This patch changes the way how existing installations get their IPv6 address which is something that really shouldn't be done in an update to an LTS release in my opinion. Even worse it completely overrules configuration in /etc/sysctl.d/10-ipv6-privacy.conf and if you change the configuration on a running system network-manager changes it back within a second! For example
runge:~# sysctl -w net.ipv6.conf.eth0.use_tempaddr=0 net.ipv6.conf.eth0.use_tempaddr = 0 wait a few seconds while network-manager says something about disconnected wired interface runge:~# sysctl net.ipv6.conf.eth0.use_tempaddr net.ipv6.conf.eth0.use_tempaddr = 2 Network-manager shouldn't overrule the system configuration, especially when network-manager currently has no toggle for privacy extensions. If you think changing the default is okay in a stable update (I really don't), at least it should be done in a way that makes it possible to easily go back to the previous behaviour. Given that the sysctl default is already what we want as default, I don't see why NM has to explicitly set it again and if it doesn't do that it would be possible to change the configuration in /etc/sysctl. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to network-manager in Ubuntu. https://bugs.launchpad.net/bugs/990011 Title: use_tempaddr is *still* not set properly for default eth0 connections Status in “network-manager” package in Ubuntu: Fix Released Status in “network-manager” source package in Precise: Fix Released Bug description: [Impact] Only affects IPv6 connections, but we established that the default should be to maintain our users' privacy on IPv6 connections; we want all IPv6 external connections to be established using temporary, dynamic addresses. [Development Fix] Very minor patch to threat an unknown value (-1) as (2), aka, enabling and preferring privacy extensions. Patch is attached. [Stable Fix] See "Development fix". [Test case] Connect a wire to your system. With NetworkManager running, the value returned by 'sysctl net.ipv6.conf.eth0.use_tempaddr' should be 2 at all times unless configured otherwise (though the default is set to 2 by default). Without the patch, the value is reset to 0 when NetworkManager is running, and correctly set to 2 when NetworkManager is stopped (since it reverts the value to the value when NM started). [Regression Potential] Low, impact may be failing connections in case of issues with the privacy extensions system in the Linux kernel. ---- The use_tempaddr sysctl defaults to 0 in NetworkManager if it's not set elsewhere, such as it is the case for the default NM-created, automatic wired connection. That connection is never "completed" (because it's internal magic), and nm_backend_ipv6_use_tempaddr() doesn't have a chance of returning a valid system-wide default value since the function it calls, nm_generic_ipv6_use_tempaddr() only checks in /etc/sysctl.conf and /lib/sysctl.d/sysctl.conf for a system default value. (Regardless, this wouldn't work since we generate a setting based on a number of files in /etc/sysctl.d) Change the behavior slightly to default to a string of -1 as a default value in nm-system.c; then make sure that if that value is never changed by the result of nm_backend_ipv6_use_tempaddr(), we just don't touch that sysctl at all. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/990011/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
