network: drop all checks of ipv6_disabled sysctl

*We* control the sysctl setting. If the user configured IPv6, then we apply the
settings, and just make sure that at some point during the configuration the
sysctl is disabled (i.e. ipv6 enabled) if we have IPv6 configured.

Replaces #13283.

diff --git a/src/network/networkd-address.c b/src/network/networkd-address.c
index 885cda3a035df9d0cb1780f9a06c8d6773bfb53c..4fe55710391b10c741f40759dad9dd1fcbb9d907 100644 (file)
--- a/src/network/networkd-address.c
+++ b/src/network/networkd-address.c
@@ -568,11 +568,6 @@ int address_configure(
         assert(link->manager->rtnl);
         assert(callback);
 
-        if (address->family == AF_INET6 && link_sysctl_ipv6_enabled(link) == 0) {
-                log_link_warning(link, "An IPv6 address is requested, but IPv6 is disabled by sysctl, ignoring.");
-                return 0;
-        }
-
         /* If this is a new address, then refuse adding more than the limit */
         if (address_get(link, address->family, &address->in_addr, address->prefixlen, NULL) <= 0 &&
             set_size(link->addresses) >= ADDRESSES_PER_LINK_MAX)

diff --git a/src/network/networkd-fdb.c b/src/network/networkd-fdb.c
index 7ffbd0a66e343fd9ab4fb8c3a77f5405876b5c62..1f688d6716f51511e42fe6d0cd625bfde661acf9 100644 (file)
--- a/src/network/networkd-fdb.c
+++ b/src/network/networkd-fdb.c
@@ -123,11 +123,6 @@ int fdb_entry_configure(Link *link, FdbEntry *fdb_entry) {
         assert(link->manager);
         assert(fdb_entry);
 
-        if (fdb_entry->family == AF_INET6 && link_sysctl_ipv6_enabled(link) == 0) {
-                log_link_warning(link, "An IPv6 fdb entry is requested, but IPv6 is disabled by sysctl, ignoring.");
-                return 0;
-        }
-
         /* create new RTM message */
         r = sd_rtnl_message_new_neigh(link->manager->rtnl, &req, RTM_NEWNEIGH, link->ifindex, PF_BRIDGE);
         if (r < 0)

diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c
index eca65c4fecf01f1e490b8971ff231f9c4fd8c33c..f9e74e0f5bf8caa40fa0a6f22930d3f1eccf1381 100644 (file)
--- a/src/network/networkd-link.c
+++ b/src/network/networkd-link.c
@@ -69,27 +69,6 @@ DUID* link_get_duid(Link *link) {
                 return &link->manager->duid;
 }
 
-int link_sysctl_ipv6_enabled(Link *link) {
-        _cleanup_free_ char *value = NULL;
-        int r;
-
-        assert(link);
-        assert(link->ifname);
-
-        if (link->sysctl_ipv6_enabled >= 0)
-                return link->sysctl_ipv6_enabled;
-
-        const char *ifname = link->ifname; /* work around bogus gcc warning */
-        r = sysctl_read_ip_property(AF_INET6, ifname, "disable_ipv6", &value);
-        if (r < 0)
-                return log_link_warning_errno(link, r,
-                                              "Failed to read net.ipv6.conf.%s.disable_ipv6 sysctl property: %m",
-                                              ifname);
-
-        link->sysctl_ipv6_enabled = value[0] == '0';
-        return link->sysctl_ipv6_enabled;
-}
-
 static bool link_dhcp6_enabled(Link *link) {
         assert(link);
 
@@ -108,9 +87,6 @@ static bool link_dhcp6_enabled(Link *link) {
         if (link->iftype == ARPHRD_CAN)
                 return false;
 
-        if (link_sysctl_ipv6_enabled(link) == 0)
-                return false;
-
         return link->network->dhcp & ADDRESS_FAMILY_IPV6;
 }
 
@@ -199,9 +175,6 @@ static bool link_ipv6ll_enabled(Link *link) {
         if (link->network->bond)
                 return false;
 
-        if (link_sysctl_ipv6_enabled(link) == 0)
-                return false;
-
         return link->network->link_local & ADDRESS_FAMILY_IPV6;
 }
 
@@ -214,9 +187,6 @@ static bool link_ipv6_enabled(Link *link) {
         if (link->network->bond)
                 return false;
 
-        if (link_sysctl_ipv6_enabled(link) == 0)
-                return false;
-
         if (link->iftype == ARPHRD_CAN)
                 return false;
 
@@ -263,9 +233,6 @@ static bool link_ipv6_forward_enabled(Link *link) {
         if (link->network->ip_forward == _ADDRESS_FAMILY_INVALID)
                 return false;
 
-        if (link_sysctl_ipv6_enabled(link) == 0)
-                return false;
-
         return link->network->ip_forward & ADDRESS_FAMILY_IPV6;
 }
 
@@ -329,7 +296,7 @@ static IPv6PrivacyExtensions link_ipv6_privacy_extensions(Link *link) {
         return link->network->ipv6_privacy_extensions;
 }
 
-static int link_enable_ipv6(Link *link) {
+static int link_update_ipv6_sysctl(Link *link) {
         bool enabled;
         int r;
 
@@ -340,9 +307,9 @@ static int link_enable_ipv6(Link *link) {
         if (enabled) {
                 r = sysctl_write_ip_property_boolean(AF_INET6, link->ifname, "disable_ipv6", false);
                 if (r < 0)
-                        log_link_warning_errno(link, r, "Cannot enable IPv6: %m");
-                else
-                        log_link_info(link, "IPv6 successfully enabled");
+                        return log_link_warning_errno(link, r, "Cannot enable IPv6: %m");
+
+                log_link_info(link, "IPv6 successfully enabled");
         }
 
         return 0;
@@ -615,7 +582,6 @@ static int link_new(Manager *manager, sd_netlink_message *message, Link **ret) {
                 .state = LINK_STATE_PENDING,
                 .ifindex = ifindex,
                 .iftype = iftype,
-                .sysctl_ipv6_enabled = -1,
 
                 .n_dns = (unsigned) -1,
                 .dns_default_route = -1,
@@ -2553,7 +2519,7 @@ static int link_configure(Link *link) {
 
         /* If IPv6 configured that is static IPv6 address and IPv6LL autoconfiguration is enabled
          * for this interface, then enable IPv6 */
-        (void) link_enable_ipv6(link);
+        (void) link_update_ipv6_sysctl(link);
 
         r = link_set_proxy_arp(link);
         if (r < 0)

diff --git a/src/network/networkd-link.h b/src/network/networkd-link.h
index d077dfe772964d7c750e5077e5e326a280d4c5a4..3eff6fbc62e0d588e3479d758548cc85d1da0b34 100644 (file)
--- a/src/network/networkd-link.h
+++ b/src/network/networkd-link.h
@@ -133,7 +133,6 @@ typedef struct Link {
         struct rtnl_link_stats64 stats_old, stats_new;
         bool stats_updated;
 
-        int sysctl_ipv6_enabled;
 
         /* All kinds of DNS configuration */
         struct in_addr_data *dns;
@@ -200,8 +199,6 @@ uint32_t link_get_dhcp_route_table(Link *link);
 uint32_t link_get_ipv6_accept_ra_route_table(Link *link);
 int link_request_set_routes(Link *link);
 
-int link_sysctl_ipv6_enabled(Link *link);
-
 #define ADDRESS_FMT_VAL(address)                   \
         be32toh((address).s_addr) >> 24,           \
         (be32toh((address).s_addr) >> 16) & 0xFFu, \

diff --git a/src/network/networkd-route.c b/src/network/networkd-route.c
index 8a16e9111ff026e648374738ff63c570f0a7d13c..19055f4e48e8fcb5df0d3bf1b8ec3c44906a7d70 100644 (file)
--- a/src/network/networkd-route.c
+++ b/src/network/networkd-route.c
@@ -636,11 +636,6 @@ int route_configure(
         assert(IN_SET(route->family, AF_INET, AF_INET6));
         assert(callback);
 
-        if (route->family == AF_INET6 && link_sysctl_ipv6_enabled(link) == 0) {
-                log_link_warning(link, "An IPv6 route is requested, but IPv6 is disabled by sysctl, ignoring.");
-                return 0;
-        }
-
         if (route_get(link, route->family, &route->dst, route->dst_prefixlen, &route->gw, route->tos, route->priority, route->table, NULL) <= 0 &&
             set_size(link->routes) >= routes_max())
                 return log_link_error_errno(link, SYNTHETIC_ERRNO(E2BIG),

diff --git a/src/network/networkd-routing-policy-rule.c b/src/network/networkd-routing-policy-rule.c
index 5edc2444a70fd4345f33fefbcfc640532e0c2d12..f032169aebf4a7dca5599bbdf789d3b1b26a34d0 100644 (file)
--- a/src/network/networkd-routing-policy-rule.c
+++ b/src/network/networkd-routing-policy-rule.c
@@ -453,11 +453,6 @@ int routing_policy_rule_configure(RoutingPolicyRule *rule, Link *link, link_netl
         assert(link->manager);
         assert(link->manager->rtnl);
 
-        if (rule->family == AF_INET6 && link_sysctl_ipv6_enabled(link) == 0) {
-                log_link_warning(link, "An IPv6 routing policy rule is requested, but IPv6 is disabled by sysctl, ignoring.");
-                return 0;
-        }
-
         r = sd_rtnl_message_new_routing_policy_rule(link->manager->rtnl, &m, RTM_NEWRULE, rule->family);
         if (r < 0)
                 return log_error_errno(r, "Could not allocate RTM_NEWRULE message: %m");

diff --git a/test/test-network/systemd-networkd-tests.py b/test/test-network/systemd-networkd-tests.py
index 8d123658a173bc4f1f643ebc4fb1006899500d0f..374d9cdefd33b0e815d573563c5094a09e11be05 100755 (executable)
--- a/test/test-network/systemd-networkd-tests.py
+++ b/test/test-network/systemd-networkd-tests.py
@@ -1842,13 +1842,14 @@ class NetworkdNetworkTests(unittest.TestCase, Utilities):
         self.assertRegex(output, 'inet 10.2.3.4/16 brd 10.2.255.255 scope global dummy98')
         output = check_output('ip -6 address show dummy98')
         print(output)
-        self.assertEqual(output, '')
+        self.assertRegex(output, 'inet6 2607:5300:203:3906::/64 scope global')
+        self.assertRegex(output, 'inet6 .* scope link')
         output = check_output('ip -4 route show dev dummy98')
         print(output)
         self.assertEqual(output, '10.2.0.0/16 proto kernel scope link src 10.2.3.4')
         output = check_output('ip -6 route show dev dummy98')
         print(output)
-        self.assertEqual(output, '')
+        self.assertRegex(output, 'default via 2607:5300:203:39ff:ff:ff:ff:ff proto static')
 
         check_output('ip link del dummy98')