[Bug 771372] Re: procps runs too early in the boot process

[Vincent Bernat]

The proposed fix is quite disruptive. For example, if a sysctl is set in
/etc/network/interfaces (because it is network related), it will be
erased when procps will be updated. For example:

iface dmz.902 inet static
        [...]
        up sysctl -w net.ipv4.conf.all.rp_filter=0
        up sysctl -w net.ipv4.conf.dmz/902.rp_filter=0

This setup worked fine before update and has worked for many years
without surprise. It may seem odd to disable "all.rp_filter" in
/etc/network/interfaces but enable it in /etc/sysctl.conf but those
files are not managed by the same people. /etc/network/interfaces is
managed by network people (and we use it to set exceptions, not all
hosts have the need to circumvent reverse path filtering) while
/etc/sysctl* are managed by the system people. /etc/network/interfaces
is managed by hand for each host while /etc/sysctl* stuff is managed by
some centralized configuration daemon (like cfengine).

There are other failing scenario: network may trigger the start of some
routing daemon that will enable IP forwarding which will be disabled
again by procps job. This can be quite racy.

In short, it seems wrong to modify sysctl settings in the middle of the
boot. Other jobs/daemons may have altered the settings.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to procps in Ubuntu.
https://bugs.launchpad.net/bugs/771372

Title:
  procps runs too early in the boot process

Status in “procps” package in Ubuntu:
  Fix Released
Status in “procps” source package in Lucid:
  Fix Released
Status in “procps” source package in Maverick:
  Fix Committed
Status in “procps” source package in Natty:
  Fix Committed
Status in “procps” source package in Oneiric:
  Fix Committed
Status in “procps” source package in Precise:
  Fix Released

Bug description:
  Binary package hint: upstart

  The start on criteria is for procps.conf is:
  start on virtual-filesystems

  This runs before some kernel modules are loaded, and procps applies
  the settings before they "exist", this is most noticed with network
  and network-related jobs (nfs, bridge).

  This bug may be considered a duplicate of LP Bug #690433.  I am
  opening a new one anyway, however because I think it's worth
  considering a more robust solution that would work for any possible
  kernel module.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/procps/+bug/771372/+subscriptions