Bug 634735
| Summary: | net.bridge.bridge-nf-call-iptables setting in sysctl.conf doesn't match setting in kernel | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Laine Stump <laine> | |
| Component: | kernel | Assignee: | Neil Horman <nhorman> | |
| Status: | CLOSED NOTABUG | QA Contact: | Red Hat Kernel QE team <kernel-qe> | |
| Severity: | medium | Docs Contact: | ||
| Priority: | low | |||
| Version: | 6.0 | CC: | jolsa, nhorman, pknirsch, rhughes, tgraf | |
| Target Milestone: | rc | |||
| Target Release: | --- | |||
| Hardware: | All | |||
| OS: | Linux | |||
| Whiteboard: | ||||
| Fixed In Version: | Doc Type: | Bug Fix | ||
| Doc Text: | Story Points: | --- | ||
| Clone Of: | ||||
| : | 634736 (view as bug list) | Environment: | ||
| Last Closed: | 2011-01-04 18:22:09 UTC | Type: | --- | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
|
Description
Laine Stump
2010-09-16 20:29:00 UTC
Cloned for F13 as Bug 634735 Actually, the cloned bug is Bug 634736 I'm pretty sure this should be properly handled in the kernel module as thats the point of origin of the problem. Moving to kernel component. Thanks & regards, Phil Triage assignment. If you feel this bug doesn't belong to you, or that it cannot be handled in a timely fashion, please contact me for re-assignment This can't be solved in the kernel. User space events can trigger the need for module load which the kernel implements by forking a copy of modprobe directly. The kernel has no way of knowing if it should run sysctl commands post module install or not, nor what teh settings should be as it doesn't have access to the /etc/sysctl.conf file. What could be done is a modification to the modprobe utility to get it to optionally rescan /etc/sysctl conf and apply changes after a module install. I'l lsee if I can whip together a patch for that. actually, scratch what I just said. Turns out there is already a way to do this administratively, so theres no need for change. All you need to do is use the install command in modprobe.conf (or any of the modprobe conf files). the install command lets you run any command that you would like when loading a module. So if you want to guarantee that a module has its sysctl settings applied when its not guaranteed that the module will be loaded at rc.sysinit time, you only need to add this line to your modprobe config: install bridge /sbin/modprobe --ignore-install bridge && sysctl -p That will reapply the /etc/sysctl file once the bridge module is installed and set your bridge sysctl values properly. Which package should be creating this modprobe config? AFAIK, libvirt purposefully avoids having anything to do with loading modules (especially something like the bridge module - libvirt doesn't even have any idea that such a thing exists; it just calls the ioctls() to create a bridge), and I would consider setting up a command to be run at module load time to be in that category. Also, this isn't a libvirt-specific problem - it's endemic to the way that /etc/sysctl.conf interacts with all kernel modules, which may be used by any number of applications, and those applications may or may not even know that they've done something that causes a module to be loaded. It's very likely this same problem is playing out (or will play out) for some other set of sysctl values/modules/applications. But back to the specific case - should this be added to dist.conf (which yum says is a part of inittools)? |