Ubuntu
systemd package

MACVLAN= in .nspawn file vs command line results in /sys/class/net showing host interfaces

Bug #1841378 reported by Steve Dodd
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
systemd (Ubuntu)
Fix Released
Undecided
Unassigned
Bionic
New
Undecided
Unassigned
Disco
Fix Released
Undecided
Unassigned

Bug Description

I have machine with the following nspawn file:

--
[Network]
MACVLAN=laneth0

[Exec]
PrivateUsers=false
--

if I start it with systemctl start systemd-nspawn@name, all works as expected.

If I start manually with systemd-nspawn -M name -b, I seem to correctly get a new network namespace (ip link output in container is correct), but ls /sys/class/net shows the host's interfaces.

The difference turns out to be that starting with systemctl uses a default command line which includes --private-network; the MACVLAN= in the config file should imply this, but instead it seems I'm getting "half" a private network, with the namespace correctly set but /sys not.

Having a quick poke around, I suspect

https://github.com/systemd/systemd/commit/60f1ec13ed059e412c2a2ee4cc3093e2d520673c

may have 'accidentally' fixed this - it moves

       if (arg_private_network)
                arg_mount_settings |= MOUNT_APPLY_APIVFS_NETNS;

from parse_argv to verify_arguments which is called later.

This bug causes netplan to fail as well as it rummages around in /sys/class/net.

If the planets ever align appropriately, I will try to come up with a patch to 237 for bionic, but I don't recommend anyone holds their breath..

ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: systemd-container 237-3ubuntu10.25
Uname: Linux 4.19.13-041913-generic x86_64
ApportVersion: 2.20.9-0ubuntu7.6
Architecture: amd64
CurrentDesktop: XFCE
Date: Sun Aug 25 17:54:50 2019
InstallationDate: Installed on 2018-03-22 (521 days ago)
InstallationMedia: Xubuntu 18.04 LTS "Bionic Beaver" - Alpha amd64 (20180306.1)
SourcePackage: systemd
UpgradeStatus: No upgrade log present (probably fresh install)

See original description
Revision history for this message
Steve Dodd (anarchetic) wrote :
Revision history for this message
Steve Dodd (anarchetic) wrote :

The "obvious fix" (attached) does indeed solve the problem - haven't done enough testing as of yet to be sure there are no weird consequences.

description: updated
Revision history for this message
Ubuntu Foundations Team Bug Bot (crichton) wrote :

The attachment "nspawn-fix.diff" seems to be a patch. If it isn't, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.]

tags: added: patch
Revision history for this message
Balint Reczey (rbalint) wrote :

Fixed in 240 and up.

Changed in systemd (Ubuntu):
status: New → Fix Released
Changed in systemd (Ubuntu Disco):
status: New → Fix Released
Revision history for this message
Steve Dodd (anarchetic) wrote :

It's just possible that the commit linked may fix https://github.com/systemd/systemd/issues/12313 as well ..

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.