Page MenuHomeVyOS Platform
Create Task
Maniphest T7532

Container sysctl parameters with values containing spaces cause errors
Closed, ResolvedPublicBUG
Actions

Description

Currently, if you try and set a sysctl kernel parameter on a container that contains a space, eg net.ipv4.ping_group_range="0 2147483647". A commit will cause an error due to the value not being quoted within the systemd unit file

PermissionError: [Errno 1] failed to run command:  systemctl restart vyos-container-anycast-dns-dn42.service
returned: 
exit code: 1

noteworthy:
cmd 'systemctl restart vyos-container-anycast-dns-dn42.service'
returned (out):

returned (err):
Job for vyos-container-anycast-dns-dn42.service failed because the control process exited with error code.
See "systemctl status vyos-container-anycast-dns-dn42.service" and "journalctl -xeu vyos-container-anycast-dns-dn42.service" for details.

[[container]] failed
Commit failed

Looking at the systemd unit file, we see the sysctl value is not quoted, therefore causing the ExecStart command to fail

ExecStart=/usr/bin/podman run \
        --conmon-pidfile %t/%n.pid --cidfile %t/%n.cid --cgroups=no-conmon \
        --detach --interactive --tty --replace  --cap-add=NET_ADMIN --cpus 0  --sysctl net.ipv4.ping_group_range=0 2147483647

Details

Version
2025.06.06-0019-rolling
Is it a breaking change?
Perfectly compatible
Issue type
Bug (incorrect behavior)

Related Objects

Event Timeline

yzguy created this task.Jun 8 2025, 3:41 AM
c-po assigned this task to yzguy.Jun 8 2025, 5:54 AM
c-po added projects: VyOS 1.4 Sagitta (1.4.3), VyOS 1.5 Circinus (1.5-stream-2025-Q2).
c-po subscribed.Jun 8 2025, 5:59 AM

https://github.com/vyos/vyos-1x/pull/4549

yzguy mentioned this in rVYOSONEX4ade96deb940: T7532: container sysctl parameter values are quoted.Jun 9 2025, 12:57 PM
Restricted Repository Identity mentioned this in rVYOSONEX594e776e1c84: Merge pull request #4549 from yzguy/T7532.Jun 9 2025, 12:57 PM
Unknown Object (User) changed the task status from Open to In progress.Jun 10 2025, 10:48 AM
Unknown Object (User) triaged this task as Normal priority.
pasik subscribed.Jun 10 2025, 10:51 AM
dmbaturin moved this task from Open to Finished on the VyOS 1.5 Circinus (1.5-stream-2025-Q2) board.Jul 9 2025, 1:23 PM
dmbaturin renamed this task from Container sysctl parameters with values containing spaces cause error to Container sysctl parameters with values containing spaces cause errors.Jul 14 2025, 6:47 PM
dmbaturin closed this task as Resolved.
dmbaturin moved this task from Backlog to Finished on the VyOS 1.4 Sagitta (1.4.3) board.
dmbaturin moved this task from Need Triage to Completed on the VyOS Rolling board.
dmbaturin mentioned this in 1.4.3.Jul 17 2025, 8:18 AM