From b050fe61956f710e61d8e3a8139c971a23e702f9 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Wed, 1 May 2019 22:08:21 +0200 Subject: igmpproxy: remove init script which is already provided by Debian Buster --- src/etc/init.d/igmpproxy | 166 ----------------------------------------------- 1 file changed, 166 deletions(-) delete mode 100755 src/etc/init.d/igmpproxy diff --git a/src/etc/init.d/igmpproxy b/src/etc/init.d/igmpproxy deleted file mode 100755 index 4a2c94a4d..000000000 --- a/src/etc/init.d/igmpproxy +++ /dev/null @@ -1,166 +0,0 @@ -#!/bin/sh -### BEGIN INIT INFO -# Provides: igmpproxy -# Required-Start: $local_fs $network $remote_fs $syslog -# Required-Stop: $local_fs $network $remote_fs $syslog -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: IGMP multicast routing daemon -# Description: IGMPproxy is a simple dynamic Multicast Routing Daemon -# using only IGMP signalling. It's intended for simple -# forwarding of Multicast traffic between networks. -### END INIT INFO - -# Author: Pali Rohár - -# Do NOT "set -e" - -# PATH should only include /usr/* if it runs after the mountnfs.sh script -PATH=/sbin:/usr/sbin:/bin:/usr/bin -DESC="igmpproxy" -NAME=igmpproxy -DAEMON=/sbin/igmpproxy -DAEMON_ARGS="/etc/igmpproxy.conf" -PIDFILE=/var/run/$NAME.pid -SCRIPTNAME=/etc/init.d/$NAME - -# Exit if the package is not installed -[ -x "$DAEMON" ] || exit 0 - -# Read configuration variable file if it is present -[ -r /etc/default/$NAME ] && . /etc/default/$NAME - -# Load the VERBOSE setting and other rcS variables -. /lib/init/vars.sh - -# Define LSB log_* functions. -# Depend on lsb-base (>= 3.2-14) to ensure that this file is present -# and status_of_proc is working. -. /lib/lsb/init-functions - -# -# Function that starts the daemon/service -# -do_start() -{ - # Return - # 0 if daemon has been started - # 1 if daemon was already running - # 2 if daemon could not be started - start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \ - || return 1 - start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -b -m -- \ - $DAEMON_OPTS $DAEMON_ARGS \ - || return 2 - # The above code will not work for interpreted scripts, use the next - # six lines below instead (Ref: #643337, start-stop-daemon(8) ) - #start-stop-daemon --start --quiet --pidfile $PIDFILE --startas $DAEMON \ - # --name $NAME --test > /dev/null \ - # || return 1 - #start-stop-daemon --start --quiet --pidfile $PIDFILE --startas $DAEMON \ - # --name $NAME -- $DAEMON_ARGS \ - # || return 2 - - # Add code here, if necessary, that waits for the process to be ready - # to handle requests from services started subsequently which depend - # on this one. As a last resort, sleep for some time. -} - -# -# Function that stops the daemon/service -# -do_stop() -{ - # Return - # 0 if daemon has been stopped - # 1 if daemon was already stopped - # 2 if daemon could not be stopped - # other if a failure occurred - start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME - RETVAL="$?" - [ "$RETVAL" = 2 ] && return 2 - # Wait for children to finish too if this is a daemon that forks - # and if the daemon is only ever run from this initscript. - # If the above conditions are not satisfied then add some other code - # that waits for the process to drop all resources that could be - # needed by services started subsequently. A last resort is to - # sleep for some time. - start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON - [ "$?" = 2 ] && return 2 - # Many daemons don't delete their pidfiles when they exit. - rm -f $PIDFILE - return "$RETVAL" -} - -# -# Function that sends a SIGHUP to the daemon/service -# -do_reload() { - # - # If the daemon can reload its configuration without - # restarting (for example, when it is sent