[Touch-packages] [Bug 1813394] Re: DROPBEAR_IFDOWN=* takes interface down but leaves netplan config
Patch for /usr/share/initramfs-tools/scripts/init-bottom/dropbear on
Ubuntu 22.04-LTS
This feels like the better place, as it respects dropbear's original
semantic for IFDOWN on systems which run netplan. Needs to be followed
by update-initramfs -u -k 'all'
/root/dropbear-orig2022-12-27 10:50:51.619568832 +
+++ /usr/share/initramfs-tools/scripts/init-bottom/dropbear 2022-12-27
10:56:21.291398517 +
@@ -79,6 +79,12 @@
ip linkset dev "$IFACE" down
ip address flush dev "$IFACE"
ip route flush dev "$IFACE"
+
+if [ -f "/run/netplan/${IFACE}.yaml" ]; then
+rm -f "/run/netplan/${IFACE}.yaml"
+
+fi
+
log_end_msg
done
fi
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to initramfs-tools in Ubuntu.
https://bugs.launchpad.net/bugs/1813394
Title:
DROPBEAR_IFDOWN=* takes interface down but leaves netplan config
Status in clevis package in Ubuntu:
Confirmed
Status in dropbear package in Ubuntu:
Confirmed
Status in initramfs-tools package in Ubuntu:
Confirmed
Bug description:
On bionic, setting the network interface up (e.g. eno1) with DHCP now
causes a /run/netplan/eno1.yaml and a /run/net-eno1.conf file to be
written. The former gets imported by netplan after boot and causes the
DHCP lease from the initrd to be around forever, which I think goes
against the intent of DROPBEAR_IFDOWN=*.
I have brewed up a workaround script that lives in /etc/initramfs-
tools/scripts/init-bottom/hack-delete-netif-netplan.sh for now:
8< cut >8
#!/bin/sh
PREREQ=""
prereqs() {
echo "$PREREQ"
}
case "$1" in
prereqs)
prereqs
exit 0
;;
esac
. /scripts/functions
log_begin_msg "Deleting all network configuration that systemd could try to
import"
rm /run/net-*.conf
rm /run/netplan/*.yaml
log_end_msg
8< cut >8
I think that dropbear-intiramfs's init-bottom script should do this in
addition to downing the interfaces that it finds via the
DROPBEAR_IFDOWN pattern. Do you agree?
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/clevis/+bug/1813394/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1813394] Re: DROPBEAR_IFDOWN=* takes interface down but leaves netplan config
Confirming the clevis issue.
Patch for reference:
--- /usr/share/initramfs-tools/scripts/local-bottom/clevis.orig 2022-07-11
10:52:16.938228467 -0500
+++ /usr/share/initramfs-tools/scripts/local-bottom/clevis 2022-07-11
10:30:08.040636353 -0500
@@ -46,5 +46,9 @@ for iface in /sys/class/net/*; do
ip link set dev "$iface" down
ip addr flush dev "$iface"
ip route flush dev "$iface"
+
+if [ -f "/run/netplan/${iface}.yaml" ]; then
+rm "/run/netplan/${iface}.yaml"
+fi
fi
done
Followed by: update-initramfs -u -k 'all'
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to initramfs-tools in Ubuntu.
https://bugs.launchpad.net/bugs/1813394
Title:
DROPBEAR_IFDOWN=* takes interface down but leaves netplan config
Status in clevis package in Ubuntu:
Confirmed
Status in dropbear package in Ubuntu:
Confirmed
Status in initramfs-tools package in Ubuntu:
Confirmed
Bug description:
On bionic, setting the network interface up (e.g. eno1) with DHCP now
causes a /run/netplan/eno1.yaml and a /run/net-eno1.conf file to be
written. The former gets imported by netplan after boot and causes the
DHCP lease from the initrd to be around forever, which I think goes
against the intent of DROPBEAR_IFDOWN=*.
