Privacy Extensions are set by default on Ubuntu 13.04, but no temporary address will be generated

Bug #1174418 reported by Andreas Brück on 2013-04-29
280
This bug affects 6 people
Affects Status Importance Assigned to Milestone
netbase (Ubuntu)
High
Unassigned

Bug Description

Description: Ubuntu 13.04
Release: 13.04

Privacy Extensions are set by default on Ubuntu 13.04, but no temporary address will be generated.

In sysctl (by default):

net.ipv6.conf.all.use_tempaddr = 2

--> that means: create and prefer privacy addresses and use them over the normal addresses.

If i added the same line "net.ipv6.conf.all.use_tempaddr = 2" to the file /etc/sysctl.conf, everythings works fine after a restart. The problem is, that the parameter "2" is set by default (results shown by: "sysctl -a"), but don't work. In Ubuntu 12.04/12.10 this problem don't appears.

Thanks for reading this. I love Ubuntu :)!

Thank you for taking the time to report this bug and helping to make Ubuntu better. It seems that your bug report is not filed about a specific source package though, rather it is just filed against Ubuntu in general. It is important that bug reports be filed about source packages so that people interested in the package can find the bugs about it. You can find some hints about determining what package your bug might be about at https://wiki.ubuntu.com/Bugs/FindRightPackage. You might also ask for help in the #ubuntu-bugs irc channel on Freenode.

To change the source package that this bug is filed about visit https://bugs.launchpad.net/ubuntu/+bug/1174418/+editstatus and add the package name in the text box next to the word Package.

[This is an automated message. I apologize if it reached you inappropriately; please just reply to this message indicating so.]

tags: added: bot-comment
affects: ubuntu → procps (Ubuntu)
Graeme Hewson (ghewson) wrote :

I confirm this. IPv6 privacy extensions were enabled by default in 12.04 (actually, I don't see this in the release notes, or in any other official documentation, but Internet search engines show "everyone" says so), and they were working in 12.10.

Testing with a fresh install of Kubuntu 13.04, my eth0 interface doesn't have a randomised address, only a link-local address, a global MAC-based address and a DHCP-allocated IPv4 address.

/etc/sysctl.conf and /etc/sysctl.d/10-ipv6-privacy.conf in 13.04 have been unchanged since 12.04.

Putting
net.ipv6.conf.eth0.use_tempaddr = 2
into 60-ipv6-privacy.conf or directly into /etc/sysctl.conf makes no difference, and even after a reboot /proc/sys/net/ipv6/conf/eth0/use_tempaddr is 0.

Graeme Hewson (ghewson) wrote :

On another box, not the one mentioned above with the fresh install, I'm not using Network Manager, but configuration under /etc/network.

I didn't have an iface inet6 stanza in /etc/network/interfaces when running with Kubuntu 12.10, but global temporary addresses were created; after upgrading to 13.04 they were not. Now, after adding:

iface eth0 inet6 auto
privext 2

to the config file, again a randomised, temporary address is created (and I assume after 24 hours another will be created, as before).

Graeme Hewson (ghewson) wrote :

Sorry, my intention was to add netbase in addition to procps. Nevertheless, I think netbase might be more relevant.

affects: procps (Ubuntu) → netbase (Ubuntu)
Stéphane Graber (stgraber) wrote :

I'm unable to reproduce this behaviour, all my 13.04 machine properly get both a dynamic IPv6 address and the EUI64 address.

Are those installs desktop or server installs?

I installed Ubuntu-Desktop 13.04 (64-Bit) twice on two different computers. Furthermore i did an upgrade from Ubuntu-Desktop (64-Bit) 12.10 to 13.04. Every time the same behaviour as outlined above.

Stéphane Graber (stgraber) wrote :

Good, so we know it's a desktop image.

Now, how's your IPv6 setup?

The various options being:
 - DHCPv6 stateless
 - DHCPv6 stateful
 - SLAAC
 - Static addresses

The privacy extensions only work when the kernel is provided a 64-bit prefix and the main address is dynamic, so if you're doing stateful DHCPv6 or static address assignment, you won't be getting a privacy-extension address.

Can you also make sure to attach the following:
 - /var/log/systelog
 - output of "dmesg"
 - output of "ip -6 addr show"
 - output of "ip -6 route show"
 - output of "nm-tool"

Thanks

Graeme Hewson (ghewson) wrote :

I'm using SLAAC. I've done a fresh install of Kubuntu 13.04, with current updates. I didn't change any configuration, and Network Manager shows for IPv6 Method: Disabled, Privacy Extensions: Disabled. I'm attaching the requested information (munged).

Graeme Hewson (ghewson) wrote :
  • ip Edit (676 bytes, text/plain)
Graeme Hewson (ghewson) wrote :
Graeme Hewson (ghewson) wrote :
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in netbase (Ubuntu):
status: New → Confirmed
ColinWeaver (colin-8) wrote :

I experienced this too with fresh install of 13.04. The node is connected to a LAN with a router sending RA's with a global prefix. Even after updates the node did not generate a privacy address. /etc/sysctl.d/10-ipv6-privacy.conf shows both 'all' and 'default' to have a use_tempaddr setting of 2. When I cat /proc/sys/net/ipv6/conf/all/use_tempaddr and /proc/sys/net/ipv6/default/use_tempaddr the value is 2. However, the value of /proc/sys/net/ipv6/conf/eth1/use_tempaddr is 0.

After a fresh install the directory /etc/NetworkManager/system-connection is empty. If I open the graphical network manager tool a file called Wired Connection 1 is immediately created in that directory. And magically the value of /proc/sys/net/ipv6/conf/eth1/use_tempaddr turns to 2 and a temporary address is generated.

ColinWeaver (colin-8) wrote :

Note: From my comment above, you have have to click Save in the network manager tool for the file to be created in /etc/NetworkManager/system-connections.

A fresh install of Ubuntu 12.04 (LTS) does not have anything in this directory by default but it does create privacy addresses automatically.

Graeme Hewson (ghewson) wrote :

Bug is still present in Ubuntu and Kubuntu Trusty Tahr Alpha 1

tags: added: kubuntu trusty
description: updated
summary: Privacy Extensions are set by default on Ubuntu 13.04, but no temporary
- address will be generate
+ address will be generated
Changed in netbase (Ubuntu):
importance: Undecided → High
information type: Public → Public Security
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers

Bug attachments