summaryrefslogtreecommitdiff
path: root/python
diff options
context:
space:
mode:
Diffstat (limited to 'python')
-rw-r--r--python/vyos/airbag.py77
-rw-r--r--python/vyos/configdict.py362
-rw-r--r--python/vyos/configsession.py8
-rw-r--r--python/vyos/configtree.py6
-rw-r--r--python/vyos/debug.py21
-rw-r--r--python/vyos/ifconfig/dhcp.py129
-rw-r--r--python/vyos/ifconfig/ethernet.py5
-rw-r--r--python/vyos/ifconfig/geneve.py2
-rw-r--r--python/vyos/ifconfig/interface.py166
-rw-r--r--python/vyos/ifconfig/macvlan.py47
-rw-r--r--python/vyos/ifconfig/tunnel.py36
-rw-r--r--python/vyos/ifconfig/vlan.py40
-rw-r--r--python/vyos/ifconfig/vrrp.py2
-rw-r--r--python/vyos/ifconfig/vxlan.py3
-rw-r--r--python/vyos/ifconfig/wireguard.py5
-rw-r--r--python/vyos/ifconfig/wireless.py3
-rw-r--r--python/vyos/ifconfig_vlan.py8
-rw-r--r--python/vyos/logger.py143
-rw-r--r--python/vyos/remote.py9
-rw-r--r--python/vyos/template.py10
-rw-r--r--python/vyos/util.py149
-rw-r--r--python/vyos/validate.py28
-rw-r--r--python/vyos/version.py66
23 files changed, 889 insertions, 436 deletions
diff --git a/python/vyos/airbag.py b/python/vyos/airbag.py
index b0565192d..b7838d8a2 100644
--- a/python/vyos/airbag.py
+++ b/python/vyos/airbag.py
@@ -13,22 +13,30 @@
# You should have received a copy of the GNU Lesser General Public
# License along with this library. If not, see <http://www.gnu.org/licenses/>.
-import os
import sys
-import logging
-import logging.handlers
from datetime import datetime
from vyos import debug
from vyos.config import Config
+from vyos.logger import syslog
from vyos.version import get_version
-from vyos.util import run
-
+from vyos.version import get_full_version_data
# we allow to disable the extra logging
DISABLE = False
+_noteworthy = []
+
+def noteworthy(msg):
+ """
+ noteworthy can be use to take note things which we may not want to
+ report to the user may but be worth including in bug report
+ if something goes wrong later on
+ """
+ _noteworthy.append(msg)
+
+
# emulate a file object
class _IO(object):
def __init__(self, std, log):
@@ -59,12 +67,19 @@ def bug_report(dtype, value, trace):
sys.stdout.flush()
sys.stderr.flush()
- information = {
+ information = get_full_version_data()
+ trace = '\n'.join(format_exception(dtype, value, trace)).replace('\n\n','\n')
+ note = ''
+ if _noteworthy:
+ note = 'noteworthy:\n'
+ note += '\n'.join(_noteworthy)
+
+ information.update({
'date': datetime.now().strftime('%Y-%m-%d %H:%M:%S'),
- 'version': get_version(),
- 'trace': format_exception(dtype, value, trace),
+ 'trace': trace,
'instructions': COMMUNITY if 'rolling' in get_version() else SUPPORTED,
- }
+ 'note': note,
+ })
sys.stdout.write(INTRO.format(**information))
sys.stdout.flush()
@@ -82,19 +97,14 @@ def intercepter(dtype, value, trace):
pdb.pm()
-def InterceptingLogger(address, _singleton=[False]):
+def InterceptingLogger(_singleton=[False]):
skip = _singleton.pop()
_singleton.append(True)
if skip:
return
- logger = logging.getLogger('VyOS')
- logger.setLevel(logging.DEBUG)
- handler = logging.handlers.SysLogHandler(address='/dev/log', facility='syslog')
- logger.addHandler(handler)
-
# log to syslog any message sent to stderr
- sys.stderr = _IO(sys.stderr, logger.critical)
+ sys.stderr = _IO(sys.stderr, syslog.critical)
# lists as default arguments in function is normally dangerous
@@ -124,29 +134,46 @@ except:
# running testing so we are checking that we are on the router
# as otherwise it prevents dpkg-buildpackage to work
if get_version() and insession:
- InterceptingLogger('/run/systemd/journal/dev-log')
+ InterceptingLogger()
InterceptingException(intercepter)
# Messages to print
+# if the key before the value has not time, syslog takes that as the source of the message
FAULT = """\
-Date: {date}
-VyOS image: {version}
+Report Time: {date}
+Image Version: VyOS {version}
+Release Train: {release_train}
+
+Built by: {built_by}
+Built on: {built_on}
+Build UUID: {build_uuid}
+Build Commit ID: {build_git}
+
+Architecture: {system_arch}
+Boot via: {boot_via}
+System type: {system_type}
+
+Hardware vendor: {hardware_vendor}
+Hardware model: {hardware_model}
+Hardware S/N: {hardware_serial}
+Hardware UUID: {hardware_uuid}
{trace}
+{note}
"""
INTRO = """\
VyOS had an issue completing a command.
-We are sorry that you encountered a problem with VyOS.
+We are sorry that you encountered a problem while using VyOS.
There are a few things you can do to help us (and yourself):
{instructions}
-PLEASE, when reporting, do include as much information as you can:
-- do not obfuscate any data (feel free to send us a private communication with
- the extra information if your business policy is strict on information sharing)
+When reporting problems, please include as much information as possible:
+- do not obfuscate any data (feel free to contact us privately if your
+ business policy requires it)
- and include all the information presented below
"""
@@ -163,6 +190,8 @@ COMMUNITY = """\
SUPPORTED = """\
- Make sure you are running the latest stable version of VyOS
the code is available at https://downloads.vyos.io/?dir=release/current
-- Contact us on our online help desk
+- Contact us using the online help desk
https://support.vyos.io/
+- Join our community on slack where our users exchange help and advice
+ https://vyos.slack.com
""".strip()
diff --git a/python/vyos/configdict.py b/python/vyos/configdict.py
index 24fe174d2..e1b704a31 100644
--- a/python/vyos/configdict.py
+++ b/python/vyos/configdict.py
@@ -18,7 +18,12 @@ A library for retrieving value dicts from VyOS configs in a declarative fashion.
"""
+from enum import Enum
+from copy import deepcopy
+
from vyos import ConfigError
+from vyos.ifconfig import Interface
+
def retrieve_config(path_hash, base_path, config):
"""
@@ -98,171 +103,338 @@ def get_ethertype(ethertype_val):
raise ConfigError('invalid ethertype "{}"'.format(ethertype_val))
-def vlan_to_dict(conf):
+vlan_default = {
+ 'address': [],
+ 'address_remove': [],
+ 'description': '',
+ 'dhcp_client_id': '',
+ 'dhcp_hostname': '',
+ 'dhcp_vendor_class_id': '',
+ 'dhcpv6_prm_only': False,
+ 'dhcpv6_temporary': False,
+ 'disable': False,
+ 'disable_link_detect': 1,
+ 'egress_qos': '',
+ 'egress_qos_changed': False,
+ 'ip_disable_arp_filter': 1,
+ 'ip_enable_arp_accept': 0,
+ 'ip_enable_arp_announce': 0,
+ 'ip_enable_arp_ignore': 0,
+ 'ip_proxy_arp': 0,
+ 'ipv6_autoconf': 0,
+ 'ipv6_eui64_prefix': [],
+ 'ipv6_eui64_prefix_remove': [],
+ 'ipv6_forwarding': 1,
+ 'ipv6_dup_addr_detect': 1,
+ 'ingress_qos': '',
+ 'ingress_qos_changed': False,
+ 'mac': '',
+ 'mtu': 1500,
+ 'vif_c': [],
+ 'vif_c_remove': [],
+ 'vrf': ''
+}
+
+# see: https://docs.python.org/3/library/enum.html#functional-api
+disable = Enum('disable','none was now both')
+
+def disable_state(conf, check=[3,5,7]):
+ """
+ return if and how a particual section of the configuration is has disable'd
+ using "disable" including if it was disabled by one of its parent.
+
+ check: a list of the level we should check, here 7,5 and 3
+ interfaces ethernet eth1 vif-s 1 vif-c 2 disable
+ interfaces ethernet eth1 vif 1 disable
+ interfaces ethernet eth1 disable
+
+ it returns an enum (none, was, now, both)
+ """
+
+ # save where we are in the config
+ current_level = conf.get_level()
+
+ # logic to figure out if the interface (or one of it parent is disabled)
+ eff_disable = False
+ act_disable = False
+
+ levels = check[:]
+ working_level = current_level[:]
+
+ while levels:
+ position = len(working_level)
+ if not position:
+ break
+ if position not in levels:
+ working_level = working_level[:-1]
+ continue
+
+ levels.remove(position)
+ conf.set_level(working_level)
+ working_level = working_level[:-1]
+
+ eff_disable = eff_disable or conf.exists_effective('disable')
+ act_disable = act_disable or conf.exists('disable')
+
+ conf.set_level(current_level)
+
+ # how the disabling changed
+ if eff_disable and act_disable:
+ return disable.both
+ if eff_disable and not eff_disable:
+ return disable.was
+ if not eff_disable and act_disable:
+ return disable.now
+ return disable.none
+
+
+def intf_to_dict(conf, default):
"""
Common used function which will extract VLAN related information from config
and represent the result as Python dictionary.
Function call's itself recursively if a vif-s/vif-c pair is detected.
