From e632ed4b5409f955add4dab100bc7fa556606eb1 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 17 Jul 2022 21:29:29 +0200 Subject: login: T4536: add all accounts to frr group --- debian/vyos-1x.postinst | 2 ++ src/conf_mode/system-login.py | 2 +- src/etc/systemd/system/frr.service.d/override.conf | 11 +++++++++++ 3 files changed, 14 insertions(+), 1 deletion(-) create mode 100644 src/etc/systemd/system/frr.service.d/override.conf diff --git a/debian/vyos-1x.postinst b/debian/vyos-1x.postinst index 1ca6687a3..da935bd4c 100644 --- a/debian/vyos-1x.postinst +++ b/debian/vyos-1x.postinst @@ -13,6 +13,7 @@ if ! grep -q '^minion' /etc/passwd; then adduser --quiet minion dip adduser --quiet minion disk adduser --quiet minion users + adduser --quiet minion frr fi # OpenVPN should get its own user @@ -45,6 +46,7 @@ if ! grep -q '^radius_priv_user' /etc/passwd; then adduser --quiet radius_priv_user dip adduser --quiet radius_priv_user disk adduser --quiet radius_priv_user users + adduser --quiet radius_priv_user frr fi # add hostsd group for vyos-hostsd diff --git a/src/conf_mode/system-login.py b/src/conf_mode/system-login.py index c717286ae..3dcbc995c 100755 --- a/src/conf_mode/system-login.py +++ b/src/conf_mode/system-login.py @@ -231,7 +231,7 @@ def apply(login): if tmp: command += f" --home '{tmp}'" else: command += f" --home '/home/{user}'" - command += f' --groups frrvty,vyattacfg,sudo,adm,dip,disk {user}' + command += f' --groups frr,frrvty,vyattacfg,sudo,adm,dip,disk {user}' try: cmd(command) diff --git a/src/etc/systemd/system/frr.service.d/override.conf b/src/etc/systemd/system/frr.service.d/override.conf new file mode 100644 index 000000000..69eb1a86a --- /dev/null +++ b/src/etc/systemd/system/frr.service.d/override.conf @@ -0,0 +1,11 @@ +[Unit] +Before= +Before=vyos-router.service + +[Service] +ExecStartPre=/bin/bash -c 'mkdir -p /run/frr/config; \ + echo "log syslog" > /run/frr/config/frr.conf; \ + echo "log facility local7" >> /run/frr/config/frr.conf; \ + chown frr:frr /run/frr/config/frr.conf; \ + chmod 664 /run/frr/config/frr.conf; \ + mount --bind /run/frr/config/frr.conf /etc/frr/frr.conf' -- cgit v1.2.3