nixos: fix iproute2 invocations (#263976)
When using iproute2's ip binary, you can omit the dev parameter, e.g. ip link set up eth0 instead of ip link set up dev eth0. This breaks if for some reason your device is named e.g. he, hel, … because it is interpreted as ip link set up help. I just encountered this bug using networking.bridges trying to create an interface named he. I used a grep on nixpkgs to try to find iproute2 invocations using variables without the dev keyword, and found a few, and fixed them by providing the dev keyword. I merely fixed what I found, but the use of abbreviated commands makes it a bit hard to be sure everything has been found (e.g. ip l set … up instead of ip link set … up).
This commit is contained in:
parent
5cea7ee452
commit
c9e3cc43c7
5 changed files with 37 additions and 37 deletions
|
@ -29,7 +29,7 @@ let
|
||||||
|
|
||||||
export PATH=$PATH:${pkgs.iproute2}/sbin
|
export PATH=$PATH:${pkgs.iproute2}/sbin
|
||||||
|
|
||||||
ip link set $IFNAME up
|
ip link set dev $IFNAME up
|
||||||
ip address add ${cfg.ipAddress} dev $IFNAME
|
ip address add ${cfg.ipAddress} dev $IFNAME
|
||||||
ip route add ${cfg.subnet} dev $IFNAME
|
ip route add ${cfg.subnet} dev $IFNAME
|
||||||
|
|
||||||
|
|
|
@ -138,7 +138,7 @@ in
|
||||||
# Bring up all interfaces.
|
# Bring up all interfaces.
|
||||||
for iface in ${dhcpIfShellExpr}; do
|
for iface in ${dhcpIfShellExpr}; do
|
||||||
echo "bringing up network interface $iface..."
|
echo "bringing up network interface $iface..."
|
||||||
ip link set "$iface" up && ifaces="$ifaces $iface"
|
ip link set dev "$iface" up && ifaces="$ifaces $iface"
|
||||||
done
|
done
|
||||||
|
|
||||||
# Acquire DHCP leases.
|
# Acquire DHCP leases.
|
||||||
|
@ -152,8 +152,8 @@ in
|
||||||
|
|
||||||
boot.initrd.postMountCommands = mkIf cfg.flushBeforeStage2 ''
|
boot.initrd.postMountCommands = mkIf cfg.flushBeforeStage2 ''
|
||||||
for iface in $ifaces; do
|
for iface in $ifaces; do
|
||||||
ip address flush "$iface"
|
ip address flush dev "$iface"
|
||||||
ip link set "$iface" down
|
ip link set dev "$iface" down
|
||||||
done
|
done
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
|
|
@ -28,12 +28,12 @@ let
|
||||||
SLAVES=$(ip link | grep 'master ${i}' | awk -F: '{print $2}')
|
SLAVES=$(ip link | grep 'master ${i}' | awk -F: '{print $2}')
|
||||||
for I in $SLAVES; do
|
for I in $SLAVES; do
|
||||||
UPDATED=0
|
UPDATED=0
|
||||||
ip link set "$I" nomaster
|
ip link set dev "$I" nomaster
|
||||||
done
|
done
|
||||||
[ "$UPDATED" -eq "1" ] && break
|
[ "$UPDATED" -eq "1" ] && break
|
||||||
done
|
done
|
||||||
ip link set "${i}" down 2>/dev/null || true
|
ip link set dev "${i}" down 2>/dev/null || true
|
||||||
ip link del "${i}" 2>/dev/null || true
|
ip link del dev "${i}" 2>/dev/null || true
|
||||||
'';
|
'';
|
||||||
|
|
||||||
# warn that these attributes are deprecated (2017-2-2)
|
# warn that these attributes are deprecated (2017-2-2)
|
||||||
|
@ -193,7 +193,7 @@ let
|
||||||
state="/run/nixos/network/addresses/${i.name}"
|
state="/run/nixos/network/addresses/${i.name}"
|
||||||
mkdir -p $(dirname "$state")
|
mkdir -p $(dirname "$state")
|
||||||
|
|
||||||
ip link set "${i.name}" up
|
ip link set dev "${i.name}" up
|
||||||
|
|
||||||
${flip concatMapStrings ips (ip:
|
${flip concatMapStrings ips (ip:
|
||||||
let
|
let
|
||||||
|
@ -270,7 +270,7 @@ let
|
||||||
ip tuntap add dev "${i.name}" mode "${i.virtualType}" user "${i.virtualOwner}"
|
ip tuntap add dev "${i.name}" mode "${i.virtualType}" user "${i.virtualOwner}"
|
||||||
'';
|
'';
|
||||||
postStop = ''
|
postStop = ''
|
||||||
ip link del ${i.name} || true
|
ip link del dev ${i.name} || true
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -291,15 +291,15 @@ let
|
||||||
script = ''
|
script = ''
|
||||||
# Remove Dead Interfaces
|
# Remove Dead Interfaces
|
||||||
echo "Removing old bridge ${n}..."
