Related to https://vyos.dev/T5514 ?

For 1.4 add session [default=ignore success=2] pam_succeed_if.so service = sudo to /etc/pam.d/common-session-noninteractive fixes the issue

# here are the per-package modules (the "Primary" block)
session [default=1]                     pam_permit.so
# here's the fallback if no module succeeds
session requisite                       pam_deny.so
# prime the stack with a positive return value if there isn't one already;
# this avoids us returning an error just because nothing sets a success code
# since the modules above will each just jump around
session required                        pam_permit.so
# and here are more per-package modules (the "Additional" block)
session required        pam_mkhomedir.so umask=0022 skel=/etc/skel
session [default=ignore success=2] pam_succeed_if.so service = sudo
session [default=ignore success=ignore] pam_succeed_if.so user ingroup aaa quiet
session [authinfo_unavail=ignore success=ok default=ignore] pam_radius_auth.so
session required        pam_unix.so
# end of pam-auth-update config

1.4 running FRR9 is already mitigated

Logic error in recent bug fix; correction is being checked ...

current PR: https://github.com/vyos/vyos-1x/pull/2217
1.4 PR: https://github.com/vyos/vyos-1x/pull/2218
1.3 PR: https://github.com/vyos/vyos-1x/pull/2219

I see this in 20230329 rolling, but don't see on the latest one.

Could please the vyos_debconfig files be updated aswell?

PR392 was merged in VyOS 1.4-rolling-202309070021.

PR:
https://github.com/vyos/vyos-1x/pull/2216

PR for Sagitta (draft until dependency PR 2207 is merged to Sagitta):
https://github.com/vyos/vyos-1x/pull/2215

Sounds great @jestabro I'm happy to assist in any way possible

In case there are other just like me who didnt know about "action continue":

Something else to consider is to increase the readcache of squashfs by changing this:

Looking at the kernel configs from both arm and x86 arch:

So what needs to be done is to copy that block and make a separate question regarding:

According to https://github.com/vyos/vyos-1x/blob/current/src/init/vyos-router it should be named:

@anthr76 T5520 would be unrelated to an upgrade from 1.4-rolling-202212310809, as the change to using Bookworm did not occur until 2023. We can take a look at the specific errors that you encountered.

There is a similar case going on at the forum with different workarounds which might help?

@sdev take a look over these repository :

The steps above i can try as a last ditch effort but that means I need to be on site with the device and will require lots of time (and downtime)

I have two scripts
Is it ok?

vyos@r14:~$ sudo ls -la /config/scripts/vyos-postconfig-boot*
-rwxrwxr-x 1 root vyattacfg 413 Sep  6 15:04 /config/scripts/vyos-postconfig-boot.script
-rwxrwxr-x 1 root vyattacfg 230 Jun 27 06:17 /config/scripts/vyos-postconfig-bootup.script
vyos@r14:~$

@Viacheslav Sure. I am on VyOS 1.4-rolling-202309040919 and the issue is fixed. Config gets build correctly

@Niklasthegeek Could you re-check and close it if it was fixed?

@

I think that would be a bad idea comparing to other vendors where you can select if you want to do IPv4 routing and/or IPv6 routing. If both are disabled the device will only do switching/bridging.

Related task T2133
I guess we should drop this option ipv6 disable-forwarding

Ehm, are you sure you operate on the correct config?

Firewall can be turned off. It does not affect the result.

In T5521#158836, @c-po wrote:

Please re-test with latest rolling-release if the issue persists.

A workaround was provided in T5428 for the specific issue.

Cannot pass smoketest for virtual-server which also uses vrrp

PR for current:
https://github.com/vyos/vyos-1x/pull/2211

Now I'm using this build: VyOS 1.4-rolling-202301071830
It's working fine as with active as with passive FTP.

@svd135 Can you provide a version string when you last had it working? Seeing the firewall config might also be helpful.