From 7ddab704b12dc447a2d8e2acb9178a0d90f63b78 Mon Sep 17 00:00:00 2001
From: Christian Poessinger <christian@poessinger.com>
Date: Sat, 9 Dec 2017 15:28:24 +0100
Subject: T414: Remove 'telnet' service

Telnet remote logins have been deprecated for decades. As Debian
'jessie' busybox no longer has a telnetd applet, this service is no
longer available.
---
 Makefile.am                                      |  1 -
 debian/changelog                                 |  6 ++
 scripts/system/vyatta_update_telnet              | 84 ------------------------
 templates/service/telnet/allow-root/node.def     |  3 -
 templates/service/telnet/listen-address/node.def |  7 --
 templates/service/telnet/node.def                |  8 ---
 templates/service/telnet/port/node.def           |  9 ---
 7 files changed, 6 insertions(+), 112 deletions(-)
 delete mode 100755 scripts/system/vyatta_update_telnet
 delete mode 100644 templates/service/telnet/allow-root/node.def
 delete mode 100644 templates/service/telnet/listen-address/node.def
 delete mode 100644 templates/service/telnet/node.def
 delete mode 100644 templates/service/telnet/port/node.def

diff --git a/Makefile.am b/Makefile.am
index 169df296..9dfc957c 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -56,7 +56,6 @@ sbin_SCRIPTS += scripts/system/vyatta_update_sysctl.pl
 sbin_SCRIPTS += scripts/system/vyatta_update_syslog.pl
 sbin_SCRIPTS += scripts/system/vyatta_update_console.pl
 sbin_SCRIPTS += scripts/system/vyatta_update_ntp.pl
-sbin_SCRIPTS += scripts/system/vyatta_update_telnet
 sbin_SCRIPTS += scripts/system/irq-affinity.pl
 sbin_SCRIPTS += scripts/snmp/vyatta-snmp.pl
 sbin_SCRIPTS += scripts/snmp/vyatta-snmp-v3.pl
diff --git a/debian/changelog b/debian/changelog
index 2d7dc77f..8d4ebc05 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+vyatta-cfg-system (0.20.44+vyos2+current4) unstable; urgency=medium
+
+  * T414: Remove telnetd service
+
+ -- Christian Poessinger <christian@poessinger.com>  Sat, 09 Dec 2017 15:29:45 +0100
+
 vyatta-cfg-system (0.20.44+vyos2+current3) unstable; urgency=medium
 
   [ Kim Hagen ]
diff --git a/scripts/system/vyatta_update_telnet b/scripts/system/vyatta_update_telnet
deleted file mode 100755
index f50eef79..00000000
--- a/scripts/system/vyatta_update_telnet
+++ /dev/null
@@ -1,84 +0,0 @@
-#! /bin/bash
-# Script to control telnet daemon parameters
-# and block changes when logged in over telnet
-
-# Block changes to telnet daemon when logged in over telnet
-pid=$(who -um | awk -F " " '{print $7}')
-if [ -n "$pid" ]; then
- if ps --pid $(ps --pid $pid -o ppid=) -o cmd= | grep -q telnetd
-  then
-    echo "Please configure telnet settings via ssh or console."
-    exit 1
-  fi
-fi
-
-usage() {
-    echo "Usage: $0 enable <port>"
-    echo "       $0 disable"
-    echo "       $0 allow-root {true|false}"
-    exit 1;
-}
-
-allow-root() {
-    case "$1" in
-    true) ;;
-    false) ;;
-        *)  echo "Expect true or false"
-	    usage ;;
-    esac
-
-    sudo sed -i -e '/^# Pseudo-terminal (telnet)/,$d' /etc/securetty
-
-    if [ $1 = "false" ]; then
-	return
-    fi
-
-    sudo sh -c "cat >>/etc/securetty" <<EOF
-# Pseudo-terminal (telnet)
-pts/0
-pts/1
-pts/2
-pts/3
-pts/4
-pts/5
-pts/6
-pts/7
-pts/8
-pts/9
-pts/10
-pts/11
-pts/12
-pts/13
-pts/14
-pts/15
-pts/16
-pts/17
-pts/18
-pts/19
-EOF
-
-}
-
-case "$1" in
-    allow-root) 
-	allow-root $2
-	;;
-
-    enable)
-	if [ -z "$2" ]
-	then echo "Missing port number";
-	    usage
-	fi
-	exec sudo /opt/vyatta/sbin/telnetd.init restart $2 $3
-	;;
-
-    disable)
-	exec sudo /opt/vyatta/sbin/telnetd.init stop
-	;;
-
-    *)  
-	echo "Unknown argument $1";
-	usage 
-	;;
-esac
-	
diff --git a/templates/service/telnet/allow-root/node.def b/templates/service/telnet/allow-root/node.def
deleted file mode 100644
index 39c78062..00000000
--- a/templates/service/telnet/allow-root/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-help: Enable root login over telnet
-create: /opt/vyatta/sbin/vyatta_update_telnet allow-root true
-delete:/opt/vyatta/sbin/vyatta_update_telnet allow-root false
diff --git a/templates/service/telnet/listen-address/node.def b/templates/service/telnet/listen-address/node.def
deleted file mode 100644
index cd016628..00000000
--- a/templates/service/telnet/listen-address/node.def
+++ /dev/null
@@ -1,7 +0,0 @@
-type: ipv4,ipv6
-help: Local addresses telnet should listen on
-val_help: ipv4: IP address to listen for incoming connections
-val_help: ipv6: IPv6 address to listen for incoming connections
-
-commit:expression: exec "/opt/vyatta/sbin/local_ip $VAR(@)"; \
-        "IP address $VAR(@) doesn\'t exist on this system"
diff --git a/templates/service/telnet/node.def b/templates/service/telnet/node.def
deleted file mode 100644
index e173d243..00000000
--- a/templates/service/telnet/node.def
+++ /dev/null
@@ -1,8 +0,0 @@
-priority: 500 # After syslog and logins
-help: Enable/disable Network Virtual Terminal Protocol (TELNET) protocol
-update: touch /tmp/vyatta-telnet.$PPID
-delete: /opt/vyatta/sbin/vyatta_update_telnet disable
-end: if [ -f /tmp/vyatta-telnet.$PPID ]; then
-          rm -f /tmp/vyatta-telnet.$PPID
-	  /opt/vyatta/sbin/vyatta_update_telnet enable $VAR(port/@) $VAR(listen-address/@)
-     fi
diff --git a/templates/service/telnet/port/node.def b/templates/service/telnet/port/node.def
deleted file mode 100644
index c4db688a..00000000
--- a/templates/service/telnet/port/node.def
+++ /dev/null
@@ -1,9 +0,0 @@
-type:  u32
-default:  23
-help: Port for TELNET service
-
-val_help: u32:1-65535; Numeric IP port
-syntax:expression: $VAR(@) > 0 && $VAR(@) <= 65535 ; \
-	"Port number must be in range 1 to 65535"
-commit:expression: exec "sudo /opt/vyatta/sbin/is_port_available.pl $VAR(@)"; \
-        "Port $VAR(@) is already in use!"
-- 
cgit v1.2.3