I have brewed up a workaround script that lives in /etc/initramfs-
tools/scripts/init-bottom/hack-delete-netif-netplan.sh for now:
8< cut >8
#!/bin/sh
PREREQ=""
prereqs() {
echo "$PREREQ"
}
case "$1" in
prereqs)
prereqs
exit 0
;;
esac
. /scripts/functions
log_begin_msg "Deleting all network configuration that systemd could try to
import"
rm /run/net-*.conf
rm /run/netplan/*.yaml
log_end_msg
8< cut >8
I think that dropbear-intiramfs's init-bottom script should do this in
addition to downing the interfaces that it finds via the
DROPBEAR_IFDOWN pattern. Do you agree?
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/clevis/+bug/1813394/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1813394] Re: DROPBEAR_IFDOWN=* takes interface down but leaves netplan config
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: clevis (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to initramfs-tools in Ubuntu.
https://bugs.launchpad.net/bugs/1813394
Title:
DROPBEAR_IFDOWN=* takes interface down but leaves netplan config
Status in clevis package in Ubuntu:
Confirmed
Status in dropbear package in Ubuntu:
Confirmed
Status in initramfs-tools package in Ubuntu:
Confirmed
Bug description:
On bionic, setting the network interface up (e.g. eno1) with DHCP now
causes a /run/netplan/eno1.yaml and a /run/net-eno1.conf file to be
written. The former gets imported by netplan after boot and causes the
DHCP lease from the initrd to be around forever, which I think goes
against the intent of DROPBEAR_IFDOWN=*.
I have brewed up a workaround script that lives in /etc/initramfs-
tools/scripts/init-bottom/hack-delete-netif-netplan.sh for now:
8< cut >8
#!/bin/sh
PREREQ=""
prereqs() {
echo "$PREREQ"
}
case "$1" in
prereqs)
prereqs
exit 0
;;
esac
. /scripts/functions
log_begin_msg "Deleting all network configuration that systemd could try to
import"
rm /run/net-*.conf
rm /run/netplan/*.yaml
log_end_msg
8< cut >8
I think that dropbear-intiramfs's init-bottom script should do this in
addition to downing the interfaces that it finds via the
DROPBEAR_IFDOWN pattern. Do you agree?
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/clevis/+bug/1813394/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1813394] Re: DROPBEAR_IFDOWN=* takes interface down but leaves netplan config
The same problem occurs when the hdd is automatically decrypted with
clevis and a tang server. The script /usr/share/initramfs-
tools/scripts/local-bottom/clevis tries to deactivate the network
interface again after it got the secret to decrypt the disk from the
tang server:
...
for iface in /sys/class/net/*; do
if [ -e "$iface" ]; then
iface=$(basename "$iface")
ip link set dev "$iface" down
ip addr flush dev "$iface"
ip route flush dev "$iface"
fi
done
The presence of /run/net-*.conf and /run/netplan/*.yaml leads to the
interface beeing managed by systemd-networkd instad of NetworkManager
here, too.
Instead of implementing removal of the files in dropbear an clevis,
maybe there is a single place to serve both, dropbear and clevis?
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to initramfs-tools in Ubuntu.
https://bugs.launchpad.net/bugs/1813394
Title:
DROPBEAR_IFDOWN=* takes interface down but leaves netplan config
Status in clevis package in Ubuntu:
New
Status in dropbear package in Ubuntu:
Confirmed
Status in initramfs-tools package in Ubuntu:
Confirmed
Bug description:
On bionic, setting the network interface up (e.g. eno1) with DHCP now
causes a /run/netplan/eno1.yaml and a /run/net-eno1.conf file to be
written. The former gets imported by netplan after boot and causes the
DHCP lease from the initrd to be around forever, which I think goes
against the intent of DROPBEAR_IFDOWN=*.
I have brewed up a workaround script that lives in /etc/initramfs-
tools/scripts/init-bottom/hack-delete-netif-netplan.sh for now:
8< cut >8
#!/bin/sh
PREREQ=""
prereqs() {
echo "$PREREQ"
}
case "$1" in
prereqs)
prereqs
exit 0
;;
esac
. /scripts/functions
log_begin_msg "Deleting all network configuration that systemd could try to
import"
rm /run/net-*.conf
rm /run/netplan/*.yaml
log_end_msg
8< cut >8
I think that dropbear-intiramfs's init-bottom script should do this in
addition to downing the interfaces that it finds via the
DROPBEAR_IFDOWN pattern. Do you agree?
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/clevis/+bug/1813394/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1813394] Re: DROPBEAR_IFDOWN=* takes interface down but leaves netplan config
** Also affects: clevis (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to initramfs-tools in Ubuntu.
https://bugs.launchpad.net/bugs/1813394
Title:
DROPBEAR_IFDOWN=* takes interface down but leaves netplan config
Status in clevis package in Ubuntu:
New
Status in dropbear package in Ubuntu:
Confirmed
Status in initramfs-tools package in Ubuntu:
Confirmed
Bug description:
On bionic, setting the network interface up (e.g. eno1) with DHCP now
causes a /run/netplan/eno1.yaml and a /run/net-eno1.conf file to be
written. The former gets imported by netplan after boot and causes the
DHCP lease from the initrd to be around forever, which I think goes
against the intent of DROPBEAR_IFDOWN=*.
I have brewed up a workaround script that lives in /etc/initramfs-
tools/scripts/init-bottom/hack-delete-netif-netplan.sh for now:
8< cut >8
#!/bin/sh
PREREQ=""
prereqs() {
echo "$PREREQ"
}
case "$1" in
prereqs)
prereqs
exit 0
;;
esac
. /scripts/functions
log_begin_msg "Deleting all network configuration that systemd could try to
import"
rm /run/net-*.conf
rm /run/netplan/*.yaml
log_end_msg
8< cut >8
I think that dropbear-intiramfs's init-bottom script should do this in
addition to downing the interfaces that it finds via the
DROPBEAR_IFDOWN pattern. Do you agree?
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/clevis/+bug/1813394/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1813394] Re: DROPBEAR_IFDOWN=* takes interface down but leaves netplan config
I can confirm the workaround by boxeus works on Ubuntu 20.04 LTS. To
improve on that, the lines can be added to the /etc/dropbear-
initramfs/config config file instead to avoid upgrade issues. It is
loaded towards the end of /usr/share/initramfs-tools/scripts/init-
bottom/dropbear anyway.
Automation two-liner:
echo -e "rm /run/net-*.conf\nrm /run/netplan/*.yaml" >>
/etc/dropbear-initramfs/config
update-initramfs -u
After that, netplan actually works again.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to initramfs-tools in Ubuntu.
https://bugs.launchpad.net/bugs/1813394
Title:
DROPBEAR_IFDOWN=* takes interface down but leaves netplan config
Status in dropbear package in Ubuntu:
Confirmed
Status in initramfs-tools package in Ubuntu:
Confirmed
Bug description:
On bionic, setting the network interface up (e.g. eno1) with DHCP now
causes a /run/netplan/eno1.yaml and a /run/net-eno1.conf file to be
written. The former gets imported by netplan after boot and causes the
DHCP lease from the initrd to be around forever, which I think goes
against the intent of DROPBEAR_IFDOWN=*.
I have brewed up a workaround script that lives in /etc/initramfs-
tools/scripts/init-bottom/hack-delete-netif-netplan.sh for now:
8< cut >8
#!/bin/sh
PREREQ=""
prereqs() {
echo "$PREREQ"
}
case "$1" in
prereqs)
prereqs
exit 0
;;
esac
. /scripts/functions
log_begin_msg "Deleting all network configuration that systemd could try to
import"
rm /run/net-*.conf
rm /run/netplan/*.yaml
log_end_msg
8< cut >8
I think that dropbear-intiramfs's init-bottom script should do this in
addition to downing the interfaces that it finds via the
DROPBEAR_IFDOWN pattern. Do you agree?
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dropbear/+bug/1813394/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1813394] Re: DROPBEAR_IFDOWN=* takes interface down but leaves netplan config
Which version of Mint (or which upstream Ubuntu it is based on?) I
wonder if there is a way to get those rows into the configs rather than
editing packaged files?
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to initramfs-tools in Ubuntu.
https://bugs.launchpad.net/bugs/1813394
Title:
DROPBEAR_IFDOWN=* takes interface down but leaves netplan config
Status in dropbear package in Ubuntu:
Confirmed
Status in initramfs-tools package in Ubuntu:
Confirmed
Bug description:
On bionic, setting the network interface up (e.g. eno1) with DHCP now
causes a /run/netplan/eno1.yaml and a /run/net-eno1.conf file to be
written. The former gets imported by netplan after boot and causes the
DHCP lease from the initrd to be around forever, which I think goes
against the intent of DROPBEAR_IFDOWN=*.
I have brewed up a workaround script that lives in /etc/initramfs-
tools/scripts/init-bottom/hack-delete-netif-netplan.sh for now:
8< cut >8
#!/bin/sh
PREREQ=""
prereqs() {
echo "$PREREQ"
}
case "$1" in
prereqs)
prereqs
exit 0
;;
esac
. /scripts/functions
log_begin_msg "Deleting all network configuration that systemd could try to
import"
rm /run/net-*.conf
rm /run/netplan/*.yaml
log_end_msg
8< cut >8
I think that dropbear-intiramfs's init-bottom script should do this in
addition to downing the interfaces that it finds via the
DROPBEAR_IFDOWN pattern. Do you agree?
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dropbear/+bug/1813394/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1813394] Re: DROPBEAR_IFDOWN=* takes interface down but leaves netplan config
The easiest way to fix this on linux mint for me was to edit:
/usr/share/initramfs-tools/scripts/init-bottom/dropbear
add these two lines to the end of file:
rm /run/net-*.conf
rm /run/netplan/*.yaml
save and run:
update-initramfs -u
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to initramfs-tools in Ubuntu.
https://bugs.launchpad.net/bugs/1813394
Title:
DROPBEAR_IFDOWN=* takes interface down but leaves netplan config
Status in dropbear package in Ubuntu:
Confirmed
Status in initramfs-tools package in Ubuntu:
Confirmed
Bug description:
On bionic, setting the network interface up (e.g. eno1) with DHCP now
causes a /run/netplan/eno1.yaml and a /run/net-eno1.conf file to be
written. The former gets imported by netplan after boot and causes the
DHCP lease from the initrd to be around forever, which I think goes
against the intent of DROPBEAR_IFDOWN=*.
I have brewed up a workaround script that lives in /etc/initramfs-
tools/scripts/init-bottom/hack-delete-netif-netplan.sh for now:
8< cut >8
#!/bin/sh
PREREQ=""
prereqs() {
echo "$PREREQ"
}
case "$1" in
prereqs)
prereqs
exit 0
;;
esac
. /scripts/functions
log_begin_msg "Deleting all network configuration that systemd could try to
import"
rm /run/net-*.conf
rm /run/netplan/*.yaml
log_end_msg
8< cut >8
I think that dropbear-intiramfs's init-bottom script should do this in
addition to downing the interfaces that it finds via the
DROPBEAR_IFDOWN pattern. Do you agree?
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dropbear/+bug/1813394/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1813394] Re: DROPBEAR_IFDOWN=* takes interface down but leaves netplan config
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: initramfs-tools (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to initramfs-tools in Ubuntu.
https://bugs.launchpad.net/bugs/1813394
Title:
DROPBEAR_IFDOWN=* takes interface down but leaves netplan config
Status in dropbear package in Ubuntu:
Confirmed
Status in initramfs-tools package in Ubuntu:
Confirmed
Bug description:
On bionic, setting the network interface up (e.g. eno1) with DHCP now
causes a /run/netplan/eno1.yaml and a /run/net-eno1.conf file to be
written. The former gets imported by netplan after boot and causes the
DHCP lease from the initrd to be around forever, which I think goes
against the intent of DROPBEAR_IFDOWN=*.