"""
- vlan = {
- 'id': conf.get_level()[-1], # get the '100' in 'interfaces bonding bond0 vif-s 100'
- 'address': [],
- 'address_remove': [],
- 'description': '',
- 'dhcp_client_id': '',
- 'dhcp_hostname': '',
- 'dhcp_vendor_class_id': '',
- 'dhcpv6_prm_only': False,
- 'dhcpv6_temporary': False,
- 'disable': False,
- 'disable_link_detect': 1,
- 'egress_qos': '',
- 'egress_qos_changed': False,
- 'ip_disable_arp_filter': 1,
- 'ip_enable_arp_accept': 0,
- 'ip_enable_arp_announce': 0,
- 'ip_enable_arp_ignore': 0,
- 'ip_proxy_arp': 0,
- 'ipv6_autoconf': 0,
- 'ipv6_forwarding': 1,
- 'ipv6_dup_addr_detect': 1,
- 'ingress_qos': '',
- 'ingress_qos_changed': False,
- 'mac': '',
- 'mtu': 1500,
- 'vrf': ''
- }
+
+ intf = deepcopy(default)
+
# retrieve configured interface addresses
if conf.exists('address'):
- vlan['address'] = conf.return_values('address')
-
- # Determine interface addresses (currently effective) - to determine which
- # address is no longer valid and needs to be removed from the bond
- eff_addr = conf.return_effective_values('address')
- act_addr = conf.return_values('address')
- vlan['address_remove'] = list_diff(eff_addr, act_addr)
+ intf['address'] = conf.return_values('address')
# retrieve interface description
if conf.exists('description'):
- vlan['description'] = conf.return_value('description')
+ intf['description'] = conf.return_value('description')
# get DHCP client identifier
if conf.exists('dhcp-options client-id'):
- vlan['dhcp_client_id'] = conf.return_value('dhcp-options client-id')
+ intf['dhcp_client_id'] = conf.return_value('dhcp-options client-id')
# DHCP client host name (overrides the system host name)
if conf.exists('dhcp-options host-name'):
- vlan['dhcp_hostname'] = conf.return_value('dhcp-options host-name')
+ intf['dhcp_hostname'] = conf.return_value('dhcp-options host-name')
# DHCP client vendor identifier
if conf.exists('dhcp-options vendor-class-id'):
- vlan['dhcp_vendor_class_id'] = conf.return_value('dhcp-options vendor-class-id')
+ intf['dhcp_vendor_class_id'] = conf.return_value(
+ 'dhcp-options vendor-class-id')
# DHCPv6 only acquire config parameters, no address
if conf.exists('dhcpv6-options parameters-only'):
- vlan['dhcpv6_prm_only'] = True
+ intf['dhcpv6_prm_only'] = True
# DHCPv6 temporary IPv6 address
if conf.exists('dhcpv6-options temporary'):
- vlan['dhcpv6_temporary'] = True
+ intf['dhcpv6_temporary'] = True
# ignore link state changes
if conf.exists('disable-link-detect'):
- vlan['disable_link_detect'] = 2
-
- # disable VLAN interface
- if conf.exists('disable'):
- vlan['disable'] = True
+ intf['disable_link_detect'] = 2
# ARP filter configuration
if conf.exists('ip disable-arp-filter'):
- vlan['ip_disable_arp_filter'] = 0
+ intf['ip_disable_arp_filter'] = 0
# ARP enable accept
if conf.exists('ip enable-arp-accept'):
- vlan['ip_enable_arp_accept'] = 1
+ intf['ip_enable_arp_accept'] = 1
# ARP enable announce
if conf.exists('ip enable-arp-announce'):
- vlan['ip_enable_arp_announce'] = 1
+ intf['ip_enable_arp_announce'] = 1
# ARP enable ignore
if conf.exists('ip enable-arp-ignore'):
- vlan['ip_enable_arp_ignore'] = 1
+ intf['ip_enable_arp_ignore'] = 1
# Enable Proxy ARP
if conf.exists('ip enable-proxy-arp'):
- vlan['ip_proxy_arp'] = 1
+ intf['ip_proxy_arp'] = 1
# Enable acquisition of IPv6 address using stateless autoconfig (SLAAC)
if conf.exists('ipv6 address autoconf'):
- vlan['ipv6_autoconf'] = 1
+ intf['ipv6_autoconf'] = 1
+
+ # Get prefixes for IPv6 addressing based on MAC address (EUI-64)
+ if conf.exists('ipv6 address eui64'):
+ intf['ipv6_eui64_prefix'] = conf.return_values('ipv6 address eui64')
# Disable IPv6 forwarding on this interface
if conf.exists('ipv6 disable-forwarding'):
- vlan['ipv6_forwarding'] = 0
-
- # IPv6 Duplicate Address Detection (DAD) tries
- if conf.exists('ipv6 dup-addr-detect-transmits'):
- vlan['ipv6_dup_addr_detect'] = int(conf.return_value('ipv6 dup-addr-detect-transmits'))
+ intf['ipv6_forwarding'] = 0
# Media Access Control (MAC) address
if conf.exists('mac'):
- vlan['mac'] = conf.return_value('mac')
+ intf['mac'] = conf.return_value('mac')
+
+ # IPv6 Duplicate Address Detection (DAD) tries
+ if conf.exists('ipv6 dup-addr-detect-transmits'):
+ intf['ipv6_dup_addr_detect'] = int(
+ conf.return_value('ipv6 dup-addr-detect-transmits'))
# Maximum Transmission Unit (MTU)
if conf.exists('mtu'):
- vlan['mtu'] = int(conf.return_value('mtu'))
+ intf['mtu'] = int(conf.return_value('mtu'))
# retrieve VRF instance
if conf.exists('vrf'):
- vlan['vrf'] = conf.return_value('vrf')
+ intf['vrf'] = conf.return_value('vrf')
- # VLAN egress QoS
+ # egress QoS
if conf.exists('egress-qos'):
- vlan['egress_qos'] = conf.return_value('egress-qos')
+ intf['egress_qos'] = conf.return_value('egress-qos')
# egress changes QoS require VLAN interface recreation
if conf.return_effective_value('egress-qos'):
- if vlan['egress_qos'] != conf.return_effective_value('egress-qos'):
- vlan['egress_qos_changed'] = True
+ if intf['egress_qos'] != conf.return_effective_value('egress-qos'):
+ intf['egress_qos_changed'] = True
- # VLAN ingress QoS
+ # ingress QoS
if conf.exists('ingress-qos'):
- vlan['ingress_qos'] = conf.return_value('ingress-qos')
+ intf['ingress_qos'] = conf.return_value('ingress-qos')
# ingress changes QoS require VLAN interface recreation
if conf.return_effective_value('ingress-qos'):
- if vlan['ingress_qos'] != conf.return_effective_value('ingress-qos'):
- vlan['ingress_qos_changed'] = True
+ if intf['ingress_qos'] != conf.return_effective_value('ingress-qos'):
+ intf['ingress_qos_changed'] = True
- # ethertype is mandatory on vif-s nodes and only exists here!
- # check if this is a vif-s node at all:
- if conf.get_level()[-2] == 'vif-s':
- vlan['vif_c'] = []
- vlan['vif_c_remove'] = []
-
- # ethertype uses a default of 0x88A8
- tmp = '0x88A8'
- if conf.exists('ethertype'):
- tmp = conf.return_value('ethertype')
- vlan['ethertype'] = get_ethertype(tmp)
-
- # get vif-c interfaces (currently effective) - to determine which vif-c
+ disabled = disable_state(conf)
+
+ # Get the interface IPs
+ eff_addr = conf.return_effective_values('address')
+ act_addr = conf.return_values('address')
+
+ # Get prefixes for IPv6 addressing based on MAC address (EUI-64)
+ eff_eui = conf.return_effective_values('ipv6 address eui64')
+ act_eui = conf.return_values('ipv6 address eui64')
+
+ # Determine what should stay or be removed
+ if disabled == disable.both:
+ # was and is still disabled
+ intf['disable'] = True
+ intf['address'] = []
+ intf['address_remove'] = []
+ intf['ipv6_eui64_prefix'] = []
+ intf['ipv6_eui64_prefix_remove'] = []
+ elif disabled == disable.now:
+ # it is now disable but was not before
+ intf['disable'] = True
+ intf['address'] = []
+ intf['address_remove'] = eff_addr
+ intf['ipv6_eui64_prefix'] = []
+ intf['ipv6_eui64_prefix_remove'] = eff_eui
+ elif disabled == disable.was:
+ # it was disable but not anymore
+ intf['disable'] = False
+ intf['address'] = act_addr
+ intf['address_remove'] = []
+ intf['ipv6_eui64_prefix'] = act_eui
+ intf['ipv6_eui64_prefix_remove'] = []
+ else:
+ # normal change
+ intf['disable'] = False
+ intf['address'] = act_addr
+ intf['address_remove'] = list_diff(eff_addr, act_addr)
+ intf['ipv6_eui64_prefix'] = act_eui
+ intf['ipv6_eui64_prefix_remove'] = list_diff(eff_eui, act_eui)
+
+ # Remove the default link-local address if set.
