Is the current situation good enough? In the procps package, the default
is still "2". Image deployments change that as Scott described in
comment #23 (but that was 3y ago, might have changed). I don't know how
server installs using the text mode installer behave, it's been a while
since I last
Hi Christian. Some comments/corrections:
1) On servers privacy extensions are *not* always enabled. As I pointed
out in comment #24, if NM is not in use, privacy extensions are only
enabled for userspace-created interfaces such as "vlan123". It is *not*
enabled by default for physical interfaces
Thanks Tore for checking so much Details and all the relations to
NetworkManager it might have on a Desktop.
On a server (no NM) I'd think it is always enabled i'd think.
But if that is a bug or not is a"discussion".
Just as much as users want it off (here) others want it on - see bug 176125 and
In case anyone's interested in knowing why setting
net/ipv6/conf/all/use_tempaddr=2 no longer changes the value of pre-
existing interfaces (thus ensuring privacy extensions are disabled by
default for physical interfaces configured through
/etc/network/interfaces), it's because
Correction to my previous comment: "disable_ipv6" should of course have
read "use_tempaddr" throughout, except for the part about NM bouncing
the disable_ipv6 sysctl.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to procps in
The situation appears to have improved somewhat in Xenial. The
net/ipv6/conf/all/disable_ipv6 sysctl appears to have become a no-op in
recent kernels, so when 10-ipv6-privacy.conf gets applied during the
bootup sequence (by systemd-sysctl.service) it does *not* change the
effective per-device
** Tags added: trusty
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to procps in Ubuntu.
https://bugs.launchpad.net/bugs/1068756
Title:
IPv6 Privacy Extensions enabled on Ubuntu Server by default
Status in cloud-init
ok. so some updates.
Ben fixed this in the cloud image build process via [1] (commit [2]), and
limited the change to utopic+.
The fix was done by adding a file /etc/sysctl.d/99-cloudimg-ipv6.conf
The problem with this change is described in bug 1352255 and bug
994931. If ipv6 addresses are
interestingly enough, modifying the privacy settings via sysctl has some
negative affects if addresses are already up. see diagnosis in bug
1377005 .
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to procps in Ubuntu.
Just to document additional support. I concur that on a Server install,
PE should disabled by default. A server doesn't fall into the use case
of needing to protect the privacy of the user. It is meant to be known,
not obfuscated.
--
You received this bug notification because you are a member
marked this 'triaged' in cloud-init while still not really relevant.
Ben Howard has disabled the privacy extensions in cloud images in 14.10, and
the plan is to just do the same for 14.04.
** Changed in: cloud-init (Ubuntu)
Status: New = Triaged
** Changed in: cloud-init (Ubuntu)
11 matches
Mail list logo