I have brewed up a workaround script that lives in /etc/initramfs-
tools/scripts/init-bottom/hack-delete-netif-netplan.sh for now:
8< cut >8
#!/bin/sh
PREREQ=""
prereqs() {
echo "$PREREQ"
}
case "$1" in
prereqs)
prereqs
exit 0
;;
esac
. /scripts/functions
log_begin_msg "Deleting all network configuration that systemd could try to
import"
rm /run/net-*.conf
rm /run/netplan/*.yaml
log_end_msg
8< cut >8
I think that dropbear-intiramfs's init-bottom script should do this in
addition to downing the interfaces that it finds via the
DROPBEAR_IFDOWN pattern. Do you agree?
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dropbear/+bug/1813394/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1813394] Re: DROPBEAR_IFDOWN=* takes interface down but leaves netplan config
It seems the workaround above does not work on Ubuntu 20.04.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to initramfs-tools in Ubuntu.
https://bugs.launchpad.net/bugs/1813394
Title:
DROPBEAR_IFDOWN=* takes interface down but leaves netplan config
Status in dropbear package in Ubuntu:
Confirmed
Status in initramfs-tools package in Ubuntu:
New
Bug description:
On bionic, setting the network interface up (e.g. eno1) with DHCP now
causes a /run/netplan/eno1.yaml and a /run/net-eno1.conf file to be
written. The former gets imported by netplan after boot and causes the
DHCP lease from the initrd to be around forever, which I think goes
against the intent of DROPBEAR_IFDOWN=*.
I have brewed up a workaround script that lives in /etc/initramfs-
tools/scripts/init-bottom/hack-delete-netif-netplan.sh for now:
8< cut >8
#!/bin/sh
PREREQ=""
prereqs() {
echo "$PREREQ"
}
case "$1" in
prereqs)
prereqs
exit 0
;;
esac
. /scripts/functions
log_begin_msg "Deleting all network configuration that systemd could try to
import"
rm /run/net-*.conf
rm /run/netplan/*.yaml
log_end_msg
8< cut >8
I think that dropbear-intiramfs's init-bottom script should do this in
addition to downing the interfaces that it finds via the
DROPBEAR_IFDOWN pattern. Do you agree?
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dropbear/+bug/1813394/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1813394] Re: DROPBEAR_IFDOWN=* takes interface down but leaves netplan config
Digging even further back, it turns out that IFDOWN is in itself a
workaround for an equal issue dating back to ~2012. As such, the core of
the issue lies with how initramfs network setup overrides netplan.
Adding that package.
Given the very limited setup /etc/initramfs-tools/initramfs.conf allows
(including the DHCP default mentioned in the description), there is a
case to be made for allowing admins to rely on the full config rather
than initramfs for their network setup.
** Also affects: initramfs-tools (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to initramfs-tools in Ubuntu.
https://bugs.launchpad.net/bugs/1813394
Title:
DROPBEAR_IFDOWN=* takes interface down but leaves netplan config
Status in dropbear package in Ubuntu:
Confirmed
Status in initramfs-tools package in Ubuntu:
New
Bug description:
On bionic, setting the network interface up (e.g. eno1) with DHCP now
causes a /run/netplan/eno1.yaml and a /run/net-eno1.conf file to be
written. The former gets imported by netplan after boot and causes the
DHCP lease from the initrd to be around forever, which I think goes
against the intent of DROPBEAR_IFDOWN=*.
I have brewed up a workaround script that lives in /etc/initramfs-
tools/scripts/init-bottom/hack-delete-netif-netplan.sh for now:
8< cut >8
#!/bin/sh
PREREQ=""
prereqs() {
echo "$PREREQ"
}
case "$1" in
prereqs)
prereqs
exit 0
;;
esac
. /scripts/functions
log_begin_msg "Deleting all network configuration that systemd could try to
import"
rm /run/net-*.conf
rm /run/netplan/*.yaml
log_end_msg
8< cut >8
I think that dropbear-intiramfs's init-bottom script should do this in
addition to downing the interfaces that it finds via the
DROPBEAR_IFDOWN pattern. Do you agree?
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dropbear/+bug/1813394/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
