diff options
-rw-r--r-- | interface-definitions/ssh.xml | 6 | ||||
-rw-r--r-- | op-mode-definitions/dns-forwarding.xml | 4 | ||||
-rw-r--r-- | op-mode-definitions/version.xml | 6 | ||||
-rwxr-xr-x | src/conf_mode/bcast_relay.py | 4 | ||||
-rwxr-xr-x | src/conf_mode/dns_forwarding.py | 2 | ||||
-rwxr-xr-x | src/conf_mode/mdns_repeater.py | 4 | ||||
-rwxr-xr-x | src/conf_mode/ntp.py | 2 | ||||
-rwxr-xr-x | src/conf_mode/ssh.py | 10 |
8 files changed, 24 insertions, 14 deletions
diff --git a/interface-definitions/ssh.xml b/interface-definitions/ssh.xml index 22741c41a..bd6ebf24a 100644 --- a/interface-definitions/ssh.xml +++ b/interface-definitions/ssh.xml @@ -50,6 +50,12 @@ </node> </children> </node> + <leafNode name="allow-root"> + <properties> + <help>Enable root login over ssh</help> + <valueless/> + </properties> + </leafNode> <leafNode name="ciphers"> <properties> <help>Specifies allowed Ciphers</help> diff --git a/op-mode-definitions/dns-forwarding.xml b/op-mode-definitions/dns-forwarding.xml index f3a618e31..3d7483641 100644 --- a/op-mode-definitions/dns-forwarding.xml +++ b/op-mode-definitions/dns-forwarding.xml @@ -14,7 +14,7 @@ <properties> <help>Show DNS forwarding statistics</help> </properties> - <command>${vyos_bindir}/vyos_dns_forwarding_statistics.py</command> + <command>${vyos_op_scripts_dir}/dns_forwarding_statistics.py</command> </leafNode> </children> </node> @@ -30,7 +30,7 @@ <properties> <help>Restart DNS forwarding service</help> </properties> - <command>${vyos_bindir}/vyos_restart_dns_forwarding.sh</command> + <command>${vyos_op_scripts_dir}/dns_forwarding_restart.sh</command> </leafNode> </children> </node> diff --git a/op-mode-definitions/version.xml b/op-mode-definitions/version.xml index b77d52f9e..593785f7a 100644 --- a/op-mode-definitions/version.xml +++ b/op-mode-definitions/version.xml @@ -6,19 +6,19 @@ <properties> <help>Show system version information</help> </properties> - <command>${vyos_bindir}/vyos_show_version.py</command> + <command>${vyos_op_scripts_dir}/version.py</command> <children> <leafNode name="funny"> <properties> <help>Show system version and some fun stuff</help> </properties> - <command>${vyos_bindir}/vyos_show_version.py --funny</command> + <command>${vyos_op_scripts_dir}/version.py --funny</command> </leafNode> <leafNode name="all"> <properties> <help>Show system version and versions of all packages</help> </properties> - <command>${vyos_bindir}/vyos_show_version.py --all</command> + <command>${vyos_op_scripts_dir}/version.py --all</command> </leafNode> </children> </node> diff --git a/src/conf_mode/bcast_relay.py b/src/conf_mode/bcast_relay.py index 785690d9c..95f6215b5 100755 --- a/src/conf_mode/bcast_relay.py +++ b/src/conf_mode/bcast_relay.py @@ -19,7 +19,6 @@ import sys import os import fnmatch -import time import subprocess from vyos.config import Config @@ -69,8 +68,7 @@ def verify(relays): return None def generate(relays): - config_header = '### Autogenerated by {0} on {tm} ###\n'.format(os.path.basename(__file__), - tm=time.strftime("%a, %d %b %Y %H:%M:%S", time.localtime())) + config_header = '### Autogenerated by bcast_relay.py ###\n' config_dir = os.path.dirname(config_file) config_filename = os.path.basename(config_file) diff --git a/src/conf_mode/dns_forwarding.py b/src/conf_mode/dns_forwarding.py index be48cde60..77e406dcc 100755 --- a/src/conf_mode/dns_forwarding.py +++ b/src/conf_mode/dns_forwarding.py @@ -31,7 +31,7 @@ config_file = r'/etc/powerdns/recursor.conf' # especially in the semicolon-separated lists of name servers. # Please be careful if you edit the template. config_tmpl = """ -### Autogenerated by vyos-config-dns-forwarding.py ### +### Autogenerated by dns_forwarding.py ### # Non-configurable defaults daemon=yes diff --git a/src/conf_mode/mdns_repeater.py b/src/conf_mode/mdns_repeater.py index e648fd64f..474a6a5cf 100755 --- a/src/conf_mode/mdns_repeater.py +++ b/src/conf_mode/mdns_repeater.py @@ -18,8 +18,8 @@ import sys import os + import netifaces -import time from vyos.config import Config from vyos import ConfigError @@ -59,7 +59,7 @@ def verify(mdns): return None def generate(mdns): - config_header = '### Autogenerated by vyos-update-mdns-repeater.py on {tm} ###\n'.format(tm=time.strftime("%a, %d %b %Y %H:%M:%S", time.localtime())) + config_header = '### Autogenerated by mdns_repeater.py ###\n' if len(mdns) > 0: config_args = 'DAEMON_ARGS="' + ' '.join(str(e) for e in mdns) + '"\n' else: diff --git a/src/conf_mode/ntp.py b/src/conf_mode/ntp.py index 8be12e44e..9a4846bdf 100755 --- a/src/conf_mode/ntp.py +++ b/src/conf_mode/ntp.py @@ -29,7 +29,7 @@ config_file = r'/etc/ntp.conf' # Please be careful if you edit the template. config_tmpl = """ -### Autogenerated by vyos-config-ntp.py ### +### Autogenerated by ntp.py ### # # Non-configurable defaults diff --git a/src/conf_mode/ssh.py b/src/conf_mode/ssh.py index a4857bba9..7071a6ab4 100755 --- a/src/conf_mode/ssh.py +++ b/src/conf_mode/ssh.py @@ -29,7 +29,7 @@ config_file = r'/etc/ssh/sshd_config' # Please be careful if you edit the template. config_tmpl = """ -### Autogenerated by vyos-config-ssh.py ### +### Autogenerated by ssh.py ### # Non-configurable defaults Protocol 2 @@ -59,7 +59,6 @@ Banner /etc/issue.net Subsystem sftp /usr/lib/openssh/sftp-server UsePAM yes HostKey /etc/ssh/ssh_host_key -PermitRootLogin no # Specifies whether sshd should look up the remote host name, # and to check that the resolved host name for the remote IP @@ -73,6 +72,9 @@ Port {{ port }} # Gives the verbosity level that is used when logging messages from sshd LogLevel {{ log_level }} +# Specifies whether root can log in using ssh +PermitRootLogin {{ allow_root }} + # Specifies whether password authentication is allowed PasswordAuthentication {{ password_authentication }} @@ -140,6 +142,7 @@ DenyGroups {{ deny_groups | join(" ") }} default_config_data = { 'port' : '22', 'log_level': 'INFO', + 'allow_root': 'no', 'password_authentication': 'yes', 'host_validation': 'yes' } @@ -168,6 +171,9 @@ def get_config(): deny_groups = conf.return_values('access-control deny group') ssh.setdefault('deny_groups', deny_groups) + if conf.exists('allow-root'): + ssh['allow-root'] = 'yes' + if conf.exists('ciphers'): ciphers = conf.return_values('ciphers') ssh.setdefault('ciphers', ciphers) |