mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
synced 2025-01-22 07:53:11 -05:00
91ae69c7ed
Align permissions of the resulting .nmconnection file, instead of
the input file from hv_kvp_daemon. To avoid the tiny time frame
where the output file is world-readable, use umask instead of chmod.
Fixes: 42999c9046
("hv/hv_kvp_daemon:Support for keyfile based connection profile")
Signed-off-by: Olaf Hering <olaf@aepfle.de>
Reviewed-by: Shradha Gupta <shradhagupta@linux.microsoft.com>
Link: https://lore.kernel.org/r/20241016143521.3735-1-olaf@aepfle.de
Signed-off-by: Wei Liu <wei.liu@kernel.org>
Message-ID: <20241016143521.3735-1-olaf@aepfle.de>
92 lines
2.4 KiB
Bash
Executable file
92 lines
2.4 KiB
Bash
Executable file
#!/bin/bash
|
|
# SPDX-License-Identifier: GPL-2.0
|
|
|
|
# This example script activates an interface based on the specified
|
|
# configuration.
|
|
#
|
|
# In the interest of keeping the KVP daemon code free of distro specific
|
|
# information; the kvp daemon code invokes this external script to configure
|
|
# the interface.
|
|
#
|
|
# The only argument to this script is the configuration file that is to
|
|
# be used to configure the interface.
|
|
#
|
|
# Each Distro is expected to implement this script in a distro specific
|
|
# fashion. For instance, on Distros that ship with Network Manager enabled,
|
|
# this script can be based on the Network Manager APIs for configuring the
|
|
# interface.
|
|
#
|
|
# This example script is based on a RHEL environment.
|
|
#
|
|
# Here is the ifcfg format of the ip configuration file:
|
|
#
|
|
# HWADDR=macaddr
|
|
# DEVICE=interface name
|
|
# BOOTPROTO=<protocol> (where <protocol> is "dhcp" if DHCP is configured
|
|
# or "none" if no boot-time protocol should be used)
|
|
#
|
|
# IPADDR0=ipaddr1
|
|
# IPADDR1=ipaddr2
|
|
# IPADDRx=ipaddry (where y = x + 1)
|
|
#
|
|
# NETMASK0=netmask1
|
|
# NETMASKx=netmasky (where y = x + 1)
|
|
#
|
|
# GATEWAY=ipaddr1
|
|
# GATEWAYx=ipaddry (where y = x + 1)
|
|
#
|
|
# DNSx=ipaddrx (where first DNS address is tagged as DNS1 etc)
|
|
#
|
|
# IPV6 addresses will be tagged as IPV6ADDR, IPV6 gateway will be
|
|
# tagged as IPV6_DEFAULTGW and IPV6 NETMASK will be tagged as
|
|
# IPV6NETMASK.
|
|
#
|
|
# Here is the keyfile format of the ip configuration file:
|
|
#
|
|
# [ethernet]
|
|
# mac-address=macaddr
|
|
# [connection]
|
|
# interface-name=interface name
|
|
#
|
|
# [ipv4]
|
|
# method=<protocol> (where <protocol> is "auto" if DHCP is configured
|
|
# or "manual" if no boot-time protocol should be used)
|
|
#
|
|
# address1=ipaddr1/plen
|
|
# address2=ipaddr2/plen
|
|
#
|
|
# gateway=gateway1;gateway2
|
|
#
|
|
# dns=dns1;
|
|
#
|
|
# [ipv6]
|
|
# address1=ipaddr1/plen
|
|
# address2=ipaddr2/plen
|
|
#
|
|
# gateway=gateway1;gateway2
|
|
#
|
|
# dns=dns1;dns2
|
|
#
|
|
# The host can specify multiple ipv4 and ipv6 addresses to be
|
|
# configured for the interface. Furthermore, the configuration
|
|
# needs to be persistent. A subsequent GET call on the interface
|
|
# is expected to return the configuration that is set via the SET
|
|
# call.
|
|
#
|
|
|
|
echo "IPV6INIT=yes" >> $1
|
|
echo "NM_CONTROLLED=no" >> $1
|
|
echo "PEERDNS=yes" >> $1
|
|
echo "ONBOOT=yes" >> $1
|
|
|
|
cp $1 /etc/sysconfig/network-scripts/
|
|
|
|
umask 0177
|
|
interface=$(echo $2 | awk -F - '{ print $2 }')
|
|
filename="${2##*/}"
|
|
|
|
sed '/\[connection\]/a autoconnect=true' $2 > /etc/NetworkManager/system-connections/${filename}
|
|
|
|
|
|
/sbin/ifdown $interface 2>/dev/null
|
|
/sbin/ifup $interface 2>/dev/null
|