idnits 2.17.1 draft-ietf-netmod-system-mgmt-05.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 210 has weird spacing: '...address ine...' == Line 547 has weird spacing: '...atabase http:...' == The document seems to lack the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. (The document does seem to have the reference to RFC 2119 which the ID-Checklist requires). -- The document date (February 25, 2013) is 4070 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Downref: Normative reference to an Experimental draft: draft-lange-netmod-iana-timezones (ref. 'I-D.lange-netmod-iana-timezones') -- Possible downref: Non-RFC (?) normative reference: ref. 'IEEE-1003.1-2008' ** Downref: Normative reference to an Informational RFC: RFC 1321 ** Obsolete normative reference: RFC 6021 (Obsoleted by RFC 6991) ** Obsolete normative reference: RFC 6536 (Obsoleted by RFC 8341) Summary: 4 errors (**), 0 flaws (~~), 4 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group A. Bierman 3 Internet-Draft YumaWorks 4 Intended status: Standards Track M. Bjorklund 5 Expires: August 29, 2013 Tail-f Systems 6 February 25, 2013 8 YANG Data Model for System Management 9 draft-ietf-netmod-system-mgmt-05 11 Abstract 13 This document defines a YANG data model for the configuration and 14 identification of the management system of a device. 16 Status of this Memo 18 This Internet-Draft is submitted in full conformance with the 19 provisions of BCP 78 and BCP 79. 21 Internet-Drafts are working documents of the Internet Engineering 22 Task Force (IETF). Note that other groups may also distribute 23 working documents as Internet-Drafts. The list of current Internet- 24 Drafts is at http://datatracker.ietf.org/drafts/current/. 26 Internet-Drafts are draft documents valid for a maximum of six months 27 and may be updated, replaced, or obsoleted by other documents at any 28 time. It is inappropriate to use Internet-Drafts as reference 29 material or to cite them other than as "work in progress." 31 This Internet-Draft will expire on August 29, 2013. 33 Copyright Notice 35 Copyright (c) 2013 IETF Trust and the persons identified as the 36 document authors. All rights reserved. 38 This document is subject to BCP 78 and the IETF Trust's Legal 39 Provisions Relating to IETF Documents 40 (http://trustee.ietf.org/license-info) in effect on the date of 41 publication of this document. Please review these documents 42 carefully, as they describe your rights and restrictions with respect 43 to this document. Code Components extracted from this document must 44 include Simplified BSD License text as described in Section 4.e of 45 the Trust Legal Provisions and are provided without warranty as 46 described in the Simplified BSD License. 48 Table of Contents 50 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 51 1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 52 1.1.1. Terms . . . . . . . . . . . . . . . . . . . . . . . . 3 53 1.2. Tree Diagrams . . . . . . . . . . . . . . . . . . . . . . 3 54 2. Objectives . . . . . . . . . . . . . . . . . . . . . . . . . . 5 55 2.1. System Identification . . . . . . . . . . . . . . . . . . 5 56 2.2. System Time Management . . . . . . . . . . . . . . . . . . 5 57 2.3. User Authentication . . . . . . . . . . . . . . . . . . . 5 58 3. System Data Model . . . . . . . . . . . . . . . . . . . . . . 6 59 3.1. System Identification . . . . . . . . . . . . . . . . . . 6 60 3.2. System Time Management . . . . . . . . . . . . . . . . . . 6 61 3.3. DNS Resolver Model . . . . . . . . . . . . . . . . . . . . 6 62 3.4. RADIUS Client Model . . . . . . . . . . . . . . . . . . . 7 63 3.5. User Authentication Model . . . . . . . . . . . . . . . . 7 64 3.5.1. SSH Public Key Authentication . . . . . . . . . . . . 8 65 3.5.2. Local User Password Authentication . . . . . . . . . . 8 66 3.5.3. RADIUS Password Authentication . . . . . . . . . . . . 8 67 3.6. System Control . . . . . . . . . . . . . . . . . . . . . . 9 68 4. System YANG module . . . . . . . . . . . . . . . . . . . . . . 10 69 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 26 70 6. Security Considerations . . . . . . . . . . . . . . . . . . . 27 71 7. Change Log . . . . . . . . . . . . . . . . . . . . . . . . . . 29 72 7.1. 00-01 . . . . . . . . . . . . . . . . . . . . . . . . . . 29 73 7.2. 01-02 . . . . . . . . . . . . . . . . . . . . . . . . . . 29 74 7.3. 02-03 . . . . . . . . . . . . . . . . . . . . . . . . . . 29 75 7.4. 03-04 . . . . . . . . . . . . . . . . . . . . . . . . . . 29 76 7.5. 04-05 . . . . . . . . . . . . . . . . . . . . . . . . . . 29 77 8. Normative References . . . . . . . . . . . . . . . . . . . . . 