summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniil Baturin <daniil@baturin.org>2018-08-25 20:19:04 +0200
committerDaniil Baturin <daniil@baturin.org>2018-08-25 20:19:04 +0200
commit7f5df3ea03fe410f781478aeffc201537756b040 (patch)
treedfcf9ac77e832e1bc68ea7f8aeb50fbea092dcec
parentff172c743e5d732cad083c075c79485849913b4d (diff)
downloadvyatta-cfg-system-7f5df3ea03fe410f781478aeffc201537756b040.tar.gz
vyatta-cfg-system-7f5df3ea03fe410f781478aeffc201537756b040.zip
T797: add sudo to ip command calls in other interface types.
-rwxr-xr-xscripts/vyatta-address10
-rwxr-xr-xscripts/vyatta-bonding.pl4
-rwxr-xr-xscripts/vyatta-interfaces.pl8
-rw-r--r--templates/interfaces/bonding/node.def2
-rw-r--r--templates/interfaces/bonding/node.tag/disable/node.def4
-rw-r--r--templates/interfaces/bonding/node.tag/mtu/node.def4
-rw-r--r--templates/interfaces/bonding/node.tag/vif-s/node.def6
-rw-r--r--templates/interfaces/bonding/node.tag/vif-s/node.tag/disable/node.def4
-rw-r--r--templates/interfaces/bonding/node.tag/vif-s/node.tag/ethertype/node.def6
-rw-r--r--templates/interfaces/bonding/node.tag/vif-s/node.tag/mtu/node.def4
-rw-r--r--templates/interfaces/bonding/node.tag/vif-s/node.tag/vif-c/node.def6
-rw-r--r--templates/interfaces/bonding/node.tag/vif-s/node.tag/vif-c/node.tag/disable/node.def4
-rw-r--r--templates/interfaces/bonding/node.tag/vif-s/node.tag/vif-c/node.tag/mtu/node.def4
-rw-r--r--templates/interfaces/bonding/node.tag/vif/node.def6
-rw-r--r--templates/interfaces/bonding/node.tag/vif/node.tag/disable/node.def4
-rw-r--r--templates/interfaces/bonding/node.tag/vif/node.tag/mtu/node.def4
-rw-r--r--templates/interfaces/bridge/node.def8
-rw-r--r--templates/interfaces/bridge/node.tag/disable/node.def4
-rw-r--r--templates/interfaces/dummy/node.def8
-rw-r--r--templates/interfaces/dummy/node.tag/disable/node.def4
-rw-r--r--templates/interfaces/ethernet/node.def6
-rw-r--r--templates/interfaces/ethernet/node.tag/disable/node.def4
-rw-r--r--templates/interfaces/ethernet/node.tag/mtu/node.def4
-rw-r--r--templates/interfaces/ethernet/node.tag/vif-s/node.def6
-rw-r--r--templates/interfaces/ethernet/node.tag/vif-s/node.tag/disable/node.def4
-rw-r--r--templates/interfaces/ethernet/node.tag/vif-s/node.tag/ethertype/node.def6
-rw-r--r--templates/interfaces/ethernet/node.tag/vif-s/node.tag/mtu/node.def4
-rw-r--r--templates/interfaces/ethernet/node.tag/vif-s/node.tag/vif-c/node.def6
-rw-r--r--templates/interfaces/ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/disable/node.def4
-rw-r--r--templates/interfaces/ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/mtu/node.def4
-rw-r--r--templates/interfaces/ethernet/node.tag/vif/node.def6
-rw-r--r--templates/interfaces/ethernet/node.tag/vif/node.tag/disable/node.def4
-rw-r--r--templates/interfaces/ethernet/node.tag/vif/node.tag/mtu/node.def4
-rw-r--r--templates/interfaces/l2tpv3/node.def12
-rw-r--r--templates/interfaces/l2tpv3/node.tag/disable/node.def4
-rw-r--r--templates/interfaces/l2tpv3/node.tag/mtu/node.def4
-rw-r--r--templates/interfaces/loopback/node.def2
-rw-r--r--templates/interfaces/pseudo-ethernet/node.def6
-rw-r--r--templates/interfaces/pseudo-ethernet/node.tag/disable/node.def4
-rw-r--r--templates/interfaces/pseudo-ethernet/node.tag/mode/node.def2
-rw-r--r--templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.def2
-rw-r--r--templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/disable/node.def4
-rw-r--r--templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/ethertype/node.def6
-rw-r--r--templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/mtu/node.def4
-rw-r--r--templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/vif-c/node.def6
-rw-r--r--templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/disable/node.def4
-rw-r--r--templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/mtu/node.def4
-rw-r--r--templates/interfaces/pseudo-ethernet/node.tag/vif/node.def6
-rw-r--r--templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/disable/node.def4
-rw-r--r--templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/mtu/node.def4
-rw-r--r--templates/interfaces/tunnel/node.def2
-rw-r--r--templates/interfaces/tunnel/node.tag/parameters/ip/tos/node.def4
-rw-r--r--templates/interfaces/vti/node.def4
-rw-r--r--templates/interfaces/vti/node.tag/disable/node.def4
-rw-r--r--templates/interfaces/vti/node.tag/mtu/node.def4
-rw-r--r--templates/interfaces/vxlan/node.def6
-rw-r--r--templates/interfaces/vxlan/node.tag/mtu/node.def4
57 files changed, 136 insertions, 136 deletions
diff --git a/scripts/vyatta-address b/scripts/vyatta-address
index 072f27e6..4491c3f0 100755
--- a/scripts/vyatta-address
+++ b/scripts/vyatta-address
@@ -17,11 +17,11 @@ case $1 in
elif [[ "$3" =~ ":" ]]; then
# Ipv6 address
if ! ip -6 addr list dev $2 | grep -q $3; then
- exec ip -6 addr add "$3" dev "$2"
+ exec sudo ip -6 addr add "$3" dev "$2"
fi
else
if ! ip addr list dev $2 | grep -q $3; then
- exec ip addr add "$3" broadcast + dev "$2"
+ exec sudo ip addr add "$3" broadcast + dev "$2"
fi
fi ;;
@@ -37,7 +37,7 @@ case $1 in
ip_address=$3;
fi
- if ! /sbin/ip address show dev $2 2>/dev/null | grep -q "$ip_address"; then
+ if ! ip address show dev $2 2>/dev/null | grep -q "$ip_address"; then
# Address doesn't exist there, nothing to delete
exit 0
fi
@@ -50,9 +50,9 @@ case $1 in
elif [[ "$3" = "dhcpv6" ]]; then
exec /opt/vyatta/sbin/vyatta-dhcpv6-client.pl --stop --ifname "$2"
elif [[ "$3" =~ ":" ]]; then
- exec ip -6 addr del "$3" dev "$2"
+ exec sudo ip -6 addr del "$3" dev "$2"
else
- exec ip addr del "$3" dev "$2"
+ exec sudo ip addr del "$3" dev "$2"
fi ;;
*)
echo "Unknown option $1"
diff --git a/scripts/vyatta-bonding.pl b/scripts/vyatta-bonding.pl
index 9c9eb995..24182af3 100755
--- a/scripts/vyatta-bonding.pl
+++ b/scripts/vyatta-bonding.pl
@@ -144,13 +144,13 @@ sub get_irq_affinity {
sub if_down {
my $intf = shift;
- system "ip link set dev $intf down"
+ system "sudo ip link set dev $intf down"
and die "Could not set $intf up ($!)\n";
}
sub if_up {
my $intf = shift;
- system "ip link set dev $intf up"
+ system "sudo ip link set dev $intf up"
and die "Could not set $intf up ($!)\n";
my $smp_affinity = get_irq_affinity($intf);
diff --git a/scripts/vyatta-interfaces.pl b/scripts/vyatta-interfaces.pl
index a91a66e8..aa802b97 100755
--- a/scripts/vyatta-interfaces.pl
+++ b/scripts/vyatta-interfaces.pl
@@ -238,16 +238,16 @@ sub update_mac {
exit 0 if (lc($oldmac) eq lc($mac));
# try the direct approach
- if (system("ip link set $name address $mac") == 0) {
+ if (system("sudo ip link set $name address $mac") == 0) {
exit 0;
} elsif ($intf->up()) {
# some hardware can not change MAC address if up
- system "ip link set $name down"
+ system "sudo ip link set $name down"
and die "Could not set $name down\n";
- system "ip link set $name address $mac"
+ system "sudo ip link set $name address $mac"
and die "Could not set $name address\n";
- system "ip link set $name up"
+ system "sudo ip link set $name up"
and die "Could not set $name up\n";
} else {
die "Could not set mac address for $name\n";
diff --git a/templates/interfaces/bonding/node.def b/templates/interfaces/bonding/node.def
index 2346c490..d87d5b98 100644
--- a/templates/interfaces/bonding/node.def
+++ b/templates/interfaces/bonding/node.def
@@ -24,6 +24,6 @@ delete: SLAVES=`cat /sys/class/net/$VAR(@)/bonding/slaves`;
end: if [ -f /tmp/bonding_$VAR(@).$PPID ]
then rm -f /tmp/bonding_$VAR(@).$PPID
- ip link set "$VAR(@)" up
+ sudo ip link set "$VAR(@)" up
/opt/vyatta/sbin/vyatta-link-detect $VAR(@) on
fi
diff --git a/templates/interfaces/bonding/node.tag/disable/node.def b/templates/interfaces/bonding/node.tag/disable/node.def
index 6e684ebd..c4a4c681 100644
--- a/templates/interfaces/bonding/node.tag/disable/node.def
+++ b/templates/interfaces/bonding/node.tag/disable/node.def
@@ -1,11 +1,11 @@
help: Disable interface
create: /etc/netplug/linkdown.d/dhclient $VAR(../@)
- if ! ip link set $VAR(../@) down 2>/dev/null; then
+ if ! sudo ip link set $VAR(../@) down 2>/dev/null; then
echo "Error disabling dev $VAR(../@)"
/etc/netplug/linkup.d/dhclient $VAR(../@)
exit 1
fi
-delete: if ! ip link set $VAR(../@) up; then
+delete: if ! sudo ip link set $VAR(../@) up; then
echo "Error enabling dev $VAR(../@)"
exit 1
fi
diff --git a/templates/interfaces/bonding/node.tag/mtu/node.def b/templates/interfaces/bonding/node.tag/mtu/node.def
index 1a8011b4..71347c58 100644
--- a/templates/interfaces/bonding/node.tag/mtu/node.def
+++ b/templates/interfaces/bonding/node.tag/mtu/node.def
@@ -3,5 +3,5 @@ priority: 381
help: Maximum Transmission Unit (MTU)
syntax:expression: $VAR(@) >= 68 && $VAR(@) <= 9000; "MTU must be between 68 and 9000"
val_help: u32:68-9000; Maximum Transmission Unit
-update: ip link set $VAR(../@) mtu $VAR(@)
-delete: ip link set $VAR(../@) mtu 1500
+update: sudo ip link set $VAR(../@) mtu $VAR(@)
+delete: sudo ip link set $VAR(../@) mtu 1500
diff --git a/templates/interfaces/bonding/node.tag/vif-s/node.def b/templates/interfaces/bonding/node.tag/vif-s/node.def
index fd490689..2c483317 100644
--- a/templates/interfaces/bonding/node.tag/vif-s/node.def
+++ b/templates/interfaces/bonding/node.tag/vif-s/node.def
@@ -9,13 +9,13 @@ create: ETHERTYPE=`echo "$VAR(ethertype/@)"`
if [ $ETHERTYPE == "0x88A8" ]; then ETHTYPE=802.1ad; fi
if [ $ETHERTYPE == "0x8100" ]; then ETHTYPE=802.1Q; fi
- if ! ip link add link $VAR(../@) name "$VAR(../@).$VAR(@)" type vlan proto $ETHTYPE id $VAR(@)
+ if ! sudo ip link add link $VAR(../@) name "$VAR(../@).$VAR(@)" type vlan proto $ETHTYPE id $VAR(@)
then echo "Error creating VLAN device $VAR(../@).$VAR(@)"
exit 1
fi
# if parent is up, then bring VLAN up
if [ $(( $(cat /sys/class/net/$VAR(../@)/flags) & 1 )) -eq 1 ]
- then ip link set "$VAR(../@).$VAR(@)" up
+ then sudo ip link set "$VAR(../@).$VAR(@)" up
fi
/opt/vyatta/sbin/vyatta-link-detect "$VAR(../@).$VAR(@)" on
@@ -23,4 +23,4 @@ delete: ETHERTYPE=`echo "$VAR(ethertype/@)"`
if [ $ETHERTYPE == "0x88A8" ]; then ETHTYPE=802.1ad; fi
if [ $ETHERTYPE == "0x8100" ]; then ETHTYPE=802.1Q; fi
[ -d /sys/class/net/$VAR(../@).$VAR(@) ] || exit 0
- ip link delete dev "$VAR(../@).$VAR(@)" type vlan proto $ETHTYPE id $VAR(@)
+ sudo ip link delete dev "$VAR(../@).$VAR(@)" type vlan proto $ETHTYPE id $VAR(@)
diff --git a/templates/interfaces/bonding/node.tag/vif-s/node.tag/disable/node.def b/templates/interfaces/bonding/node.tag/vif-s/node.tag/disable/node.def
index e9943645..12db6a98 100644
--- a/templates/interfaces/bonding/node.tag/vif-s/node.tag/disable/node.def
+++ b/templates/interfaces/bonding/node.tag/vif-s/node.tag/disable/node.def
@@ -1,11 +1,11 @@
help: Disable interface
update: /etc/netplug/linkdown.d/dhclient $VAR(../../@).$VAR(../@)
- if ! ip link set $VAR(../../@).$VAR(../@) down 2>/dev/null; then
+ if ! sudo ip link set $VAR(../../@).$VAR(../@) down 2>/dev/null; then
echo "Error disabling dev $VAR(../../@).$VAR(../@)"
/etc/netplug/linkup.d/dhclient $VAR(../../@).$VAR(../@)
exit 1
fi
-delete: if ! ip link set $VAR(../../@).$VAR(../@) up; then
+delete: if ! sudo ip link set $VAR(../../@).$VAR(../@) up; then
echo "Error enabling dev $VAR(../../@).$VAR(../@)"
exit 1
fi
diff --git a/templates/interfaces/bonding/node.tag/vif-s/node.tag/ethertype/node.def b/templates/interfaces/bonding/node.tag/vif-s/node.tag/ethertype/node.def
index a79acae4..24d08568 100644
--- a/templates/interfaces/bonding/node.tag/vif-s/node.tag/ethertype/node.def
+++ b/templates/interfaces/bonding/node.tag/vif-s/node.tag/ethertype/node.def
@@ -20,7 +20,7 @@ update: ACTIVEETHTYPE=`cli-shell-api returnActiveValue interfaces bonding $VAR(.
echo "Must configure slave devices for bond interface $VAR(../@) before adding vif"
exit 1
fi
- ip link delete dev "$VAR(../../@).$VAR(../@)" type vlan proto $ETHTYPE id $VAR(../@) > /dev/null 2>&1
- ip link add link $VAR(../../@) name "$VAR(../../@).$VAR(../@)" type vlan proto $ETHTYPE id $VAR(../@) || exit 1
- ip link set "$VAR(../../@).$VAR(../@)" up
+ sudo ip link delete dev "$VAR(../../@).$VAR(../@)" type vlan proto $ETHTYPE id $VAR(../@) > /dev/null 2>&1
+ sudo ip link add link $VAR(../../@) name "$VAR(../../@).$VAR(../@)" type vlan proto $ETHTYPE id $VAR(../@) || exit 1
+ sudo ip link set "$VAR(../../@).$VAR(../@)" up
/opt/vyatta/sbin/vyatta-link-detect "$VAR(../../@).$VAR(../@)" on
diff --git a/templates/interfaces/bonding/node.tag/vif-s/node.tag/mtu/node.def b/templates/interfaces/bonding/node.tag/vif-s/node.tag/mtu/node.def
index d6151dcb..b3f3e7c7 100644
--- a/templates/interfaces/bonding/node.tag/vif-s/node.tag/mtu/node.def
+++ b/templates/interfaces/bonding/node.tag/vif-s/node.tag/mtu/node.def
@@ -4,6 +4,6 @@ help: Maximum Transmission Unit (MTU)
val_help: u32:68-9000; Maximum Transmission Unit (MTU)
syntax:expression: $VAR(@) >= 68 && $VAR(@) <= 9000; "MTU must be between 68 and 9000"
-update: ip link set $VAR(../../@).$VAR(../@) mtu $VAR(@)
+update: sudo ip link set $VAR(../../@).$VAR(../@) mtu $VAR(@)
delete: [ -d /sys/class/net/$VAR(../../@).$VAR(../@) ] || exit 0
- ip link set $VAR(../../@).$VAR(../@) mtu 1500
+ sudo ip link set $VAR(../../@).$VAR(../@) mtu 1500
diff --git a/templates/interfaces/bonding/node.tag/vif-s/node.tag/vif-c/node.def b/templates/interfaces/bonding/node.tag/vif-s/node.tag/vif-c/node.def
index 77c6e56b..eb32ce61 100644
--- a/templates/interfaces/bonding/node.tag/vif-s/node.tag/vif-c/node.def
+++ b/templates/interfaces/bonding/node.tag/vif-s/node.tag/vif-c/node.def
@@ -10,9 +10,9 @@ create: read -a SLAVES </sys/class/net/$VAR(../../@)/bonding/slaves
echo "Must configure slave devices for bond interface $VAR(../../@) before adding vif"
exit 1
fi
- ip link add link $VAR(../../@).$VAR(../@) name "$VAR(../../@).$VAR(../@).$VAR(@)" type vlan proto 802.1q id $VAR(@) || exit 1
- ip link set "$VAR(../../@).$VAR(../@).$VAR(@)" up
+ sudo ip link add link $VAR(../../@).$VAR(../@) name "$VAR(../../@).$VAR(../@).$VAR(@)" type vlan proto 802.1q id $VAR(@) || exit 1
+ sudo ip link set "$VAR(../../@).$VAR(../@).$VAR(@)" up
/opt/vyatta/sbin/vyatta-link-detect "$VAR(../../@).$VAR(../@).$VAR(@)" on
delete: [ -d /sys/class/net/$VAR(../../@).$VAR(../@).$VAR(@) ] || exit 0
- ip link delete dev "$VAR(../../@).$VAR(../@).$VAR(@)" type vlan proto 802.1q id $VAR(@)
+ sudo ip link delete dev "$VAR(../../@).$VAR(../@).$VAR(@)" type vlan proto 802.1q id $VAR(@)
diff --git a/templates/interfaces/bonding/node.tag/vif-s/node.tag/vif-c/node.tag/disable/node.def b/templates/interfaces/bonding/node.tag/vif-s/node.tag/vif-c/node.tag/disable/node.def
index 31c5a9b2..7069e9c9 100644
--- a/templates/interfaces/bonding/node.tag/vif-s/node.tag/vif-c/node.tag/disable/node.def
+++ b/templates/interfaces/bonding/node.tag/vif-s/node.tag/vif-c/node.tag/disable/node.def
@@ -1,11 +1,11 @@
help: Disable interface
update: /etc/netplug/linkdown.d/dhclient $VAR(../../../@).$VAR(../../@).$VAR(../@)
- if ! ip link set $VAR(../../../@).$VAR(../../@).$VAR(../@) down 2>/dev/null; then
+ if ! sudo ip link set $VAR(../../../@).$VAR(../../@).$VAR(../@) down 2>/dev/null; then
echo "Error disabling dev $VAR(../../../@).$VAR(../../@).$VAR(../@)"
/etc/netplug/linkup.d/dhclient $VAR(../../../@).$VAR(../../@).$VAR(../@)
exit 1
fi
-delete: if ! ip link set $VAR(../../../@).$VAR(../../@).$VAR(../@) up; then
+delete: if ! sudo ip link set $VAR(../../../@).$VAR(../../@).$VAR(../@) up; then
echo "Error enabling dev $VAR(../../../@).$VAR(../../@).$VAR(../@)"
exit 1
fi
diff --git a/templates/interfaces/bonding/node.tag/vif-s/node.tag/vif-c/node.tag/mtu/node.def b/templates/interfaces/bonding/node.tag/vif-s/node.tag/vif-c/node.tag/mtu/node.def
index ca8795ee..264c429b 100644
--- a/templates/interfaces/bonding/node.tag/vif-s/node.tag/vif-c/node.tag/mtu/node.def
+++ b/templates/interfaces/bonding/node.tag/vif-s/node.tag/vif-c/node.tag/mtu/node.def
@@ -4,6 +4,6 @@ help: Maximum Transmission Unit (MTU)
val_help: u32:68-9000; Maximum Transmission Unit (MTU)
syntax:expression: $VAR(@) >= 68 && $VAR(@) <= 9000; "MTU must be between 68 and 9000"
-update: ip link set $VAR(../../../@).$VAR(../../@).$VAR(../@) mtu $VAR(@)
+update: sudo ip link set $VAR(../../../@).$VAR(../../@).$VAR(../@) mtu $VAR(@)
delete: [ -d /sys/class/net/$VAR(../../../@).$VAR(../../@).$VAR(../@) ] || exit 0
- ip link set $VAR(../../../@).$VAR(../../@).$VAR(../@) mtu 1500
+ sudo ip link set $VAR(../../../@).$VAR(../../@).$VAR(../@) mtu 1500
diff --git a/templates/interfaces/bonding/node.tag/vif/node.def b/templates/interfaces/bonding/node.tag/vif/node.def
index 63394e44..e7262d63 100644
--- a/templates/interfaces/bonding/node.tag/vif/node.def
+++ b/templates/interfaces/bonding/node.tag/vif/node.def
@@ -10,9 +10,9 @@ create: read -a SLAVES </sys/class/net/$VAR(../@)/bonding/slaves
echo "Must configure slave devices for bond interface $VAR(../@) before adding vif"
exit 1
fi
- ip link add link $VAR(../@) name "$VAR(../@).$VAR(@)" type vlan id $VAR(@) || exit 1
- ip link set "$VAR(../@).$VAR(@)" up
+ sudo ip link add link $VAR(../@) name "$VAR(../@).$VAR(@)" type vlan id $VAR(@) || exit 1
+ sudo ip link set "$VAR(../@).$VAR(@)" up
/opt/vyatta/sbin/vyatta-link-detect "$VAR(../@).$VAR(@)" on
delete: [ -d /sys/class/net/$VAR(../@).$VAR(@) ] || exit 0
- ip link delete dev "$VAR(../@).$VAR(@)" type vlan id $VAR(@)
+ sudo ip link delete dev "$VAR(../@).$VAR(@)" type vlan id $VAR(@)
diff --git a/templates/interfaces/bonding/node.tag/vif/node.tag/disable/node.def b/templates/interfaces/bonding/node.tag/vif/node.tag/disable/node.def
index e9943645..12db6a98 100644
--- a/templates/interfaces/bonding/node.tag/vif/node.tag/disable/node.def
+++ b/templates/interfaces/bonding/node.tag/vif/node.tag/disable/node.def
@@ -1,11 +1,11 @@
help: Disable interface
update: /etc/netplug/linkdown.d/dhclient $VAR(../../@).$VAR(../@)
- if ! ip link set $VAR(../../@).$VAR(../@) down 2>/dev/null; then
+ if ! sudo ip link set $VAR(../../@).$VAR(../@) down 2>/dev/null; then
echo "Error disabling dev $VAR(../../@).$VAR(../@)"
/etc/netplug/linkup.d/dhclient $VAR(../../@).$VAR(../@)
exit 1
fi
-delete: if ! ip link set $VAR(../../@).$VAR(../@) up; then
+delete: if ! sudo ip link set $VAR(../../@).$VAR(../@) up; then
echo "Error enabling dev $VAR(../../@).$VAR(../@)"
exit 1
fi
diff --git a/templates/interfaces/bonding/node.tag/vif/node.tag/mtu/node.def b/templates/interfaces/bonding/node.tag/vif/node.tag/mtu/node.def
index d6151dcb..b3f3e7c7 100644
--- a/templates/interfaces/bonding/node.tag/vif/node.tag/mtu/node.def
+++ b/templates/interfaces/bonding/node.tag/vif/node.tag/mtu/node.def
@@ -4,6 +4,6 @@ help: Maximum Transmission Unit (MTU)
val_help: u32:68-9000; Maximum Transmission Unit (MTU)
syntax:expression: $VAR(@) >= 68 && $VAR(@) <= 9000; "MTU must be between 68 and 9000"
-update: ip link set $VAR(../../@).$VAR(../@) mtu $VAR(@)
+update: sudo ip link set $VAR(../../@).$VAR(../@) mtu $VAR(@)
delete: [ -d /sys/class/net/$VAR(../../@).$VAR(../@) ] || exit 0
- ip link set $VAR(../../@).$VAR(../@) mtu 1500
+ sudo ip link set $VAR(../../@).$VAR(../@) mtu 1500
diff --git a/templates/interfaces/bridge/node.def b/templates/interfaces/bridge/node.def
index 8525cb9e..b6654f07 100644
--- a/templates/interfaces/bridge/node.def
+++ b/templates/interfaces/bridge/node.def
@@ -7,14 +7,14 @@ syntax:expression: pattern $VAR(@) "^br[0-9]+$" ; "Must be (br0 - br999)"
create: /sbin/brctl addbr $VAR(@)
if [ -n "$VAR(mac/@)" ] ; then
- ip li set dev $VAR(@) address $VAR(mac/@)
+ sudo ip li set dev $VAR(@) address $VAR(mac/@)
fi
- ip link set $VAR(@) up
+ sudo ip link set $VAR(@) up
delete: if ! /opt/vyatta/sbin/vyatta-bridgegroup-depedency.pl \
--no-interfaces-assigned \
--bridge-interface="$VAR(@)"; then \
exit 1
fi
- ip link set $VAR(@) down;
- /sbin/brctl delbr $VAR(@);
+ sudo ip link set $VAR(@) down;
+ sudo /sbin/brctl delbr $VAR(@);
diff --git a/templates/interfaces/bridge/node.tag/disable/node.def b/templates/interfaces/bridge/node.tag/disable/node.def
index 2e20be3b..3f37a6d6 100644
--- a/templates/interfaces/bridge/node.tag/disable/node.def
+++ b/templates/interfaces/bridge/node.tag/disable/node.def
@@ -1,11 +1,11 @@
help: Disable the bridge interface
update: /etc/netplug/linkdown.d/dhclient $VAR(../@)
- if ! ip link set $VAR(../@) down 2>/dev/null; then
+ if ! sudo ip link set $VAR(../@) down 2>/dev/null; then
echo "Error disabling dev $VAR(../@)"
/etc/netplug/linkup.d/dhclient $VAR(../@)
exit 1
fi
-delete: if ! ip link set $VAR(../@) up; then
+delete: if ! sudo ip link set $VAR(../@) up; then
echo "Error enabling dev $VAR(../@)"
exit 1
fi
diff --git a/templates/interfaces/dummy/node.def b/templates/interfaces/dummy/node.def
index 71625fd8..1908f9d8 100644
--- a/templates/interfaces/dummy/node.def
+++ b/templates/interfaces/dummy/node.def
@@ -8,8 +8,8 @@ val_help: <dumN>; Dummy interface name
begin: [ -d /sys/module/dummy ] || sudo modprobe dummy
-create: ip link add name $VAR(@) type dummy
- ip link set $VAR(@) up
+create: sudo ip link add name $VAR(@) type dummy
+ sudo ip link set $VAR(@) up
-delete: ip link set dev $VAR(@) down
- ip link delete dev $VAR(@)
+delete: sudo ip link set dev $VAR(@) down
+ sudo ip link delete dev $VAR(@)
diff --git a/templates/interfaces/dummy/node.tag/disable/node.def b/templates/interfaces/dummy/node.tag/disable/node.def
index 26199646..8c580c95 100644
--- a/templates/interfaces/dummy/node.tag/disable/node.def
+++ b/templates/interfaces/dummy/node.tag/disable/node.def
@@ -1,4 +1,4 @@
help: Disable interface
-update: ip link set $VAR(../@) down
+update: sudo ip link set $VAR(../@) down
-delete: ip link set $VAR(../@) up
+delete: sudo ip link set $VAR(../@) up
diff --git a/templates/interfaces/ethernet/node.def b/templates/interfaces/ethernet/node.def
index 2af57e0a..b4e60340 100644
--- a/templates/interfaces/ethernet/node.def
+++ b/templates/interfaces/ethernet/node.def
@@ -35,14 +35,14 @@ create: if ! cli-shell-api exists interfaces ethernet $VAR(@) disable;
case "$VAR(@)" in
*lan*)
masterint=$(ip link show $VAR(@) | awk 'NR==1{print $2 }' | grep -ao "eth[0-9]")
- ip link set $masterint up
+ sudo ip link set $masterint up
;;
esac
- ip link set $VAR(@) up
+ sudo ip link set $VAR(@) up
fi
/opt/vyatta/sbin/vyatta-link-detect $VAR(@) on
delete: [ -d /sys/class/net/$VAR(@) ] || exit 0
- ip link set $VAR(@) down
+ sudo ip link set $VAR(@) down
end: rm -f /tmp/speed-duplex.$VAR(@)
diff --git a/templates/interfaces/ethernet/node.tag/disable/node.def b/templates/interfaces/ethernet/node.tag/disable/node.def
index fff51388..c948e970 100644
--- a/templates/interfaces/ethernet/node.tag/disable/node.def
+++ b/templates/interfaces/ethernet/node.tag/disable/node.def
@@ -1,14 +1,14 @@
help: Disable interface
create: /etc/netplug/linkdown.d/dhclient $VAR(../@)
- if ! ip link set $VAR(../@) down 2>/dev/null; then
+ if ! sudo ip link set $VAR(../@) down 2>/dev/null; then
echo "Error disabling dev $VAR(../@)"
/etc/netplug/linkup.d/dhclient $VAR(../@)
exit 1
fi
delete: [ -d /sys/class/net/$VAR(../@) ] || exit 0
- if ! ip link set $VAR(../@) up; then
+ if ! sudo ip link set $VAR(../@) up; then
echo "Error enabling dev $VAR(../@)"
exit 1
fi
diff --git a/templates/interfaces/ethernet/node.tag/mtu/node.def b/templates/interfaces/ethernet/node.tag/mtu/node.def
index e846bd9d..57abc31f 100644
--- a/templates/interfaces/ethernet/node.tag/mtu/node.def
+++ b/templates/interfaces/ethernet/node.tag/mtu/node.def
@@ -4,8 +4,8 @@ help: Maximum Transmission Unit (MTU)
syntax:expression: $VAR(@) >= 68 && $VAR(@) <= 9000; "MTU must be between 68 and 9000"
val_help: u32:68-9000; Maximum Transmission Unit (MTU)
-update: if ! ip link set $VAR(../@) mtu $VAR(@)
+update: if ! sudo ip link set $VAR(../@) mtu $VAR(@)
then echo "Error setting MTU on dev $VAR(../@)"; exit 1
fi
delete: [ -d /sys/class/net/$VAR(../@) ] || exit 0
- ip link set $VAR(../@) mtu 1500
+ sudo ip link set $VAR(../@) mtu 1500
diff --git a/templates/interfaces/ethernet/node.tag/vif-s/node.def b/templates/interfaces/ethernet/node.tag/vif-s/node.def
index 204b68c7..963dbb18 100644
--- a/templates/interfaces/ethernet/node.tag/vif-s/node.def
+++ b/templates/interfaces/ethernet/node.tag/vif-s/node.def
@@ -9,13 +9,13 @@ create: ETHERTYPE=`echo "$VAR(ethertype/@)"`
if [ $ETHERTYPE == "0x88A8" ]; then ETHTYPE=802.1ad; fi
if [ $ETHERTYPE == "0x8100" ]; then ETHTYPE=802.1Q; fi
- if ! ip link add link $VAR(../@) name "$VAR(../@).$VAR(@)" type vlan proto $ETHTYPE id $VAR(@)
+ if ! sudo ip link add link $VAR(../@) name "$VAR(../@).$VAR(@)" type vlan proto $ETHTYPE id $VAR(@)
then echo "Error creating VLAN device $VAR(../@).$VAR(@)"
exit 1
fi
# if parent is up, then bring VLAN up
if [ $(( $(cat /sys/class/net/$VAR(../@)/flags) & 1 )) -eq 1 ]
- then ip link set "$VAR(../@).$VAR(@)" up
+ then sudo ip link set "$VAR(../@).$VAR(@)" up
fi
/opt/vyatta/sbin/vyatta-link-detect "$VAR(../@).$VAR(@)" on
@@ -23,4 +23,4 @@ delete: ETHERTYPE=`echo "$VAR(ethertype/@)"`
if [ $ETHERTYPE == "0x88A8" ]; then ETHTYPE=802.1ad; fi
if [ $ETHERTYPE == "0x8100" ]; then ETHTYPE=802.1Q; fi
[ -d /sys/class/net/$VAR(../@).$VAR(@) ] || exit 0
- ip link delete dev "$VAR(../@).$VAR(@)" type vlan proto $ETHTYPE id $VAR(@)
+ sudo ip link delete dev "$VAR(../@).$VAR(@)" type vlan proto $ETHTYPE id $VAR(@)
diff --git a/templates/interfaces/ethernet/node.tag/vif-s/node.tag/disable/node.def b/templates/interfaces/ethernet/node.tag/vif-s/node.tag/disable/node.def
index e9943645..12db6a98 100644
--- a/templates/interfaces/ethernet/node.tag/vif-s/node.tag/disable/node.def
+++ b/templates/interfaces/ethernet/node.tag/vif-s/node.tag/disable/node.def
@@ -1,11 +1,11 @@
help: Disable interface
