Network Manager / wifi-connect: how to delete network credentials from within container?

I noticed that wifi-connect no longer has a --clear flag to delete all network credentials. Instead PR removed this flag and a comment on that PR discussion suggested using nmcli. So I installed the network-manager (Raspberry Pi) and this is what I get from a single container app when I try to use the nmcli to access the current status:

root@bfdd285:/usr/src/app# nmcli g
(process:1761): libnm-glib-WARNING **: (nm-object.c:157):constructor: code should not be reached
(process:1761): GLib-GObject-CRITICAL **: object NMClient 0x1c7b098 finalized while still in-construction
(process:1761): GLib-GObject-CRITICAL **: Custom constructor for class NMClient returned NULL (which is invalid). Please use GInitable instead.
(process:1761): nmcli-CRITICAL **: Error: Could not create NMClient object.

So, how do we do this through nmcli?

@jason10 I have seen this error, but cannot remember the exact cause, but here are a couple of possibilities:

Make sure that you export DBUS_SYSTEM_BUS_ADDRESS=unix:path=/host/run/dbus/system_bus_socket before using nmcli in the container.

If you are using a Debian Jessie base image then you may try a Debian Stretch based one. Debian Stretch is the stable Debian version currently, although Buster will be made stable soon.

Also if using nmcli in a container, do not forget to mask the NetworkManager service if you have INITSYSTEM enabled for your container. You may also try our new balenalib base images.

For masking you may check:

Please let me know if any of those solve the issue for you.

Thanks, that got me further. I added the masking and environment variable to the Dockerfile.template:

ENV DBUS_SYSTEM_BUS_ADDRESS=unix:path=/host/run/dbus/system_bus_socket
RUN apt-get update \
    && apt-get install -y dnsmasq wireless-tools network-manager \
    && systemctl mask NetworkManager.service 

and found

Then nmcli connection show and nmcli connection delete CONNECTION where each connection has type 802-11-wireless and -- for device.

root@bfdd285:/usr/src/app# nmcli connection show
NAME                UUID                                  TYPE             DEVICE
WiFi Connect        52bc1f92-c4b7-418b-8ce8-6abb603e6073  802-11-wireless  wlan0
Wired connection 1  0c6d7629-1a1e-381d-adaf-81dd7a607efb  802-3-ethernet   eth0
supervisor0         ae518599-1535-4837-a5ec-9b6df788e009  bridge           supervisor0
WeWork              77ad151f-eaa4-4793-9866-e345b91996c6  802-11-wireless  --

So then to delete the WeWork connection:

nmcli connection delete WeWork

@majorz looking into this further, the simple case of using the nmcli is unlikely to work in all cases, at least not easily.

SSID’s are arbitrary 32 8 bit data strings. You can have 32 0x00 (null) or 32 0x20 (space) .

So the path of taking the output of nmcli, passing it through some shell processing and calling nmcli to delete network credentials is unlikely to work easily.

Here are some example SSIDs that are likely to be painful to parse:

long W Guest Network 
multiple     spaces
KD2 - Shaw
Suki`s Guest
Parentheses (5 GHz)
BraceOpen {
BraceClosed }
BracePair { }

It may be that nmcli hex encodes it’s output when these sorts of SSIDs are found. But even double spaces is likely to be a pain to process. Suggestions?

@jason10 You may try using the D-Bus API of NetworkManager for this purpose instead. Here another user had a similar question and provided some example code for this:

It should be be even simpler by using the python-networkmanager library instead of using D-Bus directly.

If you are using NodeJS then you may check out dbus-native library. Here is an example project of ours that uses it:

This problem was just a sudo issue for me.