experiments/clixon
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

System-only 7.2 adjustment mismatching yang revisions after branch merge

Browse source
This commit is contained in:
Olof hagsand 2024-10-29 10:08:37 +01:00
parent 69b65ad13d
commit 7b01b029a4
6 changed files with 149 additions and 106 deletions
Download patch file Download diff file Expand all files Collapse all files

15
CHANGELOG.md
View file

@ -24,12 +24,19 @@ Expected: January 2025
* New `CLICON_XMLDB_SYSTEM_ONLY_CONFIG` configuration option * New `CLICON_XMLDB_SYSTEM_ONLY_CONFIG` configuration option
* New `system-only-config` extension * New `system-only-config` extension
* New `ca_system_only` backend callback for reading system-only data * New `ca_system_only` backend callback for reading system-only data
* Changed C-API: add `system-only` parameter with default value `0` last: * New `clixon-config@2024-08-01.yang` revision
* `clixon_json2file()` -> `clixon_json2file(,0)` * Added: `CLICON_XMLDB_SYSTEM_ONLY_CONFIG`
* `clixon_json2cbuf()` -> `clixon_json2cbuf(,0)`
### C/CLI-API changes on existing features
Developers may need to change their code
* Changed C-API: add `system-only` parameter with default value `0` last:
* `clixon_json2file()` -> `clixon_json2file(,0)`
* `clixon_json2cbuf()` -> `clixon_json2cbuf(,0)`
### Corrected Bugs ### Corrected Bugs
* Fixed: [string length validation doesn't work for the entry "" in case it has default value specified](https://github.com/clicon/clixon/issues/563) * Fixed: [string length validation doesn't work for the entry "" in case it has default value specified](https://github.com/clicon/clixon/issues/563)
* Fixed: [SNMP: snmpwalk is slow and can timeout](https://github.com/clicon/clixon/issues/404) * Fixed: [SNMP: snmpwalk is slow and can timeout](https://github.com/clicon/clixon/issues/404)

4
test/config.sh.in
View file

@ -73,8 +73,8 @@ DATASTORE_TOP="config"
# clixon yang revisions occuring in tests (see eg yang/clixon/Makefile.in) # clixon yang revisions occuring in tests (see eg yang/clixon/Makefile.in)
CLIXON_AUTOCLI_REV="2024-08-01" CLIXON_AUTOCLI_REV="2024-08-01"
CLIXON_LIB_REV="2024-08-01" CLIXON_LIB_REV="2024-11-01"
CLIXON_CONFIG_REV="2024-08-01" CLIXON_CONFIG_REV="2024-11-01"
CLIXON_RESTCONF_REV="2022-08-01" CLIXON_RESTCONF_REV="2022-08-01"
CLIXON_EXAMPLE_REV="2022-11-01" CLIXON_EXAMPLE_REV="2022-11-01"

4
yang/clixon/Makefile.in
View file

@ -42,8 +42,8 @@ datarootdir = @datarootdir@
YANG_INSTALLDIR = @YANG_INSTALLDIR@ YANG_INSTALLDIR = @YANG_INSTALLDIR@
# Note: mirror these to test/config.sh.in # Note: mirror these to test/config.sh.in
YANGSPECS = clixon-config@2024-08-01.yang # 7.2 YANGSPECS = clixon-config@2024-11-01.yang # 7.3
YANGSPECS += clixon-lib@2024-08-01.yang # 7.2 YANGSPECS += clixon-lib@2024-11-01.yang # 7.3
YANGSPECS += clixon-rfc5277@2008-07-01.yang YANGSPECS += clixon-rfc5277@2008-07-01.yang
YANGSPECS += clixon-xml-changelog@2019-03-21.yang YANGSPECS += clixon-xml-changelog@2019-03-21.yang
YANGSPECS += clixon-restconf@2022-08-01.yang # 5.9 YANGSPECS += clixon-restconf@2022-08-01.yang # 5.9

10
yang/clixon/clixon-config@2024-08-01.yang
View file

@ -54,7 +54,6 @@ module clixon-config {
"Added options: "Added options:
CLICON_YANG_DOMAIN_DIR CLICON_YANG_DOMAIN_DIR
CLICON_YANG_USE_ORIGINAL CLICON_YANG_USE_ORIGINAL
CLICON_XMLDB_SYSTEM_ONLY_CONFIG (tentative)
Released in Clixon 7.2"; Released in Clixon 7.2";
} }
revision 2024-04-01 { revision 2024-04-01 {
@ -1195,15 +1194,6 @@ module clixon-config {
May not work together with CLICON_BACKEND_PRIVILEGES=drop and root, since May not work together with CLICON_BACKEND_PRIVILEGES=drop and root, since
new files need to be created in XMLDB_DIR"; new files need to be created in XMLDB_DIR";
} }
leaf CLICON_XMLDB_SYSTEM_ONLY_CONFIG {
type boolean;
default true;
description
"If set, some fields in the configuration tree are not stored to datastore.
Instead, the application must provide a mechanism to save the system-only-config
in the system via commit/system-only-config callbacks.
See also extension system-only-config in clixon-lib.yang";
}
leaf CLICON_XML_CHANGELOG { leaf CLICON_XML_CHANGELOG {
type boolean; type boolean;
default false; default false;

216
yang/clixon/clixon-config@2024-04-01.yang → yang/clixon/clixon-config@2024-11-01.yang
View file

@ -23,7 +23,7 @@ module clixon-config {
***** BEGIN LICENSE BLOCK ***** ***** BEGIN LICENSE BLOCK *****
Copyright (C) 2009-2019 Olof Hagsand Copyright (C) 2009-2019 Olof Hagsand
Copyright (C) 2020-2022 Olof Hagsand and Rubicon Communications, LLC(Netgate) Copyright (C) 2020-2022 Olof Hagsand and Rubicon Communications, LLC(Netgate)
This file is part of CLIXON This file is part of CLIXON
Licensed under the Apache License, Version 2.0 (the \"License\"); Licensed under the Apache License, Version 2.0 (the \"License\");
@ -41,7 +41,7 @@ module clixon-config {
in which case the provisions of the GPL are applicable instead in which case the provisions of the GPL are applicable instead
of those above. If you wish to allow use of your version of this file only of those above. If you wish to allow use of your version of this file only
under the terms of the GPL, and not to allow others to under the terms of the GPL, and not to allow others to
use your version of this file under the terms of Apache License version 2, use your version of this file under the terms of Apache License version 2,
indicate your decision by deleting the provisions above and replace them with indicate your decision by deleting the provisions above and replace them with
the notice and other provisions required by the GPL. If you do not delete the notice and other provisions required by the GPL. If you do not delete
the provisions above, a recipient may use your version of this file under the provisions above, a recipient may use your version of this file under
@ -49,6 +49,20 @@ module clixon-config {
***** END LICENSE BLOCK *****"; ***** END LICENSE BLOCK *****";
revision 2024-11-01 {
description
"Added options:
CLICON_XMLDB_SYSTEM_ONLY_CONFIG
Released in Clixon 7.3";
}
revision 2024-08-01 {
description
"Added options:
CLICON_YANG_DOMAIN_DIR
CLICON_YANG_USE_ORIGINAL
CLICON_XMLDB_SYSTEM_ONLY_CONFIG (tentative)
Released in Clixon 7.2";
}
revision 2024-04-01 { revision 2024-04-01 {
description description
"Added options: "Added options:
@ -70,7 +84,7 @@ module clixon-config {
Marked as obsolete: Marked as obsolete:
CLICON_DATASTORE_CACHE CLICON_DATASTORE_CACHE
CLICON_NETCONF_CREATOR_ATTR CLICON_NETCONF_CREATOR_ATTR
Changed semantics of Changed semantics of
Released in Clixon 7.0"; Released in Clixon 7.0";
} }
revision 2023-11-01 { revision 2023-11-01 {
@ -207,7 +221,7 @@ module clixon-config {
} }
revision 2020-11-03 { revision 2020-11-03 {
description description
"Added CLICON_BACKEND_RESTCONF_PROCESS "Added CLICON_BACKEND_RESTCONF_PROCESS
Copied to clixon-restconf.yang and marked as obsolete: Copied to clixon-restconf.yang and marked as obsolete:
CLICON_RESTCONF_IPV4_ADDR CLICON_RESTCONF_IPV4_ADDR
CLICON_RESTCONF_IPV6_ADDR CLICON_RESTCONF_IPV6_ADDR
@ -224,9 +238,9 @@ module clixon-config {
} }
revision 2020-08-17 { revision 2020-08-17 {
description description
"Added: CLICON_RESTCONF_IPV4_ADDR, CLICON_RESTCONF_IPV6_ADDR, "Added: CLICON_RESTCONF_IPV4_ADDR, CLICON_RESTCONF_IPV6_ADDR,
CLICON_RESTCONF_HTTP_PORT, CLICON_RESTCONF_HTTPS_PORT CLICON_RESTCONF_HTTP_PORT, CLICON_RESTCONF_HTTPS_PORT
CLICON_NAMESPACE_NETCONF_DEFAULT, CLICON_NAMESPACE_NETCONF_DEFAULT,
CLICON_CLI_HELPSTRING_TRUNCATE, CLICON_CLI_HELPSTRING_LINES"; CLICON_CLI_HELPSTRING_TRUNCATE, CLICON_CLI_HELPSTRING_LINES";
} }
revision 2020-06-17 { revision 2020-06-17 {
@ -260,8 +274,8 @@ module clixon-config {
} }
revision 2019-06-05 { revision 2019-06-05 {
description description
"Added: CLICON_YANG_REGEXP, CLICON_CLI_TAB_MODE, "Added: CLICON_YANG_REGEXP, CLICON_CLI_TAB_MODE,
CLICON_CLI_HIST_FILE, CLICON_CLI_HIST_SIZE, CLICON_CLI_HIST_FILE, CLICON_CLI_HIST_SIZE,
CLICON_XML_CHANGELOG, CLICON_XML_CHANGELOG_FILE; CLICON_XML_CHANGELOG, CLICON_XML_CHANGELOG_FILE;
Renamed CLICON_XMLDB_CACHE to CLICON_DATASTORE_CACHE (changed type) Renamed CLICON_XMLDB_CACHE to CLICON_DATASTORE_CACHE (changed type)
Deleted: CLICON_XMLDB_PLUGIN, CLICON_USE_STARTUP_CONFIG"; Deleted: CLICON_XMLDB_PLUGIN, CLICON_USE_STARTUP_CONFIG";
@ -323,7 +337,7 @@ module clixon-config {
description "No cache always work directly with file"; description "No cache always work directly with file";
} }
enum cache{ enum cache{
description "Use in-memory cache. description "Use in-memory cache.
Make copies when accessing internally."; Make copies when accessing internally.";
} }
enum cache-zerocopy{ enum cache-zerocopy{
@ -360,7 +374,7 @@ module clixon-config {
type enumeration{ type enumeration{
enum posix { enum posix {
description description
"Translate XSD XML Schema regexp:s to Posix regexp. This is "Translate XSD XML Schema regexp:s to Posix regexp. This is
not a complete translation, but can be considered good-enough not a complete translation, but can be considered good-enough
for Yang use-cases as defined by openconfig and yang-models for Yang use-cases as defined by openconfig and yang-models
for example."; for example.";
@ -369,7 +383,7 @@ module clixon-config {
description description
"Use libxml2 XSD XML Schema regexp engine. This is a complete "Use libxml2 XSD XML Schema regexp engine. This is a complete
XSD regexp engine.. XSD regexp engine..
Requires libxml2 to be available at configure time Requires libxml2 to be available at configure time
(HAVE_LIBXML2 should be set)"; (HAVE_LIBXML2 should be set)";
} }
} }
@ -396,7 +410,7 @@ module clixon-config {
typedef nacm_cred_mode{ typedef nacm_cred_mode{
description description
"How NACM user should be matched with unix socket peer credentials. "How NACM user should be matched with unix socket peer credentials.
This means nacm user must match socket peer user accessing the This means nacm user must match socket peer user accessing the
backend socket. For IP sockets only mode none makes sense."; backend socket. For IP sockets only mode none makes sense.";
type enumeration{ type enumeration{
enum none { enum none {
@ -473,32 +487,19 @@ module clixon-config {
*:<feature> means enable the specific feature in all modules"; *:<feature> means enable the specific feature in all modules";
type string; type string;
} }
leaf-list CLICON_YANG_DIR {
ordered-by user;
type string;
description
"Yang directory path for finding module and submodule files.
A list of these options should be in the configuration.
When loading a Yang module, Clixon searches this list in the order
they appear.
Note since Clixon 5.4 such a directory is searched recursively, not just the
directory itself.
Ensure that YANG_INSTALLDIR (default
/usr/local/share/clixon) is present in the path";
}
/* Configuration */ /* Configuration */
leaf CLICON_CONFIGFILE{ leaf CLICON_CONFIGFILE{
type string; type string;
description description
"Location of the main configuration-file. "Location of the main configuration-file.
Default is CLIXON_DEFAULT_CONFIG=/usr/local/etc/clicon.xml set in configure. Default is CLIXON_DEFAULT_CONFIG=/usr/local/etc/clicon.xml set in configure.
Note that due to bootstrapping, this value is not actually read from file Note that due to bootstrapping, this value is not actually read from file
and therefore a default value would be meaningless."; and therefore a default value would be meaningless.";
} }
leaf CLICON_CONFIGDIR{ leaf CLICON_CONFIGDIR{
type string; type string;
description description
"Location of directory of extra configuration files. "Location of directory of extra configuration files.
If not given, only main configfile is read. If not given, only main configfile is read.
If given, and if the directory exists, all files in this directory will be loaded If given, and if the directory exists, all files in this directory will be loaded
AFTER the main config file (CLICON_CONFIGFILE) in the following way: AFTER the main config file (CLICON_CONFIGFILE) in the following way:
@ -515,12 +516,25 @@ module clixon-config {
type string; type string;
description description
"If specified load an application-specific configuration YANG that overrides "If specified load an application-specific configuration YANG that overrides
this config. this config.
Normally, that YANG imports clixon-config. Normally, that YANG imports clixon-config.
This field is a 'bootstrap' field. This field is a 'bootstrap' field.
"; ";
} }
/* YANG */ /* YANG */
leaf-list CLICON_YANG_DIR {
ordered-by user;
type string;
description
"Yang directory path for finding module and submodule files.
A list of these options should be in the configuration.
When loading a Yang module, Clixon searches this list in the order
they appear.
Note since Clixon 5.4 such a directory is searched recursively, not just the
directory itself.
Ensure that YANG_INSTALLDIR (default
/usr/local/share/clixon) is present in the path";
}
leaf CLICON_YANG_MAIN_FILE { leaf CLICON_YANG_MAIN_FILE {
type string; type string;
description description
@ -534,16 +548,28 @@ module clixon-config {
"If given, load all modules in this directory (all .yang files) "If given, load all modules in this directory (all .yang files)
See also CLICON_YANG_DIR which specifies a path of dirs"; See also CLICON_YANG_DIR which specifies a path of dirs";
} }
leaf CLICON_YANG_DOMAIN_DIR {
type string;
description
"Virtual domain directory for RFC 8528 mount-points.
If set and domain is given, instead of loading from CLICON_YANG_MAIN_DIR,
look for .yang files first in CLICON_YANG_DOMAIN_DIR/domain,
where domain is given as yangmnt:mount-point <domain>;
Useful in eg mountpoints where another YANG domain may be required,
even isolated from the main YANG context, as well as from other moint-points.
Note that CLICON_YANG_DIR that may be given as library YANGs are not isolated.
If not set, use CLICON_YANG_MAIN_DIR as default.";
}
leaf CLICON_YANG_MODULE_MAIN { leaf CLICON_YANG_MODULE_MAIN {
type string; type string;
description description
"Option used to construct initial yang file: "Option used to construct initial yang file:
<module>[@<revision>]"; <module>[@<revision>]";
} }
leaf CLICON_YANG_MODULE_REVISION { leaf CLICON_YANG_MODULE_REVISION {
type string; type string;
description description
"Option used to construct initial yang file: "Option used to construct initial yang file:
<module>[@<revision>]. <module>[@<revision>].
