[Bug 494958] New: IPV6_PRIVACY (use_tempaddr) does not work

http://bugzilla.novell.com/show_bug.cgi?id=494958 Summary: IPV6_PRIVACY (use_tempaddr) does not work Classification: openSUSE Product: openSUSE 11.1 Version: Final Platform: i686 OS/Version: openSUSE 11.1 Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: georgmueller@gmx.net QAContact: qa@suse.de Found By: --- User-Agent: Mozilla/5.0 (X11; U; Linux i686; de; rv:1.9.0.8) Gecko/2009032600 SUSE/3.0.8-1.1.1 Firefox/3.0.8 I am using radvd on the server for IPv6 auto-configuration. I want to hide my MAC address (using use_tempaddr=1 sysctl setting). IPV6_PRIVACY in /etc/sysconfig/sysctl is set to "yes" and /var/log/boot.msg contains the statement "Enabling IPv6 privacy" from /etc/init.d/boot.ipconfig. Reproducible: Always Steps to Reproduce: 1. set IPV6_PRIVACY=yes in /etc/sysconfig/sysctl 2. reboot 3. check IPv6 address I tried to add 'echo "1" > /proc/sys/net/ipv6/conf/default/use_tempaddr' but this does not help either. Actual Results: "sysctl -a | grep use_tempaddr" results in: net.ipv6.conf.all.use_tempaddr = 1 net.ipv6.conf.default.use_tempaddr = 0 net.ipv6.conf.lo.use_tempaddr = -1 net.ipv6.conf.eth0.use_tempaddr = 0 use_tempaddr for eth0 is 0 and my IPv6 address contains my MAC address. Expected Results: net.ipv6.conf.eth0.use_tempaddr should be 1 and my IPv6 address should not contain my MAC address. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

http://bugzilla.novell.com/show_bug.cgi?id=494958 Leon Wang <llwang@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|bnc-team-screening@forge.pr |kernel-maintainers@forge.pr |ovo.novell.com |ovo.novell.com -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

http://bugzilla.novell.com/show_bug.cgi?id=494958 User georgmueller@gmx.net added comment http://bugzilla.novell.com/show_bug.cgi?id=494958#c1 --- Comment #1 from Georg Müller <georgmueller@gmx.net> 2009-04-27 05:30:22 MDT --- The issue with some /proc/sys/net/ipv[46]/conf/all/* not doing what they should is already in the kernel bugzilla, see http://bugzilla.kernel.org/show_bug.cgi?id=11655 and http://bugzilla.kernel.org/show_bug.cgi?id=9224 -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

http://bugzilla.novell.com/show_bug.cgi?id=494958 Jeff Mahoney <jeffm@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|P5 - None |P4 - Low AssignedTo|kernel-maintainers@forge.pr |jbohac@novell.com |ovo.novell.com | -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

http://bugzilla.novell.com/show_bug.cgi?id=494958 http://bugzilla.novell.com/show_bug.cgi?id=494958#c2 Jiri Bohac <jbohac@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO Info Provider| |mt@novell.com --- Comment #2 from Jiri Bohac <jbohac@novell.com> 2009-11-25 11:50:55 UTC --- Hmm, my long time plan: push a change to the upstream kernel that makes the /proc/sys/net/ipv[46]/conf/all/* work. This is going to take time and I don't think it is a good idea to diverge from upstream here. The change may never get there, people have different ideas about how this should work :( Until then, this should be fixed in the sysconfig package. I checked the kernel code and: - setting /proc/sys/net/ipv6/conf/all/use_tempaddr cannot have any effect at all. - /proc/sys/net/ipv6/conf/default/use_tempaddr will set the default for newly registered interfaces. If this is set in the initscripts, it might already be too late, as some network drivers are compiled-in into the kernel, may be loaded from initrd, etc. I think this is unusable. The only way to fix this is to read the settings of IPV6_PRIVACY somewhere near ifup (don't know what to do for networkmanager?) and set /proc/sys/net/ipv6/conf/<interface_name>/use_tempaddr accordingly. Marius, could this be done? -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

http://bugzilla.novell.com/show_bug.cgi?id=494958 http://bugzilla.novell.com/show_bug.cgi?id=494958#c3 Marius Tomaschewski <mt@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW CC| |kasievers@novell.com, | |mt@novell.com, | |ro@novell.com Info Provider|mt@novell.com | --- Comment #3 from Marius Tomaschewski <mt@novell.com> 2009-11-25 14:09:13 UTC --- (In reply to comment #2)
Hmm, my long time plan: push a change to the upstream kernel that makes the /proc/sys/net/ipv[46]/conf/all/* work. This is going to take time and I don't think it is a good idea to diverge from upstream here. The change may never get there, people have different ideas about how this should work :(
Until then, this should be fixed in the sysconfig package. I checked the kernel code and:
- setting /proc/sys/net/ipv6/conf/all/use_tempaddr cannot have any effect at all.
OK... this is a bad thing.
- /proc/sys/net/ipv6/conf/default/use_tempaddr will set the default for newly registered interfaces. If this is set in the initscripts, it might already be too late, as some network drivers are compiled-in into the kernel, may be loaded from initrd, etc. I think this is unusable.
Yes, at least physical interfaces are already there...
The only way to fix this is to read the settings of IPV6_PRIVACY somewhere near ifup (don't know what to do for networkmanager?) and set /proc/sys/net/ipv6/conf/<interface_name>/use_tempaddr accordingly.
Marius, could this be done?
rpm -qf /etc/init.d/boot.ipconfig => aaa_base added maintainer to Cc and also Kay. Hmm... This can be set per inteface also via PRE_UP_SCRIPT -- see "man 8 ifup". For virtual interfaces it has to go to sysctl.conf or sysconfig/sysctl as it is using the ..../default/use_temoaddr variable I think. Or does it work properly when the iterface is already up? It would be possible to add a per interface IPV6_PRIVACY variable to ifcfg files and apply before "ip link set up" call... But I'd prefer to use similar names as in proc/sysctl, that is e.g.: SYSCTL_NET_IPV6_CONF_USE_TEMPADDR SYSCTL_NET_IPV6_CONF_AUTOCONF or I think better via per interface ifsysctl.$INTERFACE files with content like: net.ipv6.conf.$IF.autoconf = 0 net.ipv6.conf.$IF.use_tempaddr = 1 IF is the interface name as required in sysctl: ${INTERFACE/\./\/} that can be used instead of the real interface name. In any case, this is not easy or impossible to make for all the virtual interfaces when it is too late when we do it after the ip link set up. Just think of ppp interface, that is created by pppd, not by ifup. But this would be a feature request for 11.3 to make this -- a workaround via a PRE_UP_SCRIPT exists. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

http://bugzilla.novell.com/show_bug.cgi?id=494958 http://bugzilla.novell.com/show_bug.cgi?id=494958#c4 Jiri Bohac <jbohac@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED --- Comment #4 from Jiri Bohac <jbohac@novell.com> 2009-11-25 14:44:16 UTC --- (In reply to comment #3)
Hmm... This can be set per inteface also via PRE_UP_SCRIPT -- see "man 8 ifup".
For virtual interfaces it has to go to sysctl.conf or sysconfig/sysctl as it is using the ..../default/use_temoaddr variable I think. Or does it work properly when the iterface is already up?
net.ipv6.conf.default.use_tempaddr needs to be set before the device is created to have any effect. net.ipv6.conf.IF.use_tempaddr should to be set after the device is created and before the device is brought up. this is a really good idea ... perhaps all the SYSCTL* options could somehow be set without having a list of them in the scripts, so when a new sysctl option is added in the kernel , we won't have to midify the scripts?
or I think better via per interface ifsysctl.$INTERFACE files with content like:
net.ipv6.conf.$IF.autoconf = 0 net.ipv6.conf.$IF.use_tempaddr = 1
This is a really good idea! Perhaps there is a way to have this in the ifcfg- file itself (to keep all the interface settings together) but at the same not requiring the scripts to individually handle the options?
In any case, this is not easy or impossible to make for all the virtual interfaces when it is too late when we do it after the ip link set up.
Couldn't this be handled by udev by calling a script when the interface is registered? It might be hard or impossible to make sure the script finishes before something else brings the device up, though. Kay? One way around this (for this case) could be to disable the IPv6 autoconfiguration completely in the ..../default/... sysctl and only enable it from the udev-called script after setting use_tempaddr.
But this would be a feature request for 11.3 to make this -- a workaround via a PRE_UP_SCRIPT exists.
Right. Still, this does not solve the problem of virtual devices. That would be at least partially fixed by making boot.ipconfig set /proc/sys/net/ipv6/conf/default/use_tempaddr instead of .../all/... -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

