Ubuntu
dracut package

Directly manipulating NetworkManager keyfiles

Bug #2019940 reported by Lukas Märdian on 2023-05-17

This bug affects 1 person

	Status	Importance	Assigned to	Milestone
augeas (Ubuntu)	New	Undecided	Unassigned
calamares (Ubuntu)	Fix Released	Medium	Simon Quigley	Ubuntu ubuntu-23.11
cloud-init (Ubuntu)	Invalid	Undecided	Unassigned
cruft (Ubuntu)	Won't Fix	Undecided	Unassigned
cruft-ng (Ubuntu)	Fix Released	Undecided	Unassigned
dracut (Ubuntu)	New	Undecided	Unassigned
forensic-artifacts (Ubuntu)	New	Undecided	Unassigned
guestfs-tools (Ubuntu)	New	Undecided	Unassigned
guix (Ubuntu)	New	Undecided	Unassigned
ltsp (Ubuntu)	Invalid	Undecided	Unassigned
netcfg (Ubuntu)	Won't Fix	Undecided	Unassigned
netplan.io (Ubuntu)	Invalid	Undecided	Unassigned
network-manager (Ubuntu)	New	Undecided	Unassigned
refpolicy (Ubuntu)	New	Undecided	Unassigned
sosreport (Ubuntu)	Invalid	Undecided	Unassigned
ubiquity (Ubuntu)	New	Undecided	Unassigned
uhd (Ubuntu)	New	Undecided	Unassigned
vagrant (Ubuntu)	New	Undecided	Unassigned

Bug Description

The affected packages can manipulate NetworkManager keyfiles directly on disk, which might not be appropriate anymore on Ubuntu, since the Netplan integration was enabled in NetworkManager (starting with Mantic), migrating any keyfile configuration from /etc/NetworkManager/system-connections/*[.nmconnection] to /etc/netplan/90-NM-*.yaml

See Netplan's documentation for how connections are handled:
https://netplan.readthedocs.io/en/latest/netplan-everywhere/

PS: Packages were queried using:
https://codesearch.debian.net/search?q=%2Fsystem-connections&literal=1&perpkg=1

Tags:

Revision history for this message

Lukas Märdian (slyon) wrote on 2023-05-17:

Netplan deals with keyfiles in /run/NetworkManager/system-connections not /etc/...

Changed in netplan.io (Ubuntu):
status:	New → Won't Fix
tags:	added: rls-mm-incoming

Revision history for this message

Lukas Märdian (slyon) wrote on 2023-05-17:

netcfg is not part of Ubuntu anymore (got dropped post Focal)

Changed in netcfg (Ubuntu):
status:	New → Won't Fix

Alkis Georgopoulos (alkisg) on 2023-05-17

Changed in ltsp (Ubuntu):
status:	New → Invalid

Revision history for this message

Lukas Märdian (slyon) wrote on 2023-05-17:

We should run the same query on the Ubuntu archive, too. The security team (sespiros / sarnold) might be able to help with this in the future.

Revision history for this message

Seth Arnold (seth-arnold) wrote on 2023-05-17:

system-connections-17-10:41:24 Edit (820.3 KiB, text/plain)

jammy, lunary, and mantic:

for distro in jammy lunar mantic ; do for component in main universe multiverse restricted ; do for-archive /srv/mirror/ubuntu/dists/$distro/$component/source/Sources.gz /srv/mirror/ubuntu/ ~/bin/for-archive-tools/unpack-search '/system-connections' ; done ; done | tee ~/system-connections-$(date +%d-%H:%M:%S)

Revision history for this message

James Falcon (falcojr) wrote on 2023-05-18:

Invalid for cloud-init because the affected code is for rendering NetworkManager config on (non-Ubuntu) systems that are not using netplan.

Changed in cloud-init (Ubuntu):
status:	New → Invalid

Lukas Märdian (slyon) on 2023-05-22

Changed in netplan.io (Ubuntu):
status:	Won't Fix → Invalid

Revision history for this message

Lukas Märdian (slyon) wrote on 2023-05-22:

cruft is not part of Ubuntu anymore (got dropped post Kinetic)

Changed in cruft (Ubuntu):
status:	New → Won't Fix

Revision history for this message

Lukas Märdian (slyon) wrote on 2023-05-22:

Thank you @seth-arnold! I've updated the affected packages of this bug and (bug #2019939) accordingly.

Revision history for this message

Arif Ali (arif-ali) wrote on 2023-05-23:

Invalid for sosreport

We collect NetworkManager and netplan data depending what is available

Changed in sosreport (Ubuntu):
status:	New → Invalid

Dave Jones (waveform) on 2023-05-25

tags:

added: foundations-todo
removed: rls-mm-incoming

Revision history for this message

Brian Murray (brian-murray) wrote on 2023-05-25:

Have any snaps been looked at e.g. subiquity or ubuntu-desktop-installer?

Revision history for this message

Alexandre Detiste (alexandre-detiste) wrote on 2023-05-26:

#10

Please provide output of "cruft-ng" on an updated system. I'm not running Ubuntu.

Revision history for this message

Launchpad Janitor (janitor) wrote on 2023-06-13:

#11

This bug was fixed in the package cruft-ng - 0.9.55

---------------
cruft-ng (0.9.55) unstable; urgency=low

  [ Christian Göttsche ]
  * Misc tweaks to rules: chkrootkit, geoipupdate,
    selinux (Closes: #1033804)

[ NicolasJamar ]
* refresh misc filters for Debian, Ubuntu & Pop_OS

  [ Alexandre Detiste ]
  * move the bulk of Ubuntu rules out of the way,
    only handle /etc/NetworkManager/system-connections/*
    on Debian (LP: #2019940)
  * add a generic explain script for runit-helper

-- Alexandre Detiste <email address hidden> Sun, 11 Jun 2023 17:18:27 +0200

Changed in cruft-ng (Ubuntu):
status:	New → Fix Released

Revision history for this message

Simon Quigley (tsimonq2) wrote on 2023-12-24:

#12

I patched this upstream in Calamares a month or two ago, and it made it into the 3.3.0 tag, which Lubuntu now has.

Calamares will support both, it just now *also* supports Netplan. (If the NM config doesn't exist, no harm no foul no error.)

Changed in calamares (Ubuntu):
assignee:	nobody → Simon Quigley (tsimonq2)
importance:	Undecided → Medium
milestone:	none → ubuntu-23.11
status:	New → Fix Released