rotate + - ndots:9 +``` + +Integration test cases included. + +Signed-off-by: Gris Ge +--- + libnmstate/dns.py | 31 ++++++++++++++++++++++++------- + 1 file changed, 24 insertions(+), 7 deletions(-) + +diff --git a/libnmstate/dns.py b/libnmstate/dns.py +index f792b896..5bb512e8 100644 +--- a/libnmstate/dns.py ++++ b/libnmstate/dns.py +@@ -19,14 +19,12 @@ EMPTY_DNS = { + REMOVE_DNS_CONFIG = {DNS.CONFIG: EMPTY_DNS} + + +-SUPPORTED_DNS_OPTIONS = [ +- "attempts", ++SUPPORTED_DNS_OPTS_NO_VALUE = [ + "debug", + "edns0", + "inet6", + "ip6-bytestring", + "ip6-dotint", +- "ndots", + "no-aaaa", + "no-check-names", + "no-ip6-dotint", +@@ -35,11 +33,16 @@ SUPPORTED_DNS_OPTIONS = [ + "rotate", + "single-request", + "single-request-reopen", +- "timeout", + "trust-ad", + "use-vc", + ] + ++SUPPORTED_DNS_OPTS_WITH_VALUE = [ ++ "ndots", ++ "timeout", ++ "attempts", ++] ++ + + class DnsState: + PRIORITY_METADATA = "_priority" +@@ -73,10 +76,24 @@ class DnsState: + + def _canonicalize_dns_options(self): + for opt in self.config_options: +- if opt not in SUPPORTED_DNS_OPTIONS: ++ if opt.find(":") > 0: ++ opt = opt[: opt.find(":")] ++ if opt not in SUPPORTED_DNS_OPTS_WITH_VALUE: ++ raise NmstateValueError( ++ "Option '{}' is not supported to hold " ++ "a value, only support these without " ++ "value: {} and these with values: {}:n", ++ opt, ++ ", ".join(SUPPORTED_DNS_OPTS_NO_VALUE), ++ ":n, ".join(SUPPORTED_DNS_OPTS_WITH_VALUE), ++ ) ++ elif opt not in SUPPORTED_DNS_OPTS_NO_VALUE: + raise NmstateValueError( +- f"Unsupported DNS option {opt}, only support: " +- f"{', '.join(SUPPORTED_DNS_OPTIONS)}", ++ "Option '{}' is not supported, only support these " ++ "without value: {} and these with values: {}:n", ++ opt, ++ ", ".join(SUPPORTED_DNS_OPTS_NO_VALUE), ++ ":n, ".join(SUPPORTED_DNS_OPTS_WITH_VALUE), + ) + + @property +-- +2.42.1 + + +From af07271ec5044ec092a3b66c0955636819ccde04 Mon Sep 17 00:00:00 2001 +From: Gris Ge +Date: Tue, 14 Nov 2023 16:16:53 +0800 +Subject: [PATCH 2/2] dns: Fix purging DNS config + +When user desires: + +```yml +--- +dns-resolver: + config: + search: [] +``` + +It means user want to remove all search but preserve servers and +options, current nmstate incorrectly treat this as purge also. + +This patch only treat these two as purge. + +```yml +dns-resolver: + config: {} +``` + +and + +```yml +dns-resolver: + config: + server: [] + search: [] + options: [] +``` + +Integration test cases included. + +Signed-off-by: Gris Ge +--- + libnmstate/nm/dns.py | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/libnmstate/nm/dns.py b/libnmstate/nm/dns.py +index 60ebbba7..b811fdb2 100644 +--- a/libnmstate/nm/dns.py ++++ b/libnmstate/nm/dns.py +@@ -158,7 +158,11 @@ def get_dns_config_iface_names(acs_and_ipv4_profiles, acs_and_ipv6_profiles): + for nm_ac, ip_profile in chain( + acs_and_ipv6_profiles, acs_and_ipv4_profiles + ): +- if ip_profile.props.dns or ip_profile.props.dns_search: ++ if ( ++ ip_profile.props.dns ++ or ip_profile.props.dns_search ++ or ip_profile.props.dns_options ++ ): + try: + iface_name = nm_ac.get_devices()[0].get_iface() + iface_names.append(iface_name) +-- +2.42.1 + diff --git a/SOURCES/RHEL_11660-ip-Support-treating-string-as-int-for-prefix-length.patch b/SOURCES/RHEL_11660-ip-Support-treating-string-as-int-for-prefix-length.patch deleted file mode 100644 index dcd18c2..0000000 --- a/SOURCES/RHEL_11660-ip-Support-treating-string-as-int-for-prefix-length.patch +++ /dev/null @@ -1,73 +0,0 @@ -From 4c1c741d4dd4d68e12c6e27478f1c320820dd003 Mon Sep 17 00:00:00 2001 -From: Wen Liang -Date: Fri, 29 Sep 2023 14:31:34 -0400 -Subject: [PATCH 1/1] ip: Support treating string as int for `prefix-length` - -When the network role user is using the `network_state` variable to -configure the network, and if they are using Jinja2 template to -define the `prefix-length`, the type conversion -`prefix-length: "{{ __str_val | int }}"` does not work as expected, the -type for `prefix-length` in the end is still string. Therefore, nmstate -need to support treating string as int for `prefix-length` in order to -make the apply succeed. - -Signed-off-by: Wen Liang ---- - libnmstate/ifaces/base_iface.py | 7 +++++++ - libnmstate/schemas/operational-state.yaml | 8 ++++++-- - 2 files changed, 13 insertions(+), 2 deletions(-) - -diff --git a/libnmstate/ifaces/base_iface.py b/libnmstate/ifaces/base_iface.py -index c1a4c04b..b1e4c811 100644 ---- a/libnmstate/ifaces/base_iface.py -+++ b/libnmstate/ifaces/base_iface.py -@@ -48,6 +48,7 @@ class IPState: - self._info = info - self._remove_stack_if_disabled() - self._canonicalize_ip_addr() -+ self._canonicalize_ip_prefix() - self._canonicalize_dynamic() - - def _canonicalize_dynamic(self): -@@ -71,6 +72,12 @@ class IPState: - addr[InterfaceIP.ADDRESS_IP] - ) - -+ def _canonicalize_ip_prefix(self): -+ for addr in self.addresses: -+ addr[InterfaceIP.ADDRESS_PREFIX_LENGTH] = int( -+ addr[InterfaceIP.ADDRESS_PREFIX_LENGTH] -+ ) -+ - def sort_addresses(self): - self.addresses.sort(key=itemgetter(InterfaceIP.ADDRESS_IP)) - -diff --git a/libnmstate/schemas/operational-state.yaml b/libnmstate/schemas/operational-state.yaml -index 92bd6bd6..8526a0ab 100644 ---- a/libnmstate/schemas/operational-state.yaml -+++ b/libnmstate/schemas/operational-state.yaml -@@ -615,7 +615,9 @@ definitions: - ip: - type: string - prefix-length: -- type: integer -+ type: -+ - integer -+ - string - netmask: - type: string - neighbor: -@@ -654,7 +656,9 @@ definitions: - ip: - type: string - prefix-length: -- type: integer -+ type: -+ - integer -+ - string - neighbor: - type: array - items: --- -2.41.0 - diff --git a/SOURCES/nmstate-1.4.4.tar.gz.asc b/SOURCES/nmstate-1.4.4.tar.gz.asc deleted file mode 100644 index d885f4d..0000000 --- a/SOURCES/nmstate-1.4.4.tar.gz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCAAdFiEESP1vrlFad7SENoIch4lWe4cVzrwFAmRE940ACgkQh4lWe4cV -zrzJjxAA6hjRclf2YAkIrrdCyoU3TDElpADOjrTRMGe9K0kp5FEFPrzl9mJnDSNR -S0UL7Kwn0OBe9Pw8/0OMUPAHhiFy524yd1dRrb2X5RpH6Fem51ExCYHxYXWyRuxK -ll7JsTImeUxf0M+wetojLWaDOBT2Og1H6aRW62Jm8oa90l3Yjk4KZMNOslmY410V -H8QzfHa/R75ZpH6wH9RzyX7CNvCaglMEeBkMApvjSAppllolh7AkbjCCSEMiSnK/ -3HjSftvyGGDCn4VBP8hh05amz84ielK4RTqtz2fvzARudxxhQ+f9DJ/2fVFSv3RL -YxCQL3nYMnCqEK0LZ4hw5xdZcVGeuBBj5ubzWxzahy0dC87Lifvgy6/l1Tp5GBKt -wVSEA2dest55Punng784pNnYGnks/wKTK1TVnhLmTRe0IUJtUbz0cYse4JOfhxe+ -SYyVtSmrwaS3Lo/h2PtMua3aF92z9RP6dkNKin0c5WlBpmothwiEsCD6cZR148zB -y8hitadVZ9nysWFgT0EGVHMkzGTKaCVNJ1s3UsJUYiTUEMa3StzJX704NKEitnFX -SkC2qHMlV04BMtB6Nb+86LOOPBSh5u7vzqU0M7BAD4SmVkKH27asYaSqdG3kLez6 -XRW8eeQkS6LVAACm6Wrb37XecTAGPF9pE5P9Wmg0YKZpQM6t9NM= -=3XHy ------END PGP SIGNATURE----- diff --git a/SOURCES/nmstate-1.4.5.tar.gz.asc b/SOURCES/nmstate-1.4.5.tar.gz.asc new file mode 100644 index 0000000..a4340ad --- /dev/null +++ b/SOURCES/nmstate-1.4.5.tar.gz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCAAdFiEESP1vrlFad7SENoIch4lWe4cVzrwFAmVDid0ACgkQh4lWe4cV +zrx26BAAqv8ec7UMDkJ7MGAXwRpMZrLQ+zjPIDlVH0HVmdvZY2g8Lx2iK9g0xHeL +YGdVk3aL3UwQE/5Tt6qtzQ8sk76dWyveS1XxxNDLZa+TKvcGqDbxnmvOAIBJwrlD +4Q6MNWqudJDsboGotKSAoI/xHJafFzWfHU+SSp4AHtf2xHa2KFZqmaZW5gVdYq9j +/Zhepz8OQ+1s8/frVw1JEqKaTcw5gc0/2xNzh0MkC714Lkk4dhITHP6zh1HF/2i8 +LPIdVHMI8Ze7w4imiamr38+G3XzCQJ/6A/N6couFyJXrLgCn0Jm7Zv8t3TLW69JA +QD/YHcFgeZmh3QRHVoNIOunG7X7eczLjy61VVXMp3F38+GWSLxK2f7DMRyzRvIxF +uBrd9yBZ4qkSEqIG2tEBIZOPg4deDADaesyD3d5c0JROsmxkmhl9SEBk03qWtJEY +kWhCF4tGvVp1r+W7AjS6QpqAtFXJcBQdj1qs49fgRxVGjmw2ljMQdLT6O/oSFNpS +wzjvGhh8WvMcmStCQ0crTOeihYTyJu2PPqJ3c373EnE9xPN3cJVh+AGwV5kcpxkk +bJF8qooJDq7MAuNqiKdXORGzG0ht16TzJ4aE+1vGFAErYZitCzU13rkW3dKIU19h +KgFqlKXUHCS6J3KzJQszDpn+Hw8WOvcCQQ1LivcyLKHlvmTQPi4= +=51yt +-----END PGP SIGNATURE----- diff --git a/SPECS/nmstate.spec b/SPECS/nmstate.spec index e87422e..46f34cc 100644 --- a/SPECS/nmstate.spec +++ b/SPECS/nmstate.spec @@ -3,8 +3,8 @@ %define libname libnmstate Name: nmstate -Version: 1.4.4 -Release: 5%{?dist} +Version: 1.4.5 +Release: 2%{?dist} Summary: Declarative network manager API License: LGPLv2+ URL: https://github.com/%{srcname}/%{srcname} @@ -14,9 +14,7 @@ Source2: https://www.nmstate.io/nmstate.gpg Source3: %{url}/releases/download/v%{version}/%{srcname}-vendor-%{version}.tar.xz # Patches 0X are reserved to downstream only Patch0: BZ_2132570-nm-reverse-IPv6-order-before-adding-them-to-setting.patch -Patch1: BZ_2203277-ip-Support-static-route-with-auto-ip.patch -Patch2: BZ_2231843-nm-do-not-attach-ovs-bridge-to-itself-when-creating-.patch -Patch3: RHEL_11660-ip-Support-treating-string-as-int-for-prefix-length.patch +Patch10: RHEL-13992-dns-opt-fix.patch BuildRequires: python3-devel BuildRequires: python3-setuptools BuildRequires: gnupg2 @@ -151,7 +149,13 @@ popd /sbin/ldconfig %changelog -* Wed Oct 06 2023 Wen Liang - 1.4.4-5 +* Wed Nov 15 2023 Gris Ge - 1.4.5-2 +- Fix use case on purging DNS option. RHEL-13992 + +* Tue Nov 07 2023 Gris Ge - 1.4.5-1 +- Support DNS option. RHEL-13992 + +* Fri Oct 06 2023 Wen Liang - 1.4.4-5 - Support treating string as int for address prefix-length. RHEL-11660 * Wed Aug 30 2023 Fernando Fernandez Mancera - 1.4.4-4