a SIGHUP), - # then implement that here. - # - start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE --name $NAME - return 0 -} - -case "$1" in - start) - [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC " "$NAME" - do_start - case "$?" in - 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; - 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; - esac - ;; - stop) - [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME" - do_stop - case "$?" in - 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; - 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; - esac - ;; - status) - status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $? - ;; - #reload|force-reload) - # - # If do_reload() is not implemented then leave this commented out - # and leave 'force-reload' as an alias for 'restart'. - # - #log_daemon_msg "Reloading $DESC" "$NAME" - #do_reload - #log_end_msg $? - #;; - restart|force-reload) - # - # If the "reload" option is implemented then remove the - # 'force-reload' alias - # - log_daemon_msg "Restarting $DESC" "$NAME" - do_stop - case "$?" in - 0|1) - do_start - case "$?" in - 0) log_end_msg 0 ;; - 1) log_end_msg 1 ;; # Old process is still running - *) log_end_msg 1 ;; # Failed to start - esac - ;; - *) - # Failed to stop - log_end_msg 1 - ;; - esac - ;; - *) - #echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2 - echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2 - exit 3 - ;; -esac - -: -- cgit v1.2.3 From 4e781d4dec184308ac844a4c2ff7dcfc7832cc77 Mon Sep 17 00:00:00 2001 From: UnicronNL Date: Wed, 14 Aug 2019 16:03:30 +0200 Subject: update Jenkins file for equuleus --- Jenkinsfile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index aac051799..835a683a8 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -8,7 +8,7 @@ pipeline { docker { label 'jessie-amd64' args '--privileged --sysctl net.ipv6.conf.lo.disable_ipv6=0 -e GOSU_UID=1006 -e GOSU_GID=1006 -v /tmp:/tmp' - image 'higebu/vyos-build:current' + image 'higebu/vyos-build:equuleus' } } @@ -31,7 +31,7 @@ mv ../*.deb /tmp/$GIT_BRANCH/packages/''' agent { docker { label 'jessie-amd64' - image 'vyos-build-armhf:current' + image 'vyos-build-armhf:equuleus' args '--privileged --sysctl net.ipv6.conf.lo.disable_ipv6=0 -e GOSU_UID=1006 -e GOSU_GID=1006 -v /tmp:/tmp' } @@ -56,7 +56,7 @@ mv ../*.deb /tmp/$GIT_BRANCH/packages/''' docker { label 'jessie-amd64' args '--privileged --sysctl net.ipv6.conf.lo.disable_ipv6=0 -e GOSU_UID=1006 -e GOSU_GID=1006 -v /tmp:/tmp' - image 'vyos-build-arm64:current' + image 'vyos-build-arm64:equuleus' } } -- cgit v1.2.3 From f892e6846dc62ba992f8d233f0d8eb5a089249c3 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Mon, 19 Aug 2019 22:49:11 +0200 Subject: openvpn: T1548: remove authy 2fa provider According to https://github.com/twilio/authy-openvpn commit 3e5dc73: > This plugin is no longer actively maintained. If you're interested in becoming a maintainer, we welcome forks of this project. In addition this plugin was always missing in the current branch ov VyOS and did not make it into VyOS 1.2 (crux) If 2FA for OpenVPN is required we should probably opt for Google Authenticator or if possible a U2F device. (cherry picked from commit 5d858f0e6ad05b032c88c88a08c15d0876c44e8b) --- interface-definitions/interfaces-openvpn.xml | 48 ---------------------------- src/conf_mode/interface-openvpn.py | 31 ------------------ 2 files changed, 79 deletions(-) diff --git a/interface-definitions/interfaces-openvpn.xml b/interface-definitions/interfaces-openvpn.xml index d4e903c48..bb5c5a965 100644 --- a/interface-definitions/interfaces-openvpn.xml +++ b/interface-definitions/interfaces-openvpn.xml @@ -361,54 +361,6 @@ Server-mode options - - - Two Factor Authentication providers - - - - - Authy Two Factor Authentication providers - - - - - Authy api key - - - - - Authy users (must be email address) - - [A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$ - - Invalid email address - - - - - Country calling codes - - [0-9]+$ - - Invalid Country Calling Code - - - - - Mobile phone number - - [0-9]+$ - - Invalid Phone Number - - - - - - - - Client-specific settings diff --git a/src/conf_mode/interface-openvpn.py b/src/conf_mode/interface-openvpn.py index e4bde7bb0..a8313378b 100755 --- a/src/conf_mode/interface-openvpn.py +++ b/src/conf_mode/interface-openvpn.py @@ -219,10 +219,6 @@ client-config-dir /opt/vyatta/etc/openvpn/ccd/{{ intf }} {% for option in options -%} {{ option }} {% endfor -%} - -{%- if server_2fa_authy_key %} -plugin /usr/lib/authy/authy-openvpn.so https://api.authy.com/protected/json {{ server_2fa_authy_key }} nopam -{% endif %} """ client_tmpl = """ @@ -269,8 +265,6 @@ default_config_data = { 'remote_address': '', 'remote_host': [], 'remote_port': '', - 'server_2fa_authy_key': '', - 'server_2fa_authy': [], 'client': [], 'server_domain': '', 'server_max_conn': '', @@ -453,31 +447,6 @@ def get_config(): if conf.exists('replace-default-route local'): openvpn['redirect_gateway'] = 'local def1' - # Two Factor Authentication providers - # currently limited to authy - if conf.exists('2-factor-authentication authy api-key'): - openvpn['server_2fa_authy_key'] = conf.return_value('2-factor-authentication authy api-key') - - # Authy users (must be email address) - for user in conf.list_nodes('server 2-factor-authentication authy user'): - # set configuration level - conf.set_level('interfaces openvpn ' + openvpn['intf'] + ' 2-factor-authentication authy user ' + user) - data = { - 'user': user, - 'country_code': '', - 'mobile_number': '' - } - - # Country calling codes - if conf.exists('country-calling-code'): - data['country_code'] = conf.return_value('country-calling-code') - - # Mobile phone number - if conf.exists('phone-number'): - data['mobile_number'] = conf.return_value('phone-number') - - openvpn['server_2fa_authy'].append(data) - # Topology for clients if conf.exists('server topology'): openvpn['server_topology'] = conf.return_value('server topology') -- cgit v1.2.3 From 501908ae54a1aaae1337673617ebfcc281b02662 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Tue, 27 Aug 2019 22:18:41 +0200 Subject: openvpn: T1617: bugfix for server push-route (cherry picked from commit e4f1bbb270f0afea295646764516675bbcfe0be5) --- src/conf_mode/interface-openvpn.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/conf_mode/interface-openvpn.py b/src/conf_mode/interface-openvpn.py index a8313378b..4e5915d4e 100755 --- a/src/conf_mode/interface-openvpn.py +++ b/src/conf_mode/interface-openvpn.py @@ -522,9 +522,9 @@ def get_config(): # Route to be pushed to all clients if conf.exists('server push-route'): - network = conf.return_value('server push-route') - tmp = IPv4Interface(network).with_netmask - openvpn['server_push_route'] = tmp.replace(r'/', ' ') + for network in conf.return_values('server push-route'): + tmp = IPv4Interface(network).with_netmask + openvpn['server_push_route'].append(tmp.replace(r'/', ' ')) # Reject connections from clients that are not explicitly configured if conf.exists('server reject-unconfigured-clients'): -- cgit v1.2.3 From c8d11ef3f77d90dcb880d9c3a11e0ccee7494b30 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 22 Sep 2019 19:15:34 +0200 Subject: Jenkins: fix httpURI in isCustomBuild() (cherry picked from commit 2de90d7176ef5b5e41d05541d47d94f0a79caee1) --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index e254a2dca..61700662a 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -30,7 +30,7 @@ def getGitRepoURL() { def isCustomBuild() { // GitHub organisation base URL def gitURI = 'git@github.com:vyos/' + env.JOB_NAME - def httpURI = 'https://github.com/vyos' + env.JOB_NAME + def httpURI = 'https://github.com/vyos/' + env.JOB_NAME return ! ((getGitRepoURL() == gitURI) || (getGitRepoURL() == httpURI)) } -- cgit v1.2.3 From ce8cc3514acdc1f2c06bcd3ef7f3ef32561df9c8 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sat, 28 Sep 2019 12:58:00 +0200 Subject: Jenkins: assume dependencies are available in Docker container --- Jenkinsfile | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index a77701b4c..b11267ec2 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -96,12 +96,7 @@ pipeline { steps { script { dir('build') { - sh """ - #!/bin/bash - sudo apt-get -o Acquire::Check-Valid-Until=false update - sudo mk-build-deps -i -r -t \'apt-get --no-install-recommends -yq\' debian/control - dpkg-buildpackage -b -us -uc -tc - """ + sh "dpkg-buildpackage -b -us -uc -tc" } } } -- cgit v1.2.3 From c4dbaa158c9b5c6e3c4ff3fe2f9f17d095732547 Mon Sep 17 00:00:00 2001 From: hagbard Date: Wed, 9 Oct 2019 08:14:40 -0700 Subject: ssh - T1719: ssh deprecated options removed * Deprecated option since openssh 7.5 UsePrivilegeSeparation, KeyRegenerationInterval, ServerKeyBits, RSAAuthentication, RhostsRSAAuthentication --- src/conf_mode/ssh.py | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/src/conf_mode/ssh.py b/src/conf_mode/ssh.py index 2a5cba99a..e761d75ff 100755 --- a/src/conf_mode/ssh.py +++ b/src/conf_mode/ssh.py @@ -37,16 +37,11 @@ HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_dsa_key HostKey /etc/ssh/ssh_host_ecdsa_key HostKey /etc/ssh/ssh_host_ed25519_key -UsePrivilegeSeparation yes -KeyRegenerationInterval 3600 -ServerKeyBits 1024 SyslogFacility AUTH LoginGraceTime 120 StrictModes yes -RSAAuthentication yes PubkeyAuthentication yes IgnoreRhosts yes -RhostsRSAAuthentication no HostbasedAuthentication no PermitEmptyPasswords no ChallengeResponseAuthentication no @@ -58,7 +53,7 @@ TCPKeepAlive yes Banner /etc/issue.net Subsystem sftp /usr/lib/openssh/sftp-server UsePAM yes -HostKey /etc/ssh/ssh_host_key +HostKey /etc/ssh/ssh_host_rsa_key # Specifies whether sshd should look up the remote host name, # and to check that the resolved host name for the remote IP -- cgit v1.2.3 From 92884280ac5693f050f80db8ad698cc2f64193c5 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Fri, 11 Oct 2019 19:22:45 +0200 Subject: Jenkins: Docker: always pull container from Dockerhub (cherry picked from commit ef7c5aaecd2936d9c2f28d22aec185602dc48206) --- Jenkinsfile | 1 + 1 file changed, 1 insertion(+) diff --git a/Jenkinsfile b/Jenkinsfile index 7529d949e..a169b8f2c 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -74,6 +74,7 @@ pipeline { docker { args '--sysctl net.ipv6.conf.lo.disable_ipv6=0 -e GOSU_UID=1006 -e GOSU_GID=1006' image 'vyos/vyos-build:equuleus' + alwaysPull true } } options { -- cgit v1.2.3 From 69a14678de1c4f9b35414cbb00f33330478e4c58 Mon Sep 17 00:00:00 2001 From: John Estabrook Date: Fri, 25 Oct 2019 20:47:25 -0500 Subject: [vyos.config] T1758: adjust regex for change in Python 3.7 Python 3.7 considers r'\s*' an empty pattern match, instead of the previous behaviour of matching whitespace characters. --- python/vyos/config.