T7384: Radius patch for Dns-Server-IPv6-Address attribute - accel-ppp #926
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This adds the ability to pull IPv6 DNS servers from the radius response not just hard coded in the config file Bit of background: https://www.hardill.me.uk/wordpress/2020/03/22/contributing-to-accel-ppp/
AlexIT-FT
requested review from
dmbaturin,
sarthurdev,
jestabro,
sever-sever and
c-po
|
❌ |
AlexIT-FT
changed the title
AlexIT-FT
changed the title
sever-sever
approved these changes
Mar 26, 2025
|
It is a nice practice to create a feature request from https://vyos.dev/ |
|
@sever-sever |
sever-sever
approved these changes
Mar 27, 2025
There was a problem hiding this comment.
Approved as it was tested by users, ref accel-ppp/accel-ppp#69
|
@AlexIT-FT Your vyos.dev account is active. Could you please create a task and include its number in the commit message and the PR title? Then we can merge the PR. |
AlexIT-FT
changed the title
dmbaturin
previously requested changes
Apr 22, 2025
I'm sorry for my ineptitude, but it's my first time. |
In the git tool (console/terminal) |
This adds the ability to pull IPv6 DNS servers from the radius response not just hard coded in the config file Bit of background: https://www.hardill.me.uk/wordpress/2020/03/22/contributing-to-accel-ppp/
This adds the ability to pull IPv6 DNS servers from the radius response not just hard coded in the config file Bit of background: https://www.hardill.me.uk/wordpress/2020/03/22/contributing-to-accel-ppp/
AlexIT-FT
changed the title
This adds the ability to pull IPv6 DNS servers from the radius response not just hard coded in the config file Bit of background: https://www.hardill.me.uk/wordpress/2020/03/22/contributing-to-accel-ppp/
This adds the ability to pull IPv6 DNS servers from the radius response not just hard coded in the config file Bit of background: https://www.hardill.me.uk/wordpress/2020/03/22/contributing-to-accel-ppp/
This adds the ability to pull IPv6 DNS servers from the radius response not just hard coded in the config file Bit of background: https://www.hardill.me.uk/wordpress/2020/03/22/contributing-to-accel-ppp/
This adds the ability to pull IPv6 DNS servers from the radius response not just hard coded in the config file Bit of background: https://www.hardill.me.uk/wordpress/2020/03/22/contributing-to-accel-ppp/
I tried many times in several ways (cli, web, ...) but the result is always the same.
The error is always relate to the very first commit message.
What am I messing up ? |
dmbaturin
approved these changes
Apr 24, 2025
github-actions
bot
added
the
mirror-initiated
vyosbot
added
mirror-completed
and removed
mirror-initiated
0x20000
added a commit
to 0x20000/vyos-build
that referenced
this pull request
Jun 13, 2025
* T4409: Fix Framed-Route with attr Accel-VRF-Name If you use attribute Accel-VRF-Name we are expecting a route in a specific VRF, the cuurent implementation set the Framed-Route/Framed-IPv6-Route to the default VRf (no VRF) Fixes this, so routes are installed in the proper VRF name * build: T7372: correctly quote lb_config arguments * radvd: T7376: upgrade package to v2.20 * T7334: pr mirror trigger workflow added with label creation permission for default github token * T7367: syslog.service links to rsyslog.service - thus disable it, too The default syslog implementation should make syslog.service a symlink to itself, so that this socket activates the right actual syslog service. As rsyslog service is already disabled - also take care of the linked service. * packages: T7347: Update prometheus exporters * Kernel: T5887: update Linux Kernel to v6.6.87 * T7384: Radius patch for Dns-Server-IPv6-Address attribute - accel-ppp (vyos#926) * Add 0002-Radius-Dns-Server-IPv6-Address.patch This adds the ability to pull IPv6 DNS servers from the radius response not just hard coded in the config file * build: T7399: remove the APT option to allow