I'm amazed this bug has gone unnoticed for so long, but here goes... sysctl uses "." as the path delimiter. VLAN uses "." as the id delimiter. initscripts does absolutely nothing to resolve this conflict. The end result is that all sysctl calls on VLAN if:s will just fail (silently for extra bonus as the scripts pipe to /dev/null). With legacy IP this isn't a big deal as the sysctl use is very sparse. For IPv6 however, the shit really hits the fan as you can't even disable address autoconfiguration without sysctl. Encountered this issue on RHEL 5, but it should still be present in RHEL 6 as I can see that my local F14 machine has the bug. Attached patch fixes most of the calls. Are still a few left that required a bit more effort to handle. Please prioritise this bug as it is causing a lot of head ache doing IPv6 rollout with RHEL.
Created attachment 470819 [details] initscripts-sysctl-vlan.patch Hmm.. patch got lost somewhere...
Given that the /proc/sys entries properly contain the '.', and this could happen in other places, I'm inclined to say 'fix /sbin/sysctl'.
The problem for /sbin/sysctl is the ambiguity between "." as a delimiter and "." as a part of a component name. Do we really want it guessing? I'd rather stuff fail than pick the wrong entry because of a naming conflict.
I just find the idea of a first pass that converts certain '.' to '/' when calling sysctl, just so sysctl can then run a two-pass sed that changes '.' to '/' and '/' to '.' rather cumbersome. Seems simpler to just skip sysctl entirely.
No objection to that. I don't know the motivation for using sysctl rather than /proc in the first place. So change the component back to initscripts?
Well, I can still change initscripts; but it would be good if /sbin/sysctl was fixed. The upstream man page says: variable The name of a key to read from. An example is kernel.ostype. The '/' separator is also accepted in place of a '.'. ... which implies that it *should* work without the substitution.
I don't see any way of just "fixing" sysctl. It's the interface that's crap, not the implementation. So any good fixes to sysctl would require changes to initscripts as well. One variant is to change initscripts to not use "." but rather "/" as the delimiter. That would solve my use case. Not sure if a stray "/" can occur in any component name though...
Yeah, I suppose the docs should be updated for sysctl to not imply that it actually works. In any case, can change initscripts in the mean time. For existing RHEL releases, will probably do the sysctl device substitution as above... would want to investigate in Fedora whether we can get away with direct echos, etc. (For example, in some policy settings, sysctl might be a specific restricted security context that the script isn't.)
Created attachment 471742 [details] updated patch
Will also need 4ac5634 from git master.
(In reply to comment #10) > Will also need 4ac5634 from git master. not really, because we do: sysctl -a | grep "^net\.ipv6\.conf\." | awk -F. '{ print $4 }' | sort -u | while read interface; do instead of: for i in /proc/sys/net/ipv6/conf/* ; do
Technical note added. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: The sysctl utility uses "." as the path delimiter while VLAN interfaces use "." as the ID delimiter. This conflict caused all sysctl calls on a VLAN interface to terminate without any output, causing various issues with IPv6 auto-configuration feature. With this update, several scripts of the iniscripts package have been patched and the sysctl calls no longer hang on VLAN interfaces.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2011-1081.html