summaryrefslogtreecommitdiff
path: root/debian
AgeCommit message (Collapse)Author
2022-10-16login: 2fa: T874: fix PAM string generation on multiple package installationsChristian Poessinger
Commit da535ef5 ("login: 2fa: T874: fix Google authenticator issues") used different strings for grep and sed resulting in the same line beeing added on every installation of the package. This is only disturbing during development not during ISO build.
2022-10-14login: 2fa: T874: fix Google authenticator issuesChristian Poessinger
Move default values of TOTP configuration from a global to a per user setting. This makes the entire code easier as no global configuration must be blended into the per user config dict. Also it should be possible to set the authentication window "multiple concurrent keys" individual per user. set system login user vyos authentication otp key 'gzkmajid7na2oltajs4kbuq7lq' set system login user vyos authentication plaintext-password 'vyos'
2022-10-12system login: T874: add 2FA support for local and ssh authentication. BugfixgoodNETnick
2022-10-12Merge pull request #1555 from goodNETnick/ssh_otpChristian Poessinger
system login: T874: add 2FA support for local and ssh authentication
2022-10-11system login: T874: add 2FA support for local and ssh authenticationgoodNETnick
2022-10-10build: T3664: Add missing divert for /usr/share/pam-configs/radiussarthurdev
2022-09-15system login: T874: add libpam-google-authenticator package to provide 2FA ↵goodNETnick
support
2022-08-16Debian: T4584: remove version number from hostap package requirementChristian Poessinger
2022-07-22ssh: T3212: cleanup deprecated /etc/default/ssh fileChristian Poessinger
2022-07-22dns-forwarding: T2185: cleanup deprecated /etc/powerdns files - now living ↵Christian Poessinger
in /run/powerdns
2022-07-22ntp: T2185: cleanup deprecated /etc/ntp.conf - now living in /run/ntpdChristian Poessinger
2022-07-22fastnetmon: T2659: also clean /etc/networks_whitelistChristian Poessinger
2022-07-21fastnetmon: T2659: move configuration files to /runChristian Poessinger
2022-07-17login: T4536: add all accounts to frr groupChristian Poessinger
2022-07-07syslog: T4500: Remove max-size from rsyslog leaving rotation to logrotatesarthurdev
After discussion with @zsdc this was decided the better long term fix * Removes hourly logrotate cron in favour of systemd timer override
2022-07-01smoketest: T4485: Move smoketest PKI generation to vyos-1xsarthurdev
Allows easy creation of test PKI objects using `vyos.pki` module Generates objects for PKI migration tests
2022-06-02sla: T4222: Add OWAMP and TWAMP for service slaViacheslav Hletenko
OWAMP is a command line client application and a policy daemon used to determine one way latencies between hosts. OWAMP session control uses traditional client-server communication between a control-client and a server, TWAMP (two-way active measurement protocol) Add configuration and operation modes set service sla owamp-server set service sla twamp-server run force owping 192.0.2.120 run force twping 192.0.2.190
2022-05-26http-api: T3412: remove unneeded packagesJohn Estabrook
2022-05-13Debian: T4408: add missing sshguard dependencyChristian Poessinger
2022-04-02wwan: T4324: cronjob is setup via interfaces-wwan.py - drop dedicated cron fileChristian Poessinger
2022-03-07logrotate: T4250: Fixed logrotate config generationzsdc
* Removed `/var/log/auth.log` and `/var/log/messages` from `/etc/logrotate.d/rsyslog`, because they conflict with VyOS-controlled items what leads to service error. * Removed generation config file for `/var/log/messages` from `system-syslog.py` - this should be done from `syslom logs` now. * Generate each logfile from `system syslog file` to a dedicated logrotate config file. * Fixed logrotate config file names in `/etc/rsyslog.d/vyos-rsyslog.conf`. * Added default logrotate settins for `/var/log/messages`
2022-03-05flow-accounting: T4277: delete Debian common configsChristian Poessinger
2022-03-05conntrackd: T4259: fix daemon configuration pathChristian Poessinger
2022-03-05conntrackd: T4259: prevent startup of multiple daemon instancesChristian Poessinger
2022-01-30Merge pull request #789 from jack9603301/T3420Daniil Baturin
upnpd: T3420: Support UPNP protocol
2022-01-07Debian: T4133: add required nfct package dependencyChristian Poessinger
2022-01-03Merge pull request #1018 from sever-sever/T3872Christian Poessinger
monitoring: T3872: Add a new feature service monitoring
2022-01-03monitoring: T3872: Add a new feature service monitoring telegrafViacheslav
2021-12-30smoketest: snmp: T4124: locally connect to SNMP service and retrieve dataChristian Poessinger
2021-11-18wwan: T3795: periodically check if WWAN connection needs a reconnectChristian Poessinger
(cherry picked from commit eb6247e4b464c36fa7441627b221d0db39429251)
2021-11-13upnpd: T3420: Add miniupnpd-nftables packagejack9603301
2021-11-09atop: T3774: Atop log file rotation fixzsdc
The systemd unit for atop service is changed, so the log file name and location will be always the same. It also adds the logrotate configuration to conditionally rotate a log file. Hardcoded values: - maximum log file size: 10 MB - maximum count of files: 10 These values can be easily changed within the `/etc/logrotate.d/vyos-atop`, no additional configuration is required. Rotation will be done hourly, if necessary, according to `/etc/cron.hourly/vyos-logrotate-hourly`. This change has two benefits: - rotation strategy control can be done via logrotate, and can be exposed to CLI now; - the total size of all logs is now controlled more aggressively, so the chance to get a situation when atop logs took all the space on a drive is significantly lower. Also, if this will be necessary, rotation may be done even each minute what reduces risks related to logs size even more.
2021-10-31openvpn: T3834: Support for Two Factor Authentication totpKim
2021-10-19mdns: T3917: Change to avahi-daemon for IPv4 + IPv6 mDNS repeatersarthurdev
2021-10-10lcd: T2564: add support for hd44780 displaysChristian Poessinger
2021-10-07add openvpn-otp dependencyKim Hagen
2021-09-27interface-names: T3869: install vyos_net_name to udev directoryJohn Estabrook
2021-08-21pppoe: T3090: migrate to vyos.ifconfig library to use the full potentialChristian Poessinger
Now that MSS clamping is done on the "per-interface" level the entire PPPoE stuff would have needed to get a full copy in GNU BASH for this or, participate in the common library. Add a new PPP ip-up script named 99-vyos-pppoe-callback which will call the vyos.ifconfig.PPPoEIf.update() function to configure everything as done with all other interfaces. This removes duplicated code for VRF assignment and route installation when a PPPoE interface is brought up or down.
2021-08-21Debian: disable time consuming dh_strip_nondeterminismChristian Poessinger
Skip dh_strip_nondeterminism - this is very time consuming and we have no non deterministic output (yet).
2021-08-18Debian: containers: T2216: add missing dependency on uidmapChristian Poessinger
Fixes the following error: vyos@vyos:~$ podman logs 2511d118563f WARN[0000] The cgroupv2 manager is set to systemd but there is no systemd user session available WARN[0000] For using systemd, you may need to login using an user session WARN[0000] Alternatively, you can enable lingering with: `loginctl enable-linger 1002` (possibly as root) WARN[0000] Falling back to --cgroup-manager=cgroupfs Error: cannot find newuidmap: exec: "newuidmap": executable file not found in $PATH
2021-08-12login: T3746: inform users about pending rebootsChristian Poessinger
2021-08-08Debian: T3641: drop dead symlink file in /etc/init.dChristian Poessinger
2021-08-08Debian: add missing runtime dependency on ndisc6Christian Poessinger
2021-08-04T3721: arm64: fastnetmon 1.2 is amd64 only until a propper arm64 build can ↵Runar Borge
be created
2021-07-18Revert "T3641: fastnetmon package is not available for Debian Bullseye"Christian Poessinger
This reverts commit 70f7f06e778efa4bd3c2ad127d66c080e1db80c5.
2021-07-07pki: T3642: Migrate rsa-keys to PKI configurationsarthurdev
2021-07-05T3663: python3-inotify should be a runtime dependencyJohn Estabrook
2021-07-04T3663: prerequisites for inotify-based watching implementations.Daniil Baturin
2021-07-03Merge pull request #907 from sarthurdev/ipsec_cleanupChristian Poessinger
ipsec: T2816: Remove legacy vyatta code that references Openswan
2021-07-03ipsec: T2816: Remove legacy vyatta code that references Openswansarthurdev