[Bug 2077011] Re: [SRU] Backport netplan.io 1.1.1-1 to 24.04
Launchpad Bug Tracker
2077011 at bugs.launchpad.net
Wed Jan 8 20:12:50 UTC 2025
This bug was fixed in the package netplan.io - 1.1.1-1~ubuntu24.04.1
---------------
netplan.io (1.1.1-1~ubuntu24.04.1) noble; urgency=medium
* Backport netplan.io 1.1.1-1 to 24.04 (LP: #2077011)
- NM: add support for stable-ssid MAC option !524 (LP:2084234)
- wpa_supplicant: add ExecReload to the service unit !523
- Create snippet files for single-sourcing repetitive instructions !505
- doc: Add initial 'Cryptography' section !517
- Several code cleanup & fixes for TiCS !507
- tests: ethernets: Add ipv6-address-generation integration tests !509
- cli: drop python-netifaces !503 (LP:2065870, LP:2017585)
- parse-nm: account for veth and dummy when checking for virtual types !513
- Avoid dependency on dbus-python !511
- tests: Improve vrf/wireguard modprobe check inside containers !510
- tests:ethernets: avoid flaky test_ip6_eui64 results !514
- ovs: quote external-ids and other-config values !512 (LP:2070318)
- Handle implicit conversions !496
- Use more permissive umask for .service units !516 (LP:2072486)
- Revert "apply: make sure that networkd is restarted when needed" !518
(LP:2078009)
- Handling encoding issues on netplan status !521 (LP:2079975)
- include: fix apidoc warnings about undocumented parameters
Upstream v1.1:
- CI: adopt autopkgtest for 1.0-1 on 22.04
- tools/keyfile_to_yaml: display the generated YAML
- tests: import the config fuzzing tests
- ATTN: parse/bonds: handle same primary in multiple bonds
- sriov: accept setting the eswitch mode without VFs (LP:2020409)
- Custom systemd-networkd-wait-online override to wait on interfaces.
(Closes: #1008995) (LP:2060311)
- Ignore bad NetDefs and files via parser flags
- networkd:apply: Drop handling of legacy wpa@ instance units
- migrate: support aliases
- networkd: add ipv6 ra overrides (LP:1973222)
- netplan status --diff fixes and improvements
- apply: make sure that networkd is restarted when needed
- Don't escape certain non-ascii characters
- networkd: make s-n-wait-online wait for at least one routable interface
- networkd: Implement ipv6-address-generation: stable-privacy
- Implementing advmss ip route option
- meson: Add 'testing' option
- Add a scheduled workflow to run TICS
- ci: migrate to Ubuntu 24.04
- Prepare Netplan v1.1
Documentation:
- Fix wrong syntax in example
- Tutorial improvements
- added guide for contributing to the netplan documentation
- Add initial SECURITY.md policy
- Create single-nic-vm-host.md
- Create single-nic-vm-host-with-vlans.md
- Create multi-nic-vm-host-with-bonds-and-vlans.md
- bullet point removal
- Add netplan try to netplan tutorial
- Update the docs checks runner to ubuntu-latest
- Add spelling exceptions
Bug fixes:
- Fix logging setup when python-rich is not present
- parse-nm: add a workaround for the DoT DNS option (LP:2055148)
- parse: don't remove datalist items during iteration
- parse: fix redefinition of gateway(4|6)
- python: elements of all must be strings
- CI: Fix DebCI check, using newer 'meson' from unstable
- tests: fix diff test with iproute2 6.8
- cli/generate: skip daemon_reload with --mapping
- CI: fork spread to get snapcore/spread#179 fixes
- ctests: fix a memory leak in a unit test
- nm/nd: fix a couple of crashes
- test:integration: Try to improve test flakyness (Closes: #1069871)
- Security fixes (CVE-2022-4968)
- emitter: allow unicode characters in the emitter (LP:2071652)
- CLI:apply: call udevadm trigger, using --action=move
(Closes: #1071220) (LP:2066344, LP:2071363)
- CI: fix CodeQL permissions
- ci: run meson tests with unbuffer
- ci/tics: install "expect" as a dependency
- generate: avoid calling 'udevadm control --reload' (LP:1999178)
- netplan ignores NetworkManager ipv4.route-metric (LP:2076172)
- Change default umask when creating directories (LP:2076319)
* d/libnetplan1.symbols: Update symbols file for v1.1
* d/t/control: Add breaks-testbed for more robust CI
* d/t/control: Add python3-packaging test dependency for 'routing.py'
* d/rules: Handle improved 'nocheck' option (Closes: #1071599)
* d/{rules,control}: Utilize dh-python
* d/control:
+ Change Maintainer to Networking team
+ Mark udev as a (test-)dependency
+ Drop python3-{dbus,netifaces} dependencies, not needed anymore
+ Add ethtool dependency, needed as of 1.1.1
+ Mark libcmocka-dev as a test-dependency
+ Clarify package description (Closes: #1076445)
-- Lukas Märdian <slyon at ubuntu.com> Tue, 22 Oct 2024 15:54:21 +0200
** Changed in: netplan.io (Ubuntu Noble)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-4968
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to netplan.io in Ubuntu.
Matching subscriptions: foundations-bugs
https://bugs.launchpad.net/bugs/2077011
Title:
[SRU] Backport netplan.io 1.1.1-1 to 24.04
Status in netplan.io package in Ubuntu:
Fix Released
Status in netplan.io source package in Noble:
Fix Released
Status in netplan.io source package in Oracular:
Fix Released
Status in netplan.io source package in Plucky:
Fix Released
Bug description:
Stable Release Update for netplan.io 1.1.1-1 to Noble (and Oracular).
This version contains many bug fixes and new features we want to make
available to users of Ubuntu 24.04.
netplan.io has an SRU exception for backporting new versions with new
features https://wiki.ubuntu.com/NetplanUpdates
[ Impact ]
This release contains both bug-fixes and new features and we would like to
make sure all of our supported customers have access to these improvements.
The notable ones are:
* improved systemd-networkd-wait-online logic, waiting for at least
one routable interface
* Ignoring of broken configuration, to bring up the network
partially (as much as possible)
* Dummy connections are not being passed the ipv4.route-metric value
from NM, instead they have the default value of 550, though this
behavior was not observed with the IPv6 protocol, affecting ProtonVPN
(LP: #2076172)
[ Test Plan ]
The following development and SRU process was followed:
https://wiki.ubuntu.com/NetplanUpdates
Netplan contains an extensive integration test suite that is ran using
the SRU package for each releases. This test suite's results are available here:
http://autopkgtest.ubuntu.com/packages/n/netplan.io
A successful run is required before the proposed netplan package
can be let into -updates.
The netplan team will be in charge of attaching the artifacts and console
output of the appropriate run to the bug. Netplan team members will not
mark ‘verification-done’ until this has happened.
In addition to that we want to validate a specific fix for Proton VPN
on Ubuntu 24.04:
1) Create dummy connection via nmcli: nmcli c a type dummy ifname
pvpnksintrf0 con-name pvpn-killswitch ipv4.method manual
ipv4.addresses "100.85.0.1/24" ipv4.gateway "100.85.0.1" ipv6.method
manual ipv6.addresses "fdeb:446c:912d:08da::/64" ipv6.gateway
"fdeb:446c:912d:08da::1" ipv4.route-metric 98 ipv6.route-metric 95
2) Run the command to show connection info: nmcli c s pvpn-killswitch
2.1) Notice that ipv6.route-metric has been taken but not ipv4.route-
metric, even though the data is present under /etc/netplan/90*.yml
[ Where problems could occur ]
In order to mitigate the regression potential, the results of the
aforementioned integration tests are attached to this bug.
Noble autopkgtest logs (PASS, except for the FLAKY "wifi" tests):
https://git.launchpad.net/~slyon/+git/files/plain/LP2077011/noble-amd64.log
https://git.launchpad.net/~slyon/+git/files/plain/LP2077011/noble-arm64.log
https://git.launchpad.net/~slyon/+git/files/plain/LP2077011/noble-armhf.log
https://git.launchpad.net/~slyon/+git/files/plain/LP2077011/noble-ppc64el.log
https://git.launchpad.net/~slyon/+git/files/plain/LP2077011/noble-s390x.log
Oracular autopkgtest logs (PASS, except for the FLAKY "wifi" tests):
https://git.launchpad.net/~slyon/+git/files/plain/LP2077011/oracular-amd64.log
https://git.launchpad.net/~slyon/+git/files/plain/LP2077011/oracular-arm64.log
https://git.launchpad.net/~slyon/+git/files/plain/LP2077011/oracular-armhf.log
https://git.launchpad.net/~slyon/+git/files/plain/LP2077011/oracular-ppc64el.log
https://git.launchpad.net/~slyon/+git/files/plain/LP2077011/oracular-s390x.log
This is not a big release and is available on Oracular & Debian for some time now without any concerning issues reported.
Parts of the wait-online related changes and SR-IOV (embedded-switch-mode) improvements were already present in Noble via distro patches or upstream v1.0.1.
As usual, any backwards compatibility issue that prevents the new
netplan to parse existing YAML files would leave the system without
networking configuration after a reboot. Therefore, we added one patch
in "d/p/sru-compat/" to weaken the validation of bonds, as it used to
be on Noble.
