Bug 1888051
| Summary: | NetworkManager needs to pass bridge master to wpa_supplicant when Wlan is part of bridge | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | Philip Prindeville <philipp> | ||||
| Component: | NetworkManager | Assignee: | Beniamino Galvani <bgalvani> | ||||
| Status: | CLOSED ERRATA | QA Contact: | Filip Pokryvka <fpokryvk> | ||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | CentOS Stream | CC: | acardace, atragler, bgalvani, bstinson, carl, fpokryvk, jwboyer, lrintel, philipp, rkhan, sukulkar, thaller, till, vbenes | ||||
| Target Milestone: | rc | Keywords: | Triaged | ||||
| Target Release: | 8.0 | ||||||
| Hardware: | All | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | NetworkManager-1.30.0-0.1.el8 | Doc Type: | If docs needed, set a value | ||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | |||||||
| : | 1888610 (view as bug list) | Environment: | |||||
| Last Closed: | 2021-05-18 13:29:43 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Bug Depends On: | 1888050, 1888610, 1915236 | ||||||
| Bug Blocks: | |||||||
| Attachments: |
|
||||||
Hi, A bug report against rhel-8 will always be (at earliest) fixed in the next minor rhel-8 release (at this point, that is rhel-8.4 because it's too late for rhel-8.3). -- Z-stream updates are handled entirely different, but a feature request like this wouldn't qualify for that. Since we plan to rebase NetworkManager with rhel-8.4, and since this is fixed upstream, it will be fixed automatically. Moving this bug to POST. (I think this bug is against CentOS Stream, but CentOS Stream is just a build of rhel-8.4 development snapshots, so overall this is still a RHEL-8 bug) However, this issue also requires changes to wpa_supplicant. We will anyway add the support to NetworkManager (with the rebase), but it won't be useful, unless also wpa_supplicant has the feature. I will clone this bug for wpa_suppliant. (In reply to Thomas Haller from comment #1) > I will clone this bug for wpa_suppliant. Ah, that already exists as bug 1888050. The test is passing with wpa_supplicant-2.9-3.el8, moving to verified. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: NetworkManager and libnma security, bug fix, and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:1574 |
Created attachment 1721326 [details] Backport of upstream fix to 1.27.3 Description of problem: When creating a bridge, and putting an Ethernet slave and a Wlan slave (which has been configured as an AP), authentication will always fail when connecting to that AP. Version-Release number of selected component (if applicable): 1.27.3 How reproducible: nmcli conn add con-name "Bridge 0" \ type bridge ifname br0 \ connection.autoconnect true \ ipv4.method "manual" \ ipv4.address "$LOCALIP/$LOCALPREFIX" \ +ipv4.routes "224.0.0.0/4" nmcli conn delete "Bridge slave 0" nmcli conn add con-name "Bridge slave 0" \ master "Bridge 0" \ type ethernet ifname eth1 nmcli conn delete "Bridge slave 1" nmcli conn add con-name "Bridge slave 1" \ master "Bridge 0" \ type wifi ifname wlan0 \ mode ap ssid "$ssid" \ 802-11-wireless.band "bg" \ 802-11-wireless-security.key-mgmt "wpa-psk" \ 802-11-wireless-security.psk "$passphrase" nmcli conn up "Bridge 0" and now try to authenticate to that AP. Steps to Reproduce: 1. Create bridge. 2. Add Ethernet and WLAN slaves (WLAN must be configured as AP). 3. Bring up bridge and try to connect to it. Actual results: Authentication fails. Expected results: Authentication should succeed. Additional info: Upstream commit is ae31b4b.