Canonical Juju

Juju's netpan uses the depricated gateway4 and has wrong permissions

Bug #2022062 reported by Bas de Bruijne
12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Canonical Juju
Triaged
Undecided
Joseph Phillips

Bug Description

In testing netplan 0.106 we noticed that there are some warnings when applying the netplan on a juju machine:

===================
ubuntu@lab0-silo1-cpe-ac3d42e1-6c6f-4255-9d4d-b7064a3dd4cb:~$ juju --version
2.9.42-ubuntu-amd64
ubuntu@lab0-silo1-cpe-ac3d42e1-6c6f-4255-9d4d-b7064a3dd4cb:~$ juju ssh 5
Welcome to Ubuntu 22.04.2 LTS (GNU/Linux 5.15.0-73-generic x86_64)

 * Documentation: https://help.ubuntu.com
 * Management: https://landscape.canonical.com
 * Support: https://ubuntu.com/advantage

  System information as of Thu Jun 1 11:58:12 UTC 2023

  System load: 1.6142578125 Users logged in: 0
  Usage of /: 39.5% of 91.11GB IPv4 address for br-eth0: 10.244.40.108
  Memory usage: 11% IPv4 address for br-eth1-2678: 10.244.8.5
  Swap usage: 0% IPv4 address for br-eth1-2733: 192.168.33.35
  Temperature: 41.0 C IPv4 address for lxdbr0: 10.162.62.1
  Processes: 558 IPv4 address for virbr0: 192.168.122.1

 * Strictly confined Kubernetes makes edge and IoT secure. Learn how MicroK8s
   just raised the bar for easy, resilient and secure K8s cluster deployment.

   https://ubuntu.com/engage/secure-kubernetes-at-the-edge

Expanded Security Maintenance for Applications is not enabled.

0 updates can be applied immediately.

Enable ESM Apps to receive additional future security updates.
See https://ubuntu.com/esm or run: sudo pro status

Last login: Thu Jun 1 11:58:12 2023 from 10.245.212.182
ubuntu@elgyem:~$ dpkg -s netplan.io
Package: netplan.io
Status: install ok installed
Priority: important
Section: net
Installed-Size: 446
Maintainer: Ubuntu Developers <email address hidden>
Architecture: amd64
Multi-Arch: foreign
Version: 0.106-0ubuntu1~22.04.1~ppa1
Replaces: nplan (<< 0.34~)
Provides: nplan
Depends: libc6 (>= 2.34), libglib2.0-0 (>= 2.70.0), libnetplan0 (= 0.106-0ubuntu1~22.04.1~ppa1), libsystemd0 (>= 243), iproute2, python3, python3-dbus, python3-rich, python3-yaml, python3-netifaces, systemd (>= 248~)
Suggests: network-manager | wpasupplicant, openvswitch-switch, iw
Breaks: nplan (<< 0.34~)
Conflicts: netplan
Description: YAML network configuration abstraction for various backends
 netplan reads YAML network configuration files which are written
 by administrators, installers, cloud image instantiations, or other OS
 deployments. During early boot it then generates backend specific
 configuration files in /run to hand off control of devices to a particular
 networking daemon.
 .
 Currently supported backends are networkd and NetworkManager.
Homepage: https://netplan.io/
Original-Maintainer: Debian netplan Maintainers <email address hidden>
ubuntu@elgyem:~$ sudo netplan apply

** (generate:1362196): WARNING **: 11:58:32.080: Permissions for /etc/netplan/99-juju.yaml are too open. Netplan configuration should NOT be accessible by others.

** (generate:1362196): WARNING **: 11:58:32.080: `gateway4` has been deprecated, use default routes instead.
See the 'Default routes' section of the documentation for more details.

** (generate:1362196): WARNING **: 11:58:32.080: `gateway4` has been deprecated, use default routes instead.
See the 'Default routes' section of the documentation for more details.
Cannot call openvswitch: ovsdb-server.service is not running.

** (process:1362194): WARNING **: 11:58:32.702: Permissions for /etc/netplan/99-juju.yaml are too open. Netplan configuration should NOT be accessible by others.

** (process:1362194): WARNING **: 11:58:32.702: `gateway4` has been deprecated, use default routes instead.
See the 'Default routes' section of the documentation for more details.

** (process:1362194): WARNING **: 11:58:32.702: `gateway4` has been deprecated, use default routes instead.
See the 'Default routes' section of the documentation for more details.
['eth6', 'eth7', 'bond0', 'bond0.2735', 'bond0.2736']
Cannot find unique matching interface for eth6
['eth1', 'eth1.2678', 'eth1.2733']
Cannot find unique matching interface for eth1
[]
Cannot find unique matching interface for eth7

** (process:1362194): WARNING **: 11:58:34.035: Permissions for /etc/netplan/99-juju.yaml are too open. Netplan configuration should NOT be accessible by others.

** (process:1362194): WARNING **: 11:58:34.035: `gateway4` has been deprecated, use default routes instead.
See the 'Default routes' section of the documentation for more details.

** (process:1362194): WARNING **: 11:58:34.035: `gateway4` has been deprecated, use default routes instead.
See the 'Default routes' section of the documentation for more details.

** (process:1362194): WARNING **: 11:58:34.035: Permissions for /etc/netplan/99-juju.yaml are too open. Netplan configuration should NOT be accessible by others.

** (process:1362194): WARNING **: 11:58:34.035: `gateway4` has been deprecated, use default routes instead.
See the 'Default routes' section of the documentation for more details.

** (process:1362194): WARNING **: 11:58:34.036: `gateway4` has been deprecated, use default routes instead.
See the 'Default routes' section of the documentation for more details.
===================

The "unique gateway" and gateway4 deprecation warning where there in netplan 0.105 as well, the permissions warning is new in netplan 0.106

Juan M. Tirado (tiradojm)
Changed in juju:
assignee: nobody → Joseph Phillips (manadart)
status: New → Triaged
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.