[ Other Info ]
* For Oracular this is just a point/patch release 1.1-1 ->
1.1.1-1~ubuntu24.10.1
* For Noble this is a major version bump 1.0.1-1ubuntu2~24.04.1 ->
1.1.1-1~ubuntu24.04.1
* A PPA for testing 1.1.1-1 on Noble can be found at
https://launchpad.net/~slyon/+archive/ubuntu/netplan/+packages
[ Changelog ]
* Backport netplan.io 1.1.1-1 to 24.04 (LP: #2077011)
- NM: add support for stable-ssid MAC option !524 (LP:2084234)
- wpa_supplicant: add ExecReload to the service unit !523
- Create snippet files for single-sourcing repetitive instructions !505
- doc: Add initial 'Cryptography' section !517
- Several code cleanup & fixes for TiCS !507
- tests: ethernets: Add ipv6-address-generation integration tests !509
- cli: drop python-netifaces !503 (LP:2065870, LP:2017585)
- parse-nm: account for veth and dummy when checking for virtual types !513
- Avoid dependency on dbus-python !511
- tests: Improve vrf/wireguard modprobe check inside containers !510
- tests:ethernets: avoid flaky test_ip6_eui64 results !514
- ovs: quote external-ids and other-config values !512 (LP:2070318)
- Handle implicit conversions !496
- Use more permissive umask for .service units !516 (LP:2072486)
- Revert "apply: make sure that networkd is restarted when needed" !518
(LP:2078009)
- Handling encoding issues on netplan status !521 (LP:2079975)
- include: fix apidoc warnings about undocumented parameters
Upstream v1.1:
- CI: adopt autopkgtest for 1.0-1 on 22.04
- tools/keyfile_to_yaml: display the generated YAML
- tests: import the config fuzzing tests
- ATTN: parse/bonds: handle same primary in multiple bonds
- sriov: accept setting the eswitch mode without VFs (LP:2020409)
- Custom systemd-networkd-wait-online override to wait on interfaces.
(Closes: #1008995) (LP:2060311)
- Ignore bad NetDefs and files via parser flags
- networkd:apply: Drop handling of legacy wpa@ instance units
- migrate: support aliases
- networkd: add ipv6 ra overrides (LP:1973222)
- netplan status --diff fixes and improvements
- apply: make sure that networkd is restarted when needed
- Don't escape certain non-ascii characters
- networkd: make s-n-wait-online wait for at least one routable interface
- networkd: Implement ipv6-address-generation: stable-privacy
- Implementing advmss ip route option
- meson: Add 'testing' option
- Add a scheduled workflow to run TICS
- ci: migrate to Ubuntu 24.04
- Prepare Netplan v1.1
Documentation:
- Fix wrong syntax in example
- Tutorial improvements
- added guide for contributing to the netplan documentation
- Add initial SECURITY.md policy
- Create single-nic-vm-host.md
- Create single-nic-vm-host-with-vlans.md
- Create multi-nic-vm-host-with-bonds-and-vlans.md
- bullet point removal
- Add netplan try to netplan tutorial
- Update the docs checks runner to ubuntu-latest
- Add spelling exceptions
Bug fixes:
- Fix logging setup when python-rich is not present
- parse-nm: add a workaround for the DoT DNS option (LP:2055148)
- parse: don't remove datalist items during iteration
- parse: fix redefinition of gateway(4|6)
- python: elements of all must be strings
- CI: Fix DebCI check, using newer 'meson' from unstable
- tests: fix diff test with iproute2 6.8
- cli/generate: skip daemon_reload with --mapping
- CI: fork spread to get snapcore/spread#179 fixes
- ctests: fix a memory leak in a unit test
- nm/nd: fix a couple of crashes
- test:integration: Try to improve test flakyness (Closes: #1069871)
- Security fixes (CVE-2022-4968)
- emitter: allow unicode characters in the emitter (LP:2071652)
- CLI:apply: call udevadm trigger, using --action=move
(Closes: #1071220) (LP:2066344, LP:2071363)
- CI: fix CodeQL permissions
- ci: run meson tests with unbuffer
- ci/tics: install "expect" as a dependency
- generate: avoid calling 'udevadm control --reload' (LP:1999178)
- netplan ignores NetworkManager ipv4.route-metric (LP:2076172)
- Change default umask when creating directories (LP:2076319)
* d/libnetplan1.symbols: Update symbols file for v1.1
* d/t/control: Add breaks-testbed for more robust CI
* d/t/control: Add python3-packaging test dependency for 'routing.py'
* d/rules: Handle improved 'nocheck' option (Closes: #1071599)
* d/{rules,control}: Utilize dh-python
* d/control:
+ Change Maintainer to Networking team
+ Mark udev as a (test-)dependency
+ Drop python3-{dbus,netifaces} dependencies, not needed anymore
+ Add ethtool dependency, needed as of 1.1.1
+ Mark libcmocka-dev as a test-dependency
+ Clarify package description (Closes: #1076445)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/netplan.io/+bug/2077011/+subscriptions
More information about the foundations-bugs
mailing list