* [gentoo-portage-dev] [PATCH] Configure a dummy network interface for network-sandbox
@ 2019-07-31 16:06 Mike Gilbert
2019-07-31 18:00 ` Zac Medico
2019-08-01 13:22 ` [gentoo-portage-dev] [PATCH v2] Configure additional addresses on the lo " Mike Gilbert
0 siblings, 2 replies; 5+ messages in thread
From: Mike Gilbert @ 2019-07-31 16:06 UTC (permalink / raw
To: gentoo-portage-dev; +Cc: leio
This works around some strange behavior in glibc's getaddrinfo()
implementation when the AI_ADDRCONFIG flag is set.
For example:
struct addrinfo *res, hints = { .ai_family = AF_INET, .ai_flags = AI_ADDRCONFIG };
getaddrinfo("localhost", NULL, &hints, &res);
This returns no results if there is no non-loopback interface configured with an
IPv4 address.
Bug: https://bugs.gentoo.org/690758
Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=12377#c13
Signed-off-by: Mike Gilbert <floppym@gentoo.org>
---
lib/portage/process.py | 24 ++++++++++++++++++++++++
1 file changed, 24 insertions(+)
diff --git a/lib/portage/process.py b/lib/portage/process.py
index dfbda75de..c284c04f3 100644
--- a/lib/portage/process.py
+++ b/lib/portage/process.py
@@ -446,6 +446,29 @@ def spawn(mycommand, env=None, opt_name=None, fd_pipes=None, returnpid=False,
# Everything succeeded
return 0
+def _configure_dummy_interface():
+ """
+ Configure a dummy interface to work around odd behavior in glibc's
+ getaddrinfo() implementation when the AI_ADDRCONFIG flag is set.
+
+ For example:
+
+ struct addrinfo *res, hints = { .ai_family = AF_INET, .ai_flags = AI_ADDRCONFIG };
+ getaddrinfo("localhost", NULL, &hints, &res);
+
+ This returns no results if there is no non-loopback interface configured with an
+ IPv4 address.
+
+ Bug: https://bugs.gentoo.org/690758
+ Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=12377#c13
+ """
+ try:
+ subprocess.check_call(['ip','link','add','dummy','type','dummy'])
+ subprocess.check_call(['ip','link','set','dummy','up'])
+ subprocess.check_call(['ip','address','add','10.0.0.1/8','dev','dummy'])
+ except subprocess.CalledProcessError:
+ writemsg("Unable to configure dummy network interface\n")
+
def _exec(binary, mycommand, opt_name, fd_pipes,
env, gid, groups, uid, umask, cwd,
pre_exec, close_fds, unshare_net, unshare_ipc, unshare_mount, unshare_pid,
@@ -637,6 +660,7 @@ def _exec(binary, mycommand, opt_name, fd_pipes,
errno.errorcode.get(e.errno, '?')),
noiselevel=-1)
sock.close()
+ _configure_dummy_interface()
except AttributeError:
# unshare() not supported by libc
pass
--
2.22.0
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [gentoo-portage-dev] [PATCH] Configure a dummy network interface for network-sandbox
2019-07-31 16:06 [gentoo-portage-dev] [PATCH] Configure a dummy network interface for network-sandbox Mike Gilbert
@ 2019-07-31 18:00 ` Zac Medico
2019-07-31 18:28 ` Mike Gilbert
2019-08-01 13:22 ` [gentoo-portage-dev] [PATCH v2] Configure additional addresses on the lo " Mike Gilbert
1 sibling, 1 reply; 5+ messages in thread
From: Zac Medico @ 2019-07-31 18:00 UTC (permalink / raw
To: gentoo-portage-dev, Mike Gilbert; +Cc: leio
[-- Attachment #1.1: Type: text/plain, Size: 2509 bytes --]
On 7/31/19 9:06 AM, Mike Gilbert wrote:
> This works around some strange behavior in glibc's getaddrinfo()
> implementation when the AI_ADDRCONFIG flag is set.
>
> For example:
>
> struct addrinfo *res, hints = { .ai_family = AF_INET, .ai_flags = AI_ADDRCONFIG };
> getaddrinfo("localhost", NULL, &hints, &res);
>
> This returns no results if there is no non-loopback interface configured with an
> IPv4 address.
>
> Bug: https://bugs.gentoo.org/690758
> Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=12377#c13
> Signed-off-by: Mike Gilbert <floppym@gentoo.org>
> ---
> lib/portage/process.py | 24 ++++++++++++++++++++++++
> 1 file changed, 24 insertions(+)
>
> diff --git a/lib/portage/process.py b/lib/portage/process.py
> index dfbda75de..c284c04f3 100644
> --- a/lib/portage/process.py
> +++ b/lib/portage/process.py
> @@ -446,6 +446,29 @@ def spawn(mycommand, env=None, opt_name=None, fd_pipes=None, returnpid=False,
> # Everything succeeded
> return 0
>
> +def _configure_dummy_interface():
> + """
> + Configure a dummy interface to work around odd behavior in glibc's
> + getaddrinfo() implementation when the AI_ADDRCONFIG flag is set.
> +
> + For example:
> +
> + struct addrinfo *res, hints = { .ai_family = AF_INET, .ai_flags = AI_ADDRCONFIG };
> + getaddrinfo("localhost", NULL, &hints, &res);
> +
> + This returns no results if there is no non-loopback interface configured with an
> + IPv4 address.
> +
> + Bug: https://bugs.gentoo.org/690758
> + Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=12377#c13
> + """
> + try:
> + subprocess.check_call(['ip','link','add','dummy','type','dummy'])
> + subprocess.check_call(['ip','link','set','dummy','up'])
> + subprocess.check_call(['ip','address','add','10.0.0.1/8','dev','dummy'])
> + except subprocess.CalledProcessError:
> + writemsg("Unable to configure dummy network interface\n")
> +
> def _exec(binary, mycommand, opt_name, fd_pipes,
> env, gid, groups, uid, umask, cwd,
> pre_exec, close_fds, unshare_net, unshare_ipc, unshare_mount, unshare_pid,
> @@ -637,6 +660,7 @@ def _exec(binary, mycommand, opt_name, fd_pipes,
> errno.errorcode.get(e.errno, '?')),
> noiselevel=-1)
> sock.close()
> + _configure_dummy_interface()
> except AttributeError:
> # unshare() not supported by libc
> pass
>
Maybe it will suffice to add the address to the loopback interface?
--
Thanks,
Zac
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 981 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [gentoo-portage-dev] [PATCH] Configure a dummy network interface for network-sandbox
2019-07-31 18:00 ` Zac Medico
@ 2019-07-31 18:28 ` Mike Gilbert
0 siblings, 0 replies; 5+ messages in thread
From: Mike Gilbert @ 2019-07-31 18:28 UTC (permalink / raw
To: Zac Medico; +Cc: gentoo-portage-dev, Mart Raudsepp
On Wed, Jul 31, 2019 at 2:00 PM Zac Medico <zmedico@gentoo.org> wrote:
>
> On 7/31/19 9:06 AM, Mike Gilbert wrote:
> > This works around some strange behavior in glibc's getaddrinfo()
> > implementation when the AI_ADDRCONFIG flag is set.
> >
> > For example:
> >
> > struct addrinfo *res, hints = { .ai_family = AF_INET, .ai_flags = AI_ADDRCONFIG };
> > getaddrinfo("localhost", NULL, &hints, &res);
> >
> > This returns no results if there is no non-loopback interface configured with an
> > IPv4 address.
> >
> > Bug: https://bugs.gentoo.org/690758
> > Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=12377#c13
> > Signed-off-by: Mike Gilbert <floppym@gentoo.org>
> > ---
> > lib/portage/process.py | 24 ++++++++++++++++++++++++
> > 1 file changed, 24 insertions(+)
> >
> > diff --git a/lib/portage/process.py b/lib/portage/process.py
> > index dfbda75de..c284c04f3 100644
> > --- a/lib/portage/process.py
> > +++ b/lib/portage/process.py
> > @@ -446,6 +446,29 @@ def spawn(mycommand, env=None, opt_name=None, fd_pipes=None, returnpid=False,
> > # Everything succeeded
> > return 0
> >
> > +def _configure_dummy_interface():
> > + """
> > + Configure a dummy interface to work around odd behavior in glibc's
> > + getaddrinfo() implementation when the AI_ADDRCONFIG flag is set.
> > +
> > + For example:
> > +
> > + struct addrinfo *res, hints = { .ai_family = AF_INET, .ai_flags = AI_ADDRCONFIG };
> > + getaddrinfo("localhost", NULL, &hints, &res);
> > +
> > + This returns no results if there is no non-loopback interface configured with an
> > + IPv4 address.
> > +
> > + Bug: https://bugs.gentoo.org/690758
> > + Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=12377#c13
> > + """
> > + try:
> > + subprocess.check_call(['ip','link','add','dummy','type','dummy'])
> > + subprocess.check_call(['ip','link','set','dummy','up'])
> > + subprocess.check_call(['ip','address','add','10.0.0.1/8','dev','dummy'])
> > + except subprocess.CalledProcessError:
> > + writemsg("Unable to configure dummy network interface\n")
> > +
> > def _exec(binary, mycommand, opt_name, fd_pipes,
> > env, gid, groups, uid, umask, cwd,
> > pre_exec, close_fds, unshare_net, unshare_ipc, unshare_mount, unshare_pid,
> > @@ -637,6 +660,7 @@ def _exec(binary, mycommand, opt_name, fd_pipes,
> > errno.errorcode.get(e.errno, '?')),
> > noiselevel=-1)
> > sock.close()
> > + _configure_dummy_interface()
> > except AttributeError:
> > # unshare() not supported by libc
> > pass
> >
>
> Maybe it will suffice to add the address to the loopback interface?
I wasn't expecting that to work, but it actually does! That makes this
a bit simpler indeed. I'll send a new patch in a bit.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [gentoo-portage-dev] [PATCH v2] Configure additional addresses on the lo interface for network-sandbox
2019-07-31 16:06 [gentoo-portage-dev] [PATCH] Configure a dummy network interface for network-sandbox Mike Gilbert
2019-07-31 18:00 ` Zac Medico
@ 2019-08-01 13:22 ` Mike Gilbert
2019-08-01 18:06 ` Zac Medico
1 sibling, 1 reply; 5+ messages in thread
From: Mike Gilbert @ 2019-08-01 13:22 UTC (permalink / raw
To: gentoo-portage-dev
This works around some strange behavior in glibc's getaddrinfo()
implementation when the AI_ADDRCONFIG flag is set.
For example:
struct addrinfo *res, hints = { .ai_family = AF_INET, .ai_flags = AI_ADDRCONFIG };
getaddrinfo("localhost", NULL, &hints, &res);
This returns no results if there are no non-loopback addresses configured.
Bug: https://bugs.gentoo.org/690758
Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=12377#c13
Signed-off-by: Mike Gilbert <floppym@gentoo.org>
---
lib/portage/process.py | 50 +++++++++++++++++++++++++++++++-----------
1 file changed, 37 insertions(+), 13 deletions(-)
diff --git a/lib/portage/process.py b/lib/portage/process.py
index dfbda75de..77f7fac02 100644
--- a/lib/portage/process.py
+++ b/lib/portage/process.py
@@ -446,6 +446,42 @@ def spawn(mycommand, env=None, opt_name=None, fd_pipes=None, returnpid=False,
# Everything succeeded
return 0
+def _configure_loopback_interface():
+ """
+ Configure the loopback interface.
+ """
+
+ IFF_UP = 0x1
+ ifreq = struct.pack('16sh', b'lo', IFF_UP)
+ SIOCSIFFLAGS = 0x8914
+
+ sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, 0)
+ try:
+ fcntl.ioctl(sock, SIOCSIFFLAGS, ifreq)
+ except IOError as e:
+ writemsg("Unable to enable loopback interface: %s\n" % e.strerror, noiselevel=-1)
+ sock.close()
+
+ # We add some additional addresses to work around odd behavior in glibc's
+ # getaddrinfo() implementation when the AI_ADDRCONFIG flag is set.
+ #
+ # For example:
+ #
+ # struct addrinfo *res, hints = { .ai_family = AF_INET, .ai_flags = AI_ADDRCONFIG };
+ # getaddrinfo("localhost", NULL, &hints, &res);
+ #
+ # This returns no results if there are no non-loopback addresses
+ # configured for a given address family.
+ #
+ # Bug: https://bugs.gentoo.org/690758
+ # Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=12377#c13
+
+ try:
+ subprocess.call(['ip', 'address', 'add', '10.0.0.1/8', 'dev', 'lo'])
+ subprocess.call(['ip', 'address', 'add', 'fd00::1/8', 'dev', 'lo'])
+ except OSError as e:
+ writemsg("Error calling 'ip': %s\n" % e.strerror, noiselevel=-1)
+
def _exec(binary, mycommand, opt_name, fd_pipes,
env, gid, groups, uid, umask, cwd,
pre_exec, close_fds, unshare_net, unshare_ipc, unshare_mount, unshare_pid,
@@ -624,19 +660,7 @@ def _exec(binary, mycommand, opt_name, fd_pipes,
noiselevel=-1)
os._exit(1)
if unshare_net:
- # 'up' the loopback
- IFF_UP = 0x1
- ifreq = struct.pack('16sh', b'lo', IFF_UP)
- SIOCSIFFLAGS = 0x8914
-
- sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, 0)
- try:
- fcntl.ioctl(sock, SIOCSIFFLAGS, ifreq)
- except IOError as e:
- writemsg("Unable to enable loopback interface: %s\n" % (
- errno.errorcode.get(e.errno, '?')),
- noiselevel=-1)
- sock.close()
+ _configure_loopback_interface()
except AttributeError:
# unshare() not supported by libc
pass
--
2.22.0
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [gentoo-portage-dev] [PATCH v2] Configure additional addresses on the lo interface for network-sandbox
2019-08-01 13:22 ` [gentoo-portage-dev] [PATCH v2] Configure additional addresses on the lo " Mike Gilbert
@ 2019-08-01 18:06 ` Zac Medico
0 siblings, 0 replies; 5+ messages in thread
From: Zac Medico @ 2019-08-01 18:06 UTC (permalink / raw
To: gentoo-portage-dev, Mike Gilbert
[-- Attachment #1.1: Type: text/plain, Size: 3315 bytes --]
On 8/1/19 6:22 AM, Mike Gilbert wrote:
> This works around some strange behavior in glibc's getaddrinfo()
> implementation when the AI_ADDRCONFIG flag is set.