downgrades It doesn't appear necessary anymore, if it ever was * T7405: add missing dependency kpartx for all archs Signed-off-by: Date Huang <tjjh89017@hotmail.com> * T7406: add virtio-gpu and pl011 console support for arm64 Signed-off-by: Date Huang <tjjh89017@hotmail.com> * T7407: fix the incorrect url for arm64 salt pkgs Signed-off-by: Date Huang <tjjh89017@hotmail.com> * build: T7409: do not include MD5 checksums in the ISO image * Kernel: T5887: update Linux Kernel to v6.6.89 * Kernel: T7428: remove io_uring support Given the recent chatter about io_uring and it flaws - e.g. [1] - and we have to my knowledge no use for it we should remove it from the Kernel configuration. Every feature not used and removed from the Kernel is a good one. 1: https://www.armosec.io/blog/io_uring-rootkit-bypasses-linux-security/ * systemd: T7356: use short service names to avoid truncation The issue ONLY appears on small terminals where systemd automatically truncates the lines to match the terminal width - so far so good. The BUG is, if truncation happens in the service name which is BOLD you're pretty much screwed, as truncation will not reset the color. We can set StatusUnitFormat=description in /etc/systemd/system.conf which will not print the service long description to avoid truncation making the boot a little less verbose. This actually restores the behavior of VyOS 1.3 * build: T6949: add missing build trigger for blackbox exporter Commit d6fab6c ("T6949: Adds build for blackbox exporter deb package") added the general requirements for a package build - but it missed the trigger for changes within the build ocnfiguration dir. * Add macOS Finder .DS_Store to .gitignore file * Kernel: T5887: update Linux Kernel to v6.6.90 * Docker: T7253: remove Kernel build dependencies to shrink container image Move the Kernel build dependencies to package.toml to unbload the build container even more. * Kernel: T7253: build linux-perf-$version package Previous patch was removed during VyOS 1.3 -> 1.4 development cycle as the internal handling for Kernel package generation changed. This brings back the perf binary in a new linux-perf-$KERNELVERSION Debian package. * docker: T7450: use PCRE2 for vyos-utils and libvyosconfig * Docker: T7253: re-add build-essential dependency for vyos-1x vyshim consists out of C code which needs the build-essential package. * T1771: enable "reboot-on-upgrade-failure" for new VyOS installations * T7445: added open prs conflict checker caller workflow * T7321: enable vyos-commitd.service for intial testing * T7352: add test script arg for testing under vyconfd/commitd * T7494: FRR add missing build bison and liblua dependencies * T7494: FRR add build dependency flex libelf-dev * packages: T7490: add build files for udp-broadcast-relay * Kernel: T5887: update Linux Kernel to v6.6.92 * Kernel: T7428: re-enable CONFIG_INOTIFY_STACKFS Kernel compile time option for our custom patch to enable inotify on stackable filesystems accidently got removed in commit cfdd445 ("Kernel: T7428: remove io_uring support"). Option was re-enabled. * T7453: Enhance raw/qcow2 image creation Description This pull request introduces improvements to the raw_image.py script responsible for building raw disk images in the VyOS build process. Main Changes Added use of kpartx to reliably map EFI and root partitions from the loop device. Introduced disk_details as an attribute on the BuildContext object to pass partition metadata through the image build steps. Improved the __exit__ method for BuildContext to unmount all mount points and clean up kpartx mappings and loop devices, even in failure cases. Fixed a crash in mount_image() when con.disk_details was not set. Added useful debug logs for loop device usage and partition mapping. Motivation The previous implementation assumed partitions like /dev/loopXp3 would appear automatically, which is unreliable across some environments (especially