+ if conf.exists('ipv6 address no-default-link-local'):
+ intf['ipv6_eui64_prefix_remove'].append('fe80::/64')
+ else:
+ # add the link-local by default to make IPv6 work
+ intf['ipv6_eui64_prefix'].append('fe80::/64')
+
+ # Find out if MAC has changed
+ try:
+ interface = Interface(intf['intf'], create=False)
+ if intf['mac'] and intf['mac'] != interface.get_mac():
+ intf['ipv6_eui64_prefix_remove'] += intf['ipv6_eui64_prefix']
+ except Exception:
+ # If the interface does not exists, it can not have changed
+ pass
+
+ return intf, disable
+
+
+
+def add_to_dict(conf, disabled, ifdict, section, key):
+ """
+ parse a section of vif/vif-s/vif-c and add them to the dict
+ follow the convention to:
+ * use the "key" for what to add
+ * use the "key" what what to remove
+
+ conf: is the Config() already at the level we need to parse
+ disabled: is a disable enum so we know how to handle to data
+ intf: if the interface dictionary
+ section: is the section name to parse (vif/vif-s/vif-c)
+ key: is the dict key to use (vif/vifs/vifc)
+ """
+
+ if not conf.exists(section):
+ return ifdict
+
+ effect = conf.list_effective_nodes(section)
+ active = conf.list_nodes(section)
+
+ # the section to parse for vlan
+ sections = []
+
+ # Determine interface addresses (currently effective) - to determine which
+ # address is no longer valid and needs to be removed from the bond
+ if disabled == disable.both:
+ # was and is still disabled
+ ifdict[f'{key}_remove'] = []
+ elif disabled == disable.now:
+ # it is now disable but was not before
+ ifdict[f'{key}_remove'] = effect
+ elif disabled == disable.was:
+ # it was disable but not anymore
+ ifdict[f'{key}_remove'] = []
+ sections = active
+ else:
+ # normal change
+ # get vif-s interfaces (currently effective) - to determine which vif-s
# interface is no longer present and needs to be removed
- eff_intf = conf.list_effective_nodes('vif-c')
- act_intf = conf.list_nodes('vif-c')
- vlan['vif_c_remove'] = list_diff(eff_intf, act_intf)
-
- # check if there is a Q-in-Q vlan customer interface
- # and call this function recursively
- if conf.exists('vif-c'):
- cfg_level = conf.get_level()
- # add new key (vif-c) to dictionary
- for vif in conf.list_nodes('vif-c'):
- # set config level to vif interface
- conf.set_level(cfg_level + ['vif-c', vif])
- vlan['vif_c'].append(vlan_to_dict(conf))
+ ifdict[f'{key}_remove'] = list_diff(effect, active)
+ sections = active
+
+ current_level = conf.get_level()
+
+ # add each section, the key must already exists
+ for s in sections:
+ # set config level to vif interface
+ conf.set_level(current_level + [section, s])
+ ifdict[f'{key}'].append(vlan_to_dict(conf))
+
+ # re-set configuration level to leave things as found
+ conf.set_level(current_level)
+
+ return ifdict
+
+
+def vlan_to_dict(conf, default=vlan_default):
+ vlan, disabled = intf_to_dict(conf, default)
+ # get the '100' in 'interfaces bonding bond0 vif-s 100
+ vlan['id'] = conf.get_level()[-1]
+
+ current_level = conf.get_level()
+
+ # if this is a not within vif-s node, we are done
+ if current_level[-2] != 'vif-s':
+ return vlan
+
+ # ethertype is mandatory on vif-s nodes and only exists here!
+ # ethertype uses a default of 0x88A8
+ tmp = '0x88A8'
+ if conf.exists('ethertype'):
+ tmp = conf.return_value('ethertype')
+ vlan['ethertype'] = get_ethertype(tmp)
+
+ # check if there is a Q-in-Q vlan customer interface
+ # and call this function recursively
+
+ add_to_dict(conf, disable, vlan, 'vif-c', 'vif_c')
return vlan
diff --git a/python/vyos/configsession.py b/python/vyos/configsession.py
index aaf08e726..f2524b37e 100644
--- a/python/vyos/configsession.py
+++ b/python/vyos/configsession.py
@@ -181,11 +181,11 @@ class ConfigSession(object):
out = self.__run_command(REMOVE_IMAGE + [name])
return out
- def generate(self, cmd):
- out = self.__run_command(GENERATE + cmd.split())
+ def generate(self, path):
+ out = self.__run_command(GENERATE + path)
return out
- def show(self, cmd):
- out = self.__run_command(SHOW + cmd.split())
+ def show(self, path):
+ out = self.__run_command(SHOW + path)
return out
diff --git a/python/vyos/configtree.py b/python/vyos/configtree.py
index a0b0eb3c1..d8ffaca99 100644
--- a/python/vyos/configtree.py
+++ b/python/vyos/configtree.py
@@ -10,7 +10,7 @@
# See the GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License along with this library;
-# if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+# if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
import re
import json
@@ -200,7 +200,7 @@ class ConfigTree(object):
raise ConfigTreeError()
res = self.__rename(self.__config, path_str, newname_str)
if (res != 0):
- raise ConfigTreeError("Path [{}] doesn't exist".format(oldpath))
+ raise ConfigTreeError("Path [{}] doesn't exist".format(path))
def copy(self, old_path, new_path):
check_path(old_path)
@@ -213,7 +213,7 @@ class ConfigTree(object):
raise ConfigTreeError()
res = self.__copy(self.__config, oldpath_str, newpath_str)
if (res != 0):
- raise ConfigTreeError("Path [{}] doesn't exist".format(oldpath))
+ raise ConfigTreeError("Path [{}] doesn't exist".format(old_path))
def exists(self, path):
check_path(path)
diff --git a/python/vyos/debug.py b/python/vyos/debug.py
index 20090fb85..1a042cbb4 100644
--- a/python/vyos/debug.py
+++ b/python/vyos/debug.py
@@ -41,8 +41,9 @@ def message(message, flag='', destination=sys.stdout):
try:
# at boot the file is created as root:vyattacfg
# at runtime the file is created as user:vyattacfg
- # the default permission are 644
- mask = os.umask(0o113)
+ # but the helper scripts are not run as this so it
+ # need the default permission to be 666 (an not 660)
+ mask = os.umask(0o111)
with open(logfile, 'a') as f:
f.write(_format('log', message))
@@ -133,7 +134,7 @@ def _contentenv(flag):
return os.environ.get(f'VYOS_{flag.upper()}_DEBUG', '').strip()
-def _contentfile(flag):
+def _contentfile(flag, default=''):
"""
Check if debug exist for a given debug flag name
@@ -153,7 +154,8 @@ def _contentfile(flag):
if not os.path.isfile(flagfile):
continue
with open(flagfile) as f:
- return f.readline().strip()
+ content = f.readline().strip()
+ return content or default
return ''
@@ -166,7 +168,7 @@ def _logfile(flag, default):
"""
# For log we return the location of the log file
- log_location = _contentenv(flag) or _contentfile(flag)
+ log_location = _contentenv(flag) or _contentfile(flag, default)
# it was not set
if not log_location:
@@ -177,6 +179,15 @@ def _logfile(flag, default):
not log_location.startswith('/config/') and \
not log_location.startswith('/var/log/'):
return default
+ # Do not allow to escape the folders
if '..' in log_location:
return default
+
+ if not os.path.exists(log_location):
+ return log_location
+
+ # this permission is unique the the config and var folder
+ stat = os.stat(log_location).st_mode
+ if stat != 0o100666:
+ return default
return log_location
diff --git a/python/vyos/ifconfig/dhcp.py b/python/vyos/ifconfig/dhcp.py
index d4ff9c2cd..bf6566c07 100644
--- a/python/vyos/ifconfig/dhcp.py
+++ b/python/vyos/ifconfig/dhcp.py
@@ -19,28 +19,20 @@ from vyos.dicts import FixedDict
from vyos.ifconfig.control import Control
from vyos.template import render
+config_base = r'/var/lib/dhcp/dhclient_'
-class _DHCP (Control):
- client_base = r'/var/lib/dhcp/dhclient_'
-
- def __init__(self, ifname, version, **kargs):
- super().__init__(**kargs)
- self.version = version
- self.file = {
- 'ifname': ifname,
- 'conf': self.client_base + ifname + '.' + version + 'conf',
- 'pid': self.client_base + ifname + '.' + version + 'pid',
- 'lease': self.client_base + ifname + '.' + version + 'leases',
- }
-
-class _DHCPv4 (_DHCP):
+class _DHCPv4 (Control):
def __init__(self, ifname):
- super().__init__(ifname, '')
+ super().__init__()
self.options = FixedDict(**{
'ifname': ifname,
'hostname': '',
'client_id': '',
- 'vendor_class_id': ''
+ 'vendor_class_id': '',
+ 'conf_file': config_base + f'{ifname}.conf',
+ 'options_file': config_base + f'{ifname}.options',
+ 'pid_file': config_base + f'{ifname}.pid',
+ 'lease_file': config_base + f'{ifname}.leases',
})
# replace dhcpv4/v6 with systemd.networkd?
@@ -55,25 +47,16 @@ class _DHCPv4 (_DHCP):
>>> j = Interface('eth0')
>>> j.dhcp.v4.set()
"""
-
if not self.options['hostname']:
