5 files changed, 69 insertions, 0 deletions
diff --git a/src/op_mode/container.py b/src/op_mode/container.py
index 05f65df1f..f93df0fc4 100755
--- a/src/op_mode/container.py
+++ b/src/op_mode/container.py
@@ -16,6 +16,7 @@
 
 import json
 import sys
+import subprocess
 
 from vyos.utils.process import cmd
 from vyos.utils.process import rc_cmd
@@ -109,6 +110,47 @@ def restart(name: str):
     print(f'Container "{name}" restarted!')
     return output
 
+def show_log(name: str, follow: bool = False, raw: bool = False):
+    """
+    Show or monitor logs for a specific container.
+    Use --follow to continuously stream logs.
+    """
+    from vyos.configquery import ConfigTreeQuery
+    conf = ConfigTreeQuery()
+    container = conf.get_config_dict(['container', 'name', name],  get_first_key=True, with_recursive_defaults=True)
+    log_type = container.get('log-driver')
+    if log_type == 'k8s-file':
+        if follow:
+            log_command_list = ['sudo', 'podman', 'logs', '--follow', '--names', name]
+        else:
+            log_command_list = ['sudo', 'podman', 'logs', '--names', name]
+    elif log_type == 'journald':
+        if follow:
+            log_command_list = ['journalctl', '--follow', '--unit', f'vyos-container-{name}.service']
+        else:
+            log_command_list = ['journalctl', '-e', '--no-pager', '--unit', f'vyos-container-{name}.service']
+    elif log_type == 'none':
+        print(f'Container "{name}" has disabled logs.')
+        return None
+    else:
+        raise vyos.opmode.InternalError(f'Unknown log type "{log_type}" for container "{name}".')
+
+    process = None
+    try:
+        process = subprocess.Popen(log_command_list,
+                                   stdout=sys.stdout,
+                                   stderr=sys.stderr)
+        process.wait()
+    except KeyboardInterrupt:
+        if process:
+            process.terminate()
+            process.wait()
+        return None
+    except Exception as e:
+        raise vyos.opmode.InternalError(f"Error starting logging command: {e} ")
+    return None
+
+
 if __name__ == '__main__':
     try:
         res = vyos.opmode.run(sys.modules[__name__])
diff --git a/src/op_mode/install_mok.sh b/src/op_mode/install_mok.sh
new file mode 100755
index 000000000..29f78cd1f
--- /dev/null
+++ b/src/op_mode/install_mok.sh
@@ -0,0 +1,7 @@
+#!/bin/sh
+
+if test -f /var/lib/shim-signed/mok/vyos-dev-2025-shim.der; then
+    mokutil --ignore-keyring --import /var/lib/shim-signed/mok/vyos-dev-2025-shim.der;
+else
+    echo "Secure Boot Machine Owner Key not found";
+fi
diff --git a/src/op_mode/show_bonding_detail.sh b/src/op_mode/show_bonding_detail.sh
new file mode 100755
index 000000000..62265daa2
--- /dev/null
+++ b/src/op_mode/show_bonding_detail.sh
@@ -0,0 +1,7 @@
+#!/bin/sh
+
+if [ -f "/proc/net/bonding/$1" ]; then
+  cat "/proc/net/bonding/$1";
+else
+  echo "Interface $1 does not exist!";
+fi
diff --git a/src/op_mode/show_ppp_stats.sh b/src/op_mode/show_ppp_stats.sh
new file mode 100755
index 000000000..d9c17f966
--- /dev/null
+++ b/src/op_mode/show_ppp_stats.sh
@@ -0,0 +1,5 @@
+#!/bin/sh
+
+if [ -d "/sys/class/net/$1" ]; then
+  /usr/sbin/pppstats "$1";
+fi
diff --git a/src/op_mode/update_suricata.sh b/src/op_mode/update_suricata.sh
new file mode 100755
index 000000000..6e4e605f4
--- /dev/null
+++ b/src/op_mode/update_suricata.sh
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+if test -f /run/suricata/suricata.yaml; then
+  suricata-update --suricata-conf /run/suricata/suricata.yaml;
+  systemctl restart suricata;
+else
+  echo "Service Suricata not configured";
+fi