[Bug 678066] New: IPv6 Privacy Extensions are not enabled by default
https://bugzilla.novell.com/show_bug.cgi?id=678066 https://bugzilla.novell.com/show_bug.cgi?id=678066#c0 Summary: IPv6 Privacy Extensions are not enabled by default Classification: openSUSE Product: openSUSE 11.4 Version: Final Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem AssignedTo: lnussel@novell.com ReportedBy: aj@novell.com QAContact: qa@suse.de Found By: Product Management Blocker: --- bnc#664550 made some changes to IPv6 Privacy extensions - and now a default installation does not have them enabled at all. It should really be enabled. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=678066 https://bugzilla.novell.com/show_bug.cgi?id=678066#c1 --- Comment #1 from Ludwig Nussel <lnussel@novell.com> 2011-03-09 11:28:21 CET --- there was no real change in default value. The default was 'no' always. Bug 664550 was about fixing the 'yes' setting which was done. Also the behavior was changed to not touch the kernel setting by default. Since that one is off to there was no actual change in settings. If we want ipv6 privacy by default we can just turn them on in the kernel by default. Whether or not we want that is a separate discussion though. So I'd close this bug as FEATURE. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=678066 https://bugzilla.novell.com/show_bug.cgi?id=678066#c2 --- Comment #2 from Andreas Jaeger <aj@novell.com> 2011-03-09 10:45:42 UTC --- Let's please fix it - I'm all for enabling it. So, where should we discuss to do this. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=678066 https://bugzilla.novell.com/show_bug.cgi?id=678066#c3 Ludwig Nussel <lnussel@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |lnussel@novell.com AssignedTo|lnussel@novell.com |kernel-maintainers@forge.pr | |ovo.novell.com Summary|IPv6 Privacy Extensions are |Enable IPv6 Privacy |not enabled by default |Extensions by default --- Comment #3 from Ludwig Nussel <lnussel@novell.com> 2011-03-09 15:31:23 CET --- Let's first check if the kernel people want to switch the compiled in default so we don't need to mess with any config files. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=678066 https://bugzilla.novell.com/show_bug.cgi?id=678066#c4 Jeff Mahoney <jeffm@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jeffm@novell.com AssignedTo|kernel-maintainers@forge.pr |lnussel@novell.com |ovo.novell.com | --- Comment #4 from Jeff Mahoney <jeffm@novell.com> 2011-03-14 20:05:44 UTC --- The default isn't a compile-time option. It would need to be patched. Using config files to alter the setting seems like it'd be the best bet. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=678066 https://bugzilla.novell.com/show_bug.cgi?id=678066#c5 --- Comment #5 from Ludwig Nussel <lnussel@novell.com> 2011-03-15 09:28:06 CET --- (In reply to comment #4)
The default isn't a compile-time option. It would need to be patched.
Well, you could create a patch that makes it a compile time option :-) If using privacy extensions by default makes sense for our Distro I wonder why the upstream kernel doesn't make them default too.
Using config files to alter the setting seems like it'd be the best bet.
Using a config files with explicit setting always has drawbacks, esp on update. The file may have been modified before so you get an .rpmnew so the new setting doesn't take effect. If you try to be clever and add the new setting to an existing file you don't know if the admin removed the setting before on purpose. So I'm a fan of implicit defaults. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=678066 https://bugzilla.novell.com/show_bug.cgi?id=678066#c6 --- Comment #6 from Ludwig Nussel <lnussel@novell.com> 2011-05-13 11:24:09 CEST --- The problem with /etc/sysctl.conf is that there is no good point in time during boot to apply all it's settings due to the dynamic nature of the system. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=678066 https://bugzilla.novell.com/show_bug.cgi?id=678066#c7 --- Comment #7 from Ludwig Nussel <lnussel@novell.com> 2011-05-20 14:47:28 CEST --- I've prepared a patch for sysctl to read distro settings from /lib/sysctl.d/*.conf. That way we can avoid .rpmnew files. The upstream psutils maintainer didn't respond though. I've also opened fate 312343 to get rid of /etc/sysconfig/sysctl.conf -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=678066 https://bugzilla.novell.com/show_bug.cgi?id=678066#c Ludwig Nussel <lnussel@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=678066 https://bugzilla.novell.com/show_bug.cgi?id=678066#c8 --- Comment #8 from Bernhard Wiedemann <bwiedemann@novell.com> 2011-05-28 23:00:27 CEST --- This is an autogenerated message for OBS integration: This bug (678066) was mentioned in https://build.opensuse.org/request/show/71850 Factory / procps -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=678066 https://bugzilla.novell.com/show_bug.cgi?id=678066#c9 Bruno Friedmann <bruno@ioda-net.ch> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |bruno@ioda-net.ch --- Comment #9 from Bruno Friedmann <bruno@ioda-net.ch> 2011-06-04 11:04:53 UTC --- unfortunately, the /etc/init.d/boot.sysctl isn't yet ready to read /etc/sysctl.d/*.conf which seems to have been created to read configuration files like in /lib/sysctl.d -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=678066 https://bugzilla.novell.com/show_bug.cgi?id=678066#c10 Freek de Kruijf <f.de.kruijf@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |f.de.kruijf@gmail.com --- Comment #10 from Freek de Kruijf <f.de.kruijf@gmail.com> 2011-08-16 08:10:42 UTC --- In my view Privacy Extension should only be the default for traveling systems. When Privacy Extensions are not enabled, systems that are static in a network always get the same address (i.e. the host part), derived from the MAC address. This makes it possible, in a small network, to use these addresses to communicate with each other, without the need for a DHCP6 and/or DNS server. With Privacy Extension always enabled, the IPv6 address changes each least each 24 hours, which makes it difficult to communicate without additional services that keep track of these changing addresses. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=678066 https://bugzilla.novell.com/show_bug.cgi?id=678066#c11 --- Comment #11 from Ludwig Nussel <lnussel@novell.com> 2011-08-22 11:20:35 CEST --- the mac address based address is available for incoming connections even with privacy extensions enabled. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=678066 https://bugzilla.novell.com/show_bug.cgi?id=678066#c12 --- Comment #12 from Freek de Kruijf <f.de.kruijf@gmail.com> 2011-08-22 10:11:18 UTC --- It seems to be very hard to find this kind of information in a comprehensive way. Is it really needed to read this information in the RFCs? Does it also document the chosen IPv6 address used as the source IPv6 address, when so many IPv6 addresses are assigned to an interface? Is there any indication in the output of ifconfig to know which global IPv6 address has preference in the source address. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=678066 https://bugzilla.novell.com/show_bug.cgi?id=678066#c13 Ludwig Nussel <lnussel@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Component|Basesystem |Basesystem Version|Final |Factory Resolution| |FIXED Product|openSUSE 11.4 |openSUSE 12.1 --- Comment #13 from Ludwig Nussel <lnussel@suse.com> 2011-08-29 14:02:06 CEST --- the patched sysctl which reads /lib/sysctl.d and a distro defaults file that enables privacy extensions are now in Factory. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=678066 https://bugzilla.novell.com/show_bug.cgi?id=678066#c14 roeland jansen <roeland@linux-it.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |roeland@linux-it.nl --- Comment #14 from roeland jansen <roeland@linux-it.nl> 2012-04-02 17:14:06 UTC --- Freek I fully agree. This is a bad move.... Maybe some additional discussions would help here See bug 752842 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=678066 Jiri Bohac <jbohac@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Depends on| |988023 -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com