Merge pull request #329 from thomas-mangin/T2226

util: T2226: improvement and fixes
author: Christian Poessinger <christian@poessinger.com> 2020-04-11 20:36:39 +0200
committer: GitHub <noreply@github.com> 2020-04-11 20:36:39 +0200
commit: da03bbf8767be74957baae68bf9ffc0e9f56ddac (patch)
tree: bcdfb217eb1bc75d06ce5af604836c6be999a749 /src/conf_mode
parent: 143d292209b6ebe24f90667f2d5edd0216151163 (diff)
parent: 5763af8cbe7e2ad35a1eb336e77a6fe74ac2534e (diff)
download: vyos-1x-da03bbf8767be74957baae68bf9ffc0e9f56ddac.tar.gz
vyos-1x-da03bbf8767be74957baae68bf9ffc0e9f56ddac.zip
2 files changed, 23 insertions, 8 deletions
diff --git a/src/conf_mode/flow_accounting_conf.py b/src/conf_mode/flow_accounting_conf.py
index eef32687e..54928cdfe 100755
--- a/src/conf_mode/flow_accounting_conf.py
+++ b/src/conf_mode/flow_accounting_conf.py
@@ -83,7 +83,7 @@ def _iptables_get_nflog():
     for iptables_variant in ['iptables', 'ip6tables']:
         # run iptables, save output and split it by lines
         iptables_command = "sudo {0} -t {1} -S {2}".format(iptables_variant, iptables_nflog_table, iptables_nflog_chain)
-        cmd(iptables_command, universal_newlines=True, message='Failed to get flows list')
+        cmd(iptables_command, message='Failed to get flows list')
         iptables_out = stdout.splitlines()
 
         # parse each line and add information to list
diff --git a/src/conf_mode/system-login.py b/src/conf_mode/system-login.py
index 43732cfae..7e854c9c9 100755
--- a/src/conf_mode/system-login.py
+++ b/src/conf_mode/system-login.py
@@ -28,6 +28,8 @@ from vyos.defaults import directories as vyos_data_dir
 from vyos import ConfigError
 from vyos.util import cmd
 from vyos.util import call
+from vyos.util import DEVNULL
+
 
 radius_config_file = "/etc/pam_radius_auth.conf"
 
@@ -211,6 +213,14 @@ def generate(login):
             os.system("vyos_libexec_dir=/usr/libexec/vyos /opt/vyatta/sbin/my_set system login user '{}' authentication plaintext-password '' >/dev/null".format(user['name']))
             os.system("vyos_libexec_dir=/usr/libexec/vyos /opt/vyatta/sbin/my_set system login user '{}' authentication encrypted-password '{}' >/dev/null".format(user['name'], user['password_encrypted']))
 
+            # env = os.environ.copy()
+            # env['vyos_libexec_dir'] = '/usr/libexec/vyos'
+
+            # call("/opt/vyatta/sbin/my_set system login user '{}' authentication plaintext-password ''".format(user['name']),
+            #     env=env)
+            # call("/opt/vyatta/sbin/my_set system login user '{}' authentication encrypted-password '{}'".format(user['name'], user['password_encrypted']),
+            #     env=env)
+
     if len(login['radius_server']) > 0:
         # Prepare Jinja2 template loader from files
         tmpl_path = os.path.join(vyos_data_dir['data'], 'templates', 'system-login')
@@ -256,7 +266,7 @@ def apply(login):
         command += " {}".format(user['name'])
 
         try:
-            call(command)
+            cmd(command)
 
             uid = getpwnam(user['name']).pw_uid
             gid = getpwnam(user['name']).pw_gid
@@ -299,7 +309,7 @@ def apply(login):
                 call('pkill -HUP -u {}'.format(user))
 
             # Remove user account but leave home directory to be safe
-            call('userdel -r {} 2>/dev/null'.format(user))
+            call(f'userdel -r {user}', stderr=DEVNULL)
 
         except Exception as e:
             raise ConfigError('Deleting user "{}" raised an exception: {}'.format(user, e))
@@ -309,8 +319,10 @@ def apply(login):
     #
     if len(login['radius_server']) > 0:
         try:
+            env = os.environ.copy()
+            env['DEBIAN_FRONTEND'] = 'noninteractive'
             # Enable RADIUS in PAM
-            os.system("DEBIAN_FRONTEND=noninteractive pam-auth-update --package --enable radius")
+            cmd("pam-auth-update --package --enable radius", env=env)
 
             # Make NSS system aware of RADIUS, too
             command = "sed -i -e \'/\smapname/b\' \
@@ -321,15 +333,18 @@ def apply(login):
                           -e \'/^group:[^#]*$/s/: */&mapname /\' \
                           /etc/nsswitch.conf"
 
-            call(command)
+            cmd(command)
 
         except Exception as e:
             raise ConfigError('RADIUS configuration failed: {}'.format(e))
 
     else:
         try:
+            env = os.environ.copy()
+            env['DEBIAN_FRONTEND'] = 'noninteractive'
+
             # Disable RADIUS in PAM
-            os.system("DEBIAN_FRONTEND=noninteractive pam-auth-update --package --remove radius")
+            cmd("pam-auth-update --package --remove radius", env=env)
 
             command = "sed -i -e \'/^passwd:.*mapuid[ \t]/s/mapuid[ \t]//\' \
                    -e \'/^passwd:.*[ \t]mapname/s/[ \t]mapname//\' \
@@ -337,10 +352,10 @@ def apply(login):
                    -e \'s/[ \t]*$//\' \
                    /etc/nsswitch.conf"
 
-            call(command)
+            cmd(command)
 
         except Exception as e:
-            raise ConfigError('Removing RADIUS configuration failed'.format(e))
+            raise ConfigError('Removing RADIUS configuration failed.\n{}'.format(e))
 
     return None
author	Christian Poessinger <christian@poessinger.com>	2020-04-11 20:36:39 +0200
committer	GitHub <noreply@github.com>	2020-04-11 20:36:39 +0200
commit	da03bbf8767be74957baae68bf9ffc0e9f56ddac (patch)
tree	bcdfb217eb1bc75d06ce5af604836c6be999a749 /src/conf_mode
parent	143d292209b6ebe24f90667f2d5edd0216151163 (diff)
parent	5763af8cbe7e2ad35a1eb336e77a6fe74ac2534e (diff)
download	vyos-1x-da03bbf8767be74957baae68bf9ffc0e9f56ddac.tar.gz vyos-1x-da03bbf8767be74957baae68bf9ffc0e9f56ddac.zip