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/python/vyos/config.py b/python/vyos/config.py index 3a340b2da..7f65a9397 100644 --- a/python/vyos/config.py +++ b/python/vyos/config.py @@ -127,7 +127,7 @@ class Config(object): # It may cause problems with exists() when it's used for checking values, # since values may contain whitespace. if isinstance(path, str): - path = re.split(r'\s*', path) + path = re.split(r'\s+', path) elif isinstance(path, list): pass else: @@ -161,7 +161,7 @@ class Config(object): # and path supplied as method argument # XXX: for small strings in-place concatenation is not a problem if isinstance(path, str): - self._level = re.split(r'\s*', path) + self._level = re.split(r'\s+', path) elif isinstance(path, list): self._level = path else: @@ -192,7 +192,7 @@ class Config(object): else: # libvyosconfig exists() works only for _nodes_, not _values_ # libvyattacfg one also worked for values, so we emulate that case here - path = re.split(r'\s*', path) + path = re.split(r'\s+', path) path_without_value = path[:-1] path_str = " ".join(path_without_value) try: -- cgit v1.2.3 From 699beffdfc69ab45c6d0e958a4dbf35f744f2a87 Mon Sep 17 00:00:00 2001 From: John Estabrook Date: Fri, 6 Dec 2019 15:05:46 -0600 Subject: equuleus: T1862: Use regex pattern \s+ to split strings on whitespace --- python/vyos/config.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/python/vyos/config.py b/python/vyos/config.py index c7bd96e2f..892dcbff7 100644 --- a/python/vyos/config.py +++ b/python/vyos/config.py @@ -161,7 +161,7 @@ class Config(object): # XXX: for small strings in-place concatenation is not a problem if isinstance(path, str): if path: - self._level = re.split(r'\s*', path) + self._level = re.split(r'\s+', path) else: self._level = [] elif isinstance(path, list): -- cgit v1.2.3 From 9dc0d74098f98d2917a85959acd4915fe7a4ffe1 Mon Sep 17 00:00:00 2001 From: John Estabrook Date: Tue, 10 Dec 2019 11:05:37 -0600 Subject: vyos.config: T1862: restore regex after merge --- python/vyos/config.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/python/vyos/config.py b/python/vyos/config.py index 1a0da3e54..8bf5a1727 100644 --- a/python/vyos/config.py +++ b/python/vyos/config.py @@ -195,7 +195,7 @@ class Config(object): # libvyosconfig exists() works only for _nodes_, not _values_ # libvyattacfg one also worked for values, so we emulate that case here if isinstance(path, str): - path = re.split(r'\s*', path) + path = re.split(r'\s+', path) path_without_value = path[:-1] path_str = " ".join(path_without_value) try: -- cgit v1.2.3 From 67221f47d290655b3d587606287489537a132e5c Mon Sep 17 00:00:00 2001 From: Jernej Jakob Date: Fri, 13 Dec 2019 08:35:25 +0100 Subject: T1873: DHCP: ship our own server init scripts --- src/conf_mode/dhcp_server.py | 13 ++--- src/conf_mode/dhcpv6_server.py | 9 ++-- src/etc/init.d/isc-dhcpv4-server | 113 +++++++++++++++++++++++++++++++++++++++ src/etc/init.d/isc-dhcpv6-server | 14 ++--- 4 files changed, 132 insertions(+), 17 deletions(-) create mode 100755 src/etc/init.d/isc-dhcpv4-server diff --git a/src/conf_mode/dhcp_server.py b/src/conf_mode/dhcp_server.py index c2a188812..bf86e484b 100755 --- a/src/conf_mode/dhcp_server.py +++ b/src/conf_mode/dhcp_server.py @@ -28,7 +28,8 @@ from vyos import ConfigError config_file = r'/etc/dhcp/dhcpd.conf' lease_file = r'/config/dhcpd.leases' -daemon_config_file = r'/etc/default/isc-dhcp-server' +pid_file = r'/var/run/dhcpd.pid' +daemon_config_file = r'/etc/default/isc-dhcpv4-server' # Please be careful if you edit the template. config_tmpl = """ @@ -231,10 +232,10 @@ shared-network {{ network.name }} { daemon_tmpl = """ ### Autogenerated by dhcp_server.py ### -# sourced by /etc/init.d/isc-dhcp-server +# sourced by /etc/init.d/isc-dhcpv4-server -DHCPD_CONF=/etc/dhcp/dhcpd.conf -DHCPD_PID=/var/run/dhcpd.pid +DHCPD_CONF={{ config_file }} +DHCPD_PID={{ pid_file }} OPTIONS="-4 -lf {{ lease_file }}" INTERFACES="" """ @@ -827,7 +828,7 @@ def generate(dhcp): def apply(dhcp): if (dhcp is None) or dhcp['disabled']: # DHCP server is removed in the commit - os.system('sudo systemctl stop isc-dhcp-server.service') + os.system('sudo systemctl stop isc-dhcpv4-server.service') if os.path.exists(config_file): os.unlink(config_file) if os.path.exists(daemon_config_file): @@ -837,7 +838,7 @@ def apply(dhcp): if not os.path.exists(lease_file): os.mknod(lease_file) - os.system('sudo systemctl restart isc-dhcp-server.service') + os.system('sudo systemctl restart isc-dhcpv4-server.service') return None diff --git a/src/conf_mode/dhcpv6_server.py b/src/conf_mode/dhcpv6_server.py index 039321430..44a927789 100755 --- a/src/conf_mode/dhcpv6_server.py +++ b/src/conf_mode/dhcpv6_server.