containers or newer systems). This PR makes the process more reliable by explicitly mapping partitions with kpartx, a tool designed for this purpose. It also ensures proper resource cleanup by unmounting and detaching everything cleanly, preventing leaked loop devices or stale mount points. Test Instructions Flavor : cloud-init.toml packages = [ "cloud-init", "qemu-guest-agent" ] image_format = ["qcow2"] disk_size = 10 [boot_settings] console_type = "ttyS0" Run: sudo ./build-vyos-image --architecture amd64 \ --build-by "you@example.com" \ --reuse-iso vyos-1.5-rolling-*.iso \ cloud-init Expected behavior: The build completes without errors. The .qcow2 image file is generated and bootable (e.g., in KVM or Proxmox). Partitions are mounted correctly via /dev/mapper/loopXp*. Signed-off-by: Gabin-CC <gabin.laurent@rte-international.com> * T7453: handle dynamic partition mapping in raw image build Enhanced the raw image creation logic to dynamically detect and assign EFI and root partitions based on the number of partitions created by kpartx. - Supports both 2-partition and 3-partition layouts - Adds debug output for mapped partitions - Avoids hardcoded assumptions about partition order - Improves resilience in cloud-init and containerized build contexts Fixes build failure when /dev/loopXp3 is missing or not mapped properly. Signed-off-by: Gabin-CC <gabin.laurent@rte-international.com> * T7535: aws-gwlbtun: add cmake for depend Signed-off-by: Date Huang <tjjh89017@hotmail.com> * T7530: Build package binaries script should exit if repo is absent The build package binaries script should exit if the repo is absent or cannot be cloned If a build package `repo-a` depends on the `repo-b` and the `repo-b` cannot be cloned, then we shoud exit from the script to avoid partly build dependencies For example: ``` [[packages]] name = "fake-repo" commit_id = "v0.0.1" scm_url = "https://github.com/vyos/fake-repo" [[packages]] name = "ethtool" commit_id = "debian/1%6.10-1" scm_url = "https://salsa.debian.org/kernel-team/ethtool" ``` If ethtool depends on some fake-package and this package cannot be downloaded from the repo, then we shouldn't build the ethtool package at all. * Remove an emoji from an error message * Remove an emoji from an error message * T7534: netfilter: add asciidoc-base,bison as build depend Signed-off-by: Date Huang <tjjh89017@hotmail.com> * Remove a stray debug output * Kernel: T5887: update Linux Kernel to v6.6.93 * Kernel: T7539: add option to only install build dependencies for development * Kernel: T7539: compile in WWAN drivers and not use loadable modules --------- Signed-off-by: Date Huang <tjjh89017@hotmail.com> Signed-off-by: Gabin-CC <gabin.laurent@rte-international.com> Co-authored-by: Viacheslav Hletenko <v.gletenko@vyos.io> Co-authored-by: Daniil Baturin <daniil@baturin.org> Co-authored-by: Ryan Zuwala <ryanzuwala@gmail.com> Co-authored-by: kumvijaya <kuvmijaya@gmail.com> Co-authored-by: Christian Breunig <christian@vyos.io> Co-authored-by: Christian Breunig <christian@breunig.cc> Co-authored-by: Nicolas Vollmar <nvo@scaling.ch> Co-authored-by: AlexIT-FT <67157447+AlexIT-FT@users.noreply.github.com> Co-authored-by: Daniil Baturin <daniil@vyos.io> Co-authored-by: Date Huang <tjjh89017@hotmail.com> Co-authored-by: John Estabrook <jestabro@vyos.io> Co-authored-by: Yevhen Bondarenko <evgeniy.bondarenko@sentrium.io> Co-authored-by: Gabin-CC <gabin.laurent@rte-international.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This adds the ability to pull IPv6 DNS servers from the radius response not just hard coded in the config file
Bit of background: https://www.hardill.me.uk/wordpress/2020/03/22/contributing-to-accel-ppp/
All credits to Ben Hardill
Change summary
Just to manage the attribute Dns-Server-IPv6-Address from Radius
Types of changes
Related Task(s)
T7384 accel-ppp: Radius patch for Dns-Server-IPv6-Address attribute
Related PR(s)
Checklist: