From 6bd02b37db27d8e94fcaf877f846b80f56a35414 Mon Sep 17 00:00:00 2001 From: mjnowen Date: Mon, 30 Mar 2026 16:22:31 +0100 Subject: [PATCH] fix(lib): write drop-in configs to active network file directory When another network config generator (e.g. netplan, cloud-init) creates a .network file with a lower numerical prefix than the 70- prefix used by amazon-ec2-net-utils, systemd-networkd selects that file as the active config for the interface. Drop-in files written under 70-.network.d/ are then silently ignored because they belong to an inactive network file. This causes secondary IPv4 addresses (ec2net_alias.conf) and policy routing rules (ec2net_policy_*.conf) to never be applied, even though they are correctly fetched from IMDS and written to disk. Add _get_active_dropin_dir() which queries the systemd-networkd runtime state to discover the actual active NETWORK_FILE for an interface, then returns that file's drop-in directory. Falls back to the original 70-.network.d path when detection is unavailable (e.g. during early boot before networkd has initialised the interface). Use _get_active_dropin_dir() in create_ipv4_aliases() and create_rules() instead of the hardcoded 70- path. --- lib/lib.sh | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/lib/lib.sh b/lib/lib.sh index efc2ef3..cd26f72 100644 --- a/lib/lib.sh +++ b/lib/lib.sh @@ -230,13 +230,27 @@ _install_and_reload() { fi } +_get_active_dropin_dir() { + local iface=$1 + local default_dir="${unitdir}/70-${iface}.network.d" + local ifindex network_file + ifindex=$(cat "/sys/class/net/${iface}/ifindex" 2> /dev/null) || { echo "$default_dir"; return; } + network_file=$(sed -n 's/^NETWORK_FILE=//p' "/run/systemd/netif/links/${ifindex}" 2> /dev/null) || { echo "$default_dir"; return; } + if [ -n "$network_file" ]; then + echo "${network_file}.d" + else + echo "$default_dir" + fi +} + create_ipv4_aliases() { local iface=$1 local mac=$2 local addresses subnet_supports_ipv4 "$iface" || return 0 addresses=$(get_iface_imds $mac local-ipv4s | tail -n +2 | sort) - local drop_in_dir="${unitdir}/70-${iface}.network.d" + local drop_in_dir + drop_in_dir=$(_get_active_dropin_dir "$iface") mkdir -p "$drop_in_dir" local file="$drop_in_dir/ec2net_alias.conf" local work="${file}.new" @@ -295,7 +309,8 @@ create_rules() { local family=$4 local addrs prefixes local local_addr_key subnet_pd_key - local drop_in_dir="${unitdir}/70-${iface}.network.d" + local drop_in_dir + drop_in_dir=$(_get_active_dropin_dir "$iface") mkdir -p "$drop_in_dir" local -i ruleid=$((device_number+rule_base+100*network_card))