ilyakooo0/nixpkgs
1
0
Fork 0
mirror of https://github.com/ilyakooo0/nixpkgs.git synced 2024-11-10 08:39:08 +03:00
Code Issues Projects Releases Wiki Activity

Merge pull request #252283 from flokli/fcc-unlock-extra

Browse Source
This commit is contained in:
Ryan Lahfa 2023-09-13 10:18:06 +02:00 committed by GitHub
commit eb23738e85
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 73 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
nixos/doc/manual/release-notes/rl-2205.section.md
View File

@ -935,8 +935,7 @@ In addition to numerous new and upgraded packages, this release has the followin
using the `pomerium-cli` command, you should now install the `pomerium-cli`
package.
- The option
[services.networking.networkmanager.enableFccUnlock](#opt-networking.networkmanager.enableFccUnlock)
- The option `services.networking.networkmanager.enableFccUnlock`
was added to support FCC unlock procedures. Since release 1.18.4, the ModemManager
daemon no longer automatically performs the FCC unlock procedure by default. See
[the docs](https://modemmanager.org/docs/modemmanager/fcc-unlock/) for more details.

2
nixos/doc/manual/release-notes/rl-2311.section.md
View File

@ -187,6 +187,8 @@
- Emacs macport version 29 was introduced.
- The option `services.networking.networkmanager.enableFccUnlock` was removed in favor of `networking.networkmanager.fccUnlockScripts`, which allows specifying unlock scripts explicitly. The previous option simply did enable all unlock scripts bundled with ModemManager, which is risky, and didn't allow using vendor-provided unlock scripts at all.
- The `html-proofer` package has been updated from major version 3 to major version 5, which includes [breaking changes](https://github.com/gjtorikian/html-proofer/blob/v5.0.8/UPGRADING.md).
- `kratos` has been updated from 0.10.1 to the first stable version 1.0.0, please read the [0.10.1 to 0.11.0](https://github.com/ory/kratos/releases/tag/v0.11.0), [0.11.0 to 0.11.1](https://github.com/ory/kratos/releases/tag/v0.11.1), [0.11.1 to 0.13.0](https://github.com/ory/kratos/releases/tag/v0.13.0) and [0.13.0 to 1.0.0](https://github.com/ory/kratos/releases/tag/v1.0.0) upgrade guides. The most notable breaking change is the introduction of one-time passwords (`code`) and update of the default recovery strategy from `link` to `code`.

59
nixos/modules/services/networking/networkmanager.nix
View File

@ -126,7 +126,8 @@ let
pkgs.wpa_supplicant
];
in {
in
{
meta = {
maintainers = teams.freedesktop.members;
@ -369,14 +370,24 @@ in {
'';
};
enableFccUnlock = mkOption {
type = types.bool;
default = false;
fccUnlockScripts = mkOption {
type = types.listOf (types.submodule {
options = {
id = mkOption {
type = types.str;
description = lib.mdDoc "vid:pid of either the PCI or USB vendor and product ID";
};
path = mkOption {
type = types.path;
description = lib.mdDoc "Path to the unlock script";
};
};
});
default = [ ];
example = literalExpression ''[{ name = "03f0:4e1d"; script = "''${pkgs.modemmanager}/share/ModemManager/fcc-unlock.available.d/03f0:4e1d"; }]'';
description = lib.mdDoc ''
Enable FCC unlock procedures. Since release 1.18.4, the ModemManager daemon no longer
automatically performs the FCC unlock procedure by default. See
[the docs](https://modemmanager.org/docs/modemmanager/fcc-unlock/)
for more details.
List of FCC unlock scripts to enable on the system, behaving as described in
https://modemmanager.org/docs/modemmanager/fcc-unlock/#integration-with-third-party-fcc-unlock-tools.
'';
};
};
@ -387,6 +398,13 @@ in {
[ "networking" "networkmanager" "packages" ]
[ "networking" "networkmanager" "plugins" ])
(mkRenamedOptionModule [ "networking" "networkmanager" "useDnsmasq" ] [ "networking" "networkmanager" "dns" ])
(mkRemovedOptionModule [ "networking" "networkmanager" "enableFccUnlock" ] ''
This option was removed, because using bundled FCC unlock scripts is risky,
might conflict with vendor-provided unlock scripts, and should
be a conscious decision on a per-device basis.
Instead it's recommended to use the
`networking.networkmanager.fccUnlockScripts` option.
'')
(mkRemovedOptionModule [ "networking" "networkmanager" "dynamicHosts" ] ''
This option was removed because allowing (multiple) regular users to
override host entries affecting the whole system opens up a huge attack
@ -403,7 +421,8 @@ in {
config = mkIf cfg.enable {
assertions = [
{ assertion = config.networking.wireless.enable == true -> cfg.unmanaged != [];
{
assertion = config.networking.wireless.enable == true -> cfg.unmanaged != [ ];
message = ''
You can not use networking.networkmanager with networking.wireless.
Except if you mark some interfaces as <literal>unmanaged</literal> by NetworkManager.
@ -416,23 +435,27 @@ in {
environment.etc = {
"NetworkManager/NetworkManager.conf".source = configFile;
}
// builtins.listToAttrs (map (pkg: nameValuePair "NetworkManager/${pkg.networkManagerPlugin}" {
// builtins.listToAttrs (map
(pkg: nameValuePair "NetworkManager/${pkg.networkManagerPlugin}" {
source = "${pkg}/lib/NetworkManager/${pkg.networkManagerPlugin}";
}) cfg.plugins)
// optionalAttrs cfg.enableFccUnlock
{
"ModemManager/fcc-unlock.d".source =
"${pkgs.modemmanager}/share/ModemManager/fcc-unlock.available.d/*";
}
})
cfg.plugins)
// builtins.listToAttrs (map
(e: nameValuePair "ModemManager/fcc-unlock.d/${e.id}" {
source = e.path;
})
cfg.fccUnlockScripts)
// optionalAttrs (cfg.appendNameservers != [ ] || cfg.insertNameservers != [ ])
{
"NetworkManager/dispatcher.d/02overridedns".source = overrideNameserversScript;
}
// listToAttrs (lib.imap1 (i: s:
// listToAttrs (lib.imap1
(i: s:
{
name = "NetworkManager/dispatcher.d/${dispatcherTypesSubdirMap.${s.type}}03userscript${lib.fixedWidthNumber 4 i}";
value = { mode = "0544"; inherit (s) source; };
}) cfg.dispatcherScripts);
})
cfg.dispatcherScripts);
environment.systemPackages = packages;