github.com/hugh712/snapd@v0.0.0-20200910133618-1a99902bd583/overlord/configstate/configcore/network.go

github.com/hugh712/snapd@v0.0.0-20200910133618-1a99902bd583/overlord/configstate/configcore/network.go (about)

     1  // -*- Mode: Go; indent-tabs-mode: t -*-
     2  
     3  /*
     4   * Copyright (C) 2018 Canonical Ltd
     5   *
     6   * This program is free software: you can redistribute it and/or modify
     7   * it under the terms of the GNU General Public License version 3 as
     8   * published by the Free Software Foundation.
     9   *
    10   * This program is distributed in the hope that it will be useful,
    11   * but WITHOUT ANY WARRANTY; without even the implied warranty of
    12   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    13   * GNU General Public License for more details.
    14   *
    15   * You should have received a copy of the GNU General Public License
    16   * along with this program.  If not, see <http://www.gnu.org/licenses/>.
    17   *
    18   */
    19  
    20  package configcore
    21  
    22  import (
    23  	"bytes"
    24  	"fmt"
    25  	"os/exec"
    26  	"path/filepath"
    27  
    28  	"github.com/snapcore/snapd/dirs"
    29  	"github.com/snapcore/snapd/osutil"
    30  	"github.com/snapcore/snapd/overlord/configstate/config"
    31  )
    32  
    33  func init() {
    34  	// add supported configuration of this module
    35  	supportedConfigurations["core.network.disable-ipv6"] = true
    36  }
    37  
    38  func validateNetworkSettings(tr config.ConfGetter) error {
    39  	return validateBoolFlag(tr, "network.disable-ipv6")
    40  }
    41  
    42  func handleNetworkConfiguration(tr config.ConfGetter, opts *fsOnlyContext) error {
    43  	root := dirs.GlobalRootDir
    44  	if opts != nil {
    45  		root = opts.RootDir
    46  	}
    47  	dir := filepath.Join(root, "/etc/sysctl.d")
    48  	name := "10-snapd-network.conf"
    49  	content := bytes.NewBuffer(nil)
    50  
    51  	output, err := coreCfg(tr, "network.disable-ipv6")
    52  	if err != nil {
    53  		return nil
    54  	}
    55  
    56  	var sysctl string
    57  	switch output {
    58  	case "true":
    59  		sysctl = "net.ipv6.conf.all.disable_ipv6=1"
    60  		content.WriteString(sysctl + "\n")
    61  	case "false", "":
    62  		// Store the sysctl for the code below but don't write it to
    63  		// content so that the file setting this option gets removed.
    64  		sysctl = "net.ipv6.conf.all.disable_ipv6=0"
    65  	default:
    66  		return fmt.Errorf("unsupported disable-ipv6 option: %q", output)
    67  	}
    68  	dirContent := map[string]osutil.FileState{}
    69  	if content.Len() > 0 {
    70  		dirContent[name] = &osutil.MemoryFileState{
    71  			Content: content.Bytes(),
    72  			Mode:    0644,
    73  		}
    74  	}
    75  
    76  	// write the new config
    77  	glob := name
    78  	changed, removed, err := osutil.EnsureDirState(dir, glob, dirContent)
    79  	if err != nil {
    80  		return err
    81  	}
    82  
    83  	if opts == nil {
    84  		// load the new config into the kernel
    85  		if len(changed) > 0 || len(removed) > 0 {
    86  			output, err := exec.Command("sysctl", "-w", sysctl).CombinedOutput()
    87  			if err != nil {
    88  				return osutil.OutputErr(output, err)
    89  			}
    90  		}
    91  	}
    92  
    93  	return nil
    94  }