13 files changed, 150 insertions, 49 deletions

diff --git a/src/conf_mode/containers.py b/src/conf_mode/containers.py
index cc34f9d39..ab992e415 100755
--- a/src/conf_mode/containers.py
+++ b/src/conf_mode/containers.py
@@ -30,8 +30,6 @@ from vyos.util import cmd
 from vyos.util import run
 from vyos.util import read_file
 from vyos.util import write_file
-from vyos.util import is_systemd_service_active
-from vyos.util import is_systemd_service_running
 from vyos.template import inc_ip
 from vyos.template import is_ipv4
 from vyos.template import is_ipv6
@@ -102,7 +100,7 @@ def verify(container):
                 # Check if the specified container network exists
                 network_name = list(container_config['network'])[0]
                 if network_name not in container['network']:
-                    raise ConfigError('Container network "{network_name}" does not exist!')
+                    raise ConfigError(f'Container network "{network_name}" does not exist!')
 
                 if 'address' in container_config['network'][network_name]:
                     if 'network' not in container_config:
@@ -237,17 +235,6 @@ def apply(container):
             if os.path.exists(tmp):
                 os.unlink(tmp)
 
-    service_name = 'podman.service'
-    if 'network' in container or 'name' in container:
-        # Start podman if it's required and not yet running
-        if not is_systemd_service_active(service_name):
-            _cmd(f'systemctl start {service_name}')
-        # Wait for podman to be running
-        while not is_systemd_service_running(service_name):
-            sleep(0.250)
-    else:
-        _cmd(f'systemctl stop {service_name}')
-
     # Add container
     if 'name' in container:
         for name, container_config in container['name'].items():
@@ -318,7 +305,17 @@ def apply(container):
                     if 'address' in container_config['network'][network]:
                         address = container_config['network'][network]['address']
                         ipparam = f'--ip {address}'
-                    _cmd(f'{container_base_cmd} --net {network} {ipparam} {image}')
+
+                    counter = 0
+                    while True:
+                        if counter >= 10:
+                            break
+                        try:
+                            _cmd(f'{container_base_cmd} --net {network} {ipparam} {image}')
+                            break
+                        except:
+                            counter = counter +1
+                            sleep(0.5)
 
     return None
 
diff --git a/src/conf_mode/interfaces-openvpn.py b/src/conf_mode/interfaces-openvpn.py
index 8f660fe1d..1e76147dd 100755
--- a/src/conf_mode/interfaces-openvpn.py
+++ b/src/conf_mode/interfaces-openvpn.py
@@ -82,26 +82,25 @@ def get_config(config=None):
     tmp_pki = conf.get_config_dict(['pki'], key_mangling=('-', '_'),
                                 get_first_key=True, no_tag_node_value_mangle=True)
 
-    # We have to get the dict using 'get_config_dict' instead of 'get_interface_dict'
-    # as 'get_interface_dict' merges the defaults in, so we can not check for defaults in there.
-    tmp_openvpn = conf.get_config_dict(base + [os.environ['VYOS_TAGNODE_VALUE']], key_mangling=('-', '_'),
-                                get_first_key=True, no_tag_node_value_mangle=True)
-
     openvpn = get_interface_dict(conf, base)
 
     if 'deleted' not in openvpn:
         openvpn['pki'] = tmp_pki
 
+        # We have to get the dict using 'get_config_dict' instead of 'get_interface_dict'
+        # as 'get_interface_dict' merges the defaults in, so we can not check for defaults in there.
+        tmp = conf.get_config_dict(base + [openvpn['ifname']], get_first_key=True)
+
+        # We have to cleanup the config dict, as default values could enable features
+        # which are not explicitly enabled on the CLI. Example: server mfa totp
+        # originate comes with defaults, which will enable the
+        # totp plugin, even when not set via CLI so we
+        # need to check this first and drop those keys
+        if dict_search('server.mfa.totp', tmp) == None:
+            del openvpn['server']['mfa']
+
     openvpn['auth_user_pass_file'] = '/run/openvpn/{ifname}.pw'.format(**openvpn)
 
-    # We have to cleanup the config dict, as default values could enable features
-    # which are not explicitly enabled on the CLI. Example: server mfa totp
-    # originate comes with defaults, which will enable the
-    # totp plugin, even when not set via CLI so we
-    # need to check this first and drop those keys
-    if dict_search('server.totp', tmp_openvpn) == None and dict_search('server', tmp_openvpn) != None:
-        del openvpn['server']['mfa']['totp']
-        
     return openvpn
 
 def is_ec_private_key(pki, cert_name):
diff --git a/src/conf_mode/protocols_static.py b/src/conf_mode/protocols_static.py
index 597fcc443..f010141e9 100755
--- a/src/conf_mode/protocols_static.py
+++ b/src/conf_mode/protocols_static.py
@@ -21,6 +21,7 @@ from sys import argv
 
 from vyos.config import Config
 from vyos.configdict import dict_merge
+from vyos.configdict import get_dhcp_interfaces
 from vyos.configverify import verify_common_route_maps
 from vyos.configverify import verify_vrf
 from vyos.template import render_to_string
@@ -56,6 +57,10 @@ def get_config(config=None):
     # Merge policy dict into "regular" config dict
     static = dict_merge(tmp, static)
 
+    # T3680 - get a list of all interfaces currently configured to use DHCP
+    tmp = get_dhcp_interfaces(conf, vrf)
+    if tmp: static['dhcp'] = tmp
+
     return static
 
 def verify(static):
diff --git a/src/conf_mode/system-login-banner.py b/src/conf_mode/system-login-banner.py
index a960a4da3..e9d6a339c 100755
--- a/src/conf_mode/system-login-banner.py
+++ b/src/conf_mode/system-login-banner.py
@@ -1,6 +1,6 @@
 #!/usr/bin/env python3
 #
-# Copyright (C) 2020 VyOS maintainers and contributors
+# Copyright (C) 2020-2021 VyOS maintainers and contributors
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License version 2 or later as
@@ -22,12 +22,13 @@ from vyos import airbag
 airbag.enable()
 
 motd="""
-The programs included with the Debian/VyOS GNU/Linux system are free software;
-the exact distribution terms for each program are described in the
-individual files in /usr/share/doc/*/copyright.
+Check out project news at https://blog.vyos.io
+and feel free to report bugs at https://phabricator.vyos.net
 
-Debian/VyOS GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
-permitted by applicable law.
+You can change this banner using "set system login banner post-login" command.
+
+VyOS is a free software distribution that includes multiple components,
+you can check individual component licenses under /usr/share/doc/*/copyright
 
 """
 
diff --git a/src/etc/logrotate.d/vyos-atop b/src/etc/logrotate.d/vyos-atop
new file mode 100644
index 000000000..0c8359c7b
--- /dev/null
+++ b/src/etc/logrotate.d/vyos-atop
@@ -0,0 +1,20 @@
+/var/log/atop/atop.log {
+    daily
+    dateext
+    dateformat _%Y-%m-%d_%H-%M-%S
+    maxsize 10M
+    missingok
+    nocompress
+    nocreate
+    nomail
+    rotate 10
+    prerotate
+        # stop the service
+        systemctl stop atop.service
+    endscript
+    postrotate
+        # start atop service again
+        systemctl start atop.service
+    endscript
+}
+
diff --git a/src/etc/systemd/system/atop.service.d/10-override.conf b/src/etc/systemd/system/atop.service.d/10-override.conf
new file mode 100644
index 000000000..10df15862
--- /dev/null
+++ b/src/etc/systemd/system/atop.service.d/10-override.conf
@@ -0,0 +1,6 @@
+[Service]
+ExecStartPre=
+ExecStart=
+ExecStart=/bin/sh -c 'exec /usr/bin/atop ${LOGOPTS} -w "${LOGPATH}/atop.log" ${LOGINTERVAL}'
+ExecStartPost=
+
diff --git a/src/etc/udev/rules.d/62-temporary-interface-rename.rules b/src/etc/udev/rules.d/62-temporary-interface-rename.rules
new file mode 100644
index 000000000..4a579dcab
--- /dev/null
+++ b/src/etc/udev/rules.d/62-temporary-interface-rename.rules
@@ -0,0 +1 @@
+SUBSYSTEM=="net", ACTION=="add", KERNEL=="eth*", DRIVERS=="?*", NAME="e$env{IFINDEX}"
diff --git a/src/etc/udev/rules.d/65-vyos-net.rules b/src/etc/udev/rules.d/65-vyos-net.rules
index c8d5750dd..32ae352de 100644
--- a/src/etc/udev/rules.d/65-vyos-net.rules
+++ b/src/etc/udev/rules.d/65-vyos-net.rules
@@ -4,11 +4,8 @@
 ACTION!="add", 				GOTO="vyos_net_end"
 SUBSYSTEM!="net",			GOTO="vyos_net_end"
 
