Red Hat Bugzilla – Bug 1277247
NM crashing when upping libreswan connection as secondary
Last modified: 2016-11-03 15:19:50 EDT
Description of problem: I have a connection to racoon server and libreswan as a secondary on that to racoon server connection. I see crash randomly. backtrace attached. Version-Release number of selected component (if applicable): NetworkManager-1.0.6-27.el7.x86_64 NetworkManager-libreswan-1.0.6-3.el7.x86_64 libreswan-3.12-10.1.el7_1.x86_64 rac1 connection: connection.id: rac1 connection.uuid: dc329547-e765-40c3-8b0b-d208559f5aae connection.interface-name: racoon1 connection.type: 802-3-ethernet connection.autoconnect: no connection.autoconnect-priority: 0 connection.timestamp: 1446492505 connection.read-only: no connection.permissions: connection.zone: -- connection.master: -- connection.slave-type: -- connection.autoconnect-slaves: -1 (default) connection.secondaries: 8ba20250-3291-462a-9872-8179edbbe0c1 connection.gateway-ping-timeout: 0 connection.metered: unknown 802-3-ethernet.port: -- 802-3-ethernet.speed: 0 802-3-ethernet.duplex: -- 802-3-ethernet.auto-negotiate: yes 802-3-ethernet.mac-address: -- 802-3-ethernet.cloned-mac-address: -- 802-3-ethernet.mac-address-blacklist: 802-3-ethernet.mtu: auto 802-3-ethernet.s390-subchannels: 802-3-ethernet.s390-nettype: -- 802-3-ethernet.s390-options: 802-3-ethernet.wake-on-lan: 1 (default) 802-3-ethernet.wake-on-lan-password: -- ipv4.method: auto ipv4.dns: ipv4.dns-search: ipv4.addresses: ipv4.gateway: -- ipv4.routes: ipv4.route-metric: 90 ipv4.ignore-auto-routes: no ipv4.ignore-auto-dns: no ipv4.dhcp-client-id: -- ipv4.dhcp-send-hostname: yes ipv4.dhcp-hostname: -- ipv4.never-default: no ipv4.may-fail: yes ipv6.method: ignore ipv6.dns: ipv6.dns-search: ipv6.addresses: ipv6.gateway: -- ipv6.routes: ipv6.route-metric: -1 ipv6.ignore-auto-routes: no ipv6.ignore-auto-dns: no ipv6.never-default: no ipv6.may-fail: yes ipv6.ip6-privacy: -1 (unknown) ipv6.dhcp-send-hostname: yes ipv6.dhcp-hostname: -- libreswan connection: connection.id: libreswan connection.uuid: 8ba20250-3291-462a-9872-8179edbbe0c1 connection.interface-name: -- connection.type: vpn connection.autoconnect: yes connection.autoconnect-priority: 0 connection.timestamp: 0 connection.read-only: no connection.permissions: connection.zone: -- connection.master: -- connection.slave-type: -- connection.autoconnect-slaves: -1 (default) connection.secondaries: connection.gateway-ping-timeout: 0 connection.metered: unknown ipv4.method: auto ipv4.dns: ipv4.dns-search: ipv4.addresses: ipv4.gateway: -- ipv4.routes: ipv4.route-metric: -1 ipv4.ignore-auto-routes: no ipv4.ignore-auto-dns: no ipv4.dhcp-client-id: -- ipv4.dhcp-send-hostname: yes ipv4.dhcp-hostname: -- ipv4.never-default: no ipv4.may-fail: yes ipv6.method: auto ipv6.dns: ipv6.dns-search: ipv6.addresses: ipv6.gateway: -- ipv6.routes: ipv6.route-metric: -1 ipv6.ignore-auto-routes: no ipv6.ignore-auto-dns: no ipv6.never-default: no ipv6.may-fail: yes ipv6.ip6-privacy: -1 (unknown) ipv6.dhcp-send-hostname: yes ipv6.dhcp-hostname: -- vpn.service-type: org.freedesktop.NetworkManager.libreswan vpn.user-name: -- vpn.data: right = 172.31.70.1, xauthpasswordinputmodes = save, xauthpassword-flags = 0, leftxauthusername = budulinek, pskinputmodes = save, vendor = Cisco, pskvalue-flags = 0, leftid = yolo vpn.secrets: <hidden> vpn.persistent: no scenario: * Add a connection named "libreswan" for device "\*" to "libreswan" VPN * Use user "budulinek" with password "passwd" and group "yolo" with secret "ipsecret" for gateway "172.31.70.1" on Libreswan connection "libreswan" * Execute "nmcli con modify rac1 connection.secondaries libreswan" * Bring "up" connection "rac1" Then "libreswan" is visible with command "nmcli con show -a" in "60" seconds Then "rac1" is visible with command "nmcli con show -a" in "60" seconds Then "172.31.80.0/24 dev racoon1" is visible with command "ip route" Then "VPN.VPN-STATE:.*VPN connected" is visible with command "nmcli c show libreswan" Then "VPN.BANNER:.*BUG_REPORT_URL" is visible with command "nmcli c show libreswan" Then "IP4.ADDRESS.*172.31.60.2/32" is visible with command "nmcli c show libreswan" Then "IP4.ADDRESS.*172.31.60.2/32" is visible with command "nmcli d show racoon1" Then "IP4.ADDRESS.*172.31.70.*/24" is visible with command "nmcli d show racoon1" Then "IP4.GATEWAY:.*172.31.70.1" is visible with command "nmcli d show racoon1"
Created attachment 1088709 [details] backtrace
We know that there might be a problem in this area, because of bug 1175446. Unfortunately, we have not been able to reproduce it. I'll try your test. And if you could identify how/when this happens it would help.
For the record, these are the fixes: master: b9da3d9 policy: fix looping through list while removing elements (rh #1175446) nm-1-0: 112f3f8 policy: fix looping through list while removing elements (rh #1175446)
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHSA-2016-2581.html