Bug#780709: vpnc: fails with "Inappropriate ioctl for device"
On Wed, Mar 18, 2015 at 08:25:09 +0100, M. Dietrich wrote:
> the vpn can't be established with the message:
>
> vpnc-connect: can't initialise tunnel interface: Inappropriate ioctl
> for device
>
> short investigation shows that in case /dev/net/tun does not exists vpnc
> creates it with
>
> open("/dev/net/tun", O_RDWR|O_CREAT, 0666) = 3
>
> after that a call
>
> ioctl(5, TUNSETIFF, 0x7fffbc71f7d0) = -1 ENOTTY (Inappropriate ioctl
> for device)
>
> fails. if i issue a
>
> mknod /dev/net/tun c 10 200
>
> manually vpnc works fine.
Does this bug still affect your system, with an unpatched vpnc and
vpnc-script?
I see that you reported this in March 2015. This was around the same
time that several related bugs were filed, see #780255 [1] and its
duplicates [2],[3],[4].
I don't know if anything needs to be fixed in either vpnc or
vpnc-script, this was just a temporary problem due to a miscoordination
between updates of the kmod and systemd packages.
Do you think vpnc-script should still be patched? If so can someone get
the patch(es) reviewed and applied upstream?
[1]: https://bugs.debian.org/780255
[2]: https://bugs.debian.org/780256
[3]: https://bugs.debian.org/780295
[4]: https://bugs.debian.org/780299
--
mike
Bug#780709: vpnc: fails with "Inappropriate ioctl for device"
On Sun, Mar 22, 2015 at 11:03:34AM +0800, Antonio Borneo wrote: > Could you please test the patch 0001-* in attachment? > I don't have possibility to test it in coming weeks. > > The first part of the patch addresses your problem. yes, if /dev/net/tun is not existing, the patched script will just create it correctly. > The second part makes me confused. agreed... > It should "never" wait, since few lines before /dev/net/tun is > explicitly created with mknod, independently by udev. > For me this loop should be moved before the test that triggers mknod. > I have prepared patch 0002-*. Not sure you can test it, but comments > are welcome. yes, that seems to be obvious, but i can't test that special case. the same goes with the symlink case. am i fully sure what the snipped want to resolve? let me try to sum up: if dev cannot be read and written do: 1 modprobe driver (shouldn't there be a condition if already loaded?) 2 if dev is a symlink to wrong location fix symlink 3 wait for 10 sec for the dev to show up, check by r/w 4 if dev (still) doesn't exists create it so i would suggest to move the loop as in your patch 2 but i would suggest to use the same check of existence of the dev for all 3 cases, maybe just -e to keep the script simple (-c would be better but then you have to remove the file to use mknod and it does not work for the symlinkcase, still it would repair systems where the initial bug happened already). regards, -- M. Dietrich -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#780709: vpnc: fails with "Inappropriate ioctl for device"
On Fri, Mar 20, 2015 at 10:46 PM, M. Dietrich wrote:
<...>
> indeed, it is in /usr/share/vpnc-scripts/vpnc-script as the strace shows that
> this cloned/execed process issues the open(). it seems to be line 596:
>
> if (exec 6<> /dev/net/tun) > /dev/null 2>&1 ; then
>
> which creates the file as a regular file if not existing.
Agree!
Could you please test the patch 0001-* in attachment?
I don't have possibility to test it in coming weeks.
The first part of the patch addresses your problem.
The second part makes me confused.
It should "never" wait, since few lines before /dev/net/tun is
explicitly created with mknod, independently by udev.
For me this loop should be moved before the test that triggers mknod.
I have prepared patch 0002-*. Not sure you can test it, but comments
are welcome.
Best Regards,
Antonio
From 484e0dfc7eba8c4a52cf9ae5c5d3fe6ecf930c63 Mon Sep 17 00:00:00 2001
From: Antonio Borneo
Date: Sun, 22 Mar 2015 10:25:34 +0800
Subject: [PATCH] Fix "Inappropriate ioctl for device"
The command
(exec 6<> /dev/net/tun)
is used to check existence and permission of /dev/net/tun
As reported by M. Dietrich , this command is converted
to
open("/dev/net/tun", O_RDWR|O_CREAT, 0666) = 3
that erroneously creates a file /dev/net/tun if the device is not
present.
The file descriptor 6 is immediately closed, since within (), and not
used after the test. So, no need to explicitly open it.
Replace the command above with test for existence and R/W permission.
This fixes
Bug#780709: vpnc: fails with "Inappropriate ioctl for device"
in Debian Bug Tracking System.
Signed-off-by: Antonio Borneo
---
vpnc-script |4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/vpnc-script b/vpnc-script
index 2a38bcd..38df609 100755
--- a/vpnc-script
+++ b/vpnc-script
@@ -626,7 +626,7 @@ kernel_is_2_6_or_above() {
do_pre_init() {
if [ "$OS" = "Linux" ]; then
- if (exec 6<> /dev/net/tun) > /dev/null 2>&1 ; then
+ if [ -r /dev/net/tun -a -w /dev/net/tun ]; then
:
else # can't open /dev/net/tun
test -e /proc/sys/kernel/modprobe && `cat /proc/sys/kernel/modprobe` tun 2>/dev/null
@@ -644,7 +644,7 @@ do_pre_init() {
# workaround for a possible latency caused by udev, sleep max. 10s
if kernel_is_2_6_or_above ; then
for x in `seq 100` ; do
- (exec 6<> /dev/net/tun) > /dev/null 2>&1 && break;
+ test -r /dev/net/tun -a -w /dev/net/tun && break;
sleep 0.1
done
fi
--
1.7.3.4
From 97fdcef4cb874ad029c462b16c64c7ee88affc1a Mon Sep 17 00:00:00 2001
From: Antonio Borneo
Date: Sun, 22 Mar 2015 10:52:44 +0800
Subject: [PATCH 2/2] Run "mknod /dev/net/tun" only after udev fails
Currently the script first creates /dev/net/tun with mknod, then
pretends to wait for udev to create it. This is a nonsense!
