Cannot run nmcli within an RPM

adambkaplan · May 1, 2020, 2:06pm

Some corporations distribute VPN profiles via RPMs, which run nmcli c r after the VPM profiles have been added.

Installing this kind of RPM via rpm-ostree leads to the following error (captured in journalctl):

May 01 08:46:28 localhost.localdomain rpm-ostree(corp-NetworkManager-openvpn-profiles.post)[2178]: Error: Could not create NMClient object: Could not connect: No such file or directory.

Extracting the content from the RPM and installing manually works fine as long as the VPN profiles have the right user ownership (i.e. after copying run chown root:root).

walters · May 1, 2020, 4:08pm

Right, I think their specfile should do:

if ! [ -f /run/ostree-booted ]; then
  nm cli c reload
fi

or so.

But the why it fails is interesting and important - it’s because installing an RPM cannot affect your booted system - it runs through the same infrastructure for applying updates, which also should not affect your booted system. A bit more info here: https://github.com/coreos/rpm-ostree/issues/639

adambkaplan · May 1, 2020, 4:57pm

But the why it fails is interesting and important - it’s because installing an RPM cannot affect your booted system

Fascinating. So presumably if nm cli c reload is not called then the new NetworkManager configuration is loaded after the next reboot.

Topic		Replies	Views
Nm-openvpn - cannot pre-load keyfile Ask Fedora f35 , silverblue	6	5475	July 4, 2022
Command Line setting VPN with NetWorkManager using nmcli when Server Certificate is untrusted Ask Fedora server , workstation	1	535	March 24, 2024
NetworkManager: "Insufficient privileges" from remote login Ask Fedora networking	1	10565	June 11, 2020
Unable to connect to OpenVPN using nmcli Ask Fedora f35 , networking , silverblue	3	4338	November 26, 2021
Rpm-ostree layering not working when running from a systemd unit file Ask Fedora coreos	9	1941	August 10, 2022

Cannot run nmcli within an RPM

Related topics