30 78 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 32 80 1. Introduction 82 This document defines a YANG [RFC6020] data model for the 83 configuration and identification of the management system of a 84 device. 86 Devices that are managed by NETCONF and perhaps other mechanisms have 87 common properties that need to be configured and monitored in a 88 standard way. 90 The "ietf-system" YANG module defined in this document provides the 91 following features: 93 o system administrative data configuration 95 o system identification monitoring 97 o system time-of-day configuration and monitoring 99 o user authentication configuration 101 o local users configuration 103 1.1. Terminology 105 The keywords "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 106 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 107 "OPTIONAL" in this document are to be interpreted as described in BCP 108 14, [RFC2119]. 110 1.1.1. Terms 112 The following terms are used within this document: 114 o system: This term refers to the embodiment of the entire set of 115 management interfaces that a single NETCONF server is supporting 116 at a given moment. The set of physical entities managed by a 117 single NETCONF server can be static or it can change dynamically. 119 1.2. Tree Diagrams 121 A simplified graphical representation of the data model is used in 122 this document. The meaning of the symbols in these diagrams is as 123 follows: 125 o Brackets "[" and "]" enclose list keys. 127 o Abbreviations before data node names: "rw" means configuration 128 (read-write) and "ro" state data (read-only). 130 o Symbols after data node names: "?" means an optional node and "*" 131 denotes a "leaf-list". 133 o Parentheses enclose choice and case nodes, and case nodes are also 134 marked with a colon (":"). 136 o Ellipsis ("...") stands for contents of subtrees that are not 137 shown. 139 2. Objectives 141 2.1. System Identification 143 There are many common properties used to identify devices, operating 144 systems, software versions, etc. that need to be supported in the 145 system data module. These objects are defined as operational data 146 and intended to be specific to the device vendor. 148 Some user-configurable administrative strings are also provided such 149 as the system location and description. 151 2.2. System Time Management 153 The management of the date and time used by the system need to be 154 supported. Use of one or more NTP servers to automatically set the 155 system date and time need to be possible. Utilization of the 156 Timezone database [RFC6557] also need to be supported. 158 2.3. User Authentication 160 The authentication mechanism need to support password authentication 161 over RADIUS, to support deployment scenarios with centralized 162 authentication servers. Additionally, local users need to be 163 supported, for scenarios when no centralized authentication server 164 exists, or for situations where the centralized authentication server 165 cannot be reached from the device. 167 Since the mandatory transport protocol for NETCONF is SSH [RFC6242] 168 the authentication model need to support SSH's "publickey" and 169 "password" authentication methods [RFC4252]. 171 The model for authentication configuration should be flexible enough 172 to support authentication methods defined by other standard documents 173 or by vendors. 175 3. System Data Model 177 3.1. System Identification 179 The data model for system identification has the following structure: 181 +--rw system 182 +--rw contact? string 183 +--rw name? string 184 +--rw location? string 185 +--ro platform 186 +--ro os-name? string 187 +--ro os-release? string 188 +--ro os-version? string 189 +--ro machine? string 190 +--ro nodename? string 192 3.2. System Time Management 194 The data model for system time management has the following 195 structure: 197 +--rw system 198 +--rw clock 199 | +--ro current-datetime? yang:date-and-time 200 | +--ro boot-datetime? yang:date-and-time 201 | +--rw (timezone)? 202 | +--:(timezone-location) 203 | | +--rw timezone-location? string 204 | +--:(timezone-utc-offset) 205 | +--rw timezone-utc-offset? int16 206 +--rw ntp 207 +--rw use-ntp? boolean 208 +--rw ntp-server [address] 209 +--rw association-type? enumeration 210 +--rw address inet:host 211 +--rw enabled? boolean 212 +--rw iburst? boolean 213 +--rw prefer? boolean 215 3.3. DNS Resolver Model 217 The data model for configuration of the DNS resolver has the 218 following structure: 220 +--rw system 221 +--rw dns 222 +--rw search* inet:host 223 +--rw server* inet:ip-address 224 +--rw options 225 +--rw timeout? uint8 226 +--rw attempts? uint8 228 3.4. RADIUS Client Model 230 The data model for configuration of the RADIUS client has the 231 following structure: 233 +--rw system 234 +--rw radius 235 +--rw server [address] 236 | +--rw address inet:host 237 | +--rw authentication-port? inet:port-number 238 | +--rw shared-secret? string 239 +--rw options 240 +--rw timeout? uint8 241 +--rw attempts? uint8 243 3.5. User Authentication Model 245 This document defines three authentication methods for use with 246 NETCONF: 248 o publickey for local users over SSH 250 o password for local users over any transport 252 o password for RADIUS users over any transport 254 Additional methods can be defined by other standard documents or by 255 vendors. 