2019-07-17 13:57:48 |
Christian Brauner |
bug |
|
|
added bug |
2019-07-17 13:58:19 |
Christian Brauner |
linux (Ubuntu): status |
New |
Confirmed |
|
2019-07-17 13:58:29 |
Christian Brauner |
bug |
|
|
added subscriber Ubuntu Containers Team |
2019-07-17 13:58:39 |
Christian Brauner |
bug |
|
|
added subscriber Seth Forshee |
2019-07-17 16:31:37 |
Christian Brauner |
description |
Tools such as vpnc try to flush routes when run inside network
namespaces by writing 1 into /proc/sys/net/ipv4/route/flush. This
currently does not work because flush is not enabled in non-initial
network namespaces.
Since routes are per network namespace it is safe to enable
/proc/sys/net/ipv4/route/flush in there.
This has been reported against LXD a few times before
Link: https://github.com/lxc/lxd/issues/4257
Please backport this to our LTS kernels. :) |
SRU Justification
Impact: Tools such as vpnc try to flush routes when run inside network namespaces by writing 1 into /proc/sys/net/ipv4/route/flush. This
currently does not work because flush is not enabled in non-initial network namespaces. Users have complained about this at various times (cf. Link: https://github.com/lxc/lxd/issues/4257).
Fix: Enable /proc/sys/net/ipv4/route/flush inside non-initial network namespaces.
Regression Potential: None, since this didn't use to work before. Since routes are per network namespace it is safe to enable /proc/sys/net/ipv4/route/flush in there.
Test Case: Tested with LXD on a kernel with the patch applied and by running vpnc successfully.
Target Kernels: All LTS kernels starting from 4.15. Kernel 5.3 has the patchset upstream.
Patches:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5cdda5f1d6adde02da591ca2196f20289977dc56 |
|
2019-07-20 00:00:42 |
Terry Rudd |
bug |
|
|
added subscriber Terry Rudd |
2019-09-25 08:44:32 |
Stefan Bader |
nominated for series |
|
Ubuntu Disco |
|
2019-09-25 08:44:32 |
Stefan Bader |
bug task added |
|
linux (Ubuntu Disco) |
|
2019-09-25 08:44:46 |
Stefan Bader |
linux (Ubuntu Disco): importance |
Undecided |
Medium |
|
2019-09-25 08:44:59 |
Stefan Bader |
linux (Ubuntu Disco): status |
New |
Triaged |
|
2019-09-27 08:32:09 |
Kleber Sacilotto de Souza |
linux (Ubuntu): status |
Confirmed |
Fix Released |
|
2019-09-27 08:35:27 |
Kleber Sacilotto de Souza |
linux (Ubuntu Disco): status |
Triaged |
Fix Committed |
|
2019-10-04 15:57:18 |
Ubuntu Kernel Bot |
tags |
|
verification-needed-disco |
|
2019-10-05 10:57:45 |
Christian Brauner |
tags |
verification-needed-disco |
verification-done-disco |
|
2019-10-05 10:57:53 |
Christian Brauner |
linux (Ubuntu): assignee |
|
Christian Brauner (cbrauner) |
|
2019-10-05 10:57:58 |
Christian Brauner |
linux (Ubuntu Disco): assignee |
|
Christian Brauner (cbrauner) |
|
2019-10-16 06:45:16 |
Launchpad Janitor |
linux (Ubuntu Disco): status |
Fix Committed |
Fix Released |
|
2019-10-16 06:45:16 |
Launchpad Janitor |
cve linked |
|
2019-14814 |
|
2019-10-16 06:45:16 |
Launchpad Janitor |
cve linked |
|
2019-14815 |
|
2019-10-16 06:45:16 |
Launchpad Janitor |
cve linked |
|
2019-14816 |
|
2019-10-16 06:45:16 |
Launchpad Janitor |
cve linked |
|
2019-14821 |
|
2019-10-16 06:45:16 |
Launchpad Janitor |
cve linked |
|
2019-15505 |
|
2019-10-16 06:45:16 |
Launchpad Janitor |
cve linked |
|
2019-16714 |
|
2019-10-16 06:45:16 |
Launchpad Janitor |
cve linked |
|
2019-2181 |
|