Solved Cant start iocage jail with IPv6 disabled kernel

kr0m

kr0m

I am trying to compile a minimal kernel for my old server, I don't use IPv6 so I decided to remove from kernel image, all seems to work correctly except iocage.
I have confirmed that INET6 is not present in my custom kernel:
Code: 
sysctl kern.conftxt|grep INET
options    INET
And I have configured in /etc/rc.conf the following parameters just in case:
Code: 
# Disable IPv6:
ipv6_network_interfaces="none"      # Default is auto
ipv6_activate_all_interfaces="NO"   # this is the default
ip6addrctl_enable="NO"              # New way to disable IPv6 support
ip6addrctl_policy="ipv4_prefer"     # Use IPv4 instead of IPv6
ipv6_activate_all_interfaces="NO"   # Do not automatically add IPv6 addresses
I have disabled the following IPv6 related IOcage parameters:
Code: 
iocage set ip6=disable DrWho
iocage set ip6_addr=none DrWho
iocage set ip6_saddrsel=0 DrWho
But when I start the jail I get the following error:
Code: 
  File "/usr/local/lib/python3.9/site-packages/iocage_lib/ioc_common.py", line 1103, in get_host_gateways
    route_entries = list(filter(
IndexError: list index out of range
I have tried some python code modifications:
vi /usr/local/lib/python3.9/site-packages/iocage_lib/ioc_common.py
Python: 
def get_host_gateways():
    #gateways = {'ipv4': {'gateway': None, 'interface': None},
    #            'ipv6': {'gateway': None, 'interface': None}}
    gateways = {'ipv4': {'gateway': None, 'interface': None}}
    af_mapping = {
        'Internet': 'ipv4'
    }
    #af_mapping = {
    #    'Internet': 'ipv4',
    #    'Internet6': 'ipv6'
    #}
    output = checkoutput(['netstat', '-r', '-n', '--libxo', 'json'])
    route_families = (json.loads(output)
                      ['statistics']
                      ['route-information']
                      ['route-table']
                      ['rt-family'])
    for af in af_mapping.keys():
        route_entries = list(filter(
            lambda x: x['address-family'] == af, route_families)
        )[0]['rt-entry']
        default_route = list(filter(
            lambda x: x['destination'] == 'default', route_entries)
        )
        if default_route and 'gateway' in default_route[0]:
            gateways[af_mapping[af]]['gateway'] = \
                default_route[0]['gateway']
            gateways[af_mapping[af]]['interface'] = \
                default_route[0]['interface-name']
    return gateways
But it stills complains in another way:
Code: 
iocage start DrWho
* Starting DrWho
  + Start FAILED
jail: ioc-DrWho: unknown parameter: ip6.saddrsel
jail: ioc-DrWho: unknown parameter: ip6
I thought about compilation options but it doesn't seems to offer any IPv6 compilation option only git related:
Code: 
# pkg info py39-iocage
py39-iocage-1.2_10
Name           : py39-iocage
Version        : 1.2_10
Installed on   : Thu Aug 18 15:47:25 2022 CEST
Origin         : sysutils/iocage
Architecture   : FreeBSD:13:*
Prefix         : /usr/local
Categories     : sysutils python
Licenses       : BSD2CLAUSE
Maintainer     : grembo@FreeBSD.org
WWW            : https://github.com/iocage/iocage
Comment        : FreeBSD jail manager written in Python3
Options        :
    GIT            : on
    GIT_LITE       : off
Annotations    :
    flavor         : py39
    repo_type      : binary
    repository     : FreeBSD
Flat size      : 1.31MiB
Description    :
iocage is a jail/container manager amalgamating some of the best
features and technologies the FreeBSD operating system has
to offer. It is geared for ease of use with a simple and easy
to understand command syntax.

WWW: https://github.com/iocage/iocage
Is there any trick to disable IPv6 in IOcage virtualization system?
 
I made some hacky tricks to IOcage code and i finally started jails.

First i removed af_mapping Internet6: vi /usr/local/lib/python3.9/site-packages/iocage_lib/ioc_common.py
Python: 
    #af_mapping = {
    #    'Internet': 'ipv4',
    #    'Internet6': 'ipv6'
    #}
    af_mapping = {
        'Internet': 'ipv4'
    }

Secondly I remove ip6 and ip6.saddrsel start parameters:
vi /usr/local/lib/python3.9/site-packages/iocage_lib/ioc_start.py
Python: 
        start_parameters = [
            x for x in net
            + [x for x in parameters if '1' in x]
            + [
                f'name=ioc-{self.uuid}',
                _sysvmsg,
                _sysvsem,
                _sysvshm,
                _exec_created,
                f'host.domainname={host_domainname}',
                f'host.hostname={host_hostname}',
                f'path={self.path}/root',
                f'securelevel={securelevel}',
                f'host.hostuuid={self.uuid}',
                f'devfs_ruleset={devfs_ruleset}',
                f'enforce_statfs={enforce_statfs}',
                f'children.max={children_max}',
                f'exec.prestart={exec_prestart}',
                f'exec.clean={exec_clean}',
                f'exec.timeout={exec_timeout}',
                f'stop.timeout={stop_timeout}',
                f'mount.fstab={self.path}/fstab',
                'allow.dying',
                f'exec.consolelog={self.iocroot}/log/ioc-'
                f'{self.uuid}-console.log',
                f'ip_hostname={ip_hostname}' if ip_hostname else '',
                'persist'
            ] if (x != '')]
        start_parameters.remove('ip6.saddrsel=1')
        start_parameters.remove('ip6=new')

In my tests it seems to work all correctly.
 
You must log in or register to reply here.
Back
Top