[arch-general] netcl leaves network down until reenable performed - do we need note?

Mon Aug 17 21:56:37 UTC 2020

On 8/17/20 5:25 PM, David C. Rankin wrote:
> Archdevs,
> 
>   I have two computers using netctl, one for a static and one for a dhcp
> address. After the last update on May, 3,
> 
> netctl (1.22-1 -> 1.23-1)
> 
> all remained fine and old profiles generated as subservices in
> /etc/systemd/system, such as:
> 
> netctl\@rlf_network\\x2dstatic.service
> 
> continued to bring the network up. However within the past week there was a
> change, likely to systemd 246, that no longer respects the subservices
> originally created by netctl. Now attempting at reboot causes the network to
> fail completely. Not good for remotely adminned boxes.
> 
> What is required is a "reenable" of the netctl profile. Doing so will remove
> the old subservice and symlinks and replace then with a directory in
> /etc/systemd/system of same name as the old subservice, but with a ".d"
> appended that now contains a "profile.conf", e.g.

By "subservice" I think you mean ".include" stanzas?

Your analysis is correct, this got removed from systemd here:
https://github.com/systemd/systemd/commit/7ade8982ca1969e251a29589ae918c3b5c595afb

and systemd 246 is the first release with its removal.

However, netctl migrated over to *.d dropins here:
https://git.archlinux.org/netctl.git/commit/?id=04d39b2573bd34d4159837afdb4793a0990bd44a

So I think you should be fine if you've re-enabled the netctl profile
with 1.18 or higher (released on 2018-08-07). That's 2 years. Granted,
if it's been working for years, why would anyone care about manually
re-enabling their netctl profile... but...

There should also probably have been a warning logged in journalctl for
this, if your service was still using the old method.

> netctl at rlf_network\x2dstatic.service.d/
> └── profile.conf
> 
> However, there is no note or warning during update that any manual
> intervention will be needed. That will leave anyone adminning a remote arch
> install with netctl with a box that is unreachable and has no network.
> 
> Shouldn't there be a warning about this change generated on update? Arch is
> always pretty good about warning when manual interaction is required -- and
> this is a biggie.

I'm not sure it merits a news post for something that old which is only
now becoming fatal.

Hopefully anyone with remotely adminned boxes caught this while
monitoring journalctl logs.

But, thanks for posting this to the list -- at the very least, people in
the same situation will be able to figure out what happened by reading
here. And hopefully they will see this *before* upgrading.

> Couldn't there also be a post install that does a reenable for each netctl
> profile found in /etc/systemd/system as another option to avoid this SNAFU?
That might have been an interesting precautionary measure for netctl
1.18, at least for printing a message advising people to reenable the
service.

I'm not sure it makes sense to do that automatically, since disabling a
profile removes customizations and the netctl manpage explicitly warns
you to be careful about doing so.

-- 
Eli Schwartz
Bug Wrangler and Trusted User

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1601 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-general/attachments/20200817/9dfa253b/attachment.sig>