Do not touch interface DNS if global DNS is used

Resolves: RHEL-32218

Signed-off-by: Gris Ge <fge@redhat.com>
This commit is contained in:
Gris Ge 2024-05-16 16:11:57 +08:00
parent d20c308040
commit e264db009a
4 changed files with 14 additions and 164 deletions

3
.gitignore vendored
View File

@ -13,3 +13,6 @@ SOURCES/nmstate.gpg
/nmstate-1.4.5.tar.gz
/nmstate-1.4.5.tar.gz.asc
/nmstate-vendor-1.4.5.tar.xz
/nmstate-1.4.6.tar.gz
/nmstate-1.4.6.tar.gz.asc
/nmstate-vendor-1.4.6.tar.xz

View File

@ -1,157 +0,0 @@
From c95e26154cfe105faedb6fe6187e89da658e6d02 Mon Sep 17 00:00:00 2001
From: Gris Ge <fge@redhat.com>
Date: Tue, 14 Nov 2023 16:08:35 +0800
Subject: [PATCH 1/2] dns: Fix DNS option `ndots`, `timeout` and `attempts`
The `ndots`, `timeout` and `attempts` DNS options are allowed to
hold a integer value in the format of `<opt_name>:<int>`. Previously,
nmstate is treating them as invalid DNS option. This patch fix it.
Now this YAML is supported:
```yml
dns-resolver:
config:
options:
- rotate
- ndots:9
```
Integration test cases included.
Signed-off-by: Gris Ge <fge@redhat.com>
---
libnmstate/dns.py | 31 ++++++++++++++++++++++++-------
1 file changed, 24 insertions(+), 7 deletions(-)
diff --git a/libnmstate/dns.py b/libnmstate/dns.py
index f792b896..5bb512e8 100644
--- a/libnmstate/dns.py
+++ b/libnmstate/dns.py
@@ -19,14 +19,12 @@ EMPTY_DNS = {
REMOVE_DNS_CONFIG = {DNS.CONFIG: EMPTY_DNS}
-SUPPORTED_DNS_OPTIONS = [
- "attempts",
+SUPPORTED_DNS_OPTS_NO_VALUE = [
"debug",
"edns0",
"inet6",
"ip6-bytestring",
"ip6-dotint",
- "ndots",
"no-aaaa",
"no-check-names",
"no-ip6-dotint",
@@ -35,11 +33,16 @@ SUPPORTED_DNS_OPTIONS = [
"rotate",
"single-request",
"single-request-reopen",
- "timeout",
"trust-ad",
"use-vc",
]
+SUPPORTED_DNS_OPTS_WITH_VALUE = [
+ "ndots",
+ "timeout",
+ "attempts",
+]
+
class DnsState:
PRIORITY_METADATA = "_priority"
@@ -73,10 +76,24 @@ class DnsState:
def _canonicalize_dns_options(self):
for opt in self.config_options:
- if opt not in SUPPORTED_DNS_OPTIONS:
+ if opt.find(":") > 0:
+ opt = opt[: opt.find(":")]
+ if opt not in SUPPORTED_DNS_OPTS_WITH_VALUE:
+ raise NmstateValueError(
+ "Option '{}' is not supported to hold "
+ "a value, only support these without "
+ "value: {} and these with values: {}:n",
+ opt,
+ ", ".join(SUPPORTED_DNS_OPTS_NO_VALUE),
+ ":n, ".join(SUPPORTED_DNS_OPTS_WITH_VALUE),
+ )
+ elif opt not in SUPPORTED_DNS_OPTS_NO_VALUE:
raise NmstateValueError(
- f"Unsupported DNS option {opt}, only support: "
- f"{', '.join(SUPPORTED_DNS_OPTIONS)}",
+ "Option '{}' is not supported, only support these "
+ "without value: {} and these with values: {}:n",
+ opt,
+ ", ".join(SUPPORTED_DNS_OPTS_NO_VALUE),
+ ":n, ".join(SUPPORTED_DNS_OPTS_WITH_VALUE),
)
@property
--
2.42.1
From af07271ec5044ec092a3b66c0955636819ccde04 Mon Sep 17 00:00:00 2001
From: Gris Ge <fge@redhat.com>
Date: Tue, 14 Nov 2023 16:16:53 +0800
Subject: [PATCH 2/2] dns: Fix purging DNS config
When user desires:
```yml
---
dns-resolver:
config:
search: []
```
It means user want to remove all search but preserve servers and
options, current nmstate incorrectly treat this as purge also.
This patch only treat these two as purge.
```yml
dns-resolver:
config: {}
```
and
```yml
dns-resolver:
config:
server: []
search: []
options: []
```
Integration test cases included.
Signed-off-by: Gris Ge <fge@redhat.com>
---
libnmstate/nm/dns.py | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/libnmstate/nm/dns.py b/libnmstate/nm/dns.py
index 60ebbba7..b811fdb2 100644
--- a/libnmstate/nm/dns.py
+++ b/libnmstate/nm/dns.py
@@ -158,7 +158,11 @@ def get_dns_config_iface_names(acs_and_ipv4_profiles, acs_and_ipv6_profiles):
for nm_ac, ip_profile in chain(
acs_and_ipv6_profiles, acs_and_ipv4_profiles
):
- if ip_profile.props.dns or ip_profile.props.dns_search:
+ if (
+ ip_profile.props.dns
+ or ip_profile.props.dns_search
+ or ip_profile.props.dns_options
+ ):
try:
iface_name = nm_ac.get_devices()[0].get_iface()
iface_names.append(iface_name)
--
2.42.1

View File

@ -3,8 +3,8 @@
%define libname libnmstate
Name: nmstate
Version: 1.4.5
Release: 2%{?dist}
Version: 1.4.6
Release: 1%{?dist}
Summary: Declarative network manager API
License: LGPLv2+
URL: https://github.com/%{srcname}/%{srcname}
@ -14,7 +14,6 @@ Source2: https://www.nmstate.io/nmstate.gpg
Source3: %{url}/releases/download/v%{version}/%{srcname}-vendor-%{version}.tar.xz
# Patches 0X are reserved to downstream only
Patch0: BZ_2132570-nm-reverse-IPv6-order-before-adding-them-to-setting.patch
Patch10: RHEL-13936-dns-opt-fix.patch
BuildRequires: python3-devel
BuildRequires: python3-setuptools
BuildRequires: gnupg2
@ -99,7 +98,9 @@ popd
%py3_build
pushd rust
make
# It is safe to ignore minimum rust version. The main blocker on MSRV is
# toml which just increase their MSRV by a robot for no hard reason.
%cargo_build --ignore-rust-version
popd
%install
@ -149,6 +150,9 @@ popd
/sbin/ldconfig
%changelog
* Thu May 16 2024 Gris Ge <fge@redhat.com> - 1.4.6-1
- Do not touch interface DNS if global DNS is used. RHEL-32218
* Wed Nov 15 2023 Gris Ge <fge@redhat.com> - 1.4.5-2
- Fix use case on purging DNS option. RHEL-13936

View File

@ -1,4 +1,4 @@
SHA512 (nmstate-1.4.5.tar.gz) = f75c2bcb8f2b9541e3f450e283633fd8976ad5a8591e8c13e696cff3d57dd3e61604e2c6d2392f2d089a44988e82bd80f4ea9fd6c6c81890cfc198ea7a431adc
SHA512 (nmstate-1.4.5.tar.gz.asc) = 68598d469d4399b43e5f9546aefe8497ad733b777c159653a6ec0d74f927b60cb2b1981439414acf3a9a3d675e76d916b1b3af9af23f470af2da327aebcac8e7
SHA512 (nmstate-1.4.6.tar.gz) = 1176b31b260c170a5012dffef9e8b62692b481759a3c43d516504cfd4e2cf63efe10653ef04b6d18e37446b22c217167211ccf4e844eb9e51c78810523e4665d
SHA512 (nmstate-1.4.6.tar.gz.asc) = 97da66d646716d66967081dd7a632529d6c12196cb3b270a499c42ef6ea777e629663c8d042254e3682d418962a473119f75ab79b27cf9581dc3029c8e60004a
SHA512 (nmstate-vendor-1.4.6.tar.xz) = 27eb64009b6f81c96b4a884e5f616799ac163f9e5162359f21b04c82b8fe2b20be44172998bcbadc1d0299c3203325b9bea819d13b337bf2e09b7a53dbb58b6f
SHA512 (nmstate.gpg) = bfbf3620045f3c1f15eaf6877fd7407834a75d2650976f2327abd02ddb910aa34500f07a774dd17023c43dcba42a0ffc66f23cd6816fd9694acad2c5eed9e8d3
SHA512 (nmstate-vendor-1.4.5.tar.xz) = 27eb64009b6f81c96b4a884e5f616799ac163f9e5162359f21b04c82b8fe2b20be44172998bcbadc1d0299c3203325b9bea819d13b337bf2e09b7a53dbb58b6f