Public bug reported:
The systemd unit provided in the Ubuntu package attempts to parse the
output of `ip route show to exact 0/0` in order to automatically
populate with the `-P` flags for each next hop. Unfortunately this
parsing is not robust and breaks on a host with multipath routing.
This is the current value of ExecStart from the systemd unit:
ExecStart=/bin/sh -c "exec /usr/sbin/oidentd -S ${OIDENT_OPTIONS} -u
\"${OIDENT_USER}\" -g \"${OIDENT_GROUP}\" \
`[ \"${OIDENT_BEHIND_PROXY}\" = \"yes\" ] && ip route show to exact 0/0 | awk
'{print \"-P \" $3}'`"
This is what output of `ip route ...` on a host with multipath routing (in this
case with BGP unnumbered next hops) looks like for reference:
$ ip route show to exact 0/0
default proto bgp metric 20
nexthop via 169.254.0.1 dev ens2f1np1 weight 1 onlink
nexthop via 169.254.0.1 dev eno34np1 weight 1 onlink
nexthop via 169.254.0.1 dev ens2f0np0 weight 1 onlink
nexthop via 169.254.0.1 dev eno33np0 weight 1 onlink
Currently, `-P bgp -P 169.254.0.1 -P 169.254.0.1 -P 169.254.0.1 -P 169.254.0.1`
is added to the command however this results in the following error:
Fatal: Unknown host: "bgp"
To fix the parsing of this output so that it works regardless of whether there
is one or more than one next hop (and provide all next hops as arguments), the
ExecStart can be changed to the following which matches just the lines in the
output which have "via" as the second field in the output:
ExecStart=/bin/sh -c "exec /usr/sbin/oidentd -S ${OIDENT_OPTIONS} -u
\"${OIDENT_USER}\" -g \"${OIDENT_GROUP}\" \
`[ \"${OIDENT_BEHIND_PROXY}\" = \"yes\" ] && ip route show to exact 0/0 | awk
'$2 == \"via\" {print \"-P \" $3}'`"
It may be additionally desirable to pipe that output into `sort -u`.
A simple workaround for other users running into this issue is to
disable (set to "no") the OIDENT_BEHIND_PROXY variable in
/etc/default/oidentd assuming that the host is not behind a proxy.
Since the default for the package is for this to be enabled, if the host
is using multipath when the package is installed, starting the service
fails causing the package install/update to fail so I think it would be
ideal to make the parsing more robust (as suggested).
Environment:
- Ubuntu Focal 20.04
- Version: 2.4.0
** Affects: oidentd (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1920755
Title:
ip route parsing fails with multipath routing
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/oidentd/+bug/1920755/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