update: /etc/netplug/linkdown.d/dhclient $VAR(../../@).$VAR(../@)
- if ! ip link set $VAR(../../@).$VAR(../@) down 2>/dev/null; then
+ if ! sudo ip link set $VAR(../../@).$VAR(../@) down 2>/dev/null; then
echo "Error disabling dev $VAR(../../@).$VAR(../@)"
/etc/netplug/linkup.d/dhclient $VAR(../../@).$VAR(../@)
exit 1
fi
-delete: if ! ip link set $VAR(../../@).$VAR(../@) up; then
+delete: if ! sudo ip link set $VAR(../../@).$VAR(../@) up; then
echo "Error enabling dev $VAR(../../@).$VAR(../@)"
exit 1
fi
diff --git a/templates/interfaces/ethernet/node.tag/vif-s/node.tag/ethertype/node.def b/templates/interfaces/ethernet/node.tag/vif-s/node.tag/ethertype/node.def
index 0a5e954a..32895483 100644
--- a/templates/interfaces/ethernet/node.tag/vif-s/node.tag/ethertype/node.def
+++ b/templates/interfaces/ethernet/node.tag/vif-s/node.tag/ethertype/node.def
@@ -15,13 +15,13 @@ update: ACTIVEETHTYPE=`cli-shell-api returnActiveValue interfaces ethernet $VAR(
ETHERTYPE=`echo "$VAR(@)"`
if [ $ETHERTYPE == "0x88A8" ]; then ETHTYPE=802.1ad; fi
if [ $ETHERTYPE == "0x8100" ]; then ETHTYPE=802.1Q; fi
- ip link delete dev "$VAR(../../@).$VAR(../@)" type vlan proto $ETHTYPE id $VAR(../@) > /dev/null 2>&1
- if ! ip link add link $VAR(../../@) name "$VAR(../../@).$VAR(../@)" type vlan proto $ETHTYPE id $VAR(../@)
+ sudo ip link delete dev "$VAR(../../@).$VAR(../@)" type vlan proto $ETHTYPE id $VAR(../@) > /dev/null 2>&1
+ if ! sudo ip link add link $VAR(../../@) name "$VAR(../../@).$VAR(../@)" type vlan proto $ETHTYPE id $VAR(../@)
then echo "Error creating VLAN device $VAR(../../@).$VAR(../@)"
exit 1
fi
# if parent is up, then bring VLAN up
if [ $(( $(cat /sys/class/net/$VAR(../../@)/flags) & 1 )) -eq 1 ]
- then ip link set "$VAR(../../@).$VAR(../@)" up
+ then sudo ip link set "$VAR(../../@).$VAR(../@)" up
fi
/opt/vyatta/sbin/vyatta-link-detect "$VAR(../../@).$VAR(../@)" on
diff --git a/templates/interfaces/ethernet/node.tag/vif-s/node.tag/mtu/node.def b/templates/interfaces/ethernet/node.tag/vif-s/node.tag/mtu/node.def
index d6151dcb..b3f3e7c7 100644
--- a/templates/interfaces/ethernet/node.tag/vif-s/node.tag/mtu/node.def
+++ b/templates/interfaces/ethernet/node.tag/vif-s/node.tag/mtu/node.def
@@ -4,6 +4,6 @@ help: Maximum Transmission Unit (MTU)
val_help: u32:68-9000; Maximum Transmission Unit (MTU)
syntax:expression: $VAR(@) >= 68 && $VAR(@) <= 9000; "MTU must be between 68 and 9000"
-update: ip link set $VAR(../../@).$VAR(../@) mtu $VAR(@)
+update: sudo ip link set $VAR(../../@).$VAR(../@) mtu $VAR(@)
delete: [ -d /sys/class/net/$VAR(../../@).$VAR(../@) ] || exit 0
- ip link set $VAR(../../@).$VAR(../@) mtu 1500
+ sudo ip link set $VAR(../../@).$VAR(../@) mtu 1500
diff --git a/templates/interfaces/ethernet/node.tag/vif-s/node.tag/vif-c/node.def b/templates/interfaces/ethernet/node.tag/vif-s/node.tag/vif-c/node.def
index 8450acfd..8312aa06 100644
--- a/templates/interfaces/ethernet/node.tag/vif-s/node.tag/vif-c/node.def
+++ b/templates/interfaces/ethernet/node.tag/vif-s/node.tag/vif-c/node.def
@@ -5,15 +5,15 @@ help: QinQ TAG-C Virtual Local Area Network (VLAN) ID
syntax:expression: $VAR(@) >= 0 && $VAR(@) <= 4094; "VLAN ID must be between 0 and 4094"
val_help: u32:0-4094; VLAN ID
-create: if ! ip link add link $VAR(../../@).$VAR(../@) name "$VAR(../../@).$VAR(../@).$VAR(@)" type vlan proto 802.1q id $VAR(@)
+create: if ! sudo ip link add link $VAR(../../@).$VAR(../@) name "$VAR(../../@).$VAR(../@).$VAR(@)" type vlan proto 802.1q id $VAR(@)
then echo "Error creating VLAN device $VAR(../../@).$VAR(../@).$VAR(@)"
exit 1
fi
# if parent is up, then bring VLAN up
if [ $(( $(cat /sys/class/net/$VAR(../../@).$VAR(../@)/flags) & 1 )) -eq 1 ]
- then ip link set "$VAR(../../@).$VAR(../@).$VAR(@)" up
+ then sudo ip link set "$VAR(../../@).$VAR(../@).$VAR(@)" up
fi
/opt/vyatta/sbin/vyatta-link-detect "$VAR(../../@).$VAR(../@).$VAR(@)" on
delete: [ -d /sys/class/net/$VAR(../../@).$VAR(../@).$VAR(@) ] || exit 0
- ip link delete dev "$VAR(../../@).$VAR(../@).$VAR(@)" type vlan proto 802.1q id $VAR(@)
+ sudo ip link delete dev "$VAR(../../@).$VAR(../@).$VAR(@)" type vlan proto 802.1q id $VAR(@)
diff --git a/templates/interfaces/ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/disable/node.def b/templates/interfaces/ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/disable/node.def
index 31c5a9b2..7069e9c9 100644
--- a/templates/interfaces/ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/disable/node.def
+++ b/templates/interfaces/ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/disable/node.def
@@ -1,11 +1,11 @@
help: Disable interface
update: /etc/netplug/linkdown.d/dhclient $VAR(../../../@).$VAR(../../@).$VAR(../@)
- if ! ip link set $VAR(../../../@).$VAR(../../@).$VAR(../@) down 2>/dev/null; then
+ if ! sudo ip link set $VAR(../../../@).$VAR(../../@).$VAR(../@) down 2>/dev/null; then
echo "Error disabling dev $VAR(../../../@).$VAR(../../@).$VAR(../@)"
/etc/netplug/linkup.d/dhclient $VAR(../../../@).$VAR(../../@).$VAR(../@)
exit 1
fi
-delete: if ! ip link set $VAR(../../../@).$VAR(../../@).$VAR(../@) up; then
+delete: if ! sudo ip link set $VAR(../../../@).$VAR(../../@).$VAR(../@) up; then
echo "Error enabling dev $VAR(../../../@).$VAR(../../@).$VAR(../@)"
exit 1
fi
diff --git a/templates/interfaces/ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/mtu/node.def b/templates/interfaces/ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/mtu/node.def
index ca8795ee..264c429b 100644
--- a/templates/interfaces/ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/mtu/node.def
+++ b/templates/interfaces/ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/mtu/node.def
@@ -4,6 +4,6 @@ help: Maximum Transmission Unit (MTU)
val_help: u32:68-9000; Maximum Transmission Unit (MTU)
syntax:expression: $VAR(@) >= 68 && $VAR(@) <= 9000; "MTU must be between 68 and 9000"
-update: ip link set $VAR(../../../@).$VAR(../../@).$VAR(../@) mtu $VAR(@)
+update: sudo ip link set $VAR(../../../@).$VAR(../../@).$VAR(../@) mtu $VAR(@)
delete: [ -d /sys/class/net/$VAR(../../../@).$VAR(../../@).$VAR(../@) ] || exit 0
- ip link set $VAR(../../../@).$VAR(../../@).$VAR(../@) mtu 1500
+ sudo ip link set $VAR(../../../@).$VAR(../../@).$VAR(../@) mtu 1500
diff --git a/templates/interfaces/ethernet/node.tag/vif/node.def b/templates/interfaces/ethernet/node.tag/vif/node.def
index b9925177..d20fefda 100644
--- a/templates/interfaces/ethernet/node.tag/vif/node.def
+++ b/templates/interfaces/ethernet/node.tag/vif/node.def
@@ -11,15 +11,15 @@ create: if [ -n "$VAR(./egress-qos)" ]; then
if [ -n "$VAR(./ingress-qos)" ]; then
opt_in=" ingress-qos-map $VAR(./ingress-qos/@) "
fi
- if ! ip link add link $VAR(../@) name "$VAR(../@).$VAR(@)" type vlan id $VAR(@) ${opt_e} ${opt_in}
+ if ! sudo ip link add link $VAR(../@) name "$VAR(../@).$VAR(@)" type vlan id $VAR(@) ${opt_e} ${opt_in}
then echo "Error creating VLAN device $VAR(../@).$VAR(@)"
exit 1
fi
# if parent is up, then bring VLAN up
if [ $(( $(cat /sys/class/net/$VAR(../@)/flags) & 1 )) -eq 1 ]
- then ip link set "$VAR(../@).$VAR(@)" up
+ then sudo ip link set "$VAR(../@).$VAR(@)" up
fi
/opt/vyatta/sbin/vyatta-link-detect "$VAR(../@).$VAR(@)" on
delete: [ -d /sys/class/net/$VAR(../@).$VAR(@) ] || exit 0
- ip link delete dev "$VAR(../@).$VAR(@)" type vlan id $VAR(@)
+ sudo ip link delete dev "$VAR(../@).$VAR(@)" type vlan id $VAR(@)
diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/disable/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/disable/node.def
index e9943645..12db6a98 100644
--- a/templates/interfaces/ethernet/node.tag/vif/node.tag/disable/node.def
+++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/disable/node.def
@@ -1,11 +1,11 @@
help: Disable interface
update: /etc/netplug/linkdown.d/dhclient $VAR(../../@).$VAR(../@)
- if ! ip link set $VAR(../../@).$VAR(../@) down 2>/dev/null; then
+ if ! sudo ip link set $VAR(../../@).$VAR(../@) down 2>/dev/null; then
echo "Error disabling dev $VAR(../../@).$VAR(../@)"
/etc/netplug/linkup.d/dhclient $VAR(../../@).$VAR(../@)
exit 1
fi
-delete: if ! ip link set $VAR(../../@).$VAR(../@) up; then
+delete: if ! sudo ip link set $VAR(../../@).$VAR(../@) up; then
echo "Error enabling dev $VAR(../../@).$VAR(../@)"
exit 1
fi
diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/mtu/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/mtu/node.def
index d6151dcb..b3f3e7c7 100644
--- a/templates/interfaces/ethernet/node.tag/vif/node.tag/mtu/node.def
+++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/mtu/node.def
@@ -4,6 +4,6 @@ help: Maximum Transmission Unit (MTU)
val_help: u32:68-9000; Maximum Transmission Unit (MTU)
syntax:expression: $VAR(@) >= 68 && $VAR(@) <= 9000; "MTU must be between 68 and 9000"
-update: ip link set $VAR(../../@).$VAR(../@) mtu $VAR(@)
+update: sudo ip link set $VAR(../../@).$VAR(../@) mtu $VAR(@)
delete: [ -d /sys/class/net/$VAR(../../@).$VAR(../@) ] || exit 0
- ip link set $VAR(../../@).$VAR(../@) mtu 1500
+ sudo ip link set $VAR(../../@).$VAR(../@) mtu 1500
diff --git a/templates/interfaces/l2tpv3/node.def b/templates/interfaces/l2tpv3/node.def
index 973256bf..6a1109b2 100644
--- a/templates/interfaces/l2tpv3/node.def
+++ b/templates/interfaces/l2tpv3/node.def
@@ -33,24 +33,24 @@ begin:
fi
create:
- ip l2tp add tunnel tunnel_id $VAR(./tunnel-id/@) \
+ sudo ip l2tp add tunnel tunnel_id $VAR(./tunnel-id/@) \
peer_tunnel_id $VAR(./peer-tunnel-id/@) \
udp_sport $VAR(./source-port/@) \
udp_dport $VAR(./destination-port/@) \
encap $VAR(./encapsulation/@) \
local $VAR(./local-ip/@) \
remote $VAR(./remote-ip/@)
- ip l2tp add session session_id $VAR(./session-id/@) \
+ sudo ip l2tp add session session_id $VAR(./session-id/@) \
tunnel_id $VAR(./tunnel-id/@) \
peer_session_id $VAR(./peer-session-id/@) \
name $VAR(@)
- ip link set $VAR(@) up
+ sudo ip link set $VAR(@) up
delete:
- ip link set $VAR(@) down
+ sudo ip link set $VAR(@) down
if [ -n "$VAR(./tunnel-id/@)" ] && [ -n "$VAR(./session-id/@)" ] ; then
- ip l2tp del session tunnel_id $VAR(./tunnel-id/@) session_id $VAR(./session-id/@)
+ sudo ip l2tp del session tunnel_id $VAR(./tunnel-id/@) session_id $VAR(./session-id/@)
fi
if [ -n "$VAR(./tunnel-id/@)" ] ; then
- ip l2tp del tunnel tunnel_id $VAR(./tunnel-id/@)
+ sudo ip l2tp del tunnel tunnel_id $VAR(./tunnel-id/@)
fi
diff --git a/templates/interfaces/l2tpv3/node.tag/disable/node.def b/templates/interfaces/l2tpv3/node.tag/disable/node.def
index 26199646..8c580c95 100644
--- a/templates/interfaces/l2tpv3/node.tag/disable/node.def
+++ b/templates/interfaces/l2tpv3/node.tag/disable/node.def
@@ -1,4 +1,4 @@
help: Disable interface
-update: ip link set $VAR(../@) down
+update: sudo ip link set $VAR(../@) down
-delete: ip link set $VAR(../@) up
+delete: sudo ip link set $VAR(../@) up
diff --git a/templates/interfaces/l2tpv3/node.tag/mtu/node.def b/templates/interfaces/l2tpv3/node.tag/mtu/node.def
index 2190d183..71d2a12f 100644
--- a/templates/interfaces/l2tpv3/node.tag/mtu/node.def
+++ b/templates/interfaces/l2tpv3/node.tag/mtu/node.def
@@ -6,9 +6,9 @@ val_help: u32:68-9000; Maximum Transmission Unit (MTU)
update:
if [ -d /sys/class/net/$VAR(../@) ] ; then
- ip link set $VAR(../@) mtu $VAR(@)
+ sudo ip link set $VAR(../@) mtu $VAR(@)
fi
delete:
if [ -d /sys/class/net/$VAR(../@) ] ; then
- ip link set $VAR(../@) mtu 1488
+ sudo ip link set $VAR(../@) mtu 1488
fi
diff --git a/templates/interfaces/loopback/node.def b/templates/interfaces/loopback/node.def
index 6e4e2002..69778aad 100644
--- a/templates/interfaces/loopback/node.def
+++ b/templates/interfaces/loopback/node.def
@@ -8,4 +8,4 @@ val_help: lo: Loopback interface name
syntax:expression: exec \
"/opt/vyatta/sbin/vyatta-interfaces.pl --dev=$VAR(@) --check=loopback"
allowed: /opt/vyatta/sbin/vyatta-interfaces.pl --show=loopback
-create: ip link set $VAR(@) up
+create: sudo ip link set $VAR(@) up
diff --git a/templates/interfaces/pseudo-ethernet/node.def b/templates/interfaces/pseudo-ethernet/node.def
index 00e54055..14fe64aa 100644
--- a/templates/interfaces/pseudo-ethernet/node.def
+++ b/templates/interfaces/pseudo-ethernet/node.def
@@ -10,10 +10,10 @@ syntax:expression: pattern $VAR(@) "^peth[0-9]+$" \
commit:expression: $VAR(link) != ""
; "link device must be set for virtual ethernet $VAR(@)"
-create: ip link add $VAR(@) link $VAR(link/@) type macvlan mode $VAR(mode/@) || exit 1
+create: sudo ip link add $VAR(@) link $VAR(link/@) type macvlan mode $VAR(mode/@) || exit 1
if ! cli-shell-api exists interfaces ethernet $VAR(@) disable;
- then ip link set $VAR(@) up
+ then sudo ip link set $VAR(@) up
fi
/opt/vyatta/sbin/vyatta-link-detect $VAR(@) on
-delete: ip link delete dev $VAR(@) type macvlan
+delete: sudo ip link delete dev $VAR(@) type macvlan
diff --git a/templates/interfaces/pseudo-ethernet/node.tag/disable/node.def b/templates/interfaces/pseudo-ethernet/node.tag/disable/node.def
index 91c60323..c4bfba77 100644
--- a/templates/interfaces/pseudo-ethernet/node.tag/disable/node.def
+++ b/templates/interfaces/pseudo-ethernet/node.tag/disable/node.def
@@ -5,12 +5,12 @@ create: vif=`/opt/vyatta/sbin/vyatta-interfaces.pl --vif=$VAR(../@) --show=all`
exit 1
fi
/etc/netplug/linkdown.d/dhclient $VAR(../@)
- if ! ip link set $VAR(../@) down 2>/dev/null; then
+ if ! sudo ip link set $VAR(../@) down 2>/dev/null; then
echo "Error disabling dev $VAR(../@)"
/etc/netplug/linkup.d/dhclient $VAR(../@)
exit 1
fi
-delete: if ! ip link set $VAR(../@) up; then
+delete: if ! sudo ip link set $VAR(../@) up; then
echo "Error enabling dev $VAR(../@)"
exit 1
fi
diff --git a/templates/interfaces/pseudo-ethernet/node.tag/mode/node.def b/templates/interfaces/pseudo-ethernet/node.tag/mode/node.def
index 1ab595b0..ed557760 100644
--- a/templates/interfaces/pseudo-ethernet/node.tag/mode/node.def
+++ b/templates/interfaces/pseudo-ethernet/node.tag/mode/node.def
@@ -10,4 +10,4 @@ val_help:vepa: Virtual Ethernet Port Aggregator reflective relay
