From fc03e0fdf3e7389ee668d66cf7224df2aaaaa95b Mon Sep 17 00:00:00 2001
From: John Estabrook <jestabro@sentrium.io>
Date: Mon, 25 Nov 2019 10:13:00 -0600
Subject: T1824: set write permissions for cfg_group on vyos-migrate.log
---
python/vyos/migrator.py | 2 ++
1 file changed, 2 insertions(+)
diff --git a/python/vyos/migrator.py b/python/vyos/migrator.py
index 86e1af183..281c247db 100644
--- a/python/vyos/migrator.py
+++ b/python/vyos/migrator.py
@@ -80,6 +80,8 @@ class Migrator(object):
"""
self._log_file = os.path.join(vyos.defaults.directories['config'],
'vyos-migrate.log')
+ # on creation, allow write permission for cfg_group
+ os.umask(0o113)
try:
log = open('{0}'.format(self._log_file), 'w')
log.write("List of executed migration scripts:\n")
--
cgit v1.2.3
From 3d2cdbdbaadc5a6c7ad50254f61744c222dae438 Mon Sep 17 00:00:00 2001
From: John Estabrook <jestabro@sentrium.io>
Date: Mon, 25 Nov 2019 14:07:43 -0600
Subject: T1824: restore original umask
---
python/vyos/migrator.py | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/python/vyos/migrator.py b/python/vyos/migrator.py
index 281c247db..f05228041 100644
--- a/python/vyos/migrator.py
+++ b/python/vyos/migrator.py
@@ -80,15 +80,18 @@ class Migrator(object):
"""
self._log_file = os.path.join(vyos.defaults.directories['config'],
'vyos-migrate.log')
- # on creation, allow write permission for cfg_group
- os.umask(0o113)
+ # on creation, allow write permission for cfg_group;
+ # restore original umask on exit
+ mask = os.umask(0o113)
try:
log = open('{0}'.format(self._log_file), 'w')
log.write("List of executed migration scripts:\n")
except Exception as e:
+ os.umask(mask)
print("Logging error: {0}".format(e))
return None
+ os.umask(mask)
return log
def run_migration_scripts(self, config_file_versions, system_versions):
--
cgit v1.2.3
From 679b23dcc20e1244eb06bb3c91b42fd7bf217fc0 Mon Sep 17 00:00:00 2001
From: hagbard <vyosdev@derith.de>
Date: Wed, 27 Nov 2019 15:05:53 -0800
Subject: syslog: typo fixed
---
interface-definitions/syslog.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/interface-definitions/syslog.xml b/interface-definitions/syslog.xml
index 3c8d2ebe2..0f9d600d9 100644
--- a/interface-definitions/syslog.xml
+++ b/interface-definitions/syslog.xml
@@ -292,7 +292,7 @@
</valueHelp>
<valueHelp>
<format>tcp</format>
- <description>send log messages to remote syslog server over tdp</description>
+ <description>send log messages to remote syslog server over tcp</description>
</valueHelp>
</properties>
</leafNode>
--
cgit v1.2.3
From 9b7f11bd469d788292d0c5461adabdd5a3fed87b Mon Sep 17 00:00:00 2001
From: zdc <zdc@users.noreply.github.com>
Date: Thu, 28 Nov 2019 09:17:14 +0200
Subject: dhcp-serverr: T1825: replaced DHCP configuration error message
Previous one DHCP configuration error message does not point that DHCP server work only with primary IP address on interface.
---
src/conf_mode/dhcp_server.py | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/conf_mode/dhcp_server.py b/src/conf_mode/dhcp_server.py
index af803a696..c2a188812 100755
--- a/src/conf_mode/dhcp_server.py
+++ b/src/conf_mode/dhcp_server.py
@@ -793,9 +793,9 @@ def verify(dhcp):
raise ConfigError('DHCP conflicting subnet ranges: {0} overlaps {1}'.format(net, net2))
if not listen_ok:
- raise ConfigError('None of the DHCP lease subnets are inside any configured subnet on\n' \
- 'broadcast interfaces. At least one lease subnet must be set such that\n' \
- 'DHCP server listens on a one broadcast interface!')
+ raise ConfigError('DHCP server configuration error!\n' \
+ 'None of configured DHCP subnets does not have appropriate\n' \
+ 'primary IP address on any broadcast interface.')
return None
--
cgit v1.2.3
From dad110ce666edae42ac18c59a800bda503589f27 Mon Sep 17 00:00:00 2001
From: hagbard <vyosdev@derith.de>
Date: Thu, 28 Nov 2019 08:53:54 -0800
Subject: syslog: T1828: implemented missing completion help and add input
constraints
syslog: Improved constraint for host/IP check
---
interface-definitions/syslog.xml | 53 +++++++++++++++++++++++++++++++++++++---
1 file changed, 50 insertions(+), 3 deletions(-)
diff --git a/interface-definitions/syslog.xml b/interface-definitions/syslog.xml
index 0f9d600d9..d5ea4511e 100644
--- a/interface-definitions/syslog.xml
+++ b/interface-definitions/syslog.xml
@@ -27,6 +27,10 @@
<completionHelp>
<list>auth authpriv cron daemon kern lpr mail mark news protocols security syslog user uucp local0 local1 local2 local3 local4 local5 local6 local7 all</list>
</completionHelp>
+ <constraint>
+ <regex>(auth|authpriv|cron|daemon|kern|lpr|mail|mark|news|protocols|security|syslog|user|uucp|local0|local1|local2|local3|local4|local5|local6|local7|all)</regex>
+ </constraint>
+ <constraintErrorMessage>Invalid facility type</constraintErrorMessage>
<valueHelp>
<format>all</format>
<description>All facilities excluding "mark"</description>
@@ -127,6 +131,10 @@
<completionHelp>
<list>emerg alert crit err warning notice info debug all</list>
</completionHelp>
+ <constraint>
+ <regex>(emerg|alert|crit|err|warning|notice|info|debug|all)</regex>
+ </constraint>
+ <constraintErrorMessage>Invalid loglevel</constraintErrorMessage>
<valueHelp>
<format>emerg</format>
<description>Emergency messages</description>
@@ -173,10 +181,10 @@
<properties>
<help>Logging to a remote host</help>
<constraint>
- <!-- at least let's make sure whitespace isn't allowed, ideally it should be checked for IPv4/IPv6 address or fqdn/hostname -->
- <regex>[^ ]{1,63}</regex>
+ <validator name="ip-address" />
+ <regex>(?=^.{4,253}$)(^((?!-)[a-zA-Z0-9-]{0,62}[a-zA-Z0-9]\.)+[a-zA-Z]{2,63}$)</regex>
</constraint>
- <constraintErrorMessage>illegal characters in user</constraintErrorMessage>
+ <constraintErrorMessage>Invalid host FQDN or IP address</constraintErrorMessage>
<valueHelp>
<format>x.x.x.x or host.domain.tld</format>
<description>Remote host name or IP address</description>
@@ -189,6 +197,10 @@
<completionHelp>
<list>auth authpriv cron daemon kern lpr mail mark news protocols security syslog user uucp local0 local1 local2 local3 local4 local5 local6 local7 all</list>
</completionHelp>
+ <constraint>
+ <regex>(auth|authpriv|cron|daemon|kern|lpr|mail|mark|news|protocols|security|syslog|user|uucp|local0|local1|local2|local3|local4|local5|local6|local7|all)</regex>
+ </constraint>
+ <constraintErrorMessage>Invalid facility type</constraintErrorMessage>
<valueHelp>
<format>all</format>
<description>All facilities excluding "mark"</description>
@@ -294,6 +306,13 @@
<format>tcp</format>
<description>send log messages to remote syslog server over tcp</description>
</valueHelp>
+ <completionHelp>
+ <list>udp tcp</list>
+ </completionHelp>
+ <constraint>
+ <regex>(udp|tcp)</regex>
+ </constraint>
+ <constraintErrorMessage>invalid protocol name</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="level">
@@ -302,6 +321,10 @@
<completionHelp>
<list>emerg alert crit err warning notice info debug all</list>
</completionHelp>
+ <constraint>
+ <regex>(emerg|alert|crit|err|warning|notice|info|debug|all)</regex>
+ </constraint>
+ <constraintErrorMessage>Invalid loglevel</constraintErrorMessage>
<valueHelp>
<format>emerg</format>
<description>Emergency messages</description>
@@ -380,6 +403,10 @@
<completionHelp>
<list>auth authpriv cron daemon kern lpr mail mark news protocols security syslog user uucp local0 local1 local2 local3 local4 local5 local6 local7 all</list>
</completionHelp>
+ <constraint>
+ <regex>(auth|authpriv|cron|daemon|kern|lpr|mail|mark|news|protocols|security|syslog|user|uucp|local0|local1|local2|local3|local4|local5|local6|local7|all)</regex>
+ </constraint>
+ <constraintErrorMessage>Invalid facility type</constraintErrorMessage>
<valueHelp>
<format>all</format>
<description>All facilities excluding "mark"</description>
@@ -480,6 +507,10 @@
<completionHelp>
<list>emerg alert crit err warning notice info debug all</list>
</completionHelp>
+ <constraint>
+ <regex>(emerg|alert|crit|err|warning|notice|info|debug|all)</regex>
+ </constraint>
+ <constraintErrorMessage>Invalid loglevel</constraintErrorMessage>
<valueHelp>
<format>emerg</format>
<description>Emergency messages</description>
@@ -583,6 +614,10 @@
<completionHelp>
<list>auth authpriv cron daemon kern lpr mail mark news protocols security syslog user uucp local0 local1 local2 local3 local4 local5 local6 local7 all</list>
</completionHelp>
+ <constraint>
+ <regex>(auth|authpriv|cron|daemon|kern|lpr|mail|mark|news|protocols|security|syslog|user|uucp|local0|local1|local2|local3|local4|local5|local6|local7|all)</regex>
+ </constraint>
+ <constraintErrorMessage>Invalid facility type</constraintErrorMessage>
<valueHelp>
<format>all</format>
<description>All facilities excluding "mark"</description>
@@ -683,6 +718,10 @@
<completionHelp>
<list>emerg alert crit err warning notice info debug all</list>
</completionHelp>
+ <constraint>
+ <regex>(emerg|alert|crit|err|warning|notice|info|debug|all)</regex>
+ </constraint>
+ <constraintErrorMessage>Invalid loglevel</constraintErrorMessage>
<valueHelp>
<format>emerg</format>
<description>Emergency messages</description>
@@ -736,6 +775,10 @@
<completionHelp>
<list>auth authpriv cron daemon kern lpr mail mark news protocols security syslog user uucp local0 local1 local2 local3 local4 local5 local6 local7 all</list>
</completionHelp>
+ <constraint>
+ <regex>(auth|authpriv|cron|daemon|kern|lpr|mail|mark|news|protocols|security|syslog|user|uucp|local0|local1|local2|local3|local4|local5|local6|local7|all)</regex>
+ </constraint>
+ <constraintErrorMessage>Invalid facility type</constraintErrorMessage>
<valueHelp>
<format>all</format>
<description>All facilities excluding "mark"</description>
@@ -836,6 +879,10 @@
<completionHelp>
<list>emerg alert crit err warning notice info debug all</list>
</completionHelp>
+ <constraint>
+ <regex>(emerg|alert|crit|err|warning|notice|info|debug|all)</regex>
+ </constraint>
+ <constraintErrorMessage>Invalid loglevel</constraintErrorMessage>
<valueHelp>
<format>emerg</format>
<description>Emergency messages</description>
--
cgit v1.2.3