summaryrefslogtreecommitdiff
path: root/src/etc
AgeCommit message (Collapse)Author
2021-11-09atop: T3774: Atop log file rotation fixzsdc
The systemd unit for atop service is changed, so the log file name and location will be always the same. It also adds the logrotate configuration to conditionally rotate a log file. Hardcoded values: - maximum log file size: 10 MB - maximum count of files: 10 These values can be easily changed within the `/etc/logrotate.d/vyos-atop`, no additional configuration is required. Rotation will be done hourly, if necessary, according to `/etc/cron.hourly/vyos-logrotate-hourly`. This change has two benefits: - rotation strategy control can be done via logrotate, and can be exposed to CLI now; - the total size of all logs is now controlled more aggressively, so the chance to get a situation when atop logs took all the space on a drive is significantly lower. Also, if this will be necessary, rotation may be done even each minute what reduces risks related to logs size even more.
2021-11-01Merge branch 'current' into T3350-sagittazdc
2021-10-31console: udev: T3954: adjust rule script to new systemd-udev versionChristian Poessinger
We can no longer use bash veriable string code vor string manipulation. Move to a more robust "cut" implementation.
2021-10-25dhclient: T3940: Added lease file argument to the `dhclient -x` callzsdc
When `dhclient` with the `-x` option is used to stop running DHCP client with a lease file that is not the same as in the new `dhclient` process, it requires a `-lf` argument with a path to the old lease file to find information about old/active leases and process them according to instructions and config. This commit adds the option to the `02-vyos-stopdhclient` hook, which allows to properly process `dhclient` instances started in different ways.
2021-10-21dhclient hooks: T3920: avoid 'too many args' error when no vrfRoss Dougherty
(cherry picked from commit 67b3dd6b4715fef266eb47e68623944f8be617e0)
2021-10-20mdns: T3917: move avahi configuration file to /runChristian Poessinger
2021-10-04OpenVPN: T3350: Changed custom options for OpenVPN processingzsdc
Custom OpenVPN options moved back to the command line from a configuration file. This should keep full compatibility with the `crux` branch, and allows to avoid mistakes with parsing options that contain `--` in the middle. The only smart part of this - handling a `push` option. Because of internal changes in OpenVPN, previously it did not require an argument in the double-quotes, but after version update in `equuleus` and `sagitta` old syntax became invalid. So, all the `push` options are processed to add quotes. The solution is still not complete, because if a single config line contains `push` with other options, it will not work, but it is better than nothing.
2021-09-30interface-names: T3869: update udev rulesJohn Estabrook
2021-09-25ipsec: T2816: ipsec-dhclient-hook should only run if swanctl.conf existsChristian Poessinger
2021-09-25ipsec: T2816: ipsec-dhclient-hook should use exit(0)Christian Poessinger
2021-09-25ipsec: T2816: ipsec-dhclient-hook should use vyos.util.read_file() / ↵Christian Poessinger
write_file()
2021-09-21vrrp: keepalived: T3847: migrate to get_config_dict()Christian Poessinger
2021-09-21vrrp: keepalived: T616: move configuration to volatile /run directoryChristian Poessinger
Move keepalived configuration from /etc/keepalived to /run/keepalived.
2021-09-19ipsec: T1441: Clean up vti-up-down script for XFRM interfacesLucas Christian
2021-09-08openvpn: T3805: drop privileges using systemd - required for rtnetlinkChristian Poessinger
2021-08-26ipsec: T3780: shutting down vti when tunnel is downkrox2
2021-08-23container: T2216: increase sysctl inotify watchersChristian Poessinger
2021-08-21pppoe: T3090: migrate to vyos.ifconfig library to use the full potentialChristian Poessinger
Now that MSS clamping is done on the "per-interface" level the entire PPPoE stuff would have needed to get a full copy in GNU BASH for this or, participate in the common library. Add a new PPP ip-up script named 99-vyos-pppoe-callback which will call the vyos.ifconfig.PPPoEIf.update() function to configure everything as done with all other interfaces. This removes duplicated code for VRF assignment and route installation when a PPPoE interface is brought up or down.
2021-08-21udev: T2490: fix substitution error reported by udevChristian Poessinger
2021-08-12login: T3746: inform users about pending rebootsChristian Poessinger
2021-08-09ipsec: T3720: assigning vti secondary address caused interface in A/D stateChristian Poessinger
2021-07-31sysctl: T3716: remove IPv4/6 routes from FIB when link goes downChristian Poessinger
For more information see: * https://programmersought.com/article/62242485344/ * https://www.spinics.net/lists/netdev/msg332453.html * https://github.com/FRRouting/frr/blob/master/doc/user/Useful_Sysctl_Settings.md
2021-07-31sysctl: T671: add missing net.ipv6.route.skip_notify_on_dev_down settingChristian Poessinger
Recommended by FRR best deafults https://github.com/FRRouting/frr/blob/master/doc/user/Useful_Sysctl_Settings.md
2021-07-15vyos-1x-vmware: T3682: remove dhclient from ether-resume.pyYun Zheng Hu
dhclient is already handled by netplug so it's removed to avoid double renewing of dhcp leases.
2021-06-26Import configuration files from vyatta-cfg-systemChristian Poessinger
2021-06-26Import sudoers configuration from vyatta-cfg-systemChristian Poessinger
2021-06-26Revert "ipsec: T3643: move swanctl.conf to /run"Christian Poessinger
This reverts commit 95bbbb8bed92a60a320ff255c8b8656145f3c540.
2021-06-24ipsec: T3643: move swanctl.conf to /runChristian Poessinger
This is the completion of commit 50a742b5 ("IPSec: T3643: Fix path for swanctl.conf file") that moves the generated swanctl file from non-volatile to a volatile (tmpfs backed) storage like we do for all out configuration files. Thus it is ensured after a reboot or service deprecation there are no accidential leftovers from previous configurations stored on the system.
2021-06-24systemd: lcdproc: T3641: override upstream filesChristian Poessinger
Debian Bullseye ships an upstream version of lcdproc.service which infact will start LCDd instead of the lcdproc client. Divert the Debian Upstream service file and use the ones provided by vyos-1x.
2021-06-24systemd: radvd: T3641: empty ConditionPathExists variableChristian Poessinger
The variable ConditionPathExists is now set in the upstream systemd unit file, thus the VyOS generated unit file is located under /run/radvd/radvd.conf and the condition won't match. This can be solved by first clearing the upstream value for ConditionPathExists and the set the new path.
2021-06-21Revert "vmware: add tools.conf"Christian Poessinger
This reverts commit b776edb38a4755be76e965ca719e9428bcc570e6.
2021-06-20T3641: file /etc/ppp/ip-pre-up is already provided by ppp packageChristian Poessinger
2021-06-20vmware: add tools.confChristian Poessinger
2021-06-18import cron.hourly script from vyatta-cfg-systemChristian Poessinger
2021-06-15ipsec: T2816: T645: T3613: Migrated IPsec to swanctl, includes multiple ↵sarthurdev
selectors, and selectors with VTI.
2021-06-13wwan: T3620: rename "wirelessmodem wlm" interfaces to new wwan interface treeChristian Poessinger
2021-06-12ipsec: T1501: T3617: Add handling for missing addresses on boot when using ↵sarthurdev
dhcp-interface
2021-06-10wwan: T3611: switch to qmi/mbim modeChristian Poessinger
2021-06-10ipsec: T2816: add .py extenstion to dhclient helper script for processingChristian Poessinger
dhclient fails to execute the script without the extension.
2021-06-07nhrp: T3599: Update config path to new /run directorysarthurdev
2021-06-06nhrp: T3599: Migrate NHRP to XML/Pythonsarthurdev
2021-05-29vti: ipsec: T2816: Fix vti-up-downsarthurdev
2021-05-28ipsec: T2816: drop absolute path on calls to iproute2Christian Poessinger
2021-05-28ipsec: T2816: fix executable permission on vti-up-down helperChristian Poessinger
2021-05-28ipsec: T2816: IPSec python rework, includes DMVPN and VTI supportSimon
2021-05-18vmware: T3525: fix invocation of resume scriptChristian Poessinger
Commit dce67433 ("util: T2226: rewrite resume-vm to use run") changed the way in which the script executed system binaries in a way which could not be processes by the underlayin infrastructure (lists are not supported, only strings).
2021-05-18vmware: T1028: properly expose syslog identityChristian Poessinger
2021-05-14conntrack: T3535: migrate codebase from vyatta-conntrack-syncChristian Poessinger
2021-04-20dhclient: T3471: Fixed process search for IPv4zsdc
Some software starts dhclient without IP protocol flag (`-4`, `-6`), this commit adds the ability to find such processes as well as with a protocol flag. Additionally, to handle rare situations when PID file may not exists (most likely, when multiple dhclient processes started with the same PID file path), added last-resort action to kill such dhclients.
2021-04-15dhclient: T3392: Changed dhclient-script hooks for VRFzsdc
There were two problems with VRF support inside dhclient-script: - VRF check inside the `01-vyos-cleanup` hook was needless because it will be done inside the `03-vyos-ipwrapper` anyway; - VRF was ignored for in-kernel routes in `03-vyos-ipwrapper`. Theoretically, there must be no situation now when this can leads to a real problem, but better will be to keep both kernel and FRR backends in sync. Also, the way to get and use a VRF name was changed to an easier one.