257 This document defines two optional YANG features, "local-users" and 258 "radius-authentication", which the server advertises to indicate 259 support for configuring local users on the device, and support for 260 using RADIUS for authentication, respectively. 262 The authentication parameters defined in this document are primarily 263 used to configure authentication of NETCONF users, but MAY also be 264 used by other interfaces, e.g., a Command Line Interface or a Web- 265 based User Interface. 267 The data model for user authentication has the following structure: 269 +--rw system 270 +--rw authentication 271 +--rw user-authentication-order* identityref 272 +--rw user [name] 273 +--rw name string 274 +--rw password? crypt-hash 275 +--rw ssh-key [name] 276 +--rw name string 277 +--rw algorithm? string 278 +--rw key-data? binary 280 3.5.1. SSH Public Key Authentication 282 If the NETCONF server advertises the "local-users" feature, 283 configuration of local users and their SSH public keys is supported 284 in the /system/authentication/user list. 286 Public key authentication is requested by the SSH client. If the 287 "local-users" feature is supported, then when a NETCONF client starts 288 an SSH session towards the server using the "publickey" 289 authentication "method name" [RFC4252], the SSH server looks up the 290 user name given in the SSH authentication request in the /system/ 291 authentication/user list, and verifies the key as described in 292 [RFC4253]. 294 3.5.2. Local User Password Authentication 296 If the NETCONF server advertises the "local-users" feature, 297 configuration of local users and their passwords is supported in the 298 /system/authentication/user list. 300 For NETCONF transport protocols that support password authentication, 301 the leaf-list "user-authentication-order" is used to control if local 302 user password authentication should be used. 304 In SSH, password authentication is requested by the client. Other 305 NETCONF transport protocols MAY also support password authentication. 307 When local user password authentication is requested, the NETCONF 308 transport looks up the user name provided by the client in the 309 /system/ authentication/user list, and verifies the password. 311 3.5.3. RADIUS Password Authentication 313 If the NETCONF server advertises the "radius-authentication" feature, 314 the device supports user authentication using RADIUS. 316 For NETCONF transport protocols that support password authentication, 317 the leaf-list "user-authentication-order" is used to control if 318 RADIUS password authentication should be used. 320 In SSH, password authentication is requested by the client. Other 321 NETCONF transport protocols MAY also support password authentication. 323 3.6. System Control 325 Two protocol operations are included to restart or shutdown the 326 system. The 'system-restart' operation can be used to restart the 327 entire system (not just the NETCONF server). The 'system-shutdown' 328 operation can be used to power off the entire system. 330 4. System YANG module 332 This YANG module imports YANG extensions from [RFC6536], and imports 333 YANG types from [RFC6021] and [I-D.lange-netmod-iana-timezones]. It 334 also references [RFC1321], [RFC2865], [RFC3418], [RFC5607], 335 [IEEE-1003.1-2008], and [FIPS.180-3.2008]. 337 RFC Ed.: update the date below with the date of RFC publication and 338 remove this note. 340 file "ietf-system@2013-02-25.yang" 342 module ietf-system { 343 namespace "urn:ietf:params:xml:ns:yang:ietf-system"; 344 prefix "sys"; 346 import ietf-yang-types { 347 prefix yang; 348 } 350 import ietf-inet-types { 351 prefix inet; 352 } 354 import ietf-netconf-acm { 355 prefix nacm; 356 } 358 import iana-timezones { 359 prefix ianatz; 360 } 362 organization 363 "IETF NETMOD (NETCONF Data Modeling Language) Working Group"; 365 contact 366 "WG Web: 367 WG List: 369 WG Chair: David Kessens 370 372 WG Chair: Juergen Schoenwaelder 373 375 Editor: Andy Bierman 376 378 Editor: Martin Bjorklund 379 "; 381 description 382 "This module contains a collection of YANG definitions for the 383 configuration and identification of the management system of a 384 device. 386 Copyright (c) 2012 IETF Trust and the persons identified as 387 authors of the code. All rights reserved. 