| Age | Commit message (Collapse) | Author |
|---|
|
When NTP is configured on the system, it not only acts as a client
for the configured servers, but also as a server. Although the server
is only available as a time source, it still represents a service that
the user hasn't specifically enabled.
This commit sets the default configuration of NTP to disallow all
external access, so the system acts purely as a client by default, and
also introduces the ability to configure which addresses / subnets are
allowed to both query and use it as a time source. If the servers
configured are specified as host names, these are resolved to IP
addresses before being added to ntp.conf, with the same process carried
out after name server changes.
syntax 'set system ntp client address'
Bug #94 http://bugzilla.vyos.net/show_bug.cgi?id=94
|
|
|
|
If radvd is not running, the pgrep command returns an empty string, not zero.
Reported-by Carl Byington <vyos-bug@five-ten-sg.com>
|
|
Remove the default value for the console speed node as this is already
set by the system. Update the help text to display the defaults for
both serial and Xen consoles.
|
|
Bug #391: Expose rsyslog log level 'all' in CLI
|
|
|
|
Fix Bug#382 Removing system ipv6 forwarding causes script error.
|
|
|
|
|
|
|
|
|
|
Remove the comment from the plaintext-password node regarding empty
encrypted password values as you can't set them as empty.
|
|
You can't create a user without a password, but once this user is
created, you can then delete the encrypted password. However, deleting
the encrypted password from the config doesn't actually remove the
password on the system and in addition breaks the config on reboot,
resulting in the system login node being entirely absent.
This fix ensures that the encrypted password is set to "!" when the
config node is deleted, removing the password login capability for this
account but still allowing SSH RSA key login.
Bug #336 http://bugzilla.vyos.net/show_bug.cgi?id=336
|
|
Rename allow-dhcp-nameservers to disable-dhcp-nameservers and update
the logic to take the new meaning into account. The option is now also
typeless, so the node is either absent (default) or present (enabled).
Format 'set / delete system disable-dhcp-nameservers'
Linked to Bug #182 and Bug #308
Bug #314 http://bugzilla.vyos.net/show_bug.cgi?id=314
|
|
Expand the logic in 'set system allow-dhcp-nameservers', so that in
addition to either allowing / denying DHCP related updates to
resolv.conf when the interface changes state, it will also either
add or remove the currently supplied DHCP name-servers depending on
it's state. This change in name-servers will take place immediately
on commit.
Bug #309 http://bugzilla.vyos.net/show_bug.cgi?id=309
|
|
Instead of simply allowing / denying DHCP related updates to resolv.conf
based on the current values of 'set system name-server', as initially
proposed for Bug #182 (http://bugzilla.vyos.net/show_bug.cgi?id=182),
this patch replaces that behaviour with a global option to allow /
deny these updates.
Add 'set system allow-dhcp-nameservers' as a boolean value that has the
default value of true, so allowing DHCP nameserver updates by default.
Bug #308 http://bugzilla.vyos.net/show_bug.cgi?id=308
|
|
If we call it "action", it should be a verb, and if the verb is "disable",
what does it disable? :)
|
|
|
|
See VyOS bug 195 for more information about the feature request.
|
|
|
|
|
|
This new configuration option allows the user to specify
what action to take on ctrl-alt-delete: disable, reboot
or poweroff. By default ctrl-alt-delete-action is set
to disable.
The ctrl-alt-delete action is configured in /etc/inittab.
|
|
|
|
correctness.
|
|
Signed-off-by: Daniil Baturin <daniil@baturin.org>
|
|
|
|
|
|
Bug 8829
|
|
Currently only restart rsyslog but more can be added as needed.
Fixes bug 8237.
|
|
Also increase the max allowed value to 32768.
|
|
|
|
|
|
|
|
Fix password change script save function to work as it does in
vyattacfg.
Fix empty substitution on 'plaintext-password ""' causing script error.
|
|
logrotate needs the create config option so that it keeps the
original log file's permissions and ownership.
Fixes bug 8240
|
|
Don't allow default password to persist after first boot.
Due to the numerous ways a user can get a vyatta system this required
a lot of changes.
1. Don't allow a user to set a password to 'vyatta' after first login,
but allow it on the initial boot otherwise the system will have no
user.
2. Don't allow the password to be set to vyatta in installer.
3. Force password change on first login. under the following
conditions:
3.a. User is an admin level user. Operators do not have the abillity
to change the config so they can't change passwords. Allow 'vyatta' to
be the password until an admin logs in.
3.b. This is not the livecd, its silly to force a password change
before install.
|
|
Without this change the system log daemon does not notice the
time-zone change and continues to timestamp logs using the previous
time-zone.
Fixes BZ6694
|
|
|
|
Bug 7724 related.
|
|
The previous implementation of log rotation used an hourly cron job to
check log file size and possibly perform a rotation. If the logging
rate is high, this interval may allow for root file system space
exhustion.
Utilizing rsyslog's outchannel mechanism enables log rotation to be
initiated as soon as the log file becomes larger than its configured
size.
Fixes Bug 7807.
|
|
Bug 6883
This enhancement adds ability to configure one or more network consoles.
A network console sends a copy of all console messages over UDP.
Each target can be configured with local, remote and interface.
The only required parameter is the interface name.
The local and remote ports both have default values, and by
default traffic is sent as broadcast.
For more information see kernel:
Documentation/networking/netconsole.txt
Configuration example:
device ttyS0 {
speed 9600
}
network netcon0 {
interface eth0
remote {
address 192.168.91.1
}
}
|
|
|
|
(cherry picked from commit 11baf27c6caf1a0edf2b993fb7066227d02eab7b)
|
|
(cherry picked from commit edf507d5be8061475d00c0cb3278f7cdd8ae844a)
|
|
Bug 7024
|
|
|
|
|
|
|
|
Bug 6243
More complete validation of host name and domain name
|
|
Bugfix 6781
|