-# ignore the interface if a name has already been set
-NAME=="?*",				GOTO="vyos_net_end"
-
 # Do name change for ethernet and wireless devices only
-KERNEL!="eth*|wlan*", 			GOTO="vyos_net_end"
+KERNEL!="eth*|wlan*|e*", 			GOTO="vyos_net_end"
 
 # ignore "secondary" monitor interfaces of mac80211 drivers
 KERNEL=="wlan*", ATTRS{type}=="803",	GOTO="vyos_net_end"
diff --git a/src/helpers/vyos_net_name b/src/helpers/vyos_net_name
index 0652e98b1..5d9535cf0 100755
--- a/src/helpers/vyos_net_name
+++ b/src/helpers/vyos_net_name
@@ -77,10 +77,12 @@ def get_biosdevname(ifname: str) -> str:
     XXX: This throws an error, and likely has for a long time, unnoticed
     since vyatta_net_name redirected stderr to /dev/null.
     """
-    if 'eth' not in ifname:
-        return ifname
+    intf = f"eth{re.sub(r'[^0-9]', '', ifname)}" if 'e' == ifname[0] else ifname
+
+    if 'eth' not in intf:
+        return intf
     if os.path.isdir('/proc/xen'):
-        return ifname
+        return intf
 
     time.sleep(1)
 
@@ -90,7 +92,7 @@ def get_biosdevname(ifname: str) -> str:
         logging.error(f'biosdevname error: {e}')
         biosname = ''
 
-    return ifname if biosname == '' else biosname
+    return intf if biosname == '' else biosname
 
 def leave_rescan_hint(intf_name: str, hwid: str):
     """Write interface information reported by udev
@@ -186,9 +188,9 @@ def on_boot_event(intf_name: str, hwid: str, predefined: str = '') -> str:
     interfaces = get_configfile_interfaces()
     logging.debug(f"config file interfaces are {interfaces}")
 
-    if hwid in list(interfaces) and intf_name == interfaces[hwid]:
-        logging.info(f"use mapping from config file: '{hwid}' -> '{intf_name}'")
-        return intf_name
+    if hwid in list(interfaces):
+        logging.info(f"use mapping from config file: '{hwid}' -> '{interfaces[hwid]}'")
+        return interfaces[hwid]
 
     add_assigned_interfaces(interfaces)
     logging.debug(f"adding assigned interfaces: {interfaces}")
@@ -223,6 +225,7 @@ lock.acquire()
 if not boot_configuration_complete():
     res = on_boot_event(argv[1], argv[2], predefined=predef_name)
     logging.debug(f"on boot, returned name is {res}")
+    print(res)
 else:
     logging.debug("boot configuration complete")
 lock.release()
diff --git a/src/op_mode/force_part_resize.sh b/src/op_mode/force_part_resize.sh
new file mode 100755
index 000000000..eb0f26d8a
--- /dev/null
+++ b/src/op_mode/force_part_resize.sh
@@ -0,0 +1,72 @@
+#!/usr/bin/env bash
+#
+# Copyright (C) 2021 VyOS maintainers and contributors
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+#
+# Function to get the vyos version from the commandline.
+#
+get_version () {
+for item in `cat /proc/cmdline`; do
+  if [  "vyos-union" == "${item%=*}" ]; then
+    echo ${item#*=}
+  fi
+done
+}
+
+#
+# VERSION is the output of the get_version output.
+# DEVICEPART is the device partition where VyOS is mounted on.
+# DEVICEPATH is the path to the device where VyOS is mounted on.
+# DEVICE is the device of the device partition.
+# PARTNR is the device partition number used for parted.
+#
+VERSION=$(get_version)
+DEVICEPART=$(mount | grep $VERSION/grub | cut -d' ' -f1 | rev | cut -d'/' -f1 | rev)
+DEVICEPATH=$(mount | grep $VERSION/grub | cut -d' ' -f1 | rev | cut -d'/' -f2- | rev)
+DEVICE=$(lsblk -no pkname $DEVICEPATH/$DEVICEPART)
+PARTNR=$(grep -c $DEVICEPART /proc/partitions)
+
+#
+# Check if the device really exits.
+#
+fdisk -l $DEVICEPATH/$DEVICE >> /dev/null 2>&1 || (echo "could not find device $DEVICE" && exit 1)
+
+#
+# START is the partition starting sector.
+# CURSIZE is the partition start sector + the partition end sector.
+# MAXSIZE is the device end sector.
+#
+START=$(cat /sys/block/$DEVICE/$DEVICEPART/start)
+CURSIZE=$(($START+$(cat /sys/block/$DEVICE/$DEVICEPART/size)))
+MAXSIZE=$(($(cat /sys/block/$DEVICE/size)-8))
+
+#
+# Check if the device size is larger then the partition size
+# and if that is the case, resize the partition and grow the filesystem.
+#
+if [ $MAXSIZE -gt $CURSIZE ]; then
+parted "${DEVICEPATH}/${DEVICE}" ---pretend-input-tty > /dev/null 2>&1 <<EOF
+unit
+s
+resizepart
+${PARTNR}
+Yes
+"$MAXSIZE"
+quit
+EOF
+  partprobe > /dev/null 2>&1
+  resize2fs ${DEVICEPATH}/$DEVICEPART > /dev/null 2>&1
+fi
+
diff --git a/src/services/api/graphql/README.graphql b/src/services/api/graphql/README.graphql
index a04138010..580c0eb7f 100644
--- a/src/services/api/graphql/README.graphql
+++ b/src/services/api/graphql/README.graphql
@@ -25,7 +25,7 @@ mutation {
   createDhcpServer(data: {sharedNetworkName: "BOB",
                           subnet: "192.168.0.0/24",
                           defaultRouter: "192.168.0.1",
-                          dnsServer: "192.168.0.1",
+                          nameServer: "192.168.0.1",
                           domainName: "vyos.net",
                           lease: 86400,
                           range: 0,
diff --git a/src/services/api/graphql/graphql/schema/dhcp_server.graphql b/src/services/api/graphql/graphql/schema/dhcp_server.graphql
index a7ee75d40..9f741a0a5 100644
--- a/src/services/api/graphql/graphql/schema/dhcp_server.graphql
+++ b/src/services/api/graphql/graphql/schema/dhcp_server.graphql
@@ -2,7 +2,7 @@ input dhcpServerConfigInput {
     sharedNetworkName: String
     subnet: String
     defaultRouter: String
-    dnsServer: String
+    nameServer: String
     domainName: String
     lease: Int
     range: Int
@@ -17,7 +17,7 @@ type dhcpServerConfig {
     sharedNetworkName: String
     subnet: String
     defaultRouter: String
-    dnsServer: String
+    nameServer: String
     domainName: String
     lease: Int
     range: Int
diff --git a/src/services/api/graphql/recipes/templates/dhcp_server.tmpl b/src/services/api/graphql/recipes/templates/dhcp_server.tmpl
index 629ce83c1..70de43183 100644
--- a/src/services/api/graphql/recipes/templates/dhcp_server.tmpl
+++ b/src/services/api/graphql/recipes/templates/dhcp_server.tmpl
@@ -1,5 +1,5 @@
 set service dhcp-server shared-network-name {{ shared_network_name }} subnet {{ subnet }} default-router {{ default_router }}
-set service dhcp-server shared-network-name {{ shared_network_name }} subnet {{ subnet }} dns-server {{ dns_server }}
+set service dhcp-server shared-network-name {{ shared_network_name }} subnet {{ subnet }} name-server {{ name_server }}
 set service dhcp-server shared-network-name {{ shared_network_name }} subnet {{ subnet }} domain-name {{ domain_name }}
 set service dhcp-server shared-network-name {{ shared_network_name }} subnet {{ subnet }} lease {{ lease }}
 set service dhcp-server shared-network-name {{ shared_network_name }} subnet {{ subnet }} range {{ range }} start {{ start }}