date:20180410

Re: [PATCH] build: allow configuring filter policy to be used in the init files

2018-04-10 Thread Dan Williams

On Tue, 2018-04-10 at 15:08 +0200, Aleksander Morgado wrote:
> Distributions wanting to use a different filter policy than the
> DEFAULT one were advised to patch themselves the corresponding init
> files.
> 
> We now allow doing this directly at configure time by using a new
> `--with-filter-policy=[POLICY]' option that accepts one of "default",
> "strict", "paranoid" or "whitelist-only".
> 
> The suggested policy for standard distributions is "strict".
> ---
> 
> Hey,
> 
> Would this new configure switch be enough to avoid needing to patch
> the service file in each distribution?

So this would mostly work, except that if a specific user wants to
change their policy after install, they would now fail RPM verification
because the systemd unit files are not config files.

What Fedora typically does here would be something like:

EnvironmentFile=/etc/sysconfig/ModemManager
Exec=/usr/sbin/ModemManager --filter-policy=$FILTER_POLICY

and then install an /etc/sysconfig/ModemManager with:

FILTER_POLICY=strict

and mark /etc/sysconfig/ModemManager as %config in the RPM.

That allows the user to change the policy from the distro default via
/etc/sysconfig/ModemManager and still maintain package integrity with
"rpm -V".

Obviously this doesn't work for the D-Bus service file, but I guess we
could have a wrapper script that sources the env file and then runs MM
with the right parameters.

Or, for a distro-independent solution, a real config file...

Dan

> ---
>  configure.ac  | 24
> 
>  data/Makefile.am  |  4 ++--
>  data/ModemManager.service.in  |  2 +-
>  data/org.freedesktop.ModemManager1.service.in |  2 +-
>  4 files changed, 28 insertions(+), 4 deletions(-)
> 
> diff --git a/configure.ac b/configure.ac
> index 9bf26ed2..3c8feadb 100644
> --- a/configure.ac
> +++ b/configure.ac
> @@ -150,6 +150,29 @@ if test "x$enable_vala" = "xyes" -a ! -f
> "$VAPIGEN_MAKEFILE"; then
>AC_MSG_ERROR([Vala bindings enabled but Makefile.vapigen not
> found. Install vala-devel, or pass --disable-vala])
>  fi
> 
> +dnl-
> 
> +dnl Filter policy
> +dnl
> +
> +AC_ARG_WITH(filter-policy,
> +AS_HELP_STRING([--with-filter-policy=(default|whitelist-
> only|strict|paranoid)],
> +[which filter policy to request in the systemd init
> file]))
> +if test -n "$with_filter_policy" ; then
> +case "$with_filter_policy" in
> +"default") ;;
> +"whitelist-only") ;;
> +"strict") ;;
> +"paranoid") ;;
> +*)
> +AC_MSG_ERROR([Wrong value for --with-filter-policy:
> $with_filter_policy])
> +;;
> +esac
> +FILTER_POLICY="$with_filter_policy"
> +else
> +FILTER_POLICY="default"
> +fi
> +AC_SUBST(FILTER_POLICY)
> +
>  dnl-
> 
>  dnl System paths
>  dnl
> @@ -443,6 +466,7 @@ echo "
>systemd unit directory:  ${with_systemdsystemunitdir}
> 
>  Features:
> +  filter policy:   ${FILTER_POLICY}
>udev:${with_udev}
>policykit:   ${with_polkit}
>mbim:${with_mbim}
> diff --git a/data/Makefile.am b/data/Makefile.am
> index ee05bdf6..aa12ee9b 100644
> --- a/data/Makefile.am
> +++ b/data/Makefile.am
> @@ -5,8 +5,8 @@ edit = @sed \
> -e 's|@sbindir[@]|$(sbindir)|g' \
> -e 's|@sysconfdir[@]|$(sysconfdir)|g' \
> -e 's|@localstatedir[@]|$(localstatedir)|g' \
> -   -e 's|@libexecdir[@]|$(libexecdir)|g'
> -
> +   -e 's|@libexecdir[@]|$(libexecdir)|g' \
> +   -e 's|@FILTER_POLICY[@]|$(FILTER_POLICY)|g'
> 
>  # DBus Service file
>  dbusservicedir = $(DBUS_SYS_DIR)
> diff --git a/data/ModemManager.service.in
> b/data/ModemManager.service.in
> index 47867769..eb8545c1 100644
> --- a/data/ModemManager.service.in
> +++ b/data/ModemManager.service.in
> @@ -4,7 +4,7 @@ Description=Modem Manager
>  [Service]
>  Type=dbus
>  BusName=org.freedesktop.ModemManager1
> -ExecStart=@sbindir@/ModemManager
> +ExecStart=@sbindir@/ModemManager --filter-policy=@FILTER_POLICY@
>  StandardError=null
>  Restart=on-abort
>  CapabilityBoundingSet=CAP_SYS_ADMIN
> diff --git a/data/org.freedesktop.ModemManager1.service.in
> b/data/org.freedesktop.ModemManager1.service.in
> index 175f3dd2..91e50e34 100644
> --- a/data/org.freedesktop.ModemManager1.service.in
> +++ b/data/org.freedesktop.ModemManager1.service.in
> @@ -6,6 +6,6 @@
> 
>  [D-BUS Service]
>  Name=org.freedesktop.ModemManager1
> -Exec=@sbindir@/ModemManager
> +Exec=@sbindir@/ModemManager --filter-policy=@FILTER_POLICY@
>  User=root
>  SystemdService=dbus-org.freedesktop.ModemManager1.service
> --
> 2.16.1
> ___
> ModemManager-devel mailing list
> ModemManager-devel@lists.freedesktop.org
>

Re: [PATCH] u-blox: ignore non-AT ttyACM interfaces

2018-04-10 Thread Dan Williams

On Tue, 2018-04-10 at 19:58 +, Matthew Starr wrote:
> > -Original Message-
> > From: Dan Williams [mailto:d...@redhat.com]
> > Sent: Tuesday, April 10, 2018 1:17 PM
> > To: Matthew Starr; modemmanager-devel@lists.freedesktop.org
> > Subject: Re: [PATCH] u-blox: ignore non-AT ttyACM interfaces
> > 
> > On Tue, 2018-04-10 at 17:30 +, Matthew Starr wrote:
> > > For the TOBY-R2, LISA-R2, and LARA-R2, the only valid AT ports
> > > are
> > > ttyACM0, ttyACM1, and ttyACM2.  All other ttyACM ports cause MM
> > > to
> > > wait 20-30 seconds probing the port on startup.
> > > 
> > > Ignoring the non-AT ttyACM ports allows MM to not wait 20-30
> > > seconds
> > > probing and therefore startup much faster with these modems.
> > 
> > Is the "primary log for diagnostics" a QCDM/DIAG port?
> 
> I am not sure what the usage of the "primary log for diagnostics"
> port it used for.  It is just named that in the datasheet and
> sometimes called the trace log.  I attempted to connect to it at
> various baud rates but no response.  I have a feeling it is for u-
> blox only use, maybe for certification.  There is no documentation
> that I can find that actually tells what the port is used for, how to
> communicate with it, and how to configure it.  There is the AT+USIO
> command which is only supported by the u-blox SARA modems which
> allows some configuration of the log, but it doesn't look like that
> command is supported by any of the modems I added.
> 
> > 
> > Also, does the GNSS port spit out NMEA when location services are
> > enabled?
> > If so we may want to tag that port (but still ignore it) and then
> > advertise that
> > port as the "unmanaged" location port.
> 
> The GNSS port does output NMEA at 9600 baud when location services
> are enabled (like with AT+UGPS).  How would you tag the port and
> still ignore it?  How do you advertise the port as unmanaged?

A number of plugins do this, like mbm or Cinterion.  But unfortunately
the ublox plugin doesn't support GPS yet, and it turns out we can't yet
prevent those known GPS ports from being probed either since they get
tagged during the "grab" phase after probing.  So nevermind...  (though
would be good to fix both of these issues).

Dan

> Matthew
> 
> > 
> > Dan
> > 
> > > ---
> > >  plugins/ublox/77-mm-ublox-port-types.rules | 35
> > > ++
> > >  1 file changed, 35 insertions(+)
> > > 
> > > diff --git a/plugins/ublox/77-mm-ublox-port-types.rules
> > > b/plugins/ublox/77-mm-ublox-port-types.rules
> > > index cb77f0e0..31128dac 100644
> > > --- a/plugins/ublox/77-mm-ublox-port-types.rules
> > > +++ b/plugins/ublox/77-mm-ublox-port-types.rules
> > > @@ -16,4 +16,39 @@ ATTRS{idVendor}=="1546",
> > 
> > ATTRS{idProduct}=="1010",
> > > ENV{.MM_USBIFNUM}=="02", ENV{  ATTRS{idVendor}=="1546",
> > > ATTRS{idProduct}=="1010", ENV{.MM_USBIFNUM}=="04",
> > > ENV{ID_MM_PORT_IGNORE}="1"
> > >  ATTRS{idVendor}=="1546", ATTRS{idProduct}=="1010",
> > > ENV{.MM_USBIFNUM}=="08", ENV{ID_MM_PORT_IGNORE}="1"
> > > 
> > > +# TOBY-R2 port types
> > > +#  ttyACM0 (if #0): primary
> > > +#  ttyACM1 (if #2): secondary
> > > +#  ttyACM2 (if #4): tertiary
> > > +#  ttyACM3 (if #6): GNSS Tunneling (ignore) #  ttyACM4 (if #8):
> > > SIM
> > > +Access Profile (ignore) #  ttyACM5 (if #10): Primary Log for
> > > +diagnostics (ignore) ATTRS{idVendor}=="1546",
> > > +ATTRS{idProduct}=="1107",
> > > ENV{.MM_USBIFNUM}=="06", ENV{ID_MM_PORT_IGNORE}="1"
> > > +ATTRS{idVendor}=="1546", ATTRS{idProduct}=="1107",
> > > ENV{.MM_USBIFNUM}=="08", ENV{ID_MM_PORT_IGNORE}="1"
> > > +ATTRS{idVendor}=="1546", ATTRS{idProduct}=="1107",
> > > ENV{.MM_USBIFNUM}=="0a", ENV{ID_MM_PORT_IGNORE}="1"
> > > +
> > > +# LARA-R2 port types
> > > +#  ttyACM0 (if #0): primary
> > > +#  ttyACM1 (if #2): secondary
> > > +#  ttyACM2 (if #4): tertiary
> > > +#  ttyACM3 (if #6): GNSS Tunneling (ignore) #  ttyACM4 (if #8):
> > > SIM
> > > +Access Profile (ignore) #  ttyACM5 (if #10): Primary Log for
> > > +diagnostics (ignore) ATTRS{idVendor}=="1546",
> > > +ATTRS{idProduct}=="110a",
> > > ENV{.MM_USBIFNUM}=="06", ENV{ID_MM_PORT_IGNORE}="1"
> > > +ATTRS{idVendor}=="1546", ATTRS{idProduct}=="110a",
> > > ENV{.MM_USBIFNUM}=="08", ENV{ID_MM_PORT_IGNORE}="1"
> > > +ATTRS{idVendor}=="1546", ATTRS{idProduct}=="110a",
> > > ENV{.MM_USBIFNUM}=="0a", ENV{ID_MM_PORT_IGNORE}="1"
> > > +
> > > +# LISA-U2 port types
> > > +#  ttyACM0 (if #0): primary
> > > +#  ttyACM1 (if #2): secondary
> > > +#  ttyACM2 (if #4): tertiary
> > > +#  ttyACM3 (if #6): GNSS Tunneling (ignore) #  ttyACM4 (if #8):
> > > +Primary Log for diagnostics (ignore) #  ttyACM5 (if #10):
> > > Secondary
> > > +Log for diagnostics (ignore) #  ttyACM6 (if #12): SAP (SIM
> > > Access
> > > +Profile) (ignore) ATTRS{idVendor}=="1546",
> > > ATTRS{idProduct}=="1102",
> > > ENV{.MM_USBIFNUM}=="06", ENV{ID_MM_PORT_IGNORE}="1"
> > > +ATTRS{idVendor}=="1546", ATTRS{idProduct}=="1102",
> > > ENV{.MM_USBIFNUM}=="08", ENV{ID_MM_PORT_IGNORE}="1"
>

Re: em7565 QDLoader

2018-04-10 Thread Russ Westrem

russ@russ-Studio-1745:/tmp$ sudo qmi-firmware-update --update-qdl -d
1199:9090 SWI9X50C_01.05.01.00.cwe
SWI9X50C_01.05.01.00_GENERIC_001.028_000.nvu
error: No serial device found to run QDL update operation
russ@russ-Studio-1745:/tmp$ sudo qmi-firmware-update --update-qdl -d 1199
SWI9X50C_01.05.01.00.cwe SWI9X50C_01.05.01.00_GENERIC_001.028_000.nvu
error: No serial device found to run QDL update operation
russ@russ-Studio-1745:/tmp$ sudo qmi-firmware-update --update-qdl -d 1199
SWI9X50C_01.05.01.00.cwe SWI9X50C_01.05.01.00_GENERIC_001.028_000.nvu
error: No serial device found to run QDL update operation
russ@russ-Studio-1745:/tmp$ sudo qmi-firmware-update --update -d 1199:9090
--device-open-mbim SWI9X50C_01.05.01.00.cwe
SWI9X50C_01.05.01.00_GENERIC_001.028_000.nvu
error: No cdc-wdm device found to run update operation
russ@russ-Studio-1745:/tmp$ sudo qmi-firmware-update --update-qdl -d 1199
SWI9X50C_01.05.01.00.cwe SWI9X50C_01.05.01.00_GENERIC_001.028_000.nvu
error: No serial device found to run QDL update operation
russ@russ-Studio-1745:/tmp$


On Tue, Apr 10, 2018 at 5:27 PM, Russ Westrem 
wrote:

> EM7565 is stuck in qdloader mode.  Im trying to use  qmi-firmware-update
> tool.  Im getting this error
>
> russ@russ-Studio-1745:~$ sudo qmi-firmware-update \
> > --update \
> > -d 1199:9090 \
> > --device-open-mbim \
> > SWI9X50C_01.05.01.00.cwe \
> > SWI9X50C_01.05.01.00_GENERIC_001.028_000.nvu
> error: unknown firmware image file
>
___
ModemManager-devel mailing list
ModemManager-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/modemmanager-devel

Re: [PATCH] u-blox: ignore non-AT ttyACM interfaces

2018-04-10 Thread Dan Williams

On Tue, 2018-04-10 at 17:30 +, Matthew Starr wrote:
> For the TOBY-R2, LISA-R2, and LARA-R2, the only valid AT ports are
> ttyACM0, ttyACM1, and ttyACM2.  All other ttyACM ports cause MM to
> wait 20-30 seconds probing the port on startup.
> 
> Ignoring the non-AT ttyACM ports allows MM to not wait 20-30 seconds
> probing and therefore startup much faster with these modems.

Is the "primary log for diagnostics" a QCDM/DIAG port?

Also, does the GNSS port spit out NMEA when location services are
enabled?  If so we may want to tag that port (but still ignore it) and
then advertise that port as the "unmanaged" location port.

Dan

> ---
>  plugins/ublox/77-mm-ublox-port-types.rules | 35
> ++
>  1 file changed, 35 insertions(+)
> 
> diff --git a/plugins/ublox/77-mm-ublox-port-types.rules
> b/plugins/ublox/77-mm-ublox-port-types.rules
> index cb77f0e0..31128dac 100644
> --- a/plugins/ublox/77-mm-ublox-port-types.rules
> +++ b/plugins/ublox/77-mm-ublox-port-types.rules
> @@ -16,4 +16,39 @@ ATTRS{idVendor}=="1546", ATTRS{idProduct}=="1010",
> ENV{.MM_USBIFNUM}=="02", ENV{
>  ATTRS{idVendor}=="1546", ATTRS{idProduct}=="1010",
> ENV{.MM_USBIFNUM}=="04", ENV{ID_MM_PORT_IGNORE}="1"
>  ATTRS{idVendor}=="1546", ATTRS{idProduct}=="1010",
> ENV{.MM_USBIFNUM}=="08", ENV{ID_MM_PORT_IGNORE}="1"
> 
> +# TOBY-R2 port types
> +#  ttyACM0 (if #0): primary
> +#  ttyACM1 (if #2): secondary
> +#  ttyACM2 (if #4): tertiary
> +#  ttyACM3 (if #6): GNSS Tunneling (ignore)
> +#  ttyACM4 (if #8): SIM Access Profile (ignore)
> +#  ttyACM5 (if #10): Primary Log for diagnostics (ignore)
> +ATTRS{idVendor}=="1546", ATTRS{idProduct}=="1107",
> ENV{.MM_USBIFNUM}=="06", ENV{ID_MM_PORT_IGNORE}="1"
> +ATTRS{idVendor}=="1546", ATTRS{idProduct}=="1107",
> ENV{.MM_USBIFNUM}=="08", ENV{ID_MM_PORT_IGNORE}="1"
> +ATTRS{idVendor}=="1546", ATTRS{idProduct}=="1107",
> ENV{.MM_USBIFNUM}=="0a", ENV{ID_MM_PORT_IGNORE}="1"
> +
> +# LARA-R2 port types
> +#  ttyACM0 (if #0): primary
> +#  ttyACM1 (if #2): secondary
> +#  ttyACM2 (if #4): tertiary
> +#  ttyACM3 (if #6): GNSS Tunneling (ignore)
> +#  ttyACM4 (if #8): SIM Access Profile (ignore)
> +#  ttyACM5 (if #10): Primary Log for diagnostics (ignore)
> +ATTRS{idVendor}=="1546", ATTRS{idProduct}=="110a",
> ENV{.MM_USBIFNUM}=="06", ENV{ID_MM_PORT_IGNORE}="1"
> +ATTRS{idVendor}=="1546", ATTRS{idProduct}=="110a",
> ENV{.MM_USBIFNUM}=="08", ENV{ID_MM_PORT_IGNORE}="1"
> +ATTRS{idVendor}=="1546", ATTRS{idProduct}=="110a",
> ENV{.MM_USBIFNUM}=="0a", ENV{ID_MM_PORT_IGNORE}="1"
> +
> +# LISA-U2 port types
> +#  ttyACM0 (if #0): primary
> +#  ttyACM1 (if #2): secondary
> +#  ttyACM2 (if #4): tertiary
> +#  ttyACM3 (if #6): GNSS Tunneling (ignore)
> +#  ttyACM4 (if #8): Primary Log for diagnostics (ignore)
> +#  ttyACM5 (if #10): Secondary Log for diagnostics (ignore)
> +#  ttyACM6 (if #12): SAP (SIM Access Profile) (ignore)
> +ATTRS{idVendor}=="1546", ATTRS{idProduct}=="1102",
> ENV{.MM_USBIFNUM}=="06", ENV{ID_MM_PORT_IGNORE}="1"
> +ATTRS{idVendor}=="1546", ATTRS{idProduct}=="1102",
> ENV{.MM_USBIFNUM}=="08", ENV{ID_MM_PORT_IGNORE}="1"
> +ATTRS{idVendor}=="1546", ATTRS{idProduct}=="1102",
> ENV{.MM_USBIFNUM}=="0a", ENV{ID_MM_PORT_IGNORE}="1"
> +ATTRS{idVendor}=="1546", ATTRS{idProduct}=="1102",
> ENV{.MM_USBIFNUM}=="0c", ENV{ID_MM_PORT_IGNORE}="1"
> +
>  LABEL="mm_ublox_port_types_end"
___
ModemManager-devel mailing list
ModemManager-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/modemmanager-devel

[PATCH] u-blox: ignore non-AT ttyACM interfaces

2018-04-10 Thread Matthew Starr

For the TOBY-R2, LISA-R2, and LARA-R2, the only valid AT ports are
ttyACM0, ttyACM1, and ttyACM2.  All other ttyACM ports cause MM to
wait 20-30 seconds probing the port on startup.

Ignoring the non-AT ttyACM ports allows MM to not wait 20-30 seconds
probing and therefore startup much faster with these modems.
---
 plugins/ublox/77-mm-ublox-port-types.rules | 35 ++
 1 file changed, 35 insertions(+)

diff --git a/plugins/ublox/77-mm-ublox-port-types.rules 
b/plugins/ublox/77-mm-ublox-port-types.rules
index cb77f0e0..31128dac 100644
--- a/plugins/ublox/77-mm-ublox-port-types.rules
+++ b/plugins/ublox/77-mm-ublox-port-types.rules
@@ -16,4 +16,39 @@ ATTRS{idVendor}=="1546", ATTRS{idProduct}=="1010", 
ENV{.MM_USBIFNUM}=="02", ENV{
 ATTRS{idVendor}=="1546", ATTRS{idProduct}=="1010", ENV{.MM_USBIFNUM}=="04", 
ENV{ID_MM_PORT_IGNORE}="1"
 ATTRS{idVendor}=="1546", ATTRS{idProduct}=="1010", ENV{.MM_USBIFNUM}=="08", 
ENV{ID_MM_PORT_IGNORE}="1"

+# TOBY-R2 port types
+#  ttyACM0 (if #0): primary
+#  ttyACM1 (if #2): secondary
+#  ttyACM2 (if #4): tertiary
+#  ttyACM3 (if #6): GNSS Tunneling (ignore)
+#  ttyACM4 (if #8): SIM Access Profile (ignore)
+#  ttyACM5 (if #10): Primary Log for diagnostics (ignore)
+ATTRS{idVendor}=="1546", ATTRS{idProduct}=="1107", ENV{.MM_USBIFNUM}=="06", 
ENV{ID_MM_PORT_IGNORE}="1"
+ATTRS{idVendor}=="1546", ATTRS{idProduct}=="1107", ENV{.MM_USBIFNUM}=="08", 
ENV{ID_MM_PORT_IGNORE}="1"
+ATTRS{idVendor}=="1546", ATTRS{idProduct}=="1107", ENV{.MM_USBIFNUM}=="0a", 
ENV{ID_MM_PORT_IGNORE}="1"
+
+# LARA-R2 port types
+#  ttyACM0 (if #0): primary
+#  ttyACM1 (if #2): secondary
+#  ttyACM2 (if #4): tertiary
+#  ttyACM3 (if #6): GNSS Tunneling (ignore)
+#  ttyACM4 (if #8): SIM Access Profile (ignore)
+#  ttyACM5 (if #10): Primary Log for diagnostics (ignore)
+ATTRS{idVendor}=="1546", ATTRS{idProduct}=="110a", ENV{.MM_USBIFNUM}=="06", 
ENV{ID_MM_PORT_IGNORE}="1"
+ATTRS{idVendor}=="1546", ATTRS{idProduct}=="110a", ENV{.MM_USBIFNUM}=="08", 
ENV{ID_MM_PORT_IGNORE}="1"
+ATTRS{idVendor}=="1546", ATTRS{idProduct}=="110a", ENV{.MM_USBIFNUM}=="0a", 
ENV{ID_MM_PORT_IGNORE}="1"
+
+# LISA-U2 port types
+#  ttyACM0 (if #0): primary
+#  ttyACM1 (if #2): secondary
+#  ttyACM2 (if #4): tertiary
+#  ttyACM3 (if #6): GNSS Tunneling (ignore)
+#  ttyACM4 (if #8): Primary Log for diagnostics (ignore)
+#  ttyACM5 (if #10): Secondary Log for diagnostics (ignore)
+#  ttyACM6 (if #12): SAP (SIM Access Profile) (ignore)
+ATTRS{idVendor}=="1546", ATTRS{idProduct}=="1102", ENV{.MM_USBIFNUM}=="06", 
ENV{ID_MM_PORT_IGNORE}="1"
+ATTRS{idVendor}=="1546", ATTRS{idProduct}=="1102", ENV{.MM_USBIFNUM}=="08", 
ENV{ID_MM_PORT_IGNORE}="1"
+ATTRS{idVendor}=="1546", ATTRS{idProduct}=="1102", ENV{.MM_USBIFNUM}=="0a", 
ENV{ID_MM_PORT_IGNORE}="1"
+ATTRS{idVendor}=="1546", ATTRS{idProduct}=="1102", ENV{.MM_USBIFNUM}=="0c", 
ENV{ID_MM_PORT_IGNORE}="1"
+
 LABEL="mm_ublox_port_types_end"
-- 
2.14.1

___
ModemManager-devel mailing list
ModemManager-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/modemmanager-devel

[PATCH] build: allow configuring filter policy to be used in the init files

2018-04-10 Thread Aleksander Morgado

Distributions wanting to use a different filter policy than the
DEFAULT one were advised to patch themselves the corresponding init
files.

We now allow doing this directly at configure time by using a new
`--with-filter-policy=[POLICY]' option that accepts one of "default",
"strict", "paranoid" or "whitelist-only".

The suggested policy for standard distributions is "strict".
---

Hey,

Would this new configure switch be enough to avoid needing to patch the service 
file in each distribution?

---
 configure.ac  | 24 
 data/Makefile.am  |  4 ++--
 data/ModemManager.service.in  |  2 +-
 data/org.freedesktop.ModemManager1.service.in |  2 +-
 4 files changed, 28 insertions(+), 4 deletions(-)

diff --git a/configure.ac b/configure.ac
index 9bf26ed2..3c8feadb 100644
--- a/configure.ac
+++ b/configure.ac
@@ -150,6 +150,29 @@ if test "x$enable_vala" = "xyes" -a ! -f 
"$VAPIGEN_MAKEFILE"; then
   AC_MSG_ERROR([Vala bindings enabled but Makefile.vapigen not found. Install 
vala-devel, or pass --disable-vala])
 fi

+dnl-
+dnl Filter policy
+dnl
+
+AC_ARG_WITH(filter-policy,
+
AS_HELP_STRING([--with-filter-policy=(default|whitelist-only|strict|paranoid)],
+[which filter policy to request in the systemd init file]))
+if test -n "$with_filter_policy" ; then
+case "$with_filter_policy" in
+"default") ;;
+"whitelist-only") ;;
+"strict") ;;
+"paranoid") ;;
+*)
+AC_MSG_ERROR([Wrong value for --with-filter-policy: 
$with_filter_policy])
+;;
+esac
+FILTER_POLICY="$with_filter_policy"
+else
+FILTER_POLICY="default"
+fi
+AC_SUBST(FILTER_POLICY)
+
 
dnl-
 dnl System paths
 dnl
@@ -443,6 +466,7 @@ echo "
   systemd unit directory:  ${with_systemdsystemunitdir}

 Features:
+  filter policy:   ${FILTER_POLICY}
   udev:${with_udev}
   policykit:   ${with_polkit}
   mbim:${with_mbim}
diff --git a/data/Makefile.am b/data/Makefile.am
index ee05bdf6..aa12ee9b 100644
--- a/data/Makefile.am
+++ b/data/Makefile.am
@@ -5,8 +5,8 @@ edit = @sed \
-e 's|@sbindir[@]|$(sbindir)|g' \
-e 's|@sysconfdir[@]|$(sysconfdir)|g' \
-e 's|@localstatedir[@]|$(localstatedir)|g' \
-   -e 's|@libexecdir[@]|$(libexecdir)|g'
-
+   -e 's|@libexecdir[@]|$(libexecdir)|g' \
+   -e 's|@FILTER_POLICY[@]|$(FILTER_POLICY)|g'

 # DBus Service file
 dbusservicedir = $(DBUS_SYS_DIR)
diff --git a/data/ModemManager.service.in b/data/ModemManager.service.in
index 47867769..eb8545c1 100644
--- a/data/ModemManager.service.in
+++ b/data/ModemManager.service.in
@@ -4,7 +4,7 @@ Description=Modem Manager
 [Service]
 Type=dbus
 BusName=org.freedesktop.ModemManager1
-ExecStart=@sbindir@/ModemManager
+ExecStart=@sbindir@/ModemManager --filter-policy=@FILTER_POLICY@
 StandardError=null
 Restart=on-abort
 CapabilityBoundingSet=CAP_SYS_ADMIN
diff --git a/data/org.freedesktop.ModemManager1.service.in 
b/data/org.freedesktop.ModemManager1.service.in
index 175f3dd2..91e50e34 100644
--- a/data/org.freedesktop.ModemManager1.service.in
+++ b/data/org.freedesktop.ModemManager1.service.in
@@ -6,6 +6,6 @@

 [D-BUS Service]
 Name=org.freedesktop.ModemManager1
-Exec=@sbindir@/ModemManager
+Exec=@sbindir@/ModemManager --filter-policy=@FILTER_POLICY@
 User=root
 SystemdService=dbus-org.freedesktop.ModemManager1.service
--
2.16.1
___
ModemManager-devel mailing list
ModemManager-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/modemmanager-devel

Re: [PATCH] build: allow configuring filter policy to be used in the init files

Re: [PATCH] u-blox: ignore non-AT ttyACM interfaces

Re: em7565 QDLoader

Re: [PATCH] u-blox: ignore non-AT ttyACM interfaces

[PATCH] u-blox: ignore non-AT ttyACM interfaces

[PATCH] build: allow configuring filter policy to be used in the init files

6 matches

Site Navigation

Mail list logo

Footer information