diff options
41 files changed, 178 insertions, 96 deletions
diff --git a/src/conf_mode/bcast_relay.py b/src/conf_mode/bcast_relay.py index 96576ddd4..f6d90776c 100755 --- a/src/conf_mode/bcast_relay.py +++ b/src/conf_mode/bcast_relay.py @@ -24,6 +24,7 @@ from jinja2 import FileSystemLoader, Environment from vyos.config import Config from vyos.defaults import directories as vyos_data_dir from vyos import ConfigError +from vyos.util import run config_file = r'/etc/default/udp-broadcast-relay' @@ -154,7 +155,7 @@ def generate(relay): def apply(relay): # first stop all running services - os.system('sudo systemctl stop udp-broadcast-relay@{1..99}') + run('sudo systemctl stop udp-broadcast-relay@{1..99}') if (relay is None) or relay['disabled']: return None @@ -164,7 +165,7 @@ def apply(relay): # Don't start individual instance when it's disabled if r['disabled']: continue - os.system('sudo systemctl start udp-broadcast-relay@{0}'.format(r['id'])) + run('sudo systemctl start udp-broadcast-relay@{0}'.format(r['id'])) return None diff --git a/src/conf_mode/dhcp_relay.py b/src/conf_mode/dhcp_relay.py index 6f8d66e7b..1d6d4c6e3 100755 --- a/src/conf_mode/dhcp_relay.py +++ b/src/conf_mode/dhcp_relay.py @@ -22,6 +22,7 @@ from sys import exit from vyos.config import Config from vyos.defaults import directories as vyos_data_dir from vyos import ConfigError +from vyos.util import run config_file = r'/etc/default/isc-dhcp-relay' @@ -112,10 +113,10 @@ def generate(relay): def apply(relay): if relay is not None: - os.system('sudo systemctl restart isc-dhcp-relay.service') + run('sudo systemctl restart isc-dhcp-relay.service') else: # DHCP relay support is removed in the commit - os.system('sudo systemctl stop isc-dhcp-relay.service') + run('sudo systemctl stop isc-dhcp-relay.service') os.unlink(config_file) return None diff --git a/src/conf_mode/dhcp_server.py b/src/conf_mode/dhcp_server.py index 3d75414f5..69aebe2f4 100755 --- a/src/conf_mode/dhcp_server.py +++ b/src/conf_mode/dhcp_server.py @@ -26,6 +26,8 @@ from vyos.config import Config from vyos.defaults import directories as vyos_data_dir from vyos.validate import is_subnet_connected from vyos import ConfigError +from vyos.util import run + config_file = r'/etc/dhcp/dhcpd.conf' lease_file = r'/config/dhcpd.leases' @@ -626,7 +628,7 @@ def generate(dhcp): def apply(dhcp): if (dhcp is None) or dhcp['disabled']: # DHCP server is removed in the commit - os.system('sudo systemctl stop isc-dhcpv4-server.service') + run('sudo systemctl stop isc-dhcpv4-server.service') if os.path.exists(config_file): os.unlink(config_file) if os.path.exists(daemon_config_file): @@ -636,7 +638,7 @@ def apply(dhcp): if not os.path.exists(lease_file): os.mknod(lease_file) - os.system('sudo systemctl restart isc-dhcpv4-server.service') + run('sudo systemctl restart isc-dhcpv4-server.service') return None diff --git a/src/conf_mode/dhcpv6_relay.py b/src/conf_mode/dhcpv6_relay.py index d942daf37..a67deb6c7 100755 --- a/src/conf_mode/dhcpv6_relay.py +++ b/src/conf_mode/dhcpv6_relay.py @@ -23,6 +23,8 @@ from jinja2 import FileSystemLoader, Environment from vyos.config import Config from vyos.defaults import directories as vyos_data_dir from vyos import ConfigError +from vyos.util import run + config_file = r'/etc/default/isc-dhcpv6-relay' @@ -98,10 +100,10 @@ def generate(relay): def apply(relay): if relay is not None: - os.system('sudo systemctl restart isc-dhcpv6-relay.service') + run('sudo systemctl restart isc-dhcpv6-relay.service') else: # DHCPv6 relay support is removed in the commit - os.system('sudo systemctl stop isc-dhcpv6-relay.service') + run('sudo systemctl stop isc-dhcpv6-relay.service') os.unlink(config_file) return None diff --git a/src/conf_mode/dhcpv6_server.py b/src/conf_mode/dhcpv6_server.py index 10b40baa4..003e80915 100755 --- a/src/conf_mode/dhcpv6_server.py +++ b/src/conf_mode/dhcpv6_server.py @@ -25,6 +25,8 @@ from vyos.config import Config from vyos.defaults import directories as vyos_data_dir from vyos.validate import is_subnet_connected from vyos import ConfigError +from vyos.util import run + config_file = r'/etc/dhcp/dhcpdv6.conf' lease_file = r'/config/dhcpdv6.leases' @@ -362,7 +364,7 @@ def generate(dhcpv6): def apply(dhcpv6): if (dhcpv6 is None) or dhcpv6['disabled']: # DHCP server is removed in the commit - os.system('sudo systemctl stop isc-dhcpv6-server.service') + run('sudo systemctl stop isc-dhcpv6-server.service') if os.path.exists(config_file): os.unlink(config_file) if os.path.exists(daemon_config_file): @@ -372,7 +374,7 @@ def apply(dhcpv6): if not os.path.exists(lease_file): os.mknod(lease_file) - os.system('sudo systemctl restart isc-dhcpv6-server.service') + run('sudo systemctl restart isc-dhcpv6-server.service') return None diff --git a/src/conf_mode/dns_forwarding.py b/src/conf_mode/dns_forwarding.py index bbb69cdf7..5dc599425 100755 --- a/src/conf_mode/dns_forwarding.py +++ b/src/conf_mode/dns_forwarding.py @@ -26,6 +26,7 @@ from vyos.defaults import directories as vyos_data_dir from vyos.hostsd_client import Client as hostsd_client from vyos.util import wait_for_commit_lock from vyos import ConfigError +from vyos.util import run parser = argparse.ArgumentParser() parser.add_argument("--dhclient", action="store_true", @@ -166,11 +167,11 @@ def generate(dns): def apply(dns): if dns is None: # DNS forwarding is removed in the commit - os.system("systemctl stop pdns-recursor") + run("systemctl stop pdns-recursor") if os.path.isfile(config_file): os.unlink(config_file) else: - os.system("systemctl restart pdns-recursor") + run("systemctl restart pdns-recursor") if __name__ == '__main__': args = parser.parse_args() diff --git a/src/conf_mode/dynamic_dns.py b/src/conf_mode/dynamic_dns.py index 56ce4fedc..b9163f7b3 100755 --- a/src/conf_mode/dynamic_dns.py +++ b/src/conf_mode/dynamic_dns.py @@ -24,6 +24,8 @@ from stat import S_IRUSR, S_IWUSR from vyos.config import Config from vyos.defaults import directories as vyos_data_dir from vyos import ConfigError +from vyos.util import run + config_file = r'/etc/ddclient/ddclient.conf' cache_file = r'/var/cache/ddclient/ddclient.cache' @@ -255,11 +257,11 @@ def apply(dyndns): os.unlink('/etc/ddclient.conf') if dyndns['deleted']: - os.system('/etc/init.d/ddclient stop') + run('/etc/init.d/ddclient stop') if os.path.exists(dyndns['pid_file']): os.unlink(dyndns['pid_file']) else: - os.system('/etc/init.d/ddclient restart') + run('/etc/init.d/ddclient restart') return None diff --git a/src/conf_mode/firewall_options.py b/src/conf_mode/firewall_options.py index 2be80cdbf..90f004bc4 100755 --- a/src/conf_mode/firewall_options.py +++ b/src/conf_mode/firewall_options.py @@ -21,6 +21,8 @@ import copy from vyos.config import Config from vyos import ConfigError +from vyos.util import run + default_config_data = { 'intf_opts': [], @@ -85,19 +87,19 @@ def apply(tcp): target = 'VYOS_FW_OPTIONS' # always cleanup iptables - os.system('iptables --table mangle --delete FORWARD --jump {} >&/dev/null'.format(target)) - os.system('iptables --table mangle --flush {} >&/dev/null'.format(target)) - os.system('iptables --table mangle --delete-chain {} >&/dev/null'.format(target)) + run('iptables --table mangle --delete FORWARD --jump {} >&/dev/null'.format(target)) + run('iptables --table mangle --flush {} >&/dev/null'.format(target)) + run('iptables --table mangle --delete-chain {} >&/dev/null'.format(target)) # always cleanup ip6tables - os.system('ip6tables --table mangle --delete FORWARD --jump {} >&/dev/null'.format(target)) - os.system('ip6tables --table mangle --flush {} >&/dev/null'.format(target)) - os.system('ip6tables --table mangle --delete-chain {} >&/dev/null'.format(target)) + run('ip6tables --table mangle --delete FORWARD --jump {} >&/dev/null'.format(target)) + run('ip6tables --table mangle --flush {} >&/dev/null'.format(target)) + run('ip6tables --table mangle --delete-chain {} >&/dev/null'.format(target)) # Setup new iptables rules if tcp['new_chain4']: - os.system('iptables --table mangle --new-chain {} >&/dev/null'.format(target)) - os.system('iptables --table mangle --append FORWARD --jump {} >&/dev/null'.format(target)) + run('iptables --table mangle --new-chain {} >&/dev/null'.format(target)) + run('iptables --table mangle --append FORWARD --jump {} >&/dev/null'.format(target)) for opts in tcp['intf_opts']: intf = opts['intf'] @@ -109,13 +111,13 @@ def apply(tcp): # adjust TCP MSS per interface if mss: - os.system('iptables --table mangle --append {} --out-interface {} --protocol tcp ' \ + run('iptables --table mangle --append {} --out-interface {} --protocol tcp ' \ '--tcp-flags SYN,RST SYN --jump TCPMSS --set-mss {} >&/dev/null'.format(target, intf, mss)) # Setup new ip6tables rules if tcp['new_chain6']: - os.system('ip6tables --table mangle --new-chain {} >&/dev/null'.format(target)) - os.system('ip6tables --table mangle --append FORWARD --jump {} >&/dev/null'.format(target)) + run('ip6tables --table mangle --new-chain {} >&/dev/null'.format(target)) + run('ip6tables --table mangle --append FORWARD --jump {} >&/dev/null'.format(target)) for opts in tcp['intf_opts']: intf = opts['intf'] @@ -127,8 +129,8 @@ def apply(tcp): # adjust TCP MSS per interface if mss: - os.system('ip6tables --table mangle --append {} --out-interface {} --protocol tcp ' \ - '--tcp-flags SYN,RST SYN --jump TCPMSS --set-mss {} >&/dev/null'.format(target, intf, mss)) + run('ip6tables --table mangle --append {} --out-interface {} --protocol tcp ' + '--tcp-flags SYN,RST SYN --jump TCPMSS --set-mss {} >&/dev/null'.format(target, intf, mss)) return None diff --git a/src/conf_mode/http-api.py b/src/conf_mode/http-api.py index 0c2e029e9..ffa68af55 100755 --- a/src/conf_mode/http-api.py +++ b/src/conf_mode/http-api.py @@ -18,13 +18,13 @@ import sys import os -import subprocess import json from copy import deepcopy import vyos.defaults from vyos.config import Config from vyos import ConfigError +from vyos.util import cmd, run config_file = '/etc/vyos/http-api.conf' @@ -91,9 +91,9 @@ def generate(http_api): def apply(http_api): if http_api is not None: - os.system('sudo systemctl restart vyos-http-api.service') + run('sudo systemctl restart vyos-http-api.service') else: - os.system('sudo systemctl stop vyos-http-api.service') + run('sudo systemctl stop vyos-http-api.service') for dep in dependencies: cmd = '{0}/{1}'.format(vyos_conf_scripts_dir, dep) diff --git a/src/conf_mode/https.py b/src/conf_mode/https.py index 83a5f3602..e46f1a4e7 100755 --- a/src/conf_mode/https.py +++ b/src/conf_mode/https.py @@ -26,6 +26,8 @@ import vyos.certbot_util from vyos.config import Config from vyos.defaults import directories as vyos_data_dir from vyos import ConfigError +from vyos.util import run + config_file = '/etc/nginx/sites-available/default' @@ -144,9 +146,9 @@ def generate(https): def apply(https): if https is not None: - os.system('sudo systemctl restart nginx.service') + run('sudo systemctl restart nginx.service') else: - os.system('sudo systemctl stop nginx.service') + run('sudo systemctl stop nginx.service') if __name__ == '__main__': try: diff --git a/src/conf_mode/igmp_proxy.py b/src/conf_mode/igmp_proxy.py index aa46f2c4e..abe473530 100755 --- a/src/conf_mode/igmp_proxy.py +++ b/src/conf_mode/igmp_proxy.py @@ -24,6 +24,8 @@ from netifaces import interfaces from vyos.config import Config from vyos.defaults import directories as vyos_data_dir from vyos import ConfigError +from vyos.util import run + config_file = r'/etc/igmpproxy.conf' @@ -129,11 +131,11 @@ def generate(igmp_proxy): def apply(igmp_proxy): if igmp_proxy is None or igmp_proxy['disable']: # IGMP Proxy support is removed in the commit - os.system('sudo systemctl stop igmpproxy.service') + run('sudo systemctl stop igmpproxy.service') if os.path.exists(config_file): os.unlink(config_file) else: - os.system('systemctl restart igmpproxy.service') + run('systemctl restart igmpproxy.service') return None diff --git a/src/conf_mode/interfaces-bonding.py b/src/conf_mode/interfaces-bonding.py index cc119b91a..19f43f725 100755 --- a/src/conf_mode/interfaces-bonding.py +++ b/src/conf_mode/interfaces-bonding.py @@ -25,6 +25,8 @@ from vyos.ifconfig_vlan import apply_vlan_config, verify_vlan_config from vyos.configdict import list_diff, vlan_to_dict from vyos.config import Config from vyos import ConfigError +from vyos.util import run + default_config_data = { 'address': [], @@ -90,7 +92,7 @@ def get_config(): if not os.path.isfile('/sys/class/net/bonding_masters'): import syslog syslog.syslog(syslog.LOG_NOTICE, "loading bonding kernel module") - if os.system('modprobe bonding max_bonds=0 miimon=250') != 0: + if run('modprobe bonding max_bonds=0 miimon=250') != 0: syslog.syslog(syslog.LOG_NOTICE, "failed loading bonding kernel module") raise ConfigError("failed loading bonding kernel module") diff --git a/src/conf_mode/interfaces-l2tpv3.py b/src/conf_mode/interfaces-l2tpv3.py index af1d3f482..4b5fc8306 100755 --- a/src/conf_mode/interfaces-l2tpv3.py +++ b/src/conf_mode/interfaces-l2tpv3.py @@ -22,6 +22,7 @@ from copy import deepcopy from vyos.config import Config from vyos.ifconfig import L2TPv3If, Interface from vyos import ConfigError +from vyos.util import run from netifaces import interfaces default_config_data = { @@ -50,7 +51,7 @@ def check_kmod(): modules = ['l2tp_eth', 'l2tp_netlink', 'l2tp_ip', 'l2tp_ip6'] for module in modules: if not os.path.exists(f'/sys/module/{module}'): - if os.system(f'modprobe {module}') != 0: + if run(f'modprobe {module}') != 0: raise ConfigError(f'Loading Kernel module {module} failed') def get_config(): diff --git a/src/conf_mode/interfaces-wirelessmodem.py b/src/conf_mode/interfaces-wirelessmodem.py index da33d54e4..4df459768 100755 --- a/src/conf_mode/interfaces-wirelessmodem.py +++ b/src/conf_mode/interfaces-wirelessmodem.py @@ -23,7 +23,7 @@ from netifaces import interfaces from vyos.config import Config from vyos.defaults import directories as vyos_data_dir -from vyos.util import chown_file, chmod_x, subprocess_cmd +from vyos.util import chown_file, chmod_x, cmd, run from vyos import ConfigError default_config_data = { @@ -48,7 +48,7 @@ def check_kmod(): modules = ['option', 'usb_wwan', 'usbserial'] for module in modules: if not os.path.exists(f'/sys/module/{module}'): - if os.system(f'modprobe {module}') != 0: + if run(f'modprobe {module}') != 0: raise ConfigError(f'Loading Kernel module {module} failed') def get_config(): diff --git a/src/conf_mode/ipsec-settings.py b/src/conf_mode/ipsec-settings.py index 90b6b0d57..c2f5c8e07 100755 --- a/src/conf_mode/ipsec-settings.py +++ b/src/conf_mode/ipsec-settings.py @@ -24,6 +24,7 @@ from sys import exit from vyos.config import Config from vyos.defaults import directories as vyos_data_dir from vyos import ConfigError +from vyos.util import run ra_conn_name = "remote-access" charon_conf_file = "/etc/strongswan.d/charon.conf" @@ -98,7 +99,7 @@ def get_config(): ### Remove config from file by delimiter def remove_confs(delim_begin, delim_end, conf_file): - os.system("sed -i '/"+delim_begin+"/,/"+delim_end+"/d' "+conf_file) + run("sed -i '/"+delim_begin+"/,/"+delim_end+"/d' "+conf_file) ### Checking certificate storage and notice if certificate not in /config directory @@ -111,7 +112,7 @@ def check_cert_file_store(cert_name, file_path, dts_path): else: ### Cpy file to /etc/ipsec.d/certs/ /etc/ipsec.d/cacerts/ # todo make check - ret = os.system('cp -f '+file_path+' '+dts_path) + ret = run('cp -f '+file_path+' '+dts_path) if ret: raise ConfigError("L2TP VPN configuration error: Cannot copy "+file_path) @@ -192,12 +193,12 @@ def generate(data): remove_confs(delim_ipsec_l2tp_begin, delim_ipsec_l2tp_end, ipsec_conf_flie) def restart_ipsec(): - os.system('ipsec restart >&/dev/null') + run('ipsec restart >&/dev/null') # counter for apply swanctl config counter = 10 while counter <= 10: if os.path.exists(charon_pidfile): - os.system('swanctl -q >&/dev/null') + run('swanctl -q >&/dev/null') break counter -=1 sleep(1) diff --git a/src/conf_mode/le_cert.py b/src/conf_mode/le_cert.py index c657098e1..c0df77710 100755 --- a/src/conf_mode/le_cert.py +++ b/src/conf_mode/le_cert.py @@ -23,6 +23,8 @@ import subprocess import vyos.defaults from vyos.config import Config from vyos import ConfigError +from vyos.util import cmd, run + vyos_conf_scripts_dir = vyos.defaults.directories['conf_mode'] @@ -84,9 +86,9 @@ def generate(cert): # certbot will attempt to reload nginx, even with 'certonly'; # start nginx if not active - ret = os.system('systemctl is-active --quiet nginx.ervice') + ret = run('systemctl is-active --quiet nginx.ervice') if ret: - os.system('sudo systemctl start nginx.service') + run('sudo systemctl start nginx.service') ret = request_certbot(cert) if ret: diff --git a/src/conf_mode/lldp.py b/src/conf_mode/lldp.py index 4e3dfc0b6..c090bba83 100755 --- a/src/conf_mode/lldp.py +++ b/src/conf_mode/lldp.py @@ -26,6 +26,8 @@ from vyos.validate import is_addr_assigned,is_loopback_addr from vyos.defaults import directories as vyos_data_dir from vyos.version import get_version_data from vyos import ConfigError +from vyos.util import run + config_file = "/etc/default/lldpd" vyos_config_file = "/etc/lldpd.d/01-vyos.conf" @@ -239,10 +241,10 @@ def generate(lldp): def apply(lldp): if lldp: # start/restart lldp service - os.system('sudo systemctl restart lldpd.service') + run('sudo systemctl restart lldpd.service') else: # LLDP service has been terminated - os.system('sudo systemctl stop lldpd.service') + run('sudo systemctl stop lldpd.service') os.unlink(config_file) os.unlink(vyos_config_file) diff --git a/src/conf_mode/mdns_repeater.py b/src/conf_mode/mdns_repeater.py index f738cc6a6..2bccd9153 100755 --- a/src/conf_mode/mdns_repeater.py +++ b/src/conf_mode/mdns_repeater.py @@ -24,6 +24,8 @@ from netifaces import ifaddresses, AF_INET from vyos.config import Config from vyos.defaults import directories as vyos_data_dir from vyos import ConfigError +from vyos.util import run + config_file = r'/etc/default/mdns-repeater' @@ -94,11 +96,11 @@ def generate(mdns): def apply(mdns): if (mdns is None) or mdns['disabled']: - os.system('sudo systemctl stop mdns-repeater') + run('sudo systemctl stop mdns-repeater') if os.path.exists(config_file): os.unlink(config_file) else: - os.system('sudo systemctl restart mdns-repeater') + run('sudo systemctl restart mdns-repeater') return None diff --git a/src/conf_mode/ntp.py b/src/conf_mode/ntp.py index 0f635556b..998022a8c 100755 --- a/src/conf_mode/ntp.py +++ b/src/conf_mode/ntp.py @@ -24,6 +24,8 @@ from sys import exit from vyos.config import Config from vyos.defaults import directories as vyos_data_dir from vyos import ConfigError +from vyos.util import run + config_file = r'/etc/ntp.conf' @@ -112,10 +114,10 @@ def generate(ntp): def apply(ntp): if ntp is not None: - os.system('sudo systemctl restart ntp.service') + run('sudo systemctl restart ntp.service') else: # NTP support is removed in the commit - os.system('sudo systemctl stop ntp.service') + run('sudo systemctl stop ntp.service') os.unlink(config_file) return None diff --git a/src/conf_mode/protocols_bfd.py b/src/conf_mode/protocols_bfd.py index 9940c80c5..52a9e54c2 100755 --- a/src/conf_mode/protocols_bfd.py +++ b/src/conf_mode/protocols_bfd.py @@ -24,6 +24,8 @@ from vyos.config import Config from vyos.defaults import directories as vyos_data_dir from vyos.validate import is_ipv6_link_local, is_ipv6 from vyos import ConfigError +from vyos.util import run + config_file = r'/tmp/bfd.frr' @@ -205,7 +207,16 @@ def apply(bfd): if bfd is None: return None +<<<<<<< HEAD os.system(f'vtysh -d bfdd -f {config_file}') +======= + tmpl = jinja2.Template(config_tmpl) + config_text = tmpl.render(bfd) + with open(config_file, 'w') as f: + f.write(config_text) + + run("sudo vtysh -d bfdd -f " + config_file) +>>>>>>> util: T2226: covert most calls from os.system to util if os.path.exists(config_file): os.remove(config_file) diff --git a/src/conf_mode/protocols_igmp.py b/src/conf_mode/protocols_igmp.py index 0148b5dac..6e819a15a 100755 --- a/src/conf_mode/protocols_igmp.py +++ b/src/conf_mode/protocols_igmp.py @@ -23,6 +23,8 @@ from sys import exit from vyos import ConfigError from vyos.config import Config from vyos.defaults import directories as vyos_data_dir +from vyos.util import run + config_file = r'/tmp/igmp.frr' @@ -103,7 +105,7 @@ def apply(igmp): return None if os.path.exists(config_file): - os.system("sudo vtysh -d pimd -f " + config_file) + run("sudo vtysh -d pimd -f " + config_file) os.remove(config_file) return None diff --git a/src/conf_mode/protocols_mpls.py b/src/conf_mode/protocols_mpls.py index 514fe5efb..6e5d08397 100755 --- a/src/conf_mode/protocols_mpls.py +++ b/src/conf_mode/protocols_mpls.py @@ -21,11 +21,13 @@ from jinja2 import FileSystemLoader, Environment from vyos.config import Config from vyos.defaults import directories as vyos_data_dir from vyos import ConfigError +from vyos.util import run + config_file = r'/tmp/ldpd.frr' def sysctl(name, value): - os.system('sysctl -wq {}={}'.format(name, value)) + run('sysctl -wq {}={}'.format(name, value)) def get_config(): conf = Config() @@ -160,7 +162,7 @@ def apply(mpls): operate_mpls_on_intfc(diactive_ifaces, 0) if os.path.exists(config_file): - os.system("sudo vtysh -d ldpd -f " + config_file) + run("sudo vtysh -d ldpd -f " + config_file) os.remove(config_file) return None diff --git a/src/conf_mode/protocols_pim.py b/src/conf_mode/protocols_pim.py index 7b360d62c..0e22d3a6b 100755 --- a/src/conf_mode/protocols_pim.py +++ b/src/conf_mode/protocols_pim.py @@ -23,6 +23,8 @@ from sys import exit from vyos.config import Config from vyos.defaults import directories as vyos_data_dir from vyos import ConfigError +from vyos.util import run + config_file = r'/tmp/pimd.frr' @@ -130,7 +132,11 @@ def apply(pim): return None if os.path.exists(config_file): +<<<<<<< HEAD os.system("vtysh -d pimd -f " + config_file) +======= + run("sudo vtysh -d pimd -f " + config_file) +>>>>>>> util: T2226: covert most calls from os.system to util os.remove(config_file) return None diff --git a/src/conf_mode/salt-minion.py b/src/conf_mode/salt-minion.py index bc1767454..bd1d44bc8 100755 --- a/src/conf_mode/salt-minion.py +++ b/src/conf_mode/salt-minion.py @@ -26,6 +26,8 @@ from urllib3 import PoolManager from vyos.config import Config from vyos.defaults import directories as vyos_data_dir from vyos import ConfigError +from vyos.util import run + config_file = r'/etc/salt/minion' @@ -124,10 +126,10 @@ def generate(salt): def apply(salt): if salt is not None: - os.system("sudo systemctl restart salt-minion") + run("sudo systemctl restart salt-minion") else: # Salt access is removed in the commit - os.system("sudo systemctl stop salt-minion") + run("sudo systemctl stop salt-minion") os.unlink(config_file) return None diff --git a/src/conf_mode/service-router-advert.py b/src/conf_mode/service-router-advert.py index 38c5cb2dc..0173b7242 100755 --- a/src/conf_mode/service-router-advert.py +++ b/src/conf_mode/service-router-advert.py @@ -23,6 +23,8 @@ from sys import exit from vyos.config import Config from vyos.defaults import directories as vyos_data_dir from vyos import ConfigError +from vyos.util import run + config_file = r'/etc/radvd.conf' @@ -156,13 +158,13 @@ def generate(rtradv): def apply(rtradv): if not rtradv['interfaces']: # bail out early - looks like removal from running config - os.system('systemctl stop radvd.service') + run('systemctl stop radvd.service') if os.path.exists(config_file): os.unlink(config_file) return None - os.system('systemctl restart radvd.service') + run('systemctl restart radvd.service') return None if __name__ == '__main__': diff --git a/src/conf_mode/snmp.py b/src/conf_mode/snmp.py index ed8c1d7e1..414236c88 100755 --- a/src/conf_mode/snmp.py +++ b/src/conf_mode/snmp.py @@ -27,6 +27,8 @@ from vyos.defaults import directories as vyos_data_dir from vyos.validate import is_ipv4, is_addr_assigned from vyos.version import