- Without selecting an option, trying to submit the form leads to an error.
Tests:
- Go to the new connection form, notice that the 'auto' method is selected by
default.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
- If an existing network manager connection with the missing values is ever
edited, it leads an awkward interface.
- So, complete the setting by allowing values supported by Network Manager.
Tests:
- Create new connections with the new values 'link-local' and 'disabled'.
Connection creation succeeds.
- Editing connection to these values works too.
- When 'link-local' or 'disabled' values are selected, primary and secondary DNS
fields are disabled.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
- Expose Network Manager per-connection setting for DNS-over-TLS. Support all
four values: default, no, opportunistic, and yes.
- Create a new collapsible section all 'Privacy' for this setting the connection
create/edit form. Strictly speaking this is related to security and censorship
resistance too.
- Don't show the DoT field for PPPoE connection types are DNS servers are not
relevant.
- Show the status of DoT for a connection in the connection status page.
Tests:
- In all Add New Connection forms except PPPoE form, the privacy
section shows up as expected.
- For each value for DoT, create a new connection and set the value for DoT to the
desired value and observe that the connection status page shows DoT to the set
value.
- For each value for DoT, edit an existing connection and set the value for the
DoT to the desired value and observe that the connection status page shows DoT
to the set value.
- Connection status page shows the values for DoT as expected.
- Update the primary Internet connection for the machine. Set the value to 'yes'
and notice that DNS resolutions fail. Set the value to 'opportunistic' or 'no'
and the DNS resolutions pass. In each case, 'resolvectl' shows the correct DoT
value for the connection. When 1.1.1.1 is set as DNS server, all values of DoT
in the connection succeed.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
Package holds are only expected when apps are being installed or
uninstalled, or during distribution upgrade process. At any other
time, package holds are not expected and should be released.
Tests:
- Place a hold on one package. Run the upgrades diagnostics, which
will have a failure. Try to repair the failure, and confirm that the
package is no longer held.
- Repeat with two or three packages being held.
[sunil]
- When the package 'needsrestart' is outdated and another package is held,
running repair unholds the package as well as runs setup() on the upgrades app
leading to 'needsrestart' package getting upgrade.
- When only failed diagnostic is for package holds. Running repair unholds the
packages but does not rung setup().
Helps: #2347
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Fixes: #2432
Tests:
- Without patch install MediaWiki. phpinfo() shows max execution time for 30
seconds. Apply patch, run 'make install' and restart service. Mediawiki app is
updated. Apache2 is reloaded. phpinfo() shows max execution time for 100
seconds.
- Create a script to 100% utilize the CPU for 90 seconds. It works.
- Create a script to 100% utilize the CPU for 110 seconds. It fails and get
killed after about 100 seconds.
Signed-off-by: Joseph Nuthalapati <njoseph@riseup.net>
Tested-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Closes: #1196.
- systemd-resolved always contains the current list of known DNS servers taken
from systemd-networkd, network-manager, or by other means. It also has fallback
DNS servers. Forwarding requests to it allows correct and failsafe way to reach
external DNS servers.
Tests:
- Freshly install bind and notice that the fowarders list is set to 127.0.0.53.
- Install without the patch. Apply patch. Restart service. bind is upgraded to
new version and forwarder is set to 127.0.0.53 if it is blank. Otherwise, it
remains as is.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
Tests:
- Without patch, disable bind. Incrementing the app's version number results in
bind getting started.
- With patch, disable bind. Incrementing the app's version number does not
result in bind getting started.
- Without patch, disable bind. Update forwarders. Bind is running again.
- With patch, disable bind. Update forwarders. Bind is not running again.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
- Before this change, when bind is disabled, dns port is removed from firewall
causing all 'shared' connection to not be able to resolve domains. This was
because no other application was declaring a need for 'dns' port to be kept
open. Declare a firewall component in the networks app needing 'dns' and 'dhcp'
services on the internal networks.
Tests:
- Without the patch, install and disable bind. 'dns' port is removed from
'internal' zone of the firewall.
- Install and disable bind. 'dns' port is not removed from 'internal' zone of
the firewall.
- On a fresh Debian machine. Install the freedombox package. 'http', 'https',
'dns' and 'dhcp' port are opened on the firewall as expected.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
Tests:
- Without the patch, start the service and dismiss the privacy notification.
