On Tue, 2021-01-26 at 15:07 +0100, IB Development Team via networkmanager-list wrote: > W dniu 26.01.2021 o 13:49, Beniamino Galvani pisze: > > > Please verify if you have more than one connection for the SSID. > > Only one connection is defined for this SSID and every file > /etc/NetworkManager/system-connections has ist unique UUID. > > > > After manually changing connection files, NM must be made aware of > > the > > changes with "nmcli connection reload". It's not necessary to > > restart > > the service. Please ensure that the modifications you did to the > > file > > were picked up by NM; to do that, check if the nmcli output > > contains > > the subject-match with: > > Executing "nmcli connection reload" nor "systemctl restart > network-manager" after adding subject requirements does not work. NM > shows added subject-match (with wrong value) in > > nmcli -o connection show <UUID> > > results but still connects ok. > > Change is applied only after WIFI connection restart from Gnome GUI > or > system reboot.
A connection profile is just that: a bunch of settings. Modifying a profile (which is what `nmcli connection reload` does), does not make the changes to the profile effective on an already activated device. If you modify a profile which is currently activated, the changes only take effect after activating the profile anew (which `nmcli connection up`). > > > Note that instead of changing the file manually and reloading > > connections, you can instead perform the change directly through > > nmcli > > with: > > > > nmcli connection modify <UUID> 802-1x.subject-match "foobar" > > When WIFI connection is established without subject-match in its > config > I've executed: > > # nmcli connection modify <UUID> 802-1x.subject-match "wrongname" > > # nmcli -o connection show <UUID> | grep subject-match > 802-1x.subject-match: wrongname > > # nmcli connection reload > > # systemctl restart network-manager Restarting NetworkManager process is almost always the wrong thing to do. If you want to activate a profile, then just do that (nmcli con up). If you modified a profile and want for the changes to take effect, (re) activate the profile. > Connection was established successfully. > > Then turned off and turned on WIFI from Gnome GUI and connection is > not > established with > > TLS: Subject '/CN=myssid' did not match with 'wrongname' > > in wpa_supplicant log. So NM restart nor "nmcli connection modify" is > not enough to apply change (but NM see the change in "nmcli -o > connection show <UUID>"). This prints the content of the profile. That of course takes effect immediately (during `nmcli connection modify` or `nmcli connection reload`). If the settings of a profile are not correctly used (when activating the profile), then that needs to be investigated. You'd do so by enabling level=TRACE level in the log ([1]) and see what NetworkManager tells to wpa_supplicant when activating the profile [1] https://cgit.freedesktop.org/NetworkManager/NetworkManager/tree/contrib/fedora/rpm/NetworkManager.conf#n28 > Change in the opposite direction (removing manually subject-match > parameter from connection config when connection is not established > because of subject-match requirement) is applied immidiately after > > # systemctl restart network-manager >
signature.asc
Description: This is a digitally signed message part
_______________________________________________ networkmanager-list mailing list [email protected] https://mail.gnome.org/mailman/listinfo/networkmanager-list
