diff options
| -rw-r--r-- | data/templates/syslog/rsyslog.conf.j2 | 4 | ||||
| -rw-r--r-- | debian/vyos-1x.install | 1 | ||||
| -rw-r--r-- | interface-definitions/include/version/system-version.xml.i | 2 | ||||
| -rw-r--r-- | interface-definitions/system-syslog.xml.in | 25 | ||||
| -rw-r--r-- | op-mode-definitions/dns-forwarding.xml.in | 43 | ||||
| -rw-r--r-- | op-mode-definitions/monitor-log.xml.in | 2 | ||||
| -rw-r--r-- | smoketest/configs/basic-vyos | 4 | ||||
| -rwxr-xr-x | smoketest/scripts/cli/test_service_dns_forwarding.py | 59 | ||||
| -rwxr-xr-x | src/conf_mode/dns_forwarding.py | 2 | ||||
| -rwxr-xr-x | src/conf_mode/system-syslog.py | 2 | ||||
| -rwxr-xr-x | src/etc/cron.hourly/vyos-logrotate-hourly | 4 | ||||
| -rw-r--r-- | src/etc/systemd/system/logrotate.timer.d/10-override.conf | 2 | ||||
| -rwxr-xr-x | src/migration-scripts/system/24-to-25 | 52 |
13 files changed, 139 insertions, 63 deletions
diff --git a/data/templates/syslog/rsyslog.conf.j2 b/data/templates/syslog/rsyslog.conf.j2 index 4445d568b..abe880283 100644 --- a/data/templates/syslog/rsyslog.conf.j2 +++ b/data/templates/syslog/rsyslog.conf.j2 @@ -10,7 +10,11 @@ $MarkMessagePeriod {{ files['global']['marker-interval'] }} $PreserveFQDN on {% endif %} {% for file, file_options in files.items() %} +{% if file_options['max-size'] is vyos_defined %} $outchannel {{ file }},{{ file_options['log-file'] }},{{ file_options['max-size'] }},{{ file_options['action-on-max-size'] }} +{% else %} +$outchannel {{ file }},{{ file_options['log-file'] }} +{% endif %} {{ file_options['selectors'] }} :omfile:${{ file }} {% endfor %} {% if console is defined and console is not none %} diff --git a/debian/vyos-1x.install b/debian/vyos-1x.install index 493c896eb..edd090993 100644 --- a/debian/vyos-1x.install +++ b/debian/vyos-1x.install @@ -1,4 +1,3 @@ -etc/cron.hourly etc/dhcp etc/ipsec.d etc/logrotate.d diff --git a/interface-definitions/include/version/system-version.xml.i b/interface-definitions/include/version/system-version.xml.i index 3cf92001c..b7650c782 100644 --- a/interface-definitions/include/version/system-version.xml.i +++ b/interface-definitions/include/version/system-version.xml.i @@ -1,3 +1,3 @@ <!-- include start from include/version/system-version.xml.i --> -<syntaxVersion component='system' version='24'></syntaxVersion> +<syntaxVersion component='system' version='25'></syntaxVersion> <!-- include end --> diff --git a/interface-definitions/system-syslog.xml.in b/interface-definitions/system-syslog.xml.in index 480cb1ca6..90c3de5c1 100644 --- a/interface-definitions/system-syslog.xml.in +++ b/interface-definitions/system-syslog.xml.in @@ -390,31 +390,6 @@ <help>Logging to system standard location</help> </properties> <children> - <node name="archive"> - <properties> - <help>Log file size and rotation characteristics</help> - </properties> - <children> - <leafNode name="file"> - <properties> - <help>Number of saved files (default is 5)</help> - <constraint> - <regex>[0-9]+</regex> - </constraint> - <constraintErrorMessage>illegal characters in number of files</constraintErrorMessage> - </properties> - </leafNode> - <leafNode name="size"> - <properties> - <help>Size of log files (in kbytes, default is 256)</help> - <constraint> - <regex>[0-9]+</regex> - </constraint> - <constraintErrorMessage>illegal characters in size</constraintErrorMessage> - </properties> - </leafNode> - </children> - </node> <tagNode name="facility"> <properties> <help>Facility for logging</help> diff --git a/op-mode-definitions/dns-forwarding.xml.in b/op-mode-definitions/dns-forwarding.xml.in index 6574f2319..baf60efbd 100644 --- a/op-mode-definitions/dns-forwarding.xml.in +++ b/op-mode-definitions/dns-forwarding.xml.in @@ -1,5 +1,46 @@ <?xml version="1.0"?> <interfaceDefinition> + <node name="monitor"> + <children> + <node name="log"> + <children> + <node name="dns"> + <properties> + <help>Monitor last lines of Domain Name Service (DNS)</help> + </properties> + <children> + <node name="forwarding"> + <properties> + <help>Monitor last lines of DNS forwarding</help> + </properties> + <command>journalctl --no-hostname --follow --boot --unit pdns-recursor.service</command> + </node> + </children> + </node> + </children> + </node> + <node name="dns"> + <properties> + <help>Show DNS information</help> + </properties> + <children> + <node name="forwarding"> + <properties> + <help>Show DNS forwarding information</help> + </properties> + <children> + <leafNode name="statistics"> + <properties> + <help>Show DNS forwarding statistics</help> + </properties> + <command>sudo ${vyos_op_scripts_dir}/dns_forwarding_statistics.py</command> + </leafNode> + </children> + </node> + </children> + </node> + </children> + </node> <node name="show"> <children> <node name="log"> @@ -13,7 +54,7 @@ <properties> <help>Show log for DNS Forwarding</help> </properties> - <command>cat $(printf "%s\n" /var/log/messages* | sort -nr) | grep -e "pdns_recursor"</command> + <command>journalctl --no-hostname --boot --unit pdns-recursor.service</command> </node> </children> </node> diff --git a/op-mode-definitions/monitor-log.xml.in b/op-mode-definitions/monitor-log.xml.in index 7ecce4f78..f5e0ede59 100644 --- a/op-mode-definitions/monitor-log.xml.in +++ b/op-mode-definitions/monitor-log.xml.in @@ -8,7 +8,7 @@ </properties> <command>journalctl --no-hostname --follow --boot</command> <children> - <node name="colored"> + <node name="color"> <properties> <help>Output log in a colored fashion</help> </properties> diff --git a/smoketest/configs/basic-vyos b/smoketest/configs/basic-vyos index e6f89954f..23186b9b8 100644 --- a/smoketest/configs/basic-vyos +++ b/smoketest/configs/basic-vyos @@ -128,6 +128,10 @@ system { name-server 192.168.0.1 syslog { global { + archive { + file 5 + size 512 + } facility all { level info } diff --git a/smoketest/scripts/cli/test_service_dns_forwarding.py b/smoketest/scripts/cli/test_service_dns_forwarding.py index dcc0dc1e2..65b676451 100755 --- a/smoketest/scripts/cli/test_service_dns_forwarding.py +++ b/smoketest/scripts/cli/test_service_dns_forwarding.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 # -# Copyright (C) 2019-2021 VyOS maintainers and contributors +# Copyright (C) 2019-2022 VyOS maintainers and contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 or later as @@ -39,7 +39,18 @@ def get_config_value(key, file=CONFIG_FILE): return tmp[0] class TestServicePowerDNS(VyOSUnitTestSHIM.TestCase): + @classmethod + def setUpClass(cls): + super(TestServicePowerDNS, cls).setUpClass() + + # ensure we can also run this test on a live system - so lets clean + # out the current configuration :) + cls.cli_delete(cls, base_path) + def tearDown(self): + # Check for running process + self.assertTrue(process_named_running(PROCESS_NAME)) + # Delete DNS forwarding configuration self.cli_delete(base_path) self.cli_commit() @@ -51,7 +62,6 @@ class TestServicePowerDNS(VyOSUnitTestSHIM.TestCase): # Check basic DNS forwarding settings cache_size = '20' negative_ttl = '120' - dns_prefix = '64:ff9b::/96' self.cli_set(base_path + ['cache-size', cache_size]) self.cli_set(base_path + ['negative-ttl', negative_ttl]) @@ -68,12 +78,6 @@ class TestServicePowerDNS(VyOSUnitTestSHIM.TestCase): for address in listen_adress: self.cli_set(base_path + ['listen-address', address]) - # Check dns64-prefix - must be prefix /96 - self.cli_set(base_path + ['dns64-prefix', '2001:db8:aabb::/64']) - with self.assertRaises(ConfigSessionError): - self.cli_commit() - self.cli_set(base_path + ['dns64-prefix', dns_prefix]) - # configure DNSSEC self.cli_set(base_path + ['dnssec', 'validate']) @@ -107,13 +111,6 @@ class TestServicePowerDNS(VyOSUnitTestSHIM.TestCase): tmp = get_config_value('serve-rfc1918') self.assertEqual(tmp, 'yes') - # dns64-prefix - tmp = get_config_value('dns64-prefix') - self.assertEqual(tmp, dns_prefix) - - # Check for running process - self.assertTrue(process_named_running(PROCESS_NAME)) - def test_dnssec(self): # DNSSEC option testing @@ -132,9 +129,6 @@ class TestServicePowerDNS(VyOSUnitTestSHIM.TestCase): tmp = get_config_value('dnssec') self.assertEqual(tmp, option) - # Check for running process - self.assertTrue(process_named_running(PROCESS_NAME)) - def test_external_nameserver(self): # Externe Domain Name Servers (DNS) addresses @@ -158,9 +152,6 @@ class TestServicePowerDNS(VyOSUnitTestSHIM.TestCase): tmp = get_config_value('export-etc-hosts') self.assertEqual(tmp, 'yes') - # Check for running process - self.assertTrue(process_named_running(PROCESS_NAME)) - def test_domain_forwarding(self): for network in allow_from: self.cli_set(base_path + ['allow-from', network]) @@ -197,9 +188,6 @@ class TestServicePowerDNS(VyOSUnitTestSHIM.TestCase): if domain == domains[1]: self.assertIn(f'addNTA("{domain}", "static")', hosts_conf) - # Check for running process - self.assertTrue(process_named_running(PROCESS_NAME)) - def test_no_rfc1918_forwarding(self): for network in allow_from: self.cli_set(base_path + ['allow-from', network]) @@ -215,9 +203,26 @@ class TestServicePowerDNS(VyOSUnitTestSHIM.TestCase): tmp = get_config_value('serve-rfc1918') self.assertEqual(tmp, 'no') - # Check for running process - self.assertTrue(process_named_running(PROCESS_NAME)) + def test_dns64(self): + dns_prefix = '64:ff9b::/96' + + for network in allow_from: + self.cli_set(base_path + ['allow-from', network]) + for address in listen_adress: + self.cli_set(base_path + ['listen-address', address]) + + # Check dns64-prefix - must be prefix /96 + self.cli_set(base_path + ['dns64-prefix', '2001:db8:aabb::/64']) + with self.assertRaises(ConfigSessionError): + self.cli_commit() + self.cli_set(base_path + ['dns64-prefix', dns_prefix]) + + # commit changes + self.cli_commit() + + # verify dns64-prefix configuration + tmp = get_config_value('dns64-prefix') + self.assertEqual(tmp, dns_prefix) if __name__ == '__main__': unittest.main(verbosity=2) - diff --git a/src/conf_mode/dns_forwarding.py b/src/conf_mode/dns_forwarding.py index a96183b04..d0d87d73e 100755 --- a/src/conf_mode/dns_forwarding.py +++ b/src/conf_mode/dns_forwarding.py @@ -270,7 +270,7 @@ def verify(dns): dns_prefix = dns['dns64_prefix'].split('/')[1] # RFC 6147 requires prefix /96 if int(dns_prefix) != 96: - raise ConfigError('DNS forwarding "dns64-prefix" must be /96') + raise ConfigError('DNS 6to4 prefix must be of length /96') if ('authoritative_zone_errors' in dns) and dns['authoritative_zone_errors']: for error in dns['authoritative_zone_errors']: diff --git a/src/conf_mode/system-syslog.py b/src/conf_mode/system-syslog.py index a9d3bbe31..20132456c 100755 --- a/src/conf_mode/system-syslog.py +++ b/src/conf_mode/system-syslog.py @@ -52,8 +52,6 @@ def get_config(config=None): { 'global': { 'log-file': '/var/log/messages', - 'max-size': 262144, - 'action-on-max-size': '/usr/sbin/logrotate /etc/logrotate.d/vyos-rsyslog', 'selectors': '*.notice;local7.debug', 'max-files': '5', 'preserver_fqdn': False diff --git a/src/etc/cron.hourly/vyos-logrotate-hourly b/src/etc/cron.hourly/vyos-logrotate-hourly deleted file mode 100755 index f4f56a9c2..000000000 --- a/src/etc/cron.hourly/vyos-logrotate-hourly +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/sh - -test -x /usr/sbin/logrotate || exit 0 -/usr/sbin/logrotate /etc/logrotate.conf diff --git a/src/etc/systemd/system/logrotate.timer.d/10-override.conf b/src/etc/systemd/system/logrotate.timer.d/10-override.conf new file mode 100644 index 000000000..f50c2b082 --- /dev/null +++ b/src/etc/systemd/system/logrotate.timer.d/10-override.conf @@ -0,0 +1,2 @@ +[Timer] +OnCalendar=hourly diff --git a/src/migration-scripts/system/24-to-25 b/src/migration-scripts/system/24-to-25 new file mode 100755 index 000000000..c2f70689d --- /dev/null +++ b/src/migration-scripts/system/24-to-25 @@ -0,0 +1,52 @@ +#!/usr/bin/env python3 +# +# Copyright (C) 2022 VyOS maintainers and contributors +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 or later as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# +# Migrate system syslog global archive to system logs logrotate messages + +from sys import exit, argv +from vyos.configtree import ConfigTree + +if (len(argv) < 1): + print("Must specify file name!") + exit(1) + +file_name = argv[1] +with open(file_name, 'r') as f: + config_file = f.read() + +base = ['system', 'syslog', 'global', 'archive'] +config = ConfigTree(config_file) + +if not config.exists(base): + exit(0) + +if config.exists(base + ['file']): + tmp = config.return_value(base + ['file']) + config.set(['system', 'logs', 'logrotate', 'messages', 'rotate'], value=tmp) + +if config.exists(base + ['size']): + tmp = config.return_value(base + ['size']) + tmp = max(round(int(tmp) / 1024), 1) # kb -> mb + config.set(['system', 'logs', 'logrotate', 'messages', 'max-size'], value=tmp) + +config.delete(base) + +try: + with open(file_name, 'w') as f: + f.write(config.to_string()) +except OSError as e: + print(f'Failed to save the modified config: {e}') + exit(1) |