[Bug 1662620] Re: "ip addr add" permits illegal labels
Thanks Chris for having a look. > On the other hand, from the bug it looks like if you *don't* mix valid and > invalid labels > then everything actually works? So this would potentially be breaking > currently working setups? Yes while having that echoing in my head for a while I think you are right. We would have the chance to disrupt working setups, so I beg your pardon and would step back marking it won't fix. ** Changed in: iproute2 (Ubuntu Bionic) Status: Incomplete => Won't Fix -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1662620 Title: "ip addr add" permits illegal labels To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iproute2/+bug/1662620/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1662620] Re: "ip addr add" permits illegal labels
Hm. It's not clear what the actual user impact of this is? Reading from the original description, it seems that if a user uses an invalid label to set one address and *also* uses a valid label to set another address *then* tools can be confused? “Our parser is actually more lenient than the manpage states” on its own is definitely not SRU-worthy, but if it breaks other tools then maybe? On the other hand, from the bug it looks like if you *don't* mix valid and invalid labels then everything actually works? So this would potentially be breaking currently working setups? I think we need more information before determining whether this should be accepted as an SRU. ** Changed in: iproute2 (Ubuntu Bionic) Status: Triaged => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1662620 Title: "ip addr add" permits illegal labels To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iproute2/+bug/1662620/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1662620] Re: "ip addr add" permits illegal labels
Reviewed and tested - uploading to Bionic-unapproved for a check by the SRU Team. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1662620 Title: "ip addr add" permits illegal labels To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iproute2/+bug/1662620/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1662620] Re: "ip addr add" permits illegal labels
SRU template added -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1662620 Title: "ip addr add" permits illegal labels To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iproute2/+bug/1662620/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1662620] Re: "ip addr add" permits illegal labels
Not sure if it will pass build, review or be acceptable as SRU since it is so low impact. But the fix was so trivial that after all this time I'd feel bad to keep it as-is. So I've prepared an MP to fix it https://code.launchpad.net/~paelzer/ubuntu/+source/iproute2/+git/iproute2/+merge/409821 And a PPA with a test build https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/4676/+packages ** Tags added: server-todo ** Changed in: iproute2 (Ubuntu Bionic) Assignee: (unassigned) => Christian Ehrhardt (paelzer) ** Description changed: + [Impact] + + * The filter on label names does not match the intention +by upstream nor the description in the man page + + * Fix by backporting upstream fix that strengthens the check + + [Test Plan] + + Bad case: + root@b:~# ip addr add 1.1.1.1 label test1 dev eth0 + "dev" (eth0) must match "label" (test1). + root@b:~# ip addr add 1.1.1.1 label eth0-test dev eth0 + root@b:~# ip addr show dev eth0 | grep test + inet 1.1.1.1/32 scope global eth0-test + + With the fix it should look like: + root@i:~# ip addr add 1.1.1.1 label test1 dev eth0 + "label" (test1) must match "dev" (eth0) or be prefixed by "dev" with a colon. + root@i:~# ip addr add 1.1.1.1 label eth0-test dev eth0 + "label" (eth0-test) must match "dev" (eth0) or be prefixed by "dev" with a colon. + root@i:~# ip addr show dev eth0 | grep test + + [Where problems could occur] + + * While the fix indeed "corrects" behavior I must say that if someone +relied on the non-intended behavior it would now break e.g. his +scripting or automation. + + [Other Info] + + * It was too easy to fix and too long dormant to ignore it further, +but if the SRU team says this is too much regression risk relative to +the gain we will mark it Won't Fix based on that decision. + + + --- + ip-address(8) manpage states: - label NAME - Each address may be tagged with a label string. In order to preserve compatibility with Linux-2.0 net aliases, this string must coincide with the name of the device or must be prefixed with the device name followed by colon. + label NAME + Each address may be tagged with a label string. In order to preserve compatibility with Linux-2.0 net aliases, this string must coincide with the name of the device or must be prefixed with the device name followed by colon. But you can omit the colon, "ip addr add" is ONLY checking the label is prefixed with the device: # ip addr add 1.1.1.1 label test1 dev eth0 "dev" (eth0) must match "label" (test1). # ip addr add 1.1.1.2 label eth0-test2 dev eth0 # ip addr add 1.1.1.3 label eth0:test3 dev eth0 - Now ifconfig becomes confused about eth0-test2: # ifconfig eth0-test2 eth0-test2: error fetching interface information: Device not found # ifconfig eth0:test3 - eth0:test3 Link encap:Ethernet HWaddr b0:d5:cc:fe:1d:7c - inet addr:1.1.1.3 Bcast:0.0.0.0 Mask:255.255.255.255 - UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 - Interrupt:171 + eth0:test3 Link encap:Ethernet HWaddr b0:d5:cc:fe:1d:7c + inet addr:1.1.1.3 Bcast:0.0.0.0 Mask:255.255.255.255 + UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 + Interrupt:171 And daemons like ntpd also log errors about the interface with the illegal label: ntpd[7570]: eth0-test3: getting interface flags: No such device - ## => many of this error per minute until: + ## => many of this error per minute until: ntpd[7570]: Too many errors. Shutting up. - - So, I think ip addr show disallow adding address with illegal (as stated by his own documentation) labels, it must also check for the colon following the dev name. + So, I think ip addr show disallow adding address with illegal (as stated + by his own documentation) labels, it must also check for the colon + following the dev name. Version: 4.3.0-1ubuntu3 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1662620 Title: "ip addr add" permits illegal labels To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iproute2/+bug/1662620/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1662620] Re: "ip addr add" permits illegal labels
** Merge proposal linked: https://code.launchpad.net/~paelzer/ubuntu/+source/iproute2/+git/iproute2/+merge/409821 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1662620 Title: "ip addr add" permits illegal labels To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iproute2/+bug/1662620/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1662620] Re: "ip addr add" permits illegal labels
Hi, I come by trying to clear out a few old bugs that might still need to be resolved (or can be closed by now). Even though this one seems to be forgotten by everyone so far it has been fixed. Bionic (affected) root@b:~# ip addr add 1.1.1.1 label test1 dev eth0 "dev" (eth0) must match "label" (test1). root@b:~# ip addr add 1.1.1.1 label eth0-test dev eth0 root@b:~# ip addr show dev eth0 | grep test inet 1.1.1.1/32 scope global eth0-test Impish (fixed) root@i:~# ip addr add 1.1.1.1 label test1 dev eth0 "label" (test1) must match "dev" (eth0) or be prefixed by "dev" with a colon. root@i:~# ip addr add 1.1.1.1 label eth0-test dev eth0 "label" (eth0-test) must match "dev" (eth0) or be prefixed by "dev" with a colon. root@i:~# ip addr show dev eth0 | grep test This was effectively fixed by https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit/?id=cad73425d8813 Which is in since v4.18.0 That version is in >=20.04 as well as in 18.04-backports. iproute2 | 3.12.0-2 | trusty | source, amd64, arm64, armhf, i386, powerpc, ppc64el iproute2 | 3.12.0-2ubuntu1.2 | trusty-updates | source, amd64, arm64, armhf, i386, powerpc, ppc64el iproute2 | 4.3.0-1ubuntu3| xenial | source, amd64, arm64, armhf, i386, powerpc, ppc64el, s390x iproute2 | 4.3.0-1ubuntu3.16.04.5| xenial-updates | source, amd64, arm64, armhf, i386, powerpc, ppc64el, s390x iproute2 | 4.15.0-2ubuntu1 | bionic | source, amd64, arm64, armhf, i386, ppc64el, s390x iproute2 | 4.15.0-2ubuntu1.1 | bionic-security | source, amd64, arm64, armhf, i386, ppc64el, s390x iproute2 | 4.15.0-2ubuntu1.3 | bionic-updates | source, amd64, arm64, armhf, i386, ppc64el, s390x iproute2 | 4.18.0-1ubuntu2~ubuntu18.04.1 | bionic-backports | source, amd64, arm64, armhf, i386, ppc64el, s390x iproute2 | 5.5.0-1ubuntu1| focal| source, amd64, arm64, armhf, i386, ppc64el, riscv64, s390x iproute2 | 5.10.0-4ubuntu1 | hirsute | source, amd64, arm64, armhf, i386, ppc64el, riscv64, s390x iproute2 | 5.10.0-4ubuntu1 | impish | source, amd64, arm64, armhf, i386, ppc64el, riscv64, s390x Thereby the active release that still is affected is Bionic (unless you use bionic-backports which already have 4.18). I think to fix this in bionic is only prio-low since it is mostly a cosmetic. Since it is fixed in newer releases there isn't more work to be done to drive this to conclusion for future releases. @Nahuel - I can only beg your pardon that this was dormant for so long :-/ ** Also affects: iproute2 (Ubuntu Bionic) Importance: Undecided Status: New ** Changed in: iproute2 (Ubuntu Bionic) Status: New => Triaged ** Changed in: iproute2 (Ubuntu Bionic) Importance: Undecided => Low ** Changed in: iproute2 (Ubuntu) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1662620 Title: "ip addr add" permits illegal labels To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iproute2/+bug/1662620/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1662620] Re: "ip addr add" permits illegal labels
** Changed in: iproute2 (Ubuntu) Status: New => Triaged -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1662620 Title: "ip addr add" permits illegal labels To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iproute2/+bug/1662620/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs