add param in ifupdown2.conf to prevent fupdown2 users from specify interface config file on the CLI

Ticket: CM-7066
Reviewed By: scotte,roopa,olson
Testing Done: Unit testing and regression testing

This patch does two things:

1. It moves the interfaces config file name to the ifupdown2.conf file in /etc/network/ifupdown2.
This should allow administrators to specify a config file location different from the default and allow
subsets of users to use it without giving them access to specifying their own with the -i option in ifup/ifdown.

2. It also adds a new config setting called "disable_cli_interfacesfile" used to prevent users
from specifying their own interfaces file. This defaults to "1" (even if it is not configured).

Note: this new default takes away users ability to specify an interfaces file.

This should close the vulnerability where users could specify their own interfaces file
and add arbitrary user commands.

This leaves the shell=True option in the user commands add-on module since the ifup/ifdown/ifreload/ifquery
commands already require root access to run and the interfaces config file also requires root access to modify.

ifupdown/networkinterfaces.py

@@ -434,6 +434,10 @@ class networkInterfaces():
         Assumes networkinterfaces parser object is initialized with the
         parser arguments
         """
+        if self.interfacesfile == None:
+            self.logger.warn('no network interfaces file defined in ifupdown2.conf')
+            return
+
         if self.interfacesfileformat == 'json':
             return self.read_file_json(self.interfacesfile,
                                        self.interfacesfileiobuf)