Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[tacacs+] Obfuscate key before printing to syslog #1453

Merged
merged 1 commit into from
Mar 3, 2018

Conversation

taoyl-ms
Copy link
Contributor

@taoyl-ms taoyl-ms commented Mar 3, 2018

- What I did
Modify NSS patch and add a PAM patch to make sure no tacacs credential is directly posted into syslog,

@taoyl-ms taoyl-ms requested a review from lguohan March 3, 2018 02:33
@lguohan lguohan merged commit d9aa42e into sonic-net:master Mar 3, 2018
stephenxs added a commit to stephenxs/sonic-buildimage that referenced this pull request Dec 16, 2020
sonic-swss:
[Dynamic buffer calc]  Support dynamic buffer calculation (sonic-net#1338)
[dvs] Clean-up dvs_database and dvs_common (sonic-net#1541)
[VxlanMgr] changes for EVPN VXLAN (sonic-net#1266)
Statistics support for Tx and Rx counters of different frame sizes (sonic-net#1536)
[orchagent/phy]: Add firmware info propagation (sonic-net#1540)
[vxlanorch] Use PRI instead of %l to avoid warnings in 32-bit arch (sonic-net#1539)
[FDBSYNCD] Added support for EVPN as described in the PR sonic-net/SONiC#437 (sonic-net#1276)
[everflow] Add retry mechanism for mirror sessions and policers (sonic-net#1486)
Enable ACL table type  mirror_v6 for Innovium Platform (sonic-net#1527)
[fgnhgorch] Change format specifier %lu to %zu for size_t (sonic-net#1529)
[dvs] Fix issue where concurrent netns operations cause test setup to fail (sonic-net#1535)
Add support for headroom pool watermark (sonic-net#1453)
Change gAsicInstance to type string with max length limit (sonic-net#1526)

sonic-utilities:
[Dynamic buffer calc] Support dynamic buffer calculation (sonic-net#973)
show tech with platform dump option (sonic-net#1158)
[kdump]: Parse sonic_platform kernel command line parameter to read the platform identifier string (sonic-net#1291)
[pcieutil] Remove 'pcie-' prefix from arguments (sonic-net#1297)
Added 'detailed' option for 'show interface counters' command (sonic-net#1299)
Fix show ip route summary on pizzabox platforms (sonic-net#1302)
[acl_loader] Fix default DENY rule for V6 dataplane ACLs (sonic-net#1281)
Add show and clear commands for headroom pool watermark  (sonic-net#1144)
[unit test][CLI][pfcwd] Added pfcwd config tests for single and multi ASIC platform. (sonic-net#1248)
[sflow] Fix traceback seen for show sflow interface (sonic-net#1282)
[config/console][consutil] Support enable/disable console switch (sonic-net#1275)
[fast-reboot] Fix fast-reboot when NDP entries are present (sonic-net#1295)
Fast-reboot: add a new flag to ignore ASIC config checksum verification failures (sonic-net#1292)
Kdump improvements (sonic-net#1284)

Signed-off-by: Stephen Sun <[email protected]>
Sabareesh-Kumar-Anandan pushed a commit to Sabareesh-Kumar-Anandan/sonic-buildimage that referenced this pull request Dec 20, 2020
[fgnhgorch] Change format specifier %lu to %zu for size_t (sonic-net#1529)
[dvs] Fix issue where concurrent netns operations cause test setup to fail (sonic-net#1535)
Add support for headroom pool watermark (sonic-net#1453)
Change gAsicInstance to type string with max length limit (sonic-net#1526)

Signed-off-by: Sabareesh Kumar Anandan <[email protected]>
Sabareesh-Kumar-Anandan pushed a commit to Sabareesh-Kumar-Anandan/sonic-buildimage that referenced this pull request Dec 21, 2020
Add support for headroom pool watermark (sonic-net#1453)
Change gAsicInstance to type string with max length limit (sonic-net#1526)

