agt_profile_t Struct

The following structure is used to represent the 'agt_profile':

struct agt_profile_t

Multiple instances are not supported.

The yp-server library has an API to override the default profile settings.

hardwire some of the server profile parameters because they are needed before the NCX engine is running They cannot be changed after boot-time. This data structure is sent from the main server to each subsystem, when the YControl initialization is done

!!! Keep the profile data in this struct in synch with !!! the agt_profile container in yumaworks-agt-profile.yang

the order of the fields below must exactly match the names and bit number assignments in the follwing files:

  • agt/agt_sil_profile.c

  • sil-sa/sil_sa_profile.c Both files must be changed together to keep the bit numbers aligned

Public Members

ncx_agttarg_t agt_targ

BEGIN DATA SENT TO SUBSYSTEMS; target type (candidate or running)

ncx_agtstart_t agt_start

startup type enum (distinct or mirror)

log_debug_t agt_log_level

requested log-level

log_debug_t agt_syslog_log_level

requested SYSLOG log-level

log_debug_t agt_pthread_log_level

requested PTHREADS log level

boolean agt_session_sync_mutex

session sync mutex flag

boolean agt_log_acm_reads

log NACM read requests

boolean agt_log_acm_writes

log NACM write requests

boolean agt_validate_all

validate all flag

boolean agt_has_startup

has startup flag for —with-startup

boolean agt_usestartup

track —no-startup flag

boolean agt_factorystartup

track —factory-startup flag

boolean agt_startup_error

—startup-error parameter: stop, continue enums only

boolean agt_running_error

—running-error parameter: stop, continue enums only

boolean agt_logappend

—log-append parameter

boolean agt_xmlorder

use strict XML order flag

boolean agt_list_deleteall_ok

allow delete-all and remove-all operations on a list

boolean agt_leaflist_deleteall_ok

allow delete-all and remove-all operations on a leaf-list

boolean agt_stream_output

stream message output: d:true; no CLI support yet

boolean agt_delete_empty_npcontainers

delete empty config=true NP containers: d: false

boolean agt_notif_sequence_id

d: false

boolean agt_yuma_system_notifs

d: false

boolean agt_ietf_system_notifs

d: true

boolean agt_yumaworks_system

d: true

boolean agt_yumaworks_templates

d: true

boolean agt_support_save

d: true (needs WITH_SUPPORT_SAVE=1)

boolean agt_term_msg

d: true for <term-msg> notification

boolean agt_alt_names

Yuma REST-API urlselect extra parameters.

boolean agt_wildcards

Allow wildcards in filters.

ncx_name_match_t agt_match_names

match names behavior; needs to be EXACT for YANG

agt_transaction_model_t agt_transaction_model

TBD private transaction model.

const xmlChar *agt_accesscontrol

access control model

const xmlChar *agt_conffile

config file: default: /etc/yumapro/netconfd-pro.conf

const xmlChar *agt_confdir

config dir: default: /etc/yumapro/netconfd-pro.d

const xmlChar *agt_logfile

main logfile

const xmlChar *agt_startup

startup filespec

const xmlChar *agt_startup_factory_file

factory startup filespec

const xmlChar *agt_defaultStyle

default-style for with-defaults

const xmlChar *agt_extern_libspec

superuser name (allowed to be NULL) moved to agt.c agt_superuserQ Q of ncx_backptr_t to malloced string from CLI parameters

extern library spec

const xmlChar *agt_backup_dir

backup dir location

const xmlChar *agt_server_id

assigned server ID

uint32 agt_eventlog_size

eventlog-size set to 0 to disable replay

uint32 agt_maxburst

&#8212;maxburst parameter

uint32 agt_hello_timeout

&#8212;hello-timeout parameter

uint32 agt_idle_timeout

&#8212;idle-timeout parameter

uint32 agt_linesize

line size for logging

int32 agt_indent

&#8212;indent parameter

int32 agt_message_indent

&#8212;message-indent parameter

boolean agt_usevalidate

&#8212;with-validate parameter

boolean agt_useurl

&#8212;with-url parameter

boolean agt_use_ccommit

enable confirmed-comiit

boolean agt_use_yangapi

enable YANG-API protocol (obsolete: ignored)

boolean agt_use_restconf

enable RESTCONF protocol

boolean agt_use_cli

enable yp-shell

boolean agt_use_netconf

enable NETCONF protocol

boolean agt_use_local_transport

use local transport flag

boolean agt_use_notifications

enable notifications

boolean agt_system_sorted

enable system-sorted (obsolete: sorted by val_child algorithms)

boolean agt_lax_namespaces

lax namespace usage: will try to match element name

agt_acm_model_t agt_acm_model

NACM or external ACM model.

