qubes-network-uplink.service randomly not initialized on cloned standalones

[IDBEHOLDS]

How to file a helpful issue

Qubes OS release

4.1

[    4.210274] Error: Driver 'pcspkr' is already registered, aborting...
[    4.236779] xen_netfront: Initialising Xen virtual ethernet driver
[    4.301171] xen_netfront: backend supports XDP headroom
[    4.343503] vif vif-0 enX0: renamed from eth0

but interface enX0 has physically down state

● qubes-network-uplink.service                      loaded failed failed    Qubes network uplink wait

2: enX0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 00:16:3e:5e:6c:00 brd ff:ff:ff:ff:ff:ff

sudo systemctl status  [email protected]
○ [email protected] - Qubes network uplink (enX0) setup
     Loaded: loaded (/usr/lib/systemd/system/[email protected]; static)
     Active: inactive (dead)

usually 1-2 vm reboots is helpful

[marmarek]

which kernel version you use?

[IDBEHOLDS]

@marmarek
5.10.96-1.fc32 with kernelopts audit=0

[na--]

I also have started experiencing this exact same issue after a recent update. I am with kernel 5.16.5-1 and the issue occurs only on Arch VMs, Fedora VMs have been fine so far. And it doesn't happen every VM boot - I haven't had time to debug it yet, but it seems like a race of some sort 🤷‍♂️

For me, running sudo systemctl restart qubes-network-uplink.service after the VM starts seems to fix the issue, no need for a restart, but it's still quite annoying.

[IDBEHOLDS]

@na-- yeah thanks. will try to play with different kernel versions.

[RegaliaCelibacy]

This might be caused by a change in systemd 250, which Arch Linux uses but not Debian or Fedora stable, in the naming of network interfaces.
Systemd change log says:
* The predictable naming logic for network interfaces has been extended to generate stable names from Xen netfront device information.
https://lwn.net/Articles/879739/
https://github.com/systemd/systemd/blob/main/docs/PREDICTABLE_INTERFACE_NAMES.md

[marmarek]

This might be caused by a change in systemd 250, which Arch Linux uses but not Debian or Fedora stable, in the naming of network interfaces.
Systemd change log says:
* The predictable naming logic for network interfaces has been extended to generate stable names from Xen netfront device information.

Indeed, that's possible. Theoretically startup script look for the interface via MAC address, but there is a fallback to eth0 - so, if the former doesn't work, the latter just stopped working.

[marmarek]

What are the logs of the qubes-network-uplink.service when it fails?

[DemiMarie]

New name is enX0 btw

[na--]

@marmarek, is systemctl status qubes-network-uplink.service what you mean?

× qubes-network-uplink.service - Qubes network uplink wait
     Loaded: loaded (/usr/lib/systemd/system/qubes-network-uplink.service; enabled; vendor preset: enabled)
     Active: failed (Result: exit-code) since Sat 2022-02-19 14:09:32 EET; 6s ago
    Process: 398 ExecStart=/usr/lib/qubes/init/network-uplink-wait.sh (code=exited, status=1/FAILURE)
   Main PID: 398 (code=exited, status=1/FAILURE)
        CPU: 33ms

Feb 19 14:08:03 systemd[1]: Starting Qubes network uplink wait...
Feb 19 14:09:32 network-uplink-wait.sh[428]: A dependency job for [email protected] failed. See 'journalctl -xe' for details.
Feb 19 14:09:32 systemd[1]: qubes-network-uplink.service: Main process exited, code=exited, status=1/FAILURE
Feb 19 14:09:32 systemd[1]: qubes-network-uplink.service: Failed with result 'exit-code'.
Feb 19 14:09:32 systemd[1]: Failed to start Qubes network uplink wait.

and this is the result of systemctl status sys-subsystem-net-devices-eth0.device:

○ sys-subsystem-net-devices-eth0.device - /sys/subsystem/net/devices/eth0
     Loaded: loaded
     Active: inactive (dead)

Feb 19 14:09:32 systemd[1]: sys-subsystem-net-devices-eth0.device: Job sys-subsystem-net-devices-eth0.device/start timed out.
Feb 19 14:09:32 systemd[1]: Timed out waiting for device /sys/subsystem/net/devices/eth0.
Feb 19 14:09:32 systemd[1]: sys-subsystem-net-devices-eth0.device: Job sys-subsystem-net-devices-eth0.device/start failed with result 'timeout'.