|
echo "Removing old bridge ${n}..."
|
||||||
ip link show dev "${n}" >/dev/null 2>&1 && ip link del "${n}"
|
ip link show dev "${n}" >/dev/null 2>&1 && ip link del dev "${n}"
|
||||||
|
|
||||||
echo "Adding bridge ${n}..."
|
echo "Adding bridge ${n}..."
|
||||||
ip link add name "${n}" type bridge
|
ip link add name "${n}" type bridge
|
||||||
|
|
||||||
# Enslave child interfaces
|
# Enslave child interfaces
|
||||||
${flip concatMapStrings v.interfaces (i: ''
|
${flip concatMapStrings v.interfaces (i: ''
|
||||||
ip link set "${i}" master "${n}"
|
ip link set dev "${i}" master "${n}"
|
||||||
ip link set "${i}" up
|
ip link set dev "${i}" up
|
||||||
'')}
|
'')}
|
||||||
# Save list of enslaved interfaces
|
# Save list of enslaved interfaces
|
||||||
echo "${flip concatMapStrings v.interfaces (i: ''
|
echo "${flip concatMapStrings v.interfaces (i: ''
|
||||||
|
@ -316,7 +316,7 @@ let
|
||||||
for uri in qemu:///system lxc:///; do
|
for uri in qemu:///system lxc:///; do
|
||||||
for dom in $(${pkgs.libvirt}/bin/virsh -c $uri list --name); do
|
for dom in $(${pkgs.libvirt}/bin/virsh -c $uri list --name); do
|
||||||
${pkgs.libvirt}/bin/virsh -c $uri dumpxml "$dom" | \
|
${pkgs.libvirt}/bin/virsh -c $uri dumpxml "$dom" | \
|
||||||
${pkgs.xmlstarlet}/bin/xmlstarlet sel -t -m "//domain/devices/interface[@type='bridge'][source/@bridge='${n}'][target/@dev]" -v "concat('ip link set ',target/@dev,' master ',source/@bridge,';')" | \
|
${pkgs.xmlstarlet}/bin/xmlstarlet sel -t -m "//domain/devices/interface[@type='bridge'][source/@bridge='${n}'][target/@dev]" -v "concat('ip link set dev ',target/@dev,' master ',source/@bridge,';')" | \
|
||||||
${pkgs.bash}/bin/bash
|
${pkgs.bash}/bin/bash
|
||||||
done
|
done
|
||||||
done
|
done
|
||||||
|
@ -328,23 +328,23 @@ let
|
||||||
echo 2 >/sys/class/net/${n}/bridge/stp_state
|
echo 2 >/sys/class/net/${n}/bridge/stp_state
|
||||||
''}
|
''}
|
||||||
|
|
||||||
ip link set "${n}" up
|
ip link set dev "${n}" up
|
||||||
'';
|
'';
|
||||||
postStop = ''
|
postStop = ''
|
||||||
ip link set "${n}" down || true
|
ip link set dev "${n}" down || true
|
||||||
ip link del "${n}" || true
|
ip link del dev "${n}" || true
|
||||||
rm -f /run/${n}.interfaces
|
rm -f /run/${n}.interfaces
|
||||||
'';
|
'';
|
||||||
reload = ''
|
reload = ''
|
||||||
# Un-enslave child interfaces (old list of interfaces)
|
# Un-enslave child interfaces (old list of interfaces)
|
||||||
for interface in `cat /run/${n}.interfaces`; do
|
for interface in `cat /run/${n}.interfaces`; do
|
||||||
ip link set "$interface" nomaster up
|
ip link set dev "$interface" nomaster up
|
||||||
done
|
done
|
||||||
|
|
||||||
# Enslave child interfaces (new list of interfaces)
|
# Enslave child interfaces (new list of interfaces)
|
||||||
${flip concatMapStrings v.interfaces (i: ''
|
${flip concatMapStrings v.interfaces (i: ''
|
||||||
ip link set "${i}" master "${n}"
|
ip link set dev "${i}" master "${n}"
|
||||||
ip link set "${i}" up
|
ip link set dev "${i}" up
|
||||||
'')}
|
'')}
|
||||||
# Save list of enslaved interfaces
|
# Save list of enslaved interfaces
|
||||||
echo "${flip concatMapStrings v.interfaces (i: ''
|
echo "${flip concatMapStrings v.interfaces (i: ''
|
||||||
|
@ -395,7 +395,7 @@ let
|
||||||
postStop = ''
|
postStop = ''
|
||||||
echo "Cleaning Open vSwitch ${n}"
|
echo "Cleaning Open vSwitch ${n}"
|
||||||
echo "Shutting down internal ${n} interface"
|
echo "Shutting down internal ${n} interface"
