Arch Linux

Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!
Tasklist

FS#79341 - Network namespaces broken on system upgrade

Attached to Project: Arch Linux
Opened by Naja Melan (najamelan) - Wednesday, 09 August 2023, 20:35 GMT
Last edited by Toolybird (Toolybird) - Wednesday, 09 August 2023, 21:10 GMT
Task Type Bug Report
Category System
Status Closed
Assigned To No-one
Architecture x86_64
Severity Medium
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Updating my system this week broke network namespaces. I can create them but the command `ip netns exec ...` leads to the following error message:

`setting the network namespace "mynamespace" failed: Invalid argument`. Exit status 255.

I have attached the output of strace. Note how it gets a first failure right at the top at

```
execve("/usr/bin/ip", ["ip", "netns", "exec", "mynamespace", "fish"], 0x7ffff0408230 /* 31 vars */) = 0
brk(NULL) = 0x55b76ee3c000
arch_prctl(0x3001 /* ARCH_??? */, 0x7ffdbe08ccf0) = -1 EINVAL (Invalid argument)
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
```
On `arch_prctl`.

Later notable failures are:
```
prctl(PR_CAPBSET_READ, CAP_MAC_OVERRIDE) = 1
prctl(PR_CAPBSET_READ, 0x30 /* CAP_??? */) = -1 EINVAL (Invalid argument)
prctl(PR_CAPBSET_READ, CAP_CHECKPOINT_RESTORE) = 1
prctl(PR_CAPBSET_READ, 0x2c /* CAP_??? */) = -1 EINVAL (Invalid argument)
prctl(PR_CAPBSET_READ, 0x2a /* CAP_??? */) = -1 EINVAL (Invalid argument)
prctl(PR_CAPBSET_READ, 0x29 /* CAP_??? */) = -1 EINVAL (Invalid argument)
```
And at the end:
```
setns(5, CLONE_NEWNET) = -1 EINVAL (Invalid argument)

```

The network namespace exists. The `/etc/ld.so.preload` ENOENT is a red herring I think. I `touch`ed it and the error goes away, second attached file after touch.

I do not find any other bug reports anywhere about this. I have however updated a second PC and same issue, so it's not something very specific to my first PC. I tried downgrading a few versions of linux kernel and iproute2, but I hadn't upgraded my system since June 23rd, so there is quite a range. I'm going to try and downgrade to the versions at June 23 and if that fixes it I will bisect which version breaks it specifically.

Package changes in the upgrade which caused the issue (note I'm not exactly certain which package caused it):
-linux 6.3.9.arch1-1
+linux 6.4.8.arch1-1
-iproute2 6.3.0-2
+iproute2 6.4.0-1
-systemd 253.5-2
+systemd 254-1

   strace ip netns - after touch... (8.9 KiB)
   strace ip netns (8.7 KiB)
This task depends upon

Closed by  Toolybird (Toolybird)
Wednesday, 09 August 2023, 21:10 GMT
Reason for closing:  Not a bug
Additional comments about closing:  "Not an arch issue and cause has been identified."
Comment by Naja Melan (najamelan) - Wednesday, 09 August 2023, 20:38 GMT
ps: nothing particularly notable in system logs/ dmesg.
Comment by Naja Melan (najamelan) - Wednesday, 09 August 2023, 20:43 GMT
Ok, downgrading all three of those packages solved the issue. I suspect systemd as the other two I had already downgraded to those versions I think.
Comment by Naja Melan (najamelan) - Wednesday, 09 August 2023, 20:47 GMT
Maybe relevant:
https://github.com/systemd/systemd/blob/main/NEWS#L76
Comment by loqs (loqs) - Wednesday, 09 August 2023, 20:55 GMT
arch_prctl(0x3001 /* ARCH_??? */, 0x7ffdbe08ccf0) = -1 EINVAL (Invalid argument)
This is from glibc's SHSTK code that the kernel does not support. Its failure is expected and unrelated to your issue.
Comment by Naja Melan (najamelan) - Wednesday, 09 August 2023, 20:56 GMT
Ok, that was it. Setting the `PrivateMounts=no` in the unit files that create the namespaces solved the issue on upgraded systemd.

Loading...