Swap code order so, on systems using udev, first wait for udev
creating /dev/net/tun then run mknod only if timeout expires.
Signed-off-by: Antonio Borneo
---
vpnc-script | 12 ++--
1 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/vpnc-script b/vpnc-script
index 38df609..3576baa 100755
--- a/vpnc-script
+++ b/vpnc-script
@@ -635,12 +635,6 @@ do_pre_init() {
-a ! -e /dev/net/misc/net/tun -a -e /dev/misc/net/tun ] ; then
ln -sf /dev/misc/net/tun /dev/net/tun
fi
- # make sure tun device exists
- if [ ! -e /dev/net/tun ]; then
-mkdir -p /dev/net
-mknod -m 0640 /dev/net/tun c 10 200
-[ -x /sbin/restorecon ] && /sbin/restorecon /dev/net/tun
- fi
# workaround for a possible latency caused by udev, sleep max. 10s
if kernel_is_2_6_or_above ; then
for x in `seq 100` ; do
@@ -648,6 +642,12 @@ do_pre_init() {
sleep 0.1
done
fi
+ # make sure tun device exists
+ if [ ! -e /dev/net/tun ]; then
+mkdir -p /dev/net
+mknod -m 0640 /dev/net/tun c 10 200
+[ -x /sbin/restorecon ] && /sbin/restorecon /dev/net/tun
+ fi
fi
elif [ "$OS" = "FreeBSD" ]; then
if ! kldstat -q -m if_tun > /dev/null; then
--
1.7.3.4
Bug#780709: vpnc: fails with "Inappropriate ioctl for device"
On Fri, Mar 20, 2015 at 04:45:11PM +0800, Antonio Borneo wrote:
> > open("/dev/net/tun", O_RDWR|O_CREAT, 0666) = 3
> Agree that what you found is bad.
> In vpnc code, file
> http://svn.unix-ag.uni-kl.de/vpnc/trunk/sysdep.c
> at line 439, there is
> if ((fd = open("/dev/net/tun", O_RDWR)) < 0) {
> that is correct. So the problem is somewhere else.
indeed, it is in /usr/share/vpnc-scripts/vpnc-script as the strace shows that
this cloned/execed process issues the open(). it seems to be line 596:
if (exec 6<> /dev/net/tun) > /dev/null 2>&1 ; then
which creates the file as a regular file if not existing.
regards,
--
M. Dietrich
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#780709: vpnc: fails with "Inappropriate ioctl for device"
On Wed, Mar 18, 2015 at 3:25 PM, M. Dietrich wrote:
> Package: vpnc
> Version: 0.5.3r550-2
> Severity: important
>
> the vpn can't be established with the message:
>
> vpnc-connect: can't initialise tunnel interface: Inappropriate ioctl
> for device
>
> short investigation shows that in case /dev/net/tun does not exists vpnc
> creates it with
>
> open("/dev/net/tun", O_RDWR|O_CREAT, 0666) = 3
>
Agree that what you found is bad.
In vpnc code, file
http://svn.unix-ag.uni-kl.de/vpnc/trunk/sysdep.c
at line 439, there is
if ((fd = open("/dev/net/tun", O_RDWR)) < 0) {
that is correct. So the problem is somewhere else.
During compile & linking, the open() with 2 arguments got the second
changed to "O_RDWR|O_CREAT" and the third "0666" added.
Or the Debian package adds a wrong patch to vpnc source code?
I have tested on my Arch Linux box x86_64 with gcc-multilib 4.9.2-3
and glibc 2.21-2 the following code:
#include
int main()
{
return open("/dev/net/tun", O_RDWR);
}
Compiled then run with "strace" it correctly reports:
open("/dev/net/tun", O_RDWR) = 3
Can you run the same test on your system?
Antonio
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#780709: vpnc: fails with "Inappropriate ioctl for device"
Hi, I'm having the exact same issue on my machines, it began with recent updates. I guess it's related to the updates of libgnutls and libgcrypt. Regards, -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#780709: vpnc: fails with "Inappropriate ioctl for device"
Package: vpnc
Version: 0.5.3r550-2
Severity: important
the vpn can't be established with the message:
vpnc-connect: can't initialise tunnel interface: Inappropriate ioctl
for device
short investigation shows that in case /dev/net/tun does not exists vpnc
creates it with
open("/dev/net/tun", O_RDWR|O_CREAT, 0666) = 3
after that a call
ioctl(5, TUNSETIFF, 0x7fffbc71f7d0) = -1 ENOTTY (Inappropriate ioctl
for device)
fails. if i issue a
mknod /dev/net/tun c 10 200
manually vpnc works fine.
i assume that a non-existing /dev/net/tun is a bug as well, probably form
another package (udev?) but vpnc should not create one in the given way.
-- System Information:
Debian Release: 8.0
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.16-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages vpnc depends on:
ii dpkg 1.17.24
ii libc6 2.19-17
ii libgcrypt201.6.3-2
ii libgnutls-deb0-28 3.3.8-6
ii perl 5.20.2-2
ii vpnc-scripts 0.1~git20140806-1
Versions of packages vpnc recommends:
ii iproute 1:3.16.0-2
-- no debconf information
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
