From 2cee4be6641cea69fdf4319d4d106723242ba1ba Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Tue, 25 Feb 2020 09:58:12 +0100 Subject: pppoe: T1318: validate existing source-interface It is not only sufficient to check if there is a source-interface configured, but rather it must also be checked if the source-interface exists at all in the system. If the interface does not exist pppd will complain with: pppd[2778]: /usr/sbin/pppd: In file /etc/ppp/peers/pppoe1: unrecognized option 'eth0.202' --- src/conf_mode/interfaces-pppoe.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/conf_mode/interfaces-pppoe.py b/src/conf_mode/interfaces-pppoe.py index cb09b6f29..2bfabd9d5 100755 --- a/src/conf_mode/interfaces-pppoe.py +++ b/src/conf_mode/interfaces-pppoe.py @@ -209,6 +209,9 @@ def verify(pppoe): if not pppoe['source_interface']: raise ConfigError('PPPoE source interface is missing') + if pppoe['source_interface'] not in interfaces(): + raise ConfigError('PPPoE source interface does not exist') + return None def generate(pppoe): -- cgit v1.2.3 From 920cfc3b15c78d596a929bb4b8835c7bbd7d1a50 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Tue, 25 Feb 2020 11:10:47 +0100 Subject: pppoe: T2055: make logfile owned by root/vyattacfg --- src/conf_mode/interfaces-pppoe.py | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/src/conf_mode/interfaces-pppoe.py b/src/conf_mode/interfaces-pppoe.py index 2bfabd9d5..52f0dde53 100755 --- a/src/conf_mode/interfaces-pppoe.py +++ b/src/conf_mode/interfaces-pppoe.py @@ -21,6 +21,8 @@ from copy import deepcopy from jinja2 import Template from subprocess import Popen, PIPE from time import sleep +from pwd import getpwnam +from grp import getgrnam from vyos.config import Config from vyos.ifconfig import Interface @@ -71,7 +73,7 @@ persist ifname {{ intf }} ipparam {{ intf }} debug -logfile /var/log/vyatta/ppp_{{ intf }}.log +logfile {{ logfile }} {% if 'auto' in default_route -%} defaultroute {% elif 'force' in default_route -%} @@ -91,6 +93,8 @@ usepeerdns """ +PPP_LOGFILE = '/var/log/vyatta/ppp_{}.log' + default_config_data = { 'access_concentrator': '', 'auth_username': '', @@ -105,6 +109,7 @@ default_config_data = { 'ipv6_autoconf': False, 'ipv6_enable': False, 'local_address': '', + 'logfile': '', 'mtu': '1492', 'name_server': True, 'remote_address': '', @@ -124,6 +129,7 @@ def get_config(): # determine tagNode instance try: pppoe['intf'] = os.environ['VYOS_TAGNODE_VALUE'] + pppoe['logfile'] = PPP_LOGFILE.format(pppoe['intf']) except KeyError as E: print("Interface not specified") @@ -241,7 +247,12 @@ def apply(pppoe): return None if not pppoe['disable']: - # Dial PPPoE connection + # make logfile owned by root / vyattacfg + uid = getpwnam('root').pw_uid + gid = getgrnam('vyattacfg').gr_gid + os.chown(pppoe['logfile'], uid, gid) + + # dial PPPoE connection cmd = 'systemctl start ppp@{}.service'.format(pppoe['intf']) subprocess_cmd(cmd) -- cgit v1.2.3 From fb729b40ada105636abdfa5371a2079216c127bc Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Tue, 25 Feb 2020 11:16:29 +0100 Subject: gitignore: fix ignore pattern of all debhelper files --- .gitignore | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index d89bf1cdc..e7c769aaa 100644 --- a/.gitignore +++ b/.gitignore @@ -117,9 +117,9 @@ debian/debhelper-build-stamp debian/.debhelper/ debian/vyos-1x debian/vyos-1x-vmware -debian/vyos-1x.postinst.debhelper -debian/vyos-1x.prerm.debhelper -debian/vyos-1x.substvars +debian/*.postinst.debhelper +debian/*.prerm.debhelper +debian/*.substvars # Sonar Cloud .scannerwork -- cgit v1.2.3 From bfe06683fd7dd50abc2ad5067a598f4ecf6b9a19 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Tue, 25 Feb 2020 11:16:35 +0100 Subject: pppoe: T2070: rewrite (dis-)connect op-mode commands in XML and Python --- op-mode-definitions/connect-disconnect.xml | 35 +++++++++++ src/op_mode/connect_disconnect.py | 98 ++++++++++++++++++++++++++++++ 2 files changed, 133 insertions(+) create mode 100644 op-mode-definitions/connect-disconnect.xml create mode 100755 src/op_mode/connect_disconnect.py diff --git a/op-mode-definitions/connect-disconnect.xml b/op-mode-definitions/connect-disconnect.xml new file mode 100644 index 000000000..77c334180 --- /dev/null +++ b/op-mode-definitions/connect-disconnect.xml @@ -0,0 +1,35 @@ + + + + + Establish a connection + + + + + Bring up a connection-oriented network interface + + + + + sudo ${vyos_op_scripts_dir}/connect_disconnect.py --connect "$3" + + + + + + Take down a connection + + + + + Take down a connection-oriented network interface + + + + + sudo ${vyos_op_scripts_dir}/connect_disconnect.py --disconnect "$3" + + + + diff --git a/src/op_mode/connect_disconnect.py b/src/op_mode/connect_disconnect.py new file mode 100755 index 000000000..a22615096 --- /dev/null +++ b/src/op_mode/connect_disconnect.py @@ -0,0 +1,98 @@ +#!/usr/bin/env python3 +# +# Copyright (C) 2020 VyOS maintainers and contributors +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 or later as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +import os +import argparse + +from sys import exit +from psutil import process_iter +from time import strftime, localtime, time + +PPP_LOGFILE = '/var/log/vyatta/ppp_{}.log' + +def check_interface(interface): + if not os.path.isfile('/etc/ppp/peers/{}'.format(interface)): + print('Interface {}: invalid!'.format(interface)) + exit(1) + +def check_ppp_running(interface): + """ + Check if ppp process is running in the interface in question + """ + for p in process_iter(): + if "pppd" in p.name(): + if interface in p.cmdline(): + return True + + return False + +def connect(interface): + """ + Connect PPP interface + """ + check_interface(interface) + + # Check if interface is already dialed + if os.path.isdir('/sys/class/net/{}'.format(interface)): + print('Interface {}: already connected!'.format(interface)) + elif check_ppp_running(interface): + print('Interface {}: connection is beeing established!'.format(interface)) + else: + print('Interface {}: connecting...'.format(interface)) + user = os.environ['SUDO_USER'] + tm = strftime("%a %d %b %Y %I:%M:%S %p %Z", localtime(time())) + with open(PPP_LOGFILE.format(interface), 'a') as f: + f.write('{}: user {} started PPP daemon for {} by connect command\n'.format(tm, user, interface)) + cmd = 'umask 0; setsid sh -c "nohup /usr/sbin/pppd call {0} > /tmp/{0}.log 2>&1 &"'.format(interface) + os.system(cmd) + + +def disconnect(interface): + """ + Disconnect PPP interface + """ + check_interface(interface) + + # Check if interface is already down + if not check_ppp_running(interface): + print('Interface {}: connection is already down'.format(interface)) + else: + print('Interface {}: disconnecting...'.format(interface)) + user = os.environ['SUDO_USER'] + tm = strftime("%a %d %b %Y %I:%M:%S %p %Z", localtime(time())) + with open(PPP_LOGFILE.format(interface), 'a') as f: + f.write('{}: user {} stopped PPP daemon for {} by disconnect command\n'.format(tm, user, interface)) + cmd = '/usr/bin/poff "{}"'.format(interface) + os.system(cmd) + +def main(): + parser = argparse.ArgumentParser() + group = parser.add_mutually_exclusive_group() + group.add_argument("--connect", help="Bring up a connection-oriented network interface", action="store") + group.add_argument("--disconnect", help="Take down connection-oriented network interface", action="store") + args = parser.parse_args() + + if args.connect: + connect(args.connect) + elif args.disconnect: + disconnect(args.disconnect) + else: + parser.print_help() + + exit(0) + +if __name__ == '__main__': + main() -- cgit v1.2.3