#!/usr/bin/env python3
# Copyright (c) 2024 Arista Networks, Inc.  All rights reserved.
# Arista Networks, Inc. Confidential and Proprietary.

# We're running inside a container, but Linux has not yet
# namespaced every sysctl, so there are some values that
# EOS wants to set that may leak outside of the container.
# We have a two-phase approach to this:
# 1. disable any non-namespaced setting that EOS does,
#    by using the "-fs.inotify.max_user_instances"
#    syntax in 99-ceoslab.conf
# 2. This script uses systemd-sysctl --cat-config
#    to read all the config files, and apply configuration
#    specified in structured comments, by not reducing
#    values, only increasing.  The structured comment
#    starts with a "#>" to indicate that it's an increase.
#    E.g.,
#    #> fs.inotify.max_user_instances = 9999

import CEosLabApplySysctls

if __name__ == '__main__':
   CEosLabApplySysctls.main()