# read configured system hostname.
# maybe change to vyos hostd client ???
with open('/etc/hostname', 'r') as f:
self.options['hostname'] = f.read().rstrip('\n')
- render(self.file['conf'], 'dhcp-client/ipv4.tmpl' ,self.options)
+ render(self.options['options_file'], 'dhcp-client/daemon-options.tmpl', self.options)
+ render(self.options['conf_file'], 'dhcp-client/ipv4.tmpl', self.options)
- cmd = 'start-stop-daemon'
- cmd += ' --start'
- cmd += ' --oknodo'
- cmd += ' --quiet'
- cmd += ' --pidfile {pid}'
- cmd += ' --exec /sbin/dhclient'
- cmd += ' --'
- # now pass arguments to dhclient binary
- cmd += ' -4 -nw -cf {conf} -pf {pid} -lf {lease} {ifname}'
- return self._cmd(cmd.format(**self.file))
+ return self._cmd('systemctl restart dhclient@{ifname}.service'.format(**self.options))
def delete(self):
"""
@@ -86,44 +69,29 @@ class _DHCPv4 (_DHCP):
>>> j = Interface('eth0')
>>> j.dhcp.v4.delete()
"""
- if not os.path.isfile(self.file['pid']):
+ if not os.path.isfile(self.options['pid_file']):
self._debug_msg('No DHCP client PID found')
return None
- # with open(self.file['pid'], 'r') as f:
- # pid = int(f.read())
-
- # stop dhclient, we need to call dhclient and tell it should release the
- # aquired IP address. tcpdump tells me:
- # 172.16.35.103.68 > 172.16.35.254.67: [bad udp cksum 0xa0cb -> 0xb943!] BOOTP/DHCP, Request from 00:50:56:9d:11:df, length 300, xid 0x620e6946, Flags [none] (0x0000)
- # Client-IP 172.16.35.103
- # Client-Ethernet-Address 00:50:56:9d:11:df
- # Vendor-rfc1048 Extensions
- # Magic Cookie 0x63825363
- # DHCP-Message Option 53, length 1: Release
- # Server-ID Option 54, length 4: 172.16.35.254
- # Hostname Option 12, length 10: "vyos"
- #
- cmd = '/sbin/dhclient -cf {conf} -pf {pid} -lf {lease} -r {ifname}'
- self._cmd(cmd.format(**self.file))
+ self._cmd('systemctl stop dhclient@{ifname}.service'.format(**self.options))
# cleanup old config files
- for name in ('conf', 'pid', 'lease'):
- if os.path.isfile(self.file[name]):
- os.remove(self.file[name])
+ for name in ('conf_file', 'options_file', 'pid_file', 'lease_file'):
+ if os.path.isfile(self.options[name]):
+ os.remove(self.options[name])
-
-class _DHCPv6 (_DHCP):
+class _DHCPv6 (Control):
def __init__(self, ifname):
- super().__init__(ifname, 'v6')
+ super().__init__()
self.options = FixedDict(**{
'ifname': ifname,
+ 'conf_file': config_base + f'v6_{ifname}.conf',
+ 'options_file': config_base + f'v6_{ifname}.options',
+ 'pid_file': config_base + f'v6_{ifname}.pid',
+ 'lease_file': config_base + f'v6_{ifname}.leases',
'dhcpv6_prm_only': False,
'dhcpv6_temporary': False,
})
- self.file.update({
- 'accept_ra': f'/proc/sys/net/ipv6/conf/{ifname}/accept_ra',
- })
def set(self):
"""
@@ -134,7 +102,7 @@ class _DHCPv6 (_DHCP):
>>> from vyos.ifconfig import Interface
>>> j = Interface('eth0')
- >>> j.set_dhcpv6()
+ >>> j.dhcp.v6.set()
"""
# better save then sorry .. should be checked in interface script
@@ -143,29 +111,13 @@ class _DHCPv6 (_DHCP):
raise Exception(
'DHCPv6 temporary and parameters-only options are mutually exclusive!')
- render(self.file['conf'], 'dhcp-client/ipv6.tmpl', self.options)
+ render(self.options['options_file'], 'dhcp-client/daemon-options.tmpl', self.options)
+ render(self.options['conf_file'], 'dhcp-client/ipv6.tmpl', self.options)
# no longer accept router announcements on this interface
- self._write_sysfs(self.file['accept_ra'], 0)
-
- # assemble command-line to start DHCPv6 client (dhclient)
- cmd = 'start-stop-daemon'
- cmd += ' --start'
- cmd += ' --oknodo'
- cmd += ' --quiet'
- cmd += ' --pidfile {pid}'
- cmd += ' --exec /sbin/dhclient'
- cmd += ' --'
- # now pass arguments to dhclient binary
- cmd += ' -6 -nw -cf {conf} -pf {pid} -lf {lease}'
- # add optional arguments
- if self.options['dhcpv6_prm_only']:
- cmd += ' -S'
- if self.options['dhcpv6_temporary']:
- cmd += ' -T'
- cmd += ' {ifname}'
-
- return self._cmd(cmd.format(**self.file))
+ self._write_sysfs('/proc/sys/net/ipv6/conf/{ifname}/accept_ra'.format(**self.options), 0)
+
+ return self._cmd('systemctl restart dhclient6@{ifname}.service'.format(**self.options))
def delete(self):
"""
@@ -176,33 +128,24 @@ class _DHCPv6 (_DHCP):
>>> from vyos.ifconfig import Interface
>>> j = Interface('eth0')
- >>> j.del_dhcpv6()
+ >>> j.dhcp.v6.delete()
"""
- if not os.path.isfile(self.file['pid']):
+ if not os.path.isfile(self.options['pid_file']):
self._debug_msg('No DHCPv6 client PID found')
return None
- # with open(self.file['pid'], 'r') as f:
- # pid = int(f.read())
-
- # stop dhclient
- cmd = 'start-stop-daemon'
- cmd += ' --start'
- cmd += ' --oknodo'
- cmd += ' --quiet'
- cmd += ' --pidfile {pid}'
- self._cmd(cmd.format(**self.file))
+ self._cmd('systemctl stop dhclient6@{ifname}.service'.format(**self.options))
# accept router announcements on this interface
- self._write_sysfs(self.options['accept_ra'], 1)
+ self._write_sysfs('/proc/sys/net/ipv6/conf/{ifname}/accept_ra'.format(**self.options), 1)
# cleanup old config files
- for name in ('conf', 'pid', 'lease'):
- if os.path.isfile(self.file[name]):
- os.remove(self.file[name])
+ for name in ('conf_file', 'options_file', 'pid_file', 'lease_file'):
+ if os.path.isfile(self.options[name]):
+ os.remove(self.options[name])
-class DHCP (object):
+class DHCP(object):
def __init__(self, ifname):
self.v4 = _DHCPv4(ifname)
self.v6 = _DHCPv6(ifname)
diff --git a/python/vyos/ifconfig/ethernet.py b/python/vyos/ifconfig/ethernet.py
index 542de4f59..5b18926c9 100644
--- a/python/vyos/ifconfig/ethernet.py
+++ b/python/vyos/ifconfig/ethernet.py
@@ -40,6 +40,7 @@ class EthernetIf(Interface):
'bondable': True,
'broadcast': True,
'bridgeable': True,
+ 'eternal': '(lan|eth|eno|ens|enp|enx)[0-9]+$',
}
}
@@ -76,10 +77,6 @@ class EthernetIf(Interface):
},
}}
- def _delete(self):
- # Ethernet interfaces can not be removed
- pass
-
def get_driver_name(self):
"""
Return the driver name used by NIC. Some NICs don't support all
diff --git a/python/vyos/ifconfig/geneve.py b/python/vyos/ifconfig/geneve.py
index 0c1cdade9..145dc268c 100644
--- a/python/vyos/ifconfig/geneve.py
+++ b/python/vyos/ifconfig/geneve.py
@@ -35,6 +35,8 @@ class GeneveIf(Interface):
'vni': 0,
'remote': '',
}
+ options = Interface.options + \
+ ['vni', 'remote']
definition = {
**Interface.definition,
**{
diff --git a/python/vyos/ifconfig/interface.py b/python/vyos/ifconfig/interface.py
index 32ce1a80c..de5ca369f 100644
--- a/python/vyos/ifconfig/interface.py
+++ b/python/vyos/ifconfig/interface.py
@@ -1,4 +1,4 @@
-# Copyright 2019 VyOS maintainers and contributors <maintainers@vyos.io>
+# Copyright 2019-2020 VyOS maintainers and contributors <maintainers@vyos.io>
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
@@ -14,6 +14,7 @@
# License along with this library. If not, see <http://www.gnu.org/licenses/>.
import os
+import re
import json
from copy import deepcopy
@@ -49,7 +50,7 @@ class Interface(Control):
# WireGuard to modify their display behaviour
OperationalClass = Operational
- options = []
+ options = ['debug', 'create',]
required = []
default = {
'type': '',
@@ -63,6 +64,7 @@ class Interface(Control):
'bondable': False,
'broadcast': False,
'bridgeable': False,
+ 'eternal': '',
}
_command_get = {
@@ -217,7 +219,7 @@ class Interface(Control):
else:
raise Exception('interface "{}" not found'.format(self.config['ifname']))
- # list of assigned IP addresses
+ # temporary list of assigned IP addresses
self._addr = []
self.operational = self.OperationalClass(ifname)
@@ -238,39 +240,21 @@ class Interface(Control):
>>> i = Interface('eth0')
>>> i.remove()
"""
- # stop DHCP(v6) if running
- self.dhcp.v4.delete()
- self.dhcp.v6.delete()
# remove all assigned IP addresses from interface - this is a bit redundant
# as the kernel will remove all addresses on interface deletion, but we
# can not delete ALL interfaces, see below
- for addr in self.get_addr():
- self.del_addr(addr)
+ self.flush_addrs()
# ---------------------------------------------------------------------
- # A code refactoring is required as this type check is present as
- # Interface implement behaviour for one of it's sub-class.
-
- # It is required as the current pattern for vlan is:
- # Interface('name').remove() to delete an interface
- # The code should be modified to have a class method called connect and
- # have Interface.connect('name').remove()
+ # Any class can define an eternal regex in its definition
+ # interface matching the regex will not be deleted
- # each subclass should register within Interface the pattern for that
- # interface ie: (ethX, etc.) and use this to create an instance of
- # the right class (EthernetIf, ...)
-
- # Ethernet interfaces can not be removed
-
- # Commented out as nowhere in the code do we call Interface()
- # This would also cause an import loop
- # if self.__class__ == EthernetIf:
- # return
-
- # ---------------------------------------------------------------------
-
- self._delete()
+ eternal = self.definition['eternal']
+ if not eternal:
+ self._delete()
+ elif not re.match(eternal, self.ifname):
+ self._delete()
def _delete(self):
# NOTE (Improvement):
@@ -431,39 +415,28 @@ class Interface(Control):
"""
return self.set_interface('ipv6_autoconf', autoconf)
- def set_ipv6_eui64_address(self, prefix):
+ def add_ipv6_eui64_address(self, prefix):
"""
Extended Unique Identifier (EUI), as per RFC2373, allows a host to
- assign iteslf a unique IPv6 address based on a given IPv6 prefix.
+ assign itself a unique IPv6 address based on a given IPv6 prefix.
- If prefix is passed address is assigned, if prefix is '' address is
- removed from interface.
+ Calculate the EUI64 from the interface's MAC, then assign it
+ with the given prefix to the interface.
"""
- # if prefix is an empty string convert it to None so mac2eui64 works
- # as expected
- if not prefix:
- prefix = None
eui64 = mac2eui64(self.get_mac(), prefix)
+ prefixlen = prefix.split('/')[1]
+ self.add_addr(f'{eui64}/{prefixlen}')
- if not prefix:
- # if prefix is empty - thus removed - we need to walk through all
- # interface IPv6 addresses and find the one with the calculated
- # EUI-64 identifier. The address is then removed
- for addr in self.get_addr():
- addr_wo_prefix = addr.split('/')[0]
- if is_ipv6(addr_wo_prefix):
- if eui64 in IPv6Address(addr_wo_prefix).exploded:
- self.del_addr(addr)
-
- return None
+ def del_ipv6_eui64_address(self, prefix):
+ """
+ Delete the address based on the interface's MAC-based EUI64
+ combined with the prefix address.
+ """
+ eui64 = mac2eui64(self.get_mac(), prefix)
+ prefixlen = prefix.split('/')[1]
+ self.del_addr(f'{eui64}/{prefixlen}')
- # calculate and add EUI-64 IPv6 address
- if IPv6Network(prefix):
- # we also need to take the subnet length into account
- prefix = prefix.split('/')[1]
- eui64 = f'{eui64}/{prefix}'
- self.add_addr(eui64 )
def set_ipv6_forwarding(self, forwarding):
"""
@@ -644,7 +617,8 @@ class Interface(Control):
def add_addr(self, addr):
"""
Add IP(v6) address to interface. Address is only added if it is not
- already assigned to that interface.
+ already assigned to that interface. Address format must be validated
+ and compressed/normalized before calling this function.
addr: can be an IPv4 address, IPv6 address, dhcp or dhcpv6!
IPv4: add IPv4 address to interface
@@ -652,6 +626,7 @@ class Interface(Control):
dhcp: start dhclient (IPv4) on interface
dhcpv6: start dhclient (IPv6) on interface
+ Returns False if address is already assigned and wasn't re-added.
Example:
>>> from vyos.ifconfig import Interface
>>> j = Interface('eth0')
@@ -660,32 +635,44 @@ class Interface(Control):
>>> j.get_addr()
['192.0.2.1/24', '2001:db8::ffff/64']
"""
+ # XXX: normalize/compress with ipaddress if calling functions don't?
+ # is subnet mask always passed, and in the same way?
- # cache new IP address which is assigned to interface
- self._addr.append(addr)
+ # we can't have both DHCP and static IPv4 addresses assigned
+ for a in self._addr:
+ if ( ( addr == 'dhcp' and a != 'dhcpv6' and is_ipv4(a) ) or
+ ( a == 'dhcp' and addr != 'dhcpv6' and is_ipv4(addr) ) ):
+ raise ConfigError((
+ "Can't configure both static IPv4 and DHCP address "
+ "on the same interface"))
- # we can not have both DHCP and static IPv4 addresses assigned to an interface
- if 'dhcp' in self._addr:
- for addr in self._addr:
- # do not change below 'if' ordering esle you will get an exception as:
- # ValueError: 'dhcp' does not appear to be an IPv4 or IPv6 address
- if addr != 'dhcp' and is_ipv4(addr):
- raise ConfigError(
- "Can't configure both static IPv4 and DHCP address on the same interface")
+ # do not add same address twice
+ if addr in self._addr:
+ return False
+ # add to interface
if addr == 'dhcp':
+ self._addr.append(addr)
self.dhcp.v4.set()
- elif addr == 'dhcpv6':
+ return True
+
+ if addr == 'dhcpv6':
+ self._addr.append(addr)
self.dhcp.v6.set()
- else:
- if not is_intf_addr_assigned(self.config['ifname'], addr):
- cmd = 'ip addr add "{}" dev "{}"'.format(addr, self.config['ifname'])
- return self._cmd(cmd)
+ return True
+
+ if not is_intf_addr_assigned(self.ifname, addr):
+ self._addr.append(addr)
+ self._cmd(f'ip addr add "{addr}" dev "{self.ifname}"')
+ return True
+
+ return False
def del_addr(self, addr):
"""
- Delete IP(v6) address to interface. Address is only added if it is
- assigned to that interface.
+ Delete IP(v6) address from interface. Address is only deleted if it is
+ assigned to that interface. Address format must be exactly the same as
+ was used when adding the address.
addr: can be an IPv4 address, IPv6 address, dhcp or dhcpv6!
IPv4: delete IPv4 address from interface
@@ -693,6 +680,7 @@ class Interface(Control):
dhcp: stop dhclient (IPv4) on interface
dhcpv6: stop dhclient (IPv6) on interface
+ Returns False if address isn't already assigned and wasn't deleted.
Example:
>>> from vyos.ifconfig import Interface
>>> j = Interface('eth0')
@@ -704,11 +692,35 @@ class Interface(Control):
>>> j.get_addr()
['2001:db8::ffff/64']
"""
+
+ # remove from cache (dhcp, and dhcpv6 can not be in it)
+ if addr in self._addr:
+ self._addr.remove(addr)
+
+ # remove from interface
if addr == 'dhcp':
self.dhcp.v4.delete()
- elif addr == 'dhcpv6':
+ return True
+
+ if addr == 'dhcpv6':
self.dhcp.v6.delete()
- else:
- if is_intf_addr_assigned(self.config['ifname'], addr):
- cmd = 'ip addr del "{}" dev "{}"'.format(addr, self.config['ifname'])
- return self._cmd(cmd)
+ return True
+
+ if is_intf_addr_assigned(self.ifname, addr):
+ self._cmd(f'ip addr del "{addr}" dev "{self.ifname}"')
+ return True
+
+ return False
+
+ def flush_addrs(self):
+ """
+ Flush all addresses from an interface, including DHCP.
+
+ Will raise an exception on error.
+ """
+ # stop DHCP(v6) if running
+ self.dhcp.v4.delete()
+ self.dhcp.v6.delete()
+
+ # flush all addresses
+ self._cmd(f'ip addr flush dev "{self.ifname}"')
diff --git a/python/vyos/ifconfig/macvlan.py b/python/vyos/ifconfig/macvlan.py
index 55b1a3e91..b5481f4a7 100644
--- a/python/vyos/ifconfig/macvlan.py
+++ b/python/vyos/ifconfig/macvlan.py
@@ -13,6 +13,7 @@
# You should have received a copy of the GNU Lesser General Public
# License along with this library. If not, see <http://www.gnu.org/licenses/>.
+from copy import deepcopy
from vyos.ifconfig.interface import Interface
from vyos.ifconfig.vlan import VLAN
@@ -27,6 +28,9 @@ class MACVLANIf(Interface):
default = {
'type': 'macvlan',
+ 'address': '',
+ 'source_interface': '',
+ 'mode': '',
}
definition = {
**Interface.definition,
@@ -35,33 +39,32 @@ class MACVLANIf(Interface):
'prefixes': ['peth', ],
},
}
- options = Interface.options + ['source_interface', 'mode']
+ options = Interface.options + \
+ ['source_interface', 'mode']
def _create(self):
- cmd = 'ip link add {ifname} link {source_interface} type macvlan mode {mode}'.format(
- **self.config)
- self._cmd(cmd)
+ # please do not change the order when assembling the command
+ cmd = 'ip link add {ifname}'
+ if self.config['source_interface']:
+ cmd += ' link {source_interface}'
+ cmd += ' type macvlan'
+ if self.config['mode']:
+ cmd += ' mode {mode}'
+ self._cmd(cmd.format(**self.config))
- @staticmethod
- def get_config():
+ def set_mode(self, mode):
+ ifname = self.config['ifname']
+ cmd = f'ip link set dev {ifname} type macvlan mode {mode}'
+ return self._cmd(cmd)
+
+ @classmethod
+ def get_config(cls):
"""
- VXLAN interfaces require a configuration when they are added using
- iproute2. This static method will provide the configuration dictionary
- used by this class.
+ MACVLAN interfaces require a configuration when they are added using
+ iproute2. This method will provide the configuration dictionary used
+ by this class.
