From 0b8b503ca4bec75c8c3fdde87cf0858c300c5c98 Mon Sep 17 00:00:00 2001 From: SviatoslavBoichuk Date: Tue, 16 Apr 2024 11:49:30 +0300 Subject: [PATCH] [Banner] Add new feature including config, yang and tests (#16957) - Why I did it Added Banner feature related services according to HLD: sonic-net/SONiC#1361 - How I did it Added banner-config systemd service, YANG model for new ConfDB table and YANG model tests - How to verify it Manual test Co-authored-by: Sviatoslav Boichuk --- files/build_templates/init_cfg.json.j2 | 8 +++ .../build_templates/sonic_debian_extension.j2 | 7 +++ .../bannerconfig/banner-config.service | 17 +++++++ .../bannerconfig/banner-config.sh | 17 +++++++ files/image_config/bash/bash.bash_logout | 12 +++++ files/image_config/environment/logout_message | 0 src/sonic-yang-models/setup.py | 2 + .../tests/files/sample_config_db.json | 8 +++ .../yang_model_tests/tests/sonic-banner.json | 14 +++++ .../tests_config/sonic-banner.json | 50 ++++++++++++++++++ .../yang-models/sonic-banner.yang | 51 +++++++++++++++++++ 11 files changed, 186 insertions(+) create mode 100644 files/image_config/bannerconfig/banner-config.service create mode 100755 files/image_config/bannerconfig/banner-config.sh create mode 100644 files/image_config/bash/bash.bash_logout create mode 100644 files/image_config/environment/logout_message create mode 100644 src/sonic-yang-models/tests/yang_model_tests/tests/sonic-banner.json create mode 100644 src/sonic-yang-models/tests/yang_model_tests/tests_config/sonic-banner.json create mode 100644 src/sonic-yang-models/yang-models/sonic-banner.yang diff --git a/files/build_templates/init_cfg.json.j2 b/files/build_templates/init_cfg.json.j2 index 9c02de602076..ae382263bb18 100644 --- a/files/build_templates/init_cfg.json.j2 +++ b/files/build_templates/init_cfg.json.j2 @@ -144,6 +144,14 @@ "special_class": "true" } }, + "BANNER_MESSAGE": { + "global": { + "state": "disabled", + "login": "Debian GNU/Linux 11", + "motd": "You are on\n ____ ___ _ _ _ ____\n / ___| / _ \\| \\ | (_)/ ___|\n \\___ \\| | | | \\| | | |\n ___) | |_| | |\\ | | |___\n |____/ \\___/|_| \\_|_|\\____|\n\n-- Software for Open Networking in the Cloud --\n\nUnauthorized access and/or use are prohibited.\nAll access and/or use are subject to monitoring.\n\nHelp: https://sonic-net.github.io/SONiC/\n\n", + "logout": "" + } + }, "SYSTEM_DEFAULTS" : { {%- if include_mux == "y" %} "mux_tunnel_egress_acl": { diff --git a/files/build_templates/sonic_debian_extension.j2 b/files/build_templates/sonic_debian_extension.j2 index 87dd07324f68..9e841e72c52c 100644 --- a/files/build_templates/sonic_debian_extension.j2 +++ b/files/build_templates/sonic_debian_extension.j2 @@ -87,6 +87,7 @@ sudo LANG=C DEBIAN_FRONTEND=noninteractive chroot $FILESYSTEM_ROOT apt-get -y in # Apply environtment configuration files sudo cp $IMAGE_CONFIGS/environment/environment $FILESYSTEM_ROOT/etc/ sudo cp $IMAGE_CONFIGS/environment/motd $FILESYSTEM_ROOT/etc/ +sudo cp $IMAGE_CONFIGS/environment/logout_message $FILESYSTEM_ROOT/etc/ # Create all needed directories sudo mkdir -p $FILESYSTEM_ROOT/etc/sonic/ @@ -228,6 +229,7 @@ sudo dpkg --root=$FILESYSTEM_ROOT -i $debs_path/bash_*.deb || \ # sonic-utilities-data installs bash-completion as a dependency. However, it is disabled by default # in bash.bashrc, so we copy a version of the file with it enabled here. sudo cp -f $IMAGE_CONFIGS/bash/bash.bashrc $FILESYSTEM_ROOT/etc/ +sudo cp -f $IMAGE_CONFIGS/bash/bash.bash_logout $FILESYSTEM_ROOT/etc/ # Install readline's initialization file sudo cp -f $IMAGE_CONFIGS/readline/inputrc $FILESYSTEM_ROOT/etc/ @@ -605,6 +607,11 @@ sudo cp $IMAGE_CONFIGS/hostname/hostname-config.service $FILESYSTEM_ROOT_USR_LIB echo "hostname-config.service" | sudo tee -a $GENERATED_SERVICE_FILE sudo cp $IMAGE_CONFIGS/hostname/hostname-config.sh $FILESYSTEM_ROOT/usr/bin/ +# Copy banner configuration scripts +sudo cp $IMAGE_CONFIGS/bannerconfig/banner-config.service $FILESYSTEM_ROOT_USR_LIB_SYSTEMD_SYSTEM +echo "banner-config.service" | sudo tee -a $GENERATED_SERVICE_FILE +sudo cp $IMAGE_CONFIGS/bannerconfig/banner-config.sh $FILESYSTEM_ROOT/usr/bin/ + # Copy miscellaneous scripts sudo cp $IMAGE_CONFIGS/misc/docker-wait-any $FILESYSTEM_ROOT/usr/bin/ diff --git a/files/image_config/bannerconfig/banner-config.service b/files/image_config/bannerconfig/banner-config.service new file mode 100644 index 000000000000..738b549ba887 --- /dev/null +++ b/files/image_config/bannerconfig/banner-config.service @@ -0,0 +1,17 @@ +[Unit] +Description=Update banner config based on configdb +Requires=config-setup.service +After=config-setup.service +Before=systemd-logind.service sshd.service +BindsTo=database.service +BindsTo=sonic.target + +[Service] +Type=oneshot +RemainAfterExit=no +ExecStart=/usr/bin/banner-config.sh + +[Install] +WantedBy=sonic.target + + diff --git a/files/image_config/bannerconfig/banner-config.sh b/files/image_config/bannerconfig/banner-config.sh new file mode 100755 index 000000000000..b81b342bf52f --- /dev/null +++ b/files/image_config/bannerconfig/banner-config.sh @@ -0,0 +1,17 @@ +#!/bin/bash -e + +STATE=$(sonic-cfggen -d -v 'BANNER_MESSAGE["global"]["state"]') +LOGIN= +MOTD= +LOGOUT= + +if [[ $STATE == "enabled" ]]; then + LOGIN=$(sonic-cfggen -d -v 'BANNER_MESSAGE["global"]["login"]') + MOTD=$(sonic-cfggen -d -v 'BANNER_MESSAGE["global"]["motd"]') + LOGOUT=$(sonic-cfggen -d -v 'BANNER_MESSAGE["global"]["logout"]') + + echo -e "$LOGIN" > /etc/issue.net + echo -e "$LOGIN" > /etc/issue + echo -e "$MOTD" > /etc/motd + echo -e "$LOGOUT" > /etc/logout_message +fi diff --git a/files/image_config/bash/bash.bash_logout b/files/image_config/bash/bash.bash_logout new file mode 100644 index 000000000000..06f2e9062ac8 --- /dev/null +++ b/files/image_config/bash/bash.bash_logout @@ -0,0 +1,12 @@ +LOGOUT_MESSAGE_PATH="/etc/logout_message" +LOGOUT_MESSAGE= + +if [[ -f "$LOGOUT_MESSAGE_PATH" ]]; then + LOGOUT_MESSAGE=$(cat $LOGOUT_MESSAGE_PATH) +fi + +if [[ -n "$LOGOUT_MESSAGE" ]]; then + # Print logout message + echo $LOGOUT_MESSAGE +fi + diff --git a/files/image_config/environment/logout_message b/files/image_config/environment/logout_message new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/src/sonic-yang-models/setup.py b/src/sonic-yang-models/setup.py index 95f98bd53dd8..ada13c2889db 100644 --- a/src/sonic-yang-models/setup.py +++ b/src/sonic-yang-models/setup.py @@ -86,6 +86,7 @@ def run(self): ('yang-models', ['./yang-models/sonic-acl.yang', './yang-models/sonic-auto_techsupport.yang', './yang-models/sonic-bgp-bbr.yang', + './yang-models/sonic-banner.yang', './yang-models/sonic-bgp-common.yang', './yang-models/sonic-bgp-device-global.yang', './yang-models/sonic-bgp-global.yang', @@ -201,6 +202,7 @@ def run(self): './yang-models/sonic-bgp-sentinel.yang', './yang-models/sonic-smart-switch.yang',]), ('cvlyang-models', ['./cvlyang-models/sonic-acl.yang', + './cvlyang-models/sonic-banner.yang', './cvlyang-models/sonic-bgp-common.yang', './cvlyang-models/sonic-bgp-global.yang', './cvlyang-models/sonic-bgp-monitor.yang', diff --git a/src/sonic-yang-models/tests/files/sample_config_db.json b/src/sonic-yang-models/tests/files/sample_config_db.json index 47c0e3ec910c..50ffc18b7b85 100644 --- a/src/sonic-yang-models/tests/files/sample_config_db.json +++ b/src/sonic-yang-models/tests/files/sample_config_db.json @@ -2636,6 +2636,14 @@ "dpu1": { "midplane_interface": "dpu1" } + }, + "BANNER_MESSAGE": { + "global": { + "state": "enabled", + "login": "Some login message", + "motd": "Some message of the day", + "logout": "Some