ncx_withdefaults_t agt_defaultStyleEnum

default with-defaults enum

agt_acmode_t agt_accesscontrol_enum

access control enum

uint16 agt_max_sessions

max sessions (total)

uint16 agt_max_cli_sessions

max CLI sessions

uint16 agt_max_user_sessions

max USER sessions

uint16 agt_subsys_timeout

subsystem timeout in seconds

uint16 agt_ports[AGT_MAX_PORTS]

these port numbers are for the NETCONF-over-SSH protocol

uint16 agt_coap_port

the CoAP port number used only if WITH_COAP and agt_use_coap set

uint16 agt_coap_dtls_port

Coap over DTLS port (not implemented)

const xmlChar *agt_coap_address

Coap over DTLS address (not implemented)

const xmlChar *agt_yangapi_server_url

YANG-API server URL (obsolete)

const xmlChar *agt_restconf_server_url

RESTCONF server URL.

boolean agt_use_yuma_proc

load yuma-proc module

boolean agt_use_yuma_arp

load yuma-arp module

boolean agt_use_yuma_if

load yuma-if module

boolean agt_use_yuma_mysession

load yuma-mysession module

boolean agt_use_yumaworks_event_filter

load yumaworks-event-filter module

boolean agt_use_yuma_system

load yuma-system module

boolean agt_use_rollback_on_error

Use rollback-on-error.

All datastore transactions are all-or-none so this parameter is essentially ignored

boolean agt_use_ycontrol

enable YControl protocol

boolean agt_sil_skip_load

skip the SIL callbacks for load-config Useful if the authoritative database is really the external system.

All edits coming from DB-API or loaded from the startup-cfg.xml are already applied to the system via the other database

boolean agt_log_event_drops

log event drops

boolean agt_sil_missing_error

treat missing SIL libraries as an error, not warning

boolean agt_sil_skip_keys

do not invoke the SIL callback for a key leaf

boolean agt_use_rollback_failed_backup

save running config for a commit, in case the rollback fails

boolean agt_allow_tcp_socket

allow a TCP socket instead of an AF_LOCAL socket for connections

boolean agt_use_tcp_socket

use a TCP socket instead of an AF_LOCAL socket for connections

const xmlChar *agt_subsys_info_file

location of subsys info file

boolean agt_save_owners

flag to save owner strings in the database

boolean agt_json_leaf_list_1line

flag to print JSON leaf-list value on 1 line

boolean agt_save_config_system

flag to skip generation of the startup XML file when a save_config is done by the server.

Used with the external config mode where the external system database is already up to date so the XML file is not used Default is false. Set in yp_system_init_profile.

uint8 agt_withdef_enabled

bitmask of the with-defaults enumerations that should be enabled in the server

uint32 agt_watcher_interval

Specifies the number of seconds the YPWatcher process will sleep before checking if the netconfd-pro process has died.

Ignored if &#8212;no-watcher CLI parameter was used

boolean agt_audit_log_candidate

If true, then transactions to the candidate datastore will be recorded in the audit log.

If false, then transactions to the candidate datastore will not be recorded in the audit log.";

boolean agt_sil_validate_candidate

If true, the server will invoke the VALIDATE phase for SIL and SIL-SA callbacks when each edit is made to the candidate datastore.

boolean agt_restconf_strict_headers

If 'true' the server will only accept requests with normative Accept header entries specified in the draft.

boolean agt_autodelete_pdu_error

If 'true' the server will treat edit-config auto-delete because of false when-stmts as an error instead of silent delete.

uint32 agt_sil_getbulk_max

Specifies the maximum number of getbulk entries to request from a GET2 callback.

This value will be used in the get2cb 'max_entries' field. The value 0 is used to indicate there is no max and the GET2 callback can return as many getbulk entries as desired. This is the default for leaf-list GET2 callbacks

const xmlChar *agt_crypt_hash_prefix

specifies the string that will be pre-pended to the password before calling crypt_r to generate the hash for the crypt-hash leaf passed with $0$cleartext

uint8 agt_min_passwd_len

minimum password length when setting crypt-hash variables

boolean agt_with_netconf

If 'true' then the corresponding protocol will be enabled.

Otherwise, the protocol will not be enabled. The incoming connection will be droped if the protocol is disabled. NETCONF is usually enabled

boolean agt_with_restconf

enable RESTCONF sessions

boolean agt_with_yang_api

enable YANG-API sessions (obsolete)

boolean agt_with_yp_shell

enable yp-shell sessions

boolean agt_with_yp_coap

enable YP-CoAP sessions (not supported)

boolean agt_with_yp_coap_dtls

enable YP-CoAP DTLS sessions (not supported)

boolean agt_with_netconf_tls

enable NETCONF over TLS sessions

log_debug_t agt_audit_log_console_level

log console level

log_debug_t agt_audit_log_level

audit log level

boolean agt_ha_enabled

enable YP-HA

boolean agt_ha_sil_standby

call SIL code in standby mode

uint16 agt_ha_port

port number is default 8088

const xmlChar *agt_ha_server_key

server-key to keep HA pools separate

const xmlChar *agt_ha_initial_active

active server to use if standby

boolean agt_simple_json_names

use simple JSON names instead of YANG JSON names

boolean agt_create_empty_npcontainers

LAST DATA SENT TO SUBSYSTEMS create empty NP containers d: true.

boolean agt_with_warnings

this field indicates if agt_record_warning will be allowed to set the error-severity field to warning

boolean agt_library_mode

this field indicates the server is operating in library mode It will look for YANG modules but only load them into its library.

boolean agt_with_config_id

this field indicates if the :config-id capability is enabled or not.

This is an enterprise URI and at least 1 opensource tool complains it is not a valid YANG module URI

boolean agt_no_nvstore

this field indicates that the server should not load or save using the normal APIs during transaction management.

The 'start' choice will be ignored (e.g., &#8212;no-startup)) and the server will not attempt to load a startup-cfg.xml file. Transactions will not be saved to NV-storage at all. Any external NV-storage callbacks will be ignored.

Use this mode if NV-load and NV-storage are handled internally and not via the startup-cfg.xml file.

boolean agt_with_yang11_hello

this field indicates whether the NETCONF hello message should conform to the standard and leave out YANG 1.1 modules.

boolean agt_with_callhome

this field indicates that the IETF Callhome feature is enabled if true and WITH_CALLHOME is built into the image, then the server will attempt to connect to the callhome client servers specified in the callhome config (ietf-server module TBD)

uint16 agt_callhome_retry_interval

this field specifies the number of seconds to wait after a connect attempt to the callhome server has failed.

uint16 agt_callhome_retry_max

this field specifies the number of retry attempts the server should attempt to the callhome server before giving up.

The value 0 indicates the server should never give up.

const xmlChar *agt_sshd_path

set the sshd exectuable path for callhome default is /usr/sbin/sshd only set by vendor in agt_init1 phase

const xmlChar *agt_subsys_path

set the netconf subsystem for sshd exectuable path for callhome default is /usr/sbin/netconf-subsystem-pro only set by vendor in agt_init1 phase

const xmlChar *agt_sshd_config

set the sshd_config file to use for sshd exectuable for callhome default is $HOME/.yumapro/ch_sshd_config.

<ch-server-name> only set by vendor in agt_init1 phase

boolean agt_with_ocpattern

this flag enables/disables the special OpenConfig usage of the YANG pattern-statement.

