summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--contrib/bash-completion63
-rw-r--r--docs/examples/bonding15
-rw-r--r--docs/examples/bridge14
-rw-r--r--docs/examples/ethernet-dhcp12
-rw-r--r--docs/examples/ethernet-iproute10
-rw-r--r--docs/examples/ethernet-static22
-rw-r--r--docs/examples/pppoe34
-rw-r--r--docs/examples/tunnel-he-ipv619
-rw-r--r--docs/examples/tuntap15
-rw-r--r--docs/examples/vlan-dhcp11
-rw-r--r--docs/examples/vlan-static22
-rw-r--r--docs/examples/wireless-open10
-rw-r--r--docs/examples/wireless-wep17
-rw-r--r--docs/examples/wireless-wep-string-key12
-rw-r--r--docs/examples/wireless-wpa16
-rw-r--r--docs/examples/wireless-wpa-config12
-rw-r--r--docs/examples/wireless-wpa-configsection31
-rw-r--r--docs/examples/wireless-wpa-static18
-rw-r--r--docs/netctl.1.txt141
-rw-r--r--docs/netctl.profile.5.txt599
-rw-r--r--docs/netctl.special.7.txt55
-rw-r--r--services/netctl-auto@.service8
-rw-r--r--services/netctl-ifplugd@.service7
-rw-r--r--services/netctl.service7
-rw-r--r--services/netctl@.service9
-rwxr-xr-xsrc/ifplugd.action29
-rw-r--r--src/lib/8021x341
-rwxr-xr-xsrc/lib/auto.action85
-rw-r--r--src/lib/connections/bond41
-rw-r--r--src/lib/connections/bridge53
-rw-r--r--src/lib/connections/ethernet276
-rw-r--r--src/lib/connections/pppoe55
-rw-r--r--src/lib/connections/tunnel34
-rw-r--r--src/lib/connections/tuntap32
-rw-r--r--src/lib/connections/vlan34
-rw-r--r--src/lib/connections/wireless137
-rw-r--r--src/lib/globals159
-rw-r--r--src/lib/ip215
-rwxr-xr-x[-rw-r--r--]src/lib/network419
-rw-r--r--src/lib/rfkill85
-rwxr-xr-xsrc/netctl232
-rwxr-xr-xsrc/netctl-auto137
-rwxr-xr-xsrc/wifi-menu76
43 files changed, 1674 insertions, 1945 deletions
diff --git a/contrib/bash-completion b/contrib/bash-completion
index dab52ea..b47d92b 100644
--- a/contrib/bash-completion
+++ b/contrib/bash-completion
@@ -1,49 +1,30 @@
-# netcfg completion
+# netctl completion
-_netcfg ()
+_netctl()
{
- local cur prev opts lopts cmds prfls
+ local cur prev prof
- COMPREPLY=()
- cur="${COMP_WORDS[COMP_CWORD]}"
- prev="${COMP_WORDS[COMP_CWORD-1]}"
+ cur=${COMP_WORDS[COMP_CWORD]}
+ prev=${COMP_WORDS[COMP_CWORD-1]}
+ prof=$(find -L /etc/network.d -maxdepth 1 -type f -not -name '.*' -not -name '*~' -not -name '*.conf' -not -name '*.service' -printf "%f\n")
- opts="-l -c -u -r -R -d -D -a -v -h"
- lopts="--help --version"
- cmds="list current check-iface up reconnect iface-recon down iface-down all-down all-suspend"
- prfls="$(find -L /etc/network.d/ -maxdepth 1 -type f -not -name '*~' -not -name '*.conf' -not -name '.*' -printf '%f\n')"
-
- case "${prev}" in
- -R|iface-recon|-D|iface-down)
- COMPREPLY=( $( compgen -W "$(ls /run/network/interfaces/)" -- $cur ) )
- return 0
- ;;
- -r|reconnect|-d|down)
- COMPREPLY=( $( compgen -W "$(ls /run/network/profiles/)" -- $cur ) )
- return 0
- ;;
- -c|check-iface|-u|up)
- COMPREPLY=( $( compgen -W "${prfls}" -- $cur ) )
- return 0
- ;;
- esac
-
- case "${cur}" in
- --*)
- COMPREPLY=( $( compgen -W "${lopts}" -- $cur ) )
- return 0
- ;;
- -*)
- COMPREPLY=( $( compgen -W "${opts} ${lopts}" -- $cur ) )
- return 0
- ;;
- *)
- ((COMP_CWORD == 1)) && \
- COMPREPLY=( $( compgen -W "${opts} ${lopts} ${cmds} ${prfls}" -- $cur ) )
+ case $COMP_CWORD in
+ 1)
+ COMPREPLY=( $(compgen -W "--help --version list store restore stop-all start stop restart switch-to status enable disable reenable" -- $cur) )
+ ;;
+ 2)
+ case $prev in
+ start|stop|restart|switch-to|status|enable|disable|reenable)
+ mapfile -t COMPREPLY < <(IFS=$'\n'; compgen -W "$prof" -- $cur)
;;
+ esac
+ ;;
+ *)
+ COMPREPLY=()
+ ;;
esac
+} &&
+complete -F _netctl netctl
- return 0
-}
-complete -F _netcfg netcfg
+# ex: ts=4 sw=4 et filetype=sh
diff --git a/docs/examples/bonding b/docs/examples/bonding
index e8d4a7f..090892d 100644
--- a/docs/examples/bonding
+++ b/docs/examples/bonding
@@ -1,9 +1,6 @@
-CONNECTION="bond"
-DESCRIPTION='Bond Interface'
-INTERFACE='bond0'
-IP='static'
-ADDR="10.0.0.1"
-NETMASK="255.0.0.0"
-SLAVE_INTERFACES=("eth0" "eth2")
-SKIPNOCARRIER="yes"
-
+Description='Bond Interface'
+Interface='bond0'
+Connection=bond
+BindsToInterfaces=(eth0 eth2)
+IP=static
+Address="10.0.0.1/8"
diff --git a/docs/examples/bridge b/docs/examples/bridge
index bd422fa..f8d2915 100644
--- a/docs/examples/bridge
+++ b/docs/examples/bridge
@@ -1,9 +1,9 @@
-INTERFACE="br0"
-CONNECTION="bridge"
-DESCRIPTION="Example Bridge connection"
-BRIDGE_INTERFACES="eth0 eth1 tap0"
-IP="dhcp"
+Description="Example Bridge connection"
+Interface=br0
+Connection=bridge
+BindsToInterfaces=(eth0 eth1 tap0)
+IP=dhcp
## sets forward delay time
-#FWD_DELAY=0
+#FWDDelay=0
## sets max age of hello message
-#MAX_AGE=10
+#MaxAge=10
diff --git a/docs/examples/ethernet-dhcp b/docs/examples/ethernet-dhcp
index 0719632..5866238 100644
--- a/docs/examples/ethernet-dhcp
+++ b/docs/examples/ethernet-dhcp
@@ -1,9 +1,9 @@
-CONNECTION='ethernet'
-DESCRIPTION='A basic dhcp ethernet connection using iproute'
-INTERFACE='eth0'
-IP='dhcp'
+Description='A basic dhcp ethernet connection using iproute'
+Interface=eth0
+Connection=ethernet
+IP=dhcp
## for DHCPv6
-#IP6='dhcp'
+#IP6=dhcp
## for IPv6 autoconfiguration
-#IP6='stateless'
+#IP6=stateless
diff --git a/docs/examples/ethernet-iproute b/docs/examples/ethernet-iproute
index d22dd17..972f5bb 100644
--- a/docs/examples/ethernet-iproute
+++ b/docs/examples/ethernet-iproute
@@ -1,7 +1,7 @@
-CONNECTION='ethernet'
-DESCRIPTION='A more versatile static ethernet connection using iproute'
-INTERFACE='eth0'
-IP='static'
+Description='A more versatile static ethernet connection using iproute'
+Interface=eth0
+Connection=ethernet
+IP=static
# Any valid iproute command can be placed in this array
-IPCFG=('addr add dev eth0 192.168.1.23/24 brd +' 'route add default via 192.168.1.1')
+IPCustom=('addr add dev eth0 192.168.1.23/24 brd +' 'route add default via 192.168.1.1')
DNS=('192.168.1.1')
diff --git a/docs/examples/ethernet-static b/docs/examples/ethernet-static
index ea88bde..0d6b5a2 100644
--- a/docs/examples/ethernet-static
+++ b/docs/examples/ethernet-static
@@ -1,17 +1,17 @@
-CONNECTION='ethernet'
-DESCRIPTION='A basic static ethernet connection using iproute'
-INTERFACE='eth0'
-IP='static'
-ADDR='192.168.1.23'
-#ROUTES=('192.168.0.0/24 via 192.168.1.2')
-GATEWAY='192.168.1.1'
+Description='A basic static ethernet connection using iproute'
+Interface=eth0
+Connection=ethernet
+IP=static
+Address='192.168.1.23'
+#Routes=('192.168.0.0/24 via 192.168.1.2')
+Gateway='192.168.1.1'
DNS=('192.168.1.1')
## For IPv6 autoconfiguration
#IP6=stateless
## For IPv6 static address configuration
-#IP6='static'
-#ADDR6=('1234:5678:9abc:def::1/64' '1234:3456::123/96')
-#ROUTES6=('abcd::1234')
-#GATEWAY6='1234:0:123::abcd'
+#IP6=static
+#Address6=('1234:5678:9abc:def::1/64' '1234:3456::123/96')
+#Routes6=('abcd::1234')
+#Gateway6='1234:0:123::abcd'
diff --git a/docs/examples/pppoe b/docs/examples/pppoe
index c11d125..74cc9ff 100644
--- a/docs/examples/pppoe
+++ b/docs/examples/pppoe
@@ -1,33 +1,33 @@
-CONNECTION='pppoe'
-DESCRIPTION='Example PPPoE connection'
-INTERFACE='eth0'
-USER='example@yourprovider.com'
-PASSWORD='very secret'
+Description='Example PPPoE connection'
+Interface=eth0
+Connection=pppoe
+User='example@yourprovider.com'
+Password='very secret'
# Always keep a connection established
-CONNECTION_MODE='persist'
+ConnectionMode='persist'
# Establish connection on demand
-#CONNECTION_MODE='demand'
-#IDLE_TIMEOUT=300
+#ConnectionMode='demand'
+#IdleTimeout=300
# Use default route provided by the peer (default: true)
-#DEFAULTROUTE=1
+#DefaultRoute=true
# Use DNS provided by the peer (default: true)
-#USEPEERDNS=1
+#UsePeerDNS=true
# Override default LCP parameters from /etc/ppp/options
-#LCP_ECHO_INTERVAL=15
-#LCP_ECHO_FAILURE=10
+#LCPEchoInterval=15
+#LCPEchoFailure=10
# PPPoE options - experts only
#
# PPPoE service name
-#PPPOE_SERVICE=''
+#PPPoEService=''
# PPPoE access concentrator name
-#PPPOE_AC=''
+#PPPoEAC=''
# Attach to existing session (sessid:macaddr)
-#PPPOE_SESSION=''
+#PPPoESession=''
# Only connect to specified MAC address
-#PPPOE_MAC=''
+#PPPoEMAC=''
# Enable IPv6 support
-#PPPOE_IP6='yes'
+#PPPoEIP6=yes
diff --git a/docs/examples/tunnel-he-ipv6 b/docs/examples/tunnel-he-ipv6
index 81b18ad..2a19406 100644
--- a/docs/examples/tunnel-he-ipv6
+++ b/docs/examples/tunnel-he-ipv6
@@ -1,11 +1,10 @@
-CONNECTION='tunnel'
-DESCRIPTION='An example ipv6 tunnel with Hurricane Electric'
+Description='An example ipv6 tunnel with Hurricane Electric'
+Interface=he-ipv6
+Connection=tunnel
+Mode='sit'
+Remote='216.66.80.26'
+#Local='172.16.0.1'
-INTERFACE='he-ipv6'
-MODE='sit'
-REMOTE='216.66.80.26'
-#LOCAL='172.16.0.1'
-
-IP6='static'
-ADDR6='2001:470:1f08:d87::2/64'
-ROUTES6=('::/0')
+IP6=static
+Address6='2001:470:1f08:d87::2/64'
+Routes6=('::/0')
diff --git a/docs/examples/tuntap b/docs/examples/tuntap
index 1563520..8ce78ac 100644
--- a/docs/examples/tuntap
+++ b/docs/examples/tuntap
@@ -1,11 +1,10 @@
-INTERFACE='tun0'
-CONNECTION='tuntap'
-MODE='tun'
-USER='nobody'
-GROUP='nobody'
+Interface=tun0
+Connection=tuntap
+Mode='tun'
+User='nobody'
+Group='nobody'
## Example IP configuration
-#IP='static'
-#SKIPNOCARRIER='yes'
-#ADDR='10.10.1.2'
+#IP=static
+#Address='10.10.1.2'
diff --git a/docs/examples/vlan-dhcp b/docs/examples/vlan-dhcp
index 8c6ad23..c412618 100644
--- a/docs/examples/vlan-dhcp
+++ b/docs/examples/vlan-dhcp
@@ -1,5 +1,6 @@
-INTERFACE="eth0.55"
-VLAN_PHYS_DEV="eth0"
-VLAN_ID="55"
-CONNECTION="vlan"
-IP="dhcp"
+Interface=eth0.55
+Connection=vlan
+# The variable name is plural, but needs precisely one interface
+BindsToInterfaces=eth0
+VLANID=55
+IP=dhcp
diff --git a/docs/examples/vlan-static b/docs/examples/vlan-static
index b7b9753..f9e1ae5 100644
--- a/docs/examples/vlan-static
+++ b/docs/examples/vlan-static
@@ -1,12 +1,12 @@
-INTERFACE="eth0.11"
-VLAN_PHYS_DEV="eth0"
-VLAN_ID="11"
-CONNECTION="vlan"
-IP="static"
-ADDR="192.168.0.100"
-NETMASK="255.255.255.0"
-GATEWAY="192.168.0.1"
+Interface=eth0.11
+Connection=vlan
+# The variable name is plural, but needs precisely one interface
+BindsToInterfaces=eth0
+VLANID=11
+IP=static
+Address="192.168.0.100/24"
+Gateway="192.168.0.1"
DNS=("192.168.0.2")
-HOSTNAME="myhost"
-DOMAIN="mydomain.com"
-SEARCH="mydomain.com"
+Hostname="myhost"
+DNSDomain="mydomain.com"
+DNSSearch="mydomain.com"
diff --git a/docs/examples/wireless-open b/docs/examples/wireless-open
index db8d6ef..f4bf9bb 100644
--- a/docs/examples/wireless-open
+++ b/docs/examples/wireless-open
@@ -1,8 +1,8 @@
-CONNECTION='wireless'
-DESCRIPTION='A simple opened wireless connection'
-INTERFACE='wlan0'
-SECURITY='none'
+Description='A simple opened wireless connection'
+Interface=wlan0
+Connection=wireless
+Security=none
ESSID='MyNetwork'
IP='dhcp'
# Uncomment this if your ssid is hidden
-#HIDDEN=yes
+#Hidden=yes
diff --git a/docs/examples/wireless-wep b/docs/examples/wireless-wep
index b16f65e..479b8a3 100644
--- a/docs/examples/wireless-wep
+++ b/docs/examples/wireless-wep
@@ -1,11 +1,12 @@
-CONNECTION='wireless'
-DESCRIPTION='A simple WEP encrypted wireless connection'
-INTERFACE='wlan0'
-SECURITY='wep'
+Description='A simple WEP encrypted wireless connection'
+Interface=wlan0
+Connection=wireless
+Security=wep
ESSID='MyNetwork'
-KEY='1234567890'
+# Prepend hexadecimal keys with \"
+Key=\"1234567890abcdef
IP='dhcp'
# Uncomment this if your ssid is hidden
-#HIDDEN=yes
-## Uncomment if you are using an ad-hoc connection
-#ADHOC=1
+#Hidden=yes
+# Uncomment if you are using an ad-hoc connection
+#AdHoc=yes
diff --git a/docs/examples/wireless-wep-string-key b/docs/examples/wireless-wep-string-key
index ebc4b0a..12483c0 100644
--- a/docs/examples/wireless-wep-string-key
+++ b/docs/examples/wireless-wep-string-key
@@ -1,9 +1,9 @@
-CONNECTION='wireless'
-DESCRIPTION='A simple WEP encrypted wireless connection'
-INTERFACE='wlan0'
-SECURITY='wep'
+Description='A simple WEP encrypted wireless connection'
+Interface=wlan0
+Connection=wireless
+Security=wep
ESSID='MyNetwork'
-KEY='s:Wireless Key'
+Key='Wireless Key'
IP='dhcp'
# Uncomment this if your ssid is hidden
-#HIDDEN=yes
+#Hidden=yes
diff --git a/docs/examples/wireless-wpa b/docs/examples/wireless-wpa
index e2511f3..16d17e9 100644
--- a/docs/examples/wireless-wpa
+++ b/docs/examples/wireless-wpa
@@ -1,14 +1,14 @@
-CONNECTION='wireless'
-DESCRIPTION='A simple WPA encrypted wireless connection'
-INTERFACE='wlan0'
-SECURITY='wpa'
+Description='A simple WPA encrypted wireless connection'
+Interface=wlan0
+Connection=wireless
+Security=wpa
ESSID='MyNetwork'
-## Uncomment if the supplied ESSID is hexadecimal
-#ESSID_TYPE='hex'
-KEY='WirelessKey'
+# Prepend hexadecimal keys with \"
+# If your key starts with ", write it as '"""<key>"'
+Key='WirelessKey'
IP='dhcp'
# Uncomment this if your ssid is hidden
-#HIDDEN=yes
+#Hidden=yes
diff --git a/docs/examples/wireless-wpa-config b/docs/examples/wireless-wpa-config
index 955d845..e598dce 100644
--- a/docs/examples/wireless-wpa-config
+++ b/docs/examples/wireless-wpa-config
@@ -1,8 +1,8 @@
-CONNECTION='wireless'
-DESCRIPTION='A wpa_supplicant configuration based wireless connection'
-INTERFACE='wlan0'
-SECURITY='wpa-config'
-WPA_CONF='/etc/wpa_supplicant.conf'
+Description='A wpa_supplicant configuration based wireless connection'
+Interface=wlan0
+Connection=wireless
+Security=wpa-config
+WPAConfigFile='/etc/wpa_supplicant.conf'
IP='dhcp'
# Uncomment this if your ssid is hidden
-#HIDDEN=yes
+#Hidden=yes
diff --git a/docs/examples/wireless-wpa-configsection b/docs/examples/wireless-wpa-configsection
index d6cc8ad..dde9ccd 100644
--- a/docs/examples/wireless-wpa-configsection
+++ b/docs/examples/wireless-wpa-configsection
@@ -1,17 +1,18 @@
-CONNECTION='wireless'
-INTERFACE=wlan0
-SECURITY='wpa-configsection'
+Interface=wlan0
+Connection=wireless
+Security=wpa-configsection
# Uncomment this if your ssid is hidden
-#HIDDEN=yes
+#Hidden=yes
IP='dhcp'
-CONFIGSECTION='
- ssid="University"
- key_mgmt=WPA-EAP
- eap=TTLS
- group=TKIP
- pairwise=TKIP CCMP
- anonymous_identity="anonymous"
- identity="myusername"
- password="mypassword"
- priority=1
- phase2="auth=PAP"'
+WPAConfigSection=(
+ 'ssid="University"'
+ 'key_mgmt=WPA-EAP'
+ 'eap=TTLS'
+ 'group=TKIP'
+ 'pairwise=TKIP CCMP'
+ 'anonymous_identity="anonymous"'
+ 'identity="myusername"'
+ 'password="mypassword"'
+ 'priority=1'
+ 'phase2="auth=PAP"'
+)
diff --git a/docs/examples/wireless-wpa-static b/docs/examples/wireless-wpa-static
index 25da514..66b6970 100644
--- a/docs/examples/wireless-wpa-static
+++ b/docs/examples/wireless-wpa-static
@@ -1,12 +1,12 @@
-CONNECTION='wireless'
-DESCRIPTION='A simple WPA encrypted wireless connection using a static IP'
-INTERFACE='wlan0'
-SECURITY='wpa'
+Description='A simple WPA encrypted wireless connection using a static IP'
+Interface=wlan0
+Connection=wireless
+Security=wpa
ESSID='MyNetwork'
-KEY='WirelessKey'
-IP='static' # Any other CONNECTION='ethernet' options may be used.
