From 8a66041f90db8205db50fd83aed8001175c787ed Mon Sep 17 00:00:00 2001 From: slioch Date: Mon, 2 Mar 2009 22:28:16 -0800 Subject: added fix for nested priority and deletion failure. also priorities should not reside on node.tags, but on parent (node name of multinode)--this is to prevent priorities splitting behaviors between different priorities on multinodes. --- src/common/unionfs.c | 26 +++++++++++++++++++------- templates/priority | 22 +++++++++++----------- 2 files changed, 30 insertions(+), 18 deletions(-) diff --git a/src/common/unionfs.c b/src/common/unionfs.c index 0aaffe0..4cb2ed6 100644 --- a/src/common/unionfs.c +++ b/src/common/unionfs.c @@ -1066,8 +1066,10 @@ delete_func(GNode *node, gpointer data) char *command = malloc(MAX_LENGTH_DIR_PATH); struct SrcDst *sd = (struct SrcDst*)data; + //DONT HAVE THE COMMAND BELOW BLOW AWAY WHITEOUT FILES!!!!! static const char format[]="rm -f %s%s{*,.*} >&/dev/null;rmdir %s%s >&/dev/null ; /bin/true"; //need to remove opaque file. - static const char format_force_delete[]="rm -f %s%s{*,.*} >&/dev/null;rm -fr %s%s >&/dev/null ; /bin/true"; //force delete as this is a delete operation with dependency + static const char format_force_delete[]="rm -f %s%s{*,.*} >&/dev/null;rmdir %s%s >&/dev/null ; /bin/true"; //force delete as this is a delete operation with dependency + static const char delete_format[]="rm %s%s../.wh.%s >&/dev/null"; char *path = ((struct VyattaNode*)(node->data))->_data._path; @@ -1078,13 +1080,23 @@ delete_func(GNode *node, gpointer data) //WILL ONLY REMOVE DIRS WITHOUT CHILD DIRS--just what we want.. - sprintf(command,format,sd->_src,path,sd->_src,path); - if (g_debug) { - printf("%s\n",command); - fflush(NULL); + //NEED TO PREVENT THE COMMAND BELOW FROM DELETING WHITEOUT FILES.... + + if (IS_NOOP(((struct VyattaNode*)(node->data))->_data._operation)) { + return FALSE; //see if we can skip this node here } - if (sd->_test_mode == FALSE) { - system(command); + + + //DOESN'T QUITE FIX THE PROBLEM, THE PARENT IS CALLED (AND PROBABLY SHOULDN'T BE) + if (!IS_DELETE(((struct VyattaNode*)(node->data))->_data._operation)) { + sprintf(command,format,sd->_src,path,sd->_src,path); + if (g_debug) { + printf("%s\n",command); + fflush(NULL); + } + if (sd->_test_mode == FALSE) { + system(command); + } } //if this is a deletion operation, need to remove diff --git a/templates/priority b/templates/priority index fe4babd..8b8118a 100644 --- a/templates/priority +++ b/templates/priority @@ -4,21 +4,21 @@ 301 protocols/ospfv3 302 protocols/rip 303 protocols/ripng -310 interfaces/bridge/node.tag -320 interfaces/ethernet/node.tag -320 interfaces/loopback/node.tag -330 interfaces/adsl/node.tag -340 interfaces/serial/node.tag -350 interfaces/wirelessmodem/node.tag -380 interfaces/tunnel/node.tag -380 interfaces/openvpn/node.tag -390 interfaces/bonding/node.tag +310 interfaces/bridge +320 interfaces/ethernet +320 interfaces/loopback +330 interfaces/adsl +340 interfaces/serial +350 interfaces/wirelessmodem +380 interfaces/tunnel +380 interfaces/openvpn +390 interfaces/bonding 400 system 450 protocols/static 470 policy -500 protocols/bgp/node.tag +500 protocols/bgp 510 protocols/bgp/node.tag/parameters -520 protocols/bgp/node.tag/neighbor/node.tag +520 protocols/bgp/node.tag/neighbor 530 protocols/bgp/node.tag/ipv6 530 protocols/bgp/node.tag/network 530 protocols/bgp/node.tag/redistribute -- cgit v1.2.3 From f40cb6f6ee74b8dfe22be27307d343ed8eaec540 Mon Sep 17 00:00:00 2001 From: slioch Date: Mon, 2 Mar 2009 22:30:23 -0800 Subject: 0.14.34 --- debian/changelog | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/debian/changelog b/debian/changelog index f01dac8..748e897 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +vyatta-cfg (0.14.34) unstable; urgency=low + + * added fix for nested priority and deletion failure. also priorities + should not reside + + -- slioch Mon, 02 Mar 2009 22:30:23 -0800 + vyatta-cfg (0.14.33) unstable; urgency=low [ Stephen Hemminger ] -- cgit v1.2.3 From a6316a2b0f98b50b2f36bfa440b8dd432df98131 Mon Sep 17 00:00:00 2001 From: Stephen Hemminger Date: Tue, 3 Mar 2009 08:23:29 -0800 Subject: Use vyatta-interfaces to generate allowed list --- templates/interfaces/ethernet/node.def | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/templates/interfaces/ethernet/node.def b/templates/interfaces/ethernet/node.def index 1886458..55d0a85 100644 --- a/templates/interfaces/ethernet/node.def +++ b/templates/interfaces/ethernet/node.def @@ -8,12 +8,7 @@ syntax:expression: exec " \ echo \"Ethernet interface does not exist: $VAR(@)\"; \ exit 1; \ fi" - +allowed: /opt/vyatt/sbin/vyatta-interfaces.pl --show=ethernet update: sudo ip link set "$VAR(@)" up /opt/vyatta/sbin/vyatta-link-detect $VAR(@) on delete: sudo ip link set "$VAR(@)" down -allowed: for dev in /sys/class/net/eth*; - do if [[ -d $dev && -L $dev/device ]] - then echo -n ${dev##*/} " " - fi - done -- cgit v1.2.3 From a919283f045a10bfd047f28b1bd720bf53a0058e Mon Sep 17 00:00:00 2001 From: Stephen Hemminger Date: Tue, 3 Mar 2009 08:39:51 -0800 Subject: Extend vyatta-interfaces to do device name checking Have one central place for validity checks. --- scripts/vyatta-interfaces.pl | 29 ++++++++++++++++++++++------- 1 file changed, 22 insertions(+), 7 deletions(-) diff --git a/scripts/vyatta-interfaces.pl b/scripts/vyatta-interfaces.pl index 89b6e1e..2471c01 100755 --- a/scripts/vyatta-interfaces.pl +++ b/scripts/vyatta-interfaces.pl @@ -48,6 +48,16 @@ my $dhcp_daemon = '/sbin/dhclient'; my ($eth_update, $eth_delete, $addr, $dev, $mac, $mac_update, $op_dhclient); my ($check_name, $show_names, $intf_cli_path, $vif_name); +sub usage() { + print "Usage: $0 --dev= --check=\n"; + print " $0 --dev= --valid-mac=\n"; + print " $0 --dev= --eth-addr-update=\n"; + print " $0 --dev= --eth-addr-delete=\n"; + print " $0 --dev= --valid-addr={|dhcp}\n"; + print " $0 --show=\n"; + exit 1; +} + GetOptions("eth-addr-update=s" => \$eth_update, "eth-addr-delete=s" => \$eth_delete, "valid-addr=s" => \$addr, @@ -58,7 +68,7 @@ GetOptions("eth-addr-update=s" => \$eth_update, "check=s" => \$check_name, "show=s" => \$show_names, "vif=s" => \$vif_name, -); +) or usage(); if ($eth_update) { update_eth_addrs($eth_update, $dev); } if ($eth_delete) { delete_eth_addrs($eth_delete, $dev); } @@ -66,7 +76,7 @@ if ($addr) { is_valid_addr($addr, $dev); } if ($mac) { is_valid_mac($mac, $dev); } if ($mac_update) { update_mac($mac_update, $dev); } if ($op_dhclient) { op_dhcp_command($op_dhclient, $dev); } -if ($check_name) { is_valid_name($check_name); } +if ($check_name) { is_valid_name($check_name, $dev); } if ($show_names) { show_interfaces($show_names); } sub is_ip_configured { @@ -427,12 +437,17 @@ sub op_dhcp_command { } sub is_valid_name { - my $name = shift; - my $intf = new Vyatta::Interface($name); - - exit 0 if $intf; + my ($type, $name) = @_; + die "Missing --dev argument\n" unless $name; - die "$name: is not a known interface name\n"; + my $intf = new Vyatta::Interface($name); + die "$name does not match any known interface name type\n" + unless $intf; + die "$name is a ", $intf->type(), " interface not an $type interface\n" + if ($intf->type() ne $type); + die "$type interface $name does not exist on system\n" + unless grep { $name eq $_ } getInterfaces(); + exit 0; } # generate one line with all known interfaces (for allowed) -- cgit v1.2.3 From 76df8018fe0f0648abc58bd7a988ffaf61e75106 Mon Sep 17 00:00:00 2001 From: Stephen Hemminger Date: Tue, 3 Mar 2009 08:42:36 -0800 Subject: Use check option to vyatta-interfaces.pl Eliminate checks in template in favor of doing it in one place in vyatta-interfaces.pl code. --- templates/interfaces/ethernet/node.def | 11 +++-------- templates/interfaces/loopback/node.def | 13 +++---------- 2 files changed, 6 insertions(+), 18 deletions(-) diff --git a/templates/interfaces/ethernet/node.def b/templates/interfaces/ethernet/node.def index 55d0a85..c231b74 100644 --- a/templates/interfaces/ethernet/node.def +++ b/templates/interfaces/ethernet/node.def @@ -1,14 +1,9 @@ tag: type: txt help: Set ethernet interface -syntax:expression: pattern $VAR(@) "^eth[0-9]+$" \ - ; "interface must be (eth0 - eth999)" -syntax:expression: exec " \ - if [ -f /sys/class/net/$VAR(@) ]; then \ - echo \"Ethernet interface does not exist: $VAR(@)\"; \ - exit 1; \ - fi" -allowed: /opt/vyatt/sbin/vyatta-interfaces.pl --show=ethernet +syntax:expression: exec \ + "/opt/vyatta/sbin/vyatta-interfaces.pl --dev=$VAR(@) --check=ethernet" +allowed: /opt/vyatta/sbin/vyatta-interfaces.pl --show=ethernet update: sudo ip link set "$VAR(@)" up /opt/vyatta/sbin/vyatta-link-detect $VAR(@) on delete: sudo ip link set "$VAR(@)" down diff --git a/templates/interfaces/loopback/node.def b/templates/interfaces/loopback/node.def index e57f4b1..690dc39 100644 --- a/templates/interfaces/loopback/node.def +++ b/templates/interfaces/loopback/node.def @@ -1,14 +1,7 @@ tag: type: txt help: Set loopback interface -allowed: echo "lo" -syntax:expression: exec "\ - if [ ! -d /sys/class/net/$VAR(@) ]; then \ - echo \"loopback interface $VAR(@) does not exist\"; \ - exit 1; \ - elif [ $(cat /sys/class/net/$VAR(@)/type) -ne 772 ]; then \ - echo \"interface $VAR(@) is not a loopback interface\"; \ - exit 1; \ - fi" - +syntax:expression: exec \ + "/opt/vyatta/sbin/vyatta-interfaces.pl --dev=$VAR(@) --check=loopback" +allowed: /opt/vyatta/sbin/vyatta-interfaces.pl --show=loopback update: sudo ip link set $VAR(@) up -- cgit v1.2.3 From f30e5be6b720de55f2c06d640b594d9d3457e102 Mon Sep 17 00:00:00 2001 From: Stephen Hemminger Date: Tue, 3 Mar 2009 08:43:22 -0800 Subject: Need to setup bonding before ethernet --- templates/priority | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/priority b/templates/priority index 8b8118a..3ba0cd6 100644 --- a/templates/priority +++ b/templates/priority @@ -5,6 +5,7 @@ 302 protocols/rip 303 protocols/ripng 310 interfaces/bridge +315 interfaces/bonding 320 interfaces/ethernet 320 interfaces/loopback 330 interfaces/adsl @@ -12,7 +13,6 @@ 350 interfaces/wirelessmodem 380 interfaces/tunnel 380 interfaces/openvpn -390 interfaces/bonding 400 system 450 protocols/static 470 policy -- cgit v1.2.3 From 5921105087a4efb2af329f312390c22c9260c0de Mon Sep 17 00:00:00 2001 From: Stephen Hemminger Date: Tue, 3 Mar 2009 10:55:57 -0800 Subject: 0.14.35 --- debian/changelog | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/debian/changelog b/debian/changelog index 748e897..e3845f4 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,12 @@ +vyatta-cfg (0.14.35) unstable; urgency=low + + * Use vyatta-interfaces to generate allowed list + * Extend vyatta-interfaces