GNOME Bugzilla – Bug 744702
[RFE] add nmcli connection import/export/dump in keyfile format
Last modified: 2020-11-12 14:33:58 UTC
I opened bug 744699 to support keyfile plugin in libnm. With this, keyfile could be a way to import/export connections to string. nmcli should offer a import (export) commands that read (write) the connection from (to) stdin (stdout). export: $ nmcli connection export ID would print the connection in keyfile format (omitting secrets) $ nmcli connection export --show-secrets ID same as before, but it would include the secrets -- but not changing the password flags $ nmcli connection add --dry-run ... would create a connection (just as usual), but instead of adding it to NetworkManager, it would just print it in keyfile format to stdout. $ nmcli connection modify --dry-run ... would read the connection and modify it (inside the client). But instead of saving it to NM, it would just print it in keyfile format import: $ cat my-conn.keyfile | nmcli connection import reads the keyfile from stdin, and adds/updates an existing connection. Prints the UUID and connection-path of the new connection. some options that could make sense (the naming is not the point :) ): the handling of UUID is special. Suppose you want to export a connection and reimport it. Depending on what the user wants (update/add) we have to regenerate a different UUID. --uuid-unset (remove the UUID. In this case, NM core support omitting the UUID and it would create one for the new connection). This is the default. --uuid-preserve (accept the UUID as provided from stdin) --uuid-random (create a new random UUID) --uuid-set=UUID (explicitly overwrite the UUID) --uuid-set-path=CONNECTION-PATH (set the UUID to the same as an existing connection by path -- for update) --uuid-set-id=CONNECTION-ID (same, but lookup connection by id). --no-secrets (ignore all secret settings) $ cat my-conn.keyfile | nmcli connection import MODIFY-OPTIONS first read the connection (just like before), and apply further modifications to it (in `nmcli connection modify` syntax) $ cat my-conn.keyfile | nmcli connection import --dry-run MODIFY-OPTIONS same as before, but instead of adding the connection, just print it again as keyfile. import also gives an way to verify a keyfile. This could be combined with bug 744700 which asks for a way to verify connection settings.
Keyfile implementation is now in libnm-core (bug 744699) It is still internal API, but easy to publish. Needed is also a way to hide paswords in nm_keyfile_write(). That can be done by extending the write handler callback.
bugzilla.gnome.org is being shut down in favor of a GitLab instance. We are closing all old bug reports and feature requests in GNOME Bugzilla which have not seen updates for a long time. If you still use NetworkManager and if you still see this bug / want this feature in a recent and supported version of NetworkManager, then please feel free to report it at https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/ Thank you for creating this report and we are sorry it could not be implemented (workforce and time is unfortunately limited).