If true then modules named openconfig-* will be checked as POSIX patterns, not YANG XSD patterns

boolean agt_fileloc_fhs

this flag enables FHS file locations for server data files

boolean agt_no_audit_log

this flag indicates the &#8212;no-audit-log CLI parameter

ncx_msg_encoding_t agt_restconf_default_encoding

this enum indicates the &#8212;restconf-default-encoding CLI parameter

boolean agt_startup_fallback

this flag indicates the &#8212;startup-error parm is set to fallback

boolean agt_running_fallback

this flag indicates the &#8212;running-error parm is set to fallback

boolean agt_with_snmp

this flag indicates that the snmp agent should be enabled

ncx_snmp_agt_role_t agt_snmp_agent_role

identify the SNMP agent native mode master|subagent

uint16 agt_snmp_subagent_priority

identify the SNMP subagent priority, what priority will be used for OID callbacks registration

boolean agt_useurl_tftp

the libcurl variables

&#8212;with-url-tftp

boolean agt_useurl_ftp

&#8212;with-url-ftp

boolean agt_sil_delete_children_first

&#8212;sil-delete-children-first CLI parameter

boolean agt_trim_whitespace

&#8212;trim-whitespace CLI parameter

const xmlChar *agt_netconf_tls_address

&#8212;netconf-tls-address parameter

const xmlChar *agt_netconf_tls_certificate

&#8212;netconf-tls-cerificate parameter

const xmlChar *agt_netconf_tls_key

&#8212;netconf-tls-key parameter

uint16 agt_netconf_tls_port

&#8212;netconf-tls-port parameter

const xmlChar *agt_netconf_tls_trust_store

&#8212;netconf-tls-trust-store parameter

boolean agt_insecure_ok

&#8212;insecure-ok parameter

const xmlChar *agt_cert_default_user

&#8212;cert-default-user parameter

const xmlChar *agt_errmsg_lang

&#8212;errmsg-lang parameter

boolean agt_startup_prune_ok

&#8212;startup-prune-ok parameter

boolean agt_startup_create_ok

no CLI parameter!! set to TRUE! change in yp-system library or agt_profile.c

boolean agt_with_canonical

&#8212;with-canonical parameter

boolean agt_with_modtags

&#8212;with-modtags parameter

boolean agt_sil_invoke_for_defaults

&#8212;sil-invoke-for-defaults parameter

boolean agt_with_gnmi

this flag indicates that the gNMI support should be enabled

boolean agt_ypserver_mode

this flag indicates the server is rnning as yp-controller and not netconfd-pro

boolean agt_sil_prio_reverse_for_deletes

&#8212;sil-prio-reverse-for-deletes parameter

uint32 agt_audit_log_events

&#8212;audit-log-events to control audit log content

boolean agt_sil_root_check_first

&#8212;sil-root-check-first to do root check in edit-config before the SIL validate callbacks are invoked the old (only) behavior is 'false'

boolean agt_sil_wait_sa

No CLI parameter!! Set to TRUE in agt_profile.c the load-config will wait if agt_ncx_load_any_waiting() is true and this parameter is also true.

boolean agt_with_maint_mode

allow maintenance mode to be used

boolean agt_callhome_reconnect

CLI parameter &#8212;callhome-reconnect.

boolean agt_sil_test_get_when

enable config=false when-stmt checking for GET1 and GET2 callback functions; if false then the callback is expected to check the when-stmt itself and return ERR_NCX_NO_INSTANCE if the when-stmts for the node are false; default is true

boolean agt_yuma_time_filter

use the yuma-time-filter module

boolean agt_yumaworks_getbulk

use the yumaworks-getbulk module

boolean agt_yumaworks_ids

use the yumaworks-ids module

boolean agt_use_db_lock

db-lock used only if WITH_YCONTROL=1 and CLI set

int32 agt_max_strlen

max-strlen parameter

boolean agt_with_yumaworks_callhome

with-yumaworks-callhome

boolean agt_with_yumaworks_config_change

with-yumaworks-config-change

boolean agt_with_yumaworks_event_stream

with-yumaworks-event-stream

agt_crl_mode_t agt_crl_mode

tls-crl-mode parameter

boolean agt_crl_missing_ok

tls-crl-missing-ok parameter

boolean agt_with_nmda

with-nmda

boolean agt_startup_skip_validation

startup-skip-validation

boolean agt_cvt_subtree_filter

convert-subtree-filterparameter

boolean agt_import_version_bestmatch

import-version-bestmatch parameter

boolean agt_with_yang_patch_running

with-yang-patch-running parameter

uint16 agt_push_min_period

push-min-period parameter

uint16 agt_push_min_dampening

push-min-dampening parameter

uint32 agt_push_max_periodic

push-max-periodic parameter

uint32 agt_push_max_operational

push-max-operational parameter

uint32 agt_push_simop_period

push-simop-period parameter

boolean agt_push_simop_enabled

push-simop-enabled parameter

boolean agt_push_simop_patch_update

push-simop-patch-update parameter

boolean agt_wait_datastore_ready

wait-datastore-ready parameter

boolean agt_return_status

return exit code or zero

boolean agt_with_grpc

this flag indicates that the gRPC support should be enabled

boolean agt_with_sm

this flag indicates that the Schema Mount support should be enabled

const xmlChar *agt_sm_config

set the Schema Mount configuration file.

Specifies the XML or JSON file to read which contains the configuration data needed to create desired mount-points.

This config file controls what is in the YANG Library for each mount-point label.

ncx_msg_encoding_t agt_sm_config_encoding

this flag indicates what parser engine to use to parse the SM Config file.

boolean agt_use_yumaworks_sm_yanglib

load yumaworks-sm-yanglib module ignred unless agt_with_sm and agt_sm_config both set

boolean agt_use_yumaworks_cert_usermap

load yumaworks-cert-usermap module

boolean agt_remove_schema_aug_leafs

this flag indicates the deprecated schema list leafs added from yumaworks-system should be removed.

The nodes are not removed from the YANG module, but the server will not send these optional leafs in any response to a client. Fixes ODL bug which rejects session if an augmenting node is found in this list

boolean agt_tls_debug

&#8212;tls-debug CLI parameter this flag indicates that extra TLS debugging should be enabled in the server

const xmlChar *agt_tls_cipherlist

&#8212;tls-cipherlist CLI parameter Use with extreme caution! Advanced libopenssl usage not supported passed directly to SSL_CTX_set_cipher_list in agt_openssl.c

boolean agt_silcall_delete_first

YPW-1975: SILCALL delete first.

boolean agt_highres_event_time

&#8212;highres-event-time parameter Affects the <eventTime> leaf in all notifications

boolean agt_with_yang_cbor

with-yang-cbor parameter

ncx_yang_sid_mode_t agt_yang_sid_mode

yang-sid-mode parameter

boolean agt_xpath_dblslash_ok

YPW-1981: XPath Dblslash OK.

obj_testflags_t agt_rootflags

root commit descendant test flags

boolean agt_load_done

server load-config done flag

boolean agt_load_validate_errors

server load-config had errors flag

boolean agt_load_rootcheck_errors

server load-config root-check had errors flag

boolean agt_load_top_rootcheck_errors

server load-config had top root-check errors flag

boolean agt_load_apply_errors

server load-config had apply phase errors flag

boolean agt_load_factory_fallback

server load-config allowed to use factory-fallback flag

boolean agt_load_def_startup_factory

server load-config factory flag

dlq_hdr_t agt_savedevQ

Q of malloced ncx_save_deviations_t.

dlq_hdr_t agt_commit_testQ

Q of malloced agt_commit_test_t.

