diff options
Diffstat (limited to 'scripts')
-rwxr-xr-x | scripts/vyatta-activate-config.pl | 163 | ||||
-rwxr-xr-x | scripts/vyatta-cfg-cmd-wrapper | 216 | ||||
-rwxr-xr-x | scripts/vyatta-comment-config.pl | 92 | ||||
-rwxr-xr-x | scripts/vyatta-load-config.pl | 38 |
4 files changed, 44 insertions, 465 deletions
diff --git a/scripts/vyatta-activate-config.pl b/scripts/vyatta-activate-config.pl deleted file mode 100755 index 6bf6c3b..0000000 --- a/scripts/vyatta-activate-config.pl +++ /dev/null @@ -1,163 +0,0 @@ -#!/usr/bin/perl - -# Author: Michael Larson <mike@vyatta.com> -# Date: 2010 -# Description: Perl script for activating/deactivating portions of the configuration - -# **** License **** -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License version 2 as -# published by the Free Software Foundation. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# This code was originally developed by Vyatta, Inc. -# Portions created by Vyatta are Copyright (C) 2006, 2007, 2008, 2009, 2010 Vyatta, Inc. -# All Rights Reserved. -# **** End License **** - -use strict; -use warnings; -use File::Find; -use lib "/opt/vyatta/share/perl5"; - - -sub wanted { - return unless ( $_ eq '.disable' ); - print("Cannot deactivate nested elements\n"); - exit 1; -} - -sub wanted_local { - if ( $_ eq '.disable' ) { - #we'll supercede this .disable by the parent and remove this. - my $f = $File::Find::name; - `rm -f $f`; - } -} - -sub check_parents { - my @p = @_; - my $l_dir = "$ENV{VYATTA_TEMP_CONFIG_DIR}/$ENV{VYATTA_EDIT_LEVEL}"; - my $a_dir = "$ENV{VYATTA_ACTIVE_CONFIGURATION_DIR}/$ENV{VYATTA_EDIT_LEVEL}"; - foreach my $sw (@p) { - $l_dir .= "/$sw"; - $a_dir .= "/$sw"; - - if (-e "$l_dir/.disable") { - return 1; - } - if (-e "$a_dir/.disable") { - return 1; - } - } - return 0; -} - -sub usage() { - print "Usage: $0 <activate|deactivate> <path>\n"; - exit 0; -} - -my $action = $ARGV[0]; - -if (!defined $ARGV[1] || $ARGV[1] eq '') { - print("Cannot activate/deactivate configuration root\n"); - exit 1; -} - -#adjust for leaf node -my $i = 0; -my $arg_ct = $#ARGV; -my @path = @ARGV[1..$arg_ct]; -my @parent_path = @ARGV[1..($arg_ct-1)]; - -foreach my $elem (@path) { - $elem =~ s/\//%2F/g; - $elem =~ s/\s+/\//g; - $path[$i++] = $elem; -} -my $edit_level = "$ENV{VYATTA_EDIT_LEVEL}"; - -my $path = $edit_level . join '/', @path; - -my $full_path = "$ENV{VYATTA_TEMP_CONFIG_DIR}/$path"; - -if (-e $full_path) { - my $leaf = "$full_path/node.val"; - if (-e $leaf) { - #prevent setting on leaf or multi, check for node.val - if (!defined $ENV{BOOT}) { - printf("Cannot deactivate end node\n"); - } - exit 1; - } -} -else { - #check if this is a leaf node with value - my $parent_path_leaf = $ENV{VYATTA_TEMP_CONFIG_DIR} . "/" . $edit_level . join('/', @parent_path) . "/node.val"; - if (-e $parent_path_leaf) { - #prevent setting on leaf or multi, check for node.val - if (!defined $ENV{BOOT}) { - printf("Cannot deactivate end node\n"); - } - exit 1; - } - if (!defined $ENV{BOOT}) { - printf("This configuration element does not exist: " . join(' ', @path) . "\n"); - } - exit 1; -} - -####################################################### -#now check for nesting of the activate/deactivate nodes -####################################################### -if ($action eq 'deactivate') { - my $active_dir = "$ENV{VYATTA_ACTIVE_CONFIGURATION_DIR}/$path"; - my $local_dir = $full_path; - if (-e $active_dir && !(-e "$active_dir/.disable")) { #checks active children - find( \&wanted, $active_dir ); - } - if (-e $local_dir) { #checks locally commit children, will remove disabled children - find( \&wanted_local, $local_dir ); - } - #final check that walks up tree and checks - if (!(-e "$active_dir/.disable") && check_parents(@path)) { #checks active and locally committed parents - if (!defined $ENV{BOOT}) { - print("Cannot deactivate nested elements\n"); - } - exit 1; - } -} - -####################################################### -#now apply the magic -####################################################### -if ($action eq 'activate') { - $full_path .= "/.disable"; - if (-e $full_path) { - `rm -f $full_path`; - } - else { - printf("This element has not been deactivated\n"); - exit 1; - } -} -elsif ($action eq 'deactivate') { - #first let's check and ensure that there is not another child .disable node... - #also needs to be enforced when committing - my $active_dir = "$ENV{VYATTA_ACTIVE_CONFIGURATION_DIR}/$path"; - my $local_dir = $full_path; - `touch $full_path/.disable`; -} -else { - printf("bad argument: " . $action . "\n"); - usage(); -} - -`touch $ENV{VYATTA_TEMP_CONFIG_DIR}/.modified`; - -exit 0; diff --git a/scripts/vyatta-cfg-cmd-wrapper b/scripts/vyatta-cfg-cmd-wrapper index 070b64f..e04faeb 100755 --- a/scripts/vyatta-cfg-cmd-wrapper +++ b/scripts/vyatta-cfg-cmd-wrapper @@ -1,6 +1,6 @@ #!/bin/bash -# Author: An-Cheng Huang <ancheng@vyatta.com> +# Author: Vyatta <eng@vyatta.com> # Date: 2007 # Description: command wrapper @@ -19,21 +19,12 @@ # All Rights Reserved. # **** End License **** -if grep -q union=aufs /proc/cmdline || grep -q aufs /proc/filesystems ; then - export UNIONFS=aufs -else - export UNIONFS=unionfs -fi - -# permissions -## note: this script should be running as the vyattacfg group, e.g., with "sg". -## otherwise there may be permission problems with the files created. -UMASK_SAVE=`umask` -umask 0002 +# note: this script MUST be running as the vyattacfg group, e.g., with "sg". +# otherwise there WILL be permission problems with the files created. -export VYATTA_EDIT_LEVEL=/; -export VYATTA_TEMPLATE_LEVEL=/; -export VYATTA_ACTIVE_CONFIGURATION_DIR=/opt/vyatta/config/active; +# some env variables are needed +export vyatta_sysconfdir=/opt/vyatta/etc +export vyatta_sbindir=/opt/vyatta/sbin # allow env variable to override default session id (ppid). this enables # the script to handle cases where the invocations