On 29 June 2020 18:40:23 CEST, Ben Cotton <bcotton@xxxxxxxxxx> wrote: >https://fedoraproject.org/wiki/Changes/NetworkManager_keyfile_instead_of_ifcfg_rh > >== Summary == >Change the default settings plugin of NetworkManager so that new >profiles will be created in keyfile format instead of ifcfg-rh format. > >== Owner == >* Name: [[User:Thaller| Thomas Haller]] >* Email: <thaller@xxxxxxxxxx> > >== Detailed Description == >NetworkManager supports settings plugins to persist connection >profiles to disk. There is the native ''keyfile'' format and the >Fedora/RHEL specific ''ifcfg-rh'' format originally from initscripts. >The keyfile plugin is always enabled in NetworkManager and can handle >any supported type of profile. It stores profiles under >`/{etc,usr/lib,run}/NetworkManager/system-connections` and is >documented in [https://developer.gnome.org/NetworkManager/stable/nm-settings-keyfile.html >nm-settings-keyfile manual]. The ifcfg-rh format is in part compatible >with the network-scripts package from initscripts, however both >network-scripts and NetworkManager define their own extensions >([https://developer.gnome.org/NetworkManager/stable/nm-settings-ifcfg-rh.html >[1]]). Since network-scripts and NetworkManager are fundamentally >different, the same ifcfg file is not treated exactly the same by both >systems. In the past, having the ifcfg-rh format made it easier for >users familiar with initscripts to migrate to/from NetworkManager. > >The settings plugins are configurable in >[https://developer.gnome.org/NetworkManager/stable/NetworkManager.conf.html >NetworkManager.conf] via the `"main.plugins"` option. Multiple plugins >can be configured and on Fedora 32 and older, the compile time default >for the option is `"ifcfg-rh,keyfile"`. This means, that when >NetworkManager stores a new profile to disk, it will first try to >persist it in ifcfg-rh format before falling back to keyfile format, >if the ifcfg-rh plugin doesn't support the profile type. When reading >profiles from disk, NetworkManager will read and expose profiles from >both settings plugins and when modifying an existing profile, it will >update the existing file and preserve the settings plugin. > >This Change is about to change the default for `"main.plugins"` from >`"ifcfg-rh,keyfile"` to `"keyfile,ifcfg-rh"`. > >== Feedback == >This was brought up on the NetworkManager mailing list >([https://mail.gnome.org/archives/networkmanager-list/2020-May/msg00002.html >[1]]]). > >Fedora CoreOS doesn't use ifcfg-rh files at all, only keyfile. Also, >RHEL CoreOS uses the `"main.plugins=ifcfg-rh,keyfile"` configuration >too. For CoreOS this of course is simpler, because they don't deal >with existing user configurations and tools that would break during >upgrade. > >== Benefit to Fedora == >The long term goal of NetworkManager is to move away from ifcfg-rh >files. That will be difficult as it affects existing installations and >will require migration of existing configurations. This change is only >a first step and affects how NetworkManager by default persists new >profiles to disk. > >The ifcfg-rh format arguably has an uglier syntax and, contrary to >keyfile, does not support all profile types. Also, keyfile plugin is >available on every NetworkManager installation because that is the >only plugin that supports all profiles. Having multiple plugins and >file formats is confusing. By now, initscripts' `network-script` >package is deprecated in Fedora and upstream wants to move away from >that format in the long term. Also maintaining multiple settings >plugins is a maintainance burden, and in the past there were subtle >bugs where ifcfg-rh did not implement all settings (e.g. >[https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10754 >CVE-2020-10754]). On other Linux distributions NetworkManager uses the >keyfile format by default. It is a general goal that NetworkManager >works similar on all distributions. > >== Scope == > >* Proposal owners: The default settings for `"main.plugins"` can >already be selected at compile time. This only requires building the >package with a different default >([https://src.fedoraproject.org/rpms/NetworkManager/blob/a06b38bcbe8f9a38badab4f37e8c6fae240428b7/f/NetworkManager.spec#_759 >[3]]). >* Other developers: N/A (not needed for this Change) >* Policies and guidelines: N/A (not needed for this Change) >* Trademark approval: N/A (not needed for this Change) > >== Upgrade/compatibility impact == >This affects most users, unless they explicitly set the option in >NetworkManager.conf configuration. The biggest effect of this change >is that new profiles will now preferably be persisted in keyfile >format. This changes behavior for users who expect NetworkManager to >write ifcfg-rh files, or who have scripts or tools that expect that. >What will still work is that existing ifcfg files are loaded after >upgrade. Users who only use the D-Bus API (via one of the client >applications like nmcli or the GUI), shouldn't notice the difference. > >As before, users still can explicitly configure the settings plugins >in NetworkManager.conf. This only affects the default, but it affects >existing installations if the user didn't explicitly configure >NetworkManager's `"main.plugins"` option. > >The Change will be implemented by changing the compile time default, >instead of dropping a configuration snippet. The reason is that it is >preferably that the installation of NetworkManager avoids extra >configuration. The default behavior should be achived without any >configuration. During package update there would be the possibility to >drop a file `/etc/NetworkManager/02-update-plugins-ifcfg-rh.conf` that >preserves the previous behavior. However, I don't think that is >necessary. After upgrading NetworkManager, it will still read ifcfg-rh >file so for the user it is less necessary to preserve the previous >behavior. Also, dropping configuration snippets during package upgrade >has its own downsides because new installations behave different than >upgraded systems. > > >== How To Test == >You can already test the effect by explicitly configuring the setting >which will become the default. For example, add a file >`/etc/NetworkManager/conf.d/99-main-plugins.conf` with content > > [main] > plugins=keyfile,ifcfg-rh > >== User Experience == >NetworkManager now preferably uses the keyfile format (INI files). >This format is probably easier to understand to users and also has a >closer resemblance to how the profile is presented in nmcli. > >If the user is using NetworkManager tools that use the D-Bus API (like >nmcli or the GUI), then the used storage plugin and format is usually >of no concern for the user. > >== Dependencies == >None > > >== Contingency Plan == >The `"main.plugins"` option exists for a long time in NetworkManager. >All that changes here is the default of this option. > >* Contingency mechanism: revert the change >* Contingency deadline: beta freeze >* Blocks release? No > >== Documentation == >I am not aware of documentation that gets affected by this. > > >== Release Notes == >NetworkManager now prefers the keyfile settings plugin over ifcfg-rh >plugin when writing new connection profiles to disk. Existing ifcfg-rh >files are still handled as before. > > This seems like a reasonable change. ifcfg-rh is a redhatism, keyfile isn't. So it a move to a more distro agnostic formar. Also non-breaking since old configs will continue to work. +1 _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