xmlChar *agt_startup_txid_file

cached location of startup transaction ID file

xmlChar *agt_socket_address

strdup of socket-address CLI parameter

uint16 agt_socket_port

listen on this TCP port if TCP socket is enabled

xmlChar *agt_conf_dirspec

malloced string indicating the confdir pathspec in use

boolean agt_confdir_skipped
agt_ha_role_t agt_ha_role

saved HA role

boolean agt_defer_load

saved defer load config flag

Datastore Fields

Field Name

CLI Override

Default

agt_autodelete_pdu_error

--autodelete-pdu-error

true

agt_create_empty_npcontainers

--create-empty-npcontainers

true

agt_backup_dir

none

$HOME/.yumapro/backups

agt_defaultStyle

--default-style

explicit

agt_defaultStyleEnum

--default-style

NCX_WITHDEF_EXPLICIT

agt_no_nvstore

--no-nvstore

not present

agt_running_error

--running-error

false

agt_save_config_system

none

false

agt_sil_validate_candidate

--sil-validate-candidate

true

agt_sil_skip_load

--sil-skip-load

false

agt_start

--with-startup

NCX_AGT_START_MIRROR

agt_startup_error

--startup-error

false

agt_system_sorted

--system-sorted

true

agt_targ

--target

NCX_AGT_TARG_CANDIDATE

Logging Fields

Field Name

CLI Override

Default

agt_audit_log_candidate

:ref:` --audit-log-candidate`

true

agt_audit_log_console_level

--audit-log-console-level

LOG_DEBUG_DEBUG

agt_audit_log_level

--audit-log-level

LOG_DEBUG_INFO

agt_logfile

--log

none

agt_logappend

--log-append

none

agt_log_acm_reads

none

false

agt_log_acm_writes

none

true

agt_log_level

--log-level

LOG_DEBUG_INFO

agt_pthread_log_level

--log-pthread-level

LOG_DEBUG_INFO

agt_syslog_log_level

--log-syslog-level

LOG_DEBUG_INFO

Notification Fields

Field Name

CLI Override

Default

agt_eventlog_size

--eventlog-size

1000

agt_maxburst

--max-burst

10

agt_notif_sequence_id

none

false

agt_ietf_system_notifs

--system-notifications

true

agt_use_notifications

--with-notifications

true

agt_yuma_system_notifs

--system-notifications

false

agt_log_event_drops

--log-event-drops

false

Access Control Fields

Field Name

CLI Override

Default

agt_accesscontrol

--access-control

enforcing

agt_acm_model

none

AGT_ACM_MODEL_IETF_NACM

agt_superuserQ

--superuser

none

agt_crypt_hash_prefix

none

$6$

agt_min_password_len

none

8

Protocol Capability and YANG Module Fields

Field Name

CLI Override

Default

agt_with_netconf

--with-netconf

true

agt_with_restconf

--with-restconf

true

agt_with_yang_api

--with-yang-api

false

agt_with_yp_shell

--with-yp-shell

true

agt_useurl

--with-url

true

agt_usevalidate

--with-validate

true

agt_use_ccommit

none

true

agt_use_cli

none

true if compiled WITH_CLI=1

agt_use_local_transport

none

true if compiled DEBUG=1

agt_use_netconf

none

true

agt_use_yangapi

none

true if compiled WITH_YANGAPI=1

agt_use_yuma_arp

none

true if compiled WITH_YUMA_ARP=1

agt_use_yuma_if

none

true if compiled WITH_YUMA_INTERFACES=1

agt_use_yuma_mysession

--module=yuma-mysession

false

agt_use_yuma_proc

none

true if compiled WITH_YUMA_PROC=1

agt_use_yumaworks_event_filter

--with-yumaworks-event-filter

true

agt_yumaworks_system

--with-yumaworks-system

true

agt_withdef_enabled

none

all bits enabled (15)

General Fields

Field Name

CLI Override

Default

agt_alt_names

--alt-names

true

agt_conffile

--config

/etc/yumapro/netconfd-pro.conf

agt_hello_timeout

--hello-timeout

600

agt_idle_timeout

--idle-timeout

3600

agt_indent

--indent

1

agt_lax_namespaces

none

true

agt_linesize

none

72

agt_match_names

--match-names

NCX_MATCH_EXACT

agt_max_sessions

--max-sessions

8

agt_sil_getbulk_max

--max-getbulk

10

agt_simple_json_names

--simple-json-names

false

agt_message_indent

--message-indent

-1

agt_ports

--port

830

agt_restconf_server_url

--restconf-server-url

http://localhost

agt_restconf_strict_accept

--restconf-strict-headers

false

agt_sil_missing_error

--sil-missing-error

false

agt_stream_output

none

true

agt_wildcards

--wildcard-keys

false

agt_with_config_id

--with-config-id

true

agt_with_warnings

--with-warnings

false

agt_xmlorder

--usexmlorder

false

agt_yangapi_server_url

--yangapi-server-url

http://localhost

agt_library_mode

--library-mode

false

High Availability Specific Fields

Field Name

CLI Override

Default

agt_ha_enabled

--ha-enabled

false

agt_ha_sil_standby

--ha-sil-standby

false

agt_ha_port

--socket-port

8088

agt_ha_server_key

--ha-server-key

none

agt_ha_initial_active

--ha-initial-active

none