>
> For example:
>
> struct addrinfo *res, hints = { .ai_family = AF_INET, .ai_flags = AI_ADDRCONFIG };
> getaddrinfo("localhost", NULL, &hints, &res);
>
> This returns no results if there are no non-loopback addresses configured.
>
> Bug: https://bugs.gentoo.org/690758
> Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=12377#c13
> Signed-off-by: Mike Gilbert <floppym@gentoo.org>
> ---
> lib/portage/process.py | 50 +++++++++++++++++++++++++++++++-----------
> 1 file changed, 37 insertions(+), 13 deletions(-)
>
> diff --git a/lib/portage/process.py b/lib/portage/process.py
> index dfbda75de..77f7fac02 100644
> --- a/lib/portage/process.py
> +++ b/lib/portage/process.py
> @@ -446,6 +446,42 @@ def spawn(mycommand, env=None, opt_name=None, fd_pipes=None, returnpid=False,
> # Everything succeeded
> return 0
>
> +def _configure_loopback_interface():
> + """
> + Configure the loopback interface.
> + """
> +
> + IFF_UP = 0x1
> + ifreq = struct.pack('16sh', b'lo', IFF_UP)
> + SIOCSIFFLAGS = 0x8914
> +
> + sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, 0)
> + try:
> + fcntl.ioctl(sock, SIOCSIFFLAGS, ifreq)
> + except IOError as e:
> + writemsg("Unable to enable loopback interface: %s\n" % e.strerror, noiselevel=-1)
> + sock.close()
> +
> + # We add some additional addresses to work around odd behavior in glibc's
> + # getaddrinfo() implementation when the AI_ADDRCONFIG flag is set.
> + #
> + # For example:
> + #
> + # struct addrinfo *res, hints = { .ai_family = AF_INET, .ai_flags = AI_ADDRCONFIG };
> + # getaddrinfo("localhost", NULL, &hints, &res);
> + #
> + # This returns no results if there are no non-loopback addresses
> + # configured for a given address family.
> + #
> + # Bug: https://bugs.gentoo.org/690758
> + # Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=12377#c13
> +
> + try:
> + subprocess.call(['ip', 'address', 'add', '10.0.0.1/8', 'dev', 'lo'])
> + subprocess.call(['ip', 'address', 'add', 'fd00::1/8', 'dev', 'lo'])
> + except OSError as e:
> + writemsg("Error calling 'ip': %s\n" % e.strerror, noiselevel=-1)
> +
> def _exec(binary, mycommand, opt_name, fd_pipes,
> env, gid, groups, uid, umask, cwd,
> pre_exec, close_fds, unshare_net, unshare_ipc, unshare_mount, unshare_pid,
> @@ -624,19 +660,7 @@ def _exec(binary, mycommand, opt_name, fd_pipes,
> noiselevel=-1)
> os._exit(1)
> if unshare_net:
> - # 'up' the loopback
> - IFF_UP = 0x1
> - ifreq = struct.pack('16sh', b'lo', IFF_UP)
> - SIOCSIFFLAGS = 0x8914
> -
> - sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, 0)
> - try:
> - fcntl.ioctl(sock, SIOCSIFFLAGS, ifreq)
> - except IOError as e:
> - writemsg("Unable to enable loopback interface: %s\n" % (
> - errno.errorcode.get(e.errno, '?')),
> - noiselevel=-1)
> - sock.close()
> + _configure_loopback_interface()
> except AttributeError:
> # unshare() not supported by libc
> pass
>
Looks good. Please merge.
--
Thanks,
Zac
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 981 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2019-08-01 18:06 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-07-31 16:06 [gentoo-portage-dev] [PATCH] Configure a dummy network interface for network-sandbox Mike Gilbert
2019-07-31 18:00 ` Zac Medico
2019-07-31 18:28 ` Mike Gilbert
2019-08-01 13:22 ` [gentoo-portage-dev] [PATCH v2] Configure additional addresses on the lo " Mike Gilbert
2019-08-01 18:06 ` Zac Medico
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox