4 files changed, 36 insertions, 34 deletions

diff --git a/src/conf_mode/containers.py b/src/conf_mode/containers.py
index cc34f9d39..ab992e415 100755
--- a/src/conf_mode/containers.py
+++ b/src/conf_mode/containers.py
@@ -30,8 +30,6 @@ from vyos.util import cmd
 from vyos.util import run
 from vyos.util import read_file
 from vyos.util import write_file
-from vyos.util import is_systemd_service_active
-from vyos.util import is_systemd_service_running
 from vyos.template import inc_ip
 from vyos.template import is_ipv4
 from vyos.template import is_ipv6
@@ -102,7 +100,7 @@ def verify(container):
                 # Check if the specified container network exists
                 network_name = list(container_config['network'])[0]
                 if network_name not in container['network']:
-                    raise ConfigError('Container network "{network_name}" does not exist!')
+                    raise ConfigError(f'Container network "{network_name}" does not exist!')
 
                 if 'address' in container_config['network'][network_name]:
                     if 'network' not in container_config:
@@ -237,17 +235,6 @@ def apply(container):
             if os.path.exists(tmp):
                 os.unlink(tmp)
 
-    service_name = 'podman.service'
-    if 'network' in container or 'name' in container:
-        # Start podman if it's required and not yet running
-        if not is_systemd_service_active(service_name):
-            _cmd(f'systemctl start {service_name}')
-        # Wait for podman to be running
-        while not is_systemd_service_running(service_name):
-            sleep(0.250)
-    else:
-        _cmd(f'systemctl stop {service_name}')
-
     # Add container
     if 'name' in container:
         for name, container_config in container['name'].items():
@@ -318,7 +305,17 @@ def apply(container):
                     if 'address' in container_config['network'][network]:
                         address = container_config['network'][network]['address']
                         ipparam = f'--ip {address}'
-                    _cmd(f'{container_base_cmd} --net {network} {ipparam} {image}')
+
+                    counter = 0
+                    while True:
+                        if counter >= 10:
+                            break
+                        try:
+                            _cmd(f'{container_base_cmd} --net {network} {ipparam} {image}')
+                            break
+                        except:
+                            counter = counter +1
+                            sleep(0.5)
 
     return None
 
diff --git a/src/conf_mode/interfaces-openvpn.py b/src/conf_mode/interfaces-openvpn.py
index 8f660fe1d..1e76147dd 100755
--- a/src/conf_mode/interfaces-openvpn.py
+++ b/src/conf_mode/interfaces-openvpn.py
@@ -82,26 +82,25 @@ def get_config(config=None):
     tmp_pki = conf.get_config_dict(['pki'], key_mangling=('-', '_'),
                                 get_first_key=True, no_tag_node_value_mangle=True)
 
-    # We have to get the dict using 'get_config_dict' instead of 'get_interface_dict'
-    # as 'get_interface_dict' merges the defaults in, so we can not check for defaults in there.
-    tmp_openvpn = conf.get_config_dict(base + [os.environ['VYOS_TAGNODE_VALUE']], key_mangling=('-', '_'),
-                                get_first_key=True, no_tag_node_value_mangle=True)
-
     openvpn = get_interface_dict(conf, base)
 
     if 'deleted' not in openvpn:
         openvpn['pki'] = tmp_pki
 
+        # We have to get the dict using 'get_config_dict' instead of 'get_interface_dict'
+        # as 'get_interface_dict' merges the defaults in, so we can not check for defaults in there.
+        tmp = conf.get_config_dict(base + [openvpn['ifname']], get_first_key=True)
+
+        # We have to cleanup the config dict, as default values could enable features
+        # which are not explicitly enabled on the CLI. Example: server mfa totp
+        # originate comes with defaults, which will enable the
+        # totp plugin, even when not set via CLI so we
+        # need to check this first and drop those keys
+        if dict_search('server.mfa.totp', tmp) == None:
+            del openvpn['server']['mfa']
+
     openvpn['auth_user_pass_file'] = '/run/openvpn/{ifname}.pw'.format(**openvpn)
 
-    # We have to cleanup the config dict, as default values could enable features
-    # which are not explicitly enabled on the CLI. Example: server mfa totp
-    # originate comes with defaults, which will enable the
-    # totp plugin, even when not set via CLI so we
-    # need to check this first and drop those keys
-    if dict_search('server.totp', tmp_openvpn) == None and dict_search('server', tmp_openvpn) != None:
-        del openvpn['server']['mfa']['totp']
-        
     return openvpn
 
 def is_ec_private_key(pki, cert_name):
diff --git a/src/conf_mode/protocols_static.py b/src/conf_mode/protocols_static.py
index 597fcc443..f010141e9 100755
--- a/src/conf_mode/protocols_static.py
+++ b/src/conf_mode/protocols_static.py
@@ -21,6 +21,7 @@ from sys import argv
 
 from vyos.config import Config
 from vyos.configdict import dict_merge
+from vyos.configdict import get_dhcp_interfaces
 from vyos.configverify import verify_common_route_maps
 from vyos.configverify import verify_vrf
 from vyos.template import render_to_string
@@ -56,6 +57,10 @@ def get_config(config=None):
     # Merge policy dict into "regular" config dict
     static = dict_merge(tmp, static)
 
+    # T3680 - get a list of all interfaces currently configured to use DHCP
+    tmp = get_dhcp_interfaces(conf, vrf)
+    if tmp: static['dhcp'] = tmp
+
     return static
 
 def verify(static):
diff --git a/src/conf_mode/system-login-banner.py b/src/conf_mode/system-login-banner.py
index a960a4da3..e9d6a339c 100755
--- a/src/conf_mode/system-login-banner.py
+++ b/src/conf_mode/system-login-banner.py
@@ -1,6 +1,6 @@
 #!/usr/bin/env python3
 #
-# Copyright (C) 2020 VyOS maintainers and contributors
+# Copyright (C) 2020-2021 VyOS maintainers and contributors
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License version 2 or later as
@@ -22,12 +22,13 @@ from vyos import airbag
 airbag.enable()
 
 motd="""
-The programs included with the Debian/VyOS GNU/Linux system are free software;
-the exact distribution terms for each program are described in the
-individual files in /usr/share/doc/*/copyright.
+Check out project news at https://blog.vyos.io
+and feel free to report bugs at https://phabricator.vyos.net
 
-Debian/VyOS GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
-permitted by applicable law.
+You can change this banner using "set system login banner post-login" command.
+
+VyOS is a free software distribution that includes multiple components,
+you can check individual component licenses under /usr/share/doc/*/copyright
 
 """