Merge branch 'glendale'

41 files changed, 1331 insertions, 316 deletions

diff --git a/COPYING b/COPYING
index 1c08bf46..3912109b 100644
--- a/COPYING
+++ b/COPYING
@@ -1,27 +1,340 @@
-/*
- * Package: vyatt-cfg-system
- *
- * **** License ****
- * Version: VPL 1.0
- *
- * The contents of this file are subject to the Vyatta Public License
- * Version 1.0 ("License"); you may not use this file except in
- * compliance with the License. You may obtain a copy of the License at
- * http://www.vyatta.com/vpl
- *
- * Software distributed under the License is distributed on an "AS IS"
- * basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
- * the License for the specific language governing rights and limitations
- * under the License.
- *
- * This code was originally developed by Vyatta, Inc.
- * Portions created by Vyatta are Copyright (C) "YEAR" Vyatta, Inc.
- * All Rights Reserved.
- *
- * Author: eng@vyatta.com
- * Date: 2007
- * Description: Vyatta system-level configuration templates/scripts
- *
- * **** End License ****
- *
- */
+		    GNU GENERAL PUBLIC LICENSE
+		       Version 2, June 1991
+
+ Copyright (C) 1989, 1991 Free Software Foundation, Inc.
+                       51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+			    Preamble
+
+  The licenses for most software are designed to take away your
+freedom to share and change it.  By contrast, the GNU General Public
+License is intended to guarantee your freedom to share and change free
+software--to make sure the software is free for all its users.  This
+General Public License applies to most of the Free Software
+Foundation's software and to any other program whose authors commit to
+using it.  (Some other Free Software Foundation software is covered by
+the GNU Library General Public License instead.)  You can apply it to
+your programs, too.
+
+  When we speak of free software, we are referring to freedom, not
+price.  Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+this service if you wish), that you receive source code or can get it
+if you want it, that you can change the software or use pieces of it
+in new free programs; and that you know you can do these things.
+
+  To protect your rights, we need to make restrictions that forbid
+anyone to deny you these rights or to ask you to surrender the rights.
+These restrictions translate to certain responsibilities for you if you
+distribute copies of the software, or if you modify it.
+
+  For example, if you distribute copies of such a program, whether
+gratis or for a fee, you must give the recipients all the rights that
+you have.  You must make sure that they, too, receive or can get the
+source code.  And you must show them these terms so they know their
+rights.
+
+  We protect your rights with two steps: (1) copyright the software, and
+(2) offer you this license which gives you legal permission to copy,
+distribute and/or modify the software.
+
+  Also, for each author's protection and ours, we want to make certain
+that everyone understands that there is no warranty for this free
+software.  If the software is modified by someone else and passed on, we
+want its recipients to know that what they have is not the original, so
+that any problems introduced by others will not reflect on the original
+authors' reputations.
+
+  Finally, any free program is threatened constantly by software
+patents.  We wish to avoid the danger that redistributors of a free
+program will individually obtain patent licenses, in effect making the
+program proprietary.  To prevent this, we have made it clear that any
+patent must be licensed for everyone's free use or not licensed at all.
+
+  The precise terms and conditions for copying, distribution and
+modification follow.
+
+		    GNU GENERAL PUBLIC LICENSE
+   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+  0. This License applies to any program or other work which contains
+a notice placed by the copyright holder saying it may be distributed
+under the terms of this General Public License.  The "Program", below,
+refers to any such program or work, and a "work based on the Program"
+means either the Program or any derivative work under copyright law:
+that is to say, a work containing the Program or a portion of it,
+either verbatim or with modifications and/or translated into another
+language.  (Hereinafter, translation is included without limitation in
+the term "modification".)  Each licensee is addressed as "you".
+
+Activities other than copying, distribution and modification are not
+covered by this License; they are outside its scope.  The act of
+running the Program is not restricted, and the output from the Program
+is covered only if its contents constitute a work based on the
+Program (independent of having been made by running the Program).
+Whether that is true depends on what the Program does.
+
+  1. You may copy and distribute verbatim copies of the Program's
+source code as you receive it, in any medium, provided that you
+conspicuously and appropriately publish on each copy an appropriate
+copyright notice and disclaimer of warranty; keep intact all the
+notices that refer to this License and to the absence of any warranty;
+and give any other recipients of the Program a copy of this License
+along with the Program.
+
+You may charge a fee for the physical act of transferring a copy, and
+you may at your option offer warranty protection in exchange for a fee.
+
+  2. You may modify your copy or copies of the Program or any portion
+of it, thus forming a work based on the Program, and copy and
+distribute such modifications or work under the terms of Section 1
+above, provided that you also meet all of these conditions:
+
+    a) You must cause the modified files to carry prominent notices
+    stating that you changed the files and the date of any change.
+
+    b) You must cause any work that you distribute or publish, that in
+    whole or in part contains or is derived from the Program or any
+    part thereof, to be licensed as a whole at no charge to all third
+    parties under the terms of this License.
+
+    c) If the modified program normally reads commands interactively
+    when run, you must cause it, when started running for such
+    interactive use in the most ordinary way, to print or display an
+    announcement including an appropriate copyright notice and a
+    notice that there is no warranty (or else, saying that you provide
+    a warranty) and that users may redistribute the program under
+    these conditions, and telling the user how to view a copy of this
+    License.  (Exception: if the Program itself is interactive but
+    does not normally print such an announcement, your work based on
+    the Program is not required to print an announcement.)
+
+These requirements apply to the modified work as a whole.  If
+identifiable sections of that work are not derived from the Program,
+and can be reasonably considered independent and separate works in
+themselves, then this License, and its terms, do not apply to those
+sections when you distribute them as separate works.  But when you
+distribute the same sections as part of a whole which is a work based
+on the Program, the distribution of the whole must be on the terms of
+this License, whose permissions for other licensees extend to the
+entire whole, and thus to each and every part regardless of who wrote it.
+
+Thus, it is not the intent of this section to claim rights or contest
+your rights to work written entirely by you; rather, the intent is to
+exercise the right to control the distribution of derivative or
+collective works based on the Program.
+
+In addition, mere aggregation of another work not based on the Program
+with the Program (or with a work based on the Program) on a volume of
+a storage or distribution medium does not bring the other work under
+the scope of this License.
+
+  3. You may copy and distribute the Program (or a work based on it,
+under Section 2) in object code or executable form under the terms of
+Sections 1 and 2 above provided that you also do one of the following:
+
+    a) Accompany it with the complete corresponding machine-readable
+    source code, which must be distributed under the terms of Sections
+    1 and 2 above on a medium customarily used for software interchange; or,
+
+    b) Accompany it with a written offer, valid for at least three
+    years, to give any third party, for a charge no more than your
+    cost of physically performing source distribution, a complete
+    machine-readable copy of the corresponding source code, to be
+    distributed under the terms of Sections 1 and 2 above on a medium
+    customarily used for software interchange; or,
+
+    c) Accompany it with the information you received as to the offer
+    to distribute corresponding source code.  (This alternative is
+    allowed only for noncommercial distribution and only if you
+    received the program in object code or executable form with such
+    an offer, in accord with Subsection b above.)
+
+The source code for a work means the preferred form of the work for
+making modifications to it.  For an executable work, complete source
+code means all the source code for all modules it contains, plus any
+associated interface definition files, plus the scripts used to
+control compilation and installation of the executable.  However, as a
+special exception, the source code distributed need not include
+anything that is normally distributed (in either source or binary
+form) with the major components (compiler, kernel, and so on) of the
+operating system on which the executable runs, unless that component
+itself accompanies the executable.
+
+If distribution of executable or object code is made by offering
+access to copy from a designated place, then offering equivalent
+access to copy the source code from the same place counts as
+distribution of the source code, even though third parties are not
+compelled to copy the source along with the object code.
+
+  4. You may not copy, modify, sublicense, or distribute the Program
+except as expressly provided under this License.  Any attempt
+otherwise to copy, modify, sublicense or distribute the Program is
+void, and will automatically terminate your rights under this License.
+However, parties who have received copies, or rights, from you under
+this License will not have their licenses terminated so long as such
+parties remain in full compliance.
+
+  5. You are not required to accept this License, since you have not
+signed it.  However, nothing else grants you permission to modify or
+distribute the Program or its derivative works.  These actions are
+prohibited by law if you do not accept this License.  Therefore, by
+modifying or distributing the Program (or any work based on the
+Program), you indicate your acceptance of this License to do so, and
+all its terms and conditions for copying, distributing or modifying
+the Program or works based on it.
+
+  6. Each time you redistribute the Program (or any work based on the
+Program), the recipient automatically receives a license from the
+original licensor to copy, distribute or modify the Program subject to
+these terms and conditions.  You may not impose any further
+restrictions on the recipients' exercise of the rights granted herein.
+You are not responsible for enforcing compliance by third parties to
+this License.
+
+  7. If, as a consequence of a court judgment or allegation of patent
+infringement or for any other reason (not limited to patent issues),
+conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License.  If you cannot
+distribute so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you
+may not distribute the Program at all.  For example, if a patent
+license would not permit royalty-free redistribution of the Program by
+all those who receive copies directly or indirectly through you, then
+the only way you could satisfy both it and this License would be to
+refrain entirely from distribution of the Program.
+
+If any portion of this section is held invalid or unenforceable under
+any particular circumstance, the balance of the section is intended to
+apply and the section as a whole is intended to apply in other
+circumstances.
+
+It is not the purpose of this section to induce you to infringe any
+patents or other property right claims or to contest validity of any
+such claims; this section has the sole purpose of protecting the
+integrity of the free software distribution system, which is
+implemented by public license practices.  Many people have made
+generous contributions to the wide range of software distributed
+through that system in reliance on consistent application of that
+system; it is up to the author/donor to decide if he or she is willing
+to distribute software through any other system and a licensee cannot
+impose that choice.
+
+This section is intended to make thoroughly clear what is believed to
+be a consequence of the rest of this License.
+
+  8. If the distribution and/or use of the Program is restricted in
+certain countries either by patents or by copyrighted interfaces, the
+original copyright holder who places the Program under this License
+may add an explicit geographical distribution limitation excluding
+those countries, so that distribution is permitted only in or among
+countries not thus excluded.  In such case, this License incorporates
+the limitation as if written in the body of this License.
+
+  9. The Free Software Foundation may publish revised and/or new versions
+of the General Public License from time to time.  Such new versions will
+be similar in spirit to the present version, but may differ in detail to
+address new problems or concerns.
+
+Each version is given a distinguishing version number.  If the Program
+specifies a version number of this License which applies to it and "any
+later version", you have the option of following the terms and conditions
+either of that version or of any later version published by the Free
+Software Foundation.  If the Program does not specify a version number of
+this License, you may choose any version ever published by the Free Software
+Foundation.
+
+  10. If you wish to incorporate parts of the Program into other free
+programs whose distribution conditions are different, write to the author
+to ask for permission.  For software which is copyrighted by the Free
+Software Foundation, write to the Free Software Foundation; we sometimes
+make exceptions for this.  Our decision will be guided by the two goals
+of preserving the free status of all derivatives of our free software and
+of promoting the sharing and reuse of software generally.
+
+			    NO WARRANTY
+
+  11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
+FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.  EXCEPT WHEN
+OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
+PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
+OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.  THE ENTIRE RISK AS
+TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU.  SHOULD THE
+PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
+REPAIR OR CORRECTION.
+
+  12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
+REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
+INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
+OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
+TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
+YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
+PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
+POSSIBILITY OF SUCH DAMAGES.
+
+		     END OF TERMS AND CONDITIONS
+
+	    How to Apply These Terms to Your New Programs
+
+  If you develop a new program, and you want it to be of the greatest
+possible use to the public, the best way to achieve this is to make it
+free software which everyone can redistribute and change under these terms.
+
+  To do so, attach the following notices to the program.  It is safest
+to attach them to the start of each source file to most effectively
+convey the exclusion of warranty; and each file should have at least
+the "copyright" line and a pointer to where the full notice is found.
+
+    <one line to give the program's name and a brief idea of what it does.>
+    Copyright (C) <year>  <name of author>
+
+    This program is free software; you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation; either version 2 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program; if not, write to the Free Software
+    Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+
+
+Also add information on how to contact you by electronic and paper mail.
+
+If the program is interactive, make it output a short notice like this
+when it starts in an interactive mode:
+
+    Gnomovision version 69, Copyright (C) year name of author
+    Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
+    This is free software, and you are welcome to redistribute it
+    under certain conditions; type `show c' for details.
+
+The hypothetical commands `show w' and `show c' should show the appropriate
+parts of the General Public License.  Of course, the commands you use may
+be called something other than `show w' and `show c'; they could even be
+mouse-clicks or menu items--whatever suits your program.
+
+You should also get your employer (if you work as a programmer) or your
+school, if any, to sign a "copyright disclaimer" for the program, if
+necessary.  Here is a sample; alter the names:
+
+  Yoyodyne, Inc., hereby disclaims all copyright interest in the program
+  `Gnomovision' (which makes passes at compilers) written by James Hacker.
+
+  <signature of Ty Coon>, 1 April 1989
+  Ty Coon, President of Vice
+
+This General Public License does not permit incorporating your program into
+proprietary programs.  If your program is a subroutine library, you may
+consider it more useful to permit linking proprietary applications with the
+library.  If this is what you want to do, use the GNU Library General
+Public License instead of this License.
diff --git a/Makefile.am b/Makefile.am
index 7d00d07f..949aba4a 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -9,11 +9,13 @@ sysconf_DATA =
 