http://bugzilla.novell.com/show_bug.cgi?id=494958 http://bugzilla.novell.com/show_bug.cgi?id=494958#c5 Marius Tomaschewski <mt@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |tambet@novell.com --- Comment #5 from Marius Tomaschewski <mt@novell.com> 2009-11-27 11:27:40 UTC --- (In reply to comment #4)
(In reply to comment #3)
or I think better via per interface ifsysctl.$INTERFACE files with content like:
net.ipv6.conf.$IF.autoconf = 0 net.ipv6.conf.$IF.use_tempaddr = 1
This is a really good idea! Perhaps there is a way to have this in the ifcfg- file itself (to keep all the interface settings together) but at the same not requiring the scripts to individually handle the options?
In any case, this is not easy or impossible to make for all the virtual interfaces when it is too late when we do it after the ip link set up.
Couldn't this be handled by udev by calling a script when the interface is registered? It might be hard or impossible to make sure the script finishes before something else brings the device up, though. Kay?
Yes, udev seems to be the best place to execute it. I'll implement a script and call it from /etc/udev/rules.d/77-network.rules it will use /etc/sysconfig/network/ifsysctl-$INTERFACE to set all what's needed when NETWORKMANAGER="no". ==>> Tambet, should I call it also in NETWORKMANAGER="yes" case? The file _inside_ of the file is allowed to use $SYSCTL_IF and the $INTERFACE variables. The SYSCTL_IF variable will be set to ${INTERFACE//./\/} by the script. Example: net.ipv6.conf.$SYSCTL_IF.use_tempaddr Note: sysctl supports two separators "." (default) and "/". When "." is used, every "." in the interface name has to be replaced by "/", e.g. INTERFACE=foo1.42 => SYSCTL_IF=foo1/42 When "/" is used as separator, $INTERFACE can be passed directly, e.g. net/ipv6/conf/$INTERFACE/use_tempaddr
Right. Still, this does not solve the problem of virtual devices. That would be at least partially fixed by making boot.ipconfig set /proc/sys/net/ipv6/conf/default/use_tempaddr instead of .../all/...
yes... it is not only about use_tempaddr -- it is useful/required also for e.g. bridge port setup to tweak these settings. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

http://bugzilla.novell.com/show_bug.cgi?id=494958 http://bugzilla.novell.com/show_bug.cgi?id=494958#c8 --- Comment #8 from Marius Tomaschewski <mt@novell.com> 2009-11-27 17:17:09 UTC --- Created an attachment (id=329830) --> (http://bugzilla.novell.com/attachment.cgi?id=329830) ifup-sysctl script Georg, Jiri, can you test if it works for you? Write "net.ipv6.conf.$SYSCTL_IF.use_tempaddr=1" to the desired /etc/sysconfig/network/ifsysctl-$INTERFACE file, then install -m 755 ifup-sysctl /etc/sysconfig/network/scripts/ifup-sysctl And add the following line before rule block with "ifup ... -o hotplug" to the /etc/udev/rules.d/77-network.rules file: # apply per interface sysctl settings as soon as possible SUBSYSTEM=="net", ACTION=="add", RUN+="/etc/sysconfig/network/scripts/ifup-sysctl $env{INTERFACE} -o hotplug" -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

http://bugzilla.novell.com/show_bug.cgi?id=494958 http://bugzilla.novell.com/show_bug.cgi?id=494958#c9 Tambet Ingo <tambet@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |ASSIGNED Info Provider|tambet@novell.com | --- Comment #9 from Tambet Ingo <tambet@novell.com> 2009-11-30 08:54:15 UTC --- None of our released distributions contain NetworkManager which supports IPv6, so it probably doesn't matter much either way from my perspective. Let's leave the script from comment #8 as it is and I'll let you know if I need it changed sometime later. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

http://bugzilla.novell.com/show_bug.cgi?id=494958 http://bugzilla.novell.com/show_bug.cgi?id=494958#c Dirk Mueller <dmueller@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Info Provider|cdengler@novell.com |ast@novell.com -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

http://bugzilla.novell.com/show_bug.cgi?id=494958 http://bugzilla.novell.com/show_bug.cgi?id=494958#c11 --- Comment #11 from Georg Müller <georgmueller@gmx.net> 2009-12-01 00:52:04 UTC --- This should also work with NetworkManager. Even if NetworkManager does not support IPv6, I get my IPv6 IP via Router Advertisement (radvd) with NetworkManager enabled. I think there should be a generic ifsysctl file with settings applied to all interfaces instead of a per-interface file. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

http://bugzilla.novell.com/show_bug.cgi?id=494958 http://bugzilla.novell.com/show_bug.cgi?id=494958#c12 Georg Müller <georgmueller@gmx.net> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |ASSIGNED Info Provider|ast@novell.com | --- Comment #12 from Georg Müller <georgmueller@gmx.net> 2009-12-01 01:20:48 UTC --- Created an attachment (id=330163) --> (http://bugzilla.novell.com/attachment.cgi?id=330163) modifief ifup-sysctl I did some changes to the ifup-sysctl. 1. run with or without NetorkManager 2. I extract the interface lines from /etc/sysctl.conf I first extract all "all" lines, replace all with $INTERFACE and send them to sysctl. then I grep for lines with $INTERFACE. This way, there is no need for separate files, only /etc/sysctl.conf -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

http://bugzilla.novell.com/show_bug.cgi?id=494958 http://bugzilla.novell.com/show_bug.cgi?id=494958#c13 --- Comment #13 from Jiri Bohac <jbohac@novell.com> 2009-12-01 11:19:43 UTC --- Comment #12:
I first extract all "all" lines, replace all with $INTERFACE and send them to sysctl. then I grep for lines with $INTERFACE.
I thought the per-interface sysctl settings performed by the patch from Marius was a great idea. Perhaps, we could also have a global file /etc/sysconfig/network/ifsysctl-all with settings for all interfaces. These could be applied first, followed by the settings from the per-interface file. But taking the "all" settings from /etc/sysctl.conf is a hack, which is likely to bite us one day. Comment #8: The scripts seem to work fine for interfaces brought up with ifup. But in will they work correctly if something (pppd has been mentioned here earlier, networkmanager might have the same problem): 1) creates a virtual device 2) brings the device "up" immediately If I understand it correctly, 1) triggers the udev event asynchronously (?), so 2) may complete before udev runs. In case of config options like use_tempaddr, which need to be set before the interface is brought up, this might not work reliably. Any thoughts how to improve this? Is there a way to at least make the udev script run before NetworkManager discovers a newly plugged-in interface? That would probably fix the problem for NetworkManager. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

http://bugzilla.novell.com/show_bug.cgi?id=494958 http://bugzilla.novell.com/show_bug.cgi?id=494958#c14 --- Comment #14 from Chris Hills <chaz@chaz6.com> 2009-12-01 11:25:36 UTC --- I agree that per-interface configuration is preferable, but is this not a kernel bug? The interface should not have to be turned down and up to change privacy settings. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

http://bugzilla.novell.com/show_bug.cgi?id=494958 http://bugzilla.novell.com/show_bug.cgi?id=494958#c15 --- Comment #15 from Georg Müller <georgmueller@gmx.net> 2009-12-01 12:03:04 UTC --- I don't think that applying "net.ipv6.conf.all.*" is a bug. If the kernel would do it's job, theses settings would have get applied either. So, this change (apply "all", apply "$INTERFACE") is how the kernel should work. You can have per-interface in /etc/sysctl.conf by specifying e.g. "net.ipv6.conf.eth0.*" in this file, the patched file would read it. I don't see the point to have a file named "ifsysctl-eth0" with placeholders in it. If I can name it *-eth0, I can also fill the placeholders in the first place. With configuration in /etc/sysctl.conf, you don't have to deal with another set of files -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

