Hi, I just adopted ifupdown from Andrew Shadura. Incidentally I'm also the ifenslave maintainer :)
On Tue, Jun 09, 2015 at 04:35:00PM +0200, Dariusz Gadomski wrote:
> After some discussions with Rafael and users affected by the race
> condition I have prepared a patch solving the problem by introducing a
> new stanza to the interfaces file:
> allow-group-X-Y <interfaces>
> where:
> X is the group index
> Y is the level in the hierarchy
>
> This stanza allows to group interfaces into hierarchies to ensure
> hierarchy locking below any given interface while ifupdown operates on
> it.
>
> E.g. if we have a bond0 interface built on top of eth0 and eth1 the
> user would have to add the following to the interfaces file:
> allow-group-1-1 bond0
> allow-group-1-2 eth0 eth1
>
> This would cause locking of eth0 and eth1 from any modification while
> bond0 is handled by ifupdown.
It is of course not so nice to have to specify those groups by hand,
especially to assign numbers to them. It would be nicer to just have a
statement you can put in an interface stanza that tells you which
interfaces are depending on it, like:
iface bond0 inet static
depending-interfaces eth0 eth1
This could then implicitly generate the same groups as you have to
specify explicitly in your case.
Even better would be to have the race condition be dealt with without
any changes to /e/n/interfaces. One issue is of course that the
/r/n/ifstate file is only locked to update the state, and there is no
state indicating that an interface is in the process of being
configured. So indeed, a per-interface lockfile should be used, which
will be locked for the whole duration the interface is being
(de)configured. Something like /r/n/ifstate-bond0, which is locked using
fcntl(), and into which the process holding the lock will write the
state (up/down). To prevent deadlocks (scripts calling ifup/ifdown
recursively), environment variables are set to indicate which interfaces
are being configured, like IFUPDOWN_bond0=up, and before trying to lock
the per-interface lockfile, presence of this environment variable is
checked. I already have an implementation of the deadlock detection, but
not yet of per-interface lockfiles.
But in the case of bonding, there is already a mechanism in place that
can prevent conflicts between ifup -a and ifup bond0 running
simultaneously. If you write /e/n/interfaces like this:
allow-bond0 eth0
iface eth0 inet manual
bond-master bond0
allow-bond0 eth1
iface eth1 inet manual
bond-master bond0
auto bond0
iface bond0 inet dhcp
bond-slaves eth0 eth1
...
Note that I replaced "auto" with "allow-bond0" for the Ethernet
interfaces. This causes ifup -a to skip those interfaces, but instead
will cause ifup bond0 to run ifup eth0 and eth1.
--
Met vriendelijke groet / with kind regards,
Guus Sliepen <g...@debian.org>
signature.asc
Description: Digital signature
