T6489: add abstraction vyos.utils.configfs to work natively with the …

…config filesystem
vyos · Jun 15, 2024 · d7a18a3 · d7a18a3
1 parent e1a34e6
commit d7a18a3
Show file tree

Hide file tree

Showing 3 changed files with 45 additions and 19 deletions.
diff --git a/python/vyos/utils/__init__.py b/python/vyos/utils/__init__.py
@@ -17,6 +17,7 @@
 from vyos.utils import auth
 from vyos.utils import boot
 from vyos.utils import commit
+from vyos.utils import configfs
 from vyos.utils import convert
 from vyos.utils import cpu
 from vyos.utils import dict

diff --git a/python/vyos/utils/configfs.py b/python/vyos/utils/configfs.py
@@ -0,0 +1,37 @@
+# Copyright 2024 VyOS maintainers and contributors <[email protected]>
+#
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation; either
+# version 2.1 of the License, or (at your option) any later version.
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library.  If not, see <http://www.gnu.org/licenses/>.
+
+import os
+
+def delete_cli_node(cli_path: list):
+    from shutil import rmtree
+    for config_dir in ['VYATTA_TEMP_CONFIG_DIR', 'VYATTA_CHANGES_ONLY_DIR']:
+        tmp = os.path.join(os.environ[config_dir], '/'.join(cli_path))
+        # delete CLI node
+        if os.path.exists(tmp):
+            rmtree(tmp)
+
+def add_cli_node(cli_path: list, value: str=None):
+    from vyos.utils.auth import get_current_user
+    from vyos.utils.file import write_file
+
+    current_user = get_current_user()
+    for config_dir in ['VYATTA_TEMP_CONFIG_DIR', 'VYATTA_CHANGES_ONLY_DIR']:
+        # store new value
+        tmp = os.path.join(os.environ[config_dir], '/'.join(cli_path))
+        write_file(f'{tmp}/node.val', value, user=current_user, group='vyattacfg', mode=0o664)
+        # mark CLI node as modified
+        if config_dir == 'VYATTA_CHANGES_ONLY_DIR':
+            write_file(f'{tmp}/.modified', '', user=current_user, group='vyattacfg', mode=0o664)
diff --git a/src/conf_mode/system_login.py b/src/conf_mode/system_login.py
@@ -21,22 +21,20 @@
 from pwd import getpwall
 from pwd import getpwnam
 from pwd import getpwuid
-from shutil import rmtree
 from sys import exit
 from time import sleep
 
 from vyos.config import Config
 from vyos.configverify import verify_vrf
-from vyos.defaults import directories
 from vyos.template import render
 from vyos.template import is_ipv4
 from vyos.utils.auth import get_current_user
+from vyos.utils.configfs import delete_cli_node
+from vyos.utils.configfs import add_cli_node
 from vyos.utils.dict import dict_search
 from vyos.utils.file import chown
-from vyos.utils.file import write_file
 from vyos.utils.process import cmd
 from vyos.utils.process import call
-from vyos.utils.process import rc_cmd
 from vyos.utils.process import run
 from vyos.utils.process import DEVNULL
 from vyos import ConfigError
@@ -216,7 +214,6 @@ def verify(login):
 def generate(login):
     # calculate users encrypted password
     if 'user' in login:
-        env = os.environ.copy()
         for user, user_config in login['user'].items():
             tmp = dict_search('authentication.plaintext_password', user_config)
             if tmp:
@@ -225,20 +222,11 @@ def generate(login):
                 del login['user'][user]['authentication']['plaintext_password']
 
                 # Set default commands for re-adding user with encrypted password
-                del_user_plain = f'system login user {user} authentication plaintext-password'
-                add_user_encrypt = f'system login user {user} authentication encrypted-password'
-
-                for config_dir in ['VYATTA_TEMP_CONFIG_DIR', 'VYATTA_CHANGES_ONLY_DIR']:
-                    tmp = os.path.join(env[config_dir], '/'.join(del_user_plain.split()))
-                    # delete temporary plaintext-password CLI node
-                    if os.path.exists(tmp):
-                        rmtree(tmp)
-
-                    # store encrypted password
-                    tmp = os.path.join(env[config_dir], '/'.join(add_user_encrypt.split()))
-                    write_file(f'{tmp}/node.val', encrypted_password, user=get_current_user(), group='vyattacfg', mode=0o664)
-                    if config_dir == 'VYATTA_CHANGES_ONLY_DIR':
-                        write_file(f'{tmp}/.modified', encrypted_password, user=get_current_user(), group='vyattacfg', mode=0o664)
+                del_user_plain = ['system', 'login', 'user', user, 'authentication', 'plaintext-password']
+                add_user_encrypt = ['system', 'login', 'user', user, 'authentication', 'encrypted-password']
+
+                delete_cli_node(del_user_plain)
+                add_cli_node(add_user_encrypt, value=encrypted_password)
 
             else:
                 try: