github.com/meulengracht/snapd@v0.0.0-20210719210640-8bde69bcc84e/overlord/configstate/configcore/network.go

github.com/meulengracht/snapd@v0.0.0-20210719210640-8bde69bcc84e/overlord/configstate/configcore/network.go (about)

     1  // -*- Mode: Go; indent-tabs-mode: t -*-
     2  
     3  /*
     4   * Copyright (C) 2018 Canonical Ltd
     5   *
     6   * This program is free software: you can redistribute it and/or modify
     7   * it under the terms of the GNU General Public License version 3 as
     8   * published by the Free Software Foundation.
     9   *
    10   * This program is distributed in the hope that it will be useful,
    11   * but WITHOUT ANY WARRANTY; without even the implied warranty of
    12   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    13   * GNU General Public License for more details.
    14   *
    15   * You should have received a copy of the GNU General Public License
    16   * along with this program.  If not, see <http://www.gnu.org/licenses/>.
    17   *
    18   */
    19  
    20  package configcore
    21  
    22  import (
    23  	"bytes"
    24  	"fmt"
    25  	"os/exec"
    26  	"path/filepath"
    27  
    28  	"github.com/snapcore/snapd/dirs"
    29  	"github.com/snapcore/snapd/osutil"
    30  	"github.com/snapcore/snapd/overlord/configstate/config"
    31  	"github.com/snapcore/snapd/sysconfig"
    32  )
    33  
    34  func init() {
    35  	// add supported configuration of this module
    36  	supportedConfigurations["core.network.disable-ipv6"] = true
    37  }
    38  
    39  func validateNetworkSettings(tr config.ConfGetter) error {
    40  	return validateBoolFlag(tr, "network.disable-ipv6")
    41  }
    42  
    43  func handleNetworkConfiguration(_ sysconfig.Device, tr config.ConfGetter, opts *fsOnlyContext) error {
    44  	root := dirs.GlobalRootDir
    45  	if opts != nil {
    46  		root = opts.RootDir
    47  	}
    48  	dir := filepath.Join(root, "/etc/sysctl.d")
    49  	name := "10-snapd-network.conf"
    50  	content := bytes.NewBuffer(nil)
    51  
    52  	output, err := coreCfg(tr, "network.disable-ipv6")
    53  	if err != nil {
    54  		return nil
    55  	}
    56  
    57  	var sysctl string
    58  	switch output {
    59  	case "true":
    60  		sysctl = "net.ipv6.conf.all.disable_ipv6=1"
    61  		content.WriteString(sysctl + "\n")
    62  	case "false", "":
    63  		// Store the sysctl for the code below but don't write it to
    64  		// content so that the file setting this option gets removed.
    65  		sysctl = "net.ipv6.conf.all.disable_ipv6=0"
    66  	default:
    67  		return fmt.Errorf("unsupported disable-ipv6 option: %q", output)
    68  	}
    69  	dirContent := map[string]osutil.FileState{}
    70  	if content.Len() > 0 {
    71  		dirContent[name] = &osutil.MemoryFileState{
    72  			Content: content.Bytes(),
    73  			Mode:    0644,
    74  		}
    75  	}
    76  
    77  	// write the new config
    78  	glob := name
    79  	changed, removed, err := osutil.EnsureDirState(dir, glob, dirContent)
    80  	if err != nil {
    81  		return err
    82  	}
    83  
    84  	if opts == nil {
    85  		// load the new config into the kernel
    86  		if len(changed) > 0 || len(removed) > 0 {
    87  			output, err := exec.Command("sysctl", "-w", sysctl).CombinedOutput()
    88  			if err != nil {
    89  				return osutil.OutputErr(output, err)
    90  			}
    91  		}
    92  	}
    93  
    94  	return nil
    95  }