statd: Move operational from confd to statd (yanger)

configs/aarch64_defconfig

@@ -166,6 +166,7 @@ BR2_PACKAGE_ROUSETTE=y
 BR2_PACKAGE_RAUC_INSTALLATION_STATUS=y
 BR2_PACKAGE_HOST_PYTHON_YANGDOC=y
 BR2_DOWNLOAD_FORCE_CHECK_HASHES=y
+BR2_PACKAGE_GETENT=y
 TRUSTED_KEYS=y
 TRUSTED_KEYS_DEVELOPMENT=y
 DISK_IMAGE_BOOT_BIN=y

configs/aarch64_minimal_defconfig

@@ -139,6 +139,7 @@ BR2_PACKAGE_LIBINPUT=y
 BR2_PACKAGE_ROUSETTE=y
 BR2_PACKAGE_RAUC_INSTALLATION_STATUS=y
 BR2_DOWNLOAD_FORCE_CHECK_HASHES=y
+BR2_PACKAGE_GETENT=y
 DISK_IMAGE_BOOT_BIN=y
 TRUSTED_KEYS=y
 TRUSTED_KEYS_DEVELOPMENT=y

configs/r2s_defconfig

@@ -203,6 +203,7 @@ BR2_PACKAGE_ROUSETTE=y
 BR2_PACKAGE_RAUC_INSTALLATION_STATUS=y
 BR2_PACKAGE_HOST_PYTHON_YANGDOC=y
 BR2_DOWNLOAD_FORCE_CHECK_HASHES=y
+BR2_PACKAGE_GETENT=y
 TRUSTED_KEYS=y
 TRUSTED_KEYS_DEVELOPMENT=y
 # GNS3_APPLIANCE is not set

configs/riscv64_defconfig

@@ -196,6 +196,7 @@ BR2_PACKAGE_ROUSETTE=y
 BR2_PACKAGE_HOST_PYTHON_YANGDOC=y
 BR2_PACKAGE_RAUC_INSTALLATION_STATUS=y
 BR2_DOWNLOAD_FORCE_CHECK_HASHES=y
+BR2_PACKAGE_GETENT=y
 TRUSTED_KEYS=y
 TRUSTED_KEYS_DEVELOPMENT=y
 # GNS3_APPLIANCE is not set

configs/x86_64_defconfig

@@ -168,6 +168,7 @@ BR2_PACKAGE_ROUSETTE=y
 BR2_PACKAGE_RAUC_INSTALLATION_STATUS=y
 BR2_PACKAGE_HOST_PYTHON_YANGDOC=y
 BR2_DOWNLOAD_FORCE_CHECK_HASHES=y
+BR2_PACKAGE_GETENT=y
 TRUSTED_KEYS=y
 TRUSTED_KEYS_DEVELOPMENT=y
 GNS3_APPLIANCE_RAM=512

