diff options
-rw-r--r-- | Makefile.am | 7 | ||||
-rw-r--r-- | debian/vyatta-cfg-system.postinst.in | 101 | ||||
-rw-r--r-- | debian/vyatta-cfg-system.postrm | 10 | ||||
-rwxr-xr-x | scripts/rl-system.init | 200 | ||||
-rw-r--r-- | scripts/vyatta_net_name | 111 | ||||
-rw-r--r-- | sysconf/vyatta-net.rules | 13 |
6 files changed, 248 insertions, 194 deletions
diff --git a/Makefile.am b/Makefile.am index c3aea76e..b3db5d18 100644 --- a/Makefile.am +++ b/Makefile.am @@ -1,5 +1,7 @@ cfgdir = $(datadir)/vyatta-cfg/templates -share_perl5dir = /opt/vyatta/share/perl5 +share_perl5dir = $(datarootdir)/perl5 +libudevdir = /lib/udev +etcudevdir = /etc/udev bin_SCRIPTS = sbin_SCRIPTS = @@ -30,6 +32,9 @@ sysconf_DATA += sysconf/syslog.conf sysconf_DATA += sysconf/default_ssh sysconf_DATA += sysconf/config.boot.default +libudev_SCRIPTS = scripts/vyatta_net_name +etcudev_DATA = sysconf/vyatta-net.rules + cpiop = find . ! -regex '\(.*~\|.*\.bak\|.*\.swp\|.*\#.*\#\)' -print0 | \ cpio -0pd diff --git a/debian/vyatta-cfg-system.postinst.in b/debian/vyatta-cfg-system.postinst.in index eae046f7..13ba6dc6 100644 --- a/debian/vyatta-cfg-system.postinst.in +++ b/debian/vyatta-cfg-system.postinst.in @@ -11,71 +11,44 @@ for init in ntp ssh snmpd keepalived ipvsadm; do update-rc.d -f ${init} remove >/dev/null done -# create symlinks -for bb in telnetd telnet tftp ftpget ftpput; do - ln -sf /bin/busybox ${sbindir}/${bb} -done -ln -sf ${bindir}/progress-indicator /usr/bin/progress-indicator - -if [ "$sysconfdir" != "/etc" ]; then - # remove the config files and replace with blank ones - for conf in motd.tail ntp.conf syslog.conf logrotate.d/messages \ - default/ssh ssh/ssh_host_key quagga/daemons quagga/zebra.conf \ - quagga/bgpd.conf quagga/ospfd.conf quagga/ospf6d.conf \ - quagga/ripd.conf quagga/ripngd.conf quagga/isisd.conf \ - snmp/snmpd.conf snmp/snmptrapd.conf keepalived/keepalived.conf \ - ipvsadm.rules default/ipvsadm resolv.conf - do - [ -f /etc/$conf ] && mv -f /etc/$conf /etc/$conf.vyatta-save - touch /etc/$conf - done +case `grep '^RULES_FILE=' /lib/udev/write_net_rules` in +*z25_persistent-net.rules* ) + vyatta_net_rules=z24_vyatta-net.rules;; +*70-persistent-net.rules* ) + vyatta_net_rules=69-vyatta-net.rules;; +* ) + vyatta_net_rules=21-vyatta-net.rules;; +esac - # use our config files - for conf in motd.tail syslog.conf; do - cp $sysconfdir/$conf /etc/$conf - done - cp $sysconfdir/logrotate_messages /etc/logrotate.d/messages - cp $sysconfdir/default_ssh /etc/default/ssh +ln -sf ../vyatta-net.rules /etc/udev/rules.d/$vyatta_net_rules - # sudoers - [ -f /etc/sudoers ] && cp -pf /etc/sudoers /etc/sudoers.vyatta-save - - # for "admin" level (FIXME) - sed -i 's/^# %sudo ALL=NOPASSWD: ALL/%sudo ALL=NOPASSWD: ALL/' /etc/sudoers - if ! grep -q '^%sudo ALL=NOPASSWD: ALL' /etc/sudoers; then - echo -e "\n%sudo ALL=NOPASSWD: ALL" >> /etc/sudoers - fi +if [ "$sysconfdir" != "/etc" ]; then + # for "admin" level (FIXME) + sed -i 's/^# %sudo ALL=NOPASSWD: ALL/%sudo ALL=NOPASSWD: ALL/' /etc/sudoers + if ! grep -q '^%sudo ALL=NOPASSWD: ALL' /etc/sudoers; then + echo -e "\n%sudo ALL=NOPASSWD: ALL" >> /etc/sudoers + fi - # for "users" level - if ! grep -q "^%users ALL=NOPASSWD: ${bindir}/sudo-users/" /etc/sudoers; then - echo -e "\n%users ALL=NOPASSWD: ${bindir}/sudo-users/" >> /etc/sudoers - fi - - # keep env vars - echo "Defaults env_keep+=VYATTA_*" >> /etc/sudoers - - # ssh v1. remove the empty key file - rm /etc/ssh/ssh_host_key - - # remove unnecessary files - rm /etc/logrotate.d/*.vyatta-save >& /dev/null - - # quagga/daemons - sed 's/zebra=no/zebra=yes/' /etc/quagga/daemons.vyatta-save > /etc/quagga/daemons - sed -i 's/bgpd=no/bgpd=yes/' /etc/quagga/daemons - sed -i 's/ospfd=no/ospfd=yes/' /etc/quagga/daemons - sed -i 's/ripd=no/ripd=yes/' /etc/quagga/daemons - - echo "log syslog warnings" >> /etc/quagga/bgpd.conf - echo "log syslog warnings" >> /etc/quagga/isisd.conf - echo "log syslog warnings" >> /etc/quagga/ospf6d.conf - echo "log syslog warnings" >> /etc/quagga/ospf.conf - echo "log syslog warnings" >> /etc/quagga/ripd.conf - echo "log syslog warnings" >> /etc/quagga/ripngd.conf - echo "log syslog warnings" >> /etc/quagga/zebra.conf - - # add temporary version - echo "Version : eureka (beta)" > $sysconfdir/version + # for "users" level + if ! grep -q "^%users ALL=NOPASSWD: ${bindir}/sudo-users/" /etc/sudoers; then + echo -e "\n%users ALL=NOPASSWD: ${bindir}/sudo-users/" >> /etc/sudoers + fi + + # keep env vars + if ! grep -q 'env_keep+=VYATTA_*' /etc/sudoers ; then + echo "Defaults env_keep+=VYATTA_*" >> /etc/sudoers + fi + + # quagga/daemons + sed -i 's/zebra=no/zebra=yes/' /etc/quagga/daemons + sed -i 's/bgpd=no/bgpd=yes/' /etc/quagga/daemons + sed -i 's/ospfd=no/ospfd=yes/' /etc/quagga/daemons + sed -i 's/ripd=no/ripd=yes/' /etc/quagga/daemons + + echo "log syslog warnings" >> /etc/quagga/Quagga.conf + + # add temporary version + echo "Version : eureka (beta)" > $sysconfdir/version fi # update crontab for logrotate @@ -91,3 +64,7 @@ mkdir -p /var/log/{user,vrrpd} touch /etc/environment +# Local Variables: +# mode: shell-script +# sh-indentation: 4 +# End: diff --git a/debian/vyatta-cfg-system.postrm b/debian/vyatta-cfg-system.postrm new file mode 100644 index 00000000..d668f55d --- /dev/null +++ b/debian/vyatta-cfg-system.postrm @@ -0,0 +1,10 @@ +#!/bin/bash + +if [ "$1" = "purge" ]; then + rm -f /etc/udev/rules.d/*vyatta-net.rules +fi + +# Local Variables: +# mode: shell-script +# sh-indentation: 4 +# End: diff --git a/scripts/rl-system.init b/scripts/rl-system.init index 779a7610..1039ac6a 100755 --- a/scripts/rl-system.init +++ b/scripts/rl-system.init @@ -24,8 +24,15 @@ ACTION=$1 -[[ $PATH == *${ofr_bindir}* ]] || PATH+=:${ofr_bindir} -[[ $PATH == *${ofr_sbindir}* ]] || PATH+=:${ofr_sbindir} +source /etc/default/vyatta + +: ${vyatta_prefix:=/opt/vyatta} +: ${vyatta_bindir:=${vyatta_prefix}/bin} +: ${vyatta_sbindir:=${vyatta_prefix}/sbin} +: ${vyatta_sysconfdir:=${vyatta_prefix}/etc} + +[[ $PATH == *${vyatta_bindir}* ]] || PATH+=:${vyatta_bindir} +[[ $PATH == *${vyatta_sbindir}* ]] || PATH+=:${vyatta_sbindir} export PATH @@ -33,14 +40,12 @@ export PATH IPROUTE2IP=ip INIT_PID=$$ -IFTAB=/etc/iftab ## BOOTFILE is provided by ofr.init : ${BOOTFILE:=$prefix/etc/config/config.boot} declare -a cfg_eth_hwid -declare -a sys_eth_mac -declare -a sys_vmnets +declare -a sys_eth_mac=( `cat /sys/class/net/eth*/address` ) # load hwid array from config file as follows # interface { @@ -79,33 +84,6 @@ load_cfg_eth_hwid () }' $BOOTFILE ) } -# load system eth mac tabled from ip link - -load_sys_eth_mac () -{ - eval $( ip link show | sed -n ' - /^[0-9]*: eth[0-9]*: /,+1 { -# combine 2 line interface output... -# 2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000 -# link/ether 00:13:72:57:48:f9 brd ff:ff:ff:ff:ff:ff - h - n - x - G - s/\n// -# translate to: -# #=00:13:72:57:48:f9 - s/^.*eth\([0-9]\+\):.*link\/ether \([0-9A-Fa-f:]\+\) .*$/sys_eth_mac[\1]=\2/p - }' ) -} - -load_sys_vmnets () -{ - sys_vmnets=( $( ip link show | - sed -n 's/^[0-9]*: \(vmnet[0-9]*\).*$/\1/p' ) ) -} - - have_cfg_eth_hwid () { local mac=$1 @@ -161,35 +139,23 @@ update_cfg_eth_hwid () done } -write_iftab () -{ - local -i i - - rm -f $IFTAB - for i in ${!cfg_eth_hwid[@]} ; do - echo "etha$i mac ${cfg_eth_hwid[$i]}" >> $IFTAB - done -} - -write_iftab_real () -{ - local -i i - - rm -f $IFTAB - for i in ${!cfg_eth_hwid[@]} ; do - echo "eth$i mac ${cfg_eth_hwid[$i]}" >> $IFTAB - done -} - mod_bootfile_eth_hwid () { local eth=$1 hwid=$2 - sed -i '/^interfaces {$/,/^}/ { - /^ ethernet '"$eth"' {$/,/^ }$/ { - /^ *hw-id/c\ - hw-id: '"$hwid"' - }}' $BOOTFILE + sed -i '/^interfaces {$/,/^}$/ { + /^ ethernet '"$eth"' {$/ { + :join + /\n }$/ { + /hw-id: / s/\(hw-id:\) [0-9a-fA-F:]\+/\1 '"$hwid"'/ + /hw-id: /! s/}$/ hw-id: '"$hwid"'\n }/ + /link-detect/! s/}$/ link-detect\n }/ + q 0 + } + N + b join + } + }' $BOOTFILE } add_bootfile_eth_hwid () @@ -200,20 +166,9 @@ add_bootfile_eth_hwid () /^}$/i\ ethernet '"$eth"' {\ hw-id: '"$hwid"'\ - } - }' $BOOTFILE -} - -add_bootfile_eth_linkdetect () -{ - local eth=$1 - - sed -i '/^interfaces {$/,/^}$/ { - /^}$/i\ - ethernet '"$eth"' {\ link-detect\ } - }' $BOOTFILE + }' $BOOTFILE } update_bootfile_eths () @@ -225,48 +180,10 @@ update_bootfile_eths () mod_bootfile_eth_hwid eth$i ${cfg_eth_hwid[$i]} else add_bootfile_eth_hwid eth$i ${cfg_eth_hwid[$i]} - add_bootfile_eth_linkdetect eth$i - fi - done -} - -add_bootfile_vmnet () -{ - local vmnet=$1 - - sed -i '/^interfaces {/,/^}$/ { - /^}$/i\ - ethernet '"$vmnet"' {\ - } - }' $BOOTFILE -} - -update_bootfile_vmnets () -{ - for vmnet in ${sys_vmnets[@]} ; do - if ! grep -q "ethernet $vmnet {" $BOOTFILE ; then - add_bootfile_vmnet $vmnet fi done } -itfmess () -{ - load_cfg_eth_hwid - load_sys_eth_mac - load_sys_vmnets - update_cfg_eth_hwid - write_iftab - update_bootfile_eths - update_bootfile_vmnets -} - -maybe_ifrename () { - if [ -e $IFTAB ] ; then - ifrename -d -p - fi -} - search_config_if_wan () { grep "\<serial\>.*\<$1\>" $BOOTFILE >/dev/null } @@ -290,56 +207,78 @@ add_new_serial_if () { fi } -reset_promiscous_arp_response () { +proc_flags () +{ + # reset_promiscous_arp_response echo 1 > /proc/sys/net/ipv4/conf/default/arp_filter -} - -set_ip_forwarding () { + # set_ip_forwarding echo 1 > /proc/sys/net/ipv4/ip_forward -} -## if a primary address is removed from an interface promote and -## secondary available -set_promote_secondaries () { + # if a primary address is removed from an interface promote and + # secondary available echo 1 > /proc/sys/net/ipv4/conf/all/promote_secondaries } ## Update the version information update_version_info () { - if [ -f ${ofr_sysconfdir}/version.master ]; then - cp ${ofr_sysconfdir}/version.master ${ofr_sysconfdir}/version + if [ -f ${vyatta_sysconfdir}/version.master ]; then + cp ${vyatta_sysconfdir}/version.master ${vyatta_sysconfdir}/version fi } ## Clear out apt config file--it will be filled in by rtrmgr clear_apt_config() { - >/etc/apt/sources.list + cat /dev/null >/etc/apt/sources.list || true } ## snmp should be a separate package, ## but for now load the kernel module here add_snmp_stats_module() { - modprobe ipt_rlsnmpstats + modprobe ipt_rlsnmpstats || true } set_reboot_on_panic() { - echo 1 > /proc/sys/kernel/panic_on_oops - echo 60 > /proc/sys/kernel/panic + echo 1 > /proc/sys/kernel/panic_on_oops + echo 60 > /proc/sys/kernel/panic +} + +clear_or_override_config_files () +{ + for conf in motd.tail ntp.conf syslog.conf logrotate.d/messages \ + snmp/snmpd.conf snmp/snmptrapd.conf keepalived/keepalived.conf \ + ipvsadm.rules default/ipvsadm resolv.conf + do + if [ -f /etc/$conf ] ; then + cat /dev/null > /etc/$conf || true + fi + done + for conf in motd.tail syslog.conf; do + cp $vyatta_sysconfdir/$conf /etc/$conf + done + cp $vyatta_sysconfdir/logrotate_messages /etc/logrotate.d/messages + cp $vyatta_sysconfdir/default_ssh /etc/default/ssh + # ssh v1. remove the empty key file + rm -f /etc/ssh/ssh_host_key } start () { - set_reboot_on_panic - itfmess - maybe_ifrename - write_iftab_real - maybe_ifrename - add_new_serial_if - reset_promiscous_arp_response - set_ip_forwarding - set_promote_secondaries + clear_or_override_config_files || \ + log_failure_msg "can\'t reset config files" + set_reboot_on_panic || \ + log_failure_msg "can\'t set reboot on panic" + load_cfg_eth_hwid || \ + log_failure_msg "can\'t load interface hwids" + update_cfg_eth_hwid || \ + log_failure_msg "can\'t resolve interface hwids" + update_bootfile_eths || \ + log_failure_msg "can\'t update config interfaces" + add_new_serial_if || \ + log_failure_msg "can\'t add serial interfaces" + proc_flags || \ + log_failure_msg "can\'t reset proc flags" update_version_info clear_apt_config add_snmp_stats_module @@ -354,7 +293,6 @@ esac exit $? - # Local Variables: # mode: shell-script # sh-indentation: 4 diff --git a/scripts/vyatta_net_name b/scripts/vyatta_net_name new file mode 100644 index 00000000..d93dd288 --- /dev/null +++ b/scripts/vyatta_net_name @@ -0,0 +1,111 @@ +#!/bin/bash +# **** License **** +# Version: VPL 1.0 +# +# The contents of this file are subject to the Vyatta Public License +# Version 1.0 ("License"); you may not use this file except in +# compliance with the License. You may obtain a copy of the License at +# http://www.vyatta.com/vpl +# +# Software distributed under the License is distributed on an "AS IS" +# basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See +# the License for the specific language governing rights and limitations +# under the License. +# +# This code was originally developed by Vyatta, Inc. +# Portions created by Vyatta are Copyright (C) 2007 Vyatta, Inc. +# All Rights Reserved. +# +# Author: Tom Grennan <tgrennan@vyatta.com> +# Description: search Vyatta config for interface name given address +# +# **** End License **** + +debug='' +attr_address=0:0:0:0:0:0 + +test -r /etc/default/vyatta && source /etc/default/vyatta + +# process command line variable overrides + +for arg ; do + case "$arg" in + --debug ) + debug=echo + ;; + --*=* ) + arg=${arg#--} + eval ${arg%=*}=\"${arg#*=}\" + ;; + *=* ) + eval ${arg%=*}=\"${arg#*=}\" + ;; + *:*:*:*:*:* ) + attr_address=$arg + ;; + * ) + kname=$arg + ;; + esac +done + +: ${vyatta_prefix:=/opt/vyatta} +: ${vyatta_sysconfdir:=${vyatta_prefix}/etc} +: ${BOOTFILE:=${vyatta_sysconfdir:-/opt/vyatta/etc}/config/config.boot} + +shopt -s extglob nullglob + +# load cfg_eth_hwid array from config file as follows +# interface { +# ... +# ethernet eth# { +# ... +# hw-id: XX:XX:XX:XX:XX:XX +# ... +# } +# } +# +# cfg_eth_hwid=( "eth#=xx:xx:xx:xx:xx:xx" ... ) + +declare -a cfg_net_hwid=( $( sed -ne ' + /^interfaces {/,/^}/ { + /^ *ethernet eth[0-9]* {/,/^ $/ { + /^ *ethernet/ { + s/.* eth\([0-9]\+\) {$/ eth\1=/ +# hold interface name + h + } + /^.*hw-id:/ { +# translate field name + s/.*hw-id: *// +# tolower hex mac address + y/ABCDEF/abcdef/ +# exchange hold and pattern space + x +# concatenate hold and pattern + G + s/\n//p + } + } + }' $BOOTFILE )) + +for name_hwid in ${cfg_net_hwid[@]} ; do + name=${name_hwid%=*} + hwid=${name_hwid#*=} + if [ "$hwid" == "$attr_address" ] ; then + echo $name + exit 0 + fi +done + +if [ -n "$kname" ] ; then + echo $kname + exit 0 +fi + +exit 1 + +# Local Variables: +# mode: shell-script +# sh-indentation: 4 +# End: diff --git a/sysconf/vyatta-net.rules b/sysconf/vyatta-net.rules new file mode 100644 index 00000000..31901b42 --- /dev/null +++ b/sysconf/vyatta-net.rules @@ -0,0 +1,13 @@ +# These rules use vyatta_net_name to persistently name network interfaces +# per "hwid" association with the interface block of the vyatta config file. + +ACTION!="add", GOTO="vyatta_net_end" +SUBSYSTEM!="net", GOTO="vyatta_net_end" + +# ignore interfaces without a driver link like bridges and VLANs +KERNEL=="eth*|ath*|wlan*|ra*|sta*|ctc*|lcs*|hsi*", DRIVERS=="?*",\ + PROGRAM="vyatta_net_name %k $attr{address}", \ + NAME="%c" + +LABEL="vyatta_net_end" + |