From 2cee4be6641cea69fdf4319d4d106723242ba1ba Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Tue, 25 Feb 2020 09:58:12 +0100 Subject: pppoe: T1318: validate existing source-interface It is not only sufficient to check if there is a source-interface configured, but rather it must also be checked if the source-interface exists at all in the system. If the interface does not exist pppd will complain with: pppd[2778]: /usr/sbin/pppd: In file /etc/ppp/peers/pppoe1: unrecognized option 'eth0.202' --- src/conf_mode/interfaces-pppoe.py | 3 +++ 1 file changed, 3 insertions(+) (limited to 'src/conf_mode/interfaces-pppoe.py') diff --git a/src/conf_mode/interfaces-pppoe.py b/src/conf_mode/interfaces-pppoe.py index cb09b6f29..2bfabd9d5 100755 --- a/src/conf_mode/interfaces-pppoe.py +++ b/src/conf_mode/interfaces-pppoe.py @@ -209,6 +209,9 @@ def verify(pppoe): if not pppoe['source_interface']: raise ConfigError('PPPoE source interface is missing') + if pppoe['source_interface'] not in interfaces(): + raise ConfigError('PPPoE source interface does not exist') + return None def generate(pppoe): -- cgit v1.2.3 From 920cfc3b15c78d596a929bb4b8835c7bbd7d1a50 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Tue, 25 Feb 2020 11:10:47 +0100 Subject: pppoe: T2055: make logfile owned by root/vyattacfg --- src/conf_mode/interfaces-pppoe.py | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) (limited to 'src/conf_mode/interfaces-pppoe.py') diff --git a/src/conf_mode/interfaces-pppoe.py b/src/conf_mode/interfaces-pppoe.py index 2bfabd9d5..52f0dde53 100755 --- a/src/conf_mode/interfaces-pppoe.py +++ b/src/conf_mode/interfaces-pppoe.py @@ -21,6 +21,8 @@ from copy import deepcopy from jinja2 import Template from subprocess import Popen, PIPE from time import sleep +from pwd import getpwnam +from grp import getgrnam from vyos.config import Config from vyos.ifconfig import Interface @@ -71,7 +73,7 @@ persist ifname {{ intf }} ipparam {{ intf }} debug -logfile /var/log/vyatta/ppp_{{ intf }}.log +logfile {{ logfile }} {% if 'auto' in default_route -%} defaultroute {% elif 'force' in default_route -%} @@ -91,6 +93,8 @@ usepeerdns """ +PPP_LOGFILE = '/var/log/vyatta/ppp_{}.log' + default_config_data = { 'access_concentrator': '', 'auth_username': '', @@ -105,6 +109,7 @@ default_config_data = { 'ipv6_autoconf': False, 'ipv6_enable': False, 'local_address': '', + 'logfile': '', 'mtu': '1492', 'name_server': True, 'remote_address': '', @@ -124,6 +129,7 @@ def get_config(): # determine tagNode instance try: pppoe['intf'] = os.environ['VYOS_TAGNODE_VALUE'] + pppoe['logfile'] = PPP_LOGFILE.format(pppoe['intf']) except KeyError as E: print("Interface not specified") @@ -241,7 +247,12 @@ def apply(pppoe): return None if not pppoe['disable']: - # Dial PPPoE connection + # make logfile owned by root / vyattacfg + uid = getpwnam('root').pw_uid + gid = getgrnam('vyattacfg').gr_gid + os.chown(pppoe['logfile'], uid, gid) + + # dial PPPoE connection cmd = 'systemctl start ppp@{}.service'.format(pppoe['intf']) subprocess_cmd(cmd) -- cgit v1.2.3