- Description:
- OpenBSD Network Shell
- Last Change:
- Clone URL:
ssh://anonymous@git.chirpysoft.be/nsh.git
Commit Briefs
fix adding blackhole and reject routes; a gateway is required (route-iface)
Fixes an invalid route message error during nsh -i at boot time: % cmd: route (line 49) margv [route 224.0.0.0/4 127.0.0.1 iface nompath reject] % RTM_ADD: Add Route: len 128, table 0, pid: 0, seq 1, errno 0, flags:<UP,REJECT,STATIC> % locks: inits: % sockaddrs: <DST,NETMASK> 224.0.0.0 240.0.0.0 % ip_route: rtmsg: Invalid argument
silence ifconfig errors related to carp demotion at boot time
This happens when nsh is started by /etc/rc.d/nsh during boot. The /etc/rc script starts package scripts with carp-interlock already enabled, and both ifconfig and nsh would attempt to reset the carp demotion counter. Generally, this is harmless, apart from an error message displayed by ifconfig which might mislead users into assuming there was a problem: starting package daemons: nsh. ifconfig: carp: SIOCSIFGATTR: Invalid argument To avoid this issue, nsh can check whether the demotion counter has already been set to the desired level and only change the counter if changing it is indeed required. test + ok Tom
avoid use of uninitialized variable 'sin'
found by codechecker
call getprogname(3) instead of reading __progname which is reserved
found by codechecker
ifmedia words are 64 bit wide on openbsd
found by codechecker
handle SIGWINCH in a signal-safe way
The setwinsize() function calls an ioctl which is not async-signal-safe. Use a safe signal handler and change window size in command loop instead. found by codechecker
Branches
Tree
README.md
# nsh
## network shell
---
Chris Cappuccio <chris@nmedia.net>
NSH is a CLI intended for OpenBSD-based network appliances. It replaces
ifconfig, sysctl and route with its own simple command language, and
encapsulates configuration for other daemons into one place, effectively
replacing /etc/netstart and parts of /etc/rc for appliance-style usage.
## Daemons and services encapsulated by nsh:
bgpd, dhcpd, dhcpleased, dhcrelay, dvmrpd, eigrpd, ftp-proxy, ifstated, inetd,
iked, ipsecctl, ldapd, ldpd, npppd, ntpd, ospfd, ospf6d, pf, rad, relayd,
resolvd, ripd, sasyncd, slaacd, smtpd, snmpd, sshd, tftpd, tftp-proxy.
---
## License
NSH is freely licensed, in the BSD style.
In conjunction with the OpenBSD kernel and the daemons you wish to control,
you have a fully functioning network appliance type of system.
---
## NSH Manual
See [https://github.com/yellowman/nsh/wiki/NSH-Manual-page](https://github.com/yellowman/nsh/wiki/NSH-1.2.x-Manual-Page)
or nsh.8 manual for detailed installation instructions and command set.
nsh manual is available on your system by simply typing the command:
```shell
man nsh
```
---
## Other Relevant NSH Documentation
See the to-do list on https://github.com/users/yellowman/projects/1 for
details on implementation status and future ideas.
See http://github.com/yellowman/nsh/ for current source code repository.
See http://www.nmedia.net/nsh/ for example configurations and mailing
list.
See https://www.youtube.com/watch?v=9T9-v5NLjXk for a BSDCAN 2024
Presentation on Supporting Business IT and network needs with OpenBSD and NSH By: Tom Smyth
See https://www.youtube.com/watch?v=WMKxIHaWaG0 for an EurobsdCon 2022
Presentation on NSH for network administrators By: Tom Smyth
---
## Quickstart Guide for installing and building **nsh** on an OpenBSD system
1. Install OpenBSD on your system
2. Install the OpenBSD port of nsh on your system -(this will install the latest nsh release version)
```shell
pkg_add nsh
```
3. Install git on your system to allow fetching more recent versions of nsh from github
```shell
pkg_add git
```
4. to download the latest development of nsh use git to download the latest nsh repository
```shell
git clone https://github.com/yellowman/nsh
```
5. change directory to the downloaded nsh directory
```shell
cd nsh
```
6. use make to build / compile the sources
```shell
make
```
7. Install the compiled nsh binaries and supporting files (you will need root privileges to do this).
```shell
make install
```
8. To have nsh take over the configuration of a system a number of steps that need to be carried out such as
9. Backup configuration of system, daemons and network in /etc
10. Copy the configuration files to /var/run/example-configfilename.0 (the .0 file extension) implies running in the default rdomain / rtable (rdomain 0)
11. save the running config to /etc/nshrc
12. secure the /etc/nshrc file so that world cannot read, write or execute it .
13. configure the system to run nsh -i /etc/nshrc either adding a line to /etc/rc.local or using an rccctl script for nsh.
For the users convenience, the above steps (9-13) can be largely automated by running the **rc.local-nsh-openbsd-integrate.sh** script and following on screen instructions.
```shell
cd nsh
cd scripts
cd shell
chmod 700 rc.local-nsh-openbsd-integrate.sh
./rc.local-nsh-openbsd-integrate.sh
```
14. once configuration has been imported, restart the system and verify nsh config is running as expected.
15. Setting NSH as the default shell for a user
- Login as the user
- locate nsh binary, it is usually in /usr/local/bin/nsh
- at the command prompt run chsh -s command to set the shell to path to the nsh binary
```shell
chsh -s /usr/local/bin/nsh
```
16. please provide feedback , bug repots and suggestions to the developers on our mailing list <nsh@lists.deschutesdigital.com> .