| 29 Jun 2025 |
 hexa | why do I get such a small closure size increase then? | 15:20:10 |
| hexa | did we have that in there before? | 15:20:20 |
 emily | you aren't eliminating openconnect from networkmanager the package | 15:20:24 |
| emily | just the plugin, which is a separate thing that also pulls it in | 15:20:30 |
| emily | get rid of the fix-paths.patch in NM and it should get a lot smaller | 15:20:38 |
| emily | we have to actually… fix that, of course | 15:20:46 |
| hexa | right, but why does the ISO only become 38 MB larger I don't understand | 15:21:03 |
| emily | I don't fully understand the results you're getting but it might just be compression | 15:21:08 |
| hexa | possibly | 15:21:15 |
| emily | but like, openconnect is pulling in GTK 3 | 15:21:23 |
| emily | if we had GTK 3 on the minimal ISO already that's uh… | 15:21:27 |
| hexa | bad | 15:21:45 |
| emily | (I guess we probably do now that I say that…) | 15:21:45 |
| emily | it pulls in GTK via… https://github.com/stoken-dev/stoken | 15:22:02 |
| hexa | diff --git a/src/libnmc-base/nm-vpn-helpers.c b/src/libnmc-base/nm-vpn-helpers.c
index cbe76f5f1c..0c9185e8ff 100644
--- a/src/libnmc-base/nm-vpn-helpers.c
+++ b/src/libnmc-base/nm-vpn-helpers.c
@@ -311,13 +311,8 @@ nm_vpn_openconnect_authenticate_helper(NMSettingVpn *s_vpn, GPtrArray *secrets,
port = extract_url_port(gw);
- path = nm_utils_file_search_in_paths("openconnect",
- "/usr/sbin/openconnect",
- DEFAULT_PATHS,
- G_FILE_TEST_IS_EXECUTABLE,
- NULL,
- NULL,
- error);
+ path = g_find_program_in_path("openconnect");
+
if (!path)
return FALSE;
| 15:39:41 |
| hexa | https://docs.gtk.org/glib/func.find_program_in_path.html | 15:39:56 |
| emily | probably works, but no idea if we reliably get openconnect into the path when the plugin is enabled | 15:45:05 |
| emily | or if the plugin even uses this helper | 15:45:11 |
| hexa | diff --git a/nixos/modules/services/networking/networkmanager.nix b/nixos/modules/services/networking/networkmanager.nix
index 803cc741ce15..66360915c724 100644
--- a/nixos/modules/services/networking/networkmanager.nix
+++ b/nixos/modules/services/networking/networkmanager.nix
@@ -15,6 +15,8 @@ let
enableIwd = cfg.wifi.backend == "iwd";
+ withPlugin = name: builtins.elem name (map (plugin: plugin.pname) cfg.plugins);
+
configAttrs = lib.recursiveUpdate {
main = {
plugins = "keyfile";
@@ -716,5 +718,9 @@ in
++ optional (cfg.dns == "dnsmasq") pkgs.dnsmasq;
services.udev.packages = packages;
+
+ systemd.services.NetworkManager.path = lib.optionals (withPlugin "NetworkManager-openconnect") [
+ openconnect
+ ];
};
}
| 15:47:52 |
| hexa | so yeah, still need to check if this makes it work | 15:48:11 |
| hexa | not super fond of the pname lookup, but 🤷 | 15:48:33 |
| hexa | it does allow some more cleanup though, because the module does some stuff unconditionally for plugins | 15:54:22 |
| hexa | like create /var/lib/misc for dnsmasq leases!? | 15:54:44 |
| hexa | though that is probably unrelated to plugins | 15:54:59 |
| hexa | https://github.com/nixos/nixpkgs/commit/f4de446573887d6241bbd64ad3e7a67c336a4aee | 15:56:10 |
| hexa | and sure enough they do use that path https://github.com/search?q=repo%3Aimp%2Fdnsmasq%20%2Fvar%2Flib%2Fmisc&type=code | 15:57:01 |
| emily | does it really use dnsmasq out of the box? | 15:58:08 |
| hexa | without openconnect i'm down to +9 MB | 15:58:30 |
| hexa | we probably won't get nm for free, but it will be super cheap for a lot of UX gain
| 15:58:36 |
| hexa | probably when you set up an AP | 15:58:41 |
