daemon config lost after commit changes
Closed, ResolvedPublic
Actions

Assigned To

None

Authored By

	qiuchengxuan
	Dec 8 2019, 7:17 AM

Description

Including [service dns forwarding] and [service dhcp server], once I added something and commit, /etc/powerdns/recursor.conf disappeared, I needs to manually run python3 /usr/libexec/vyos/conf_mode/dns_forwarding.py to restore. DHCP server also encounters similar problem.

Details

Difficulty level: Unknown (require assessment)
Version: 1.2-rolling-201912080217
Why the issue appeared?: Will be filled on close
Is it a breaking change?: Unspecified (possibly destroys the router)

Related Objects
Search...

		Status	Subtype	Assigned	Task
		Resolved		jestabro	T1846 Make session_config not depend on the current edit level
		Resolved		None	T1863 daemon config lost after commit changes

Event Timeline

qiuchengxuan created this task.Dec 8 2019, 7:17 AM

qiuchengxuan created this object in space S1 VyOS Public.

qiuchengxuan updated the task description. (Show Details)

qiuchengxuan updated the task description. (Show Details)Dec 8 2019, 7:19 AM

qiuchengxuan changed Version from - to 1.2.3 rolling.

Please share commands to reproduce this. We do kot hve a 1.2.3 rolling version.

vyos@vyos:~$ show version
Version:          VyOS 1.2-rolling-201912080217
Built by:         [email protected]
Built on:         Sun 08 Dec 2019 02:17 UTC
Build UUID:       b998c0a6-ccf9-47ca-a8f8-7cc561bc5528
Build Commit ID:  7b47b452ce86a9

Architecture:     x86_64
Boot via:         installed image
System type:      KVM guest

Hardware vendor:  QEMU
Hardware model:   Standard PC (i440FX + PIIX, 1996)
Hardware S/N:     
Hardware UUID:    e7e68a04-4a3f-44a0-bae5-3fdcfa0af007

Copyright:        VyOS maintainers and contributors

commands are quite simple, I simply add

set service dns forwarding domain test.lan server 127.0.0.1
commit

then recursor.conf disappered in /etc/powerdns/

running config

[edit]
vyos@vyos# show service dns forwarding 
 allow-from 0.0.0.0/0
 allow-from ::/0
 cache-size 150
 listen-address 10.0.0.1
 listen-address 10.0.0.254
 system

I can not reproduce this issue. I just upgraded to the specified version.

set service dns forwarding allow-from '0.0.0.0/0'
set service dns forwarding allow-from '::/0'
set service dns forwarding cache-size '150'
set service dns forwarding domain test.lan server '127.0.0.1'
set service dns forwarding listen-address '172.18.254.201'
set service dns forwarding listen-address '127.0.0.1'
set service dns forwarding system

vyos@vyos# cat /etc/powerdns/recursor.conf
### Autogenerated by dns_forwarding.py ###

# Non-configurable defaults
daemon=yes
threads=1
allow-from=0.0.0.0/0,::/0
log-common-errors=yes
non-local-bind=yes
query-local-address=0.0.0.0
query-local-address6=::

# cache-size
max-cache-entries=150

# negative TTL for NXDOMAIN
max-negative-ttl=3600

# ignore-hosts-file
export-etc-hosts=yes

# listen-on
local-address=172.18.254.201,127.0.0.1

# dnssec
dnssec=process-no-validate

# forward-zones / recursion
#
# statement is only inserted if either one forwarding domain or nameserver is configured
# if nothing is given at all, powerdns will act as a real recursor and resolve all requests by its own
#
forward-zones-recurse=test.lan=127.0.0.1, .=172.16.254.30

DNS forwarding was last changed back in August by commit https://github.com/vyos/vyos-1x/commit/fdae741be5ffaa3719ce889d0342c3091ad3c92c

This is probably not problem from dns_forwarding.py, not only dns forwarding but also dhcp server encounters same problem.

