summaryrefslogtreecommitdiff
path: root/src/conf_mode
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2018-06-08 10:36:53 +0200
committerChristian Poessinger <christian@poessinger.com>2018-06-08 10:36:53 +0200
commita4b60ec2056662767b2736206d8f3be00f94a275 (patch)
tree8375da740f4ca6b237ca60d2adebee1e13a64833 /src/conf_mode
parent873e9ef110039289b3554e4e579bbaa249f9ca77 (diff)
downloadvyos-1x-a4b60ec2056662767b2736206d8f3be00f94a275.tar.gz
vyos-1x-a4b60ec2056662767b2736206d8f3be00f94a275.zip
T652: import SNMP keys from volatile into nonvolatile location
Diffstat (limited to 'src/conf_mode')
-rwxr-xr-xsrc/conf_mode/snmp.py28
1 files changed, 23 insertions, 5 deletions
diff --git a/src/conf_mode/snmp.py b/src/conf_mode/snmp.py
index 83ae27bbd..863f7e2e2 100755
--- a/src/conf_mode/snmp.py
+++ b/src/conf_mode/snmp.py
@@ -18,6 +18,7 @@
import sys
import os
+import shutil
import stat
import pwd
import time
@@ -46,7 +47,6 @@ OIDs = {
'des' : '.1.3.6.1.6.3.10.1.2.2',
'none': '.1.3.6.1.6.3.10.1.2.1'
}
-
# SNMPS template - be careful if you edit the template.
client_config_tmpl = """
### Autogenerated by snmp.py ###
@@ -714,12 +714,30 @@ def generate(snmp):
def apply(snmp):
if snmp is not None:
- if not os.path.exists('/config/snmp/tls'):
- os.makedirs('/config/snmp/tls')
- os.chmod('/config/snmp/tls', stat.S_IWUSR | stat.S_IRUSR)
+ nonvolatiledir = '/config/snmp/tls'
+ volatiledir = '/etc/snmp/tls'
+ if not os.path.exists(nonvolatiledir):
+ os.makedirs(nonvolatiledir)
+ os.chmod(nonvolatiledir, stat.S_IWUSR | stat.S_IRUSR)
# get uid for user 'snmp'
snmp_uid = pwd.getpwnam('snmp').pw_uid
- os.chown('/config/snmp/tls', snmp_uid, -1)
+ os.chown(nonvolatiledir, snmp_uid, -1)
+
+ # move SNMP certificate files from volatile location to non volatile /config/snmp
+ if os.path.exists(volatiledir) and os.path.isdir(volatiledir):
+ files = os.listdir(volatiledir)
+ for f in files:
+ shutil.move(volatiledir + '/' + f, nonvolatiledir)
+ os.chmod(nonvolatiledir + '/' + f, stat.S_IWUSR | stat.S_IRUSR)
+
+ os.rmdir(volatiledir)
+ os.symlink(nonvolatiledir, volatiledir)
+
+ if os.path.islink(volatiledir):
+ link = os.readlink(volatiledir)
+ if link != nonvolatiledir:
+ os.unlink(volatiledir)
+ os.symlink(nonvolatiledir, volatiledir)
# start SNMP daemon
os.system("sudo systemctl restart snmpd.service")