-ADDR='192.168.1.23'
-GATEWAY='192.168.1.1'
+Key='WirelessKey'
+IP=static
+Address='192.168.1.23'
+Gateway='192.168.1.1'
DNS=('192.168.1.1')
# Uncomment this if your ssid is hidden
-#HIDDEN=yes
+#Hidden=yes
diff --git a/docs/netctl.1.txt b/docs/netctl.1.txt
index 54fbd78..06638a2 100644
--- a/docs/netctl.1.txt
+++ b/docs/netctl.1.txt
@@ -1,91 +1,92 @@
-NETCFG(8)
+NETCTL(1)
=========
NAME
----
-netcfg - start/stop/control network profiles
+netctl - Control the netctl network profile manager
SYNOPSIS
--------
-netcfg [_options_]
+*netctl* {*COMMAND*} [+PROFILE+]
-netcfg *profile*
+*netctl* [--help | --version]
DESCRIPTION
-----------
-*netcfg* is used to configure and manage network connections via
-profiles. It has pluggable support for a range of connection types, such
-as wireless, ethernet, ppp. It is also capable of starting/stopping many
-to one connections, that is, multiple connections within the same
-profile, optionally with bonding.
-
-It may be run at boot, by enabling the 'netcfg' systemd service, or, on
-legacy systems, by adding 'net-profiles' to +DAEMONS+ in '/etc/rc.conf'.
-After boot time, it may be used to start profiles, simply by passing only
-the profile name.
-
-When run without options, `netcfg profile` is equivalent to `netcfg -u
-profile`.
+*netctl* may be used to introspect and control the state of the systemd
+services for the network profile manager.
OPTIONS
-------
-*-l, list*::
- List all available profiles
-*current*::
- Report currently running profiles
-*-c, check-iface* _profile_::
- Start the specified profile, only if it's interface is not currently up.
-*-u, up* _profile_::
- Start the specified profile
-*-r, reconnect* _profile_::
- Disconnect and reconnect the specified profile
-*-R, iface-recon* _interface_::
- Reconnect profile active on specified interface
-*-d, down* _profile_::
- Stop the specified profile
-*-D, iface-down* _interface_::
- Stop the profile up on the specified interface.
-*-a, all-down*::
- Stop all connected profiles
-*all-suspend*::
- Suspend and store the name of all active profiles.
-*all-resume*::
- Reconnect any profiles that have been suspended.
-*-v, --version*::
- Display version information and exit
-*-h, --help*::
- Display help message and exit
-
-
-CONFIGURATION FILES
--------------------
-'/etc/conf.d/netcfg'::
- Parameters for startup.
-'/etc/network.d/'::
- User-defined profiles.
-
-
-FILES
------
-'/usr/lib/network/connections/'::
- Currently installed network profile types.
-'/etc/network.d/examples/'::
- Example profiles.
-'/usr/share/doc/netcfg/contrib/'::
- Inspirational scripts.
-
-
-ENVIRONMENT VARIABLES
----------------------
-+NETCFG_DEBUG+::
- Set to 1 to activate debug output.
+The following commands are understood:
+
+*list*::
+ List all available profiles. Active profiles will be marked with a
+ `*'.
+
+*store*::
+ Saves which profiles are currently active.
+
+*restore*::
+ Loads the profiles that were active during the last invocation of
+ `*store*'.
+
+*stop-all*::
+ Stops all active network profiles.
+
+*start [+PROFILE+]*::
+ Start the network profile specified on the command line.
+
+*stop [+PROFILE+]*::
+ Stop the network profile specified on the command line.
+
+*restart [+PROFILE+]*::
+ Restart the network profile specified on the command line. If it is
+ not started yet, it will be started.
+
+*switch-to [+PROFILE+]*::
+ Starts the network profile specified on the command line after
+ stopping all profiles that refer to the same interface.
+
+*status [+PROFILE+]*::
+ Show terse runtime status information about a profile, followed by
+ its most recent log data from the journal.
+
+*enable [+PROFILE+]*::
+ Enable the systemd unit for the profile specified. This will create
+ a unit configuration file. If the file already exists, the command
+ fails. No other profiles than the one specified will be enabled.
+ Changes to the general options in a profile specification will not
+ propagate to the unit configuration file automatically. After such
+ changes, it is necessary to `*reenable*' the profile.
+
+*disable [+PROFILE+]*::
+ Disable the systemd unit for the profile specified. This will remove
+ the file created by `*enable*' even if it was customized, so be
+ carefull.
+
+*reenable [+PROFILE+]*::
+ Reenable the systemd unit for the profile specified. This is
+ effectively a combination of `*disable*' and `*enable*'.
+
+
+EXIT STATUS
+-----------
+On success 0 is returned, a non-zero failure code otherwise.
+
+
+ENVIRONMENT
+-----------
+'$NETCTL_DEBUG'::
+ If set to `"yes"`, debugging output is generated.
+'$NETCTL_STATE_FILE'::
+ The location of the state file. Defaults to
+ '/var/lib/netctl/netctl.state'.
SEE ALSO
--------
-*netcfg-profiles*(5) on how to configure netcfg.
-
-include::footer.txt[]
+*netctl.profile*(5) *netctl.special*(7) *systemctl*(1)
diff --git a/docs/netctl.profile.5.txt b/docs/netctl.profile.5.txt
index f929e47..21ea52c 100644
--- a/docs/netctl.profile.5.txt
+++ b/docs/netctl.profile.5.txt
@@ -1,321 +1,362 @@
-NETCFG-PROFILES(5)
-==================
+NETCTL.PROFILE(5)
+=================
NAME
----
-netcfg-profiles - netcfg profiles documentation and syntax
+netctl.profile - Profile options
+
+
+SYNOPSIS
+--------
+netctl.profile
DESCRIPTION
-----------
-The *netcfg*(8) profiles are plain text files that defines variables for
-netcfg behavior. They must be compliant with *bash*(1) shell syntax and
-usually do not execute any code.
+Profiles for netctl live under '/etc/network.d/' and are plain text
+files. The files consist of variable definitions following the bash
+shell syntax and are not expected to execute any code. It is good to
+omit as much quoting as possible. For a few WPA-related variables,
+special quoting rules (see below) apply.
-They are named '/etc/network.d/$\{profile_name}', where
-+$\{profile_name\}+ must not contain a newline character and should not
-start with the `@'-sign.
+The name of the profile is the name of the file. Profile names must not
+contain newlines and should not end in '.service' or '.conf'. Whenever a
+profile is read, all executable scripts in '/etc/network.d/hooks/' and
+any executable script in '/etc/network.d/interfaces/' with the name of
+the interface for the profile are sourced. For each connection type,
+there are example profile files in '/etc/network.d/examples/'.
-OVERVIEW
---------
-Profiles must define mandatory variables:
+AVAILABLE CONNECTION TYPES
+--------------------------
++ethernet+::
+ For wired connections.
++wireless+::
+ For wireless connections. This connection type requires
+ *wpa_supplicant* to be available.
++bond+::
+ Network bonding. This connection type requires *ifenslave* to be
+ available.
++bridge+::
+ Network bridging. This connection type requires *brctl* to be
+ available.
++pppoe+::
+ For PPPoE connections.
++tunnel+::
+ For tunnel interfaces.
++tuntap+::
+ For TUN/TAP interfaces.
++vlan+::
+ For VLANs on ethernet-like connections.
+
+
+GENERAL OPTIONS
+---------------
+'Description='::
+ A description of the profile.
+
+'Connection=' [mandatory for all profiles]::
+ The connection type used by the profile.
+
+'Interface=' [mandatory for all profiles]::
+ The name of the associated network interface. The interface name
+ should not be quoted.
+
+'BindsToInterfaces=()'::
+ An array of physical network interfaces that this profile needs
+ before it can be started. For `enabled' profiles, *systemd* will
+ wait for the presence of the specified interfaces before starting a
+ profile. If this variable is not specified, it defaults to the value
+ of 'Interface'.
+
+'After=()'::
+ An array of profile names that should be started before this profile
+ is started. This is only an ordering dependency and is not intended
+ to be a list of profiles that this profile requires. The meaning is
+ the same as 'After' in *systemd.unit*(5).
+
+'ExecUpPost='::
+ A command that is executed after a connection is established. If the
+ specified command returns anything other than 0 (success), *netctl*
+ will abort and stop the profile. If the command should be allowed to
+ fail, add ``|| true`' to the end of it.
+
+'ExecDownPre='::
+ A command that is executed after a connection is brought down.
+ Similar precautions should be taken as with 'ExecUpPost'.
+
+
+IP OPTIONS
+----------
+These options apply to all connections that set up an IP-enabled
+network. In particular, these connection types are +ethernet+,
++wireless+, +bond+, +bridge+, +tunnel+, +tuntap+, and +vlan+.
+
+'IP=' [mandatory for IPv4]::
+ One of `static', `dhcp', or `no', depending on the desired way of
+ obtaining an address.
+
+'IP6=' [mandatory for IPv6]::
+ One of `static', `stateless', `dhcp-noaddr', `dhcp', `no' or left
+ out (empty) altogether. The difference between not specifying and
+ setting to `no' is in the handling of __router advertisement__
+ packages, which is blocked by `no'.
+
+'Address=()' [requires 'IP=static']::
+ An array of IP addresses, optionally suffixed with ``/<netmask>`',
+ where netmask is an integer between 0 and 255. The default netmask
+ is 24. Leaving out brackets for arrays consisting of a single
+ element is accepted in the Bash syntax.
+
+'Gateway=' [requires 'IP=static']::
+ An IP routing gateway address.
+
+'Routes='::
+ An array of custom routes of the form +
+ `**<address range>** via **<gateway>**'.
+
+'Address6=()' [requires 'IP6=static']::
+ An array of IPv6 addresses. Prefix length may be specified via
+ `1234:bcd::11/64' syntax.
+
+'Gateway6=' [requires 'IP6=static']::
+ An IPv6 routing gateway address.
+
+'Routes6='::
+ An array of custom routes of the form +
+ `**<address range>** via **<gateway>**'.
+
+'DHCPClient=' [requires a DHCP setting]::
+ The name of the preferred DHCP client. Supported options are
+ `dhcpcd' and `dhclient'. Defaults to `dhcpcd'.
+
+'IPCustom=()'::
+ An array of argument lines to pass to `ip`. This can be used to
+ achieve complicated configurations within the framework of *netctl*.
+
+'Hostname='::
+ A system hostname.
+
+'DNS=()'::
+ An array of DNS nameservers. Simply specify the IP addresses of each
+ of the DNS nameservers.
-+INTERFACE+::
- The name of the associated network interface.
-+DESCRIPTION+::
- A description of the profile.
-+CONNECTION+::
- The connection type used by the profile.
+'DNSDomain='::
+ A ``domain`' line for '/etc/resolv.conf'.
-Connections define how the network is set up for the profile and also
-determine additional configuration variable that control their
-behavior. The available connection types are determined by files in
-'/usr/lib/network/connections/'.
+'DNSSearch='::
+ A ``search`' line for '/etc/resolv.conf'.
+'DNSOptions=()'::
+ An array of ``options`' lines for '/etc/resolv.conf'.
-Available connections
----------------------
-ethernet::
- Standard network configuration, suitable for wired connections.
-wireless::
- Wireless connection, with *wpa_supplicant*(1) as configuration
- back-end.
-bond::
- Bonded network interfaces using *ifenslave*.
-bridge::
- Network bridge setup using *brctl*(8).
-tuntap::
- TUN/TAP interfaces.
-tunnel::
- Tunnel interfaces.
-vlan::
- VLAN setup.
-openvpn::
- OpenVPN setup.
-ppp::
- PPP connections setup.
-pppoe::
- PPPoE connections setup.
-
-The configuration variable for these connection types is described in
-the following sections.
-
-
-Ethernet options reference
---------------------------
+'TimeoutDHCP='::
+ Maximum time, in seconds, to wait for DHCP to be successful.
+ Defaults to ``10`'.
-Description
-~~~~~~~~~~~
-This connection method uses the iproute suite of tools and dhcpcd to
-gain an IP address.
-
-+IP+ (required for IPv4)::
- Either `static' or `dhcp'. Set to `no' to have netcfg bring the interface
- up but assign no addresses. Static requires at least one of +ADDR+ or
- +IPCFG+.
-
-IPv4 options
-~~~~~~~~~~~~
-+ADDR+ (requires +IP+ of `static')::
- A single IP address to configure a static IP.
-+GATEWAY+ (requires +IP+ of `static')::
- Set specified gateway
-+NETMASK+ (requires +IP+ of `static')::
- Set specified netmask. Defaults to 24.
-+ROUTES+::
- An array of custom routes (of the form _address range_ via _gateway_)
-
-IPv6 options
-~~~~~~~~~~~~
-+IP6+ (required for IPv6)::
- Either `dhcp', `dhcp-noaddr', `stateless', `static'. Set to `no' to
- disable IPv6.
-+ADDR6+ (required when +IP6+ is `static')::
- An array of IPv6 addresses: prefix length may be specified via
- `1234:bcd::11/64' syntax.
-+GATEWAY6+ (requires +IP6+ of `static')::
- The gateway address for IPv6 routing.
-+ROUTES6+::
- An array of custom routes (of the form _address range_ via _gateway_)
-+DAD_TIMEOUT+::
- Time to wait for Duplicate Address Detection to succeed. Defaults to
- 3 seconds.
-
-DNS configuration
-^^^^^^^^^^^^^^^^^
-+DNS+::
- Array of DNS nameservers. Simply specify the IP's of each of the DNS
- nameservers.
-+DNS_OPTIONS+::
- Array of ``option'' lines for '/etc/resolv.conf'
-+SEARCH+::
- ``search'' line for '/etc/resolv.conf'
-+DOMAIN+::
- ``domain'' line for '/etc/resolv.conf'
-+HOSTNAME+::
- Set the system hostname. Ensure any hostname is correctly referenced
- in '/etc/hosts'
-
-DHCP configuration
-^^^^^^^^^^^^^^^^^^
-+DHCP_OPTIONS+ (ipv4)::
- String. Any extra arguments to pass to the dhcp client, presently
- dhcpcd.
-+DHCP_TIMEOUT+::
- Integer. Maximum time to try for a DHCP IP. Default is 10 seconds.
-+DHCLIENT+::
- yes/no. Use dhclient instead of dhcpcd. Defaults to no
-+DHCLIENT_OPTIONS+ (ipv4)::
- String. Extra options to pass to dhclient for IPv4.
-+DHCLIENT6_OPTIONS+ (ipv6)::
- String. Extra options to pass to dhclient for IPv6.
-
-802.11x Authentication
-^^^^^^^^^^^^^^^^^^^^^^
-+AUTH8021X+::
- Use 802.11x authentication. Enable with `yes'.
-+WPA_CONF+ (required for an +AUTH8021X+ of `yes' only)::
- Path to wpa_supplicant configuration. Defaults to
- '/etc/wpa_supplicant.conf'
-+WPA_OPTS+ (optional for an +AUTH8021X+ of `yes')::
- Extra arguments for wpa_supplicant not specified otherwise. Any option
- here must specify wpa_supplicant driver. Defaults to _-Dwired_.
-
-Miscellaneous options
-^^^^^^^^^^^^^^^^^^^^^
-+IPCFG+::
- Array of arguments to pass to `ip`. The power of this options is that
- it allows both simple and complicated routing configurations, within
- the framework of netcfg.
-+SKIPNOCARRIER+::
- `yes'/`no'. Don't abort interface setup if no carrier is found.
-
-
-Examples
-~~~~~~~~
-
-Using ADDR and GATEWAY to set static IP and gateway
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
----------------------
-IP="static"
-ADDR="192.168.1.23"
-GATEWAY="192.168.1.1"
----------------------
+'TimeoutDAD='::
+ Maximum time, in seconds, to wait for IPv6's Duplicate Address
+ Detection to succeed. Defaults to ``3`'.
-Using IPCFG to set a static IP and gateway with custom DNS
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
--------------------------------------------------------------------------------------
-IP="static"
-IPCFG=("addr add dev eth0 192.168.1.23/24 brd +" "route add default via 192.168.1.1")
-DNS=("208.67.222.222" "208.67.220.220")
--------------------------------------------------------------------------------------
+OPTIONS FOR `ethernet' CONNECTIONS
+----------------------------------
+Next to the *ip options*, the following are understood for connections
+of the `ethernet' type:
-Wireless options reference
---------------------------
+'SkipNoCarrier='::
+ Whether or not the absence of a carrier (plugged-in cable) is
+ acceptable. Defaults to ``no`'.
-Description
-~~~~~~~~~~~
-This connection method uses wpa_supplicant to configure a wireless
-network connection. This connection uses the 'ethernet' connection after
-successful association and thus supports all of its options.
-
-Options
-~~~~~~~
-+SECURITY+ (required for security of `wep', `wpa', `wpa-configsection' or `wpa-config')::
- One of `wpa', `wep', `none', `wpa-configsection' or `wpa-config'.
- Defaults to `none'.
-+KEY+ (required for +SECURITY+ of `wpa' or `wep' only)::
- Wireless encryption key.
-+ESSID+ (this or +AP+ is required)::
- Name of network to connect to, or hexadecimal digits (see
- `ESSID_TYPE')
-+ESSID_TYPE+ (optional, defaults to `ascii')::
- Set to `ascii' or `hex', if set to `hex', +ESSID+ will be interpreted as
- an hexadecimal +SSID+ and written unquoted to the wpa_supplicant
- configuration file.
-+AP+ (this or +ESSID+ is required)::
- AP (BSSID) of the network to connect to.
-+HIDDEN+ (optional)::
- Define this to connect to hidden ESSIDs.
-+ADHOC+ (optional)::
- Define this to use ad-hoc mode for wireless.
-+TIMEOUT+ (optional)::
- Time to wait for association. Defaults to 15 seconds.
-+SCAN+ (optional)::
- `yes'/`no'. Scan for a wireless network rather than blindly attempting to
- connect. Hidden SSID networks do not appear in a scan.
-+PRIORITY+ (optional)::
- Priority group for the network. The matched network with the highest
- priority will be selected. Defaults to 0.
-
-WPA options
-^^^^^^^^^^^
-+WPA_CONF+ (for +SECURITY+ of `wpa-config' only)::
- Path to wpa_supplicant configuration. Defaults to
- '/etc/wpa_supplicant.conf'
-+WPA_OPTS+::
- Extra arguments for wpa_supplicant not specified otherwise.
-+WPA_GROUP+::
- Group that has authority to configure wpa_supplicant via it's control
- interface. Used in any configuration that is generated by netcfg.
-+WPA_COUNTRY+ (optional, nl80211 based drivers)::
- The country where the device will be used. This allows wpa_supplicant
- to enforce any local regulatory limitations and will allow all
- appropriate channels/frequencies for your device.
-+WPA_DRIVER+ (optional)::
- A comma-separated list of wpa_supplicant driver interfaces to try.
- Defaults to `nl80211,wext'.
-
-rfkill (Radio Kill Switch) options
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-+RFKILL+::
- hard/soft A switch with physical on/off state that cannot be
- controlled via software is considered a *hard* switch. Any switch that
- can be controlled via software is considered *soft*.
-+RFKILL_NAME+::
- Some switches sysfs entries are not linked with the interface. To
- match them up, configure the name from '/sys/class/rfkill/rfkillX/name'
- here so that netcfg can identify which to control.
-
-
-Options for `bridge' connections
---------------------------------
-The options of `ethernet' connections apply to set up standard IP
-connectivity.
+'Auth8021X='::
+ Set to ``yes`' to use 802.11x authentication.
-+BRIDGE_INTERFACES+::
- List of network interfaces taking part in the bridge.
-+FWD_DELAY+::
- Forward delay of the bridge, see *brctl*(8)
-+MAX_AGE+::
- maxage parameter, see *brctl*(8)
+'WPAConfigFile='::
+ Path to a *wpa_supplicant* configuration file. Defaults to
+ '/etc/wpa_supplicant.conf'.
+'WPADriver='::
+ The *wpa_supplicant* driver to use for 802.11x authentication.
+ Defaults to ``wired`'.
-Options for `tuntap' connections
---------------------------------
-The options of `ethernet' connections apply to set up standard IP
-connectivity.
+'TimeoutCarrier='::
+ Maximum time, in seconds, to wait for a carrier. Defaults to ``5`'.
+
+'TimeoutWPA='::
+ Maximum time, in seconds, to wait for 802.11x authentication to
+ succeed. Defaults to ``15`'.
+
+
+OPTIONS FOR `wireless' CONNECTIONS
+----------------------------------
+Next to the *ip options*, the following are understood for connections
+of the `wireless' type:
+
+'Security='::
+ One of `none', `wep', `wpa', `wpa-configsection', or `wpa-config'.
+ Defaults to ``none`'.
+
+'ESSID=' [mandatory]::
+ The name of the network to connect to.
+ Special quoting rules (see below) apply.
+
+'AP='::
+ The BSSID (MAC address) of the access point to connect to.
