experiments/clixon
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

* New clixon-config@2020-06-17.yang revision

Browse source 
* Added CLICON_CLI_LINES_DEFAULT for setting window row size of raw terminals
  * Added  enum HIDE to CLICON_CLI_GENMODEL for auto-cli
This commit is contained in:
Olof hagsand 2020-06-18 11:28:47 +02:00
parent fade9dcfd5
commit ee29452d24
11 changed files with 37 additions and 767 deletions
Download patch file Download diff file Expand all files Collapse all files

7
CHANGELOG.md
View file

@ -42,13 +42,16 @@ Expected: July 2020
### API changes on existing protocol/config features (For users) ### API changes on existing protocol/config features (For users)
* Restconf FCGI (eg via nginx) have changed reply message syntax slightly as follows (due to refactoring and common code with evhtp): * New clixon-config@2020-06-17.yang revision
* Added CLICON_CLI_LINES_DEFAULT for setting window row size of raw terminals
* Added enum HIDE to CLICON_CLI_GENMODEL for auto-cli
* Restconf FCGI (eg via nginx) have changed reply message syntax slightly as follows (due to refactoring and common code with evhtp):
* Bodies in error reyruns including html code have been removed * Bodies in error reyruns including html code have been removed
* Some (extra) CRLF:s have been removed * Some (extra) CRLF:s have been removed
### C/CLI-API changes on existing features (For developers) ### C/CLI-API changes on existing features (For developers)
* Added new cli show functions to work with cligen_output for cligen pageing to work. To acheive this, add a callback function as follows: * Added new cli show functions to work with cligen_output for cligen pageing to work. To achieve this, replace function calls as follows:
* xml2txt(...) --> xml2txt_cb(..., cligen_output) * xml2txt(...) --> xml2txt_cb(..., cligen_output)
* xml2cli(...) --> xml2cli_cb(..., cligen_output) * xml2cli(...) --> xml2cli_cb(..., cligen_output)
* clicon_xml2file(...) --> clicon_xml2file_cb(..., cligen_output) * clicon_xml2file(...) --> clicon_xml2file_cb(..., cligen_output)

10
apps/cli/cli_main.c
View file

@ -398,7 +398,8 @@ main(int argc,
/* In the startup, logs to stderr & debug flag set later */ /* In the startup, logs to stderr & debug flag set later */
clicon_log_init(__PROGRAM__, LOG_INFO, logdst); clicon_log_init(__PROGRAM__, LOG_INFO, logdst);
/* Initiate CLICON handle */
/* Initiate CLICON handle. CLIgen is also initialized */
if ((h = cli_handle_init()) == NULL) if ((h = cli_handle_init()) == NULL)
goto done; goto done;
@ -557,6 +558,13 @@ main(int argc,
cligen_bufthreshold = clicon_option_int(h, "CLICON_CLI_BUF_THRESHOLD"); cligen_bufthreshold = clicon_option_int(h, "CLICON_CLI_BUF_THRESHOLD");
cbuf_alloc_set(cligen_buflen, cligen_bufthreshold); cbuf_alloc_set(cligen_buflen, cligen_bufthreshold);
/* Init row numbers for raw terminals */
if (clicon_option_exists(h, "CLICON_CLI_LINES_DEFAULT")){
int rows;
rows = clicon_option_int(h, "CLICON_CLI_LINES_DEFAULT");
cligen_terminal_rows_set(cli_cligen(h), rows);
}
if (clicon_yang_regexp(h) == REGEXP_LIBXML2){ if (clicon_yang_regexp(h) == REGEXP_LIBXML2){
#ifdef HAVE_LIBXML2 #ifdef HAVE_LIBXML2
/* Enable XSD libxml2 regex engine */ /* Enable XSD libxml2 regex engine */

1
apps/restconf/restconf_api.c
View file

@ -64,3 +64,4 @@
#include "restconf_lib.h" #include "restconf_lib.h"
#include "restconf_api.h" #include "restconf_api.h"
/* empty */