Used together with CLICON_YANG_MODULE_MAIN"; Used together with CLICON_YANG_MODULE_MAIN";
} }
@ -577,7 +603,7 @@ module clixon-config {
"YANG schema mount, RFC 8528. "YANG schema mount, RFC 8528.
When enabled, mount-points as defined by the 'yangmnt:mount-point' extension can When enabled, mount-points as defined by the 'yangmnt:mount-point' extension can
be populated by other YANGs than the root. be populated by other YANGs than the root.
This is controlled by the ca_yang_mount plugin callback by returning a assigning a This is controlled by the ca_yang_mount plugin callback by returning a assigning a
yanglib module-set section that corresponds to the mounted YANGs. yanglib module-set section that corresponds to the mounted YANGs.
Also, schema mount statistics is added to state data Also, schema mount statistics is added to state data
Further, autocli syntax is added by definining a tree resolve wrapper"; Further, autocli syntax is added by definining a tree resolve wrapper";
@ -623,6 +649,17 @@ module clixon-config {
See also CLICON_XMLDB_MODSTATE where the module state info is used to tag datastores See also CLICON_XMLDB_MODSTATE where the module state info is used to tag datastores
with module information."; with module information.";
} }
leaf CLICON_YANG_USE_ORIGINAL{
type boolean;
default false;
description
"YANG memory optimization.
If set, for a selected set of YANG nodes, (see uses_orig_ptr()):
For augmented and grouping/uses, use original YANG node instead of the derived node.
This is safe if all content of derived node is not changed (eg read-only).
It is not safe if the derived node is in some way different than the original node.
";
}
/* Backend */ /* Backend */
leaf CLICON_BACKEND_DIR { leaf CLICON_BACKEND_DIR {
type string; type string;
@ -688,7 +725,7 @@ module clixon-config {
default false; default false;
description description
"This option relates to RFC 6241 Sec 8.1 Capabilies Exchange where it says: "This option relates to RFC 6241 Sec 8.1 Capabilies Exchange where it says:
When the NETCONF session is opened, each peer (both client and server) MUST When the NETCONF session is opened, each peer (both client and server) MUST
send a <hello> element... send a <hello> element...
If true, an RPC can be processed directly with no preceeding hello message. If true, an RPC can be processed directly with no preceeding hello message.
This is legacy clixon but invalid according to the RFC. This is legacy clixon but invalid according to the RFC.
@ -711,9 +748,9 @@ module clixon-config {
type int32; type int32;
default 1; default 1;
description description
"This option relates to RFC6241 Sec 8.1 capabilities exchange. "This option relates to RFC6241 Sec 8.1 capabilities exchange.
This number is the highest netconf base capability announced during This number is the highest netconf base capability announced during
the hello protocol. the hello protocol.
Specifically, If the option number is 0, only 'urn:ietf:params:netconf:base:1.0' Specifically, If the option number is 0, only 'urn:ietf:params:netconf:base:1.0'
is announced, if it is 1, both 'urn:ietf:params:netconf:base:1.0' and is announced, if it is 1, both 'urn:ietf:params:netconf:base:1.0' and
'urn:ietf:params:netconf:base:1.1' are announced. 'urn:ietf:params:netconf:base:1.1' are announced.
@ -727,10 +764,10 @@ module clixon-config {
description description
"If set, clixon will accept the 'creator' attribute as defined by the "If set, clixon will accept the 'creator' attribute as defined by the
creator annotation in clixon-lib. creator annotation in clixon-lib.
It can be used when several clients (such as a 'service') can create the same object. It can be used when several clients (such as a 'service') can create the same object.
If one such client/service is deleted, the object is deleted only if all services If one such client/service is deleted, the object is deleted only if all services
that created the object are deleted. that created the object are deleted.
The clixon controller uses this feature, but could in principle be used by other The clixon controller uses this feature, but could in principle be used by other
applications. applications.
Marked as obsolete in 7.0 since creators attribute replaced by clixon-lib creators Marked as obsolete in 7.0 since creators attribute replaced by clixon-lib creators
config"; config";
@ -781,16 +818,16 @@ module clixon-config {
leaf CLICON_RESTCONF_INSTALLDIR { leaf CLICON_RESTCONF_INSTALLDIR {
type string; type string;
description description
"If set, path to dir of clixon-restconf daemon binary as used by backend if "If set, path to dir of clixon-restconf daemon binary as used by backend if
started internally (run-time). started internally (run-time).
If this path is not set, clixon_restconf will be looked for according to If this path is not set, clixon_restconf will be looked for according to
configured installdir: $(sbindir) (install-time) configured installdir: $(sbindir) (install-time)
Since programs can be moved around at install/cross-compile time the installed Since programs can be moved around at install/cross-compile time the installed
dir may be difficult to know at install time, which is the reason why dir may be difficult to know at install time, which is the reason why
CLICON_RESTCONF_INSTALLDIR exists, in order to override the Makefile CLICON_RESTCONF_INSTALLDIR exists, in order to override the Makefile
installdir. installdir.
Note on the installdir, DESTDIR is not included since according to man pages: Note on the installdir, DESTDIR is not included since according to man pages:
by specifying DESTDIR should not change the operation of the software in by specifying DESTDIR should not change the operation of the software in
any way, so its value should not be included in any file contents. "; any way, so its value should not be included in any file contents. ";
} }
leaf CLICON_RESTCONF_STARTUP_DONTUPDATE { leaf CLICON_RESTCONF_STARTUP_DONTUPDATE {
@ -807,7 +844,7 @@ module clixon-config {
} }
leaf CLICON_RESTCONF_USER { leaf CLICON_RESTCONF_USER {
type string; type string;
description description
"Run clixon_daemon as this user "Run clixon_daemon as this user
When drop privileges is used, the daemon will drop privileges to this user. When drop privileges is used, the daemon will drop privileges to this user.
In pre-5.2 code this was configured as compile-time constant WWWUSER with In pre-5.2 code this was configured as compile-time constant WWWUSER with
@ -818,8 +855,8 @@ module clixon-config {
leaf CLICON_RESTCONF_PRIVILEGES { leaf CLICON_RESTCONF_PRIVILEGES {
type priv_mode; type priv_mode;
default drop_perm; default drop_perm;
description description
"Restconf privileges mode. "Restconf privileges mode.
If drop_perm or drop_temp then drop privileges to CLICON_RESTCONF_USER. If drop_perm or drop_temp then drop privileges to CLICON_RESTCONF_USER.
If the platform does not support getresuid and accompanying functions, the mode If the platform does not support getresuid and accompanying functions, the mode
must be set to 'none'. must be set to 'none'.
@ -833,7 +870,7 @@ module clixon-config {
If false, disable direct and upgrade for plain(non-tls) HTTP/2. If false, disable direct and upgrade for plain(non-tls) HTTP/2.
If true, allow direct and upgrade for plain(non-tls) HTTP/2. If true, allow direct and upgrade for plain(non-tls) HTTP/2.
It may especially useful to disable in http/1 + http/2 mode to avoid the complex It may especially useful to disable in http/1 + http/2 mode to avoid the complex
upgrade/switch from http/1 to http/2. upgrade/switch from http/1 to http/2.
Note this also disables plain http/2 in prior-knowledge, that is, in http/2-only mode. Note this also disables plain http/2 in prior-knowledge, that is, in http/2-only mode.
HTTP/2 in https(TLS) is unaffected"; HTTP/2 in https(TLS) is unaffected";
} }
@ -846,9 +883,9 @@ module clixon-config {
If the value is not set (or other value), Clixon closes the socket(reset) If the value is not set (or other value), Clixon closes the socket(reset)
If the value is 'http/1.1' then HTTP/1.1 is selected If the value is 'http/1.1' then HTTP/1.1 is selected
If the value is 'http/2' then HTTP/2 is selected If the value is 'http/2' then HTTP/2 is selected
Note that if Clixon is configured for only HTTP/1 (--disable-nghttp2), Note that if Clixon is configured for only HTTP/1 (--disable-nghttp2),
then HTTP/1 is selected if the client does not use ALPN. then HTTP/1 is selected if the client does not use ALPN.
Likewise, if Clixon is configured for only HTTP/2 (--disable-http1), Likewise, if Clixon is configured for only HTTP/2 (--disable-http1),
then HTTP/2 is selected if the client does not use ALPN. then HTTP/2 is selected if the client does not use ALPN.
This option does not apply for plain (non-TLS) HTTP"; This option does not apply for plain (non-TLS) HTTP";
} }
@ -859,11 +896,11 @@ module clixon-config {
description description
"URI match for http-data serving files specified by CLICON_HTTP_DATA_ROOT. "URI match for http-data serving files specified by CLICON_HTTP_DATA_ROOT.
Must start with / (example: /) Must start with / (example: /)
Restconf paths at /restconf is always done before data (or streams) Restconf paths at /restconf is always done before data (or streams)
The PATH is appended to CLICON_HTTP_DATA_ROOT to find a file. The PATH is appended to CLICON_HTTP_DATA_ROOT to find a file.
Example, if PATH is /data and ROOT is /www, and a GET /index.html, the Example, if PATH is /data and ROOT is /www, and a GET /index.html, the
corresponding file is '/www/data/index.html' corresponding file is '/www/data/index.html'
Both feature clixon-restconf:http-data and restconf/enable-http-data Both feature clixon-restconf:http-data and restconf/enable-http-data
must be enabled for this match to occur."; must be enabled for this match to occur.";
} }
leaf CLICON_HTTP_DATA_ROOT{ leaf CLICON_HTTP_DATA_ROOT{
@ -872,22 +909,22 @@ module clixon-config {
default "/var/www"; default "/var/www";
description description
"Location in file system where http-data files are looked for. "Location in file system where http-data files are looked for.
Soft links, '..', '~' etc are not followed. Soft links, '..', '~' etc are not followed.
See also CLICON_HTTP_DATA_PATH See also CLICON_HTTP_DATA_PATH
Both feature clixon-restconf:http-data and restconf/enable-http-data Both feature clixon-restconf:http-data and restconf/enable-http-data
must be enabled for this match to occur."; must be enabled for this match to occur.";
} }
/* Clixon CLI */ /* Clixon CLI */
leaf CLICON_CLI_DIR { leaf CLICON_CLI_DIR {
type string; type string;
description description
"Directory containing frontend cli loadable plugins. Load all .so "Directory containing frontend cli loadable plugins. Load all .so
plugins in this directory as CLI object plugins"; plugins in this directory as CLI object plugins";
} }
leaf CLICON_CLISPEC_DIR { leaf CLICON_CLISPEC_DIR {
type string; type string;
description description
"Directory containing frontend cligen spec files. Load all .cli "Directory containing frontend cligen spec files. Load all .cli
files in this directory as CLI specification files. files in this directory as CLI specification files.