to do device name checking + * Use check option to vyatta-interfaces.pl + * Need to setup bonding before ethernet + + -- Stephen Hemminger Tue, 03 Mar 2009 10:55:57 -0800 + vyatta-cfg (0.14.34) unstable; urgency=low * added fix for nested priority and deletion failure. also priorities -- cgit v1.2.3 From 11d77d7b77d0dae8c5d41ff692a8b01eebafc9fb Mon Sep 17 00:00:00 2001 From: slioch Date: Tue, 3 Mar 2009 17:06:06 -0800 Subject: fixed -o option on commit. modified empty multinode behavior so action is NOT executed if a multinode does not possess a value. Other source cleanup. --- src/commit2.c | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/src/commit2.c b/src/commit2.c index 858cf90..5e75151 100644 --- a/src/commit2.c +++ b/src/commit2.c @@ -34,9 +34,6 @@ char* ActionNames[top_act] = { "end" //7 }; -extern boolean -check_syn(vtw_node *cur); - GNode* get_transactions(GNode*, boolean priority); @@ -76,15 +73,6 @@ also, the algorithm for collapsing the tree into a transaction list is: 1) iterate through tree and mark all explicit transactions 2) when done, prune the tree of all root explicit transactions 3) Now iterate through remaining tree and remove each node and append to transaction list. - - -TODO: -> Implement transactional sorting functions (test) -> possibly add back validation sequence (difference in committing failed user w/o pw) -> memory handling code (i.e. all the frees I left out) -> test on boot by having boot call load rather than running through boot (and adding priority file) -> - */ /** @@ -164,6 +152,11 @@ main(int argc, char** argv) fprintf(out_stream, "No configuration changes to commit\n"); return 0; } + + GNode *orig_node_tree = NULL; + if (disable_partial_commit == TRUE) { + orig_node_tree = g_node_copy(config_data); + } // Get collection of transactions, i.e. trans nodes that have been activated. GNode *trans_coll = get_transactions(config_data, priority_mode); @@ -235,6 +228,9 @@ main(int argc, char** argv) } while ((trans_child_node = (GNode*)g_node_nth_child((GNode*)trans_coll,(guint)i)) != NULL); if (no_errors == TRUE) { + if (disable_partial_commit == TRUE) { + complete(orig_node_tree, test_mode); + } common_commit_clean_temp_config(test_mode); if (g_debug == TRUE) { printf("commit2: successful commit, now cleaning up temp directories\n"); @@ -306,6 +302,11 @@ process_func(GNode *node, gpointer data) return FALSE; } + //let's skip any multi-node that does not have have a value (an empty multi-node) + if (c->_multi && node->children == NULL) { + return FALSE; + } + //look at parent for multi tag if (d->_value && d->_name) { if (g_debug) { @@ -379,8 +380,7 @@ complete(GNode *node, boolean test_mode) gpointer gp = ((GNode*)node)->data; if (g_debug) { if (((struct VyattaNode*)gp)->_data._name != NULL) { - printf("commit2::complete():name: %s\n",((struct VyattaNode*)gp)->_data._name); - printf("commit2::complete():path: %s\n",((struct VyattaNode*)gp)->_data._path); + printf("commit2::complete():name: %s, path: %s\n",((struct VyattaNode*)gp)->_data._name,((struct VyattaNode*)gp)->_data._path); } else { printf("commit2::complete()\n"); -- cgit v1.2.3 From ceaae5d10b50f7aca1f4b604909a25ccaef6330f Mon Sep 17 00:00:00 2001 From: slioch Date: Tue, 3 Mar 2009 17:07:36 -0800 Subject: 0.14.36 --- debian/changelog | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/debian/changelog b/debian/changelog index e3845f4..01b9288 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +vyatta-cfg (0.14.36) unstable; urgency=low + + * fixed -o option on commit. modified empty multinode behavior so + action is NOT executed if a multinode does not possess a value. + Other source cleanup. + + -- slioch Tue, 03 Mar 2009 17:07:36 -0800 + vyatta-cfg (0.14.35) unstable; urgency=low * Use vyatta-interfaces to generate allowed list -- cgit v1.2.3 From 2a04ac6d2e0e63317fc3cc30462658c2d0376631 Mon Sep 17 00:00:00 2001 From: slioch Date: Wed, 4 Mar 2009 09:42:32 -0800 Subject: modified environment variable setting for action on nodes. --- src/commit2.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/commit2.c b/src/commit2.c index 5e75151..35f609d 100644 --- a/src/commit2.c +++ b/src/commit2.c @@ -337,12 +337,15 @@ process_func(GNode *node, gpointer data) if (result->_action == delete_act) { - setenv(ENV_ACTION_NAME,ENV_ACTION_DELETE,1); set_in_delete_action(TRUE); } + if (IS_DELETE(d->_operation)) { + setenv(ENV_ACTION_NAME,ENV_ACTION_DELETE,1); + } else { setenv(ENV_ACTION_NAME,ENV_ACTION_SET,1); } + status = execute_list(c->_def.actions[result->_action].vtw_list_head,&c->_def); if (result->_action == delete_act) { set_in_delete_action(FALSE); -- cgit v1.2.3 From 86b9133c53ab2082fa2c58f68a1779c39c113521 Mon Sep 17 00:00:00 2001 From: slioch Date: Wed, 4 Mar 2009 09:46:20 -0800 Subject: 0.14.37 --- debian/changelog | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/debian/changelog b/debian/changelog index 01b9288..d906e3d 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +vyatta-cfg (0.14.37) unstable; urgency=low + + * modified environment variable setting for action on nodes. + + -- slioch Wed, 04 Mar 2009 09:46:20 -0800 + vyatta-cfg (0.14.36) unstable; urgency=low * fixed -o option on commit. modified empty multinode behavior so -- cgit v1.2.3 From 079dc15e8e34568ef41a3938276c235d4f75ee09 Mon Sep 17 00:00:00 2001 From: slioch Date: Wed, 4 Mar 2009 17:15:29 -0800 Subject: limit unescape command to embedded multinodes--fixes problem in qos-walkthrough regression test. haven't tried it but system probably inherently prevents percents from being used in embedded multinodes. --- src/commit2.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/src/commit2.c b/src/commit2.c index 35f609d..0d77fb6 100644 --- a/src/commit2.c +++ b/src/commit2.c @@ -309,10 +309,14 @@ process_func(GNode *node, gpointer data) //look at parent for multi tag if (d->_value && d->_name) { + char *val = d->_name; + if (c->_def.tag) { //need to handle the embedded multinode as a special case--should be fixed! + val = (char*)clind_unescape(d->_name); + } if (g_debug) { - printf("commit2::process_func(): @ value: %s\n",(char*)clind_unescape(d->_name)); + printf("commit2::process_func(): @ value: %s\n",(char*)val); } - set_at_string((char*)clind_unescape(d->_name)); //embedded multinode value + set_at_string(val); //embedded multinode value } else { if (g_debug) { -- cgit v1.2.3 From 6d5458fbd0cfbcc3b4b16f4d3d6682dd474d60b6 Mon Sep 17 00:00:00 2001 From: slioch Date: Wed, 4 Mar 2009 17:17:25 -0800 Subject: 0.14.38 --- debian/changelog | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/debian/changelog b/debian/changelog index d906e3d..a46215b 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +vyatta-cfg (0.14.38) unstable; urgency=low + + * limit unescape command to embedded multinodes--fixes problem in qos- + walkthrough regression test. haven't tried it but system probably + inherently prevents percents from + + -- slioch Wed, 04 Mar 2009 17:17:24 -0800 + vyatta-cfg (0.14.37) unstable; urgency=low * modified environment variable setting for action on nodes. -- cgit v1.2.3