summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rwxr-xr-xsrc/conf_mode/dhcp_server.py1
-rwxr-xr-xsrc/conf_mode/dhcpv6_server.py38
-rwxr-xr-xsrc/etc/init.d/isc-dhcpv6-server113
-rw-r--r--src/systemd/isc-dhcp-server.service3
-rw-r--r--src/systemd/isc-dhcp-server6.service18
5 files changed, 32 insertions, 141 deletions
diff --git a/src/conf_mode/dhcp_server.py b/src/conf_mode/dhcp_server.py
index 39f2921cd..da01f16eb 100755
--- a/src/conf_mode/dhcp_server.py
+++ b/src/conf_mode/dhcp_server.py
@@ -594,6 +594,7 @@ def generate(dhcp):
if not dhcp or dhcp['disabled']:
return None
+ # Create configuration directory on demand
dirname = os.path.dirname(config_file)
if not os.path.isdir(dirname):
os.mkdir(dirname)
diff --git a/src/conf_mode/dhcpv6_server.py b/src/conf_mode/dhcpv6_server.py
index a7807ed9f..94a307826 100755
--- a/src/conf_mode/dhcpv6_server.py
+++ b/src/conf_mode/dhcpv6_server.py
@@ -21,19 +21,14 @@ from sys import exit
from copy import deepcopy
from vyos.config import Config
+from vyos.template import render
+from vyos.util import call
from vyos.validate import is_subnet_connected
from vyos import ConfigError
-from vyos.util import call
-from vyos.template import render
-
-config_file = r'/etc/dhcp/dhcpdv6.conf'
-lease_file = r'/config/dhcpdv6.leases'
-pid_file = r'/var/run/dhcpdv6.pid'
-daemon_config_file = r'/etc/default/isc-dhcpv6-server'
+config_file = r'/run/dhcp-server/dhcpdv6.conf'
default_config_data = {
- 'lease_file': lease_file,
'preference': '',
'disabled': False,
'shared_network': []
@@ -221,10 +216,7 @@ def get_config():
return dhcpv6
def verify(dhcpv6):
- if dhcpv6 is None:
- return None
-
- if dhcpv6['disabled']:
+ if not dhcpv6 or dhcpv6['disabled']:
return None
# If DHCP is enabled we need one share-network
@@ -336,31 +328,25 @@ def verify(dhcpv6):
return None
def generate(dhcpv6):
- if dhcpv6 is None:
+ if not dhcpv6 or dhcpv6['disabled']:
return None
- if dhcpv6['disabled']:
- print('Warning: DHCPv6 server will be deactivated because it is disabled')
- return None
+ # Create configuration directory on demand
+ dirname = os.path.dirname(config_file)
+ if not os.path.isdir(dirname):
+ os.mkdir(dirname)
render(config_file, 'dhcpv6-server/dhcpdv6.conf.tmpl', dhcpv6)
- render(daemon_config_file, 'dhcpv6-server/daemon.tmpl', dhcpv6)
return None
def apply(dhcpv6):
- if (dhcpv6 is None) or dhcpv6['disabled']:
+ if not dhcpv6 or dhcpv6['disabled']:
# DHCP server is removed in the commit
- call('sudo systemctl stop isc-dhcpv6-server.service')
+ call('systemctl stop isc-dhcp-server6.service')
if os.path.exists(config_file):
os.unlink(config_file)
- if os.path.exists(daemon_config_file):
- os.unlink(daemon_config_file)
- else:
- # If our file holding DHCPv6 leases does yet not exist - create it
- if not os.path.exists(lease_file):
- os.mknod(lease_file)
- call('sudo systemctl restart isc-dhcpv6-server.service')
+ call('systemctl restart isc-dhcp-server6.service')
return None
diff --git a/src/etc/init.d/isc-dhcpv6-server b/src/etc/init.d/isc-dhcpv6-server
deleted file mode 100755
index f6b27cb4a..000000000
--- a/src/etc/init.d/isc-dhcpv6-server
+++ /dev/null
@@ -1,113 +0,0 @@
-#!/bin/sh
-#
-#
-
-### BEGIN INIT INFO
-# Provides: isc-dhcpv6-server
-# Required-Start: $remote_fs $network $syslog
-# Required-Stop: $remote_fs $network $syslog
-# Should-Start: $local_fs slapd $named
-# Should-Stop: $local_fs slapd
-# Default-Start: 2 3 4 5
-# Default-Stop: 0 1 6
-# Short-Description: IPv6 DHCP server
-# Description: Dynamic Host Configuration Protocol Server for IPv6
-### END INIT INFO
-
-PATH=/sbin:/bin:/usr/sbin:/usr/bin
-
-test -f /usr/sbin/dhcpd || exit 0
-
-DHCPD_DEFAULT="${DHCPD_DEFAULT:-/etc/default/isc-dhcpv6-server}"
-
-# It is not safe to start if we don't have a default configuration...
-if [ ! -f "$DHCPD_DEFAULT" ]; then
- echo "$DHCPD_DEFAULT does not exist! - Aborting..."
- exit 0
-fi
-
-. /lib/lsb/init-functions
-
-# Read init script configuration
-[ -f "$DHCPD_DEFAULT" ] && . "$DHCPD_DEFAULT"
-
-NAME=dhcpdv6
-DESC="ISC DHCP server IPv6"
-# fallback to default config file
-DHCPD_CONF=${DHCPD_CONF:-/etc/dhcp/dhcpdv6.conf}
-# try to read pid file name from config file, with fallback to /var/run/dhcpdv6.pid
-if [ -z "$DHCPD_PID" ]; then
- DHCPD_PID=$(sed -n -e 's/^[ \t]*pid-file-name[ \t]*"(.*)"[ \t]*;.*$/\1/p' < "$DHCPD_CONF" 2>/dev/null | head -n 1)
-fi
-DHCPD_PID="${DHCPD_PID:-/var/run/dhcpdv6.pid}"
-
-test_config()
-{
- if ! /usr/sbin/dhcpd -t $OPTIONS -q -cf "$DHCPD_CONF" > /dev/null 2>&1; then
- echo "dhcpd self-test failed. Please fix $DHCPD_CONF."
- echo "The error was: "
- /usr/sbin/dhcpd -t $OPTIONS -cf "$DHCPD_CONF"
- exit 1
- fi
- touch /var/lib/dhcp/dhcpdv6.leases
-}
-
-# single arg is -v for messages, -q for none
-check_status()
-{
- if [ ! -r "$DHCPD_PID" ]; then
- test "$1" != -v || echo "$NAME is not running."
- return 3
- fi
- if read pid < "$DHCPD_PID" && ps -p "$pid" > /dev/null 2>&1; then
- test "$1" != -v || echo "$NAME is running."
- return 0
- else
- test "$1" != -v || echo "$NAME is not running but $DHCPD_PID exists."
- return 1
- fi
-}
-
-case "$1" in
- start)
- test_config
- log_daemon_msg "Starting $DESC" "$NAME"
- start-stop-daemon --start --oknodo --quiet --pidfile "$DHCPD_PID" \
- --exec /usr/sbin/dhcpd -- \
- -q $OPTIONS -cf "$DHCPD_CONF" -pf "$DHCPD_PID" $INTERFACES
- sleep 2
-
- if check_status -q; then
- log_end_msg 0
- else
- log_failure_msg "check syslog for diagnostics."
- log_end_msg 1
- exit 1
- fi
- ;;
- stop)
- log_daemon_msg "Stopping $DESC" "$NAME"
- start-stop-daemon --stop --oknodo --quiet --pidfile "$DHCPD_PID"
- log_end_msg $?
- rm -f "$DHCPD_PID"
- ;;
- restart | force-reload)
- test_config
- $0 stop
- sleep 2
- $0 start
- if [ "$?" != "0" ]; then
- exit 1
- fi
- ;;
- status)
- echo -n "Status of $DESC: "
- check_status -v
- exit "$?"
- ;;
- *)
- echo "Usage: $0 {start|stop|restart|force-reload|status}"
- exit 1
-esac
-
-exit 0
diff --git a/src/systemd/isc-dhcp-server.service b/src/systemd/isc-dhcp-server.service
index 4c3cb9920..d848e3df1 100644
--- a/src/systemd/isc-dhcp-server.service
+++ b/src/systemd/isc-dhcp-server.service
@@ -1,10 +1,9 @@
[Unit]
Description=ISC DHCP IPv4 server
Documentation=man:dhcpd(8)
-After=vyos-router.service
RequiresMountsFor=/run
-After=time-sync.target
ConditionPathExists=/run/dhcp-server/dhcpd.conf
+After=vyos-router.service
[Service]
WorkingDirectory=/run/dhcp-server
diff --git a/src/systemd/isc-dhcp-server6.service b/src/systemd/isc-dhcp-server6.service
new file mode 100644
index 000000000..743f16840
--- /dev/null
+++ b/src/systemd/isc-dhcp-server6.service
@@ -0,0 +1,18 @@
+[Unit]
+Description=ISC DHCP IPv6 server
+Documentation=man:dhcpd(8)
+RequiresMountsFor=/run
+ConditionPathExists=/run/dhcp-server/dhcpd.conf
+After=vyos-router.service
+
+[Service]
+WorkingDirectory=/run/dhcp-server
+# The leases files need to be root:vyattacfg even when dropping privileges
+ExecStart=/bin/sh -ec '\
+ [ -e /config/dhcpdv6.leases ] || touch /config/dhcpdv6.leases; \
+ chown root:vyattacfg /config/dhcpdv6.leases; \
+ chmod 664 /config/dhcpdv6.leases; \
+ exec /usr/sbin/dhcpd -user nobody -group nogroup -f -6 -pf /run/dhcp-server/dhcpdv6.pid -cf /run/dhcp-server/dhcpdv6.conf -lf /config/dhcpdv6.leases'
+
+[Install]
+WantedBy=multi-user.target