389 Redistribution and use in source and binary forms, with or 390 without modification, is permitted pursuant to, and subject 391 to the license terms contained in, the Simplified BSD License 392 set forth in Section 4.c of the IETF Trust's Legal Provisions 393 Relating to IETF Documents 394 (http://trustee.ietf.org/license-info). 396 This version of this YANG module is part of RFC XXXX; see 397 the RFC itself for full legal notices."; 399 // RFC Ed.: replace XXXX with actual RFC number and remove this 400 // note. 402 // RFC Ed.: remove this note 403 // Note: extracted from draft-ietf-netmod-system-mgmt-05.txt 405 // RFC Ed.: update the date below with the date of RFC publication 406 // and remove this note. 407 revision "2013-02-25" { 408 description 409 "Initial revision."; 410 reference 411 "RFC XXXX: A YANG Data Model for System Management"; 412 } 414 /* 415 * Typedefs 416 */ 418 typedef crypt-hash { 419 type string { 420 pattern "$0$.*|$(1|5|6)$[a-zA-Z0-9./]{2,16}$.*"; 421 } 422 description 423 "The crypt-hash type is used to store passwords using 424 a hash function. This type is implemented in various UNIX 425 systems as the function crypt(3). 427 When a clear text value is set to a leaf of this type, the 428 server calculates a password hash, and stores the result 429 in the datastore. Thus, the password is never stored in 430 clear text. 432 When a leaf of this type is read, the stored password hash is 433 returned. 435 A value of this type matches one of the forms: 437 $0$ 438 $$$ 440 The '$0$' prefix signals that the value is clear text. When 441 such a value is received by the server, a hash value is 442 calculated, and the string '$$$' is prepended to the 443 result, where is a random 2-16 characters long salt 444 used to generate the digest. This value is stored in the 445 configuration data store. 447 If a value starting with '$$$' is received, the 448 server knows that the value already represents a hashed value, 449 and stores it as is in the data store. 451 When a server needs to verify a password given by a user, it 452 finds the stored password hash string for that user, extracts 453 the salt, and calculates the hash with the salt and given 454 password as input. If the calculated hash value is the same 455 as the stored value, the password given by the client is 456 correct. 458 This type defines the following hash functions: 460 id | hash function | feature 461 ---+---------------+------------------- 462 1 | MD5 | crypt-hash-md5 463 5 | SHA-256 | crypt-hash-sha-256 464 6 | SHA-512 | crypt-hash-sha-512 466 The server indicates support for the different hash functions 467 by advertising the corresponding feature."; 468 reference 469 "IEEE Std 1003.1-2008 - crypt() function 470 Wikipedia: http://en.wikipedia.org/wiki/Crypt_(Unix) 471 RFC 1321: The MD5 Message-Digest Algorithm 472 FIPS.180-3.2008: Secure Hash Standard"; 473 } 474 /* 475 * Features 476 */ 478 feature radius { 479 description 480 "Indicates that the device can be configured as a RADIUS 481 client."; 482 reference 483 "RFC 2865: Remote Authentication Dial In User Service " 484 + "(RADIUS)"; 485 } 487 feature authentication { 488 description 489 "Indicates that the device can be configured 490 to do authentication of users."; 491 } 493 feature local-users { 494 if-feature authentication; 495 description 496 "Indicates that the device supports 497 local user authentication."; 498 } 500 feature radius-authentication { 501 if-feature radius; 502 if-feature authentication; 503 description 504 "Indicates that the device supports user authentication over 505 RADIUS."; 506 reference 507 "RFC 2865: Remote Authentication Dial In User Service (RADIUS) 508 RFC 5607: Remote Authentication Dial-In User Service (RADIUS) 509 Authorization for Network Access Server (NAS) 510 Management"; 511 } 513 feature crypt-hash-md5 { 514 description 515 "Indicates that the device supports the MD5 516 hash function in 'crypt-hash' values"; 517 reference "RFC 1321: The MD5 Message-Digest Algorithm"; 518 } 520 feature crypt-hash-sha-256 { 521 description 522 "Indicates that the device supports the SHA-256 523 hash function in 'crypt-hash' values"; 524 reference "FIPS.180-3.2008: Secure Hash Standard"; 525 } 527 feature crypt-hash-sha-512 { 528 description 529 "Indicates that the device supports the SHA-512 530 hash function in 'crypt-hash' values"; 531 reference "FIPS.180-3.2008: Secure Hash Standard"; 532 } 534 feature ntp { 535 description 536 "Indicates that the device can be configured 537 to use one or more NTP servers to set the 538 system date and time."; 539 } 541 feature timezone-location { 542 description 543 "Indicates that the local timezone on the device 544 can be configured to use the TZ database 545 to set the timezone and manage daylight savings time."; 546 reference 547 "TZ Database http://www.twinsun.com/tz/tz-link.htm 548 Maintaining the Timezone Database 549 RFC 6557 (BCP 175)"; 550 } 552 /* 553 * Identities 554 */ 556 identity authentication-method { 557 description 558 "Base identity for user authentication methods."; 559 } 561 identity radius { 562 base authentication-method; 563 description 564 "Indicates user authentication using RADIUS."; 565 reference 566 "RFC 2865: Remote Authentication Dial In User Service (RADIUS) 567 RFC 5607: Remote Authentication Dial-In User Service (RADIUS) 568 Authorization for Network Access Server (NAS) 569 Management"; 571 } 573 identity local-users { 574 base authentication-method; 575 description 576 "Indicates password-based authentication of locally 577 configured users."; 578 } 580 identity radius-authentication-type { 581 description 582 "Base identity for RADIUS authentication types."; 583 } 585 identity radius-pap { 586 base radius-authentication-type; 587 description 588 "The device requests PAP authentication from the RADIUS 589 server."; 590 reference 591 "RFC 2865: Remote Authentication Dial In User Service"; 592 } 594 identity radius-chap { 595 base radius-authentication-type; 596 description 597 "The device requests CHAP authentication from the RADIUS 598 server."; 599 reference 600 "RFC 2865: Remote Authentication Dial In User Service"; 601 } 603 /* 604 * Top-level container 605 */ 607 container system { 608 description 609 "System group configuration."; 611 leaf contact { 612 type string { 613 length "0..255"; 614 } 615 description 616 "The administrator contact information for the system."; 617 reference 618 "RFC 3418 - Management Information Base (MIB) for the 619 Simple Network Management Protocol (SNMP) 620 SNMPv2-MIB.sysContact"; 621 } 623 leaf name { 624 type string { 625 length "0..255"; 626 } 627 description 628 "The administratively assigned system name."; 629 reference 630 "RFC 3418 - Management Information Base (MIB) for the 631 Simple Network Management Protocol (SNMP) 632 SNMPv2-MIB.sysName"; 633 } 635 leaf location { 636 type string { 637 length "0..255"; 638 } 639 description 640 "The system location"; 641 reference 642 "RFC 3418 - Management Information Base (MIB) for the 643 Simple Network Management Protocol (SNMP) 644 SNMPv2-MIB.sysLocation"; 645 } 647 container platform { 648 config false; 649 description 650 "Contains vendor-specific information for 651 identifying the system platform and operating system."; 652 reference 653 "IEEE Std 1003.1-2008 - sys/utsname.h"; 655 leaf os-name { 656 type string; 657 description 658 "The name of the operating system in use, 659 for example 'Linux'"; 660 reference 661 "IEEE Std 1003.1-2008 - utsname.sysname"; 662 } 664 leaf os-release { 665 type string; 666 description 667 "The current release level of the operating 668 system in use. This string MAY indicate 669 the OS source code revision."; 670 reference 671 "IEEE Std 1003.1-2008 - utsname.release"; 672 } 674 leaf os-version { 675 type string; 676 description 677 "The current version level of the operating 678 system in use. This string MAY indicate 679 the specific OS build date and target variant 680 information."; 681 reference 682 "IEEE Std 1003.1-2008 - utsname.version"; 683 } 685 leaf machine { 686 type string; 687 description 688 "A vendor-specific identifier string representing 689 the hardware in use."; 690 reference 691 "IEEE Std 1003.1-2008 - utsname.machine"; 692 } 694 leaf nodename { 695 type string; 696 description 697 "The host name of this system."; 698 reference 699 "IEEE Std 1003.1-2008 - utsname.nodename"; 700 } 701 } 703 container clock { 704 description 705 "Configuration and monitoring of the system 706 date and time properties."; 708 leaf current-datetime { 709 type yang:date-and-time; 710 config false; 711 description 712 "The current system date and time."; 713 } 714 leaf boot-datetime { 715 type yang:date-and-time; 716 config false; 717 description 718 "The system date and time when the NETCONF 719 server last restarted."; 720 } 722 choice timezone { 723 description 724 "The system timezone information."; 726 leaf timezone-location { 727 if-feature timezone-location; 728 type ianatz:iana-timezone; 729 description 730 "The TZ database location identifier string 731 to use for the system, such as 'Europe/Stockholm'."; 732 } 734 leaf timezone-utc-offset { 735 type int16 { 736 range "-1500 .. 1500"; 737 } 738 units "minutes"; 739 description 740 "The number of minutes to add to UTC time to 741 identify the timezone for this system. 