On Monday, June 29, 2020 9:40:23 AM MST Ben Cotton wrote: > https://fedoraproject.org/wiki/Changes/NetworkManager_keyfile_instead_of_ifc > fg_rh > == Summary == > Change the default settings plugin of NetworkManager so that new > profiles will be created in keyfile format instead of ifcfg-rh format. > > == Owner == > * Name: [[User:Thaller| Thomas Haller]] > * Email: <thaller@xxxxxxxxxx> > > == Detailed Description == > NetworkManager supports settings plugins to persist connection > profiles to disk. There is the native ''keyfile'' format and the > Fedora/RHEL specific ''ifcfg-rh'' format originally from initscripts. > The keyfile plugin is always enabled in NetworkManager and can handle > any supported type of profile. It stores profiles under > `/{etc,usr/lib,run}/NetworkManager/system-connections` and is > documented in > [https://developer.gnome.org/NetworkManager/stable/nm-settings-keyfile.html > nm-settings-keyfile manual]. The ifcfg-rh format is in part compatible > with the network-scripts package from initscripts, however both > network-scripts and NetworkManager define their own extensions > ([https://developer.gnome.org/NetworkManager/stable/nm-settings-ifcfg-rh.htm > l [1]]). Since network-scripts and NetworkManager are fundamentally > different, the same ifcfg file is not treated exactly the same by both > systems. In the past, having the ifcfg-rh format made it easier for users > familiar with initscripts to migrate to/from NetworkManager. > The settings plugins are configurable in > [https://developer.gnome.org/NetworkManager/stable/NetworkManager.conf.html > NetworkManager.conf] via the `"main.plugins"` option. Multiple plugins can > be configured and on Fedora 32 and older, the compile time default for the > option is `"ifcfg-rh,keyfile"`. This means, that when > NetworkManager stores a new profile to disk, it will first try to > persist it in ifcfg-rh format before falling back to keyfile format, > if the ifcfg-rh plugin doesn't support the profile type. When reading > profiles from disk, NetworkManager will read and expose profiles from > both settings plugins and when modifying an existing profile, it will > update the existing file and preserve the settings plugin. > > This Change is about to change the default for `"main.plugins"` from > `"ifcfg-rh,keyfile"` to `"keyfile,ifcfg-rh"`. > > == Feedback == > This was brought up on the NetworkManager mailing list > ([https://mail.gnome.org/archives/networkmanager-list/2020-May/msg00002.html > [1]]]). > > Fedora CoreOS doesn't use ifcfg-rh files at all, only keyfile. Also, > RHEL CoreOS uses the `"main.plugins=ifcfg-rh,keyfile"` configuration > too. For CoreOS this of course is simpler, because they don't deal > with existing user configurations and tools that would break during > upgrade. > > == Benefit to Fedora == > The long term goal of NetworkManager is to move away from ifcfg-rh > files. That will be difficult as it affects existing installations and > will require migration of existing configurations. This change is only > a first step and affects how NetworkManager by default persists new > profiles to disk. > > The ifcfg-rh format arguably has an uglier syntax and, contrary to > keyfile, does not support all profile types. Also, keyfile plugin is > available on every NetworkManager installation because that is the > only plugin that supports all profiles. Having multiple plugins and > file formats is confusing. By now, initscripts' `network-script` > package is deprecated in Fedora and upstream wants to move away from > that format in the long term. Also maintaining multiple settings > plugins is a maintainance burden, and in the past there were subtle > bugs where ifcfg-rh did not implement all settings (e.g. > [https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10754 > CVE-2020-10754]). On other Linux distributions NetworkManager uses the > keyfile format by default. It is a general goal that NetworkManager > works similar on all distributions. > > == Scope == > > * Proposal owners: The default settings for `"main.plugins"` can > already be selected at compile time. This only requires building the > package with a different default > ([https://src.fedoraproject.org/rpms/NetworkManager/blob/a06b38bcbe8f9a38bad > ab4f37e8c6fae240428b7/f/NetworkManager.spec#_759 [3]]). > * Other developers: N/A (not needed for this Change) > * Policies and guidelines: N/A (not needed for this Change) > * Trademark approval: N/A (not needed for this Change) > > == Upgrade/compatibility impact == > This affects most users, unless they explicitly set the option in > NetworkManager.conf configuration. The biggest effect of this change > is that new profiles will now preferably be persisted in keyfile > format. This changes behavior for users who expect NetworkManager to > write ifcfg-rh files, or who have scripts or tools that expect that. > What will still work is that existing ifcfg files are loaded after > upgrade. Users who only use the D-Bus API (via one of the client > applications like nmcli or the GUI), shouldn't notice the difference. > > As before, users still can explicitly configure the settings plugins > in NetworkManager.conf. This only affects the default, but it affects > existing installations if the user didn't explicitly configure > NetworkManager's `"main.plugins"` option. > > The Change will be implemented by changing the compile time default, > instead of dropping a configuration snippet. The reason is that it is > preferably that the installation of NetworkManager avoids extra > configuration. The default behavior should be achived without any > configuration. During package update there would be the possibility to > drop a file `/etc/NetworkManager/02-update-plugins-ifcfg-rh.conf` that > preserves the previous behavior. However, I don't think that is > necessary. After upgrading NetworkManager, it will still read ifcfg-rh > file so for the user it is less necessary to preserve the previous > behavior. Also, dropping configuration snippets during package upgrade > has its own downsides because new installations behave different than > upgraded systems. > > > == How To Test == > You can already test the effect by explicitly configuring the setting > which will become the default. For example, add a file > `/etc/NetworkManager/conf.d/99-main-plugins.conf` with content > > [main] > plugins=keyfile,ifcfg-rh > > == User Experience == > NetworkManager now preferably uses the keyfile format (INI files). > This format is probably easier to understand to users and also has a > closer resemblance to how the profile is presented in nmcli. > > If the user is using NetworkManager tools that use the D-Bus API (like > nmcli or the GUI), then the used storage plugin and format is usually > of no concern for the user. > > == Dependencies == > None > > > == Contingency Plan == > The `"main.plugins"` option exists for a long time in NetworkManager. > All that changes here is the default of this option. > > * Contingency mechanism: revert the change > * Contingency deadline: beta freeze > * Blocks release? No > > == Documentation == > I am not aware of documentation that gets affected by this. > > > == Release Notes == > NetworkManager now prefers the keyfile settings plugin over ifcfg-rh > plugin when writing new connection profiles to disk. Existing ifcfg-rh > files are still handled as before. If there's a benefit to this, beyond being more in line with Fedora experiments such as CoreOS, I'm all for it. As long as I users can continue to specify their network configuration in ifcfg-rh format files, I can't imagine anyone will have issues with this Change. :) -- John M. Harris, Jr. _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