http://bugzilla.novell.com/show_bug.cgi?id=494958 http://bugzilla.novell.com/show_bug.cgi?id=494958#c16 --- Comment #16 from Jiri Bohac <jbohac@novell.com> 2009-12-01 12:18:20 UTC --- (In reply to comment #14)
I agree that per-interface configuration is preferable, but is this not a kernel bug? The interface should not have to be turned down and up to change privacy settings.
I agree that in case of use_tempaddr, the kernel could behave better and configure the private address even if the option is turned on after the interface got its address. But there are options where setting them prior to bringing the interface up may be very important, e.g. disable_ipv6. The user will rightfully expect that if this option is set, the interface will not start sending out router solicitations when brought up. Yet, if we call the sysctl after bringing the interface up a few solicitations will have been sent out before IPv6 is disabled on the interface. So this possible race condition should be taken into account when designing how this will work. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

http://bugzilla.novell.com/show_bug.cgi?id=494958 http://bugzilla.novell.com/show_bug.cgi?id=494958#c17 --- Comment #17 from Marius Tomaschewski <mt@novell.com> 2009-12-01 21:16:53 UTC --- Created an attachment (id=330351) --> (http://bugzilla.novell.com/attachment.cgi?id=330351) Compromise proposal (just the code without the ifup glue). Georg, the sed s/all/${INTERFACE}/ is not acceptable. Basically "default" and not "all" is responsible for the setting of a new interface. It would also replace all all substrings... but this would be a question for a fix in the sed call. The grep ^net.ipv6.conf.${INTERFACE} /etc/sysctl.conf | sed s/all/${INTERFACE}/ does not make any sense. For what do you want to grep for the interface "grep ^net.ipv6.conf.br1" and then replace s/all/${INTERFACE}/ ? Further, create a eth1.42 interface using "brctl addbr eth1.42" and take a look to the "sysctl -a | grep ^net.ipv6.conf" output. Last, but not least, your script implements only applying of the "all" policy to interfaces. It does not support per-interface setting, that legitimates the script in sysconfig for me (independently of this bug). I'd say, we can apply the global settings from /etc/sysctl.conf first, but without any changes to it and only when a variable is enabled. (Setting "all", changes the global policy that should be set anyway, but does not modify any per interface settings, so it is fine). See the attached script, that implements this. Further, we can have a special "ifsysctl" where you can define settings for all interfaces + "ifsysctl.$INTERFACE" that _should_ have interface specific settings only. Note, that even when using -e -q, you'll get an error for each sysctl key (interface) that does not exists (perhaps this is a bug in sysctl or in the manual page ;-): # bash sysctl.sh | sysctl -e -q -p - /proc/sys/net/ipv6/conf/eth1.2/forwarding: No such file or directory /proc/sys/net/ipv6/conf/eth1.2/use_tempaddr: No such file or directory /proc/sys/net/ipv6/conf/eth1.2/disable_ipv6: No such file or directory OK, this can be solved with a 2>/dev/null. Finally, you _don't_ need to use $INTERFACE or $SYSCTL_IF, but you _can_. I think, it is possible to speak with the NetworkManager maintainer to allow to be allowed to call it when NETWORKMANAGER=no :-) Wel'll see. BTW: Use of a combination of NetworkManager and ifup is not supported. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

http://bugzilla.novell.com/show_bug.cgi?id=494958 http://bugzilla.novell.com/show_bug.cgi?id=494958#c18 Marius Tomaschewski <mt@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |NEEDINFO Info Provider| |tambet@novell.com --- Comment #18 from Marius Tomaschewski <mt@novell.com> 2009-12-01 21:32:58 UTC --- (In reply to comment #9)
None of our released distributions contain NetworkManager which supports IPv6, so it probably doesn't matter much either way from my perspective. Let's leave the script from comment #8 as it is and I'll let you know if I need it changed sometime later.
Tambet, can we make it optional using a special variable controlling it? See comment 11. (In reply to comment #13)
If I understand it correctly, 1) triggers the udev event asynchronously (?), so 2) may complete before udev runs. In case of config options like use_tempaddr, which need to be set before the interface is brought up, this might not work reliably.
Any thoughts how to improve this?
asynchronously to "brctl addbr && ip link set up" calls, yes. Bug the udev rules are executed one after another. We can call udevadm settle after e.g. "brctl addbr" -- it is a good idea anyway. Further, with newer udev, it is possible to set a "done" flag in the udevdb and wait for it to appear. This means we have to put settle between: "brctl addbr ; settle ; ip link set up" Physical interfaces usually appear before NetworkManager gets started anyway. When NetworkManager gets the interface faster than the udev rule, something is wrong anyway. The interface can get renamed by udev rules... -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

http://bugzilla.novell.com/show_bug.cgi?id=494958 http://bugzilla.novell.com/show_bug.cgi?id=494958#c19 --- Comment #19 from Georg Müller <georgmueller@gmx.net> 2009-12-01 22:30:00 UTC --- My script was just a quick shot to show what I mean. The second sed was a copy/paste error (it was late ;) ). The sed would not replace all "all" substrings ( sed s/all/eth0/g would do that), and since I grep for a string from the beginning (^) I only replace the 'all' at the beginning. Regarding ifup and NetworkManager: If I add an interface via vconfig, it uses the value of "net.ipv6.conf.default.use_tempaddr" - so it works here. The execution of the script is not really related to if-up, but to udev, or am I wrong? -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

http://bugzilla.novell.com/show_bug.cgi?id=494958 http://bugzilla.novell.com/show_bug.cgi?id=494958#c20 Marius Tomaschewski <mt@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #329830|0 |1 is obsolete| | Attachment #330351|0 |1 is obsolete| | --- Comment #20 from Marius Tomaschewski <mt@novell.com> 2009-12-02 08:43:44 UTC --- Created an attachment (id=330439) --> (http://bugzilla.novell.com/attachment.cgi?id=330439) ifup-sysctl script v2 (In reply to comment #19)
My script was just a quick shot to show what I mean. The second sed was a copy/paste error (it was late ;) ).
The sed would not replace all "all" substrings ( sed s/all/eth0/g would do that), and since I grep for a string from the beginning (^) I only replace the 'all' at the beginning.
Yes, it was late yesterday too. Note: I don't force you to use $INTERFACE -- you can use the interface name directly. See also the script attached in comment 17 and in this one -- there is a interface independent ifsysctl file now and the global /etc/sysctl.conf can be applied as well.
Regarding ifup and NetworkManager: If I add an interface via vconfig, it uses the value of "net.ipv6.conf.default.use_tempaddr" - so it works here.
Well, any new interface makes use of the default -- when the default is already applied. This is the case, because boot.sysctl script runs before network where any virtual interfaces are created. This is not the case for physical interfaces that are created earlier and why we need a fix. But this special problem can be solved using a PRE_UP_SCRIPT as well - at least for the ifup / NM=no case (I'm bad and don't care about NM in worst case ;-). The point is different: sysconfig needs per-interface settings and has to provide this (complete, not only a fix for this bug) functionality anyway, e.g. to disable ipv6 or autoconfig only on a particular interface (e.g. on a bridge port) or set another settings required in some setups. It makes sense to combine a bug fix for this issue and this requirement. I can provide this script as new feature for 11.3 only and ignore this bug, but because it is very useful and avoids the need of user hacks also on 11.x, we can _try_ to provide it earlier as update - it may still get rejected by the maintenance team.
The execution of the script is not really related to if-up, but to udev, or am I wrong?
Well... udev yes and no, because it is net subsystem (=ifup/NM) related. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

http://bugzilla.novell.com/show_bug.cgi?id=494958 http://bugzilla.novell.com/show_bug.cgi?id=494958#c21 Marius Tomaschewski <mt@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #330163|0 |1 is obsolete| | Attachment #330439|0 |1 is obsolete| | --- Comment #21 from Marius Tomaschewski <mt@novell.com> 2009-12-02 09:53:29 UTC --- Created an attachment (id=330456) --> (http://bugzilla.novell.com/attachment.cgi?id=330456) ifup-sysctl script v3 Removed applying of /etc/sysctl.conf -- it may break too much. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

