From c9e3cc43c7baea00c41a4aa24a5e31a08fbfb894 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=A9my=20Gr=C3=BCnblatt?= <42433779+rgrunbla@users.noreply.github.com> Date: Sun, 29 Oct 2023 18:27:16 +0100 Subject: [PATCH] nixos: fix iproute2 invocations (#263976) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit When using iproute2's ip binary, you can omit the dev parameter, e.g. ip link set up eth0 instead of ip link set up dev eth0. This breaks if for some reason your device is named e.g. he, hel, … because it is interpreted as ip link set up help. I just encountered this bug using networking.bridges trying to create an interface named he. I used a grep on nixpkgs to try to find iproute2 invocations using variables without the dev keyword, and found a few, and fixed them by providing the dev keyword. I merely fixed what I found, but the use of abbreviated commands makes it a bit hard to be sure everything has been found (e.g. ip l set … up instead of ip link set … up). --- nixos/modules/services/networking/gvpe.nix | 2 +- nixos/modules/system/boot/initrd-network.nix | 6 +- .../tasks/network-interfaces-scripted.nix | 62 +++++++++---------- .../tasks/network-interfaces-systemd.nix | 2 +- pkgs/tools/networking/gvpe/default.nix | 2 +- 5 files changed, 37 insertions(+), 37 deletions(-) diff --git a/nixos/modules/services/networking/gvpe.nix b/nixos/modules/services/networking/gvpe.nix index 2279ceee2f58e6a..558f499022c81f4 100644 --- a/nixos/modules/services/networking/gvpe.nix +++ b/nixos/modules/services/networking/gvpe.nix @@ -29,7 +29,7 @@ let export PATH=$PATH:${pkgs.iproute2}/sbin - ip link set $IFNAME up + ip link set dev $IFNAME up ip address add ${cfg.ipAddress} dev $IFNAME ip route add ${cfg.subnet} dev $IFNAME diff --git a/nixos/modules/system/boot/initrd-network.nix b/nixos/modules/system/boot/initrd-network.nix index 5bf38b6fa200b05..5696cae8e65b970 100644 --- a/nixos/modules/system/boot/initrd-network.nix +++ b/nixos/modules/system/boot/initrd-network.nix @@ -138,7 +138,7 @@ in # Bring up all interfaces. for iface in ${dhcpIfShellExpr}; do echo "bringing up network interface $iface..." - ip link set "$iface" up && ifaces="$ifaces $iface" + ip link set dev "$iface" up && ifaces="$ifaces $iface" done # Acquire DHCP leases. @@ -152,8 +152,8 @@ in boot.initrd.postMountCommands = mkIf cfg.flushBeforeStage2 '' for iface in $ifaces; do - ip address flush "$iface" - ip link set "$iface" down + ip address flush dev "$iface" + ip link set dev "$iface" down done ''; diff --git a/nixos/modules/tasks/network-interfaces-scripted.nix b/nixos/modules/tasks/network-interfaces-scripted.nix index da4aa916d655e18..e1ac7f24cb320a8 100644 --- a/nixos/modules/tasks/network-interfaces-scripted.nix +++ b/nixos/modules/tasks/network-interfaces-scripted.nix @@ -28,12 +28,12 @@ let SLAVES=$(ip link | grep 'master ${i}' | awk -F: '{print $2}') for I in $SLAVES; do UPDATED=0 - ip link set "$I" nomaster + ip link set dev "$I" nomaster done [ "$UPDATED" -eq "1" ] && break done - ip link set "${i}" down 2>/dev/null || true - ip link del "${i}" 2>/dev/null || true + ip link set dev "${i}" down 2>/dev/null || true + ip link del dev "${i}" 2>/dev/null || true ''; # warn that these attributes are deprecated (2017-2-2) @@ -193,7 +193,7 @@ let state="/run/nixos/network/addresses/${i.name}" mkdir -p $(dirname "$state") - ip link set "${i.name}" up + ip link set dev "${i.name}" up ${flip concatMapStrings ips (ip: let @@ -270,7 +270,7 @@ let ip tuntap add dev "${i.name}" mode "${i.virtualType}" user "${i.virtualOwner}" ''; postStop = '' - ip link del ${i.name} || true + ip link del dev ${i.name} || true ''; }; @@ -291,15 +291,15 @@ let script = '' # Remove Dead Interfaces echo "Removing old bridge ${n}..." - ip link show dev "${n}" >/dev/null 2>&1 && ip link del "${n}" + ip link show dev "${n}" >/dev/null 2>&1 && ip link del dev "${n}" echo "Adding bridge ${n}..." ip link add name "${n}" type bridge # Enslave child interfaces ${flip concatMapStrings v.interfaces (i: '' - ip link set "${i}" master "${n}" - ip link set "${i}" up + ip link set dev "${i}" master "${n}" + ip link set dev "${i}" up '')} # Save list of enslaved interfaces echo "${flip concatMapStrings v.interfaces (i: '' @@ -316,7 +316,7 @@ let for uri in qemu:///system lxc:///; do for dom in $(${pkgs.libvirt}/bin/virsh -c $uri list --name); do ${pkgs.libvirt}/bin/virsh -c $uri dumpxml "$dom" | \ - ${pkgs.xmlstarlet}/bin/xmlstarlet sel -t -m "//domain/devices/interface[@type='bridge'][source/@bridge='${n}'][target/@dev]" -v "concat('ip link set ',target/@dev,' master ',source/@bridge,';')" | \ + ${pkgs.xmlstarlet}/bin/xmlstarlet sel -t -m "//domain/devices/interface[@type='bridge'][source/@bridge='${n}'][target/@dev]" -v "concat('ip link set dev ',target/@dev,' master ',source/@bridge,';')" | \ ${pkgs.bash}/bin/bash done done @@ -328,23 +328,23 @@ let echo 2 >/sys/class/net/${n}/bridge/stp_state ''} - ip link set "${n}" up + ip link set dev "${n}" up ''; postStop = '' - ip link set "${n}" down || true - ip link del "${n}" || true + ip link set dev "${n}" down || true + ip link del dev "${n}" || true rm -f /run/${n}.interfaces ''; reload = '' # Un-enslave child interfaces (old list of interfaces) for interface in `cat /run/${n}.interfaces`; do - ip link set "$interface" nomaster up + ip link set dev "$interface" nomaster up done # Enslave child interfaces (new list of interfaces) ${flip concatMapStrings v.interfaces (i: '' - ip link set "${i}" master "${n}" - ip link set "${i}" up + ip link set dev "${i}" master "${n}" + ip link set dev "${i}" up '')} # Save list of enslaved interfaces echo "${flip concatMapStrings v.interfaces (i: '' @@ -395,7 +395,7 @@ let postStop = '' echo "Cleaning Open vSwitch ${n}" echo "Shutting down internal ${n} interface" - ip link set ${n} down || true + ip link set dev ${n} down || true echo "Deleting flows for ${n}" ovs-ofctl --protocols=${v.openFlowVersion} del-flows ${n} || true echo "Deleting Open vSwitch ${n}" @@ -433,10 +433,10 @@ let while [ ! -d "/sys/class/net/${n}" ]; do sleep 0.1; done; # Bring up the bond and enslave the specified interfaces - ip link set "${n}" up + ip link set dev "${n}" up ${flip concatMapStrings v.interfaces (i: '' - ip link set "${i}" down - ip link set "${i}" master "${n}" + ip link set dev "${i}" down + ip link set dev "${i}" master "${n}" '')} ''; postStop = destroyBond n; @@ -457,13 +457,13 @@ let path = [ pkgs.iproute2 ]; script = '' # Remove Dead Interfaces - ip link show dev "${n}" >/dev/null 2>&1 && ip link delete "${n}" + ip link show dev "${n}" >/dev/null 2>&1 && ip link delete dev "${n}" ip link add link "${v.interface}" name "${n}" type macvlan \ ${optionalString (v.mode != null) "mode ${v.mode}"} - ip link set "${n}" up + ip