Author xdegaye
Recipients barry, serhiy.storchaka, xdegaye
Date 2017-12-07.09:35:01
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1512639302.53.0.213398074469.issue32199@psf.upfronthosting.co.za>
In-reply-to
Content
On archlinux it is easy to know precisely what patches are applied to iproute2 and how it is built (see https://git.archlinux.org/svntogit/packages.git/tree/trunk?h=packages/iproute2).

The attached two files, archlinux-ip_link.strace and archlinux-ip_link_list.strace, contain the output of strace run on the commands 'ip link' and 'ip link list' on archlinux.
* For 'ip link', the sendto() syscall uses RTM_GETLINK to get information about a specific network interface.
* For 'ip link list', this sendto() syscall is preceded by another sendto() syscall using RTM_NEWLINK to *create* information about a specific network interface.

Conclusions:
1) Both commands are not equivalent, this seems to be a bug in iproute2 or its documentation (I did not read the whole iproute2 documentation).
2) By using RTM_NEWLINK, 'ip link list' requests a write-like operation that may be denied by SELinux if there is no policy that allows netlink_route_socket (nlmsg_write). I may be wrong but on Android API 26 it seems that only few processes get that permission: dhcp, clatd, logd, netd, rild, ...
3) From Python perspective it is more robust to call 'ip link' to handle platforms where SELinux is run in enforcing mode.

I will update the PR to do only that change: s/ip link list/ip link/
History
Date User Action Args
2017-12-07 09:35:02xdegayesetrecipients: + xdegaye, barry, serhiy.storchaka
2017-12-07 09:35:02xdegayesetmessageid: <1512639302.53.0.213398074469.issue32199@psf.upfronthosting.co.za>
2017-12-07 09:35:02xdegayelinkissue32199 messages
2017-12-07 09:35:02xdegayecreate