NetworkManager 1.2 was released yesterday, and it’s already built for Fedora (24 and rawhide), a release candidate is in Ubuntu 16.04, and it should appear in other distros soon too. Lubo wrote a great post on many of the new features, but there’s too many to highlight in one post for our ADD social media 140-character tap-tap generation to handle. Ready for more?
Wayland is coming, and it doesn’t support the XEmbed status icons like nm-applet creates. Desktop environments also want more control over how these status menus appear. While KDE and GNOME both provide their own network status menus Ubuntu, XFCE, and LXDE use nm-applet. How do they deal with lack of XEmbed and status icons?
Ubuntu has long patched nm-applet to add App Indicator support, which exposes the applet’s menu structure as D-Bus objects to allow the desktop environment to draw the menu just like it wants. We enhanced the GTK3 support in libdbusmenu-gtk to handle nm-applet’s icons and then added an indicator mode to nm-applet based off Ubuntu’s work. We’ve made packager’s lives easier by building both modes into the applet simultaneously and allowing them to be switched at runtime.
Want to add a second IP address or change your DNS servers right away? With NetworkManager 1.2 you can now change the IP configuration of a device through the D-Bus interface or nmcli without triggering a reconnect. This lets the network UIs like KDE or GNOME control-center apply changes you make to network configuration immediately without interrupting your network connection. That might take a cycle or two to show up in your favorite desktop environment, but the basis is there.
802.1x/WPA Enterprise authentication
An oft-requested feature was the ability to use certificate domain suffix checking to validate an authentication server. While NetworkManager has supported certificate subject checking for years, this has limitations and isn’t as secure as domain suffix checking. Both these options help prevent man-in-the-middle attacks where a rogue access point could masquerade as as your normal secure network. 802.1x authentication is still too complicated, and we hope to greatly simplify it in upcoming releases.
While NM has always been architected to allow bridges-on-bonds-on-VLANs, there were some internal issues that prevented these more complicated configurations from working. We’ve fixed those bugs, so now layer-cake network setups work in a flash! Hopefully somebody will come up with a fancy drag-n-drop UI based off Minecraft or CandyCrush with arbitrary interface trees. Maybe it’ll even have trophies when you finally get a Level 48 active-backup bond.
Old Stable Series
Now that 1.2 is out, the 1.0 series is in maintenance mode. We’ll fix bugs and any security issues that come up, but typically don’t add new features. Backporting from 1.2 to 1.0 will be even more difficult due to the removal of dbus-glib, a major feature in 1.2 release. If you’re on 1.0, 0.9.10, or (gasp!) 0.9.8 I’d urge you to upgrade, and I think you’ll like what you see!