See also CLICON_CLISPEC_FILE."; See also CLICON_CLISPEC_FILE.";
} }
@ -908,7 +945,7 @@ module clixon-config {
type int32; type int32;
default 1; default 1;
description description
"Dont include keys in cvec in cli vars callbacks, "Dont include keys in cvec in cli vars callbacks,
ie a & k in 'a <b> k <c>' ignored ie a & k in 'a <b> k <c>' ignored
(consider boolean)"; (consider boolean)";
} }
@ -917,7 +954,7 @@ module clixon-config {
default 1; default 1;
description description
"Set to 0 if you want CLI INPUT to wrap to next line. "Set to 0 if you want CLI INPUT to wrap to next line.
Set to 1 if you want CLI INPUT to scroll sideways when approaching Set to 1 if you want CLI INPUT to scroll sideways when approaching
right margin"; right margin";
} }
leaf CLICON_CLI_LINES_DEFAULT { leaf CLICON_CLI_LINES_DEFAULT {
@ -950,7 +987,7 @@ module clixon-config {
default 0; default 0;
description description
"Set to 1 to enable CLIgen UTF-8 experimental mode. "Set to 1 to enable CLIgen UTF-8 experimental mode.
Note that this feature is EXPERIMENTAL and may not properly handle Note that this feature is EXPERIMENTAL and may not properly handle
scrolling, control characters, etc scrolling, control characters, etc
(consider boolean)"; (consider boolean)";
} }
@ -965,7 +1002,7 @@ module clixon-config {
type int32; type int32;
default 300; default 300;
description description
"Number of lines to save in CLI history. "Number of lines to save in CLI history.
Also, if CLICON_CLI_HIST_FILE is set, also the size in lines Also, if CLICON_CLI_HIST_FILE is set, also the size in lines
of the saved history."; of the saved history.";
} }
@ -973,9 +1010,9 @@ module clixon-config {
type uint32; type uint32;
default 256; default 256;
description description
"CLIgen buffer (cbuf) initial size. "CLIgen buffer (cbuf) initial size.
When the buffer needs to grow, the allocation grows quadratic up to a threshold When the buffer needs to grow, the allocation grows quadratic up to a threshold
after which linear growth continues. after which linear growth continues.
See CLICON_CLI_BUF_THRESHOLD"; See CLICON_CLI_BUF_THRESHOLD";
} }
leaf CLICON_CLI_BUF_THRESHOLD { leaf CLICON_CLI_BUF_THRESHOLD {
@ -1001,16 +1038,16 @@ module clixon-config {
default 0; default 0;
description description
"CLIgen help string on query (?) limit of number of lines to show, 0 means unlimited. "CLIgen help string on query (?) limit of number of lines to show, 0 means unlimited.
This only applies if you have multi-line help strings, such as when generating This only applies if you have multi-line help strings, such as when generating
from a spec, such as in the autocli."; from a spec, such as in the autocli.";
} }
leaf CLICON_CLI_EXPAND_LEAFREF { leaf CLICON_CLI_EXPAND_LEAFREF {
type boolean; type boolean;
default false; default false;
description description
"If true, then CLI expansion of leafrefs (in expand_dbvar) are done using the "If true, then CLI expansion of leafrefs (in expand_dbvar) are done using the
source values, not the references. source values, not the references.
This applies to the autocli but also in a handcrafted CLI if expand_dbvar is used. This applies to the autocli but also in a handcrafted CLI if expand_dbvar is used.
Example, assume ifref with leafref pointing to source if values: Example, assume ifref with leafref pointing to source if values:
<if>a</if><if>b</if><if>c</if> <if>a</if><if>b</if><if>c</if>
<ifref>b</ifref> <ifref>b</ifref>
@ -1033,7 +1070,7 @@ module clixon-config {
"Address family for communicating with clixon_backend with one of: "Address family for communicating with clixon_backend with one of:
Note IPv6 not implemented. Note IPv6 not implemented.
Note that UNIX socket makes credential check as follows: Note that UNIX socket makes credential check as follows:
(1) client needs rw access to the socket (1) client needs rw access to the socket
(2) NACM credentials can be checked according to CLICON_NACM_CREDENTIALS (2) NACM credentials can be checked according to CLICON_NACM_CREDENTIALS
Warning: Only UNIX (not IPv4) sockets have credential mechanism. Warning: Only UNIX (not IPv4) sockets have credential mechanism.
"; ";
@ -1053,14 +1090,14 @@ module clixon-config {
type int32; type int32;
default 4535; default 4535;
description description
"Inet socket port for communicating with clixon_backend "Inet socket port for communicating with clixon_backend
(only IPv4|IPv6)"; (only IPv4|IPv6)";
} }
leaf CLICON_SOCK_GROUP { leaf CLICON_SOCK_GROUP {
type string; type string;
default "clicon"; default "clicon";
description description
"Group membership to access clixon_backend unix socket and gid for "Group membership to access clixon_backend unix socket and gid for
deamon"; deamon";
} }
leaf CLICON_SOCK_PRIO { leaf CLICON_SOCK_PRIO {
@ -1079,7 +1116,7 @@ module clixon-config {
type int32; type int32;
default 0; default 0;
description description
"Set if all configuration changes are committed automatically "Set if all configuration changes are committed automatically
on every edit change. Explicit commit commands unnecessary on every edit change. Explicit commit commands unnecessary
If confirm-commit, follow RESTCONF semantics: commit ephemeral but fail on If confirm-commit, follow RESTCONF semantics: commit ephemeral but fail on
persistent confirming commit. persistent confirming commit.
