Difference between revisions of "Connman"

From ArchWiki
Jump to: navigation, search
(Using the command line client: Remove out of date command.)
m (Technologies: add doc crosslink for rfkill info, rm "all" because it listens to rfkill switch)
 
(108 intermediate revisions by 41 users not shown)
Line 1: Line 1:
 +
[[Category:Network configuration]]
 
[[fr:Connman]]
 
[[fr:Connman]]
 
[[it:Connman]]
 
[[it:Connman]]
[[Category:Networking]]
+
[[ja:Connman]]
{{Article summary start}}
+
{{Related articles start}}
{{Article summary text|Covers installation and configuration of ConnMan – an alternative to [[NetworkManager]].}}
+
{{Related|Network configuration}}
{{Article summary heading|Related}}
+
{{Related|Wireless network configuration}}
{{Article summary wiki|Network Configuration}}
+
{{Related|:Category:Network configuration}}
{{Article summary wiki|Wireless Setup}}
+
{{Related articles end}}
{{Article summary end}}
+
{{Expansion|Only WiFi plugin is described in [[#Usage]] section.}}
+
[http://connman.net/ ConnMan] is an alternative to [[NetworkManager]] and [[Wicd]] and was created by Intel and the Moblin project for use with embedded devices. ConnMan is designed to be light on resources making it ideal for netbooks, and other mobile devices. It is modular in design takes advandage of the dbus API and provides proper abstraction on top of wpa_supplicant. ConnMan currently has plugins available for:
+
* WiFi
+
* Ethernet
+
* Bluetooth (Through {{Pkg|bluez}})
+
* WiMAX
+
* VPN's (Through the connman-vpn.service)
+
  
It is typically used for wireless networking and being plugin based it is extremely fast at resolving connections. After setup you may wish to check for yourself with {{ic|systemd-analyze blame}} to see the difference in performance compared to other network managers.
+
[https://01.org/connman ConnMan] is a command-line network manager designed for use with embedded devices and fast resolve times. It is modular through a [http://git.kernel.org/cgit/network/connman/connman.git/tree/plugins plugin architecture], but has native [http://git.kernel.org/cgit/network/connman/connman.git/tree/src/dhcp.c dhcp] and [http://git.kernel.org/cgit/network/connman/connman.git/tree/src/ntp.c ntp] support.
  
 
== Installation ==
 
== Installation ==
  
[[pacman|Install]] {{Pkg|connman}} from the [[official repositories]].
+
[[Install]] the {{Pkg|connman}} package. {{Pkg|wpa_supplicant}} and {{Pkg|bluez}} are optional dependencies required for Wi-Fi and Bluetooth functionality respectively.
  
== Configuring ==
+
Before [[enabling]] {{ic|connman.service}}, ensure any existing [[network configuration]] is disabled.
  
To control ConnMan as a regular user, add these lines to {{ic|/etc/dbus-1/system.d/connman.conf}} under the policy user="root" block.
+
=== Desktop clients ===
{{Note|This is now implemented in the current releases of ConnMan}}
+
 
