Bug 1315018

Summary: RHEL6: network initscript touches wrong or inexistent interfaces when tunnel interface is present
Product: Red Hat Enterprise Linux 6 Reporter: Rodrigo A B Freire <rfreire>
Component: initscriptsAssignee: David Kaspar // Dee'Kej <deekej>
Status: CLOSED ERRATA QA Contact: Jan Ščotka <jscotka>
Severity: medium Docs Contact: Clayton Spicer <cspicer>
Priority: medium    
Version: 6.8CC: deekej, drusek, jscotka, lnykryn
Target Milestone: rcKeywords: EasyFix, FastFix, Patch
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: initscripts-9.03.55-1 Doc Type: Release Note
Doc Text:
The "service network stop" command no longer attempts to stop services which are already stopped Previously, when a tunnel interface was present, the "service network stop" command incorrectly attempted to stop services which had been stopped already, displaying an error message. With this update, this bug is fixed, and the "service network stop" command now only stops running services.
 Story Points: ---
Clone Of:
: 1398679 (view as bug list) Environment:
Last Closed: 2017-03-21 11:53:03 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1356056, 1398679    
Attachments:
Description Flags
Script misbehaviour
none
Script working correctly
none
Patch: initscripts: Fixes interface enumeration on shutdown test
none
[PATCH] network: Fixes ifdown var leak, add tunnel treatment
none
[PATCH] network: Fixes ifdown var leak, add tunnel treatment none

Description Rodrigo A B Freire 2016-03-05 18:32:35 UTC 
Description of problem:
* A "# service network stop" tries to stop already stopped interfaces when a 'tunnel' interface is present.

Version-Release number of selected component (if applicable):
* initscripts-9.03.49-1.el6_7.4.x86_64

How reproducible:
* Always

Steps to Reproduce:
0. Test this reproducer in a system with several eth interfaces defined in /etc/sysconfig/network-scripts. Even if your system has just a single ethernet attached to it.
1. Start your network;
2. Start a tunnel interface (defined by /etc/sysconfig/network-scripts/ifcfg-tunnel(x)
3. Set a verbose bash -x output in your /etc/init.d/network
4. Stop the network

Actual results:
* The function check_device_down will use tunnel0 as a reference interface (which is up) and the network script will try to stop every interface in the system, regardless if it actually exists or is up.

Expected results:
* check_device_down should check the correct interface and down/skip accordingly.

Additional info:
See bad-output.txt line 177 - 188. It uses tunnel0 as reference to stop eth0.
Going further, see lines 224 - 237, trying to shutdown a non-existent interface.

Fixed script: See good-output.txt.
Comment 1 Rodrigo A B Freire 2016-03-05 18:39:18 UTC 
Created attachment 1133382 [details]
Script misbehaviour
Comment 2 Rodrigo A B Freire 2016-03-05 18:39:41 UTC 
Created attachment 1133383 [details]
Script working correctly
Comment 3 Rodrigo A B Freire 2016-03-05 18:41:45 UTC 
Created attachment 1133384 [details]
Patch: initscripts: Fixes interface enumeration on shutdown test
Comment 4 Rodrigo A B Freire 2016-03-05 20:58:59 UTC 
Post: 
https://lists.fedorahosted.org/archives/list/initscripts-devel@lists.fedorahosted.org/thread/4Q5HHDJOJNO42HOCVA7LFVJLS5UNKWAF/
Comment 5 Lukáš Nykrýn 2016-03-07 07:41:39 UTC 
Thanks for those patches, I will review them as soon as possible.

(I keep post status for the bugs that are already committed in upstream git)
Comment 6 Rodrigo A B Freire 2016-03-07 15:47:12 UTC 
Created attachment 1133824 [details]
[PATCH] network: Fixes ifdown var leak, add tunnel treatment

Lukáš Nykrýn píše v Po 07. 03. 2016 v 12:35 +0100: 
> Hello,
> 
> I don't think this patch is correct. I can have for example vlan 
> eth0.10 and in configuration in file ifcfg-myvlan, with this patch 
> the device would not be pulled down.
>
> This is totally untested guess, but I think that correct fix would be:
> 
> diff --git a/rc.d/init.d/network b/rc.d/init.d/network
> index cbb9ddf..8cf851d 100755
> --- a/rc.d/init.d/network
> +++ b/rc.d/init.d/network
> @@ -204,6 +204,7 @@ case "$1" in
>         done
>         
>         for i in $xdslinterfaces $bridgeinterfaces $vlaninterfaces
> $remaining; do
> +               unset DEVICE
>                 (. ./ifcfg-$i
>                 if [ -z "$DEVICE" ] ; then DEVICE="$i"; fi

You are right. Very well spotted, Lukas. I rewrote the patch containing your suggestion and it now works accordingly, even with the scenario that you described.

[root@rf network-scripts]# service network start
Bringing up loopback interface:                            [  OK  ]
Bringing up interface eth0:  Active connection state: activated
Active connection path: /org/freedesktop/NetworkManager/ActiveConnection/6
                                                           [  OK  ]
Bringing up interface myvlan:  Determining if ip address 192.168.2.1 is already in use for device eth0.1...
                                                           [  OK  ]
[root@rf network-scripts]# 
[root@rf network-scripts]# 
[root@rf network-scripts]# ifup tunnel0
[root@rf network-scripts]# 
[root@rf network-scripts]# 
[root@rf network-scripts]# service network stop
Shutting down interface tunnel0:                           [  OK  ]
Shutting down interface myvlan:                            [  OK  ]
Shutting down interface eth0:  Device state: 3 (disconnected)
                                                           [  OK  ]
Shutting down interface eth1:                              [  OK  ]
Shutting down loopback interface:                          [  OK  ]
Comment 7 Rodrigo A B Freire 2016-03-07 16:36:39 UTC 
Created attachment 1133835 [details]
[PATCH] network: Fixes ifdown var leak, add tunnel treatment

Renamed %s/tunnelinterface/vpninterface/g.
Comment 8 Lukáš Nykrýn 2016-03-08 14:55:51 UTC 
Devel_Ack for mentioned patch for 6.9.
Comment 9 David Kaspar // Dee'Kej 2016-10-28 11:59:52 UTC 
The changes proposed by Rodrigo Freire have been commited ~8 months ago:
https://github.com/fedora-sysv/initscripts/commit/82c97b4ac121269ecb829
Comment 17 errata-xmlrpc 2017-03-21 11:53:03 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2017-0786.html