From 66c3eef7e37311570769818cb97f3a223f6747ba Mon Sep 17 00:00:00 2001 From: Wen Liang Date: Tue, 20 Feb 2024 14:03:32 -0500 Subject: [PATCH] fix: Ask user's consent to restart NM due to wireless or team interfaces If updates for network packages are available and wireless or team connections are specified, NetworkManager must be restarted, the role requires user's consent to restart NetworkManager. Otherwise, there might be property conflicts between NetworkManager daemon and plugin, or NetworkManager plugin is not taking effect. `update_cache` is enabled in the module tasks to check if updates for network packages are available due to wireless or team interfaces, in that case, NetworkManager needs user's explicit consent to be restarted after the network package updates. And using `state: latest` for checking the network package updates because we have to guarantee that NetworkManager and its plugin have the same and most recent version for configuring the network connections settings in the backend. It is worthwhile to mention that we have both tasks using dnf and yum module for checking available updates for network packages. Because checking package cache update is not supported in Ansible package module, Fedora and RHEL8+ use DNF package manager by default, RHEL7 uses yum package manager by default. This commit will address the situation that users forget to explicitly specify `network_allow_restart: true` when specifying wireless or team connections. Signed-off-by: Wen Liang --- tasks/main.yml | 50 +++++++++++- tests/ensure_provider_tests.py | 1 + .../tests_wireless_and_network_restart.yml | 80 +++++++++++++++++++ .../assert_network_connections_failed.yml | 10 +++ tests/tasks/assert_package_installed.yml | 11 +++ ...reate_wireless_profile_restart_network.yml | 21 +++++ tests/tasks/remove_package.yml | 6 ++ .../tests_wireless_and_network_restart_nm.yml | 24 ++++++ 8 files changed, 202 insertions(+), 1 deletion(-) create mode 100644 tests/playbooks/tests_wireless_and_network_restart.yml create mode 100644 tests/tasks/assert_network_connections_failed.yml create mode 100644 tests/tasks/assert_package_installed.yml create mode 100644 tests/tasks/create_wireless_profile_restart_network.yml create mode 100644 tests/tasks/remove_package.yml create mode 100644 tests/tests_wireless_and_network_restart_nm.yml diff --git a/tasks/main.yml b/tasks/main.yml index c55f5ef..a26c504 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -24,6 +24,53 @@ when: - network_state is defined - ansible_distribution_major_version | int < 8 + +- name: Check if updates for network packages are available through the DNF + package manager due to wireless or team interfaces + dnf: + update_cache: true + name: "{{ network_packages }}" + state: latest # noqa package-latest + register: dnf_package_update_info + check_mode: true + when: + - ansible_distribution == 'Fedora' or + ansible_distribution_major_version | int > 7 + - __network_wireless_connections_defined + or __network_team_connections_defined + - not __network_is_ostree + +- name: Check if updates for network packages are available through the YUM + package manager due to wireless or team interfaces + yum: + update_cache: true + name: "{{ network_packages }}" # noqa package-latest + state: latest + register: yum_package_update_info + check_mode: true + when: + - ansible_distribution_major_version | int < 8 + - __network_wireless_connections_defined + or __network_team_connections_defined + - not __network_is_ostree + +- name: Ask user's consent to restart NetworkManager due to wireless or team + interfaces + fail: + msg: NetworkManager needs to be restarted to be able to proceed + because wireless and team interfaces are defined. This might + disturb the connectivity of the managed system. Please set + `network_allow_restart` to `true` if you are prepared for this. + Notice that the necessary action is to install NetworkManager-wifi or + NetworkManager-team plugin and to restart NetworkManager. + register: __network_service_restart_requested + when: + - __network_wireless_connections_defined + or __network_team_connections_defined + - network_provider == "nm" + - not network_allow_restart + - dnf_package_update_info is changed or yum_package_update_info is changed + # Depending on the plugins, checking installed packages might be slow # for example subscription manager might slow this down # Therefore install packages only when rpm does not find them @@ -70,7 +117,8 @@ ansible_distribution_major_version | int > 8 # If network packages changed and wireless or team connections are specified, -# NetworkManager must be restarted +# NetworkManager must be restarted, and the user needs to explicitly consent +# to restart NetworkManager by setting `network_allow_restart` to `true` - name: Restart NetworkManager due to wireless or team interfaces service: name: NetworkManager diff --git a/tests/ensure_provider_tests.py b/tests/ensure_provider_tests.py index 2b851a8..105c6c0 100755 --- a/tests/ensure_provider_tests.py +++ b/tests/ensure_provider_tests.py @@ -108,6 +108,7 @@ blackhole, prohibit and unreachable", "playbooks/tests_wireless.yml": { EXTRA_RUN_CONDITION: "ansible_distribution_major_version == '7'", }, + "playbooks/tests_wireless_and_network_restart.yml": {}, "playbooks/tests_wireless_plugin_installation.yml": {}, "playbooks/tests_wireless_wpa3_owe.yml": { "comment": "# OWE has not been supported by NetworkManager 1.18.8 on \ diff --git a/tests/playbooks/tests_wireless_and_network_restart.yml b/tests/playbooks/tests_wireless_and_network_restart.yml new file mode 100644 index 0000000..2438f08 --- /dev/null +++ b/tests/playbooks/tests_wireless_and_network_restart.yml @@ -0,0 +1,80 @@ +# SPDX-License-Identifier: BSD-3-Clause +--- +- name: Play for testing wifi and network restart + hosts: all + vars: + interface: wlan0 + profile: "{{ interface }}" + package: NetworkManager-wifi + wifi_restart_network: false + network_connections_result_error: + NetworkManager needs to be restarted to be able to proceed + because wireless and team interfaces are defined. This might + disturb the connectivity of the managed system. Please set + `network_allow_restart` to `true` if you are prepared for this. + Notice that the necessary action is to install NetworkManager-wifi or + NetworkManager-team plugin and to restart NetworkManager. + lsr_fail_debug: + - __network_connections_result + tasks: + - name: Show playbook name + debug: + msg: "this is: playbooks/tests_wireless_and_network_restart.yml" + tags: + - always + + - name: Cannot test ostree systems because the package can not be removed + or installed - 'NetworkManager-wifi' + meta: end_host + when: __network_is_ostree | d(false) + + - name: Test the wifi connection without NetworkManager restarted + tags: + - tests::wifi:create + block: + - name: Include the task 'run_test.yml' + include_tasks: tasks/run_test.yml + vars: + lsr_description: + Given a system with '{{ package }}' package removed, + when creating a wifi connection without NetworkManager restarted, + then the role should fail with the error specified in + `network_connections_result_error`. + lsr_setup: + - tasks/delete_interface.yml + - tasks/assert_device_absent.yml + - tasks/remove_package.yml + lsr_test: + - tasks/create_wireless_profile_restart_network.yml + lsr_assert: + - tasks/assert_network_connections_failed.yml + lsr_cleanup: + - tasks/check_network_dns.yml + + - name: "Reset testing variables" + set_fact: + wifi_restart_network: true + + - name: Test the wifi connection with NetworkManager restarted + tags: + - tests::wifi:restart + block: + - name: Include the task 'run_test.yml' + include_tasks: tasks/run_test.yml + vars: + lsr_description: + Given a system with '{{ package }}' package removed, + when creating a wifi connection with NetworkManager restarted, + then the wifi device and profile are present and + the '{{ package }}' package is installed in the system. + lsr_setup: + - tasks/delete_interface.yml + - tasks/assert_device_absent.yml + - tasks/remove_package.yml + lsr_test: + - tasks/create_wireless_profile_restart_network.yml + lsr_assert: + - tasks/assert_package_installed.yml + lsr_cleanup: + - tasks/cleanup_profile+device.yml + - tasks/check_network_dns.yml diff --git a/tests/tasks/assert_network_connections_failed.yml b/tests/tasks/assert_network_connections_failed.yml new file mode 100644 index 0000000..aaaa485 --- /dev/null +++ b/tests/tasks/assert_network_connections_failed.yml @@ -0,0 +1,10 @@ +# SPDX-License-Identifier: BSD-3-Clause +--- +- name: Assert that configuring network connections failed + assert: + that: + - __network_service_restart_requested is failed + - __network_service_restart_requested is search( + network_connections_result_error) + msg: Configuring network connections is not failed with the error + "{{ network_connections_result_error }}" diff --git a/tests/tasks/assert_package_installed.yml b/tests/tasks/assert_package_installed.yml new file mode 100644 index 0000000..4a0dee9 --- /dev/null +++ b/tests/tasks/assert_package_installed.yml @@ -0,0 +1,11 @@ +# SPDX-License-Identifier: BSD-3-Clause +--- +- name: "Get the rpm package facts" + package_facts: + manager: "auto" + +- name: "Assert installed package '{{ package }}'" + assert: + that: + - package in ansible_facts.packages + msg: "'{{ package }}' is not installed" diff --git a/tests/tasks/create_wireless_profile_restart_network.yml b/tests/tasks/create_wireless_profile_restart_network.yml new file mode 100644 index 0000000..6e8505f --- /dev/null +++ b/tests/tasks/create_wireless_profile_restart_network.yml @@ -0,0 +1,21 @@ +# SPDX-License-Identifier: BSD-3-Clause +--- +- name: Create wireless connection with rescue + block: + - name: Import network role + import_role: + name: linux-system-roles.network + vars: + network_allow_restart: '{{ wifi_restart_network }}' + network_connections: + - name: "{{ interface }}" + type: wireless + wireless: + ssid: "My WPA2-PSK Network" + key_mgmt: "wpa-psk" + password: "p@55w0rD" + + rescue: + - name: Show rescue result + debug: + var: __network_service_restart_requested diff --git a/tests/tasks/remove_package.yml b/tests/tasks/remove_package.yml new file mode 100644 index 0000000..731348a --- /dev/null +++ b/tests/tasks/remove_package.yml @@ -0,0 +1,6 @@ +# SPDX-License-Identifier: BSD-3-Clause +--- +- name: "Remove the package '{{ package }}'" + package: + name: "{{ package }}" + state: absent diff --git a/tests/tests_wireless_and_network_restart_nm.yml b/tests/tests_wireless_and_network_restart_nm.yml new file mode 100644 index 0000000..ddcd489 --- /dev/null +++ b/tests/tests_wireless_and_network_restart_nm.yml @@ -0,0 +1,24 @@ +# SPDX-License-Identifier: BSD-3-Clause +# This file was generated by ensure_provider_tests.py +--- +# set network provider and gather facts +# yamllint disable rule:line-length +- name: Run playbook 'playbooks/tests_wireless_and_network_restart.yml' with nm as provider + hosts: all + tasks: + - name: Include the task 'el_repo_setup.yml' + include_tasks: tasks/el_repo_setup.yml + - name: Set network provider to 'nm' + set_fact: + network_provider: nm + tags: + - always + + +# The test requires or should run with NetworkManager, therefore it cannot run +# on RHEL/CentOS 6 +- name: Import the playbook 'playbooks/tests_wireless_and_network_restart.yml' + import_playbook: playbooks/tests_wireless_and_network_restart.yml + when: + - ansible_distribution_major_version != '6' + - ansible_distribution != 'Fedora'