diff options
author | Daniil Baturin <daniil@baturin.org> | 2018-10-02 16:37:11 +0200 |
---|---|---|
committer | Daniil Baturin <daniil@baturin.org> | 2018-10-02 16:37:11 +0200 |
commit | 5d5945842d6d767ab03860d3bd1d613f62e923f3 (patch) | |
tree | b6f1a2273689e018ef2c1f89f2dece95b70d5634 | |
parent | fe8f4813e6fb008aede29d3e1cba337930907931 (diff) | |
parent | fe1569154d2019c54487662fa789f958cdb93de7 (diff) | |
download | vyos-1x-5d5945842d6d767ab03860d3bd1d613f62e923f3.tar.gz vyos-1x-5d5945842d6d767ab03860d3bd1d613f62e923f3.zip |
Merge branch 'current' of github.com:vyos/vyos-1x into current
-rw-r--r-- | data/templates/rsyslog/rsyslog.conf | 2 | ||||
-rw-r--r-- | debian/control | 1 | ||||
-rw-r--r-- | op-mode-definitions/wireguard.xml | 3 | ||||
-rwxr-xr-x | src/conf_mode/snmp.py | 47 |
4 files changed, 27 insertions, 26 deletions
diff --git a/data/templates/rsyslog/rsyslog.conf b/data/templates/rsyslog/rsyslog.conf index 0910bd662..ab60fc0f0 100644 --- a/data/templates/rsyslog/rsyslog.conf +++ b/data/templates/rsyslog/rsyslog.conf @@ -9,7 +9,7 @@ $ModLoad imuxsock # provides support for local system logging $ModLoad imklog # provides kernel logging support (previously done by rklogd) #$ModLoad immark # provides --MARK-- message capability -$OmitLocalLogging no +$OmitLocalLogging off $SystemLogSocketName /run/systemd/journal/syslog $KLogPath /proc/kmsg diff --git a/debian/control b/debian/control index 0912acbcb..4cd852687 100644 --- a/debian/control +++ b/debian/control @@ -25,6 +25,7 @@ Depends: python3, python3-isc-dhcp-leases, ipaddrcheck, tcpdump, + tshark, bmon, hvinfo, file, diff --git a/op-mode-definitions/wireguard.xml b/op-mode-definitions/wireguard.xml index dd62f0f2f..681bb5f47 100644 --- a/op-mode-definitions/wireguard.xml +++ b/op-mode-definitions/wireguard.xml @@ -27,6 +27,9 @@ <node name="show"> <children> <node name="wireguard"> + <properties> + <help>Show wireguard properties</help> + </properties> <children> <leafNode name="pubkey"> <properties> diff --git a/src/conf_mode/snmp.py b/src/conf_mode/snmp.py index 69952e5e2..cbca72a85 100755 --- a/src/conf_mode/snmp.py +++ b/src/conf_mode/snmp.py @@ -669,48 +669,45 @@ def verify(snmp): # Group must exist prior to mapping it into a group # seclevel will be extracted from group # - error = True if user['group']: + error = True if 'v3_groups' in snmp.keys(): for group in snmp['v3_groups']: if group['name'] == user['group']: seclevel = group['seclevel'] error = False - if error: - raise ConfigError('You must create group "{0}" first'.format(user['group'])) + if error: + raise ConfigError('You must create group "{0}" first'.format(user['group'])) # Depending on the configured security level # the user has to provide additional info - if seclevel in ('auth', 'priv'): - if user['authPassword'] and user['authMasterKey']: - raise ConfigError('Can not mix "encrypted-key" and "plaintext-key" for user auth') + if user['authPassword'] and user['authMasterKey']: + raise ConfigError('Can not mix "encrypted-key" and "plaintext-key" for user auth') - if (not user['authPassword'] and not user['authMasterKey']): - raise ConfigError('Must specify encrypted-key or plaintext-key for user auth') + if (not user['authPassword'] and not user['authMasterKey']): + raise ConfigError('Must specify encrypted-key or plaintext-key for user auth') - # seclevel 'priv' is more restrictive - if seclevel in ('priv'): - if user['privPassword'] and user['privMasterKey']: - raise ConfigError('Can not mix "encrypted-key" and "plaintext-key" for user privacy') + if user['privPassword'] and user['privMasterKey']: + raise ConfigError('Can not mix "encrypted-key" and "plaintext-key" for user privacy') - if user['privPassword'] == '' and user['privMasterKey'] == '': - raise ConfigError('Must specify encrypted-key or plaintext-key for user privacy') + if user['privPassword'] == '' and user['privMasterKey'] == '': + raise ConfigError('Must specify encrypted-key or plaintext-key for user privacy') - if user['privMasterKey'] and user['engineID'] == '': - raise ConfigError('Can not have "encrypted-key" without engineid') + if user['privMasterKey'] and user['engineID'] == '': + raise ConfigError('Can not have "encrypted-key" without engineid') - if user['authPassword'] == '' and user['authMasterKey'] == '' and user['privTsmKey'] == '': - raise ConfigError('Must specify auth or tsm-key for user auth') + if user['authPassword'] == '' and user['authMasterKey'] == '' and user['privTsmKey'] == '': + raise ConfigError('Must specify auth or tsm-key for user auth') - if user['mode'] == '': - raise ConfigError('Must specify user mode ro/rw') + if user['mode'] == '': + raise ConfigError('Must specify user mode ro/rw') - if user['privTsmKey']: - if not tsmKeyPattern.match(snmp['v3_tsm_key']): - if not os.path.isfile('/etc/snmp/tls/certs/' + snmp['v3_tsm_key']): - if not os.path.isfile('/config/snmp/tls/certs/' + snmp['v3_tsm_key']): - raise ConfigError('User TSM key must be fingerprint or filename in "/config/snmp/tls/certs/" folder') + if user['privTsmKey']: + if not tsmKeyPattern.match(snmp['v3_tsm_key']): + if not os.path.isfile('/etc/snmp/tls/certs/' + snmp['v3_tsm_key']): + if not os.path.isfile('/config/snmp/tls/certs/' + snmp['v3_tsm_key']): + raise ConfigError('User TSM key must be fingerprint or filename in "/config/snmp/tls/certs/" folder') if 'v3_views' in snmp.keys(): for view in snmp['v3_views']: |