5
doc/DEVELOP.md
View file

@ -149,3 +149,8 @@ Merge a branch back:
## Use of constants etc ## Use of constants etc
Use MAXPATHLEN (not PATH_MAX) Use MAXPATHLEN (not PATH_MAX)
## Emulating a serial console
olof@alarik> socat PTY,link=/tmp/clixon-tty,rawer EXEC:"/usr/local/bin/clixon_cli -f /usr/local/etc/example.xml",pty,stderr &
olof@alarik> screen /tmp/clixon-tty

2
lib/src/clixon_json.c
View file

@ -1429,7 +1429,7 @@ clixon_json_parse_file(int fd,
} }
break; break;
} }
if (len>=jsonbuflen-1){ /* Space: one for the null character */ if (len >= jsonbuflen-1){ /* Space: one for the null character */
oldjsonbuflen = jsonbuflen; oldjsonbuflen = jsonbuflen;
jsonbuflen *= 2; jsonbuflen *= 2;
if ((jsonbuf = realloc(jsonbuf, jsonbuflen)) == NULL){ if ((jsonbuf = realloc(jsonbuf, jsonbuflen)) == NULL){

6
lib/src/clixon_options.c
View file

@ -443,7 +443,7 @@ clicon_options_main(clicon_handle h)
* @param[in] h clicon_handle * @param[in] h clicon_handle
* @param[in] name option name * @param[in] name option name
* @retval !=0 option exists * @retval !=0 option exists
* @retval 0 option does not exists * @retval 0 option does not exist
*/ */
int int
clicon_option_exists(clicon_handle h, clicon_option_exists(clicon_handle h,
@ -496,10 +496,10 @@ clicon_option_str_set(clicon_handle h,
* *
* @param[in] h clicon handle * @param[in] h clicon handle
* @param[in] name name of option * @param[in] name name of option
* @retval int An integer as aresult of atoi * @retval int An integer as a result of atoi
* @retval -1 If option does not exist * @retval -1 If option does not exist
* @code * @code
* if (clicon_option_exists(h, "X") * if (clicon_option_exists(h, "X"))
* return clicon_option_int(h, "X"); * return clicon_option_int(h, "X");
* else * else
* return 0; * return 0;

2
lib/src/clixon_xml_io.c
View file

@ -648,7 +648,7 @@ clixon_xml_parse_file(int fd,
failed++; failed++;
break; break;
} }
if (len>=xmlbuflen-1){ /* Space: one for the null character */ if (len >= xmlbuflen-1){ /* Space: one for the null character */
oldxmlbuflen = xmlbuflen; oldxmlbuflen = xmlbuflen;
xmlbuflen *= 2; xmlbuflen *= 2;
if ((xmlbuf = realloc(xmlbuf, xmlbuflen)) == NULL){ if ((xmlbuf = realloc(xmlbuf, xmlbuflen)) == NULL){

3
yang/clixon/Makefile.in
View file

@ -42,7 +42,7 @@ datarootdir = @datarootdir@
# See also OPT_YANG_INSTALLDIR for the standard yang files # See also OPT_YANG_INSTALLDIR for the standard yang files
YANG_INSTALLDIR = @YANG_INSTALLDIR@ YANG_INSTALLDIR = @YANG_INSTALLDIR@
YANGSPECS = clixon-config@2020-04-23.yang YANGSPECS = clixon-config@2020-06-17.yang
YANGSPECS += clixon-lib@2020-04-23.yang YANGSPECS += clixon-lib@2020-04-23.yang
YANGSPECS += clixon-rfc5277@2008-07-01.yang YANGSPECS += clixon-rfc5277@2008-07-01.yang
YANGSPECS += clixon-xml-changelog@2019-03-21.yang YANGSPECS += clixon-xml-changelog@2019-03-21.yang
@ -67,6 +67,5 @@ install-include:
depend: depend:
#include .depend #include .depend

750
yang/clixon/clixon-config@2020-02-22.yang
View file

@ -1,750 +0,0 @@
module clixon-config {
yang-version 1.1;
namespace "http://clicon.org/config";
prefix cc;
organization
"Clicon / Clixon";
contact
"Olof Hagsand <olof@hagsand.se>";
description
"Clixon configuration file
***** BEGIN LICENSE BLOCK *****
Copyright (C) 2009-2019 Olof Hagsand
Copyright (C) 2020 Olof Hagsand and Rubicon Communications, LLC(Netgate)
This file is part of CLIXON
Licensed under the Apache License, Version 2.0 (the \"License\");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an \"AS IS\" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
Alternatively, the contents of this file may be used under the terms of
the GNU General Public License Version 3 or later (the \"GPL\"),
in which case the provisions of the GPL are applicable instead
of those above. If you wish to allow use of your version of this file only
under the terms of the GPL, and not to allow others to
use your version of this file under the terms of Apache License version 2,
indicate your decision by deleting the provisions above and replace them with
the notice and other provisions required by the GPL. If you do not delete
the provisions above, a recipient may use your version of this file under
the terms of any one of the Apache License version 2 or the GPL.
***** END LICENSE BLOCK *****";
revision 2020-02-22 {
description
"Added: search index extension,
Added: clixon-stats state for clixon XML and memory statistics.
Added: CLICON_CLI_BUF_START and CLICON_CLI_BUF_THRESHOLD for quadratic and linear
growth of CLIgen buffers (cbuf:s)
Added: CLICON_VALIDATE_STATE_XML for controling validation of user state XML
Added: CLICON_CLICON_YANG_LIST_CHECK to skip list key checks";
}
revision 2019-09-11 {
description
"Added: CLICON_BACKEND_USER: drop of privileges to user,
CLICON_BACKEND_PRIVILEGES: how to drop privileges
CLICON_NACM_CREDENTIALS: If and how to check backend sock priveleges with NACM
CLICON_NACM_RECOVERY_USER: Name of NACM recovery user.";
}
revision 2019-06-05 {
description
"Added: CLICON_YANG_REGEXP, CLICON_CLI_TAB_MODE,
CLICON_CLI_HIST_FILE, CLICON_CLI_HIST_SIZE,
CLICON_XML_CHANGELOG, CLICON_XML_CHANGELOG_FILE;
Renamed CLICON_XMLDB_CACHE to CLICON_DATASTORE_CACHE (changed type)
Deleted: CLICON_XMLDB_PLUGIN, CLICON_USE_STARTUP_CONFIG";
}
revision 2019-03-05{
description
"Changed URN. Changed top-level symbol to clixon-config.
Released in Clixon 3.10";
}
revision 2019-02-06 {
description
"Released in Clixon 3.9";
}
revision 2018-10-21 {
description
"Released in Clixon 3.8";
}
extension search_index {
description "This list argument acts as a search index using optimized binary search.
";
}
typedef startup_mode{
description
"Which method to boot/start clicon backend.
The methods differ in how they reach a running state
Which source database to commit from, if any.";
type enumeration{
enum none{
description
"Do not touch running state
Typically after crash when running state and db are synched";
}
enum init{
description
"Initialize running state.
Start with a completely clean running state";
}
enum running{
description
"Commit running db configuration into running state
After reboot if a persistent running db exists";
}
enum startup{
description
"Commit startup configuration into running state
After reboot when no persistent running db exists";
}
}
}
typedef datastore_format{
description
"Datastore format.";
type enumeration{
enum xml{
description "Save and load xmldb as XML";
}
enum json{
description "Save and load xmldb as JSON";
}
}
}
typedef datastore_cache{
description
"XML configuration, ie running/candididate/ datastore cache behaviour.";
type enumeration{
enum nocache{
description "No cache always work directly with file";
}
enum cache{
description "Use in-memory cache.
Make copies when accessing internally.";
}
enum cache-zerocopy{
description "Use in-memory cache and dont copy.
Fastest but opens up for callbacks changing cache.";
}
}
}
typedef cli_genmodel_type{
description
"How to generate CLI from YANG model,
eg list a{ key x; leaf x; leaf y;}";
type enumeration{
enum NONE{
description "No extra keywords: a <x> <y>";
}
enum VARS{
description "Keywords on non-key variables: a <x> y <y>";
}
enum ALL{
description "Keywords on all variables: a x <x> y <y>";
}
}
}
typedef nacm_mode{
description
"Mode of RFC8341 Network Configuration Access Control Model.
It is unclear from the RFC whether NACM rules are internal
in a configuration (ie embedded in regular config) or external/OOB
in s separate, specific NACM-config";
type enumeration{
enum disabled{
description "NACM is disabled";
}
enum internal{
description "NACM is enabled and available in the regular config";
}
enum external{
description "NACM is enabled and available in a separate config";
}
}
}
typedef regexp_mode{
description
"The regular expression engine Clixon uses in its validation of
Yang patterns, and in the CLI.
Yang RFC 7950 stipulates XSD XML Schema regexps
according to W3 CXML Schema Part 2: Datatypes Second Edition,
see http://www.w3.org/TR/2004/REC-xmlschema-2-20041028#regexs";
type enumeration{
enum posix {
description
"Translate XSD XML Schema regexp:s to Posix regexp. This is
not a complete translation, but can be considered good-enough
for Yang use-cases as defined by openconfig and yang-models
for example.";
}
enum libxml2 {
description
"Use libxml2 XSD XML Schema regexp engine. This is a complete
XSD regexp engine..
Requires libxml2 to be available at configure time
(HAVE_LIBXML2 should be set)";
}
}
}
typedef priv_mode{
description
"Privilege mode, used for dropping (or not) priveleges to a non-provileged
user after initialization";
type enumeration{
enum none {
description
"Make no drop/change in privileges.";
}
enum drop_perm {
description
"After initialization, drop privileges permanently to a uid";
}
enum drop_temp {
description
"After initialization, drop privileges temporarily to a euid";
}
}
}
typedef nacm_cred_mode{
description
"How NACM user should be matched with unix socket peer credentials.
This means nacm user must match socket peer user accessing the
backend socket. For IP sockets only mode none makes sense.";
type enumeration{
enum none {
description
"Dont match NACM user to any user credentials. Any user can pose
as any other user. Set this for IP sockets, or dont use NACM.";
}
enum exact {
description
"Exact match between NACM user and unix socket peer user.
Except for root user that can pose as any user.";
}
enum except {
description
"Exact match between NACM user and unix socket peer user, except
for root and www user (restconf).";
}
}
}
container clixon-config {
leaf-list CLICON_FEATURE {
description
"Supported features as used by YANG feature/if-feature
value is: <module>:<feature>, where <module> and <feature>
are either names, or the special character '*'.
*:* means enable all features
<module>:* means enable all features in the specified module
*:<feature> means enable the specific feature in all modules";
type string;
}
leaf CLICON_CONFIGFILE{
type string;
description
"Location of configuration-file for default values (this file).
Default is CLIXON_DEFAULT_CONFIG=/usr/local/etc/clicon.xml
set in configure. Note that due to bootstrapping, a default
value here does not work.";
}
leaf-list CLICON_YANG_DIR {
ordered-by user;
type string;
description
"Yang directory path for finding module and submodule files.
A list of these options should be in the configuration.
When loading a Yang module, Clixon searches this list in the order
they appear. Ensure that YANG_INSTALLDIR(default
/usr/local/share/clixon) is present in the path";
}
leaf CLICON_YANG_MAIN_FILE {
type string;
description
"If specified load a yang module in a specific absolute filename.
This corresponds to the -y command-line option in most CLixon
programs.";
}
leaf CLICON_YANG_MAIN_DIR {
type string;
description
"If given, load all modules in this directory (all .yang files)
See also CLICON_YANG_DIR which specifies a path of dirs";
}
leaf CLICON_YANG_MODULE_MAIN {
type string;
description
"Option used to construct initial yang file:
<module>[@<revision>]";
}
leaf CLICON_YANG_MODULE_REVISION {
type string;
description
"Option used to construct initial yang file:
<module>[@<revision>].
Used together with CLICON_YANG_MODULE_MAIN";
}
leaf CLICON_YANG_REGEXP {
type regexp_mode;
default posix;
description
"The regular expression engine Clixon uses in its validation of
Yang patterns, and in the CLI.
There is a 'good-enough' posix translation mode and a complete
libxml2 mode";
}
leaf CLICON_YANG_LIST_CHECK {
type boolean;
default true;
description
"If false, skip Yang list check sanity checks from RFC 7950, Sec 7.8.2:
The 'key' statement, which MUST be present if the list represents configuration.
Some yang specs seem not to fulfil this. However, if you reset this, there may
be follow-up errors due to code that assumes a configuration list has keys";
}
leaf CLICON_BACKEND_DIR {
type string;
description
"Location of backend .so plugins. Load all .so
plugins in this dir as backend plugins";
}
leaf CLICON_BACKEND_REGEXP {
type string;
description
"Regexp of matching backend plugins in CLICON_BACKEND_DIR";
default "(.so)$";
}
leaf CLICON_NETCONF_DIR {
type string;
description "Location of netconf (frontend) .so plugins";
}
leaf CLICON_RESTCONF_DIR {
type string;
description
"Location of restconf (frontend) .so plugins. Load all .so
plugins in this dir as restconf code plugins";
}
leaf CLICON_RESTCONF_PATH {
type string;
default "/www-data/fastcgi_restconf.sock";
description
"FastCGI unix socket. Should be specified in webserver
Eg in nginx: fastcgi_pass unix:/www-data/clicon_restconf.sock";
}
leaf CLICON_RESTCONF_PRETTY {
type boolean;
default true;
description
"Restconf return value pretty print.
Restconf clients may add HTTP header:
Accept: application/yang-data+json, or
Accept: application/yang-data+xml
to get return value in XML or JSON.
RFC 8040 examples print XML and JSON in pretty-printed form.
Setting this value to false makes restconf return not pretty-printed
which may be desirable for performance or tests";
}
leaf CLICON_CLI_DIR {
type string;
description
"Directory containing frontend cli loadable plugins. Load all .so
plugins in this directory as CLI object plugins";
}
leaf CLICON_CLISPEC_DIR {
type string;
description
"Directory containing frontend cligen spec files. Load all .cli
files in this directory as CLI specification files.
See also CLICON_CLISPEC_FILE.";
}
leaf CLICON_CLISPEC_FILE {
type string;
description
"Specific frontend cligen spec file as aletrnative or complement
to CLICON_CLISPEC_DIR. Also available as -c in clixon_cli.";
}
leaf CLICON_CLI_MODE {
type string;
default "base";
description
"Startup CLI mode. This should match a CLICON_MODE variable set in
one of the clispec files";
}
leaf CLICON_CLI_GENMODEL {
type int32;
default 1;
description
"If set, generate CLI specification for CLI completion of
loaded Yang modules. This CLI tree can be accessed in CLI
spec files using the tree reference syntax (eg @datamodel).
See also CLICON_CLI_MODEL_TREENAME.
(consider boolean)";
}
leaf CLICON_CLI_MODEL_TREENAME {
type string;
default "datamodel";
description
"If set, CLI specs can reference the
model syntax using this reference.
Example: set @datamodel, cli_set();";
}
leaf CLICON_CLI_GENMODEL_COMPLETION {
type int32;
default 1;
description "Generate code for CLI completion of existing db symbols.
(consider boolean)";
}
leaf CLICON_CLI_GENMODEL_TYPE {
type cli_genmodel_type;
default "VARS";
description "How to generate and show CLI syntax: VARS|ALL";
}
leaf CLICON_CLI_VARONLY {
type int32;
default 1;
description
"Dont include keys in cvec in cli vars callbacks,
ie a & k in 'a <b> k <c>' ignored
(consider boolean)";
}
leaf CLICON_CLI_LINESCROLLING {
type int32;
default 1;
description
"Set to 0 if you want CLI to wrap to next line.
Set to 1 if you want CLI to scroll sideways when approaching
right margin";
}
leaf CLICON_CLI_TAB_MODE {
type int8;
default 0;
description
"Set CLI tab mode. This is actually a bitfield of three
combinations:
bit 1: 0: <tab> shows short info of available commands
1: <tab> has same output as <?>, ie line per command
bit 2: 0: On <tab>, select a command over a <var> if both exist
1: Commands and vars have same preference.
bit 3: 0: On <tab>, never complete more than one level per <tab>
1: Complete all levels at once if possible.
";
}
leaf CLICON_CLI_UTF8 {
type int8;
default 0;
description
"Set to 1 to enable CLIgen UTF-8 experimental mode.
Note that this feature is EXPERIMENTAL and may not properly handle
scrolling, control characters, etc
(consider boolean)";
}
leaf CLICON_CLI_HIST_FILE {
type string;
default "~/.clixon_cli_history";
description
"Name of CLI history file. If not given, history is not saved.
The number of lines is saved is given by CLICON_CLI_HIST_SIZE.";
}
leaf CLICON_CLI_HIST_SIZE {
type int32;
default 300;
description
"Number of lines to save in CLI history.
Also, if CLICON_CLI_HIST_FILE is set, also the size in lines
of the saved history.";
}
leaf CLICON_CLI_BUF_START {
type uint32;
default 256;
description
"CLIgen buffer (cbuf) initial size.
When the buffer needs to grow, the allocation grows quadratic up to a threshold
after which linear growth continues.
See CLICON_CLI_BUF_THRESHOLD";
}
leaf CLICON_CLI_BUF_THRESHOLD {
type uint32;
default 65536;
description
"CLIgen buffer (cbuf) threshold size.
When the buffer exceeds the threshold, the allocation grows by adding the threshold
value to the buffer length.
If 0, the growth continues with quadratic growth.
See CLICON_CLI_BUF_THRESHOLD";
}
leaf CLICON_SOCK_FAMILY {
type string;
default "UNIX";
description
"Address family for communicating with clixon_backend
(UNIX|IPv4). IPv6 not yet implemented.
Note that UNIX socket makes credential check as follows:
(1) client needs rw access to the socket
(2) NACM credentials can be checked according to CLICON_NACM_CREDENTIALS
Warning: IPv4 and IPv6 sockets have no credential mechanism.
";
}
leaf CLICON_SOCK {
type string;
mandatory true;
description
"If family above is AF_UNIX: Unix socket for communicating
with clixon_backend. If family is AF_INET: IPv4 address";
}
leaf CLICON_SOCK_PORT {
type int32;
default 4535;
description
"Inet socket port for communicating with clixon_backend
(only IPv4|IPv6)";
}
leaf CLICON_SOCK_GROUP {
type string;
default "clicon";
description
"Group membership to access clixon_backend unix socket and gid for
deamon";
}
leaf CLICON_BACKEND_USER {
type string;
description
"User name for backend (both foreground and daemonized).
If you set this value the backend if started as root will lower
the privileges after initialization.
The ownership of files created by the backend will also be set to this
user (eg datastores).
It also sets the backend unix socket owner to this user, but its group
is set by CLICON_SOCK_GROUP.
See also CLICON_PRIVILEGES setting";
}
leaf CLICON_BACKEND_PRIVILEGES {
type priv_mode;
default none;
description
"Backend privileges mode.
If CLICON_BACKEND_USER user is set, mode can be set to drop_perm or
drop_temp.";
}
leaf CLICON_BACKEND_PIDFILE {
type string;
mandatory true;
description "Process-id file of backend daemon";
}
leaf CLICON_AUTOCOMMIT {
type int32;
default 0;
description
"Set if all configuration changes are committed automatically
on every edit change. Explicit commit commands unnecessary
(consider boolean)";
}
leaf CLICON_XMLDB_DIR {
type string;
mandatory true;
description
"Directory where \"running\", \"candidate\" and \"startup\" are placed.";
}
leaf CLICON_DATASTORE_CACHE {
type datastore_cache;
default cache;
description
"Clixon datastore cache behaviour. There are three values: no cache,
cache with copy, or cache without copy.";
}
leaf CLICON_XMLDB_FORMAT {
type datastore_format;
default xml;
description "XMLDB datastore format.";
}
leaf CLICON_XMLDB_PRETTY {
type boolean;
default true;
description
"XMLDB datastore pretty print.
If set, insert spaces and line-feeds making the XML/JSON human
readable. If not set, make the XML/JSON more compact.";
}
leaf CLICON_XMLDB_MODSTATE {
type boolean;
default false;
description
"If set, tag datastores with RFC 7895 YANG Module Library
info. When loaded at startup, a check is made if the system
yang modules match";
}
leaf CLICON_XML_CHANGELOG {
type boolean;
default false;
description "If true enable automatic upgrade using yang clixon
changelog.";
}
leaf CLICON_XML_CHANGELOG_FILE {
type string;
description "Name of file with module revision changelog.
If CLICON_XML_CHANGELOG is true, Clixon
reads the module changelog from this file.";
}
leaf CLICON_VALIDATE_STATE_XML {
type boolean;
default false;
description
"Validate user state callback content.
Users may register state callbacks using ca_statedata callback
When set, the XML returned from the callback is validated after merging with
the running db. If it fails, an internal error is returned to the originating
user.
If the option is not set, the XML returned by the user is not validated.
Note that enabling currently causes a large performance overhead for large
lists, therefore it is recommended to enable it during development and debugging
but disable it in production, until this has been resolved.";
}
leaf CLICON_STARTUP_MODE {
type startup_mode;
description "Which method to boot/start clicon backend";
}
leaf CLICON_TRANSACTION_MOD {
type boolean;
default false;
description "If set, modifications in validation and commit
callbacks are written back into the datastore.
This is a bad idea and therefore obsoleted.";
status obsolete;
}
leaf CLICON_NACM_MODE {
type nacm_mode;
default disabled;
description "RFC8341 network access configuration control model
(NACM) mode: disabled, in regular (internal) config
or separate external file given by CLICON_NACM_FILE";
}
leaf CLICON_NACM_FILE {
type string;
description "RFC8341 NACM external configuration file";
}
leaf CLICON_NACM_CREDENTIALS {
type nacm_cred_mode;
default except;
description
"Verify nacm user credentials with unix socket peer cred.
This means nacm user must match unix user accessing the backend
socket.
Except for recovery user and www user (for restconf)";
}
leaf CLICON_NACM_RECOVERY_USER {
type string;
default "_nacm_recovery";
description
"RFC8341 defines a 'recovery session' as outside the scope. Clixon
defines this user as having special admin rights to exempt from
all access control enforcements.
Note setting of CLICON_NACM_CREDENTIALS is important, if set to
exact for example, this user must exist and be used, otherwise
another user (such as root or www) can pose as it.";
}
leaf CLICON_MODULE_LIBRARY_RFC7895 {
type boolean;
default true;
description "Enable RFC 7895 YANG Module library support as state
data. If enabled, module info will appear when doing
netconf get or restconf GET";
}
leaf CLICON_MODULE_SET_ID {
type string;
default "0";
description "If RFC 7895 YANG Module library enabled:
Contains a server-specific identifier representing
the current set of modules and submodules. The
server MUST change the value of this leaf if the
information represented by the 'module' list instances
has changed.";
}
leaf CLICON_STREAM_DISCOVERY_RFC5277 {
type boolean;
default false;
description "Enable event stream discovery as described in RFC 5277
sections 3.2. If enabled, available streams will appear
when doing netconf get or restconf GET";
}
leaf CLICON_STREAM_DISCOVERY_RFC8040 {
type boolean;
default false;
description
"Enable monitoring information for the RESTCONF protocol from RFC 8040";
}
leaf CLICON_STREAM_PATH {
type string;
default "streams";
description "Stream path appended to CLICON_STREAM_URL to form
stream subscription URL.";
}
leaf CLICON_STREAM_URL {
type string;
default "https://localhost";
description "Prepend this to CLICON_STREAM_PATH to form URL.
See RFC 8040 Sec 9.3 location leaf:
'Contains a URL that represents the entry point for
establishing notification delivery via server-sent events.'
Prepend this constant to name of stream.
Example: https://localhost/streams/NETCONF. Note this is the
external URL, not local behind a reverse-proxy.
Note that -s <stream> command-line option to clixon_restconf
should correspond to last path of url (eg 'streams')";
}
leaf CLICON_STREAM_PUB {
type string;
description "For stream publish using eg nchan, the base address
to publish to. Example value: http://localhost/pub
Example: stream NETCONF would then be pushed to
http://localhost/pub/NETCONF.
Note this may be a local/provate URL behind reverse-proxy.
If not given, do NOT enable stream publishing using NCHAN.";
}
leaf CLICON_STREAM_RETENTION {
type uint32;
default 3600;
units s;
description "Retention for stream replay buffers in seconds, ie how much
data to store before dropping. 0 means no retention";
}
}
container clixon-stats{
config false;
description "Clixon backend statistics.";
container global{
description "Clixon global statistics";
leaf xmlnr{
description "Number of XML objects. That is number of residing xml/json objects
in the internal 'cxobj' representation.";
type uint64;
}
}
list datastore{
description "Datastore statistics";
key "name";
leaf name{
description "name of datastore (eg running).";
type string;
}
leaf nr{
description "Number of XML objects. That is number of residing xml/json objects
in the internal 'cxobj' representation.";
type uint64;
}
leaf size{
description "Size in bytes of internal datastore cache of datastore tree.";
type uint64;
}
}
}
}

3
yang/clixon/clixon-config@2020-04-23.yang
View file

@ -159,9 +159,6 @@ module clixon-config {
enum ALL{ enum ALL{
description "Keywords on all variables: c a x <x> y <y>"; description "Keywords on all variables: c a x <x> y <y>";
} }
enum HIDE{
description "Keywords on non-key variables and hide container around lists: a <x> y <y>";
}
} }
} }
typedef nacm_mode{ typedef nacm_mode{

15
yang/clixon/clixon-config@2020-06-17.yang
View file

@ -42,9 +42,10 @@ module clixon-config {
/* Deleted: clixon-stats state for clixon XML and memory statistics. (moved to clixon-lib) /* Deleted: clixon-stats state for clixon XML and memory statistics. (moved to clixon-lib)
*/ */
revision 2020-07-19 { revision 2020-06-17 {
description description
""; "Added: CLICON_CLI_LINES_DEFAULT
Added enum HIDE to CLICON_CLI_GENMODEL";
} }
revision 2020-04-23 { revision 2020-04-23 {
description description
@ -450,11 +451,17 @@ module clixon-config {
Set to 1 if you want CLI to scroll sideways when approaching Set to 1 if you want CLI to scroll sideways when approaching
right margin"; right margin";
} }
leaf CLICON_CLI_LINEROWS { leaf CLICON_CLI_LINES_DEFAULT {
type int32; type int32;
default 24; default 24;
description description
"Set to number of terminal rows in "; "Set to number of CLI terminal rows for pageing/scrolling. 0 means unlimited.
The number is set statically UNLESS:
- there is no terminal, such as file input, in which case nr lines is 0
- there is a terminal sufficiently powerful to read the number of lines from
ioctl calls.
In other words, this setting is used ONLY on raw terminals such as serial
consoles.";
} }
leaf CLICON_CLI_TAB_MODE { leaf CLICON_CLI_TAB_MODE {
type int8; type int8;