Update on /etc/sysconfig/network and sysconfig-netconfig
Hi, The move from wicked to NetworkManager as default for everything during the last months revealed some (welcomed) side effects: since several weeks sysconfig-netconfig is no longer installed on a fresh default installation. Why is this welcomed and good? netconfig is a nice abstraction layer for network stack configuration, you don't need to care which network stack get's used, the config is always the same. But this is also the problem: by supporting several kinds of network stacks, you can mostly only support the lowest common denominator and not all features of a stack are useable. And this means: - we have to maintain code where we don't need the main functionality anymore - users are by default restricted in the use of NetworkManager - packagers have to write and maintain additional scripts for netconfig instead of using the upstream ones for NetworkManager But we have only NetworkManager left. As a result we took a deeper look at which packages are still using /etc/sysconfig/network. To be said, the absolute majority of the scripts I looked at are broken and don't work anymore, partly since about 10 years. And nobody noticed... While there are no plans to active drop sysconfig-netconfig and wicked, it also does not make sense to maitain scripts not used anymore or broken since a long time while limiting ourself for every installation. So going forward, please us the native NetworkManager APIs for your packages. The /etc/sysconfig/network hierachie get's removed from filesystem.rpm, so that people don't see them and assume they are used by default. You can of course still install sysconfig-netconfig (which will create the directories) and use them. For some netconfig functionality, we have packages which provide the functionality native with NetworkManager: GNOME:Next/NetworkManager-dns-bind GNOME:Next/NetworkManager-dns-dnsmasq Testers and feedback to the maintainer are always welcome. There are no plans to automatically migrate from wicked and sysconfig-netconfig to plain NetworkManager. Since some tools write their configuration data to different locations depending on the network stack (like firewalld), an automatic conversation would be pretty complex next to impossible. And there are currently no plans to drop this tools. But long term, you should migrate to NetworkManager if you haven't done yet. Between, there are still packages requiring sysconfig.rpm. There seems to be a common misunderstanding: sysconfig.rpm is not used for /etc/sysconfig config files, even if the name may implies this. Currently, only wicked and YaST2 uses this package. Where I'm not sure if YaST is really using it or if this is an old, obsolete or wrong requires. Thorsten -- Thorsten Kukuk, Distinguished Engineer, Senior Architect, Future Technologies SUSE Software Solutions Germany GmbH, Frankenstraße 146, 90461 Nuernberg, Germany Managing Director: Ivo Totev, Andrew Myers, Andrew McDonald, Martje Boudien Moerman (HRB 36809, AG Nürnberg)
Am Montag, 12. Dezember 2022, 11:46:00 CET schrieb Thorsten Kukuk:
Hi,
The move from wicked to NetworkManager as default for everything during the last months revealed some (welcomed) side effects: since several weeks sysconfig-netconfig is no longer installed on a fresh default installation.
Hello Thorsten, sorry I can't read the whole mail at the moment. But an answer would be important to me. But is there a possibility to prevent a manual change? So that only root can enter and change the network configuration. Is it possible to set a fixed IP and network configuration that cannot be changed? Do you have a description or links? That would be great. Regards Eric
On Mon, Dec 12, Eric Schirra wrote:
Am Montag, 12. Dezember 2022, 11:46:00 CET schrieb Thorsten Kukuk:
Hi,
The move from wicked to NetworkManager as default for everything during the last months revealed some (welcomed) side effects: since several weeks sysconfig-netconfig is no longer installed on a fresh default installation.
Hello Thorsten,
sorry I can't read the whole mail at the moment. But an answer would be important to me. But is there a possibility to prevent a manual change? So that only root can enter and change the network configuration. Is it possible to set a fixed IP and network configuration that cannot be changed?
NetworkManager is polkit driven, so who can do what depends on how you configure it. Normally, normal users are not allowed to change network interfaces beside wlan.
Do you have a description or links?
I have nothing to do with NetworkManager, but I'm sure there is documentation about how NetworkManager is working, as everybody is using that today. Thorsten -- Thorsten Kukuk, Distinguished Engineer, Senior Architect, Future Technologies SUSE Software Solutions Germany GmbH, Frankenstraße 146, 90461 Nuernberg, Germany Managing Director: Ivo Totev, Andrew Myers, Andrew McDonald, Martje Boudien Moerman (HRB 36809, AG Nürnberg)
Am Montag, 12. Dezember 2022, 12:31:49 CET schrieb Thorsten Kukuk:
On Mon, Dec 12, Eric Schirra wrote:
Am Montag, 12. Dezember 2022, 11:46:00 CET schrieb Thorsten Kukuk:
Hi,
The move from wicked to NetworkManager as default for everything during the last months revealed some (welcomed) side effects: since several weeks sysconfig-netconfig is no longer installed on a fresh default installation.
Hello Thorsten,
sorry I can't read the whole mail at the moment. But an answer would be important to me. But is there a possibility to prevent a manual change? So that only root can enter and change the network configuration. Is it possible to set a fixed IP and network configuration that cannot be changed?
NetworkManager is polkit driven, so who can do what depends on how you configure it. Normally, normal users are not allowed to change network interfaces beside wlan.
I am not talking about WLAN. I want to specify a fixed network configuration. Only this may be used. Nobody from root is allowed to change it. No one is allowed to create an additional one either. Actually like it is usual in a company network.
Do you have a description or links?
I have nothing to do with NetworkManager, but I'm sure there is documentation about how NetworkManager is working, as everybody is using that today.
Okay. Thought since you were sending the mail, you'd have info on it too. And that everyone uses the networmanager I find a daring thesis. But unfortunately reflects the current approach in other areas of SUSE/ openSUSE again. Can you probably nothing for. Nevertheless, but very sad. Regards Eric
On Mon, Dec 12, Eric Schirra wrote:
Am Montag, 12. Dezember 2022, 12:31:49 CET schrieb Thorsten Kukuk:
On Mon, Dec 12, Eric Schirra wrote:
Am Montag, 12. Dezember 2022, 11:46:00 CET schrieb Thorsten Kukuk:
Hi,
The move from wicked to NetworkManager as default for everything during the last months revealed some (welcomed) side effects: since several weeks sysconfig-netconfig is no longer installed on a fresh default installation.
Hello Thorsten,
sorry I can't read the whole mail at the moment. But an answer would be important to me. But is there a possibility to prevent a manual change? So that only root can enter and change the network configuration. Is it possible to set a fixed IP and network configuration that cannot be changed?
NetworkManager is polkit driven, so who can do what depends on how you configure it. Normally, normal users are not allowed to change network interfaces beside wlan.
I am not talking about WLAN. I want to specify a fixed network configuration. Only this may be used. Nobody from root is allowed to change it. No one is allowed to create an additional one either. Actually like it is usual in a company network.
As I wrote: this is all configureable via polkit and the default.
Do you have a description or links?
I have nothing to do with NetworkManager, but I'm sure there is documentation about how NetworkManager is working, as everybody is using that today.
Okay. Thought since you were sending the mail, you'd have info on it too.
I did send an email about /etc/sysconfig/network and sysconfig-netconfig. Not about the switch to NetworkManager. Which was done long ago and announced as that.
And that everyone uses the networmanager I find a daring thesis.
Ok, I should be more specific as nearly every other Linux Distribution is using it.
But unfortunately reflects the current approach in other areas of SUSE/ openSUSE again.
Are you willing to implement all the support for wicked in all the upstream tools using the network management tools directly? Until now nobody was willing to do so, but telling the people that this tools will never work on openSUSE is also no option. Nothing prevents you to continue to use wicked with netconfig. As written, there are currently no plans to active drop wicked and netconfig, but don't complain if your tool of choice does not work with it together.
Can you probably nothing for. Nevertheless, but very sad.
You can fix it by helping with the development. So don't complain ;) Thorsten
Regards Eric
-- Thorsten Kukuk, Distinguished Engineer, Senior Architect, Future Technologies SUSE Software Solutions Germany GmbH, Frankenstraße 146, 90461 Nuernberg, Germany Managing Director: Ivo Totev, Andrew Myers, Andrew McDonald, Martje Boudien Moerman (HRB 36809, AG Nürnberg)
On 12/12/22 22:24, Eric Schirra wrote:
Am Montag, 12. Dezember 2022, 12:31:49 CET schrieb Thorsten Kukuk:
On Mon, Dec 12, Eric Schirra wrote:
Am Montag, 12. Dezember 2022, 11:46:00 CET schrieb Thorsten Kukuk:
Hi,
The move from wicked to NetworkManager as default for everything during the last months revealed some (welcomed) side effects: since several weeks sysconfig-netconfig is no longer installed on a fresh default installation.
Hello Thorsten,
sorry I can't read the whole mail at the moment. But an answer would be important to me. But is there a possibility to prevent a manual change? So that only root can enter and change the network configuration. Is it possible to set a fixed IP and network configuration that cannot be changed?
NetworkManager is polkit driven, so who can do what depends on how you configure it. Normally, normal users are not allowed to change network interfaces beside wlan.
I am not talking about WLAN. I want to specify a fixed network configuration. Only this may be used. Nobody from root is allowed to change it. No one is allowed to create an additional one either. Actually like it is usual in a company network.
Even more usefully in my opinion its simple to configure it in such a way that only users of a "Network" group can modify the network connection. Oneday i'll get arnound to packaging this so its even easier to setup. -- Simon Lees (Simotek) http://simotek.net Emergency Update Team keybase.io/simotek SUSE Linux Adelaide Australia, UTC+10:30 GPG Fingerprint: 5B87 DB9D 88DC F606 E489 CEC5 0922 C246 02F0 014B
On 12. 12. 22, 11:46, Thorsten Kukuk wrote:
The move from wicked to NetworkManager as default for everything during the last months revealed some (welcomed) side effects: since several weeks sysconfig-netconfig is no longer installed on a fresh default installation.
\o/ and thanks for the effort. Last time (3 weeks ago) I uninstalled sysconfig-netconfig, the system (VM) didn't come up. I am using NM on all my systems. Let me retry. thanks, -- js suse labs
On Mon, Dec 12, Jiri Slaby wrote:
On 12. 12. 22, 11:46, Thorsten Kukuk wrote:
The move from wicked to NetworkManager as default for everything during the last months revealed some (welcomed) side effects: since several weeks sysconfig-netconfig is no longer installed on a fresh default installation.
\o/ and thanks for the effort.
Last time (3 weeks ago) I uninstalled sysconfig-netconfig, the system (VM) didn't come up. I am using NM on all my systems. Let me retry.
None of my systems have sysconfig-netconfig installed anymore. But if you did confgure your system with /etc/sysconfig/network/ifcfg-* files, then you need netconfig, else NetworkManager is not able to read that network configuration. So if you deinstall sysconfig-netconfig, make sure you have a configuration file for every network interface in /etc/NetworkManager/system-connections/ Thorsten -- Thorsten Kukuk, Distinguished Engineer, Senior Architect, Future Technologies SUSE Software Solutions Germany GmbH, Frankenstraße 146, 90461 Nuernberg, Germany Managing Director: Ivo Totev, Andrew Myers, Andrew McDonald, Martje Boudien Moerman (HRB 36809, AG Nürnberg)
On 12. 12. 22, 13:51, Thorsten Kukuk wrote:
On Mon, Dec 12, Jiri Slaby wrote:
On 12. 12. 22, 11:46, Thorsten Kukuk wrote:
The move from wicked to NetworkManager as default for everything during the last months revealed some (welcomed) side effects: since several weeks sysconfig-netconfig is no longer installed on a fresh default installation.
\o/ and thanks for the effort.
Last time (3 weeks ago) I uninstalled sysconfig-netconfig, the system (VM) didn't come up. I am using NM on all my systems. Let me retry.
None of my systems have sysconfig-netconfig installed anymore. But if you did confgure your system with /etc/sysconfig/network/ifcfg-* files, then you need netconfig, else NetworkManager is not able to read that network configuration.
As I wrote, it's NM-only: # ll /etc/sysconfig/network/ifcfg* -rw-r--r-- 1 root root 21738 Aug 31 15:21 /etc/sysconfig/network/ifcfg.template thanks, -- js suse labs
On Mon, Dec 12, 2022 at 7:57 AM Jiri Slaby <jslaby@suse.cz> wrote:
On 12. 12. 22, 13:51, Thorsten Kukuk wrote:
On Mon, Dec 12, Jiri Slaby wrote:
On 12. 12. 22, 11:46, Thorsten Kukuk wrote:
The move from wicked to NetworkManager as default for everything during the last months revealed some (welcomed) side effects: since several weeks sysconfig-netconfig is no longer installed on a fresh default installation.
\o/ and thanks for the effort.
Last time (3 weeks ago) I uninstalled sysconfig-netconfig, the system (VM) didn't come up. I am using NM on all my systems. Let me retry.
None of my systems have sysconfig-netconfig installed anymore. But if you did confgure your system with /etc/sysconfig/network/ifcfg-* files, then you need netconfig, else NetworkManager is not able to read that network configuration.
As I wrote, it's NM-only: # ll /etc/sysconfig/network/ifcfg* -rw-r--r-- 1 root root 21738 Aug 31 15:21 /etc/sysconfig/network/ifcfg.template
A few years ago, Jakob and I had looked into tweaking the ifcfg plugin so that it could handle SUSE ifcfg flavored files in addition to the Red Hat ones. My early experiments in just changing it to read the SUSE path seemed to bear fruit, but seemingly nobody was interested then. On the RH/Fedora side, we dropped ifcfg in favor of using plain NM keyfiles a couple of years ago[1]. As part of that, I believe a migrator tool was in the works. I've CC'd Thomas Haller, who worked on the change in Fedora. Thomas, did that migrator tool get written? If so, could we trivially extend it to be able to read SUSE-flavored files too? [1]: https://fedoraproject.org/wiki/Changes/NetworkManager_keyfile_instead_of_ifc... -- 真実はいつも一つ!/ Always, there's only one truth!
On Mon, Dec 12, 2022 at 4:39 PM Neal Gompa <ngompa13@gmail.com> wrote:
On the RH/Fedora side, we dropped ifcfg in favor of using plain NM keyfiles a couple of years ago[1]. As part of that, I believe a migrator tool was in the works. I've CC'd Thomas Haller, who worked on the change in Fedora. Thomas, did that migrator tool get written? If so, could we trivially extend it to be able to read SUSE-flavored files too?
Isn't YaST capable of generating NM configuration during installation? It should be fairly straightforward to read ifcfg and dump NM config then.
On 12. 12. 22, 13:38, Jiri Slaby wrote:
On 12. 12. 22, 11:46, Thorsten Kukuk wrote:
The move from wicked to NetworkManager as default for everything during the last months revealed some (welcomed) side effects: since several weeks sysconfig-netconfig is no longer installed on a fresh default installation.
\o/ and thanks for the effort.
Last time (3 weeks ago) I uninstalled sysconfig-netconfig, the system (VM) didn't come up. I am using NM on all my systems. Let me retry.
Ah, so netconfig is apparently no longer called for some weeks. Good. So the system works and: rm -f /etc/resolv.conf systemctl restart NetworkManager was needed to fix the resolver. BTW is this OK from NM log? dns-mgr: init: dns=default,systemd-resolved rc-manager=netconfig (auto) -> rc-manager=netconfig, in particular
thanks,-- js suse labs
Hi all, trying to zypper rm sysconfig-netconfig I get Reading installed packages... Resolving package dependencies... The following 8 packages are going to be REMOVED: libguestfs libguestfs-winsupport perl-Sys-Guestfs python3-libguestfs python3-virt-bootstrap supermin sysconfig-netconfig wicked 8 packages to remove. After the operation, 11.3 MiB will be freed. This system is running the latest Tumbleweed snapshot. Bye. Michael. On Montag, 12. Dezember 2022 11:46:00 CET Thorsten Kukuk wrote:
Hi,
The move from wicked to NetworkManager as default for everything during the last months revealed some (welcomed) side effects: since several weeks sysconfig-netconfig is no longer installed on a fresh default installation.
