summaryrefslogtreecommitdiff
path: root/src/conf_mode
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2019-12-18 12:25:12 +0100
committerChristian Poessinger <christian@poessinger.com>2019-12-18 12:25:12 +0100
commit75847af961fd61daa63b26e8bafb1237df85a7fb (patch)
tree63deca295e8b843518cde30cadc2f1df15c6d273 /src/conf_mode
parent60e61ed1247c4f8efdd1805b1e1f2dda5ed2472c (diff)
parent214e63fbad5f1ed008543ba0eec56d1aa6649745 (diff)
downloadvyos-1x-75847af961fd61daa63b26e8bafb1237df85a7fb.tar.gz
vyos-1x-75847af961fd61daa63b26e8bafb1237df85a7fb.zip
Merge branch 'equuleus' of github.com:vyos/vyos-1x into currentvyos/1.3dev0
* 'equuleus' of github.com:vyos/vyos-1x: T1873: DHCP: add current year to copyright notice T1873: DHCP: fix service name in op-mode "show dhcp" T1873: DHCP: ship our own server init scripts vyos.config: T1862: restore regex after merge equuleus: T1862: Use regex pattern \s+ to split strings on whitespace [vyos.config] T1758: adjust regex for change in Python 3.7 Jenkins: Docker: always pull container from Dockerhub ssh - T1719: ssh deprecated options removed Jenkins: assume dependencies are available in Docker container Jenkins: fix httpURI in isCustomBuild() openvpn: T1617: bugfix for server push-route openvpn: T1548: remove authy 2fa provider update Jenkins file for equuleus igmpproxy: remove init script which is already provided by Debian Buster
Diffstat (limited to 'src/conf_mode')
-rwxr-xr-xsrc/conf_mode/dhcp_server.py13
-rwxr-xr-xsrc/conf_mode/dhcpv6_server.py9
-rwxr-xr-xsrc/conf_mode/ssh.py7
3 files changed, 13 insertions, 16 deletions
diff --git a/src/conf_mode/dhcp_server.py b/src/conf_mode/dhcp_server.py
index c2a188812..bf86e484b 100755
--- a/src/conf_mode/dhcp_server.py
+++ b/src/conf_mode/dhcp_server.py
@@ -28,7 +28,8 @@ from vyos import ConfigError
config_file = r'/etc/dhcp/dhcpd.conf'
lease_file = r'/config/dhcpd.leases'
-daemon_config_file = r'/etc/default/isc-dhcp-server'
+pid_file = r'/var/run/dhcpd.pid'
+daemon_config_file = r'/etc/default/isc-dhcpv4-server'
# Please be careful if you edit the template.
config_tmpl = """
@@ -231,10 +232,10 @@ shared-network {{ network.name }} {
daemon_tmpl = """
### Autogenerated by dhcp_server.py ###
-# sourced by /etc/init.d/isc-dhcp-server
+# sourced by /etc/init.d/isc-dhcpv4-server
-DHCPD_CONF=/etc/dhcp/dhcpd.conf
-DHCPD_PID=/var/run/dhcpd.pid
+DHCPD_CONF={{ config_file }}
+DHCPD_PID={{ pid_file }}
OPTIONS="-4 -lf {{ lease_file }}"
INTERFACES=""
"""
@@ -827,7 +828,7 @@ def generate(dhcp):
def apply(dhcp):
if (dhcp is None) or dhcp['disabled']:
# DHCP server is removed in the commit
- os.system('sudo systemctl stop isc-dhcp-server.service')
+ os.system('sudo systemctl stop isc-dhcpv4-server.service')
if os.path.exists(config_file):
os.unlink(config_file)
if os.path.exists(daemon_config_file):
@@ -837,7 +838,7 @@ def apply(dhcp):
if not os.path.exists(lease_file):
os.mknod(lease_file)
- os.system('sudo systemctl restart isc-dhcp-server.service')
+ os.system('sudo systemctl restart isc-dhcpv4-server.service')
return None
diff --git a/src/conf_mode/dhcpv6_server.py b/src/conf_mode/dhcpv6_server.py
index 039321430..44a927789 100755
--- a/src/conf_mode/dhcpv6_server.py
+++ b/src/conf_mode/dhcpv6_server.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2018 VyOS maintainers and contributors
+# Copyright (C) 2018-2019 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -29,6 +29,7 @@ from vyos import ConfigError
config_file = r'/etc/dhcp/dhcpdv6.conf'
lease_file = r'/config/dhcpdv6.leases'
+pid_file = r'/var/run/dhcpdv6.pid'
daemon_config_file = r'/etc/default/isc-dhcpv6-server'
# Please be careful if you edit the template.
@@ -115,12 +116,12 @@ shared-network {{ network.name }} {
"""
daemon_tmpl = """
-### Autogenerated by dhcp_server.py ###
+### Autogenerated by dhcpv6_server.py ###
# sourced by /etc/init.d/isc-dhcpv6-server
-DHCPD_CONF=/etc/dhcp/dhcpdv6.conf
-DHCPD_PID=/var/run/dhcpdv6.pid
+DHCPD_CONF={{ config_file }}
+DHCPD_PID={{ pid_file }}
OPTIONS="-6 -lf {{ lease_file }}"
INTERFACES=""
"""
diff --git a/src/conf_mode/ssh.py b/src/conf_mode/ssh.py
index e3b11b537..9fe22bfee 100755
--- a/src/conf_mode/ssh.py
+++ b/src/conf_mode/ssh.py
@@ -37,16 +37,11 @@ HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key
-UsePrivilegeSeparation yes
-KeyRegenerationInterval 3600
-ServerKeyBits 1024
SyslogFacility AUTH
LoginGraceTime 120
StrictModes yes
-RSAAuthentication yes
PubkeyAuthentication yes
IgnoreRhosts yes
-RhostsRSAAuthentication no
HostbasedAuthentication no
PermitEmptyPasswords no
ChallengeResponseAuthentication no
@@ -58,7 +53,7 @@ TCPKeepAlive yes
Banner /etc/issue.net
Subsystem sftp /usr/lib/openssh/sftp-server
UsePAM yes
-HostKey /etc/ssh/ssh_host_key
+HostKey /etc/ssh/ssh_host_rsa_key
# Specifies whether sshd should look up the remote host name,
# and to check that the resolved host name for the remote IP