Signed-off-by: Sabareesh Kumar Anandan <[email protected]>
jleveque added a commit that referenced this pull request Dec 24, 2020
* src/sonic-swss c7ee75f...cadf28f (24):
  > Revert "Add support for headroom pool watermark (#1453)"
  > [VxlanOrch] pytest for EVPN VXLAN (#1318)
  > [restore_neighbors] python3 support for restore_neighbors.py (#1542)
  > [buffermgmt] more build error fixes when compiling for armhf (32-bit) (#1559)
  > Sflow fix to avoid NULL in field. (#1531)
  > [fgnhgorch] Fg Nhg link handling (#1537)
  > [dpb]: make sure port is in admin down state before remove port. (#1513)
  > [FPMSYNCD/FDBSYNCD] EVPN Type-5 route removing prefix-len for host route and removing junk character present in the mac (#1553)
  > Added support for EVPN L3 VXLAN as described in the PR sonic-net/SONiC#437 (#1267)
  > [crm]: Typecast to unit64_t to avoid divide by 0 during overflow (#1550)
  > [vxlanmgr] Fix build error when compiling for armhf (32-bit) (#1552)
  > [Dynamic buffer calc]  Support dynamic buffer calculation (#1338)
  > [dvs] Clean-up dvs_database and dvs_common (#1541)
  > [VxlanMgr] changes for EVPN VXLAN (#1266)
  > Statistics support for Tx and Rx counters of different frame sizes (#1536)
  > [orchagent/phy]: Add firmware info propagation (#1540)
  > [vxlanorch] Use PRI instead of %l to avoid warnings in 32-bit arch (#1539)
  > [FDBSYNCD] Added support for EVPN as described in the PR sonic-net/SONiC#437 (#1276)
  > [everflow] Add retry mechanism for mirror sessions and policers (#1486)
  > Enable ACL table type  mirror_v6 for Innovium Platform (#1527)
  > [fgnhgorch] Change format specifier %lu to %zu for size_t (#1529)
  > [dvs] Fix issue where concurrent netns operations cause test setup to fail (#1535)
  > Add support for headroom pool watermark (#1453)
  > Change gAsicInstance to type string with max length limit (#1526)
@DavidZagury DavidZagury mentioned this pull request Mar 3, 2021
4 tasks
@vdahiya12 vdahiya12 mentioned this pull request Mar 9, 2021
4 tasks
vdahiya12 added a commit that referenced this pull request Mar 10, 2021
this PR updates the following commits in sonic-utilities

13ce4b6 [show][config] fix show mux status health field; add support for hwmode functionality to toggle mux, check mux direction for Y cable (#1467)
f78e7ce [acl-loader] Improve input validation for acl_loader (#1479)
748dbbf [show] Fix 'show mac' output, when FDB entry with Vlan 1 is present (#1368)
64604db [acl] Expand VLAN into VLAN members when creating an ACL table (#1475)
10de91d [config reload]: On dual ToR systems, cache ARP and FDB tables (#1465)
10a359a [Mellanox] Change mellanox buffer migrator for new SKU Mellanox-SN2700-D40C8S8 (#1470)
38c8e00 [acl-loader] Add support for matching on ICMP and VLAN info (#1469)
e555ea9 [SKU creator] fix wrong speed in case breakout of 2x50 (#1380)
4a78c01 [config] Enable/disable container monitoring when starting/stopping the services. (#1471)
dd3c2c3 [warm-reboot] Check if warm restart flag is set when issuing a warm-reboot (#1460)
e32b5ac Add soft-reboot reboot type (#1453)
8b3bc18 [reload] Improve reload by using sonic.target. (#1199)
99673bc [reboot] Add platform-specific reboot cause update hook (#1454)
2f6e36e [CLI][techsupport] Add NOOP option for commands that did not have that option (#1445)
1fa4b94 [psushow] Add more output columns; Add option to output in JSON format (#1416)
79ccd03 [show] cli support for show muxcable cableinfo (#1448)

Signed-off-by: vaibhav-dahiya <[email protected]>
daall added a commit to daall/sonic-buildimage that referenced this pull request Apr 29, 2021
sonic-swss:
- [Monitor Vlan] Fix a typo in hostif (sonic-net#1722)
- Update pool sizes during initialization from timer only (sonic-net#1708)
- [SflowMgr] SamplingRate Update by Speed Change Added (sonic-net#1721)

sonic-swss-common:
- [swss-common] Add MUX Metrics Table (sonic-net#482)
- [azp] Purge swss before installing the newly built deb package (sonic-net#472)

sonic-utilities:
- disk_check: Check & mount RO as RW using tmpfs (sonic-net#1569)
- No more IP validation as it is more likely a URL (sonic-net#1555)
- Stop PMON docker before cold and soft reboots (sonic-net#1514)
- Add soft-reboot reboot type (sonic-net#1453)
- [acl] Use a list instead of a comma-separated string for ACL port list (sonic-net#1519)
- sonic-installer: fix py3 issues in bootloader.aboot (sonic-net#1553)
- Fix unsupported fs.squashfs extraction in sonic-installer (sonic-net#1366)
- [show][config] cli support for firmware upgrade on Y-Cable (sonic-net#1528) (sonic-net#1558)

sonic-linux-kernel:
- [Mellanox] backport kernel patches for hw-management 7.0100.2303 (sonic-net#211)

Signed-off-by: Danny Allen <[email protected]>
lguohan pushed a commit that referenced this pull request May 4, 2021
* [202012][swss/swss-common/utilities/kernel] Update submodule

sonic-swss:
- [Monitor Vlan] Fix a typo in hostif (#1722)
- Update pool sizes during initialization from timer only (#1708)
- [SflowMgr] SamplingRate Update by Speed Change Added (#1721)

sonic-swss-common:
- [swss-common] Add MUX Metrics Table (#482)
- [azp] Purge swss before installing the newly built deb package (#472)

sonic-utilities:
- disk_check: Check & mount RO as RW using tmpfs (#1569)
- No more IP validation as it is more likely a URL (#1555)
- Stop PMON docker before cold and soft reboots (#1514)
- Add soft-reboot reboot type (#1453)
- [acl] Use a list instead of a comma-separated string for ACL port list (#1519)
- sonic-installer: fix py3 issues in bootloader.aboot (#1553)
- Fix unsupported fs.squashfs extraction in sonic-installer (#1366)
- [show][config] cli support for firmware upgrade on Y-Cable (#1528) (#1558)

sonic-linux-kernel:
- [Mellanox] backport kernel patches for hw-management 7.0100.2303 (#211)

Signed-off-by: Danny Allen <[email protected]>

* Update utilities w/ build fix
stepanblyschak pushed a commit to stepanblyschak/sonic-buildimage that referenced this pull request May 10, 2021
What I did
Add a new reboot named as soft-reboot which can be performed by "kexec -e"

How I did it
Replace the platform reboot with "kexec -e" for the cold reboot case.

How to verify it
Verified the reboot on DUT and check the reboot-cause
raphaelt-nvidia pushed a commit to raphaelt-nvidia/sonic-buildimage that referenced this pull request May 23, 2021
this PR updates the following commits in sonic-utilities

13ce4b6 [show][config] fix show mux status health field; add support for hwmode functionality to toggle mux, check mux direction for Y cable (sonic-net#1467)
f78e7ce [acl-loader] Improve input validation for acl_loader (sonic-net#1479)
748dbbf [show] Fix 'show mac' output, when FDB entry with Vlan 1 is present (sonic-net#1368)
64604db [acl] Expand VLAN into VLAN members when creating an ACL table (sonic-net#1475)
10de91d [config reload]: On dual ToR systems, cache ARP and FDB tables (sonic-net#1465)
10a359a [Mellanox] Change mellanox buffer migrator for new SKU Mellanox-SN2700-D40C8S8 (sonic-net#1470)
38c8e00 [acl-loader] Add support for matching on ICMP and VLAN info (sonic-net#1469)
e555ea9 [SKU creator] fix wrong speed in case breakout of 2x50 (sonic-net#1380)
4a78c01 [config] Enable/disable container monitoring when starting/stopping the services. (sonic-net#1471)
dd3c2c3 [warm-reboot] Check if warm restart flag is set when issuing a warm-reboot (sonic-net#1460)
e32b5ac Add soft-reboot reboot type (sonic-net#1453)
8b3bc18 [reload] Improve reload by using sonic.target. (sonic-net#1199)
99673bc [reboot] Add platform-specific reboot cause update hook (sonic-net#1454)
2f6e36e [CLI][techsupport] Add NOOP option for commands that did not have that option (sonic-net#1445)
1fa4b94 [psushow] Add more output columns; Add option to output in JSON format (sonic-net#1416)
79ccd03 [show] cli support for show muxcable cableinfo (sonic-net#1448)

Signed-off-by: vaibhav-dahiya <[email protected]>
carl-nokia pushed a commit to carl-nokia/sonic-buildimage that referenced this pull request Aug 7, 2021
this PR updates the following commits in sonic-utilities

13ce4b6 [show][config] fix show mux status health field; add support for hwmode functionality to toggle mux, check mux direction for Y cable (sonic-net#1467)
f78e7ce [acl-loader] Improve input validation for acl_loader (sonic-net#1479)
748dbbf [show] Fix 'show mac' output, when FDB entry with Vlan 1 is present (sonic-net#1368)
64604db [acl] Expand VLAN into VLAN members when creating an ACL table (sonic-net#1475)
10de91d [config reload]: On dual ToR systems, cache ARP and FDB tables (sonic-net#1465)
10a359a [Mellanox] Change mellanox buffer migrator for new SKU Mellanox-SN2700-D40C8S8 (sonic-net#1470)
38c8e00 [acl-loader] Add support for matching on ICMP and VLAN info (sonic-net#1469)
e555ea9 [SKU creator] fix wrong speed in case breakout of 2x50 (sonic-net#1380)
4a78c01 [config] Enable/disable container monitoring when starting/stopping the services. (sonic-net#1471)
dd3c2c3 [warm-reboot] Check if warm restart flag is set when issuing a warm-reboot (sonic-net#1460)
e32b5ac Add soft-reboot reboot type (sonic-net#1453)
8b3bc18 [reload] Improve reload by using sonic.target. (sonic-net#1199)
99673bc [reboot] Add platform-specific reboot cause update hook (sonic-net#1454)
2f6e36e [CLI][techsupport] Add NOOP option for commands that did not have that option (sonic-net#1445)
1fa4b94 [psushow] Add more output columns; Add option to output in JSON format (sonic-net#1416)
79ccd03 [show] cli support for show muxcable cableinfo (sonic-net#1448)

Signed-off-by: vaibhav-dahiya <[email protected]>
theasianpianist pushed a commit to theasianpianist/sonic-buildimage that referenced this pull request Feb 5, 2022
What I did
Added 'SAI_BUFFER_POOL_STAT_XOFF_ROOM_WATERMARK_BYTES' in the interested counters to be queried
Updated the the buffer lua script to update the headroom pool watermark counters
Updated watermark orch to act on headroom pool clear request

Why I did it
To expose the headroom pool watermark counters in SONiC

How I verified it
On platforms with headroom pool support, verified that headroom pool watermark counters are getting updated as expected
On platforms without headroom pool support, headroom pool watermark counters show as N/A
New sonic mgmt test added and it passed. sonic-net/sonic-mgmt#2614

Signed-off-by: Neetha John <[email protected]>
theasianpianist pushed a commit to theasianpianist/sonic-buildimage that referenced this pull request Feb 5, 2022
theasianpianist pushed a commit to theasianpianist/sonic-buildimage that referenced this pull request Feb 5, 2022
Signed-off-by: Neetha John <[email protected]>

Includes all the changes in sonic-net#1453 along with fix for error msgs seen in syslog - Got invalid response type from redis 5
The error msg was due to incorrect return type in lua script.

