UbuntuHelp:NetworkManager
来自Ubuntu中文
 |
点击翻译: |
English |
请不要直接编辑翻译本页,本页将定期与来源同步。 |
<<Include(Tag/Unsupported)>> See also: NetworkAdmin ATTENTION: If you are using Intrepid or later, read the documentation for network-manager here.
目录
- 1 Network Manager
- 1.1 Installation
- 1.2 Configuration
- 1.3 VPN support
- 1.4 Notes
- 1.5 Issues
- 1.6 Alternative Version (no BIND dependency)
- 1.7 WPASupplicant Problems in Ubuntu 6.06
- 1.8 Disabling NetworkManager
- 1.9 Editing Network Settings in Nm-editor
- 1.10 Editing Network Settings in GConf
- 1.11 Troubleshooting
- 1.12 Enhancement Requests
- 1.13 See also
Network Manager
Network Manager aims for Network Connectivity which "Just Works". The computer should use the wired network connection when it's plugged in, but automatically switch to a wireless connection when the user unplugs it and walks away from the desk. Likewise, when the user plugs the computer back in, the computer should switch back to the wired connection. The user should, most times, not even notice that their connection has has been managed for them; they should simply see uninterrupted network connectivity. More information about Network Manager is available in Gnome website and wiki . Network Manager is beta software. You can find packages in dapper/universe, edgy/universe, feisty/main, gutsy/main, hardy/main.
Installation
Ubuntu 6.06 LTS (Dapper), Ubuntu 6.10 (Edgy), Ubuntu 7.04 (Feisty), Ubuntu 7.10 (Gutsy)
- Applications, Add/Remove Programs
- Find Network Manager in the Internet section
- Check the adjacent box to select Network Manager for installation
- Click OK
- Log out and back in again
- If you don't see the Network Manager icon you may need to add the Notification Area to your panel
Configuration
Basic config for roaming mode
One of the main purposes of Network Manager is to make it easy to move around ("roam") from network to network. But if you're using NM this way, then you need to know that all you can do in System -> Administration -> Networking is set your (typically, wireless) device to "Roaming mode". So where do you enter passwords? To configure a wireless connection while roaming, you must have a Network Manager applet in your panel. All config happens by clicking on the NM icon and entering parameters there. See Troubleshooting, below, for the very common problem of a missing panel applet.
Configuring Devices for Ubuntu 6.06 LTS (Dapper), Ubuntu 6.10 (Edgy), Ubuntu 7.04 (Feisty)
Any already configured devices that you want to be available in Network Manager will need to de-configured, as otherwise they will be ignored. The easiest way to do this is by going to System -> Administration -> Networking and then going to "Properties" of each connection. In Properties, just untick the "Enable this connection" checkbox. Logout then log back in again. These connections should now be available in Network Manager. OR, the harder way, is to backup and then edit the `/etc/network/interfaces` file to remove the configuration of these devices (except for lo which is needed for the loopback interface). You will have to save the file and reboot for the changes to take effect (or don't reboot and run `/etc/init.d/networking restart` instead). For example, if you wanted Network Manager to be able to control all of your devices, your `/etc/network/interfaces` file would look somewhat like the following:
auto lo iface lo inet loopback
<<Anchor(Suspend)>>
Suspend support for Ubuntu 6.06 LTS (Dapper), Ubuntu 6.10 (Edgy), Ubuntu 7.04 (Feisty)
At this point your connection won't survive suspend or hibernate. You have to create two files for that:
- /etc/acpi/suspend.d/07-network-manager.sh
#!/bin/sh /etc/dbus-1/event.d/25NetworkManager stop
- /etc/acpi/resume.d/63-network-manager.sh
#!/bin/sh /etc/dbus-1/event.d/25NetworkManager start
(Don't forget to make both scripts executable.) <<Anchor(Keyring)>>
Automatic Keyring
To bypass having to enter the keyring password at every login when your keyring password is the same as your login password, follow the following instructions:
naaman@freddo:~$ sudo apt-get install libpam-keyring naaman@freddo:~$ echo "@include common-pamkeyring" | sudo tee -a /etc/pam.d/gdm
(minority report: the above advice broken my gdm login with infinite authentication error dialogs - in both gutsy and hardy) To change keyring password, install libpam-keyring as above then run:
naaman@freddo:~$ /usr/lib/libpam-keyring/pam-keyring-tool -c
VPN support
Network Manager VPN support is based on a plug-in system. You can download some plugins (cisco vpn, openvpn, pptp) from here. They are built for Debian but they work very well on my Ubuntu 6.06, no warning, no errors... just be sure to restart your Network Manager daemon. Edgy has the network-manager-pptp package which provides the Network Manager pptp plugin.
VPN support for Kubuntu Feisty 7.04
If you need VPN support via network manager in Kubuntu Feisty you have to install the following packages:
network-manager-gnome network-manager-openvpn network-manager-pptp network-manager-vpnc
You can install the packages via 'Adept Manager' or on the command line with:
sudo aptitude install network-manager-gnome network-manager-openvpn network-manager-pptp network-manager-vpnc
or
sudo apt-get install network-manager-gnome network-manager-openvpn network-manager-pptp network-manager-vpnc
if you prefer apt-get over aptitude.
Notes
Gnome
Go to System -> Preferences -> Sessions In the Startup Programs tab, click Add type "nm-applet", click OK. log out of your gnome session, and log back in again.
Other Window Managers/Desktop Environments
add nm-applet to your startup Note: nm-applet is now part of the network-manager-gnome package which is recommended when you install the network-manager package but may not have been installed.
Not showing wireless network using Ndiswrapper.
You must add Ndiswrapper to /etc/modules so it loads correctly
gksudo gedit /etc/modules
Add on a new line: "ndiswrapper" Save and reboot.
Compiling from svn
If you know what you are doing and want to compile from CVS you can get build dependencies, checkout CVS and compile it by running:
sudo apt-get build-dep network-manager sudo apt-get install ppp-dev svn co svn://svn.gnome.org/svn/NetworkManager/trunk NetworkManager cd NetworkManager ./autogen.sh --prefix=/usr --sysconfdir=/etc --localstatedir=/var ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var make sudo make install
Issues
If nm-applet gives this error message
WARNING **: <WARNING> (): nmwa_dbus_init() could not acquire its service. dbus_bus_acquire_service() says: 'Connection ":1.26" is not allowed to own the service "org.freedesktop.NetworkManagerInfo" due to security policies in the configuration file'
try launching nm-applet with
nm-applet --sm-disable
If it still dosen't work you'd have to edit the dbus-1 configuration files for both Network``Manager and nm-applet (this might be a security compromise, if there's another way to get nm-applet to work, please add it here). Change the default policy context in both /etc/dbus-1/system.d/NetworkManager.conf and /etc/dbus-1/system.d/nm-applet.conf so it says 'allow' instead of 'deny'.
<policy context="default">
<allow own="org.freedesktop.NetworkManager"/>
<allow send_destination="org.freedesktop.NetworkManager"/>
<allow send_interface="org.freedesktop.NetworkManager"/>
</policy>
Then restart dbus
sudo /etc/init.d/dbus restart
and launch the applet
nm-applet
Another way to work around this security issue is to add yourself to the netdev group. The default security policy permits access for that group. Note: if you upgraded from Breezy to Dapper and you had modified files in /etc/pam.d/ it is possible that they were not altered properly to include a reference to the pam_foreground module. /etc/pam.d/common-session should look like this:
session required pam_foreground.so session required pam_unix.so
This will also affect Gnome Power Manager and Gnome Volume Manager. See this bug for more info. <<Anchor(dapper)>>
Ubuntu 6.06 (Dapper)
If it is not managing your network connections after upgrading to Dapper, you'll need to comment out the references to all interfaces (except lo) in /etc/network/interfaces to let Network Manager handle them.
sudo cp /etc/network/interfaces /etc/network/interfaces.bak sudo nano /etc/network/interfaces
It should look similar to this when you are done:
# This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback # This is a list of hotpluggable network interfaces. # They will be activated automatically by the hotplug subsystem. # auto eth1 # iface eth1 inet dhcp
Then reboot and you should be good to go!
Alternative Version (no BIND dependency)
There is an alternative version of Network Manager (for Breezy) that has no BIND dependency. Some people have DNS troubles with the version in the repos, and removing the BIND dependency eliminates a possible security hole (not that BIND is insecure, but eliminating it only improves security). Look at this page for more information and to download necessary packages. Additional information is available here.
WPASupplicant Problems in Ubuntu 6.06
Network Manager 0.6 started to use WPAsupplicant for all encrypted connection. This can be a problem as a number of drivers do not support all needed interfaces for WPAsupplicant yet. If you do not need WPA, then you can downgrade to NM 0.5. You need to download the following packages.
x86
https://launchpad.net/ubuntu/dapper/i386/network-manager/0.5.1-0ubuntu19 https://launchpad.net/ubuntu/dapper/i386/nm-applet/0.5.1-0ubuntu19 book report help
amd64
https://launchpad.net/ubuntu/dapper/amd64/network-manager/0.5.1-0ubuntu19 https://launchpad.net/ubuntu/dapper/amd64/nm-applet/0.5.1-0ubuntu19 buy reports
powerpc
https://launchpad.net/ubuntu/dapper/powerpc/network-manager/0.5.1-0ubuntu19
https://launchpad.net/ubuntu/dapper/powerpc/nm-applet/0.5.1-0ubuntu19
these can be installed by double clicking, or using
dpkg -i packagename.deb
Disabling NetworkManager
According to this bug here's how to disable Network Manager without uninstalling it: Stop network manager
sudo /etc/dbus-1/event.d/26NetworkManagerDispatcher stop sudo /etc/dbus-1/event.d/25NetworkManager stop
Create two files with only the word 'exit' in them. These files are:
/etc/default/NetworkManager /etc/default/NetworkManagerDispatcher
Editing Network Settings in Nm-editor
Nm-editor is new configuration applet that provides easy access to advanced network settings and allows greater configuration options through a simple interface. To access nm-editor, right-click on the network icon in the notification area and select Edit Wireless Networks...
Changing a network's encryption key
Nm-editor enables you to easily update a network's encryption key by displaying the current key for each network and giving you the option of displaying it in clear text while you edit.
Ensuring connection to particular access points
You can edit the list of BSSIDs directly in nm-editor. This means you can add or delete specific access points depending on your preference. /!\ Releases earlier than 8.04 do not have nm-editor, instead you must change the settings in GConf (see below).
Editing Network Settings in GConf
Once you have connected to a network, even unintentionally, its configuration details will have been stored in the GConf registry. This means that Network Manager will automatically reconnect to any network it finds nearby that is stored in GConf. The order of preference is based on the time you last connected. To access these details open gconf-editor.
gconf-editor
Now navigate to system -> networking -> wireless -> networks. There you will find separate directories for each network under its network name (essid).
Preventing automatic connection to particular networks
In gconf-editor select the essid of the network you wish to edit. For each of the keys, right-click the key and select Unset Key... Once done quit gconf-editor. If you reopen gconf-editor, you will now see that the network has been removed. This will only prevent automatic connection to a network, you can manually re-connect at any time.
Ensuring connection to particular access points
In gconf-editor select the essid of the network you wish to edit. Right-click on the bssids key and choose Edit Key... Remove the bssid values of the access points that you do not wish to connect to, leaving the ones that you do wish to connect to. Click OK and then quit Gconf-editor. For further information see the Network Manager FAQ
Troubleshooting
Ndiswrapper Issues
An interesting thing happens if you combine Network Manager with Wifidocs/Driver/Ndiswrapper. Since the command "ndiswrapper -m" only creates an alias, eg. "alias wlan0 ndiswrapper", the module will only be loaded when the interface wlan0 is used. But since Network Manager requires an empty interfaces list, ndiswrapper never gets loaded. A possible fix is to add a line "ndiswrapper" to /etc/modules.
Error dialogs
If error dialogs appear stating that "The Network``Manager applet could not find some required resources. It cannot continue.", it may be a problem with NetworkManager's icon resources. Open up a terminal and issue the command:
sudo gtk-update-icon-cache -f /usr/share/icons/hicolor/
Hidden SSIDs
I have problems connecting to a hidden access point. Switching the SSID broadcast on solves the problem, but it's a security issue. Try going to "connect to another network" or something like that in the applet menu, then enter the SSID. It won't work, at least not for me. Please have a look at this bug. This bug is open for quite a long time, and it seems it is caused by a mismatch between Wireless Tools and Wireless Extensions of the kernel. I get the following:
$ iwconfig --version
iwconfig Wireless-Tools version 29
Compatible with Wireless Extension v11 to v21.
Kernel Currently compiled with Wireless Extension v22.
ath0 Recommended Wireless Extension v13 or later,
Currently compiled with Wireless Extension v22
Note: Cloaking the SSID serves little purpose because it is easily discoverable: Anyone who wants to access your network illicitly will be able to discover your SSID using commonly available tools, with minimum effort. While an SSID is not quite analogous to an IP address, the analogy is good: The SSID appears outside the security envelope in communications between the client and the access point. If you are concerned with security, use WPA, preferably WPA2 (RSN), with a strong cipher (AES). I would argue that SSID cloaking capabilities are a hold-over hack from the "bad old days" of WEP, when there was no effective wireless security and people were scrambling to at least achieve the "appearance" of security (while doing very little to become secure).
VPN Issues
I could not connect to a Windows VPN (PPTP) unless I manually set the MTU and MRU to 1500. No error message other than "Could not connect" was reported. So try this easy change if you can't connect.
Missing panel applet
If you're missing the Network Manager panel applet, then (in Gnome) make sure that your panel contains the Notification Area applet. (Right-click on the panel to access the "Add to panel" command.) The NM applet can't be added directly to the panel, but is automatically part of the Notification Area. If you already have a Notification Area, but still no applet, then make sure the applet is installed. Just bc you have Network Manager does not mean you have the panel applet. Installing network-manager-gnome and restarting your system should make the panel applet appear in the Notification Area. (Instructions are needed for non-Gnome desktops.)
Enhancement Requests
- It would be nice to be able to set a manual an IP address for a given ESSID, but still auto-detect other networks and use DHCP with them.
- NM should detect when a user chooses a VPN connection for a network and automatically try to connect to the VPN the next time.
- Add the connected notification process to ppp connections. Currently, version 0.6.6 in 8.04, does not do this. I can successfully connect via ppp but the NM icon does not change to the connected state nor do Evolution or Firefox place themselves in the on-line mode when they are started. After I switch each app to on-line mode manually, all is well.
