commit | 989bd1459989f83d3b5079654119ddbf10823fad | [log] [tgz] |
---|---|---|
author | Jan Kundrát <kundrat@cesnet.cz> | Fri Feb 05 14:17:24 2021 +0100 |
committer | Jan Kundrát <kundrat@cesnet.cz> | Fri Feb 05 19:17:27 2021 +0100 |
tree | c0bfd361012bb58d0ecb4085e0099629c491a265 | |
parent | c12ce5aed218ba9057f73c585dd9ab9c6f448f09 [diff] [blame] |
Switch the local CLI to use NETCONF over Unix socket Without this patch, any local user could well reboot the box via an RPC. That's not what we want. Because sysrepo doesn't do NACM these days, but delegates that to the netopeer2-server instead, we have to talk NETCONF in order to validate everything. Of course this currently Doesn't Work At All™ because netopeer2-server segfaults, but hey, that's another problem. Bug: https://github.com/CESNET/netopeer2/issues/821 Bug: https://github.com/sysrepo/sysrepo/issues/2312 Change-Id: I9c100fd73f11b4b6c759ee382e82c9e75f3cea8f
diff --git a/board/czechlight/common/overlay/usr/bin/netconf-cli-local b/board/czechlight/common/overlay/usr/bin/netconf-cli-local new file mode 100755 index 0000000..9fd260e --- /dev/null +++ b/board/czechlight/common/overlay/usr/bin/netconf-cli-local
@@ -0,0 +1,2 @@ +#!/bin/sh +exec /usr/bin/netconf-cli --socket /var/run/netopeer2-server.sock