[lubellier]

Same problem for me with an ArchLinux HVM and an ArchLinux AppVM.

Below for the HVM:

[user@dom0 ~]$ qvm-ls --fields NAME,CLASS,TEMPLATE,NETVM,GATEWAY hvm-arch-web-dev
NAME              CLASS         TEMPLATE  NETVM         GATEWAY
hvm-arch-web-dev  StandaloneVM  -         sys-firewall  10.138.3.247

with the below kernel

[user@archlinux ~]$ uname -r
5.10.96-1.fc32.qubes.x86_64

In the next post I'll give a start of the analysis, but first here a workaround (of course, you should customize $GW):

[user@archlinux ~]$ cat /rw/config/rc.local
#! /bin/bash

# This script will be executed at every VM startup, you can place your own
# custom commands here. This includes overriding some configuration in /etc,
# starting services etc.

# Example for overriding the whole CUPS configuration:
#  rm -rf /etc/cups
#  ln -s /rw/config/cups /etc/cups
#  systemctl --no-block restart cups

LOG=/tmp/rc-local-$(date -I).log
GW="10.138.3.247"
ip -4 -br a | tee -a $LOG
CT=0
while [ "$CT" -lt "5" ]; do
    ping -c 1 $GW && break
    echo "No ping #$CT, restart uplink" | tee -a $LOG
    systemctl restart [email protected]
    sleep 2
    $(( CT++ ))
done
ip -4 -br a | tee -a $LOG

The result log is

[user@archlinux ~]$ cat /tmp/rc-local-2022-02-20.log 
lo               UNKNOWN        127.0.0.1/8 
No ping #0, restart uplink
lo               UNKNOWN        127.0.0.1/8 
enX0             UP             10.137.0.33/32 

[lubellier]

How does Qubes-OS choose the network interface ?

Net interfaces status with the uplink pb:

[user@archlinux ~]$ ip -o -br link
lo               UNKNOWN        00:00:00:00:00:00 <LOOPBACK,UP,LOWER_UP> 
enX0             DOWN           00:16:3e:5e:6c:00 <BROADCAST,MULTICAST> 
[user@archlinux ~]$ ip -4 -br a
lo               UNKNOWN        127.0.0.1/8 

Systemd status:

[user@archlinux ~]$ sudo systemctl list-units --failed
  UNIT                         LOAD   ACTIVE SUB    DESCRIPTION              
● qubes-network-uplink.service loaded failed failed Qubes network uplink wait

LOAD   = Reflects whether the unit definition was properly loaded.
ACTIVE = The high-level unit activation state, i.e. generalization of SUB.
SUB    = The low-level unit activation state, values depend on unit type.
1 loaded units listed.

[user@archlinux ~]$ sudo journalctl --b -u qubes-network-uplink.service
Feb 20 18:05:04 archlinux systemd[1]: Starting Qubes network uplink wait...
Feb 20 18:06:35 archlinux network-uplink-wait.sh[379]: A dependency job for [email protected] failed. See 'journalctl -xe' fo>
Feb 20 18:06:35 archlinux systemd[1]: qubes-network-uplink.service: Main process exited, code=exited, status=1/FAILURE
Feb 20 18:06:35 archlinux systemd[1]: qubes-network-uplink.service: Failed with result 'exit-code'.
Feb 20 18:06:35 archlinux systemd[1]: Failed to start Qubes network uplink wait.

Above the uplink service choose the wrong net interface (eth0, it should be enX0).

How does the uplink service choose the net interface?

[user@archlinux ~]$ sudo systemctl cat qubes-network-uplink.service
# /usr/lib/systemd/system/qubes-network-uplink.service
[Unit]
Description=Qubes network uplink wait
Before=network.target

[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/usr/lib/qubes/init/network-uplink-wait.sh

[Install]
WantedBy=multi-user.target

[user@archlinux ~]$ cat /usr/lib/qubes/init/network-uplink-wait.sh
#!/bin/sh

# Source Qubes library.
# shellcheck source=init/functions
. /usr/lib/qubes/init/functions

# Setup IP address at specific time of system boot, instead of asynchronously
# by udev
QUBES_MANAGED_IFACE="$(get_qubes_managed_iface)"
if [ "x$QUBES_MANAGED_IFACE" != "x" ]; then
    # systemd does not support conditional After= dependencies, nor a tool to
    # just wait for the unit to be activated
    # if the network interface is expected, use `systemctl start` to wait for
    # it to be started - it would be started by udev (SYSTEMD_WANTS) anyway
    systemctl start "qubes-network-uplink@$QUBES_MANAGED_IFACE.service"
fi
[user@archlinux ~]$ 

The above service launches the uplink sevice for the found interface (eth0 or enX0) from the get_qubes_managed_iface() function.

