Support full set of options defined in man modprobe.d Change-Id: I3d30b6bc261ef308ae6afd963f13fda1e4b22c0dmaster
``/etc/modprobe.d/nf_conntrack.conf`` file with line | ``/etc/modprobe.d/nf_conntrack.conf`` file with line | ||||
``options nf_conntrack hashsize=262144``: | ``options nf_conntrack hashsize=262144``: | ||||
'option' can be a mapping (with 'enabled' and 'value' keys) or a scalar. | |||||
Example for 'scalar' option value: | |||||
.. code-block:: yaml | .. code-block:: yaml | ||||
linux: | linux: | ||||
option: | option: | ||||
hashsize: 262144 | hashsize: 262144 | ||||
Example for 'mapping' option value: | |||||
.. code-block:: yaml | |||||
linux: | |||||
system: | |||||
kernel: | |||||
module: | |||||
nf_conntrack: | |||||
option: | |||||
hashsize: | |||||
enabled: true | |||||
value: 262144 | |||||
NOTE: 'enabled' key is optional and is True by default. | |||||
Blacklist a module: | |||||
.. code-block:: yaml | |||||
linux: | |||||
system: | |||||
kernel: | |||||
module: | |||||
nf_conntrack: | |||||
blacklist: true | |||||
A module can have a number of aliases, wildcards are allowed. | |||||
Define an alias for a module: | |||||
.. code-block:: yaml | |||||
linux: | |||||
system: | |||||
kernel: | |||||
module: | |||||
nf_conntrack: | |||||
alias: | |||||
nfct: | |||||
enabled: true | |||||
"nf_conn*": | |||||
enabled: true | |||||
NOTE: 'enabled' key is mandatory as there are no other keys exist. | |||||
Execute custom command instead of 'insmod' when inserting a module: | |||||
.. code-block:: yaml | |||||
linux: | |||||
system: | |||||
kernel: | |||||
module: | |||||
nf_conntrack: | |||||
install: | |||||
enabled: true | |||||
command: /bin/true | |||||
NOTE: 'enabled' key is optional and is True by default. | |||||
Execute custom command instead of 'rmmod' when removing a module: | |||||
.. code-block:: yaml | |||||
linux: | |||||
system: | |||||
kernel: | |||||
module: | |||||
nf_conntrack: | |||||
remove: | |||||
enabled: true | |||||
command: /bin/true | |||||
NOTE: 'enabled' key is optional and is True by default. | |||||
Define module dependencies: | |||||
.. code-block:: yaml | |||||
linux: | |||||
system: | |||||
kernel: | |||||
module: | |||||
nf_conntrack: | |||||
softdep: | |||||
pre: | |||||
1: | |||||
enabled: true | |||||
value: a | |||||
2: | |||||
enabled: true | |||||
value: b | |||||
3: | |||||
enabled: true | |||||
value: c | |||||
post: | |||||
1: | |||||
enabled: true | |||||
value: x | |||||
2: | |||||
enabled: true | |||||
value: y | |||||
3: | |||||
enabled: true | |||||
value: z | |||||
NOTE: 'enabled' key is optional and is True by default. | |||||
Install specific kernel version and ensure all other kernel packages are | Install specific kernel version and ensure all other kernel packages are | ||||
not present. Also install extra modules and headers for this kernel: | not present. Also install extra modules and headers for this kernel: | ||||
{% if module_content.get('blacklist', false) -%} | |||||
{%- from "linux/map.jinja" import system with context -%} | |||||
# This file is managed by Salt, do not edit. | |||||
{%- set module_content = system.kernel.module.get(module_name) %} | |||||
{%- if module_content.get('blacklist', false) %} | |||||
blacklist {{ module_name }} | blacklist {{ module_name }} | ||||
{%- else -%} | |||||
options {{ module_name }}{% for option, value in module_content.get('option', {}) | dictsort %} {{ option }}={{ value }}{% endfor %} | |||||
{%- endif %} | |||||
{%- for alias, params in module_content.get('alias', {}) | dictsort %} | |||||
{%- if params.get('enabled', true) %} | |||||
alias {{ alias }} {{ module_name }} | |||||
{%- endif %} | |||||
{%- endfor %} | |||||
{%- set options = [] %} | |||||
{%- for option, params in module_content.get('option', {}) | dictsort %} | |||||
{%- if params is mapping %} | |||||
{%- if params.get('enabled', true) and params.value is defined %} | |||||
{%- do options.append(option ~ '=' ~ params.value) %} | |||||
{%- endif %} | |||||
{%- else %} | |||||
{%- do options.append(option ~ '=' ~ params) %} | |||||
{%- endif %} | |||||
{%- endfor %} | |||||
{%- if options | length > 0 %} | |||||
options {{ module_name }} {{ options | join(' ')}} | |||||
{%- endif %} | |||||
{%- if module_content.install is defined %} | |||||
{%- if module_content.install.get('enabled', true) and module_content.install.command is defined %} | |||||
install {{ module_name }} {{ module_content.install.command }} | |||||
{%- endif %} | |||||
{%- endif %} | |||||
{%- if module_content.remove is defined %} | |||||
{%- if module_content.remove.get('enabled', true) and module_content.remove.command is defined %} | |||||
remove {{ module_name }} {{ module_content.remove.command }} | |||||
{%- endif %} | |||||
{%- endif %} | |||||
{%- if module_content.softdep is defined %} | |||||
{%- set pre = [] %} | |||||
{%- set post = [] %} | |||||
{%- for pos, params in module_content.softdep.get('pre', {}) | dictsort %} | |||||
{%- if params.get('enabled', true) and params.value is defined %} | |||||
{%- do pre.append(params.value) %} | |||||
{%- endif %} | |||||
{%- endfor %} | |||||
{%- for pos, params in module_content.softdep.get('post', {}) | dictsort %} | |||||
{%- if params.get('enabled', true) and params.value is defined %} | |||||
{%- do post.append(params.value) %} | |||||
{%- endif %} | |||||
{%- endfor %} | |||||
{%- if pre | length + post | length > 0 %} | |||||
softdep {{ module_name }}{% if pre | length > 0 %} pre: {{ pre | join(' ') }}{% endif %}{% if post | length > 0 %} post: {{ post | join(' ') }}{% endif %} | |||||
{%- endif %} | |||||
{%- endif %} | {%- endif %} |
{%- endfor %} | {%- endfor %} | ||||
{%- for module_name, module_content in system.kernel.get('module', {}).items() %} | |||||
{%- if system.kernel.module is defined %} | |||||
modprobe_d_directory: | |||||
file.directory: | |||||
- name: /etc/modprobe.d | |||||
- user: root | |||||
- group: root | |||||
- mode: 755 | |||||
{%- for module_name in system.kernel.module %} | |||||
/etc/modprobe.d/{{ module_name }}.conf: | /etc/modprobe.d/{{ module_name }}.conf: | ||||
file.managed: | file.managed: | ||||
- template: jinja | - template: jinja | ||||
- source: salt://linux/files/modprobe.conf.jinja | - source: salt://linux/files/modprobe.conf.jinja | ||||
- defaults: | - defaults: | ||||
module_content: {{ module_content }} | |||||
module_name: {{ module_name }} | module_name: {{ module_name }} | ||||
- require: | |||||
- file: modprobe_d_directory | |||||
{%- endfor %} | |||||
{%- endfor %} | |||||
{%- endif %} | |||||
{%- for sysctl_name, sysctl_value in system.kernel.get('sysctl', {}).items() %} | {%- for sysctl_name, sysctl_value in system.kernel.get('sysctl', {}).items() %} | ||||
boot_options: | boot_options: | ||||
- pti=off | - pti=off | ||||
- spectre_v2=auto | - spectre_v2=auto | ||||
module: | |||||
module_1: | |||||
install: | |||||
command: /bin/true | |||||
remove: | |||||
enabled: false | |||||
command: /bin/false | |||||
module_2: | |||||
install: | |||||
enabled: false | |||||
command: /bin/false | |||||
remove: | |||||
command: /bin/true | |||||
module_3: | |||||
blacklist: true | |||||
module_4: | |||||
blacklist: false | |||||
alias: | |||||
"module*": | |||||
enabled: true | |||||
"module_*": | |||||
enabled: false | |||||
module_5: | |||||
softdep: | |||||
pre: | |||||
1: | |||||
value: module_1 | |||||
2: | |||||
value: module_2 | |||||
enabled: false | |||||
post: | |||||
1: | |||||
value: module_3 | |||||
2: | |||||
value: module_4 | |||||
enabled: false | |||||
module_6: | |||||
option: | |||||
opt_1: 111 | |||||
opt_2: 222 | |||||
module_7: | |||||
option: | |||||
opt_3: | |||||
value: 333 | |||||
opt_4: | |||||
enabled: true | |||||
value: 444 | |||||
opt_5: | |||||
enabled: false | |||||
cgroup: | cgroup: | ||||
group: | group: | ||||
group_1: | group_1: |