Skip to content

Commit

Permalink
nixos: fix iproute2 invocations (#263976)
Browse files Browse the repository at this point in the history 
When using iproute2's ip binary, you can omit the dev parameter, e.g. ip link set up eth0 instead of ip link set up dev eth0.

This breaks if for some reason your device is named e.g. he, hel, … because it is interpreted as ip link set up help.

I just encountered this bug using networking.bridges trying to create an interface named he.

I used a grep on nixpkgs to try to find iproute2 invocations using variables without the dev keyword, and found a few, and fixed them by providing the dev keyword.

I merely fixed what I found, but the use of abbreviated commands makes it a bit hard to be sure everything has been found (e.g. ip l set … up instead of ip link set … up).
  • Loading branch information
@rgrunbla
rgrunbla authored Oct 29, 2023
1 parent 5cea7ee commit c9e3cc4
Show file tree
Hide file tree
Showing 5 changed files with 37 additions and 37 deletions.
2 changes: 1 addition & 1 deletion nixos/modules/services/networking/gvpe.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ let
export PATH=$PATH:${pkgs.iproute2}/sbin
ip link set $IFNAME up
ip link set dev $IFNAME up
ip address add ${cfg.ipAddress} dev $IFNAME
ip route add ${cfg.subnet} dev $IFNAME
Expand Down
6 changes: 3 additions & 3 deletions nixos/modules/system/boot/initrd-network.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -138,7 +138,7 @@ in
# Bring up all interfaces.
for iface in ${dhcpIfShellExpr}; do
echo "bringing up network interface $iface..."
ip link set "$iface" up && ifaces="$ifaces $iface"
ip link set dev "$iface" up && ifaces="$ifaces $iface"
done
# Acquire DHCP leases.
Expand All @@ -152,8 +152,8 @@ in

boot.initrd.postMountCommands = mkIf cfg.flushBeforeStage2 ''
for iface in $ifaces; do
ip address flush "$iface"
ip link set "$iface" down
ip address flush dev "$iface"
ip link set dev "$iface" down
done
'';

Expand Down
62 changes: 31 additions & 31 deletions nixos/modules/tasks/network-interfaces-scripted.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,12 +28,12 @@ let
SLAVES=$(ip link | grep 'master ${i}' | awk -F: '{print $2}')
for I in $SLAVES; do
UPDATED=0
ip link set "$I" nomaster
ip link set dev "$I" nomaster
done
[ "$UPDATED" -eq "1" ] && break
done
ip link set "${i}" down 2>/dev/null || true
ip link del "${i}" 2>/dev/null || true
ip link set dev "${i}" down 2>/dev/null || true
ip link del dev "${i}" 2>/dev/null || true
'';

# warn that these attributes are deprecated (2017-2-2)
Expand Down Expand Up @@ -193,7 +193,7 @@ let
state="/run/nixos/network/addresses/${i.name}"
mkdir -p $(dirname "$state")
ip link set "${i.name}" up
ip link set dev "${i.name}" up
${flip concatMapStrings ips (ip:
let
Expand Down Expand Up @@ -270,7 +270,7 @@ let
ip tuntap add dev "${i.name}" mode "${i.virtualType}" user "${i.virtualOwner}"
'';
postStop = ''
ip link del ${i.name} || true
ip link del dev ${i.name} || true
'';
};

Expand All @@ -291,15 +291,15 @@ let
script = ''
# Remove Dead Interfaces
echo "Removing old bridge ${n}..."
ip link show dev "${n}" >/dev/null 2>&1 && ip link del "${n}"
ip link show dev "${n}" >/dev/null 2>&1 && ip link del dev "${n}"
echo "Adding bridge ${n}..."
ip link add name "${n}" type bridge
# Enslave child interfaces
${flip concatMapStrings v.interfaces (i: ''
ip link set "${i}" master "${n}"
ip link set "${i}" up
ip link set dev "${i}" master "${n}"
ip link set dev "${i}" up
'')}
# Save list of enslaved interfaces
echo "${flip concatMapStrings v.interfaces (i: ''
Expand All @@ -316,7 +316,7 @@ let
for uri in qemu:///system lxc:///; do
for dom in $(${pkgs.libvirt}/bin/virsh -c $uri list --name); do
${pkgs.libvirt}/bin/virsh -c $uri dumpxml "$dom" | \
${pkgs.xmlstarlet}/bin/xmlstarlet sel -t -m "//domain/devices/interface[@type='bridge'][source/@bridge='${n}'][target/@dev]" -v "concat('ip link set ',target/@dev,' master ',source/@bridge,';')" | \
${pkgs.xmlstarlet}/bin/xmlstarlet sel -t -m "//domain/devices/interface[@type='bridge'][source/@bridge='${n}'][target/@dev]" -v "concat('ip link set dev ',target/@dev,' master ',source/@bridge,';')" | \
${pkgs.bash}/bin/bash
done
done
Expand All @@ -328,23 +328,23 @@ let
echo 2 >/sys/class/net/${n}/bridge/stp_state
''}
ip link set "${n}" up
ip link set dev "${n}" up
'';
postStop = ''
ip link set "${n}" down || true
ip link del "${n}" || true
ip link set dev "${n}" down || true
ip link del dev "${n}" || true
rm -f /run/${n}.interfaces
'';
reload = ''
# Un-enslave child interfaces (old list of interfaces)
for interface in `cat /run/${n}.interfaces`; do
ip link set "$interface" nomaster up
ip link set dev "$interface" nomaster up
done
# Enslave child interfaces (new list of interfaces)
${flip concatMapStrings v.interfaces (i: ''
ip link set "${i}" master "${n}"
ip link set "${i}" up
ip link set dev "${i}" master "${n}"
ip link set dev "${i}" up
'')}
# Save list of enslaved interfaces
echo "${flip concatMapStrings v.interfaces (i: ''
Expand Down Expand Up @@ -395,7 +395,7 @@ let
postStop = ''
echo "Cleaning Open vSwitch ${n}"
echo "Shutting down internal ${n} interface"
ip link set ${n} down || true
ip link set dev ${n} down || true
echo "Deleting flows for ${n}"
ovs-ofctl --protocols=${v.openFlowVersion} del-flows ${n} || true
echo "Deleting Open vSwitch ${n}"
Expand Down Expand Up @@ -433,10 +433,10 @@ let
while [ ! -d "/sys/class/net/${n}" ]; do sleep 0.1; done;
# Bring up the bond and enslave the specified interfaces
ip link set "${n}" up
ip link set dev "${n}" up
${flip concatMapStrings v.interfaces (i: ''
ip link set "${i}" down
ip link set "${i}" master "${n}"
ip link set dev "${i}" down
ip link set dev "${i}" master "${n}"
'')}
'';
postStop = destroyBond n;
Expand All @@ -457,13 +457,13 @@ let
path = [ pkgs.iproute2 ];
script = ''
# Remove Dead Interfaces
ip link show dev "${n}" >/dev/null 2>&1 && ip link delete "${n}"
ip link show dev "${n}" >/dev/null 2>&1 && ip link delete dev "${n}"
ip link add link "${v.interface}" name "${n}" type macvlan \
${optionalString (v.mode != null) "mode ${v.mode}"}
ip link set "${n}" up
ip link set dev "${n}" up
'';
postStop = ''
ip link delete "${n}" || true
ip link delete dev "${n}" || true
'';
});