@ -1090,7 +1127,7 @@ module clixon-config {
default false; default false;
description description
"Set if all edit-config implicitly locks without the need of an explicit lock-db "Set if all edit-config implicitly locks without the need of an explicit lock-db
In short, the lock is obtained by edit-config and copy-config and released by In short, the lock is obtained by edit-config and copy-config and released by
discard and commit. discard and commit.
Also, any edits in candidate are discarded if the client closes the connection. Also, any edits in candidate are discarded if the client closes the connection.
This effectively disables shared candidate"; This effectively disables shared candidate";
@ -1100,7 +1137,7 @@ module clixon-config {
type datastore_cache; type datastore_cache;
default cache; default cache;
description description
"Clixon datastore cache behaviour. There are three values: no cache, "Clixon datastore cache behaviour. There are three values: no cache,
cache with copy, or cache without copy. cache with copy, or cache without copy.
Note: 'cache' is default value and supported with regressions etc. Note: 'cache' is default value and supported with regressions etc.
Others are experimental (in Clixon 5.5) Others are experimental (in Clixon 5.5)
@ -1126,7 +1163,7 @@ module clixon-config {
type boolean; type boolean;
default true; default true;
description description
"XMLDB datastore pretty print. "XMLDB datastore pretty print.
If set, insert spaces and line-feeds making the XML/JSON human If set, insert spaces and line-feeds making the XML/JSON human
readable. If not set, make the XML/JSON more compact."; readable. If not set, make the XML/JSON more compact.";
} }
@ -1134,7 +1171,7 @@ module clixon-config {
type boolean; type boolean;
default false; default false;
description description
"If set, tag datastores with RFC 8525 YANG Module Library "If set, tag datastores with RFC 8525 YANG Module Library
info. info.
By default, modstate is added last in datastore. By default, modstate is added last in datastore.
When loaded at startup, a check is made if the system When loaded at startup, a check is made if the system
@ -1145,7 +1182,7 @@ module clixon-config {
default true; default true;
description description
"Controls behavior of check of startup in upgrade scenarios. "Controls behavior of check of startup in upgrade scenarios.
If set, yang bind and check datastore syntax against the old Yang. If set, yang bind and check datastore syntax against the old Yang.
The old yang must be accessible via YANG_DIR. The old yang must be accessible via YANG_DIR.
Will fail startup if old yang not found or if old config does not match. Will fail startup if old yang not found or if old config does not match.
If not set, no yang check of old config is made until it is upgraded to new yang."; If not set, no yang check of old config is made until it is upgraded to new yang.";
@ -1164,6 +1201,15 @@ module clixon-config {
May not work together with CLICON_BACKEND_PRIVILEGES=drop and root, since May not work together with CLICON_BACKEND_PRIVILEGES=drop and root, since
new files need to be created in XMLDB_DIR"; new files need to be created in XMLDB_DIR";
} }
leaf CLICON_XMLDB_SYSTEM_ONLY_CONFIG {
type boolean;
default true;
description
"If set, some fields in the configuration tree are not stored to datastore.
Instead, the application must provide a mechanism to save the system-only-config
in the system via commit/system-only-config callbacks.
See also extension system-only-config in clixon-lib.yang";
}
leaf CLICON_XML_CHANGELOG { leaf CLICON_XML_CHANGELOG {
type boolean; type boolean;
default false; default false;
@ -1183,8 +1229,8 @@ module clixon-config {
"Validate user state callback content. "Validate user state callback content.
AND NETCONF reply sanity (misnomer) AND NETCONF reply sanity (misnomer)
Users may register state callbacks using ca_statedata callback Users may register state callbacks using ca_statedata callback
When set, the XML returned from the callback is validated after merging with When set, the XML returned from the callback is validated after merging with
the running db. If it fails, an internal error is returned to the originating the running db. If it fails, an internal error is returned to the originating
user. user.
If the option is not set, the XML returned by the user is not validated. If the option is not set, the XML returned by the user is not validated.
Note that enabling currently causes a large performance overhead for large Note that enabling currently causes a large performance overhead for large
@ -1198,7 +1244,7 @@ module clixon-config {
"Debug option. "Debug option.
If >0, make a check of resources before and after each plugin callback code If >0, make a check of resources before and after each plugin callback code
to check if the plugin violated resources. to check if the plugin violated resources.
This is primarily intended for development and debugging but may also be enabled This is primarily intended for development and debugging but may also be enabled
in a running system. in a running system.
If 1, errors will be logged to syslog as WARNINGs. If 1, errors will be logged to syslog as WARNINGs.
If 2, the program will abort using assert() on first error If 2, the program will abort using assert() on first error
@ -1215,7 +1261,7 @@ module clixon-config {
description description
"Local/global flag for dlopen as described in the man page. "Local/global flag for dlopen as described in the man page.
This applies to the opening of all clixon plugins (backend/cli/netconf/restconf) This applies to the opening of all clixon plugins (backend/cli/netconf/restconf)
when loading the shared .so file with dlopen. when loading the shared .so file with dlopen.
If false: Symbols defined in this shared object are not made available to resolve If false: Symbols defined in this shared object are not made available to resolve
references in subsequently loaded shared objects (default). references in subsequently loaded shared objects (default).
If true: The symbols defined by this shared object will be made available for symbol res If true: The symbols defined by this shared object will be made available for symbol res
@ -1227,7 +1273,7 @@ module clixon-config {
description description
"Undefine if you want to ensure strict namespace assignment on all netconf "Undefine if you want to ensure strict namespace assignment on all netconf
and XML statements according to the standard RFC 6241. and XML statements according to the standard RFC 6241.
