From: Friedrich Weber <f.weber@proxmox.com>
To: Proxmox VE development discussion <pve-devel@lists.proxmox.com>,
Stefan Hanreich <s.hanreich@proxmox.com>
Subject: Re: [pve-devel] [PATCH ifupdown2 1/1] fix #5197: do not run scripts ending with .dpkg-{old, new, tmp, dist}
Date: Fri, 28 Jun 2024 16:35:46 +0200 [thread overview]
Message-ID: <cd2e1d38-1cf5-4abd-81af-84f274e717b5@proxmox.com> (raw)
In-Reply-To: <20240627150132.265982-1-s.hanreich@proxmox.com>
On 27/06/2024 17:01, Stefan Hanreich wrote:
> This can lead to issue when upgrading from ifupdown to ifupdown2. The
> particular issue this fixes occurs in the following scenario:
>
> * Suppose there is a legacy Debian host with ifupdown and ifenslave
> installed that has a bond configured in /etc/network/interfaces.
> * ifenslave installs a script /etc/network/if-pre-up.d/ifenslave.
> * Now, an upgrade creates a second script
> /etc/network/if-pre-up.d/ifenslave.dpkg-new. As ifupdown executes
> network scripts via run-parts which ignores scripts with . in their
> name, ifenslave.dpkg-new has no effect.
> * If the host switches over to ifupdown2 by installing it (removing
> ifupdown, keeping ifenslave) and reboots, the network will not come
> up:
> /etc/network/if-pre-up.d/ifenslave still exists, but is ignored
> by ifupdown2's bond addon [1]
> /etc/network/if-pre-up.d/ifenslave.dpkg-new is executed by ifupdown2
> because it executes all scripts in /etc/network/if-pre-up.d, even if
> their name contains a dot
>
> This leads to ifreload failing on upgrades, which in turn causes
> issues with the networking of upgraded hosts.
Thanks for tackling this! Consider this
Tested-by: Friedrich Weber <f.weber@proxmox.com>
I tested the following:
- Set up a PVE8 VM with an active-backup bond, from /etc/network/interfaces:
> auto bond0
> iface bond0 inet manual
> bond-slaves ens18 ens19
> bond-miimon 100
> bond-mode active-backup
>
> auto vmbr0
> iface vmbr0 inet static
> address 10.1.1.122/16
> gateway 10.1.1.1
> bridge-ports bond0
> bridge-stp off
> bridge-fd 0
- Install ifupdown and ifenslave
- Manually create a .dpkg-new:
> cp /etc/network/if-pre-up.d/ifenslave /etc/network/if-pre-up.d/ifenslave.dpkg-new
- Reboot -- network comes up fine.
- Install latest packaged ifupdown2:
> apt install ifupdown2=3.2.0-1+pmx8
- Network is already lost during install
- Reboot -- network does not come up, bond0 and vmbr0 report NO-CARRIER
- Install ifupdown2 with this patch applied
- Reboot -- network comes up fine
- Running `execsnoop -l network & sleep 3; ifreload -a` confirms
ifenslave.dpkg-new is never executed (ifenslave is never executed by
ifupdown2, see the pull request linked by Stefan)
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
next prev parent reply other threads:[~2024-06-28 14:35 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-06-27 15:01 Stefan Hanreich
2024-06-28 14:35 ` Friedrich Weber [this message]
2024-07-01 8:35 ` Fabian Grünbichler
2024-07-03 12:58 ` Stefan Hanreich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cd2e1d38-1cf5-4abd-81af-84f274e717b5@proxmox.com \
--to=f.weber@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
--cc=s.hanreich@proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox