Qubes/core-agent-linux
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
dd8de797e3
core-agent-linux/network
History
Marek Marczykowski-Górecki dd8de797e3
Move network uplink setup to a separate service 
Previously, network uplink (eth0) was configured in two places:
 - udev (asynchronously)
 - qubes-misc-post.service - at the very end of the boot process

This caused multiple issues:
1. Depending on udev event processing (non-deterministic), network
   uplink could be enabled too early, for example before setting up
   firewall.
2. Again depending on udev processing, it can be enabled quite late in
   the boot process, after network.target is up and services assume
   network already configured. This for example causes qubes-firewall to
   fail DNS queries.
3. If udev happen try to enable enable networking even earlier, it may
   happend before qubesdb-daemon is started, in which case network setup
   fill fail. For this case, there was network re-setup in
   qubes-misc-post service - much later in the boot.

Fix the above by placing network uplink setup in a dedicated
qubes-network-uplink@${INTERFACE}.service unit ordered after
network-pre.target and pulled in by udev based on vif device existence,
to handle also dynamic network attach/detach.
Then, create qubes-network-uplink.service unit waiting for appropriate
interface-specific unit (if one is expected!) and order it before
network.target.

QubesOS/qubes-issues#5576
2020-12-04 03:24:02 +01:00
..
30-qubes-external-ip network: fix issues found by shellcheck 2017-09-30 04:43:04 +02:00
80-qubes.conf Stop Debian templates from forwarding by default. 2018-02-06 23:10:28 +00:00
ip6tables Update rule priorities for anti-spoofing 2020-01-10 09:19:32 +01:00
ip6tables-enabled Allow DHCPv6 replies on uplink interface, if ipv6 is enabled 2020-12-03 20:52:51 +01:00
iptables firewall: drop INVALID state TCP packets 2020-01-24 19:01:00 +01:00
iptables-updates-proxy network: fix issues found by shellcheck 2017-09-30 04:43:04 +02:00
Makefile Split items in misc directory by topic 2020-02-04 23:59:09 +00:00
network-manager-prepare-conf-dir Refactor and handle new network qubesdb configuration 2019-06-18 18:49:42 +02:00
nm-30-qubes.conf Configure NetworkManager to keep /etc/resolv.conf as plain file 2016-09-15 01:26:35 +02:00
qubes-fix-nm-conf.sh Fix regex in qubes-fix-nm-conf.sh 2020-07-28 16:02:34 +02:00
qubes-iptables Fixes issue #3939 2018-05-31 14:02:15 -04:00
qubes-nmhook network: reload DNS only on "up" event from NetworkManager 2018-02-10 22:12:44 +01:00
qubes-setup-dnat-to-ns network: fix issues found by shellcheck 2017-09-30 04:43:04 +02:00
qvm-connect-tcp Split items in misc directory by topic 2020-02-04 23:59:09 +00:00
setup-ip Move network uplink setup to a separate service 2020-12-04 03:24:02 +01:00
show-hide-nm-applet.desktop Fix show-hide-nm-applet.desktop - use OnlyShowIn=X-QUBES 2015-09-03 00:43:54 +02:00
show-hide-nm-applet.sh network: fix issues found by shellcheck 2017-09-30 04:43:04 +02:00
tinyproxy-updates.conf tinyproxy: support rsync for Gentoo 2020-08-04 12:24:09 +02:00
tinyproxy-wrapper Split items in misc directory by topic 2020-02-04 23:59:09 +00:00
udev-qubes-network.rules Move network uplink setup to a separate service 2020-12-04 03:24:02 +01:00
update-proxy-configs archlinux: improve pacman proxy implementation 2020-10-29 00:11:06 -03:00
updates-blacklist (redo) updates-proxy: explicitly block connection looping back to the proxy IP 2017-09-15 05:00:05 +02:00
vif-qubes-nat.sh Use netvm_gw_ip instead of netvm_ip 2020-11-22 17:52:54 -05:00
vif-route-qubes NAT network namespaces need neighbor entries 2020-11-19 12:08:23 -05:00