  <policy group="network">
+
* {{App|cmst|Qt GUI for ConnMan.|https://github.com/andrew-bibb/cmst|{{AUR|cmst}}}}
        <allow send_destination="org.moblin.connman"/>
+
* {{App|connman-ncurses|Simple ncurses UI for ConnMan; not all of connman functionality is implemented, but usable (with X or from terminal without X), see the [https://github.com/eurogiciel-oss/connman-json-client/wiki wiki].|https://github.com/eurogiciel-oss/connman-json-client|{{AUR|connman-ncurses-git}}}}
        <allow send_interface="org.moblin.connman.Agent"/>
+
* {{App|connman-notify|Connman event notification client|https://github.com/wavexx/connman-notify|{{AUR|connman-notify}}{{Broken package link|{{aur-mirror|connman-notify}}}}}}
        <allow send_interface="org.moblin.connman.Counter"/>
+
* {{App|ConnMan-UI|GTK3 client applet.|https://github.com/tbursztyka/connman-ui|{{AUR|connman-ui-git}}}}
    </policy>
+
* {{App|connman_dmenu|Client/frontend for dmenu.|https://github.com/taylorchu/connman_dmenu|{{AUR|connman_dmenu-git}}}}
 +
* {{App|Econnman|Enlightenment desktop panel applet.|http://www.enlightenment.org|{{AUR|econnman}}}}
 +
* {{App|LXQt-Connman-Applet|LXQt desktop panel applet.|https://github.com/surlykke/lxqt-connman-applet|{{AUR|lxqt-connman-applet-git}}}}
 +
* {{App|qconnman-ui|Qt management interface used on O.S. Systems products|https://github.com/OSSystems/qconnman-ui|{{AUR|qconnman-ui-git}}{{Broken package link|{{aur-mirror|qconnman-ui-git}}}}}}
 +
* {{App|connman-gtk| GTK client.|https://github.com/jgke/connman-gtk|{{AUR|connman-gtk}}}}
 +
* {{App|gnome-extension-connman| Gnome3 extension for connman; it contains only some of the functionality without installing connman-gtk.|https://github.com/jgke/gnome-extension-connman|https://extensions.gnome.org/extension/981/connman-extension/}}
  
 
== Usage ==
 
== Usage ==
  
First enable and start the connman [[daemon]] service.
+
{{Expansion|Only Wired and Wi-Fi plugins are described.}}
  
=== Desktop clients ===
+
ConnMan has a standard command line client {{ic|connmanctl}}. It can run in 2 modes:
 +
*In '''command mode''' commands are entered as arguments to {{ic|connmanctl}} command, just like [[systemctl]].
 +
*'''Interactive mode''' is started by typing {{ic|connmanctl}} without arguments. Prompt will change to {{ic|connmanctl>}} to indicate it is waiting for user commands, just like [[python]] interactive mode. The interactive mode supports tab completion, which makes finding the correct connection easy.
  
ConnMan only has two working panel applets and a dmenu client:
+
=== Wired ===
  
* {{App|EConnman|Enlightenment desktop panel applet.|http://www.enlightenment.org|{{AUR|econnman}}}}
+
ConnMan will automatically handle wired connections.
* {{App|ConnMan-UI|GTK+ client applet.|https://github.com/tbursztyka/connman-ui|{{AUR|connman-ui-git}}}}
+
* {{App|connman_dmenu|Client/frontend for dmenu.|https://github.com/taylorchu/connman_dmenu|{{AUR|connman_dmenu-git}}}}
+
  
Currently the GTK client is not 100% stable however it is good enough for day-to-day usage. To use it just add {{ic|connman-ui-gtk}} to one of your startup files, e.g: {{ic|autostart}} for Openbox.
+
=== Wi-Fi ===
  
=== Using the command line client ===
+
{{Note|Make sure the Wi-Fi device is listed in the output of {{ic|ip link show up}}. If it is not listed that means it is not powered on. Use {{ic|Fn}} keys on the laptop to turn it on. You may need to run {{ic|connmanctl enable wifi}}.}}
  
As of version 1.7 connman has a standard command line client {{ic|connmanctl}}.
+
==== Connecting to an open access point ====
  
To scan the network connmanctl accepts simple names called '''technologies'''. To scan for nearby WiFi networks:
+
The commands in this section show how to run {{ic|connmanctl}} in command mode.
 +
 
 +
To scan the network {{ic|connmanctl}} accepts simple names called ''technologies''. To scan for nearby Wi-Fi networks:
  
 
  $ connmanctl scan wifi
 
  $ connmanctl scan wifi
  
To list the available networks found after a scan run:
+
To list the available networks found after a scan run (example output):  
{{Note|You will see something similar to this ('''not''' actual results):}}
+
  
$ connmanctl services
+
{{hc|$ connmanctl services|
*AO MyNetwork              wifi_dc85de828967_68756773616d_managed_psk
+
*AO MyNetwork              wifi_dc85de828967_68756773616d_managed_psk
    OtherNET                wifi_dc85de828967_38303944616e69656c73_managed_psk  
+
    OtherNET                wifi_dc85de828967_38303944616e69656c73_managed_psk  
    AnotherOne              wifi_dc85de828967_3257495245363836_managed_wep
+
    AnotherOne              wifi_dc85de828967_3257495245363836_managed_wep
    FourthNetwork          wifi_dc85de828967_4d7572706879_managed_wep
+
    FourthNetwork          wifi_dc85de828967_4d7572706879_managed_wep
    AnOpenNetwork          wifi_dc85de828967_4d6568657272696e_managed_none
+
    AnOpenNetwork          wifi_dc85de828967_4d6568657272696e_managed_none
 +
}}
 +
 
 +
To connect to an open network, use the second field beginning with '''wifi_''':
  
To connect to an open network simple use the enter the second field beginning with '''wifi_''':
 
 
  $ connmanctl connect wifi_dc85de828967_4d6568657272696e_managed_none
 
  $ connmanctl connect wifi_dc85de828967_4d6568657272696e_managed_none
  
You should now be connected to the network. Check using {{ic|ip a}} or {{ic|connmanctl state}}.
+
You should now be connected to the network. Check using {{ic|ip addr}} or {{ic|connmanctl state}}.
  
==== Settings ====
+
==== Connecting to a protected access point ====
  
Settings and profiles are automatically created for networks the user connects to often. They contain feilds for the passphrase, essid and other information. Profile settings are stored in directories under {{ic|/var/lib/connman/}} by their service name. To view all network profiles do:  
+
For protected access points you will need to provide some information to the ConnMan daemon, at the very least a password or a passphrase.
{{Note|VPN settings can be found in {{ic|/var/lib/connman-vpn/}} }}
+
 
 +
The commands in this section show how to run {{ic|connmanctl}} in interactive mode, it is required for running the {{ic|agent}} command.  To start interactive mode simply type:
 +
 
 +
$ connmanctl
 +
 
 +
You then proceed almost as above, first scan for any Wi-Fi ''technologies'':
 +
 
 +
connmanctl> scan wifi
 +
 
 +
To list services:
 +
 
 +
connmanctl> services
 +
 
 +
Now you need to register the agent to handle user requests.  The command is:
 +
 
 +
connmanctl> agent on
 +
 
 +
You now need to connect to one of the protected services.  To do this it is very handy to have a terminal that allows
 +
cut and paste.  If you were connecting to OtherNET in the example above you would type:
 +
 
 +
connmanctl> connect wifi_dc85de828967_38303944616e69656c73_managed_psk
 +
 
 +
The agent will then ask you to provide any information the daemon needs to complete the connection.  The
 +
information requested will vary depending on the type of network you are connecting to.  The agent
 +
will also print additional data about the information it needs as shown in the example below.
 +
 
 +
Agent RequestInput wifi_dc85de828967_38303944616e69656c73_managed_psk
 +
  Passphrase = [ Type=psk, Requirement=mandatory ]
 +
  Passphrase? 
 +
 
 +
Provide the information requested, in this example the passphrase, and then type:
 +
 
 +
connmanctl> quit
 +
 
 +
If the information you provided is correct you should now be connected to the protected access point.
 +
 
 +
=== Settings ===
 +
 
 +
Settings and profiles are automatically created for networks the user connects to often. They contain fields for the passphrase, essid and other information. Profile settings are stored in directories under {{ic|/var/lib/connman/}} by their service name. To view all network profiles run this command from [[Help:Reading#Regular_user_or_root|root shell]]:
  
 
  # cat /var/lib/connman/*/settings
 
  # cat /var/lib/connman/*/settings
  
==== Hardware ====
+
{{Note|VPN settings can be found in {{ic|/var/lib/connman-vpn/}}.}}
  
Various hardware interfaces are referred to as ''Technologies'' by {{ic|connmanctl}}. To interact with them one must refer to the technology by type.
+
=== Technologies ===
 +
 
 +
Various hardware interfaces are referred to as ''Technologies'' by ConnMan.
 +
 
 +
To list available ''technologies'' run:
 +
 
 +
$ connmanctl technologies
 +
 
 +
To get just the types by their name one can use this one liner:
 +
 
 +
$ connmanctl technologies | awk '/Type/ { print $NF }'
 +
 
 +
{{Note| The field {{ic|1=Type = tech_name}} provides the technology type used with {{ic|connmanctl}} commands}}
 +
 
 +
To interact with them one must refer to the technology by type.
 
''Technologies'' can be toggled on/off with:  
 
''Technologies'' can be toggled on/off with:  
 +
 
  $ connmanctl enable ''technology_type''
 
  $ connmanctl enable ''technology_type''
 +
 
and:
 
and:
 +
 
  $ connmanctl disable ''technology_type''
 
  $ connmanctl disable ''technology_type''
  
Example:
+
For example to toggle off wifi:
This will toggle wifi off
+
$ connmanctl disable wifi  
+
  
{{Note|1= The field '''Type = tech_name''' provides the technology type used with {{ic|connmanctl}} commands}}
+
$ connmanctl disable wifi
To list available ''technologies'' run:  
+
 
  $ connmanctl technologies
+
{{Warning|connman grabs rfkill events. It is most likely impossible to use {{ic|rfkill}} or {{ic|bluetoothctl}} to (un)block devices, yet hardware keys may still work.[https://git.kernel.org/cgit/network/connman/connman.git/tree/doc/overview-api.txt#n406] Always use {{ic|<nowiki>connmanctl enable|disable</nowiki>}} }}
 +
 
 +
== Tips and tricks ==
 +
 
 +
=== Avoid changing the hostname ===
 +
By default, ConnMan changes the [http://www.freedesktop.org/software/systemd/man/hostnamectl.html transient hostname] on a per network basis. This can create problems with X authority: If ConnMan changes your hostname to something else than the one used to generate the xauth magic cookie, then it will become impossible to create new windows. Symptoms are error messages like "No protocol specified" and "Can't open display: :0.0". Manually resetting the host name fixes this, but a permanent solution is to prevent ConnMan from changing your host name in the first place. This can be accomplished by adding the following to {{ic|/etc/connman/main.conf}}:
 +
 
 +
[General]
 +
AllowHostnameUpdates=false
 +
 
 +
Make sure to [[restart]] the {{ic|connman.service}} after changing this file.
 +
 
 +
For testing purposes it is recommended to watch the [[systemd#Journal|journal]] and plug the network cable a few times to see the action.
 +
 
 +
=== Prefer ethernet to wireless ===
 +
By default ConnMan does not prefer ethernet over wireless, which can lead to it deciding to stick with a slow wireless network even when ethernet is available. You can tell connman to prefer ethernet adding the following to {{ic|/etc/connman/main.conf}}:
 +
 
 +
[General]
 +
PreferredTechnologies=ethernet,wifi
 +
 
 +
=== Exclusive connection ===
 +
ConnMan allows you to be connected to both ethernet and wireless at the same time. This can be useful as it allows programs that established a connection over wifi to stay connected even after you connect to ethernet. But some peope prefer to have only a single unambiguous connection active at a time. That behavior can be activated by adding the following to {{ic|/etc/connman/main.conf}}:
 +
 
 +
[General]
 +
SingleConnectedTechnology=true
 +
 +
=== Connecting to eduroam  ===
 +
 
 +
See [[WPA2 Enterprise#connman]].
 +
 
 +
=== Avoiding conflicts with local DNS server ===
 +
If you are running a local DNS server, it will likely have problems binding to port 53 (TCP and/or UDP) after installing Connman. This is because Connman includes its own DNS proxy which also tries to bind to those ports. If you see log messages from [[BIND]] or [[dnsmasq]] like
 +
"named[529]: could not listen on UDP socket: address in use"
 +
this could be the problem. To verify which application is listening on the ports, you can execute {{ic|ss -tulpn}} as root.
 +
 
 +
To fix this connmand can be started with the options {{ic|-r}} or {{ic|--nodnsproxy}} by [[Systemd#Editing provided units|overriding]] the systemd service file. Create the folder {{ic|/etc/systemd/system/connman.service.d/}} and add the file {{ic|disable_dns_proxy.conf}}:
 +
 
 +
  [Service]
 +
ExecStart=
 +
ExecStart=/usr/bin/connmand -n --nodnsproxy
 +
 
 +
Make sure to [[reload]] the systemd daemon and [[restart]] the {{ic|connman.service}}, and your DNS proxy, after adding this file.
 +
 
 +
=== Blacklist interfaces ===
 +
If something like [[Docker]] is creating virtual interfaces Connman may attempt to connect to one of these instead of your physical adapter if the connection drops. A simple way of avoiding this is to blacklist the interfaces you do not want to use. Connman will by default blacklist interfaces starting with {{ic|vmnet}}, {{ic|vboxnet}}, {{ic|virbr}} and {{ic|ifb}}, so those need to be included in the new blacklist as well.
 +
 
 +
Blacklisting interface names is also useful to avoid a race condition where connman may access <code>eth#</code> or <code>wlan#</code> before systemd/udev can change it to use a [[Network_configuration#Device_names|predictable interface name]] like <code>enp4s0</code>. Blacklisting the conventional (and unpredictable) interface prefixes makes connman wait until they are renamed.
 +
 
 +
If it does not already exist, create {{ic|/etc/connman/main.conf}}:
 +
 
 +
[General]
 +
NetworkInterfaceBlacklist=vmnet,vboxnet,virbr,ifb,docker,veth,eth,wlan
  
To get just the types by their name one can use this one liner.
+
Once {{ic|connman.service}} has been [[systemd#Using units|restarted]] this will also hide all the {{ic|veth#######}} interfaces from GUI tools like Econnman.
$ connmanctl technologies | grep "Type" | awk '{print $NF}'
+
  
 
== See also ==
 
== See also ==
  
For further detailed information on '''ConnMan''' refer to this documentation:
+
* [https://git.kernel.org/cgit/network/connman/connman.git/tree/doc git repo documentation] - for further detailed documentation
http://git.kernel.org/cgit/network/connman/connman.git/plain/doc/overview-api.txt?id=HEAD
+

Latest revision as of 13:40, 26 April 2016

ConnMan is a command-line network manager designed for use with embedded devices and fast resolve times. It is modular through a plugin architecture, but has native dhcp and ntp support.

Installation

Install the connman package. wpa_supplicant and bluez are optional dependencies required for Wi-Fi and Bluetooth functionality respectively.

Before enabling connman.service, ensure any existing network configuration is disabled.

Desktop clients

  • cmst — Qt GUI for ConnMan.
https://github.com/andrew-bibb/cmst || cmstAUR
  • connman-ncurses — Simple ncurses UI for ConnMan; not all of connman functionality is implemented, but usable (with X or from terminal without X), see the wiki.
https://github.com/eurogiciel-oss/connman-json-client || connman-ncurses-gitAUR
  • connman-notify — Connman event notification client
https://github.com/wavexx/connman-notify || connman-notifyAUR[broken link: archived in aur-mirror]
  • ConnMan-UI — GTK3 client applet.
https://github.com/tbursztyka/connman-ui || connman-ui-gitAUR
  • connman_dmenu — Client/frontend for dmenu.
https://github.com/taylorchu/connman_dmenu || connman_dmenu-gitAUR
  • Econnman — Enlightenment desktop panel applet.
http://www.enlightenment.org || econnmanAUR
  • LXQt-Connman-Applet — LXQt desktop panel applet.
https://github.com/surlykke/lxqt-connman-applet || lxqt-connman-applet-gitAUR
  • qconnman-ui — Qt management interface used on O.S. Systems products
https://github.com/OSSystems/qconnman-ui || qconnman-ui-gitAUR[broken link: archived in aur-mirror]
  • connman-gtk — GTK client.
https://github.com/jgke/connman-gtk || connman-gtkAUR
  • gnome-extension-connman — Gnome3 extension for connman; it contains only some of the functionality without installing connman-gtk.
https://github.com/jgke/gnome-extension-connman || https://extensions.gnome.org/extension/981/connman-extension/