With the patch, the restart the service. Privacy app is updated and privacy
notification is shown again. Incrementing the version number of the privacy app
does not result in showing of the notification again.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
- Using public DNS servers leads to user's domain queries being known to the
servers, violating privacy. However, it is necessary to address many corner
cases when DNS servers are not known to systemd-resolved but internet
connectivity is working. Allow users to disable fallback DNS servers.
Tests:
- After upgrade to latest version of FreedomBox, the setting is on by default.
- Disabling removes the /etc configuration file and resolvectl shows no fallback
DNS entries.
- Enabling add the /etc configuration file and resolvectl shows fallback
entries. After removing existing DNS servers using resolvectl, one can still
query using fallback servers.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
- This avoids using fallback DNS servers in systemd-resolved soon after
systemd-resolved takes over /etc/resolv.conf and if network-manager knows some
DNS servers from the connections it has established.
- Version for the names app has already been incremented in this patch series.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
- Disable mDNS resolution. While we can migrate our DNS-SD service definition
files to systemd-resolved and switch from using avahi to systemd-resolved, many
programs still solely depend on avahi-daemon. Examples include cups and GNOME.
It is not clear if they will work any mDNS daemon or if they interact with
avahi-daemon in other ways that the mDNS protocol. So, for now, disable mDNS in
systemd-resolved and continue to use avahi-daemon for it. This is also Fedora's
default.
- Re-introduce Fallback DNS servers with the value same as the upstream systemd
project. Debian removes the default fallback DNS servers likely because they
could be considered a privacy violation. However, when systemd-resolved package
is first installed, the post install script recommends a reboot instead of
feeding the currently configured nameservers from /etc/resolve.conf into
systemd-resolved. Immediately, this causes the system not be able to connect to
any external servers. While this may be acceptable solution for interactive
systems and pre-built images, FreedomBox has to a) be available for remote
access b) perform upgrades without user intervention (and without reboot until a
day). To mitigate privacy concerns, an option to disable these fallback servers
will be provided in the UI.
- systemd-resolved's stub resolver runs on 127.0.0.53%lo:53 and 127.0.0.54. This
does not conflict either with shared connections which listen on 10.42.x.1 or
with bind which listens on 127.0.0.1 (and other IP addresses). This MR does not
address the existing conflict between bind and shared network connections.
However, it does not cause any further conflicts.
Tests:
* mDNS
- Avahi diagnostics works. daemon is running. mdns port is exposed in the
firewall.
- systemd-resolved does not listen on mDNS ports.
- Running avahi-browse shows freedombox on local network.
- Running avahi-browse shows the services ssh, sftp-ssh, http and ejabberd.
- Machine can be discovered in Gnome Files.
* NetworkManager shared connections
- After install/upgrade to systemd-resolved, 'shared' connections can be
created.
- With a 'shared' connection configured and active, it is possible to upgrade to
using systemd-resolved.
- Resolving domains from a machine on shared network goes via systemd-resolved
on FreedomBox.
* Bind
- Installing, running tests on bind works.
- Programs connecting from outside network can connect to bind as expected.
- Programs connecting from local machine can connect to bind as expected.
* Upgrading works
- Upgrading to new FreedomBox package works
- systemd-resolved is installed and running. 'resolvectl' shows a proper name
server (or fallback nameserver like 1.1.1.1).
- libnss-resolve is installed and configured in /etc/nsswitch.conf
- /etc/resolv.conf has proper link to /run/systemd/resolve/stub-resolv.conf.
- Programs using /etc/resolv.conf directly work. Install python3-pycares.
python3 -m pycares freedombox.org.
- NetworkManager has passed on proper DNS entries. In logs dns=systemd-resolved,
rc-manager=unmanaged, plugin=systemd-resolved
- DNS resolution works after first setup. Installing packages works.
- 'resolvectl query' resolution works.
- Programs using glibc API resolution such as 'ping' work.
* Fresh image
- Building an image with new freedombox package works without error.
- Booting from fresh images works.
- systemd-resolved is installed and running. 'resolvectl' show proper name
server.
- libnss-resolve is installed and configured in /etc/nsswitch.conf
- /etc/resolv.conf has proper link to /run/systemd/resolve/stub-resolv.conf
- Programs using /etc/resolv.conf directly work. Install python3-pycares.
python3 -m pycares wikipedia.org
- NetworkManager has passed on proper DNS entries. In logs dns=systemd-resolved,
rc-manager=unmanaged, plugin=systemd-resolved
- DNS resolution works after first setup. Installing packages works.
* Installing package on Debian
- Installing new freedombox package in Debian machine works.
- systemd-resolved is installed and running.
- libnss-resolve is installed and configured.
- /etc/resolv.conf has proper link to /run
- NetworkManager has passed on proper DNS entries to systemd-resolved using
'nmcli reload dns-rc'.
- Resolution works with fallback DNS servers when network interfaces are
configured with /etc/network/interfaces
* OpenVPNs works
- As a server, we don't push DNS servers to the client. So, a client continues
to use its old DNS servers. With systemd-resolved running on server, the client
is able to connect to OpenVPN server, route traffic to the internet, and resolve
DNS queries.
* WireGuard works
- As a server, we can't push DNS servers to the client. So, a client continues
to use its old DNS servers. With systemd-resolved running on server, the client
is able to connect to WireGuard server, route traffic to the internet, and
resolve DNS queries.
- As a client, server does not push DNS servers to the client. So, a client
continues to use its old DNS servers. With systemd-resolved running on the
client, the client is able to connect to WireGuard server, route traffic to the
internet, and resolve DNS queries.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
On systems where the grub-pc package is not available (e.g. ARM),
dpkg-query will have an exit status of 1. Handle the error that is
raised in this case.
Tests:
- Added unit tests for storage._diagnose_grub_configured.
- Tested on Raspberry Pi 4.
Closes: #2441
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Fixes#2420.
Tests performed using Debian stable:
- Set user language to espanol. Install, repair and remove gitweb app.
Check that all app operation messages are in spanish.
- All unit tests pass.
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
- Add a new diagnostic check result for skipped tests.
Tests:
- Put a hold on a package. The diagnostic is failed.
- Remove the hold from the package. The diagnostic is passed.
- Start installing an app, then immediately run the upgrades
diagnostics. The diagnostic is skipped.
Helps: #2347
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
[sunil: Allow i18n for new state 'skipped']
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
- Create new policy that allows forwarding between zones.
See: https://bugzilla.redhat.com/show_bug.cgi?id=2016864#c8
- Increment version to perform setup on upgrade.
Closes: #2355
Tests:
- Build freedombox package, and install on top of Bookworm VM The
firewall setup is performed. firewall-cmd lists the fbx_int_to_ext_fwd
policy, masquerade on external zone, and forward on internal zone.
Not tested:
- I did not test forwarding traffic from external to internal zone.
However, several users have reported following these instructions on
the forum, and that it solved the issue for them.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
[sunil: Minor refactors for readability]
[sunil: Ensure that operation is idempotent]
[sunil: Reload instead of restarting firewalld]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
If the GRUB install device has not been selected, then grub package
configuration will fail during upgrades.
Tests:
- Install freedombox package with this change in a VM. Check that the
diagnostic is passed.
- Re-install the grub-pc package with DEBIAN_FRONTEND set to
noninteractive, so that it fails to be configured. Check that the
diagnostic is failed.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
- All forms are rendered using django-bootstrap-form excep the
app enable/disable form. Render this one too using django-boostrap-form so that
the default.html is not used for rendering. Using default.html is deprecated in
Django 4.0 and in 5.0 will default to using div.html.
Tests:
- No change in HTML output, appearance or functionality for the enable/disable
button.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
- Eliminate a Django warning message.
- This setting has been deprecated. It will be remove in Django 5.0 and is
always on.
Tests:
- On Debian stable, django.VERSION <= (4,0) evaluates to True and on testing it
evaluates to False.
- After the patch, the warning related to USE_L10N has disappeared.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
This is to ensure that secret parameter which must likely be marked as secret
are not marked as secret. The partially mitigates the biggest disadvantage of
printing all the parameters by default and marking exception, that is,
forgetting to mark.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- When privileged action is called, it is logged without arguments currently.
Extend this to log all arguments but excluding the parameters of type
secret_str.
- When error is raised, all arguments are being logged currently. Extend this to
exclude the parameters of type secret_str.
Tests:
- Privileged actions with secret strings log messages with '****' instead of
secret string.
- When an error is raised in a privileged action, an exception is logged. In the
exception message, the method and parameters are printed. Parameters that are
secret strings are shown as '****'.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
