diff options
Diffstat (limited to 'src/conf_mode')
| -rwxr-xr-x | src/conf_mode/interfaces_tunnel.py | 4 | ||||
| -rwxr-xr-x | src/conf_mode/system_login.py | 8 |
2 files changed, 8 insertions, 4 deletions
diff --git a/src/conf_mode/interfaces_tunnel.py b/src/conf_mode/interfaces_tunnel.py index 91aed9cc3..efa5ebc64 100755 --- a/src/conf_mode/interfaces_tunnel.py +++ b/src/conf_mode/interfaces_tunnel.py @@ -24,7 +24,7 @@ from vyos.configdict import get_interface_dict from vyos.configdict import is_node_changed from vyos.configverify import verify_address from vyos.configverify import verify_bridge_delete -from vyos.configverify import verify_interface_exists +from vyos.configverify import verify_source_interface from vyos.configverify import verify_mtu_ipv6 from vyos.configverify import verify_mirror_redirect from vyos.configverify import verify_vrf @@ -166,7 +166,7 @@ def verify(tunnel): verify_mirror_redirect(tunnel) if 'source_interface' in tunnel: - verify_interface_exists(tunnel['source_interface']) + verify_source_interface(tunnel) # TTL != 0 and nopmtudisc are incompatible, parameters and ip use default # values, thus the keys are always present. diff --git a/src/conf_mode/system_login.py b/src/conf_mode/system_login.py index f34575aff..3d16bdb4a 100755 --- a/src/conf_mode/system_login.py +++ b/src/conf_mode/system_login.py @@ -20,6 +20,7 @@ from passlib.hosts import linux_context from psutil import users from pwd import getpwall from pwd import getpwnam +from pwd import getpwuid from sys import exit from time import sleep @@ -342,8 +343,11 @@ def apply(login): # XXX: Should we deny using root at all? home_dir = getpwnam(user).pw_dir # T5875: ensure UID is properly set on home directory if user is re-added - if os.path.exists(home_dir): - chown(home_dir, user=user, recursive=True) + # the home directory will always exist, as it's created above by --create-home, + # retrieve current owner of home directory and adjust it on demand + dir_owner = getpwuid(os.stat(home_dir).st_uid).pw_name + if dir_owner != user: + chown(home_dir, user=user, recursive=True) render(f'{home_dir}/.ssh/authorized_keys', 'login/authorized_keys.j2', user_config, permission=0o600, |