You are not logged in.
- Topics: Active | Unanswered
#1 2023-08-05 10:35:18
- Tid91
- Member
- Registered: 2013-12-01
- Posts: 35
- Website
Configuring lo interface in a netns from systemd unit not working
Hello, I've been having this systemd unit to set up a network namespace for a vpn for a year.
[Unit]
Description=%I Namespace wrapper
After=network-online.target nss-lookup.target
Wants=network-online.target nss-lookup.target
[Service]
Type=oneshot
RemainAfterExit=true
PrivateNetwork=true
ExecStartPre=-/usr/bin/env ip netns delete %i
# Add vpn dedicated namespace
ExecStart=/usr/bin/env ip netns add %i
# Pause
ExecStart=/usr/bin/env echo %i
# Set loopback device up
ExecStart=/usr/bin/env ip -n %i link set dev lo up
# Stop process
ExecStop=/usr/bin/env ip netns delete %i
[Install]
WantedBy=multi-user.target
WantedBy=network-online.targetAfter the latest update, it fails when starting:
sudo systemctl start netns@vpn❯ sudo systemctl status netns@vpn.service
× netns@vpn.service - vpn Namespace wrapper
Loaded: loaded (/etc/systemd/system/netns@.service; disabled; preset: disabled)
Active: failed (Result: exit-code) since Sat 2023-08-05 12:32:20 CEST; 1min 59s ago
Process: 26977 ExecStartPre=/usr/bin/env ip netns delete vpn (code=exited, status=1/FAILURE)
Process: 26978 ExecStart=/usr/bin/env ip netns add vpn (code=exited, status=0/SUCCESS)
Process: 26980 ExecStart=/usr/bin/env echo vpn (code=exited, status=0/SUCCESS)
Process: 26983 ExecStart=/usr/bin/env ip -n vpn link set dev lo up (code=exited, status=255/EXCEPTION)
Main PID: 26983 (code=exited, status=255/EXCEPTION)
CPU: 41ms
Aug 05 12:32:20 xxx systemd[1]: Starting vpn Namespace wrapper...
Aug 05 12:32:20 xxx env[26977]: Cannot remove namespace file "/var/run/netns/vpn": No such file or directory
Aug 05 12:32:20 xxx env[26980]: vpn
Aug 05 12:32:20 xxx env[26983]: setting the network namespace "vpn" failed: Invalid argument
Aug 05 12:32:20 xxx systemd[1]: netns@vpn.service: Main process exited, code=exited, status=255/EXCEPTION
Aug 05 12:32:20 xxx systemd[1]: netns@vpn.service: Failed with result 'exit-code'.
Aug 05 12:32:20 xxx systemd[1]: Failed to start vpn Namespace wrapper.It's failing at /usr/bin/env ip -n vpn link set dev lo up.
If I run the sequence of commands manually, they work as expected. So I don't understand what's happening here...
uname -a
Linux xxx 6.1.39-3-lts #1 SMP PREEMPT_DYNAMIC Wed, 02 Aug 2023 10:12:55 +0000 x86_64 GNU/Linuxlocal/systemd 254-1Last edited by Tid91 (2023-08-05 10:38:37)
Offline
#2 2023-08-05 10:41:18
- Tid91
- Member
- Registered: 2013-12-01
- Posts: 35
- Website
Re: Configuring lo interface in a netns from systemd unit not working
Oh, when it fails, if I do
ip netns I get
Error: Peer netns reference is invalid(and the `vpn` namespace is shown at the end)
Offline
#3 2023-11-03 17:03:26
- hockeymikey
- Member
- Registered: 2023-11-03
- Posts: 1
- Website
Re: Configuring lo interface in a netns from systemd unit not working
For anyone coming across this, this might be of help:
https://github.com/systemd/systemd/issu … 1661048428
https://github.com/systemd/systemd/issues/28686
PrivateMounts=no fixed it for me under the [service] tag.
Offline