4 files changed, 17 insertions, 34 deletions
diff --git a/src/conf_mode/host_name.py b/src/conf_mode/host_name.py
index dd5819f9f..a669580ae 100755
--- a/src/conf_mode/host_name.py
+++ b/src/conf_mode/host_name.py
@@ -1,6 +1,6 @@
 #!/usr/bin/env python3
 #
-# Copyright (C) 2018 VyOS maintainers and contributors
+# Copyright (C) 2018-2020 VyOS maintainers and contributors
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License version 2 or later as
@@ -13,8 +13,6 @@
 #
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
-#
-#
 
 """
 conf-mode script for 'system host-name' and 'system domain-name'.
@@ -33,10 +31,7 @@ import vyos.hostsd_client
 
 from vyos.config import Config
 from vyos import ConfigError
-from vyos.util import cmd
-from vyos.util import call
-from vyos.util import run
-
+from vyos.util import cmd, call, run, process_named_running
 
 default_config_data = {
     'hostname': 'vyos',
@@ -166,12 +161,11 @@ def apply(config):
         call("systemctl restart rsyslog.service")
 
     # If SNMP is running, restart it too
-    ret = run("pgrep snmpd")
-    if ret == 0:
-        call("systemctl restart snmpd.service")
+    if process_named_running('snmpd'):
+        call('systemctl restart snmpd.service')
 
     # restart pdns if it is used
-    ret = run('/usr/bin/rec_control ping')
+    ret = run('/usr/bin/rec_control --socket-dir=/run/powerdns ping')
     if ret == 0:
         call('systemctl restart pdns-recursor.service')
 
diff --git a/src/conf_mode/interfaces-tunnel.py b/src/conf_mode/interfaces-tunnel.py
index c51048aeb..06c2ea29b 100755
--- a/src/conf_mode/interfaces-tunnel.py
+++ b/src/conf_mode/interfaces-tunnel.py
@@ -19,6 +19,7 @@ import netifaces
 
 from sys import exit
 from copy import deepcopy
+from netifaces import interfaces
 
 from vyos.config import Config
 from vyos.ifconfig import Interface, GREIf, GRETapIf, IPIPIf, IP6GREIf, IPIP6If, IP6IP6If, SitIf, Sit6RDIf
@@ -506,6 +507,12 @@ def verify(conf):
     if ipv6_count and not IP6 in kls.ip:
         print(f'Should not use IPv6 addresses on tunnel {iftype} {ifname}')
 
+    # vrf check
+
+    vrf = options['vrf']
+    if vrf and vrf not in interfaces():
+        raise ConfigError(f'VRF "{vrf}" does not exist')
+
     # tunnel encapsulation check
 
     convert = {
diff --git a/src/conf_mode/snmp.py b/src/conf_mode/snmp.py
index d654dcb84..7530da2dc 100755
--- a/src/conf_mode/snmp.py
+++ b/src/conf_mode/snmp.py
@@ -535,23 +535,9 @@ def apply(snmp):
     # start SNMP daemon
     call("systemctl restart snmpd.service")
 
-    # Passwords are not available immediately in the configuration file,
-    # after daemon startup - we wait until they have been processed by
-    # snmpd, which we see when a magic line appears in this file.
-    while True:
-        while not os.path.exists(config_file_user):
-            sleep(0.5)
-
-        try:
-            with open(config_file_user, 'r') as f:
-                for line in f:
-                    # Search for our magic string inside the file
-                    if 'usmUser' in line:
-                        break
-        except IOError:
-            continue
-        else:
-            break
+    while (call('systemctl -q is-active snmpd.service') != 0):
+        print("service not yet started")
+        sleep(0.5)
 
     # net-snmp is now regenerating the configuration file in the background
     # thus we need to re-open and re-read the file as the content changed.
diff --git a/src/conf_mode/system-login.py b/src/conf_mode/system-login.py
index 6008ca0b3..91e2b369f 100755
--- a/src/conf_mode/system-login.py
+++ b/src/conf_mode/system-login.py
@@ -16,6 +16,7 @@
 
 import os
 
+from crypt import crypt, METHOD_SHA512
 from psutil import users
 from pwd import getpwall, getpwnam
 from stat import S_IRUSR, S_IWUSR, S_IRWXU, S_IRGRP, S_IXGRP
@@ -52,11 +53,6 @@ def get_local_users():
 
     return local_users
 
-
-def get_crypt_pw(password):
-    return cmd(f'/usr/bin/mkpasswd --method=sha-512 {password}')
-
-
 def get_config():
     login = default_config_data
     conf = Config()
@@ -204,7 +200,7 @@ def generate(login):
     # calculate users encrypted password
     for user in login['add_users']:
         if user['password_plaintext']:
-            user['password_encrypted'] = get_crypt_pw(user['password_plaintext'])
+            user['password_encrypted'] = crypt(user['password_plaintext'], METHOD_SHA512)
             user['password_plaintext'] = ''
 
             # remove old plaintext password