- Description:
- OpenBSD Network Shell
- Last Change:
- Clone URL:
ssh://anonymous@git.chirpysoft.be/nsh.git
Commit Briefs
only create nsh database in privileged mode (dbpriv)
Avoids noisy warnings on startup as a regular user when the database does not exist yet.
generate man command tab-completion table with a script at build-time
This prevents the table from becoming out of date going forward. There were a few tags in nsh.8 which weren't yet being displayed: + { "inet6", "Search for tag inet6", CMPL0 NULL, 0 }, + { "powerdown", "Search for tag powerdown", CMPL0 NULL, 0 }, + { "saveenv", "Search for tag saveenv", CMPL0 NULL, 0 }, And an error has been corrected: - { "unsetenv", "Search for tag setenv", CMPL0 NULL, 0 }, + { "unsetenv", "Search for tag unsetenv", CMPL0 NULL, 0 },
fix sqlite API error handling
- call sqlite3_errmsg(db) before closing the db, not after - sqlite3_errmsg() can only be used when sqlite3_step() returns SQLITE_ERROR - check for errors from sqlite3_finalize() - close db handle even when an error occurred during sqlite3_open() with suggestions from chris testing + ok tom
Fix dhcpd handling with respect to rdoamins
Run dhcpd in the correct rdomain when rdomain is != 0 and start dhcpd with a list of interfaces on its command line. All interfaces must be in the same rdomain; dhcpd will then set its own rdomain accordingly. Use a separate DHCP lease database per rdomain just in case a given MAC and IP tuple appears in multiple rdomains. earlier version ok + testing by Tom
allow T_HANDLER to process any number of arguments between 0 and 6
This way we can write handlers that accept all arguments listed in their ctl table as actual arguments, rather than passing unused parameters which contain ununitialized garbage. The benefit is better clarity about the expected values of arguments passed on by handler functions. Adjust motd and crontab handlers accordingly which use T_HANDLER. All instances of call_editor() now use T_HANDLER_FILL1. ok chris
fix conversion of struct ctl2->table to struct ctl->table
The old code would only convert the first command table entry to a dummy struct ctl sitting on the stack. This confuses code which loops over the command table and requires a sentinel to break out of this loop. Segfault found by Tom
detect ambiguous matches from genget on a ctl2 table
Cannot happen right now since the table has only one entry but better be prepared for a future where we would crash otherwise.
Branches
Tree
README.md
# nsh
## network shell
---
Chris Cappuccio <chris@nmedia.net> version 1.1
NSH is a CLI intended for OpenBSD-based network appliances. It replaces
ifconfig, sysctl and route with its own simple command language, and
encapsulates configuration for other daemons into one place, effectively
replacing /etc/netstart and parts of /etc/rc for appliance-style usage.
## Daemons and services encapsulated by nsh:
bgpd, dhcpd, dhcpleased, dhcrelay, dvmrpd, eigrpd, ftp-proxy, ifstated, inetd,
iked, ipsecctl, ldapd, ldpd, npppd, ntpd, ospfd, ospf6d, pf, rad, relayd,
resolvd, ripd, sasyncd, slaacd, smtpd, snmpd, sshd, tftpd, tftp-proxy.
---
## License
NSH is freely licensed, in the BSD style.
In conjunction with the OpenBSD kernel and the daemons you wish to control,
you have a fully functioning network appliance type of system.
---
## NSH Manual
See https://github.com/yellowman/nsh/wiki/NSH-Manual-page or
nsh.8 manual for detailed installation instructions and command set.
See the to-do list on https://github.com/users/yellowman/projects/1 for
details on implementation status and future ideas.
See http://github.com/yellowman/nsh/ for current source code repository.
See http://www.nmedia.net/nsh/ for example configurations and mailing
list.
See https://www.youtube.com/watch?v=WMKxIHaWaG0 for an EurobsdCon 2022
Presentation on NSH for network administrators.
---
## Quickstart Guide for installing and building **nsh** on an OpenBSD system
1. Install OpenBSD on your system
2. Install the OpenBSD port of nsh on your system -(this will install the latest nsh release version)
```shell
pkg_add nsh
```
3. Install git on your system to allow fetching more recent versions of nsh from github
```shell
pkg_add git
```
4. to download the latest development of nsh use git to download the latest nsh repository
```shell
git clone https://github.com/yellowman/nsh
```
5. change directory to the downloaded nsh directory
```shell
cd nsh
```
6. to build the nsh sources follow the steps below
6a. make objects
```shell
make obj
```
6b. make / compile the sources
```shell
make
```
6c. Install the compiled nsh binaries and supporting files (you will need root privileges to do this).
```shell
make install
```
7. To have nsh take over the configuration of a system a number of steps that need to be carried out such as
7a. Backup configuration of system, daemons and network in /etc
7b. Copy the configuration files to /var/run/example-configfilename.0 (the .0 file extension) implies running in the default rdomain / rtable (rdomain 0)
7c. save the running config to /etc/nshrc
7d. secure the /etc/nshrc file so that world cannot read, write or execute it .
7e. configure the system to run nsh -i /etc/nshrc either adding a line to /etc/rc.local or using an rccctl script for nsh.
For the users convenience, the above steps can be largely automated by running the **rc.local-nsh-openbsd-integration.sh** script and following on screen instructions.
```shell
cd scripts/
./rc.local-nsh-openbsd-integration.sh
```
8. once configuration has been imported, restart the system and verify nsh config is running as expected
10. please provide feedback , bug repots and suggestions to the developers on our mailing list <nsh@lists.deschutesdigital.com> .