Arch Linux

Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!
Tasklist

FS#37781 - [netctl] should be able to execute commands/scripts before bringing an interface up

Attached to Project: Arch Linux
Opened by Pavel (bartender) - Friday, 15 November 2013, 18:14 GMT
Last edited by Jouke Witteveen (jouke) - Sunday, 02 March 2014, 17:25 GMT
Task Type Feature Request
Category Arch Projects
Status Closed
Assigned To Jouke Witteveen (jouke)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Description:
I'll explain what currently goes wrong with an example.
Since kernel 3.10 and recent iproute2 we have support for IPv6 "tokens" in Linux.
When you use IPv6 stateless autoconfiguration, tokens allow you to set a custom host part for IPv6 address.
If you run this:
ip token set ::abcd/64 dev eth0
your auto-configured address will look like 2222:3333:4444:5555::abcd where 2222:3333:4444:5555:: is the net part you got from your router.

To use this with netctl you configure the profile like so:
IPCustom=("token set ::2/64 dev eth0")

But it will have a side effect. The interface will have both the initial global address and the tokened address. The first one will expire in a few hours.
We currently have to way to configure netctl so that in marks an interface "up" only after the token is set (if I'm not missing something). One can remove the first address in a script, but it would be pretty complicated since we don't know the exact address beforehand.

Additional info:
* package version: 1.4
* my profile:
Description="bridge connection"
Interface=br0
Connection=bridge
BindsToInterfaces=(lan0 veth1)
IP=dhcp
TimeoutDHCP=15
IP6=stateless
IPCustom=("token set ::2/64 dev br0")
ExecUpPost='/usr/local/bin/firewall'

I'm not using the actual Arch, I run netctl in Gentoo and in Arch Linux ARM.
This task depends upon

Closed by  Jouke Witteveen (jouke)
Sunday, 02 March 2014, 17:25 GMT
Reason for closing:  Fixed
Additional comments about closing:  03afcdc
Comment by Jouke Witteveen (jouke) - Sunday, 24 November 2013, 13:46 GMT
Thanks for the report. There is a philosophical problem: tokens cannot be removed, only overwritten. Because of this, they are not actually part of a profile. More precisely, starting and stopping the profile would have a lasting effect when the token is part of the profile. An extreme conclusion would be that the token should be set outside of netctl (in a separate systemd service), but this might not be preferable in practice. Suggestions for a good solution are welcome, I don't consider global netctl settings a good solution.

One way to implement this right now is by having an interface hook containing a line `ip token set ::2/64 dev "$(basename "$0")"`, but this would be executed every time netctl sources the hook.
Comment by Pavel (bartender) - Sunday, 24 November 2013, 15:10 GMT
Thanks for the hook hint. I was able to do it with eth0 interface, but it does not work with a bridge interface (br0). Probably because the hook is sourced before the bridge interface is created by netctl.
If there was another systemd service run prior to netctl for the purpose of setting tokens, it would have the same problem.
Comment by Jouke Witteveen (jouke) - Sunday, 02 March 2014, 17:25 GMT
In the next version of netctl, you will be able to add hooks for interfaces that are created by profiles too. In this case, you could use a hook for br0.

Loading...