| Age | Commit message (Collapse) | Author |
|---|
|
This reverts commit 593899accdff03af23e6bb6c7189ad4ed05a4d8e.
This commit reintroduced the inability to delete a user configured on
the system, which was resolved in bug #557. Reverting this for the
time being until a better fix can be implemented.
|
|
Prevent the deletion of both the encrypted-password and public-keys
nodes for a user, ensuring that at least one of the methods is
available. Also prevent the deletion of the public keys for a user
if the encrypted password is set to "!".
Bug #574 http://bugzilla.vyos.net/show_bug.cgi?id=574
|
|
|
|
|
|
|
|
|
|
The fix for bug #557 now allows the encrypted-password Authentication
node to be deleted again, but this causes the config to fail on reboot,
leaving the user login node empty.
This fix checks for an empty / missing encrypted-password node on
reboot / config reload, either creating a new node or replacing the
existing one and assigning it the value of "!". This has the same
effect as the fix for bug #336, allowing the user to be set as only
using RSA based logins.
Bug #573 http://bugzilla.vyos.net/show_bug.cgi?id=573
|
|
Following the fix for bug #336 that prevents the deletion of the
encrypted password, which resulted in a broken config node on reboot,
it was no longer possible to delete users. This reverts the fix for
that bug.
Bug #557 http://bugzilla.vyos.net/show_bug.cgi?id=557
|
|
If radvd is not running, the pgrep command returns an empty string, not zero.
Reported-by Carl Byington <vyos-bug@five-ten-sg.com>
|
|
|
|
Remove the comment from the plaintext-password node regarding empty
encrypted password values as you can't set them as empty.
|
|
You can't create a user without a password, but once this user is
created, you can then delete the encrypted password. However, deleting
the encrypted password from the config doesn't actually remove the
password on the system and in addition breaks the config on reboot,
resulting in the system login node being entirely absent.
This fix ensures that the encrypted password is set to "!" when the
config node is deleted, removing the password login capability for this
account but still allowing SSH RSA key login.
Bug #336 http://bugzilla.vyos.net/show_bug.cgi?id=336
|
|
Rename allow-dhcp-nameservers to disable-dhcp-nameservers and update
the logic to take the new meaning into account. The option is now also
typeless, so the node is either absent (default) or present (enabled).
Format 'set / delete system disable-dhcp-nameservers'
Linked to Bug #182 and Bug #308
Bug #314 http://bugzilla.vyos.net/show_bug.cgi?id=314
|
|
Expand the logic in 'set system allow-dhcp-nameservers', so that in
addition to either allowing / denying DHCP related updates to
resolv.conf when the interface changes state, it will also either
add or remove the currently supplied DHCP name-servers depending on
it's state. This change in name-servers will take place immediately
on commit.
Bug #309 http://bugzilla.vyos.net/show_bug.cgi?id=309
|
|
Instead of simply allowing / denying DHCP related updates to resolv.conf
based on the current values of 'set system name-server', as initially
proposed for Bug #182 (http://bugzilla.vyos.net/show_bug.cgi?id=182),
this patch replaces that behaviour with a global option to allow /
deny these updates.
Add 'set system allow-dhcp-nameservers' as a boolean value that has the
default value of true, so allowing DHCP nameserver updates by default.
Bug #308 http://bugzilla.vyos.net/show_bug.cgi?id=308
|
|
If we call it "action", it should be a verb, and if the verb is "disable",
what does it disable? :)
|
|
|
|
See VyOS bug 195 for more information about the feature request.
|
|
|
|
|
|
This new configuration option allows the user to specify
what action to take on ctrl-alt-delete: disable, reboot
or poweroff. By default ctrl-alt-delete-action is set
to disable.
The ctrl-alt-delete action is configured in /etc/inittab.
|
|
|
|
correctness.
|
|
Signed-off-by: Daniil Baturin <daniil@baturin.org>
|
|
|
|
|
|
Bug 8829
|
|
Currently only restart rsyslog but more can be added as needed.
Fixes bug 8237.
|
|
Also increase the max allowed value to 32768.
|
|
|
|
|
|
|
|
Fix password change script save function to work as it does in
vyattacfg.
Fix empty substitution on 'plaintext-password ""' causing script error.
|
|
logrotate needs the create config option so that it keeps the
original log file's permissions and ownership.
Fixes bug 8240
|
|
Don't allow default password to persist after first boot.
Due to the numerous ways a user can get a vyatta system this required
a lot of changes.
1. Don't allow a user to set a password to 'vyatta' after first login,
but allow it on the initial boot otherwise the system will have no
user.
2. Don't allow the password to be set to vyatta in installer.
3. Force password change on first login. under the following
conditions:
3.a. User is an admin level user. Operators do not have the abillity
to change the config so they can't change passwords. Allow 'vyatta' to
be the password until an admin logs in.
3.b. This is not the livecd, its silly to force a password change
before install.
|
|
Without this change the system log daemon does not notice the
time-zone change and continues to timestamp logs using the previous
time-zone.
Fixes BZ6694
|
|
|
|
Bug 7724 related.
|
|
The previous implementation of log rotation used an hourly cron job to
check log file size and possibly perform a rotation. If the logging
rate is high, this interval may allow for root file system space
exhustion.
Utilizing rsyslog's outchannel mechanism enables log rotation to be
initiated as soon as the log file becomes larger than its configured
size.
Fixes Bug 7807.
|
|
Bug 6883
This enhancement adds ability to configure one or more network consoles.
A network console sends a copy of all console messages over UDP.
Each target can be configured with local, remote and interface.
The only required parameter is the interface name.
The local and remote ports both have default values, and by
default traffic is sent as broadcast.
For more information see kernel:
Documentation/networking/netconsole.txt
Configuration example:
device ttyS0 {
speed 9600
}
network netcon0 {
interface eth0
remote {
address 192.168.91.1
}
}
|
|
|
|
(cherry picked from commit 11baf27c6caf1a0edf2b993fb7066227d02eab7b)
|
|
(cherry picked from commit edf507d5be8061475d00c0cb3278f7cdd8ae844a)
|
|
Bug 7024
|
|
|
|
|
|
|
|
Bug 6243
More complete validation of host name and domain name
|
|
Bugfix 6781
|
|
Bug 5185
|