Example:
>> dict = MACVLANIf().get_config()
"""
- config = {
- 'address': '',
- 'source_interface': '',
- 'mode': ''
- }
- return config
-
- def set_mode(self, mode):
- """
- """
- ifname = self.config['ifname']
- cmd = f'ip link set dev {ifname} type macvlan mode {mode}'
- return self._cmd(cmd)
+ return deepcopy(cls.default)
diff --git a/python/vyos/ifconfig/tunnel.py b/python/vyos/ifconfig/tunnel.py
index 009a53a82..85c22b5b4 100644
--- a/python/vyos/ifconfig/tunnel.py
+++ b/python/vyos/ifconfig/tunnel.py
@@ -43,7 +43,7 @@ class _Tunnel(Interface):
**{
'section': 'tunnel',
'prefixes': ['tun',],
- 'bridgeable': True,
+ 'bridgeable': False,
},
}
@@ -135,14 +135,21 @@ class GREIf(_Tunnel):
https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/tree/ip/link_gre.c
"""
+ definition = {
+ **_Tunnel.definition,
+ **{
+ 'bridgeable': True,
+ },
+ }
+
ip = [IP4, IP6]
tunnel = IP4
default = {'type': 'gre'}
required = ['local', ] # mGRE is a GRE without remote endpoint
- options = ['local', 'remote', 'ttl', 'tos', 'key']
- updates = ['local', 'remote', 'ttl', 'tos',
+ options = ['local', 'remote', 'dev', 'ttl', 'tos', 'key']
+ updates = ['local', 'remote', 'dev', 'ttl', 'tos',
'mtu', 'multicast', 'allmulticast']
create = 'ip tunnel add {ifname} mode {type}'
@@ -160,6 +167,13 @@ class GRETapIf(_Tunnel):
# no multicast, ttl or tos for gretap
+ definition = {
+ **_Tunnel.definition,
+ **{
+ 'bridgeable': True,
+ },
+ }
+
ip = [IP4, ]
tunnel = IP4
@@ -189,9 +203,9 @@ class IP6GREIf(_Tunnel):
default = {'type': 'ip6gre'}
required = ['local', 'remote']
- options = ['local', 'remote', 'encaplimit',
+ options = ['local', 'remote', 'dev', 'encaplimit',
'hoplimit', 'tclass', 'flowlabel']
- updates = ['local', 'remote', 'encaplimit',
+ updates = ['local', 'remote', 'dev', 'encaplimit',
'hoplimit', 'tclass', 'flowlabel',
'mtu', 'multicast', 'allmulticast']
@@ -225,8 +239,8 @@ class IPIPIf(_Tunnel):
default = {'type': 'ipip'}
required = ['local', 'remote']
- options = ['local', 'remote', 'ttl', 'tos', 'key']
- updates = ['local', 'remote', 'ttl', 'tos',
+ options = ['local', 'remote', 'dev', 'ttl', 'tos', 'key']
+ updates = ['local', 'remote', 'dev', 'ttl', 'tos',
'mtu', 'multicast', 'allmulticast']
create = 'ip tunnel add {ifname} mode {type}'
@@ -248,9 +262,9 @@ class IPIP6If(_Tunnel):
default = {'type': 'ipip6'}
required = ['local', 'remote']
- options = ['local', 'remote', 'encaplimit',
+ options = ['local', 'remote', 'dev', 'encaplimit',
'hoplimit', 'tclass', 'flowlabel']
- updates = ['local', 'remote', 'encaplimit',
+ updates = ['local', 'remote', 'dev', 'encaplimit',
'hoplimit', 'tclass', 'flowlabel',
'mtu', 'multicast', 'allmulticast']
@@ -286,8 +300,8 @@ class SitIf(_Tunnel):
default = {'type': 'sit'}
required = ['local', 'remote']
- options = ['local', 'remote', 'ttl', 'tos', 'key']
- updates = ['local', 'remote', 'ttl', 'tos',
+ options = ['local', 'remote', 'dev', 'ttl', 'tos', 'key']
+ updates = ['local', 'remote', 'dev', 'ttl', 'tos',
'mtu', 'multicast', 'allmulticast']
create = 'ip tunnel add {ifname} mode {type}'
diff --git a/python/vyos/ifconfig/vlan.py b/python/vyos/ifconfig/vlan.py
index 7b1e00d87..d68e8f6cd 100644
--- a/python/vyos/ifconfig/vlan.py
+++ b/python/vyos/ifconfig/vlan.py
@@ -101,26 +101,26 @@ class VLAN:
>>> i.add_vlan(10)
"""
vlan_ifname = self.config['ifname'] + '.' + str(vlan_id)
- if not os.path.exists(f'/sys/class/net/{vlan_ifname}'):
- self._vlan_id = int(vlan_id)
-
- if ethertype:
- self._ethertype = ethertype
- ethertype = 'proto {}'.format(ethertype)
-
- # Optional ingress QOS mapping
- opt_i = ''
- if ingress_qos:
- opt_i = 'ingress-qos-map ' + ingress_qos
- # Optional egress QOS mapping
- opt_e = ''
- if egress_qos:
- opt_e = 'egress-qos-map ' + egress_qos
-
- # create interface in the system
- cmd = 'ip link add link {ifname} name {ifname}.{vlan} type vlan {proto} id {vlan} {opt_e} {opt_i}' \
- .format(ifname=self.config['ifname'], vlan=self._vlan_id, proto=ethertype, opt_e=opt_e, opt_i=opt_i)
- self._cmd(cmd)
+ if os.path.exists(f'/sys/class/net/{vlan_ifname}'):
+ return self.__class__(vlan_ifname)
+
+ if ethertype:
+ self._ethertype = ethertype
+ ethertype = 'proto {}'.format(ethertype)
+
+ # Optional ingress QOS mapping
+ opt_i = ''
+ if ingress_qos:
+ opt_i = 'ingress-qos-map ' + ingress_qos
+ # Optional egress QOS mapping
+ opt_e = ''
+ if egress_qos:
+ opt_e = 'egress-qos-map ' + egress_qos
+
+ # create interface in the system
+ cmd = 'ip link add link {ifname} name {ifname}.{vlan} type vlan {proto} id {vlan} {opt_e} {opt_i}' \
+ .format(ifname=self.ifname, vlan=vlan_id, proto=ethertype, opt_e=opt_e, opt_i=opt_i)
+ self._cmd(cmd)
# return new object mapping to the newly created interface
# we can now work on this object for e.g. IP address setting
diff --git a/python/vyos/ifconfig/vrrp.py b/python/vyos/ifconfig/vrrp.py
index 29b10dd9e..a872725b2 100644
--- a/python/vyos/ifconfig/vrrp.py
+++ b/python/vyos/ifconfig/vrrp.py
@@ -109,7 +109,7 @@ class VRRP(object):
return []
disabled = []
- config = json.loads(util.readfile(cls.location['vyos']))
+ config = json.loads(util.read_file(cls.location['vyos']))
# add disabled groups to the list
for group in config['vrrp_groups']:
diff --git a/python/vyos/ifconfig/vxlan.py b/python/vyos/ifconfig/vxlan.py
index f47ae17cc..f9f2e38e9 100644
--- a/python/vyos/ifconfig/vxlan.py
+++ b/python/vyos/ifconfig/vxlan.py
@@ -59,7 +59,8 @@ class VXLANIf(Interface):
'bridgeable': True,
}
}
- options = ['group', 'remote', 'src_interface', 'port', 'vni', 'src_address']
+ options = Interface.options + \
+ ['group', 'remote', 'src_interface', 'port', 'vni', 'src_address']
mapping = {
'ifname': 'add',
diff --git a/python/vyos/ifconfig/wireguard.py b/python/vyos/ifconfig/wireguard.py
index ff945c9d0..fdf5d9347 100644
--- a/python/vyos/ifconfig/wireguard.py
+++ b/python/vyos/ifconfig/wireguard.py
@@ -165,8 +165,9 @@ class WireGuardIf(Interface):
'bridgeable': True,
}
}
- options = ['port', 'private-key', 'pubkey', 'psk',
- 'allowed-ips', 'fwmark', 'endpoint', 'keepalive']
+ options = Interface.options + \
+ ['port', 'private-key', 'pubkey', 'psk',
+ 'allowed-ips', 'fwmark', 'endpoint', 'keepalive']
"""
Wireguard interface class, contains a comnfig dictionary since
diff --git a/python/vyos/ifconfig/wireless.py b/python/vyos/ifconfig/wireless.py
index 946ae1642..3122ac0a3 100644
--- a/python/vyos/ifconfig/wireless.py
+++ b/python/vyos/ifconfig/wireless.py
@@ -38,7 +38,8 @@ class WiFiIf(Interface):
'bridgeable': True,
}
}
- options = ['phy', 'op_mode']
+ options = Interface.options + \
+ ['phy', 'op_mode']
def _create(self):
# all interfaces will be added in monitor mode
diff --git a/python/vyos/ifconfig_vlan.py b/python/vyos/ifconfig_vlan.py
index 899fd17da..ee009f7f9 100644
--- a/python/vyos/ifconfig_vlan.py
+++ b/python/vyos/ifconfig_vlan.py
@@ -66,10 +66,18 @@ def apply_vlan_config(vlan, config):
# assign/remove VRF
vlan.set_vrf(config['vrf'])
+ # Delete old IPv6 EUI64 addresses before changing MAC
+ for addr in config['ipv6_eui64_prefix_remove']:
+ vlan.del_ipv6_eui64_address(addr)
+
# Change VLAN interface MAC address
if config['mac']:
vlan.set_mac(config['mac'])
+ # Add IPv6 EUI-based addresses
+ for addr in config['ipv6_eui64_prefix']:
+ vlan.add_ipv6_eui64_address(addr)
+
# enable/disable VLAN interface
if config['disable']:
vlan.set_admin_state('down')
diff --git a/python/vyos/logger.py b/python/vyos/logger.py
new file mode 100644
index 000000000..f7cc964d5
--- /dev/null
+++ b/python/vyos/logger.py
@@ -0,0 +1,143 @@
+# Copyright 2020 VyOS maintainers and contributors <maintainers@vyos.io>
+#
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation; either
+# version 2.1 of the License, or (at your option) any later version.
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this library. If not, see <http://www.gnu.org/licenses/>.
