[lxc-devel] [lxd/master] Bugfixes

[stgraber on Github]

A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 301 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20170427/a9b56bad/attachment.bin>
-------------- next part --------------
From 90e83cf7144b62ce84d2ee3fa46afb34ee39b515 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgraber at ubuntu.com>
Date: Thu, 27 Apr 2017 14:06:05 -0400
Subject: [PATCH 1/2] Use networkSysctl when possible
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
---
 lxd/container_lxc.go | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go
index 0f2d935..f638220 100644
--- a/lxd/container_lxc.go
+++ b/lxd/container_lxc.go
@@ -5656,9 +5656,7 @@ func (c *containerLXC) createNetworkDevice(name string, m types.Device) (string,
 			}
 
 			// Attempt to disable IPv6 on the host side interface
-			if shared.PathExists(fmt.Sprintf("/proc/sys/net/ipv6/conf/%s/disable_ipv6", n1)) {
-				ioutil.WriteFile(fmt.Sprintf("/proc/sys/net/ipv6/conf/%s/disable_ipv6", n1), []byte("1"), 0644)
-			}
+			networkSysctl(fmt.Sprintf("ipv6/conf/%s/disable_ipv6", n1), "1")
 		}
 
 		dev = n2

From 936fddf3fd4ba6e0f458d0f756c2a40e9dfe9328 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgraber at ubuntu.com>
Date: Thu, 27 Apr 2017 14:08:47 -0400
Subject: [PATCH 2/2] Disable IPv6 on created macvlan parents
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This avoids the host accidentally getting IPv6 addresses on those.

Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
---
 lxd/container_lxc.go | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go
index f638220..406368c 100644
--- a/lxd/container_lxc.go
+++ b/lxd/container_lxc.go
@@ -1784,6 +1784,9 @@ func (c *containerLXC) startCommon() (string, error) {
 					if err != nil {
 						return "", err
 					}
+
+					// Attempt to disable IPv6 on the host side interface
+					networkSysctl(fmt.Sprintf("ipv6/conf/%s/disable_ipv6", device), "1")
 				}
 			}
 		}
@@ -5678,6 +5681,9 @@ func (c *containerLXC) createNetworkDevice(name string, m types.Device) (string,
 				if err != nil {
 					return "", err
 				}
+
+				// Attempt to disable IPv6 on the host side interface
+				networkSysctl(fmt.Sprintf("ipv6/conf/%s/disable_ipv6", device), "1")
 			}
 		}