Bug#1018999: connman resets disable_ipv6

Fri, 02 Sep 2022 21:27:16 -0700 

Package: connman
Version: 1.36-2.2
Severity: normal
X-Debbugs-Cc: ca...@deccio.net

Dear Maintainer,

When connman is installed, the net.ipv6.conf.intf.disable_ipv6 setting is
ignored and reset.  For example, consider the following on a minimal Debian
install *without* connman installed:

# cat test.sh
#!/bin/sh

ip link add test1 type veth
ip link set test1 down
sysctl net.ipv6.conf.test1.disable_ipv6=1
ip link set test1 up
# ./test.sh
net.ipv6.conf.test1.disable_ipv6 = 1

At this point, I expect IPv6 to be disabled:

# ip addr | grep -A 2 test1
5: veth0@test1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group
default qlen 1000
    link/ether a6:01:c9:a1:85:9f brd ff:ff:ff:ff:ff:ff
6: test1@veth0: <NO-CARRIER,BROADCAST,MULTICAST,UP,M-DOWN> mtu 1500 qdisc
noqueue state LOWERLAYERDOWN group default qlen 1000
    link/ether 96:3a:cc:4a:90:84 brd ff:ff:ff:ff:ff:ff

Success!  There are no IPv6 link-local addresses.

But when I install connman:

# apt --no-install-recommends install connman

And try again:

# ip link del test1
# ./test.sh
net.ipv6.conf.test1.disable_ipv6 = 1
# ip addr | grep -A 2 test1
3: veth0@test1: <BROADCAST,MULTICAST,DYNAMIC,UP,LOWER_UP> mtu 1500 qdisc
noqueue state UP group default qlen 1000
    link/ether a6:01:c9:a1:85:9f brd ff:ff:ff:ff:ff:ff
    inet6 fe80::a401:c9ff:fea1:859f/64 scope link 
--
4: test1@veth0: <BROADCAST,MULTICAST,DYNAMIC,UP,LOWER_UP> mtu 1500 qdisc
noqueue state UP group default qlen 1000
    link/ether 96:3a:cc:4a:90:84 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::943a:ccff:fe4a:9084/64 scope link 

Boo!

Also, it seems to have not only ignored the setting but also changed it:
# sysctl net.ipv6.conf.test1.disable_ipv6
net.ipv6.conf.test1.disable_ipv6 = 0

Thanks,
Casey

-- System Information:
Debian Release: 11.4
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-17-amd64 (SMP w/1 CPU thread)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages connman depends on:
ii  dbus          1.12.20-2
ii  iptables      1.8.7-1
ii  libc6         2.31-13+deb11u3
ii  libdbus-1-3   1.12.20-2
ii  libglib2.0-0  2.66.8-1
ii  libgnutls30   3.7.1-5+deb11u2
ii  libreadline8  8.1-1
ii  libxtables12  1.8.7-1
ii  lsb-base      11.1.0

Versions of packages connman recommends:
ii  bluez          5.55-3.1
pn  ofono          <none>
ii  wpasupplicant  2:2.9.0-21

Versions of packages connman suggests:
pn  connman-vpn  <none>

-- no debconf information

Reply via email to