From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9]) by lore.proxmox.com (Postfix) with ESMTPS id 6057B1FF3A7 for ; Fri, 28 Jun 2024 16:35:39 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 9DFEA2E35; Fri, 28 Jun 2024 16:35:50 +0200 (CEST) Message-ID: Date: Fri, 28 Jun 2024 16:35:46 +0200 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird To: Proxmox VE development discussion , Stefan Hanreich References: <20240627150132.265982-1-s.hanreich@proxmox.com> Content-Language: en-US From: Friedrich Weber In-Reply-To: <20240627150132.265982-1-s.hanreich@proxmox.com> X-SPAM-LEVEL: Spam detection results: 0 AWL -0.028 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: Re: [pve-devel] [PATCH ifupdown2 1/1] fix #5197: do not run scripts ending with .dpkg-{old, new, tmp, dist} X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox VE development discussion Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: pve-devel-bounces@lists.proxmox.com Sender: "pve-devel" On 27/06/2024 17:01, Stefan Hanreich wrote: > This can lead to issue when upgrading from ifupdown to ifupdown2. The > particular issue this fixes occurs in the following scenario: > > * Suppose there is a legacy Debian host with ifupdown and ifenslave > installed that has a bond configured in /etc/network/interfaces. > * ifenslave installs a script /etc/network/if-pre-up.d/ifenslave. > * Now, an upgrade creates a second script > /etc/network/if-pre-up.d/ifenslave.dpkg-new. As ifupdown executes > network scripts via run-parts which ignores scripts with . in their > name, ifenslave.dpkg-new has no effect. > * If the host switches over to ifupdown2 by installing it (removing > ifupdown, keeping ifenslave) and reboots, the network will not come > up: > /etc/network/if-pre-up.d/ifenslave still exists, but is ignored > by ifupdown2's bond addon [1] > /etc/network/if-pre-up.d/ifenslave.dpkg-new is executed by ifupdown2 > because it executes all scripts in /etc/network/if-pre-up.d, even if > their name contains a dot > > This leads to ifreload failing on upgrades, which in turn causes > issues with the networking of upgraded hosts. Thanks for tackling this! Consider this Tested-by: Friedrich Weber I tested the following: - Set up a PVE8 VM with an active-backup bond, from /etc/network/interfaces: > auto bond0 > iface bond0 inet manual > bond-slaves ens18 ens19 > bond-miimon 100 > bond-mode active-backup > > auto vmbr0 > iface vmbr0 inet static > address 10.1.1.122/16 > gateway 10.1.1.1 > bridge-ports bond0 > bridge-stp off > bridge-fd 0 - Install ifupdown and ifenslave - Manually create a .dpkg-new: > cp /etc/network/if-pre-up.d/ifenslave /etc/network/if-pre-up.d/ifenslave.dpkg-new - Reboot -- network comes up fine. - Install latest packaged ifupdown2: > apt install ifupdown2=3.2.0-1+pmx8 - Network is already lost during install - Reboot -- network does not come up, bond0 and vmbr0 report NO-CARRIER - Install ifupdown2 with this patch applied - Reboot -- network comes up fine - Running `execsnoop -l network & sleep 3; ifreload -a` confirms ifenslave.dpkg-new is never executed (ifenslave is never executed by ifupdown2, see the pull request linked by Stefan) _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel