6 files changed, 58 insertions, 43 deletions

diff --git a/python/vyos/ifconfig/bond.py b/python/vyos/ifconfig/bond.py
index e88f860be..d1d7d48c4 100644
--- a/python/vyos/ifconfig/bond.py
+++ b/python/vyos/ifconfig/bond.py
@@ -18,8 +18,8 @@ import os
 from vyos.ifconfig.interface import Interface
 from vyos.utils.process import cmd
 from vyos.utils.dict import dict_search
-from vyos.validate import assert_list
-from vyos.validate import assert_positive
+from vyos.utils.assertion import assert_list
+from vyos.utils.assertion import assert_positive
 
 @Interface.register
 class BondIf(Interface):
diff --git a/python/vyos/ifconfig/bridge.py b/python/vyos/ifconfig/bridge.py
index b103b49d8..b29e71394 100644
--- a/python/vyos/ifconfig/bridge.py
+++ b/python/vyos/ifconfig/bridge.py
@@ -17,8 +17,8 @@ from netifaces import interfaces
 import json
 
 from vyos.ifconfig.interface import Interface
-from vyos.validate import assert_boolean
-from vyos.validate import assert_positive
+from vyos.utils.assertion import assert_boolean
+from vyos.utils.assertion import assert_positive
 from vyos.utils.process import cmd
 from vyos.utils.dict import dict_search
 from vyos.configdict import get_vlan_ids
diff --git a/python/vyos/ifconfig/ethernet.py b/python/vyos/ifconfig/ethernet.py
index 4ff044c23..24ce3a803 100644
--- a/python/vyos/ifconfig/ethernet.py
+++ b/python/vyos/ifconfig/ethernet.py
@@ -23,7 +23,7 @@ from vyos.ifconfig.interface import Interface
 from vyos.utils.dict import dict_search
 from vyos.utils.file import read_file
 from vyos.utils.process import run
-from vyos.validate import assert_list
+from vyos.utils.assertion import assert_list
 
 @Interface.register
 class EthernetIf(Interface):
diff --git a/python/vyos/ifconfig/interface.py b/python/vyos/ifconfig/interface.py
index 99ddb2021..75c5f27a9 100644
--- a/python/vyos/ifconfig/interface.py
+++ b/python/vyos/ifconfig/interface.py
@@ -31,6 +31,7 @@ from vyos import ConfigError
 from vyos.configdict import list_diff
 from vyos.configdict import dict_merge
 from vyos.configdict import get_vlan_ids
+from vyos.defaults import directories
 from vyos.template import render
 from vyos.utils.network import mac2eui64
 from vyos.utils.dict import dict_search
@@ -40,14 +41,14 @@ from vyos.utils.network import get_interface_namespace
 from vyos.utils.process import is_systemd_service_active
 from vyos.template import is_ipv4
 from vyos.template import is_ipv6
-from vyos.validate import is_intf_addr_assigned
-from vyos.validate import is_ipv6_link_local
-from vyos.validate import assert_boolean
-from vyos.validate import assert_list
-from vyos.validate import assert_mac
-from vyos.validate import assert_mtu
-from vyos.validate import assert_positive
-from vyos.validate import assert_range
+from vyos.utils.network import is_intf_addr_assigned
+from vyos.utils.network import is_ipv6_link_local
+from vyos.utils.assertion import assert_boolean
+from vyos.utils.assertion import assert_list
+from vyos.utils.assertion import assert_mac
+from vyos.utils.assertion import assert_mtu
+from vyos.utils.assertion import assert_positive
+from vyos.utils.assertion import assert_range
 
 from vyos.ifconfig.control import Control
 from vyos.ifconfig.vrrp import VRRP
@@ -1240,44 +1241,49 @@ class Interface(Control):
             raise ValueError()
 
         ifname = self.ifname
-        config_base = r'/var/lib/dhcp/dhclient'
-        config_file = f'{config_base}_{ifname}.conf'
-        options_file = f'{config_base}_{ifname}.options'
-        pid_file = f'{config_base}_{ifname}.pid'
-        lease_file = f'{config_base}_{ifname}.leases'
+        config_base = directories['isc_dhclient_dir'] + '/dhclient'
+        dhclient_config_file = f'{config_base}_{ifname}.conf'
+        dhclient_lease_file = f'{config_base}_{ifname}.leases'
+        systemd_override_file = f'/run/systemd/system/dhclient@{ifname}.service.d/10-override.conf'
         systemd_service = f'dhclient@{ifname}.service'
 
+        # Rendered client configuration files require the apsolute config path
+        self.config['isc_dhclient_dir'] = directories['isc_dhclient_dir']
+
         # 'up' check is mandatory b/c even if the interface is A/D, as soon as
         # the DHCP client is started the interface will be placed in u/u state.
         # This is not what we intended to do when disabling an interface.
-        if enable and 'disable' not in self._config:
-            if dict_search('dhcp_options.host_name', self._config) == None:
+        if enable and 'disable' not in self.config:
+            if dict_search('dhcp_options.host_name', self.config) == None:
                 # read configured system hostname.
                 # maybe change to vyos hostd client ???
                 hostname = 'vyos'
                 with open('/etc/hostname', 'r') as f:
                     hostname = f.read().rstrip('\n')
                     tmp = {'dhcp_options' : { 'host_name' : hostname}}
-                    self._config = dict_merge(tmp, self._config)
+                    self.config = dict_merge(tmp, self.config)
+
+            render(systemd_override_file, 'dhcp-client/override.conf.j2', self.config)
+            render(dhclient_config_file, 'dhcp-client/ipv4.j2', self.config)
 
-            render(options_file, 'dhcp-client/daemon-options.j2', self._config)
-            render(config_file, 'dhcp-client/ipv4.j2', self._config)
+            # Reload systemd unit definitons as some options are dynamically generated
+            self._cmd('systemctl daemon-reload')
 
             # When the DHCP client is restarted a brief outage will occur, as
             # the old lease is released a new one is acquired (T4203). We will
             # only restart DHCP client if it's option changed, or if it's not
             # running, but it should be running (e.g. on system startup)
-            if 'dhcp_options_changed' in self._config or not is_systemd_service_active(systemd_service):
+            if 'dhcp_options_changed' in self.config or not is_systemd_service_active(systemd_service):
                 return self._cmd(f'systemctl restart {systemd_service}')
-            return None
         else:
             if is_systemd_service_active(systemd_service):
                 self._cmd(f'systemctl stop {systemd_service}')
             # cleanup old config files
-            for file in [config_file, options_file, pid_file, lease_file]:
+            for file in [dhclient_config_file, systemd_override_file, dhclient_lease_file]:
                 if os.path.isfile(file):
                     os.remove(file)
 
+        return None
 
     def set_dhcpv6(self, enable):
         """
@@ -1287,13 +1293,20 @@ class Interface(Control):
             raise ValueError()
 
         ifname = self.ifname
-        config_file = f'/run/dhcp6c/dhcp6c.{ifname}.conf'
-        options_file = f'/run/dhcp6c/dhcp6c.{ifname}.options'
+        config_base = directories['dhcp6_client_dir']
+        config_file = f'{config_base}/dhcp6c.{ifname}.conf'
+        systemd_override_file = f'/run/systemd/system/dhcp6c@{ifname}.service.d/10-override.conf'
         systemd_service = f'dhcp6c@{ifname}.service'
 
-        if enable and 'disable' not in self._config:
-            render(options_file, 'dhcp-client/dhcp6c_daemon-options.j2', self._config)
-            render(config_file, 'dhcp-client/ipv6.j2', self._config)
+        # Rendered client configuration files require the apsolute config path
+        self.config['dhcp6_client_dir'] = directories['dhcp6_client_dir']
+
+        if enable and 'disable' not in self.config:
+            render(systemd_override_file, 'dhcp-client/ipv6.override.conf.j2', self.config)
+            render(config_file, 'dhcp-client/ipv6.j2', self.config)
+
+            # Reload systemd unit definitons as some options are dynamically generated
+            self._cmd('systemctl daemon-reload')
 
             # We must ignore any return codes. This is required to enable
             # DHCPv6-PD for interfaces which are yet not up and running.
@@ -1304,26 +1317,28 @@ class Interface(Control):
             if os.path.isfile(config_file):
                 os.remove(config_file)
 
+        return None
+
     def set_mirror_redirect(self):
         # Please refer to the document for details
         #   - https://man7.org/linux/man-pages/man8/tc.8.html
         #   - https://man7.org/linux/man-pages/man8/tc-mirred.8.html
         # Depening if we are the source or the target interface of the port
         # mirror we need to setup some variables.
-        source_if = self._config['ifname']
+        source_if = self.config['ifname']
 
         mirror_config = None
-        if 'mirror' in self._config:
-            mirror_config = self._config['mirror']
-        if 'is_mirror_intf' in self._config:
-            source_if = next(iter(self._config['is_mirror_intf']))
-            mirror_config = self._config['is_mirror_intf'][source_if].get('mirror', None)
+        if 'mirror' in self.config:
+            mirror_config = self.config['mirror']
+        if 'is_mirror_intf' in self.config:
+            source_if = next(iter(self.config['is_mirror_intf']))
+            mirror_config = self.config['is_mirror_intf'][source_if].get('mirror', None)
 
         redirect_config = None
 
         # clear existing ingess - ignore errors (e.g. "Error: Cannot find specified
         # qdisc on specified device") - we simply cleanup all stuff here
-        if not 'traffic_policy' in self._config:
+        if not 'traffic_policy' in self.config:
             self._popen(f'tc qdisc del dev {source_if} parent ffff: 2>/dev/null');
             self._popen(f'tc qdisc del dev {source_if} parent 1: 2>/dev/null');
 
@@ -1347,11 +1362,11 @@ class Interface(Control):
                 if err: print('tc qdisc(filter for mirror port failed')
 
         # Apply interface traffic redirection policy
-        elif 'redirect' in self._config:
+        elif 'redirect' in self.config:
             _, err = self._popen(f'tc qdisc add dev {source_if} handle ffff: ingress')
             if err: print(f'tc qdisc add for redirect failed!')
 
-            target_if = self._config['redirect']
+            target_if = self.config['redirect']
             _, err = self._popen(f'tc filter add dev {source_if} parent ffff: protocol '\
                                  f'all prio 10 u32 match u32 0 0 flowid 1:1 action mirred '\
                                  f'egress redirect dev {target_if}')
@@ -1370,7 +1385,7 @@ class Interface(Control):
         # Cache the configuration - it will be reused inside e.g. DHCP handler
         # XXX: maybe pass the option via __init__ in the future and rename this
         # method to apply()?
-        self._config = config
+        self.config = config
 
         # Change interface MAC address - re-set to real hardware address (hw-id)
         # if custom mac is removed. Skip if bond member.
diff --git a/python/vyos/ifconfig/pppoe.py b/python/vyos/ifconfig/pppoe.py
index fd4590beb..febf1452d 100644
--- a/python/vyos/ifconfig/pppoe.py
+++ b/python/vyos/ifconfig/pppoe.py
@@ -14,7 +14,7 @@
 # License along with this library.  If not, see <http://www.gnu.org/licenses/>.
 
 from vyos.ifconfig.interface import Interface
-from vyos.validate import assert_range
+from vyos.utils.assertion import assert_range
 from vyos.utils.network import get_interface_config
 
 @Interface.register
diff --git a/python/vyos/ifconfig/tunnel.py b/python/vyos/ifconfig/tunnel.py
index fb2f38e2b..9ba7b31a6 100644
--- a/python/vyos/ifconfig/tunnel.py
+++ b/python/vyos/ifconfig/tunnel.py
@@ -18,7 +18,7 @@
 
 from vyos.ifconfig.interface import Interface
 from vyos.utils.dict import dict_search
-from vyos.validate import assert_list
+from vyos.utils.assertion import assert_list
 
 def enable_to_on(value):
     if value == 'enable':