PSARC 2017/034 Quaggaadm access disable
15760321 quaggaadm needs a way to disable the vty port.
15429631 quaggaadm -e closes the connection the first time it is executed
--- a/components/quagga/Solaris/quaggaadm Mon Mar 13 06:36:03 2017 -0700
+++ b/components/quagga/Solaris/quaggaadm Mon Mar 13 06:36:03 2017 -0700
@@ -19,7 +19,7 @@
#
# CDDL HEADER END
#
-# Copyright (c) 2008, 2011, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2008, 2017, Oracle and/or its affiliates. All rights reserved.
#
# ident "@(#)quaggaadm 1.3 08/10/02 SMI"
daemons="zebra ripd ripngd ospfd ospf6d bgpd isisd"
@@ -28,10 +28,11 @@
{
print - "Usage:\n" >&2
for H in ${daemons} ; do
- print - "\t${1} [-e] ${H}\t\tConnect to ${H} daemon" >&2
+ print - "\t${1} [-e|-d] ${H}\t\tConnect to ${H} daemon" >&2
done
print - "\nThe -e flag enables the named daemon to accept ${1} connections and" >&2
print - "must be used on the first use of ${1} to connect to a particular daemon." >&2
+ print - "\nThe -d flag disables access to the named daemon." >&2
}
if [ ${#} -gt 2 ]
@@ -43,7 +44,7 @@
function vty_enable
{
restart=0;
-
+
/usr/bin/svcprop -p routing/vty_address ${1} \
| grep -- '[0-9a-zA-Z]' > /dev/null || \
/usr/sbin/routeadm -m ${1} vty_address="127.0.0.1" && \
@@ -51,19 +52,47 @@
/usr/bin/svcprop -p routing/vty_port ${1}| grep 0 > /dev/null && \
/usr/sbin/routeadm -m ${1} vty_port=${2}
if [ $restart = "1" ]; then
+ /usr/sbin/svcadm restart -T 5 -s ${1}
+ fi
+}
+
+function vty_disable
+{
+ restart=0;
+
+ /usr/bin/svcprop -p routing/vty_address ${1} \
+ | grep -- '[0-9a-zA-Z]' > /dev/null && \
+ /usr/sbin/routeadm -m ${1} vty_address="" && \
+ restart=1
+ /usr/bin/svcprop -p routing/vty_port ${1}| grep '^0$' > /dev/null || \
+ /usr/sbin/routeadm -m ${1} vty_port=0
+ if [ $restart = "1" ]; then
/usr/sbin/svcadm restart ${1}
- fi
-}
+ fi
+ print Service access is now disabled.
+}
ENABLE="no"
+DISABLE="no"
+if [ ${#} -gt 2 ] ; then
+ quaggaadm_usage ${0}
+ exit 1;
+fi
if [ ${#} -eq 2 ] ; then
DAEMON=${2}
- if [ ${1} != "-e" ]; then
- quaggaadm_usage ${0}
- exit 1;
- fi
- ENABLE="yes"
+ case ${1} in
+ -e) #enable
+ ENABLE="yes"
+ ;;
+ -d) #disable
+ DISABLE="yes"
+ ;;
+ *)
+ quaggaadm_usage ${0}
+ exit 1
+ ;;
+ esac
elif [ ${#} -eq 1 ] ; then
DAEMON=${1}
fi
@@ -105,9 +134,16 @@
;;
esac
+if [ ${DISABLE} = "yes" ] ; then
+ vty_disable ${SVC} || exit 1
+ exit 0
+fi
+
if [ ${ENABLE} = "yes" ] ; then
vty_enable ${SVC} ${PORT} || exit 1
fi
+# Need to give the daemon time to initialize.
+sleep 3
exec telnet 127.0.0.1 ${PORT}
--- a/components/quagga/Solaris/quaggaadm.8 Mon Mar 13 06:36:03 2017 -0700
+++ b/components/quagga/Solaris/quaggaadm.8 Mon Mar 13 06:36:03 2017 -0700
@@ -1,11 +1,11 @@
'\" te
-.\" Copyright (c) 2008, 2015, Oracle and/or its affiliates\&. All rights reserved\&.
-.TH quaggaadm 8 "20 Oct 2015" "" ""
+.\" Copyright (c) 2008, 2017, Oracle and/or its affiliates\&. All rights reserved\&.
+.TH quaggaadm 8 "02 mar 2017" "" ""
.SH "NAME"
quaggaadm \- quagga routing daemon administration tool
.SH "SYNOPSIS"
.PP
-\fBquaggaadm\fR [-\fBe\fR] \fIzebra\fR|\fIripd\fR|\fIripngd\fR|\fIospfd\fR|\fIospf6d\fR|\fIbgpd\fR|\fIisisd\fR
+\fBquaggaadm\fR [-\fBe\fR|-\fBd\fR] \fIzebra\fR|\fIripd\fR|\fIripngd\fR|\fIospfd\fR|\fIospf6d\fR|\fIbgpd\fR|\fIisisd\fR
.SH "DESCRIPTION"
.PP
The \fBquaggaadm\fR command is provided as a simple wrapper to facilitate connection
@@ -16,20 +16,31 @@
that to complete this operation, the user will require solaris.smf.manage.routing
and solaris.smf.modify.routing authorizations.
.SH "OPTIONS"
-.PP
-The following command-line options are supported:
+.sp
+.LP
+The following command-line options are supported by \fBquaggaadm\fR:
.sp
.ne 2
.mk
.na
\fB\fB\-e\fR\fR
.ad
-.sp .6
-.in +4
+.RS 6n
+.rt
Automatically enable the vty for the specified daemon.
+.RE
+
.sp
-.sp 1
-.in -4
+.ne 2
+.mk
+.na
+\fB\fB-d\fR\fR
+.ad
+.RS 6n
+.rt
+Automatically disable the vty for the specified daemon. No attempt to connect will be made.
+.RE
+
.SH "EXIT STATUS"
.PP
The following exit values are returned: