From 84017b4290d48a825df4d4f7937744196d083343 Mon Sep 17 00:00:00 2001
From: Fabiano Mercer <fabiano.correamercer@windriver.com>
Date: Fri, 29 Jul 2022 15:54:41 -0300
Subject: [PATCH] Ignore --all/lo* for ifupdown/nslcd scripts

It was detected the networking.service is marked as failing after reboot.
It happpens because "ifup -a" is executed by the service.
It starts to run the scripts in /etc/network/interfaces.d/.
But several scripts in ifupdown-extra are not prepared to handle "-all".

In the case of nss-pam-ldapd the script /etc/network/if-up.d/nslcd
is failing when there are loopback interfaces with label (lo:X) as the
script only tests the interface "lo".

Test Plan (Debian only - AIO-SX and AIO-DX)):
PASS  Check systemctl status networking.service after unlock

Closes-Bug: #1983503

Change-Id: I1fd9e2ea75233d987d6f1f2aa5a3395ab2885e2b
Signed-off-by: Fabiano Mercer <fabiano.correamercer@windriver.com>
---
 debian_pkg_dirs                               |  1 +
 ...gnore-lo-interfaces-for-nslcd-script.patch | 25 +++++++
 ldap/nss-pam-ldapd/debian/deb_patches/series  |  2 +
 ldap/nss-pam-ldapd/debian/meta_data.yaml      | 10 +++
 ...gnore-IFACE-all-for-ifupdown-scripts.patch | 73 +++++++++++++++++++
 .../ifupdown-extra/debian/deb_patches/series  |  1 +
 6 files changed, 112 insertions(+)
 create mode 100644 ldap/nss-pam-ldapd/debian/deb_patches/0001-Ignore-lo-interfaces-for-nslcd-script.patch
 create mode 100644 ldap/nss-pam-ldapd/debian/deb_patches/series
 create mode 100644 ldap/nss-pam-ldapd/debian/meta_data.yaml
 create mode 100644 networking/ifupdown-extra/debian/deb_patches/0003-ignore-IFACE-all-for-ifupdown-scripts.patch

diff --git a/debian_pkg_dirs b/debian_pkg_dirs
index 449fb94de..bccb34bb4 100644
--- a/debian_pkg_dirs
+++ b/debian_pkg_dirs
@@ -65,6 +65,7 @@ kubernetes/kubernetes-unversioned
 kubernetes/plugins/isolcpus-device-plugin
 kubernetes/runc
 ldap/ldapscripts
+ldap/nss-pam-ldapd
 ldap/openldap
 livepatch/kpatch
 networking/ifupdown-extra
diff --git a/ldap/nss-pam-ldapd/debian/deb_patches/0001-Ignore-lo-interfaces-for-nslcd-script.patch b/ldap/nss-pam-ldapd/debian/deb_patches/0001-Ignore-lo-interfaces-for-nslcd-script.patch
new file mode 100644
index 000000000..d97499ddd
--- /dev/null
+++ b/ldap/nss-pam-ldapd/debian/deb_patches/0001-Ignore-lo-interfaces-for-nslcd-script.patch
@@ -0,0 +1,25 @@
+From 8c348fc679099f928002d185aaabe0b2d5142cc3 Mon Sep 17 00:00:00 2001
+From: Fabiano Mercer <fabiano.correamercer@windriver.com>
+Date: Wed, 3 Aug 2022 14:53:38 -0300
+Subject: [PATCH] Ignore lo interfaces for nslcd script
+
+---
+ debian/nslcd.if-up | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/debian/nslcd.if-up b/debian/nslcd.if-up
+index 11befba..fb9aaff 100644
+--- a/debian/nslcd.if-up
++++ b/debian/nslcd.if-up
+@@ -27,7 +27,7 @@ NSLCD_STATEDIR=/var/run/nslcd
+ NSLCD_PIDFILE=$NSLCD_STATEDIR/nslcd.pid
+ 
+ # ignore lo interface
+-[ "$IFACE" = "lo" ] && exit 0
++[[ "$IFACE" = lo* ]] && exit 0
+ 
+ # only do things when starting the interface
+ [ "$MODE" != "start" ] && exit 0
+-- 
+2.17.1
+
diff --git a/ldap/nss-pam-ldapd/debian/deb_patches/series b/ldap/nss-pam-ldapd/debian/deb_patches/series
new file mode 100644
index 000000000..f5c7d7f2a
--- /dev/null
+++ b/ldap/nss-pam-ldapd/debian/deb_patches/series
@@ -0,0 +1,2 @@
+0001-Ignore-lo-interfaces-for-nslcd-script.patch
+
diff --git a/ldap/nss-pam-ldapd/debian/meta_data.yaml b/ldap/nss-pam-ldapd/debian/meta_data.yaml
new file mode 100644
index 000000000..5f88e1d9e
--- /dev/null
+++ b/ldap/nss-pam-ldapd/debian/meta_data.yaml
@@ -0,0 +1,10 @@
+---
+debver: 0.9.11-1
+dl_path:
+  name: nss-pam-ldapd-0.9.11-1.tar.gz
+  url: https://salsa.debian.org/debian/nss-pam-ldapd/-/archive/debian/0.9.11-1/nss-pam-ldapd-debian-0.9.11-1.tar.gz
+  md5sum: ca281003d23e3258dcd56e7be3ecb7f2
+  sha256sum: 4f90fc01666524d8607381ed8eef2fb7444a8298cfe76ae9c5009a9e7743be6e
+revision:
+  dist: $STX_DIST
+  PKG_GITREVCOUNT:
diff --git a/networking/ifupdown-extra/debian/deb_patches/0003-ignore-IFACE-all-for-ifupdown-scripts.patch b/networking/ifupdown-extra/debian/deb_patches/0003-ignore-IFACE-all-for-ifupdown-scripts.patch
new file mode 100644
index 000000000..a60aed767
--- /dev/null
+++ b/networking/ifupdown-extra/debian/deb_patches/0003-ignore-IFACE-all-for-ifupdown-scripts.patch
@@ -0,0 +1,73 @@
+From fa4c461a16fc5305dd52558f919b3c7a63257972 Mon Sep 17 00:00:00 2001
+From: Fabiano Mercer <fabiano.correamercer@windriver.com>
+Date: Fri, 29 Jul 2022 11:07:02 -0300
+Subject: [PATCH] ignore IFACE "--all" for ifupdown scripts
+
+---
+ if-up-scripts/check-duplicate-ip  | 3 ++-
+ if-up-scripts/check-duplicate-ip6 | 3 ++-
+ if-up-scripts/check-gateway       | 3 +++
+ if-up-scripts/check-network-cable | 3 +++
+ 4 files changed, 10 insertions(+), 2 deletions(-)
+
+diff --git a/if-up-scripts/check-duplicate-ip b/if-up-scripts/check-duplicate-ip
+index a07668d..347639d 100755
+--- a/if-up-scripts/check-duplicate-ip
++++ b/if-up-scripts/check-duplicate-ip
+@@ -105,8 +105,9 @@ fi
+ 
+ # If the interface is a serial (sl), WAN interfaces (ww) or localhost (lo) then skip the test
+ # as it does not make sense in these
++# this script only handles one interface per run so ignore "--all" as well
+ case $IFACE in
+-        sl* | ww* | lo*) exit 0 ;;
++        sl* | ww* | lo* | "--all") exit 0 ;;
+         *) ;;
+ esac
+ 
+diff --git a/if-up-scripts/check-duplicate-ip6 b/if-up-scripts/check-duplicate-ip6
+index f48cdd3..b9ff87a 100755
+--- a/if-up-scripts/check-duplicate-ip6
++++ b/if-up-scripts/check-duplicate-ip6
+@@ -107,8 +107,9 @@ fi
+ 
+ # If the interface is a serial (sl), WAN interfaces (ww) or localhost (lo) then skip the test
+ # as it does not make sense in these
++# this script only handles one interface per run so ignore "--all" as well
+ case $IFACE in
+-        sl* | ww* | lo*) exit 0 ;;
++        sl* | ww* | lo* | "--all") exit 0 ;;
+         *) ;;
+ esac
+ 
+diff --git a/if-up-scripts/check-gateway b/if-up-scripts/check-gateway
+index b3fdeb6..97c93b1 100755
+--- a/if-up-scripts/check-gateway
++++ b/if-up-scripts/check-gateway
+@@ -55,6 +55,9 @@ VERBOSITY=${VERBOSITY:-0}
+ # Break out if we don't have an interface to work with
+ [ -z "$IFACE" ] && exit 0
+ 
++# Ignore "--all"
++[ "$IFACE" = "--all" ] && exit 0
++
+ if [ "$DO_SYSLOG" = "yes" ] ; then
+ 	OUTPUT="logger -i -p daemon.err -s"
+ else
+diff --git a/if-up-scripts/check-network-cable b/if-up-scripts/check-network-cable
+index 94279eb..f8e9044 100755
+--- a/if-up-scripts/check-network-cable
++++ b/if-up-scripts/check-network-cable
+@@ -180,6 +180,9 @@ case $IFACE in
+ 	bond*)
+ 		check_bond_status || [ "$ABORT_NO_LINK" != "yes" ] || exit 1
+ 		;;
++	"--all")
++		# this script only handles one interface per run
++		;;
+         lo*)    ;;
+ 	*)
+ 		check_status || [ "$ABORT_NO_LINK" != "yes" ] || exit 1
+-- 
+2.17.1
+
diff --git a/networking/ifupdown-extra/debian/deb_patches/series b/networking/ifupdown-extra/debian/deb_patches/series
index 4b195659f..0f8624545 100644
--- a/networking/ifupdown-extra/debian/deb_patches/series
+++ b/networking/ifupdown-extra/debian/deb_patches/series
@@ -1,2 +1,3 @@
 0001-Accept-netmask-or-prefix-length-on-etc-network-route.patch
 0002-Install-00check-network-cable-in-the-correct-spot.patch
+0003-ignore-IFACE-all-for-ifupdown-scripts.patch