Re: How to tell NM to ignore some interfaces

[Daniel Miranda <danielkza2 gmail com>]

I've written some udev rules to attempt to exclude docker and libvirt 
interfaces, but I'm not having great success. The bridges, even if 
marked with the NM_UNMANAGED=1 udev attribute are still showing up as 
managed. Only one of the libvirt interfaces (not the bridge) is ignored 
as expected.

Right after killing docker and removing the docker0 interface:

$ systemctl start docker
$ udevadm info --path=/sys/class/net/docker0
P: /devices/virtual/net/docker0
E: DEVPATH=/devices/virtual/net/docker0
E: DEVTYPE=bridge
E: ID_MM_CANDIDATE=1
E: ID_NET_DRIVER=bridge
E: ID_NET_LINK_FILE=/usr/lib/systemd/network/99-default.link
E: IFINDEX=9
E: INTERFACE=docker0
E: NM_UNMANAGED=1
E: SUBSYSTEM=net
E: SYSTEMD_ALIAS=/sys/subsystem/net/devices/docker0
E: TAGS=:systemd:
E: USEC_INITIALIZED=107064680189
$ nmcli dev status
DEVICE             TYPE      STATE         CONNECTION
docker0            bridge    connected     docker0
virbr0             bridge    connected     virbr0
eno1               ethernet  unavailable   --
lo                 loopback  unmanaged     --
virbr0-nic         tap       unmanaged     --

Those are the rules I created as 
/etc/udev/rules.d/85-nm-unmanaged-docker-libvirt.rules, based on the 
original ones in /usr/lib/udev/rules.d/85-nm-unmanaged.rules:


SUBSYSTEM!="net", GOTO="nm_unmanaged_end"
ACTION!="add|change", GOTO="nm_unmanaged_end"

# Determine ID_NET_DRIVER if there's no ID_NET_DRIVER or DRIVERS (old udev?)
ENV{ID_NET_DRIVER}=="?*", GOTO="nm_unmanaged_driver"
DRIVERS=="?*", GOTO="nm_unmanaged_driver"
PROGRAM="/bin/sh -c '/usr/sbin/ethtool -i $1 | /bin/sed -n s/^driver:\ 
//p' -- $env{INTERFACE}", RESULT=="?*", ENV{ID_NET_DRIVER}="%c"
LABEL="nm_unmanaged_driver"

ENV{INTERFACE}=="docker*", ENV{NM_UNMANAGED}="1"

ENV{INTERFACE}=="virbr*", ENV{NM_UNMANAGED}="1"

LABEL="nm_unmanaged_end"


Is it a bug in NM, where it manages bridges regardless of the exclusion 
attribute?

Regards,
Daniel