Since udev-104-r9, pptpd doesn't work anymore because everytime when a client connects udev executes the /etc/init.d/net.ppp0. This causes the overwriting of the /etc/ppp/chap-secrets file, plus the creation of /etc/ppp/peer/MyPeer and /etc/ppp/chat-MyPeer. The result is that clients can't login anymore and lost my internet connection because the net.ppp0 deleted my default route. Reproducible: Always Steps to Reproduce: 1. emerge udev-104-r9 2. start pptpd 3. I used grsec learning mode to figure out what happend. Actual Results: client is disconnected and server looses default route Expected Results: clients got connected to the vpn I deleted net.ppp0 as a workaround but perhaps there's a more elegant way to fix this with some udev rules? Some grsec output: default 68 0 0 /lib/udev/net.sh / 1 1 /etc/init.d/net.ppp0 8 0.0.0.0 default 68 0 0 /etc/init.d/net.ppp0 /etc/init.d 1 1 /sbin/runscript 16 0.0.0.0 default 68 0 0 /etc/init.d/net.ppp0 /etc/init.d 1 1 /sbin/runscript 40 0.0.0.0 default 68 0 0 /etc/init.d/net.ppp0 /etc/init.d 1 1 /lib/ld-2.3.6.so 40 0.0.0.0 default 68 0 0 /etc/init.d/net.ppp0 /etc/init.d u -1 0 0 0.0.0.0 default 68 0 0 /etc/init.d/net.ppp0 /etc/init.d g -1 0 0 0.0.0.0 default 68 0 0 /etc/init.d/net.ppp0 /etc/init.d 1 1 /etc/ld.so.cache 16 0.0.0.0 default 68 0 0 /etc/init.d/net.ppp0 /etc/init.d 1 1 /lib/libdl-2.3.6.so 17 0.0.0.0 default 68 0 0 /etc/init.d/net.ppp0 /etc/init.d 1 1 /lib/libdl-2.3.6.so 40 0.0.0.0 default 68 0 0 /etc/init.d/net.ppp0 /etc/init.d 1 1 /lib/libc-2.3.6.so 17 0.0.0.0 default 68 0 0 /etc/init.d/net.ppp0 /etc/init.d 1 1 /lib/libc-2.3.6.so 40 0.0.0.0 default 68 0 0 /etc/init.d/net.ppp0 /etc/init.d 1 1 /dev/urandom 16 0.0.0.0 default 68 0 0 /etc/init.d/net.ppp0 /etc/init.d 1 1 /dev/urandom 17 0.0.0.0 default 68 0 0 /etc/init.d/net.ppp0 /etc/init.d 1 1 /lib/rcscripts/conf.d/env_whitelist 17 0.0.0.0 default 68 0 0 /etc/init.d/net.ppp0 /etc/init.d 1 1 /etc/conf.d/env_whitelist 17 0.0.0.0 emerge --info Portage 2.1.1-r2 (hardened/x86/2.6, gcc-3.4.6, glibc-2.3.6-r5, 2.6.18-hardened i686) ================================================================= System uname: 2.6.18-hardened i686 Pentium III (Coppermine) Gentoo Base System version 1.12.6 Last Sync: Tue, 06 Feb 2007 08:50:01 +0000 app-admin/eselect-compiler: [Not Present] dev-java/java-config: 1.3.7, 2.0.30 dev-lang/python: 2.4.3-r4 dev-python/pycrypto: 2.0.1-r5 dev-util/ccache: [Not Present] dev-util/confcache: [Not Present] sys-apps/sandbox: 1.2.17 sys-devel/autoconf: 2.13, 2.60 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10 sys-devel/binutils: 2.16.1-r3 sys-devel/gcc-config: 1.3.14 sys-devel/libtool: 1.5.22 virtual/os-headers: 2.6.17-r2 ACCEPT_KEYWORDS="x86" AUTOCLEAN="yes" CBUILD="i586-pc-linux-gnu" CFLAGS="-O2 -pipe -fomit-frame-pointer" CHOST="i586-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/X11/xkb /usr/share/config /var/bind /var/qmail/alias /var/qmail/control" CONFIG_PROTECT_MASK="/etc/env.d /etc/gconf /etc/revdep-rebuild /etc/terminfo" CXXFLAGS="-O2 -pipe -fomit-frame-pointer" DISTDIR="/usr/portage/distfiles" FEATURES="autoconfig buildpkg distlocks metadata-transfer sandbox sfperms strict" GENTOO_MIRRORS="http://ftp.snt.utwente.nl/pub/os/linux/gentoo http://ftp.easynet.nl/mirror/gentoo/" MAKEOPTS="-j3" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude='/distfiles' --exclude='/local' --exclude='/packages'" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://rsync5.nl.gentoo.org/gentoo-portage" USE="x86 acl alsa