diff --git a/python/vyos/configsource.py b/python/vyos/configsource.py
index f582bdfab..59e5ac8a1 100644
--- a/python/vyos/configsource.py
+++ b/python/vyos/configsource.py
@@ -1,319 +1,321 @@
# Copyright 2020-2023 VyOS maintainers and contributors <maintainers@vyos.io>
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2.1 of the License, or (at your option) any later version.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with this library. If not, see <http://www.gnu.org/licenses/>.
import os
import re
import subprocess
from vyos.configtree import ConfigTree
from vyos.utils.boot import boot_configuration_complete
class VyOSError(Exception):
"""
Raised on config access errors.
"""
pass
class ConfigSourceError(Exception):
'''
Raised on error in ConfigSource subclass init.
'''
pass
class ConfigSource:
def __init__(self):
self._running_config: ConfigTree = None
self._session_config: ConfigTree = None
def get_configtree_tuple(self):
return self._running_config, self._session_config
def session_changed(self):
"""
Returns:
True if the config session has uncommited changes, False otherwise.
"""
raise NotImplementedError(f"function not available for {type(self)}")
def in_session(self):
"""
Returns:
True if called from a configuration session, False otherwise.
"""
raise NotImplementedError(f"function not available for {type(self)}")
def show_config(self, path=[], default=None, effective=False):
"""
Args:
path (str|list): Configuration tree path, or empty
default (str): Default value to return
Returns:
str: working configuration
"""
raise NotImplementedError(f"function not available for {type(self)}")
def is_multi(self, path):
"""
Args:
path (str): Configuration tree path
Returns:
True if a node can have multiple values, False otherwise.
Note:
It also returns False if node doesn't exist.
"""
raise NotImplementedError(f"function not available for {type(self)}")
def is_tag(self, path):
"""
Args:
path (str): Configuration tree path
Returns:
True if a node is a tag node, False otherwise.
Note:
It also returns False if node doesn't exist.
"""
raise NotImplementedError(f"function not available for {type(self)}")
def is_leaf(self, path):
"""
Args:
path (str): Configuration tree path
Returns:
True if a node is a leaf node, False otherwise.
Note:
It also returns False if node doesn't exist.
"""
raise NotImplementedError(f"function not available for {type(self)}")
class ConfigSourceSession(ConfigSource):
def __init__(self, session_env=None):
super().__init__()
self._cli_shell_api = "/bin/cli-shell-api"
self._level = []
if session_env:
self.__session_env = session_env
else:
self.__session_env = None
# Running config can be obtained either from op or conf mode, it always succeeds
# once the config system is initialized during boot;
# before initialization, set to empty string
if boot_configuration_complete():
try:
running_config_text = self._run([self._cli_shell_api, '--show-active-only', '--show-show-defaults', '--show-ignore-edit', 'showConfig'])
except VyOSError:
running_config_text = ''
else:
running_config_text = ''
# Session config ("active") only exists in conf mode.
# In op mode, we'll just use the same running config for both active and session configs.
if self.in_session():
try:
session_config_text = self._run([self._cli_shell_api, '--show-working-only', '--show-show-defaults', '--show-ignore-edit', 'showConfig'])
except VyOSError:
session_config_text = ''
else:
session_config_text = running_config_text
if running_config_text:
self._running_config = ConfigTree(running_config_text)
else:
self._running_config = None
if session_config_text:
self._session_config = ConfigTree(session_config_text)
else:
self._session_config = None
def _make_command(self, op, path):
args = path.split()
cmd = [self._cli_shell_api, op] + args
return cmd
def _run(self, cmd):
if self.__session_env:
p = subprocess.Popen(cmd, stdout=subprocess.PIPE, env=self.__session_env)
else:
p = subprocess.Popen(cmd, stdout=subprocess.PIPE)
out = p.stdout.read()
p.wait()
p.communicate()
if p.returncode != 0:
raise VyOSError()
else:
return out.decode()
def set_level(self, path):
"""
Set the *edit level*, that is, a relative config tree path.
Once set, all operations will be relative to this path,
for example, after ``set_level("system")``, calling
``exists("name-server")`` is equivalent to calling
``exists("system name-server"`` without ``set_level``.
Args:
path (str|list): relative config path
"""
# Make sure there's always a space between default path (level)
# and path supplied as method argument
# XXX: for small strings in-place concatenation is not a problem
if isinstance(path, str):
if path:
self._level = re.split(r'\s+', path)
else:
self._level = []
elif isinstance(path, list):
self._level = path.copy()
else:
raise TypeError("Level path must be either a whitespace-separated string or a list")
def session_changed(self):
"""
Returns:
True if the config session has uncommited changes, False otherwise.
"""
try:
self._run(self._make_command('sessionChanged', ''))
return True
except VyOSError:
return False
def in_session(self):
"""
Returns:
True if called from a configuration session, False otherwise.
"""
+ if os.getenv('VYOS_CONFIGD', ''):
+ return False
try:
self._run(self._make_command('inSession', ''))
return True
except VyOSError:
return False
def show_config(self, path=[], default=None, effective=False):
"""
Args:
path (str|list): Configuration tree path, or empty
default (str): Default value to return
Returns:
str: working configuration
"""
# show_config should be independent of CLI edit level.
# Set the CLI edit environment to the top level, and
# restore original on exit.
save_env = self.__session_env
env_str = self._run(self._make_command('getEditResetEnv', ''))
env_list = re.findall(r'([A-Z_]+)=\'([^;\s]+)\'', env_str)
root_env = os.environ
for k, v in env_list:
root_env[k] = v
self.__session_env = root_env
# FIXUP: by default, showConfig will give you a diff
# if there are uncommitted changes.
# The config parser obviously cannot work with diffs,
# so we need to supress diff production using appropriate
# options for getting either running (active)
# or proposed (working) config.
if effective:
path = ['--show-active-only'] + path
else:
path = ['--show-working-only'] + path
if isinstance(path, list):
path = " ".join(path)
try:
out = self._run(self._make_command('showConfig', path))
self.__session_env = save_env
return out
except VyOSError:
self.__session_env = save_env
return(default)
def is_multi(self, path):
"""
Args:
path (str): Configuration tree path
Returns:
True if a node can have multiple values, False otherwise.
Note:
It also returns False if node doesn't exist.
"""
try:
path = " ".join(self._level) + " " + path
self._run(self._make_command('isMulti', path))
return True
except VyOSError:
return False
def is_tag(self, path):
"""
Args:
path (str): Configuration tree path
Returns:
True if a node is a tag node, False otherwise.
Note:
It also returns False if node doesn't exist.
"""
try:
path = " ".join(self._level) + " " + path
self._run(self._make_command('isTag', path))
return True
except VyOSError:
return False
def is_leaf(self, path):
"""
Args:
path (str): Configuration tree path
Returns:
True if a node is a leaf node, False otherwise.
Note:
It also returns False if node doesn't exist.
"""
try:
path = " ".join(self._level) + " " + path
self._run(self._make_command('isLeaf', path))
return True
except VyOSError:
return False
class ConfigSourceString(ConfigSource):
def __init__(self, running_config_text=None, session_config_text=None):
super().__init__()
try:
self._running_config = ConfigTree(running_config_text) if running_config_text else None
self._session_config = ConfigTree(session_config_text) if session_config_text else None
except ValueError:
raise ConfigSourceError(f"Init error in {type(self)}")
diff --git a/src/services/vyos-configd b/src/services/vyos-configd
index a4b839a7f..69ee15bf1 100755
--- a/src/services/vyos-configd
+++ b/src/services/vyos-configd
@@ -1,300 +1,302 @@
#!/usr/bin/env python3
#
# Copyright (C) 2020-2024 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
# published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
import os
import sys
import grp
import re
import json
import typing
import logging
import signal
import importlib.util
import zmq
from contextlib import contextmanager
from vyos.defaults import directories
from vyos.utils.boot import boot_configuration_complete
from vyos.configsource import ConfigSourceString
from vyos.configsource import ConfigSourceError
from vyos.config import Config
from vyos import ConfigError
CFG_GROUP = 'vyattacfg'
script_stdout_log = '/tmp/vyos-configd-script-stdout'
debug = True
logger = logging.getLogger(__name__)
logs_handler = logging.StreamHandler()
logger.addHandler(logs_handler)
if debug:
logger.setLevel(logging.DEBUG)
else:
logger.setLevel(logging.INFO)
SOCKET_PATH = "ipc:///run/vyos-configd.sock"
# Response error codes
R_SUCCESS = 1
R_ERROR_COMMIT = 2
R_ERROR_DAEMON = 4
R_PASS = 8
vyos_conf_scripts_dir = directories['conf_mode']
configd_include_file = os.path.join(directories['data'], 'configd-include.json')
configd_env_set_file = os.path.join(directories['data'], 'vyos-configd-env-set')
configd_env_unset_file = os.path.join(directories['data'], 'vyos-configd-env-unset')
# sourced on entering config session
configd_env_file = '/etc/default/vyos-configd-env'
session_out = None
session_mode = None
def key_name_from_file_name(f):
return os.path.splitext(f)[0]
def module_name_from_key(k):
return k.replace('-', '_')
def path_from_file_name(f):
return os.path.join(vyos_conf_scripts_dir, f)
# opt-in to be run by daemon
with open(configd_include_file) as f:
try:
include = json.load(f)
except OSError as e:
logger.critical(f"configd include file error: {e}")
sys.exit(1)
except json.JSONDecodeError as e:
logger.critical(f"JSON load error: {e}")
sys.exit(1)
# import conf_mode scripts
(_, _, filenames) = next(iter(os.walk(vyos_conf_scripts_dir)))
filenames.sort()
load_filenames = [f for f in filenames if f in include]
imports = [key_name_from_file_name(f) for f in load_filenames]
module_names = [module_name_from_key(k) for k in imports]
paths = [path_from_file_name(f) for f in load_filenames]
to_load = list(zip(module_names, paths))
modules = []
for x in to_load:
spec = importlib.util.spec_from_file_location(x[0], x[1])
module = importlib.util.module_from_spec(spec)
spec.loader.exec_module(module)
modules.append(module)
conf_mode_scripts = dict(zip(imports, modules))
exclude_set = {key_name_from_file_name(f) for f in filenames if f not in include}
include_set = {key_name_from_file_name(f) for f in filenames if f in include}
@contextmanager
def stdout_redirected(filename, mode):
saved_stdout_fd = None
destination_file = None
try:
sys.stdout.flush()
saved_stdout_fd = os.dup(sys.stdout.fileno())
destination_file = open(filename, mode)
os.dup2(destination_file.fileno(), sys.stdout.fileno())
yield
finally:
if saved_stdout_fd is not None:
os.dup2(saved_stdout_fd, sys.stdout.fileno())
os.close(saved_stdout_fd)
if destination_file is not None:
destination_file.close()
def explicit_print(path, mode, msg):
try:
with open(path, mode) as f:
f.write(f"\n{msg}\n\n")
except OSError:
logger.critical("error explicit_print")
def run_script(script_name, config, args) -> int:
script = conf_mode_scripts[script_name]
script.argv = args
config.set_level([])
try:
c = script.get_config(config)
script.verify(c)
script.generate(c)
script.apply(c)
except ConfigError as e:
logger.error(e)
explicit_print(session_out, session_mode, str(e))
return R_ERROR_COMMIT
except Exception as e:
logger.critical(e)
return R_ERROR_DAEMON
return R_SUCCESS
def initialization(socket):
global session_out
global session_mode
# Reset config strings:
active_string = ''
session_string = ''
# check first for resent init msg, in case of client timeout
while True:
msg = socket.recv().decode("utf-8", "ignore")
try:
message = json.loads(msg)
if message["type"] == "init":
resp = "init"
socket.send(resp.encode())
except:
break
# zmq synchronous for ipc from single client:
active_string = msg
resp = "active"
socket.send(resp.encode())
session_string = socket.recv().decode("utf-8", "ignore")
resp = "session"
socket.send(resp.encode())
pid_string = socket.recv().decode("utf-8", "ignore")
resp = "pid"
socket.send(resp.encode())
sudo_user_string = socket.recv().decode("utf-8", "ignore")
resp = "sudo_user"
socket.send(resp.encode())
logger.debug(f"config session pid is {pid_string}")
logger.debug(f"config session sudo_user is {sudo_user_string}")
try:
session_out = os.readlink(f"/proc/{pid_string}/fd/1")
session_mode = 'w'
except FileNotFoundError:
session_out = None
# if not a 'live' session, for example on boot, write to file
if not session_out or not boot_configuration_complete():
session_out = script_stdout_log
session_mode = 'a'
os.environ['SUDO_USER'] = sudo_user_string
try:
configsource = ConfigSourceString(running_config_text=active_string,
session_config_text=session_string)
except ConfigSourceError as e:
logger.debug(e)
return None
config = Config(config_source=configsource)
dependent_func: dict[str, list[typing.Callable]] = {}
setattr(config, 'dependent_func', dependent_func)
return config
def process_node_data(config, data, last: bool = False) -> int:
if not config:
logger.critical(f"Empty config")
return R_ERROR_DAEMON
script_name = None
args = []
config.dependency_list.clear()
res = re.match(r'^(VYOS_TAGNODE_VALUE=[^/]+)?.*\/([^/]+).py(.*)', data)
if res.group(1):
env = res.group(1).split('=')
os.environ[env[0]] = env[1]
if res.group(2):
script_name = res.group(2)
if not script_name:
logger.critical(f"Missing script_name")
return R_ERROR_DAEMON
if res.group(3):
args = res.group(3).split()
args.insert(0, f'{script_name}.py')
if script_name not in include_set:
return R_PASS
with stdout_redirected(session_out, session_mode):
result = run_script(script_name, config, args)
return result
def remove_if_file(f: str):
try:
os.remove(f)
except FileNotFoundError:
pass
except OSError:
raise
def shutdown():
remove_if_file(configd_env_file)
os.symlink(configd_env_unset_file, configd_env_file)
sys.exit(0)
if __name__ == '__main__':
context = zmq.Context()
socket = context.socket(zmq.REP)
# Set the right permissions on the socket, then change it back
o_mask = os.umask(0)
socket.bind(SOCKET_PATH)
os.umask(o_mask)
cfg_group = grp.getgrnam(CFG_GROUP)
os.setgid(cfg_group.gr_gid)
+ os.environ['VYOS_CONFIGD'] = 't'
+
def sig_handler(signum, frame):
shutdown()
signal.signal(signal.SIGTERM, sig_handler)
signal.signal(signal.SIGINT, sig_handler)
# Define the vyshim environment variable
remove_if_file(configd_env_file)
os.symlink(configd_env_set_file, configd_env_file)
config = None
while True:
# Wait for next request from client
msg = socket.recv().decode()
logger.debug(f"Received message: {msg}")
message = json.loads(msg)
if message["type"] == "init":
resp = "init"
socket.send(resp.encode())
config = initialization(socket)
elif message["type"] == "node":
if message["last"]:
logger.debug(f'final element of priority queue')
res = process_node_data(config, message["data"], message["last"])
response = res.to_bytes(1, byteorder=sys.byteorder)
logger.debug(f"Sending response {res}")
socket.send(response)
else:
logger.critical(f"Unexpected message: {message}")