+
+'Key='::
+ The secret key to a WEP, or WPA encrypted network.
+ Special quoting rules (see below) apply.
-+MODE+::
- Set to `tun' or `tap'.
-+USER+::
- The owning user of the tun/tap interface.
-+GROUP+::
- The owning group of the tun/tap interface.
+'Hidden='::
+ Whether or not the specified network is a hidden network. Defaults
+ to ``no`'.
+'Scan='::
+ Whether or not to scan for the presence of a network before
+ attempting to connect. Hidden networks do not appear in a scan.
+ Defaults to ``no`'.
-Options for `ppp' connections
------------------------------
-+PEER+::
- The *pppd*(8) peer to use.
-+PPP_TIMEOUT+::
- *pppd*(8) timeout.
+'AdHoc='::
+ Whether or not to use ad-hoc mode. Defaults to ``no`'.
+'Country='::
+ The country for which frequency regulations will be enforced.
-Options for `vlan' connections
+'Priority='::
+ Priority group for the network. In case of automatic profile
+ selection, the matched network with the highest priority will be
+ selected. Defaults to ``0`'.
+
+'WPAGroup='::
+ Group that has the authority to configure *wpa_supplicant* via its
+ control interface. Defaults to ``wheel`'.
+
+'WPAConfigSection=()' [mandatory for 'Security=wpa-configsection']::
+ Array of lines that form a network block for *wpa_supplicant*.
+
+'WPAConfigFile='::
+ Path to a *wpa_supplicant* configuration file. Defaults to
+ '/etc/wpa_supplicant.conf'. Used for 'Security=wpa-config'.
+
+'WPADriver='::
+ The *wpa_supplicant* driver to use. Defaults to ``nl80211,wext`'.
+
+'TimeoutWPA='::
+ Maximum time, in seconds, to wait for steps in the association and
+ authentication to succeed. Defaults to ``15`'.
+
+'RFKill='::
+ The name of an *rfkill* device. When specified, the device is used
+ to block/unblock the interface when appropriate. Names can be found
+ in '/sys/class/rfkill/rfkillX/name'. It is also possible to set this
+ variable to ``auto`'. In that case an *rfkill* device that is
+ associated with the network interface is used.
+
+
+OPTIONS FOR `bond' CONNECTIONS
------------------------------
-+INTERFACE+::
- The name of the virtual interface.
-+VLAN_PHYS_DEV+::
- The name of the associated physical interface.
-+VLAN_ID+::
- See *ip*(8).
+The interfaces of 'BindsToInterfaces' are bound together in the
+interface named by 'Interface'. All *ip options* are understood for
+connections of the `bond' type.
-Options for `tunnel' connections
+OPTIONS FOR `bridge' CONNECTIONS
--------------------------------
-Standard `ethernet' options apply for IP configuration.
+The interfaces of 'BindsToInterfaces' take part in the bridge named by
+'Interface'. Next to the *ip options*, the following are understood for
+connections of the `bridge' type:
+
+'FwdDelay='::
+ Forward delay of the bridge. See *brctl*(8) for details.
+
+'MaxAge='::
+ Maximum age parameter. See *brctl*(8) for details.
-+INTERFACE+::
- The name of the tunnel interface.
-+MODE+::
- The tunnel type (e.g. `sit'). See *ip*(8) for available modes.
-+LOCAL+::
- The address of the local end of the tunnel.
-+REMOTE+::
- The address of the remote end of the tunnel.
+OPTIONS FOR `tunnel' CONNECTIONS
+----------------------------------
+The name of the tunnel interface is specified in 'Interface'. Next to
+the *ip options*, the following are understood for connections of the
+`tunnel' type:
-Options for `bond' connections
+'Mode='::
+ The tunnel type (e.g. `sit'). See *ip*(8) for available modes.
+
+'Local='::
+ The address of the local end of the tunnel.
+'Remote='::
+ The address of the remote end of the tunnel.
+
+
+OPTIONS FOR `tuntap' CONNECTIONS
+----------------------------------
+The name of the tuntap interface is specified in 'Interface'. Next to
+the *ip options*, the following are understood for connections of the
+`tuntap' type:
+
+'Mode='::
+ Either ``tun`', or ``tap`'.
+
+'User='::
+ The owning user of the tun/tap interface.
+
+'Group='::
+ The owning group of the tun/tap interface.
+
+
+OPTIONS FOR `vlan' CONNECTIONS
------------------------------
-Standard `ethernet' options apply for IP configuration.
+The name of the vlan interface is specified in 'Interface'. The
+underlying physical interface is specified in 'BindsToInterfaces'.
+Hence, for vlan profiles, 'BindsToInterfaces' contains the name of a
+single network interface.
-+SLAVE_INTERFACES+ (Bash array)::
- An array of names of interfaces to be bound together.
+All options for connections of the `ethernet' type are understood for
+connections of the `vlan' type. Additionally, connections of the `vlan'
+type can set a vlan identifier using 'VLANID='. See *ip*(8) for details.
-Options for `openvpn' connections
----------------------------------
-+OVPN_CONFIG+::
- Path to the *openvpn*(8) config file.
-+OVPN_PID_FILE+::
- Path to the *openvpn*(8) PID file.
-+OVPN_FLAGS+::
- Options to pass to *openvpn*(8) invocation.
+SPECIAL QUOTING RULES
+---------------------
+Configuration files for *wpa_supplicant* use non-standard quoting.
+Therefore, non-standard quoting rules exist for some variables for
+connections of the `wireless' type. In particular, these variables are
+'ESSID', and 'Key'.
+
+A variable is considered *quoted* by *wpa_supplicant* if it is enclosed
+in double quotes ("). A variable is considered *non-quoted* by
+*wpa_supplicant* if it does not start with a double quote. Hexadecimal
+values are specified *non-quoted* in configuration files of
+*wpa_supplicant*. In *netctl*, variables are written to *wpa_supplicant*
+configuration files *quoted* by default. When special quoting rules
+apply, it is possible to specify an unquoted (hexadecimal) value using a
+special syntax.
+
+The special quoting rules of *netctl* are as follows. A string that
+starts with a literal double quote is considered *non-quoted*. Any other
+string is considered *quoted*. It is possible to specify quoted strings
+that start with a double quote by quoting manually. An extreme example
+is the specification of a *quoted* double quote: '`X='""""'`'. On the
+other end of the spectrum there is the *non-quoted* backslash:
+'`X=\"\\`'.
+
+Further examples of *quoted* strings (all equivalent):
+-------------
+X=string
+X="string"
+X='""string"'
+-------------
+
+Further examples of *non-quoted* strings (all equivalent):
+------------
+X=\"string
+X="\"string"
+X='"string'
+------------
+
+A mnemonic is to think of the prefix ``\"`' as saying `non'-`quote'.
SEE ALSO
--------
-include::footer.txt[]
+*netctl*(1)
diff --git a/docs/netctl.special.7.txt b/docs/netctl.special.7.txt
new file mode 100644
index 0000000..eabb4d3
--- /dev/null
+++ b/docs/netctl.special.7.txt
@@ -0,0 +1,55 @@
+NETCTL.SPECIAL(7)
+=================
+
+NAME
+----
+netctl.special - Special netctl systemd units
+
+
+SYNOPSIS
+--------
+netctl.service, netctl-auto.service, netctl-ifplugd.service
+
+
+DESCRIPTION
+-----------
+Bundled with netctl come a few systemd units that are not controlled
+through the netctl command. They can be used through the systemctl
+utility of systemd.
+
+
+SPECIAL UNITS
+-------------
+netctl.service::
+ When started, this unit tries to start the profiles that were
+ running when the unit was last stopped. In some cases, the interface
+ a profile binds to might not be available yet, when netctl.service
+ tries to bring a profile up. A simple, hackish, solution is to do:
+--------------------------------------------------------------------
+echo "[[ -t 0 ]] || sleep 3" > /etc/network.d/interfaces/<interface>
+chmod 755 /etc/network.d/interfaces/<interface>
+--------------------------------------------------------------------
+ A more concise solution is to first enable a profile through netctl
+ and then disable it again through systemctl:
+--------------------------------------------------------------------
+netctl enable <profile>
+systemctl disable netctl@<profile>
+--------------------------------------------------------------------
+ This way the unit configuration file for the profile remains in
+ existence, while the profile is not enabled.
+
+netctl-auto@<interface>.service::
+ This unit issues a scan on the interface it is used for and tries to
+ start a profile for a network it finds. It is targeted to wireless
+ interfaces.
+
+netctl-ifplugd@<interface>.service::
+ This unit starts ifplugd on the interface it is used for. It will
+ try to start a netctl profile whenever a cable is plugged into the
+ interface and stop the profile when the cable is unplugged. Note
+ that this unit does not provide network.target.
+
+
+SEE ALSO
+--------
+*netctl*(1), *netctl.profile*(5)
diff --git a/services/netctl-auto@.service b/services/netctl-auto@.service
index 81f2369..9a035da 100644
--- a/services/netctl-auto@.service
+++ b/services/netctl-auto@.service
@@ -1,12 +1,12 @@
[Unit]
-Description=Automatic wireless network connection via netcfg
+Description=Automatic wireless network connection using netctl profiles
+Documentation=man:netctl.special(7)
Before=network.target
Wants=network.target
[Service]
-EnvironmentFile=/etc/conf.d/netcfg
-ExecStart=/usr/bin/netcfg-wpa_actiond $WIRELESS_INTERFACE
-ExecStop=/usr/bin/netcfg-wpa_actiond stop $WIRELESS_INTERFACE
+ExecStart=/usr/bin/netctl-auto start %i
+ExecStop=/usr/bin/netctl-auto stop %i
RemainAfterExit=yes
Type=forking
diff --git a/services/netctl-ifplugd@.service b/services/netctl-ifplugd@.service
index 8948ac6..05cb1cf 100644
--- a/services/netctl-ifplugd@.service
+++ b/services/netctl-ifplugd@.service
@@ -1,10 +1,9 @@
[Unit]
-Description=Automatic wired network connection via netcfg
+Description=Automatic wired network connection using netctl profiles
+Documentation=man:netctl.special(7)
[Service]
-EnvironmentFile=/etc/conf.d/netcfg
-ExecStart=/usr/bin/ifplugd -i $WIRED_INTERFACE -r /etc/ifplugd/netcfg.action -fIns
-ExecStop=/usr/bin/netcfg iface-down $WIRED_INTERFACE
+ExecStart=/usr/bin/ifplugd -i %i -r /etc/ifplugd/netctl.action -fIns
[Install]
WantedBy=multi-user.target
diff --git a/services/netctl.service b/services/netctl.service
index f400be0..593d36f 100644
--- a/services/netctl.service
+++ b/services/netctl.service
@@ -1,13 +1,12 @@
[Unit]
-Description=Netcfg multi-profile daemon
+Description=(Re)store the netctl profile state
Before=network.target
-Wants=network.target
[Service]
Type=oneshot
RemainAfterExit=yes
-ExecStart=/usr/bin/netcfg-daemon start
-ExecStop=/usr/bin/netcfg-daemon stop
+ExecStart=-/usr/bin/netctl restore
+ExecStop=/usr/bin/netctl store
KillMode=none
[Install]
diff --git a/services/netctl@.service b/services/netctl@.service
index 57229f8..9bd99b6 100644
--- a/services/netctl@.service
+++ b/services/netctl@.service
@@ -1,13 +1,14 @@
[Unit]
-Description=Netcfg networking service for profile %i
-Before=network.target
+Description=Networking for netctl profile %i
+Documentation=man:netctl.profile(5)
+Before=network.target netctl.service
Wants=network.target
[Service]
Type=oneshot
RemainAfterExit=yes
-ExecStart=/usr/bin/netcfg check-iface %i
-ExecStop=-/usr/bin/netcfg down %i
+ExecStart=/usr/lib/network/network start %i
+ExecStop=/usr/lib/network/network stop %i
KillMode=none
[Install]
diff --git a/src/ifplugd.action b/src/ifplugd.action
index ea3a16c..3a28505 100755
--- a/src/ifplugd.action
+++ b/src/ifplugd.action
@@ -1,8 +1,10 @@
#!/bin/bash
#
-# ifplugd.action script for netcfg
+# ifplugd.action script for netctl
-. /usr/lib/network/network
+. /usr/lib/network/globals
+
+PROFILE_FILE="$STATE_DIR/ifplugd_$1.profile"
case "$2" in
up)
@@ -14,12 +16,12 @@ case "$2" in
declare -a preferred_profiles
declare -a dhcp_profiles
declare -a static_profiles
- for profile in $(list_profiles); do
+ while read -r profile; do
(
- echo "loading $profile"
- load_profile "$profile"
- [[ "$INTERFACE" == "$1" && "$CONNECTION" == "ethernet" ]] || continue
- checkyesno "${AUTO_WIRED:-no}" && exit 1 # user preferred AUTO profile
+ echo "Reading profile '$profile'"
+ source "$PROFILE_DIR/$profile"
+ [[ "$Interface" == "$1" && "$Connection" == "ethernet" ]] || continue
+ is_yes "${AutoWired:-no}" && exit 1 # user preferred AUTO profile
[[ "$IP" == "dhcp" ]] && exit 2 # dhcp profile
exit 3 # static profile
)
@@ -28,17 +30,20 @@ case "$2" in
2) dhcp_profiles+=("$profile");;
3) static_profiles+=("$profile");;
esac
- done
+ done < <(list_profiles)
if [[ ${#preferred_profiles[@]} > 1 ]]; then
- echo "AUTO_WIRED flag for $1 set in more than one profile (${preferred_profiles[*]})"
+ echo "AutoWired flag for '$1' set in more than one profile (${preferred_profiles[*]})"
fi
for profile in "${preferred_profiles[@]}" "${dhcp_profiles[@]}" "${static_profiles[@]}"; do
- profile_up "$profile" && exit 0
+ if "$SUBR_DIR/nework" start "$profile"; then
+ printf "%s" "$profile" > "$PROFILE_FILE"
+ exit 0
+ fi
done
;;
down)
- if check_iface "$1"; then
- interface_down "$1" && exit 0
+ if [[ -e "$PROFILE_FILE" ]]; then
+ "$SUBR_DIR/nework" stop "$(< "$PROFILE_FILE")" && rm -f "$PROFILE_FILE"
fi
;;
*)
diff --git a/src/lib/8021x b/src/lib/8021x
index d2ddfe4..60f3552 100644
--- a/src/lib/8021x
+++ b/src/lib/8021x
@@ -1,171 +1,129 @@
-# Usage: wpa_call $interface $call ...
-# Wrapper around wpa_cli to deal with supplicant configurations that set a
-# non-standard control path.
-wpa_call()
-{
- local args=("-i" "$1")
+## /usr/lib/network/globals needs to be sourced before this file
+
+
+## Wrapper around wpa_cli to deal with supplicant configurations that set a
+## non-standard control path.
+# $1: interface name
+# $2...: call to the supplicant
+wpa_call() {
+ local args=( "-i" "$1" )
shift
- if [[ -n "$WPA_CTRL_DIR" ]]; then
+ if [[ $WPA_CTRL_DIR ]]; then
args+=("-p" "$WPA_CTRL_DIR")
- elif [[ -n "$WPA_CONF" ]] && grep -q "^[[:space:]]*ctrl_interface=" "$WPA_CONF"; then
- WPA_CTRL_DIR=$(grep -m 1 "^[[:space:]]*ctrl_interface=" "$WPA_CONF")
+ elif [[ $WPAConfigFile ]] && grep -q "^[[:space:]]*ctrl_interface=" "$WPAConfigFile"; then
+ WPA_CTRL_DIR=$(grep -m1 "^[[:space:]]*ctrl_interface=" "$WPAConfigFile")
WPA_CTRL_DIR=${WPA_CTRL_DIR#*ctrl_interface=}
- if [[ "$WPA_CTRL_DIR" == DIR=* ]]; then
+ if [[ $WPA_CTRL_DIR == DIR=* ]]; then
WPA_CTRL_DIR=${WPA_CTRL_DIR:4}
WPA_CTRL_DIR=${WPA_CTRL_DIR%% GROUP=*}
fi
- args+=("-p" "$WPA_CTRL_DIR")
+ args+=( "-p" "$WPA_CTRL_DIR" )
fi
- report_debug wpa_cli "${args[@]}" "$@"
- wpa_cli "${args[@]}" "$@"
+ do_debug wpa_cli "${args[@]}" "$@"
}
-# Uses wpa_supplicant to check for association to a network
-# wpa_check interface [timeout]
-wpa_check()
-{
- local timeout=0 INTERFACE="$1" TIMEOUT="${2:-15}" CONDITION="${3:-COMPLETED}"
- # CONDITION is required as wired connections are ready at ASSOCIATED not COMPLETED FS#20150
-
- while (( timeout < TIMEOUT )); do
- ( # Sometimes wpa_supplicant isn't ready so silence errors for 2s only to avoid hiding real errors
- if (( timeout < 2 )); then
- eval $(wpa_call "$INTERFACE" status 2> /dev/null | grep -F "wpa_state=")
- else
- eval $(wpa_call "$INTERFACE" status | grep -F "wpa_state=")
- fi
- [[ "$wpa_state" = "$CONDITION" ]]
- ) && return 0
- sleep 1
- (( ++timeout ))
- done
- echo "$wpa_state"
- # wpa_cli -i "$INTERFACE" terminate >/dev/null 2>&1 # callers sometimes called stop_wpa, which does more but seems redundant
- # termination should either be handled properly here, or by callers
- stop_wpa "$INTERFACE"
- return 1
+## Retrieves the state of an instance of the wpa supplicant
+## Displays one of: DISCONNECTED, INTERFACE_DISABLED, INACTIVE, SCANNING,
+## AUTHENTICATING, ASSOCIATING, ASSOCIATED, 4WAY_HANDSHAKE,
+## GROUP_HANDSHAKE, COMPLETED
+# $1: interface name
+wpa_get_state() {
+ local state
+ state=$(wpa_call $1 status | grep -m1 "^wpa_state=") || return 1
+ echo ${state#wpa_state=}
}
-start_wpa()
-{
- local INTERFACE="$1" WPA_CONF="$2" WPA_DRIVER="$3"
- shift 3
- local WPA_OPTS="$@" PIDFILE="/run/wpa_supplicant_${INTERFACE}.pid"
-
- if [[ -n "$WPA_CONF" ]]; then
- WPA_CONF="-c$WPA_CONF"
- else
- WPA_CTRL_DIR="/run/wpa_supplicant"
- WPA_CONF="-C$WPA_CTRL_DIR"
- fi
-
- wpa_supplicant -B -P "$PIDFILE" -i "$INTERFACE" -D "$WPA_DRIVER" "$WPA_CONF" $WPA_OPTS
-
- # wait up to one second for the pid file to appear
- timeout_wait 1 '[[ -f "$PIDFILE" ]]';
- return $?
+## Waits until the wpa supplicant reaches a listed state
+# $1: timeout
+# $2: interface name
+# $3...: accepted states
+wpa_wait_until_state() {
+ local timeout=$1 interface=$2 states=( "${@:3}" )
+ timeout_wait "$timeout" \
+ 'in_array "$(wpa_get_state "$interface")" "${states[@]}"'
}
-stop_wpa()
-{
- local INTERFACE="$1"
- # we need this as long as wpa_cli has a different default than netcfg
- [[ -z "$WPA_CTRL_DIR" && -z "$WPA_CONF" ]] && WPA_CTRL_DIR="/run/wpa_supplicant"
-
- # done if wpa_supplicant is already terminated for this interface
- [[ -e "$WPA_CTRL_DIR/$INTERFACE" ]] || return
-
- wpa_call "$INTERFACE" terminate > /dev/null
-
- # wait up to one second for the pid file to be removed
- timeout_wait 1 '[[ ! -f "/run/wpa_supplicant_${INTERFACE}.pid" ]]' || \
- kill "$(< "/run/wpa_supplicant_${INTERFACE}.pid")" &> /dev/null &
+## Waits while the wpa supplicant is in a listed state
+# $1: timeout
+# $2: interface name
+# $3...: rejected states
+wpa_wait_while_state() {
+ local timeout=$1 interface=$2 states=( "${@:3}" )
+ timeout_wait "$timeout" \
+ '! in_array "$(wpa_get_state "$interface")" "${states[@]}"'
}
-wpa_reconfigure() {
- wpa_call "$1" reconfigure > /dev/null
- return $?
-}
+## Start an instance of the wpa supplicant
+# $1: interface name
+# $2: interface driver(s)
+# $3: configuration file
+wpa_start() {
+ local interface=$1 driver=$2 configuration=$3
+ local pidfile="/run/wpa_supplicant_$interface.pid"
-wpa_check_current_essid() {
- # usage: wpa_check_current_essid $interface $essid
- # check that wpa_supplicant is connected to the right essid
- local INTERFACE=$1 ESSID=$2 status
- status=$(wpa_call "$INTERFACE" status | grep "^ssid=")
- if (( $? == 0 )) && [[ "$status" == "ssid=$ESSID" ]]; then
- return 0
+ if [[ $configuration ]]; then
+ configuration="-c$configuration"
else
+ WPA_CTRL_DIR="/run/wpa_supplicant"
+ configuration="-C$WPA_CTRL_DIR"
+ fi
+
+ do_debug wpa_supplicant -B -P "$pidfile" -i "$interface" -D "$driver" \
+ "$configuration" $WPAOptions
+
+ # Wait up to one second for the pid file to appear
+ if ! timeout_wait 1 '[[ -f "$pidfile" ]]'; then
+ # Remove the configuration file if it was generated
+ configuration="$STATE_DIR/wpa_supplicant_$interface.conf"
+ [[ -f $configuration && -O $configuration ]] && rm -f "$configuration"
return 1
fi
}
-wpa_find_essid() {
- # usage: wpa_find_essid $INTERFACE $ESSID
- # look for existence of a given essid. Assumes wpa_supplicant is
- # running
- result=$(wpa_supplicant_scan_and_find "$1" 5 "$2")
- ret=$?
- echo $result
- report_debug wpa_find_essid "\"$result\""
- return $ret
-}
+## Stop an instance of the wpa supplicant
+# $1: interface name
+wpa_stop() {
+ local interface=$1 config_file="$STATE_DIR/wpa_supplicant_$1.conf"
+ # We need this as long as wpa_cli has a different default than netctl
+ if [[ -z $WPA_CTRL_DIR && -z $WPAConfigFile ]]; then
+ WPA_CTRL_DIR="/run/wpa_supplicant"
+ fi
-wpa_find_ap() {
- # usage: wpa_find_essid $INTERFACE $ESSID
- # look for existence of a given essid. Assumes wpa_supplicant is
- # running
- bssid=${2,,} # set to lowercase
- result=$(wpa_supplicant_scan_and_find "$1" 1 "$bssid")
- ret=$?
- echo $result
- report_debug wpa_find_ap "\"$result\""
- return $ret
-}
+ # Done if wpa_supplicant is already terminated for this interface
+ [[ -z $WPA_CTR_DIR || -e "$WPA_CTRL_DIR/$interface" ]] || return
-wpa_supplicant_scan_and_find() {
- #usage: wpa_supplicant_scan_and_find $INTERFACE $FIELD $ITEM
- # field = 1 for bssid, 5 for essid
- # item = string to lookup
- local INTERFACE="$1" FIELD="$2" ITEM="$3" RETRIES=5 scan_ok=0 try
- for ((try=0; try < $RETRIES; try++)); do
- local found
- wpa_call "$INTERFACE" scan > /dev/null
- sleep 2
- found=$(wpa_call "$INTERFACE" scan_results | tail -n+2 | cut -f "$FIELD" | grep -F -x -m 1 -- "$ITEM")
- (( $? == 0 )) && scan_ok=1
-
- # ITEM has been found, echo it
- if [[ -n "$found" ]]; then
- echo "$found"
- return 0
- fi
- done
- if (( $scan_ok != 1 )); then
- report_debug wpa_supplicant_scan_and_find "unable to retrieve scan results"
+ wpa_call "$interface" terminate > /dev/null
+ [[ -f $config_file && -O $config_file ]] && rm -f "$config_file"
+
+ # Wait up to one second for the pid file to be removed
+ if ! timeout_wait 1 '[[ ! -f "/run/wpa_supplicant_$interface.pid" ]]'; then
+ kill "$(< "/run/wpa_supplicant_$interface.pid")" &> /dev/null
fi
- return 1
}
+## Scan for networks within range
+# $1: interface name
+# $2: fields of the wpa_supplicant scan_results
wpa_supplicant_scan() {
- local INTERFACE="$1" fields="$2" spawned_wpa=0 essids
+ local interface=$1 fields=$2 spawned_wpa=0 essids
# temp file used, as keeping ESSID's with spaces in their name in arrays
# is hard, obscure and kinda nasty. This is simpler and clearer.
- [[ -z "$INTERFACE" ]] && return 1
+ [[ $interface ]] || return 1
essids=$(mktemp --tmpdir essid.XXXXXXXX)
- if [[ "$(wpa_call "$INTERFACE" ping 2> /dev/null)" != "PONG" ]]; then
- start_wpa "$INTERFACE" "" "${WPA_DRIVER:-nl80211,wext}" || return 1
+ if [[ "$(wpa_call "$interface" ping 2> /dev/null)" != "PONG" ]]; then
+ wpa_start "$interface" "${WPADriver:-nl80211,wext}" || return 1
spawned_wpa=1
fi
- wpa_call "$INTERFACE" scan > /dev/null
+ wpa_call "$interface" scan > /dev/null
# Wait at least 3 seconds for scan results
sleep 3
- # Sometimes, that is not enough (FS#29946)
- timeout_wait 7 '! wpa_call "$INTERFACE" status | grep -F -q "wpa_state=SCANNING"'
- wpa_call "$INTERFACE" scan_results |
+ # Sometimes, that is not enough
+ wpa_wait_while_state 7 "$interface" "SCANNING"
+ wpa_call "$interface" scan_results |
tail -n+2 |
sort -rn -k3 |
sort -u -k5 |
@@ -179,97 +137,100 @@ wpa_supplicant_scan() {
# Re-sort by strength as the removal disorders the list
# Cut to the AP/essid fields only
- (( $spawned_wpa == 1 )) && stop_wpa "$INTERFACE"
+ (( spawned_wpa == 1 )) && wpa_stop "$interface"
- # File of 0 length, ie. no ssid's.
+ # File of 0 length: no ssid's
if [[ ! -s "$essids" ]]; then
rm -f "$essids"
return 1
fi
echo "$essids"
- return 0
}
-# Requires already loaded profile
-make_wpa_config_file() {
- local WPA_CONFD="$STATE_DIR/wpa.$1"
-
- # make empty tmp dir with correct permissions, rename it
- check_make_state_dir
- mkdir -p /run/wpa_supplicant
- rm -rf "$WPA_CONFD"
- mv -f "$(mktemp -d --tmpdir=$STATE_DIR)" "$WPA_CONFD" || return 1
- echo "ctrl_interface=/run/wpa_supplicant" >> "$WPA_CONFD/wpa.conf"
- echo "ctrl_interface_group=${WPA_GROUP:-wheel}" >> "$WPA_CONFD/wpa.conf"
- [[ $WPA_COUNTRY ]] && echo "country=$WPA_COUNTRY" >> "$WPA_CONFD/wpa.conf"
- [[ -n "$ADHOC" ]] && echo "ap_scan=2" >> "$WPA_CONFD/wpa.conf"
- echo "$WPA_CONFD/wpa.conf"
+## Print a string within quotes, unless it starts with the "-modifier
+## Quoted: string "string" '""string"'
+## Non-quoted: \"string "\"string" '"string'
+# $1: string
+wpa_quote() {
+ local string=$1
+ if [[ $string == \"* ]]; then
+ printf '%s' "${string:1}"
+ else
+ printf '"%s"' "$string"
+ fi
}
-# Requires already loaded profile
-make_wpa_config() {
- case $SECURITY in
- none|wep|wpa)
- case "${ESSID_TYPE:-ascii}" in
- ascii)
- echo "ssid=\"$ESSID\""
- ;;
- hex)
- # Hex ESSID is written unquoted and in lowercase (FS#24333)
- echo "ssid=${ESSID,,}"
- ;;
- *)
- report_fail "ESSID_TYPE must be set to 'ascii' or 'hex'."
- return 1
- ;;
- esac
- if [[ -n "$AP" ]]; then
- echo "bssid=${AP,,}"
- fi
- [[ -n "$ADHOC" ]] && echo "mode=1"
+## Create a configuration file for wpa_supplicant without any network blocks
+# $1: interface name
+wpa_make_config_file() {
+ local config_file="$STATE_DIR/wpa_supplicant_$1.conf"
+
+ if [[ -e $config_file ]]; then
+ report_debug "The anticipated filename '$config_file' is not available"
+ return 1
+ fi
+ mkdir -p "$STATE_DIR" /run/wpa_supplicant
+ if ! : > "$config_file"; then
+ report_debug "Could not create the configuration file '$config_file'"
+ return 1
+ fi
+ chmod 600 "$config_file"
+
+ echo "ctrl_interface=/run/wpa_supplicant" >> "$config_file"
+ echo "ctrl_interface_group=${WPAGroup:-wheel}" >> "$config_file"
+ [[ $Country ]] && echo "country=$Country" >> "$config_file"
+ if is_yes "${AdHoc:-no}"; then
+ echo "ap_scan=2" >> "$config_file"
+ fi
+ echo "$config_file"
+}
+
+## Generate a network block for wpa_supplicant
+# $Security: type of wireless security
+wpa_make_config_block() {
+ case $Security in
+ none|wep|wpa)
+ echo "ssid=$(wpa_quote "$ESSID")"
+ [[ $AP ]] && echo "bssid=${AP,,}"
+ is_yes "${AdHoc:-no}" && echo "mode=1"
;;
- wpa-configsection)
- echo "$CONFIGSECTION"
+ wpa-configsection)
+ printf "%s\n" "${WPAConfigSection[@]}"
+ return
;;
- *)
+ *)
+ report_error "Unsupported security setting: '$Security'"
return 1
;;
esac
# Key management
- case $SECURITY in
- none)
+ case $Security in
+ none)
echo "key_mgmt=NONE"
;;
- wep)
+ wep)
echo "key_mgmt=NONE"
echo "wep_tx_keyidx=0"
- if [[ ${KEY:0:2} == "s:" ]]; then # TODO: does wpa_supplicant handle this as expected?
- echo "wep_key0=\"${KEY:2}\""
- else
- echo "wep_key0=$KEY"
- fi
+ echo "wep_key0=$(wpa_quote "$Key")"
;;
- wpa)
+ wpa)
echo "proto=RSN WPA"
- if [[ "${#KEY}" -eq 64 ]]; then
- echo "psk=$KEY"
+ if [[ "${#Key}" -eq 64 ]]; then
+ echo "psk=$Key"
else
- echo "psk=\"$KEY\""
+ echo "psk=$(wpa_quote "$Key")"
fi
;;
esac
# Hidden SSID
- if checkyesno ${HIDDEN:-no}; then
- echo "scan_ssid=1"
- fi
+ is_yes "${Hidden:-no}" && echo "scan_ssid=1"
# Priority group for the network
- if [[ -n "$PRIORITY" ]]; then
- echo "priority=$PRIORITY"
- fi
+ [[ $Priority ]] && echo "priority=$Priority"
}
-# vim: ft=sh ts=4 et sw=4 tw=0:
+
+# vim: ft=sh ts=4 et sw=4:
diff --git a/src/lib/auto.action b/src/lib/auto.action
index 1f29364..00a4d14 100755
--- a/src/lib/auto.action
+++ b/src/lib/auto.action
@@ -1,56 +1,57 @@
#! /bin/bash
+. /usr/lib/network/globals
+. "$SUBR_DIR/ip"
+
interface="$1"
ssid="$2"
profile="$3"
action="$4"
+PROFILE_FILE="$STATE_DIR/wpa_actiond_$interface.profile"
-. /usr/lib/network/network
+# Is it possible that we don't get a profile?!
[[ "$profile" ]] && load_profile "$profile"
+# TODO: copy some from 'network'
case $action in
- CONNECT)
- if [[ -z $profile ]]; then
- # Load interface specific config
- [[ -f "$IFACE_DIR/$interface" ]] && source "$IFACE_DIR/$interface"
- dhcpcd -qL -t "${DHCP_TIMEOUT:-10}" -K $DHCP_OPTIONS "$interface"
- exit $?
- fi
- if ! DHCPCD_INTERNAL_OPTIONS="-K" $CONN_DIR/ethernet up "$profile"; then
- exit 1 # what to do if fail?
- fi
-
- set_profile up "$profile"
-
- if ! ( eval $POST_UP ); then # JP: sandbox the eval
- # failing POST_UP will take interface down
- "$CONN_DIR/$ethernet" down "$profile"
- exit 1
- fi
- ;;
- DISCONNECT)
- if [[ -z $profile ]]; then
- dhcpcd -k "$interface"
- exit $?
+ CONNECT)
+ if [[ -z $profile ]]; then
+ if [[ -x "$PROFILE_DIR/interfaces/$interface" ]]; then
+ source "$PROFILE_DIR/interfaces/$interface"
fi
- if ! ( eval $PRE_DOWN ); then # JP: sandbox the eval
- exit 1
- fi
- if ! "$CONN_DIR/ethernet" down "$profile"; then
- exit 1
- fi
- if ! ( eval $POST_DOWN ); then # JP: sandbox the eval
- exit 1
- fi
- set_profile down "$profile"
- ;;
- LOST|REESTABLISHED)
- # Not handled.
- exit 0
- ;;
- *)
- # ???
+ dhcpcd -qL -t "${TimeoutDHCP:-10}" $DHCPOptions -K "$interface"
+ exit $?
+ fi
+ DHCPOptions+=" -K"
+ ip_set || exit 1
+ printf "%s" "$profile" > "$PROFILE_FILE"
+ # JP: sandbox the eval
+ if ! ( eval $ExecUpPost ); then
+ # Failing ExecUpPost will take the connection down
+ netctl-auto stop "$interface"
exit 1
- ;;
+ fi
+ ;;
+ DISCONNECT)
+ if [[ -z $profile ]]; then
+ dhcpcd -k "$interface"
+ exit $?
+ fi
+ # JP: sandbox the eval
+ if ! ( eval $ExecDownPre ); then
+ exit 1
+ fi
+ ip_unset && rm -f "$PROFILE_FILE"
+ ;;
+ LOST|REESTABLISHED)
+ # Not handled.
+ exit 0
+ ;;
+ *)
+ # ???
+ exit 1
+ ;;
esac
+
+# vim: ft=sh ts=4 et sw=4:
diff --git a/src/lib/connections/bond b/src/lib/connections/bond
index bc5aa95..09e51c6 100644
--- a/src/lib/connections/bond
+++ b/src/lib/connections/bond
@@ -1,40 +1,35 @@
-#! /bin/bash
-. /usr/lib/network/network
+# Contributed by: Byron Williams <byron@112percent.com>
+
+. "$SUBR_DIR/ip"
+
IFENSLAVE="/sbin/ifenslave"
bond_up() {
- load_profile "$1"
-
- if [[ -e "/sys/class/net/$INTERFACE" ]]; then
- report_fail "Interface $INTERFACE already exists."
- exit 1
+ if is_interface "$Interface"; then
+ report_error "Interface '$Interface' already exists"
+ return 1
else
- ip link add dev $INTERFACE type bond
+ ip link add dev "$Interface" type bond
fi
- bring_interface up "$INTERFACE"
+ bring_interface_up "$Interface"
- for slave in "${SLAVE_INTERFACES[@]}"; do
- bring_interface up "$slave"
- $IFENSLAVE $INTERFACE $slave
+ for slave in "${BindsToInterfaces[@]}"; do
+ bring_interface_up "$slave"
+ $IFENSLAVE "$Interface" "$slave"
done
- "$CONN_DIR/ethernet" up "$1"
- return 0
+ ip_set
}
bond_down() {
- load_profile "$1"
-
- for slave in "${SLAVE_INTERFACES[@]}"; do
- $IFENSLAVE $INTERFACE -d $slave
+ for slave in "${BindsToInterfaces[@]}"; do
+ $IFENSLAVE "$Interface" -d "$slave"
done
- "$CONN_DIR/ethernet" down "$1"
- ip link delete "$INTERFACE"
- return 0
+ ip_unset
+ bring_interface_down "$Interface"
+ ip link delete "$Interface"
}
-bond_$1 "$2"
-exit $?
# vim: set ts=4 et sw=4:
diff --git a/src/lib/connections/bridge b/src/lib/connections/bridge
index 6b3ab67..929a76b 100644
--- a/src/lib/connections/bridge
+++ b/src/lib/connections/bridge
@@ -1,47 +1,42 @@
-#! /bin/bash
-. /usr/lib/network/network
+# Contributed by: Thomas Bächler <thomas@archlinux.org>
+
+. "$SUBR_DIR/ip"
+
BRCTL="/usr/sbin/brctl"
bridge_up() {
- local bridge_interface
- load_profile "$1"
-
- if [[ -e "/sys/class/net/$INTERFACE" ]]; then
- if [[ ! -d "/sys/class/net/$INTERFACE/brif" ]]; then
- report_fail "Interface $INTERFACE already exists and is not a bridge."
- exit 1
+ if is_interface "$Interface"; then
+ if [[ ! -d "/sys/class/net/$Interface/brif" ]]; then
+ report_error "Interface '$Interface' already exists and is not a bridge"
+ return 1
fi
else
- $BRCTL addbr "$INTERFACE"
+ $BRCTL addbr "$Interface"
fi
- for bridge_client in $BRIDGE_INTERFACES; do
- ip link set "$bridge_client" promisc on up
- ip addr flush dev "$bridge_client"
- $BRCTL addif "$INTERFACE" "$bridge_client"
+ for member in "${BindsToInterfaces[@]}"; do
+ ip link set "$member" promisc on up
+ ip addr flush dev "$member"
+ $BRCTL addif "$Interface" "$member"
done
# Set options
- [[ "$FWD_DELAY" ]] && $BRCTL setfd "$INTERFACE" "$FWD_DELAY"
- [[ "$MAX_AGE" ]] && $BRCTL setmaxage "$INTERFACE" "$MAX_AGE"
+ [[ "$FwdDelay" ]] && $BRCTL setfd "$Interface" "$FwdDelay"
+ [[ "$MaxAge" ]] && $BRCTL setmaxage "$Interface" "$MaxAge"
- "$CONN_DIR/ethernet" up "$1"
- return 0
+ bring_interface_up "$Interface"
+ ip_set
}
bridge_down() {
- local bridge_interface
- load_profile "$1"
-
- for bridge_client in $BRIDGE_INTERFACES; do
- ip link set "$bridge_client" promisc off down
- $BRCTL delif "$INTERFACE" "$bridge_client"
+ for member in "${BindsToInterfaces[@]}"; do
+ ip link set "$member" promisc off down
+ $BRCTL delif "$Interface" "$member"
done
- "$CONN_DIR/ethernet" down "$1"
- $BRCTL delbr "$INTERFACE"
- return 0
+ ip_unset
+ bring_interface_down "$Interface"
+ $BRCTL delbr "$Interface"
}
-bridge_$1 "$2"
-exit $?
+
# vim: set ts=4 et sw=4:
diff --git a/src/lib/connections/ethernet b/src/lib/connections/ethernet
index 487adf8..0fff668 100644
--- a/src/lib/connections/ethernet
+++ b/src/lib/connections/ethernet
@@ -1,279 +1,75 @@
-#! /bin/bash
-# Source file for the 'ethernet' connection
-# ethernet_up $profile
-# ethernet_down $profile
-# ethernet_status
+# Ethernet connection support for netctl
-. /usr/lib/network/network
+. "$SUBR_DIR/ip"
-report_iproute()
-{
- report_fail "$*"
- bring_interface down "$INTERFACE"
- exit 1
-}
ethernet_up() {
- load_profile "$1"
- SYSCTL_INTERFACE="${INTERFACE/.//}"
-
- if ! is_interface "$INTERFACE"; then
- report_iproute "Interface $INTERFACE does not exist"
+ if ! is_interface "$Interface"; then
+ report_error "Interface '$Interface' does not exist"
+ return 1
fi
# Disable IPv6 before bringing the interface up to prevent SLAAC
- if [[ "$IP6" == "no" ]]; then
- sysctl -q -w "net.ipv6.conf.$SYSCTL_INTERFACE.disable_ipv6=1"
+ if [[ $IP6 == "no" ]]; then
+ sysctl -q -w "net.ipv6.conf.${Interface/.//}.disable_ipv6=1"
fi
- report_debug ethernet_up bring_interface up "$INTERFACE"
- bring_interface up "$INTERFACE"
+ if ! bring_interface_up "$Interface"; then
+ report_error "Failed to bring interface '$Interface' up"
+ return 1
+ fi
- if ! checkyesno "${SKIPNOCARRIER:-no}"; then
+ if ! is_yes "${SkipNoCarrier:-no}"; then
# Some cards are plain slow to come up. Don't fail immediately.
- if ! timeout_wait "${CARRIER_TIMEOUT:-5}" '(( $(< "/sys/class/net/$INTERFACE/carrier") ))'; then
- report_iproute "No connection"
+ if ! timeout_wait "${TimeoutCarrier:-5}" '(( $(< "/sys/class/net/$Interface/carrier") ))'; then
+ report_error "No connection on interface '$Interface'"
+ bring_interface_down "$Interface"
+ return 1
fi
fi
- if checkyesno "${AUTH8021X:-no}"; then
+ if is_yes "${Auth8021X:-no}"; then
. "$SUBR_DIR/8021x"
- [[ -z "$WPA_CONF" ]] && WPA_CONF="/etc/wpa_supplicant.conf"
- [[ -z "$WPA_DRIVER" ]] && WPA_DRIVER="wired"
+ : ${WPAConfigFile:=/etc/wpa_supplicant.conf}
+ : ${WPADriver:=wired}
+ : ${TimeoutWPA:=15}
- report_debug ethernet_up start_wpa "$INTERFACE" "$WPA_CONF" "$WPA_DRIVER" "$WPA_OPTS"
- if ! start_wpa "$INTERFACE" "$WPA_CONF" "$WPA_DRIVER" "$WPA_OPTS"; then
- report_fail "wpa_supplicant did not start, possible configuration error"
+ if ! wpa_start "$Interface" "$WPADriver" "$WPAConfigFile"; then
+ report_error "The WPA supplicant did not start for interface '$Interface'"
+ bring_interface_down "$Interface"
return 1
fi
- if ! wpa_check "$INTERFACE" "$TIMEOUT" "ASSOCIATED"; then
- bring_interface down "$INTERFACE"
- report_fail "WPA Authentication/Association Failed"
+ if ! wpa_wait_until_state "$TimeoutWPA" "$Interface" "ASSOCIATED"; then
+ wpa_stop "$Interface"
+ bring_interface_down "$Interface"
+ report_error "WPA Authentication/Association Failed"
return 1
fi
fi
- if [[ -z "$IP" && -z "$IP6" ]]; then
- report_iproute "At least one of IP or IP6 should be specified"
+ if ! ip_set; then
+ stop_80211x
+ bring_interface_down "$Interface"
return 1
fi
-
- case "$IP" in
- dhcp)
- if checkyesno "${DHCLIENT:-no}"; then
- rm -r "/run/dhclient-${INTERFACE}.pid" >/dev/null 2>&1
- report_debug ethernet_up dhclient -q -e TIMEOUT="${DHCP_TIMEOUT:-10}" -pf "/run/dhclient-$INTERFACE.pid" "$INTERFACE"
- if ! dhclient -q -e TIMEOUT="${DHCP_TIMEOUT:-10}" -pf "/run/dhclient-${INTERFACE}.pid" ${DHCLIENT_OPTIONS} "$INTERFACE"; then
- report_fail "DHCP IP lease attempt failed."
- stop_80211x
- return 1
- fi
- else
- # Clear remaining pid files.
- rm -f "/run/dhcpcd-$INTERFACE".{pid,cache} >/dev/null 2>&1
- # If using own dns, tell dhcpcd to NOT replace resolv.conf
- [[ -n "$DNS" ]] && DHCP_OPTIONS="-C resolv.conf $DHCP_OPTIONS"
- # Start dhcpcd
- report_debug ethernet_up dhcpcd -qL -t "${DHCP_TIMEOUT:-10}" $DHCPCD_INTERNAL_OPTIONS $DHCP_OPTIONS "$INTERFACE"
- dhcpcd -qL -t "${DHCP_TIMEOUT:-10}" $DHCPCD_INTERNAL_OPTIONS $DHCP_OPTIONS "$INTERFACE" 2>&1 | report_debug "$(cat)"
- if [[ "$PIPESTATUS" -ne 0 ]]; then
- report_fail "DHCP IP lease attempt failed."
- stop_80211x
- return 1
- fi
- fi
- ;;
- static)
- if [[ -n "$ADDR" ]]; then
- [[ -z $NETMASK ]] && NETMASK=24
- report_debug ethernet_up ip addr add "$ADDR/$NETMASK" brd + dev "$INTERFACE"
- if ! ip addr add "$ADDR/$NETMASK" brd + dev "$INTERFACE"; then
- report_iproute "Could not configure interface"
- fi
- fi
- if [[ -n "$GATEWAY" ]]; then
- report_debug ethernet_up ip route add default via "$GATEWAY" dev "$INTERFACE"
- if ! ip route add default via "$GATEWAY" dev "$INTERFACE"; then
- report_iproute "Adding gateway $GATEWAY failed"
- fi
- fi
- ;;
- ""|no)
- ;;
- *)
- report_iproute "IP must be either 'dhcp', 'static' or 'no'"
- ;;
- esac
-
- if [[ -n "$IP" && -n "$ROUTES" ]]; then
- for route in "${ROUTES[@]}"; do
- report_debug ethernet_up ip route add $route dev "$INTERFACE"
- if ! ip route add $route dev "$INTERFACE"; then
- report_iproute "Adding route '$route' failed"
- fi
- done
- fi
-
- # Load ipv6 module if necessary (FS#25530)
- case "$IP6" in
- dhcp*|stateless|static)
- [[ -d "/proc/sys/net/ipv6" ]] || modprobe ipv6
- ;;
- no)
- [[ -d "/proc/sys/net/ipv6" ]] && sysctl -q -w "net.ipv6.conf.$SYSCTL_INTERFACE.accept_ra=0"
- ;;
- "") # undefined IP6 does not prevent RA's from being received -> nop
- ;;
- *)
- report_iproute "IP6 must be 'dhcp', 'dhcp-noaddr', 'stateless', 'static' or 'no'"
- ;;
- esac
-
- case "$IP6" in
- dhcp*)
- if ! type dhclient &>/dev/null; then
- report_fail "You need to install dhclient to use DHCPv6."
- stop_80211x
- return 1
- fi
- sysctl -q -w "net.ipv6.conf.$SYSCTL_INTERFACE.accept_ra=1"
- if [[ "$IP6" == "dhcp-noaddr" ]]; then
- DHCLIENT6_OPTIONS="-S ${DHCLIENT6_OPTIONS}"
- fi
- _DHCLIENT_PIDFILE="/run/dhclient6-${INTERFACE}.pid"
- rm -r ${_DHCLIENT_PIDFILE} &>/dev/null
- report_debug ethernet_up dhclient -6 -q -e TIMEOUT="${DHCP_TIMEOUT:-10}" -pf ${_DHCLIENT_PIDFILE} "$INTERFACE"
- if ! dhclient -6 -q -e TIMEOUT="${DHCP_TIMEOUT:-10}" -pf ${_DHCLIENT_PIDFILE} ${DHCLIENT6_OPTIONS} "$INTERFACE"; then
- report_fail "DHCPv6 IP lease attempt failed."
- stop_80211x
- return 1
- fi
- ;;
- stateless)
- sysctl -q -w "net.ipv6.conf.$SYSCTL_INTERFACE.accept_ra=1"
- ;;
- static)
- sysctl -q -w "net.ipv6.conf.$SYSCTL_INTERFACE.accept_ra=0"
- if [[ -n "$ADDR6" ]]; then
- for addr in "${ADDR6[@]}"; do
- report_debug ethernet_up ip -6 addr add $addr dev "$INTERFACE"
- if ! ip -6 addr add $addr dev "$INTERFACE"; then
- report_iproute "Could not add address '$addr' to interface"
- fi
- done
- fi
- ;;
- esac
-
- if [[ -n "$IP6" ]]; then
- # Wait for DAD to finish (FS#28887)
- report_debug ethernet_up ip -6 addr show dev "$INTERFACE" tentative
- if ! timeout_wait "${DAD_TIMEOUT:-3}" '[[ -z "$(ip -6 addr show dev "$INTERFACE" tentative)" ]]'; then
- report_iproute "Duplicate Address Detection is taking too long"
- fi
-
- # Add static IPv6 routes
- if [[ -n "$ROUTES6" ]]; then
- for route in "${ROUTES6[@]}"; do
- report_debug ethernet_up ip -6 route add $route dev "$INTERFACE"
- if ! ip -6 route add $route dev "$INTERFACE"; then
- report_iproute "Adding route '$route' failed"
- fi
- done
- fi
-
- # Set a custom gateway after waiting for DAD to finish
- if [[ "$IP6" == "static" && -n "$GATEWAY6" ]]; then
- report_debug ethernet_up ip -6 route replace default via "$GATEWAY6" dev "$INTERFACE"
- if ! ip -6 route replace default via "$GATEWAY6" dev "$INTERFACE"; then
- report_iproute "Adding gateway $GATEWAY6 failed"
- fi
- fi
- fi
-
- if [[ -n "$IPCFG" ]]; then
- for line in "${IPCFG[@]}"; do
- report_debug ethernet_up ip "$line"
- if ! ip $line; then
- report_iproute "Could not configure interface ($line)."
- fi
- done
- fi
-
- # Set hostname
- if [[ -n "$HOSTNAME" ]]; then
- report_debug ethernet_up hostname "$HOSTNAME"
- if ! echo "$HOSTNAME" >/proc/sys/kernel/hostname; then
- report_iproute "Cannot set hostname to $HOSTNAME"
- fi
- fi
-
- # Generate a new resolv.conf
- if [[ -n "$DNS" ]]; then
- : >/etc/resolv.conf
- [[ -n "$DOMAIN" ]] && echo "domain $DOMAIN" >>/etc/resolv.conf
- [[ -n "$SEARCH" ]] && echo "search $SEARCH" >>/etc/resolv.conf
- for dns in "${DNS[@]}"; do
- echo "nameserver $dns" >>/etc/resolv.conf
- done
- for dnsoption in "${DNS_OPTIONS[@]}"; do
- echo "options $dnsoption" >>/etc/resolv.conf
- done
- fi
-
- return 0
}
ethernet_down() {
- load_profile "$1"
-
- if [[ "$IP" == "dhcp" ]]; then
- if checkyesno "${DHCLIENT:-no}"; then
- if [[ -f "/run/dhclient-$INTERFACE.pid" ]]; then
- report_debug ethernet_down dhclient -q -x "$INTERFACE" -pf "/run/dhclient-$INTERFACE.pid"
- dhclient -q -x "$INTERFACE" -pf "/run/dhclient-$INTERFACE.pid" &>/dev/null
- #dhclient -q -r "$INTERFACE" &>/dev/null
- fi
- else
- if [[ -f "/run/dhcpcd-$INTERFACE.pid" ]]; then
- report_debug ethernet_down dhcpcd -qk "$INTERFACE"
- dhcpcd -qk "$INTERFACE" &>/dev/null
- fi
- fi
- fi
- if [[ "$IP6" == dhcp* ]]; then
- if [[ -f "/run/dhclient6-$INTERFACE.pid" ]]; then
- report_debug ethernet_down dhclient -6 -q -x "$INTERFACE" -pf "/run/dhclient6-$INTERFACE.pid"
- dhclient -6 -q -x "$INTERFACE" -pf "/run/dhclient6-$INTERFACE.pid" &>/dev/null
- report_debug ethernet_down /bin/kill $(< /run/dhclient6-$INTERFACE.pid)
- /bin/kill $(< /run/dhclient6-$INTERFACE.pid) &>/dev/null
- fi
- fi
-
+ ip_unset
stop_80211x
-
- if [[ "$CONNECTION" == "wireless" ]]; then
- report_debug ethernet_down bring_interface flush "$INTERFACE"
- bring_interface flush "$INTERFACE"
- else
- report_debug ethernet_down bring_interface down "$INTERFACE"
- bring_interface down "$INTERFACE"
- fi
- return 0
+ bring_interface_down "$Interface"
}
# Stop wpa_supplicant if neccessary
stop_80211x() {
- if checkyesno "${AUTH8021X:-no}"; then
+ if is_yes "${Auth8021X:-no}"; then
. "$SUBR_DIR/8021x"
- [[ -z "$WPA_CONF" ]] && WPA_CONF="/etc/wpa_supplicant.conf"
- report_debug ethernet_down stop_wpa "$INTERFACE"
- stop_wpa "$INTERFACE"
+ : ${WPAConfigFile:=/etc/wpa_supplicant.conf}
+ do_debug wpa_stop "$Interface"
fi
}
-ethernet_$1 "$2"
-exit $?
+
# vim: set ts=4 et sw=4:
diff --git a/src/lib/connections/pppoe b/src/lib/connections/pppoe
index 17fe42d..b24b503 100644
--- a/src/lib/connections/pppoe
+++ b/src/lib/connections/pppoe
@@ -1,5 +1,4 @@
-#! /bin/bash
-. /usr/lib/network/network
+# Contributed by: Thomas Bächler <thomas@archlinux.org>
_quotestring() {
echo "\"${1/\"/\\\"}\""
@@ -7,60 +6,58 @@ _quotestring() {
pppoe_up() {
local cfg
- load_profile "$1"
- mkdir -p "$STATE_DIR/pppoe.${INTERFACE}.$1/"
- chmod 700 "$STATE_DIR/pppoe.${INTERFACE}.$1/"
- cfg="$STATE_DIR/pppoe.${INTERFACE}.$1/options"
+ mkdir -p "$STATE_DIR/pppoe.${Interface}.$1/"
+ chmod 700 "$STATE_DIR/pppoe.${Interface}.${Profile}/"
+ cfg="$STATE_DIR/pppoe.${Interface}.${Profile}/options"
: > "${cfg}"
chmod 600 "${cfg}"
echo "plugin rp-pppoe.so" >> "${cfg}"
- echo "nic-${INTERFACE}" >> "${cfg}"
+ echo "nic-${Interface}" >> "${cfg}"
echo "noauth" >> "${cfg}"
- if checkyesno ${DEFAULTROUTE:-1}; then
+ if is_yes "${DefaultRoute:-yes}"; then
echo "defaultroute" >> "${cfg}"
else
echo "nodefaultroute" >> "${cfg}"
fi
- if checkyesno ${USEPEERDNS:-1}; then
+ if is_yes "${UsePeerDNS:-yes}"; then
echo "usepeerdns" >> "${cfg}"
fi
- echo "linkname $(_quotestring "$1")" >> "${cfg}"
+ echo "linkname $(_quotestring "${Profile}")" >> "${cfg}"
echo "maxfail 5" >> "${cfg}"
echo "updetach" >> "${cfg}"
- if [[ ${CONNECTION_MODE} == demand ]]; then
+ if [[ ${ConnectionMode} == demand ]]; then
echo "demand" >> "${cfg}"
- echo "idle ${IDLE_TIMEOUT}" >> "${cfg}"
+ echo "idle ${IdleTimeout}" >> "${cfg}"
else
echo "persist" >> "${cfg}"
fi
- echo "user $(_quotestring "${USER}")" >> "${cfg}"
- echo "password $(_quotestring "${PASSWORD}")" >> "${cfg}"
- [[ -n ${LCP_ECHO_INTERVAL} ]] && echo "lcp-echo-interval ${LCP_ECHO_INTERVAL}" >> "${cfg}"
- [[ -n ${LCP_ECHO_FAILURE} ]] && echo "lcp-echo-failure ${LCP_ECHO_FAILURE}" >> "${cfg}"
- [[ -n ${PPPOE_SERVICE} ]] && echo "rp_pppoe_service $(_quotestring "${PPPOE_SERVICE}")" >> "${cfg}"
- [[ -n ${PPPOE_AC} ]] && echo "rp_pppoe_ac $(_quotestring "${PPPOE_AC}")" >> "${cfg}"
- [[ -n ${PPPOE_SESSION} ]] && echo "rp_pppoe_sess $(_quotestring "${PPPOE_SESSION}")" >> "${cfg}"
- [[ -n ${PPPOE_MAC} ]] && echo "pppoe-mac $(_quotestring "${PPPOE_MAC}")" >> "${cfg}"
- [[ ${PPPOE_IP6} == yes ]] && echo "+ipv6" >> "${cfg}"
+ echo "user $(_quotestring "${User}")" >> "${cfg}"
+ echo "password $(_quotestring "${Password}")" >> "${cfg}"
+ [[ -n ${LCPEchoInterval} ]] && echo "lcp-echo-interval ${LCPEchoInterval}" >> "${cfg}"
+ [[ -n ${LCPEchoFailure} ]] && echo "lcp-echo-failure ${LCPEchoFailure}" >> "${cfg}"
+ [[ -n ${PPPoEService} ]] && echo "rp_pppoe_service $(_quotestring "${PPPoEService}")" >> "${cfg}"
+ [[ -n ${PPPoEAC} ]] && echo "rp_pppoe_ac $(_quotestring "${PPPoEAC}")" >> "${cfg}"
+ [[ -n ${PPPoESession} ]] && echo "rp_pppoe_sess $(_quotestring "${PPPoESession}")" >> "${cfg}"
+ [[ -n ${PPPoEMAC} ]] && echo "pppoe-mac $(_quotestring "${PPPoEMAC}")" >> "${cfg}"
+ [[ ${PPPoEIP6} == yes ]] && echo "+ipv6" >> "${cfg}"
- /sbin/ip link set dev "${INTERFACE}" up
+ /sbin/ip link set dev "${Interface}" up
/usr/sbin/pppd file "${cfg}"
if [[ $? -ne 0 ]]; then
rm "${cfg}"
- rmdir "$STATE_DIR/pppoe.${INTERFACE}.$1/"
- report_fail "Couldn't make pppd connection."
+ rmdir "$STATE_DIR/pppoe.${Interface}.${Profile}/"
+ report_error "Couldn't make pppd connection."
return 1
fi
}
pppoe_down() {
- load_profile "$1"
local cfg
- cfg="$STATE_DIR/pppoe.${INTERFACE}.$1/options"
- PIDFILE="/var/run/ppp-$1.pid"
+ cfg="$STATE_DIR/pppoe.${Interface}.${Profile}/options"
+ PIDFILE="/var/run/ppp-${Profile}.pid"
if [[ -e $PIDFILE ]]; then
read PID < "$PIDFILE"
@@ -68,10 +65,8 @@ pppoe_down() {
fi
rm "${cfg}"
- rmdir "$STATE_DIR/pppoe.${INTERFACE}.$1/"
+ rmdir "$STATE_DIR/pppoe.${Interface}.${Profile}/"
}
-pppoe_$1 "$2"
-exit $?
# vim: ft=sh ts=4 et sw=4:
diff --git a/src/lib/connections/tunnel b/src/lib/connections/tunnel
index 6cefc5c..f202371 100644
--- a/src/lib/connections/tunnel
+++ b/src/lib/connections/tunnel
@@ -1,34 +1,28 @@
-#! /bin/bash
-. /usr/lib/network/network
+# Contributed by: Kyle Fuller <inbox@kylefuller.co.uk>
-tunnel_up() {
- load_profile "$1"
+. "$SUBR_DIR/ip"
- if [[ -e "/sys/class/net/$INTERFACE" ]]; then
- report_fail "Interface $INTERFACE already exists."
- exit 1
+tunnel_up() {
+ if is_interface "$Interface"; then
+ report_error "Interface '$Interface' already exists"
+ return 1
else
- ip tunnel add "$INTERFACE" mode "$MODE" remote "$REMOTE"
+ ip tunnel add "$Interface" mode "$Mode" remote "$Remote"
fi
- if [[ -n "$LOCAL" ]]; then
- ip tunnel change "$INTERFACE" local "$LOCAL"
+ if [[ -n "$Local" ]]; then
+ ip tunnel change "$Interface" local "$Local"
fi
- "$CONN_DIR/ethernet" up "$1"
- return 0
+ bring_interface_up "$Interface"
+ ip_set
}
tunnel_down() {
- load_profile "$1"
-
- "$CONN_DIR/ethernet" down "$1"
- ip tunnel del "$INTERFACE"
-
- return 0
+ ip_unset
+ bring_interface_down "$Interface"
+ ip tunnel del "$Interface"
}
-tunnel_$1 "$2"
-exit $?
# vim: set ts=4 et sw=4:
diff --git a/src/lib/connections/tuntap b/src/lib/connections/tuntap
index 6985c8c..1ff5203 100644
--- a/src/lib/connections/tuntap
+++ b/src/lib/connections/tuntap
@@ -1,28 +1,24 @@
-#! /bin/bash
-. /usr/lib/network/network
+# Contributed by: Rémy Oudompheng <remy@archlinux.org>
-tuntap_up() {
- load_profile "$1"
+. "$SUBR_DIR/ip"
- if [[ -e /sys/class/net/$INTERFACE ]]; then
- report_fail "Interface $INTERFACE already exists."
- exit 1
+tuntap_up() {
+ if is_interface "$Interface"; then
+ report_error "Interface '$Interface' already exists"
+ return 1
else
- ip tuntap add dev "$INTERFACE" mode "$MODE" \
- user "$USER" group "$GROUP"
+ ip tuntap add dev "$Interface" mode "$Mode" \
+ user "$User" group "$Group"
fi
- IP=${IP-no} "$CONN_DIR/ethernet" up "$1"
- return 0
+ bring_interface_up "$Interface"
+ IP=${IP-no} ip_set
}
tuntap_down() {
- load_profile "$1"
-
- "$CONN_DIR/ethernet" down "$1"
- ip tuntap del dev "$INTERFACE" mode "$MODE"
- return 0
+ ip_unset
+ bring_interface_down "$Interface"
+ ip tuntap del dev "$Interface" mode "$Mode"
}
-tuntap_$1 "$2"
-exit $?
+
# vim: set ts=4 et sw=4 tw=0:
diff --git a/src/lib/connections/vlan b/src/lib/connections/vlan
index 75c7fa9..86d1a2d 100644
--- a/src/lib/connections/vlan
+++ b/src/lib/connections/vlan
@@ -1,28 +1,26 @@
-#! /bin/bash
-. /usr/lib/network/network
+# Contributed by: Thomas S Hatch <thatch45@gmail.com>
-vlan_up() {
- load_profile "$1"
+. "$CONN_DIR/ethernet"
- if [[ -e "/sys/class/net/$INTERFACE" ]]; then
- report_fail "Interface $INTERFACE already exists."
- exit 1
+vlan_up() {
+ if [[ ${#BindsToInterfaces} -ne 1 ]]; then
+ report_error "No unique physical device for VLAN interface '$Interface' specified"
+ return 1
+ fi
+ if is_interface "$Interface"; then
+ report_error "Interface '$Interface' already exists"
+ return 1
else
- bring_interface up "$VLAN_PHYS_DEV"
- ip link add link "$VLAN_PHYS_DEV" name "$INTERFACE" type vlan id "$VLAN_ID"
+ bring_interface_up "$BindsToInterfaces"
+ ip link add link "$BindsToInterfaces" name "$Interface" type vlan id "$VLANID"
fi
- "$CONN_DIR/ethernet" up "$1"
- return 0
+
+ ethernet_up
}
vlan_down() {
- load_profile "$1"
-
- "$CONN_DIR/ethernet" down "$1"
- ip link delete "$INTERFACE"
- return 0
+ ethernet_down
+ ip link delete "$Interface"
}
-vlan_$1 "$2"
-exit $?
# vim: set ts=4 et sw=4:
diff --git a/src/lib/connections/wireless b/src/lib/connections/wireless
index 135bec7..a3b324b 100644
--- a/src/lib/connections/wireless
+++ b/src/lib/connections/wireless
@@ -1,116 +1,89 @@
-#! /bin/bash
-. /usr/lib/network/network
+# Wireless connection support for netctl
+
. "$SUBR_DIR/8021x"
+. "$SUBR_DIR/ip"
. "$SUBR_DIR/rfkill"
-wireless_up() {
- PROFILE="$1"
- load_profile "$PROFILE"
- # Default settings
- SECURITY=${SECURITY:-none}
- WPA_DRIVER=${WPA_DRIVER:-nl80211,wext}
+wireless_up() {
+ local config_file
- enable_rf $INTERFACE $RFKILL $RFKILL_NAME || return 1
+ if ! is_interface "$Interface"; then
+ report_error "Interface '$Interface' does not exist"
+ return 1
+ fi
- # Check if interface exists
- is_interface "$INTERFACE" || { report_fail "interface $INTERFACE does not exist"; return 1; }
+ # Default settings
+ : ${Security:=none}
+ : ${WPADriver:=nl80211,wext}
+ : ${TimeoutWPA:=15}
+
+ if [[ $RFKill ]]; then
+ enable_rf "$Interface" "$RFKill" || return 1
+ fi
- # Kill any lingering wpa_supplicants.
- stop_wpa "$INTERFACE" &> /dev/null
+ # Kill any lingering WPA supplicants
+ WPAConfigFile= wpa_stop "$Interface" &> /dev/null
- # Start wpa_supplicant
- if [[ "$SECURITY" = "wpa-config" ]]; then
- WPA_CONF="${WPA_CONF:-/etc/wpa_supplicant.conf}"
+ if [[ $Security == "wpa-config" ]]; then
+ : ${WPAConfigFile:=/etc/wpa_supplicant.conf}
+ config_file=$WPAConfigFile
else
- WPA_CONF=$(make_wpa_config_file $INTERFACE)
+ config_file=$(wpa_make_config_file "$Interface")
+ if [[ -z $config_file ]]; then
+ report_error "Could not create a wpa config file for interface '$Interface'"
+ bring_interface_down "$Interface"
+ return 1
+ fi
+ printf "%s\n" "network={" "$(wpa_make_config_block)" "}" >> "$config_file"
fi
- report_debug wireless_up start_wpa "$INTERFACE" "$WPA_CONF" "$WPA_DRIVER" "$WPA_OPTS"
- if ! start_wpa "$INTERFACE" "$WPA_CONF" "$WPA_DRIVER" "$WPA_OPTS"; then
- report_fail "wpa_supplicant did not start, possible configuration error"
+
+ # Start the WPA supplicant
+ if ! do_debug wpa_start "$Interface" "$WPADriver" "$config_file"; then
+ report_error "The WPA supplicant did not start for interface '$Interface'"
+ bring_interface_down "$Interface"
return 1
fi
- # Scan for network's existence first
- if checkyesno "${SCAN:-no}"; then
- report_debug wireless_up scanning
- local OLDESSID="$ESSID"
- if [[ -n "$AP" ]]; then
- BSSID=$(wpa_find_ap "$INTERFACE" "$AP")
- else
- ESSID=$(wpa_find_essid "$INTERFACE" "$ESSID")
- fi
- if [[ $? -gt 0 ]]; then
- report_fail "Wireless network \"$OLDESSID\" not present."
- report_debug wireless_up stop_wpa "$INTERFACE"
- stop_wpa "$INTERFACE"
+ if is_yes "${Scan:-no}"; then
+ if ! wpa_wait_while_state "$TimeoutWPA" "$Interface" "DISCONNECTED" "SCANNING"; then
+ report_error "Wireless network '$ESSID' (or access point) not present"
+ wpa_stop "$Interface"
+ bring_interface_down "$interface"
return 1
fi
fi
-
- # Build configuration file
- case "$SECURITY" in
- wpa-config)
- ;;
- none|wep|wpa|wpa-configsection)
- printf "%s\n" "network={" "$(make_wpa_config)" "}" >> "$WPA_CONF"
- report_debug wireless_up "Configuration generated at $WPA_CONF"
- report_debug wireless_up wpa_reconfigure "$INTERFACE"
- if ! wpa_reconfigure "$INTERFACE"; then
- report_fail "WPA configuration failed!"
- stop_wpa "$INTERFACE"
- return 1
- fi
- ;;
- *)
- report_fail "Invalid SECURITY setting: $SECURITY"
- ;;
- esac
-
+
# Bring interface up after starting wpa_supplicant
# This is important since cards such as iwl3945 do not support
# mode switching when they are already up.
- report_debug wireless_up ifup
- bring_interface up "$INTERFACE" || return 1
+ bring_interface_up "$Interface" || return 1
- report_debug wireless_up wpa_check
- if ! wpa_check "$INTERFACE" "$TIMEOUT"; then
- report_fail "WPA Authentication/Association Failed"
+ if ! wpa_wait_until_state "$TimeoutWPA" "$Interface" "COMPLETED"; then
+ report_error "WPA association/authentication failed for interface '$Interface'"
+ wpa_stop "$Interface"
+ bring_interface_down "$Interface"
return 1
fi
- if ! "$CONN_DIR/ethernet" up "$PROFILE"; then
- wireless_down "$PROFILE" YES
+ if ! ip_set; then
+ wpa_stop "$Interface"
+ bring_interface_down "$Interface"
return 1
fi
}
-# wireless_down PROFILE [ LEAVE ifconfig up? default no ]
wireless_down() {
- local PROFILE="$1"
- load_profile "$PROFILE"
-
- "$CONN_DIR/ethernet" down "$PROFILE"
-
- # The config file can contain a non-standard control socket path
- if [[ "$SECURITY" = "wpa-config" ]]; then
- WPA_CONF="${WPA_CONF:-/etc/wpa_supplicant.conf}"
+ ip_unset
+ if [[ $Security == "wpa-config" ]]; then
+ : ${WPAConfigFile:=/etc/wpa_supplicant.conf}
fi
- report_debug wireless_down stop_wpa "$INTERFACE"
- stop_wpa "$INTERFACE"
- rm -rf "$STATE_DIR/wpa.$INTERFACE"
-
- bring_interface down "$INTERFACE"
-
- # Handle wireless kill switches
- # Any reason why a hardware switch should be considered on interface down?
- if [[ "$RFKILL" == "soft" ]]; then
- set_rf_state "$INTERFACE" disabled $RFKILL_NAME || return 1
+ wpa_stop "$Interface"
+ bring_interface_down "$Interface" || return 1
+ if [[ $RFKill ]]; then
+ disable_rf "$Interface" "$RFKill"
fi
}
-wireless_$1 "$2" "$3"
-exit $?
# vim: ft=sh ts=4 et sw=4 tw=0:
-
diff --git a/src/lib/globals b/src/lib/globals
index 491f9d6..8277a40 100644
--- a/src/lib/globals
+++ b/src/lib/globals
@@ -1,136 +1,121 @@
-# /usr/lib/networks/globals
-#
-# All +x files in /usr/lib/network/hooks will be sourced when this file is.
-# Hook files can override any of the utility functions defined here for custom
-# behavior (such as logging error messages to syslog). This lets us keep netcfg
-# simple but gives it the flexibility for users to make modular use of it to do
-# more complex things
-
-
-### Globals
PROFILE_DIR="/etc/network.d"
-IFACE_DIR="$PROFILE_DIR/interfaces"
SUBR_DIR="/usr/lib/network"
-HOOKS_DIR="$SUBR_DIR/hooks"
CONN_DIR="$SUBR_DIR/connections"
STATE_DIR="/run/network"
-
+STATE_FILE="${NETCTL_STATE_FILE:-/var/lib/netctl/netctl.state}"
### Logging/Error reporting
-function report_err {
+report_notice() {
echo "$*"
}
-function report_notice {
+report_error() {
echo "$*"
}
-function report_debug {
- checkyesno "$NETCFG_DEBUG" && echo "DEBUG: $*" >&2
+report_debug() {
+ is_yes "${NETCTL_DEBUG:-no}" && echo "DEBUG: $*" >&2
}
-function report_try {
- # This needs -n and a trailing space.
- echo -n ":: $* "
- REPORT_TRYING=1
+exit_error() {
+ report_error "$@" >&2
+ exit 1
}
-function report_fail {
- if [[ -n "$*" ]]; then
- if (( REPORT_TRYING )); then
- echo "- $* [fail]"
- REPORT_TRYING=
- else
- echo "$*"
- fi
- elif (( REPORT_TRYING )); then
- echo "[fail]"
- REPORT_TRYING=
- fi
-}
-function report_success {
- if [[ -n "$*" ]]; then
- # This needs -n and a trailing space.
- echo -n "- $* "
- fi
- echo "[done]"
- REPORT_TRYING=
+### Variable management
+
+## Check if a variable occurs in an array
+# $1: the variable to find
+# $2...: the array elements
+in_array() {
+ local hay needle=$1
+ shift
+ for hay; do
+ [[ $hay == "$needle" ]] && return 0
+ done
+ return 1
}
-### For calling scripts only; don't use in library functions
-function exit_stderr { echo "$*" >&2; exit 1; }
-function exit_err { report_err "$*"; exit 1; }
-function exit_fail { report_fail "$*"; exit 1; }
-
-
-### From FreeBSD's /etc/rc.subr
-##
-# checkyesno var
-# Test $1 variable, and warn if not set to YES or NO.
-# Return 0 if it's "yes" (et al), nonzero otherwise.
-# To default to yes, do: "checkyesno ${VAR:-yes}".
-#
-function checkyesno() {
- local _value="$1"
- #debug "checkyesno: $1 is set to $_value."
- case "$_value" in
-
- # "yes", "true", "on", or "1"
- [Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1)
+## Check if a variable denotes a positive truth value
+# $1: the variable to check, use is_yes ${VAR:-yes} to set a default
+is_yes() {
+ case ${1,,} in
+ yes|true|on|1)
return 0
;;
-
- # "no", "false", "off", or "0"
- [Nn][Oo]|[Ff][Aa][Ll][Ss][Ee]|[Oo][Ff][Ff]|0)
+ no|false|off|0)
return 1
;;
- *)
- #warn "\$${1} is not set properly - see rc.conf(5)."
+ *)
+ report_error "Not a valid truth value: '$1'"
return 1
;;
esac
}
-## Check if variable is a member of an array
-# $1: the variable to find
-# $2...: the array elements
-function inarray() {
- local item search="$1"
- shift
- for item in "$@"; do
- if [[ "$item" == "$search" ]]; then
- return 0
- fi
- done
- return 1
+
+### Control flow
+
+## Show what we evaluate when debugging, but always evaluate
+do_debug() {
+ report_debug "${FUNCNAME[1]}:" "$@"
+ "$@"
+}
+
+## Exit if we are not effectively root
+# $1: program name (optional)
+ensure_root() {
+ (( EUID == 0 )) || exit_error "${1-$0} needs root privileges"
}
## Waits until a statement succeeds or a timeout occurs
# $1: timeout in seconds
# $2...: condition command
-function timeout_wait() {
- local timeout="$1"
- (( timeout *= 10 ))
+timeout_wait() {
+ local timeout=$1
+ (( timeout *= 5 ))
shift
while ! eval "$*"; do
(( timeout-- > 0 )) || return 1
- sleep 0.1
+ sleep 0.2
done
return 0
}
-### Load all +x files in $HOOKS_DIR
-function load_hooks() {
+### Profile management
+
+## List all acceptable profiles names (assume they don't contain newlines)
+list_profiles() {
+ # JP: follow aliases with -L, also skip profiles that end with '.conf' (so
+ # profile.conf can be the wpa.conf file for profile)
+ find -L "$PROFILE_DIR/" -maxdepth 1 -type f -not -name '.*' -not -name '*~' -not -name '*.conf' -not -name '*.service' -printf "%f\n"
+}
+
+## Sources all hooks, a profile and any interface hook
+# $1: profile name
+load_profile() {
local hook
- for hook in $(find -L "$HOOKS_DIR/" -maxdepth 1 -type f -executable | sort -u); do
+ if [[ ! -r "$PROFILE_DIR/$1" ]]; then
+ exit_error "Profile '$1' does not exist or is not readable"
+ fi
+ while read -r hook; do
source "$hook"
- done
+ done < <(find -L "$PROFILE_DIR/hooks" -maxdepth 1 -type f -executable -not -name '.*' -not -name '*~' | sort -u)
+ source "$PROFILE_DIR/$1"
+ if [[ -z $Interface ]]; then
+ exit_error "Profile '$1' does not specify an interface"
+ fi
+ if [[ ! -r "$CONN_DIR/${Connection:-/dev/null/nonexistent}" ]]; then
+ exit_error "Profile '$1' does not specify a valid connection"
+ fi
+ if [[ -x "$PROFILE_DIR/interfaces/$Interface" ]]; then
+ source "$PROFILE_DIR/interfaces/$Interface"
+ fi
}
-load_hooks
# vim: ft=sh ts=4 et sw=4:
diff --git a/src/lib/ip b/src/lib/ip
new file mode 100644
index 0000000..02d99f4
--- /dev/null
+++ b/src/lib/ip
@@ -0,0 +1,215 @@
+## /usr/lib/network/globals needs to be sourced before this file
+
+
+## Add resolv.conf entries for an interface
+# $1: interface name
+# $2...: entries, one line per variable
+resolvconf_add() {
+ local interface="$1"
+ shift
+ printf "%s\n" "$@" | resolvconf -a "$interface"
+}
+
+
+## Set up an IP configuration
+# $Interface: interface name
+# $IP: type of IPv4 configuration
+# $IP6: type of IPv6 configuration
+ip_set() {
+ local addr line route interface_sysctl=${Interface/.//}
+
+ if [[ -z $IP && -z $IP6 ]]; then
+ report_error "Neither IP, nor IP6 was specified"
+ return 1
+ fi
+
+ case $IP in
+ dhcp)
+ case ${DHCPClient:-dhcpcd} in
+ dhcpcd)
+ rm -f "/run/dhcpcd-$Interface".{pid,cache}
+ # If using own dns, tell dhcpcd to NOT replace resolv.conf
+ [[ $DNS ]] && DhcpcdOptions+=" -C resolv.conf"
+ do_debug dhcpcd -qL -t "${TimeoutDHCP:-10}" $DHCPOptions "$Interface" 2>&1 | report_debug "$(cat)"
+ # The first array value of PIPESTATUS is the exit status of dhcpcd
+ if (( PIPESTATUS != 0 )); then
+ report_error "DHCP IP lease attempt failed on interface '$Interface'"
+ return 1
+ fi
+ ;;
+ dhclient)
+ rm -f "/run/dhclient-${Interface}.pid"
+ if ! do_debug dhclient -q -e "TIMEOUT=${TimeoutDHCP:-10}" -pf "/run/dhclient-$Interface.pid" $DhclientOptions "$Interface"; then
+ report_error "DHCP IP lease attempt failed on interface '$Interface'"
+ return 1
+ fi
+ ;;
+ *)
+ report_error "Unsupported DHCP client: '$DHCPClient'"
+ return 1
+ ;;
+ esac
+ ;;
+ static)
+ if [[ $Address ]]; then
+ for addr in "${Address[@]}"; do
+ [[ $addr == */* ]] || addr+="/24"
+ if ! do_debug ip addr add "$addr" brd + dev "$Interface"; then
+ report_error "Could not add address '$addr' to interface '$Interface'"
+ return 1
+ fi
+ done
+ fi
+ if [[ $Gateway ]]; then
+ if ! do_debug ip route add default via "$Gateway" dev "$Interface"; then
+ report_error "Could not set gateway '$Gateway' on interface '$Interface'"
+ return 1
+ fi
+ fi
+ ;;
+ ""|no)
+ ;;
+ *)
+ report_error "IP must be either 'dhcp', 'static' or 'no'"
+ return 1
+ ;;
+ esac
+
+ # Add static IP routes
+ if [[ $IP && $Routes ]]; then
+ for route in "${Routes[@]}"; do
+ if ! do_debug ip route add $route dev "$Interface"; then
+ report_error "Could not add route '$route' to interface '$Interface'"
+ return 1
+ fi
+ done
+ fi
+
+ # Load ipv6 module if necessary
+ case "$IP6" in
+ dhcp*|stateless|static)
+ [[ -d "/proc/sys/net/ipv6" ]] || modprobe ipv6
+ ;;
+ no)
+ [[ -d "/proc/sys/net/ipv6" ]] && sysctl -q -w "net.ipv6.conf.$interface_sysctl.accept_ra=0"
+ ;;
+ "") # undefined IP6 does not prevent RA's from being received -> nop
+ ;;
+ *)
+ report_error "IP6 must be 'dhcp', 'dhcp-noaddr', 'stateless', 'static' or 'no'"
+ return 1
+ ;;
+ esac
+
+ case "$IP6" in
+ dhcp*)
+ if ! type dhclient &>/dev/null; then
+ report_error "You need to install dhclient to use DHCPv6"
+ return 1
+ fi
+ sysctl -q -w "net.ipv6.conf.$interface_sysctl.accept_ra=1"
+ [[ $IP6 == "dhcp-noaddr" ]] && Dhclient6Options+=" -S"
+ rm -f "/run/dhclient6-${Interface}.pid"
+ if ! do_debug dhclient -6 -q -e "TIMEOUT=${TimeoutDHCP:-10}" -pf "$Pidfile" $Dhclient6Options "$Interface"; then
+ report_error "DHCPv6 IP lease attempt failed on interface '$Interface'"
+ return 1
+ fi
+ ;;
+ stateless)
+ sysctl -q -w "net.ipv6.conf.$interface_sysctl.accept_ra=1"
+ ;;
+ static)
+ sysctl -q -w "net.ipv6.conf.$interface_sysctl.accept_ra=0"
+ if [[ -n $Address6 ]]; then
+ for addr in "${Address6[@]}"; do
+ if ! do_debug ip -6 addr add $addr dev "$Interface"; then
+ report_error "Could not add address '$addr' to interface '$Interface'"
+ fi
+ done
+ fi
+ ;;
+ esac
+
+ if [[ $IP6 ]]; then
+ # Wait for Duplicate Address Detection to finish
+ if ! timeout_wait "${TimeoutDAD:-3}" '[[ -z "$(ip -6 addr show dev "$Interface" tentative)" ]]'; then
+ report_error "Duplicate Address Detection is taking too long on interface '$Interface'"
+ return 1
+ fi
+
+ # Add static IPv6 routes
+ if [[ $Routes6 ]]; then
+ for route in "${Routes6[@]}"; do
+ if ! do_debug ip -6 route add $route dev "$Interface"; then
+ report_error "Could not add route '$route' to interface '$Interface'"
+ return 1
+ fi
+ done
+ fi
+
+ # Set a custom gateway after DAD has finished
+ if [[ $IP6 == "static" && $Gateway6 ]]; then
+ if ! do_debug ip -6 route replace default via "$Gateway6" dev "$Interface"; then
+ report_error "Could not set gateway '$Gateway6' on interface '$Interface'"
+ return 1
+ fi
+ fi
+ fi
+
+ if [[ $IPCustom ]]; then
+ for line in "${IPCustom[@]}"; do
+ if ! do_debug ip $line; then
+ report_error "Could not configure interface ($line)"
+ return 1
+ fi
+ done
+ fi
+
+ if [[ $Hostname ]]; then
+ if ! do_debug hostnamectl set-hostname "$Hostname"; then
+ report_error "Cannot set the hostname to '$Hostname'"
+ return 1
+ fi
+ fi
+
+ if [[ $DNS ]]; then
+ resolvconf_add "$Interface" \
+ "${DNSDomain/#/domain }" \
+ "${DNSSearch/#/search }" \
+ "${DNS[@]/#/nameserver }" \
+ "${DNSOptions[@]/#/options }"
+ fi
+}
+
+
+## Clean up the dynamic part of an IP configuration
+# $Interface: interface name
+# $IP: type of IPv4 configuration
+# $IP6: type of IPv6 configuration
+ip_unset() {
+ if [[ "$IP" == "dhcp" ]]; then
+ case $DHCPClient in
+ dhcpcd)
+ if [[ -f "/run/dhcpcd-$Interface.pid" ]]; then
+ do_debug dhcpcd -qk "$Interface" >/dev/null
+ fi
+ ;;
+ dhclient)
+ if [[ -f "/run/dhclient-$Interface.pid" ]]; then
+ # Alternatively, use -r instead of -x to also release the lease
+ do_debug dhclient -q -x "$Interface" -pf "/run/dhclient-$Interface.pid" >/dev/null
+ fi
+ ;;
+ esac
+ fi
+ if [[ "$IP6" == dhcp* ]]; then
+ if [[ -f "/run/dhclient6-$Interface.pid" ]]; then
+ do_debug dhclient -6 -q -x "$Interface" -pf "/run/dhclient6-$Interface.pid" >/dev/null
+ fi
+ fi
+
+ [[ $DNS ]] && resolvconf -d "$Interface"
+}
+
+
+# vim: ft=sh ts=4 et sw=4:
diff --git a/src/lib/network b/src/lib/network
index 1aa384c..1117737 100644..100755
--- a/src/lib/network
+++ b/src/lib/network
@@ -1,368 +1,95 @@
-### Globals
-. /usr/lib/network/globals
-# will load hooks
-
-## Loads a profile.
-# $1: profile name
-load_profile()
-{
- unset ROUTES
- [[ -z "$1" ]] && return 1
- if [[ ! -f "$PROFILE_DIR/$1" ]]; then
- report_err "Profile \"$1\" does not exist"
- return 1
- fi
- report_debug "Loading profile $1"
- INTERFACE=$(. "$PROFILE_DIR/$1"; echo "$INTERFACE")
- report_debug "Configuring interface $INTERFACE"
- if [[ -z "$INTERFACE" ]]; then
- report_err "Profile missing an interface to configure"
- return 1
- fi
- if [[ -f "$IFACE_DIR/$INTERFACE" ]]; then
- report_debug "Interface level configuration enabled: $IFACE_DIR/$INTERFACE"
- . "$IFACE_DIR/$INTERFACE"
- fi
- . "$PROFILE_DIR/$1" # we want profile settings to override, so need to source profile again
- if [[ ! -f "$CONN_DIR/$CONNECTION" ]]; then
- report_err "$CONNECTION is not a valid connection, check spelling or look at examples"
- return 1
- fi
-}
-
-##################
-# Profile up/down
-##################
-
-## Take all registered profiles down.
-all_down()
-{
- find "$STATE_DIR/profiles/" -maxdepth 1 -type f -printf '%f\n' \
- | while read prof; do
- profile_down "$prof"
- done
-}
+#! /bin/bash
-## Create the state dir and sub directories if they don't already exist.
-check_make_state_dir()
-{
- [[ ! -d "$STATE_DIR" ]] && mkdir -p "$STATE_DIR"/{interfaces,profiles}
- for d in interfaces profiles suspend; do
- [[ ! -d "$STATE_DIR/$d" ]] && mkdir "$STATE_DIR/$d"
- done
-}
+. /usr/lib/network/globals
-## Save the list of running profiles and take them down if needed
-# $1: interface name or "all"
-# $2: take associated profiles down (optional, default="yes")
-interface_suspend()
-{
- report_debug interface_suspend "$@"
- check_make_state_dir
- find "$STATE_DIR/profiles/" -maxdepth 1 -type f -printf '%f\n' \
- | while read prof; do
- # the pipe to "while read" will create a subshell
- INTERFACE=$(. "$STATE_DIR/profiles/$prof"; echo "$INTERFACE")
- if [[ "$1" == all || "$1" == "$INTERFACE" ]]; then
- report_notice "suspending interface $INTERFACE with profile $prof"
- cp "$STATE_DIR/profiles/$prof" "$STATE_DIR/suspend/"
- if checkyesno "${2:-yes}"; then
- profile_down "$prof"
- fi
- fi
- done
-}
-
-## Save the list of all running profiles and take them down
-all_suspend() {
- interface_suspend all
+## Check if a string represents a network interface
+# $1: potential interface name
+is_interface() {
+ # Strip any old school alias specifier
+ [[ -d "/sys/class/net/${1%%:?*}" ]]
}
-## Restore saved profiles (for resume purposes).
-# $@: a list of interfaces not to resume (e.g., because they're disabled)
-all_resume()
-{
- report_debug all_resume "$@"
- find "$STATE_DIR/suspend/" -maxdepth 1 -type f -printf '%f\n' \
- | while read prof; do
- # the pipe to "while read" will create a subshell
- INTERFACE=$(. "$STATE_DIR/suspend/$prof"; echo "$INTERFACE")
- if [[ $# -eq 0 || ! " $* " =~ " $INTERFACE " ]]; then
- report_notice "resuming interface $INTERFACE with profile $prof"
- profile_up "$prof"
- rm -f "$STATE_DIR/suspend/$prof" # if profile_up succeeds, it will have already removed this
- fi
- done
+## Check if an interface is up
+# $1: interface name
+interface_is_up() {
+ local flags
+ read flags < "/sys/class/net/${1%%:?*}/flags"
+ # IFF_UP is defined as 0x1 in linux/if.h
+ (( flags & 0x1 ))
}
-## Puts up a profile.
-# $1: the profile name
-profile_up()
-{
- (
- # Keep inside subshell so that options from one profile don't cross to others
- # exit 1 used in a subshell is effectively exiting a new process
- check_make_state_dir
-
- local status PROFILE="$1" # save PROFILE in a variable so that it's available to PRE_UP/POST_DOWN etc hooks
-
- load_profile "$PROFILE" || exit 1
-
- if check_profile "$PROFILE"; then
- report_err "$PROFILE already connected"
+## Activate an interface
+# $1: interface name
+bring_interface_up() {
+ local interface=$1
+ ip link set dev "$interface" up &>/dev/null
+ timeout_wait "${TimeoutUp:-5}" 'interface_is_up "$interface"'
+}
+
+## Deactivate an interface
+# $1: interface name
+bring_interface_down() {
+ local interface=$1
+ ip addr flush dev "$interface" &>/dev/null
+ ip link set dev "$interface" down &>/dev/null
+ # We reuse the up timeout (down normally is faster)
+ timeout_wait "${TimeoutUp:-5}" '! interface_is_up "$interface"'
+}
+
+
+if [[ $# -ne 2 || $1 != @(start|stop) ]]; then
+ exit_error "Usage: $0 {start|stop} <profile>"
+fi
+ensure_root netctl
+# Ensure we are not in a transient directory
+cd /
+
+# Expose the profile name
+Profile=$2
+load_profile "$Profile"
+source "$CONN_DIR/$Connection"
+case $1 in
+ start)
+ report_notice "Starting network profile '$Profile'..."
+ if is_interface "$Interface" && interface_is_up "$Interface" && \
+ ! is_yes "${ForceConnect:-no}"; then
+ report_error "The interface of network profile '$Profile' is already up"
exit 1
fi
-
- # EXCLUSIVE, network.d/profile: Individual profile is mutually exclusive
- if checkyesno "$EXCLUSIVE"; then
- all_down
- fi
-
- report_try "$PROFILE up"
-
- status=$(check_iface "$INTERFACE")
- report_debug "status reported to profile_up as: $status"
- case "$status" in
- external)
- report_fail "Interface $INTERFACE externally controlled"
- exit 1
- ;;
- disabled)
- report_fail "Interface $INTERFACE is disabled"
- exit 1
- ;;
- "")
- ;;
- *)
- if checkyesno "$CHECK"; then
- report_fail "Interface $INTERFACE already in use"
- exit 1
-
- # not necessary to sandbox this call or reload PROFILE afterwards
- elif ! interface_down "$INTERFACE"; then
- report_fail
- exit 1
- fi
- ;;
- esac
-
- if ! ( eval $PRE_UP ); then # JP: sandbox the eval so variables don't bleed into current function
- report_debug profile_up "PRE_UP failed"
- report_fail
+ if ! "${Connection}_up"; then
+ report_error "Failed to bring the network up for profile '$Profile'"
exit 1
fi
-
- if ! "$CONN_DIR/$CONNECTION" up "$PROFILE"; then
- report_debug profile_up "connect failed"
- report_fail
- # "$CONN_DIR/$CONNECTION" down "$PROFILE" # JP: should we do this to make sure?
+ # JP: sandbox the eval
+ if ! ( eval $ExecUpPost ); then
+ report_error "ExecUpPost failed for network profile '$Profile'"
+ # Failing ExecUpPost will take the connection down
+ "${Connection}_down"
exit 1
fi
-
- if ! ( eval $POST_UP ); then # JP: sandbox the eval
- report_debug profile_up "POST_UP failed"
- report_fail
- # failing POST_UP will take interface down
- "$CONN_DIR/$CONNECTION" down "$PROFILE"
+ report_notice "Started network profile '$Profile'"
+ ;;
+ stop)
+ report_notice "Stopping network profile '$Profile'..."
+ # JP: sandbox the eval
+ if ! ( eval $ExecDownPre ); then
+ report_error "ExecDownPre failed for network profile '$Profile'"
+ # Failing ExecDownPre will leave the profile active
exit 1
fi
-
- set_profile up "$PROFILE"
- unset EXCLUSIVE
-
- # Successfully running a new profile; erase any suspended profiles on this interface
- local iface="$INTERFACE"
- find "$STATE_DIR/suspend/" -maxdepth 1 -type f -printf '%f\n' \
- | while read prof; do
- # the pipe to "while read" will create a subshell
- INTERFACE=$(. "$STATE_DIR/suspend/$prof"; echo "$INTERFACE")
- if [[ "$iface" == "$INTERFACE" ]]; then
- rm "$STATE_DIR/suspend/$prof"
- fi
- done
-
- report_success
- ); return $?
-}
-
-## Puts a profile down.
-# $1: the profile name
-profile_down()
-{
- (
- check_make_state_dir
-
- local status PROFILE="$1" # save PROFILE in a variable so that it's available to PRE_UP/POST_DOWN etc hooks
-
- load_profile "$PROFILE" || exit 1
-
- status=$(check_iface "$INTERFACE")
- report_debug "status reported to profile_down as: $status"
-
- if [[ "$status" != "$PROFILE" ]]; then
- # if interface not available to be controlled by netcfg, then
- # any profiles should have been removed by check_iface
- # else we get here if another profile is running
- report_err "Profile not connected"
+ if ! "${Connection}_down"; then
+ report_error "Failed to bring the network down for profile '$Profile'"
exit 1
fi
-
- report_try "$PROFILE down"
- if [[ "$(check_iface "$INTERFACE")" == "external" ]]; then
- report_fail "$interface was connected by another application"
+ if is_interface "$Interface" && interface_is_up "$Interface" && \
+ ! is_yes "${ForceConnect:-no}"; then
+ report_error "The interface of network profile '$Profile' did not go down"
exit 1
fi
+ report_notice "Stopped network profile '$Profile'"
+ ;;
+esac
- if ! ( eval $PRE_DOWN ); then # JP: sandbox the eval
- report_debug profile_down "PRE_DOWN failed"
- # true # JP: did we want failing PRE_DOWN to leave the profile active?
- report_fail
- exit 1
- fi
-
- if ! "$CONN_DIR/$CONNECTION" down "$PROFILE"; then
- report_debug profile_up "disconnect failed"
- report_fail
- exit 1
- fi
-
- if ! ( eval $POST_DOWN ); then # JP: sandbox the eval
- report_debug profile_down "POST_DOWN failed"
- report_fail
- exit 1
- fi
-
- set_profile down "$PROFILE"
- report_success
- ); return $?
-}
-
-# interface_down interface
-# take interface down
-#
-interface_down()
-{
- local profile=$(check_iface "$1")
- case "$profile" in
- ""|disabled) return 0 ;;
- external) return 1 ;;
- *) profile_down "$profile" ;;
- esac
-}
-
-# interface_reconnect interface
-# reconnects the profile active on interface
-interface_reconnect()
-{
- local profile=$(check_iface "$1")
- case "$profile" in
- ""|disabled|external)
- return 1
- ;;
- *)
- profile_down "$profile"
- profile_up "$profile"
- ;;
- esac
-}
-
-##
-# check_iface interface
-# Return 0 if interface unavailable (in use by a profile or externally, or disabled)
-# Return 1 if interface down and available to be used
-#
-check_iface() {
- if [[ -f "$STATE_DIR/interfaces/$1" ]]; then
- cat "$STATE_DIR/interfaces/$1"
- return 0
- else
- return 1
- fi
-}
-
-# list_profiles
-# Outputs a list of all profiles
-list_profiles() {
- # JP: follow aliases with -L, also skip profiles that start with '.' or end with '~' or '.conf' (so profile.conf can be the wpa.conf file for profile)
- find -L "$PROFILE_DIR/" -maxdepth 1 -type f -not -name '*~' -not -name '*.conf' -not -name '.*' -printf "%f\n"
-}
-
-# check_profile profile
-# Return 0 if profile registered as being up
-# Return 1 if profile not registered
-#
-check_profile() {
- [[ -f "$STATE_DIR/profiles/$1" && ! -f "$STATE_DIR/suspend/$1" ]] && return 0
- return 1
-}
-
-### Status setting functions
-##
-# set_profile up/down profile
-# Set profile state, either up or down
-#
-set_profile() {
- local INTERFACE
- if [[ "$1" == "up" ]]; then
- INTERFACE=$(. "$PROFILE_DIR/$2"; echo "$INTERFACE")
- cp "$PROFILE_DIR/$2" "$STATE_DIR/profiles/"
- set_iface up "$INTERFACE" "$2"
- elif [[ "$1" == "down" && -f "$STATE_DIR/profiles/$2" ]]; then # JP: skip if profile not already up
- INTERFACE=$(. "$STATE_DIR/profiles/$2"; echo "$INTERFACE")
- rm "$STATE_DIR/profiles/$2"
- set_iface down "$INTERFACE" "$2"
- fi
-}
-
-# set_iface up/down interface [profile]
-# Set interface status to up/down
-# optionally link it to a profile.
-#
-set_iface() {
- local PROFILE="${3:-external}"
- if [[ "$1" == "up" ]]; then
- echo "$PROFILE" > "$STATE_DIR/interfaces/$2"
- elif [[ "$1" == "down" ]]; then
- rm -f "$STATE_DIR/interfaces/$2" # JP: add -f so we don't complain if the interface isn't up
- fi
-}
-
-is_interface() {
- local INTERFACE="$1"
- if [[ ! -e "/sys/class/net/$INTERFACE" ]]; then
- if ! echo "$INTERFACE" | grep -F -q ":"; then
- return 1
- fi
- fi
- return 0
-}
-
-interface_is_up() {
- local flags
- read flags < "/sys/class/net/$1/flags"
- # IFF_UP is defined as 0x1 in linux/if.h
- (( flags & 0x1 ))
-}
-
-## Changes a network interface state.
-# $1: up, flush, or down.
-# $2: the interface name
-bring_interface()
-{
- local INTERFACE="$2"
- case "$1" in
- up)
- ip link set dev "$INTERFACE" up &>/dev/null
- timeout_wait "${UP_TIMEOUT:-5}" 'interface_is_up "$INTERFACE"' || return 1
- ;;
- flush|down)
- ip addr flush dev "$INTERFACE" &>/dev/null
- ;;&
- down)
- ip link set dev "$INTERFACE" down &>/dev/null
- ;;
- esac
-}
# vim: ft=sh ts=4 et sw=4:
diff --git a/src/lib/rfkill b/src/lib/rfkill
index 1832dc1..996e463 100644
--- a/src/lib/rfkill
+++ b/src/lib/rfkill
@@ -1,61 +1,60 @@
-set_rf_state() {
- local INTERFACE="$1" state="$2" RFKILL_NAME="$3"
+## /usr/lib/network/globals needs to be sourced before this file
- if [[ "$RFKILL" == "hard" ]]; then
- report_fail "Cannot set state on hardware rfkill switch"
- return 1
- fi
- local path=$(get_rf_path "$INTERFACE" "$RFKILL_NAME") || return 1
- case "$state" in
- enabled)
- echo 0 > "$path/soft"
- ;;
- disabled)
- echo 1 > "$path/soft"
- ;;
- esac
-}
+## Determine the system interface of an rfkill device
+# $1: interface name
+# $2: rfkill name
get_rf_path() {
- local INTERFACE="$1" RFKILL_NAME="$2" path
+ local interface=$1 rfkill_name=${2:-auto} path
- if [[ -n "$RFKILL_NAME" ]]; then
+ if [[ $rfkill_name == "auto" ]]; then
+ path=$(find -L "/sys/class/net/$interface/" -maxdepth 2 -type d -name "rfkill*" 2> /dev/null | head -n 1)
+ if [[ $path ]]; then
+ echo "$path"
+ return 0
+ fi
+ report_error "No rfkill switch available on interface '$interface'"
+ else
for path in /sys/class/rfkill/*; do
- if [[ "$(< "$path/name")" == "$RFKILL_NAME" ]]; then
+ if [[ $(< "$path/name") == "$rfkill_name" ]]; then
echo "$path"
return 0
fi
done
- report_fail "no rfkill switch with name $RFKILL_NAME"
- else
- path=$(find -L "/sys/class/net/$INTERFACE/" -maxdepth 2 -type d -name "rfkill*" 2> /dev/null | head -n 1)
- if [[ -n "$path" ]]; then
- echo "$path"
- return 0
- fi
- report_fail "no rfkill switch available on interface $INTERFACE"
+ report_error "No rfkill switch with name '$rfkill_name'"
fi
return 1
}
+## Unblock transmission through a wireless device
+# $1: interface name
+# $2: rfkill name
enable_rf() {
- local INTERFACE="$1" RFKILL="$2" RFKILL_NAME="$3" path hard soft
-
- # Enable rfkill if necessary, or fail if it is hardware
- if [[ -n "$RFKILL" ]]; then
- path=$(get_rf_path "$INTERFACE" "$RFKILL_NAME") || return 1
- read hard < "$path/hard"
- read soft < "$path/soft"
-
- if (( hard )); then
- report_fail "radio is disabled on $INTERFACE"
- return 1
- elif (( soft )); then
- set_rf_state "$INTERFACE" enabled "$RFKILL_NAME" || return 1
- timeout_wait 1 "(( ! \$(< \"$path/soft\") ))"
- fi
+ local interface=$1 rfkill=$2 path hard soft
+
+ path=$(get_rf_path "$interface" "$rfkill") || return 1
+ read hard < "$path/hard"
+ read soft < "$path/soft"
+
+ if (( hard )); then
+ report_error "Transmission is hard-blocked on interface '$interface'"
+ return 1
+ elif (( soft )); then
+ do_debug echo 0 > "$path/soft"
+ timeout_wait 1 '(( ! $(< "$path/soft") ))'
fi
}
-# vim: ft=sh ts=4 et sw=4:
+## Block transmission through a wireless device
+# $1: interface name
+# $2: rfkill name
+disable_rf() {
+ local interface=$1 rfkill=$2 path
+
+ path=$(get_rf_path "$interface" "$rfkill") || return 1
+ do_debug echo 1 > "$path/soft"
+ timeout_wait 1 '(( $(< "$path/soft") ))'
+}
+
+# vim: ft=sh ts=4 et sw=4:
diff --git a/src/netctl b/src/netctl
index f1d79e8..0a82f89 100755
--- a/src/netctl
+++ b/src/netctl
@@ -1,106 +1,150 @@
-#!/bin/bash
+#! /bin/bash
-. /usr/lib/network/network
+. /usr/lib/network/globals
-NETCFG_VER=2-notpackaged
+NETCTL_VERSION=notpackaged
-version()
-{
- echo "netcfg v$NETCFG_VER"
-}
-usage()
-{
- version
+usage() {
cat << END
-Usage:
- Start specified profile: netcfg profile
- Other functions: netcfg argument profile
-Arguments:
- current Report currently running profiles
--a, all-down Take all active profiles down
--c, check-iface Do not start profile if interface is already up
--d, down Take specified profile down
--D, iface-down Take down profile active on specified interface
--h, help This help message
--l, list List all available profiles
--r, reconnect Disconnect and reconnect specified profile
--R, iface-recon Reconnect profile active on specified interface
--u, up Start specified profile
--v, version Output version information and exit
- all-resume Resume previously suspended profiles and reconnect them
- all-suspend Store a list of current running profiles and suspend them
+Usage: netctl {COMMAND} [PROFILE]
+ [--help|--version]
+
+Commands:
+ list List available profiles
+ store Save which profiles are active
+ restore Load saved profiles
+ stop-all Stops all profiles.
+ start [PROFILE] Start a profile
+ stop [PROFILE] Stop a profile
+ restart [PROFILE] Restart a profile
+ switch-to [PROFILE] Switch to a profile
+ status [PROFILE] Show runtime status of a profile
+ enable [PROFILE] Enable the systemd unit for a profile
+ disable [PROFILE] Disable the systemd unit for a profile
+ reenable [PROFILE] Reenable the systemd unit for a profile
END
}
-# TODO: Re-add ROOT check and rewrite with getopts from BashFAQ
-
-case "$1" in
- --version|-v|version)
- version
- exit 0;;
- --help|-h|help)
- usage
- exit 0;;
- list|-l)
- list_profiles
- exit 0;;
- current|-s|status)
- if [[ -d "$STATE_DIR/profiles/" ]]; then
- ls "$STATE_DIR/profiles/"
- exit 0
- else
- exit_stderr "No active profiles."
- fi;;
-esac
+list() {
+ local indicators=( '*' ' ' )
+ list_profiles | while read -r Profile; do
+ systemctl is-active --quiet "netctl@$Profile.service" &> /dev/null
+ # Make the return variable boolean
+ [[ $? -eq 0 ]]; printf '%s %s\n' "${indicators[$?]}" "$Profile"
+ done
+}
+
+store() {
+ systemctl list-units --type=service --full --no-legend --no-pager | \
+ cut -d\ -f1 | grep "^netctl@" > "$STATE_FILE"
+}
+
+restore() {
+ if [[ ! -r $STATE_FILE ]]; then
+ exit_error "Could not read state file '$STATE_FILE'"
+ fi
+ mapfile -t Units < "$STATE_FILE"
+ do_debug systemctl start "${Units[@]}"
+}
+
+stop_all() {
+ # We cannot pipe to mapfile, as the end of a pipe is inside a subshell
+ mapfile -t Profiles < <(list_profiles)
+ do_debug systemctl stop "${Profiles[@]/#/netctl@}" 2> \
+ >(grep -Fv "not loaded" >&2)
+}
+
+switch_to() {
+ cd "$PROFILE_DIR"
+ if [[ ! -r $1 ]]; then
+ exit_error "Profile '$1' does not exist or is not readable"
+ fi
+ # We assume interface names are not quoted
+ # Using read removes leading whitespace
+ read InterfaceLine < \
+ <(grep -om1 "^[[:space:]]*Interface=[[:alnum:]:._-]\+" "$1")
+ if [[ -z $InterfaceLine ]]; then
+ exit_error "Profile '$1' does not specify an interface"
+ fi
+ mapfile -t AllProfiles < <(list_profiles)
+ mapfile -t Profiles < <(grep -Fl "$InterfaceLine" "${AllProfiles[@]}")
+ do_debug systemctl stop "${Profiles[@]/#/netctl@}" 2> \
+ >(grep -Fv "not loaded" >&2)
+ do_debug systemctl start "netctl@$1"
+}
+
+unit_enable() {
+ local unit="/etc/systemd/system/netctl@$1.service"
+ if [[ -e $unit ]]; then
+ report_error "A unit file for profile '$1' already exists"
+ return 1
+ fi
+ load_profile "$1"
+ echo ".include /usr/lib/systemd/system/netctl@.service" > "$unit"
+ echo -e "\n[Unit]" >> "$unit"
+ [[ -n $Description ]] && echo "Description=$Description" >> "$unit"
+ : ${BindsToInterfaces=$Interface}
+ printf 'BindsTo=sys-subsystem-net-devices-%s.device\n' \
+ "${BindsToInterfaces[@]}" >> "$unit"
+ if [[ -n $After ]]; then
+ printf 'After="netctl@%s.service"\n' "${After[@]//\"/\\\"}" >> "$unit"
+ fi
+ systemctl daemon-reload
+ systemctl reenable "netctl@$1.service"
+}
-if [[ $(id -u) -gt 0 ]]; then
- exit_stderr "This script should be run as root."
-fi
-
-# Ensure cwd is not in a transient directory, which may prevent unmounting due to netcfg children
-cd /
-
-case "$1" in
- -c|check-iface|-u|up)
- CHECK="YES"
- profile_up "$2";;
- -d|down)
- profile_down "$2";;
- -D|iface-down)
- interface_down "$2";;
- -a|all-down)
- all_down;;
- -r|reconnect)
- profile_down "$2"
- profile_up "$2";;
- -R|iface-recon)
- interface_reconnect "$2";;
- all-resume)
- all_resume;;
- all-suspend)
- all_suspend;;
- clean)
- rm "$STATE_DIR/interfaces"/* 2> /dev/null
- rm "$STATE_DIR/profiles"/* 2> /dev/null
- rm "$STATE_DIR/suspend"/* 2> /dev/null
- rm "$STATE_DIR/netcfg-daemon" 2> /dev/null
- killall wpa_supplicant 2> /dev/null
- killall dhcpcd 2> /dev/null
- killall dhclient 2> /dev/null
- ;;
- -*|--*)
- usage
- exit 1;;
- *)
- if [[ -n "$1" ]]; then
- profile_up "$1"
- else
- usage
- exit 1
- fi
- ;;
+unit_disable() {
+ local unit="/etc/systemd/system/netctl@$1.service"
+ if systemctl is-enabled --quiet "netctl@$1.service"; then
+ systemctl disable "netctl@$1.service"
+ fi
+ if [[ ! -f $unit ]]; then
+ report_error "No regular unit file found for profile '$1'"
+ return 1
+ fi
+ do_debug rm "$unit"
+ systemctl daemon-reload
+}
+
+
+case $# in
+ 1)
+ case $1 in
+ --version)
+ report_notice "netctl version $NETCTL_VERSION";;
+ --help)
+ usage;;
+ list)
+ list;;
+ store|restore)
+ ensure_root "$(basename "$0")"
+ "$1";;
+ stop-all)
+ stop_all;;
+ *)
+ exit_error "$(usage)";;
+ esac;;
+ 2)
+ case $1 in
+ start|stop|restart|status)
+ systemctl $1 "netctl@$2";;
+ switch-to)
+ ensure_root "$(basename "$0")"
+ switch_to "$2";;
+ enable|disable)
+ ensure_root "$(basename "$0")"
+ "unit_$1" "$2";;
+ reenable)
+ ensure_root "$(basename "$0")"
+ unit_disable "$2"
+ unit_enable "$2";;
+ *)
+ exit_error "$(usage)";;
+ esac;;
+ *)
+ exit_error "$(usage)";;
esac
-exit $?
+
# vim: ft=sh ts=4 et sw=4:
diff --git a/src/netctl-auto b/src/netctl-auto
index c6aaf67..3452969 100755
--- a/src/netctl-auto
+++ b/src/netctl-auto
@@ -1,87 +1,74 @@
#! /bin/bash
-. /usr/lib/network/network
+
+. /usr/lib/network/globals
. "$SUBR_DIR/8021x"
. "$SUBR_DIR/rfkill"
-. /etc/conf.d/netcfg
AUTOWIFI="/usr/sbin/wpa_actiond -p /run/wpa_supplicant"
-ACTION_SCRIPT="/usr/bin/netcfg-wpa_actiond-action"
+ACTION_SCRIPT="/usr/lib/network/auto.action"
-case $1 in
- help)
- echo "netcfg-wpa_actiond <interface>"
- echo "netcfg-wpa_actiond stop <interface>"
- exit
- ;;
- stop)
- [[ -z $2 ]] && echo "Please specify an interface to stop" && exit 1
- interface=$2
- PIDFILE="/run/wpa_actiond_${interface}.pid"
- [[ -f "$IFACE_DIR/$interface" ]] && source "$IFACE_DIR/$interface"
- netcfg -D "$interface"
- timeout_wait 1 '[[ ! -f "$PIDFILE" ]]' || kill "$(< "$PIDFILE")"
- # only try to disable software rfkill switches (FS#25514)
- if [[ "$RFKILL" == "soft" ]]; then
- set_rf_state "$interface" disabled $RFKILL_NAME || exit $?
- fi
- exit
- ;;
- *)
- interface=$1; shift
- PIDFILE="/run/wpa_actiond_${interface}.pid"
- EXTRA_AUTOWIFI_OPTIONS="$*"
- ;;
-esac
-
-if [[ -z $interface ]]; then
- echo "No interface specified"
- exit 1
+if [[ $# != 2 || $1 != @(start|stop) ]]; then
+ exit_error "Usage: netctl-auto [start|stop] <interface>"
fi
-# Load interface specific config
-[[ -f "$IFACE_DIR/$interface" ]] && source "$IFACE_DIR/$interface"
-
-if [[ -f "$CONN_DIR/interfaces/$interface" ]]; then
- netcfg -D "$interface"
-fi
-
-if [[ -n "$RFKILL" ]]; then # Enable radio if necessary
- enable_rf "$interface" "$RFKILL" "$RFKILL_NAME" || exit $?
-fi
-
-WPA_CONF="$(make_wpa_config_file "$interface")"
-
-if [[ -n "${AUTO_PROFILES}" ]]; then
- for prof in "${AUTO_PROFILES[@]}"; do echo "$prof"; done
-else
- list_profiles
-fi | while read profile; do
- echo "$profile"
- (
- load_profile "$profile"
-
- [[ $CONNECTION != "wireless" ]] && exit 1
- [[ $INTERFACE != $interface ]] && exit 1
- # Exclude wpa-config, the wpa_conf is 'complete' and doesn't fit in this scheme
- [[ -z "$SECURITY" ]] && SECURITY="none"
- [[ $SECURITY == "wpa-config" ]] && exit 1
+INTERFACE=$2
+PIDFILE="$STATE_DIR/wpa_actiond_$INTERFACE.pid"
+PROFILE_FILE="$STATE_DIR/wpa_actiond_$INTERFACE.profile"
+shift 2
- printf "%s\n" "network={" "$(make_wpa_config)" "id_str=\"$profile\"" "}" >> "$WPA_CONF"
- )
-done
-
-
-[[ -z $WPA_DRIVER ]] && WPA_DRIVER="nl80211,wext"
-WPA_OPTS="-W $WPA_OPTS"
-
-# Kill any existing wpa_supplicant on this interface
-stop_wpa "$interface" &> /dev/null
-
-if start_wpa "$interface" "$WPA_CONF" "$WPA_DRIVER" $WPA_OPTS; then
- if $AUTOWIFI -i "$interface" -P "$PIDFILE" -a "$ACTION_SCRIPT" $EXTRA_AUTOWIFI_OPTIONS; then
- exit 0
+case $1 in
+ start)
+ if [[ -e "/run/wpa_supplicant_$INTERFACE.pid" ]]; then
+ exit_error "The interface ($INTERFACE) is already in use"
fi
-fi
+ if [[ -x "$PROFILE_DIR/interfaces/$INTERFACE" ]]; then
+ source "$PROFILE_DIR/interfaces/$INTERFACE"
+ fi
+ [[ $RFKill ]] && enable_rf "$INTERFACE" "$RFKill" || exit 1
+
+ WPA_CONF=$(wpa_make_config_file "$INTERFACE")
+ list_profiles | while read -r profile; do
+ report_notice "$profile"
+ (
+ source "$PROFILE_DIR/$profile"
+ is_yes "${ExcludeAuto:-no}"&& exit 1
+ : ${Security:=none}
+ [[ $Interface != "$INTERFACE" ]] && exit 1
+ [[ $Connection != "wireless" ]] && exit 1
+ # Exclude wpa-config, the wpa_conf is 'complete' and doesn't fit in this scheme
+ [[ $Security == "wpa-config" ]] && exit 1
+
+ printf "%s\n" "network={" "$(wpa_make_config_block)" "id_str=\"$profile\"" "}" >> "$WPA_CONF"
+ )
+ done
+
+ # Kill any lingering WPA supplicants
+ WPAConfigFile= wpa_stop "$INTERFACE" &> /dev/null
+
+ # Start the WPA supplicant
+ : ${WPADriver:=nl80211,wext}
+ WPAOptions+=" -W"
+ if wpa_start "$INTERFACE" "$WPADriver" "$WPA_CONF"; then
+ if $AUTOWIFI -i "$INTERFACE" -P "$PIDFILE" -a "$ACTION_SCRIPT" "$@"; then
+ exit 0
+ fi
+ fi
+ exit 1
+ ;;
+ stop)
+ if [[ -e $PROFILE_FILE ]]; then
+ "$SUBR_DIR/network" stop "$(< "$PROFILE_FILE")" && rm -f "$PROFILE_FILE"
+ else
+ if [[ -x "$PROFILE_DIR/interfaces/$INTERFACE" ]]; then
+ source "$PROFILE_DIR/interfaces/$INTERFACE"
+ fi
+ wpa_stop "$INTERFACE"
+ ip link set dev "$INTERFACE" down
+ [[ $RFKill ]] && disable_rf "$INTERFACE" "$RFKill"
+ fi
+ timeout_wait 1 '[[ ! -f "$PIDFILE" ]]' || kill "$(< "$PIDFILE")"
+ ;;
+esac
-exit 1
+# vim: ft=sh ts=4 et sw=4:
diff --git a/src/wifi-menu b/src/wifi-menu
index f46db0d..8c8189a 100755
--- a/src/wifi-menu
+++ b/src/wifi-menu
@@ -1,24 +1,21 @@
#! /bin/bash
-. /usr/lib/network/network
+. /usr/lib/network/globals
. "$SUBR_DIR/8021x"
-. /etc/conf.d/netcfg
+
usage()
{
cat << END
-Usage: wifi-menu [-o | --obscure] [-h | --help] [interface]
+Usage: wifi-menu [-h | --help] [-o | --obscure] [interface]
Interactively connect to a wireless network.
Arguments:
+ -h, --help Show this help.
-o, --obscure Show asterisks for the characters of the password
and store the password as a hexadecimal string.
- -h, --help Show this help.
- interface The wireless interface to use.
- (default: WIRELESS_INTERFACE from /etc/conf.d/netcfg)
-
-For choosing from all available profiles, use netcfg-menu.
+ interface The wireless interface to use (default: wlan0).
END
}
@@ -30,10 +27,10 @@ init_profiles()
while read profile; do
essid=$(
unset INTERFACE ESSID
- . "$PROFILE_DIR/$profile" &> /dev/null
- if [[ "$INTERFACE" = "$1" && -n "$ESSID" ]]; then
+ source "$PROFILE_DIR/$profile" > /dev/null
+ if [[ "$Interface" = "$1" && -n "$ESSID" ]]; then
printf "%s" "$ESSID"
- if [[ "$DESCRIPTION" =~ "Automatically generated" ]]; then
+ if [[ "$Description" =~ "Automatically generated" ]]; then
return 2
else
return 1
@@ -61,8 +58,8 @@ init_entries()
while IFS=$'\t' read signal flags ssid; do
ENTRIES[i++]="--" # $ssid might look like an option to dialog.
ENTRIES[i++]=$ssid
- if inarray "$ssid" "${ESSIDS[@]}"; then
- if inarray "$(ssid_to_profile "$ssid")" "${GENERATED[@]}"; then
+ if in_array "$ssid" "${ESSIDS[@]}"; then
+ if in_array "$(ssid_to_profile "$ssid")" "${GENERATED[@]}"; then
ENTRIES[i]="+" # Automatically generated
else
ENTRIES[i]="*" # Handmade
@@ -124,13 +121,13 @@ create_profile()
fi
fi
cat << EOF > "$PROFILE_DIR/$PROFILE"
-CONNECTION='wireless'
-DESCRIPTION='Automatically generated profile by wifi-menu'
-INTERFACE='$INTERFACE'
-SECURITY='$security'
+Description='Automatically generated profile by wifi-menu'
+Interface=$INTERFACE
+Connection=wireless
+Security=$security
ESSID=$(printf "%q" "$1")
IP='dhcp'
-${key+KEY=$key}
+${key+Key=$key}
EOF
printf "%s" "$PROFILE"
return 0
@@ -142,17 +139,14 @@ connect_to_ssid()
{
local msg
PROFILE=$(ssid_to_profile "$1")
- if [[ $? -eq 0 ]]; then
- clear
- check_profile "$PROFILE" && profile_down "$PROFILE"
- else
+ if [[ $? -ne 0 ]]; then
PROFILE=$(create_profile "$1")
RETURN=$?
(( RETURN == 0 )) || return $RETURN
SPAWNED_PROFILE=1
- clear
fi
- if ! profile_up "$PROFILE"; then
+ clear
+ if ! netctl restart "$PROFILE"; then
if (( SPAWNED_PROFILE )); then
msg=" CONNECTING FAILED
@@ -183,40 +177,35 @@ while [[ "$1" = -* ]]; do
esac
done
if [[ $# -gt 1 ]]; then
- report_err "Too many arguments"
+ report_error "Too many arguments"
usage
exit 255
fi
-if [[ $(id -u) -ne 0 ]]; then
- exit_stderr "This script needs to be run with root privileges"
-fi
+ensure_root "$(basename "$0")"
if ! type dialog &> /dev/null; then
- exit_stderr "Please install 'dialog' to use wifi-menu"
+ exit_error "Please install 'dialog' to use wifi-menu"
fi
-INTERFACE=${1-$WIRELESS_INTERFACE}
+INTERFACE=${1-wlan0}
if [[ -z "$INTERFACE" ]]; then
- report_err "Missing interface specification"
+ report_error "Missing interface specification"
usage
exit 255
fi
cd / # We do not want to spawn anything that can block unmounting
-is_interface "$INTERFACE" || exit_fail "No such interface: $INTERFACE"
-if ! interface_is_up "$INTERFACE"; then
- [[ -f "$IFACE_DIR/$INTERFACE" ]] && . "$IFACE_DIR/$INTERFACE"
- bring_interface up "$INTERFACE" || exit_fail "Interface unavailable"
- SPAWNED_INTERFACE=1
+if [[ ! -d "/sys/class/net/$INTERFACE" ]]; then
+ exit_error "No such interface: $INTERFACE"
fi
-report_try "Scanning for networks"
+echo -n "Scanning for networks... "
CONNECTION=$(wpa_call "$INTERFACE" status 2> /dev/null | grep -m 1 "^ssid=")
CONNECTION=${CONNECTION#ssid=}
NETWORKS=$(wpa_supplicant_scan "$INTERFACE" 3,4,5)
if [[ $? -eq 0 ]]; then
trap 'rm -f "$NETWORKS"' EXIT
- report_success
+ echo "done"
init_profiles "$INTERFACE"
init_entries "$NETWORKS"
MSG="Select the network you wish to use
@@ -233,7 +222,7 @@ Flags description:
RETURN=$?
fi
else
- report_fail
+ echo "failed"
RETURN=3
fi
@@ -244,20 +233,19 @@ case $RETURN in
clear
;;
3) # No networks found
- report_err "No networks found"
+ report_error "No networks found"
;;
4) # Invalid passphrase length (WEP keys have tighter restrictions)
clear
- report_err "Passphrase must be 8..63 characters"
+ report_error "Passphrase must be 8..63 characters"
;;
255) # ESC or error
clear
- report_err "Aborted"
+ report_error "Aborted"
;;
*) # Should not happen
- report_err "Unexpected return code from dialog: $RETURN"
+ report_error "Unexpected return code from dialog: $RETURN"
RETURN=7
;;
esac
-(( RETURN && SPAWNED_INTERFACE )) && bring_interface down "$INTERFACE"
exit $RETURN