diff options
author | Jernej Jakob <jernej.jakob@gmail.com> | 2020-03-24 21:59:54 +0100 |
---|---|---|
committer | Jernej Jakob <jernej.jakob@gmail.com> | 2020-03-24 22:03:11 +0100 |
commit | 30b3a0af7e079bfdf9b0e696cccf0e052ff40e8d (patch) | |
tree | f839245d3208db742289e56e3bca4baa0567c23d /src | |
parent | 9d48ba7a84d3a29ac3f83b983159019e3ce11e3c (diff) | |
download | vyos-1x-30b3a0af7e079bfdf9b0e696cccf0e052ff40e8d.tar.gz vyos-1x-30b3a0af7e079bfdf9b0e696cccf0e052ff40e8d.zip |
openvpn: T2146: remove user/pass auth file when not needed
Diffstat (limited to 'src')
-rwxr-xr-x | src/conf_mode/interfaces-openvpn.py | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/src/conf_mode/interfaces-openvpn.py b/src/conf_mode/interfaces-openvpn.py index fe49f776b..55f9aa67d 100755 --- a/src/conf_mode/interfaces-openvpn.py +++ b/src/conf_mode/interfaces-openvpn.py @@ -925,6 +925,11 @@ def generate(openvpn): fixup_permission(auth_file) + else: + # delete old auth file if present + if os.path.isfile('/tmp/openvpn-{}-pw'.format(interface)): + os.remove('/tmp/openvpn-{}-pw'.format(interface)) + # get numeric uid/gid uid = getpwnam(user).pw_uid gid = getgrnam(group).gr_gid @@ -985,6 +990,10 @@ def apply(openvpn): if os.path.isdir(os.path.join(directory, 'ccd', openvpn['intf'])): rmtree(os.path.join(directory, 'ccd', openvpn['intf']), ignore_errors=True) + # cleanup auth file + if os.path.isfile('/tmp/openvpn-{}-pw'.format(openvpn['intf'])): + os.remove('/tmp/openvpn-{}-pw'.format(openvpn['intf'])) + return None # On configuration change we need to wait for the 'old' interface to |