Bug#929469: systemd-networkd: systemd-networkd: fails with "could not set address: Permission denied"
Raphael Hertzog
hertzog at debian.org
Tue Jun 11 14:51:14 BST 2019
Hi,
On Wed, 05 Jun 2019, Michael Biebl wrote:
> systemd-networkd.service in v241 is locked down more tightly then v232.
> It might be worth a try to comment out the hardening features one by one
> to see if one of them causes your problem.
Thanks for the idea! I tried that but it did not help. I found the issue
after a few more tries tweaking the network configuration file. It's
simply that the system has IPv6 disabled in the kernel policy while the
.network file instructs to configure an IPv6 address.
Both are contradictory but they happily lived together up-to-now.
I don't know what changed but if we don't improve systemd-networkd
to just skip IPv6 configuration when the kernel has a policy disabling
IPv6, then we will have plenty of servers broken on upgrades because
it's quite common to keep the network configuration file provided by
the hoster and just disable IPv6 at the kernel level with sysctl:
$ grep ipv6 /etc/sysctl.conf
# Disable ipv6
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1
Cheers,
--
Raphaël Hertzog ◈ Debian Developer
Support Debian LTS: https://www.freexian.com/services/debian-lts.html
Learn to master Debian: https://debian-handbook.info/get/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 523 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-systemd-maintainers/attachments/20190611/1d5128fc/attachment.sig>
More information about the Pkg-systemd-maintainers
mailing list