diff options
author | Christian Breunig <christian@breunig.cc> | 2024-08-05 17:09:07 +0200 |
---|---|---|
committer | Christian Breunig <christian@breunig.cc> | 2024-08-23 08:06:24 +0200 |
commit | b393899709d00d42e6af391a6d3e3a2a29f67646 (patch) | |
tree | f0413a5b4b3a622778ce4d74cae131d466077af9 | |
parent | 6cfa688699a2460becc27175c14263985ebfdfd0 (diff) | |
download | vyos-1x-b393899709d00d42e6af391a6d3e3a2a29f67646.tar.gz vyos-1x-b393899709d00d42e6af391a6d3e3a2a29f67646.zip |
sysctl: T3204: restore sysctl setttings overwritten by tuned
(cherry picked from commit 8500e8658ff10f52739143fd7814cf60c9195f16)
-rw-r--r-- | data/config-mode-dependencies/vyos-1x.json | 10 | ||||
-rwxr-xr-x | smoketest/scripts/cli/test_system_option.py | 84 | ||||
-rwxr-xr-x | src/conf_mode/system_ip.py | 10 | ||||
-rwxr-xr-x | src/conf_mode/system_ipv6.py | 9 | ||||
-rwxr-xr-x | src/conf_mode/system_option.py | 15 |
5 files changed, 118 insertions, 10 deletions
diff --git a/data/config-mode-dependencies/vyos-1x.json b/data/config-mode-dependencies/vyos-1x.json index ca4ceb58f..9cfbffd96 100644 --- a/data/config-mode-dependencies/vyos-1x.json +++ b/data/config-mode-dependencies/vyos-1x.json @@ -60,8 +60,14 @@ "wireless": ["interfaces_wireless"], "wwan": ["interfaces_wwan"] }, + "system_ip": { + "sysctl": ["system_sysctl"] + }, + "system_ipv6": { + "sysctl": ["system_sysctl"] + }, "system_option": { - "ip": ["system_ip"], - "ipv6": ["system_ipv6"] + "ip_ipv6": ["system_ip", "system_ipv6"], + "sysctl": ["system_sysctl"] } } diff --git a/smoketest/scripts/cli/test_system_option.py b/smoketest/scripts/cli/test_system_option.py new file mode 100755 index 000000000..c6f48bfc6 --- /dev/null +++ b/smoketest/scripts/cli/test_system_option.py @@ -0,0 +1,84 @@ +#!/usr/bin/env python3 +# +# Copyright (C) 2024 VyOS maintainers and contributors +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 or later as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + +import os +import unittest +from base_vyostest_shim import VyOSUnitTestSHIM +from vyos.utils.file import read_file +from vyos.utils.process import is_systemd_service_active +from vyos.utils.system import sysctl_read + +base_path = ['system', 'option'] + +class TestSystemOption(VyOSUnitTestSHIM.TestCase): + def tearDown(self): + self.cli_delete(base_path) + self.cli_commit() + + def test_ctrl_alt_delete(self): + self.cli_set(base_path + ['ctrl-alt-delete', 'reboot']) + self.cli_commit() + + tmp = os.readlink('/lib/systemd/system/ctrl-alt-del.target') + self.assertEqual(tmp, '/lib/systemd/system/reboot.target') + + self.cli_set(base_path + ['ctrl-alt-delete', 'poweroff']) + self.cli_commit() + + tmp = os.readlink('/lib/systemd/system/ctrl-alt-del.target') + self.assertEqual(tmp, '/lib/systemd/system/poweroff.target') + + self.cli_delete(base_path + ['ctrl-alt-delete', 'poweroff']) + self.cli_commit() + self.assertFalse(os.path.exists('/lib/systemd/system/ctrl-alt-del.target')) + + def test_reboot_on_panic(self): + panic_file = '/proc/sys/kernel/panic' + + tmp = read_file(panic_file) + self.assertEqual(tmp, '0') + + self.cli_set(base_path + ['reboot-on-panic']) + self.cli_commit() + + tmp = read_file(panic_file) + self.assertEqual(tmp, '60') + + def test_performance(self): + tuned_service = 'tuned.service' + + self.assertFalse(is_systemd_service_active(tuned_service)) + + # T3204 sysctl options must not be overwritten by tuned + gc_thresh1 = '131072' + gc_thresh2 = '262000' + gc_thresh3 = '524000' + + self.cli_set(['system', 'sysctl', 'parameter', 'net.ipv4.neigh.default.gc_thresh1', 'value', gc_thresh1]) + self.cli_set(['system', 'sysctl', 'parameter', 'net.ipv4.neigh.default.gc_thresh2', 'value', gc_thresh2]) + self.cli_set(['system', 'sysctl', 'parameter', 'net.ipv4.neigh.default.gc_thresh3', 'value', gc_thresh3]) + + self.cli_set(base_path + ['performance', 'throughput']) + self.cli_commit() + + self.assertTrue(is_systemd_service_active(tuned_service)) + + self.assertEqual(sysctl_read('net.ipv4.neigh.default.gc_thresh1'), gc_thresh1) + self.assertEqual(sysctl_read('net.ipv4.neigh.default.gc_thresh2'), gc_thresh2) + self.assertEqual(sysctl_read('net.ipv4.neigh.default.gc_thresh3'), gc_thresh3) + +if __name__ == '__main__': + unittest.main(verbosity=2, failfast=True) diff --git a/src/conf_mode/system_ip.py b/src/conf_mode/system_ip.py index 2a0bda91a..c8a91fd2f 100755 --- a/src/conf_mode/system_ip.py +++ b/src/conf_mode/system_ip.py @@ -24,7 +24,8 @@ from vyos.utils.dict import dict_search from vyos.utils.file import write_file from vyos.utils.process import is_systemd_service_active from vyos.utils.system import sysctl_write - +from vyos.configdep import set_dependents +from vyos.configdep import call_dependents from vyos import ConfigError from vyos import frr from vyos import airbag @@ -52,6 +53,11 @@ def get_config(config=None): get_first_key=True)}} # Merge policy dict into "regular" config dict opt = dict_merge(tmp, opt) + + # If IPv4 ARP table size is set here and also manually in sysctl, the more + # fine grained value from sysctl must win + set_dependents('sysctl', conf) + return opt def verify(opt): @@ -127,6 +133,8 @@ def apply(opt): frr_cfg.add_before(frr.default_add_before, opt['frr_zebra_config']) frr_cfg.commit_configuration(zebra_daemon) + call_dependents() + if __name__ == '__main__': try: c = get_config() diff --git a/src/conf_mode/system_ipv6.py b/src/conf_mode/system_ipv6.py index 00d440e35..a2442d009 100755 --- a/src/conf_mode/system_ipv6.py +++ b/src/conf_mode/system_ipv6.py @@ -25,6 +25,8 @@ from vyos.utils.dict import dict_search from vyos.utils.file import write_file from vyos.utils.process import is_systemd_service_active from vyos.utils.system import sysctl_write +from vyos.configdep import set_dependents +from vyos.configdep import call_dependents from vyos import ConfigError from vyos import frr from vyos import airbag @@ -52,6 +54,11 @@ def get_config(config=None): get_first_key=True)}} # Merge policy dict into "regular" config dict opt = dict_merge(tmp, opt) + + # If IPv6 neighbor table size is set here and also manually in sysctl, the more + # fine grained value from sysctl must win + set_dependents('sysctl', conf) + return opt def verify(opt): @@ -110,6 +117,8 @@ def apply(opt): frr_cfg.add_before(frr.default_add_before, opt['frr_zebra_config']) frr_cfg.commit_configuration(zebra_daemon) + call_dependents() + if __name__ == '__main__': try: c = get_config() diff --git a/src/conf_mode/system_option.py b/src/conf_mode/system_option.py index 9fd7a3195..d1647e3a1 100755 --- a/src/conf_mode/system_option.py +++ b/src/conf_mode/system_option.py @@ -31,7 +31,8 @@ from vyos.utils.process import cmd from vyos.utils.process import is_systemd_service_running from vyos.utils.network import is_addr_assigned from vyos.utils.network import is_intf_addr_assigned -from vyos.configdep import set_dependents, call_dependents +from vyos.configdep import set_dependents +from vyos.configdep import call_dependents from vyos import ConfigError from vyos import airbag airbag.enable() @@ -57,10 +58,9 @@ def get_config(config=None): with_recursive_defaults=True) if 'performance' in options: - # Update IPv4 and IPv6 options after TuneD reapplies - # sysctl from config files - for protocol in ['ip', 'ipv6']: - set_dependents(protocol, conf) + # Update IPv4/IPv6 and sysctl options after tuned applied it's settings + set_dependents('ip_ipv6', conf) + set_dependents('sysctl', conf) return options @@ -111,10 +111,11 @@ def generate(options): def apply(options): # System bootup beep + beep_service = 'vyos-beep.service' if 'startup_beep' in options: - cmd('systemctl enable vyos-beep.service') + cmd(f'systemctl enable {beep_service}') else: - cmd('systemctl disable vyos-beep.service') + cmd(f'systemctl disable {beep_service}') # Ctrl-Alt-Delete action if os.path.exists(systemd_action_file): |