I found the difference of your steps from mine, your should enter service dns forwarding sub-level, Use following procedures:

config running config mentioned above first
commit and save
edit service dns forwarding
append additional domain config and commit

Please provide real commands, else we can not reproduce the issue. Can you try it on a second installation?

vyos@beijing:~$ config
[edit]
vyos@beijing# set service dns forwarding domain test.lan server 8.8.8.8
[edit]
vyos@beijing# commit
[edit]
vyos@beijing# exit
Warning: configuration changes have not been saved.
exit
vyos@beijing:~$ file /etc/powerdns/recursor.conf
/etc/powerdns/recursor.conf: ASCII text, with very long lines
vyos@beijing:~$ config
e[edit]
vyos@beijing# edit service dns forwarding
[edit service dns forwarding]
vyos@beijing# delet domain test.lan
[edit service dns forwarding]
vyos@beijing# commit
[ service dns forwarding ]
not exists

[edit service dns forwarding]
vyos@beijing# exit
[edit]
vyos@beijing# exit
Warning: configuration changes have not been saved.
exit
vyos@beijing:~$ file /etc/powerdns/recursor.conf
/etc/powerdns/recursor.conf: cannot open `/etc/powerdns/recursor.conf' (No such file or directory)
vyos@beijing:~$

[edit service dns forwarding]
vyos@beijing# set domain test.lan server 8.8.8.8
[edit service dns forwarding]
vyos@beijing# commit
[ service dns forwarding ]
> /usr/libexec/vyos/conf_mode/dns_forwarding.py(110)get_config()
-> return None
(Pdb) dir(conf)
['_Config__session_env', '__class__', '__delattr__', '__dict__', '__dir__', '__doc__', '__eq__', '__format__', '__ge__', '__getattribute__', '__gt__', '__hash__', '__init__', '__le__', '__lt__', '__module__', '__ne__', '__new__', '__reduce__', '__reduce_ex__', '__repr__', '__setattr__', '__sizeof__', '__str__', '__subclasshook__', '__weakref__', '_cli_shell_api', '_level', '_make_command', '_make_path', '_run', '_running_config', '_session_config', 'exists', 'exists_effective', 'get_config_dict', 'get_level', 'in_session', 'is_leaf', 'is_multi', 'is_tag', 'list_effective_nodes', 'list_nodes', 'return_effective_value', 'return_effective_values', 'return_value', 'return_values', 'session_changed', 'set_level', 'show_config']
(Pdb) conf.get_level()
[]
(Pdb) conf.show_config()
' allow-from 10.33.0.0/16\n allow-from 10.0.0.0/24\n domain 1e100.net {\n     server 10.0.0.254\n }\n domain amazonaws.com {\n     server 10.0.0.254\n }\n domain amazon.com {\n     server 10.0.0.254\n }\n domain blogspot.com {\n     server 10.0.0.254\n }\n domain blogspot.it {\n     server 10.0.0.254\n }\n domain box.com {\n     server 10.0.0.254\n }\n domain cloudfront.com {\n     server 10.0.0.254\n }\n domain coggle.it {\n     server 10.0.0.254\n }\n domain c.android.clients.google.com {\n     server 10.0.0.254\n }\n domain dn.rawgit.com {\n     server 10.0.0.254\n }\n domain docker.com {\n     server 10.0.0.254\n }\n domain dropbox.com {\n     server 10.0.0.254\n }\n domain duckduckgo.com {\n     server 10.0.0.254\n }\n domain facebook.com {\n     server 10.0.0.254\n }\n domain facebook.net {\n     server 10.0.0.254\n }\n domain ggpht.com {\n     server 10.0.0.254\n }\n domain gist.github.com {\n     server 10.0.0.254\n }\n domain git-scm.com {\n     server 10.0.0.254\n }\n domain github.com {\n     server 10.0.0.254\n }\n