Expand Down Expand Up @@ -515,7 +515,7 @@ let
path = [ pkgs.iproute2 ];
script = ''
# Remove Dead Interfaces
ip link show dev "${n}" >/dev/null 2>&1 && ip link delete "${n}"
ip link show dev "${n}" >/dev/null 2>&1 && ip link delete dev "${n}"
ip link add name "${n}" type sit \
${optionalString (v.remote != null) "remote \"${v.remote}\""} \
${optionalString (v.local != null) "local \"${v.local}\""} \
Expand All @@ -526,10 +526,10 @@ let
optionalString (v.encapsulation.sourcePort != null)
"encap-sport ${toString v.encapsulation.sourcePort}"
}"}
ip link set "${n}" up
ip link set dev "${n}" up
'';
postStop = ''
ip link delete "${n}" || true
ip link delete dev "${n}" || true
'';
});

Expand All @@ -549,16 +549,16 @@ let
path = [ pkgs.iproute2 ];
script = ''
# Remove Dead Interfaces
ip link show dev "${n}" >/dev/null 2>&1 && ip link delete "${n}"
ip link show dev "${n}" >/dev/null 2>&1 && ip link delete dev "${n}"
ip link add name "${n}" type ${v.type} \
${optionalString (v.remote != null) "remote \"${v.remote}\""} \
${optionalString (v.local != null) "local \"${v.local}\""} \
${optionalString (v.ttl != null) "${ttlarg} ${toString v.ttl}"} \
${optionalString (v.dev != null) "dev \"${v.dev}\""}
ip link set "${n}" up
ip link set dev "${n}" up
'';
postStop = ''
ip link delete "${n}" || true
ip link delete dev "${n}" || true
'';
});

Expand All @@ -577,17 +577,17 @@ let
path = [ pkgs.iproute2 ];
script = ''
# Remove Dead Interfaces
ip link show dev "${n}" >/dev/null 2>&1 && ip link delete "${n}"
ip link show dev "${n}" >/dev/null 2>&1 && ip link delete dev "${n}"
ip link add link "${v.interface}" name "${n}" type vlan id "${toString v.id}"
# We try to bring up the logical VLAN interface. If the master
# interface the logical interface is dependent upon is not up yet we will
# fail to immediately bring up the logical interface. The resulting logical
# interface will brought up later when the master interface is up.
ip link set "${n}" up || true
ip link set dev "${n}" up || true
'';
postStop = ''
ip link delete "${n}" || true
ip link delete dev "${n}" || true
'';
});

Expand Down
2 changes: 1 addition & 1 deletion nixos/modules/tasks/network-interfaces-systemd.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -442,7 +442,7 @@ in
postStop = ''
echo "Cleaning Open vSwitch ${n}"
echo "Shutting down internal ${n} interface"
ip link set ${n} down || true
ip link set dev ${n} down || true
echo "Deleting flows for ${n}"
ovs-ofctl --protocols=${v.openFlowVersion} del-flows ${n} || true
echo "Deleting Open vSwitch ${n}"
Expand Down
2 changes: 1 addition & 1 deletion pkgs/tools/networking/gvpe/default.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ stdenv.mkDerivation rec {
];

postPatch = ''
sed -e 's@"/sbin/ifconfig.*"@"${iproute2}/sbin/ip link set $IFNAME address $MAC mtu $MTU"@' -i src/device-linux.C
sed -e 's@"/sbin/ifconfig.*"@"${iproute2}/sbin/ip link set dev $IFNAME address $MAC mtu $MTU"@' -i src/device-linux.C
sed -e 's@/sbin/ifconfig@${nettools}/sbin/ifconfig@g' -i src/device-*.C
'';

Expand Down

0 comments on commit c9e3cc4

Please sign in to comment.