Page MenuHomePhabricator

daemon config lost after commit changes
Closed, ResolvedPublic

Description

Including [service dns forwarding] and [service dhcp server], once I added something and commit, /etc/powerdns/recursor.conf disappeared, I needs to manually run python3 /usr/libexec/vyos/conf_mode/dns_forwarding.py to restore. DHCP server also encounters similar problem.

Details

Difficulty level
Unknown (require assessment)
Version
1.2-rolling-201912080217
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Perfectly compatible

Event Timeline

qiuchengxuan created this object in space S1 VyOS Public.
qiuchengxuan updated the task description. (Show Details)
qiuchengxuan updated the task description. (Show Details)
qiuchengxuan updated the task description. (Show Details)Dec 8 2019, 7:19 AM
qiuchengxuan changed Version from - to 1.2.3 rolling.
c-po added a subscriber: c-po.Dec 8 2019, 8:29 AM

Please share commands to reproduce this. We do kot hve a 1.2.3 rolling version.

qiuchengxuan added a comment.EditedDec 8 2019, 9:45 AM
vyos@vyos:~$ show version
Version:          VyOS 1.2-rolling-201912080217
Built by:         autobuild@vyos.net
Built on:         Sun 08 Dec 2019 02:17 UTC
Build UUID:       b998c0a6-ccf9-47ca-a8f8-7cc561bc5528
Build Commit ID:  7b47b452ce86a9

Architecture:     x86_64
Boot via:         installed image
System type:      KVM guest

Hardware vendor:  QEMU
Hardware model:   Standard PC (i440FX + PIIX, 1996)
Hardware S/N:     
Hardware UUID:    e7e68a04-4a3f-44a0-bae5-3fdcfa0af007

Copyright:        VyOS maintainers and contributors

commands are quite simple, I simply add

set service dns forwarding domain test.lan server 127.0.0.1
commit

then recursor.conf disappered in /etc/powerdns/

running config

[edit]
vyos@vyos# show service dns forwarding 
 allow-from 0.0.0.0/0
 allow-from ::/0
 cache-size 150
 listen-address 10.0.0.1
 listen-address 10.0.0.254
 system
c-po claimed this task.EditedDec 8 2019, 10:46 AM
c-po changed Version from 1.2.3 rolling to 1.2-rolling-201912080217.

I can not reproduce this issue. I just upgraded to the specified version.

set service dns forwarding allow-from '0.0.0.0/0'
set service dns forwarding allow-from '::/0'
set service dns forwarding cache-size '150'
set service dns forwarding domain test.lan server '127.0.0.1'
set service dns forwarding listen-address '172.18.254.201'
set service dns forwarding listen-address '127.0.0.1'
set service dns forwarding system
vyos@vyos# cat /etc/powerdns/recursor.conf
### Autogenerated by dns_forwarding.py ###

# Non-configurable defaults
daemon=yes
threads=1
allow-from=0.0.0.0/0,::/0
log-common-errors=yes
non-local-bind=yes
query-local-address=0.0.0.0
query-local-address6=::

# cache-size
max-cache-entries=150

# negative TTL for NXDOMAIN
max-negative-ttl=3600

# ignore-hosts-file
export-etc-hosts=yes

# listen-on
local-address=172.18.254.201,127.0.0.1

# dnssec
dnssec=process-no-validate

# forward-zones / recursion
#
# statement is only inserted if either one forwarding domain or nameserver is configured
# if nothing is given at all, powerdns will act as a real recursor and resolve all requests by its own
#
forward-zones-recurse=test.lan=127.0.0.1, .=172.16.254.30
qiuchengxuan added a comment.EditedDec 8 2019, 1:20 PM

This is probably not problem from dns_forwarding.py, not only dns forwarding but also dhcp server encounters same problem.

I found the difference of your steps from mine, your should enter service dns forwarding sub-level, Use following procedures:

  1. config running config mentioned above first
  2. commit and save
  3. edit service dns forwarding
  4. append additional domain config and commit
c-po added a comment.Dec 8 2019, 1:27 PM

Please provide real commands, else we can not reproduce the issue. Can you try it on a second installation?

vyos@beijing:~$ config
[edit]
vyos@beijing# set service dns forwarding domain test.lan server 8.8.8.8
[edit]
vyos@beijing# commit
[edit]
vyos@beijing# exit
Warning: configuration changes have not been saved.
exit
vyos@beijing:~$ file /etc/powerdns/recursor.conf
/etc/powerdns/recursor.conf: ASCII text, with very long lines
vyos@beijing:~$ config
e[edit]
vyos@beijing# edit service dns forwarding
[edit service dns forwarding]
vyos@beijing# delet domain test.lan
[edit service dns forwarding]
vyos@beijing# commit
[ service dns forwarding ]
not exists