alsa_pcm_plugins_adpcm alsa_pcm_plugins_alaw alsa_pcm_plugins_asym alsa_pcm_plugins_copy alsa_pcm_plugins_dmix alsa_pcm_plugins_dshare alsa_pcm_plugins_dsnoop alsa_pcm_plugins_empty alsa_pcm_plugins_extplug alsa_pcm_plugins_file alsa_pcm_plugins_hooks alsa_pcm_plugins_iec958 alsa_pcm_plugins_ioplug alsa_pcm_plugins_ladspa alsa_pcm_plugins_lfloat alsa_pcm_plugins_linear alsa_pcm_plugins_meter alsa_pcm_plugins_mulaw alsa_pcm_plugins_multi alsa_pcm_plugins_null alsa_pcm_plugins_plug alsa_pcm_plugins_rate alsa_pcm_plugins_route alsa_pcm_plugins_share alsa_pcm_plugins_shm alsa_pcm_plugins_softvol berkdb bzip2 caps crypt dlloader elibc_glibc gtk hardened input_devices_evdev input_devices_keyboard input_devices_mouse input_devices_synaptics input_devices_vmmouse ipv6 kernel_linux lcd_devices_bayrad lcd_devices_cfontz lcd_devices_cfontz633 lcd_devices_glk lcd_devices_hd44780 lcd_devices_lb216 lcd_devices_lcdm001 lcd_devices_mtxorb lcd_devices_ncurses lcd_devices_text lirc_devices_hauppauge memlimit midi mmap mmx mp3 nls nptl nptlonly opengl oss pam pic readline sharedmem sse ssl sysfs tcpd threads truetype unicode userland_GNU video_cards_fbdev video_cards_radeon video_cards_v4l video_cards_vesa video_cards_vmware xinerama xorg zlib" Unset: CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, LC_ALL, LDFLAGS, LINGUAS, PORTAGE_RSYNC_EXTRA_OPTS
Don't tell me you are using that ancient net.ppp0 that used to be installed by net-dialup/ppp! For about a year ppp upgrade failed if such file were detected on the system, instructing the user what should do for making the upgrade process possible. Nowadays, whoever want to configure a PPP connection it uses baselayout for that, by creating a net.pppX -> net.lo symlink. That script don't alter in any way your secrets or peer files. Anyway, I don't understand why udev would run net.ppp0 by itself. pppX interfaces are created by pppd (therefore, net.ppp0 is already running), which also is the only program entitle to manage such interfaces.
@base-system: Should we then add back then the case-construct to decide about for which devices to call init-script. Or should we add some generic entry-point in baselayout which udev calls and where such case-constructs can be implemented.
(In reply to comment #1) > Don't tell me you are using that ancient net.ppp0 that used to be installed by > net-dialup/ppp! For about a year ppp upgrade failed if such file were detected > on the system, instructing the user what should do for making the upgrade > process possible. I never used net.ppp0, for client pptp connections I always use pon and poff. net.ppp0 isn't available in any installed package on my systems, I already searched. > Anyway, I don't understand why udev would run net.ppp0 by itself. > pppX interfaces are created by pppd (therefore, net.ppp0 is already running), > which also is the only program entitle to manage such interfaces. > Maybe ppp or pptpd generates some hotplug event, this is what I get with every connecting client: Feb 8 20:50:46 router udev-net.sh: /etc/init.d/net.ppp1: does not exist or is not executable Feb 8 20:50:53 router udev-net.sh: /etc/init.d/net.ppp2: does not exist or is not executable
Created attachment 109582 [details] Strace output of udev while letting a client connect via pptpd
(In reply to comment #4) > Created an attachment (id=109582) [edit] > Strace output of udev while letting a client connect via pptpd > Why not just using udevmonitor --env. Does not create such large logs.
(In reply to comment #5) > (In reply to comment #4) > > Created an attachment (id=109582) [edit] > > Strace output of udev while letting a client connect via pptpd > > > Why not just using udevmonitor --env. Does not create such large logs. > Didn't know such a tool was available. UEVENT[1170967773.631713] add@/class/net/ppp1 ACTION=add DEVPATH=/class/net/ppp1 SUBSYSTEM=net SEQNUM=1780 INTERFACE=ppp1 UDEV [1170967773.631910] add@/class/net/ppp1 UDEV_LOG=3 ACTION=add DEVPATH=/class/net/ppp1 SUBSYSTEM=net SEQNUM=1780 INTERFACE=ppp1 UDEVD_EVENT=1 IN_HOTPLUG=1 UEVENT[1170967782.426073] remove@/class/net/ppp1 ACTION=remove DEVPATH=/class/net/ppp1 SUBSYSTEM=net SEQNUM=1781 INTERFACE=ppp1 UDEV [1170967782.429266] remove@/class/net/ppp1 UDEV_LOG=3 ACTION=remove DEVPATH=/class/net/ppp1 SUBSYSTEM=net SEQNUM=1781 INTERFACE=ppp1 UDEVD_EVENT=1 IN_HOTPLUG=1
SUBSYSTEM=="net", ACTION=="add", INTERFACE!="ppp.*", RUN+="net.sh %k start", OPTIONS="last_rule" SUBSYSTEM=="net", ACTION=="remove", INTERFACE!="ppp.*", RUN+="net.sh %k stop", OPTIONS="last_rule" Would that work for /etc/udev/rules.d/95-net.rules
(In reply to comment #3) > I never used net.ppp0, for client pptp connections I always use pon and poff. > net.ppp0 isn't available in any installed package on my systems, I already > searched. I'm puzzled. Do you have a /etc/init.d/net.ppp0 script or not? If you do, who created it? If you symlinked net.lo as net.ppp0, what /etc/conf.d/net do you have? (In reply to comment #7) That would be a sane thing to do, although I don't see how executing net.ppp0 start|stop on creation|destruction of the ppp0 interface would matter in any way. Please note that pppX interfaces cannot be renamed.
Alin: The output from udev shows that the net.ppp* script doesn't exist. That's not the issue. The issue is that udev is attempting to call the net.ppp* script when the device is created, however there is no script to be run and there shouldn't be a script run. Marlon: Did you try my suggested fix?
> Marlon: Did you try my suggested fix? > I did, looks like it didn't worked Result: Feb 9 20:58:13 router pppd[5177]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded. Feb 9 20:58:13 router pppd[5177]: pppd 2.4.4 started by root, uid 0 Feb 9 20:58:13 router pppd[5177]: Using interface ppp1 Feb 9 20:58:13 router pppd[5177]: Connect: ppp1 <--> /dev/pts/2 Feb 9 20:58:13 router udev-net.sh: /etc/init.d/net.ppp1: does not exist or is not executable Feb 9 20:58:16 router pppd[5177]: MPPC compression enabled Feb 9 20:58:16 router pppd[5177]: found interface br0 for proxy arp If I disable all lines in /etc/udev/rules.d/95-net.rules it stops bringing up ppp devices though.
(In reply to comment #8) > I'm puzzled. Do you have a /etc/init.d/net.ppp0 script or not? If you do, who > created it? If you symlinked net.lo as net.ppp0, what /etc/conf.d/net do you > have? I have a /etc/init.d/net.ppp0 script, it isn't a symlink and dates from jul 24 2006. My guess is it never removed when it should have been.
(In reply to comment #10) > > Marlon: Did you try my suggested fix? > > > > I did, looks like it didn't worked > After doing some udev reading I tried SUBSYSTEM=="net", ACTION=="add", KERNEL!="ppp*" RUN+="net.sh %k start", OPTIONS="last_rule" SUBSYSTEM=="net", ACTION=="remove", KERNEL!="ppp*" RUN+="net.sh %k stop", OPTIONS="last_rule" This worked for me!
Ha. That's totally what I meant to suggest. sorry about that. I was looking at the output of udevmonitor which says INTERFACE instead of KERNEL. Why... I haven't a clue. Yet another weirdness in udev.
Solved in udev-104-r10 by not calling net.IFACE for some device-names like ppp/ippp/tun/tap/...