** Description changed: [Impact] - If a user has multiple NICs, and only one of them can reach the tang server, the default experience with clevis is unpredictable. initramfs-tools' configure_networking() function will try to configure each interface until one succeeds. But the one that configures fastest may not be the one that can communicate with the server. + If a user has multiple NICs, and only one of them can reach the tang server, the default experience with clevis is unpredictable. initramfs-tools' configure_networking() function will try to configure each interface until one succeeds. But the one that configures fastest may not be the one that can communicate with the server. This could cause the system to fail to automatically unlock a LUKS volume, requiring physical access to enter a passphrase to unlock [Fix] In a multi-NIC case, the only way for configure_networking() to know which interface is the correct one is for the user to tell it. This can be done using the standard ip= command line parameter. However, there are currently no in-band recommendations for the user to know to do this. Since the failure mode will likely be intermittent due to the race, it can be difficult to identify the cause and therefore the solution. We can detect the situation at boot time though, and warn the user, as done in this upstream commit: - https://github.com/latchset/clevis/commit/ae3249ed5ff102aa57650c3171330c47a41c95e8 + https://github.com/latchset/clevis/commit/ae3249ed5ff102aa57650c3171330c47a41c95e8 [Test Case] 1) Boot a system w/ 2 NICs and no ip= parameter; verify that the warning is displayed. 2) Boot a system w/ 2 NICs and an ip= parameter; verify that the warning is *not* displayed In both situations, verify that the system still unlocks automatically. [Regression Potential] A coding error here could break auto-unlocking of a LUKs root device, requiring the user to manually enter a passphrase on the console.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1896289 Title: user should be warned about problems with multiple nics To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/clevis/+bug/1896289/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