|
||||||
ip link set ${n} down || true
|
ip link set dev ${n} down || true
|
||||||
echo "Deleting flows for ${n}"
|
echo "Deleting flows for ${n}"
|
||||||
ovs-ofctl --protocols=${v.openFlowVersion} del-flows ${n} || true
|
ovs-ofctl --protocols=${v.openFlowVersion} del-flows ${n} || true
|
||||||
echo "Deleting Open vSwitch ${n}"
|
echo "Deleting Open vSwitch ${n}"
|
||||||
|
@ -433,10 +433,10 @@ let
|
||||||
while [ ! -d "/sys/class/net/${n}" ]; do sleep 0.1; done;
|
while [ ! -d "/sys/class/net/${n}" ]; do sleep 0.1; done;
|
||||||
|
|
||||||
# Bring up the bond and enslave the specified interfaces
|
# Bring up the bond and enslave the specified interfaces
|
||||||
ip link set "${n}" up
|
ip link set dev "${n}" up
|
||||||
${flip concatMapStrings v.interfaces (i: ''
|
${flip concatMapStrings v.interfaces (i: ''
|
||||||
ip link set "${i}" down
|
ip link set dev "${i}" down
|
||||||
ip link set "${i}" master "${n}"
|
ip link set dev "${i}" master "${n}"
|
||||||
'')}
|
'')}
|
||||||
'';
|
'';
|
||||||
postStop = destroyBond n;
|
postStop = destroyBond n;
|
||||||
|
@ -457,13 +457,13 @@ let
|
||||||
path = [ pkgs.iproute2 ];
|
path = [ pkgs.iproute2 ];
|
||||||
script = ''
|
script = ''
|
||||||
# Remove Dead Interfaces
|
# Remove Dead Interfaces
|
||||||
ip link show dev "${n}" >/dev/null 2>&1 && ip link delete "${n}"
|
ip link show dev "${n}" >/dev/null 2>&1 && ip link delete dev "${n}"
|
||||||
ip link add link "${v.interface}" name "${n}" type macvlan \
|
ip link add link "${v.interface}" name "${n}" type macvlan \
|
||||||
${optionalString (v.mode != null) "mode ${v.mode}"}
|
${optionalString (v.mode != null) "mode ${v.mode}"}
|
||||||
ip link set "${n}" up
|
ip link set dev "${n}" up
|
||||||
'';
|
'';
|
||||||
postStop = ''
|
postStop = ''
|
||||||
ip link delete "${n}" || true
|
ip link delete dev "${n}" || true
|
||||||
'';
|
'';
|
||||||
});
|
});
|
||||||
|
|
||||||
|
@ -515,7 +515,7 @@ let
|
||||||
path = [ pkgs.iproute2 ];
|
path = [ pkgs.iproute2 ];
|
||||||
script = ''
|
script = ''
|
||||||
# Remove Dead Interfaces
|
# Remove Dead Interfaces
|
||||||
ip link show dev "${n}" >/dev/null 2>&1 && ip link delete "${n}"
|
ip link show dev "${n}" >/dev/null 2>&1 && ip link delete dev "${n}"
|
||||||
ip link add name "${n}" type sit \
|
ip link add name "${n}" type sit \
|
||||||
${optionalString (v.remote != null) "remote \"${v.remote}\""} \
|
${optionalString (v.remote != null) "remote \"${v.remote}\""} \
|
||||||
${optionalString (v.local != null) "local \"${v.local}\""} \
|
${optionalString (v.local != null) "local \"${v.local}\""} \
|
||||||
|
@ -526,10 +526,10 @@ let
|
||||||
optionalString (v.encapsulation.sourcePort != null)
|
optionalString (v.encapsulation.sourcePort != null)
|
||||||
"encap-sport ${toString v.encapsulation.sourcePort}"
|
"encap-sport ${toString v.encapsulation.sourcePort}"
|
||||||
}"}
|
}"}
|
||||||
ip link set "${n}" up
|
ip link set dev "${n}" up
|
||||||
'';
|
'';
|
||||||
postStop = ''
|
postStop = ''
|
||||||
ip link delete "${n}" || true
|
ip link delete dev "${n}" || true
|
||||||
'';
|
'';
|
||||||
});
|
});
|
||||||
|
|
||||||
|
@ -549,16 +549,16 @@ let
|
||||||
path = [ pkgs.iproute2 ];
|
path = [ pkgs.iproute2 ];
|
||||||
script = ''
|
script = ''
|
||||||
# Remove Dead Interfaces
|
# Remove Dead Interfaces
|
||||||
ip link show dev "${n}" >/dev/null 2>&1 && ip link delete "${n}"
|
ip link show dev "${n}" >/dev/null 2>&1 && ip link delete dev "${n}"
|
||||||
ip link add name "${n}" type ${v.type} \
|
ip link add name "${n}" type ${v.type} \
|
||||||
${optionalString (v.remote != null) "remote \"${v.remote}\""} \
|
${optionalString (v.remote != null) "remote \"${v.remote}\""} \
|
||||||
${optionalString (v.local != null) "local \"${v.local}\""} \
|
${optionalString (v.local != null) "local \"${v.local}\""} \
|
||||||
${optionalString (v.ttl != null) "${ttlarg} ${toString v.ttl}"} \
|
${optionalString (v.ttl != null) "${ttlarg} ${toString v.ttl}"} \
|
||||||
${optionalString (v.dev != null) "dev \"${v.dev}\""}
|
${optionalString (v.dev != null) "dev \"${v.dev}\""}
|
||||||
ip link set "${n}" up
|
ip link set dev "${n}" up
|
||||||
'';
|
'';
|
||||||
postStop = ''
|
postStop = ''
|
||||||
ip link delete "${n}" || true
|
ip link delete dev "${n}" || true
|
||||||
'';
|
'';
|
||||||
});
|
});
|
||||||
|
|
||||||
|
@ -577,17 +577,17 @@ let
|
||||||
path = [ pkgs.iproute2 ];
|
path = [ pkgs.iproute2 ];
|
||||||
script = ''
|
script = ''
|
||||||
# Remove Dead Interfaces
|
# Remove Dead Interfaces
|
||||||
ip link show dev "${n}" >/dev/null 2>&1 && ip link delete "${n}"
|
ip link show dev "${n}" >/dev/null 2>&1 && ip link delete dev "${n}"
|
||||||
ip link add link "${v.interface}" name "${n}" type vlan id "${toString v.id}"
|
ip link add link "${v.interface}" name "${n}" type vlan id "${toString v.id}"
|
||||||
|
|
||||||
# We try to bring up the logical VLAN interface. If the master
|
# We try to bring up the logical VLAN interface. If the master
|
||||||
# interface the logical interface is dependent upon is not up yet we will
|
# interface the logical interface is dependent upon is not up yet we will
|
||||||
# fail to immediately bring up the logical interface. The resulting logical
|
# fail to immediately bring up the logical interface. The resulting logical
|
||||||
# interface will brought up later when the master interface is up.
|
# interface will brought up later when the master interface is up.
|
||||||
ip link set "${n}" up || true
|
ip link set dev "${n}" up || true
|
||||||
'';
|
'';
|
||||||
postStop = ''
|
postStop = ''
|
||||||
ip link delete "${n}" || true
|
ip link delete dev "${n}" || true
|
||||||
'';
|
'';
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
|
@ -442,7 +442,7 @@ in
|
||||||
postStop = ''
|
postStop = ''
|
||||||
echo "Cleaning Open vSwitch ${n}"
|
echo "Cleaning Open vSwitch ${n}"
|
||||||
echo "Shutting down internal ${n} interface"
|
echo "Shutting down internal ${n} interface"
|
||||||
ip link set ${n} down || true
|
ip link set dev ${n} down || true
|
||||||
echo "Deleting flows for ${n}"
|
echo "Deleting flows for ${n}"
|
||||||
ovs-ofctl --protocols=${v.openFlowVersion} del-flows ${n} || true
|
ovs-ofctl --protocols=${v.openFlowVersion} del-flows ${n} || true
|
||||||
echo "Deleting Open vSwitch ${n}"
|
echo "Deleting Open vSwitch ${n}"
|
||||||
|
|
|
@ -19,7 +19,7 @@ stdenv.mkDerivation rec {
|
||||||
];
|
];
|
||||||
|
|
||||||
postPatch = ''
|
postPatch = ''
|
||||||
sed -e 's@"/sbin/ifconfig.*"@"${iproute2}/sbin/ip link set $IFNAME address $MAC mtu $MTU"@' -i src/device-linux.C
|
sed -e 's@"/sbin/ifconfig.*"@"${iproute2}/sbin/ip link set dev $IFNAME address $MAC mtu $MTU"@' -i src/device-linux.C
|
||||||
sed -e 's@/sbin/ifconfig@${nettools}/sbin/ifconfig@g' -i src/device-*.C
|
sed -e 's@/sbin/ifconfig@${nettools}/sbin/ifconfig@g' -i src/device-*.C
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue