Bug#809166: networking.service does not prevent ifdown with network file systems

Martin Pitt mpitt at debian.org
Wed Jan 13 15:00:16 GMT 2016 

Hello Guus, Michael,

sorry, took a bit to get back to this. I did some research about this
now.

Michael Biebl [2015-12-30 19:41 +0100]:
> Can you actually use ifupdown for that?
> If your / is on a network file system you most likely need to setup your
> network via the initramfs, or not?

Correct; scenarios that use remote root file systems (NFS, open-iscsi,
LTSP) ship initramfs-tools hooks with use things like "ipconfig" or
"udhcpd" to bring up the ethernet interface, they don't use ifupdown.

> Why should ifupdown tear down the network on shutdown then?

E. g. LTSP creates an ifupdown stanza like "iface eth0 inet manual"
for the remote root interface to prevent NetworkManager from
(auto-)connecting/disconnecting eth0. NM ignores interfaces that are
configured in ifupdown, thus preventing the user from  shooting
herself into the foot by accidentally/maliciously clicking on
"disconnect" in the network icon. This use case actually got broken
by the overzealous patch in #809169 which added this:

   down
+    /bin/ip link set dev %iface% down 2>/dev/null || true \
+        if (iface_is_link())

for "manual" interfaces. I. e. "ifdown eth0" on the above "manual"
interface example would actually down the interface. This isn't
documented behaviour, and breaks this (IMHO) valid use case to mark an
interface as "please leave me alone". This is what's causing the
shutdown hang with LTSP now. (See https://launchpad.net/1492546 for
details).

The attached debdiff [1] reverts this bit, sorry about that. We've had
this for ages in Ubuntu and I didn't quite know what this was about.
As long as we had the check_network_file_systems() bits in
/etc/init.d/networking this papered over this misbehaviour, but with
that gone there is no protection any more from tearing down interfaces
with remote root fs.


I also looked at open-iscsi in Ubuntu. That package has a weird patch
which hacks ifupdown's state files to think that eth0 is already up,
so that ifupdown does not try to start it again during boot. It does
that because the cloud images have a hardcoded "iface eth0 inet dhcp"
in them, and open-iscsi needs to work with those. Again the
check_network_file_systems() check prevented a shutdown hang here. But
this whole approach is just wrong, and we need to fix that on the
Ubuntu side to generate an ifupdown interface stanza on first boot on
the fly (this is also necessary for the ifnames changes, as it's not
guaranteed to be eth0 these days). This part isn't really relevant for
you, but I wanted to mention it here for the record.

Thanks,

Martin

[1] Sorry, anonscm etc. are down ATM, I don't have access to current git
-- 
Martin Pitt                        | http://www.piware.de
Ubuntu Developer (www.ubuntu.com)  | Debian Developer  (www.debian.org)
-------------- next part --------------
diff -Nru ifupdown-0.8.8/debian/changelog ifupdown-0.8.9/debian/changelog
--- ifupdown-0.8.8/debian/changelog	2016-01-12 23:50:35.000000000 +0100
+++ ifupdown-0.8.9/debian/changelog	2016-01-13 15:44:50.000000000 +0100
@@ -1,3 +1,13 @@
+ifupdown (0.8.9) UNRELEASED; urgency=medium
+
+  * inet{,6}.defn: Don't down an interface when stopping. This got introduced
+    in 0.8.5, but breaks use cases like LTSP which create a "manual"
+    interfaces stanza to prevent NetworkManager or other management software
+    to *prevent* touching the interface of the remote root file system.
+    (Closes: #809166, LP: #1492546)
+
+ -- Martin Pitt <mpitt at debian.org>  Wed, 13 Jan 2016 15:41:42 +0100
+
 ifupdown (0.8.8) unstable; urgency=medium
 
   [ Martin Pitt ]
diff -Nru ifupdown-0.8.8/inet6.defn ifupdown-0.8.9/inet6.defn
--- ifupdown-0.8.8/inet6.defn	2016-01-11 20:35:47.000000000 +0100
+++ ifupdown-0.8.9/inet6.defn	2016-01-13 15:41:24.000000000 +0100
@@ -112,8 +112,6 @@
     /bin/ip link set dev %iface% up 2>/dev/null || true
 
   down
-    /bin/ip link set dev %iface% down 2>/dev/null \
-        if (iface_is_link())
 
 method dhcp
   description
diff -Nru ifupdown-0.8.8/inet.defn ifupdown-0.8.9/inet.defn
--- ifupdown-0.8.8/inet.defn	2016-01-11 20:30:09.000000000 +0100
+++ ifupdown-0.8.9/inet.defn	2016-01-13 15:41:16.000000000 +0100
@@ -68,8 +68,6 @@
     /bin/ip link set dev %iface% up 2>/dev/null || true
 
   down
-    /bin/ip link set dev %iface% down 2>/dev/null || true \
-        if (iface_is_link())
 
 method dhcp
   description
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-systemd-maintainers/attachments/20160113/ecc0e1c6/attachment.sig>

More information about the Pkg-systemd-maintainers mailing list