Ok, closing as Fix Released then if it's fixed.
** Changed in: procps (Ubuntu)
Status: New => Invalid
** Changed in: network-manager (Ubuntu)
Status: New => Fix Released
** Changed in: ifupdown (Ubuntu)
Status: New => Invalid
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/1497166
Title:
procps' 10-ipv6-privacy.conf stomps on the ifup/NetworkManager
"privext"/"ipv6.ip6-privacy" settings
Status in ifupdown package in Ubuntu:
Invalid
Status in network-manager package in Ubuntu:
Fix Released
Status in procps package in Ubuntu:
Invalid
Bug description:
I have configured the following in /etc/network/interfaces:
auto eth0
iface eth0 inet6 auto
privext 0
According to interfaces(5), this should disable IPv6 Privacy
Extensions. However, after booting the machine,
/proc/sys/net/ipv6/conf/eth0/use_tempaddr contains the value "2" -
which means that Privacy Extensions are enabled. However running
"ifdown eth0; ifup eth0" does fix the problem, so it is clear that
ifup(8) does correctly set the use_tempaddr sysctl when bringing up
the interface.
What's going on is that sometime later in the bootup process, the
procps package overrides the user-configured value and sets it
unconditionally to "2" for every interface on the system. This happens
because the file /etc/sysctl.d/10-ipv6-privacy.conf contains
"net.ipv6.conf.all.use_tempaddr = 2". It should not, or this bug
should be reassigned to the ifupdown package requesting for the
removal of the defunct "privext" setting.
On a related node, enabling IPv6 Privacy Extensions by default is
counter to RFC 4941's recommendations. Quoting from section 3.6
Deployment Considerations:
The use of temporary addresses may cause unexpected difficulties with
some applications. As described below, some servers refuse to accept
communications from clients for which they cannot map the IP address
into a DNS name. In addition, some applications may not behave
robustly if temporary addresses are used and an address expires
before the application has terminated, or if it opens multiple
sessions, but expects them to all use the same addresses.
Consequently, the use of temporary addresses SHOULD be disabled by
default in order to minimize potential disruptions. Individual
applications, which have specific knowledge about the normal duration
of connections, MAY override this as appropriate.
As such, the most appropriate course of action is probably to stop
shipping the 10-ipv6-privacy.conf file by default.
The described behaviour is observed on Trusty LTS.
Tore
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ifupdown/+bug/1497166/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
