0

I'm running my own flavor of Debian (trixie, 6.1.0-9-amd64). I had set up a custom systemd service to establish a network namespace and route VPN traffic through it (which has worked flawlessly for over a year). After the latest system updates, creating the network namespace fails with the following:

A dependency job for [email protected] failed. See 'journalctl -x e' for details.

Below are the relevant (I hope) lines from journalctl:

Sep 29 23:23:50 [redacted] systemd[1]: /lib/systemd/system/[email protected]:10: Failed to resolve unit specifiers in 'netns@%I.service', ignoring: Invalid slot

Sep 29 23:23:54 [redacted] systemd[1]: Starting [email protected] - Named network namespace ovpn...
Sep 29 23:23:54 [redacted] env[xxxx]: umount: /var/run/netns/ovpn: not mounted.
Sep 29 23:23:54 [redacted] systemd[1]: [email protected]: Main process exited, code=exited, status=32/n/a
░░ Subject: Unit process exited
░░ An ExecStart= process belonging to unit [email protected] has exited.
░░ 
░░ The process' exit code is 'exited' and its exit status is 32.

Sep 29 23:23:54 [redacted] systemd[1]: Dependency failed for [email protected] - NAT service for netns ovpn.
Sep 29 23:23:54 [redacted] systemd[1]: [email protected]: Job [email protected]/start failed with result 'dependency'.

The "Failed to resolve unit specifiers in..." error suggests to me that there's now a problem with the %I/%i in the namespace config files but I've tried escaping them to no avail. What else could causing these errors?

Edited to Add

I initiate the namespace using systemctl start [email protected], which I believe calls and executes the file '[email protected]':

[Unit]
Description=NAT service for netns %I
Documentation=https://github.com/Jamesits/systemd-named-netns

BindsTo=netns@%i.service
After=netns@%i.service
Before=network.target network-online.target
Conflicts=netns-bridge@%i.service

JoinsNamespaceOf=netns@%I.service

[Install]
WantedBy=network-online.target
WantedBy=multi-user.target

[Service]
Type=oneshot
RemainAfterExit=yes

ExecStart=/usr/bin/env netnsinit nat %I up outside
ExecStart=/usr/bin/env ip netns exec %I /usr/bin/env netnsinit nat %I up inside

ExecStop=/usr/bin/env ip netns exec %I /usr/bin/env netnsinit nat %I down inside
ExecStop=/usr/bin/env netnsinit nat %I down outside

The script netnsinit can be found at https://github.com/Jamesits/systemd-named-netns/blob/master/scripts/netnsinit

Improve this question
4
  • I think it would help if you added the custom systemd service to the question Commented Oct 4, 2023 at 2:37
  • @JaromandaX Edited to add requested information. Commented Oct 4, 2023 at 4:51
  • does this and the linked comment help? Commented Oct 4, 2023 at 5:59
  • @JaromandaX, that thread did resolve the 'mount' error I was getting, but the process then errored out later on a 'nexthop' error that I couldn't figure out. I still have no idea what was going on, but I reinstalled Debian and the namespaces setup from scratch and everything is working now shrug. Commented Oct 18, 2023 at 16:02

1 Answer 1

Reset to default
0

I don't know exactly what was going on above, but I suspect that something deeper was happening with my Debian setup (a few other programs began throwing mysterious segfaults). After reinstalling Debian from scratch and setting up the namespaces again everything is working fine.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.