Replace a few easy spots. Eventually we want to call both
functions for each spot instead of doing both (in switching order)
or only one of them. They are both cheap operations since they
don't (re)start DNS processes any longer.
Some call flows require this, others don't and on 22.7 we seem to miss
one that did. Instead of adding more monitor reloads in the possible
spots move the ones that are shared into the general routing reload since
the two are almost always clustered together.
Also use the $interface argument to figure out which monitors require
reloading. This will avoid quite a few spurious reloads on larger
setups.
Boot is a little special, but easy enough to ensure we don't call monitor
reload twice.
primary will move to tracking interfaces or pick up any
SLAAC related address even though that is not being
actively configured. Similar to the dashboard only print
the scoped address without the need to do the logic in
the caller.
Maybe we could even return the assigned prefix here for
clarity, but then the prefix isn't a reachable address.
Displaying changelogs requires a different menu flow but for now focus
on providing a changelog opportunistically before performing the update,
but intentionally after starting it to keep previous flow for now.
We need to make sure both the local and the remote IP belong to
the same CIDR range, which might not be the case if we just
calculate the subnet size required by their direct distance.
Rewrite find_smallest_cidr() to take an array of IPs to calculate
their smallest shared subnet mask. Code is actually pretty simple
and fast. However, we are not going to account for network and
broadcast address reservation unless that turns out to be an issue.
In the IPv6 case assume that /64 is a good approximation of the
result.
Remove code cruft in utilities while at it also replacing a simple
function only called once in setaddr.sh.
o add "Automatic user creation" option in System/Access/Servers (for ldap + derivatives)
o simple detached flow, updatePolicies() calculates differences between local and remote group membership, when there is something to sync (remote groups exists) and a local user doesn't exist a configd signal is send to create a new empty user without rights and a random password.
The user_dn field isn't populated, although this will cost additional queries to the remote host, it might be worth the flexibility of allowing to move users to different auth scopes.
Type "s" for security audit, or "h" for health audit.
We don't add it to the option prompt to not clutter the menu flow.
This is mostly for debug and development purposes.
I see no easy way to untangle this for now. At least make sure
the user is asked for the defaults to be restored making this
a little better than before.
When there are a lot of interfaces, these calls consume quite some time and eventually the output of legacy_interfaces_details() is what matters to all of them.
Some back and forth between explicit and implicit requires while here.
The code is helplessly glued together and no plugin facility to get
data from a function call currently exists.
