summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2021-05-13 17:49:00 +0200
committerChristian Poessinger <christian@poessinger.com>2021-05-13 17:51:25 +0200
commitb0dd708e6e2fe3c488894141f120a013f43c897d (patch)
tree8d186ca27c8b390dad105c221bf113eecef930d6
parent78d375a3a354b0cc93bdfc36fd828c691f9ccb56 (diff)
downloadvyos-1x-b0dd708e6e2fe3c488894141f120a013f43c897d.tar.gz
vyos-1x-b0dd708e6e2fe3c488894141f120a013f43c897d.zip
dhcp-server: T3544: test newly rendered configuration before restarting daemon
The current DHCP server implementation comes with options (see below) which allow the user to pass in any arbitrary option(s) in a verbatim way which will manifest in dhcpd.conf. The options are: * set service dhcp-server global-parameters * set service dhcp-server shared-network-name foo shared-network-parameters * set service dhcp-server shared-network-name foo subnet 192.0.2.0/25 subnet-parameters * set service dhcp-server shared-network-name foo subnet 192.0.2.0/25 static-mapping ff static-mapping-parameters Having an invalid configuration will yield: vyos@vyos# commit [ service dhcp-server ] Configuration file errors encountered - check your options! [[service dhcp-server]] failed (cherry picked from commit 3c754695590b9d9e582c10e6d05c2b628e79262c)
-rwxr-xr-xsrc/conf_mode/dhcp_server.py23
1 files changed, 20 insertions, 3 deletions
diff --git a/src/conf_mode/dhcp_server.py b/src/conf_mode/dhcp_server.py
index 84a8736e8..47df12804 100755
--- a/src/conf_mode/dhcp_server.py
+++ b/src/conf_mode/dhcp_server.py
@@ -18,6 +18,7 @@ import os
from ipaddress import ip_address
from ipaddress import ip_network
+from shutil import move
from sys import exit
from vyos.config import Config
@@ -25,6 +26,7 @@ from vyos.configdict import dict_merge
from vyos.template import render
from vyos.util import call
from vyos.util import dict_search
+from vyos.util import run
from vyos.validate import is_subnet_connected
from vyos.validate import is_addr_assigned
from vyos.xml import defaults
@@ -272,10 +274,25 @@ def generate(dhcp):
if not dhcp or 'disable' in dhcp:
return None
- # Please see: https://phabricator.vyos.net/T1129 for quoting of the raw parameters
- # we can pass to ISC DHCPd
- render(config_file, 'dhcp-server/dhcpd.conf.tmpl', dhcp,
+ # Please see: https://phabricator.vyos.net/T1129 for quoting of the raw
+ # parameters we can pass to ISC DHCPd
+ tmp_file = '/tmp/dhcpd.conf'
+ render(tmp_file, 'dhcp-server/dhcpd.conf.tmpl', dhcp,
formater=lambda _: _.replace("&quot;", '"'))
+ # XXX: as we have the ability for a user to pass in "raw" options via VyOS
+ # CLI (see T3544) we now ask ISC dhcpd to test the newly rendered
+ # configuration
+ tmp = run(f'/usr/sbin/dhcpd -t -cf {tmp_file}')
+ if tmp > 0:
+ if os.path.exists(tmp_file):
+ os.unlink(tmp_file)
+ raise ConfigError('Configuration file errors encountered - check your options!')
+
+ # Now that we know that the newly rendered configuration is "good" we can
+ # move the temporary configuration to the "real" configuration - we could
+ # also render it two times but that would not be as fast as a move operation
+ move(tmp_file, config_file)
+
return None
def apply(dhcp):