Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 691140 - net-misc/networkmanager: Kernel config check is outdated
Summary: net-misc/networkmanager: Kernel config check is outdated
Status: UNCONFIRMED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Linux Gnome Desktop Team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-07-31 14:10 UTC by Rodrigo Saboya
Modified: 2019-08-13 14:19 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Rodrigo Saboya 2019-07-31 14:10:48 UTC
CONFIG_NF_NAT_IPV4 and CONFIG_NF_NAT_IPV6 were merged into CONFIG_NF_NAT on:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3bf195ae6037e310d693ff3313401cfaf1261b71

CONFIG_NF_NAT_MASQUERADE_IPV4 and CONFIG_NF_NAT_MASQUERADE_IPV6 were merged into CONFIG_NF_NAT_MASQUERADE on:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d1aca8ab3104aa7131f5ab144c6f586b54df084b
Comment 1 Rodrigo Saboya 2019-07-31 14:40:13 UTC
Proposed fix: https://github.com/gentoo/gentoo/pull/12559
Comment 2 Mart Raudsepp gentoo-dev 2019-08-04 10:49:27 UTC
So robbat2 already tweaked this wihtout going through maintainer. Maybe he has some thoughts on how to handle it in a way that keeps it working for both old and new kernels.
Comment 3 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2019-08-04 22:43:19 UTC
@leio: My fix predates this bug being filed, but the original date was lost in rebasing, so it only looks like it's older than this bug.

(In reply to Mart Raudsepp from comment #2)
> So robbat2 already tweaked this wihtout going through maintainer. Maybe he
> has some thoughts on how to handle it in a way that keeps it working for
> both old and new kernels.
What's wrong with Rodrigo's suggestion that clearly checks the kernel version?

The options I set, NF_NAT & NF_NAT_MASQUERADE are NOT new options in v5.1. They already existed. The only change is that NAT_IPV[46]/NF_NAT_MASQUERADE_IPV[46] don't exist anymore as of v5.1.

Even in older kernels, you have to go really out of your way to get a config where NF_NAT=n because of the logic around NETFILTER_ADVANCED and IP_NF_NAT.

v5.0:
> config IP_NF_NAT
>         depends on NF_CONNTRACK
>         default m if NETFILTER_ADVANCED=n
>         select NF_NAT
>         select NF_NAT_IPV4
>         select NETFILTER_XT_NAT

The sole risk would be a user building a NEW stable system, and setting NF_NAT=y && NAT_IPV6=n; and getting a configuration that passed the checks as I updated them, but not the connection-sharing functionality not work.
Comment 4 Mart Raudsepp gentoo-dev 2019-08-05 04:51:48 UTC
So it would be worth adding the version checks as Rodrigo had done to ensure 4.x kernel users find the option from their kernel configurator (menuconfig, etc) of choice?