ipv6: T1915: remove 'system ipv6 blacklist'

2 files changed, 41 insertions, 15 deletions

diff --git a/src/conf_mode/system-ipv6.py b/src/conf_mode/system-ipv6.py
index cfbbf80ee..bd28ec357 100755
--- a/src/conf_mode/system-ipv6.py
+++ b/src/conf_mode/system-ipv6.py
@@ -22,11 +22,9 @@ from copy import deepcopy
 from vyos.config import Config
 from vyos import ConfigError
 
-ipv6_blacklist_file = '/etc/modprobe.d/vyos_blacklist_ipv6.conf'
 ipv6_disable_file = '/etc/modprobe.d/vyos_disable_ipv6.conf'
 
 default_config_data = {
-    'blacklist': False,
     'reboot_message': False,
     'ipv6_forward': '1',
     'disable_addr_assignment': False,
@@ -44,10 +42,6 @@ def get_config():
     conf = Config()
     conf.set_level('system ipv6')
     if conf.exists(''):
-        ip_opt['blacklist'] = conf.exists('blacklist')
-        if conf.exists_effective('blacklist') != conf.exists('blacklist'):
-            ip_opt['reboot_message'] = True
-
         ip_opt['disable_addr_assignment'] = conf.exists('disable')
         if conf.exists_effective('disable') != conf.exists('disable'):
             ip_opt['reboot_message'] = True
@@ -73,14 +67,6 @@ def generate(ip_opt):
     pass
 
 def apply(ip_opt):
-    # disable IPv6 kernel module
-    if ip_opt['blacklist']:
-        with open(ipv6_blacklist_file, 'w') as f:
-            f.write('blacklist ipv6')
-    else:
-        if os.path.exists(ipv6_blacklist_file):
-            os.unlink(ipv6_blacklist_file)
-
     # disable IPv6 address assignment
     if ip_opt['disable_addr_assignment']:
         with open(ipv6_disable_file, 'w') as f:
@@ -90,7 +76,7 @@ def apply(ip_opt):
             os.unlink(ipv6_disable_file)
 
     if ip_opt['reboot_message']:
-        print('Changing IPv6 blacklist/disable parameter will only take affect\n' \
+        print('Changing IPv6 disable parameter will only take affect\n' \
               'when the system is rebooted.')
 
     # configure multipath
diff --git a/src/migration-scripts/system/13-to-14 b/src/migration-scripts/system/13-to-14
new file mode 100755
index 000000000..c055dad1f
--- /dev/null
+++ b/src/migration-scripts/system/13-to-14
@@ -0,0 +1,40 @@
+#!/usr/bin/env python3
+#
+# Delete 'system ipv6 blacklist' option as the IPv6 module can no longer be
+# blacklisted as it is required by e.g. WireGuard and thus will always be
+# loaded.
+
+import os
+import sys
+
+ipv6_blacklist_file = '/etc/modprobe.d/vyatta_blacklist_ipv6.conf'
+
+from vyos.configtree import ConfigTree
+
+if (len(sys.argv) < 1):
+    print("Must specify file name!")
+    sys.exit(1)
+
+file_name = sys.argv[1]
+
+with open(file_name, 'r') as f:
+    config_file = f.read()
+
+config = ConfigTree(config_file)
+ip_base = ['system', 'ipv6']
+if not config.exists(ip_base):
+    # Nothing to do
+    sys.exit(0)
+else:
+    # delete 'system ipv6 blacklist' node
+    if config.exists(ip_base + ['blacklist']):
+        config.delete(ip_base + ['blacklist'])
+        if os.path.isfile(ipv6_blacklist_file):
+            os.unlink(ipv6_blacklist_file)
+
+    try:
+        with open(file_name, 'w') as f:
+            f.write(config.to_string())
+    except OSError as e:
+        print("Failed to save the modified config: {}".format(e))
+        sys.exit(1)