val_help:bridge: Simple bridge between pseudo-devices
val_help:passthru: Promicious mode passthrough of underlying device
-update: ip link set dev $VAR(../@) type macvlan mode $VAR(@)
+update: sudo ip link set dev $VAR(../@) type macvlan mode $VAR(@)
diff --git a/templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.def b/templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.def
index c4bc9577..0d338c1d 100644
--- a/templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.def
+++ b/templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.def
@@ -9,4 +9,4 @@ delete: ETHERTYPE=`echo "$VAR(ethertype/@)"`
if [ $ETHERTYPE == "0x88A8" ]; then ETHTYPE=802.1ad; fi
if [ $ETHERTYPE == "0x8100" ]; then ETHTYPE=802.1Q; fi
[ -d /sys/class/net/$VAR(../@).$VAR(@) ] || exit 0
- ip link delete dev "$VAR(../@).$VAR(@)" type vlan proto $ETHTYPE id $VAR(@)
+ sudo ip link delete dev "$VAR(../@).$VAR(@)" type vlan proto $ETHTYPE id $VAR(@)
diff --git a/templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/disable/node.def b/templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/disable/node.def
index e9943645..12db6a98 100644
--- a/templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/disable/node.def
+++ b/templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/disable/node.def
@@ -1,11 +1,11 @@
help: Disable interface
update: /etc/netplug/linkdown.d/dhclient $VAR(../../@).$VAR(../@)
- if ! ip link set $VAR(../../@).$VAR(../@) down 2>/dev/null; then
+ if ! sudo ip link set $VAR(../../@).$VAR(../@) down 2>/dev/null; then
echo "Error disabling dev $VAR(../../@).$VAR(../@)"
/etc/netplug/linkup.d/dhclient $VAR(../../@).$VAR(../@)
exit 1
fi
-delete: if ! ip link set $VAR(../../@).$VAR(../@) up; then
+delete: if ! sudo ip link set $VAR(../../@).$VAR(../@) up; then
echo "Error enabling dev $VAR(../../@).$VAR(../@)"
exit 1
fi
diff --git a/templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/ethertype/node.def b/templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/ethertype/node.def
index 9e2d5a54..e88ff7e5 100644
--- a/templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/ethertype/node.def
+++ b/templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/ethertype/node.def
@@ -15,7 +15,7 @@ update: ACTIVEETHTYPE=`cli-shell-api returnActiveValue interfaces pseudo-etherne
ETHERTYPE=`echo "$VAR(@)"`
if [ $ETHERTYPE == "0x88A8" ]; then ETHTYPE=802.1ad; fi
if [ $ETHERTYPE == "0x8100" ]; then ETHTYPE=802.1Q; fi
- ip link delete dev "$VAR(../../@).$VAR(../@)" type vlan proto $ETHTYPE id $VAR(../@) > /dev/null 2>&1
- ip link add link $VAR(../../@) name "$VAR(../../@).$VAR(../@)" type vlan proto $ETHTYPE id $VAR(../@) || exit 1
- ip link set "$VAR(../../@).$VAR(../@)" up
+ sudo ip link delete dev "$VAR(../../@).$VAR(../@)" type vlan proto $ETHTYPE id $VAR(../@) > /dev/null 2>&1
+ sudo ip link add link $VAR(../../@) name "$VAR(../../@).$VAR(../@)" type vlan proto $ETHTYPE id $VAR(../@) || exit 1
+ sudo ip link set "$VAR(../../@).$VAR(../@)" up
/opt/vyatta/sbin/vyatta-link-detect "$VAR(../../@).$VAR(../@)" on
diff --git a/templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/mtu/node.def b/templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/mtu/node.def
index d6151dcb..b3f3e7c7 100644
--- a/templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/mtu/node.def
+++ b/templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/mtu/node.def
@@ -4,6 +4,6 @@ help: Maximum Transmission Unit (MTU)
val_help: u32:68-9000; Maximum Transmission Unit (MTU)
syntax:expression: $VAR(@) >= 68 && $VAR(@) <= 9000; "MTU must be between 68 and 9000"
-update: ip link set $VAR(../../@).$VAR(../@) mtu $VAR(@)
+update: sudo ip link set $VAR(../../@).$VAR(../@) mtu $VAR(@)
delete: [ -d /sys/class/net/$VAR(../../@).$VAR(../@) ] || exit 0
- ip link set $VAR(../../@).$VAR(../@) mtu 1500
+ sudo ip link set $VAR(../../@).$VAR(../@) mtu 1500
diff --git a/templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/vif-c/node.def b/templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/vif-c/node.def
index 5016dd5f..7dfb8a1c 100644
--- a/templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/vif-c/node.def
+++ b/templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/vif-c/node.def
@@ -5,9 +5,9 @@ help: QinQ TAG-C Virtual Local Area Network (VLAN) ID
syntax:expression: $VAR(@) >= 0 && $VAR(@) <= 4094; "VLAN ID must be between 0 and 4094"
val_help: u32:0-4094; VLAN ID
-create: ip link add link $VAR(../../@).$VAR(../@) name "$VAR(../../@).$VAR(../@).$VAR(@)" type vlan proto 802.1q id $VAR(@) || exit 1
- ip link set "$VAR(../../@).$VAR(../@).$VAR(@)" up
+create: sudo ip link add link $VAR(../../@).$VAR(../@) name "$VAR(../../@).$VAR(../@).$VAR(@)" type vlan proto 802.1q id $VAR(@) || exit 1
+ sudo ip link set "$VAR(../../@).$VAR(../@).$VAR(@)" up
/opt/vyatta/sbin/vyatta-link-detect "$VAR(../../@).$VAR(../@).$VAR(@)" on
delete: [ -d /sys/class/net/$VAR(../../@).$VAR(../@).$VAR(@) ] || exit 0
- ip link delete dev "$VAR(../../@).$VAR(../@).$VAR(@)" type vlan proto 802.1q id $VAR(@)
+ sudo ip link delete dev "$VAR(../../@).$VAR(../@).$VAR(@)" type vlan proto 802.1q id $VAR(@)
diff --git a/templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/disable/node.def b/templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/disable/node.def
index 31c5a9b2..7069e9c9 100644
--- a/templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/disable/node.def
+++ b/templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/disable/node.def
@@ -1,11 +1,11 @@
help: Disable interface
update: /etc/netplug/linkdown.d/dhclient $VAR(../../../@).$VAR(../../@).$VAR(../@)
- if ! ip link set $VAR(../../../@).$VAR(../../@).$VAR(../@) down 2>/dev/null; then
+ if ! sudo ip link set $VAR(../../../@).$VAR(../../@).$VAR(../@) down 2>/dev/null; then
echo "Error disabling dev $VAR(../../../@).$VAR(../../@).$VAR(../@)"
/etc/netplug/linkup.d/dhclient $VAR(../../../@).$VAR(../../@).$VAR(../@)
exit 1
fi
-delete: if ! ip link set $VAR(../../../@).$VAR(../../@).$VAR(../@) up; then
+delete: if ! sudo ip link set $VAR(../../../@).$VAR(../../@).$VAR(../@) up; then
echo "Error enabling dev $VAR(../../../@).$VAR(../../@).$VAR(../@)"
exit 1
fi
diff --git a/templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/mtu/node.def b/templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/mtu/node.def
index ca8795ee..264c429b 100644
--- a/templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/mtu/node.def
+++ b/templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/mtu/node.def
@@ -4,6 +4,6 @@ help: Maximum Transmission Unit (MTU)
val_help: u32:68-9000; Maximum Transmission Unit (MTU)
syntax:expression: $VAR(@) >= 68 && $VAR(@) <= 9000; "MTU must be between 68 and 9000"
-update: ip link set $VAR(../../../@).$VAR(../../@).$VAR(../@) mtu $VAR(@)
+update: sudo ip link set $VAR(../../../@).$VAR(../../@).$VAR(../@) mtu $VAR(@)
delete: [ -d /sys/class/net/$VAR(../../../@).$VAR(../../@).$VAR(../@) ] || exit 0
