Home News Notes Projects Themes About

Setting up NetworkManager on a minimal Linux install

I really like nmcli (from NetworkManager). It is a minimalist CLI tool for managing network connections. It is ideal for servers, terminals, and automation.

However, I encountered a few problems that deserve a little note.

The problems

Unmanaged interface

When installing Debian, the installer might ask you for a WiFi password. This will update the /etc/network/interfaces file: 

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
allow-hotplug wifi0
iface wifi0 inet dhcp
        wpa-ssid MySSID
        wpa-psk  a-secure-passphrase

However, as stated here, this can interfere with NetworkManager since this tool won't manage any interface defined in the aforementioned file when /etc/NetworkManager/NetworkManager.conf contains: 

[main]
plugins=ifupdown,keyfile

[ifupdown]
managed=false

…which in my experience is usually the case.

When running: 

nmcli device status

…you might see something like: 

DEVICE             TYPE      STATE                   CONNECTION
wifi0              wifi      unmanaged               --

In addition, you probably won't see any networks when running nmcli device wifi list.

MAC address randomization

NetworkManager also use MAC randomization by default, which has caused me some problems in the past.

The solution

  1. Delete everything related to the interface from /etc/network/interfaces. The file above would become: 

    # This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

  2. Set ifupdown.managed to true in /etc/NetworkManager/NetworkManager.conf: 

    [main]
plugins=ifupdown,keyfile

[ifupdown]
managed=true

  3. Create /etc/NetworkManager/conf.d/wifi_rand_mac.conf with the following content: 

    [device-mac-randomization]
wifi.scan-rand-mac-address=yes

[connection-mac-randomization]
ethernet.cloned-mac-address=permanent
wifi.cloned-mac-address=permanent

  4. Reboot 🙂 Maybe restarting NetworkManager is enough: 

    sudo service NetworkManager restart

Conclusion

This piece of system configuration will be added to my Ansible config one day.

As usual, just create a discussion on GitHub if you have any comment.