pyroute2 icon indicating copy to clipboard operation
pyroute2 copied to clipboard

Published 20 hours ago verified publisher icon svinota

setup CAN interfaces

Open daytona675 opened this issue 2 years ago • 6 comments

Hi svinota, I 've some issues concerning CAN interfaces. With IPRoute module, i try to create CAN interfaces and it's not possible: in my linux, when you plug your CAN device, it was created by the system. You just need set the interface and not create it. So when you try to create the CAN interface, you have the message "File exist" and it's normal. My issue is focus on set the interfaces. I've got this scenario: If I plug my Can device on USB and do nothing, I can't set "Status" to "UP" idem for flags parameter: flags=128 is running well (this is down status of the interface) flags=193 doesn't modify the interface and set it to UP status.

BUT

in a bash shell, if I setup my CAN interface with: ip link set can1 up type can bitrate 500000

After this command, all modifications under all items like flags, status , ... is running well and is effective.

Perhaps, i mess something or I don't follow the right process.

I've trying to do the same things with the same scenario with NDB module and I 've the same thing. For information: i use the 0.7.2 version of PyRoute2

B.R

daytona675 avatar Sep 12 '22 12:09 daytona675

Investigating, thanks for the report. Probably I'll need some logs from your side, but I'll go a bit deeper in the case tonight.

svinota avatar Sep 12 '22 13:09 svinota

Just adding some information to help you : in /etc/modules I've load this kernel modules: ucan can_bcm can_raw can_gw can can_dev B.R

daytona675 avatar Sep 12 '22 13:09 daytona675

@daytona675 looks like I can not reproduce it on vcan.

Could you please tell me, what exactly you get when you run:

ipr = IPRoute()
can, = ipr.link('dump', ifname='can1')  # NB: comma is because dump returns an iterable
ipr.link('set', index=can['index'], state='up')

svinota avatar Sep 13 '22 08:09 svinota

Hi svinota, I've plugged my can Device (PEAK) to my vm. I've open ipython3 and type the code you want to test. See below the result. We got the same error:

In [7]: ipr = IPRoute() ...: can, = ipr.link('dump', ifname='can1') # NB: comma is because dump returns an iterable ...: ipr.link('set', index=can['index'], state='up')

NetlinkError Traceback (most recent call last) in 1 ipr = IPRoute() 2 can, = ipr.link('dump', ifname='can1') # NB: comma is because dump returns an iterable ----> 3 ipr.link('set', index=can['index'], state='up')

~/.local/lib/python3.10/site-packages/pyroute2/iproute/linux.py in link(self, command, **kwarg) 1617 msg['attrs'].append([nla, value]) 1618 -> 1619 ret = self.nlm_request(msg, msg_type=msg_type, msg_flags=msg_flags) 1620 1621 if command == 'dump' and dump_filter is not None:

~/.local/lib/python3.10/site-packages/pyroute2/netlink/nlsocket.py in nlm_request(*argv, **kwarg) 820 821 def nlm_request(*argv, **kwarg): --> 822 return tuple(self._genlm_request(*argv, **kwarg)) 823 824 def get(*argv, **kwarg):

~/.local/lib/python3.10/site-packages/pyroute2/netlink/nlsocket.py in nlm_request(self, msg, msg_type, msg_flags, terminate, callback, parser) 1127 yield data 1128 else: -> 1129 for msg in self.get( 1130 msg_seq=msg_seq, 1131 terminate=terminate,

~/.local/lib/python3.10/site-packages/pyroute2/netlink/nlsocket.py in get(*argv, **kwarg) 823 824 def get(*argv, **kwarg): --> 825 return tuple(self._genlm_get(*argv, **kwarg)) 826 827 self._genlm_request = self.nlm_request

~/.local/lib/python3.10/site-packages/pyroute2/netlink/nlsocket.py in get(self, bufsize, msg_seq, terminate, callback, noraise) 487 del self.backlog[msg_seq] 488 # The loop is done --> 489 raise msg['header']['error'] 490 491 # If it is the terminator message, say "enough"

NetlinkError: (1, 'Operation not permitted')

this is the same things if i replace status by flags=193 : the same error appear If I up the device with this bash command: ip link set can1 up type can bitrate 500000 I've got the same error: so even if I try with up the device manualy and execute your code it doesn't run anyway hum I think the bash command activate, setup, or whatever that we didn't see and this is the reason that run after. B.R

daytona675 avatar Sep 13 '22 08:09 daytona675

I've make an STRACE with my bash command ip link set .... some output could be interessant:

ifi_flags=IFF_UP, ifi_change=0x1}, => on our set parameter we never modify theses flags ... I investigate about link_can.so: why is not found

openat(AT_FDCWD, "/usr/lib/x86_64-linux-gnu/ip/link_can.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) sendmsg(3, {msg_name={sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, msg_namelen=12, msg_iov=[{iov_base={{len=84, type=RTM_NEWLINK, flags=NLM_F_REQUEST|NLM_F_ACK, seq=1663060379, pid=0}, {ifi_family=AF_UNSPEC, ifi_type=ARPHRD_NETROM, ifi_index=if_nametoindex("can1"), ifi_flags=IFF_UP, ifi_change=0x1}, {{nla_len=52, nla_type=IFLA_LINKINFO}, [{{nla_len=7, nla_type=IFLA_INFO_KIND}, "can"...}, {{nla_len=40, nla_type=IFLA_INFO_DATA}, "\x24\x00\x01\x00\x20\xa1\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"...}]}}, iov_len=84}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 84 recvmsg(3, {msg_name={sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, msg_namelen=12, msg_iov=[{iov_base=NULL, iov_len=0}], msg_iovlen=1, msg_controllen=0, msg_flags=MSG_TRUNC}, MSG_PEEK|MSG_TRUNC) = 36 recvmsg(3, {msg_name={sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, msg_namelen=12, msg_iov=[{iov_base={{len=36, type=NLMSG_ERROR, flags=NLM_F_CAPPED, seq=1663060379, pid=25617}, {error=0, msg={len=84, type=RTM_NEWLINK, flags=NLM_F_REQUEST|NLM_F_ACK, seq=1663060379, pid=0}}}, iov_len=32768}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 36 exit_group(0)

daytona675 avatar Sep 13 '22 09:09 daytona675

An other thing: if you execute the python code on single user you have the error, if you are root, you have error 22: invalid argument ;)

daytona675 avatar Sep 13 '22 09:09 daytona675

Hi svinota, i'm trying to investigate my issue and in debug logs i find this:

in ----> 1 ap.interfaces['can1'].set(state='up').commit()

/usr/local/lib/python3.10/dist-packages/pyroute2/ndb/auth_manager.py in guard(obj, *argv, **kwarg) 65 raise PermissionError('access rejected') 66 if all([x.check(obj, self.tag) for x in obj.auth_managers]): ---> 67 return f(obj, *argv, **kwarg) 68 raise PermissionError('access rejected') 69

Can you tell me how to manage authmanager for this king of error ?

daytona675 avatar Sep 27 '22 12:09 daytona675

How come, I wonder...

auth_manager is a module that allows to restrict operations based on external plugins (like keystone, radius etc.) if NDB is used for some kind of RPC. So you can see in the logs auth_manager.py:guard() calls -- for every operation, actually. But PermissionError() is raised only if auth_manager can not check the call against permissions, and most probably it's 'cause one of registered auth managers.

Auth managers are registered per-view for now, you can inspect them with ndb.{view}.auth_managers, e.g. ndb.interfaces.auth_managers. It is possible to create also proxies with ndb.auth_proxy(...) -- it will return an object with the same views (interfaces, addresses etc.) but with a custom auth_manager; so one NDB instance can be used in several auth schemes at the same time.

Is it possible that you run this call somehow via ndb.readonly()? Like, what do you see if you inspect ndb.interfaces.auth_managers[0]? and if it is of the type AuthManager, then what's in ndb.interfaces.auth_managers[0].auth?

svinota avatar Sep 28 '22 07:09 svinota

Sorry for the late, but I don't have ever time to check the issue. I'm trying to keep an eye asap. B.R

daytona675 avatar Nov 18 '22 15:11 daytona675