netcfg defaults hostname to DHCPv6-provided NTP server address

Bug #1614514 reported by Malcolm Scott on 2016-08-18
12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
netcfg (Debian)
Fix Released
Unknown
netcfg (Ubuntu)
Medium
Mathieu Trudel-Lapierre
Xenial
Undecided
Unassigned
Yakkety
Undecided
Unassigned
Zesty
Undecided
Unassigned

Bug Description

[Impact]
IPv6 autoconfiguration installs badly records NTP server name.

[Test case]
Install Ubuntu (using d-i), in an IPv6 network. The DHCP server should provide NTP servers, but no hostname.

Verify that the default offered for the hostname during install is a correct value, and is not the hostname of the NTP server provided from DHCP.

[Regression Potential]
If any existing location depends on this bad behavior, it would obviously regress. Also to consider are cases where there might be an incorrect recording of the NTP servers or DNS nameservers, DNS search list given the changed code path in this section of the netcfg code.

Any incorrect parsing of a DHCPv6 response while autoconfiguring a system during installation would be a possible regression for this SRU.

---

When prompted for a hostname during installation, on my network the default offered is always our second NTP server's IPv6 address, which it received via stateless DHCPv6. netcfg seems to be using the wrong field as a hostname, in the absence of an explicit DHCP-provided hostname.

Installation log excerpt:

Aug 18 12:21:26 netcfg[13450]: DEBUG: IPv6 stateless autoconfig requested
Aug 18 12:21:26 netcfg[13450]: DEBUG: nc_v6_interface_configured(eth0, scope global)
Aug 18 12:21:26 netcfg[13450]: DEBUG: Running ip addr show eth0 to look for address
Aug 18 12:21:26 netcfg[13450]: DEBUG: ip line: 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq qlen 1000
Aug 18 12:21:26 netcfg[13450]: DEBUG: ip line: link/ether fa:ee:bd:a7:4c:0f brd ff:ff:ff:ff:ff:ff
Aug 18 12:21:26 netcfg[13450]: DEBUG: ip line: inet6 2001:630:212:252:f8ee:bdff:fea7:4c0f/64 scope global dynamic
Aug 18 12:21:26 netcfg[13450]: DEBUG: Configured address found
Aug 18 12:21:26 netcfg[13450]: DEBUG: ip line: valid_lft 2592000sec preferred_lft 604800sec
Aug 18 12:21:26 netcfg[13450]: DEBUG: ip line: inet6 fe80::f8ee:bdff:fea7:4c0f/64 scope link
Aug 18 12:21:26 netcfg[13450]: DEBUG: ip line: valid_lft forever preferred_lft forever
Aug 18 12:21:26 netcfg[13450]: DEBUG: Stateless DHCPv6 requested
Aug 18 12:21:26 netcfg[13450]: WARNING **: Started DHCPv6 client; PID is 13497
Aug 18 12:21:26 dhclient[13497]: Created duid \000\003\000\001\372\356\275\247L\017.
Aug 18 12:21:27 dhclient[13497]: XMT: Info-Request on eth0, interval 1080ms.
Aug 18 12:21:27 dhclient[13497]: RCV: Reply message on eth0 from fe80::8a5a:92ff:fecd:8da7.
Aug 18 12:21:28 netcfg[13450]: DEBUG: DHCPv6 line: nameserver[0] 2001:630:212:200::d:0
Aug 18 12:21:28 netcfg[13450]: DEBUG: DHCPv6 line: nameserver[1] 2001:630:212:200::d:1
Aug 18 12:21:28 netcfg[13450]: DEBUG: DHCPv6 line: nameserver[2] 2001:630:212:200::d:2
Aug 18 12:21:28 netcfg[13450]: DEBUG: DHCPv6 line: Domain search list[0] cl.cam.ac.uk.
Aug 18 12:21:28 netcfg[13450]: DEBUG: DHCPv6 line: NTP server[0] 2001:630:212:200::123:1a
Aug 18 12:21:28 netcfg[13450]: DEBUG: DHCPv6 line: NTP server[1] 2001:630:212:200::123:1b
Aug 18 12:21:28 netcfg[13450]: DEBUG: DHCPv6 line: NTP server[2] 2001:630:212:200::123:1c
Aug 18 12:21:28 netcfg[13450]: DEBUG: DHCPv6 line: end
Aug 18 12:21:28 netcfg[13450]: DEBUG: Trying IPv4 autoconfig as well
Aug 18 12:21:28 netcfg[13450]: WARNING **: Started DHCP client; PID is 13502
Aug 18 12:21:29 dhclient[13502]: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 1 (xid=0xce07ab1b)
Aug 18 12:21:30 dhclient[13502]: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 1 (xid=0xce07ab1b)
Aug 18 12:21:30 dhclient[13502]: DHCPREQUEST of 128.232.81.81 on eth0 to 255.255.255.255 port 67 (xid=0x1bab07ce)
Aug 18 12:21:30 dhclient[13502]: DHCPOFFER of 128.232.81.81 from 128.232.80.7
Aug 18 12:21:30 dhclient[13502]: DHCPACK of 128.232.81.81 from 128.232.80.7
Aug 18 12:21:30 dhclient[13502]: bound to 128.232.81.81 -- renewal in 1780 seconds.
Aug 18 12:21:32 netcfg[13450]: DEBUG: Reading NTP servers from DHCP info
Aug 18 12:21:32 netcfg[13450]: DEBUG: Read NTP server 128.232.0.9
Aug 18 12:21:32 netcfg[13450]: DEBUG: Read NTP server 128.232.0.8
Aug 18 12:21:32 netcfg[13450]: DEBUG: Read NTP server 128.232.0.7
Aug 18 12:21:32 netcfg[13450]: DEBUG: Read NTP server 128.232.96.152
Aug 18 12:21:32 netcfg[13450]: DEBUG: Reading nameservers from /etc/resolv.conf
Aug 18 12:21:32 netcfg[13450]: DEBUG: Read nameserver 128.232.1.1
Aug 18 12:21:32 netcfg[13450]: DEBUG: Read nameserver 128.232.1.2
Aug 18 12:21:32 netcfg[13450]: DEBUG: Read nameserver 128.232.1.3
Aug 18 12:21:32 netcfg[13450]: DEBUG: State is now 1
Aug 18 12:21:32 netcfg[13450]: DEBUG: State is now 2
Aug 18 12:21:32 netcfg[13450]: DEBUG: State is now 5
Aug 18 12:21:32 netcfg[13450]: DEBUG: Defaulting hostname to provided DHCP hostname

...and then the installer prompts me for a hostname with a pre-filled default of "2001:630:212:200::123:1b".

Malcolm Scott (malcscott) wrote :

(This behaviour observed both on the Xenial server ISO and on today's daily Yakkety server ISO.)

Malcolm Scott (malcscott) wrote :

The cause: a typo in autoconfig.c causing a buffer overflow into another field of the netcfg_interface struct. Patch coming up.

Malcolm Scott (malcscott) wrote :

The attachment "autoconfig-ntp-typo.diff" seems to be a debdiff. The ubuntu-sponsors team has been subscribed to the bug report so that they can review and hopefully sponsor the debdiff. If the attachment isn't a patch, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are member of the ~ubuntu-sponsors, unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issue please contact him.]

tags: added: patch
tags: added: xenial yakkety
Changed in netcfg (Ubuntu):
importance: Undecided → Medium
Brian Murray (brian-murray) wrote :

Thank you for providing a patch for this bug report. This particular package is synchronized with Debian so it would be quite helpful if you were to forward the patch to the Debian bug tracker. You can learn more about how to use the Debian bug tracker at https://wiki.ubuntu.com/Debian/Bugs. After you've forwarded the bug report and patch please add a bug watch, following the procedure at http://wiki.ubuntu.com/Bugs/Watches, so we can track the progress of the upstream bug report.

Brian Murray (brian-murray) wrote :

Zesty, which will become 17.04, also contains this typo.

tags: added: zesty
Changed in netcfg (Debian):
status: Unknown → New
Malcolm Scott (malcscott) wrote :

Debian has accepted my patch into netcfg 1.142 -- please would someone sync it?

It would be great if this could also be SRU'd into (at least) xenial, as on our network the bug causes the xenial installer to set a nonsensical and misleading hostname for the installed system.

no longer affects: debian
Changed in netcfg (Debian):
status: New → Fix Released
Changed in netcfg (Ubuntu):
assignee: nobody → Mathieu Trudel-Lapierre (cyphermox)
tags: added: rls-aa-incoming

I'll fix this in artful, but then for the SRUs it will have to go after the current in-flight SRU for netcfg for xenial.

This is fixed in netcfg 1.142ubuntu1 already in artful.

Changed in netcfg (Ubuntu):
status: New → Fix Released
description: updated

Hello Malcolm, or anyone else affected,

Accepted netcfg into zesty-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/netcfg/1.138ubuntu5.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in netcfg (Ubuntu Zesty):
status: New → Fix Committed
tags: added: verification-needed
Changed in netcfg (Ubuntu Yakkety):
status: New → Fix Committed
Brian Murray (brian-murray) wrote :

Hello Malcolm, or anyone else affected,

Accepted netcfg into yakkety-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/netcfg/1.138ubuntu2.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

As part of a recent change in the Stable Release Update verification policy we would like to inform that for a bug to be considered verified for a given release a verification-done-$RELEASE tag needs to be added to the bug where $RELEASE is the name of the series the package that was tested (e.g. verification-done-xenial). Please note that the global 'verification-done' tag can no longer be used for this purpose.

Thank you!

Hello Malcolm, or anyone else affected,

Accepted netcfg into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/netcfg/1.135ubuntu4.4 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-xenial to verification-done-xenial. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-xenial. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in netcfg (Ubuntu Xenial):
status: New → Fix Committed
tags: added: verification-needed-xenial

Verification-done on xenial using netcfg 1.135ubuntu4.5:

netcfg no longer appears to leak NTP servers through to the hostname in d-i.

Malcolm, can you also confirm the package in xenial-proposed correctly fixes the issue for you?

tags: added: verification-done-xenial
removed: verification-needed-xenial
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package netcfg - 1.135ubuntu4.5

---------------
netcfg (1.135ubuntu4.5) xenial; urgency=medium

  * Add description for non-PCI platform network interfaces. LP: #1697914

 -- dann frazier <email address hidden> Wed, 19 Jul 2017 15:15:12 -0600

Changed in netcfg (Ubuntu Xenial):
status: Fix Committed → Fix Released

The fix for this bug has been awaiting testing feedback in the -proposed repository for zesty for more than 90 days. Please test this fix and update the bug appropriately with the results. In the event that the fix for this bug is still not verified 15 days from now, the package will be removed from the -proposed repository.

tags: added: removal-candidate
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.