summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorhagbard <vyosdev@derith.de>2019-11-28 10:08:11 -0800
committerhagbard <vyosdev@derith.de>2019-11-28 10:08:11 -0800
commit26677aa3ce312a5b980ea88d57feebd09e39fd98 (patch)
tree500accb618a293d1974e70bf2734e5867a5b167d
parent525af4f27dc2aa7e226f2bba46b4b1736bbc014f (diff)
parentdad110ce666edae42ac18c59a800bda503589f27 (diff)
downloadvyos-1x-26677aa3ce312a5b980ea88d57feebd09e39fd98.tar.gz
vyos-1x-26677aa3ce312a5b980ea88d57feebd09e39fd98.zip
Merge branch 'current' into equuleus
-rw-r--r--interface-definitions/syslog.xml55
-rw-r--r--python/vyos/migrator.py5
-rwxr-xr-xsrc/conf_mode/dhcp_server.py6
3 files changed, 59 insertions, 7 deletions
diff --git a/interface-definitions/syslog.xml b/interface-definitions/syslog.xml
index 3c8d2ebe2..d5ea4511e 100644
--- a/interface-definitions/syslog.xml
+++ b/interface-definitions/syslog.xml
@@ -27,6 +27,10 @@
<completionHelp>
<list>auth authpriv cron daemon kern lpr mail mark news protocols security syslog user uucp local0 local1 local2 local3 local4 local5 local6 local7 all</list>
</completionHelp>
+ <constraint>
+ <regex>(auth|authpriv|cron|daemon|kern|lpr|mail|mark|news|protocols|security|syslog|user|uucp|local0|local1|local2|local3|local4|local5|local6|local7|all)</regex>
+ </constraint>
+ <constraintErrorMessage>Invalid facility type</constraintErrorMessage>
<valueHelp>
<format>all</format>
<description>All facilities excluding "mark"</description>
@@ -127,6 +131,10 @@
<completionHelp>
<list>emerg alert crit err warning notice info debug all</list>
</completionHelp>
+ <constraint>
+ <regex>(emerg|alert|crit|err|warning|notice|info|debug|all)</regex>
+ </constraint>
+ <constraintErrorMessage>Invalid loglevel</constraintErrorMessage>
<valueHelp>
<format>emerg</format>
<description>Emergency messages</description>
@@ -173,10 +181,10 @@
<properties>
<help>Logging to a remote host</help>
<constraint>
- <!-- at least let's make sure whitespace isn't allowed, ideally it should be checked for IPv4/IPv6 address or fqdn/hostname -->
- <regex>[^ ]{1,63}</regex>
+ <validator name="ip-address" />
+ <regex>(?=^.{4,253}$)(^((?!-)[a-zA-Z0-9-]{0,62}[a-zA-Z0-9]\.)+[a-zA-Z]{2,63}$)</regex>
</constraint>
- <constraintErrorMessage>illegal characters in user</constraintErrorMessage>
+ <constraintErrorMessage>Invalid host FQDN or IP address</constraintErrorMessage>
<valueHelp>
<format>x.x.x.x or host.domain.tld</format>
<description>Remote host name or IP address</description>
@@ -189,6 +197,10 @@
<completionHelp>
<list>auth authpriv cron daemon kern lpr mail mark news protocols security syslog user uucp local0 local1 local2 local3 local4 local5 local6 local7 all</list>
</completionHelp>
+ <constraint>
+ <regex>(auth|authpriv|cron|daemon|kern|lpr|mail|mark|news|protocols|security|syslog|user|uucp|local0|local1|local2|local3|local4|local5|local6|local7|all)</regex>
+ </constraint>
+ <constraintErrorMessage>Invalid facility type</constraintErrorMessage>
<valueHelp>
<format>all</format>
<description>All facilities excluding "mark"</description>
@@ -292,8 +304,15 @@
</valueHelp>
<valueHelp>
<format>tcp</format>
- <description>send log messages to remote syslog server over tdp</description>
+ <description>send log messages to remote syslog server over tcp</description>
</valueHelp>
+ <completionHelp>
+ <list>udp tcp</list>
+ </completionHelp>
+ <constraint>
+ <regex>(udp|tcp)</regex>
+ </constraint>
+ <constraintErrorMessage>invalid protocol name</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="level">
@@ -302,6 +321,10 @@
<completionHelp>
<list>emerg alert crit err warning notice info debug all</list>
</completionHelp>
+ <constraint>
+ <regex>(emerg|alert|crit|err|warning|notice|info|debug|all)</regex>
+ </constraint>
+ <constraintErrorMessage>Invalid loglevel</constraintErrorMessage>
<valueHelp>
<format>emerg</format>
<description>Emergency messages</description>
@@ -380,6 +403,10 @@
<completionHelp>
<list>auth authpriv cron daemon kern lpr mail mark news protocols security syslog user uucp local0 local1 local2 local3 local4 local5 local6 local7 all</list>
</completionHelp>
+ <constraint>
+ <regex>(auth|authpriv|cron|daemon|kern|lpr|mail|mark|news|protocols|security|syslog|user|uucp|local0|local1|local2|local3|local4|local5|local6|local7|all)</regex>
+ </constraint>
+ <constraintErrorMessage>Invalid facility type</constraintErrorMessage>
<valueHelp>
<format>all</format>
<description>All facilities excluding "mark"</description>
@@ -480,6 +507,10 @@
<completionHelp>
<list>emerg alert crit err warning notice info debug all</list>
</completionHelp>
+ <constraint>
+ <regex>(emerg|alert|crit|err|warning|notice|info|debug|all)</regex>
+ </constraint>
+ <constraintErrorMessage>Invalid loglevel</constraintErrorMessage>
<valueHelp>
<format>emerg</format>
<description>Emergency messages</description>
@@ -583,6 +614,10 @@
<completionHelp>
<list>auth authpriv cron daemon kern lpr mail mark news protocols security syslog user uucp local0 local1 local2 local3 local4 local5 local6 local7 all</list>
</completionHelp>
+ <constraint>
+ <regex>(auth|authpriv|cron|daemon|kern|lpr|mail|mark|news|protocols|security|syslog|user|uucp|local0|local1|local2|local3|local4|local5|local6|local7|all)</regex>
+ </constraint>
+ <constraintErrorMessage>Invalid facility type</constraintErrorMessage>
<valueHelp>
<format>all</format>
<description>All facilities excluding "mark"</description>
@@ -683,6 +718,10 @@
<completionHelp>
<list>emerg alert crit err warning notice info debug all</list>
</completionHelp>
+ <constraint>
+ <regex>(emerg|alert|crit|err|warning|notice|info|debug|all)</regex>
+ </constraint>
+ <constraintErrorMessage>Invalid loglevel</constraintErrorMessage>
<valueHelp>
<format>emerg</format>
<description>Emergency messages</description>
@@ -736,6 +775,10 @@
<completionHelp>
<list>auth authpriv cron daemon kern lpr mail mark news protocols security syslog user uucp local0 local1 local2 local3 local4 local5 local6 local7 all</list>
</completionHelp>
+ <constraint>
+ <regex>(auth|authpriv|cron|daemon|kern|lpr|mail|mark|news|protocols|security|syslog|user|uucp|local0|local1|local2|local3|local4|local5|local6|local7|all)</regex>
+ </constraint>
+ <constraintErrorMessage>Invalid facility type</constraintErrorMessage>
<valueHelp>
<format>all</format>
<description>All facilities excluding "mark"</description>
@@ -836,6 +879,10 @@
<completionHelp>
<list>emerg alert crit err warning notice info debug all</list>
</completionHelp>
+ <constraint>
+ <regex>(emerg|alert|crit|err|warning|notice|info|debug|all)</regex>
+ </constraint>
+ <constraintErrorMessage>Invalid loglevel</constraintErrorMessage>
<valueHelp>
<format>emerg</format>
<description>Emergency messages</description>
diff --git a/python/vyos/migrator.py b/python/vyos/migrator.py
index 86e1af183..f05228041 100644
--- a/python/vyos/migrator.py
+++ b/python/vyos/migrator.py
@@ -80,13 +80,18 @@ class Migrator(object):
"""
self._log_file = os.path.join(vyos.defaults.directories['config'],
'vyos-migrate.log')
+ # on creation, allow write permission for cfg_group;
+ # restore original umask on exit
+ mask = os.umask(0o113)
try:
log = open('{0}'.format(self._log_file), 'w')
log.write("List of executed migration scripts:\n")
except Exception as e:
+ os.umask(mask)
print("Logging error: {0}".format(e))
return None
+ os.umask(mask)
return log
def run_migration_scripts(self, config_file_versions, system_versions):
diff --git a/src/conf_mode/dhcp_server.py b/src/conf_mode/dhcp_server.py
index af803a696..c2a188812 100755
--- a/src/conf_mode/dhcp_server.py
+++ b/src/conf_mode/dhcp_server.py
@@ -793,9 +793,9 @@ def verify(dhcp):
raise ConfigError('DHCP conflicting subnet ranges: {0} overlaps {1}'.format(net, net2))
if not listen_ok:
- raise ConfigError('None of the DHCP lease subnets are inside any configured subnet on\n' \
- 'broadcast interfaces. At least one lease subnet must be set such that\n' \
- 'DHCP server listens on a one broadcast interface!')
+ raise ConfigError('DHCP server configuration error!\n' \
+ 'None of configured DHCP subnets does not have appropriate\n' \
+ 'primary IP address on any broadcast interface.')
return None