logout message" + } } }, "SAMPLE_CONFIG_DB_UNKNOWN": { diff --git a/src/sonic-yang-models/tests/yang_model_tests/tests/sonic-banner.json b/src/sonic-yang-models/tests/yang_model_tests/tests/sonic-banner.json new file mode 100644 index 000000000000..1da77e05d4fa --- /dev/null +++ b/src/sonic-yang-models/tests/yang_model_tests/tests/sonic-banner.json @@ -0,0 +1,14 @@ +{ + "BANNER_MESSAGE_TEST_STATE": { + "desc": "Configure Banner feature state." + }, + "BANNER_MESSAGE_TEST_LOGIN" : { + "desc": "Banner login messages configuration in BANNER_MESSAGE table." + }, + "BANNER_MESSAGE_TEST_MOTD" : { + "desc": "Banner MOTD messages configuration in BANNER_MESSAGE table." + }, + "BANNER_MESSAGE_TEST_LOGOUT" : { + "desc": "Banner logout messages configuration in BANNER_MESSAGE table." + } +} diff --git a/src/sonic-yang-models/tests/yang_model_tests/tests_config/sonic-banner.json b/src/sonic-yang-models/tests/yang_model_tests/tests_config/sonic-banner.json new file mode 100644 index 000000000000..daf5dda4eea6 --- /dev/null +++ b/src/sonic-yang-models/tests/yang_model_tests/tests_config/sonic-banner.json @@ -0,0 +1,50 @@ +{ + "BANNER_MESSAGE_TEST_STATE": { + "sonic-banner:sonic-banner": { + "sonic-banner:BANNER_MESSAGE": { + "global": { + "state": "enabled", + "login": "Some login message", + "motd": "Some message of the day", + "logout": "Some logout message" + } + } + } + }, + "BANNER_MESSAGE_TEST_LOGIN": { + "sonic-banner:sonic-banner": { + "sonic-banner:BANNER_MESSAGE": { + "global": { + "state": "enabled", + "login": "Some login message", + "motd": "Some message of the day", + "logout": "Some logout message" + } + } + } + }, + "BANNER_MESSAGE_TEST_MOTD": { + "sonic-banner:sonic-banner": { + "sonic-banner:BANNER_MESSAGE": { + "global": { + "state": "enabled", + "login": "Some login message", + "motd": "Some message of the day", + "logout": "Some logout message" + } + } + } + }, + "BANNER_MESSAGE_TEST_LOGOUT": { + "sonic-banner:sonic-banner": { + "sonic-banner:BANNER_MESSAGE": { + "global": { + "state": "enabled", + "login": "Some login message", + "motd": "Some message of the day", + "logout": "Some logout message" + } + } + } + } +} diff --git a/src/sonic-yang-models/yang-models/sonic-banner.yang b/src/sonic-yang-models/yang-models/sonic-banner.yang new file mode 100644 index 000000000000..938f15ac5fcb --- /dev/null +++ b/src/sonic-yang-models/yang-models/sonic-banner.yang @@ -0,0 +1,51 @@ +module sonic-banner { + yang-version 1.1; + namespace "http://github.com/sonic-net/sonic-banner"; + prefix banner_message; + + import sonic-types { + prefix stypes; + } + + description "BANNER_MESSAGE YANG Module for SONiC-based OS"; + revision 2023-05-18 { + description "First Revision"; + } + container sonic-banner { + container BANNER_MESSAGE { + description "BANNER_MESSAGE part of config_db.json"; + container global { + leaf state { + type stypes:admin_mode; + description "Banner feature state"; + default disabled; + } + leaf login { + type string; + description "Banner message displayed to user before login prompt"; + default "Debian GNU/Linux 11"; + } + leaf motd { + type string; + description "Banner message displayed to user after login prompt"; + default "You are on + ____ ___ _ _ _ ____ + / ___| / _ \\| \\ | (_)/ ___| + \\___ \\| | | | \\| | | | + ___) | |_| | |\\ | | |___ + |____/ \\___/|_| \\_|_|\\____| + -- Software for Open Networking in the Cloud -- + Unauthorized access and/or use are prohibited. + All access and/or use are subject to monitoring. + Help: https://sonic-net.github.io/SONiC/ + "; + } + leaf logout { + type string; + description "Banner message dispalyed to the users on logout"; + default ""; + } + } /* end of container MESSAGE */ + } /* end of container BANNER_MESSAGE */ + } /* end of top level container */ +}