Page MenuHomeVyOS Platform
Create Task
Maniphest T5986

Container: Error on commit when environment variable value contains \n line break
Closed, ResolvedPublicBUG
Actions

Description

I stumbled over the problem when I tried to implement the following article via VyOS:
https://medium.com/@eremeykin/how-to-setup-single-primary-postgresql-replication-with-docker-compose-98c48f233bbf

My container has the folllowing commited config:

set container name test-postgres-master allow-host-networks
set container name test-postgres-master command 'postgres -c wal_level=replica -c hot_standby=on -c max_wal_senders=10 -c max_replication_slots=10 -c hot_standby_feedback=on'
set container name test-postgres-master environment POSTGRES_PASSWORD value 'password'
set container name test-postgres-master image 'postgres:14-alpine'
set container name test-postgres-master restart 'always'

so far commit works.

When I now add the following the commit fails:

set container name test-postgres-master environment POSTGRES_HOST_AUTH_METHOD value 'scram-sha-256\nhost replication all 0.0.0.0/0 md5'

Error shown:

VyOS had an issue completing a command.

We are sorry that you encountered a problem while using VyOS.
There are a few things you can do to help us (and yourself):
- Contact us using the online help desk if you have a subscription:
  https://support.vyos.io/
- Make sure you are running the latest version of VyOS available at:
  https://vyos.net/get/
- Consult the community forum to see how to handle this issue:
  https://forum.vyos.io
- Join us on Slack where our users exchange help and advice:
  https://vyos.slack.com

When reporting problems, please include as much information as possible:
- do not obfuscate any data (feel free to contact us privately if your
  business policy requires it)
- and include all the information presented below

Report time:      2024-01-25 17:09:25
Image version:    VyOS 1.4.0-rc1
Release train:    sagitta

Built by:         Sentrium S.L.
Built on:         Thu 21 Dec 2023 19:06 UTC
Build UUID:       2463607a-ddc5-4942-8685-00d078350c68
Build commit ID:  81ec3de04eb291

Architecture:     x86_64
Boot via:         installed image
System type:      VMware guest

Hardware vendor:  VMware, Inc.
Hardware model:   VMware Virtual Platform
Hardware S/N:     VMware-42 04 c0 c4 d5 1c 19 5c-b5 97 2e 61 76 37 b8 1d
Hardware UUID:    c4c00442-1cd5-5c19-b597-2e617637b81d

Traceback (most recent call last):
  File "/usr/libexec/vyos/conf_mode/container.py", line 487, in <module>
    apply(c)
  File "/usr/libexec/vyos/conf_mode/container.py", line 460, in apply
    cmd(f'systemctl restart vyos-container-{name}.service')
  File "/usr/lib/python3/dist-packages/vyos/utils/process.py", line 155, in cmd
    raise OSError(code, feedback)
PermissionError: [Errno 1] failed to run command: systemctl restart vyos-container-test-postgres-master.service
returned:
exit code: 1

noteworthy:
cmd 'systemctl restart vyos-container-test-postgres-master.service'
returned (out):

returned (err):
Failed to restart vyos-container-test-postgres-master.service: Unit vyos-container-test-postgres-master.service has a bad unit file setting.
See system logs and 'systemctl status vyos-container-test-postgres-master.service' for details.

[[container]] failed
Commit failed

When I remove the \n it works. However my example requires it.
How could this be solved?

Regards
Markus

Details

Version
1.4, 1.5
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Bug (incorrect behavior)

Related Objects

Event Timeline

adestis created this task.Jan 25 2024, 5:16 PM
Viacheslav triaged this task as Low priority.Jan 25 2024, 8:38 PM
pasik subscribed.Jan 26 2024, 8:59 AM
Viacheslav added a project: VyOS 1.5 Circinus.Apr 12 2024, 2:20 PM
Viacheslav removed a project: VyOS 1.5 Circinus.Apr 14 2024, 11:00 AM
Viacheslav subscribed.

Try the latest version

vyos@r4# set container name test-postgres-master environment POSTGRES_HOST_AUTH_METHOD value 'scram-sha-256\nhost replication all 0.0.0.0/0 md5'
[edit]
vyos@r4# commit
[edit]
vyos@r4# run show container 
CONTAINER ID  IMAGE                                 COMMAND               CREATED         STATUS         PORTS       NAMES
75a7fb610b57  localhost/gobgp-new:1                                       3 weeks ago     Created                    new
fdb74e9700e5  docker.io/library/alpine:3.19         /bin/sh               47 minutes ago  Up 47 minutes              c1
c05806fdb92c  docker.io/library/busybox:latest      sh                    39 minutes ago  Up 39 minutes              c2
1b5fc3d4a07b  docker.io/library/postgres:14-alpine  postgres -c wal_l...  24 seconds ago  Up 25 seconds              test-postgres-master
[edit]
vyos@r4# run show ver
Version:          VyOS 1.5-rolling-202404140022
Release train:    current

Still bug for VyOS 1.4-stable-202404120309

Traceback (most recent call last):
  File "/usr/libexec/vyos/conf_mode/container.py", line 486, in <module>
    apply(c)
  File "/usr/libexec/vyos/conf_mode/container.py", line 459, in apply
    cmd(f'systemctl restart vyos-container-{name}.service')
  File "/usr/lib/python3/dist-packages/vyos/utils/process.py", line 155, in cmd
    raise OSError(code, feedback)
PermissionError: [Errno 1] failed to run command: systemctl restart vyos-container-test-postgres-master.service
returned: 
exit code: 1

noteworthy:
cmd 'systemctl restart vyos-container-test-postgres-master.service'
returned (out):

returned (err):
Failed to restart vyos-container-test-postgres-master.service: Unit vyos-container-test-postgres-master.service has a bad unit file setting.
See system logs and 'systemctl status vyos-container-test-postgres-master.service' for details.

[[container]] failed
Commit failed
Viacheslav added a comment.EditedApr 14 2024, 11:10 AM

Diff
check --env "POSTGRES_HOST_AUTH_METHOD=. options
1.5

vyos@r4# cat /run/systemd/system/vyos-container-test-postgres-master.service | grep ExecStart -A2
ExecStartPre=/bin/rm -f %t/%n.pid %t/%n.cid
ExecStart=/usr/bin/podman run \
        --conmon-pidfile %t/%n.pid --cidfile %t/%n.cid --cgroups=no-conmon \
        --detach --interactive --tty --replace  --memory 512m --shm-size 64m --memory-swap 0 --restart always --name test-postgres-master      --env "POSTGRES_HOST_AUTH_METHOD=scram-sha-256\nhost replication all 0.0.0.0/0 md5" --env "POSTGRES_PASSWORD=password"   --net host  postgres:14-alpine postgres -c wal_level=replica -c hot_standby=on -c max_wal_senders=10 -c max_replication_slots=10 -c hot_standby_feedback=on

1.4

vyos@r15# cat /run/systemd/system/vyos-container-test-postgres-master.service | grep ExecStart -A3
ExecStartPre=/bin/rm -f %t/%n.pid %t/%n.cid
ExecStart=/usr/bin/podman run \
        --conmon-pidfile %t/%n.pid --cidfile %t/%n.cid --cgroups=no-conmon \
        --detach --interactive --tty --replace  --memory 512m --shm-size 64m --memory-swap 0 --restart always --name test-postgres-master      --env "POSTGRES_HOST_AUTH_METHOD=scram-sha-256
host replication all 0.0.0.0/0 md5" --env "POSTGRES_PASSWORD=password"   --net host  postgres:14-alpine postgres -c wal_level=replica -c hot_standby=on -c max_wal_senders=10 -c max_replication_slots=10 -c hot_standby_feedback=on

Log:

Apr 14 14:06:03 r15 systemd[1]: /run/systemd/system/vyos-container-test-postgres-master.service:11: Unbalanced quoting, ignoring: "/usr/bin/podman run          --conmon-pidfile %t/%n.pid --cidfile %t/%n.cid --cgroups=no-conmon          --detach --interactive --tty --replace  --memory 512m --shm-size 64m --memory-swap 0 --restart always --name test-postgres-master      --env "POSTGRES_HOST_AUTH_METHOD=scram-sha-256"
Apr 14 14:06:03 r15 systemd[1]: vyos-container-test-postgres-master.service: Unit configuration has fatal error, unit will not be started.
Apr 14 14:06:03 r15 vyos-configd[754]: [Errno 1] failed to run command: systemctl restart vyos-container-test-postgres-master.service
Viacheslav added a comment.EditedApr 14 2024, 11:29 AM

The dictionaries process the \n different way
environment.POSTGRES_HOST_AUTH_METHOD.value.
1.5

vyos@r4# commit
[ container ]
{'container_remove': ['c1', 'c2'],
 'name': {'test-postgres-master': {'allow_host_networks': {},
                                   'command': 'postgres -c wal_level=replica '
                                              '-c hot_standby=on -c '
                                              'max_wal_senders=10 -c '
                                              'max_replication_slots=10 -c '
                                              'hot_standby_feedback=on',
                                   'environment': {'POSTGRES_HOST_AUTH_METHOD': {'value': 'scram-sha-256\\nhost '
                                                                                          'replication '
                                                                                          'all '
                                                                                          '0.0.0.0/0 '
                                                                                          'md5'},
                                                   'POSTGRES_PASSWORD': {'value': 'password'}},
                                   'image': 'postgres:14-alpine',
                                   'memory': '512',
                                   'restart': 'always',
                                   'shared_memory': '64'}},
 'network': {'NET01': {'prefix': ['10.0.0.0/24']}},
 'registry': {'docker.io': {}, 'quay.io': {}}}

1.4:

vyos@r15# commit
[ container ]
{'container_restart': ['test-postgres-master'],
 'name': {'test-postgres-master': {'allow_host_networks': {},
                                   'command': 'postgres -c wal_level=replica '
                                              '-c hot_standby=on -c '
                                              'max_wal_senders=10 -c '
                                              'max_replication_slots=10 -c '
                                              'hot_standby_feedback=on',
                                   'environment': {'POSTGRES_HOST_AUTH_METHOD': {'value': 'scram-sha-256\n'
                                                                                          'host '
                                                                                          'replication '
                                                                                          'all '
                                                                                          '0.0.0.0/0 '
                                                                                          'md5'},
                                                   'POSTGRES_PASSWORD': {'value': 'password'}},
                                   'image': 'postgres:14-alpine',
                                   'memory': '512',
                                   'restart': 'always',
                                   'shared_memory': '64'}},
 'registry': {'docker.io': {}, 'quay.io': {}}}

I guess the possible fix is here https://vyos.dev/T5996

dmbaturin edited projects, added VyOS 1.4 Sagitta (1.4.0-epa3); removed VyOS 1.4 Sagitta.Apr 18 2024, 2:10 PM
jestabro claimed this task.Apr 18 2024, 5:33 PM
jestabro subscribed.

This will be resolved after backport of T5996.

jestabro closed this task as Resolved.Apr 22 2024, 2:49 PM
jestabro moved this task from Need Triage to Finished on the VyOS 1.4 Sagitta (1.4.0-epa3) board.