ip route parsing fails with multipath routing
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
oidentd (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
The systemd unit provided in the Ubuntu package attempts to parse the output of `ip route show to exact 0/0` in order to automatically populate with the `-P` flags for each next hop. Unfortunately this parsing is not robust and breaks on a host with multipath routing.
This is the current value of ExecStart from the systemd unit:
ExecStart=/bin/sh -c "exec /usr/sbin/oidentd -S ${OIDENT_OPTIONS} -u \"${OIDENT_USER}\" -g \"${OIDENT_GROUP}\" \
`[ \"${OIDENT_
This is what output of `ip route ...` on a host with multipath routing (in this case with BGP unnumbered next hops) looks like for reference:
$ ip route show to exact 0/0
default proto bgp metric 20
nexthop via 169.254.0.1 dev ens2f1np1 weight 1 onlink
nexthop via 169.254.0.1 dev eno34np1 weight 1 onlink
nexthop via 169.254.0.1 dev ens2f0np0 weight 1 onlink
nexthop via 169.254.0.1 dev eno33np0 weight 1 onlink
Currently, `-P bgp -P 169.254.0.1 -P 169.254.0.1 -P 169.254.0.1 -P 169.254.0.1` is added to the command however this results in the following error:
Fatal: Unknown host: "bgp"
To fix the parsing of this output so that it works regardless of whether there is one or more than one next hop (and provide all next hops as arguments), the ExecStart can be changed to the following which matches just the lines in the output which have "via" as the second field in the output:
ExecStart=/bin/sh -c "exec /usr/sbin/oidentd -S ${OIDENT_OPTIONS} -u \"${OIDENT_USER}\" -g \"${OIDENT_GROUP}\" \
`[ \"${OIDENT_
It may be additionally desirable to pipe that output into `sort -u`.
A simple workaround for other users running into this issue is to disable (set to "no") the OIDENT_BEHIND_PROXY variable in /etc/default/
Since the default for the package is for this to be enabled, if the host is using multipath when the package is installed, starting the service fails causing the package install/update to fail so I think it would be ideal to make the parsing more robust (as suggested).
Environment:
- Ubuntu Focal 20.04
- Version: 2.4.0