Re: An Idea
On Wed, 2008-08-13 at 12:43 +0100, The Holy ettlz wrote: > On Wed, 2008-08-13 at 14:36 +0300, Tambet Ingo wrote: > > This can (and should) be done easily with dispatcher scripts. There's > > a lot of things that might need to be changed depending on location > > (things like printers, browser proxies, SMTP server, firewall, ...) > > I've been thinking about this recently --- is there an established, > medium-neutral way of securely identifying a network? I was thinking of > doing something like adding an extra option to DHCP that gave clients a > HTTPS URL which they could use to identify and authenticate a network > (triggered by an NMD hook), and then configure themselves according to a > local database. > > James The approach we've taken is to use separate private subnets for various networks, avoiding the commonly used ones (192.168.0.0/24, 192.168.1.0/24, 192.168.100.0/24). From this we can deduce which subnet we are on (never hit an airport/hotel/coffee shop that uses any of our subnets). One of the things we do with this (which gets back to the original poster's idea) is to automatically add/remove printers based on the subnet using a dispatcher script. Our script even pops up a libnotify message letting you know when printers were added/removed and which one it set as the system default. As we add new printers at various offices, we just drop a ppd file and simple config file into our package, push out an updated rpm, and all machines will support the new printer if they are connected to that subnet. I can think of better ways to handle this, but this is a simple low-tech solution that has worked well for a few years now. -casey ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Network Manager and NFS
On Wed, 2008-08-13 at 14:37 -0700, Robert Smits wrote: > My workaround, which isn't entirely satisfactory, is to use ifup and dispense > with network manager altogether. Unfortunately, that doesn't allow me to see > other possible network connections and make quick and easy connections when > I'm on the road. > > What I still don't understand, though, is why Network Manager isn't > configured > to deal with managing changing nfs networks. I think what you're asking for is called Network Location Awareness --- how an interface distinguishes to which network it is attached, and then the machine configures itself as appropriate. I think there a few implementations of this [standards, anybody?] but personally I like this one: authenticated DHCP, since it should also work securely for plain old wired Ethernet. http://www.cl.cam.ac.uk/~sjm217/papers/securecomm07authdhcp.pdf I've got a bit of time on my hands, I might code up my earlier HTTPS idea. There's a whole bunch of things you can hook into changes in network such as iptables, service daemons, etc., and of course NFS mounts. But before that the relevant NLA infrastructure needs to be in place. This means having (1) a mechanism to identify the network, and (2) telling other processes (such as other config daemons) that we're on that network. It should be up to the latter what action we take. NM already has "network link awareness", viz. Pidgin and Evolution. Am I right in thinking that the replacement for init is also dbus-aware? Of course, all this takes time ...and planning ;) James -- The Holy ettlz [EMAIL PROTECTED] PGP key ID: 03F94B5D --- signature.asc Description: This is a digitally signed message part ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Network Manager and NFS
On August 10, 2008 08:04:51 pm Dan Williams wrote:
> On Fri, 2008-08-08 at 22:43 +0100, The Holy ettlz wrote:
> > Hello,
> >
> > > I like the way Knetwork Manager and Network Manager work for the most
> > > part, but I find I cannot use them - why - because I need to change my
> > > nfs networks at each site I log into. And because network manager
> > > doesn't understand this, I have to use ifup and scpm to do it.
> >
> > The "semi-canonical" way to do it probably to add some hook scripts
> > into /etc/NetworkManager/dispatcher.d/. Last time I checked, the
> > dispatcher ran each of these scripts in alphanumeric order with
> > arguments
>
> Right. Dispatcher scripts are the best way to do this sort of thing if
> all you need are a few lines of shell.
>
> > {up|down}
> >
> > You'll probably need to cook up some of your own wizardry in order to
> > automatically decide what network you're on, then change the NFS mounts,
> > etc. (I don't think there's any way at present to automate this on a
> > per-user basis, although as far as I understand it'd certainly be
> > possible with the current NM to write a user session daemon that waits
> > for a particular network connection and then, say, does a FUSE mount.)
>
> We can certainly export the connection name, path, id, and settings
> service, which should be enough to ID the connection. That can be
> stuffed into the environment that the script gets executed with. The
> DHCP4 config is already exported in this manner, which you could use in
> the mean time.
>
> Dan
Thanks, Fellows, both of you for responding with your suggestions. I'm not
competent to write either "hook" or "dispatcher" scripts (are they one and
the same thing?)
However, I've looked at the scripts in this folder, and they're full of
references that mean nothing whatever to me. I appreciate your advice, but I
know nothing about user session daemons or FUSE mounts. If that's what it
will take, I'll forget about it.
My workaround, which isn't entirely satisfactory, is to use ifup and dispense
with network manager altogether. Unfortunately, that doesn't allow me to see
other possible network connections and make quick and easy connections when
I'm on the road.
What I still don't understand, though, is why Network Manager isn't configured
to deal with managing changing nfs networks.
--
Robert Smits CEP525G
Nanaimo, Duncan & District Labour Council
Box 822 Nanaimo, V9R 5N2 Ph 250-753-0201
Fax 250-753-2954 Email [EMAIL PROTECTED]
___
NetworkManager-list mailing list
NetworkManager-list@gnome.org
http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: DHCP client ID in svn3846
On Wednesday 13 August 2008, Dan Williams wrote: > On Wed, 2008-08-13 at 08:54 -0400, Neal Becker wrote: > > On Wednesday 13 August 2008, Dan Williams wrote: > > > On Wed, 2008-08-13 at 08:46 -0400, Neal Becker wrote: > > > > I'm testing NetworkManager-0.7.0-0.11.svn3846.fc9.x86_64. > > > > > > > > I'm guessing that the option > > > > DHCP client ID > > > > in editing auto ethernet/IPv4 Settings should set DHCP_HOSTNAME? It > > > > doesn't (as shown in /var/run/nm-dhclient-eth0.conf) > > > > > > > > Also, I _do_ have DHCP_HOSTNAME set in > > > > /etc/sysconfig/network-scripts/ifcfg-eth0, but this seems to be > > > > ignored. > > > > > > Unfortunately dhcp client id and dhcp hostname are actually two > > > different things. I'll check about the DHCP_HOSTNAME thing; if that's > > > not working it's a bug. > > > > > > Dan > > > > If they are 2 different things, then what is the preferred method to set > > DHCP_HOSTNAME? Seems reasonable to add it to the NM edit gui. > > Is what you put in DHCP_HOSTNAME the same as your local hostname? If > not, why? The entry in DHCP_HOSTNAME is the same as my local hostname. Having this show up in DNS is a bit more than "just a convenience", IMO. ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: DHCP client ID in svn3846
On Wed, 2008-08-13 at 08:54 -0400, Neal Becker wrote: > On Wednesday 13 August 2008, Dan Williams wrote: > > On Wed, 2008-08-13 at 08:46 -0400, Neal Becker wrote: > > > I'm testing NetworkManager-0.7.0-0.11.svn3846.fc9.x86_64. > > > > > > I'm guessing that the option > > > DHCP client ID > > > in editing auto ethernet/IPv4 Settings should set DHCP_HOSTNAME? It > > > doesn't (as shown in /var/run/nm-dhclient-eth0.conf) > > > > > > Also, I _do_ have DHCP_HOSTNAME set in > > > /etc/sysconfig/network-scripts/ifcfg-eth0, but this seems to be ignored. > > > > Unfortunately dhcp client id and dhcp hostname are actually two > > different things. I'll check about the DHCP_HOSTNAME thing; if that's > > not working it's a bug. > > > > Dan > > If they are 2 different things, then what is the preferred method to set > DHCP_HOSTNAME? Seems reasonable to add it to the NM edit gui. Is what you put in DHCP_HOSTNAME the same as your local hostname? If not, why? There's a limit to what stuff can be put into the UI, and I don't think having an entry for an option that we can likely probably scrape from gethostname(2) gets over the bar. The client ID is quite a bit more often used from what I can tell, because in many setups it's actually _required_ to get get real connectivity. The hostname thing is more of a convenience option to let you refer to your machine by a known name. > BTW, what is DHCP client ID then? An arbitrary identifier sent to the DHCP server to reserve a specific IP address for your machine, usually the MAC address or some other unique ID. The "dhcp hostname" option just sends a hostname to the DHCP server, which (if configured correctly) forwards that hostname on along with your IP address to a DNS server. Dan ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: DHCP client ID in svn3846
On Wednesday 13 August 2008, Dan Williams wrote: > On Wed, 2008-08-13 at 08:46 -0400, Neal Becker wrote: > > I'm testing NetworkManager-0.7.0-0.11.svn3846.fc9.x86_64. > > > > I'm guessing that the option > > DHCP client ID > > in editing auto ethernet/IPv4 Settings should set DHCP_HOSTNAME? It > > doesn't (as shown in /var/run/nm-dhclient-eth0.conf) > > > > Also, I _do_ have DHCP_HOSTNAME set in > > /etc/sysconfig/network-scripts/ifcfg-eth0, but this seems to be ignored. > > Unfortunately dhcp client id and dhcp hostname are actually two > different things. I'll check about the DHCP_HOSTNAME thing; if that's > not working it's a bug. > > Dan If they are 2 different things, then what is the preferred method to set DHCP_HOSTNAME? Seems reasonable to add it to the NM edit gui. BTW, what is DHCP client ID then? ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: DHCP client ID in svn3846
