On Fri, Mar 20, 2015 at 10:46 PM, M. Dietrich <[email protected]> wrote: <...> > indeed, it is in /usr/share/vpnc-scripts/vpnc-script as the strace shows that > this cloned/execed process issues the open(). it seems to be line 596: > > if (exec 6<> /dev/net/tun) > /dev/null 2>&1 ; then > > which creates the file as a regular file if not existing.
Agree! Could you please test the patch 0001-* in attachment? I don't have possibility to test it in coming weeks. The first part of the patch addresses your problem. The second part makes me confused. It should "never" wait, since few lines before /dev/net/tun is explicitly created with mknod, independently by udev. For me this loop should be moved before the test that triggers mknod. I have prepared patch 0002-*. Not sure you can test it, but comments are welcome. Best Regards, Antonio
From 484e0dfc7eba8c4a52cf9ae5c5d3fe6ecf930c63 Mon Sep 17 00:00:00 2001 From: Antonio Borneo <[email protected]> Date: Sun, 22 Mar 2015 10:25:34 +0800 Subject: [PATCH] Fix "Inappropriate ioctl for device" The command (exec 6<> /dev/net/tun) is used to check existence and permission of /dev/net/tun As reported by M. Dietrich <[email protected]>, this command is converted to open("/dev/net/tun", O_RDWR|O_CREAT, 0666) = 3 that erroneously creates a file /dev/net/tun if the device is not present. The file descriptor 6 is immediately closed, since within (), and not used after the test. So, no need to explicitly open it. Replace the command above with test for existence and R/W permission. This fixes Bug#780709: vpnc: fails with "Inappropriate ioctl for device" in Debian Bug Tracking System. Signed-off-by: Antonio Borneo <[email protected]> --- vpnc-script | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/vpnc-script b/vpnc-script index 2a38bcd..38df609 100755 --- a/vpnc-script +++ b/vpnc-script @@ -626,7 +626,7 @@ kernel_is_2_6_or_above() { do_pre_init() { if [ "$OS" = "Linux" ]; then - if (exec 6<> /dev/net/tun) > /dev/null 2>&1 ; then + if [ -r /dev/net/tun -a -w /dev/net/tun ]; then : else # can't open /dev/net/tun test -e /proc/sys/kernel/modprobe && `cat /proc/sys/kernel/modprobe` tun 2>/dev/null @@ -644,7 +644,7 @@ do_pre_init() { # workaround for a possible latency caused by udev, sleep max. 10s if kernel_is_2_6_or_above ; then for x in `seq 100` ; do - (exec 6<> /dev/net/tun) > /dev/null 2>&1 && break; + test -r /dev/net/tun -a -w /dev/net/tun && break; sleep 0.1 done fi -- 1.7.3.4
From 97fdcef4cb874ad029c462b16c64c7ee88affc1a Mon Sep 17 00:00:00 2001 From: Antonio Borneo <[email protected]> Date: Sun, 22 Mar 2015 10:52:44 +0800 Subject: [PATCH 2/2] Run "mknod /dev/net/tun" only after udev fails Currently the script first creates /dev/net/tun with mknod, then pretends to wait for udev to create it. This is a nonsense! Swap code order so, on systems using udev, first wait for udev creating /dev/net/tun then run mknod only if timeout expires. Signed-off-by: Antonio Borneo <[email protected]> --- vpnc-script | 12 ++++++------ 1 files changed, 6 insertions(+), 6 deletions(-) diff --git a/vpnc-script b/vpnc-script index 38df609..3576baa 100755 --- a/vpnc-script +++ b/vpnc-script @@ -635,12 +635,6 @@ do_pre_init() { -a ! -e /dev/net/misc/net/tun -a -e /dev/misc/net/tun ] ; then ln -sf /dev/misc/net/tun /dev/net/tun fi - # make sure tun device exists - if [ ! -e /dev/net/tun ]; then - mkdir -p /dev/net - mknod -m 0640 /dev/net/tun c 10 200 - [ -x /sbin/restorecon ] && /sbin/restorecon /dev/net/tun - fi # workaround for a possible latency caused by udev, sleep max. 10s if kernel_is_2_6_or_above ; then for x in `seq 100` ; do @@ -648,6 +642,12 @@ do_pre_init() { sleep 0.1 done fi + # make sure tun device exists + if [ ! -e /dev/net/tun ]; then + mkdir -p /dev/net + mknod -m 0640 /dev/net/tun c 10 200 + [ -x /sbin/restorecon ] && /sbin/restorecon /dev/net/tun + fi fi elif [ "$OS" = "FreeBSD" ]; then if ! kldstat -q -m if_tun > /dev/null; then -- 1.7.3.4
