** Description changed: === Begin SRU Template === [Impact] Incorrect handling of udev events by open-iscsi's net-interface-handler - results in nameserver and dns search entries being removed from + results in nameserver and dns search entries being removed from /etc/resolv.conf and thus potentially breaking dns on a system. This problem is limited to iscsi-root systems, but is easily tripped by common use of linux networking. This was first discovered on Oracle Public Cloud, which utilizes iscsi-root for its systems. [Test Case] 1. Start a system with iscsi root. One such easily obtained environment is Oracle Public Cloud. 2. Collect resolvconf and ifupdown state - mkdir before - cp -a /run/resolvconf before/run-resolvconf - cp /etc/resolv.conf before/etc-resolv.conf - cp -a /run/network before/run-network + name="before" + mkdir $name + cp -r /run/resolvconf $name/run-resolvconf + cp /etc/resolv.conf $name/etc-resolv.conf + cp -r /run/network $name/run-network 3. Create a tun/tap device - sudo ip tuntap add mode tap user root mytap0 + sudo ip tuntap add mode tap user root mytap0 4. Remove the tun/tap device. - sudo ip tuntap del mode tap mytap0 - 5. Collect resolvconf and ifupdown state and compare against '2'. The creation and removal of a tuntap device should not have affected resolvconf or ifupdown state. - mkdir after - cp -a /run/resolvconf after/run-resolvconf - cp /etc/resolv.conf after/etc-resolv.conf - cp -a /run/network after/run-network + sudo ip tuntap del mode tap mytap0 + 5. Collect resolvconf and ifupdown state and compare against '2'. The creation and removal of a tuntap device should not have affected resolvconf or ifupdown state. The 'diff' at the end should not show any differences. + name="after" + mkdir $name + cp -r /run/resolvconf $name/run-resolvconf + cp /etc/resolv.conf $name/etc-resolv.conf + cp -r /run/network $name/run-network - diff -Naur before/ after/ + diff -Naur before/ after/ [Regression Potential] The codepath executed was and is entirely limited to systems with iscsi-root. So regressions should also be limited as such. The most likely regression would seem to be the failure to add or remove entries to resolvconf for the iscsi-root interface. Before this was happening to often. A bad fix could result in it happening not enough. [Other Info] net-interface-handler is currently executing 'resolvconf -a' on all new network interfaces and 'resolvconf -d' on removal of all network interfaces. The problem with that is that an add and remove of any new interface will have the result of effectively marking the iscsi-root interface down. That includes removing the resolvconf entries for that interface. This add/remove can happen for any number of reasons. Two such examples: - a.) docker container create/delete - - sudo apt-get install -qy docker.io - - sudo docker run --rm busybox date - b.) add/remove of a tuntap device. - - sudo ip tuntap add mode tap user root mytap0 - - sudo ip tuntap del mode tap mytap0 + a.) docker container create/delete + - sudo apt-get install -qy docker.io + - sudo docker run --rm busybox date + b.) add/remove of a tuntap device. + - sudo ip tuntap add mode tap user root mytap0 + - sudo ip tuntap del mode tap mytap0 === End SRU Template === ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: open-iscsi 2.0.873+git0.3b4b4500-14ubuntu3.4 [modified: lib/open-iscsi/net-interface-handler] ProcVersionSignature: User Name 4.4.0-130.156-generic 4.4.134 Uname: Linux 4.4.0-130-generic x86_64 ApportVersion: 2.20.1-0ubuntu2.18 Architecture: amd64 Date: Thu Aug 2 17:18:06 2018 ProcEnviron: - TERM=xterm-256color - PATH=(custom, no user) - XDG_RUNTIME_DIR=<set> - LANG=en_US.UTF-8 - SHELL=/bin/bash + TERM=xterm-256color + PATH=(custom, no user) + XDG_RUNTIME_DIR=<set> + LANG=en_US.UTF-8 + SHELL=/bin/bash SourcePackage: open-iscsi UpgradeStatus: No upgrade log present (probably fresh install) modified.conffile..etc.iscsi.iscsid.conf: [inaccessible: [Errno 13] Permission denied: '/etc/iscsi/iscsid.conf']
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1785108 Title: net-interface-handler operates on all adds and removes To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/open-iscsi/+bug/1785108/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
