Hi,
On Mon, 2022-03-07 at 12:54 +0100, Fernando F. Mancera via
networkmanager-list wrote:
> Hello everyone!
>
> The proposed experimental solutions are:
>
> 1. 'nmcli c show --keyfile $UUID' to output the profile keyfile in
> stdout.
> 2. 'nmcli c add ... --keyfile' to output the generated keyfile in
> stdout
> instead of adding it to the NetworkManager configuration so the
> NetworkManager daemon is not required..
re:2.: this `nmcli c add --keyfile` does not actually add the profile
in NM (via D-Bus). That's a bit odd, but ok(?).
what you also need is:
3. I think in this set, it would also make sense to have a `nmcli c
modify "$PROFILE" --keyfile $OPTIONS`, which reads $PROFILE from D-Bus,
modifies it in-memory and prints the result to stdout.
4. none of the above commands allow to add a profile from stdin. That
is necessary to tie it all together. This could be for example `nmcli
connection modify keyfile $OPTIONS`. Here, "keyfile" means to read a
keyfile from stdin. The result would be then added via D-Bus -- which
is a bid odd, that `nmcli connection modify` creates a new profile in
NM. On the other hand, it really does take a profile (from stdin),
modify it, and add it somewhere.
5. finally, `nmcli connection modify keyfile --keyfile $OPTIONS` would
read the profile from stdin, modify it, and output again to stdout.
then you can do:
nmcli connection modify $PROFILE --keyfile | \
nmcli connection modify keyfile \
connection.uuid $(uuidgen) \
autoconnect no \
--keyfile | \
nmcli connection modify keyfile
of course, that's just an example to show all pieces. Above could be
written shorter as:
nmcli connection modify $PROFILE --keyfile | \
nmcli connection modify keyfile \
connection.uuid $(uuidgen) \
autoconnect no
these are the basic operations. I don't have a strong opinion about the
actual command line options (though, I find it odd that `nmcli-c-
modify` adds a profile).
---
also, when editing/outputting keyfile format, eventually you want to
write it to a file. With above, the user could do:
nmcli connection show $PROFILE --keyfile >
/etc/NetworkManager/system-connections/myfile.nmconnection
the problem with this is that umask is likely wrong, so you'd need to do `chmod
600` (and `nmcli connection load $FILENAME`).
Maybe --keyfile could accept a filename, like
nmcli connection show $PROFILE
--keyfile=/etc/NetworkManager/system-connections/myfile.nmconnection
so that nmcli gets the permissions right and (opt-in or opt-out) load
the file in NM.
Also, keyfiles can only be in 3 well-known locations:
A) /var/lib/NetworkManager/system-connections/
B) /etc/NetworkManager/system-connections/
C) /run/NetworkManager/system-connections/
these are the default paths, but they depend on the $PREFIX during
compilation. Also, B) can be configured in NetworkManager.conf as
[keyfile].path.
Anyway. With this, maybe it would make sense to have shortcuts:
nmcli connection show $PROFILE --keyfile=etc:myfile.nmconnection
best,
Thomas
_______________________________________________
networkmanager-list mailing list
networkmanager-list@gnome.org
https://mail.gnome.org/mailman/listinfo/networkmanager-list
