ConnMan
ConnMan (short for Connection Manager) is a network management service created by Intel, built with embedded use cases in mind. It is shipped by default on some desktop and mobile distributions however, such as Sailfish OS.
Installation
USE flags
USE flags for net-misc/connman Provides a daemon for managing internet connections
+ethernet
|
Enable ethernet support. |
+nftables
|
Use net-firewall/nftables as firewall. |
+wifi
|
Enable wireless network functions |
bluetooth
|
Enable Bluetooth Support |
debug
|
Enable extra debug codepaths, like asserts and extra output. If you want to get meaningful backtraces see https://wiki.gentoo.org/wiki/Project:Quality_Assurance/Backtraces |
doc
|
Add extra documentation (API, Javadoc, etc). It is recommended to enable per package instead of globally |
examples
|
Install examples, usually source code |
iptables
|
Use net-firewall/iptables as firewall. |
iwd
|
Enable wifi support via net-wireless/iwd |
l2tp
|
Use net-dialup/xl2tpd for L2TP VPN support. |
networkmanager
|
Enable net-misc/networkmanager support |
ofono
|
Use net-misc/ofono for telephony support. |
openconnect
|
Use net-vpn/openconnect for VPN support. |
openvpn
|
Use net-vpn/openvpn for openvpn support. |
policykit
|
Enable PolicyKit (polkit) authentication support |
pptp
|
Use net-dialup/pptpclient for PPTP VPN support. |
tools
|
Enable testing tools. |
vpnc
|
Use net-vpn/vpnc for cisco VPN support. |
wireguard
|
Enable WireGuard VPN support. |
wispr
|
Enable support for WISPr hotspot logins. |
Make sure to enable the proper USE flags for planned use. For mobile data support, make sure to enable the ofono USE flag.
Emerge
root #emerge --ask net-misc/connmanConfiguration
Services
Having multiple network management utilities running at the same time (NetworkManager, dhcpcd, etc) is not a good idea. However, ConnMan can be configured to not touch WiFi/Ethernet so it can play nice with these other programs, see the bottom of this article.
OpenRC
To enable ConnMan at boot:
root #rc-update add connman defaultTo start ConnMan now:
root #rc-service connman startsystemd
To enable ConnMan at boot and start it now:
root #systemctl enable --now connmanUsage
connmanctl is an interactive CLI application that comes installed with ConnMan. Make sure connmand has been started, either manually or through the init system, or ConnMan will be unable to function.
connmanctl can be launched with no arguments to enter interactive mode, or a command can be specified after it (useful for scripting!)
Connecting to a network
Listing available technologies
user $connmanctl technologies
Should list the available networking technologies for ConnMan, such as /net/connman/technology/wifi (WiFi support). If desired technology isn't listed, make sure it was set in ConnMan's USE flags, and that support for the network interface is built into the device's kernel.
Powering on the selected technology interface
user $connmanctl enable wifi
Replace wifi with a network interface technology as desired.
Scanning wireless networks
user $connmanctl scan wifi
"Scan completed for wifi" should return when scanning is done.
Showing available services
user $connmanctl services
This outputs all available services, no matter if WiFi, Ethernet, or other. If the device is connected to the network, *AO is in the leftmost column, followed by the SSID in the next, and then followed by a unique identifier. This unique identifier is needed to connect to the network.
Enabling connecting to an encrypted network
user $connmanctl agent on
Configuring a VPN
Make sure connman was emerged with the necessary USE flag ("openvpn" for example).
In the case of openVPN, a working openvpn configuration can easily be used by editing /var/lib/connman-vpn/myvpnname.config and adding
/var/lib/connman-vpn/myvpnname.config[provider_openvpn]
Type = OpenVPN
Name = myVPNname
Host = openvpn.mydomain.com
Domain = openvpn.mydomain.com
OpenVPN.ConfigFile = /etc/openvpn/myvpnname.conf
Some connman GUI (see below) or Enlightenment's built in connman client can be used to connect to the VPN ("connmanctl connect" does NOT seem to work). It will show up as the string provided by "Name" in the above config file.
The connection is established as it should, but connman always sets the default route over the first service.
To not route the whole traffic over the VPN connection (or the openVPN server is only configured to route private networks), the order of the connections has to be changed (this does not seem to be documented anywhere!):
user $connmanctlUse "move-after" or "move-before" to push the VPN down after local uplink.
Connect to a network
Tab completions are functional in interactive mode!
user $connmanctl connect your_unique_identifier
Fill in the unique identifier from what is after network name from services. If connecting to a wired or unsecured network, no further action is needed. If connecting to a network with a passphrase, enter it when prompted. Note: Double check password! ConnMan can often be annoying and not re-prompt for incorrect passwords.
Testing a connection
To reveal the connection to the Local Area Network (LAN):
user $connmanctl state
And of course to test connection to the internet:
user $ping gentoo.org
Graphical front-ends
CMST
CMST is a Qt graphical front-end for ConnMan, and comes with a system tray icon. See net-misc/cmst.
connman-gtk
This is the GTK counterpart. The project (in portage) does not seem to be active anymore, but there is https://github.com/debiangamer/connman-gtk which has a few improvements.
EConnMan
EConnMan is the ConnMan UI that's part of the Enlightenment desktop environment. See net-misc/econnman.
This is deprecated and seems abandoned.
The package is not necessary for using connman, connecting to a network or entering a wifi passphrase. This all works out of the box. Connecting to a VPN is also supported, but advanced configuration options are not available through the UI. Use connmanctl or config files (as stated above for VPN connections) to configure these connections.
Troubleshooting
ConnMan is throwing some cryptic error I can't find a reference to online!
It's most likely lack of kernel support for the device's WiFi card. Make sure if built as a module it's loaded and that dmesg isn't complaining about a load error.
It is possible to try using Gentoo's distribution kernel to see if that gets the network card going. If so, run lsmod with and without the distribution kernel and diff the results to view the kernel drivers that were in use with the distribution kernel that weren't with whichever was running originally.
How to use ConnMan along with NetworkManager/dhcpcd?
/etc/connman/main.confNetworkInterfaceBlacklist = usb,wlan
Obviously, change the interface names to those that are desired to be to blacklistd with ConnMan. This allows another service to manage those connections, while utilizing ConnMan for other network interfaces (ie, ofono, bluetooth). If connected via SSH, this should be done first to prevent ConnMan closing the SSH tunnel.
Error: no carrier
This can mean that there isn't proper firmware support for the technology. However, this error can also be caused by improper permissions. Try adding the user to the wheel and network groups, or run connmanctl as root.
See also
- Dhcpcd — a popular DHCP client capable of handling both IPv4 and IPv6 configuration.
- Netifrc — Gentoo's default framework for configuring and managing network interfaces on systems running OpenRC.
- NetworkManager — a network management software for Ethernet, WiFi, DSL, dialup, VPN, WiMAX, and mobile broadband network connections