can come from @@ -42,167 +33,26 @@ SID=$PPID if [ -n "$CMD_WRAPPER_SESSION_ID" ]; then SID=$CMD_WRAPPER_SESSION_ID fi -export VYATTA_CHANGES_ONLY_DIR=/tmp/changes_only_$SID; -export VYATTA_TEMP_CONFIG_DIR=/opt/vyatta/config/tmp/new_config_$SID; -export VYATTA_CONFIG_TMP=/opt/vyatta/config/tmp/tmp_$SID; - -vyatta_escape () -{ - # copied over from /etc/bash_completion.d/20vyatta-cfg - # $1: \$original - # $2: \$escaped - eval "$2=\${$1//\%/%25}" - eval "$2=\${$2//\*/%2A}" - eval "$2=\${$2//\//%2F}" -} - -mvcp () -{ - # copied over from /etc/bash_completion.d/20vyatta-cfg - local str=$1 - shift - local Str=$1 - shift - local cmd=$1 - shift - local _otag=$1 - local _ovalu=$2 - local _to=$3 - local _ntag=$4 - local _nvalu=$5 - local _oval='' - local _nval='' - local _mpath=${VYATTA_TEMP_CONFIG_DIR}/${VYATTA_EDIT_LEVEL} - local _tpath=${VYATTA_CONFIG_TEMPLATE}/${VYATTA_TEMPLATE_LEVEL} - vyatta_escape _ovalu _oval - vyatta_escape _nvalu _nval - if [ "$_to" != 'to' ] || [ -z "$_ntag" ] || [ -z "$_nval" ]; then - echo "Invalid $str command" - return 1 - fi - if [ "$_otag" != "$_ntag" ]; then - echo "Cannot $str from \"$_otag\" to \"$_ntag\"" - return 1 - fi - if [ ! -d "$_tpath/$_otag/$VYATTA_TAG_NAME" ]; then - echo "Cannot $str under \"$_otag\"" - return 1 - fi - if [ ! -d "$_mpath/$_otag/$_oval" ]; then - echo "Configuration \"$_otag $_ovalu\" does not exist" - return 1 - fi - if [ -d "$_mpath/$_ntag/$_nval" ]; then - echo "Configuration \"$_ntag $_nvalu\" already exists" - return 1 - fi - if ! /opt/vyatta/sbin/my_set $_ntag "$_nvalu"; then - echo "$Str failed" - return 1 - fi - /opt/vyatta/sbin/my_delete $_ntag "$_nvalu" >&/dev/null 3>&1 - - $cmd "$_mpath/$_otag/$_oval" "$_mpath/$_ntag/$_nval" - - return 0 -} - -do_move () -{ - local -a args=("$@") - local pargc - (( pargc = ${#args[@]} - 4 )) - if (( pargc < 1 )); then - echo "Invalid move command \"move $@\"" - return 1 - fi - - local -a pargs=("${args[@]:0:$pargc}") - args=("${args[@]:$pargc}") - local tag=${args[0]} - local oval=${args[1]} - local to=${args[2]} - local nval=${args[3]} - - if [ -z "$tag" ] || [ -z "$oval" ] || [ "$to" != 'to' ] \ - || [ -z "$nval" ]; then - echo "Invalid move command \"move $@\"" - return 1 - fi - - local _mpath=${VYATTA_TEMP_CONFIG_DIR}/${VYATTA_EDIT_LEVEL} - local _tpath=${VYATTA_CONFIG_TEMPLATE}/${VYATTA_TEMPLATE_LEVEL} - local idx - for (( idx = 0; idx < pargc; idx++ )); do - local comp=${pargs[$idx]} - vyatta_escape comp comp - _mpath="$_mpath/$comp" - _tpath="$_tpath/$comp" - if [ ! -d $_mpath ]; then - # node doesn't exist - break - fi - if [ -d $_tpath ]; then - # found non-tag node - continue - fi - - # check if it's tag node - _tpath=$(dirname $_tpath)/node.tag - if [ -d $_tpath ]; then - # found tag node - continue - fi - - # invalid node - break - done - if (( idx != pargc )); then - # invalid node - echo "Invalid node path \"${pargs[@]}\"" - return 1 - fi - if [[ "$_tpath" != */node.tag ]]; then - # path doesn't end with a tag value. must not have "type". - if [ ! -f "$_tpath/node.def" ]; then - echo "Invalid node path \"${pargs[@]}\"" - return 1 - fi - if grep -q '^type: ' "$_tpath/node.def"; then - echo "Invalid move command \"move $@\"" - return 1 - fi - fi - # set edit level - VYATTA_EDIT_LEVEL="${_mpath#$VYATTA_TEMP_CONFIG_DIR}/" - VYATTA_TEMPLATE_LEVEL="${_tpath#$VYATTA_CONFIG_TEMPLATE}/" - mvcp rename Rename mv "$tag" "$oval" 'to' "$tag" "$nval" -} +# set up the session environment (get it from the unified lib) +session_env=$(${vyatta_sbindir}/my_cli_shell_api getSessionEnv $SID) +eval "$session_env" RET_STATUS=0 case "$1" in begin) - # set up the environment/directories - mkdir -p $VYATTA_ACTIVE_CONFIGURATION_DIR - mkdir -p $VYATTA_CHANGES_ONLY_DIR - if [ ! -d $VYATTA_TEMP_CONFIG_DIR ]; then - mkdir -p $VYATTA_TEMP_CONFIG_DIR - sudo mount -t $UNIONFS -o dirs=${VYATTA_CHANGES_ONLY_DIR}=rw:${VYATTA_ACTIVE_CONFIGURATION_DIR}=ro $UNIONFS ${VYATTA_TEMP_CONFIG_DIR} - fi - mkdir -p $VYATTA_CONFIG_TMP + # set up the session + ${vyatta_sbindir}/my_cli_shell_api setupSession + RET_STATUS=$? ;; end) - # tear down the environment/directories - sudo umount ${VYATTA_TEMP_CONFIG_DIR} - rm -rf ${VYATTA_CHANGES_ONLY_DIR} - rm -rf ${VYATTA_CONFIG_TMP} - rm -rf ${VYATTA_TEMP_CONFIG_DIR} + # tear down the session + ${vyatta_sbindir}/my_cli_shell_api teardownSession + RET_STATUS=$? ;; cleanup|discard) - sudo umount ${VYATTA_TEMP_CONFIG_DIR} - rm -rf $VYATTA_CHANGES_ONLY_DIR/* $VYATTA_CHANGES_ONLY_DIR/.modified - sudo mount -t $UNIONFS -o dirs=${VYATTA_CHANGES_ONLY_DIR}=rw:${VYATTA_ACTIVE_CONFIGURATION_DIR}=ro $UNIONFS ${VYATTA_TEMP_CONFIG_DIR} + /opt/vyatta/sbin/my_discard + RET_STATUS=$? ;; set) /opt/vyatta/sbin/my_set "${@:2}" @@ -213,11 +63,11 @@ case "$1" in RET_STATUS=$? ;; deactivate) - /opt/vyatta/sbin/vyatta-activate-config.pl deactivate "${@:2}" + /opt/vyatta/sbin/my_deactivate "${@:2}" RET_STATUS=$? ;; activate) - /opt/vyatta/sbin/vyatta-activate-config.pl activate "${@:2}" + /opt/vyatta/sbin/my_activate "${@:2}" RET_STATUS=$? ;; show) @@ -225,7 +75,7 @@ case "$1" in RET_STATUS=$? ;; comment) - /opt/vyatta/sbin/vyatta-comment-config.pl "${@:2}" + /opt/vyatta/sbin/my_comment "${@:2}" RET_STATUS=$? ;; commit) @@ -240,41 +90,30 @@ case "$1" in RET_STATUS=$? ;; load) - export vyatta_sysconfdir=/opt/vyatta/etc - export vyatta_sbindir=/opt/vyatta/sbin /opt/vyatta/sbin/vyatta-load-config.pl "${@:2}" RET_STATUS=$? ;; rule-rename) # this option is to be used for renaming firewall and nat rules only # usage for this option specified on the next two lines - + # 2 3 4 5 6 7 8 # rule-rename firewall $firewall_ruleset rule $rule_num to rule $rename_rulenum + # 2 3 4 5 6 7 # rule-rename nat rule $rule_num to rule $rename_rulenum - if [ "$2" == "firewall" ]; then - VYATTA_TEMPLATE_LEVEL=/firewall/name/node.tag; - VYATTA_EDIT_LEVEL="/firewall/name/$3"; + /opt/vyatta/sbin/my_move firewall name "$3" rule "$5" to "$8" + RET_STATUS=$? elif [ "$2" == "nat" ]; then - VYATTA_TEMPLATE_LEVEL=/service/nat; - VYATTA_EDIT_LEVEL=/service/nat; - fi - _mpath=${VYATTA_TEMP_CONFIG_DIR}/${VYATTA_EDIT_LEVEL} - _tpath=${VYATTA_CONFIG_TEMPLATE}/${VYATTA_TEMPLATE_LEVEL} - VYATTA_EDIT_LEVEL="${_mpath#$VYATTA_TEMP_CONFIG_DIR}/" - VYATTA_TEMPLATE_LEVEL="${_tpath#$VYATTA_CONFIG_TEMPLATE}/" - if [ $2 == "firewall" ]; then - mvcp rename Rename mv "${@:4}" - elif [ $2 == "nat" ]; then - mvcp rename Rename mv "${@:3}" + /opt/vyatta/sbin/my_move service nat rule "$4" to "$7" + RET_STATUS=$? fi - RET_STATUS=$? ;; move) # this is similar to the CLI edit+rename command. # e.g., "move interfaces ethernet eth2 vif 100 to 200" # is similar to "edit interfaces ethernet eth2" plus # "rename vif 100 to vif 200". - do_move "${@:2}" + /opt/vyatta/sbin/my_move "${@:2}" RET_STATUS=$? ;; *) @@ -283,6 +122,5 @@ case "$1" in ;; esac -umask ${UMASK_SAVE} exit $RET_STATUS diff --git a/scripts/vyatta-comment-config.pl b/scripts/vyatta-comment-config.pl deleted file mode 100755 index 5e3a315..0000000 --- a/scripts/vyatta-comment-config.pl +++ /dev/null @@ -1,92 +0,0 @@ -#!/usr/bin/perl - -# Author: Michael Larson <mike@vyatta.com> -# Date: 2010 -# Description: Perl script for adding comments to portions of the configuration - -# **** License **** -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License version 2 as -# published by the Free Software Foundation. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# This code was originally developed by Vyatta, Inc. -# Portions created by Vyatta are Copyright (C) 2006, 2007, 2008, 2009, 2010 Vyatta, Inc. -# All Rights Reserved. -# **** End License **** - -use strict; -use warnings; -use File::Find; -use lib "/opt/vyatta/share/perl5"; -use Vyatta::Config; - - -sub usage() { - print "Usage: $0 <path>\n"; - exit 0; -} - -if ($#ARGV == 0) { - exit 0; -} - -#adjust for leaf node -my $i = 0; -my @path = @ARGV[0..$#ARGV-1]; -foreach my $elem (@path) { - $elem =~ s/\//%2F/g; - $elem =~ s/\s+/\//g; - $path[$i++] = $elem; -} -my $edit_level = "$ENV{VYATTA_EDIT_LEVEL}"; - -my $path = $edit_level . join '/', @path; - -my $full_path = "$ENV{VYATTA_TEMP_CONFIG_DIR}/$path"; - -if (! -e $full_path) { - $path = $edit_level . join '/', @path[0..$#path-1]; - my $leaf = "$ENV{VYATTA_TEMP_CONFIG_DIR}/$path/node.val"; - if (-e $leaf) { - $full_path = "$ENV{VYATTA_TEMP_CONFIG_DIR}/$path"; - } - else { - print "Configuation path is not valid\n"; - exit 0; - } -} - -my $config = new Vyatta::Config; -my @el = split('/',$edit_level); -if ($config->isTagNode([ @el, @path ])) { - print "Cannot set comment without value for this path\n"; - exit 0; -} -#scan for illegal characters here: '/*', '*/' -if ($ARGV[$#ARGV] =~ /\/\*|\*\//) { - print "illegal characters found in comment\n"; - exit 1; -} - - -if ($ARGV[$#ARGV] eq '') { - `rm -f $full_path/.comment`; -} -else { - my $cfile; - if (!open($cfile, '>', "$full_path/.comment")) { - print "Failed to set comment\n"; - exit 1; - } - print $cfile $ARGV[$#ARGV]; - close($cfile); -} - -`touch $ENV{VYATTA_TEMP_CONFIG_DIR}/.modified`; - -exit 0; diff --git a/scripts/vyatta-load-config.pl b/scripts/vyatta-load-config.pl index a101e31..20cf200 100755 --- a/scripts/vyatta-load-config.pl +++ b/scripts/vyatta-load-config.pl @@ -1,6 +1,6 @@ #!/usr/bin/perl -# Author: An-Cheng Huang <ancheng@vyatta.com. +# Author: Vyatta <eng@vyatta.com> # Date: 2007 # Description: Perl script for loading config file at run time. @@ -27,6 +27,7 @@ use POSIX; use IO::Prompt; use Getopt::Long; use Sys::Syslog qw(:standard :macros); +use Vyatta::Config; use Vyatta::ConfigLoad; $SIG{'INT'} = 'IGNORE'; @@ -188,7 +189,7 @@ if ( scalar( keys %cfg_hier ) == 0 ) { } } -my %cfg_diff = Vyatta::ConfigLoad::getConfigDiff( \%cfg_hier, 'true' ); +my %cfg_diff = Vyatta::ConfigLoad::getConfigDiff(\%cfg_hier); my @set_list = @{ $cfg_diff{'set'} }; my @deactivate_list = @{ $cfg_diff{'deactivate'} }; my @activate_list = @{ $cfg_diff{'activate'} }; @@ -224,25 +225,20 @@ foreach (@set_list) { foreach (@activate_list) { - my $cmd = "$sbindir/vyatta-activate-config.pl activate $_"; - system("$cmd 1>/dev/null"); - #ignore error on complaint re: nested nodes + my $cmd = "$sbindir/my_activate $_"; + system("$cmd 1>/dev/null"); + #ignore error on complaint re: nested nodes } +my $cobj = new Vyatta::Config; foreach (@deactivate_list) { - my @cp = split(" ",$_); - my $p = join("/",@cp[0..$#cp-1]); - my $leaf = "$ENV{VYATTA_TEMP_CONFIG_DIR}/$p/node.val"; - my $c = ""; - if (-e $leaf) { - $c = join(" ",@cp[0..$#cp-1]); - } - else { - $c = join(" ",@cp); - } - my $cmd = "$sbindir/vyatta-activate-config.pl deactivate $c"; - system("$cmd 1>/dev/null"); - #ignore error on complaint re: nested nodes + if ($cobj->isLeafValue($_)) { + # a leaf value. go up 1 level by removing the last comp. + s/\s+\S+$//; + } + my $cmd = "$sbindir/my_deactivate $_"; + system("$cmd 1>/dev/null"); + #ignore error on complaint re: nested nodes } foreach (@comment_list) { @@ -254,7 +250,7 @@ foreach (@comment_list) { my $rel_path = join '/', @cmd_array; my $path = "/opt/vyatta/config/active/" . $rel_path . "/.comment"; if (-e $path) { - my @cmd = ( "$sbindir/vyatta-comment-config.pl ", $cmd_ref ); + my @cmd = ( "$sbindir/my_comment ", $cmd_ref ); my $cmd_str = join ' ', @cmd; system("$cmd_str 1>/dev/null"); } @@ -266,7 +262,7 @@ foreach (@comment_list) { if (-e $leaf) { $path = "/opt/vyatta/config/active/" . $rel_path . "/.comment"; if (-e $path) { - my @cmd = ( "$sbindir/vyatta-comment-config.pl ", $cmd_ref ); + my @cmd = ( "$sbindir/my_comment ", $cmd_ref ); my $cmd_str = join ' ', @cmd; system("$cmd_str 1>/dev/null"); } @@ -274,7 +270,7 @@ foreach (@comment_list) { } } else { - my @cmd = ( "$sbindir/vyatta-comment-config.pl ", $cmd_ref ); + my @cmd = ( "$sbindir/my_comment ", $cmd_ref ); my $cmd_str = join ' ', @cmd; system("$cmd_str 1>/dev/null"); } |