How does the get_qubes_managed_iface() function work?

[user@archlinux ~]$ grep -B9 -A16 get_qubes_managed_iface /usr/lib/qubes/init/functions
get_iface_from_mac() {
    local mac="$1"
    local iface=
    if [ "x$mac" != "x" ]; then
        iface="$(ip -o link | grep -i "$mac" | awk '{print $2}' | cut -d ':' -f1)"
    fi
    echo "$iface"
}

get_qubes_managed_iface() {
    local mac
    local qubes_iface
    mac="$(qubesdb-read /qubes-mac 2> /dev/null)"
    if [ -z "$mac" ]; then
        # no qubes-managed network interface
        return
    fi
    # Load the module explicitly here, to avoid waiting for udev doing that
    [ -e /sys/module/xen_netfront ] || modprobe xen-netfront || :
    qubes_iface="$(get_iface_from_mac "$mac")"
    if [ "x$qubes_iface" != "x" ]; then
        echo "$qubes_iface"
    elif [ -e /sys/class/net/eth0 ]; then
        echo eth0
    fi
}

So It finds the net interface from ip link output with the qubesdb mac address, if it fails it uses eth0.

But what was the ip link status? What was the xen-netfront status? See the next post.

[lubellier]

I added traces to understand the net interface choice,

qlog() {
    echo "$(date +%s.%N) get_qubes_managed_iface : $*" >> /tmp/f.log || :
}

get_qubes_managed_iface() {
    local mac
    local qubes_iface
    mac="$(qubesdb-read /qubes-mac 2> /dev/null)"
    if [ -z "$mac" ]; then
        # no qubes-managed network interface
        return
    fi
    qlog "mac from qubesdb is $mac"
    # Load the module explicitly here, to avoid waiting for udev doing that
    qlog "is xen_netfront loaded ? "
    ls -d /sys/module/xen* >> /tmp/f.log 
    [ -e /sys/module/xen_netfront ] && qlog "xen-netfront already loaded" 
    [ -e /sys/module/xen_netfront ] || qlog "xen-netfront not yet loaded" 
    [ -e /sys/module/xen_netfront ] || modprobe xen-netfront || :
    qlog "/sys/class/net interfaces"
    ls /sys/class/net/ >> /tmp/f.log
    qlog "ip link interfaces"
    ip -o -br link >> /tmp/f.log
    qlog "ip addr interfaces"
    ip -4 -br a >> /tmp/f.log
    qubes_iface="$(get_iface_from_mac "$mac")"
    if [ "x$qubes_iface" != "x" ]; then
        qlog "iface name from qubes_iface ($qubes_iface)"
        echo "$qubes_iface"
    elif [ -e /sys/class/net/enX0 ]; then
        qlog "iface name from /sys/classi/net/enX0"
        echo enX0
    elif [ -e /sys/class/net/eth0 ]; then
        qlog "iface name from /sys/class/net/eth0"
        echo eth0
    fi
    qlog "exit"
}

The traces are in /tmp/f.log.

Case 1 : the xen module is not yet loaded, the function loads it but gets the not yet renamed interface (so eth0). (note: I commented the ls -d /sys/module/xen* else the execution was to slow and the module already loaded. You see the other traces slow again the execution and then the get_iface_from_mac "$mac" call returns enX0).

[user@archlinux ~]$ cat /tmp/f.log 
1645387618.315981922 get_qubes_managed_iface : mac from qubesdb is 00:16:3e:5e:6c:00
1645387618.320509340 get_qubes_managed_iface : xen-netfront not yet loaded
1645387618.449997513 get_qubes_managed_iface : /sys/class/net interfaces
eth0
lo
1645387618.455074001 get_qubes_managed_iface : ip link interfaces
lo               UNKNOWN        00:00:00:00:00:00 <LOOPBACK,UP,LOWER_UP> 
eth0             DOWN           00:16:3e:5e:6c:00 <BROADCAST,MULTICAST> 
1645387618.461736960 get_qubes_managed_iface : ip addr interfaces
lo               UNKNOWN        127.0.0.1/8 
1645387618.482918277 get_qubes_managed_iface : iface name from qubes_iface (enX0)
1645387618.483763974 get_qubes_managed_iface : exit
[user@archlinux ~]$ ip -o -br link
lo               UNKNOWN        00:00:00:00:00:00 <LOOPBACK,UP,LOWER_UP> 
enX0             UP             00:16:3e:5e:6c:00 <BROADCAST,MULTICAST,UP,LOWER_UP> 

Case 2 : the xen module loaded but the net interface not yet renamed to enX0

[user@archlinux ~]$ cat /tmp/f.log 
1645385926.681297516 get_qubes_managed_iface : mac from qubesdb is 00:16:3e:5e:6c:00
1645385926.682008532 get_qubes_managed_iface : is xen_netfront loaded ? 
/sys/module/xen
/sys/module/xen_blkback
/sys/module/xen_blkfront
/sys/module/xen_evtchn
/sys/module/xen_gntalloc
/sys/module/xen_gntdev
/sys/module/xen_netback
/sys/module/xen_netfront
/sys/module/xen_privcmd
1645385926.685603257 get_qubes_managed_iface : xen-netfront already loaded
1645385926.686475330 get_qubes_managed_iface : /sys/class/net interfaces
eth0
lo
1645385926.687822214 get_qubes_managed_iface : ip link interfaces
lo               UNKNOWN        00:00:00:00:00:00 <LOOPBACK,UP,LOWER_UP> 
eth0             DOWN           00:16:3e:5e:6c:00 <BROADCAST,MULTICAST> 
1645385926.694583658 get_qubes_managed_iface : ip addr interfaces
lo               UNKNOWN        127.0.0.1/8 
1645385926.704310439 get_qubes_managed_iface : iface name from qubes_iface (eth0)
1645385926.705013552 get_qubes_managed_iface : exit
[user@archlinux ~]$ ip -4 -br a
lo               UNKNOWN        127.0.0.1/8 
[user@archlinux ~]$ ip -o -br link
lo               UNKNOWN        00:00:00:00:00:00 <LOOPBACK,UP,LOWER_UP> 
enX0             DOWN           00:16:3e:5e:6c:00 <BROADCAST,MULTICAST> 

Case 3 : the xen module loaded and the net interface already renamed to enX0

[user@archlinux ~]$ cat /tmp/f.log 
1645385355.639552037 get_qubes_managed_iface : mac from qubesdb is 00:16:3e:5e:6c:00
1645385355.640946795 get_qubes_managed_iface : is xen_netfront loaded ? 
/sys/module/xen
/sys/module/xen_blkback
/sys/module/xen_blkfront
/sys/module/xen_evtchn
/sys/module/xen_gntalloc
/sys/module/xen_gntdev
/sys/module/xen_netback
/sys/module/xen_netfront
/sys/module/xen_privcmd
1645385355.644501409 get_qubes_managed_iface : xen-netfront already loaded
1645385355.645201853 get_qubes_managed_iface : /sys/class/net interfaces
enX0
lo
1645385355.648430723 get_qubes_managed_iface : ip link interfaces
lo               UNKNOWN        00:00:00:00:00:00 <LOOPBACK,UP,LOWER_UP> 
enX0             DOWN           00:16:3e:5e:6c:00 <BROADCAST,MULTICAST> 
1645385355.659123581 get_qubes_managed_iface : ip addr interfaces
lo               UNKNOWN        127.0.0.1/8 
1645385355.681057588 get_qubes_managed_iface : iface name from qubes_iface (enX0)
1645385355.682052975 get_qubes_managed_iface : exit

[user@archlinux ~]$ ip -4 -br a
lo               UNKNOWN        127.0.0.1/8 
enX0             UP             10.137.0.33/32 

Note: my traces slow the get_qubes_managed_iface() execution and so reduce the occurence of the problem.

So it's a race problem as @na-- said.

I see these ideas for solving the problem:

1. the get_qubes_managed_iface function wait the interface renaming
2. refuse the systemd choice and keep eth0
3. add an After= condition to qubes-network-uplink.service

Do you agree with this analysis? Do you see another ideas for solving the problem? Do you see how to implement theses ideas?

[DemiMarie]

3. add an After= condition to qubes-network-uplink.service

That is the only choice that makes sense, but what should it be After=?

[lubellier]

That is the only choice that makes sense, but what should it be After=?

I tested After= udev with the below systemd drop-in:

$ systemctl cat qubes-network-uplink.service 
# /usr/lib/systemd/system/qubes-network-uplink.service
...

# /etc/systemd/system/qubes-network-uplink.service.d/after-udev.conf
[Unit]
Requires=systemd-udevd.service
After=systemd-udevd.service

which didn't solve the issue. For After=, we need a unit for the net interface is now renamed with the predictable name but I can't find a such unit. I'm searching...

I continued to search in the systemd man pages and the qubes commit history.

I found the qubes-core-agent-linux dd8de79 commit which set the current uplink services and udev rules but also explains how it works (see: pulled in by udev based on vif device existence).

So a new idea:
4. update udev-qubes-network.rules file

I will test KERNEL=="enX*" for the last udev rule.

[ejose19]

The issue is that systemd-udevd does the change asynchronously, instead of a standalone unit, so I don't see anything we can hook to After=

Here are the systemd-udevd logs after toggling NetVM from none to sys-firewall (previously ran with # /usr/lib/systemd/systemd-udevd -D)

Failed to touch /run/udev/queue, ignoring: File exists
vif-0: Device is queued (SEQNUM=1671, ACTION=add)
Validate module index
Check if link configuration needs reloading.
vif-0: Device ready for processing (SEQNUM=1671, ACTION=add)
Successfully forked off 'n/a' as PID 685.
vif-0: Worker [685] is forked for processing SEQNUM=1671.
vif-0: Processing device (SEQNUM=1671, ACTION=add)
vif-0: /usr/lib/udev/rules.d/50-udev-default.rules:14 Importing properties from results of builtin command 'hwdb --subsystem=xen'
vif-0: hwdb modalias key: "xen:vif"
vif-0: No entry found from hwdb.
vif-0: /usr/lib/udev/rules.d/50-udev-default.rules:14 Failed to run builtin 'hwdb --subsystem=xen': No data available
vif-0: /usr/lib/udev/rules.d/80-drivers.rules:5 RUN 'kmod load '$env{MODALIAS}''
vif-0: Running built-in command "kmod load 'xen:vif'"
Loading module: xen:vif
Module 'xen_netfront' is already loaded
vif-0: Device processed (SEQNUM=1671, ACTION=add)
vif-0: sd-device-monitor: Passed 154 byte to netlink monitor
vif-0: Device is queued (SEQNUM=1672, ACTION=bind)
vif-0: Device ready for processing (SEQNUM=1672, ACTION=bind)
vif-0: sd-device-monitor: Passed 155 byte to netlink monitor
vif-0: Processing device (SEQNUM=1672, ACTION=bind)
vif-0: /usr/lib/udev/rules.d/50-udev-default.rules:14 Importing properties from results of builtin command 'hwdb --subsystem=xen'
vif-0: hwdb modalias key: "xen:vif"
vif-0: No entry found from hwdb.
vif-0: /usr/lib/udev/rules.d/50-udev-default.rules:14 Failed to run builtin 'hwdb --subsystem=xen': No data available
vif-0: Device processed (SEQNUM=1672, ACTION=bind)
vif-0: sd-device-monitor: Passed 155 byte to netlink monitor
eth0: Device is queued (SEQNUM=1673, ACTION=add)
eth0: Device ready for processing (SEQNUM=1673, ACTION=add)
eth0: sd-device-monitor: Passed 160 byte to netlink monitor
rx-0: Device is queued (SEQNUM=1674, ACTION=add)
rx-0: SEQNUM=1674 blocked by SEQNUM=1673
rx-1: Device is queued (SEQNUM=1675, ACTION=add)
rx-1: SEQNUM=1675 blocked by SEQNUM=1673
tx-0: Device is queued (SEQNUM=1676, ACTION=add)
tx-0: SEQNUM=1676 blocked by SEQNUM=1673
eth0: Processing device (SEQNUM=1673, ACTION=add)
eth0: /usr/lib/udev/rules.d/75-net-description.rules:6 Importing properties from results of builtin command 'net_id'
Using default interface naming scheme 'v250'.
eth0: MAC address identifier: hw_addr=xx:xx:xx:xx:xx:xx → xXXXXXXXXXXXX
eth0: /usr/lib/udev/rules.d/80-net-setup-link.rules:5 Importing properties from results of builtin command 'path_id'
eth0: /usr/lib/udev/rules.d/80-net-setup-link.rules:9 Importing properties from results of builtin command 'net_setup_link'
eth0: Failed to query name_assign_type: Invalid argument
eth0: Failed to get "name_assign_type" attribute, ignoring: Invalid argument
eth0: Device has addr_assign_type=0
eth0: Config file /usr/lib/systemd/network/99-default.link is applied
eth0: MAC address on the device already matches policy "persistent".
eth0: Policy *slot* yields "enX0".
eth0: /usr/lib/udev/rules.d/80-net-setup-link.rules:11 NAME 'enX0'
eth0: /usr/lib/udev/rules.d/99-systemd.rules:60 RUN '/usr/lib/systemd/systemd-sysctl --prefix=/net/ipv4/conf/$name --prefix=/net/ipv4/neigh/$name --prefix=/net/ipv6/conf/$name --prefix=/net/ipv6/neigh/$name'
eth0: sd-device: Created db file '/run/udev/data/n3' for '/devices/vif-0/net/eth0'
enX0: Device is queued (SEQNUM=1677, ACTION=move)
enX0: SEQNUM=1677 blocked by SEQNUM=1673
eth0: Network interface 3 is renamed from 'eth0' to 'enX0'
eth0: sd-device: Created db file '/run/udev/data/n3' for '/devices/vif-0/net/enX0'
eth0: Running command "/usr/lib/systemd/systemd-sysctl --prefix=/net/ipv4/conf/enX0 --prefix=/net/ipv4/neigh/enX0 --prefix=/net/ipv6/conf/enX0 --prefix=/net/ipv6/neigh/enX0"
eth0: Starting '/usr/lib/systemd/systemd-sysctl --prefix=/net/ipv4/conf/enX0 --prefix=/net/ipv4/neigh/enX0 --prefix=/net/ipv6/conf/enX0 --prefix=/net/ipv6/neigh/enX0'
Successfully forked off '(spawn)' as PID 686.
eth0: Process '/usr/lib/systemd/systemd-sysctl --prefix=/net/ipv4/conf/enX0 --prefix=/net/ipv4/neigh/enX0 --prefix=/net/ipv6/conf/enX0 --prefix=/net/ipv6/neigh/enX0' succeeded.
eth0: Device processed (SEQNUM=1673, ACTION=add)
eth0: sd-device-monitor: Passed 609 byte to netlink monitor
rx-0: Device ready for processing (SEQNUM=1674, ACTION=add)
rx-0: sd-device-monitor: Passed 150 byte to netlink monitor
rx-0: Processing device (SEQNUM=1674, ACTION=add)
rx-0: Device processed (SEQNUM=1674, ACTION=add)
rx-1: Device ready for processing (SEQNUM=1675, ACTION=add)
Successfully forked off 'n/a' as PID 688.
rx-1: Worker [688] is forked for processing SEQNUM=1675.
rx-0: sd-device-monitor: Passed 150 byte to netlink monitor
tx-0: Device ready for processing (SEQNUM=1676, ACTION=add)
Successfully forked off 'n/a' as PID 689.
tx-0: Worker [689] is forked for processing SEQNUM=1676.
enX0: Device ready for processing (SEQNUM=1677, ACTION=move)
Successfully forked off 'n/a' as PID 691.
enX0: Worker [691] is forked for processing SEQNUM=1677.
enX0: Processing device (SEQNUM=1677, ACTION=move)
enX0: /usr/lib/udev/rules.d/75-net-description.rules:6 Importing properties from results of builtin command 'net_id'
Using default interface naming scheme 'v250'.
enX0: MAC address identifier: hw_addr=xx:xx:xx:xx:xx:xx → xXXXXXXXXXXXX
enX0: /usr/lib/udev/rules.d/80-net-setup-link.rules:5 Importing properties from results of builtin command 'path_id'
enX0: /usr/lib/udev/rules.d/80-net-setup-link.rules:9 Importing properties from results of builtin command 'net_setup_link'
enX0: Device has name_assign_type=4
enX0: Device has addr_assign_type=0
enX0: Config file /usr/lib/systemd/network/99-default.link is applied
enX0: MAC address on the device already matches policy "persistent".
enX0: Skipping to apply Name= and NamePolicy= on 'move' uevent.
enX0: /usr/lib/udev/rules.d/80-net-setup-link.rules:11 NAME 'enX0'
enX0: sd-device: Created db file '/run/udev/data/n3' for '/devices/vif-0/net/enX0'
enX0: Device processed (SEQNUM=1677, ACTION=move)
rx-1: Processing device (SEQNUM=1675, ACTION=add)
tx-0: Processing device (SEQNUM=1676, ACTION=add)
tx-0: Device processed (SEQNUM=1676, ACTION=add)
rx-1: Device processed (SEQNUM=1675, ACTION=add)
enX0: sd-device-monitor: Passed 531 byte to netlink monitor
rx-1: sd-device-monitor: Passed 150 byte to netlink monitor
tx-0: sd-device-monitor: Passed 150 byte to netlink monitor
Cleanup idle workers
Unload module index
Unloaded link configuration context.
Worker [685] exited
Unload module index
Unloaded link configuration context.
Worker [691] exited
Unload module index
Unloaded link configuration context.
Worker [688] exited
Unload module index
Unloaded link configuration context.
Worker [689] exited

I also tried changing the udev rules to enX* to no avail, since the qubes service is running the subservice with the old eth0 interface.

Unless there's a benefit of using enX0 in a Qubes appvm, I'd say to simply disable the rename, options are:

• ln -s /dev/null /etc/systemd/network/99-default.link (preferred, can be done at template)
• kernel option net.ifnames=0 (would need to be done on each appvm)

[marmarek]

necessary for #7342 too

[qubesos-bot]

Automated announcement from builder-github

The package core-agent-linux has been pushed to the r4.1 testing repository for the CentOS centos-stream8 template.
To test this update, please install it with the following command:

sudo yum update --enablerepo=qubes-vm-r4.1-current-testing

Changes included in this update

[qubesos-bot]

Automated announcement from builder-github

The package core-agent-linux has been pushed to the r4.1 stable repository for the CentOS centos-stream8 template.
To install this update, please use the standard update command:

sudo yum update

Changes included in this update

[qubesos-bot]

Automated announcement from builder-github

The package qubes-core-agent_4.1.34-1+deb10u1 has been pushed to the r4.1 stable repository for the Debian template.
To install this update, please use the standard update command:

sudo apt-get update && sudo apt-get dist-upgrade

Changes included in this update

[ben-grande]

I've encountered this problem on Qubes R4.2, Standalone based on Debian 12 Minimal.

# dmesg | grep enX0
[    5.652265] xen_netfront: Initialising Xen virtual ethernet driver
[    6.035003] vif vif-0 enX0: renamed from eth0

# ip -o -br link
lo               UNKNOWN        00:00:00:00:00:00 <LOOPBACK,UP,LOWER_UP>
enX0             DOWN           00:16:3e:5e:6c:00 <BROADCAST,MULTICAST>

# systemd --version
systemd 252 (252.19-1~deb12u1)
+PAM +AUDIT +SELINUX +APPARMOR +IMA +SMACK +SECCOMP +GCRYPT -GNUTLS +OPENSSL +ACL +BLKID +CURL +ELFUTILS +FIDO2 +IDN2 -IDN +IPTC +KMOD +LIBCRYPTSETUP +LIBFDISK +PCRE2 -PWQUALITY +P11KIT +QRENCODE +TPM2 +BZIP2 +LZ4 +XZ +ZLIB +ZSTD -BPF_FRAMEWORK -XKBCOMMON +UTMP +SYSVINIT default-hierarchy=unified

# apt list --installed qubes-core-agent*
Listing... Done
qubes-core-agent/unknown,now 4.2.26-1+deb12u1 amd64 [installed,automatic]

Running as suggest above:

ln -s /dev/null /etc/systemd/network/99-default.link

Fixed the issue after restart.

Can this issue be reopened please?