diff options
author | Christian Poessinger <christian@poessinger.com> | 2018-06-08 10:36:53 +0200 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2018-06-08 10:36:53 +0200 |
commit | a4b60ec2056662767b2736206d8f3be00f94a275 (patch) | |
tree | 8375da740f4ca6b237ca60d2adebee1e13a64833 /src/conf_mode | |
parent | 873e9ef110039289b3554e4e579bbaa249f9ca77 (diff) | |
download | vyos-1x-a4b60ec2056662767b2736206d8f3be00f94a275.tar.gz vyos-1x-a4b60ec2056662767b2736206d8f3be00f94a275.zip |
T652: import SNMP keys from volatile into nonvolatile location
Diffstat (limited to 'src/conf_mode')
-rwxr-xr-x | src/conf_mode/snmp.py | 28 |
1 files changed, 23 insertions, 5 deletions
diff --git a/src/conf_mode/snmp.py b/src/conf_mode/snmp.py index 83ae27bbd..863f7e2e2 100755 --- a/src/conf_mode/snmp.py +++ b/src/conf_mode/snmp.py @@ -18,6 +18,7 @@ import sys import os +import shutil import stat import pwd import time @@ -46,7 +47,6 @@ OIDs = { 'des' : '.1.3.6.1.6.3.10.1.2.2', 'none': '.1.3.6.1.6.3.10.1.2.1' } - # SNMPS template - be careful if you edit the template. client_config_tmpl = """ ### Autogenerated by snmp.py ### @@ -714,12 +714,30 @@ def generate(snmp): def apply(snmp): if snmp is not None: - if not os.path.exists('/config/snmp/tls'): - os.makedirs('/config/snmp/tls') - os.chmod('/config/snmp/tls', stat.S_IWUSR | stat.S_IRUSR) + nonvolatiledir = '/config/snmp/tls' + volatiledir = '/etc/snmp/tls' + if not os.path.exists(nonvolatiledir): + os.makedirs(nonvolatiledir) + os.chmod(nonvolatiledir, stat.S_IWUSR | stat.S_IRUSR) # get uid for user 'snmp' snmp_uid = pwd.getpwnam('snmp').pw_uid - os.chown('/config/snmp/tls', snmp_uid, -1) + os.chown(nonvolatiledir, snmp_uid, -1) + + # move SNMP certificate files from volatile location to non volatile /config/snmp + if os.path.exists(volatiledir) and os.path.isdir(volatiledir): + files = os.listdir(volatiledir) + for f in files: + shutil.move(volatiledir + '/' + f, nonvolatiledir) + os.chmod(nonvolatiledir + '/' + f, stat.S_IWUSR | stat.S_IRUSR) + + os.rmdir(volatiledir) + os.symlink(nonvolatiledir, volatiledir) + + if os.path.islink(volatiledir): + link = os.readlink(volatiledir) + if link != nonvolatiledir: + os.unlink(volatiledir) + os.symlink(nonvolatiledir, volatiledir) # start SNMP daemon os.system("sudo systemctl restart snmpd.service") |