Age | Commit message (Collapse) | Author |
|
- Check if installing on AWS EC2 platform via instance metadata.
- Configure GRUB correctly, so that boot messages are available
via instance's console.
- Add init.d script to fetch user's EC2 public key during boot.
|
|
The SSH blacklists were committed 5 years ago and the
original contributor does not recall why they were added.
|
|
|
|
|
|
SNMP-135 store SNMP superuser password to config file
SNMP-130 add engineId for trap-target
SNMP-134 use 'stop' and 'start' instead of 'restart'
SNMP-141 change engineID syntax checking
SNMP-136 Users are lost after changing TSM port
SNMP-149 TLS Error: Permission denied
SNMP-147 Not correct priority in TSM users
SNMP-148 Configuring already use port for TSM is destroying users.
SNMP-151 Errors in logs after first snmp configuration
SNMP-152 Hide 'No such file or directory' error message
SNMP-153 Debug messages after 'delete service snmp'
SNMP-157 Run Perltidy for all Perl scripts
SNMP-158 change syntax of trap-target engineID
SNMP-163: added script to check name, apply it for user, group and view names
SNMP-161 Faulty configuration with many trap-target
SNMP-160 Look for TSM keys in /config folder
SNMP-162 CLI permit not correct oid
SNMP-163: typo in script
SNMP-160 Look for TSM keys in /config folder
SNMP-163: added support of upper case for names in the script
SNMP-163: create rule for names, permit only a-zA-Z0-9
SNMP-163: typo
|
|
|
|
|
|
|
|
|
|
Don't allow default password to persist after first boot.
Due to the numerous ways a user can get a vyatta system this required
a lot of changes.
1. Don't allow a user to set a password to 'vyatta' after first login,
but allow it on the initial boot otherwise the system will have no
user.
2. Don't allow the password to be set to vyatta in installer.
3. Force password change on first login. under the following
conditions:
3.a. User is an admin level user. Operators do not have the abillity
to change the config so they can't change passwords. Allow 'vyatta' to
be the password until an admin logs in.
3.b. This is not the livecd, its silly to force a password change
before install.
|
|
Bug 6576
|
|
Bug 8279
Put prefix table in /opt/vyatta/etc/netdevice
|
|
|
|
|
|
The previous implementation of log rotation used an hourly cron job to
check log file size and possibly perform a rotation. If the logging
rate is high, this interval may allow for root file system space
exhustion.
Utilizing rsyslog's outchannel mechanism enables log rotation to be
initiated as soon as the log file becomes larger than its configured
size.
Fixes Bug 7807.
|
|
Bug 6916
Rather than editing /etc/sudoers which can lead to package conflicts,
put Vyatta specific changes into a separate file.
|
|
|
|
|
|
* added /config/scripts/vyatta-postconfig-bootup.script that gets called from
/etc/rc.local. Users/Support can put in any workarounds in the script for
unfixed bugs and enhancements that are not in Vyatta yet. Placing the
script under /config makes sure that changes to the script will be
preserved for the new image
|
|
This script executes scripts lying in the following directory:
/opt/vyatta/bin/sudo-users/check-params-on-reboot.d
Scripts in check-params-on-reboot.d are intended for parameters
that require a reboot to take effect after they are set/changed.
Because of the reboot requirement, underlying value and related
config paramter value can become out-of-sync in couple of cases:
1. change parameter value, don't save config, reboot. Underlying
value is different than the value in config file.
2. install new image; when new image boots, underlying value is
the default Vyatta shipped value not the value in config file.
More info: http://bugzilla.vyatta.com/show_bug.cgi?id=6915#c1
This check-in also adds ipv6_disable_blacklist script in
check-params-on-reboot.d to fix the above mentioned problem
for 'system ipv6 disable' and 'system ipv6 blacklist'
|
|
to push users towards putting scripts in /config/scripts
|
|
Bug 6243
More complete validation of host name and domain name
|
|
The net-snmp has snmpd.init script which is installed in standard
place. Invoke it with standard mechanism to avoid any security or
other problems. Also allows debugging snmpd by changing /etc/default/snmp.
|
|
Previously, log file rotation was checked by cron daily. Some log
file -- such as those generated by PPP -- can grow rapidly. Such
infrequent checking can lead to running out of disk space on systems
with small disk drives or flash storage. This change checks for
rotation hourly.
|
|
If cpufrequtils is installed, then want the default to be full performance.
|
|
Avoid the overhead of perl compilation of vyatta-interfaces for each
address added. Handle the case of deleting address on deleted device
cleanly.
Clean up dhcpv6 script so it can be used on interfaces other
than ethernet.
|
|
These are new C language utilites to replace the Perl utility
when checking interface addresses. Perl compilation is major component
of slow boot time.
Note: this changes the package from pure scripts (arch independent)
to arch dependent
|
|
Need to leave gre0 around for case of multiple tunnels
|
|
Consolidate bridge port management into a single perl script.
Done to fix the following bug.
Bug 4745
Don't allow interface with address to be added to bridge.
|
|
Replace old script with new cleaner script that handles both
IRQ affinity and Receive Packet Steering. Instead of two scripts
(one for mask and one for auto), do it all with one script.
Receive Packet Steering is supported in two ways.
If 'auto' is used, then both threads on HT system will be
used for receive processing.
If explicit mask is given, then two masks can be used to set
both IRQ cpus and RPS cpus.
|
|
New script to produce ifAlias information from sysfs.
|
|
|
|
mendocino
|
|
|
|
Use existing config parser and perl to handle udev device naming.
Do renaming early in udev boot, and fixup config file later.
This avoids rescanning udev devices on boot and adds preliminary
support for hotplug.
|
|
|
|
|
|
Allows starting NTP server once at boot speeding up boot time
and allows specifying some NTP server options
|
|
This fixes case where rsyslog finds no targets on boot
|
|
mendocino
|
|
Configuration file is /etc/rsyslog.conf and it is supports
directory of include parameters so do not need to edit
rsyslog.conf directly
|
|
|
|
Udev rules have moved from /etc/udev to /lib/udev on Debian Squeeze
|
|
|
|
|
|
This sets file capability attributes during package
installation (and build) to allow better security models.
|
|
|
|
* fix this for eth, eth.vif, bond, bond.vif interfaces
* also, bridge-group code for bonding interfaces wasn't changed
with commit ec080f99 that re-strucutred bridging code in eth and
eth.vifs to fix bug 4708. bridge-group code for bond and bond.vif
interfaces is now similar to the fix for 4708
|
|
All interface related files are in vyatta-cfg-system package.
|
|
Fix help text (Bug 5254) and allow IPV6 static mapping (Bug 5298)
|