From 8500e8658ff10f52739143fd7814cf60c9195f16 Mon Sep 17 00:00:00 2001 From: Christian Breunig Date: Mon, 5 Aug 2024 17:09:07 +0200 Subject: [PATCH] sysctl: T3204: restore sysctl setttings overwritten by tuned --- data/config-mode-dependencies/vyos-1x.json | 10 ++- smoketest/scripts/cli/test_system_option.py | 84 +++++++++++++++++++++ src/conf_mode/system_ip.py | 10 ++- src/conf_mode/system_ipv6.py | 9 +++ src/conf_mode/system_option.py | 15 ++-- 5 files changed, 118 insertions(+), 10 deletions(-) create mode 100755 smoketest/scripts/cli/test_system_option.py diff --git a/data/config-mode-dependencies/vyos-1x.json b/data/config-mode-dependencies/vyos-1x.json index 2398425507..2981a0851f 100644 --- a/data/config-mode-dependencies/vyos-1x.json +++ b/data/config-mode-dependencies/vyos-1x.json @@ -64,8 +64,14 @@ "system_wireless": { "wireless": ["interfaces_wireless"] }, + "system_ip": { + "sysctl": ["system_sysctl"] + }, + "system_ipv6": { + "sysctl": ["system_sysctl"] + }, "system_option": { - "ip": ["system_ip"], - "ipv6": ["system_ipv6"] + "ip_ipv6": ["system_ip", "system_ipv6"], + "sysctl": ["system_sysctl"] } } diff --git a/smoketest/scripts/cli/test_system_option.py b/smoketest/scripts/cli/test_system_option.py new file mode 100755 index 0000000000..c6f48bfc69 --- /dev/null +++ b/smoketest/scripts/cli/test_system_option.py @@ -0,0 +1,84 @@ +#!/usr/bin/env python3 +# +# Copyright (C) 2024 VyOS maintainers and contributors +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 or later as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +import os +import unittest +from base_vyostest_shim import VyOSUnitTestSHIM +from vyos.utils.file import read_file +from vyos.utils.process import is_systemd_service_active +from vyos.utils.system import sysctl_read + +base_path = ['system', 'option'] + +class TestSystemOption(VyOSUnitTestSHIM.TestCase): + def tearDown(self): + self.cli_delete(base_path) + self.cli_commit() + + def test_ctrl_alt_delete(self): + self.cli_set(base_path + ['ctrl-alt-delete', 'reboot']) + self.cli_commit() + + tmp = os.readlink('/lib/systemd/system/ctrl-alt-del.target') + self.assertEqual(tmp, '/lib/systemd/system/reboot.target') + + self.cli_set(base_path + ['ctrl-alt-delete', 'poweroff']) + self.cli_commit() + + tmp = os.readlink('/lib/systemd/system/ctrl-alt-del.target') + self.assertEqual(tmp, '/lib/systemd/system/poweroff.target') + + self.cli_delete(base_path + ['ctrl-alt-delete', 'poweroff']) + self.cli_commit() + self.assertFalse(os.path.exists('/lib/systemd/system/ctrl-alt-del.target')) + + def test_reboot_on_panic(self): + panic_file = '/proc/sys/kernel/panic' + + tmp = read_file(panic_file) + self.assertEqual(tmp, '0') + + self.cli_set(base_path + ['reboot-on-panic']) + self.cli_commit() + + tmp = read_file(panic_file) + self.assertEqual(tmp, '60') + + def test_performance(self): + tuned_service = 'tuned.service' + + self.assertFalse(is_systemd_service_active(tuned_service)) + + # T3204 sysctl options must not be overwritten by tuned + gc_thresh1 = '131072' + gc_thresh2 = '262000' + gc_thresh3 = '524000' + + self.cli_set(['system', 'sysctl', 'parameter', 'net.ipv4.neigh.default.gc_thresh1', 'value', gc_thresh1]) + self.cli_set(['system', 'sysctl', 'parameter', 'net.ipv4.neigh.default.gc_thresh2', 'value', gc_thresh2]) + self.cli_set(['system', 'sysctl', 'parameter', 'net.ipv4.neigh.default.gc_thresh3', 'value', gc_thresh3]) + + self.cli_set(base_path + ['performance', 'throughput']) + self.cli_commit() + + self.assertTrue(is_systemd_service_active(tuned_service)) + + self.assertEqual(sysctl_read('net.ipv4.neigh.default.gc_thresh1'), gc_thresh1) + self.assertEqual(sysctl_read('net.ipv4.neigh.default.gc_thresh2'), gc_thresh2) + self.assertEqual(sysctl_read('net.ipv4.neigh.default.gc_thresh3'), gc_thresh3) + +if __name__ == '__main__': + unittest.main(verbosity=2, failfast=True) diff --git a/src/conf_mode/system_ip.py b/src/conf_mode/system_ip.py index 2a0bda91a3..c8a91fd2f1 100755 --- a/src/conf_mode/system_ip.py +++ b/src/conf_mode/system_ip.py @@ -24,7 +24,8 @@ from vyos.utils.file import write_file from vyos.utils.process import is_systemd_service_active from vyos.utils.system import sysctl_write - +from vyos.configdep import set_dependents +from vyos.configdep import call_dependents from vyos import ConfigError from vyos import frr from vyos import airbag @@ -52,6 +53,11 @@ def get_config(config=None): get_first_key=True)}} # Merge policy dict into "regular" config dict opt = dict_merge(tmp, opt) + + # If IPv4 ARP table size is set here and also manually in sysctl, the more + # fine grained value from sysctl must win + set_dependents('sysctl', conf) + return opt def verify(opt): @@ -127,6 +133,8 @@ def apply(opt): frr_cfg.add_before(frr.default_add_before, opt['frr_zebra_config']) frr_cfg.commit_configuration(zebra_daemon) + call_dependents() + if __name__ == '__main__': try: c = get_config() diff --git a/src/conf_mode/system_ipv6.py b/src/conf_mode/system_ipv6.py index 00d440e35e..a2442d0099 100755 --- a/src/conf_mode/system_ipv6.py +++ b/src/conf_mode/system_ipv6.py @@ -25,6 +25,8 @@ from vyos.utils.file import write_file from vyos.utils.process import is_systemd_service_active from vyos.utils.system import sysctl_write +from vyos.configdep import set_dependents +from vyos.configdep import call_dependents from vyos import ConfigError from vyos import frr from vyos import airbag @@ -52,6 +54,11 @@ def get_config(config=None): get_first_key=True)}} # Merge policy dict into "regular" config dict opt = dict_merge(tmp, opt) + + # If IPv6 neighbor table size is set here and also manually in sysctl, the more + # fine grained value from sysctl must win + set_dependents('sysctl', conf) + return opt def verify(opt): @@ -110,6 +117,8 @@ def apply(opt): frr_cfg.add_before(frr.default_add_before, opt['frr_zebra_config']) frr_cfg.commit_configuration(zebra_daemon) + call_dependents() + if __name__ == '__main__': try: c = get_config() diff --git a/src/conf_mode/system_option.py b/src/conf_mode/system_option.py index 1806869246..4025104924 100755 --- a/src/conf_mode/system_option.py +++ b/src/conf_mode/system_option.py @@ -31,7 +31,8 @@ from vyos.utils.process import is_systemd_service_running from vyos.utils.network import is_addr_assigned from vyos.utils.network import is_intf_addr_assigned -from vyos.configdep import set_dependents, call_dependents +from vyos.configdep import set_dependents +from vyos.configdep import call_dependents from vyos import ConfigError from vyos import airbag airbag.enable() @@ -57,10 +58,9 @@ def get_config(config=None): with_recursive_defaults=True) if 'performance' in options: - # Update IPv4 and IPv6 options after TuneD reapplies - # sysctl from config files - for protocol in ['ip', 'ipv6']: - set_dependents(protocol, conf) + # Update IPv4/IPv6 and sysctl options after tuned applied it's settings + set_dependents('ip_ipv6', conf) + set_dependents('sysctl', conf) return options @@ -111,10 +111,11 @@ def generate(options): def apply(options): # System bootup beep + beep_service = 'vyos-beep.service' if 'startup_beep' in options: - cmd('systemctl enable vyos-beep.service') + cmd(f'systemctl enable {beep_service}') else: - cmd('systemctl disable vyos-beep.service') + cmd(f'systemctl disable {beep_service}') # Ctrl-Alt-Delete action if os.path.exists(systemd_action_file):