Bug 1257955 - Enabling ipv6 privacy extensions in NetworkManager is not user friendly and deeply hidden in the system
Summary: Enabling ipv6 privacy extensions in NetworkManager is not user friendly and d...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: NetworkManager
Version: 22
Hardware: x86_64
OS: Linux
unspecified
unspecified
Target Milestone: ---
Assignee: Lubomir Rintel
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-08-28 13:15 UTC by Sascha Zantis
Modified: 2015-10-04 22:52 UTC (History)
3 users (show)

Fixed In Version: NetworkManager-1.0.6-6.fc22
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-10-04 22:52:57 UTC


Attachments (Terms of Use)

Description Sascha Zantis 2015-08-28 13:15:39 UTC
Description of problem:
So I read a little about ipv6 today and decided to test a few things on my Fedora laptop. I have an ipv6 capable wifi hotspot at the university so I connected to it and checked some things concerning privacy extensions. The "old" way to enable privacy extensions (which are not enabled by default, whyever) is putting 

net.ipv6.conf.wlp3s0.use_tempaddr=2

in /etc/sysctl.conf (or whichever equivalent file), reboot, done.

Well, checking my ip address after doing so showed me that the privacy extensions were not enabled. After digging around for quite a while, I found out that the _only_ way to enable the privacy extensions is editing 

/etc/sysconfig/network-scripts/ifcfg-<your-connection> 

and putting the line 

IPV6_PRIVACY=rfc3041

in it. The only place where this is documented is https://fedoraproject.org/wiki/Tools/NetworkManager/IPv6

I read about that behaviour in some other bug reports and found a RHEL bug (https://bugzilla.redhat.com/show_bug.cgi?id=1187525) which links to a commit that enables privacy extensions by default (http://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?h=nm-1-0&id=2f51ba50df8341370ab1f480f9ec6d60cd32ece2). 

The NetworkManager version in Fedora is 1.0.2, so I would think that the patch would be integrated in Fedora an privacy extensions would be enabled by default, which would be a much better default behaviour in my opinion.

Version-Release number of selected component (if applicable):
1.0.2

How reproducible:
Always

Regards,
Sascha

Comment 1 Pavel Šimerda (pavlix) 2015-08-28 13:49:41 UTC
(In reply to Sascha Zantis from comment #0)
> The NetworkManager version in Fedora is 1.0.2, so I would think that the
> patch would be integrated in Fedora an privacy extensions would be enabled
> by default, which would be a much better default behaviour in my opinion.

Many people in the past have expressed concerns regarding privacy extensions by default. I don't have the details right know and I'm not sure whether it was related to problems with privacy extensions themselves, or whether it was related to buggy Linux implementation of thereof or whatever reasons they had.

It should be possible to google for various resources regarding the defaults in common distributions.

Comment 2 Fedora Update System 2015-08-28 13:53:58 UTC
NetworkManager-1.0.6-2.fc22 NetworkManager-openswan-1.0.6-2.fc22 NetworkManager-openvpn-1.0.6-3.fc22 NetworkManager-vpnc-1.0.6-3.fc22 network-manager-applet-1.0.6-2.fc22 has been submitted as an update to Fedora 22. https://bodhi.fedoraproject.org/updates/FEDORA-2015-10143

Comment 3 Fedora Update System 2015-09-02 16:21:53 UTC
NetworkManager-1.0.6-2.fc22, NetworkManager-openswan-1.0.6-2.fc22, NetworkManager-openvpn-1.0.6-3.fc22, NetworkManager-vpnc-1.0.6-3.fc22, network-manager-applet-1.0.6-2.fc22 has been pushed to the Fedora 22 testing repository. If problems still persist, please make note of it in this bug report.\nIf you want to test the update, you can install it with \n su -c 'yum --enablerepo=updates-testing update network-manager-applet NetworkManager-openvpn NetworkManager-vpnc NetworkManager NetworkManager-openswan'. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2015-10143

Comment 4 Fedora Update System 2015-09-08 11:14:57 UTC
NetworkManager-1.0.6-3.fc22 NetworkManager-openswan-1.0.6-2.fc22 NetworkManager-openvpn-1.0.6-3.fc22 NetworkManager-vpnc-1.0.6-3.fc22 network-manager-applet-1.0.6-2.fc22 has been submitted as an update to Fedora 22. https://bodhi.fedoraproject.org/updates/FEDORA-2015-10143

Comment 5 Fedora Update System 2015-09-08 21:26:36 UTC
NetworkManager-1.0.6-4.fc22, NetworkManager-openswan-1.0.6-2.fc22, NetworkManager-openvpn-1.0.6-3.fc22, NetworkManager-vpnc-1.0.6-3.fc22, network-manager-applet-1.0.6-2.fc22 has been pushed to the Fedora 22 testing repository. If problems still persist, please make note of it in this bug report.\nIf you want to test the update, you can install it with \n su -c 'yum --enablerepo=updates-testing update network-manager-applet NetworkManager NetworkManager-openvpn NetworkManager-openswan NetworkManager-vpnc'. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2015-10143

Comment 6 Fedora Update System 2015-09-28 21:01:18 UTC
NetworkManager-1.0.6-6.fc22 NetworkManager-openswan-1.0.6-2.fc22 NetworkManager-openvpn-1.0.6-3.fc22 NetworkManager-vpnc-1.0.6-3.fc22 network-manager-applet-1.0.6-2.fc22 has been submitted as an update to Fedora 22. https://bodhi.fedoraproject.org/updates/FEDORA-2015-10143

Comment 7 Fedora Update System 2015-10-02 03:49:40 UTC
NetworkManager-1.0.6-6.fc22, NetworkManager-openswan-1.0.6-2.fc22, NetworkManager-openvpn-1.0.6-3.fc22, NetworkManager-vpnc-1.0.6-3.fc22, network-manager-applet-1.0.6-2.fc22 has been pushed to the Fedora 22 testing repository. If problems still persist, please make note of it in this bug report.
If you want to test the update, you can install it with
$ su -c 'dnf --enablerepo=updates-testing update NetworkManager-openswan network-manager-applet NetworkManager NetworkManager-openvpn NetworkManager-vpnc'
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2015-10143

Comment 8 Fedora Update System 2015-10-04 22:52:23 UTC
NetworkManager-1.0.6-6.fc22, NetworkManager-openswan-1.0.6-2.fc22, NetworkManager-openvpn-1.0.6-3.fc22, NetworkManager-vpnc-1.0.6-3.fc22, network-manager-applet-1.0.6-2.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.