Page MenuHomeVyOS Platform
Create Task
Maniphest T5986

Container: Error on commit when environment variable value contains \n line break
Closed, ResolvedPublicBUG
Actions

Description

I stumbled over the problem when I tried to implement the following article via VyOS:
https://medium.com/@eremeykin/how-to-setup-single-primary-postgresql-replication-with-docker-compose-98c48f233bbf

My container has the folllowing commited config:

set container name test-postgres-master allow-host-networks
set container name test-postgres-master command 'postgres -c wal_level=replica -c hot_standby=on -c max_wal_senders=10 -c max_replication_slots=10 -c hot_standby_feedback=on'
set container name test-postgres-master environment POSTGRES_PASSWORD value 'password'
set container name test-postgres-master image 'postgres:14-alpine'
set container name test-postgres-master restart 'always'

so far commit works.

When I now add the following the commit fails:

set container name test-postgres-master environment POSTGRES_HOST_AUTH_METHOD value 'scram-sha-256\nhost replication all 0.0.0.0/0 md5'

Error shown:

VyOS had an issue completing a command.

We are sorry that you encountered a problem while using VyOS.
There are a few things you can do to help us (and yourself):
- Contact us using the online help desk if you have a subscription:
  https://support.vyos.io/
- Make sure you are running the latest version of VyOS available at:
  https://vyos.net/get/
- Consult the community forum to see how to handle this issue:
  https://forum.vyos.io
- Join us on Slack where our users exchange help and advice:
  https://vyos.slack.com

When reporting problems, please include as much information as possible:
- do not obfuscate any data (feel free to contact us privately if your
  business policy requires it)
- and include all the information presented below

Report time:      2024-01-25 17:09:25
Image version:    VyOS 1.4.0-rc1
Release train:    sagitta

Built by:         Sentrium S.L.
Built on:         Thu 21 Dec 2023 19:06 UTC
Build UUID:       2463607a-ddc5-4942-8685-00d078350c68
Build commit ID:  81ec3de04eb291

Architecture:     x86_64
Boot via:         installed image
System type:      VMware guest

Hardware vendor:  VMware, Inc.
Hardware model:   VMware Virtual Platform
Hardware S/N:     VMware-42 04 c0 c4 d5 1c 19 5c-b5 97 2e 61 76 37 b8 1d
Hardware UUID:    c4c00442-1cd5-5c19-b597-2e617637b81d

Traceback (most recent call last):
  File "/usr/libexec/vyos/conf_mode/container.py", line 487, in <module>
    apply(c)
  File "/usr/libexec/vyos/conf_mode/container.py", line 460, in apply
    cmd(f'systemctl restart vyos-container-{name}.service')
  File "/usr/lib/python3/dist-packages/vyos/utils/process.py", line 155, in cmd
    raise OSError(code, feedback)
PermissionError: [Errno 1] failed to run command: systemctl restart vyos-container-test-postgres-master.service
returned:
exit code: 1

noteworthy:
cmd 'systemctl restart vyos-container-test-postgres-master.service'
returned (out):

returned (err):
Failed to restart vyos-container-test-postgres-master.service: Unit vyos-container-test-postgres-master.service has a bad unit file setting.
See system logs and 'systemctl status vyos-container-test-postgres-master.service' for details.

[[container]] failed
Commit failed

When I remove the \n it works. However my example requires it.
How could this be solved?

Regards
Markus

Details

Difficulty level
Unknown (require assessment)
Version
1.4, 1.5
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Bug (incorrect behavior)

Related Objects

Event Timeline

adestis created this task.Jan 25 2024, 5:16 PM
Viacheslav triaged this task as Low priority.Jan 25 2024, 8:38 PM
pasik added a subscriber: pasik.Jan 26 2024, 8:59 AM
Viacheslav added a project: VyOS 1.5 Circinus.Fri, Apr 12, 2:20 PM
Viacheslav removed a project: VyOS 1.5 Circinus.Sun, Apr 14, 11:00 AM
Viacheslav added a subscriber: Viacheslav.

Try the latest version

vyos@r4# set container name test-postgres-master environment POSTGRES_HOST_AUTH_METHOD value 'scram-sha-256\nhost replication all 0.0.0.0/0 md5'
[edit]
vyos@r4# commit
[edit]
vyos@r4# run show container 
CONTAINER ID  IMAGE                                 COMMAND               CREATED         STATUS         PORTS       NAMES
75a7fb610b57  localhost/gobgp-new:1                                       3 weeks ago     Created                    new
fdb74e9700e5  docker.io/library/alpine:3.19         /bin/sh               47 minutes ago  Up 47 minutes              c1
c05806fdb92c  docker.io/library/busybox:latest      sh                    39 minutes ago  Up 39 minutes              c2
1b5fc3d4a07b  docker.io/library/postgres:14-alpine  postgres -c wal_l...  24 seconds ago  Up 25 seconds              test-postgres-master
[edit]
vyos@r4# run show ver
Version:          VyOS 1.5-rolling-202404140022
Release train:    current

Still bug for VyOS 1.4-stable-202404120309

Traceback (most recent call last):
  File "/usr/libexec/vyos/conf_mode/container.py", line 486, in <module>
    apply(c)
  File "/usr/libexec/vyos/conf_mode/container.py", line 459, in apply
    cmd(f'systemctl restart vyos-container-{name}.service')
  File "/usr/lib/python3/dist-packages/vyos/utils/process.py", line 155, in cmd
    raise OSError(code, feedback)
PermissionError: [Errno 1] failed to run command: systemctl restart vyos-container-test-postgres-master.service
returned: 
exit code: 1

noteworthy:
cmd 'systemctl restart vyos-container-test-postgres-master.service'
returned (out):

returned (err):
Failed to restart vyos-container-test-postgres-master.service: Unit vyos-container-test-postgres-master.service has a bad unit file setting.
See system logs and 'systemctl status vyos-container-test-postgres-master.service' for details.

[[container]] failed
Commit failed
Viacheslav added a comment.EditedSun, Apr 14, 11:10 AM

Diff
check --env "POSTGRES_HOST_AUTH_METHOD=. options
1.5

vyos@r4# cat /run/systemd/system/vyos-container-test-postgres-master.service | grep ExecStart -A2
ExecStartPre=/bin/rm -f %t/%n.pid %t/%n.cid
ExecStart=/usr/bin/podman run \
        --conmon-pidfile %t/%n.pid --cidfile %t/%n.cid --cgroups=no-conmon \
        --detach --interactive --tty --replace  --memory 512m --shm-size 64m --memory-swap 0 --restart always --name test-postgres-master      --env "POSTGRES_HOST_AUTH_METHOD=scram-sha-256\nhost replication all 0.0.0.0/0 md5" --env "POSTGRES_PASSWORD=password"   --net host  postgres:14-alpine postgres -c wal_level=replica -c hot_standby=on -c max_wal_senders=10 -c max_replication_slots=10 -c hot_standby_feedback=on

1.4

vyos@r15# cat /run/systemd/system/vyos-container-test-postgres-master.service | grep ExecStart -A3
ExecStartPre=/bin/rm -f %t/%n.pid %t/%n.cid
ExecStart=/usr/bin/podman run \
        --conmon-pidfile %t/%n.pid --cidfile %t/%n.cid --cgroups=no-conmon \
        --detach --interactive --tty --replace  --memory 512m --shm-size 64m --memory-swap 0 --restart always --name test-postgres-master      --env "POSTGRES_HOST_AUTH_METHOD=scram-sha-256
host replication all 0.0.0.0/0 md5" --env "POSTGRES_PASSWORD=password"   --net host  postgres:14-alpine postgres -c wal_level=replica -c hot_standby=on -c max_wal_senders=10 -c max_replication_slots=10 -c hot_standby_feedback=on

Log:

Apr 14 14:06:03 r15 systemd[1]: /run/systemd/system/vyos-container-test-postgres-master.service:11: Unbalanced quoting, ignoring: "/usr/bin/podman run          --conmon-pidfile %t/%n.pid --cidfile %t/%n.cid --cgroups=no-conmon          --detach --interactive --tty --replace  --memory 512m --shm-size 64m --memory-swap 0 --restart always --name test-postgres-master      --env "POSTGRES_HOST_AUTH_METHOD=scram-sha-256"
Apr 14 14:06:03 r15 systemd[1]: vyos-container-test-postgres-master.service: Unit configuration has fatal error, unit will not be started.
Apr 14 14:06:03 r15 vyos-configd[754]: [Errno 1] failed to run command: systemctl restart vyos-container-test-postgres-master.service
Viacheslav added a comment.EditedSun, Apr 14, 11:29 AM

The dictionaries process the \n different way
environment.POSTGRES_HOST_AUTH_METHOD.value.
1.5

vyos@r4# commit
[ container ]
{'container_remove': ['c1', 'c2'],
 'name': {'test-postgres-master': {'allow_host_networks': {},
                                   'command': 'postgres -c wal_level=replica '
                                              '-c hot_standby=on -c '
                                              'max_wal_senders=10 -c '
                                              'max_replication_slots=10 -c '
                                              'hot_standby_feedback=on',
                                   'environment': {'POSTGRES_HOST_AUTH_METHOD': {'value': 'scram-sha-256\\nhost '
                                                                                          'replication '
                                                                                          'all '
                                                                                          '0.0.0.0/0 '
                                                                                          'md5'},
                                                   'POSTGRES_PASSWORD': {'value': 'password'}},
                                   'image': 'postgres:14-alpine',
                                   'memory': '512',
                                   'restart': 'always',
                                   'shared_memory': '64'}},
 'network': {'NET01': {'prefix': ['10.0.0.0/24']}},
 'registry': {'docker.io': {}, 'quay.io': {}}}

1.4:

vyos@r15# commit
[ container ]
{'container_restart': ['test-postgres-master'],
 'name': {'test-postgres-master': {'allow_host_networks': {},
                                   'command': 'postgres -c wal_level=replica '
                                              '-c hot_standby=on -c '
                                              'max_wal_senders=10 -c '
                                              'max_replication_slots=10 -c '
                                              'hot_standby_feedback=on',
                                   'environment': {'POSTGRES_HOST_AUTH_METHOD': {'value': 'scram-sha-256\n'
                                                                                          'host '
                                                                                          'replication '
                                                                                          'all '
                                                                                          '0.0.0.0/0 '
                                                                                          'md5'},
                                                   'POSTGRES_PASSWORD': {'value': 'password'}},
                                   'image': 'postgres:14-alpine',
                                   'memory': '512',
                                   'restart': 'always',
                                   'shared_memory': '64'}},
 'registry': {'docker.io': {}, 'quay.io': {}}}

I guess the possible fix is here https://vyos.dev/T5996

dmbaturin edited projects, added VyOS 1.4 Sagitta (1.4.0-epa3); removed VyOS 1.4 Sagitta.Thu, Apr 18, 2:10 PM
jestabro claimed this task.Thu, Apr 18, 5:33 PM
jestabro added a subscriber: jestabro.

This will be resolved after backport of T5996.

jestabro closed this task as Resolved.Mon, Apr 22, 2:49 PM
jestabro moved this task from Need Triage to Finished on the VyOS 1.4 Sagitta (1.4.0-epa3) board.