Can you please share which 1.2 version was used and also a show configuration commands output so the issue can be reproduced easily.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed All Stories
All Stories
All Stories
Jun 19 2020
Jun 19 2020
c-po added a comment to T2618: Conversion from 1.2 to 1.3 lost RADVD prefix autonomous-flag setting.
@fmertz for easier developing I have a bunch of BASH aliases which are also mapped into my docker container.
Added a basic test so this issue does not re-appear on ISO build https://github.com/vyos/vyos-smoketest/commit/b38a42d9d4ab302b44d48844fae49bb0a0817d04
Fair point. In that case I agree with not including a raw config option.
As for the errors when installing vyos-1x, c-po already pointed out why this occurs.For this reason I don't rebase on upstream while working on a set of changes locally, I always try to keep the installed iso and local git state as much together as possible. I also run docker from the vyos-build repo and have the vyos-1x repo dir in vyos-build/packages/vyos-1x (where the included scripts/build-packages would put it) so I can just docker run and build without having to copy any files anywhere, just scp the built deb into the VM.
Hi @fmertz, this is a more or less common "issue" during peak development times.
At this point, i could use a couple of wise words for the development process.
c-po moved T2490: Add serial (rs232) to ssh bridge service from In Progress to Finished on the VyOS 1.3 Equuleus board.
c-po moved T2490: Add serial (rs232) to ssh bridge service from Backlog to In Progress on the VyOS 1.3 Equuleus board.
c-po changed the status of T2490: Add serial (rs232) to ssh bridge service from Open to In progress.
Documentation is here: https://docs.vyos.io/en/latest/services/console-server.html
I'm no fan of the raw options from dhcp and openvpn and think we should not add more of those. Unfortunately they have been inherited from Vyatta. ISC DHCP could never be replaced by any other DHCP server due to this fact which is IMHO a super bad CLI design.
- PR for removing old vyatta-op-quagga code https://github.com/vyos/vyatta-op-quagga/pull/7
- PR for add commands to new XML format https://github.com/vyos/vyos-1x/pull/466
@c-po I tend to agree to have as much predefined templates, but I'd leave the option to have a custom config if the user wants to, I don't like imposing artificial limitations. We already allow custom options with dhcp-server, openvpn..., why not allow specifying your own conf file for the driver section to include? Some things are impossible without either this or going with approach 2 by exposing absolutely all configurable driver options through the config. I'd prefer that, but if it results in too much options/config size, the alternative is as I described. But in the long term I think approach 2 would be the best.
I'd go with option 1 to have a well known list of working and supported LCD displays. Each will have it's own configuration template which is used when implementing. I'm not a fan of "power user options" as this usually causes more harm then good - also users tend to be overwhelmed by the number of CLI options. We rather should make adding new display types super easy with proper documentation.
Jun 18 2020
Jun 18 2020
rgrant added a comment to T1221: BGP - Default route injection is not processed by the specific route-map.
No, seems to be fixed! I was pretty sure it was upstream, must be resolved now.
dmbaturin renamed T2311: Statically configured name servers may not take precedence over ones from DHCP from name servers in static configuration can't take effect to Statically configured name servers may not take precedence over ones from DHCP.
dmbaturin changed the status of T1966: segfault of configuration lead to disaster in router from Duplicate to Resolved.
Do not use vyatta-cfg-cmd-wrapper. The script-template takes care of the environment setup and exposes the set/delete/commit command for you to run as if it was an interactive session.
dmbaturin renamed T1089: Segmentation Fault in vyatta-op-cmd-wrapper from Segmentation Fult vyatta-op-cmd-wrapper to Segmentation Fault in vyatta-op-cmd-wrapper.
dmbaturin closed T2026: Make cli-shell-api correctly exit with non-zero code on failures as Resolved.
dmbaturin added a comment to T2026: Make cli-shell-api correctly exit with non-zero code on failures.
dmbaturin added a comment to T1901: Semicolon in values is interpreted as a part of the shell command by validators.
This is a much broader issue in fact, and has nothing to do with VRRP! It's also a possible shell injection, though for values coming from local sources it's irrelevant.
It's updated in current, still needs an update in crux.
Jun 18 2020, 11:18 PM · Restricted Project
dmbaturin edited projects for T2482: Update PowerDNS recursor to 4.3.1 for CVE-2020-10995, added: VyOS 1.2 Crux (VyOS 1.2.6); removed VyOS 1.2 Crux (VyOS 1.2.5).
Jun 18 2020, 11:18 PM · Restricted Project
dmbaturin renamed T1901: Semicolon in values is interpreted as a part of the shell command by validators from Semicolon in values gets past the validator and becomes a part of the value to Semicolon in values is interpreted as a part of the shell command by validators.
dmbaturin renamed T1901: Semicolon in values is interpreted as a part of the shell command by validators from VRRP priority not properly checked to Semicolon in values gets past the validator and becomes a part of the value.
Definitely works fine after the work from T1855
dmbaturin renamed T2303: Unable to delete the image version that came from OVA from Unable to delete system image to Unable to delete the image version that came from OVA.
If more evidence that is valid appears, please reopen.
dmbaturin edited projects for T1577: 'system console powersave' don't work after reboot, added: VyOS 1.2 Crux; removed VyOS 1.2 Crux (VyOS 1.2.6).
dmbaturin edited projects for T1699: Default net.ipv6.route.max_size 32768 is too low, added: VyOS 1.2 Crux (VyOS 1.2.6); removed VyOS 1.2 Crux.
dmbaturin added a project to T1292: Issues while deleting all rules from a firewall: VyOS 1.3 Equuleus.
Sadly, still reproducible. I fear we may want to keep it as a known wart until the firewall rewrite is complete.
dmbaturin closed T1844: Fix interface configuration which was broken in T1762 , a subtask of T1846: Make session_config not depend on the current edit level, as Resolved.
If it reappears, please reopen.
dmbaturin added a project to T1805: vyos-build adding host system mdadm config to iso: VyOS 1.3 Equuleus.
dmbaturin added a project to T1221: BGP - Default route injection is not processed by the specific route-map: VyOS 1.2 Crux.
Could anyone test if it's still reproducible?
Sorry for a very late reply. The script-template already takes care of everything, there is no need to use vyatta-cfg-cmf-wrapper.
dmbaturin added a project to T1877: Feature Request: Allow NAT to use network and address groups: VyOS 1.3 Equuleus.
With migration to nftables this is a very real possibiliy.
1.3 rolling supports it already, see https://github.com/vyos/vyos-1x/blob/current/src/services/vyos-http-api-server#L195
dmbaturin renamed T1866: Commit archive over SFTP doesn't work with non-standard ports from SSH remote key was not OK to Commit archive over SFTP doesn't work with non-standard ports.
dmbaturin reopened T1826: Misleading message on "reboot at" command, a subtask of T1855: Clean up the reboot/poweroff CLI and script, as Open.
dmbaturin closed T1826: Misleading message on "reboot at" command, a subtask of T1855: Clean up the reboot/poweroff CLI and script, as Wontfix.
I wonder if it may be a good idea to make reboot and poweroff commands create a file in our own format.
dmbaturin closed T1337: Upgrading from 1.1.8 (or even latest 1.2.0) to any rolling release version fails to verify the ISO signature as Wontfix.
The rolling release images are not signed. Never were, though I hope at some point they will be. But then again, automatically signing images, with a key stored on a public-facing machine, without a password... kinda defeats the purpose of signing.
dmbaturin added a comment to T2614: Add an option to mangle dict keys to vyos.config.get_config_dict().
Making it a default can make sense, if everyone agrees.
dmbaturin closed T2614: Add an option to mangle dict keys to vyos.config.get_config_dict() as Resolved.
I'd go with approach 3, if 2 is too complex. Have a predefined set of appliances that can be configured by a single option. For all other scenarios, one of:
a) have the user supply the path to a file in /config that the script will include in lcdd.conf as-is (as including a multi-line string in the config directly is very awkward and unreadable).
b ) we could for example make a /config/lcdproc directory, containing a template conf file that would be used if the user selected that option in config, still starting the daemon via the config.
c) or split out the individual driver sections with defaults (as in lcdd.conf) into many files in /config/lcdproc/$drivername.conf that can be edited by the user, and have a config option that selects which driver to use, and have the user edit the file to configure it.
OK, question on the approach. Looking at LCDd.conf (check the link above), there are a few server options, but TONS of individual driver options. Doing some sort of complete support in VYOS would be fairly straightforward, but would lead to a massive XML file. The lcdproc project has been around a while, so there are many different devices that are supported, most possibly somewhat historic or even one-off. We can (artificially) categorize them in 2 groups:
Works as expected!
Unknown Object (User) added a comment to T2614: Add an option to mangle dict keys to vyos.config.get_config_dict().
Can I propose this do as default but keep the possibility redefine replace option?
c-po changed the status of T2556: "show interfaces vrrp" does not return any interface from Open to Confirmed.
This does not work in VyOS 1.2.5 either.
What should be displayed in this output?
c-po reopened T2588: Add support for default values to the interface-definition format as "In progress".
IZT_crobinson changed the status of T2612: HTTPS API, changing API key fails but goes through from Open to Confirmed.
Revising this since I nailed down the issue.
Jun 17 2020
Jun 17 2020
Perfect. Thank You! I was against this feature the first time bit now I need it, too ;)
Unknown Object (User) added a comment to T2299: login radius-server priority.
@c-po Yes, sorry. This is my fault, I forgot that you told me already this.
Done, PR https://github.com/vyos/vyos-1x/pull/464
Can confirm. This bug is corrected in the the latest rollings (for at least a month or more)
The boot config load mechanism has been changed by @jestabro which possibly led to resolution of this bug
@Dmitry I accidently merged this to quick. Now every RADIUS instance has a peiority node bit irs only evaluates foe system login. Can dou please fix the XML definitions to only have this for system login?
c-po changed the status of T2609: router-advert: radvd does not start when lifetime is improperly configured from Open to In progress.
c-po moved T2478: login radius: use NAS-IP-Address if defined source address from Needs Triage to Finished on the VyOS 1.2 Crux (VyOS 1.2.6) board.
c-po edited projects for T2478: login radius: use NAS-IP-Address if defined source address, added: VyOS 1.2 Crux (VyOS 1.2.6); removed Ready for Crux (1.2.x).
c-po moved T2478: login radius: use NAS-IP-Address if defined source address from Need Triage to Finished on the VyOS 1.3 Equuleus board.
Feature now also in crux version ob libpam-radius.
Unknown Object (User) changed the status of T2299: login radius-server priority from Open to Needs testing.
Add PR for rolling https://github.com/vyos/vyos-1x/pull/462
Unknown Object (User) claimed T2225: PIM/IGMP documentation.