diff --git a/clients/cloud-setup/nm-cloud-setup.service.in b/clients/cloud-setup/nm-cloud-setup.service.in
index 78441c7..809f707 100644
--- a/clients/cloud-setup/nm-cloud-setup.service.in
+++ b/clients/cloud-setup/nm-cloud-setup.service.in
@@ -27,15 +27,15 @@ PrivateDevices=yes
PrivateTmp=yes
ProtectControlGroups=yes
ProtectHome=yes
-#ProtectHostname=yes
-#ProtectKernelLogs=yes
+ProtectHostname=yes
+ProtectKernelLogs=yes
ProtectKernelModules=yes
ProtectKernelTunables=yes
ProtectSystem=strict
RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6
RestrictNamespaces=yes
RestrictRealtime=yes
-#RestrictSUIDSGID=yes
+RestrictSUIDSGID=yes
SystemCallFilter=@system-service
[Install]
diff --git a/data/NetworkManager.service.in b/data/NetworkManager.service.in
index 9cf1c3d..91ebd9a 100644
--- a/data/NetworkManager.service.in
+++ b/data/NetworkManager.service.in
@@ -19,10 +19,6 @@ CapabilityBoundingSet=CAP_NET_ADMIN CAP_DAC_OVERRIDE CAP_NET_RAW CAP_NET_BIND_SE
ProtectSystem=true
ProtectHome=read-only
-# We require file descriptors for DHCP etc. When activating many interfaces,
-# the default limit of 1024 is easily reached.
-LimitNOFILE=65536
-
[Install]
WantedBy=multi-user.target
Also=NetworkManager-dispatcher.service
diff --git a/docs/api/html/NetworkManager.conf.html b/docs/api/html/NetworkManager.conf.html
index a2e4481..05250d1 100644
--- a/docs/api/html/NetworkManager.conf.html
+++ b/docs/api/html/NetworkManager.conf.html
@@ -600,7 +600,7 @@ unmanaged-devices=mac:00:22:68:1c:59:b1;mac:00:1E:65:30:D1:C4;interface-name:eth
are "syslog
" and "journal
".
When NetworkManager is started with "--debug
"
in addition all messages will be printed to stderr.
- If unspecified, the default is "journal
".
+ If unspecified, the default is "syslog
".
diff --git a/libnm-core/nm-core-internal.h b/libnm-core/nm-core-internal.h
index e386d5e..d9374fe 100644
--- a/libnm-core/nm-core-internal.h
+++ b/libnm-core/nm-core-internal.h
@@ -586,8 +586,6 @@ NMBondOptionType _nm_setting_bond_get_option_type(NMSettingBond *setting, const
const char *nm_setting_bond_get_option_or_default(NMSettingBond *self, const char *option);
-#define NM_BOND_AD_ACTOR_SYSTEM_DEFAULT "00:00:00:00:00:00"
-
/*****************************************************************************/
/* nm_connection_get_uuid() asserts against NULL, which is the right thing to
diff --git a/libnm-core/nm-setting-bond.c b/libnm-core/nm-setting-bond.c
index 68d4ca8..2d64ef0 100644
--- a/libnm-core/nm-setting-bond.c
+++ b/libnm-core/nm-setting-bond.c
@@ -337,7 +337,7 @@ _bond_get_option_normalized(NMSettingBond *self, const char *option, gboolean ge
if (nm_streq(option, NM_SETTING_BOND_OPTION_AD_ACTOR_SYSTEM)) {
/* The default value depends on the current mode */
if (mode == NM_BOND_MODE_8023AD)
- return NM_BOND_AD_ACTOR_SYSTEM_DEFAULT;
+ return "00:00:00:00:00:00";
return "";
}
diff --git a/man/NetworkManager.conf.5 b/man/NetworkManager.conf.5
index 5d37a38..1817cca 100644
--- a/man/NetworkManager.conf.5
+++ b/man/NetworkManager.conf.5
@@ -626,7 +626,7 @@ INFO\&.
.PP
\fIbackend\fR
.RS 4
-The logging backend\&. Supported values are "syslog" and "journal"\&. When NetworkManager is started with "\-\-debug" in addition all messages will be printed to stderr\&. If unspecified, the default is "journal"\&.
+The logging backend\&. Supported values are "syslog" and "journal"\&. When NetworkManager is started with "\-\-debug" in addition all messages will be printed to stderr\&. If unspecified, the default is "syslog"\&.
.RE
.PP
\fIaudit\fR
diff --git a/src/core/devices/nm-device-bond.c b/src/core/devices/nm-device-bond.c
index 5814aef..f68c080 100644
--- a/src/core/devices/nm-device-bond.c
+++ b/src/core/devices/nm-device-bond.c
@@ -109,24 +109,6 @@ _set_bond_attr(NMDevice *device, const char *attr, const char *value)
int ifindex = nm_device_get_ifindex(device);
gboolean ret;
- nm_assert(attr && attr[0]);
- nm_assert(value);
-
- if (nm_streq(value, NM_BOND_AD_ACTOR_SYSTEM_DEFAULT)
- && nm_streq(attr, NM_SETTING_BOND_OPTION_AD_ACTOR_SYSTEM)) {
- gs_free char *cur_val = NULL;
-
- /* kernel does not allow setting ad_actor_system to "00:00:00:00:00:00". We would thus
- * log an EINVAL error. Avoid that... at least, if the value is already "00:00:00:00:00:00". */
- cur_val =
- nm_platform_sysctl_master_get_option(nm_device_get_platform(device), ifindex, attr);
- if (nm_streq0(cur_val, NM_BOND_AD_ACTOR_SYSTEM_DEFAULT))
- return TRUE;
-
- /* OK, the current value is different, and we will proceed setting "00:00:00:00:00:00".
- * That will fail, and we will log a warning. There is nothing else to do. */
- }
-
ret =
nm_platform_sysctl_master_set_option(nm_device_get_platform(device), ifindex, attr, value);
if (!ret)
diff --git a/src/core/initrd/nmi-cmdline-reader.c b/src/core/initrd/nmi-cmdline-reader.c
index 5f40f63..508ef2b 100644
--- a/src/core/initrd/nmi-cmdline-reader.c
+++ b/src/core/initrd/nmi-cmdline-reader.c
@@ -764,9 +764,6 @@ reader_parse_master(Reader *reader, char *argument, const char *type_name, const
mtu = get_word(&argument, ':');
}
- if (mtu)
- connection_set(connection, NM_SETTING_WIRED_SETTING_NAME, NM_SETTING_WIRED_MTU, mtu);
-
do {
slave = get_word(&slaves, ',');
if (slave == NULL)
@@ -780,6 +777,8 @@ reader_parse_master(Reader *reader, char *argument, const char *type_name, const
NM_SETTING_CONNECTION_MASTER,
master,
NULL);
+ if (mtu)
+ connection_set(connection, NM_SETTING_WIRED_SETTING_NAME, NM_SETTING_WIRED_MTU, mtu);
} while (slaves && *slaves != '\0');
if (argument && *argument)
diff --git a/src/core/initrd/tests/test-cmdline-reader.c b/src/core/initrd/tests/test-cmdline-reader.c
index 4b450aa..33fb22d 100644
--- a/src/core/initrd/tests/test-cmdline-reader.c
+++ b/src/core/initrd/tests/test-cmdline-reader.c
@@ -825,14 +825,13 @@ test_bond(void)
{
gs_unref_hashtable GHashTable *connections = NULL;
const char *const * ARGV = NM_MAKE_STRV("rd.route=192.0.2.53::bong0",
- "bond=bong0:eth0,eth1:mode=balance-rr:9000",
+ "bond=bong0:eth0,eth1:mode=balance-rr",
"nameserver=203.0.113.53");
NMConnection * connection;
NMSettingConnection * s_con;
NMSettingIPConfig * s_ip4;
NMSettingIPConfig * s_ip6;
NMSettingBond * s_bond;
- NMSettingWired * s_wired;
NMIPRoute * ip_route;
const char * master_uuid;
@@ -848,10 +847,6 @@ test_bond(void)
master_uuid = nm_connection_get_uuid(connection);
g_assert(master_uuid);
- s_wired = nm_connection_get_setting_wired(connection);
- g_assert(s_wired);
- g_assert_cmpint(nm_setting_wired_get_mtu(s_wired), ==, 9000);
-
s_ip4 = nm_connection_get_setting_ip4_config(connection);
g_assert(s_ip4);
g_assert_cmpstr(nm_setting_ip_config_get_method(s_ip4), ==, NM_SETTING_IP4_CONFIG_METHOD_AUTO);