| Age | Commit message (Collapse) | Author |
|---|
|
1. When a PPPoE session is connected, `pppd` will update
`/etc/resolv.conf` regardless of `system name-server` option unless `no-peer-dns` is set.
This is because `pppd` vendors scripts `/etc/ppp/ip-up.d/0000usepeerdns` and `/etc/ppp/ip-down.d/0000usepeerdns`,
which updates `/etc/resolv.conf` on PPPoE connection and reverts the change on disconnection.
This PR removes those scripts and adds custom scripts to update name server entries through `vyos-hostsd` instead.
2. There is a typo in `/etc/dhcp/dhclient-enter-hooks.d/04-vyos-resolvconf, which misspells variable name `new_dhcp6_name_servers` as `new_dhcpv6_name_servers`.
This causes IPv6 name server entries in `vyos-hostsd` not updated
when dhclient receives nameservers from DHCPv6.
3. Regular expressions in scripts under `/etc/dhcp/dhclient-enter-hooks.d` and
`/etc/dhcp/dhclient-exit-hooks.d/` are not enclosed in `^$`, so those
IPv4 related branches (like `BOUND`) could be mistakenly executed when an IPv6
reason (like `BOUND6`) is given.
|
|
|
|
Using humps.decamelize in vyos.opmode requires python3-pyhumps to be a
build dependency for the nosetest test_op_mode.py.
|
|
humps Convert strings (and dictionary keys) between snake case,
camel case and pascal case in Python
% decamelize('superTCPOption')
'super_tcp_option'
%
% decamelize({'ParamOption': 'one', 'fooBarBaz': True})
{'param_option': 'one', 'foo_bar_baz': True}
%
|
|
|
|
Turns out a local installation of a package using "dpkg -i" differs when
assembling an ISO using live-build. The previous version worked when using
"dpkg -i" but it failed hard (no login possible) during ISO build.
This has been fixed by using double quotes.
|
|
|
|
In order to properly retrieve JSON information in the Smoketests for the new
QoS implementation we need a recent (>6.0) version of iproute2. This requires
the libbpf-dev package and this small source-code change.
|
|
Commit da535ef5 ("login: 2fa: T874: fix Google authenticator issues") used
different strings for grep and sed resulting in the same line beeing added on
every installation of the package.
This is only disturbing during development not during ISO build.
|
|
Move default values of TOTP configuration from a global to a per user setting.
This makes the entire code easier as no global configuration must be blended
into the per user config dict.
Also it should be possible to set the authentication window "multiple concurrent
keys" individual per user.
set system login user vyos authentication otp key 'gzkmajid7na2oltajs4kbuq7lq'
set system login user vyos authentication plaintext-password 'vyos'
|
|
|
|
system login: T874: add 2FA support for local and ssh authentication
|
|
|
|
|
|
support
|
|
|
|
|
|
in /run/powerdns
|
|
|
|
|
|
|
|
|
|
After discussion with @zsdc this was decided the better long term fix
* Removes hourly logrotate cron in favour of systemd timer override
|
|
Allows easy creation of test PKI objects using `vyos.pki` module
Generates objects for PKI migration tests
|
|
OWAMP is a command line client application and a policy daemon used
to determine one way latencies between hosts.
OWAMP session control uses traditional client-server communication
between a control-client and a server,
TWAMP (two-way active measurement protocol)
Add configuration and operation modes
set service sla owamp-server
set service sla twamp-server
run force owping 192.0.2.120
run force twping 192.0.2.190
|
|
|
|
|
|
|
|
* Removed `/var/log/auth.log` and `/var/log/messages` from
`/etc/logrotate.d/rsyslog`, because they conflict with VyOS-controlled
items what leads to service error.
* Removed generation config file for `/var/log/messages` from
`system-syslog.py` - this should be done from `syslom logs` now.
* Generate each logfile from `system syslog file` to a dedicated
logrotate config file.
* Fixed logrotate config file names in
`/etc/rsyslog.d/vyos-rsyslog.conf`.
* Added default logrotate settins for `/var/log/messages`
|
|
|
|
|
|
|
|
upnpd: T3420: Support UPNP protocol
|
|
|
|
monitoring: T3872: Add a new feature service monitoring
|
|
|
|
|
|
(cherry picked from commit eb6247e4b464c36fa7441627b221d0db39429251)
|
|
|
|
The systemd unit for atop service is changed, so the log file name and
location will be always the same. It also adds the logrotate
configuration to conditionally rotate a log file.
Hardcoded values:
- maximum log file size: 10 MB
- maximum count of files: 10
These values can be easily changed within the
`/etc/logrotate.d/vyos-atop`, no additional configuration is required.
Rotation will be done hourly, if necessary, according to
`/etc/cron.hourly/vyos-logrotate-hourly`.
This change has two benefits:
- rotation strategy control can be done via logrotate, and can be
exposed to CLI now;
- the total size of all logs is now controlled more aggressively, so
the chance to get a situation when atop logs took all the space on a
drive is significantly lower. Also, if this will be necessary, rotation
may be done even each minute what reduces risks related to logs size
even more.
|
|
|
|
|
|
|
|
|
|
|
|
Now that MSS clamping is done on the "per-interface" level the entire PPPoE
stuff would have needed to get a full copy in GNU BASH for this or, participate
in the common library.
Add a new PPP ip-up script named 99-vyos-pppoe-callback which will call the
vyos.ifconfig.PPPoEIf.update() function to configure everything as done with
all other interfaces. This removes duplicated code for VRF assignment and route
installation when a PPPoE interface is brought up or down.
|
|
Skip dh_strip_nondeterminism - this is very time consuming and we have no non
deterministic output (yet).
|
|
Fixes the following error:
vyos@vyos:~$ podman logs 2511d118563f
WARN[0000] The cgroupv2 manager is set to systemd but there is no systemd user session available
WARN[0000] For using systemd, you may need to login using an user session
WARN[0000] Alternatively, you can enable lingering with: `loginctl enable-linger 1002` (possibly as root)
WARN[0000] Falling back to --cgroup-manager=cgroupfs
Error: cannot find newuidmap: exec: "newuidmap": executable file not found in $PATH
|
|
|
|
|