 bin_SCRIPTS += scripts/progress-indicator
 bin_SCRIPTS += scripts/vyatta-functions
-bin_SCRIPTS += scripts/init-floppy
+
+sbin_SCRIPTS += scripts/init-floppy
 sbin_SCRIPTS += scripts/rl-system.init
 sbin_SCRIPTS += scripts/install-system
 sbin_SCRIPTS += scripts/quick-install
 sbin_SCRIPTS += scripts/standalone_root_pw_reset
+sbin_SCRIPTS += scripts/system/vyatta_update_login.pl
 sbin_SCRIPTS += scripts/system/vyatta_update_login_user.pl
 sbin_SCRIPTS += scripts/system/vyatta_update_logrotate.pl
 sbin_SCRIPTS += scripts/system/vyatta_update_resolv.pl
@@ -31,11 +33,11 @@ noinst_DATA = test_bootfile
 
 share_perl5_DATA = scripts/keepalived/VyattaKeepalived.pm
 
+sysconf_DATA += sysconf/LICENSE
 sysconf_DATA += sysconf/logrotate_messages
 sysconf_DATA += sysconf/motd.tail
 sysconf_DATA += sysconf/syslog.conf
 sysconf_DATA += sysconf/default_ssh
-sysconf_DATA += sysconf/version
 sysconf_DATA += sysconf/config.boot.default
 
 libudev_SCRIPTS	 = scripts/vyatta_net_name
diff --git a/debian/changelog b/debian/changelog
index 0423fe81..263a6f69 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,129 @@
+vyatta-cfg-system (0.6) unstable; urgency=low
+
+  VC4.0.2
+
+
+ -- Mark O'Brien <mobrien@vyatta.com>  Sat, 19 Apr 2008 11:56:03 -0700
+
+vyatta-cfg-system (0.5) unstable; urgency=low
+
+  VC4.0.2 release candidate
+  [ Mark O'Brien ]
+
+
+  [ Stig Thormodsrud ]
+  * Fix 3148: can't delete bridge interface
+
+  [ rbalocca ]
+  * Remove vestigal version file from vyatta-cfg-system
+
+  [ Mark O'Brien ]
+
+ -- Mark O'Brien <mobrien@vyatta.com>  Wed, 16 Apr 2008 09:50:05 -0700
+
+vyatta-cfg-system (0.4) unstable; urgency=low
+
+  3.0.2
+  [ Mark O'Brien ]
+
+
+  [ An-Cheng Huang ]
+  * fix for bug 3032: rename pre-glendale config files during install-
+    system.
+  * fix for bug 3087: add proper dependency to ensure install order.
+
+  [ Bob Gilligan ]
+  * Bugfix: 3021
+
+  [ Mark O'Brien ]
+  * Update version file to 3.0.1
+  * 3.0.1
+
+  [ Michael Larson ]
+  * up proc limit for rmem_max to support zebra netlink buffer size
+    increase.
+
+  [ Mohit Mehta ]
+  * Fix Bug 3027 Unable to configure SNMP community client address
+
+  [ Robert Bays ]
+  * fix bug 3039
+
+  [ Stephen Hemminger ]
+  * Allow operator to run ntpdate
+
+  [ Stig Thormodsrud ]
+  * Add vrrp vip addresses to watchlink exclude file.
+  * Fix 3086: VRRP only allows up to 20 virtual IPs
+
+  [ rbalocca ]
+  * Fix debian dependencies
+  * Line up the colons with the one from the copyright notice (in show
+    version)
+  * Set dependencies on either bash or vyatta-bash
+  * Move the copyright dates over (bug 3028)
+
+  [ Mark O'Brien ]
+
+ -- Mark O'Brien <mobrien@vyatta.com>  Fri, 04 Apr 2008 18:00:34 -0700
+
+vyatta-cfg-system (0.3) unstable; urgency=low
+
+  VC4.0.1
+  [ Mark O'Brien ]
+
+
+  [ An-Cheng Huang ]
+  * fix for bug 2083: add radius authentication support.
+
+  [ Mark O'Brien ]
+  * Update version file to VC4.0.1
+
+  [ Mohit Mehta ]
+  * Fix Bug 2707 Missing from Glendale
+  * CLI tab enhancement at "set interfaces ethernet <> address"
+
+  [ Robert Bays ]
+  * fixes for bugs 2499, 2967
+
+  [ Stephen Hemminger ]
+  * add operator and admin to linux group adm
+  * add option to disable root login over ssh
+  * fix ssh allow-root template
+  * put operator in operator group
+  * add explicit list of commands in sudoers
+  * don't allow illegal hostnames
+  * allow numbers in hostname
+  * allow non-root to clear nat counters
+  * Replace VPL with GPLv2
+  * Changes for license/copyright
+  * Update to GPLv2
+  * Move init-floppy to /opt/vyatta/sbin
+  * Allow operator to set date.
+
+  [ Stig Thormodsrud ]
+  * Fix 2877: Bridge group can not be assiged to vif sub interfaceZ
+  * Fix parse error in /etc/sudoers
+  * Fix 2880 SNMP configuration file issues
+  * Fix 2695 GRE tunnel doesn't work with "key"
+
+  [ rbalocca ]
+  * Fix for bug #2934
+  * Fix for bug #2542 ( http://bugzilla.vyatta.com/show_bug.cgi?id=2542
+    )
+  * Fix for bug #2921 ( http://bugzilla.vyatta.com/show_bug.cgi?id=2921
+    )
+  * Revert "Fix for bug #2921 (
+    http://bugzilla.vyatta.com/show_bug.cgi?id=2921 )"
+  * Improve the package repository template
+  * Fix for bug #2969 ( http://bugzilla.vyatta.com/show_bug.cgi?id=2969
+    )
+  * Update copyright for "show version"
+
+  [ Mark O'Brien ]
+
+ -- Mark O'Brien <mobrien@vyatta.com>  Tue, 18 Mar 2008 19:03:58 -0700
+
 vyatta-cfg-system (0.2) unstable; urgency=low
 
   vc4.0.0
diff --git a/debian/control b/debian/control
index d950155d..2de64d20 100644
--- a/debian/control
+++ b/debian/control
@@ -7,13 +7,24 @@ Standards-Version: 3.7.2
 
 Package: vyatta-cfg-system
 Architecture: all
-Depends: bash (>= 3.1),
- sed (>= 4.1.5),
+Depends: sed (>= 4.1.5),
  perl (>= 5.8.8),
  procps (>= 1:3.2.7-3),
  coreutils (>= 5.97-5.3),
- vyatta-cfg, sysv-rc, ntp, sysklogd, busybox, ssh, whois, sudo,
- snmpd, keepalived, vyatta-bash, bridge-utils
+ libpam-radius-auth,
+ vyatta-cfg,
+ vyatta-bash | bash (>= 3.1),
+ sysv-rc,
+ ntp,
+ sysklogd,
+ busybox,
+ whois,
+ sudo,
+ snmpd,
+ keepalived,
+ ssh,
+ ed,
+ bridge-utils
 Suggests: util-linux (>= 2.13-5),
  net-tools,
  ethtool,
diff --git a/debian/copyright b/debian/copyright
index 8690d57f..f12deb1f 100644
--- a/debian/copyright
+++ b/debian/copyright
@@ -14,21 +14,22 @@ Copyright:
 
 License:
 
- The contents of this package are subject to the Vyatta Public License
- Version 1.0 ("License"); you may not use this file except in
- compliance with the License. You may obtain a copy of the License at
- http://www.vyatta.com/vpl
-
- Software distributed under the License is distributed on an "AS IS"
- basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
- the License for the specific language governing rights and limitations
- under the License.
-
- This code was originally developed by Vyatta, Inc.
- Portions created by Vyatta are Copyright (C) 2007 Vyatta, Inc.
-
-On Debian systems, the complete text of the GNU General
-Public License can be found in `/usr/share/common-licenses/GPL'.
+This program is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+This program is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+A copy of the GNU General Public License is available as
+`/usr/share/common-licenses/GPL' in the Debian GNU/Linux distribution
+or on the World Wide Web at `http://www.gnu.org/copyleft/gpl.html'.
+You can also obtain it by writing to the Free Software Foundation,
+Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
+MA 02110-1301, USA.
 
 The Debian packaging is (C) 2007, An-Cheng Huang <ancheng@vyatta.com> and
 is licensed under the GPL, see above.
diff --git a/debian/vyatta-cfg-system.postinst.in b/debian/vyatta-cfg-system.postinst.in
index 52004931..30cbfd5a 100644
--- a/debian/vyatta-cfg-system.postinst.in
+++ b/debian/vyatta-cfg-system.postinst.in
@@ -28,8 +28,27 @@ if [ "$sysconfdir" != "/etc" ]; then
     if ! grep -q '^%sudo ALL=NOPASSWD: ALL' /etc/sudoers; then
 	echo -e "\n%sudo ALL=NOPASSWD: ALL" >> /etc/sudoers
     fi
-  
-    # for "users" level
+
+    # Allow operator to do a limited number of commands without password
+    cat <<"EOF" >>/etc/sudoers
+Cmnd_Alias IPTABLES = /sbin/iptables --list -n,\
+		      /sbin/iptables -L -vn,\
+                      /sbin/iptables -L * -vn,\
+		      /sbin/iptables -t * -L -vn, \
+                      /sbin/iptables -Z *,\
+		      /sbin/iptables -Z -t nat
+Cmnd_Alias IPFLUSH = /sbin/ip route flush cache, \
+		     /sbin/ip route flush cache *,\
+		     /sbin/ip neigh flush to *, \
+		     /sbin/ip neigh flush dev *
+Cmnd_Alias ETHTOOLP = /usr/sbin/ethtool -p *
+Cmnd_Alias DATE    = /bin/date, /usr/sbin/ntpdate
+Cmnd_Alias PPPOE_CMDS = /sbin/pppd, /sbin/poff
+%operator ALL=NOPASSWD: /sbin/reboot, DATE, IPTABLES, ETHTOOLP, IPFLUSH, \
+			PPPOE_CMDS
+EOF
+
+    # for "users" level (FIXME)
     if ! grep -q "^%users ALL=NOPASSWD: ${bindir}/sudo-users/" /etc/sudoers; then
 	echo -e "\n%users ALL=NOPASSWD: ${bindir}/sudo-users/" >> /etc/sudoers
     fi
@@ -48,7 +67,6 @@ mv /etc/crontab.$$ /etc/crontab
 crontab /etc/crontab
 
 # create needed directories
-mkdir -p /etc/raddb
 mkdir -p /var/log/{user,vrrpd}
 
 touch /etc/environment
diff --git a/scripts/init-floppy b/scripts/init-floppy
index 0f12c0ba..affaa1d1 100755
--- a/scripts/init-floppy
+++ b/scripts/init-floppy
@@ -1,16 +1,13 @@
 #!/bin/bash
 # **** License ****
-# Version: VPL 1.0
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
 #
-# The contents of this file are subject to the Vyatta Public License
-# Version 1.0 ("License"); you may not use this file except in
-# compliance with the License. You may obtain a copy of the License at
-# http://www.vyatta.com/vpl
-#
-# Software distributed under the License is distributed on an "AS IS"
-# basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
-# the License for the specific language governing rights and limitations
-# under the License.
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
 #
 # This code was originally developed by Vyatta, Inc.
 # Portions created by Vyatta are Copyright (C) 2007 Vyatta, Inc.
diff --git a/scripts/install-system b/scripts/install-system
index 44582364..2823746b 100755
--- a/scripts/install-system
+++ b/scripts/install-system
@@ -3,18 +3,15 @@
 # Module: install-system
 # 
 # **** License ****
-# Version: VPL 1.0
-# 
-# The contents of this file are subject to the Vyatta Public License
-# Version 1.0 ("License"); you may not use this file except in
-# compliance with the License. You may obtain a copy of the License at
-# http://www.vyatta.com/vpl
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
 #
-# Software distributed under the License is distributed on an "AS IS"
-# basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
-# the License for the specific language governing rights and limitations
-# under the License.
-# 
 # This code was originally developed by Vyatta, Inc.
 # Portions created by Vyatta are Copyright (C) 2006, 2007 Vyatta, Inc.
 # All Rights Reserved.
@@ -73,8 +70,8 @@ SPID=$$
 PWRESET=/opt/vyatta/sbin/standalone_root_pw_reset
 
 # trap signals so we can kill runaway progress indicators
-trap 'progress_indicator "stop"; exit 1' 1
-trap 'progress_indicator "stop"; exit 1' 2
+trap 'progress_indicator stop; exit 1' 1
+trap 'progress_indicator stop; exit 1' 2
 
 # turn off any mounted swap partitions
 turnoffswap () {
@@ -224,34 +221,39 @@ select_partition () {
   text=$2
 
   echo -n "Looking for appropriate partitions:  "
-  progress_indicator "start" 
+  progress_indicator start
 
   # initialize out global var.  using globals in this way is bad form.  I know.
   PARTITION=''
 
   # list only the partitions in /proc/partitions.
   parts=$(cat /proc/partitions | awk '{ if ($4!="name") { print $4 " "} }' | egrep "[0-9]" | egrep -v "loop" | tr -d '\n')
-  
+
   # Get the partition sizes for display
-  # only show partitions that have sizes, i.e. remove loops
+  # only show linux partitions that have sizes, i.e. remove loops
   display=''
   for part in $parts
   do
-    lsize=$(get_drive_size $part)
-    if [ "$lsize" -a $lsize -ge $minsize ]; then
-      display="$display $part\t\t$lsize"MB"\n"
+    rootdev=$(echo $part | sed 's/[0-9]//g')
+    parttype=$(fdisk -l /dev/$rootdev | grep $part | grep Linux)
+    if [ -n "$parttype" ]; then
+      lsize=$(get_drive_size $part)
+      if [ "$lsize" -a $lsize -ge $minsize ]; then
+        display="$display $part\t\t$lsize"MB"\n"
+        myparts="$myparts $part"
+      fi
     fi
   done
 
-  progress_indicator "stop" 
+  progress_indicator stop
   echo "OK"
 
-  if [ -n "$parts" ]; then
+  if [ -n "$myparts" ]; then
     lpartition=''
     while [ -z "$lpartition" ]
     do
       # take the first partition as the default
-      lpartition=$(echo $parts | /usr/bin/awk '{ print $1 }')
+      lpartition=$(echo $myparts | /usr/bin/awk '{ print $1 }')
 
       echo "I found the following partitions suitable for the Vyatta image:"
       echo -e "Partition\tSize"
@@ -259,7 +261,7 @@ select_partition () {
       echo
       echo -n "$text [$lpartition]: "
 
-      lpartition=$(get_response "$lpartition" "$parts")
+      lpartition=$(get_response "$lpartition" "$myparts")
       echo
     done
   else
@@ -269,33 +271,35 @@ select_partition () {
   PARTITION=$lpartition
 }
 
-# Delete all existing partitions for an automated install
-# $1 is the drive to delete partitions from
-delete_partitions () {
-  ldrive=$1
-
-  # get the partitions on the drive
-  partitions=$(cat /proc/partitions | grep $ldrive[0-9] | awk '{ print $4 }' | sed 's/[a-z]//g')
-
-  # now for each part, blow it away
-  for part in $partitions
-  do
-    # Look to see if this is a config partition
-    mkdir -p /mnt/tmp
-    output=$(mount /dev/$ldrive$part /mnt/tmp 2>&1)
-    if [ $? != 0 ]; then
-      echo -e "Cannot mount /dev/$ldrive$part"."\nPlease see $INSTALL_LOG for more details.\nExiting.."
-      echo -e "Cannot mount /dev/$ldrive$part"."\nmount /dev/$ldrive$part /mnt/tmp\nExiting..." >> $INSTALL_LOG
-      echo "$output" >> $INSTALL_LOG
-      exit 1
+rename_old_config() {
+  files=$(find /mnt/config -mindepth 1 -type f | grep -v pre-glendale)
+  for f in $files; do
+    if grep -q '/\*XORP Configuration File, v1.0\*/' $f >&/dev/null; then
+      CURTIME=$(date +%F-%H%M%S)
+      mv $f $f.pre-glendale.$CURTIME
     fi
+  done
+}
 
-    # Look to see if there is a config parition there
-    if [ -f /mnt/tmp/opt/vyatta/etc/config/.vyatta_config ] || [ -f .vyatta_config ]; then
+## check_config_partition
+# look to see if this partition contains a config file
+# and back it up
+check_config_partition() {
+  lpart=$1
+
+  # Look to see if this is a config partition
+  mkdir -p /mnt/tmp
+  output=$(mount /dev/$lpart /mnt/tmp 2>&1)
+  if [ $? != 0 ]; then
+    echo -e "Cannot mount /dev/$lpart"."\nmount /dev/$ldrive$part /mnt/tmp\nExiting..." >> $INSTALL_LOG
+    echo "$output" >> $INSTALL_LOG
+  else
+    # Look to see if there is a config partition there
+    if [ -f /mnt/tmp/opt/vyatta/etc/config/.vyatta_config ] || [ -f /mnt/tmp/.vyatta_config ]; then
       response=''
       while [ -z "$response" ]
       do
-        echo "/dev/$ldrive$part has an old configuration directory!"
+        echo "/dev/$lpart has an old configuration directory!"
         echo -ne "Would you like me to save the data on it\nbefore I delete it? (Yes/No) [Yes]: "
         response=$(get_response "Yes" "Yes No Y N")
         if [ "$response" == "yes" ] || [ "$response" == "y" ]; then
@@ -309,10 +313,27 @@ delete_partitions () {
             echo -e "Warning: error in copying the old config partition.\nSee $INSTALL_LOG for more details."
             echo -e "Warning: error in copying the old config partition.\ncp -pR /mnt/tmp/* /mnt/config\n$output\n" >> $INSTALL_LOG
           fi
+          rename_old_config
         fi
       done
     fi
     umount /mnt/tmp
+  fi
+}
+
+# Delete all existing partitions for an automated install
+# $1 is the drive to delete partitions from
+delete_partitions () {
+  ldrive=$1
+
+  # get the partitions on the drive
+  partitions=$(cat /proc/partitions | grep $ldrive[0-9] | awk '{ print $4 }' | sed 's/[a-z]//g')
+
+  # now for each part, blow it away
+  for part in $partitions
+  do
+    # Look to see if this is a config partition
+    check_config_partition "$ldrive$part"
 
     echo "Removing partition $part on /dev/$ldrive" >> $INSTALL_LOG
     output=$(parted /dev/$ldrive rm $part)
@@ -321,7 +342,7 @@ delete_partitions () {
       echo -e "Warning: cannot delete partition $part on $ldrive.\nPlease see $INSTALL_LOG for more details."
       echo -e "Warning: cannot delete partition $part on $ldrive.\nparted /dev/$ldrive rm $part\n$output" >> $INSTALL_LOG
     fi
-    
+
     # We add a bogus sleep here because the loop needs to wait for udev
     sleep 5
   done
@@ -335,7 +356,7 @@ make_filesystem () {
   echo -n "Creating filesystem on /dev/$ldrive:  "
   echo "Creating filesystem on /dev/$ldrive..." >> $INSTALL_LOG
 
-  progress_indicator "start"
+  progress_indicator start
   output=$(mke2fs -j /dev/$ldrive 2>&1)
   status=$?
   if [ "$status" != 0 ]; then
@@ -343,7 +364,7 @@ make_filesystem () {
     echo -e "Error: couldn't create the root filesystem.\n/sbin/mke2fs -j /dev/$lDRIVE\n$output"
     exit 1
   fi
-  progress_indicator "stop"
+  progress_indicator stop
   echo "OK"
 }
 
@@ -407,7 +428,7 @@ install_root_filesystem () {
   fi
   
   echo -n "Copying system image files to /dev/$ROOT_PARTITION: "
-  progress_indicator "start"
+  progress_indicator start
   # Mount the squashfs for copying
   output=$(mkdir -p /mnt/squashfs)
   output=$(mount /live/image/live/filesystem.squashfs /mnt/squashfs -t squashfs -o loop)
@@ -451,7 +472,7 @@ install_root_filesystem () {
   cp /etc/hostname $rootfsdir/etc/
   cp /etc/hosts $rootfsdir/etc/
 
-  progress_indicator "stop"
+  progress_indicator stop
   echo "OK"
 }
 
@@ -539,9 +560,9 @@ install_grub () {
   echo "Setting up grub..." >> $INSTALL_LOG
 
   # Install grub in the boot sector of the primary drive
-  progress_indicator "start"
+  progress_indicator start
   grub-install --no-floppy --root-directory=$rootfsdir /dev/$INSTALL_DRIVE >>$INSTALL_LOG 2>&1
-  progress_indicator "stop"
+  progress_indicator stop
 
   # TODO: This needs to be changed to map to the correct drive
   part=$(echo $ROOT_PARTITION | sed 's/[^0-9]//g')
@@ -645,13 +666,16 @@ setup_method_manual() {
     fi
   done
 
+  # check for an old config on the partition
+  check_config_partition "$ROOT_PARTITION"
+
   # create the ext3 fs on the part
   make_filesystem "$ROOT_PARTITION"
 
   # We need to set the INSTALL_DRIVE if it wasn't set when the user ran parted
   # We assume that we will use the boot sector of the same drive that the partition is on
   # TODO: Allow different drives to function as the boot device
-  if [ -z "INSTALL_DRIVE" ]; then
+  if [ -z "$INSTALL_DRIVE" ]; then
     INSTALL_DRIVE=$(echo $ROOT_PARTITION | sed 's/[0-9]//g')
   fi
 }
@@ -759,9 +783,15 @@ unmount () {
 
 progress_indicator () {
   case "$1" in
-    "start") $vyatta_bindir/progress-indicator $SPID &
+    start) $vyatta_bindir/progress-indicator $SPID &
              ;;
-     "stop") rm -f /tmp/pi.$SPID
+    *)
+	     if ! rm /tmp/pi.$SPID 2>/dev/null
+	     then
+		sleep 1
+		rm /tmp/pi.$SPID 2>/dev/null
+	     fi
+
              sleep 1
 	     echo -n -e "\b"
              ;;
@@ -801,9 +831,9 @@ done
 
 # some drives don't show up in /proc/partitions so we need to bootstrap them
 echo -n "Probing drives:  "
-progress_indicator "start"
+progress_indicator start
 probe_drives
-progress_indicator "stop"
+progress_indicator stop
 echo "OK"
 
 echo "The Vyatta image will require a minimum ${ROOT_MIN}MB root."
diff --git a/scripts/keepalived/VyattaKeepalived.pm b/scripts/keepalived/VyattaKeepalived.pm
index 70665638..2e68c3b7 100755
--- a/scripts/keepalived/VyattaKeepalived.pm
+++ b/scripts/keepalived/VyattaKeepalived.pm
@@ -2,18 +2,15 @@
 # Module: VyattaKeepalived.pm
 # 
 # **** License ****
-# Version: VPL 1.0
-# 
-# The contents of this file are subject to the Vyatta Public License
-# Version 1.0 ("License"); you may not use this file except in
-# compliance with the License. You may obtain a copy of the License at
-# http://www.vyatta.com/vpl
-# 
-# Software distributed under the License is distributed on an "AS IS"
-# basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
-# the License for the specific language governing rights and limitations
-# under the License.
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
 # 
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
 # This code was originally developed by Vyatta, Inc.
 # Portions created by Vyatta are Copyright (C) 2007 Vyatta, Inc.
 # All Rights Reserved.
diff --git a/scripts/keepalived/vyatta-keepalived.pl b/scripts/keepalived/vyatta-keepalived.pl
index e70732a7..fff1acf1 100755
--- a/scripts/keepalived/vyatta-keepalived.pl
+++ b/scripts/keepalived/vyatta-keepalived.pl
@@ -3,18 +3,15 @@
 # Module: vyatta-keepalived.pl
 # 
 # **** License ****
-# Version: VPL 1.0
-# 
-# The contents of this file are subject to the Vyatta Public License
-# Version 1.0 ("License"); you may not use this file except in
-# compliance with the License. You may obtain a copy of the License at
-# http://www.vyatta.com/vpl
-# 
-# Software distributed under the License is distributed on an "AS IS"
-# basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
-# the License for the specific language governing rights and limitations
-# under the License.
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
 # 
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
 # This code was originally developed by Vyatta, Inc.
 # Portions created by Vyatta are Copyright (C) 2007 Vyatta, Inc.
 # All Rights Reserved.
@@ -50,10 +47,15 @@ sub keepalived_get_values {
 	my $vrrp_instance = "vyatta-$intf-$group";
 	$config->setLevel("$path vrrp vrrp-group $group");
 	my @vips = $config->returnValues("virtual-address");
-	if (scalar(@vips) == 0) {
+	my $num_vips = scalar(@vips);
+	if ($num_vips == 0) {
 	    print "must define a virtual-address for vrrp-group $group\n";
 	    exit 1;
 	}
+	if ($num_vips > 20) {
+	    print "can not set more than 20 VIPs per group\n";
+	    exit 1;
+	}
 	my $priority = $config->returnValue("priority");
 	if (!defined $priority) {
 	    $priority = 1;
diff --git a/scripts/keepalived/vyatta-show-vrrp.pl b/scripts/keepalived/vyatta-show-vrrp.pl
index 93c1ecd2..eacba25c 100755
--- a/scripts/keepalived/vyatta-show-vrrp.pl
+++ b/scripts/keepalived/vyatta-show-vrrp.pl
@@ -3,18 +3,15 @@
 # Module: vyatta-show-vrrp.pl
 # 
 # **** License ****
-# Version: VPL 1.0
-# 
-# The contents of this file are subject to the Vyatta Public License
-# Version 1.0 ("License"); you may not use this file except in
-# compliance with the License. You may obtain a copy of the License at
-# http://www.vyatta.com/vpl
-# 
-# Software distributed under the License is distributed on an "AS IS"
-# basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
-# the License for the specific language governing rights and limitations
-# under the License.
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
 # 
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
 # This code was originally developed by Vyatta, Inc.
 # Portions created by Vyatta are Copyright (C) 2005, 2006, 2007 Vyatta, Inc.
 # All Rights Reserved.
diff --git a/scripts/keepalived/vyatta-vrrp-state.pl b/scripts/keepalived/vyatta-vrrp-state.pl
index 1f5ae6cb..8b813529 100755
--- a/scripts/keepalived/vyatta-vrrp-state.pl
+++ b/scripts/keepalived/vyatta-vrrp-state.pl
@@ -3,18 +3,15 @@
 # Module: vyatta-vrrp-state.pl
 # 
 # **** License ****
-# Version: VPL 1.0
-# 
-# The contents of this file are subject to the Vyatta Public License
-# Version 1.0 ("License"); you may not use this file except in
-# compliance with the License. You may obtain a copy of the License at
-# http://www.vyatta.com/vpl
-# 
-# Software distributed under the License is distributed on an "AS IS"
-# basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
-# the License for the specific language governing rights and limitations
-# under the License.
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
 # 
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
 # This code was originally developed by Vyatta, Inc.
 # Portions created by Vyatta are Copyright (C) 2007 Vyatta, Inc.
 # All Rights Reserved.
diff --git a/scripts/quick-install b/scripts/quick-install
index 41941e3f..347cafd2 100755
--- a/scripts/quick-install
+++ b/scripts/quick-install
@@ -3,18 +3,15 @@
 # Module: install-system
 # 
 # **** License ****
-# Version: VPL 1.0
-# 
-# The contents of this file are subject to the Vyatta Public License
-# Version 1.0 ("License"); you may not use this file except in
-# compliance with the License. You may obtain a copy of the License at
-# http://www.vyatta.com/vpl
-# 
-# Software distributed under the License is distributed on an "AS IS"
-# basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
-# the License for the specific language governing rights and limitations
-# under the License.
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
 # 
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
 # This code was originally developed by Vyatta, Inc.
 # Portions created by Vyatta are Copyright (C) 2006, 2007 Vyatta, Inc.
 # All Rights Reserved.
diff --git a/scripts/rl-system.init b/scripts/rl-system.init
index a08095a1..1425e907 100755
--- a/scripts/rl-system.init
+++ b/scripts/rl-system.init
@@ -1,16 +1,13 @@
 #!/bin/bash
 # **** License ****
-# Version: VPL 1.0
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
 #
-# The contents of this file are subject to the Vyatta Public License
-# Version 1.0 ("License"); you may not use this file except in
-# compliance with the License. You may obtain a copy of the License at
-# http://www.vyatta.com/vpl
-#
-# Software distributed under the License is distributed on an "AS IS"
-# basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
-# the License for the specific language governing rights and limitations
-# under the License.
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
 #
 # This code was originally developed by Vyatta, Inc.
 # Portions created by Vyatta are Copyright (C) 2007 Vyatta, Inc.
@@ -93,7 +90,7 @@ proc_flags ()
     echo 1 > /proc/sys/net/ipv4/conf/all/promote_secondaries
 
     # set maximum rmem_max to accomodate netlink buffers
-    echo 223232 > /proc/sys/net/core/rmem_max
+    echo 1048576 > /proc/sys/net/core/rmem_max
 }
 
 ## Update the version information
diff --git a/scripts/snmp/vyatta-snmp.pl b/scripts/snmp/vyatta-snmp.pl
index 42988fef..0301a041 100644
--- a/scripts/snmp/vyatta-snmp.pl
+++ b/scripts/snmp/vyatta-snmp.pl
@@ -3,18 +3,15 @@
 # Module: vyatta-snmp.pl
 # 
 # **** License ****
-# Version: VPL 1.0
-# 
-# The contents of this file are subject to the Vyatta Public License
-# Version 1.0 ("License"); you may not use this file except in
-# compliance with the License. You may obtain a copy of the License at
-# http://www.vyatta.com/vpl
-# 
-# Software distributed under the License is distributed on an "AS IS"
-# basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
-# the License for the specific language governing rights and limitations
-# under the License.
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
 # 
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
 # This code was originally developed by Vyatta, Inc.
 # Portions created by Vyatta are Copyright (C) 2007 Vyatta, Inc.
 # All Rights Reserved.
@@ -64,10 +61,8 @@ sub snmp_get_constants {
     my $date = `date`;
     chomp $date;
     $output  = "#\n# autogenerated by vyatta-snmp.pl on $date\n#\n";
-    $output .= "dlmod bgp4_mib_1657 $mibdir/libbgp4_mib_1657.so\n";
-    $output .= "dlmod ospf_mib_1850 $mibdir/libospf_mib_1850.so\n";
     $output .= "trap2sink localhost vyatta 51510\n";
-
+    $output .= "sysServices 14\n";
     return $output;
 }
 
@@ -79,12 +74,37 @@ sub snmp_get_values {
     my @communities = $config->listNodes();
     
     foreach my $community (@communities) {
-	my $authorization = $config->returnValue("$community authorization");
-	if (defined $authorization and $authorization eq "rw") {
-	    $output .= "rwcommunity $community\n";
-	} else {
-	    $output .= "rocommunity $community\n";
-	}
+        my $authorization = $config->returnValue("$community authorization");
+        my @clients = $config->returnValues("$community client");
+        my @networks = $config->returnValues("$community network");
+
+        if (scalar(@clients) == 0 and scalar(@networks) == 0){
+           if (defined $authorization and $authorization eq "rw") {
+               $output .= "rwcommunity $community\n";
+           } else {
+                  $output .= "rocommunity $community\n";
+           }
+        } else {
+                if (scalar(@clients) != 0){
+                   foreach my $client (@clients){
+                        if (defined $authorization and $authorization eq "rw") {
+                            $output .= "rwcommunity $community $client\n";
+                        } else {
+                                $output .= "rocommunity $community $client\n";
+                        }
+                   }
+                }
+                if (scalar(@networks) != 0){
+                   foreach my $network (@networks){
+                        if (defined $authorization and $authorization eq "rw") {
+                            $output .= "rwcommunity $community $network\n";
+                        } else {
+                                $output .= "rocommunity $community $network\n";
+                        }
+
+                   }
+                }
+        }
     }
 
     $config->setLevel("protocols snmp");
diff --git a/scripts/standalone_root_pw_reset b/scripts/standalone_root_pw_reset
index 2d2a3d25..0dc65fd2 100755
--- a/scripts/standalone_root_pw_reset
+++ b/scripts/standalone_root_pw_reset
@@ -1,16 +1,13 @@
 #!/bin/bash
 # **** License ****
-# Version: VPL 1.0
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
 #
-# The contents of this file are subject to the Vyatta Public License
-# Version 1.0 ("License"); you may not use this file except in
-# compliance with the License. You may obtain a copy of the License at
-# http://www.vyatta.com/vpl
-#
-# Software distributed under the License is distributed on an "AS IS"
-# basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
-# the License for the specific language governing rights and limitations
-# under the License.
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
 #
 # This code was originally developed by Vyatta, Inc.
 # Portions created by Vyatta are Copyright (C) 2007 Vyatta, Inc.
diff --git a/scripts/system/vyatta_update_login.pl b/scripts/system/vyatta_update_login.pl
new file mode 100755
index 00000000..985ef7b4
--- /dev/null
+++ b/scripts/system/vyatta_update_login.pl
@@ -0,0 +1,132 @@
+#!/usr/bin/perl
+
+use strict;
+use lib "/opt/vyatta/share/perl5";
+use VyattaConfig;
+
+# handle "user"
+my $uconfig = new VyattaConfig;
+$uconfig->setLevel("system login user");
+my %users = $uconfig->listNodeStatus();
+my @user_keys = sort keys %users;
+if ((scalar(@user_keys) <= 0) || !(grep /^root$/, @user_keys)
+    || ($users{'root'} eq 'deleted')) {
+  # root is deleted
+  print STDERR "User \"root\" cannot be deleted\n";
+  exit 1;
+}
+
+# we have some users
+for my $user (@user_keys) {
+  if ($users{$user} eq 'deleted') {
+    system("sudo /opt/vyatta/sbin/vyatta_update_login_user.pl -d '$user'");
+    exit 1 if ($? >> 8);
+  } elsif ($users{$user} eq 'added' || $users{$user} eq 'changed') {
+    my $fname = $uconfig->returnValue("$user full-name");
+    my $level = $uconfig->returnValue("$user level");
+    my $p = $uconfig->returnValue("$user authentication encrypted-password");
+    system("sudo /opt/vyatta/sbin/vyatta_update_login_user.pl '$user' "
+           . "'$fname' '$p' '$level'");
+    exit 1 if ($? >> 8);
+  } else {
+    # not changed. do nothing.
+  }
+}
+
+my $PAM_RAD_CFG = '/etc/pam_radius_auth.conf';
+my $PAM_RAD_BEGIN = '# BEGIN Vyatta Radius servers';
+my $PAM_RAD_END = '# END Vyatta Radius servers';
+
+sub is_pam_radius_present {
+  if (!open(AUTH, '/etc/pam.d/common-auth')) {
+    print STDERR "Cannot open /etc/pam.d/common-auth\n";
+    exit 1;
+  }
+  my $present = 0;
+  while (<AUTH>) {
+    if (/\ssufficient\spam_radius_auth\.so$/) {
+      $present = 1;
+      last;
+    }
+  }
+  close AUTH;
+  return $present;
+}
+
+sub remove_pam_radius {
+  return 1 if (!is_pam_radius_present());
+  my $cmd = 'sudo sh -c "'
+            . 'sed -i \'/\tsufficient\tpam_radius_auth\.so$/d;'
+            . '/\tpam_unix\.so /{s/ use_first_pass$//}\' '
+            . '/etc/pam.d/common-auth && '
+            . 'sed -i \'/\tsufficient\tpam_radius_auth\.so$/d\' '
+            . '/etc/pam.d/common-account"';
+  system($cmd);
+  return 0 if ($? >> 8);
+  return 1;
+}
+
+sub add_pam_radius {
+  return 1 if (is_pam_radius_present());
+  my $cmd = 'sudo sh -c "'
+            . 'sed -i \'s/^\(auth\trequired\tpam_unix\.so.*\)$'
+            . '/auth\tsufficient\tpam_radius_auth.so\n\1 use_first_pass/\' '
+            . '/etc/pam.d/common-auth && '
+            . 'sed -i \'s/^\(account\trequired\tpam_unix\.so.*\)$'
+            . '/account\tsufficient\tpam_radius_auth.so\n\1/\' '
+            . '/etc/pam.d/common-account"';
+  system($cmd);
+  return 0 if ($? >> 8);
+  return 1;
+}
+
+sub remove_radius_servers {
+  system("sudo sed -i '/^$PAM_RAD_BEGIN\$/,/^$PAM_RAD_END\$/{d}' "
+         . "$PAM_RAD_CFG");
+  return 0 if ($? >> 8);
+  return 1;
+}
+
+sub add_radius_servers {
+  my $str = shift;
+  system("sudo sh -c \""
+         . "echo '$PAM_RAD_BEGIN\n$str$PAM_RAD_END\n' >> $PAM_RAD_CFG\"");
+  return 0 if ($? >> 8);
+  return 1;
+}
+
+# handle "radius-server"
+my $rconfig = new VyattaConfig;
+$rconfig->setLevel("system login radius-server");
+my %servers = $rconfig->listNodeStatus();
+my @server_keys = sort keys %servers;
+if (scalar(@server_keys) <= 0) {
+  # all radius servers deleted
+  exit 1 if (!remove_pam_radius());
+  exit 0;
+}
+
+# we have some servers
+my $all_deleted = 1;
+my $server_str = '';
+remove_radius_servers();
+for my $server (@server_keys) {
+  if ($servers{$server} ne 'deleted') {
+    $all_deleted = 0;
+    my $port = $rconfig->returnValue("$server port");
+    my $secret = $rconfig->returnValue("$server secret");
+    my $timeout = $rconfig->returnValue("$server timeout");
+    $server_str .= "$server:$port\t$secret\t$timeout\n";
+  }
+}
+
+if ($all_deleted) {
+  # all radius servers deleted
+  exit 1 if (!remove_pam_radius());
+} else {
+  exit 1 if (!add_radius_servers($server_str));
+  exit 1 if (!add_pam_radius());
+}
+
+exit 0;
+
diff --git a/scripts/system/vyatta_update_resolv.pl b/scripts/system/vyatta_update_resolv.pl
index a8d05cfd..a725a16e 100755
--- a/scripts/system/vyatta_update_resolv.pl
+++ b/scripts/system/vyatta_update_resolv.pl
@@ -3,17 +3,14 @@
 # Module: vyatta_update_resolv.pl
 #
 # **** License ****
-# Version: VPL 1.0
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
 #
-# The contents of this file are subject to the Vyatta Public License
-# Version 1.0 ("License"); you may not use this file except in
-# compliance with the License. You may obtain a copy of the License at
-# http://www.vyatta.com/vpl
-#
-# Software distributed under the License is distributed on an "AS IS"
-# basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
-# the License for the specific language governing rights and limitations
-# under the License.
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
 #
 # This code was originally developed by Vyatta, Inc.
 # Portions created by Vyatta are Copyright (C) 2007 Vyatta, Inc.
diff --git a/scripts/vyatta-functions b/scripts/vyatta-functions
index d35b81d1..f3263f13 100755
--- a/scripts/vyatta-functions
+++ b/scripts/vyatta-functions
@@ -3,18 +3,15 @@
 # Module: vyatta-functions
 # 
 # **** License ****
-# Version: VPL 1.0
-# 
-# The contents of this file are subject to the Vyatta Public License
-# Version 1.0 ("License"); you may not use this file except in
-# compliance with the License. You may obtain a copy of the License at
-# http://www.vyatta.com/vpl
-# 
-# Software distributed under the License is distributed on an "AS IS"
-# basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
-# the License for the specific language governing rights and limitations
-# under the License.
-# 
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
+# 
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
 # This code was originally developed by Vyatta, Inc.
 # Portions created by Vyatta are Copyright (C) 2006, 2007 Vyatta, Inc.
 # All Rights Reserved.
diff --git a/scripts/vyatta_net_name b/scripts/vyatta_net_name
index 8017906f..0a96ebb8 100755
--- a/scripts/vyatta_net_name
+++ b/scripts/vyatta_net_name
@@ -1,16 +1,13 @@
 #!/bin/bash
 # **** License ****
-# Version: VPL 1.0
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
 #
-# The contents of this file are subject to the Vyatta Public License
-# Version 1.0 ("License"); you may not use this file except in
-# compliance with the License. You may obtain a copy of the License at
-# http://www.vyatta.com/vpl
-#
-# Software distributed under the License is distributed on an "AS IS"
-# basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
-# the License for the specific language governing rights and limitations
-# under the License.
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
 #
 # This code was originally developed by Vyatta, Inc.
 # Portions created by Vyatta are Copyright (C) 2007 Vyatta, Inc.
diff --git a/sysconf/LICENSE b/sysconf/LICENSE
new file mode 100644
index 00000000..3912109b
--- /dev/null
+++ b/sysconf/LICENSE
@@ -0,0 +1,340 @@
+		    GNU GENERAL PUBLIC LICENSE
+		       Version 2, June 1991
+
+ Copyright (C) 1989, 1991 Free Software Foundation, Inc.
+                       51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+			    Preamble
+
+  The licenses for most software are designed to take away your
+freedom to share and change it.  By contrast, the GNU General Public
+License is intended to guarantee your freedom to share and change free
+software--to make sure the software is free for all its users.  This
+General Public License applies to most of the Free Software
+Foundation's software and to any other program whose authors commit to
+using it.  (Some other Free Software Foundation software is covered by
+the GNU Library General Public License instead.)  You can apply it to
+your programs, too.
+
+  When we speak of free software, we are referring to freedom, not
+price.  Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+this service if you wish), that you receive source code or can get it
+if you want it, that you can change the software or use pieces of it
+in new free programs; and that you know you can do these things.
+
+  To protect your rights, we need to make restrictions that forbid
+anyone to deny you these rights or to ask you to surrender the rights.
+These restrictions translate to certain responsibilities for you if you
+distribute copies of the software, or if you modify it.
+
+  For example, if you distribute copies of such a program, whether
+gratis or for a fee, you must give the recipients all the rights that
+you have.  You must make sure that they, too, receive or can get the
+source code.  And you must show them these terms so they know their
+rights.
+
+  We protect your rights with two steps: (1) copyright the software, and
+(2) offer you this license which gives you legal permission to copy,
+distribute and/or modify the software.
+
+  Also, for each author's protection and ours, we want to make certain
+that everyone understands that there is no warranty for this free
+software.  If the software is modified by someone else and passed on, we
+want its recipients to know that what they have is not the original, so
+that any problems introduced by others will not reflect on the original
+authors' reputations.
+
+  Finally, any free program is threatened constantly by software
+patents.  We wish to avoid the danger that redistributors of a free
+program will individually obtain patent licenses, in effect making the
+program proprietary.  To prevent this, we have made it clear that any
+patent must be licensed for everyone's free use or not licensed at all.
+
+  The precise terms and conditions for copying, distribution and
+modification follow.
+
+		    GNU GENERAL PUBLIC LICENSE
+   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+  0. This License applies to any program or other work which contains
+a notice placed by the copyright holder saying it may be distributed
+under the terms of this General Public License.  The "Program", below,
+refers to any such program or work, and a "work based on the Program"
+means either the Program or any derivative work under copyright law:
+that is to say, a work containing the Program or a portion of it,
+either verbatim or with modifications and/or translated into another
+language.  (Hereinafter, translation is included without limitation in
+the term "modification".)  Each licensee is addressed as "you".
+
+Activities other than copying, distribution and modification are not
+covered by this License; they are outside its scope.  The act of
+running the Program is not restricted, and the output from the Program
+is covered only if its contents constitute a work based on the
+Program (independent of having been made by running the Program).
+Whether that is true depends on what the Program does.
+
+  1. You may copy and distribute verbatim copies of the Program's
+source code as you receive it, in any medium, provided that you
+conspicuously and appropriately publish on each copy an appropriate
+copyright notice and disclaimer of warranty; keep intact all the
+notices that refer to this License and to the absence of any warranty;
+and give any other recipients of the Program a copy of this License
+along with the Program.
+
+You may charge a fee for the physical act of transferring a copy, and
+you may at your option offer warranty protection in exchange for a fee.
+
+  2. You may modify your copy or copies of the Program or any portion
+of it, thus forming a work based on the Program, and copy and
+distribute such modifications or work under the terms of Section 1
+above, provided that you also meet all of these conditions:
+
+    a) You must cause the modified files to carry prominent notices
+    stating that you changed the files and the date of any change.
+
+    b) You must cause any work that you distribute or publish, that in
+    whole or in part contains or is derived from the Program or any
+    part thereof, to be licensed as a whole at no charge to all third
+    parties under the terms of this License.
+
+    c) If the modified program normally reads commands interactively
+    when run, you must cause it, when started running for such
+    interactive use in the most ordinary way, to print or display an
+    announcement including an appropriate copyright notice and a
+    notice that there is no warranty (or else, saying that you provide
+    a warranty) and that users may redistribute the program under
+    these conditions, and telling the user how to view a copy of this
+    License.  (Exception: if the Program itself is interactive but
+    does not normally print such an announcement, your work based on
+    the Program is not required to print an announcement.)
+
+These requirements apply to the modified work as a whole.  If
+identifiable sections of that work are not derived from the Program,
+and can be reasonably considered independent and separate works in
+themselves, then this License, and its terms, do not apply to those
+sections when you distribute them as separate works.  But when you
+distribute the same sections as part of a whole which is a work based
+on the Program, the distribution of the whole must be on the terms of
+this License, whose permissions for other licensees extend to the
+entire whole, and thus to each and every part regardless of who wrote it.
+
+Thus, it is not the intent of this section to claim rights or contest
+your rights to work written entirely by you; rather, the intent is to
+exercise the right to control the distribution of derivative or
+collective works based on the Program.
+
+In addition, mere aggregation of another work not based on the Program
+with the Program (or with a work based on the Program) on a volume of
+a storage or distribution medium does not bring the other work under
+the scope of this License.
+
+  3. You may copy and distribute the Program (or a work based on it,
+under Section 2) in object code or executable form under the terms of
+Sections 1 and 2 above provided that you also do one of the following:
+
+    a) Accompany it with the complete corresponding machine-readable
+    source code, which must be distributed under the terms of Sections
+    1 and 2 above on a medium customarily used for software interchange; or,
+
+    b) Accompany it with a written offer, valid for at least three
+    years, to give any third party, for a charge no more than your
+    cost of physically performing source distribution, a complete
+    machine-readable copy of the corresponding source code, to be
+    distributed under the terms of Sections 1 and 2 above on a medium
+    customarily used for software interchange; or,
+
+    c) Accompany it with the information you received as to the offer
+    to distribute corresponding source code.  (This alternative is
+    allowed only for noncommercial distribution and only if you
+    received the program in object code or executable form with such
+    an offer, in accord with Subsection b above.)
+
+The source code for a work means the preferred form of the work for
+making modifications to it.  For an executable work, complete source
+code means all the source code for all modules it contains, plus any
+associated interface definition files, plus the scripts used to
+control compilation and installation of the executable.  However, as a
+special exception, the source code distributed need not include
+anything that is normally distributed (in either source or binary
+form) with the major components (compiler, kernel, and so on) of the
+operating system on which the executable runs, unless that component
+itself accompanies the executable.
+
+If distribution of executable or object code is made by offering
+access to copy from a designated place, then offering equivalent
+access to copy the source code from the same place counts as
+distribution of the source code, even though third parties are not
+compelled to copy the source along with the object code.
+
+  4. You may not copy, modify, sublicense, or distribute the Program
+except as expressly provided under this License.  Any attempt
+otherwise to copy, modify, sublicense or distribute the Program is
+void, and will automatically terminate your rights under this License.
+However, parties who have received copies, or rights, from you under
+this License will not have their licenses terminated so long as such
+parties remain in full compliance.
+
+  5. You are not required to accept this License, since you have not
+signed it.  However, nothing else grants you permission to modify or
+distribute the Program or its derivative works.  These actions are
+prohibited by law if you do not accept this License.  Therefore, by
+modifying or distributing the Program (or any work based on the
+Program), you indicate your acceptance of this License to do so, and
+all its terms and conditions for copying, distributing or modifying
+the Program or works based on it.
+
+  6. Each time you redistribute the Program (or any work based on the
+Program), the recipient automatically receives a license from the
+original licensor to copy, distribute or modify the Program subject to
+these terms and conditions.  You may not impose any further
+restrictions on the recipients' exercise of the rights granted herein.
+You are not responsible for enforcing compliance by third parties to
+this License.
+
+  7. If, as a consequence of a court judgment or allegation of patent
+infringement or for any other reason (not limited to patent issues),
+conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License.  If you cannot
+distribute so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you
+may not distribute the Program at all.  For example, if a patent
+license would not permit royalty-free redistribution of the Program by
+all those who receive copies directly or indirectly through you, then
+the only way you could satisfy both it and this License would be to
+refrain entirely from distribution of the Program.
+
+If any portion of this section is held invalid or unenforceable under
+any particular circumstance, the balance of the section is intended to
+apply and the section as a whole is intended to apply in other
+circumstances.
+
+It is not the purpose of this section to induce you to infringe any
+patents or other property right claims or to contest validity of any
+such claims; this section has the sole purpose of protecting the
+integrity of the free software distribution system, which is
+implemented by public license practices.  Many people have made
+generous contributions to the wide range of software distributed
+through that system in reliance on consistent application of that
+system; it is up to the author/donor to decide if he or she is willing
+to distribute software through any other system and a licensee cannot
+impose that choice.
+
+This section is intended to make thoroughly clear what is believed to
+be a consequence of the rest of this License.
+
+  8. If the distribution and/or use of the Program is restricted in
+certain countries either by patents or by copyrighted interfaces, the
+original copyright holder who places the Program under this License
+may add an explicit geographical distribution limitation excluding
+those countries, so that distribution is permitted only in or among
+countries not thus excluded.  In such case, this License incorporates
+the limitation as if written in the body of this License.
+
+  9. The Free Software Foundation may publish revised and/or new versions
+of the General Public License from time to time.  Such new versions will
+be similar in spirit to the present version, but may differ in detail to
+address new problems or concerns.
+
+Each version is given a distinguishing version number.  If the Program
+specifies a version number of this License which applies to it and "any
+later version", you have the option of following the terms and conditions
+either of that version or of any later version published by the Free
+Software Foundation.  If the Program does not specify a version number of
+this License, you may choose any version ever published by the Free Software
+Foundation.
+
+  10. If you wish to incorporate parts of the Program into other free
+programs whose distribution conditions are different, write to the author
+to ask for permission.  For software which is copyrighted by the Free
+Software Foundation, write to the Free Software Foundation; we sometimes
+make exceptions for this.  Our decision will be guided by the two goals
+of preserving the free status of all derivatives of our free software and
+of promoting the sharing and reuse of software generally.
+
+			    NO WARRANTY
+
+  11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
+FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.  EXCEPT WHEN
+OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
+PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
+OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.  THE ENTIRE RISK AS
+TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU.  SHOULD THE
+PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
+REPAIR OR CORRECTION.
+
+  12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
+REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
+INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
+OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
+TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
+YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
+PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
+POSSIBILITY OF SUCH DAMAGES.
+
+		     END OF TERMS AND CONDITIONS
+
+	    How to Apply These Terms to Your New Programs
+
+  If you develop a new program, and you want it to be of the greatest
+possible use to the public, the best way to achieve this is to make it
+free software which everyone can redistribute and change under these terms.
+
+  To do so, attach the following notices to the program.  It is safest
+to attach them to the start of each source file to most effectively
+convey the exclusion of warranty; and each file should have at least
+the "copyright" line and a pointer to where the full notice is found.
+
+    <one line to give the program's name and a brief idea of what it does.>
+    Copyright (C) <year>  <name of author>
+
+    This program is free software; you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation; either version 2 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program; if not, write to the Free Software
+    Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+
+
+Also add information on how to contact you by electronic and paper mail.
+
+If the program is interactive, make it output a short notice like this
+when it starts in an interactive mode:
+
+    Gnomovision version 69, Copyright (C) year name of author
+    Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
+    This is free software, and you are welcome to redistribute it
+    under certain conditions; type `show c' for details.
+
+The hypothetical commands `show w' and `show c' should show the appropriate
+parts of the General Public License.  Of course, the commands you use may
+be called something other than `show w' and `show c'; they could even be
+mouse-clicks or menu items--whatever suits your program.
+
+You should also get your employer (if you work as a programmer) or your
+school, if any, to sign a "copyright disclaimer" for the program, if
+necessary.  Here is a sample; alter the names:
+
+  Yoyodyne, Inc., hereby disclaims all copyright interest in the program
+  `Gnomovision' (which makes passes at compilers) written by James Hacker.
+
+  <signature of Ty Coon>, 1 April 1989
+  Ty Coon, President of Vice
+
+This General Public License does not permit incorporating your program into
+proprietary programs.  If your program is a subroutine library, you may
+consider it more useful to permit linking proprietary applications with the
+library.  If this is what you want to do, use the GNU Library General
+Public License instead of this License.
diff --git a/sysconf/config.boot.default b/sysconf/config.boot.default
index b0eda7ad..fdde1c74 100644
--- a/sysconf/config.boot.default
+++ b/sysconf/config.boot.default
@@ -14,9 +14,9 @@ system {
     }
     package {
         repository community {
-	    distribution: "community"
+	    distribution: "stable"
             components: "main"
-            url: "http://archive.vyatta.com/vyatta"
+            url: "http://packages.vyatta.com/vyatta"
         }
     }
 }
diff --git a/sysconf/version b/sysconf/version
deleted file mode 100644
index e2e38235..00000000
--- a/sysconf/version
+++ /dev/null
@@ -1 +0,0 @@
-Version :    vc4.0.0
diff --git a/templates/interfaces/bridge/node.def b/templates/interfaces/bridge/node.def
index ff643980..6af845f3 100644
--- a/templates/interfaces/bridge/node.def
+++ b/templates/interfaces/bridge/node.def
@@ -1,7 +1,16 @@
 tag:
 type: txt
 help: Configure a bridge interface
+
 syntax:expression: $VAR(@) in "br0", "br1", "br2", "br3", "br4", "br5", "br6", "br7", "br8", "br9" ; "Must be (br0 - br9)"
-create:expression: "sudo brctl addbr $VAR(@)"
-delete:expression: "sudo brctl delbr $VAR(@)"
+
+create: sudo brctl addbr $VAR(@)
+
+delete: if [ -n "`/usr/sbin/brctl show | grep $VAR(@) | grep eth`" ]; then
+	   echo "Interfaces are still assigned to bridge $VAR(@)";
+           exit 1;           
+        fi;
+        sudo ip link set $VAR(@) down;
+        sudo brctl delbr $VAR(@);
+
 comp_help: "Enter bridge interface name (br0 - br9)"
diff --git a/templates/interfaces/bridge/node.tag/address/node.def b/templates/interfaces/bridge/node.tag/address/node.def
index 410c072b..23b1262f 100644
--- a/templates/interfaces/bridge/node.tag/address/node.def
+++ b/templates/interfaces/bridge/node.tag/address/node.def
@@ -4,6 +4,7 @@ help: Configure an IP address for this interface
 syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr $VAR(@) --dev $VAR(../@)"; "Invalid IP address/prefix [$VAR(@)] for interface $VAR(../@)"
 update:expression: "sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-update $VAR(@) --dev $VAR(../@)"; "Error setting address $VAR(@) on interface $VAR(../@)"
 delete:expression: "sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-delete $VAR(@) --dev $VAR(../@)"; "Error deleting address $VAR(@) on interface $VAR(../@)"
+allowed: echo "dhcp <>"
 comp_help:Possible completions:
   <IP address>/<prefix length>\tSet the IP address and prefix length
   dhcp\t\t\t\tSet the IP address and prefix length via DHCP
diff --git a/templates/interfaces/ethernet/node.tag/bridge-group/node.def b/templates/interfaces/ethernet/node.tag/bridge-group/node.def
index 3cc92cd0..0f4e9b2c 100644
--- a/templates/interfaces/ethernet/node.tag/bridge-group/node.def
+++ b/templates/interfaces/ethernet/node.tag/bridge-group/node.def
@@ -1,15 +1,20 @@
 help: Add this interface to a bridge group
-commit:expression: $VAR(./bridge/) != ""; "Must set the bridge interface"
-create:expression: "sudo brctl addif $VAR(./bridge/@) $VAR(../@)"
-delete:expression: "touch /tmp/eth-$VAR(../@)-bridge.$PPID"
-end:expression: "\
-  if [ -f \"/tmp/eth-$VAR(../@)-bridge.$PPID\" ]; then                         \
-     rm -f /tmp/eth-$VAR(../@)-bridge.$PPID;                                   \
-  else                                                                         \
-     if [ -n \"$VAR(./cost/@)\" ]; then                                        \
-        sudo brctl setpathcost $VAR(./bridge/@) $VAR(../@) $VAR(./cost/@);     \
-     fi;                                                                       \
-     if [ -n \"$VAR(./priority/@)\" ]; then                                    \
-	sudo brctl setportprio $VAR(./bridge/@) $VAR(../@) $VAR(./priority/@); \
-     fi;                                                                       \
-  fi; "
+
+create: sudo brctl addif $VAR(./bridge/@) $VAR(../@);
+
+delete: touch /tmp/eth-$VAR(../@)-bridge.$PPID;
+
+end: if [ -f "/tmp/eth-$VAR(../@)-bridge.$PPID" ]; then
+        rm -f /tmp/eth-$VAR(../@)-bridge.$PPID;
+     else
+       if [ -z "$VAR(./bridge/@)" ]; then
+          echo "Must set the bridge interface";
+          exit 1;
+       fi;
+       if [ -n "$VAR(./cost/@)" ]; then
+          sudo brctl setpathcost $VAR(./bridge/@) $VAR(../@) $VAR(./cost/@);
+       fi;
+       if [ -n "$VAR(./priority/@)" ]; then 
+	  sudo brctl setportprio $VAR(./bridge/@) $VAR(../@) $VAR(./priority/@);
+       fi;
+     fi; 
diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def
index 516d6add..c40c5f47 100644
--- a/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def
+++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def
@@ -1,3 +1,10 @@
 multi:
 type: ipv4
 help: Configure virtual address
+
+create: sudo /opt/vyatta/sbin/vyatta-watchlink-exclude.pl --id=vrrp --action=add --intf="$VAR(../../../../@).$VAR(../../../@)" --ipadd=$VAR(@) --signal
+
+delete: sudo /opt/vyatta/sbin/vyatta-watchlink-exclude.pl --id=vrrp --action=remove --intf="$VAR(../../../../@).$VAR(../../../@)" --ipadd=$VAR(@) --signal
+
+comp_help: possible completions:
+ <x.x.x.x>          Virtual IP address (up to 20 per group)
diff --git a/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def
index 516d6add..af8b4624 100644
--- a/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def
+++ b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def
@@ -1,3 +1,10 @@
 multi:
 type: ipv4
 help: Configure virtual address
+
+create: sudo /opt/vyatta/sbin/vyatta-watchlink-exclude.pl --id=vrrp --action=add --intf=$VAR(../../../@) --ipadd=$VAR(@) --signal
+
+delete: sudo /opt/vyatta/sbin/vyatta-watchlink-exclude.pl --id=vrrp --action=remove --intf=$VAR(../../../@) --ipadd=$VAR(@) --signal
+
+comp_help: possible completions:
+ <x.x.x.x>          Virtual IP address (up to 20 per group)
diff --git a/templates/interfaces/tunnel/node.def b/templates/interfaces/tunnel/node.def
index 73c8e572..9ebb581c 100644
--- a/templates/interfaces/tunnel/node.def
+++ b/templates/interfaces/tunnel/node.def
@@ -2,10 +2,23 @@ tag:
 type: txt
 help: Configure a tunnel interface
 syntax:expression: $VAR(@) in "tun0", "tun1", "tun2", "tun3", "tun4", "tun5", "tun6", "tun7", "tun8", "tun9" ; "Must be (tun0 - tun9)"
-commit:expression: $VAR(./local-ip/) != "" ; "Must configure the tunnel local-ip"
-commit:expression: $VAR(./remote-ip/) != "" ; "Must configure the tunnel remote-ip"
-commit:expression: $VAR(./encapsulation/) != "" ; "Must configure the tunnel encapsulation"
-create:expression: "sudo ip tunnel add $VAR(@) local $VAR(./local-ip/@) remote $VAR(./remote-ip/@) mode $VAR(./encapsulation/@)"
-create:expression: "sudo ip link set $VAR(@) up"
-delete:expression: "sudo ip tunnel del $VAR(@)"
+
+commit:expression: $VAR(./local-ip/) != "" ;                    \
+                   "Must configure the tunnel local-ip for $VAR(@)"
+commit:expression: $VAR(./remote-ip/) != "" ;                   \
+                   "Must configure the tunnel remote-ip for $VAR(@)"
+commit:expression: $VAR(./encapsulation/) != "" ;               \
+                   "Must configure the tunnel encapsulation for $VAR(@)"
+
+create:expression: "\
+       if [ -n \"$VAR(./key/@)\" ]; then                        \
+          KEY=\"key $VAR(./key/@)\";                            \
+       fi;                                                      \
+       sudo ip tunnel add $VAR(@)                               \
+            local $VAR(./local-ip/@) remote $VAR(./remote-ip/@) \
+            mode $VAR(./encapsulation/@) $KEY;                  \
+       sudo ip link set $VAR(@) up;" ; "Error creating $VAR(@)"
+
+delete:expression: "sudo ip tunnel del $VAR(@)" ; "Error deleting $VAR(@)"
+
 comp_help: "Enter tunnel interface name (tun0 - tun9)"
diff --git a/templates/interfaces/tunnel/node.tag/address/node.def b/templates/interfaces/tunnel/node.tag/address/node.def
index fe58ae05..4d91c9ba 100644
--- a/templates/interfaces/tunnel/node.tag/address/node.def
+++ b/templates/interfaces/tunnel/node.tag/address/node.def
@@ -1,8 +1,12 @@
 multi:
 type: txt
 help: Configure an IP address for this interface
+
 syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr $VAR(@) --dev $VAR(../@)"; "Invalid IP address/prefix [$VAR(@)] for interface $VAR(../@)"
+
 update:expression: "sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-update $VAR(@) --dev $VAR(../@)"; "Error setting address $VAR(@) on interface $VAR(../@)"
+
 delete:expression: "sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-delete $VAR(@) --dev $VAR(../@)"; "Error deleting address $VAR(@) on interface $VAR(../@)"
+
 comp_help:Possible completions:
-  <IP address>/<prefix length>\tSet the IP address and prefix length
+  <IP address>/<prefix length>      Set the IP address and prefix length
diff --git a/templates/interfaces/tunnel/node.tag/disable/node.def b/templates/interfaces/tunnel/node.tag/disable/node.def
index 9c795c61..cd3c019a 100644
--- a/templates/interfaces/tunnel/node.tag/disable/node.def
+++ b/templates/interfaces/tunnel/node.tag/disable/node.def
@@ -1,3 +1,6 @@
 help: Disable interface
-update:expression: "sudo ip link set $VAR(../@) down"; "Error disabling dev $VAR(../@)"
-delete:expression: "sudo ip link set $VAR(../@) up"; "Error enabling dev $VAR(../@)"
+update:expression: "sudo ip link set $VAR(../@) down"; \
+                   "Error disabling dev $VAR(../@)"
+
+delete:expression: "sudo ip link set $VAR(../@) up"; \
+                   "Error enabling dev $VAR(../@)"
diff --git a/templates/interfaces/tunnel/node.tag/encapsulation/node.def b/templates/interfaces/tunnel/node.tag/encapsulation/node.def
index 98745b2d..02d579a9 100644
--- a/templates/interfaces/tunnel/node.tag/encapsulation/node.def
+++ b/templates/interfaces/tunnel/node.tag/encapsulation/node.def
@@ -1,7 +1,12 @@
 type: txt
 help: Set the encapsulation of this tunnel interface
+
 syntax:expression: $VAR(@) in "ipip", "gre", "sit"; "Must be (ipip, gre, sit)"
-update:expression: "sudo ip tunnel change $VAR(../@) mode $VAR(@)"
+
+create:expression: "true"
+update:expression: "false" ; \
+               "Encapsulation can only be set at tunnel creation for $VAR(../@)"
+
 comp_help: "possible completions:
  gre                 Set Generic Routing Encapsulation
  ipip                Set IP in IP encapsulation
diff --git a/templates/interfaces/tunnel/node.tag/key/node.def b/templates/interfaces/tunnel/node.tag/key/node.def
index 1c524984..ae244529 100644
--- a/templates/interfaces/tunnel/node.tag/key/node.def
+++ b/templates/interfaces/tunnel/node.tag/key/node.def
@@ -1,6 +1,14 @@
 type: u32
 help: Set the tunnel key
-syntax:expression: $VAR(@) >= 0 && $VAR(@) <= 999999; "Must be between 0-999999"
-update:expression: "sudo ip tunnel change $VAR(../@) key $VAR(@)"
+syntax:expression: $VAR(@) >= 0 && $VAR(@) <= 999999; \
+                   "Must be between 0-999999 for $VAR(../@)"
+
+commit:expression: $VAR(../encapsulation/@) in "gre" ; \
+                   "Key only valid for GRE for $VAR(../@)"
+
+create:expression: "true"
+update:expression: "false" ; \
+                   "Key can only be set at tunnel creation for $VAR(../@)"
+
 comp_help: possible completions
  <0-999999>         Set a tunnel key
diff --git a/templates/protocols/snmp/community/node.tag/client/node.def b/templates/protocols/snmp/community/node.tag/client/node.def
new file mode 100644
index 00000000..134698ef
--- /dev/null
+++ b/templates/protocols/snmp/community/node.tag/client/node.def
@@ -0,0 +1,3 @@
+multi:
+type: ipv4
+help: IP address of SNMP client allowed to contact system
diff --git a/templates/protocols/snmp/community/node.tag/network/node.def b/templates/protocols/snmp/community/node.tag/network/node.def
new file mode 100644
index 00000000..1afdb2a1
--- /dev/null
+++ b/templates/protocols/snmp/community/node.tag/network/node.def
@@ -0,0 +1,4 @@
+multi:
+type: ipv4net
+help: Subnet of SNMP client(s) allowed to contact system
+syntax:expression: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --check-prefix-boundry $VAR(@)"
diff --git a/templates/system/host-name/node.def b/templates/system/host-name/node.def
index 54ed9fef..1aba2174 100644
--- a/templates/system/host-name/node.def
+++ b/templates/system/host-name/node.def
@@ -1,7 +1,7 @@
 type: txt
 help: Configure system host name
 default: "vyatta"
-syntax:expression: pattern $VAR(@) "^[-a-zA-Z0-9.]+$"
+syntax:expression: pattern $VAR(@) "^[[:alpha:]][-.[:alnum:]]*[[:alnum:]]$"
                    ; "invalid host name $VAR(@)"
 update: sudo sh -c " \
   hostname '$VAR(@)'
diff --git a/templates/system/login/node.def b/templates/system/login/node.def
index ca2da1b3..d98c03c6 100644
--- a/templates/system/login/node.def
+++ b/templates/system/login/node.def
@@ -1,3 +1,3 @@
 help: Configure user access
 delete:expression: "echo User root cannot be deleted 1>&2 && exit 1"
-
+end: /opt/vyatta/sbin/vyatta_update_login.pl
diff --git a/templates/system/login/radius-server/node.def b/templates/system/login/radius-server/node.def
index 6d87890c..85ca4cc5 100644
--- a/templates/system/login/radius-server/node.def
+++ b/templates/system/login/radius-server/node.def
@@ -1,10 +1,6 @@
 tag:
 type: ipv4
 help: Radius server authentication configuration
-# need mandatory secret. also need port & timeout (default values?)
-update:expression: "sudo sh -c \"touch /etc/raddb/server && \
-sed -i '/$VAR(@)/d' /etc/raddb/server && \
-echo \\\"$VAR(@):$VAR(port/@)\t$VAR(secret/@)\t$VAR(timeout/@)\\\" \
->> /etc/raddb/server\" "
-delete:expression: "sudo sh -c \"touch /etc/raddb/server && \
-sed -i '/$VAR(@)/d' /etc/raddb/server\" "
+commit:expression: $VAR(port) != "" && $VAR(secret) != ""
+                   && $VAR(timeout) != ""
+                     ; "Port, secret, and timeout must be specified for Radius"
diff --git a/templates/system/login/user/node.def b/templates/system/login/user/node.def
index 0c1a393d..205a4b7a 100644
--- a/templates/system/login/user/node.def
+++ b/templates/system/login/user/node.def
@@ -4,26 +4,6 @@ help: User account information
 commit:expression: $VAR(authentication/encrypted-password) != ""
                    || ($VAR(authentication/plaintext-password) != ""
                        && $VAR(authentication/plaintext-password/@) != "")
-                   ; "user password must be specified"
-syntax:expression: pattern $VAR(@) "^[a-zA-Z_][a-zA-Z0-9_-]*\\$?$" ; "invalid user name $VAR(@)"
-# line continuation and $() expansion are done by cli, not sh.
-# need mandatory encrypted password.
-end:expression: "if [ -d /tmp/vyatta-delete-system-login-user-$VAR(@).$PPID ]; \
-then rm -rf /tmp/vyatta-delete-system-login-user-$VAR(@).$PPID && exit 0; \
-fi && \
-sudo /opt/vyatta/sbin/vyatta_update_login_user.pl \
-  '$VAR(@)' '$VAR(full-name/@)' '$VAR(authentication/encrypted-password/@)' \
-  '$VAR(level/@)'"
-delete:expression: "if [ x$VAR(@) == x ]; then exit 1; fi && \
-if [ x$VAR(@) == xroot ]; then \
-  echo Cannot delete user \"root\" 1>&2 && exit 2; \
-fi && \
-if mkdir /tmp/vyatta-delete-system-login-user-$VAR(@).$PPID >& /dev/null; \
-then \
-  if ! sudo /opt/vyatta/sbin/vyatta_update_login_user.pl -d '$VAR(@)'; then \
-    rm -rf /tmp/vyatta-delete-system-login-user-$VAR(@).$PPID; \
-    exit 1; \
-  fi; \
-else \
-  exit 1; \
-fi"
+                     ; "user password must be specified"
+syntax:expression: pattern $VAR(@) "^[a-zA-Z_][a-zA-Z0-9_-]*\\$?$"
+                     ; "invalid user name $VAR(@)"
diff --git a/templates/system/package/repository/node.def b/templates/system/package/repository/node.def
index e07967ee..d2e4cf38 100644
--- a/templates/system/package/repository/node.def
+++ b/templates/system/package/repository/node.def
@@ -1,11 +1,16 @@
 tag:
+
 type: txt
-help: Name describing the repository
+
+help: Name a debian archive
+
 commit:expression: $VAR(./url/) != ""; "Must configure the repository URL"
 commit:expression: $VAR(./distribution/) != ""; "Must configure the repository distribution"
-commit:expression: $VAR(./components/) != ""; "Must configure the repository component"
-update:expression: "sudo sh -c \"touch /etc/apt/sources.list && \
+commit:expression: $VAR(./components/) != ""; "Must configure the repository components"
+
+update: sudo sh -c "touch /etc/apt/sources.list && \
 sed -i '\\!# $VAR(@) #!d' /etc/apt/sources.list && \
-echo \\\"deb $VAR(url/@)/ $VAR(distribution/@) $VAR(components/@) # $VAR(@) #\\\" >> /etc/apt/sources.list\" "
-delete:expression: "sudo sh -c \"touch /etc/apt/sources.list && \
-sed -i '\\!# $VAR(@) #!d' /etc/apt/sources.list\" "
+echo \"deb $VAR(url/@)/ $VAR(distribution/@) $VAR(components/@) # $VAR(@) #\" >> /etc/apt/sources.list"
+
+delete: sudo sh -c "touch /etc/apt/sources.list && \
+sed -i '\\!# $VAR(@) #!d' /etc/apt/sources.list"
diff --git a/templates/system/syslog/file/node.def b/templates/system/syslog/file/node.def
index 3861dd53..fa4fd7d0 100644
--- a/templates/system/syslog/file/node.def
+++ b/templates/system/syslog/file/node.def
@@ -2,3 +2,4 @@ tag:
 type: txt
 help: Name of the syslog file to save log messages to
 syntax:expression: pattern $VAR(@) "^[-a-zA-Z0-9_.]+$" ; "invalid file name $VAR(@)"
+commit:expression: $VAR(./facility/) != "" || $VAR(./archive/) != ""; "Must specify either facility or archive for syslog file"