cafkafk/nixpkgs
cafkafk/nixpkgs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2

Merge pull request #68227 from volth/patch-362

Browse source 
network-interfaces.nix: escape '.' in interface names passed to sysctl
This commit is contained in:
Linus Heckemann 2019-09-26 12:16:24 +02:00 committed by GitHub
commit f0f3bd8d96
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
nixos/modules/tasks/network-interfaces.nix
View file

@ -967,9 +967,9 @@ in
"net.ipv6.conf.default.disable_ipv6" = mkDefault (!cfg.enableIPv6); "net.ipv6.conf.default.disable_ipv6" = mkDefault (!cfg.enableIPv6);
"net.ipv6.conf.all.forwarding" = mkDefault (any (i: i.proxyARP) interfaces); "net.ipv6.conf.all.forwarding" = mkDefault (any (i: i.proxyARP) interfaces);
} // listToAttrs (flip concatMap (filter (i: i.proxyARP) interfaces) } // listToAttrs (flip concatMap (filter (i: i.proxyARP) interfaces)
(i: forEach [ "4" "6" ] (v: nameValuePair "net.ipv${v}.conf.${i.name}.proxy_arp" true))) (i: forEach [ "4" "6" ] (v: nameValuePair "net.ipv${v}.conf.${replaceChars ["."] ["/"] i.name}.proxy_arp" true)))
// listToAttrs (forEach (filter (i: i.preferTempAddress) interfaces) // listToAttrs (forEach (filter (i: i.preferTempAddress) interfaces)
(i: nameValuePair "net.ipv6.conf.${i.name}.use_tempaddr" 2)); (i: nameValuePair "net.ipv6.conf.${replaceChars ["."] ["/"] i.name}.use_tempaddr" 2));
# Capabilities won't work unless we have at-least a 4.3 Linux # Capabilities won't work unless we have at-least a 4.3 Linux
# kernel because we need the ambient capability # kernel because we need the ambient capability
@ -1092,7 +1092,7 @@ in
destination = "/etc/udev/rules.d/98-${name}"; destination = "/etc/udev/rules.d/98-${name}";
text = '' text = ''
# enable and prefer IPv6 privacy addresses by default # enable and prefer IPv6 privacy addresses by default
ACTION=="add", SUBSYSTEM=="net", RUN+="${pkgs.procps}/bin/sysctl net.ipv6.conf.%k.use_tempaddr=2" ACTION=="add", SUBSYSTEM=="net", RUN+="${pkgs.coreutils}/bin/echo 2 > /proc/sys/net/ipv6/conf/%k/use_tempaddr"
''; '';
}) })
(pkgs.writeTextFile rec { (pkgs.writeTextFile rec {
@ -1100,7 +1100,7 @@ in
destination = "/etc/udev/rules.d/99-${name}"; destination = "/etc/udev/rules.d/99-${name}";
text = concatMapStrings (i: '' text = concatMapStrings (i: ''
# enable IPv6 privacy addresses but prefer EUI-64 addresses for ${i.name} # enable IPv6 privacy addresses but prefer EUI-64 addresses for ${i.name}
ACTION=="add", SUBSYSTEM=="net", RUN+="${pkgs.procps}/bin/sysctl net.ipv6.conf.${i.name}.use_tempaddr=1" ACTION=="add", SUBSYSTEM=="net", RUN+="${pkgs.procps}/bin/sysctl net.ipv6.conf.${replaceChars ["."] ["/"] i.name}.use_tempaddr=1"
'') (filter (i: !i.preferTempAddress) interfaces); '') (filter (i: !i.preferTempAddress) interfaces);
}) })
] ++ lib.optional (cfg.wlanInterfaces != {}) ] ++ lib.optional (cfg.wlanInterfaces != {})