On Wed, 2008-08-13 at 08:46 -0400, Neal Becker wrote: > I'm testing NetworkManager-0.7.0-0.11.svn3846.fc9.x86_64. > > I'm guessing that the option > DHCP client ID > in editing auto ethernet/IPv4 Settings should set DHCP_HOSTNAME? It doesn't > (as shown in /var/run/nm-dhclient-eth0.conf) > > Also, I _do_ have DHCP_HOSTNAME set in > /etc/sysconfig/network-scripts/ifcfg-eth0, but this seems to be ignored. Unfortunately dhcp client id and dhcp hostname are actually two different things. I'll check about the DHCP_HOSTNAME thing; if that's not working it's a bug. Dan ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
DHCP client ID in svn3846
I'm testing NetworkManager-0.7.0-0.11.svn3846.fc9.x86_64. I'm guessing that the option DHCP client ID in editing auto ethernet/IPv4 Settings should set DHCP_HOSTNAME? It doesn't (as shown in /var/run/nm-dhclient-eth0.conf) Also, I _do_ have DHCP_HOSTNAME set in /etc/sysconfig/network-scripts/ifcfg-eth0, but this seems to be ignored. ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: An Idea
On Wed, 2008-08-13 at 14:36 +0300, Tambet Ingo wrote: > This can (and should) be done easily with dispatcher scripts. There's > a lot of things that might need to be changed depending on location > (things like printers, browser proxies, SMTP server, firewall, ...) I've been thinking about this recently --- is there an established, medium-neutral way of securely identifying a network? I was thinking of doing something like adding an extra option to DHCP that gave clients a HTTPS URL which they could use to identify and authenticate a network (triggered by an NMD hook), and then configure themselves according to a local database. James -- The Holy ettlz [EMAIL PROTECTED] PGP key ID: 03F94B5D --- signature.asc Description: This is a digitally signed message part ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: An Idea
On Wed, Aug 13, 2008 at 2:15 AM, Hasan Ceylan <[EMAIL PROTECTED]> wrote: > Now, then the dynamic hosts file idea came on my mind. Wouldn't it be nice > to have some hosts definitions in the connection properties so that they > become effective based on the connection just like the IP and DNS setting > based on connection profile in Network Manager This can (and should) be done easily with dispatcher scripts. There's a lot of things that might need to be changed depending on location (things like printers, browser proxies, SMTP server, firewall, ...) and NM should not try to do everything. Instead, it should provide an easy way to add hooks and that's what the dispatcher is for. Tambet ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
An Idea
Hello, I have an idea and would like to share with the Network Manager developers before posting an enhancement request to the bugzilla. I use my laptop mainly home and at the office. I have a vpn that connects me to the office when I am working at home. Not the VPN IP address and the lAN IP address of the SVN server are obviously different. And the vpn server is neither at home nor at the office. So it fine to go the svn by the VPN IP when I am out of the office but when I am in the office, in order to reach the SVN server, I'll have to travel through the VPN server (thus the internet -> slow) So there is one option, As I move around I'll have to keep different hosts files and change them according to my current location. ie: change the SVN server's IP address from VPN IP to Office LAN IP. I looked into the possibility of using DNS to return *closer* IP of the destination server but AFAIK, this is not possible. Now, then the dynamic hosts file idea came on my mind. Wouldn't it be nice to have some hosts definitions in the connection properties so that they become effective based on the connection just like the IP and DNS setting based on connection profile in Network Manager Regards, Hasan Ceylan -- View this message in context: http://www.nabble.com/An-Idea-tp18954271p18954271.html Sent from the Gnome - NetworkManager mailing list archive at Nabble.com. ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
