| Age | Commit message (Collapse) | Author |
|---|
|
also prevents additions from failing at commit
|
|
|
|
|
|
|
|
|
|
it does (fixes T553).
|
|
Add ecc support to openssh
|
|
|
|
|
|
|
|
|
|
This reverts commit 593899accdff03af23e6bb6c7189ad4ed05a4d8e.
This commit reintroduced the inability to delete a user configured on
the system, which was resolved in bug #557. Reverting this for the
time being until a better fix can be implemented.
|
|
Prevent the deletion of both the encrypted-password and public-keys
nodes for a user, ensuring that at least one of the methods is
available. Also prevent the deletion of the public keys for a user
if the encrypted password is set to "!".
Bug #574 http://bugzilla.vyos.net/show_bug.cgi?id=574
|
|
The fix for bug #557 now allows the encrypted-password Authentication
node to be deleted again, but this causes the config to fail on reboot,
leaving the user login node empty.
This fix checks for an empty / missing encrypted-password node on
reboot / config reload, either creating a new node or replacing the
existing one and assigning it the value of "!". This has the same
effect as the fix for bug #336, allowing the user to be set as only
using RSA based logins.
Bug #573 http://bugzilla.vyos.net/show_bug.cgi?id=573
|
|
Following the fix for bug #336 that prevents the deletion of the
encrypted password, which resulted in a broken config node on reboot,
it was no longer possible to delete users. This reverts the fix for
that bug.
Bug #557 http://bugzilla.vyos.net/show_bug.cgi?id=557
|
|
When NTP is configured on the system, it not only acts as a client
for the configured servers, but also as a server. Although the server
is only available as a time source, it still represents a service that
the user hasn't specifically enabled.
This commit sets the default configuration of NTP to disallow all
external access, so the system acts purely as a client by default, and
also introduces the ability to configure which addresses / subnets are
allowed to both query and use it as a time source. If the servers
configured are specified as host names, these are resolved to IP
addresses before being added to ntp.conf, with the same process carried
out after name server changes.
syntax 'set system ntp client address'
Bug #94 http://bugzilla.vyos.net/show_bug.cgi?id=94
|
|
|
|
If radvd is not running, the pgrep command returns an empty string, not zero.
Reported-by Carl Byington <vyos-bug@five-ten-sg.com>
|
|
Remove the default value for the console speed node as this is already
set by the system. Update the help text to display the defaults for
both serial and Xen consoles.
|
|
Bug #391: Expose rsyslog log level 'all' in CLI
|
|
|
|
Fix Bug#382 Removing system ipv6 forwarding causes script error.
|
|
|
|
|
|
|
|
|
|
Remove the comment from the plaintext-password node regarding empty
encrypted password values as you can't set them as empty.
|
|
You can't create a user without a password, but once this user is
created, you can then delete the encrypted password. However, deleting
the encrypted password from the config doesn't actually remove the
password on the system and in addition breaks the config on reboot,
resulting in the system login node being entirely absent.
This fix ensures that the encrypted password is set to "!" when the
config node is deleted, removing the password login capability for this
account but still allowing SSH RSA key login.
Bug #336 http://bugzilla.vyos.net/show_bug.cgi?id=336
|
|
Rename allow-dhcp-nameservers to disable-dhcp-nameservers and update
the logic to take the new meaning into account. The option is now also
typeless, so the node is either absent (default) or present (enabled).
Format 'set / delete system disable-dhcp-nameservers'
Linked to Bug #182 and Bug #308
Bug #314 http://bugzilla.vyos.net/show_bug.cgi?id=314
|
|
Expand the logic in 'set system allow-dhcp-nameservers', so that in
addition to either allowing / denying DHCP related updates to
resolv.conf when the interface changes state, it will also either
add or remove the currently supplied DHCP name-servers depending on
it's state. This change in name-servers will take place immediately
on commit.
Bug #309 http://bugzilla.vyos.net/show_bug.cgi?id=309
|
|
Instead of simply allowing / denying DHCP related updates to resolv.conf
based on the current values of 'set system name-server', as initially
proposed for Bug #182 (http://bugzilla.vyos.net/show_bug.cgi?id=182),
this patch replaces that behaviour with a global option to allow /
deny these updates.
Add 'set system allow-dhcp-nameservers' as a boolean value that has the
default value of true, so allowing DHCP nameserver updates by default.
Bug #308 http://bugzilla.vyos.net/show_bug.cgi?id=308
|
|
If we call it "action", it should be a verb, and if the verb is "disable",
what does it disable? :)
|
|
|
|
See VyOS bug 195 for more information about the feature request.
|
|
|
|
|
|
This new configuration option allows the user to specify
what action to take on ctrl-alt-delete: disable, reboot
or poweroff. By default ctrl-alt-delete-action is set
to disable.
The ctrl-alt-delete action is configured in /etc/inittab.
|
|
|
|
correctness.
|
|
Signed-off-by: Daniil Baturin <daniil@baturin.org>
|
|
|
|
|
|
Bug 8829
|
|
Currently only restart rsyslog but more can be added as needed.
Fixes bug 8237.
|
|
Also increase the max allowed value to 32768.
|
|
|
|
|
|
|
|
Fix password change script save function to work as it does in
vyattacfg.
Fix empty substitution on 'plaintext-password ""' causing script error.
|
|
logrotate needs the create config option so that it keeps the
original log file's permissions and ownership.
Fixes bug 8240
|
