5 files changed, 72 insertions, 40 deletions
diff --git a/debian/changelog b/debian/changelog
index 4a8e3213..49a1b4cd 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,29 @@
+vyatta-cfg-system (0.20.43+vyos1+helium5) unstable; urgency=low
+
+  [ James Davidson ]
+  * Support and switch to overlayfs
+
+  [ Kim Hagen ]
+  * Add fuse group for admin users so /dev/fuse is accessible and
+
+  [ hydrajump ]
+  * Remove trailing whitespace
+  * Add support for installing a new image on the Amazon AMI
+  * Fix AWS EC2 AMI support
+  * Revert to state before add-aws-ami-support
+  * Fix to enable ec2-fetch-ssh-public-key init script
+
+  [ neutralrockets ]
+  * Add support for ciphers and macs override in ssh
+
+  [ Kim Hagen ]
+  * Bug #239 - Getting the version number by using dpkg will not work
+    when upgrading to newer version of debian.
+
+  [ Daniil Baturin ]
+
+ -- Daniil Baturin <daniil@baturin.org>  Mon, 16 Jun 2014 13:00:08 +0200
+
 vyatta-cfg-system (0.20.43+vyos1+helium4) unstable; urgency=low
 
   [ hydrajump ]
diff --git a/debian/vyatta-cfg-system.postinst.in b/debian/vyatta-cfg-system.postinst.in
index a89ef711..fde99041 100755
--- a/debian/vyatta-cfg-system.postinst.in
+++ b/debian/vyatta-cfg-system.postinst.in
@@ -211,14 +211,6 @@ done
 # add vyatta-config-reboot-params to start at boot up
 update-rc.d vyatta-config-reboot-params start 20 S
 
-# Enable ec2-fetch-ssh-public-key init script
-if [ -f "$sysconfdir"/config/.aws ]; then
-  insserv ec2-fetch-ssh-public-key --default
-
-  # Remove temp. file from install-image-existing L50
-  rm "$sysconfdir"/config/.aws
-fi
-
 # Local Variables:
 # mode: shell-script
 # sh-indentation: 4
diff --git a/scripts/install/install-image-existing b/scripts/install/install-image-existing
index b172b6f6..d7f2578b 100755
--- a/scripts/install/install-image-existing
+++ b/scripts/install/install-image-existing
@@ -44,10 +44,8 @@ is_amazon_ec2_ami () {
   if [ -n "$ami_id" ]; then
     echo "Installing on VyOS AMI"
 
-    # Create a temporary file to provide conditional
-    # check for init.d config in
-    # /debian/vyatta-cfg-system.postinst.in L215
-    touch ${INST_ROOT}${VYATTA_CFG_DIR}/.aws
+    # Create init script links for /etc/init.d/ec2-fetch-ssh-public-key
+    chroot $INST_ROOT update-rc.d ec2-fetch-ssh-public-key defaults &>/dev/null
   fi
 }
 
@@ -68,7 +66,7 @@ if [ -z "$CURVER" ]; then
 fi
 
 # get new version string. this is from the squashfs image.
-NEWVER=`dpkg -l --root=${CD_SQUASH_ROOT} | grep "^..  vyatta-version " | awk '{print $3}'`
+NEWVER=`cat ${CD_SQUASH_ROOT}/opt/vyatta/etc/version | grep "Version:" | awk '{print $2,$3}' | sed 's/ /-/g'`
 NEWNAME=$NEWVER
 
 echo -n "What would you like to name this image? [$NEWNAME]: "
@@ -257,39 +255,35 @@ fi
 DEF_GRUB=${INST_ROOT}${vyatta_sysconfdir}/grub/default-union-grub-entry
 if [ -e "$DEF_GRUB" ]; then
   echo "Setting up grub configuration..."
-
-  if is_amazon_ec2_ami; then
-    sed -i '/menuentry/ i\
-  menuentry '"VyOS AMI (HVM) $NEWNAME"' { \
-    linux /boot/'$NEWNAME'/vmlinuz boot=live quiet vyatta-union=/boot/'$NEWNAME' console=ttyS0 \
-    initrd /boot/'$NEWNAME'/initrd.img \
-  } \
-
-  ' $BOOT_DIR/grub/grub.cfg
-
-  else
-    new_index=$(get_grub_index)
-
-    def_grub_vers=/tmp/def_grub.$$
-    cp $DEF_GRUB $def_grub_vers
-    sed -i "s/menuentry \"VyOS.*(/menuentry \"VyOS $NEWNAME (/" $def_grub_vers
-    sed -i "s/menuentry \"Lost password change.*(/menuentry \"Lost password change $NEWNAME (/" $def_grub_vers
-    sed -i "sX/boot/[A-Za-z0-9\.\-]*X/boot/${NEWNAME}Xg" $def_grub_vers
-
-    old_grub_cfg=$BOOT_DIR/grub/grub.cfg
-    new_grub_cfg=/tmp/grub.cfg.$$
-    sed -n '/^menuentry/q;p' $old_grub_cfg >$new_grub_cfg
-    cat $def_grub_vers >> $new_grub_cfg
-    sed -n '/^menuentry/,${p}' $old_grub_cfg >>$new_grub_cfg
-    sed -i "s/^set default=[0-9]\+$/set default=$new_index/" $new_grub_cfg
-    mv $new_grub_cfg $old_grub_cfg
-  fi
+  new_index=$(get_grub_index)
+
+  def_grub_vers=/tmp/def_grub.$$
+  cp $DEF_GRUB $def_grub_vers
+  sed -i "s/menuentry \"VyOS.*(/menuentry \"VyOS $NEWNAME (/" $def_grub_vers
+  sed -i "s/menuentry \"Lost password change.*(/menuentry \"Lost password change $NEWNAME (/" $def_grub_vers
+  sed -i "sX/boot/[A-Za-z0-9\.\-]*X/boot/${NEWNAME}Xg" $def_grub_vers
+
+  old_grub_cfg=$BOOT_DIR/grub/grub.cfg
+  new_grub_cfg=/tmp/grub.cfg.$$
+  sed -n '/^menuentry/q;p' $old_grub_cfg >$new_grub_cfg
+  cat $def_grub_vers >> $new_grub_cfg
+  sed -n '/^menuentry/,${p}' $old_grub_cfg >>$new_grub_cfg
+  sed -i "s/^set default=[0-9]\+$/set default=$new_index/" $new_grub_cfg
+  mv $new_grub_cfg $old_grub_cfg
 
   # Update the default image symlink used by Xen
   if [ -L $BOOT_DIR/%%default_image ]; then
       mv $BOOT_DIR/%%default_image $BOOT_DIR/%%default_image.orig
       ln -s $NEWNAME $BOOT_DIR/%%default_image
   fi
+
+  # Modify grub.cfg for AWS EC2 AMI
+  if is_amazon_ec2_ami; then
+    sed -i "/menuentry \"VyOS $NEWNAME (Serial/{N;N;N;N;d;}" $BOOT_DIR/grub/grub.cfg
+    sed -i "/menuentry \"Lost password change $NEWNAME/{N;N;N;N;d;}" $BOOT_DIR/grub/grub.cfg
+    sed -i "s/VyOS $NEWNAME (KVM console)/VyOS AMI (HVM) $NEWNAME/" $BOOT_DIR/grub/grub.cfg
+    sed -i "s/$NEWNAME console=ttyS0.*/$NEWNAME console=ttyS0/" $BOOT_DIR/grub/grub.cfg
+  fi
 fi
 
 logger -p local3.warning -t "SystemImage" "System Image $NEWNAME has been added and made the default boot image"
diff --git a/templates/service/ssh/ciphers/node.def b/templates/service/ssh/ciphers/node.def
new file mode 100644
index 00000000..0ab5fb8f
--- /dev/null
+++ b/templates/service/ssh/ciphers/node.def
@@ -0,0 +1,10 @@
+type: txt
+help: Specifies the ciphers allowed for protocol version 2.  Multiple ciphers must be comma-separated. See 'man sshd_config' for supported ciphers.
+
+create: sudo sed -i -e '$ a \
+Ciphers $VAR(@)' /etc/ssh/sshd_config
+
+delete: sudo sed -i -e '/^Ciphers $VAR(@)$/d' /etc/ssh/sshd_config
+
+update: sudo sed -i -e '/^Ciphers/c \
+Ciphers $VAR(@)' /etc/ssh/sshd_config
+\ No newline at end of file
diff --git a/templates/service/ssh/macs/node.def b/templates/service/ssh/macs/node.def
new file mode 100644
index 00000000..ee6c60e1
--- /dev/null
+++ b/templates/service/ssh/macs/node.def
@@ -0,0 +1,10 @@
+type: txt
+help: Specifies the available MAC (message authentication code) algorithms. The MAC algorithm is used in protocol version 2 for data integrity protection. Multiple algorithms must be comma-separated. See 'man sshd_config' for supported MACs.
+
+create: sudo sed -i -e '$ a \
+MACs $VAR(@)' /etc/ssh/sshd_config
+
+delete: sudo sed -i -e '/^MACs $VAR(@)$/d' /etc/ssh/sshd_config
+
+update: sudo sed -i -e '/^MACs/c \
+MACs $VAR(@)' /etc/ssh/sshd_config
+\ No newline at end of file