Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 358235

Summary: sys-apps/openrc-0.7.0 : ipv6 route configuration broken when using "-f <family>"
Product: Gentoo Hosted Projects Reporter: Olivier Huber <oli.huber>
Component: OpenRCAssignee: OpenRC Team <openrc>
Status: RESOLVED FIXED    
Severity: normal CC: gentoobugs, jmbsvicetto
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: openrc:oldnet
Package list:
Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 394205    
Attachments: patch proposal
log

Description Olivier Huber 2011-03-10 13:50:05 UTC
Created attachment 265449 [details]
patch proposal

from /var/log/rc.log :

 *   Adding routes
 *     default via 91.121.174.254 ...
 [ ok ]
 *     -f inet6 default via 2001:41d0:1:efff:ff:ff:ff:ff ...
Error: an inet prefix is expected rather than "-f".
 [ !! ]

In /etc/conf.d/net, I have :

routes_eth0="default via 91.121.174.254
-f inet6 default via 2001:41d0:1:efff:ff:ff:ff:ff"

I'm using the default module, iproute2.

I think the problem is that in /etc/init.d/net.lo, the following code
adds -host or -net at the beginning of the cmd passed to _add_route :
# Work out if we're a host or a net if not told
case ${cmd} in
   -net" "*|-host" "*);;
   *" "netmask" "*)                   cmd="-net ${cmd}";;
   *.*.*.*/32*)                       cmd="-host ${cmd}";;
   *.*.*.*/*|0.0.0.0|0.0.0.0" "*)     cmd="-net ${cmd}";;
   default|default" "*)               cmd="-net ${cmd}";;
   *)                                 cmd="-host ${cmd}";;
esac

Then, in /lib64/rc/net/iproute2.sh, the detection of the family fails,
since the first argument is -host, and therefore following command is executed :

ip route append -f inet6 default via 2001:41d0:1:efff:ff:ff:ff:ff dev eth0

which fails, as expected.

Since we don't need the first argument in iproute2.sh, I just discard it.
I had also to fix the case where we have 3 arguments, since it would
duplicate the "via" in this case. I think this code is here to support such configuration : "default x.x.x.x".
I also removed the case where -host or -net is given as argument.
I'm not sure, but I think with the iproute2 module, such thing should not
be allowed in route_*.

I think the ifconfig module has the problem, but however, I did not test it.

emerge --info openrc
Portage 2.2.0_alpha26 (hardened/linux/amd64, gcc-4.4.5, glibc-2.11.3-r0, 2.6.36-hardened-r9 x86_64)
=================================================================
                        System Settings
=================================================================
System uname: Linux-2.6.36-hardened-r9-x86_64-Intel-R-_Celeron-R-_CPU_220_@_1.20GHz-with-gentoo-2.0.1
Timestamp of tree: Thu, 10 Mar 2011 02:45:01 +0000
ccache version 2.4 [enabled]
app-shells/bash:     4.1_p9
dev-lang/python:     2.6.6-r2
dev-util/ccache:     2.4-r9
dev-util/cmake:      2.8.4
sys-apps/baselayout: 2.0.1-r1
sys-apps/openrc:     0.7.0
sys-apps/sandbox:    2.5
sys-devel/autoconf:  2.65-r1
sys-devel/automake:  1.10.3, 1.11.1
sys-devel/binutils:  2.20.1-r1
sys-devel/gcc:       4.4.5
sys-devel/gcc-config: 1.4.1
sys-devel/libtool:   2.2.10
sys-devel/make:      3.81-r2
virtual/os-headers:  2.6.36.1 (sys-kernel/linux-headers)
Repositories: gentoo local xhub
Installed sets: @system
ACCEPT_KEYWORDS="amd64"
ACCEPT_LICENSE="* -@EULA"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-march=native -O2 -pipe -fforce-addr"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/share/gnupg/qualified.txt /var/bind"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/gconf /etc/gentoo-release /etc/php/apache2-php5.3/ext-active/ /etc/php/cgi-php5.3/ext-active/ /etc/php/cli-php5.3/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo"
CXXFLAGS="-march=native -O2 -pipe -fforce-addr"
DISTDIR="/usr/portage/distfiles"
FEATURES="assume-digests binpkg-logs ccache distlocks fixlafiles fixpackages news parallel-fetch preserve-libs protect-owned sandbox sfperms strict test test-fail-continue unknown-features-warn unmerge-logs unmerge-orphans userfetch"
FFLAGS=""
GENTOO_MIRRORS="http://mirror.ovh.net/gentoo-distfiles ftp://mirror.ovh.net/gentoo-distfiles"
LANG="fr_FR.utf-8"
LC_ALL="fr_FR.utf-8"
LDFLAGS="-Wl,-O1 -Wl,--as-needed -Wl,--sort-common -Wl,--hash-style=gnu"
PKGDIR="/usr/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/overlays/local /usr/local/overlays/xhub"
SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage"
USE="acl amd64 apache2 bash-completion berkdb bzip2 caps cli courier cracklib crypt cups curl cxx dkim dovecot-sasl dri extensions gd-external gdbm geoip gnutls gpgme hardened iconv icu idn imap ipv6 jpeg jpeg2k justify ldap ldap-sasl logrotate maildir managesieve mbox milter mmx modules mudflap multilib mysql ncurses nls nptl nptlonly openmp openntpd openssl pam pcre perl png pop pppd python razor readline ruby sasl session sieve smime smtp soap spamassassin spell sqlite sqlite3 sse sse2 ssl suhosin svg sysfs syslog tcpd tiff tools unicode urandom vhosts vim-syntax xattr xml xorg xtended zip zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic auth_digest authn_anon authn_dbd authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock dbd deflate dir disk_cache env expires ext_filter file_cache filter headers ident imagemap include info log_config logio mem_cache mime mime_magic negotiation proxy proxy_ajp proxy_balancer proxy_connect proxy_http rewrite setenvif so speling status unique_id userdir usertrack vhost_alias" CAMERAS="ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ubx" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" PHP_TARGETS="php5-3" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="fbdev glint intel mach64 mga neomagic nouveau nv r128 radeon savage sis tdfx trident vesa via vmware dummy v4l" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" 
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LINGUAS, MAKEOPTS, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS

=================================================================
                        Package Settings
=================================================================

sys-apps/openrc-0.7.0 was built with the following:
USE="(multilib) ncurses pam test unicode -debug"
Comment 1 SpanKY gentoo-dev 2011-03-10 21:02:04 UTC
i cant see how your new "shift" works when the code right after it checks -A/-f/etc...

+	# get rid of the first argument, it's useless with the iproute2 module
+	shift
+
 	if [ "$1" = "-A" -o "$1" = "-f" -o "$1" = "-family" ]; then
 		family="-f $2"
 		shift; shift
 	fi
Comment 2 Olivier Huber 2011-03-10 22:03:46 UTC
Created attachment 265509 [details]
log

This is part of the output given by /etc/init.d/net.eth0 --debug restart

The arguments given to _add_route are -host -f inet6 default via 2001:41d0:1:efff:ff:ff:ff:ff

In this case, shift removes -host from the list of argument.

Sorry if this wasn't clear enough.
Comment 3 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2011-03-11 19:25:06 UTC
Why does your conf.d/net even have the -f inet6?
routes_eth0="default via 2001:41d0:1:efff:ff:ff:ff:ff"
Works perfectly for me.
Comment 4 Olivier Huber 2011-03-12 16:52:21 UTC
(In reply to comment #3)
> Why does your conf.d/net even have the -f inet6?
> routes_eth0="default via 2001:41d0:1:efff:ff:ff:ff:ff"
> Works perfectly for me.

you're right. I think this comes from the fact that to
show the ipv6 routes, ip needs the "-6" switch (for instance
ip -6 r).
When I tried to add my ipv6 route, I look at the examples, but
I wasn't satisfied with it, so I looked at the code and I saw
the family detection code ...
Comment 5 SpanKY gentoo-dev 2011-03-13 23:14:47 UTC
i dont think the proposed patch is the way we want to go.  rather than blindly shifting away arguments, we should avoid adding wrong ones in the first place.
Comment 6 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2011-12-13 08:46:43 UTC
can you please install openrc-9999, ensure you get commit 879e1ac or newer, and then test this, posting the output from the commands.

1.
ip -f inet6 route add default via 2001:41d0:1:efff:ff:ff:ff:ff dev eth0
ip -f inet6 route del default via 2001:41d0:1:efff:ff:ff:ff:ff dev eth0

2.
Ensure this entry is in your conf.d/net:
routes_eth0="default via 91.121.174.254
-f inet6 default via 2001:41d0:1:efff:ff:ff:ff:ff"

3.
/etc/init.d/net.eth0 --verbose stop

4.
/etc/init.d/net.eth0 --verbose start
Comment 7 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2011-12-27 00:38:33 UTC
No feedback from user. I'm pretty sure it works, and it's in for the next release.