configs/x86_64_minimal_defconfig

@@ -7,13 +7,14 @@ BR2_CCACHE=y
 BR2_CCACHE_DIR="${BR2_EXTERNAL_INFIX_PATH}/.ccache"
 BR2_ENABLE_DEBUG=y
 BR2_GLOBAL_PATCH_DIR="${BR2_EXTERNAL_INFIX_PATH}/patches"
+BR2_DOWNLOAD_FORCE_CHECK_HASHES=y
 BR2_TARGET_GENERIC_HOSTNAME="ix"
 BR2_TARGET_GENERIC_ISSUE="Infix by KernelKit"
 BR2_INIT_FINIT=y
 BR2_ROOTFS_DEVICE_CREATION_DYNAMIC_EUDEV=y
 BR2_ROOTFS_DEVICE_TABLE="system/device_table.txt ${BR2_EXTERNAL_INFIX_PATH}/board/common/xattrs"
-# BR2_TARGET_ENABLE_ROOT_LOGIN is not set
 BR2_ROOTFS_MERGED_USR=y
+# BR2_TARGET_ENABLE_ROOT_LOGIN is not set
 BR2_SYSTEM_BIN_SH_BASH=y
 BR2_TARGET_GENERIC_GETTY_PORT="@console"
 BR2_TARGET_GENERIC_GETTY_TERM="xterm"
@@ -50,10 +51,7 @@ BR2_PACKAGE_UBOOT_TOOLS_FIT_SIGNATURE_SUPPORT=y
 BR2_PACKAGE_UBOOT_TOOLS_FIT_CHECK_SIGN=y
 BR2_PACKAGE_UBOOT_TOOLS_MKENVIMAGE=y
 BR2_PACKAGE_PYTHON3=y
-BR2_PACKAGE_LIBSSH_OPENSSL=y
 BR2_PACKAGE_LIBSSH2=y
-BR2_PACKAGE_LIBSSH2_OPENSSL=y
-BR2_PACKAGE_LIBXCRYPT=y
 BR2_PACKAGE_LIBOPENSSL_BIN=y
 BR2_PACKAGE_LIBCURL_CURL=y
 BR2_PACKAGE_LIBMNL=y
@@ -83,6 +81,7 @@ BR2_PACKAGE_TCPDUMP=y
 BR2_PACKAGE_WHOIS=y
 BR2_PACKAGE_BASH_COMPLETION=y
 BR2_PACKAGE_SUDO=y
+BR2_PACKAGE_GETENT=y
 BR2_PACKAGE_KMOD_TOOLS=y
 BR2_PACKAGE_PWGEN=y
 BR2_PACKAGE_RAUC=y
@@ -123,7 +122,6 @@ BR2_PACKAGE_CONFD=y
 BR2_PACKAGE_CONFD_TEST_MODE=y
 BR2_PACKAGE_GENCERT=y
 BR2_PACKAGE_STATD=y
-BR2_PACKAGE_SHOW=y
 BR2_PACKAGE_FACTORY=y
 BR2_PACKAGE_FINIT_PLUGIN_HOTPLUG=y
 BR2_PACKAGE_FINIT_PLUGIN_HOOK_SCRIPTS=y
@@ -139,9 +137,9 @@ BR2_PACKAGE_KLISH_PLUGIN_INFIX=y
 BR2_PACKAGE_LOWDOWN=y
 BR2_PACKAGE_MCD=y
 BR2_PACKAGE_MDNS_ALIAS=y
+BR2_PACKAGE_SHOW=y
 BR2_PACKAGE_ROUSETTE=y
 BR2_PACKAGE_RAUC_INSTALLATION_STATUS=y
-BR2_DOWNLOAD_FORCE_CHECK_HASHES=y
 TRUSTED_KEYS=y
 TRUSTED_KEYS_DEVELOPMENT=y
 GNS3_APPLIANCE_RAM=512

src/confd/src/ietf-system.c

@@ -38,10 +38,6 @@ struct sr_change {
 	sr_val_t *new;
 };
 
-static char   *ver = NULL;
-static char   *rel = NULL;
-static char   *sys = NULL;
-static char   *os  = NULL;
 static char   *nm  = NULL;
 static char   *id  = NULL;
 
@@ -90,17 +86,9 @@ static void setvar(const char *line, const char *key, char **var)
 
 static void os_init(void)
 {
-	struct utsname uts;
 	char line[80];
 	FILE *fp;
 
-	if (!uname(&uts)) {
-		os  = strdup(uts.sysname);
-		ver = strdup(uts.release);
-		rel = strdup(uts.release);
-		sys = strdup(uts.machine);
-	}
-
 	fp = fopen("/etc/os-release", "r");
 	if (!fp) {
 		fp = fopen("/usr/lib/os-release", "r");
@@ -110,36 +98,12 @@ static void os_init(void)
 
 	while (fgets(line, sizeof(line), fp)) {
 		line[strlen(line) - 1] = 0; /* drop \n */
-		setvar(line, "NAME", &os);
-		setvar(line, "VERSION_ID", &ver);
-		setvar(line, "BUILD_ID", &rel);
-		setvar(line, "ARCHITECTURE", &sys);
 		setvar(line, "DEFAULT_HOSTNAME", &nm);
 		setvar(line, "ID", &id);
 	}
 	fclose(fp);
 }
 
-static char *fmtime(time_t t, char *buf, size_t len)
-{
-        const char *isofmt = "%FT%T%z";
-        struct tm tm;
-        size_t i, n;
-
-	tzset();
-        localtime_r(&t, &tm);
-        n = strftime(buf, len, isofmt, &tm);
-        i = n - 5;
-        if (buf[i] == '+' || buf[i] == '-') {
-                buf[i + 6] = buf[i + 5];
-                buf[i + 5] = buf[i + 4];
-                buf[i + 4] = buf[i + 3];
-                buf[i + 3] = ':';
-        }
-
-        return buf;
-}
-
 static sr_error_t _sr_change_iter(sr_session_ctx_t *session, struct confd *confd, char *xpath,
 				  sr_error_t cb(sr_session_ctx_t *, struct confd *, struct sr_change *))
 {
@@ -165,71 +129,6 @@ static sr_error_t _sr_change_iter(sr_session_ctx_t *session, struct confd *confd
 	return SR_ERR_OK;
 }
 
-static int clock_cb(sr_session_ctx_t *session, uint32_t sub_id, const char *module,
-		    const char *path, const char *request_path, uint32_t request_id,
-		    struct lyd_node **parent, void *priv)
-{
-	static char boottime[64] = { 0 };
-	const struct ly_ctx *ctx;
-	char curtime[64];
-	time_t now, boot;
-	int rc;
-
-	ctx = sr_acquire_context(sr_session_get_connection(session));
-
-	now = time(NULL);
-	if (!boottime[0]) {
-		struct sysinfo si;
-
-		sysinfo(&si);
-		boot = now - si.uptime;
-		fmtime(boot, boottime, sizeof(boottime));
-	}
-	fmtime(now, curtime, sizeof(curtime));
-
-	if ((rc = lydx_new_path(ctx, parent, CLOCK_PATH_, "boot-datetime", "%s", boottime)))
-		goto fail;
-	if ((rc = lydx_new_path(ctx, parent, CLOCK_PATH_, "current-datetime", "%s", curtime)))
-		goto fail;
-
-	if (rc) {
-	fail:
-		ERROR("Failed building data tree, libyang error %d", rc);
-		rc = SR_ERR_INTERNAL;
-	}
-
-	sr_release_context(sr_session_get_connection(session));
-	return rc;
-}
-
-static int platform_cb(sr_session_ctx_t *session, uint32_t sub_id, const char *module,
-		       const char *path, const char *request_path, uint32_t request_id,
-		       struct lyd_node **parent, void *priv)
-{
-	const struct ly_ctx *ctx;
-	int rc;
-
-	ctx = sr_acquire_context(sr_session_get_connection(session));
-
-	if ((rc = lydx_new_path(ctx, parent, PLATFORM_PATH_, "os-name", "%s", os)))
-		goto fail;
-	if ((rc = lydx_new_path(ctx, parent, PLATFORM_PATH_, "os-release", "%s", rel)))
-		goto fail;
-	if ((rc = lydx_new_path(ctx, parent, PLATFORM_PATH_, "os-version", "%s", ver)))
-		goto fail;
-	if ((rc = lydx_new_path(ctx, parent, PLATFORM_PATH_, "machine", "%s", sys)))
-		goto fail;
-
-	if (rc) {
-	fail:
-		ERROR("Failed building data tree, libyang error %d", rc);
-		rc = SR_ERR_INTERNAL;
-	}
-
-	sr_release_context(sr_session_get_connection(session));
-	return rc;
-}
-
 static int rpc_exec(sr_session_ctx_t *session, uint32_t sub_id, const char *path,
 		    const sr_val_t *input, const size_t input_cnt,
 		    sr_event_t event, unsigned request_id,
@@ -1408,30 +1307,6 @@ static int change_auth(sr_session_ctx_t *session, uint32_t sub_id, const char *m
 	return SR_ERR_OK;
 }
 
-static int auth_cb(sr_session_ctx_t *session, uint32_t sub_id, const char *module,
-		    const char *path, const char *request_path, uint32_t request_id,
-		    struct lyd_node **parent, void *priv)
-{
-	const char *fmt = "/ietf-system:system/authentication/user[name='%s']/password";
-	struct spwd *spwd;
-
-	setspent();
-	while ((spwd = getspent())) {
-		char xpath[256];
-
-		/* Skip any records that do not pass YANG validation */
-		if (!spwd->sp_pwdp || spwd->sp_pwdp[0] == '0' ||
-		     spwd->sp_pwdp[0] == '*' || spwd->sp_pwdp[0] == '!')
-			continue;
-
-		snprintf(xpath, sizeof(xpath), fmt, spwd->sp_namp);
-		lyd_new_path(*parent, NULL, xpath, spwd->sp_pwdp, 0, 0);
-	}
-	endspent();
-
-	return SR_ERR_OK;
-}
-
 static int change_nacm(sr_session_ctx_t *session, uint32_t sub_id, const char *module,
 		       const char *_, sr_event_t event, unsigned request_id, void *priv)
 {
@@ -1773,46 +1648,24 @@ static int change_hostname(sr_session_ctx_t *session, uint32_t sub_id, const cha
 	return SR_ERR_OK;
 }
 
-static int hostname_cb(sr_session_ctx_t *session, uint32_t sub_id, const char *module,
-		       const char *path, const char *request_path, uint32_t request_id,
-		       struct lyd_node **parent, void *priv)
-{
-	char hostname[128];
-	int rc;
-
-	gethostname(hostname, sizeof(hostname));
-	rc = lyd_new_path(*parent, NULL, path, hostname, 0, NULL);
-	if (rc) {
-		ERROR("Failed building data tree, libyang error %d", rc);
-		rc = SR_ERR_INTERNAL;
-	}
-
-	return rc;
-}
-
 int ietf_system_init(struct confd *confd)
 {
 	int rc;
 
 	os_init();
 
 	REGISTER_CHANGE(confd->session, "ietf-system", XPATH_AUTH_, 0, change_auth, confd, &confd->sub);
-	REGISTER_OPER(confd->session, "ietf-system", PASSWORD_PATH, auth_cb, confd, 0, &confd->sub);
 	REGISTER_MONITOR(confd->session, "ietf-netconf-acm", "/ietf-netconf-acm:nacm//.",
 			 0, change_nacm, confd, &confd->sub);
 
 	REGISTER_CHANGE(confd->session, "ietf-system", XPATH_BASE_"/hostname", 0, change_hostname, confd, &confd->sub);
-	REGISTER_OPER(confd->session, "ietf-system", XPATH_BASE_"/hostname", hostname_cb, confd, 0, &confd->sub);
 	REGISTER_CHANGE(confd->session, "ietf-system", XPATH_BASE_"/infix-system:motd", 0, change_motd, confd, &confd->sub);
 	REGISTER_CHANGE(confd->session, "ietf-system", XPATH_BASE_"/infix-system:motd-banner", 0, change_motd_banner, confd, &confd->sub);
 	REGISTER_CHANGE(confd->session, "ietf-system", XPATH_BASE_"/infix-system:text-editor", 0, change_editor, confd, &confd->sub);
 	REGISTER_CHANGE(confd->session, "ietf-system", XPATH_BASE_"/clock", 0, change_clock, confd, &confd->sub);
 	REGISTER_CHANGE(confd->session, "ietf-system", XPATH_BASE_"/ntp", 0, change_ntp, confd, &confd->sub);
 	REGISTER_CHANGE(confd->session, "ietf-system", XPATH_BASE_"/dns-resolver", 0, change_dns, confd, &confd->sub);
 
-	REGISTER_OPER(confd->session, "ietf-system", CLOCK_PATH_, clock_cb, NULL, 0, &confd->sub);
-	REGISTER_OPER(confd->session, "ietf-system", PLATFORM_PATH_, platform_cb, NULL, 0, &confd->sub);
-
 	REGISTER_RPC(confd->session, "/ietf-system:system-restart",  rpc_exec, "reboot", &confd->sub);
 	REGISTER_RPC(confd->session, "/ietf-system:system-shutdown", rpc_exec, "poweroff", &confd->sub);
 	REGISTER_RPC(confd->session, "/ietf-system:set-current-datetime", rpc_set_datetime, NULL, &confd->sub);

src/statd/README.md

@@ -0,0 +1,62 @@
+# Introduction
+Statd is designed to be integrated into Infix and supply the operational
+database with data. To do this it uses companion binaries written in
+python, these are located in the `python` directory.
+
+
+## Run outside Infix
+### Prerequisites
+There are some requirements set on your computer to run statd locally.
+
+ - An Ubuntu based system
+ - lldpd
+ - python3
+ - [libite](https://github.com/troglobit/libite)
+ - [libsrx](https://github.com/kernelkit/infix/tree/main/src/libsrx)
+ - python-poetry
+ - [sysrepo](https://github.com/sysrepo/sysrepo) (At least the same version as Infix)
+ - [libyang](https://github.com/CESNET/libyang) (At least the same version as Infix)
+
+
+### Install YANG modules in local sysrepo
+This requires that you first build Infix, since netopeer2 and sysrepo are responsible
+for installing their own YANG files.
+
+```bash
+user@host ~/infix$ export TARGET_DIR="output/target/"
+user@host ~/infix$ export NETOPEER2_SEARCHPATH=$TARGET_DIR/usr/share/yang/modules/netopeer2/
+user@host ~/infix$ export SYSREPO_SEARCHPATH=$TARGET_DIR/usr/share/yang/modules/sysrepo/
+user@host ~/infix$ export LIBNETCONF2_SEARCHPATH=$TARGET_DIR/usr/share/yang/modules/libnetconf2/
+user@host ~/infix$ export CONFD_SEARCHPATH=$TARGET_DIR/usr/share/yang/modules/confd/
+user@host ~/infix$ export TEST_MODE_SEARCHPATH=$TARGET_DIR/usr/share/yang/modules/test-mode/
+user@host ~/infix$ export ROUSETTE_SEARCHPATH=$TARGET_DIR/usr/share/yang/modules/rousette/
+user@host ~/infix$ export SEARCH_PATH="$NETOPEER2_SEARCHPATH $SYSREPO_SEARCHPATH $LIBNETCONF2_SEARCHPATH $CONFD_SEARCHPATH $TEST_MODE_SEARCHPATH $ROUSETTE_SEARCHPATH"
+
+user@host ~/infix$ ./utils/srload src/confd/yang/sysrepo.inc
+user@host ~/infix$ ./utils/srload src/confd/yang/libnetconf2.inc
+user@host ~/infix$ ./utils/srload src/confd/yang/netopeer2.inc
+user@host ~/infix$ ./utils/srload src/confd/yang/confd.inc
+user@host ~/infix$ ./utils/srload src/confd/yang/rousette.inc
+user@host ~/infix$ ./utils/srload src/confd/yang/test-mode.inc
+```
+
+### Build and install python companion binaries
+```bash
+user@host ~/infix/src/statd/python$ ./local_install.sh
+```
+This will install the binaries in ~/.local/bin
+
+### Build and install statd
+
+```bash
+user@host ~/infix/src/statd$ ./configure --with-yanger-dir=$HOME/.local/bin
+user@host ~/infix/src/statd$ make
+user@host ~/infix/src/statd$ sudo make install
+```
+
+### Running statd
+Since the `yanger` binary, for example, reads the shadow database, you
+can expect different results if running `statd` as root or not.
+```bash
+user@host ~/infix/src/statd$ statd
+```

src/statd/configure.ac

@@ -17,6 +17,15 @@ AC_ARG_ENABLE(containers,
         AS_HELP_STRING([--enable-containers], [Enable support for containers]),,[
 	enable_containers=no])
 
+AC_ARG_WITH([yanger-dir],
+  [AS_HELP_STRING([--with-yanger-dir=DIR],
+    [specify the path to yanger])],
+  [YANGER_DIR="$withval"],
+  [YANGER_DIR="/usr/libexec/statd"])
+
+# Define YANGER_DIR for use in C code
+AC_DEFINE_UNQUOTED([YANGER_DIR], ["$YANGER_DIR"], [Path to yanger])
+
 # C defines
 AS_IF([test "x$enable_containers" = "xyes"], [
         AC_DEFINE(CONTAINERS, 1, [Built with container support])])
@@ -73,6 +82,7 @@ cat <<EOF
   Exec prefix...........: $eprefix
   Sysconfdir............: `eval echo $sysconfdir`
   Localstatedir.........: `eval echo $localstatedir`
+  Yangerdir.............: $YANGER_DIR
   Default fstab.........: `eval echo $fstab`
   System environment....: ${sysconfig_path:-${sysconfig}}
   C Compiler............: $CC $CFLAGS $CPPFLAGS $LDFLAGS $LIBS