From ac0627ad8bd0a5f2e088fc9e854b039ab0b3dd03 Mon Sep 17 00:00:00 2001 From: HuijingHei Date: Thu, 24 Oct 2024 15:09:54 +0800 Subject: [PATCH] alternatives: update doc to use the `alternatives` commands See https://github.com/coreos/fedora-coreos-tracker/issues/677#issuecomment-2429223322 --- modules/ROOT/pages/alternatives.adoc | 42 ++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) diff --git a/modules/ROOT/pages/alternatives.adoc b/modules/ROOT/pages/alternatives.adoc index d281be92..c79aeb64 100644 --- a/modules/ROOT/pages/alternatives.adoc +++ b/modules/ROOT/pages/alternatives.adoc @@ -35,3 +35,45 @@ storage: overwrite: true hard: false ---- + +== Using alternatives commands + +Starting with Fedora CoreOS based on Fedora 41, you can use `alternatives` commands to configure the default command. + +. Example Butane config using a systemd unit to configure the default iptables backend +[source,yaml,subs="attributes"] +---- +variant: fcos +version: {butane-latest-stable-spec} +systemd: + units: + - name: custom-iptables-default.service + enabled: true + contents: | + [Unit] + Description=Set the default backend for iptables + [Service] + ExecStart=/usr/sbin/alternatives --set iptables /usr/sbin/iptables-legacy + RemainAfterExit=yes + [Install] + WantedBy=multi-user.target +---- + +NOTE: We don't recommend configuring the default iptables backend to `iptables-legacy`, it's just an example. + +You can also manually running `alternatives` commands to configure the default command runtime. + +. Example to manually configure the default iptables backend +[source,bash] +---- +# Check the link info +alternatives --display iptables +iptables --version + +# Config iptables to point to iptables-nft +sudo alternatives --set iptables /usr/sbin/iptables-nft + +# Verify iptables version is iptables-nft +alternatives --display iptables +iptables --version +---- \ No newline at end of file