domain github.io {\n     server 10.0.0.254\n }\n domain gmail.com {\n     server 10.0.0.254\n }\n domain golang.org {\n     server 10.0.0.254\n }\n domain google-analytics {\n     server 10.0.0.254\n }\n domain googleapis.com {\n     server 10.0.0.254\n }\n domain googlesource.com {\n     server 10.0.0.254\n }\n domain googlevideo.com {\n     server 10.0.0.254\n }\n domain google.com {\n     server 10.0.0.254\n }\n domain google.com.hk {\n     server 10.0.0.254\n }\n domain google.co.jp {\n     server 10.0.0.254\n }\n domain gopkg.in {\n     server 10.0.0.254\n }\n domain greatfire.org {\n     server 10.0.0.254\n }\n domain gstatic.com {\n     server 10.0.0.254\n }\n domain g.doubleclick.net {\n     server 10.0.0.254\n }\n domain h.m.wikipedia.org {\n     server 10.0.0.254\n }\n domain h.wikipedia.org {\n     server 10.0.0.254\n }\n domain jenkins-ci.org {\n     server 10.0.0.254\n }\n domain jetbrains.com {\n     server 10.0.0.254\n }\n domain lcw.ff.avast.com {\n     server 10.0.0.254\n }\n domain lithium.com {\n     server 10.0.0.254\n }\n domain medium.com {\n     server 10.0.0.254\n }\n domain n.wikipedia.org {\n     server 10.0.0.254\n }\n domain opendaylight.org {\n     server 10.0.0.254\n }\n domain openvpn.net {\n     server 10.0.0.254\n }\n domain pge.com {\n     server 10.0.0.254\n }\n domain pinimg.com {\n     server 10.0.0.254\n }\n domain pinterest.com {\n     server 10.0.0.254\n }\n domain quoracdn.net {\n     server 10.0.0.254\n }\n domain quora.com {\n     server 10.0.0.254\n }\n domain reddit.com {\n     server 10.0.0.254\n }\n domain steamcommunity.com {\n     server 10.0.0.254\n }\n domain storify.com {\n     server 10.0.0.254\n }\n+domain test.lan {\n+    server 8.8.8.8\n+}\n domain thefacebook.com {\n     server 10.0.0.254\n }\n domain twimg.com {\n     server 10.0.0.254\n }\n domain twitter.com {\n     server 10.0.0.254\n }\n domain w3schools.com {\n     server 10.0.0.254\n }\n domain w.org {\n     server 10.0.0.254\n }\n domain x.lan {\n     server 10.30.0.1\n }\n domain ycombinator.com {\n     server 10.0.0.254\n }\n domain youtube.com {\n     server 10.0.0.254\n }\n listen-address 10.33.0.1\n listen-address 10.0.0.2\n system\n'

level is not consistent with config content

with git bisect, problem starts from commit d9ee0b95d1020b6d5412dd011ebb1ef7f6ef3fc7, which modified vyos-1x/python/vyos/config.py

session_config_text = self._run([self._cli_shell_api, '--show-working-only', '--show-show-defaults', 'showConfig']) retrieves config from current leaf, not from root leaf, which caused a series of problems

This looks like the same issue as described in T1846, can anyone confirm this?

c-po removed c-po as the assignee of this task.Dec 8 2019, 5:44 PM

pasik added a subscriber: pasik.Dec 8 2019, 6:59 PM

Yes it's exactly the same reason

qiuchengxuan mentioned this in T1861: hosts lost after modified static-host-mapping.Dec 9 2019, 9:10 AM

jestabro added a parent task: T1846: Make session_config not depend on the current edit level.Dec 9 2019, 7:40 PM

Resolved since parent task closed

daemon config lost after commit changesClosed, ResolvedPublicActions

Description

Details

Related ObjectsSearch...

Event Timeline

daemon config lost after commit changes
Closed, ResolvedPublic
Actions

Related Objects
Search...