diff options
| author | Florian Klink <flokli@flokli.de> | 2023-09-12 22:57:31 +0200 |
|---|---|---|
| committer | Florian Klink <flokli@flokli.de> | 2023-09-12 22:57:31 +0200 |
| commit | 5d3ca06db30c6c2d089ce72bc3d87e50c7231249 (patch) | |
| tree | eb3b9a053c3b44da874694920a338711927da1b9 | |
| parent | 8606f6c8e182cb56e1c7c54fd6361f7ca1870be6 (diff) | |
| download | nixpkgs-5d3ca06db30c6c2d089ce72bc3d87e50c7231249.tar nixpkgs-5d3ca06db30c6c2d089ce72bc3d87e50c7231249.tar.gz nixpkgs-5d3ca06db30c6c2d089ce72bc3d87e50c7231249.tar.bz2 nixpkgs-5d3ca06db30c6c2d089ce72bc3d87e50c7231249.tar.lz nixpkgs-5d3ca06db30c6c2d089ce72bc3d87e50c7231249.tar.xz nixpkgs-5d3ca06db30c6c2d089ce72bc3d87e50c7231249.tar.zst nixpkgs-5d3ca06db30c6c2d089ce72bc3d87e50c7231249.zip | |
nixos/modemmanager: remove enableBundledFccUnlockScripts option
This removes the networking.networkmanager.enableBundledFccUnlockScripts option, and updates the release notes.
| -rw-r--r-- | nixos/doc/manual/release-notes/rl-2311.section.md | 2 | ||||
| -rw-r--r-- | nixos/modules/services/networking/networkmanager.nix | 30 | ||||
| -rw-r--r-- | pkgs/tools/networking/modemmanager/default.nix | 16 |
3 files changed, 9 insertions, 39 deletions
diff --git a/nixos/doc/manual/release-notes/rl-2311.section.md b/nixos/doc/manual/release-notes/rl-2311.section.md index a2041db2a87..c9cb67fc324 100644 --- a/nixos/doc/manual/release-notes/rl-2311.section.md +++ b/nixos/doc/manual/release-notes/rl-2311.section.md @@ -187,6 +187,8 @@ - Emacs macport version 29 was introduced. +- The option `services.networking.networkmanager.enableFccUnlock` was removed in favor of `networking.networkmanager.fccUnlockScripts`, which allows specifying unlock scripts explicitly. The previous option simply did enable all unlock scripts bundled with ModemManager, which is risky, and didn't allow using vendor-provided unlock scripts at all. + - The `html-proofer` package has been updated from major version 3 to major version 5, which includes [breaking changes](https://github.com/gjtorikian/html-proofer/blob/v5.0.8/UPGRADING.md). - `kratos` has been updated from 0.10.1 to the first stable version 1.0.0, please read the [0.10.1 to 0.11.0](https://github.com/ory/kratos/releases/tag/v0.11.0), [0.11.0 to 0.11.1](https://github.com/ory/kratos/releases/tag/v0.11.1), [0.11.1 to 0.13.0](https://github.com/ory/kratos/releases/tag/v0.13.0) and [0.13.0 to 1.0.0](https://github.com/ory/kratos/releases/tag/v1.0.0) upgrade guides. The most notable breaking change is the introduction of one-time passwords (`code`) and update of the default recovery strategy from `link` to `code`. diff --git a/nixos/modules/services/networking/networkmanager.nix b/nixos/modules/services/networking/networkmanager.nix index 04e43ba49e9..6bc46a9a90e 100644 --- a/nixos/modules/services/networking/networkmanager.nix +++ b/nixos/modules/services/networking/networkmanager.nix @@ -370,18 +370,6 @@ in ''; }; - enableBundledFccUnlockScripts = mkOption { - type = types.bool; - default = false; - description = lib.mdDoc '' - Enable FCC unlock procedures shipped with ModemManager. - Since release 1.18.4, the ModemManager daemon no longer - automatically performs the FCC unlock procedure by default. See - [the docs](https://modemmanager.org/docs/modemmanager/fcc-unlock/) - for more details. - ''; - }; - fccUnlockScripts = mkOption { type = types.listOf (types.submodule { options = { @@ -410,7 +398,13 @@ in [ "networking" "networkmanager" "packages" ] [ "networking" "networkmanager" "plugins" ]) (mkRenamedOptionModule [ "networking" "networkmanager" "useDnsmasq" ] [ "networking" "networkmanager" "dns" ]) - (mkRenamedOptionModule [ "networking" "networkmanager" "enableFccUnlock" ] [ "networking" "networkmanager" "enableBundledFccUnlockScripts" ]) + (mkRemovedOptionModule [ "networking" "networkmanager" "enableFccUnlock" ] '' + This option was removed, because using bundled FCC unlock scripts is risky, + might conflict with vendor-provided unlock scripts, and should + be a conscious decision on a per-device basis. + Instead it's recommended to use the + `networking.networkmanager.fccUnlockScripts` option. + '') (mkRemovedOptionModule [ "networking" "networkmanager" "dynamicHosts" ] '' This option was removed because allowing (multiple) regular users to override host entries affecting the whole system opens up a huge attack @@ -539,16 +533,6 @@ in ]; } - # if cfg.enableBundledFccUnlockScripts is set, populate - # networking.networkmanager.fccUnlockScripts with the values from - # pkgs.modemmanager.passthru.fccUnlockScripts. - (mkIf cfg.enableBundledFccUnlockScripts { - networkmanager.fccUnlockScripts = lib.optionals cfg.enableBundledFccUnlockScripts - lib.mapAttrsToList - (id: path: { inherit id path; }) - pkgs.modemmanager.passthru.fccUnlockScripts; - }) - (mkIf cfg.enableStrongSwan { networkmanager.plugins = [ pkgs.networkmanager_strongswan ]; }) diff --git a/pkgs/tools/networking/modemmanager/default.nix b/pkgs/tools/networking/modemmanager/default.nix index e9960f5494d..d66c277f1da 100644 --- a/pkgs/tools/networking/modemmanager/default.nix +++ b/pkgs/tools/networking/modemmanager/default.nix @@ -12,7 +12,6 @@ , python3 , libmbim , libqmi -, modemmanager , systemd , bash-completion , meson @@ -94,21 +93,6 @@ stdenv.mkDerivation rec { ''; installCheckTarget = "check"; - passthru = { - # provided FCC unlock scripts. Used by the NixOS module system to symlink - # to them from /etc/ModemManager/fcc-unlock.d/…. - # Most of them actually symlink to a "common" unlock script - fccUnlockScripts = { - "03f0:4e1d" = "${modemmanager}/share/ModemManager/fcc-unlock.available.d/1199"; - "105b:e0ab" = "${modemmanager}/share/ModemManager/fcc-unlock.available.d/105b"; - "1199:9079" = "${modemmanager}/share/ModemManager/fcc-unlock.available.d/1199"; - "1eac:1001" = "${modemmanager}/share/ModemManager/fcc-unlock.available.d/1eac"; - "2c7c:030a" = "${modemmanager}/share/ModemManager/fcc-unlock.available.d/2c7c"; - "413c:81a3" = "${modemmanager}/share/ModemManager/fcc-unlock.available.d/1199"; - "413c:81a8" = "${modemmanager}/share/ModemManager/fcc-unlock.available.d/1199"; - }; - }; - meta = with lib; { description = "WWAN modem manager, part of NetworkManager"; homepage = "https://www.freedesktop.org/wiki/Software/ModemManager/"; |