| Age | Commit message (Collapse) | Author |
|---|
|
Fix build warning on debian testing (more restrictive)
W: vyatta-cfg-system: deprecated-chown-usage postinst:176 'chown -R root.vyattacfg'
|
|
operator.
|
|
(cherry picked from commit 9b0151b1d51617e969807d75b00eed998bf8f294)
|
|
(cherry picked from commit 697affbbcbfaf8b8b253b3ce1a5f312db8069238)
|
|
Don't call 'update-rc.d vyatta-keepalived remove' since we still need to stop
the daemon on shutdown/reboot.
|
|
|
|
The PC speaker driver has changed name, and the sound blacklist
file does not exist in Debian Squeeze. Just remove the steps
from the package install.
|
|
* added /config/scripts/vyatta-postconfig-bootup.script that gets called from
/etc/rc.local. Users/Support can put in any workarounds in the script for
unfixed bugs and enhancements that are not in Vyatta yet. Placing the
script under /config makes sure that changes to the script will be
preserved for the new image
|
|
This script executes scripts lying in the following directory:
/opt/vyatta/bin/sudo-users/check-params-on-reboot.d
Scripts in check-params-on-reboot.d are intended for parameters
that require a reboot to take effect after they are set/changed.
Because of the reboot requirement, underlying value and related
config paramter value can become out-of-sync in couple of cases:
1. change parameter value, don't save config, reboot. Underlying
value is different than the value in config file.
2. install new image; when new image boots, underlying value is
the default Vyatta shipped value not the value in config file.
More info: http://bugzilla.vyatta.com/show_bug.cgi?id=6915#c1
This check-in also adds ipv6_disable_blacklist script in
check-params-on-reboot.d to fix the above mentioned problem
for 'system ipv6 disable' and 'system ipv6 blacklist'
|
|
to push users towards putting scripts in /config/scripts
|
|
Bug 6715
Vyatta configures syslog, and does not use the same files as
Debian (typically). The logrotate file in the distribution assumes there
are files like auth.log etc which Vyatta doesn't have.
|
|
Bug 6705
(cherry picked from commit 00466b9a779647047ce432b971bf8329b2255126)
|
|
(cherry picked from commit d09218920b376f65c69bda2b8b571a7611731463)
|
|
SSH config file is based off of Debian distributed version
which does not have SSH protocol version 1 key path.
|
|
If cpufrequtils is installed, then want the default to be full performance.
|
|
Bug 4970
New CLI control of UseDNS option to sshd_config
set service ssh disable-host-validation
|
|
In Debian Squeeze ethtool is in /sbin
|
|
By default, turn console screenblanking off.
If user wants to enable it, they can use:
set system console powersave
|
|
Configuration file is /etc/rsyslog.conf and it is supports
directory of include parameters so do not need to edit
rsyslog.conf directly
|
|
Udev rules have moved from /etc/udev to /lib/udev on Debian Squeeze
|
|
|
|
|
|
The sound blacklist should be in a seprate file, and check for
entry before creating
|
|
In squeeze, modprobe wants config files named .conf or it will
generate warning.
|
|
For upgrade, don't touch root password.
For new installation, root password is reset during build-iso
Bug 6066
|
|
For serviceablity put core files in /var/core.
But core file will still not be created unless process is running
with permission to write there, and has ulimit permission.
|
|
Unionfs should copyup the xattr automatically, but it doesn't
so use touch to force a copyup before setting attributes.
|
|
|
|
This sets file capability attributes during package
installation (and build) to allow better security models.
|
|
The pam-config mechanism will insert Radius pam module if it is
in /usr/share/pam-configs. Therefore hold off installing file until
Radius really needed.
|
|
|
|
This reverts commit 59cae244d055a7b5ba9de460d3ebbb5700d6ab17.
Don't want to do this this way.
|
|
This sets extended capablities on some common utilities
|
|
* move fix to vyatta-ravpn to make sure init script stays
modified even if xl2tpd gets installed after vyatta-cfg-sytem
during full-upgrade
(cherry picked from commit bdc317666828bad9dac2edef20d3919d943a5e9e)
|
|
Bug 5386
Since vyatta-cfg-system is the place where Vyatta does lots
of busted package fixups; fix xl2tpd init script there.
|
|
The upgrade process doesn't always remove old vyatta-ofr init script
|
|
Bug 5301
Need to setup sshd_config during install to allow configure later
|
|
Instead of white-listing special system users, just go with the
Debian policy that all users with uid < 1000 are system accounts
|
|
|
|
|
|
Bug 5252
The boot script needs to restore default settings, and the
templates are then used to enable root access.
|
|
1. Move vyatta-sysctl.conf from rl-system.init to procps
This makes configuration happen early (before networking)
2. Do IPV6 configuration for address_flush in rl-system.init
(after IPV6 is loaded)
3. Cleanup shell code for ipv6_params:
* no sudo needed in startup scripts
* use cleaner iteration
|
|
/usr/sbin/dpkg-reconfigure
|
|
The vyatta administrator needs to use Vyatta tools to change account
password. Bug 4927
|
|
The file is protected-user (not protected-users) and it is already
installed.
|
|
This makes sure there is no working password for user root in ISO.
|
|
Breaks setup of account during install. Useradd calls passwd.
|
|
Bug 4927
This blocks user from changing fields in password file.
Note: adding removing users is not allowed unless user is root,
but then all bets are off anyway.
|
|
Warning:
cp '/opt/vyatta/etc/level' and '/opt/vyatta/etc/level' are the same file
|
|
See http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=412989
The udev scripts expect user tss, but it isn't there.
For Vyatta, just create it; debian developers can't agree on proper
fix!
|