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 # -# Copyright (C) 2018 VyOS maintainers and contributors +# Copyright (C) 2018-2019 VyOS maintainers and contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 or later as @@ -29,6 +29,7 @@ from vyos import ConfigError config_file = r'/etc/dhcp/dhcpdv6.conf' lease_file = r'/config/dhcpdv6.leases' +pid_file = r'/var/run/dhcpdv6.pid' daemon_config_file = r'/etc/default/isc-dhcpv6-server' # Please be careful if you edit the template. @@ -115,12 +116,12 @@ shared-network {{ network.name }} { """ daemon_tmpl = """ -### Autogenerated by dhcp_server.py ### +### Autogenerated by dhcpv6_server.py ### # sourced by /etc/init.d/isc-dhcpv6-server -DHCPD_CONF=/etc/dhcp/dhcpdv6.conf -DHCPD_PID=/var/run/dhcpdv6.pid +DHCPD_CONF={{ config_file }} +DHCPD_PID={{ pid_file }} OPTIONS="-6 -lf {{ lease_file }}" INTERFACES="" """ diff --git a/src/etc/init.d/isc-dhcpv4-server b/src/etc/init.d/isc-dhcpv4-server new file mode 100755 index 000000000..377634a13 --- /dev/null +++ b/src/etc/init.d/isc-dhcpv4-server @@ -0,0 +1,113 @@ +#!/bin/sh +# +# + +### BEGIN INIT INFO +# Provides: isc-dhcpv4-server +# Required-Start: $remote_fs $network $syslog +# Required-Stop: $remote_fs $network $syslog +# Should-Start: $local_fs slapd $named +# Should-Stop: $local_fs slapd +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: IPv4 DHCP server +# Description: Dynamic Host Configuration Protocol Server for IPv4 +### END INIT INFO + +PATH=/sbin:/bin:/usr/sbin:/usr/bin + +test -f /usr/sbin/dhcpd || exit 0 + +DHCPD_DEFAULT="${DHCPD_DEFAULT:-/etc/default/isc-dhcpv4-server}" + +# It is not safe to start if we don't have a default configuration... +if [ ! -f "$DHCPD_DEFAULT" ]; then + echo "$DHCPD_DEFAULT does not exist! - Aborting..." + exit 0 +fi + +. /lib/lsb/init-functions + +# Read init script configuration +[ -f "$DHCPD_DEFAULT" ] && . "$DHCPD_DEFAULT" + +NAME=dhcpd +DESC="ISC DHCP server" +# fallback to default config file +DHCPD_CONF=${DHCPD_CONF:-/etc/dhcp/dhcpd.conf} +# try to read pid file name from config file, with fallback to /var/run/dhcpd.pid +if [ -z "$DHCPD_PID" ]; then + DHCPD_PID=$(sed -n -e 's/^[ \t]*pid-file-name[ \t]*"(.*)"[ \t]*;.*$/\1/p' < "$DHCPD_CONF" 2>/dev/null | head -n 1) +fi +DHCPD_PID="${DHCPD_PID:-/var/run/dhcpd.pid}" + +test_config() +{ + if ! /usr/sbin/dhcpd -t $OPTIONS -q -cf "$DHCPD_CONF" > /dev/null 2>&1; then + echo "dhcpd self-test failed. Please fix $DHCPD_CONF." + echo "The error was: " + /usr/sbin/dhcpd -t $OPTIONS -cf "$DHCPD_CONF" + exit 1 + fi + touch /var/lib/dhcp/dhcpd.leases +} + +# single arg is -v for messages, -q for none +check_status() +{ + if [ ! -r "$DHCPD_PID" ]; then + test "$1" != -v || echo "$NAME is not running." + return 3 + fi + if read pid < "$DHCPD_PID" && ps -p "$pid" > /dev/null 2>&1; then + test "$1" != -v || echo "$NAME is running." + return 0 + else + test "$1" != -v || echo "$NAME is not running but $DHCPD_PID exists." + return 1 + fi +} + +case "$1" in + start) + test_config + log_daemon_msg "Starting $DESC" "$NAME" + start-stop-daemon --start --quiet --pidfile "$DHCPD_PID" \ + --exec /usr/sbin/dhcpd -- \ + -q $OPTIONS -cf "$DHCPD_CONF" -pf "$DHCPD_PID" $INTERFACES + sleep 2 + + if check_status -q; then + log_end_msg 0 + else + log_failure_msg "check syslog for diagnostics." + log_end_msg 1 + exit 1 + fi + ;; + stop) + log_daemon_msg "Stopping $DESC" "$NAME" + start-stop-daemon --stop --quiet --pidfile "$DHCPD_PID" + log_end_msg $? + rm -f "$DHCPD_PID" + ;; + restart | force-reload) + test_config + $0 stop + sleep 2 + $0 start + if [ "$?" != "0" ]; then + exit 1 + fi + ;; + status) + echo -n "Status of $DESC: " + check_status -v + exit "$?" + ;; + *) + echo "Usage: $0 {start|stop|restart|force-reload|status}" + exit 1 +esac + +exit 0 diff --git a/src/etc/init.d/isc-dhcpv6-server b/src/etc/init.d/isc-dhcpv6-server index 441827d5f..55f59b68e 100755 --- a/src/etc/init.d/isc-dhcpv6-server +++ b/src/etc/init.d/isc-dhcpv6-server @@ -31,15 +31,15 @@ fi # Read init script configuration [ -f "$DHCPD_DEFAULT" ] && . "$DHCPD_DEFAULT" -NAME=dhcpd -DESC="ISC DHCP server" +NAME=dhcpdv6 +DESC="ISC DHCP server IPv6" # fallback to default config file -DHCPD_CONF=${DHCPD_CONF:-/etc/dhcp/dhcpd.conf} -# try to read pid file name from config file, with fallback to /var/run/dhcpd.pid +DHCPD_CONF=${DHCPD_CONF:-/etc/dhcp/dhcpdv6.conf} +# try to read pid file name from config file, with fallback to /var/run/dhcpdv6.pid if [ -z "$DHCPD_PID" ]; then DHCPD_PID=$(sed -n -e 's/^[ \t]*pid-file-name[ \t]*"(.*)"[ \t]*;.*$/\1/p' < "$DHCPD_CONF" 2>/dev/null | head -n 1) fi -DHCPD_PID="${DHCPD_PID:-/var/run/dhcpd.pid}" +DHCPD_PID="${DHCPD_PID:-/var/run/dhcpdv6.pid}" test_config() { @@ -49,7 +49,7 @@ test_config() /usr/sbin/dhcpd -t $OPTIONS -cf "$DHCPD_CONF" exit 1 fi - touch /var/lib/dhcp/dhcpd.leases + touch /var/lib/dhcp/dhcpdv6.leases } # single arg is -v for messages, -q for none @@ -107,7 +107,7 @@ case "$1" in ;; *) echo "Usage: $0 {start|stop|restart|force-reload|status}" - exit 1 + exit 1 esac exit 0 -- cgit v1.2.3 From cd1070322edaf7a52c7da4d5e12ece90ac6a4189 Mon Sep 17 00:00:00 2001 From: Jernej Jakob Date: Fri, 13 Dec 2019 08:38:45 +0100 Subject: T1873: DHCP: fix service name in op-mode "show dhcp" --- src/op_mode/show_dhcp.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/op_mode/show_dhcp.py b/src/op_mode/show_dhcp.py index c2a05f516..90dc63122 100755 --- a/src/op_mode/show_dhcp.py +++ b/src/op_mode/show_dhcp.py @@ -190,7 +190,7 @@ if __name__ == '__main__': sys.exit(0) # if dhcp server is down, inactive leases may still be shown as active, so warn the user. - if os.system('systemctl -q is-active isc-dhcp-server.service') != 0: + if os.system('systemctl -q is-active isc-dhcpv4-server.service') != 0: print("WARNING: DHCP server is configured but not started. Data may be stale.") if args.leases: -- cgit v1.2.3 From 8a28567736dfaffd4b827f1b8b769814474d73ba Mon Sep 17 00:00:00 2001 From: Jernej Jakob Date: Fri, 13 Dec 2019 08:41:00 +0100 Subject: T1873: DHCP: add current year to copyright notice --- src/op_mode/show_dhcp.py | 2 +- src/op_mode/show_dhcpv6.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/op_mode/show_dhcp.py b/src/op_mode/show_dhcp.py index 90dc63122..f801ba753 100755 --- a/src/op_mode/show_dhcp.py +++ b/src/op_mode/show_dhcp.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 # -# Copyright (C) 2018 VyOS maintainers and contributors +# Copyright (C) 2018-2019 VyOS maintainers and contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 or later as diff --git a/src/op_mode/show_dhcpv6.py b/src/op_mode/show_dhcpv6.py index 1a6ee62e6..ae63af39b 100755 --- a/src/op_mode/show_dhcpv6.py +++ b/src/op_mode/show_dhcpv6.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 # -# Copyright (C) 2018 VyOS maintainers and contributors +# Copyright (C) 2018-2019 VyOS maintainers and contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 or later as -- cgit v1.2.3