MAC address spoofing under Red Hat Linux 9

Note: this is now largely a historical document. More modern distributions have better ways of doing this, and with the demise of the Fedora Legacy project in 2007, Red Hat 9 is now entirely unsupported.

I needed, in Red Hat 9, to spoof the MAC address of an ethernet card. This is easy to do:

ifconfig eth0 hw ether 01:02:03:04:05:06

But I wanted it to happen automatically every time the interface was brought up. I had some trouble working out the Right Way to hook this into RH9's configuration, and eventually came up with the following hack: a line at the start of /etc/sysconfig/network-scripts/ifcfg-eth0, thus:

DUMMY_GHGHGH=`if ! ip link | grep -q 'eth0:.*UP' ; then ifconfig eth0 hw ether 01:02:03:04:05:06 ; echo "$0: Pont's MAC munger activated." 1>&2; fi`
DEVICE=eth0
ONBOOT=yes
[... etc.]

This seems to work. (The interface has to be down to allow the address change, hence the ip link | grep ...). ifcfg-eth0 appears to be sourced at various points, but the only important thing is that it's sourced at least once by ifup.

Addendum: Red Hat appears to keep three copies of each ifcfg file, and I have not yet discovered how it chooses which one to execute. It's not always the same one. I dealt with it by hard linking them all to the same file (which appeared to be partially the case already).

$ locate ifcfg-eth0
/etc/sysconfig/network-scripts/ifcfg-eth0
/etc/sysconfig/networking/devices/ifcfg-eth0
/etc/sysconfig/networking/profiles/default/ifcfg-eth0

Baffling.

This is not ideal. I should tighten up that regular expression: I'm worried about false positives. eth0.*[<,]UP[,>] should be good, but don't have time to test it now. But attempting an ifconfig on an active interface probably isn't disastrous anyway.

Footnote, 2008: looking back at this, I have no idea why the "DUMMY_GHGHGH=" is necessary, unless RH9 actively enforces the VARIABLE=VALUE format of that file. I don't have a RH9 installation to test it on any more, so I'm going to leave it in.