Usage

Tango-view-fullscreen.pngThis article or section needs expansion.Tango-view-fullscreen.png

Reason: Only Wired and Wi-Fi plugins are described. (Discuss in Talk:Connman#)

ConnMan has a standard command line client connmanctl. It can run in 2 modes:

  • In command mode commands are entered as arguments to connmanctl command, just like systemctl.
  • Interactive mode is started by typing connmanctl without arguments. Prompt will change to connmanctl> to indicate it is waiting for user commands, just like python interactive mode. The interactive mode supports tab completion, which makes finding the correct connection easy.

Wired

ConnMan will automatically handle wired connections.

Wi-Fi

Note: Make sure the Wi-Fi device is listed in the output of ip link show up. If it is not listed that means it is not powered on. Use Fn keys on the laptop to turn it on. You may need to run connmanctl enable wifi.

Connecting to an open access point

The commands in this section show how to run connmanctl in command mode.

To scan the network connmanctl accepts simple names called technologies. To scan for nearby Wi-Fi networks:

$ connmanctl scan wifi

To list the available networks found after a scan run (example output):

$ connmanctl services
*AO MyNetwork               wifi_dc85de828967_68756773616d_managed_psk
    OtherNET                wifi_dc85de828967_38303944616e69656c73_managed_psk 
    AnotherOne              wifi_dc85de828967_3257495245363836_managed_wep
    FourthNetwork           wifi_dc85de828967_4d7572706879_managed_wep
    AnOpenNetwork           wifi_dc85de828967_4d6568657272696e_managed_none

To connect to an open network, use the second field beginning with wifi_:

$ connmanctl connect wifi_dc85de828967_4d6568657272696e_managed_none

You should now be connected to the network. Check using ip addr or connmanctl state.

Connecting to a protected access point

For protected access points you will need to provide some information to the ConnMan daemon, at the very least a password or a passphrase.

The commands in this section show how to run connmanctl in interactive mode, it is required for running the agent command. To start interactive mode simply type:

$ connmanctl

You then proceed almost as above, first scan for any Wi-Fi technologies:

connmanctl> scan wifi

To list services:

connmanctl> services

Now you need to register the agent to handle user requests. The command is:

connmanctl> agent on

You now need to connect to one of the protected services. To do this it is very handy to have a terminal that allows cut and paste. If you were connecting to OtherNET in the example above you would type:

connmanctl> connect wifi_dc85de828967_38303944616e69656c73_managed_psk

The agent will then ask you to provide any information the daemon needs to complete the connection. The information requested will vary depending on the type of network you are connecting to. The agent will also print additional data about the information it needs as shown in the example below.

Agent RequestInput wifi_dc85de828967_38303944616e69656c73_managed_psk
  Passphrase = [ Type=psk, Requirement=mandatory ]
  Passphrase?  

Provide the information requested, in this example the passphrase, and then type:

connmanctl> quit

If the information you provided is correct you should now be connected to the protected access point.

Settings

Settings and profiles are automatically created for networks the user connects to often. They contain fields for the passphrase, essid and other information. Profile settings are stored in directories under /var/lib/connman/ by their service name. To view all network profiles run this command from root shell:

# cat /var/lib/connman/*/settings
Note: VPN settings can be found in /var/lib/connman-vpn/.

Technologies

Various hardware interfaces are referred to as Technologies by ConnMan.

To list available technologies run:

$ connmanctl technologies

To get just the types by their name one can use this one liner:

$ connmanctl technologies | awk '/Type/ { print $NF }'
Note: The field Type = tech_name provides the technology type used with connmanctl commands

To interact with them one must refer to the technology by type. Technologies can be toggled on/off with:

$ connmanctl enable technology_type

and:

$ connmanctl disable technology_type

For example to toggle off wifi:

$ connmanctl disable wifi
Warning: connman grabs rfkill events. It is most likely impossible to use rfkill or bluetoothctl to (un)block devices, yet hardware keys may still work.[1] Always use connmanctl enable|disable

Tips and tricks

Avoid changing the hostname

By default, ConnMan changes the transient hostname on a per network basis. This can create problems with X authority: If ConnMan changes your hostname to something else than the one used to generate the xauth magic cookie, then it will become impossible to create new windows. Symptoms are error messages like "No protocol specified" and "Can't open display: :0.0". Manually resetting the host name fixes this, but a permanent solution is to prevent ConnMan from changing your host name in the first place. This can be accomplished by adding the following to /etc/connman/main.conf:

[General]
AllowHostnameUpdates=false

Make sure to restart the connman.service after changing this file.

For testing purposes it is recommended to watch the journal and plug the network cable a few times to see the action.

Prefer ethernet to wireless

By default ConnMan does not prefer ethernet over wireless, which can lead to it deciding to stick with a slow wireless network even when ethernet is available. You can tell connman to prefer ethernet adding the following to /etc/connman/main.conf:

[General]
PreferredTechnologies=ethernet,wifi

Exclusive connection

ConnMan allows you to be connected to both ethernet and wireless at the same time. This can be useful as it allows programs that established a connection over wifi to stay connected even after you connect to ethernet. But some peope prefer to have only a single unambiguous connection active at a time. That behavior can be activated by adding the following to /etc/connman/main.conf:

[General]
SingleConnectedTechnology=true

Connecting to eduroam

See WPA2 Enterprise#connman.

Avoiding conflicts with local DNS server

If you are running a local DNS server, it will likely have problems binding to port 53 (TCP and/or UDP) after installing Connman. This is because Connman includes its own DNS proxy which also tries to bind to those ports. If you see log messages from BIND or dnsmasq like

"named[529]: could not listen on UDP socket: address in use"

this could be the problem. To verify which application is listening on the ports, you can execute ss -tulpn as root.

To fix this connmand can be started with the options -r or --nodnsproxy by overriding the systemd service file. Create the folder /etc/systemd/system/connman.service.d/ and add the file disable_dns_proxy.conf:

[Service]
ExecStart=
ExecStart=/usr/bin/connmand -n --nodnsproxy

Make sure to reload the systemd daemon and restart the connman.service, and your DNS proxy, after adding this file.

Blacklist interfaces

If something like Docker is creating virtual interfaces Connman may attempt to connect to one of these instead of your physical adapter if the connection drops. A simple way of avoiding this is to blacklist the interfaces you do not want to use. Connman will by default blacklist interfaces starting with vmnet, vboxnet, virbr and ifb, so those need to be included in the new blacklist as well.

Blacklisting interface names is also useful to avoid a race condition where connman may access eth# or wlan# before systemd/udev can change it to use a predictable interface name like enp4s0. Blacklisting the conventional (and unpredictable) interface prefixes makes connman wait until they are renamed.

If it does not already exist, create /etc/connman/main.conf:

[General]
NetworkInterfaceBlacklist=vmnet,vboxnet,virbr,ifb,docker,veth,eth,wlan

Once connman.service has been restarted this will also hide all the veth####### interfaces from GUI tools like Econnman.

See also