http://bugzilla.novell.com/show_bug.cgi?id=494958 http://bugzilla.novell.com/show_bug.cgi?id=494958#c22 Marius Tomaschewski <mt@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #330456|0 |1 is obsolete| | --- Comment #22 from Marius Tomaschewski <mt@novell.com> 2009-12-02 11:14:14 UTC --- Created an attachment (id=330480) --> (http://bugzilla.novell.com/attachment.cgi?id=330480) ifup-sysctl script v4 Removed interface name match completely... perhaps the user wants to set some other setting without the interface name in the key when an interface comes up. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

http://bugzilla.novell.com/show_bug.cgi?id=494958 http://bugzilla.novell.com/show_bug.cgi?id=494958#c23 Marius Tomaschewski <mt@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #330480|0 |1 is obsolete| | --- Comment #23 from Marius Tomaschewski <mt@novell.com> 2009-12-02 11:41:57 UTC --- Created an attachment (id=330482) --> (http://bugzilla.novell.com/attachment.cgi?id=330482) ifup-sysctl script v5 Redirected sysctl error messages as info to syslog (not visible by default); it complains about any not existing key (IMO sysctl -e bug), usually the case when an interface does not exist yet. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

http://bugzilla.novell.com/show_bug.cgi?id=494958 http://bugzilla.novell.com/show_bug.cgi?id=494958#c24 --- Comment #24 from Marius Tomaschewski <mt@novell.com> 2009-12-02 11:54:47 UTC --- Tambet, SYSCTL_NETWORKMANAGER=no by default or can we set it to yes? -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

http://bugzilla.novell.com/show_bug.cgi?id=494958 http://bugzilla.novell.com/show_bug.cgi?id=494958#c25 --- Comment #25 from Marius Tomaschewski <mt@novell.com> 2009-12-02 14:36:27 UTC --- Created an attachment (id=330507) --> (http://bugzilla.novell.com/attachment.cgi?id=330507) ifsysctl.5 manual page -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

http://bugzilla.novell.com/show_bug.cgi?id=494958 http://bugzilla.novell.com/show_bug.cgi?id=494958#c26 Marius Tomaschewski <mt@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |ASSIGNED Info Provider|tambet@novell.com | --- Comment #26 from Marius Tomaschewski <mt@novell.com> 2009-12-04 07:44:23 UTC --- (In reply to comment #24)
SYSCTL_NETWORKMANAGER=no by default or can we set it to yes?
Will be "no" by default as Tambet decided in comment 9. To enable it with NetworkManager as well, the variable IFSYSCTL_NETWORKMANAGER (added IF in the front to match the ifsysctl config names) has to be changed to "yes". -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

http://bugzilla.novell.com/show_bug.cgi?id=494958 http://bugzilla.novell.com/show_bug.cgi?id=494958#c30 Marius Tomaschewski <mt@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution| |FIXED --- Comment #30 from Marius Tomaschewski <mt@novell.com> 2010-01-14 15:11:01 UTC --- Fixed in SLE-11-SP1 and submitted to Base:System and openSUSE:Factory. There will be no update for openSUSE-11.2 providing the ifsysctl script: workaround of the problem is possible by adding udev rule(s) like this: SUBSYSTEM=="net", ACTION=="add", RUN+="/sbin/sysctl -q -w net/ipv6/conf/$env{INTERFACE}/use_tempaddr=1" [it has to use the alternative sysctl format with / separator to avoid the need of quoted dot's in the interface name] to 77-network.rules before the "ifup $env{INTERFACE} -o hotplug" rule block or also to a new rule file, e.g. 76-per-interface-sysctl.rules. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

http://bugzilla.novell.com/show_bug.cgi?id=494958 http://bugzilla.novell.com/show_bug.cgi?id=494958#c32 --- Comment #32 from Bernhard Wiedemann <bwiedemann@suse.com> --- This is an autogenerated message for OBS integration: This bug (494958) was mentioned in https://build.opensuse.org/request/show/58730 Factory / aaa_base -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com