5 files changed, 31 insertions, 9 deletions

diff --git a/debian/control b/debian/control
index d7cd5b688..b486932c0 100644
--- a/debian/control
+++ b/debian/control
@@ -8,6 +8,7 @@ Build-Depends:
   fakeroot,
   gcc-multilib [amd64],
   clang [amd64],
+  iproute2,
   llvm [amd64],
   libbpf-dev [amd64],
   libelf-dev (>= 0.2) [amd64],
@@ -39,12 +40,12 @@ Depends:
   beep,
   bmon,
   bsdmainutils,
+  charon-systemd,
   conntrack,
   conntrackd,
   conserver-client,
   conserver-server,
   console-data,
-  crda,
   cron,
   curl,
   dbus,
@@ -68,7 +69,7 @@ Depends:
   ipaddrcheck,
   iperf,
   iperf3,
-  iproute2,
+  iproute2 (>= 6.0.0),
   iputils-arping,
   isc-dhcp-client,
   isc-dhcp-relay,
@@ -78,7 +79,7 @@ Depends:
   lcdproc,
   lcdproc-extra-drivers,
   libatomic1,
-  libbpf0 [amd64],
+  libbpf1 [amd64],
   libcharon-extra-plugins (>=5.9),
   libcharon-extauth-plugins (>=5.9),
   libndp-tools,
@@ -101,8 +102,7 @@ Depends:
   nfct,
   nftables (>= 0.9.3),
   nginx-light,
-  ntp,
-  ntpdate,
+  chrony,
   nvme-cli,
   ocserv,
   opennhrp,
@@ -131,6 +131,7 @@ Depends:
   python3-netaddr,
   python3-netifaces,
   python3-paramiko,
+  python3-passlib,
   python3-psutil,
   python3-pyhumps,
   python3-pystache,
@@ -154,6 +155,7 @@ Depends:
   squidguard,
   sshguard,
   ssl-cert,
+  sstp-client,
   strongswan (>= 5.9),
   strongswan-swanctl (>= 5.9),
   stunnel4,
@@ -196,6 +198,7 @@ Description: VyOS configuration scripts and data for VMware
 Package: vyos-1x-smoketest
 Architecture: all
 Depends:
+ skopeo,
  snmp,
  vyos-1x
 Description: VyOS build sanity checking toolkit
diff --git a/debian/rules b/debian/rules
index 5a58aeeb6..55e02fae6 100755
--- a/debian/rules
+++ b/debian/rules
@@ -8,6 +8,7 @@ VYOS_DATA_DIR := usr/share/vyos
 VYOS_CFG_TMPL_DIR := opt/vyatta/share/vyatta-cfg/templates
 VYOS_OP_TMPL_DIR := opt/vyatta/share/vyatta-op/templates
 VYOS_MIBS_DIR := usr/share/snmp/mibs
+VYOS_LOCALUI_DIR := srv/localui
 
 MIGRATION_SCRIPTS_DIR := opt/vyatta/etc/config-migrate/migrate
 SYSTEM_SCRIPTS_DIR := usr/libexec/vyos/system
@@ -89,6 +90,9 @@ override_dh_auto_install:
 	mkdir -p $(DIR)/$(VYOS_DATA_DIR)
 	cp -r data/* $(DIR)/$(VYOS_DATA_DIR)
 
+	# Create localui dir
+	mkdir -p $(DIR)/$(VYOS_LOCALUI_DIR)
+
 	# Install SNMP MIBs
 	mkdir -p $(DIR)/$(VYOS_MIBS_DIR)
 	cp -d mibs/* $(DIR)/$(VYOS_MIBS_DIR)
diff --git a/debian/vyos-1x-smoketest.postinst b/debian/vyos-1x-smoketest.postinst
new file mode 100755
index 000000000..18612804c
--- /dev/null
+++ b/debian/vyos-1x-smoketest.postinst
@@ -0,0 +1,10 @@
+#!/bin/sh -e
+
+BUSYBOX_TAG="docker.io/library/busybox:stable"
+OUTPUT_PATH="/usr/share/vyos/busybox-stable.tar"
+
+if [[ -f $OUTPUT_PATH ]]; then
+    rm -f $OUTPUT_PATH
+fi
+
+skopeo copy --additional-tag "$BUSYBOX_TAG" "docker://$BUSYBOX_TAG" "docker-archive:/$OUTPUT_PATH"
diff --git a/debian/vyos-1x.install b/debian/vyos-1x.install
index edd090993..98d1bc0cd 100644
--- a/debian/vyos-1x.install
+++ b/debian/vyos-1x.install
@@ -1,8 +1,10 @@
+etc/commit
 etc/dhcp
 etc/ipsec.d
 etc/logrotate.d
 etc/netplug
 etc/opennhrp
+etc/modprobe.d
 etc/ppp
 etc/rsyslog.d
 etc/securetty
@@ -16,7 +18,9 @@ etc/update-motd.d
 etc/vyos
 lib/
 opt/
+srv/localui
 usr/sbin
+usr/bin/config-mgmt
 usr/bin/initial-setup
 usr/bin/vyos-config-file-query
 usr/bin/vyos-config-to-commands
diff --git a/debian/vyos-1x.postinst b/debian/vyos-1x.postinst
index d92fd8233..b2f6a7399 100644
--- a/debian/vyos-1x.postinst
+++ b/debian/vyos-1x.postinst
@@ -24,9 +24,9 @@ fi
 # Enable 2FA/MFA support for SSH and local logins
 for file in /etc/pam.d/sshd /etc/pam.d/login
 do
-    PAM_CONFIG="auth       required     pam_google_authenticator.so nullok"
-    grep -qF -- "${PAM_CONFIG}" $file || \
-    sed -i "/^@include common-auth/a # Check 2FA/MFA authentication token if enabled (per user)\n${PAM_CONFIG}" $file
+    PAM_CONFIG="# Check 2FA/MFA authentication token if enabled (per user)\nauth       required     pam_google_authenticator.so nullok forward_pass\n"
+    grep -qF -- "pam_google_authenticator.so" $file || \
+    sed -i "/^# Standard Un\*x authentication\./i${PAM_CONFIG}" $file
 done
 
 # Add RADIUS operator user for RADIUS authenticated users to map to
@@ -103,7 +103,8 @@ DELETE="/etc/logrotate.d/conntrackd.distrib /etc/init.d/conntrackd /etc/default/
         /etc/default/pmacctd /etc/pmacct
         /etc/networks_list /etc/networks_whitelist /etc/fastnetmon.conf
         /etc/ntp.conf /etc/default/ssh
-        /etc/powerdns /etc/default/pdns-recursor"
+        /etc/powerdns /etc/default/pdns-recursor
+        /etc/ppp/ip-up.d/0000usepeerdns /etc/ppp/ip-down.d/0000usepeerdns"
 for tmp in $DELETE; do
     if [ -e ${tmp} ]; then
         rm -rf ${tmp}