If defined, top-level rpc calls need not have namespaces (eg using xmlns=<ns>) If defined, top-level rpc calls need not have namespaces (eg using xmlns=<ns>)
since the default NETCONF namespace will be assumed. (This is not standard). since the default NETCONF namespace will be assumed. (This is not standard).
See rfc6241 3.1: urn:ietf:params:xml:ns:netconf:base:1.0."; See rfc6241 3.1: urn:ietf:params:xml:ns:netconf:base:1.0.";
} }
@ -1248,7 +1294,7 @@ module clixon-config {
type nacm_mode; type nacm_mode;
default disabled; default disabled;
description description
"RFC8341 network access configuration control model (NACM) mode: disabled, "RFC8341 network access configuration control model (NACM) mode: disabled,
in regular (internal) config or separate external file given by CLICON_NACM_FILE"; in regular (internal) config or separate external file given by CLICON_NACM_FILE";
} }
leaf CLICON_NACM_FILE { leaf CLICON_NACM_FILE {
@ -1279,7 +1325,7 @@ module clixon-config {
default false; default false;
description description
"RFC 8341 and ietf-netconf-acm@2018-02-14.yang defines enable-nacm as true by "RFC 8341 and ietf-netconf-acm@2018-02-14.yang defines enable-nacm as true by
default. Since also write-default is deny by default it leads to that empty default. Since also write-default is deny by default it leads to that empty
configs can not be edited. configs can not be edited.
This means that a startup config must always have a NACM configuration or This means that a startup config must always have a NACM configuration or
that the NACM recovery session is used to edit an empty config. that the NACM recovery session is used to edit an empty config.
@ -1291,11 +1337,11 @@ module clixon-config {
default "0"; default "0";
description description
"Only if CLICON_YANG_LIBRARY enabled. "Only if CLICON_YANG_LIBRARY enabled.
Contains a server-specific identifier representing the current set of modules Contains a server-specific identifier representing the current set of modules
and submodules. The server MUST change the value of this leaf if the and submodules. The server MUST change the value of this leaf if the
information represented by the 'module' list instances has changed. information represented by the 'module' list instances has changed.
The /yang-library/content-id state-data leaf is set with this value The /yang-library/content-id state-data leaf is set with this value
If CLICON_MODULE_LIBRARY_RFC7895 is enabled, it sets the modules-state/module-set-id If CLICON_MODULE_LIBRARY_RFC7895 is enabled, it sets the modules-state/module-set-id
instead"; instead";
} }
/* Notification streams */ /* Notification streams */
@ -1330,8 +1376,8 @@ module clixon-config {
type string; type string;
default "https://localhost"; default "https://localhost";
description "Prepend this to CLICON_STREAM_PATH to form URL. description "Prepend this to CLICON_STREAM_PATH to form URL.
See RFC 8040 Sec 9.3 location leaf: See RFC 8040 Sec 9.3 location leaf:
'Contains a URL that represents the entry point for 'Contains a URL that represents the entry point for
establishing notification delivery via server-sent events.' establishing notification delivery via server-sent events.'
Prepend this constant to name of stream. Prepend this constant to name of stream.
Example: https://localhost/streams/NETCONF. Note this is the Example: https://localhost/streams/NETCONF. Note this is the
@ -1344,7 +1390,7 @@ module clixon-config {
description "For stream publish using eg nchan, the base address description "For stream publish using eg nchan, the base address
to publish to. Example value: http://localhost/pub to publish to. Example value: http://localhost/pub
Example: stream NETCONF would then be pushed to Example: stream NETCONF would then be pushed to
http://localhost/pub/NETCONF. http://localhost/pub/NETCONF.
Note this may be a local/provate URL behind reverse-proxy. Note this may be a local/provate URL behind reverse-proxy.
If not given, do NOT enable stream publishing using NCHAN."; If not given, do NOT enable stream publishing using NCHAN.";
} }
@ -1380,14 +1426,14 @@ module clixon-config {
type uint32; type uint32;
default 0; default 0;
description description
"Length limitation of debug and log strings. "Length limitation of debug and log strings.
Especially useful for dynamic debug strings, such as packet dumps. Especially useful for dynamic debug strings, such as packet dumps.
0 means no limit"; 0 means no limit";
} }
/* SNMP */ /* SNMP */
leaf-list CLICON_SNMP_MIB { leaf-list CLICON_SNMP_MIB {
description description
"Names of MIBs that are used by clixon_snmp. "Names of MIBs that are used by clixon_snmp.
For each MIB M, a YANG file M.yang is expected to be found. For each MIB M, a YANG file M.yang is expected to be found.
If not found, an error is genereated. If not found, an error is genereated.
The YANG file M.yang is typically generated from the source MIB but can also The YANG file M.yang is typically generated from the source MIB but can also

6
yang/clixon/clixon-lib@2024-08-01.yang → yang/clixon/clixon-lib@2024-11-01.yang
View file

@ -69,10 +69,10 @@ module clixon-lib {
- link # For split multiple XML files - link # For split multiple XML files
"; ";
revision 2024-08-01 { revision 2024-11-01 {
description description
"Added: system-only-config extension (tentative) "Added: system-only-config extension
Released in Clixon 7.2"; Released in Clixon 7.3";
} }
revision 2024-04-01 { revision 2024-04-01 {
description description