nixos/network-interfaces: assertion for too long interface names #30127
Conversation
| # See include/linux/if.h in the kernel sources | ||
| assertion = stringLength i.name < 16; | ||
| message = '' | ||
| The name of networking.interfaces."${i.name}" is too long, it needs to be less than 16 characters. |
There was a problem hiding this comment.
Why not adhere to the surrounding code and say just ${i.name} instead of adding "s?
There was a problem hiding this comment.
@4z3 The idea was to avoid misinterpretations when the interface name contains a dot.
e.g. the tinc nixos module names interfaces like tinc.${networkname}, which would result in the error message The name of networking.interfaces.tinc.examplenet is too long, it needs to be less than 16 characters. This would obscure that the limit is not broken by ${networkname}, but by tinc.${networkname} (and also look like tinc is a submodule of networking.interfaces).
But yes, this is now inconsistent with the surrounding code, forgot about this. What do you think?
There was a problem hiding this comment.
Valid point. Maybe the surroundings should be updated then, for consistency and also because they can produce misinterpretable error messages.
There was a problem hiding this comment.
Ok! Fix at #31476
Motivation for this change
I ran into a problem that was really hard to debug when using
services.tinc.networks."network-name"with a network name longer than 10 characters, because the resulting interface name oftinc.network-namewould exceed the maximum allowed length of interface names and get truncated, and everything breaks because all configuration still expects the full interface name.This PR makes this implicit failure explicit by adding an assertion to fail rebuild when names are too long, whatever their source or prefix is.
Fixes #15682 as well, which is a similar problem, but with the container service.
Things done
build-use-sandboxinnix.confon non-NixOS)nix-shell -p nox --run "nox-review wip"./result/bin/)