link set dev "${n}" up ''; postStop = '' - ip link delete "${n}" || true + ip link delete dev "${n}" || true ''; }); @@ -515,7 +515,7 @@ let path = [ pkgs.iproute2 ]; script = '' # Remove Dead Interfaces - ip link show dev "${n}" >/dev/null 2>&1 && ip link delete "${n}" + ip link show dev "${n}" >/dev/null 2>&1 && ip link delete dev "${n}" ip link add name "${n}" type sit \ ${optionalString (v.remote != null) "remote \"${v.remote}\""} \ ${optionalString (v.local != null) "local \"${v.local}\""} \ @@ -526,10 +526,10 @@ let optionalString (v.encapsulation.sourcePort != null) "encap-sport ${toString v.encapsulation.sourcePort}" }"} - ip link set "${n}" up + ip link set dev "${n}" up ''; postStop = '' - ip link delete "${n}" || true + ip link delete dev "${n}" || true ''; }); @@ -549,16 +549,16 @@ let path = [ pkgs.iproute2 ]; script = '' # Remove Dead Interfaces - ip link show dev "${n}" >/dev/null 2>&1 && ip link delete "${n}" + ip link show dev "${n}" >/dev/null 2>&1 && ip link delete dev "${n}" ip link add name "${n}" type ${v.type} \ ${optionalString (v.remote != null) "remote \"${v.remote}\""} \ ${optionalString (v.local != null) "local \"${v.local}\""} \ ${optionalString (v.ttl != null) "${ttlarg} ${toString v.ttl}"} \ ${optionalString (v.dev != null) "dev \"${v.dev}\""} - ip link set "${n}" up + ip link set dev "${n}" up ''; postStop = '' - ip link delete "${n}" || true + ip link delete dev "${n}" || true ''; }); @@ -577,17 +577,17 @@ let path = [ pkgs.iproute2 ]; script = '' # Remove Dead Interfaces - ip link show dev "${n}" >/dev/null 2>&1 && ip link delete "${n}" + ip link show dev "${n}" >/dev/null 2>&1 && ip link delete dev "${n}" ip link add link "${v.interface}" name "${n}" type vlan id "${toString v.id}" # We try to bring up the logical VLAN interface. If the master # interface the logical interface is dependent upon is not up yet we will # fail to immediately bring up the logical interface. The resulting logical # interface will brought up later when the master interface is up. - ip link set "${n}" up || true + ip link set dev "${n}" up || true ''; postStop = '' - ip link delete "${n}" || true + ip link delete dev "${n}" || true ''; }); diff --git a/nixos/modules/tasks/network-interfaces-systemd.nix b/nixos/modules/tasks/network-interfaces-systemd.nix index cee23eb24406796..2009c9a7e6e28e4 100644 --- a/nixos/modules/tasks/network-interfaces-systemd.nix +++ b/nixos/modules/tasks/network-interfaces-systemd.nix @@ -442,7 +442,7 @@ in postStop = '' echo "Cleaning Open vSwitch ${n}" echo "Shutting down internal ${n} interface" - ip link set ${n} down || true + ip link set dev ${n} down || true echo "Deleting flows for ${n}" ovs-ofctl --protocols=${v.openFlowVersion} del-flows ${n} || true echo "Deleting Open vSwitch ${n}" diff --git a/pkgs/tools/networking/gvpe/default.nix b/pkgs/tools/networking/gvpe/default.nix index 37f698386e2407c..5170df24b91ce2e 100644 --- a/pkgs/tools/networking/gvpe/default.nix +++ b/pkgs/tools/networking/gvpe/default.nix @@ -19,7 +19,7 @@ stdenv.mkDerivation rec { ]; postPatch = '' - sed -e 's@"/sbin/ifconfig.*"@"${iproute2}/sbin/ip link set $IFNAME address $MAC mtu $MTU"@' -i src/device-linux.C + sed -e 's@"/sbin/ifconfig.*"@"${iproute2}/sbin/ip link set dev $IFNAME address $MAC mtu $MTU"@' -i src/device-linux.C sed -e 's@/sbin/ifconfig@${nettools}/sbin/ifconfig@g' -i src/device-*.C '';