- ip link set $VAR(../../../@).$VAR(../../@).$VAR(../@) mtu 1500
+ sudo ip link set $VAR(../../../@).$VAR(../../@).$VAR(../@) mtu 1500
diff --git a/templates/interfaces/pseudo-ethernet/node.tag/vif/node.def b/templates/interfaces/pseudo-ethernet/node.tag/vif/node.def
index 2c73ca16..d66c2fbe 100644
--- a/templates/interfaces/pseudo-ethernet/node.tag/vif/node.def
+++ b/templates/interfaces/pseudo-ethernet/node.tag/vif/node.def
@@ -5,9 +5,9 @@ help: Virtual Local Area Network (VLAN) ID
syntax:expression: $VAR(@) >= 0 && $VAR(@) <= 4094; "VLAN ID must be between 0 and 4094"
val_help: u32:0-4094; VLAN ID
-create: ip link add link $VAR(../@) name "$VAR(../@).$VAR(@)" type vlan id $VAR(@) || exit 1
- ip link set "$VAR(../@).$VAR(@)" up
+create: sudo ip link add link $VAR(../@) name "$VAR(../@).$VAR(@)" type vlan id $VAR(@) || exit 1
+ sudo ip link set "$VAR(../@).$VAR(@)" up
/opt/vyatta/sbin/vyatta-link-detect "$VAR(../@).$VAR(@)" on
delete: [ -d /sys/class/net/$VAR(../@).$VAR(@) ] || exit 0
- ip link delete dev "$VAR(../@).$VAR(@)" type vlan id $VAR(@)
+ sudo ip link delete dev "$VAR(../@).$VAR(@)" type vlan id $VAR(@)
diff --git a/templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/disable/node.def b/templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/disable/node.def
index e9943645..12db6a98 100644
--- a/templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/disable/node.def
+++ b/templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/disable/node.def
@@ -1,11 +1,11 @@
help: Disable interface
update: /etc/netplug/linkdown.d/dhclient $VAR(../../@).$VAR(../@)
- if ! ip link set $VAR(../../@).$VAR(../@) down 2>/dev/null; then
+ if ! sudo ip link set $VAR(../../@).$VAR(../@) down 2>/dev/null; then
echo "Error disabling dev $VAR(../../@).$VAR(../@)"
/etc/netplug/linkup.d/dhclient $VAR(../../@).$VAR(../@)
exit 1
fi
-delete: if ! ip link set $VAR(../../@).$VAR(../@) up; then
+delete: if ! sudo ip link set $VAR(../../@).$VAR(../@) up; then
echo "Error enabling dev $VAR(../../@).$VAR(../@)"
exit 1
fi
diff --git a/templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/mtu/node.def b/templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/mtu/node.def
index d6151dcb..b3f3e7c7 100644
--- a/templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/mtu/node.def
+++ b/templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/mtu/node.def
@@ -4,6 +4,6 @@ help: Maximum Transmission Unit (MTU)
val_help: u32:68-9000; Maximum Transmission Unit (MTU)
syntax:expression: $VAR(@) >= 68 && $VAR(@) <= 9000; "MTU must be between 68 and 9000"
-update: ip link set $VAR(../../@).$VAR(../@) mtu $VAR(@)
+update: sudo ip link set $VAR(../../@).$VAR(../@) mtu $VAR(@)
delete: [ -d /sys/class/net/$VAR(../../@).$VAR(../@) ] || exit 0
- ip link set $VAR(../../@).$VAR(../@) mtu 1500
+ sudo ip link set $VAR(../../@).$VAR(../@) mtu 1500
diff --git a/templates/interfaces/tunnel/node.def b/templates/interfaces/tunnel/node.def
index 9c946091..c6e3b447 100644
--- a/templates/interfaces/tunnel/node.def
+++ b/templates/interfaces/tunnel/node.def
@@ -81,7 +81,7 @@ create:
echo "interfaces tunnel $VAR(@): error creating tunnel interface"
;;
"ipip6" | "ip6ip6")
- ip -6 tunnel add $VAR(@) local $LIP remote $VAR(./remote-ip/@) mode $VAR(./encapsulation/@) ||
+ sudo ip -6 tunnel add $VAR(@) local $LIP remote $VAR(./remote-ip/@) mode $VAR(./encapsulation/@) ||
echo "interfaces tunnel $VAR(@): error creating tunnel interface"
;;
esac
diff --git a/templates/interfaces/tunnel/node.tag/parameters/ip/tos/node.def b/templates/interfaces/tunnel/node.tag/parameters/ip/tos/node.def
index c784e512..83f1ac62 100644
--- a/templates/interfaces/tunnel/node.tag/parameters/ip/tos/node.def
+++ b/templates/interfaces/tunnel/node.tag/parameters/ip/tos/node.def
@@ -6,5 +6,5 @@ val_help: u32:0-99; Type Of Service (TOS)
commit:expression: $VAR(../../../encapsulation/@) in "gre", "sit", "ipip" ; \
"tunnel encapsulation must be GRE, SIT or IPIP"
-update: ip tunnel change $VAR(../../../@) tos $VAR(@)
-delete: ip tunnel change $VAR(../../../@) tos inherit
+update: sudo ip tunnel change $VAR(../../../@) tos $VAR(@)
+delete: sudo ip tunnel change $VAR(../../../@) tos inherit
diff --git a/templates/interfaces/vti/node.def b/templates/interfaces/vti/node.def
index 0b369f82..5e8adb07 100644
--- a/templates/interfaces/vti/node.def
+++ b/templates/interfaces/vti/node.def
@@ -24,8 +24,8 @@ fi
delete:
if [ -d /sys/class/net/$VAR(@) ] ; then
- ip link set $VAR(@) down
- ip tunnel del $VAR(@) mode ipip
+ sudo ip link set $VAR(@) down
+ sudo ip tunnel del $VAR(@) mode ipip
fi
end:
diff --git a/templates/interfaces/vti/node.tag/disable/node.def b/templates/interfaces/vti/node.tag/disable/node.def
index 47600765..32fa4460 100644
--- a/templates/interfaces/vti/node.tag/disable/node.def
+++ b/templates/interfaces/vti/node.tag/disable/node.def
@@ -1,10 +1,10 @@
help: Disable interface
update:
if [ -d /sys/class/net/$VAR(../@) ] ; then
- ip link set $VAR(../@) down
+ sudo ip link set $VAR(../@) down
fi
delete:
if [ -d /sys/class/net/$VAR(../@) ] ; then
- ip link set $VAR(../@) up
+ sudo ip link set $VAR(../@) up
fi
diff --git a/templates/interfaces/vti/node.tag/mtu/node.def b/templates/interfaces/vti/node.tag/mtu/node.def
index 0ac0ed2f..fc6ecfab 100644
--- a/templates/interfaces/vti/node.tag/mtu/node.def
+++ b/templates/interfaces/vti/node.tag/mtu/node.def
@@ -6,9 +6,9 @@ val_help: u32:68-9000; Maximum Transmission Unit (MTU)
update:
if [ -d /sys/class/net/$VAR(../@) ] ; then
- ip link set $VAR(../@) mtu $VAR(@)
+ sudo ip link set $VAR(../@) mtu $VAR(@)
fi
delete:
if [ -d /sys/class/net/$VAR(../@) ] ; then
- ip link set $VAR(../@) mtu 1500
+ sudo ip link set $VAR(../@) mtu 1500
fi
diff --git a/templates/interfaces/vxlan/node.def b/templates/interfaces/vxlan/node.def
index 150fe3ec..0a3db8cc 100644
--- a/templates/interfaces/vxlan/node.def
+++ b/templates/interfaces/vxlan/node.def
@@ -39,9 +39,9 @@ create:
exit 1
fi
- ip link add name $VAR(@) type vxlan \
+ sudo ip link add name $VAR(@) type vxlan \
$VXLAN_VNI $VXLAN_GROUP $VXLAN_TTL $VXLAN_DEV
- ip link set $VAR(@) up
+ sudo ip link set $VAR(@) up
touch /tmp/vxlan-$VAR(@)-create
@@ -50,7 +50,7 @@ delete:
if [ ! -e /sys/class/net/$VAR(@) ]; then
echo "VXLAN interface \"$VAR(@)\" does not exist."
else
- ip link del dev $VAR(@)
+ sudo ip link del dev $VAR(@)
fi
diff --git a/templates/interfaces/vxlan/node.tag/mtu/node.def b/templates/interfaces/vxlan/node.tag/mtu/node.def
index c9fbc76f..2d01db91 100644
--- a/templates/interfaces/vxlan/node.tag/mtu/node.def
+++ b/templates/interfaces/vxlan/node.tag/mtu/node.def
@@ -6,9 +6,9 @@ val_help: u32:68-9000; Maximum Transmission Unit (MTU)
update:
if [ -d /sys/class/net/$VAR(../@) ] ; then
- ip link set $VAR(../@) mtu $VAR(@)
+ sudo ip link set $VAR(../@) mtu $VAR(@)
fi
delete:
if [ -d /sys/class/net/$VAR(../@) ] ; then
- ip link set $VAR(../@) mtu 1500
+ sudo ip link set $VAR(../@) mtu 1500
fi