Why is this welcomed and good? netconfig is a nice abstraction layer for network stack configuration, you don't need to care which network stack get's used, the config is always the same. But this is also the problem: by supporting several kinds of network stacks, you can mostly only support the lowest common denominator and not all features of a stack are useable. And this means: - we have to maintain code where we don't need the main functionality anymore - users are by default restricted in the use of NetworkManager - packagers have to write and maintain additional scripts for netconfig instead of using the upstream ones for NetworkManager But we have only NetworkManager left.
As a result we took a deeper look at which packages are still using /etc/sysconfig/network. To be said, the absolute majority of the scripts I looked at are broken and don't work anymore, partly since about 10 years. And nobody noticed...
While there are no plans to active drop sysconfig-netconfig and wicked, it also does not make sense to maitain scripts not used anymore or broken since a long time while limiting ourself for every installation.
So going forward, please us the native NetworkManager APIs for your packages.
The /etc/sysconfig/network hierachie get's removed from filesystem.rpm, so that people don't see them and assume they are used by default. You can of course still install sysconfig-netconfig (which will create the directories) and use them.
For some netconfig functionality, we have packages which provide the functionality native with NetworkManager: GNOME:Next/NetworkManager-dns-bind GNOME:Next/NetworkManager-dns-dnsmasq
Testers and feedback to the maintainer are always welcome.
There are no plans to automatically migrate from wicked and sysconfig-netconfig to plain NetworkManager. Since some tools write their configuration data to different locations depending on the network stack (like firewalld), an automatic conversation would be pretty complex next to impossible. And there are currently no plans to drop this tools. But long term, you should migrate to NetworkManager if you haven't done yet.
Between, there are still packages requiring sysconfig.rpm. There seems to be a common misunderstanding: sysconfig.rpm is not used for /etc/sysconfig config files, even if the name may implies this. Currently, only wicked and YaST2 uses this package. Where I'm not sure if YaST is really using it or if this is an old, obsolete or wrong requires.
Thorsten
On Mon, Dec 12, mh@mike.franken.de wrote:
Hi all,
trying to zypper rm sysconfig-netconfig I get
Reading installed packages... Resolving package dependencies...
The following 8 packages are going to be REMOVED: libguestfs libguestfs-winsupport perl-Sys-Guestfs python3-libguestfs python3-virt-bootstrap supermin sysconfig-netconfig wicked
8 packages to remove. After the operation, 11.3 MiB will be freed.
This system is running the latest Tumbleweed snapshot.
But is not a fresh default installation as I wrote. Please read careful. You are still using wicked, and wicked requires netconfig. Thorsten
Bye. Michael.
On Montag, 12. Dezember 2022 11:46:00 CET Thorsten Kukuk wrote:
Hi,
The move from wicked to NetworkManager as default for everything during the last months revealed some (welcomed) side effects: since several weeks sysconfig-netconfig is no longer installed on a fresh default installation.
Why is this welcomed and good? netconfig is a nice abstraction layer for network stack configuration, you don't need to care which network stack get's used, the config is always the same. But this is also the problem: by supporting several kinds of network stacks, you can mostly only support the lowest common denominator and not all features of a stack are useable. And this means: - we have to maintain code where we don't need the main functionality anymore - users are by default restricted in the use of NetworkManager - packagers have to write and maintain additional scripts for netconfig instead of using the upstream ones for NetworkManager But we have only NetworkManager left.
As a result we took a deeper look at which packages are still using /etc/sysconfig/network. To be said, the absolute majority of the scripts I looked at are broken and don't work anymore, partly since about 10 years. And nobody noticed...
