summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2021-06-24 21:26:19 +0200
committerChristian Poessinger <christian@poessinger.com>2021-06-25 21:06:40 +0200
commit5187acf7babeb542757ced8435c6ded9bebab518 (patch)
tree4e26e83496afa6b7899881c8c69bc5a2600604d0
parent23cb8c338ad3de4ead79dbad79a0195c91862fcc (diff)
downloadvyos-1x-5187acf7babeb542757ced8435c6ded9bebab518.tar.gz
vyos-1x-5187acf7babeb542757ced8435c6ded9bebab518.zip
openvpn: T3641: remove deprecated iproute option
Executing iproute2 commands as unprivileged member of the openvpn group is now handled via a sudoers file. (cherry picked from commit 9c8facc69c09163b74bc428f1dbf8be030766758)
-rw-r--r--data/templates/openvpn/server.conf.tmpl1
-rwxr-xr-xsrc/system/unpriv-ip2
2 files changed, 0 insertions, 3 deletions
diff --git a/data/templates/openvpn/server.conf.tmpl b/data/templates/openvpn/server.conf.tmpl
index 7b1361764..1a966c5ef 100644
--- a/data/templates/openvpn/server.conf.tmpl
+++ b/data/templates/openvpn/server.conf.tmpl
@@ -12,7 +12,6 @@ group {{ daemon_group }}
dev-type {{ device_type }}
dev {{ ifname }}
persist-key
-iproute /usr/libexec/vyos/system/unpriv-ip
{% if protocol == 'tcp-active' %}
proto tcp-client
{% elif protocol == 'tcp-passive' %}
diff --git a/src/system/unpriv-ip b/src/system/unpriv-ip
deleted file mode 100755
index 1ea0d626a..000000000
--- a/src/system/unpriv-ip
+++ /dev/null
@@ -1,2 +0,0 @@
-#!/bin/sh
-sudo /sbin/ip $*