/systemd

networkd fails to set transient hostname #4646

Closed
martinpitt opened this Issue Nov 10, 2016 · 4 comments

Comments

Assignees

@martinpitt martinpitt

Labels
has-pr hostname network
Projects
None yet
Milestone
No milestone
3 participants
@martinpitt @poettering @keszybz
@martinpitt
Contributor

martinpitt commented Nov 10, 2016

Submission type

  • Bug report
  • Request for enhancement (RFE)

systemd version the issue has been seen with

232

Used distribution

Debian

While investigating issue #4504 and what would break when networkd starts before D-Bus, I noticed that the only reason why networkd currently runs after dbus.service is setting a transient hostname received through DHCP. But this doesn't actually seem to work: When DHCP does send a hostname, networkd says

systemd-networkd[516]: ens3: Could not set hostname: Interactive authentication required.

Presumably because networkd drops its privileges to user systemd-network and the polkit policy of hostnamed only allows root to change the host name.

FTR, I reproduced this in QEMU with -net nic,model=virtio -net user,hostname=fizzy which will send a hostname along with DHCP.

Fixing this should go along with actually testing this in test/networkd-test.py, as this is quite a subtle problem that isn't obvious when reviewing PRs for privilege reduction.

@martinpitt martinpitt added hostname network labels Nov 10, 2016

@poettering
Owner

poettering commented Nov 11, 2016

i figure adding the "systemd-network" user to the default PK file should be relatively easy. At least for folks who grok PK policy well, which I don't ;-)

@martinpitt martinpitt referenced this issue Nov 18, 2016

Closed

allow networkd to start in early boot #4504

1 of 2 tasks complete
@martinpitt
Contributor

martinpitt commented Nov 18, 2016

Confirming that this works if you set <allow_any>yes</allow_any> for org.freedesktop.hostname1.set-hostname in /usr/share/polkit-1/actions/org.freedesktop.hostname1.policy (this is of course only for testing). *.policy files don't have a syntax for "also grant this policy to Unix users, that's where the pklocalauthority(8) files come in -- and unfortunately there's two formats around: the old ini-style declarative ones (Identity=systemd-network\nAction=org.freedesktop.hostname1.set-hostname\nResultAny=yes) and the "free-form JavaScript" ones from newer polkits. IMNSHO these have been a ridiculously bad idea for several reasons and Debian/Ubuntu never got those, but Fedora did. So we could auto-detect the available polkit version during package build, or ship both files and the distro picks, or we provide a ./configure switch for those.

@martinpitt martinpitt self-assigned this Nov 18, 2016

martinpitt added a commit to martinpitt/systemd that referenced this issue Nov 18, 2016

@martinpitt
hostnamed: allow networkd to set the transient hostname 
systemd-networkd runs as user "systemd-network" and thus is not privileged to
set the transient hostname:

  systemd-networkd[516]: ens3: Could not set hostname: Interactive authentication required.

Standard polkit *.policy files do not have a syntax for granting privileges to
a user, so ship a pklocalauthority (for polkit < 106) and a JavaScript rules
file (for polkit >= 106) that grants the "systemd-network" system user that
privilege.

Fixes #4646
a3ccebc
@martinpitt
Contributor

martinpitt commented Nov 18, 2016

martinpitt/systemd@a3ccebc fixes this with both the pkla-based and JS rules based polkit. I think we should just ship both, as (1) they don't really get into each other's way, (2) there is no sensible build-time detection for it, and (3) the user may upgrade polkit at runtime.

I will write a test case for this before I post a PR.
@keszybz
Owner

keszybz commented Nov 18, 2016

Agreed.

martinpitt added a commit to martinpitt/systemd that referenced this issue Nov 20, 2016

@martinpitt
hostnamed: allow networkd to set the transient hostname 
systemd-networkd runs as user "systemd-network" and thus is not privileged to
set the transient hostname:

  systemd-networkd[516]: ens3: Could not set hostname: Interactive authentication required.

Standard polkit *.policy files do not have a syntax for granting privileges to
a user, so ship a pklocalauthority (for polkit < 106) and a JavaScript rules
file (for polkit >= 106) that grants the "systemd-network" system user that
privilege.

Add DnsmasqClientTest.test_transient_hostname() test to networkd-test.py to
cover this. Make do_test() a bit more flexible by interpreting "coldplug==None"
as "test sets up the interface by itself". Change DnsmasqClientTest to set up
test_eth42 with a fixed MAC address so that we can configure dnsmasq to send a
special host name for that.

Fixes #4646
9083978

@martinpitt martinpitt referenced this issue Nov 20, 2016

Merged

hostnamed: allow networkd to set the transient hostname #4701

@martinpitt martinpitt added the has-pr label Nov 20, 2016

martinpitt added a commit to martinpitt/systemd that referenced this issue Nov 20, 2016

@martinpitt
hostnamed: allow networkd to set the transient hostname 
systemd-networkd runs as user "systemd-network" and thus is not privileged to
set the transient hostname:

  systemd-networkd[516]: ens3: Could not set hostname: Interactive authentication required.

Standard polkit *.policy files do not have a syntax for granting privileges to
a user, so ship a pklocalauthority (for polkit < 106) and a JavaScript rules
file (for polkit >= 106) that grants the "systemd-network" system user that
privilege.

Add DnsmasqClientTest.test_transient_hostname() test to networkd-test.py to
cover this. Make do_test() a bit more flexible by interpreting "coldplug==None"
as "test sets up the interface by itself". Change DnsmasqClientTest to set up
test_eth42 with a fixed MAC address so that we can configure dnsmasq to send a
special host name for that.

Fixes #4646
e8c0de9

@poettering poettering closed this in #4701 Nov 21, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment