[Bug 1792168] [NEW] ifupdown hotplug dhcp fails due to udevadm RestrictAddressFamilies

Scott Moser ssmoser2+ubuntu at gmail.com
Wed Sep 12 15:16:02 UTC 2018 

Public bug reported:

I haven't verified this, but I believe that ifupdown works through udevadm hooks.
So udevadm hotplug event -> ifup eth0.
Any subprocesses of a udevadm hook will be restricted by the systemd-udevd.service
restrictions, which currently are
   RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6

We found this when playing with udevamd hooks to bring up network
devices on cosmic (netplan).

root at b1:~# systemctl cat udev.service
# /lib/systemd/system/systemd-udevd.service
#  SPDX-License-Identifier: LGPL-2.1+
#
#  This file is part of systemd.
#
#  systemd is free software; you can redistribute it and/or modify it
#  under the terms of the GNU Lesser General Public License as published by
#  the Free Software Foundation; either version 2.1 of the License, or
#  (at your option) any later version.

[Unit]
Description=udev Kernel Device Manager
Documentation=man:systemd-udevd.service(8) man:udev(7)
DefaultDependencies=no
After=systemd-sysusers.service systemd-hwdb-update.service
Before=sysinit.target
ConditionPathIsReadWrite=/sys

[Service]
Type=notify
OOMScoreAdjust=-1000
Sockets=systemd-udevd-control.socket systemd-udevd-kernel.socket
Restart=always
RestartSec=0
ExecStart=/lib/systemd/systemd-udevd
KillMode=mixed
WatchdogSec=3min
TasksMax=infinity
MountFlags=slave
MemoryDenyWriteExecute=yes
RestrictRealtime=yes
RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6
SystemCallArchitectures=native
LockPersonality=yes
IPAddressDeny=any

ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: ifupdown 0.8.17ubuntu1.1
ProcVersionSignature: Ubuntu 4.17.0-9.10-generic 4.17.17
Uname: Linux 4.17.0-9-generic x86_64
ApportVersion: 2.20.9-0ubuntu7.3
Architecture: amd64
Date: Wed Sep 12 15:09:01 2018
ProcEnviron:
 TERM=screen.xterm-256color
 PATH=(custom, no user)
 LANG=C.UTF-8
SourcePackage: ifupdown
UpgradeStatus: No upgrade log present (probably fresh install)

** Affects: ifupdown (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: amd64 apport-bug bionic uec-images

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to ifupdown in Ubuntu.
https://bugs.launchpad.net/bugs/1792168

Title:
  ifupdown hotplug dhcp fails due to udevadm RestrictAddressFamilies

Status in ifupdown package in Ubuntu:
  New

Bug description:
  I haven't verified this, but I believe that ifupdown works through udevadm hooks.
  So udevadm hotplug event -> ifup eth0.
  Any subprocesses of a udevadm hook will be restricted by the systemd-udevd.service
  restrictions, which currently are
     RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6

  We found this when playing with udevamd hooks to bring up network
  devices on cosmic (netplan).

  root at b1:~# systemctl cat udev.service
  # /lib/systemd/system/systemd-udevd.service
  #  SPDX-License-Identifier: LGPL-2.1+
  #
  #  This file is part of systemd.
  #
  #  systemd is free software; you can redistribute it and/or modify it
  #  under the terms of the GNU Lesser General Public License as published by
  #  the Free Software Foundation; either version 2.1 of the License, or
  #  (at your option) any later version.

  [Unit]
  Description=udev Kernel Device Manager
  Documentation=man:systemd-udevd.service(8) man:udev(7)
  DefaultDependencies=no
  After=systemd-sysusers.service systemd-hwdb-update.service
  Before=sysinit.target
  ConditionPathIsReadWrite=/sys

  [Service]
  Type=notify
  OOMScoreAdjust=-1000
  Sockets=systemd-udevd-control.socket systemd-udevd-kernel.socket
  Restart=always
  RestartSec=0
  ExecStart=/lib/systemd/systemd-udevd
  KillMode=mixed
  WatchdogSec=3min
  TasksMax=infinity
  MountFlags=slave
  MemoryDenyWriteExecute=yes
  RestrictRealtime=yes
  RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6
  SystemCallArchitectures=native
  LockPersonality=yes
  IPAddressDeny=any

  ProblemType: Bug
  DistroRelease: Ubuntu 18.04
  Package: ifupdown 0.8.17ubuntu1.1
  ProcVersionSignature: Ubuntu 4.17.0-9.10-generic 4.17.17
  Uname: Linux 4.17.0-9-generic x86_64
  ApportVersion: 2.20.9-0ubuntu7.3
  Architecture: amd64
  Date: Wed Sep 12 15:09:01 2018
  ProcEnviron:
   TERM=screen.xterm-256color
   PATH=(custom, no user)
   LANG=C.UTF-8
  SourcePackage: ifupdown
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ifupdown/+bug/1792168/+subscriptions

More information about the foundations-bugs mailing list