diff options
| author | Christian Poessinger <christian@poessinger.com> | 2020-03-25 07:58:57 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-03-25 07:58:57 +0100 |
| commit | 7c4d21639d9594ba4a0d96a5d6d90f25189c2817 (patch) | |
| tree | cef7ad3e1de63c41f8ae0ffa7e67a4b321b6d264 | |
| parent | 60d35d1d4d3a5acec6e39cccb166fd33490b6c27 (diff) | |
| parent | 30b3a0af7e079bfdf9b0e696cccf0e052ff40e8d (diff) | |
| download | vyos-1x-7c4d21639d9594ba4a0d96a5d6d90f25189c2817.tar.gz vyos-1x-7c4d21639d9594ba4a0d96a5d6d90f25189c2817.zip | |
Merge pull request #267 from jjakob/openvpn-remove-old-files
openvpn: T2146: remove old files
| -rwxr-xr-x | src/conf_mode/interfaces-openvpn.py | 21 |
1 files changed, 16 insertions, 5 deletions
diff --git a/src/conf_mode/interfaces-openvpn.py b/src/conf_mode/interfaces-openvpn.py index 3a3c69e37..55f9aa67d 100755 --- a/src/conf_mode/interfaces-openvpn.py +++ b/src/conf_mode/interfaces-openvpn.py @@ -28,6 +28,7 @@ from psutil import pid_exists from pwd import getpwnam from subprocess import Popen, PIPE from time import sleep +from shutil import rmtree from vyos import ConfigError from vyos.config import Config @@ -899,6 +900,10 @@ def generate(openvpn): interface = openvpn['intf'] directory = os.path.dirname(get_config_name(interface)) + # we can't know which clients were deleted, remove all client configs + if os.path.isdir(os.path.join(directory, 'ccd', interface)): + rmtree(os.path.join(directory, 'ccd', interface), ignore_errors=True) + # create config directory on demand openvpn_mkdir(directory) # create status directory on demand @@ -920,6 +925,11 @@ def generate(openvpn): fixup_permission(auth_file) + else: + # delete old auth file if present + if os.path.isfile('/tmp/openvpn-{}-pw'.format(interface)): + os.remove('/tmp/openvpn-{}-pw'.format(interface)) + # get numeric uid/gid uid = getpwnam(user).pw_uid gid = getgrnam(group).gr_gid @@ -977,11 +987,12 @@ def apply(openvpn): # cleanup client config dir directory = os.path.dirname(get_config_name(openvpn['intf'])) - if os.path.isdir(directory + '/ccd/' + openvpn['intf']): - try: - os.remove(directory + '/ccd/' + openvpn['intf'] + '/*') - except: - pass + if os.path.isdir(os.path.join(directory, 'ccd', openvpn['intf'])): + rmtree(os.path.join(directory, 'ccd', openvpn['intf']), ignore_errors=True) + + # cleanup auth file + if os.path.isfile('/tmp/openvpn-{}-pw'.format(openvpn['intf'])): + os.remove('/tmp/openvpn-{}-pw'.format(openvpn['intf'])) return None |