Merge branch 'glendale' into hollywood

author: rbalocca <rbalocca@vyatta.com> 2008-03-14 14:44:09 -0700
committer: rbalocca <rbalocca@vyatta.com> 2008-03-14 14:44:09 -0700
commit: 2c3eea0064d63ddc71abf40ec7f4284d0989895e (patch)
tree: 987eb6cc94184bd6fcadbe28df78184ae290331e
parent: 71eec2a2a07055dc038019bf57627af85973c257 (diff)
parent: b5864fdc4462d1f329ebe852754c7877846d8bfa (diff)
download: vyatta-cfg-2c3eea0064d63ddc71abf40ec7f4284d0989895e.tar.gz
vyatta-cfg-2c3eea0064d63ddc71abf40ec7f4284d0989895e.zip
10 files changed, 84 insertions, 17 deletions
diff --git a/Makefile.am b/Makefile.am
index 2879932..a309d34 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -42,6 +42,7 @@ sbin_SCRIPTS  += scripts/vyatta-load-config.pl
 sbin_SCRIPTS  += scripts/vyatta-cfg-notify
 sbin_SCRIPTS  += scripts/vyatta-interfaces.pl
 sbin_SCRIPTS  += scripts/vyatta-irqaffin
+sbin_SCRIPTS  += scripts/vyatta-check-typeless-node.pl
 
 share_perl5_SCRIPTS = scripts/VyattaConfig.pm
 share_perl5_SCRIPTS += scripts/VyattaConfigDOMTree.pm
diff --git a/etc/bash_completion.d/20vyatta-cfg b/etc/bash_completion.d/20vyatta-cfg
index 463b383..4ad86ce 100755
--- a/etc/bash_completion.d/20vyatta-cfg
+++ b/etc/bash_completion.d/20vyatta-cfg
@@ -440,8 +440,14 @@ vyatta_parse_tmpl ()
   vyatta_cfg_comp_help=$(vyatta_parse_tmpl_comp_fields $1 "comp_help")
  
   if (( ${#vyatta_cfg_allowed[@]} == 0 )); then
-    local ares=$(eval "$acmd")
-    eval "vyatta_cfg_allowed=( $ares )"
+    local -a ares=( $(eval "$acmd") )
+    for (( i=0 ; i<${#ares[@]} ; i++ )); do
+      if [[ "${ares[i]}" != \<*\> ]]; then
+        vyatta_cfg_allowed+=( "${ares[i]}" )
+      else
+        vyatta_cfg_allowed+=( "" )
+      fi
+    done
   fi
   if [ -z "$vyatta_cfg_help" ]; then
     vyatta_cfg_help='<No help text available>'
diff --git a/etc/default/vyatta-cfg b/etc/default/vyatta-cfg
index ef02233..7d189d8 100644
--- a/etc/default/vyatta-cfg
+++ b/etc/default/vyatta-cfg
@@ -43,6 +43,8 @@ if [ $is_admin == 1 ]; then
 else
   # no need to check is_users since there are only 2 levels for now
   declare -x -r VYATTA_USER_LEVEL_DIR=${vyatta_sysconfdir}/shell/level/users
+  declare -x -r LESSSECURE=1
+  alias more=less
 fi
 } 2>/dev/null || :
 
diff --git a/etc/shell/level/users/allowed-op b/etc/shell/level/users/allowed-op
index 498d120..4c8d16f 100644
--- a/etc/shell/level/users/allowed-op
+++ b/etc/shell/level/users/allowed-op
@@ -8,7 +8,6 @@ reboot
 set
 show
 telnet
-terminal
 traceroute
 undebug
 vpn
diff --git a/etc/shell/level/users/allowed-pipe b/etc/shell/level/users/allowed-pipe
index 3204ef3..2d92acc 100644
--- a/etc/shell/level/users/allowed-pipe
+++ b/etc/shell/level/users/allowed-pipe
@@ -1,4 +1,4 @@
-more
+less
 1
 no-more
 1
diff --git a/scripts/vyatta-check-typeless-node.pl b/scripts/vyatta-check-typeless-node.pl
new file mode 100644
index 0000000..65a7408
--- /dev/null
+++ b/scripts/vyatta-check-typeless-node.pl
@@ -0,0 +1,21 @@
+#!/usr/bin/perl
+use lib "/opt/vyatta/share/perl5/";
+use VyattaConfig;
+use VyattaMisc;
+use Getopt::Long;
+
+## Check if a typeless node exists
+# this is a lame little script to get around bug 2525 not being fixed.
+# i.e. $VAR(./node/) always expands to true.  Once bug 2525 is properly
+# fixed, this can go away
+my $node = shift;
+my $config = new VyattaConfig;
+
+if ($config->exists("$node")) {
+  exit 0;
+}
+else {
+  exit 1;
+}
+
+exit 0;
diff --git a/scripts/vyatta-interfaces.pl b/scripts/vyatta-interfaces.pl
index 1cad719..e3afe68 100755
--- a/scripts/vyatta-interfaces.pl
+++ b/scripts/vyatta-interfaces.pl
@@ -34,7 +34,7 @@ use lib "/opt/vyatta/share/perl5/";
 use VyattaConfig;
 use VyattaMisc;
 use Getopt::Long;
-
+use POSIX;
 use NetAddr::IP;
 
 use strict;
@@ -45,18 +45,22 @@ my $dhcp_conf   = '/etc/dhcp3/dhclient.conf';
 my $dhcp_pid    = '/var/run/dhclient.pid';
 my $dhcp_leases = '/var/lib/dhcp3/dhclient.leases';
 
+my ($eth_update, $eth_delete, $addr, $restart_dhclient, $dev, $mac, $mac_update);
 
-my ($eth_update, $eth_delete, $addr, $restart_dhclient, $dev);
 GetOptions("eth-addr-update=s" => \$eth_update,
 	   "eth-addr-delete=s" => \$eth_delete,
 	   "valid-addr=s"      => \$addr,
 	   "restart-dhclient!" => \$restart_dhclient,
            "dev=s"             => \$dev,
+	   "valid-mac=s"       => \$mac,
+	   "set-mac=s"	       => \$mac_update,
 );
 
 if (defined $eth_update)       { update_eth_addrs($eth_update, $dev); }
 if (defined $eth_delete)       { delete_eth_addrs($eth_delete, $dev);  }
 if (defined $addr)             { is_valid_addr($addr, $dev); }
+if (defined $mac)	       { is_valid_mac($mac, $dev); }
+if (defined $mac_update)       { update_mac($mac_update, $dev); }
 if (defined $restart_dhclient) { dhcp_restart_daemon(); }
 
 sub is_ip_configured {
@@ -342,6 +346,45 @@ sub delete_eth_addrs {
     }
 }
 
+sub update_mac {
+    my ($mac, $intf) = @_;
+
+    open my $fh, "<", "/sys/class/net/$intf/flags"
+	or die "Error: $intf is not a network device\n";
+
+    my $flags = <$fh>;
+    chomp $flags;
+    close $fh or die "Error: can't read state\n";
+
+    if (POSIX::strtoul($flags) & 1) {
+	# NB: Perl 5 system return value is bass-ackwards
+	system "sudo ip link set $intf down"
+	    and die "Could not set $intf down ($!)\n";
+	system "sudo ip link set $intf address $mac"
+	    and die "Could not set $intf address ($!)\n";
+	system "sudo ip link set $intf up"
+	    and die "Could not set $intf up ($!)\n";
+    } else {
+	exec "sudo ip link set $intf address $mac";
+    }
+    exit 0;
+}
+ 
+sub is_valid_mac {
+    my ($mac, $intf) = @_;
+    my @octets = split /:/, $mac;
+    
+    ($#octets == 5) or die "Error: wrong number of octets: $#octets\n";
+
+    (($octets[0] & 1) == 0) or die "Error: $mac is a multicast address\n";
+
+    my $sum = 0;
+    $sum += strtoul('0x' . $_) foreach @octets;
+    ( $sum != 0 ) or die "Error: zero is not a valid address\n";
+
+    exit 0;
+}
+
 sub is_valid_addr {
     my ($addr_net, $intf) = @_;
 
diff --git a/templates/interfaces/ethernet/node.tag/address/node.def b/templates/interfaces/ethernet/node.tag/address/node.def
index 410c072..23b1262 100644
--- a/templates/interfaces/ethernet/node.tag/address/node.def
+++ b/templates/interfaces/ethernet/node.tag/address/node.def
@@ -4,6 +4,7 @@ help: Configure an IP address for this interface
 syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr $VAR(@) --dev $VAR(../@)"; "Invalid IP address/prefix [$VAR(@)] for interface $VAR(../@)"
 update:expression: "sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-update $VAR(@) --dev $VAR(../@)"; "Error setting address $VAR(@) on interface $VAR(../@)"
 delete:expression: "sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-delete $VAR(@) --dev $VAR(../@)"; "Error deleting address $VAR(@) on interface $VAR(../@)"
+allowed: echo "dhcp <>"
 comp_help:Possible completions:
   <IP address>/<prefix length>\tSet the IP address and prefix length
   dhcp\t\t\t\tSet the IP address and prefix length via DHCP
diff --git a/templates/interfaces/ethernet/node.tag/mac/node.def b/templates/interfaces/ethernet/node.tag/mac/node.def
index e556743..d25b378 100644
--- a/templates/interfaces/ethernet/node.tag/mac/node.def
+++ b/templates/interfaces/ethernet/node.tag/mac/node.def
@@ -1,14 +1,7 @@
 type: macaddr
 help: Set the MAC address of this interface
+syntax:expression: exec "\
+	/opt/vyatta/sbin/vyatta-interfaces.pl --dev $VAR(../@) --valid-mac $VAR(@)"
+update: /opt/vyatta/sbin/vyatta-interfaces.pl --dev $VAR(../@) --set-mac $VAR(@)
+delete: /opt/vyatta/sbin/vyatta-interfaces.pl --dev $VAR(../@) --set-mac $VAR(../hw-id/@)
 
-update:expression: "sudo sh -c \"ip link set $VAR(../@) down &&            \
-                                 ip link set $VAR(../@) address $VAR(@) && \
-                                 ip link set $VAR(../@) up; \" ";          \
-                   "Error setting MAC address on dev $VAR(../@)"
-
-delete:expression: "sudo sh -c \"ip link set $VAR(../@) down &&            \
-                                 ip link set $VAR(../@) address            \
-                                   $VAR(../hw-id/@) &&                     \
-                                 ip link set $VAR(../@) up;\" ";           \
-                   "Error resetting MAC address on dev $VAR(../@) to       \
-                    $VAR(../hw-id/@)"
diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/address/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/address/node.def
index 6653727..a33818f 100644
--- a/templates/interfaces/ethernet/node.tag/vif/node.tag/address/node.def
+++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/address/node.def
@@ -4,6 +4,7 @@ help: Configure an IP address for this interface
 syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr $VAR(@) --dev $VAR(../../@).$VAR(../@) "; "Invalid IP address/prefix [$VAR(@)] for interface $VAR(../../@).$VAR(../@)"
 create:expression: "sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-update $VAR(@) --dev $VAR(../../@).$VAR(../@) "; "Error setting address $VAR(@) on dev $VAR(../../@).$VAR(../@) "
 delete:expression: "sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-delete $VAR(@) --dev $VAR(../../@).$VAR(../@) "; "Error deleting address $VAR(@) on dev $VAR(../../@).$VAR(../@) "
+allowed: echo "dhcp <>"
 comp_help:Possible completions:
   <IP address>/<prefix length>    Set the IP address and prefix length
   dhcp                            Set the IP address and prefix length via DHCP
author	rbalocca <rbalocca@vyatta.com>	2008-03-14 14:44:09 -0700
committer	rbalocca <rbalocca@vyatta.com>	2008-03-14 14:44:09 -0700
commit	2c3eea0064d63ddc71abf40ec7f4284d0989895e (patch)
tree	987eb6cc94184bd6fcadbe28df78184ae290331e
parent	71eec2a2a07055dc038019bf57627af85973c257 (diff)
parent	b5864fdc4462d1f329ebe852754c7877846d8bfa (diff)
download	vyatta-cfg-2c3eea0064d63ddc71abf40ec7f4284d0989895e.tar.gz vyatta-cfg-2c3eea0064d63ddc71abf40ec7f4284d0989895e.zip