While there are no plans to active drop sysconfig-netconfig and wicked, it also does not make sense to maitain scripts not used anymore or broken since a long time while limiting ourself for every installation.
So going forward, please us the native NetworkManager APIs for your packages.
The /etc/sysconfig/network hierachie get's removed from filesystem.rpm, so that people don't see them and assume they are used by default. You can of course still install sysconfig-netconfig (which will create the directories) and use them.
For some netconfig functionality, we have packages which provide the functionality native with NetworkManager: GNOME:Next/NetworkManager-dns-bind GNOME:Next/NetworkManager-dns-dnsmasq
Testers and feedback to the maintainer are always welcome.
There are no plans to automatically migrate from wicked and sysconfig-netconfig to plain NetworkManager. Since some tools write their configuration data to different locations depending on the network stack (like firewalld), an automatic conversation would be pretty complex next to impossible. And there are currently no plans to drop this tools. But long term, you should migrate to NetworkManager if you haven't done yet.
Between, there are still packages requiring sysconfig.rpm. There seems to be a common misunderstanding: sysconfig.rpm is not used for /etc/sysconfig config files, even if the name may implies this. Currently, only wicked and YaST2 uses this package. Where I'm not sure if YaST is really using it or if this is an old, obsolete or wrong requires.
Thorsten
-- Thorsten Kukuk, Distinguished Engineer, Senior Architect, Future Technologies SUSE Software Solutions Germany GmbH, Frankenstraße 146, 90461 Nuernberg, Germany Managing Director: Ivo Totev, Andrew Myers, Andrew McDonald, Martje Boudien Moerman (HRB 36809, AG Nürnberg)
On Montag, 12. Dezember 2022 17:14:50 CET Thorsten Kukuk wrote:
On Mon, Dec 12, mh@mike.franken.de wrote:
Hi all,
trying to zypper rm sysconfig-netconfig I get
Reading installed packages... Resolving package dependencies...
The following 8 packages are going to be REMOVED: libguestfs libguestfs-winsupport perl-Sys-Guestfs python3-libguestfs
python3-virt-bootstrap supermin
sysconfig-netconfig wicked
8 packages to remove. After the operation, 11.3 MiB will be freed.
This system is running the latest Tumbleweed snapshot.
But is not a fresh default installation as I wrote. Please read careful.
You are still using wicked, and wicked requires netconfig.
no, I don't use wicked, I use NetworkManager, wicked is just still installed for whatever reason. But you are right, it is not a fresh installed system.
Thorsten
Bye. Michael.
On Mon, 12 Dec 2022 17:29:53 +0100, mh@mike.franken.de wrote:
On Montag, 12. Dezember 2022 17:14:50 CET Thorsten Kukuk wrote:
On Mon, Dec 12, mh@mike.franken.de wrote:
trying to zypper rm sysconfig-netconfig I get
Reading installed packages... Resolving package dependencies... The following 8 packages are going to be REMOVED: libguestfs libguestfs-winsupport perl-Sys-Guestfs python3-libguestfs python3-virt-bootstrap supermin sysconfig-netconfig wicked 8 packages to remove. After the operation, 11.3 MiB will be freed.
This system is running the latest Tumbleweed snapshot.
But is not a fresh default installation as I wrote. Please read careful.
You are still using wicked, and wicked requires netconfig.
no, I don't use wicked, I use NetworkManager, wicked is just still installed for whatever reason. But you are right, it is not a fresh installed system.
I am completely ignorant of what package installation/removal will do with the current network configuration, but what would be the effect of: zypper in -D \!sysconfig-netconfig , where zypper would remove sysconfig-netconfig but try to install alternatives in order to keep dependent packages installed? -- Robert Webb
participants (8)
-
Andrei Borzenkov
-
Eric Schirra
-
Jiri Slaby
-
mh@mike.franken.de
-
Neal Gompa
-
Robert Webb
-
Simon Lees
-
Thorsten Kukuk