742 For example, 'UTC - 8:00 hours' would be 743 represented as '-480'. Note that automatic 744 daylight savings time adjustment is not provided, 745 if this object is used."; 746 } 747 } 748 } 750 container ntp { 751 if-feature ntp; 753 description 754 "Configuration of the NTP client."; 756 leaf use-ntp { 757 type boolean; 758 default true; 759 description 760 "Indicates that the system should attempt 761 to synchronize the system clock with an 762 NTP server from the 'ntp-server' list."; 763 } 765 list ntp-server { 766 key address; 767 description 768 "List of NTP servers to use for 769 system clock synchronization. If 'use-ntp' 770 is 'true', then the system will attempt to 771 contact and utilize the specified NTP servers."; 773 leaf association-type { 774 type enumeration { 775 enum server { 776 description 777 "Use server association mode. This device 778 is not expected to synchronize with the 779 configured NTP server."; 780 } 781 enum peer { 782 description 783 "Use peer association mode. This device 784 may be expected to synchronize with the 785 configured NTP server."; 786 } 787 enum pool { 788 description 789 "Use pool association mode. This device 790 is not expected to synchronize with the 791 configured NTP server."; 792 } 793 } 794 default server; 795 description 796 "The desired association type for this NTP server."; 797 } 798 leaf address { 799 type inet:host; 800 description 801 "The IP address or domain name of the NTP server."; 802 } 803 leaf enabled { 804 type boolean; 805 default true; 806 description 807 "Indicates whether this server is enabled for use or 808 not."; 809 } 810 leaf iburst { 811 type boolean; 812 default false; 813 description 814 "Indicates whether this server should enable burst 815 synchronization or not."; 816 } 817 leaf prefer { 818 type boolean; 819 default false; 820 description 821 "Indicates whether this server should be preferred 822 or not."; 823 } 824 } 825 } 827 container dns { 828 description 829 "Configuration of the DNS resolver."; 831 leaf-list search { 832 type inet:host; 833 ordered-by user; 834 description 835 "An ordered list of domains to search when resolving 836 a host name."; 837 } 838 leaf-list server { 839 type inet:ip-address; 840 ordered-by user; 841 description 842 "Addresses of the name servers that the resolver should 843 query. 845 Implementations MAY limit the number of entries in this 846 leaf list."; 847 } 848 container options { 849 description 850 "Resolver options. The set of available options has been 851 limited to those that are generally available across 852 different resolver implementations, and generally 853 useful."; 854 leaf timeout { 855 type uint8 { 856 range "1..max"; 857 } 858 units "seconds"; 859 default "5"; 860 description 861 "The amount of time the resolver will wait for a 862 response from a remote name server before 863 retrying the query via a different name server."; 864 } 865 leaf attempts { 866 type uint8 { 867 range "1..max"; 868 } 869 default "2"; 870 description 871 "The number of times the resolver will send a query to 872 its name servers before giving up and returning an 873 error to the calling application."; 874 } 875 } 876 } 878 container radius { 879 if-feature radius; 881 description 882 "Configuration of the RADIUS client."; 884 list server { 885 key address; 886 ordered-by user; 887 description 888 "List of RADIUS servers used by the device."; 890 leaf address { 891 type inet:host; 892 description 893 "The address of the RADIUS server."; 894 } 895 leaf authentication-port { 896 type inet:port-number; 897 default "1812"; 898 description 899 "The port number of the RADIUS server."; 900 } 901 leaf shared-secret { 902 type string; 903 nacm:default-deny-all; 904 description 905 "The shared secret which is known to both the RADIUS 906 client and server."; 907 reference 908 "RFC 2865: Remote Authentication Dial In User Service"; 909 } 910 leaf authentication-type { 911 type identityref { 912 base radius-authentication-type; 913 } 914 default radius-pap; 915 description 916 "The authentication type requested from the RADIUS 917 server."; 918 } 919 } 920 container options { 921 description 922 "RADIUS client options."; 924 leaf timeout { 925 type uint8 { 926 range "1..max"; 927 } 928 units "seconds"; 929 default "5"; 930 description 931 "The number of seconds the device will wait for a 932 response from a RADIUS server before trying with a 933 different server."; 934 } 935 leaf attempts { 936 type uint8 { 937 range "1..max"; 938 } 939 default "2"; 940 description 941 "The number of times the device will send a query to 942 the RADIUS servers before giving up."; 943 } 944 } 945 } 947 container authentication { 948 nacm:default-deny-write; 949 if-feature authentication; 951 description 952 "The authentication configuration subtree."; 954 leaf-list user-authentication-order { 955 type identityref { 956 base authentication-method; 957 } 958 must '(. = "sys:radius" and ../../radius/server) or' 959 + '(. != "sys:radius")' { 960 error-message 961 "When 'radius' is used, a radius server" 962 + " must be configured."; 963 } 964 ordered-by user; 966 description 967 "When the device authenticates a user with 968 a password, it tries the authentication methods in this 969 leaf-list in order. If authentication with one method 970 fails, the next method is used. If no method succeeds, 971 the user is denied access. 973 If the 'radius-authentication' feature is advertised by 974 the NETCONF server, the 'radius' identity can be added to 975 this list. 977 If the 'local-users' feature is advertised by the 978 NETCONF server, the 'local-users' identity can be 979 added to this list."; 980 } 982 list user { 983 if-feature local-users; 984 key name; 985 description 986 "The list of local users configured on this device."; 988 leaf name { 989 type string; 990 description 991 "The user name string identifying this entry."; 992 } 993 leaf password { 994 type crypt-hash; 995 description 996 "The password for this entry."; 997 } 998 list ssh-key { 999 key name; 1000 description 1001 "A list of public SSH keys for this user."; 1003 reference 1004 "RFC 4253: The Secure Shell (SSH) Transport Layer 1005 Protocol"; 1007 leaf name { 1008 type string; 1009 description 1010 "An arbitrary name for the ssh key."; 1011 } 1012 leaf algorithm { 1013 type string; 1014 description 1015 "The public key algorithm name for this ssh key. 1017 Valid values are the values in the IANA Secure Shell 1018 (SSH) Protocol Parameters registry, Public Key 1019 Algorithm Names"; 1020 reference 1021 "IANA Secure Shell (SSH) Protocol Parameters registry, 1022 Public Key Algorithm Names"; 1023 } 1024 leaf key-data { 1025 type binary; 1026 description 1027 "The binary key data for this ssh key."; 1028 } 1029 } 1030 } 1031 } 1032 } 1034 rpc set-current-datetime { 1035 nacm:default-deny-all; 1036 description 1037 "Set the /system/clock/current-datetime leaf 1038 to the specified value. 1040 If the system is using NTP (e.g., /system/ntp/use-ntp 1041 is set to 'true'), then this operation will 1042 fail with error-tag 'operation-failed', 1043 and error-app-tag value of 'ntp-active'"; 1044 input { 1045 leaf current-datetime { 1046 type yang:date-and-time; 1047 mandatory true; 1048 description 1049 "The current system date and time."; 1050 } 1052 } 1053 } 1055 rpc system-restart { 1056 nacm:default-deny-all; 1057 description 1058 "Request that the entire system be restarted immediately. 1059 A server SHOULD send an rpc reply to the client before 1060 restarting the system."; 1061 } 1063 rpc system-shutdown { 1064 nacm:default-deny-all; 1065 description 1066 "Request that the entire system be shut down immediately. 1067 A server SHOULD send an rpc reply to the client before 1068 shutting down the system."; 1069 } 1071 } 1073 1075 5. IANA Considerations 1077 This document registers one URI in the IETF XML registry [RFC3688]. 1078 Following the format in RFC 3688, the following registration is 1079 requested to be made. 1081 URI: urn:ietf:params:xml:ns:yang:ietf-system 1082 Registrant Contact: The NETMOD WG of the IETF. 1083 XML: N/A, the requested URI is an XML namespace. 1085 This document registers one YANG module in the YANG Module Names 1086 registry [RFC6020]. 1088 name: ietf-system 1089 namespace: urn:ietf:params:xml:ns:yang:ietf-system 1090 prefix: sys 1091 reference: RFC XXXX 1093 6. Security Considerations 1095 The YANG module defined in this memo is designed to be accessed via 1096 the NETCONF protocol [RFC6241]. The lowest NETCONF layer is the 1097 secure transport layer and the mandatory-to-implement secure 1098 transport is SSH [RFC6242]. 1100 There are a number of data nodes defined in this YANG module which 1101 are writable/creatable/deletable (i.e., config true, which is the 1102 default). These data nodes may be considered sensitive or vulnerable 1103 in some network environments. Write operations (e.g., edit-config) 1104 to these data nodes without proper protection can have a negative 1105 effect on network operations. These are the subtrees and data nodes 1106 and their sensitivity/vulnerability: 1108 o /system/clock/timezone: This choice contains the objects used to 1109 control the timezone used by the device. 1111 o /system/ntp: This container contains the objects used to control 1112 the Network Time Protocol servers used by the device. 1114 o /system/dns: This container contains the objects used to control 1115 the Domain Name System servers used by the device. 1117 o /system/radius: This container contains the objects used to 1118 control the Remote Authentication Dial-In User Service servers 1119 used by the device. 