diff --git a/net/netopeer2/Config_keystored.in b/net/netopeer2/Config_keystored.in new file mode 100644 index 000000000..73252507e --- /dev/null +++ b/net/netopeer2/Config_keystored.in @@ -0,0 +1,7 @@ +if PACKAGE_netopeer2-keystored + +config SSH_KEYS + bool "Generate default ssh keys" + default y + +endif diff --git a/net/netopeer2/Config_server.in b/net/netopeer2/Config_server.in new file mode 100644 index 000000000..112da769b --- /dev/null +++ b/net/netopeer2/Config_server.in @@ -0,0 +1,7 @@ +if PACKAGE_netopeer2-server + +config SSH_SERVER + bool "Install the default ssh server (openssh-server)" + default y + +endif diff --git a/net/netopeer2/Makefile b/net/netopeer2/Makefile index 5a283b4a2..e017f9cd9 100644 --- a/net/netopeer2/Makefile +++ b/net/netopeer2/Makefile @@ -34,12 +34,21 @@ CMAKE_INSTALL:=1 include $(INCLUDE_DIR)/package.mk include $(INCLUDE_DIR)/cmake.mk +define Package/netopeer2-server/config + source "$(SOURCE)/Config_server.in" +endef + +define Package/netopeer2-keystored/config + source "$(SOURCE)/Config_keystored.in" +endef + define Package/netopeer2-server SECTION:=util CATEGORY:=Utilities TITLE:=NETCONF server URL:=$(PKG_SOURCE_URL) - DEPENDS:=+libpthread +libyang +libnetconf2 +netopeer2-keystored +libsysrepo +sysrepocfg +sysrepoctl + DEPENDS:=+libpthread +libyang +libnetconf2 +netopeer2-keystored +libsysrepo +sysrepocfg +sysrepoctl +sysrepo +SSH_SERVER:openssh-server + MENU:=1 endef define Package/netopeer2-cli @@ -55,7 +64,8 @@ define Package/netopeer2-keystored CATEGORY:=Utilities TITLE:=Netopeer2 key store management URL:=$(PKG_SOURCE_URL) - DEPENDS:=+libopenssl +libsysrepo +sysrepo-plugind +sysrepocfg +sysrepoctl + DEPENDS:=+libopenssl +libsysrepo +sysrepo +sysrepocfg +sysrepoctl +SSH_KEYS:openssh-keygen + MENU:=1 endef define Package/netopeer2/description @@ -112,7 +122,7 @@ define Package/netopeer2-server/install $(INSTALL_BIN) ./files/netopeer2-server.init $(1)/etc/init.d/netopeer2-server $(INSTALL_DIR) $(1)/usr/share/netopeer2-server - $(INSTALL_DATA) $(PKG_BUILD_ROOT)/server/stock_config.xml $(1)/usr/share/netopeer2-server + $(INSTALL_DATA) ./files/stock_config.xml $(1)/usr/share/netopeer2-server endef define Package/netopeer2-cli/install @@ -128,15 +138,19 @@ define Package/netopeer2-keystored/install $(INSTALL_DATA) $(PKG_BUILD_ROOT)/modules/ietf-keystore.yang $(1)/etc/sysrepo/yang $(INSTALL_DIR) $(1)/etc/uci-defaults + + $(INSTALL_DIR) $(1)/etc/keystored/keys +ifeq ($(CONFIG_SSH_KEYS),y) + $(INSTALL_BIN) ./files/netopeer2-keystored-keygen.default $(1)/etc/uci-defaults/97_netopeer2-keystored +else $(INSTALL_BIN) ./files/netopeer2-keystored.default $(1)/etc/uci-defaults/97_netopeer2-keystored + #ssh key name is specified in ./files/stock_config.xml file, you will need to provide the ssh keys yourself. + $(INSTALL_DATA) ./files/ssh_host_rsa_key.pem $(1)/etc/keystored/keys + $(INSTALL_DATA) ./files/ssh_host_rsa_key.pub.pem $(1)/etc/keystored/keys +endif $(INSTALL_DIR) $(1)/usr/share/netopeer2-keystored $(INSTALL_DATA) $(PKG_BUILD_ROOT)/keystored/stock_key_config.xml $(1)/usr/share/netopeer2-keystored - - $(INSTALL_DIR) $(1)/etc/keystored/keys - #$(INSTALL_DATA) ./files/ssh_host_rsa_key.pem $(1)/etc/keystored/keys - #$(INSTALL_DATA) ./files/ssh_host_rsa_key.pub.pem $(1)/etc/keystored/keys - #ssh key name is specified in stock_key_config.xml file, you will need to provide the ssh keys yourself. endef $(eval $(call BuildPackage,netopeer2-server)) diff --git a/net/netopeer2/files/netopeer2-keystored-keygen.default b/net/netopeer2/files/netopeer2-keystored-keygen.default new file mode 100644 index 000000000..6c9c10559 --- /dev/null +++ b/net/netopeer2/files/netopeer2-keystored-keygen.default @@ -0,0 +1,22 @@ +#!/bin/sh + +# Warning, problems can occur if the device restarts in the middle of this uci-default script + +if [ -x /bin/sysrepoctl ]; then + match=$(sysrepoctl -l | grep "ietf-keystore\ ") + if [ ! "$match" ]; then + sysrepoctl --install --yang=/etc/sysrepo/yang/ietf-keystore.yang -o root:root -p 600 + if [ -x /bin/sysrepocfg ]; then + sysrepocfg -d startup -i /usr/share/netopeer2-keystored/stock_key_config.xml ietf-keystore + rm /usr/share/netopeer2-keystored/stock_key_config.xml + fi + + #generate ssh keys + ssh-keygen -t rsa -f /tmp/ssh_host_rsa_key -N "" + openssl rsa -in /tmp/ssh_host_rsa_key -outform pem > /etc/keystored/keys/ssh_host_rsa_key.pem + openssl rsa -pubout -in /etc/keystored/keys/ssh_host_rsa_key.pem -out /etc/keystored/keys/ssh_host_rsa_key.pub.pem + rm /tmp/ssh_host_rsa_key + fi +fi + +exit 0 diff --git a/net/netopeer2/files/netopeer2-keystored.default b/net/netopeer2/files/netopeer2-keystored.default index bdcd58ab1..9faeedc22 100644 --- a/net/netopeer2/files/netopeer2-keystored.default +++ b/net/netopeer2/files/netopeer2-keystored.default @@ -3,9 +3,14 @@ # Warning, problems can occur if the device restarts in the middle of this uci-default script if [ -x /bin/sysrepoctl ]; then - sysrepoctl --install --yang=/etc/sysrepo/yang/ietf-keystore.yang -o root:root -p 600 - sysrepocfg -d startup -i /usr/share/netopeer2-keystored/stock_key_config.xml ietf-keystore - rm /usr/share/netopeer2-keystored/stock_key_config.xml + match=$(sysrepoctl -l | grep "ietf-keystore\ ") + if [ ! "$match" ]; then + sysrepoctl --install --yang=/etc/sysrepo/yang/ietf-keystore.yang -o root:root -p 600 + if [ -x /bin/sysrepocfg ]; then + sysrepocfg -d startup -i /usr/share/netopeer2-keystored/stock_key_config.xml ietf-keystore + rm /usr/share/netopeer2-keystored/stock_key_config.xml + fi + fi fi exit 0 diff --git a/net/netopeer2/files/netopeer2-server.default b/net/netopeer2/files/netopeer2-server.default index 41df88d14..ec6bae052 100644 --- a/net/netopeer2/files/netopeer2-server.default +++ b/net/netopeer2/files/netopeer2-server.default @@ -3,22 +3,47 @@ # Warning, problems can occur if the device restarts in the middle of this uci-default script if [ -x /bin/sysrepoctl ]; then - sysrepoctl --install --yang=/etc/sysrepo/yang/ietf-ssh-server.yang -p 600 - sysrepoctl --install --yang=/etc/sysrepo/yang/ietf-tls-server.yang -p 600 - sysrepoctl --install --yang=/etc/sysrepo/yang/iana-crypt-hash.yang -p 600 - sysrepoctl --install --yang=/etc/sysrepo/yang/ietf-x509-cert-to-name.yang -p 600 - sysrepoctl --install --yang=/etc/sysrepo/yang/ietf-netconf-server.yang -o root:root -p 600 - sysrepoctl -m ietf-netconf-server -e listen - sysrepoctl -m ietf-netconf-server -e ssh-listen - sysrepoctl -m ietf-netconf-server -e tls-listen - sysrepoctl -m ietf-netconf-server -e call-home - sysrepoctl -m ietf-netconf-server -e ssh-call-home - sysrepoctl -m ietf-netconf-server -e tls-call-home - sysrepocfg -d startup -i /usr/share/netopeer2-server/stock_config.xml ietf-netconf-server - rm /usr/share/netopeer2-server/stock_config.xml - sysrepoctl --install --yang=/etc/sysrepo/yang/ietf-system.yang -o root:root -p 600 - sysrepoctl -m ietf-system -e authentication - sysrepoctl -m ietf-system -e local-users + match=$(sysrepoctl -l | grep "ietf-ssh-server\ ") + if [ ! "$match" ]; then + sysrepoctl --install --yang=/etc/sysrepo/yang/ietf-ssh-server.yang -p 600 + fi + + match=$(sysrepoctl -l | grep "ietf-tls-server\ ") + if [ ! "$match" ]; then + sysrepoctl --install --yang=/etc/sysrepo/yang/ietf-tls-server.yang -p 600 + fi + + match=$(sysrepoctl -l | grep "iana-crypt-hash\ ") + if [ ! "$match" ]; then + sysrepoctl --install --yang=/etc/sysrepo/yang/iana-crypt-hash.yang -p 600 + fi + + match=$(sysrepoctl -l | grep "ietf-x509-cert-to-name\ ") + if [ ! "$match" ]; then + sysrepoctl --install --yang=/etc/sysrepo/yang/ietf-x509-cert-to-name.yang -p 600 + fi + + match=$(sysrepoctl -l | grep "ietf-netconf-server\ ") + if [ ! "$match" ]; then + sysrepoctl --install --yang=/etc/sysrepo/yang/ietf-netconf-server.yang -o root:root -p 600 + sysrepoctl -m ietf-netconf-server -e listen + sysrepoctl -m ietf-netconf-server -e ssh-listen + sysrepoctl -m ietf-netconf-server -e tls-listen + sysrepoctl -m ietf-netconf-server -e call-home + sysrepoctl -m ietf-netconf-server -e ssh-call-home + sysrepoctl -m ietf-netconf-server -e tls-call-home + if [ -x /bin/sysrepocfg ]; then + sysrepocfg -d startup -i /usr/share/netopeer2-server/stock_config.xml ietf-netconf-server + rm /usr/share/netopeer2-server/stock_config.xml + fi + fi + + match=$(sysrepoctl -l | grep "ietf-system\ ") + if [ ! "$match" ]; then + sysrepoctl --install --yang=/etc/sysrepo/yang/ietf-system.yang -o root:root -p 600 + sysrepoctl -m ietf-system -e authentication + sysrepoctl -m ietf-system -e local-users + fi fi exit 0 diff --git a/net/netopeer2/files/netopeer2-server.init b/net/netopeer2/files/netopeer2-server.init index e07e91afb..cdc255003 100644 --- a/net/netopeer2/files/netopeer2-server.init +++ b/net/netopeer2/files/netopeer2-server.init @@ -7,9 +7,20 @@ USE_PROCD=1 PROG=/bin/netopeer2-server start_service() { + + # netopeer2-server requires sysrepo daemon + /etc/init.d/sysrepo start + + sleep 1 + procd_open_instance procd_set_param command $PROG + procd_append_param command -d -v 0 procd_set_param respawn procd_close_instance } +stop_service() +{ + service_stop ${PROG} +} diff --git a/net/netopeer2/files/stock_config.xml b/net/netopeer2/files/stock_config.xml new file mode 100644 index 000000000..45766846a --- /dev/null +++ b/net/netopeer2/files/stock_config.xml @@ -0,0 +1,17 @@ + + + + test_ssh_listen_endpt + +
::
+ 830 + + + test_ssh_listen_key + ssh_host_rsa_key + + + + + + diff --git a/net/sysrepo/Makefile b/net/sysrepo/Makefile index bfae426f3..11deab63b 100644 --- a/net/sysrepo/Makefile +++ b/net/sysrepo/Makefile @@ -38,11 +38,11 @@ define Package/libsysrepo DEPENDS:=+libyang +libprotobuf-c +libev +libavl endef -define Package/sysrepod +define Package/sysrepo SECTION:=util CATEGORY:=Utilities URL:=$(PKG_SOURCE_URL) - TITLE:=YANG-based data store daemon + TITLE:=YANG-based data store daemon and plugin DEPENDS:=+libsysrepo endef @@ -62,14 +62,6 @@ define Package/sysrepocfg DEPENDS:=+libsysrepo endef -define Package/sysrepo-plugind - SECTION:=util - CATEGORY:=Utilities - URL:=$(PKG_SOURCE_URL) - TITLE:=sysrepo plugin daemon - DEPENDS:=+libsysrepo -endef - define Package/sysrepo/description Sysrepo is an YANG-based configuration and operational state data store for Unix/Linux applications. endef @@ -107,12 +99,15 @@ define Package/libsysrepo/install $(INSTALL_BIN) ./files/libsysrepo.default $(1)/etc/uci-defaults/95_libsysrepo endef -define Package/sysrepod/install +define Package/sysrepo/install $(INSTALL_DIR) $(1)/bin $(INSTALL_BIN) $(PKG_BUILD_DIR)/src/sysrepod $(1)/bin/ + $(INSTALL_DIR) $(1)/bin + $(INSTALL_BIN) $(PKG_BUILD_DIR)/src/sysrepo-plugind $(1)/bin/ + $(INSTALL_DIR) $(1)/etc/init.d/ - $(INSTALL_BIN) ./files/sysrepod.init $(1)/etc/init.d/sysrepod + $(INSTALL_BIN) ./files/sysrepo.init $(1)/etc/init.d/sysrepo endef define Package/sysrepoctl/install @@ -125,16 +120,7 @@ define Package/sysrepocfg/install $(INSTALL_BIN) $(PKG_BUILD_DIR)/src/sysrepocfg $(1)/bin/ endef -define Package/sysrepo-plugind/install - $(INSTALL_DIR) $(1)/bin - $(INSTALL_BIN) $(PKG_BUILD_DIR)/src/sysrepo-plugind $(1)/bin/ - - $(INSTALL_DIR) $(1)/etc/init.d/ - $(INSTALL_BIN) ./files/sysrepo-plugind.init $(1)/etc/init.d/sysrepo-plugind -endef - $(eval $(call BuildPackage,libsysrepo)) -$(eval $(call BuildPackage,sysrepod)) +$(eval $(call BuildPackage,sysrepo)) $(eval $(call BuildPackage,sysrepoctl)) $(eval $(call BuildPackage,sysrepocfg)) -$(eval $(call BuildPackage,sysrepo-plugind)) diff --git a/net/sysrepo/files/libsysrepo.default b/net/sysrepo/files/libsysrepo.default index 4e00cc79f..ae2af81f8 100644 --- a/net/sysrepo/files/libsysrepo.default +++ b/net/sysrepo/files/libsysrepo.default @@ -3,11 +3,30 @@ # Warning, problems can occur if the device restarts in the middle of this uci-default script if [ -x /bin/sysrepoctl ]; then - sysrepoctl --install --yang=/etc/sysrepo/yang/ietf-netconf-acm@2012-02-22.yang -p 644 - sysrepoctl --install --yang=/etc/sysrepo/yang/ietf-netconf-notifications.yang -p 600 - sysrepoctl --install --yang=/etc/sysrepo/yang/nc-notifications.yang -p 666 - sysrepoctl --install --yang=/etc/sysrepo/yang/notifications.yang -p 666 - sysrepoctl --install --yang=/etc/sysrepo/yang/ietf-netconf@2011-06-01.yang -p 600 + match=$(sysrepoctl -l | grep "ietf-netconf-acm\ ") + if [ ! "$match" ]; then + sysrepoctl --install --yang=/etc/sysrepo/yang/ietf-netconf-acm@2012-02-22.yang -p 644 + fi + + match=$(sysrepoctl -l | grep "ietf-netconf-notifications\ ") + if [ ! "$match" ]; then + sysrepoctl --install --yang=/etc/sysrepo/yang/ietf-netconf-notifications.yang -p 600 + fi + + match=$(sysrepoctl -l | grep "nc-notifications\ ") + if [ ! "$match" ]; then + sysrepoctl --install --yang=/etc/sysrepo/yang/nc-notifications.yang -p 666 + fi + + match=$(sysrepoctl -l | grep "notifications\ ") + if [ ! "$match" ]; then + sysrepoctl --install --yang=/etc/sysrepo/yang/notifications.yang -p 666 + fi + + match=$(sysrepoctl -l | grep "ietf-netconf\ ") + if [ ! "$match" ]; then + sysrepoctl --install --yang=/etc/sysrepo/yang/ietf-netconf@2011-06-01.yang -p 600 + fi fi exit 0 diff --git a/net/sysrepo/files/sysrepo-plugind.init b/net/sysrepo/files/sysrepo-plugind.init deleted file mode 100644 index d394256ae..000000000 --- a/net/sysrepo/files/sysrepo-plugind.init +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/sh /etc/rc.common - -START=90 -STOP=10 - -USE_PROCD=1 -PROG=/bin/sysrepo-plugind - -start_service() { - procd_open_instance - procd_set_param command $PROG - procd_set_param respawn - procd_close_instance -} - -stop_service() -{ - service_stop ${PROG} -} diff --git a/net/sysrepo/files/sysrepo.init b/net/sysrepo/files/sysrepo.init new file mode 100644 index 000000000..9c9262c37 --- /dev/null +++ b/net/sysrepo/files/sysrepo.init @@ -0,0 +1,34 @@ +#!/bin/sh /etc/rc.common + +START=70 +STOP=10 + +USE_PROCD=1 +PROG_DEAMON=/bin/sysrepod +PROG_PLUGIN=/bin/sysrepo-plugind + +start_service() { + procd_open_instance + procd_set_param command ${PROG_DEAMON} + procd_append_param command -d -l 0 + procd_set_param respawn + procd_close_instance + + procd_open_instance + procd_set_param command ${PROG_PLUGIN} + procd_append_param command -d -l 0 + procd_set_param respawn + procd_close_instance +} + +stop_service() +{ + if [ -f /etc/init.d/netopeer2-server ]; then + # netopeer2-server will automatically start sysrepod, + # so we need to stop it + /etc/init.d/netopeer2-server stop + sleep 1 + fi + service_stop ${PROG_PLUGIN} + service_stop ${PROG_DEAMON} +} diff --git a/net/sysrepo/files/sysrepod.init b/net/sysrepo/files/sysrepod.init deleted file mode 100644 index 843e3b56c..000000000 --- a/net/sysrepo/files/sysrepod.init +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/sh /etc/rc.common - -START=70 -STOP=10 - -USE_PROCD=1 -PROG=/bin/sysrepod - -start_service() { - procd_open_instance - procd_set_param command $PROG - procd_set_param respawn - procd_close_instance -} - -stop_service() -{ - service_stop ${PROG} -}