[edit service dns forwarding]
vyos@beijing# exit
[edit]
vyos@beijing# exit
Warning: configuration changes have not been saved.
exit
vyos@beijing:~$ file /etc/powerdns/recursor.conf
/etc/powerdns/recursor.conf: cannot open `/etc/powerdns/recursor.conf' (No such file or directory)
vyos@beijing:~$
qiuchengxuan added a comment.EditedDec 8 2019, 2:10 PM
[edit service dns forwarding]
vyos@beijing# set domain test.lan server 8.8.8.8
[edit service dns forwarding]
vyos@beijing# commit
[ service dns forwarding ]
> /usr/libexec/vyos/conf_mode/dns_forwarding.py(110)get_config()
-> return None
(Pdb) dir(conf)
['_Config__session_env', '__class__', '__delattr__', '__dict__', '__dir__', '__doc__', '__eq__', '__format__', '__ge__', '__getattribute__', '__gt__', '__hash__', '__init__', '__le__', '__lt__', '__module__', '__ne__', '__new__', '__reduce__', '__reduce_ex__', '__repr__', '__setattr__', '__sizeof__', '__str__', '__subclasshook__', '__weakref__', '_cli_shell_api', '_level', '_make_command', '_make_path', '_run', '_running_config', '_session_config', 'exists', 'exists_effective', 'get_config_dict', 'get_level', 'in_session', 'is_leaf', 'is_multi', 'is_tag', 'list_effective_nodes', 'list_nodes', 'return_effective_value', 'return_effective_values', 'return_value', 'return_values', 'session_changed', 'set_level', 'show_config']
(Pdb) conf.get_level()
[]
(Pdb) conf.show_config()
' allow-from 10.33.0.0/16\n allow-from 10.0.0.0/24\n domain 1e100.net {\n     server 10.0.0.254\n }\n domain amazonaws.com {\n     server 10.0.0.254\n }\n domain amazon.com {\n     server 10.0.0.254\n }\n domain blogspot.com {\n     server 10.0.0.254\n }\n domain blogspot.it {\n     server 10.0.0.254\n }\n domain box.com {\n     server 10.0.0.254\n }\n domain cloudfront.com {\n     server 10.0.0.254\n }\n domain coggle.it {\n     server 10.0.0.254\n }\n domain c.android.clients.google.com {\n     server 10.0.0.254\n }\n domain dn.rawgit.com {\n     server 10.0.0.254\n }\n domain docker.com {\n     server 10.0.0.254\n }\n domain dropbox.com {\n     server 10.0.0.254\n }\n domain duckduckgo.com {\n     server 10.0.0.254\n }\n domain facebook.com {\n     server 10.0.0.254\n }\n domain facebook.net {\n     server 10.0.0.254\n }\n domain ggpht.com {\n     server 10.0.0.254\n }\n domain gist.github.com {\n     server 10.0.0.254\n }\n domain git-scm.com {\n     server 10.0.0.254\n }\n domain github.com {\n     server 10.0.0.254\n }\n domain github.io {\n     server 10.0.0.254\n }\n domain gmail.com {\n     server 10.0.0.254\n }\n domain golang.org {\n     server 10.0.0.254\n }\n domain google-analytics {\n     server 10.0.0.254\n }\n domain googleapis.com {\n     server 10.0.0.254\n }\n domain googlesource.com {\n     server 10.0.0.254\n }\n domain googlevideo.com {\n     server 10.0.0.254\n }\n domain google.com {\n     server 10.0.0.254\n }\n domain google.com.hk {\n     server 10.0.0.254\n }\n domain google.co.jp {\n     server 10.0.0.254\n }\n domain gopkg.in {\n     server 10.0.0.254\n }\n domain greatfire.org {\n     server 10.0.0.254\n }\n domain gstatic.com {\n     server 10.0.0.254\n }\n domain g.doubleclick.net {\n     server 10.0.0.254\n }\n domain h.m.wikipedia.org {\n     server 10.0.0.254\n }\n domain h.wikipedia.org {\n     server 10.0.0.254\n }\n domain jenkins-ci.org {\n     server 10.0.0.254\n }\n domain jetbrains.com {\n     server 10.0.0.254\n }\n domain lcw.ff.avast.com {\n     server 10.0.0.254\n }\n domain lithium.com {\n     server 10.0.0.254\n }\n domain medium.com {\n     server 10.0.0.254\n }\n domain n.wikipedia.org {\n     server 10.0.0.254\n }\n domain opendaylight.org {\n     server 10.0.0.254\n }\n domain openvpn.net {\n     server 10.0.0.254\n }\n domain pge.com {\n     server 10.0.0.254\n }\n domain pinimg.com {\n     server 10.0.0.254\n }\n domain pinterest.com {\n     server 10.0.0.254\n }\n domain quoracdn.net {\n     server 10.0.0.254\n }\n domain quora.com {\n     server 10.0.0.254\n }\n domain reddit.com {\n     server 10.0.0.254\n }\n domain steamcommunity.com {\n     server 10.0.0.254\n }\n domain storify.com {\n     server 10.0.0.254\n }\n+domain test.lan {\n+    server 8.8.8.8\n+}\n domain thefacebook.com {\n     server 10.0.0.254\n }\n domain twimg.com {\n     server 10.0.0.254\n }\n domain twitter.com {\n     server 10.0.0.254\n }\n domain w3schools.com {\n     server 10.0.0.254\n }\n domain w.org {\n     server 10.0.0.254\n }\n domain x.lan {\n     server 10.30.0.1\n }\n domain ycombinator.com {\n     server 10.0.0.254\n }\n domain youtube.com {\n     server 10.0.0.254\n }\n listen-address 10.33.0.1\n listen-address 10.0.0.2\n system\n'

level is not consistent with config content

qiuchengxuan added a comment.EditedDec 8 2019, 3:06 PM

with git bisect, problem starts from commit d9ee0b95d1020b6d5412dd011ebb1ef7f6ef3fc7, which modified vyos-1x/python/vyos/config.py

session_config_text = self._run([self._cli_shell_api, '--show-working-only', '--show-show-defaults', 'showConfig']) retrieves config from current leaf, not from root leaf, which caused a series of problems

runar added a subscriber: runar.Dec 8 2019, 4:40 PM

This looks like the same issue as described in T1846, can anyone confirm this?

c-po removed c-po as the assignee of this task.Dec 8 2019, 5:44 PM
pasik added a subscriber: pasik.Dec 8 2019, 6:59 PM

Yes it's exactly the same reason

qiuchengxuan closed this task as Resolved.EditedDec 13 2019, 9:03 AM
qiuchengxuan triaged this task as Normal priority.

Resolved since parent task closed