get_version_data from vyos import ConfigError +from vyos.util import run + config_file_client = r'/etc/snmp/snmp.conf' config_file_daemon = r'/etc/snmp/snmpd.conf' @@ -507,7 +509,7 @@ def generate(snmp): # # As we are manipulating the snmpd user database we have to stop it first! # This is even save if service is going to be removed - os.system("systemctl stop snmpd.service") + run('systemctl stop snmpd.service') config_files = [config_file_client, config_file_daemon, config_file_access, config_file_user] for file in config_files: @@ -552,7 +554,7 @@ def apply(snmp): return None # start SNMP daemon - os.system("systemctl restart snmpd.service") + run("systemctl restart snmpd.service") # Passwords are not available immediately in the configuration file, # after daemon startup - we wait until they have been processed by @@ -593,15 +595,15 @@ def apply(snmp): # Now update the running configuration # - # Currently when executing os.system() the environment does not + # Currently when executing run() the environment does not # have the vyos_libexec_dir variable set, see Phabricator T685. - os.system('/opt/vyatta/sbin/my_set service snmp v3 user "{0}" auth encrypted-key "{1}" > /dev/null'.format(cfg['user'], cfg['auth_pw'])) - os.system('/opt/vyatta/sbin/my_set service snmp v3 user "{0}" privacy encrypted-key "{1}" > /dev/null'.format(cfg['user'], cfg['priv_pw'])) - os.system('/opt/vyatta/sbin/my_delete service snmp v3 user "{0}" auth plaintext-key > /dev/null'.format(cfg['user'])) - os.system('/opt/vyatta/sbin/my_delete service snmp v3 user "{0}" privacy plaintext-key > /dev/null'.format(cfg['user'])) + run('/opt/vyatta/sbin/my_set service snmp v3 user "{0}" auth encrypted-key "{1}" > /dev/null'.format(cfg['user'], cfg['auth_pw'])) + run('/opt/vyatta/sbin/my_set service snmp v3 user "{0}" privacy encrypted-key "{1}" > /dev/null'.format(cfg['user'], cfg['priv_pw'])) + run('/opt/vyatta/sbin/my_delete service snmp v3 user "{0}" auth plaintext-key > /dev/null'.format(cfg['user'])) + run('/opt/vyatta/sbin/my_delete service snmp v3 user "{0}" privacy plaintext-key > /dev/null'.format(cfg['user'])) # Enable AgentX in FRR - os.system('vtysh -c "configure terminal" -c "agentx" >/dev/null') + run('vtysh -c "configure terminal" -c "agentx" >/dev/null') return None diff --git a/src/conf_mode/ssh.py b/src/conf_mode/ssh.py index 014045796..a85dcd7f2 100755 --- a/src/conf_mode/ssh.py +++ b/src/conf_mode/ssh.py @@ -21,6 +21,8 @@ from sys import exit from vyos.config import Config from vyos.defaults import directories as vyos_data_dir from vyos import ConfigError +from vyos.util import run + config_file = r'/etc/ssh/sshd_config' @@ -131,10 +133,10 @@ def generate(ssh): def apply(ssh): if ssh is not None and 'port' in ssh.keys(): - os.system("sudo systemctl restart ssh.service") + run("sudo systemctl restart ssh.service") else: # SSH access is removed in the commit - os.system("sudo systemctl stop ssh.service") + run("sudo systemctl stop ssh.service") if os.path.isfile(config_file): os.unlink(config_file) diff --git a/src/conf_mode/system-ip.py b/src/conf_mode/system-ip.py index 335507411..66f563939 100755 --- a/src/conf_mode/system-ip.py +++ b/src/conf_mode/system-ip.py @@ -20,6 +20,8 @@ from sys import exit from copy import deepcopy from vyos.config import Config from vyos import ConfigError +from vyos.util import run + default_config_data = { 'arp_table': 8192, @@ -29,7 +31,7 @@ default_config_data = { } def sysctl(name, value): - os.system('sysctl -wq {}={}'.format(name, value)) + run('sysctl -wq {}={}'.format(name, value)) def get_config(): ip_opt = deepcopy(default_config_data) diff --git a/src/conf_mode/system-ipv6.py b/src/conf_mode/system-ipv6.py index bd28ec357..4e3de6fe9 100755 --- a/src/conf_mode/system-ipv6.py +++ b/src/conf_mode/system-ipv6.py @@ -21,6 +21,8 @@ from sys import exit from copy import deepcopy from vyos.config import Config from vyos import ConfigError +from vyos.util import run + ipv6_disable_file = '/etc/modprobe.d/vyos_disable_ipv6.conf' @@ -35,7 +37,7 @@ default_config_data = { } def sysctl(name, value): - os.system('sysctl -wq {}={}'.format(name, value)) + run('sysctl -wq {}={}'.format(name, value)) def get_config(): ip_opt = deepcopy(default_config_data) diff --git a/src/conf_mode/system-options.py b/src/conf_mode/system-options.py index a893e98b3..063a82463 100755 --- a/src/conf_mode/system-options.py +++ b/src/conf_mode/system-options.py @@ -20,6 +20,7 @@ from sys import exit from copy import deepcopy from vyos.config import Config from vyos import ConfigError +from vyos.util import run systemd_ctrl_alt_del = '/lib/systemd/system/ctrl-alt-del.target' @@ -51,9 +52,9 @@ def generate(opt): def apply(opt): # Beep action if opt['beep_if_fully_booted']: - os.system('systemctl enable vyos-beep.service >/dev/null 2>&1') + run('systemctl enable vyos-beep.service >/dev/null 2>&1') else: - os.system('systemctl disable vyos-beep.service >/dev/null 2>&1') + run('systemctl disable vyos-beep.service >/dev/null 2>&1') # Ctrl-Alt-Delete action if opt['ctrl_alt_del'] == 'ignore': diff --git a/src/conf_mode/system-timezone.py b/src/conf_mode/system-timezone.py index d715bd27e..2f8dc9e89 100755 --- a/src/conf_mode/system-timezone.py +++ b/src/conf_mode/system-timezone.py @@ -20,6 +20,8 @@ import os from copy import deepcopy from vyos.config import Config from vyos import ConfigError +from vyos.util import run + default_config_data = { 'name': 'UTC' @@ -40,9 +42,7 @@ def generate(tz): pass def apply(tz): - cmd = '/usr/bin/timedatectl set-timezone {}'.format(tz['name']) - os.system(cmd) - pass + run('/usr/bin/timedatectl set-timezone {}'.format(tz['name'])) if __name__ == '__main__': try: diff --git a/src/conf_mode/tftp_server.py b/src/conf_mode/tftp_server.py index fe2da8455..df8155084 100755 --- a/src/conf_mode/tftp_server.py +++ b/src/conf_mode/tftp_server.py @@ -27,6 +27,8 @@ from vyos.config import Config from vyos.defaults import directories as vyos_data_dir from vyos.validate import is_ipv4, is_addr_assigned from vyos import ConfigError +from vyos.util import run + config_file = r'/etc/default/tftpd' @@ -113,7 +115,7 @@ def generate(tftpd): def apply(tftpd): # stop all services first - then we will decide - os.system('systemctl stop tftpd@{0..20}') + run('systemctl stop tftpd@{0..20}') # bail out early - e.g. service deletion if tftpd is None: @@ -138,7 +140,7 @@ def apply(tftpd): idx = 0 for listen in tftpd['listen']: - os.system('systemctl restart tftpd@{0}.service'.format(idx)) + run('systemctl restart tftpd@{0}.service'.format(idx)) idx = idx + 1 return None diff --git a/src/helpers/validate-value.py b/src/helpers/validate-value.py index 36f996d38..fab6ca81e 100755 --- a/src/helpers/validate-value.py +++ b/src/helpers/validate-value.py @@ -5,6 +5,8 @@ import os import sys import argparse +from vyos.util import run + parser = argparse.ArgumentParser() parser.add_argument('--regex', action='append') parser.add_argument('--exec', action='append') @@ -31,7 +33,7 @@ try: cmd = "{0} {1}".format(cmd, args.value) if debug: print(cmd) - res = os.system(cmd) + res = run(cmd) if res == 0: sys.exit(0) except Exception as exn: diff --git a/src/op_mode/connect_disconnect.py b/src/op_mode/connect_disconnect.py index a22615096..192fd80ec 100755 --- a/src/op_mode/connect_disconnect.py +++ b/src/op_mode/connect_disconnect.py @@ -21,6 +21,9 @@ from sys import exit from psutil import process_iter from time import strftime, localtime, time +from vyos.util import run + + PPP_LOGFILE = '/var/log/vyatta/ppp_{}.log' def check_interface(interface): @@ -56,8 +59,7 @@ def connect(interface): tm = strftime("%a %d %b %Y %I:%M:%S %p %Z", localtime(time())) with open(PPP_LOGFILE.format(interface), 'a') as f: f.write('{}: user {} started PPP daemon for {} by connect command\n'.format(tm, user, interface)) - cmd = 'umask 0; setsid sh -c "nohup /usr/sbin/pppd call {0} > /tmp/{0}.log 2>&1 &"'.format(interface) - os.system(cmd) + run('umask 0; setsid sh -c "nohup /usr/sbin/pppd call {0} > /tmp/{0}.log 2>&1 &"'.format(interface)) def disconnect(interface): @@ -75,8 +77,7 @@ def disconnect(interface): tm = strftime("%a %d %b %Y %I:%M:%S %p %Z", localtime(time())) with open(PPP_LOGFILE.format(interface), 'a') as f: f.write('{}: user {} stopped PPP daemon for {} by disconnect command\n'.format(tm, user, interface)) - cmd = '/usr/bin/poff "{}"'.format(interface) - os.system(cmd) + run('/usr/bin/poff "{}"'.format(interface)) def main(): parser = argparse.ArgumentParser() diff --git a/src/op_mode/dns_forwarding_reset.py b/src/op_mode/dns_forwarding_reset.py index da4fba3a2..93c2444b9 100755 --- a/src/op_mode/dns_forwarding_reset.py +++ b/src/op_mode/dns_forwarding_reset.py @@ -25,6 +25,8 @@ import sys import argparse import vyos.config +from vyos.util import run + parser = argparse.ArgumentParser() parser.add_argument("-a", "--all", action="store_true", help="Reset all cache") @@ -40,10 +42,10 @@ if __name__ == '__main__': sys.exit(0) if args.all: - os.system("rec_control wipe-cache \'.$\'") + run("rec_control wipe-cache \'.$\'") sys.exit(1) elif args.domain: - os.system("rec_control wipe-cache \'{0}$\'".format(args.domain)) + run("rec_control wipe-cache \'{0}$\'".format(args.domain)) else: parser.print_help() sys.exit(1) diff --git a/src/op_mode/dynamic_dns.py b/src/op_mode/dynamic_dns.py index 0d457e247..d991848ad 100755 --- a/src/op_mode/dynamic_dns.py +++ b/src/op_mode/dynamic_dns.py @@ -21,6 +21,8 @@ import sys import time from vyos.config import Config +from vyos.util import run + cache_file = r'/var/cache/ddclient/ddclient.cache' @@ -84,9 +86,9 @@ def show_status(): def update_ddns(): - os.system('systemctl stop ddclient') + run('systemctl stop ddclient') os.remove(cache_file) - os.system('systemctl start ddclient') + run('systemctl start ddclient') def main(): diff --git a/src/op_mode/restart_dhcp_relay.py b/src/op_mode/restart_dhcp_relay.py index ab02d1eb3..057b4dcd8 100755 --- a/src/op_mode/restart_dhcp_relay.py +++ b/src/op_mode/restart_dhcp_relay.py @@ -23,6 +23,8 @@ import argparse import os import vyos.config +from vyos.util import run + parser = argparse.ArgumentParser() parser.add_argument("--ipv4", action="store_true", help="Restart IPv4 DHCP relay") @@ -37,7 +39,7 @@ if __name__ == '__main__': if not c.exists_effective('service dhcp-relay'): print("DHCP relay service not configured") else: - os.system('sudo systemctl restart isc-dhcp-relay.service') + run('sudo systemctl restart isc-dhcp-relay.service') sys.exit(0) elif args.ipv6: @@ -45,7 +47,7 @@ if __name__ == '__main__': if not c.exists_effective('service dhcpv6-relay'): print("DHCPv6 relay service not configured") else: - os.system('sudo systemctl restart isc-dhcpv6-relay.service') + run('sudo systemctl restart isc-dhcpv6-relay.service') sys.exit(0) else: diff --git a/src/op_mode/show_acceleration.py b/src/op_mode/show_acceleration.py index 3ba0e85dd..cdd8ce037 100755 --- a/src/op_mode/show_acceleration.py +++ b/src/op_mode/show_acceleration.py @@ -21,6 +21,8 @@ import re import argparse import subprocess from vyos.config import Config +from vyos.util import popen, run + def detect_qat_dev(): ret = subprocess.Popen(['sudo', 'lspci', '-nn'], stdout=subprocess.PIPE, stderr=subprocess.STDOUT) @@ -97,20 +99,20 @@ args = parser.parse_args() if args.hw: detect_qat_dev() # Show availible Intel QAT devices - os.system('sudo lspci -nn | egrep -e \'8086:37c8|8086:19e2|8086:0435|8086:6f54\'') + run('sudo lspci -nn | egrep -e \'8086:37c8|8086:19e2|8086:0435|8086:6f54\'') elif args.flow and args.dev: check_qat_if_conf() - os.system('sudo cat '+get_qat_proc_path(args.dev)+"fw_counters") + run('sudo cat '+get_qat_proc_path(args.dev)+"fw_counters") elif args.interrupts: check_qat_if_conf() # Delete _dev from args.dev - os.system('sudo cat /proc/interrupts | grep qat') + run('sudo cat /proc/interrupts | grep qat') elif args.status: check_qat_if_conf() show_qat_status() elif args.conf and args.dev: check_qat_if_conf() - os.system('sudo cat '+get_qat_proc_path(args.dev)+"dev_cfg") + run('sudo cat '+get_qat_proc_path(args.dev)+"dev_cfg") elif args.dev_list: get_qat_devices() else: diff --git a/src/op_mode/show_dhcp.py b/src/op_mode/show_dhcp.py index f801ba753..4e3e08263 100755 --- a/src/op_mode/show_dhcp.py +++ b/src/op_mode/show_dhcp.py @@ -24,9 +24,12 @@ import collections import os from datetime import datetime -from vyos.config import Config from isc_dhcp_leases import Lease, IscDhcpLeases +from vyos.config import Config +from vyos.util import run + + lease_file = "/config/dhcpd.leases" pool_key = "shared-networkname" @@ -190,7 +193,7 @@ if __name__ == '__main__': sys.exit(0) # if dhcp server is down, inactive leases may still be shown as active, so warn the user. - if os.system('systemctl -q is-active isc-dhcpv4-server.service') != 0: + if run('systemctl -q is-active isc-dhcpv4-server.service') != 0: print("WARNING: DHCP server is configured but not started. Data may be stale.") if args.leases: diff --git a/src/op_mode/show_dhcpv6.py b/src/op_mode/show_dhcpv6.py index ae63af39b..4ef4849ff 100755 --- a/src/op_mode/show_dhcpv6.py +++ b/src/op_mode/show_dhcpv6.py @@ -24,9 +24,11 @@ import collections import os from datetime import datetime -from vyos.config import Config from isc_dhcp_leases import Lease, IscDhcpLeases +from vyos.config import Config +from vyos.util import run + lease_file = "/config/dhcpdv6.leases" pool_key = "shared-networkname" @@ -177,7 +179,7 @@ if __name__ == '__main__': sys.exit(0) # if dhcp server is down, inactive leases may still be shown as active, so warn the user. - if os.system('systemctl -q is-active isc-dhcpv6-server.service') != 0: + if run('systemctl -q is-active isc-dhcpv6-server.service') != 0: print("WARNING: DHCPv6 server is configured but not started. Data may be stale.") if args.leases: diff --git a/src/op_mode/snmp.py b/src/op_mode/snmp.py index e08441f0e..b09eab97f 100755 --- a/src/op_mode/snmp.py +++ b/src/op_mode/snmp.py @@ -24,6 +24,7 @@ import sys import argparse from vyos.config import Config +from vyos.util import run config_file_daemon = r'/etc/snmp/snmpd.conf' @@ -53,7 +54,7 @@ def show_all(): def show_community(c, h): print('Status of SNMP community {0} on {1}'.format(c, h), flush=True) - os.system('/usr/bin/snmpstatus -t1 -v1 -c {0} {1}'.format(c, h)) + run('/usr/bin/snmpstatus -t1 -v1 -c {0} {1}'.format(c, h)) if __name__ == '__main__': args = parser.parse_args() |