What I did
Added 'SAI_BUFFER_POOL_STAT_XOFF_ROOM_WATERMARK_BYTES' in the interested counters to be queried
Updated the the buffer lua script to update the headroom pool watermark counters
Updated watermark orch to act on headroom pool clear request

Why I did it
To expose the headroom pool watermark counters in SONiC

How I verified it
On platforms with headroom pool support, verified that headroom pool watermark counters are getting updated as expected

admin@sonic:~$ show headroom-pool persistent-watermark 
Headroom pool maximum occupancy:
                 Pool    Bytes
---------------------  -------
ingress_lossless_pool   863616
On platforms without headroom pool support, headroom pool watermark counters show as N/A

admin@sonic:~$ show headroom-pool persistent-watermark 
Headroom pool maximum occupancy:
                 Pool    Bytes
---------------------  -------
ingress_lossless_pool      N/A
New sonic mgmt test added and it passed. sonic-net/sonic-mgmt#2614

Verified the error msg seen in syslog by enabling buffer pool watermark on vs docker. With the fix, build a new vs docker and verified that the msgs are no longer seen when buffer pool watermark is enabled.
taras-keryk pushed a commit to taras-keryk/sonic-buildimage that referenced this pull request Apr 28, 2022
* mclagsyncd enhancements as per HLD at sonic-net/SONiC#596

* addressed LGTM alert

* UT Fix unique IP configuration

* modified ip address validate function for mclag config verication

* Add soft-reboot reboot type (sonic-net#1453)

What I did
Add a new reboot named as soft-reboot which can be performed by "kexec -e"

How I did it
Replace the platform reboot with "kexec -e" for the cold reboot case.

How to verify it
Verified the reboot on DUT and check the reboot-cause

* [warm-reboot] Check if warm restart flag is set when issuing a warm-reboot (sonic-net#1460)

Check if any warm restart flag is set when issuing a warm-reboot. This check avoids starting a warm reboot while another warm restart is in progress. In the scenario where a warm reboot is issued with another warm restart in progress, the warm restart flag may be reset and part of the components have a risk of doing cold reboot.

* Added mclag config commands

* removed unwanted imports

* added mclag tests

* fixed build issue

* corrected mclag test

* corrected mclag test

* corrected mclag test case

* updated testcase for mclag

* updated mclag config

* updated mclag test cases

* updated mclag test case

* updated mclag test cases

* fixed alert

* updated mclag test cases

* updated mclag test cases

* updated mclag config

* modified mclag test cases

* updated mclag test case

* updated mclag test case

* updated mclag test cases

* updated mclag test cases

* updated mclag test cases

* updated mclag test case

* updated mclag test case

* updated mclag test cases

* updated mclag test cases

* updated mclag test cases

* updated mclag test cases

* updated mclag test case

* updated mclag test cases

* updated mclag test cases

* updated mclag test cases

* updated mclag test cases

* updated mclag test cases

* updated mclag test cases

* updated mclag test cases

* updated mclag test cases

* updated mclag test case

* updated mclag test cases

* updated mclag test case

* updated mclag config to use swsscommon instead of swssdk

* updated mclag config to use swsscommon

* updated mclag config script file

* fixed mclag test cases to verify config db

* updated mclag test case with config db verify function

* fixed build issue

* updated test case

* updated mclag test case

* addressed review comments

Co-authored-by: Tapash Das <[email protected]>
Co-authored-by: Tapash Das <[email protected]>
Co-authored-by: Sujin Kang <[email protected]>
Co-authored-by: Shi Su <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants