From 432951de1f7f94317ed8c9c713ee4aa8d40d04c3 Mon Sep 17 00:00:00 2001 From: Phil Dibowitz Date: Wed, 5 Oct 2016 12:40:45 +0200 Subject: Provide a mechanism to prevent network-scripts from messing with sysctls network-scripts makes odd assumptions, like if I don't want SLAAC (i.e. if I turn off AUTOCONF) that I also don't want RA. This is not true, it's common to have a static local address, but to get my gateway through RA. This is one solution. I will also be sending a more specific solution to enable the above directly, but having a way to tell network-scripts to not mess with systctls seems generally useful. --- sysconfig/network-scripts/ifup-ipv6 | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) (limited to 'sysconfig/network-scripts/ifup-ipv6') diff --git a/sysconfig/network-scripts/ifup-ipv6 b/sysconfig/network-scripts/ifup-ipv6 index 8f740344..296fa77e 100755 --- a/sysconfig/network-scripts/ifup-ipv6 +++ b/sysconfig/network-scripts/ifup-ipv6 @@ -127,10 +127,13 @@ else ipv6_local_accept_ra=0 fi fi -/sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.forwarding=$ipv6_local_forwarding >/dev/null 2>&1 -/sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.accept_ra=$ipv6_local_accept_ra >/dev/null 2>&1 -/sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.accept_redirects=$ipv6_local_auto >/dev/null 2>&1 -/sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.autoconf=$ipv6_local_auto >/dev/null 2>&1 + +if [ ! "$IPV6_SET_SYSCTLS" = "no" ]; then + /sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.forwarding=$ipv6_local_forwarding >/dev/null 2>&1 + /sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.accept_ra=$ipv6_local_accept_ra >/dev/null 2>&1 + /sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.accept_redirects=$ipv6_local_auto >/dev/null 2>&1 + /sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.autoconf=$ipv6_local_auto >/dev/null 2>&1 +fi # Set IPv6 MTU, if given if [ -n "$IPV6_MTU" ]; then @@ -146,10 +149,12 @@ fi # Enable IPv6 RFC3041 privacy extensions if desired if [ "$IPV6_PRIVACY" = "rfc3041" ]; then - /sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.use_tempaddr=2 >/dev/null 2>&1 - if [ $? -ne 0 ]; then - net_log $"Cannot enable IPv6 privacy method '$IPV6_PRIVACY', not supported by kernel" - fi + if [ ! "$IPV6_SET_SYSCTLS" = "no" ]; then + /sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.use_tempaddr=2 >/dev/null 2>&1 + if [ $? -ne 0 ]; then + net_log $"Cannot enable IPv6 privacy method '$IPV6_PRIVACY', not supported by kernel" + fi + fi fi # Setup default IPv6 route, check are done by function -- cgit v1.2.1