networkd: surprising behaviour of .network files with only commented content

[puleglot]

If network config contains only empty and/or commented out lines, then networkd begins to manage all interfaces:

$ sudo networkctl --all
IDX LINK             TYPE               OPERATIONAL SETUP     
  1 lo               loopback           carrier     unmanaged 
  2 tunl0            tunnel             off         unmanaged 
  3 sit0             sit                off         unmanaged 
  4 ip6tnl0          tunnel6            off         unmanaged 
  5 wlp12s0          wlan               routable    unmanaged 
  6 enp9s0           ether              no-carrier  unmanaged 

6 links listed.
$ sudo touch /etc/systemd/network/foo.network
$ sudo systemctl restart systemd-networkd.service
$ sudo networkctl --all
IDX LINK             TYPE               OPERATIONAL SETUP     
  1 lo               loopback           carrier     unmanaged 
  2 tunl0            tunnel             off         unmanaged 
  3 sit0             sit                off         unmanaged 
  4 ip6tnl0          tunnel6            off         unmanaged 
  5 wlp12s0          wlan               routable    unmanaged 
  6 enp9s0           ether              no-carrier  unmanaged 

6 links listed.
$ echo | sudo tee /etc/systemd/network/foo.network 

$ sudo systemctl restart systemd-networkd.service
$ sudo networkctl --all
IDX LINK             TYPE               OPERATIONAL SETUP     
  1 lo               loopback           carrier     configured
  2 tunl0            tunnel             carrier     configured
  3 sit0             sit                routable    configured
  4 ip6tnl0          tunnel6            degraded    configured
  5 wlp12s0          wlan               routable    configured
  6 enp9s0           ether              no-carrier  configured

6 links listed.

Real world example of problematic network config:

$ cat /etc/systemd/network/enp3s0.network 
#[Match]
#Name=enp3s0

#[Network]
#Address=192.168.1.5/24
#Gateway=192.168.1.1
#DNS=192.168.1.1

[poettering]

Well. That's really expected behaviour. An empty .network file means a file with an empty match section and default settings for everything. An empty match section means it applies to every interface. hence you get the behaviour you are seeing.

It probably would make sense to document this as a caveat though, since it is indeed surprising at first.

[puleglot]

Yes, I understand this. But an empty (zero sized) .network file actually gets skipped by network_load_one(). TBH, this behaviour is not consistent. :)

[keszybz]

@puleglot empty network files are a special case of a general rule in systemd: empty files and symlinks to /dev/null are used to "mask" a file. This is (partially) documented in network.network(5).

OTOH, I understand how the case of fully commented-out files can be confusing. It would be nice to at least emit a warning in this case.

(If I have a file with [Match] Name=a* Name=b_, I'll match two interfaces. If I have a file with [Match] Name=a_, I'll match one interface. But then if I have a file with [Match], all interfaces will be matched.)

[puleglot]

Refusing .network files with an empty [Match] section is a good idea IMHO. It really should be a required section.

[poettering]

I would warn, but not refuse I must say.