summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniil Baturin <daniil@vyos.io>2024-08-24 09:05:25 +0100
committerGitHub <noreply@github.com>2024-08-24 09:05:25 +0100
commit6f4bbbac4eaa16327b174e6231993000f33a121f (patch)
treeb79719c457578d020626258ab79d11591404b933
parent0e77effa7a752efd641751b541c5306a0e79b9e7 (diff)
parente7d1805e4a774b97c176d3cc1184e1645580589e (diff)
downloadvyos-1x-6f4bbbac4eaa16327b174e6231993000f33a121f.tar.gz
vyos-1x-6f4bbbac4eaa16327b174e6231993000f33a121f.zip
Merge pull request #4005 from vyos/mergify/bp/circinus/pr-4000
T6672: Fix system option ssh-client source-interface (backport #4000)
-rwxr-xr-xsmoketest/scripts/cli/test_system_option.py99
-rwxr-xr-xsrc/conf_mode/system_option.py2
2 files changed, 101 insertions, 0 deletions
diff --git a/smoketest/scripts/cli/test_system_option.py b/smoketest/scripts/cli/test_system_option.py
new file mode 100755
index 000000000..ffb1d76ae
--- /dev/null
+++ b/smoketest/scripts/cli/test_system_option.py
@@ -0,0 +1,99 @@
+#!/usr/bin/env python3
+#
+# Copyright (C) 2024 VyOS maintainers and contributors
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 or later as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+import os
+import unittest
+from base_vyostest_shim import VyOSUnitTestSHIM
+from vyos.utils.file import read_file
+from vyos.utils.process import is_systemd_service_active
+from vyos.utils.system import sysctl_read
+
+base_path = ['system', 'option']
+
+class TestSystemOption(VyOSUnitTestSHIM.TestCase):
+ def tearDown(self):
+ self.cli_delete(base_path)
+ self.cli_commit()
+
+ def test_ctrl_alt_delete(self):
+ self.cli_set(base_path + ['ctrl-alt-delete', 'reboot'])
+ self.cli_commit()
+
+ tmp = os.readlink('/lib/systemd/system/ctrl-alt-del.target')
+ self.assertEqual(tmp, '/lib/systemd/system/reboot.target')
+
+ self.cli_set(base_path + ['ctrl-alt-delete', 'poweroff'])
+ self.cli_commit()
+
+ tmp = os.readlink('/lib/systemd/system/ctrl-alt-del.target')
+ self.assertEqual(tmp, '/lib/systemd/system/poweroff.target')
+
+ self.cli_delete(base_path + ['ctrl-alt-delete', 'poweroff'])
+ self.cli_commit()
+ self.assertFalse(os.path.exists('/lib/systemd/system/ctrl-alt-del.target'))
+
+ def test_reboot_on_panic(self):
+ panic_file = '/proc/sys/kernel/panic'
+
+ tmp = read_file(panic_file)
+ self.assertEqual(tmp, '0')
+
+ self.cli_set(base_path + ['reboot-on-panic'])
+ self.cli_commit()
+
+ tmp = read_file(panic_file)
+ self.assertEqual(tmp, '60')
+
+ def test_performance(self):
+ tuned_service = 'tuned.service'
+
+ self.assertFalse(is_systemd_service_active(tuned_service))
+
+ # T3204 sysctl options must not be overwritten by tuned
+ gc_thresh1 = '131072'
+ gc_thresh2 = '262000'
+ gc_thresh3 = '524000'
+
+ self.cli_set(['system', 'sysctl', 'parameter', 'net.ipv4.neigh.default.gc_thresh1', 'value', gc_thresh1])
+ self.cli_set(['system', 'sysctl', 'parameter', 'net.ipv4.neigh.default.gc_thresh2', 'value', gc_thresh2])
+ self.cli_set(['system', 'sysctl', 'parameter', 'net.ipv4.neigh.default.gc_thresh3', 'value', gc_thresh3])
+
+ self.cli_set(base_path + ['performance', 'throughput'])
+ self.cli_commit()
+
+ self.assertTrue(is_systemd_service_active(tuned_service))
+
+ self.assertEqual(sysctl_read('net.ipv4.neigh.default.gc_thresh1'), gc_thresh1)
+ self.assertEqual(sysctl_read('net.ipv4.neigh.default.gc_thresh2'), gc_thresh2)
+ self.assertEqual(sysctl_read('net.ipv4.neigh.default.gc_thresh3'), gc_thresh3)
+
+ def test_ssh_client_options(self):
+ loopback = 'lo'
+ ssh_client_opt_file = '/etc/ssh/ssh_config.d/91-vyos-ssh-client-options.conf'
+
+ self.cli_set(['system', 'option', 'ssh-client', 'source-interface', loopback])
+ self.cli_commit()
+
+ tmp = read_file(ssh_client_opt_file)
+ self.assertEqual(tmp, f'BindInterface {loopback}')
+
+ self.cli_delete(['system', 'option'])
+ self.cli_commit()
+ self.assertFalse(os.path.exists(ssh_client_opt_file))
+
+
+if __name__ == '__main__':
+ unittest.main(verbosity=2, failfast=True)
diff --git a/src/conf_mode/system_option.py b/src/conf_mode/system_option.py
index 6eb47e552..5b593335e 100755
--- a/src/conf_mode/system_option.py
+++ b/src/conf_mode/system_option.py
@@ -85,6 +85,8 @@ def verify(options):
raise ConfigError('No interface with address "{address}" configured!')
if 'source_interface' in config:
+ # verify_source_interface reuires key 'ifname'
+ config['ifname'] = config['source_interface']
verify_source_interface(config)
if 'source_address' in config:
address = config['source_address']