1121 o /system/authentication/user-authentication-order: This leaf 1122 controls how user login attempts are authenticated by the device. 1124 o /system/authentication/user: This list contains the local users 1125 enabled on the system. 1127 Some of the readable data nodes in this YANG module may be considered 1128 sensitive or vulnerable in some network environments. It is thus 1129 important to control read access (e.g., via get, get-config, or 1130 notification) to these data nodes. These are the subtrees and data 1131 nodes and their sensitivity/vulnerability: 1133 o /system/platform: This container has objects which may help 1134 identify the specific NETCONF server and/or operating system 1135 implementation used on the device. 1137 Some of the RPC operations in this YANG module may be considered 1138 sensitive or vulnerable in some network environments. It is thus 1139 important to control access to these operations. These are the 1140 operations and their sensitivity/vulnerability: 1142 o set-current-datetime: Changes the current date and time on the 1143 device. 1145 o system-restart: Reboots the device. 1147 o system-shutdown: Shuts down the device. 1149 7. Change Log 1151 -- RFC Ed.: remove this section before publication. 1153 7.1. 00-01 1155 o added configuration-source identities 1157 o added configuration-source leaf to ntp and dns (via grouping) to 1158 choose configuration source 1160 o added association-type, iburst, prefer, and true leafs to the ntp- 1161 server list 1163 o extended the ssh keys for a user to a list of keys. support all 1164 defined key algorithms, not just dsa and rsa 1166 o clarified timezone-utc-offset description-stmt 1168 o removed '/system/ntp/server/true' leaf from data model 1170 7.2. 01-02 1172 o added default-stmts to ntp-server/iburst and ntp-server/prefer 1173 leafs 1175 o changed timezone-location leaf to use iana-timezone typedef 1176 instead of a string 1178 7.3. 02-03 1180 o removed configuration-source identities and leafs 1182 7.4. 03-04 1184 o removed ndots dns resolver option 1186 o added radius-authentication-type identity, and identities for pap 1187 and chap, and a leaf to control which authentication type to use 1188 when communicating with the radius server 1190 o made 0 an invalid value for timeouts and attempts 1192 7.5. 04-05 1194 o updated tree diagram explanation text 1196 8. Normative References 1198 [FIPS.180-3.2008] 1199 National Institute of Standards and Technology, "Secure 1200 Hash Standard", FIPS PUB 180-3, October 2008, . 1204 [I-D.lange-netmod-iana-timezones] 1205 Lange, J., "IANA Timezone Database YANG Module", 1206 draft-lange-netmod-iana-timezones-01 (work in progress), 1207 June 2012. 1209 [IEEE-1003.1-2008] 1210 Institute of Electrical and Electronics Engineers, 1211 "POSIX.1-2008", IEEE Standard 1003.1, March 2008. 1213 [RFC1321] Rivest, R., "The MD5 Message-Digest Algorithm", RFC 1321, 1214 April 1992. 1216 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1217 Requirement Levels", BCP 14, RFC 2119, March 1997. 1219 [RFC2865] Rigney, C., Willens, S., Rubens, A., and W. Simpson, 1220 "Remote Authentication Dial In User Service (RADIUS)", 1221 RFC 2865, June 2000. 1223 [RFC3418] Presuhn, R., "Management Information Base (MIB) for the 1224 Simple Network Management Protocol (SNMP)", STD 62, 1225 RFC 3418, December 2002. 1227 [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, 1228 January 2004. 1230 [RFC4252] Ylonen, T. and C. Lonvick, "The Secure Shell (SSH) 1231 Authentication Protocol", RFC 4252, January 2006. 1233 [RFC4253] Ylonen, T. and C. Lonvick, "The Secure Shell (SSH) 1234 Transport Layer Protocol", RFC 4253, January 2006. 1236 [RFC5607] Nelson, D. and G. Weber, "Remote Authentication Dial-In 1237 User Service (RADIUS) Authorization for Network Access 1238 Server (NAS) Management", RFC 5607, July 2009. 1240 [RFC6020] Bjorklund, M., "YANG - A Data Modeling Language for the 1241 Network Configuration Protocol (NETCONF)", RFC 6020, 1242 October 2010. 1244 [RFC6021] Schoenwaelder, J., "Common YANG Data Types", RFC 6021, 1245 October 2010. 1247 [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., 1248 and A. Bierman, Ed., "Network Configuration Protocol 1249 (NETCONF)", RFC 6241, June 2011. 1251 [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure 1252 Shell (SSH)", RFC 6242, June 2011. 1254 [RFC6536] Bierman, A. and M. Bjorklund, "Network Configuration 1255 Protocol (NETCONF) Access Control Model", RFC 6536, 1256 March 2012. 1258 [RFC6557] Lear, E. and P. Eggert, "Procedures for Maintaining the 1259 Time Zone Database", BCP 175, RFC 6557, February 2012. 1261 Authors' Addresses 1263 Andy Bierman 1264 YumaWorks 1266 Email: andy@yumaworks.com 1268 Martin Bjorklund 1269 Tail-f Systems 1271 Email: mbj@tail-f.com