Bug 32297 - Switch to new subtemplate .../etc/network/interface.d/* generated two loopback interfaces if the old template was modified
Switch to new subtemplate .../etc/network/interface.d/* generated two loopbac...
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Network
UCS 3.1
All Linux
: P4 critical (vote)
: UCS 3.1-1-errata
Assigned To: Philipp Hahn
Sönke Schwardt-Krummrich
:
Depends on: 26058 28131 28229
Blocks: 28318 28389
  Show dependency treegraph
 
Reported: 2013-08-22 11:07 CEST by Tim Petersen
Modified: 2013-08-28 13:42 CEST (History)
15 users (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Tim Petersen univentionstaff 2013-08-22 11:07:05 CEST
+++ This bug was initially created as a clone of Bug #26058 +++

/etc/network/interfaces wird derzeit von einem relativ starren Template
verwaltet, was es nur erlaubt Interfaces zu definieren, deren Name mit "eth"
beginnt. Das reicht nicht.
* Bug #23947, Bug #23514, Bug #22670: Bridges heißen normalerweise brX
* Bug #23411, Bug #19460: Bonding-Interfaces heißen normalerweise bondX
* Bug #22967: Unterstützung für VLAN-Interfaces, je nach Modus u.a. vlanX
* dummyX, wlanX, ...-Interfaces
Gerade in Verbindung mit Virtualisierung und HA sind solche Konfigurationen
heute öfters notwendig und sollten abbildbar sein, ohne das man das Template
anfassen muß.
Die angehängte Version implementiert keine spezielle Unterstützung für die
obigen 3 Hauptfällt, sondern vergößert die Flexibilität, so daß sich diese dann
auch den bereits vorhandenen "options/"-Mechanismus abbilden lassen.
[...]

At this bug the old template /etc/univention/templates/files/etc/network/interfaces was splitted to two subtemplates ../interfaces.d/00-base and 10-default

The Bug wanted to keep user modifications at "/etc/univention/templates/files/etc/network/interfaces" by moving (and overwriting) the old modified template to "10-default" (debian/univention-base-files.preinst):

dpkg-maintscript-helper mv_conffile /etc/univention/templates/files/etc/network/interfaces /etc/univention/templates/files/etc/network/interfaces.d/10-default 2.0.2-1~ -- "$@"

As the new subtemplate "/etc/univention/templates/files/etc/network/interfaces.d00-base" has a hardcoded definiton of the loopback interface as well as the old template "/etc/univention/templates/files/etc/network/interfaces", the newly generated conffile gets two looback interfaces.

To me this looks like a generic design bug as this mechanism will always lead to a misconfigured conffile.

It should be fixed in UCS 3.2 and then backported to ucs 3.1-0/3.1-1 to avoid corrupt updates.
Comment 1 Philipp Hahn univentionstaff 2013-08-23 20:33:47 CEST
3.1.1: r43423 | Bug #32297: Comment out 'loopback' interface from moved template
univention-base-files_2.0.15-1.139.201308232031
3.2-0: r43426 | Bug #32297: Comment out 'loopback' interface from moved template
univention-base-files_3.0.2-1.138.201308232031

In the postinst, interfaces/restart/auto is temporarily disabled before the offending lines from the moved template /etc/univention/templates/files/etc/network/interfaces.d/10-default are commented out.
/etc/network/interfaces is then committed before interfaces/restart/auto is restored to its original value.

Please note, that during the installation of univention-base-files "ifup" and "ifdown" are invoked on the broken file and output some error message. In my tests this is expected and harmless.


r43425 | Bug #32297: Comment out 'loopback' interface from moved template
branches/ucs-3.1/ucs-3.1-1/doc/errata/2013-08-23-univention-base-files.yaml
Comment 2 Sönke Schwardt-Krummrich univentionstaff 2013-08-27 10:30:34 CEST
(In reply to Tim Petersen from comment #0)
> It should be fixed in UCS 3.2 and then backported to ucs 3.1-0/3.1-1 to
> avoid corrupt updates.

(In reply to Philipp Hahn from comment #1)
> 3.1.1: r43423 | Bug #32297: Comment out 'loopback' interface from moved
> template
> univention-base-files_2.0.15-1.139.201308232031

OK: Diff
OK: installation of univention-base-files from errata scope
    (lines will be commented out; interface does not get restarted)
OK: interfaces/restart/auto will be set to old value afterwards

> 3.2-0: r43426 | Bug #32297: Comment out 'loopback' interface from moved
> template
> univention-base-files_3.0.2-1.138.201308232031

OK: Diff
OK: installation of univention-base-files from 3.2-0
OK: changelog entry (fixed typo)
 
> Please note, that during the installation of univention-base-files "ifup"
> and "ifdown" are invoked on the broken file and output some error message.
> In my tests this is expected and harmless.

I didn't noticed any error message of ifup/ifdown during update to 3.1-1errata

> r43425 | Bug #32297: Comment out 'loopback' interface from moved template
> branches/ucs-3.1/ucs-3.1-1/doc/errata/2013-08-23-univention-base-files.

OK: YAML file
Comment 3 Moritz Muehlenhoff univentionstaff 2013-08-28 13:42:47 CEST
http://errata.univention.de/ucs/3.1/176.html