+
+# A wrapper class around logging to make it easier to use
+
+# for a syslog logger:
+# from vyos.logger import syslog
+# syslog.critical('message')
+
+# for a stderr logger:
+# from vyos.logger import stderr
+# stderr.critical('message')
+
+# for a custom logger (syslog and file):
+# from vyos.logger import getLogger
+# combined = getLogger(__name__, syslog=True, stream=sys.stdout, filename='/tmp/test')
+# combined.critical('message')
+
+import sys
+import logging
+import logging.handlers as handlers
+
+TIMED = '%(asctime)s: %(message)s'
+SHORT = '%(filename)s: %(message)s'
+CLEAR = '%(levelname) %(asctime)s %(filename)s: %(message)s'
+
+_levels = {
+ 'CRITICAL': logging.CRITICAL,
+ 'ERROR': logging.CRITICAL,
+ 'WARNING': logging.WARNING,
+ 'INFO': logging.INFO,
+ 'DEBUG': logging.DEBUG,
+ 'NOTSET': logging.NOTSET,
+}
+
+# prevent recreation of already created logger
+_created = {}
+
+def getLogger(name=None, **kwargs):
+ if name in _created:
+ if len(kwargs) == 0:
+ return _created[name]
+ raise ValueError('a logger with the name "{name} already exists')
+
+ logger = logging.getLogger(name)
+ logger.setLevel(_levels[kwargs.get('level', 'DEBUG')])
+
+ if 'address' in kwargs or kwargs.get('syslog', False):
+ logger.addHandler(_syslog(**kwargs))
+ if 'stream' in kwargs:
+ logger.addHandler(_stream(**kwargs))
+ if 'filename' in kwargs:
+ logger.addHandler(_file(**kwargs))
+
+ _created[name] = logger
+ return logger
+
+
+def _syslog(**kwargs):
+ formating = kwargs.get('format', SHORT)
+ handler = handlers.SysLogHandler(
+ address=kwargs.get('address', '/dev/log'),
+ facility=kwargs.get('facility', 'syslog'),
+ )
+ handler.setFormatter(logging.Formatter(formating))
+ return handler
+
+
+def _stream(**kwargs):
+ formating = kwargs.get('format', CLEAR)
+ handler = logging.StreamHandler(
+ stream=kwargs.get('stream', sys.stderr),
+ )
+ handler.setFormatter(logging.Formatter(formating))
+ return handler
+
+
+def _file(**kwargs):
+ formating = kwargs.get('format', CLEAR)
+ handler = handlers.RotatingFileHandler(
+ filename=kwargs.get('filename', 1048576),
+ maxBytes=kwargs.get('maxBytes', 1048576),
+ backupCount=kwargs.get('backupCount', 3),
+ )
+ handler.setFormatter(logging.Formatter(formating))
+ return handler
+
+
+# exported pre-built logger, please keep in mind that the names
+# must be unique otherwise the logger are shared
+
+# a logger for stderr
+stderr = getLogger(
+ 'VyOS Syslog',
+ format=SHORT,
+ stream=sys.stderr,
+ address='/dev/log'
+)
+
+# a logger to syslog
+syslog = getLogger(
+ 'VyOS StdErr',
+ format='%(message)s',
+ address='/dev/log'
+)
+
+
+# testing
+if __name__ == '__main__':
+ # from vyos.logger import getLogger
+ formating = '%(asctime)s (%(filename)s) %(levelname)s: %(message)s'
+
+ # syslog logger
+ # syslog=True if no 'address' field is provided
+ syslog = getLogger(__name__ + '.1', syslog=True, format=formating)
+ syslog.info('syslog test')
+
+ # steam logger
+ stream = getLogger(__name__ + '.2', stream=sys.stdout, level='ERROR')
+ stream.info('steam test')
+
+ # file logger
+ filelog = getLogger(__name__ + '.3', filename='/tmp/test')
+ filelog.info('file test')
+
+ # create a combined logger
+ getLogger('VyOS', syslog=True, stream=sys.stdout, filename='/tmp/test')
+
+ # recover the created logger from name
+ combined = getLogger('VyOS')
+ combined.info('combined test')
diff --git a/python/vyos/remote.py b/python/vyos/remote.py
index 1b4d3876e..3f46d979b 100644
--- a/python/vyos/remote.py
+++ b/python/vyos/remote.py
@@ -91,7 +91,7 @@ def get_remote_config(remote_file):
ftp://<user>[:<passwd>]@<host>/<file>
tftp://<host>/<file>
"""
- request = dict.fromkeys(['protocol', 'host', 'file', 'user', 'passwd'])
+ request = dict.fromkeys(['protocol', 'user', 'host', 'file'])
protocols = ['scp', 'sftp', 'http', 'https', 'ftp', 'tftp']
or_protocols = '|'.join(protocols)
@@ -108,11 +108,6 @@ def get_remote_config(remote_file):
if user_match:
request['user'] = user_match.groups()[0]
request['host'] = user_match.groups()[1]
- passwd_match = re.search(r'(.*):(.*)', request['user'])
- if passwd_match:
- # Deprectated in RFC 3986, but maintain for backward compatability.
- request['user'] = passwd_match.groups()[0]
- request['passwd'] = passwd_match.groups()[1]
remote_file = '{0}://{1}{2}'.format(request['protocol'], request['host'], request['file'])
@@ -137,7 +132,7 @@ def get_remote_config(remote_file):
print('HTTP error: {0} {1}'.format(*val))
sys.exit(1)
- if request['user'] and not request['passwd']:
+ if request['user']:
curl_cmd = 'curl -# -u {0} {1}'.format(request['user'], remote_file)
else:
curl_cmd = 'curl {0} -# {1}'.format(redirect_opt, remote_file)
diff --git a/python/vyos/template.py b/python/vyos/template.py
index 6c73ce753..e4b253ed3 100644
--- a/python/vyos/template.py
+++ b/python/vyos/template.py
@@ -19,6 +19,7 @@ from jinja2 import Environment
from jinja2 import FileSystemLoader
from vyos.defaults import directories
+from vyos.util import chmod, chown, makedir
# reuse the same Environment to improve performance
@@ -32,7 +33,7 @@ _templates_mem = {
}
-def render(destination, template, content, trim_blocks=False, formater=None):
+def render(destination, template, content, trim_blocks=False, formater=None, permission=None, user=None, group=None):
"""
render a template from the template directory, it will raise on any errors
destination: the file where the rendered template must be saved
@@ -46,6 +47,10 @@ def render(destination, template, content, trim_blocks=False, formater=None):
(recovering the load time and overhead caused by having the file out of the code)
"""
+ # Create the directory if it does not exists
+ folder = os.path.dirname(destination)
+ makedir(folder, user, group)
+
# Setup a renderer for the given template
# This is cached and re-used for performance
if template not in _templates_mem[trim_blocks]:
@@ -63,3 +68,6 @@ def render(destination, template, content, trim_blocks=False, formater=None):
# Write client config file
with open(destination, 'w') as f:
f.write(content)
+
+ chmod(destination, permission)
+ chown(destination, user, group)
diff --git a/python/vyos/util.py b/python/vyos/util.py
index eb78c4a26..92b6f7992 100644
--- a/python/vyos/util.py
+++ b/python/vyos/util.py
@@ -14,6 +14,7 @@
# License along with this library. If not, see <http://www.gnu.org/licenses/>.
import os
+import sys
#
# NOTE: Do not import full classes here, move your import to the function
@@ -25,7 +26,7 @@ import os
# which all have slighty different behaviour
from subprocess import Popen, PIPE, STDOUT, DEVNULL
def popen(command, flag='', shell=None, input=None, timeout=None, env=None,
- stdout=PIPE, stderr=None, decode=None):
+ stdout=PIPE, stderr=PIPE, decode='utf-8'):
"""
popen is a wrapper helper aound subprocess.Popen
with it default setting it will return a tuple (out, err)
@@ -48,12 +49,14 @@ def popen(command, flag='', shell=None, input=None, timeout=None, env=None,
- STDOUT, send the data to be merged with stdout
- DEVNULL, discard the output
decode: specify the expected text encoding (utf-8, ascii, ...)
+ the default is explicitely utf-8 which is python's own default
usage:
to get both stdout, and stderr: popen('command', stdout=PIPE, stderr=STDOUT)
to discard stdout and get stderr: popen('command', stdout=DEVNUL, stderr=PIPE)
"""
from vyos import debug
+ from vyos import airbag
# log if the flag is set, otherwise log if command is set
if not debug.enabled(flag):
flag = 'command'
@@ -77,27 +80,39 @@ def popen(command, flag='', shell=None, input=None, timeout=None, env=None,
stdin=stdin, stdout=stdout, stderr=stderr,
env=env, shell=use_shell,
)
- tmp = p.communicate(input, timeout)
- out1 = b''
- out2 = b''
+
+ pipe = p.communicate(input, timeout)
+
+ pipe_out = b''
if stdout == PIPE:
- out1 = tmp[0]
+ pipe_out = pipe[0]
+
+ pipe_err = b''
if stderr == PIPE:
- out2 += tmp[1]
- decoded1 = out1.decode(decode) if decode else out1.decode()
- decoded2 = out2.decode(decode) if decode else out2.decode()
- decoded1 = decoded1.replace('\r\n', '\n').strip()
- decoded2 = decoded2.replace('\r\n', '\n').strip()
- nl = '\n' if decoded1 and decoded2 else ''
- decoded = decoded1 + nl + decoded2
- if decoded:
- ret_msg = f"returned:\n{decoded}"
- debug.message(ret_msg, flag)
- return decoded, p.returncode
+ pipe_err = pipe[1]
+
+ str_out = pipe_out.decode(decode).replace('\r\n', '\n').strip()
+ str_err = pipe_err.decode(decode).replace('\r\n', '\n').strip()
+
+ out_msg = f"returned (out):\n{str_out}"
+ if str_out:
+ debug.message(out_msg, flag)
+
+ if str_err:
+ err_msg = f"returned (err):\n{str_err}"
+ # this message will also be send to syslog via airbag
+ debug.message(err_msg, flag, destination=sys.stderr)
+
+ # should something go wrong, report this too via airbag
+ airbag.noteworthy(cmd_msg)
+ airbag.noteworthy(out_msg)
+ airbag.noteworthy(err_msg)
+
+ return str_out, p.returncode
def run(command, flag='', shell=None, input=None, timeout=None, env=None,
- stdout=DEVNULL, stderr=None, decode=None):
+ stdout=DEVNULL, stderr=PIPE, decode='utf-8'):
"""
A wrapper around vyos.util.popen, which discard the stdout and
will return the error code of a command
@@ -113,14 +128,15 @@ def run(command, flag='', shell=None, input=None, timeout=None, env=None,
def cmd(command, flag='', shell=None, input=None, timeout=None, env=None,
- stdout=PIPE, stderr=None, decode=None,
- raising=None, message=''):
+ stdout=PIPE, stderr=PIPE, decode='utf-8',
+ raising=None, message='', expect=[0]):
"""
A wrapper around vyos.util.popen, which returns the stdout and
will raise the error code of a command
raising: specify which call should be used when raising (default is OSError)
the class should only require a string as parameter
+ expect: a list of error codes to consider as normal
"""
decoded, code = popen(
command, flag,
@@ -129,7 +145,7 @@ def cmd(command, flag='', shell=None, input=None, timeout=None, env=None,
env=env, shell=shell,
decode=decode,
)
- if code != 0:
+ if code not in expect:
feedback = message + '\n' if message else ''
feedback += f'failed to run command: {command}\n'
feedback += f'returned: {decoded}\n'
@@ -143,7 +159,7 @@ def cmd(command, flag='', shell=None, input=None, timeout=None, env=None,
def call(command, flag='', shell=None, input=None, timeout=None, env=None,
- stdout=PIPE, stderr=None, decode=None):
+ stdout=PIPE, stderr=PIPE, decode='utf-8'):
"""
A wrapper around vyos.util.popen, which print the stdout and
will return the error code of a command
@@ -155,15 +171,41 @@ def call(command, flag='', shell=None, input=None, timeout=None, env=None,
env=env, shell=shell,
decode=decode,
)
- print(out)
+ if out:
+ print(out)
return code
-def read_file(path):
- """ Read a file to string """
- with open(path, 'r') as f:
- data = f.read().strip()
- return data
+def read_file(fname, defaultonfailure=None):
+ """
+ read the content of a file, stripping any end characters (space, newlines)
+ should defaultonfailure be not None, it is returned on failure to read
+ """
+ try:
+ """ Read a file to string """
+ with open(fname, 'r') as f:
+ data = f.read().strip()
+ return data
+ except Exception as e:
+ if defaultonfailure is not None:
+ return defaultonfailure
+ raise e
+
+
+def read_json(fname, defaultonfailure=None):
+ """
+ read and json decode the content of a file
+ should defaultonfailure be not None, it is returned on failure to read
+ """
+ import json
+ try:
+ with open(fname, 'r') as f:
+ data = json.load(f)
+ return data
+ except Exception as e:
+ if defaultonfailure is not None:
+ return defaultonfailure
+ raise e
def chown(path, user, group):
@@ -171,10 +213,24 @@ def chown(path, user, group):
from pwd import getpwnam
from grp import getgrnam
- if os.path.exists(path):
- uid = getpwnam(user).pw_uid
- gid = getgrnam(group).gr_gid
- os.chown(path, uid, gid)
+ if user is None or group is None:
+ return False
+
+ if not os.path.exists(path):
+ return False
+
+ uid = getpwnam(user).pw_uid
+ gid = getgrnam(group).gr_gid
+ os.chown(path, uid, gid)
+ return True
+
+
+def chmod(path, bitmask):
+ if not os.path.exists(path):
+ return
+ if bitmask is None:
+ return
+ os.chmod(path, bitmask)
def chmod_600(path):
@@ -205,6 +261,13 @@ def chmod_755(path):
os.chmod(path, bitmask)
+def makedir(path, user=None, group=None):
+ if os.path.exists(path):
+ return
+ os.mkdir(path)
+ chown(path, user, group)
+
+
def colon_separated_to_dict(data_string, uniquekeys=False):
""" Converts a string containing newline-separated entries
of colon-separated key-value pairs into a dict.
@@ -429,21 +492,9 @@ def mac2eui64(mac, prefix=None):
except: # pylint: disable=bare-except
return
-def is_bridge_member(interface):
- """
- Checks if passed interfaces is part of a bridge device or not.
-
- Returns a tuple:
- False, None -> Not part of a bridge
- True, bridge-name -> If it is assigned to a bridge
- """
- from vyos.config import Config
- c = Config()
- base = ['interfaces', 'bridge']
- for bridge in c.list_nodes(base):
- members = c.list_nodes(base + [bridge, 'member', 'interface'])
- if interface in members:
- return (True, bridge)
-
- return False, None
-
+def get_half_cpus():
+ """ return 1/2 of the numbers of available CPUs """
+ cpu = os.cpu_count()
+ if cpu > 1:
+ cpu /= 2
+ return int(cpu)
diff --git a/python/vyos/validate.py b/python/vyos/validate.py
index 9d413ffab..446f6e4ca 100644
--- a/python/vyos/validate.py
+++ b/python/vyos/validate.py
@@ -86,8 +86,8 @@ def _is_intf_addr_assigned(intf, address, netmask=''):
# check if the requested address type is configured at all
# {
- # 17: [{'addr': '08:00:27:d9:5b:04', 'broadcast': 'ff:ff:ff:ff:ff:ff'}],
- # 2: [{'addr': '10.0.2.15', 'netmask': '255.255.255.0', 'broadcast': '10.0.2.255'}],
+ # 17: [{'addr': '08:00:27:d9:5b:04', 'broadcast': 'ff:ff:ff:ff:ff:ff'}],
+ # 2: [{'addr': '10.0.2.15', 'netmask': '255.255.255.0', 'broadcast': '10.0.2.255'}],
# 10: [{'addr': 'fe80::a00:27ff:fed9:5b04%eth0', 'netmask': 'ffff:ffff:ffff:ffff::'}]
# }
try:
@@ -240,3 +240,27 @@ def assert_mac(m):
if octets[:5] == (0, 0, 94, 0, 1):
raise ValueError(f'{m} is a VRRP MAC address')
+
+def is_bridge_member(conf, interface):
+ """
+ Checks if passed interfaces is part of a bridge device or not.
+
+ Returns a tuple:
+ None -> Interface not a bridge member
+ Bridge -> Interface is a member of this bridge
+ """
+ ret_val = None
+ old_level = conf.get_level()
+
+ # set config level to root
+ conf.set_level([])
+ base = ['interfaces', 'bridge']
+ for bridge in conf.list_nodes(base):
+ members = conf.list_nodes(base + [bridge, 'member', 'interface'])
+ if interface in members:
+ ret_val = bridge
+ break
+
+ old_level = conf.set_level(old_level)
+ return ret_val
+
diff --git a/python/vyos/version.py b/python/vyos/version.py
index d51a940d6..a524b36ea 100644
--- a/python/vyos/version.py
+++ b/python/vyos/version.py
@@ -34,9 +34,17 @@ import json
import vyos.defaults
+from vyos.util import read_file
+from vyos.util import read_json
+from vyos.util import popen
+from vyos.util import run
+from vyos.util import DEVNULL
+
+
version_file = os.path.join(vyos.defaults.directories['data'], 'version.json')
-def get_version_data(file=version_file):
+
+def get_version_data(fname=version_file):
"""
Get complete version data
@@ -52,20 +60,50 @@ def get_version_data(file=version_file):
is an implementation detail and may change in the future, while the interface
of this module will stay the same.
"""
- try:
- with open(file, 'r') as f:
- version_data = json.load(f)
- return version_data
- except FileNotFoundError:
- return {}
+ return read_json(fname, {})
-def get_version(file=None):
+
+def get_version(fname=version_file):
"""
Get the version number, or an empty string if it could not be determined
"""
- version_data = None
- if file:
- version_data = get_version_data(file=file)
- else:
- version_data = get_version_data()
- return version_data.get('version','')
+ return get_version_data(fname=fname).get('version', '')
+
+
+def get_full_version_data(fname=version_file):
+ version_data = get_version_data(fname)
+
+ # Get system architecture (well, kernel architecture rather)
+ version_data['system_arch'], _ = popen('uname -m', stderr=DEVNULL)
+
+ # Get hypervisor name, if any
+ try:
+ hypervisor, _ = popen('hvinfo', stderr=DEVNULL)
+ version_data['system_type'] = f"{hypervisor} guest"
+ except OSError:
+ # hvinfo returns 1 if it cannot detect any hypervisor
+ version_data['system_type'] = 'bare metal'
+
+ # Get boot type, it can be livecd, installed image, or, possible, a system installed
+ # via legacy "install system" mechanism
+ # In installed images, the squashfs image file is named after its image version,
+ # while on livecd it's just "filesystem.squashfs", that's how we tell a livecd boot
+ # from an installed image
+ boot_via = "installed image"
+ if run(""" grep -e '^overlay.*/filesystem.squashfs' /proc/mounts >/dev/null""") == 0:
+ boot_via = "livecd"
+ elif run(""" grep '^overlay /' /proc/mounts >/dev/null """) != 0:
+ boot_via = "legacy non-image installation"
+ version_data['boot_via'] = boot_via
+
+ # Get hardware details from DMI
+ dmi = '/sys/class/dmi/id'
+ version_data['hardware_vendor'] = read_file(dmi + '/sys_vendor', 'Unknown')
+ version_data['hardware_model'] = read_file(dmi +'/product_name','Unknown')
+
+ # These two assume script is run as root, normal users can't access those files
+ subsystem = '/sys/class/dmi/id/subsystem/id'
+ version_data['hardware_serial'] = read_file(subsystem + '/product_serial','Unknown')
+ version_data['hardware_uuid'] = read_file(subsystem + '/product_uuid', 'Unknown')
+
+ return version_data