Re: firejail: changing Ethernet network adapter name is breaking Firefox profile
On Sat, 2022-01-22 at 23:53 +0100, Andrei POPESCU wrote: > On Sb, 22 ian 22, 10:00:34, to...@tuxteam.de wrote: > > > > *Poof*, your Ethernet device name changes, since, by default [1] it's > > named after the path in the USB device tree leading to your device. > > Don't forget to stick your Ethernet dongle into the same port > > afterwards. Else... *poof*. > > I thought USB dongles are supposed to be using the MAC based naming > scheme by default. Out of curiosity, just in draw for a USB ether dongle, it looks like the serial number is used... [ 281.313111] usb 2-9: Manufacturer: Realtek [ 281.313115] usb 2-9: SerialNumber: 0023563C4747 [ 281.350604] usbcore: registered new interface driver r8152 [ 281.362262] usbcore: registered new interface driver cdc_ether [...] [ 281.533462] r8152 2-9:1.0 eth0: v1.11.11 [ 281.550872] r8152 2-9:1.0 enx0023563c4747: renamed from eth0 -- Tixy
Re: firejail: changing Ethernet network adapter name is breaking Firefox profile
On Sb, 22 ian 22, 10:00:34, to...@tuxteam.de wrote: > > *Poof*, your Ethernet device name changes, since, by default [1] it's > named after the path in the USB device tree leading to your device. > Don't forget to stick your Ethernet dongle into the same port > afterwards. Else... *poof*. I thought USB dongles are supposed to be using the MAC based naming scheme by default. Kind regards, Andrei -- http://wiki.debian.org/FAQsFromDebianUser signature.asc Description: PGP signature
Re: firejail: changing Ethernet network adapter name is breaking Firefox profile
On Sb, 22 ian 22, 09:52:45, David Wright wrote: > On Sat 22 Jan 2022 at 11:32:17 (+), piorunz wrote: > > On 22/01/2022 07:28, Andrei POPESCU wrote: > > > On Lu, 17 ian 22, 22:43:49, piorunz wrote: > > > > > > > > Problem is, every now and then, Ethernet adapter name changes, from > > > > enp5s0 to enp6s0 for example. > > > > > > Those names are supposed to be stable. > > > > > > Are you doing any changes to the hardware when that happens? > > > > No, I just reboot or turn off & on again my computer. > > Presumably that has to be caused by the hardware or the firmware, > which sounds decidedly flaky, and something the OS can do nothing > about, except work around it. A BIOS / UEFI Firmware update might fix it. Kind regards, Andrei -- http://wiki.debian.org/FAQsFromDebianUser signature.asc Description: PGP signature
Re: firejail: changing Ethernet network adapter name is breaking Firefox profile
On Sat, Jan 22, 2022 at 10:00:34AM +0100, to...@tuxteam.de wrote: > On Sat, Jan 22, 2022 at 08:28:34AM +0100, Andrei POPESCU wrote: > > On Lu, 17 ian 22, 22:43:49, piorunz wrote: > > > > > > Problem is, every now and then, Ethernet adapter name changes, from > > > enp5s0 to enp6s0 for example. > > > > Those names are supposed to be stable. > > Hahaha :) > > Actually, they're supposed to be /predictable/. In reality, they are neither. What piorunz is reporting is not uncommon. Any change to the system hardware, or even to the motherboard's firmware, can cause PCI devices to be renumbered. This causes "predictable" network interface names to change, unpredictably. Some people work around this by reverting to the old "eth0" style names, and for machines with exactly one ethernet interface, this works well. For machines with more than one ethernet interface, of course, it doesn't. On such machines, the best course of action seems to be setting up systemd.link(5) files to give your interfaces whatever names you want them to have, based on their MAC addresses. (In essence, replicating what udev used to do by default, but which was deprecated in buster.)
Re: firejail: changing Ethernet network adapter name is breaking Firefox profile
On Sat, Jan 22, 2022 at 09:53:00AM -0600, David Wright wrote: [...] > That doesn't tally with my experience. Two paragraphs before Table 2 is: > >ID_NET_NAME_MAC=prefixxAABBCCDDEEFF [...] > which describes what I observe here. MAC is definitely a better choice in this (USB) context. Although, I could come up with some funny "war stories" on that, too :-) > > Me? I've decided that the whole schema is far too Rube Goldbergesque [...] > It's not as if you're given no choice in the matter. Luckily, luckily :-) Cheers -- t signature.asc Description: PGP signature
Re: firejail: changing Ethernet network adapter name is breaking Firefox profile
On Sat 22 Jan 2022 at 10:00:34 (+0100), to...@tuxteam.de wrote: > On Sat, Jan 22, 2022 at 08:28:34AM +0100, Andrei POPESCU wrote: > > On Lu, 17 ian 22, 22:43:49, piorunz wrote: > > > > > > Problem is, every now and then, Ethernet adapter name changes, from > > > enp5s0 to enp6s0 for example. > > > > Those names are supposed to be stable. > > Hahaha :) > > Actually, they're supposed to be /predictable/. > > Now assume the following situation: you've got just one USB port (Apple, > I'm looking at you). Your Ethernet adapter is a dongle hanging off it. > You now realize you need some USB storage to do your backups (you make > backups, don't you?). You go to the shop, buy a USB hub, stick it into > your port, and stick your Ethernet adapter into it, so now you have some > more free USB thingies. > > *Poof*, your Ethernet device name changes, since, by default [1] it's > named after the path in the USB device tree leading to your device. > Don't forget to stick your Ethernet dongle into the same port > afterwards. Else... *poof*. > > So... predictable, yes. Stable... is in the eye of the beholder. > [1] > https://www.man7.org/linux/man-pages/man7/systemd.net-naming-scheme.7.html#NAMING > (search for "Table 2" there: gah, why don't people provide anchors That doesn't tally with my experience. Two paragraphs before Table 2 is: ID_NET_NAME_MAC=prefixxAABBCCDDEEFF This name consists of the prefix, letter x, and 12 hexadecimal digits of the MAC address. It is available if the device has a fixed MAC address. Because this name is based on an attribute of the card itself, it remains "stable" when the device is moved (even between machines), but will change when the hardware is replaced. which describes what I observe here. > Me? I've decided that the whole schema is far too Rube Goldbergesque for > my needs. I have "net.ifnames=0" in my Linux boot commandline (via > /etc/default/grub) and made sure nothing messes with things after boot. > > The day this humble laptop has more than one Ethernet (or wlan) adapter, > I'll cope with it. It's not as if you're given no choice in the matter. Cheers, David.
Re: firejail: changing Ethernet network adapter name is breaking Firefox profile
On Sat 22 Jan 2022 at 11:32:17 (+), piorunz wrote: > On 22/01/2022 07:28, Andrei POPESCU wrote: > > On Lu, 17 ian 22, 22:43:49, piorunz wrote: > > > > > > Problem is, every now and then, Ethernet adapter name changes, from > > > enp5s0 to enp6s0 for example. > > > > Those names are supposed to be stable. > > > > Are you doing any changes to the hardware when that happens? > > No, I just reboot or turn off & on again my computer. Presumably that has to be caused by the hardware or the firmware, which sounds decidedly flaky, and something the OS can do nothing about, except work around it. As for that, I would have thought that's pretty easy: you just set an environment variable with the name of the interface in it, and use firejail --net="$Mywiredifname" … All my systems define that very variable, not because I have issues with the OS's choice, but so that I can use the same script to scp through the IPv6 link address to whatever machine is on the other end of the wire (yes, I know, it's a cheat). Cheers, David.
Re: firejail: changing Ethernet network adapter name is breaking Firefox profile
On 22/01/2022 09:00, to...@tuxteam.de wrote: Hahaha:) Actually, they're supposed to be/predictable/. Now assume the following situation: you've got just one USB port (Apple, I'm looking at you). Your Ethernet adapter is a dongle hanging off it. You now realize you need some USB storage to do your backups (you make backups, don't you?). You go to the shop, buy a USB hub, stick it into your port, and stick your Ethernet adapter into it, so now you have some more free USB thingies. *Nothing* like this happens in my case. I just turn off & on again my computer. This is my ethernet card: 06:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller (rev 15) It's built in to my ASUS motherboard. -- With kindest regards, Piotr. ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system ⢿⡄⠘⠷⠚⠋⠀ https://www.debian.org/ ⠈⠳⣄
Re: firejail: changing Ethernet network adapter name is breaking Firefox profile
On 22/01/2022 07:28, Andrei POPESCU wrote: On Lu, 17 ian 22, 22:43:49, piorunz wrote: Problem is, every now and then, Ethernet adapter name changes, from enp5s0 to enp6s0 for example. Those names are supposed to be stable. Are you doing any changes to the hardware when that happens? Kind regards, Andrei No, I just reboot or turn off & on again my computer. -- With kindest regards, Piotr. ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system ⢿⡄⠘⠷⠚⠋⠀ https://www.debian.org/ ⠈⠳⣄
Re: firejail: changing Ethernet network adapter name is breaking Firefox profile
On Sat, Jan 22, 2022 at 08:28:34AM +0100, Andrei POPESCU wrote: > On Lu, 17 ian 22, 22:43:49, piorunz wrote: > > > > Problem is, every now and then, Ethernet adapter name changes, from > > enp5s0 to enp6s0 for example. > > Those names are supposed to be stable. Hahaha :) Actually, they're supposed to be /predictable/. Now assume the following situation: you've got just one USB port (Apple, I'm looking at you). Your Ethernet adapter is a dongle hanging off it. You now realize you need some USB storage to do your backups (you make backups, don't you?). You go to the shop, buy a USB hub, stick it into your port, and stick your Ethernet adapter into it, so now you have some more free USB thingies. *Poof*, your Ethernet device name changes, since, by default [1] it's named after the path in the USB device tree leading to your device. Don't forget to stick your Ethernet dongle into the same port afterwards. Else... *poof*. So... predictable, yes. Stable... is in the eye of the beholder. Me? I've decided that the whole schema is far too Rube Goldbergesque for my needs. I have "net.ifnames=0" in my Linux boot commandline (via /etc/default/grub) and made sure nothing messes with things after boot. The day this humble laptop has more than one Ethernet (or wlan) adapter, I'll cope with it. Cheers [1] https://www.man7.org/linux/man-pages/man7/systemd.net-naming-scheme.7.html#NAMING (search for "Table 2" there: gah, why don't people provide anchors -- t signature.asc Description: PGP signature
Re: firejail: changing Ethernet network adapter name is breaking Firefox profile
On Lu, 17 ian 22, 22:43:49, piorunz wrote: > > Problem is, every now and then, Ethernet adapter name changes, from > enp5s0 to enp6s0 for example. Those names are supposed to be stable. Are you doing any changes to the hardware when that happens? Kind regards, Andrei -- http://wiki.debian.org/FAQsFromDebianUser signature.asc Description: PGP signature
Re: firejail: changing Ethernet network adapter name is breaking Firefox profile
On 17/01/2022 22:50, Darac Marjal wrote: If you have multiple Network Adapters, connected to different networks, why not give them more sensible names? Using https://wiki.debian.org/NetworkInterfaceNames#CUSTOM_SCHEMES_USING_.LINK_FILES you can assign names such as "lan", "wan", "internal", "wifi" etc. That way, you just need to do "firejail --net=wan --netfilter=/etc/firejail/nolocal.net firefox -P default-esr". Amazing, that worked! Thanks! -- With kindest regards, Piotr. ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system ⢿⡄⠘⠷⠚⠋⠀ https://www.debian.org/ ⠈⠳⣄
Re: firejail: changing Ethernet network adapter name is breaking Firefox profile
On 17/01/2022 22:43, piorunz wrote: Hello, I run Firefox via firejail. I let Firefox use only one network adapter, because that cuts off Firefox from my LAN. I run several profiles of Firefox on my machine. Only one of them has access to LAN for security reasons. This is my example shortcut in KDE menu: firejail --net=enp5s0 --netfilter=/etc/firejail/nolocal.net firefox -P default-esr Problem is, every now and then, Ethernet adapter name changes, from enp5s0 to enp6s0 for example. Shortcut stops working! I have to manually edit all shortcuts, and change enp5s0 to enp6s0 in each one. If you have multiple Network Adapters, connected to different networks, why not give them more sensible names? Using https://wiki.debian.org/NetworkInterfaceNames#CUSTOM_SCHEMES_USING_.LINK_FILES you can assign names such as "lan", "wan", "internal", "wifi" etc. That way, you just need to do "firejail --net=wan --netfilter=/etc/firejail/nolocal.net firefox -P default-esr". How to fix this? -- With kindest regards, Piotr. ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system ⢿⡄⠘⠷⠚⠋⠀ https://www.debian.org/ ⠈⠳⣄ OpenPGP_signature Description: OpenPGP digital signature
firejail: changing Ethernet network adapter name is breaking Firefox profile
Hello, I run Firefox via firejail. I let Firefox use only one network adapter, because that cuts off Firefox from my LAN. I run several profiles of Firefox on my machine. Only one of them has access to LAN for security reasons. This is my example shortcut in KDE menu: firejail --net=enp5s0 --netfilter=/etc/firejail/nolocal.net firefox -P default-esr Problem is, every now and then, Ethernet adapter name changes, from enp5s0 to enp6s0 for example. Shortcut stops working! I have to manually edit all shortcuts, and change enp5s0 to enp6s0 in each one. How to fix this? -- With kindest regards, Piotr. ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system ⢿⡄⠘⠷⠚⠋⠀ https://www.debian.org/ ⠈⠳⣄
