[Bug 2095203] Re: `netplan apply` fails in LXD container with physical NIC passthrough

Lukas Märdian 2095203 at bugs.launchpad.net
Wed Mar 19 11:39:54 UTC 2025 

The fixes for Oracular and Noble will be tracked as part of a full-
version backport in LP: #2103603.

** Changed in: netplan.io (Ubuntu Oracular)
       Status: New => Invalid

** Changed in: netplan.io (Ubuntu Noble)
       Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to netplan.io in Ubuntu.
Matching subscriptions: foundations-bugs
https://bugs.launchpad.net/bugs/2095203

Title:
  `netplan apply` fails in LXD container with physical NIC passthrough

Status in Netplan:
  Fix Committed
Status in netplan.io package in Ubuntu:
  Fix Released
Status in netplan.io source package in Jammy:
  New
Status in netplan.io source package in Noble:
  Invalid
Status in netplan.io source package in Oracular:
  Invalid

Bug description:
  Hello,

  When using physical NIC passthrough in LXD containers [1], netplan
  fails when trying to run `udevadm`.

  Using these LXD devices for the container, where enp6s0 is a spare physical NIC:
  ```
  devices:
    eth0:
      name: eth0
      nictype: physical
      parent: enp6s0
      type: nic
    root:
      path: /
      pool: default
      type: disk
  ```

  Netplan config (the default):
  ```
  network:
    version: 2
    ethernets:
      eth0:
        dhcp4: true
  ```

  This happens when netplan is run in the container:
  ```
  $ sudo netplan apply
  eth0: Failed to write 'move' to '/sys/devices/pci0000:00/0000:00:01.5/0000:06:00.0/virtio11/net/eth0/uevent': Permission denied
  Traceback (most recent call last):
    File "/usr/sbin/netplan", line 23, in <module>
      netplan.main()
    File "/usr/share/netplan/netplan_cli/cli/core.py", line 58, in main
      self.run_command()
    File "/usr/share/netplan/netplan_cli/cli/utils.py", line 332, in run_command
      self.func()
    File "/usr/share/netplan/netplan_cli/cli/commands/apply.py", line 62, in run
      self.run_command()
    File "/usr/share/netplan/netplan_cli/cli/utils.py", line 332, in run_command
      self.func()
    File "/usr/share/netplan/netplan_cli/cli/commands/apply.py", line 255, in command_apply
      subprocess.check_call(['udevadm', 'trigger', '--action=move', '--subsystem-match=net', '--settle'])
    File "/usr/lib/python3.12/subprocess.py", line 413, in check_call
      raise CalledProcessError(retcode, cmd)
  subprocess.CalledProcessError: Command '['udevadm', 'trigger', '--action=move', '--subsystem-match=net', '--settle']' returned non-zero exit status 1.

  $ apt-cache policy netplan.io
  netplan.io:
    Installed: 1.1.1-1~ubuntu24.04.1
    Candidate: 1.1.1-1~ubuntu24.04.1
    Version table:
   *** 1.1.1-1~ubuntu24.04.1 500
          500 http://archive.ubuntu.com/ubuntu noble-updates/main amd64 Packages
          100 /var/lib/dpkg/status
       1.0-2ubuntu1.2 500
          500 http://security.ubuntu.com/ubuntu noble-security/main amd64 Packages
       1.0-2ubuntu1 500
          500 http://archive.ubuntu.com/ubuntu noble/main amd64 Packages
  ```

  This occurs in Jammy and Noble containers.

  A few things here:

  udevadm changed its return code logic in Feb 2021 to return errors
  when it fails to trigger devices. LXD does not handle udev in
  containers the way systemd upstream recommends [2][3] (/sys is mounted
  rw), so udevadm will trigger some devices and fail on others in a LXD
  container.

  Snapd ran into this problem when the udevadm change made its way into
  Ubuntu 21.10. They have a reasonable summary of the issue & their fix
  [4]. This boils down to snapd simply ignoring errors from `udevadm
  trigger`.

  It should be pretty straightforward to do the same fix for netplan
  [5], but I'd like someone with a little more exposure to the codebase
  to weigh in on this.

  Thanks!

  [1] https://documentation.ubuntu.com/lxd/en/latest/reference/devices_nic/#nictype-physical
  [2] https://github.com/systemd/systemd/issues/14431#issuecomment-570198194
  [3] https://www.freedesktop.org/wiki/Software/systemd/ContainerInterface/
  [4] https://github.com/canonical/snapd/pull/11056#pullrequestreview-806332045
  [5] https://github.com/canonical/netplan/blob/main/netplan_cli/cli/commands/apply.py#L255

To manage notifications about this bug go to:
https://bugs.launchpad.net/netplan/+bug/2095203/+subscriptions

More information about the foundations-bugs mailing list