summaryrefslogtreecommitdiff
path: root/debian
diff options
context:
space:
mode:
authorAn-Cheng Huang <ancheng@vyatta.com>2008-05-05 16:09:10 -0700
committerAn-Cheng Huang <ancheng@vyatta.com>2008-05-05 16:09:10 -0700
commitcbb590de1de9c3efc03130547236b8e37a3ba1dc (patch)
tree24676be6602f618e2a696e914eadf853ccedb4f6 /debian
parent854422e8ee96b30427a60f6c7678c283adddf182 (diff)
downloadvyatta-cfg-quagga-cbb590de1de9c3efc03130547236b8e37a3ba1dc.tar.gz
vyatta-cfg-quagga-cbb590de1de9c3efc03130547236b8e37a3ba1dc.zip
fix for bug 3225: only insert sudoers if not present.
Diffstat (limited to 'debian')
-rw-r--r--debian/vyatta-cfg-system.postinst.in6
1 files changed, 5 insertions, 1 deletions
diff --git a/debian/vyatta-cfg-system.postinst.in b/debian/vyatta-cfg-system.postinst.in
index 30cbfd5a..17d1264d 100644
--- a/debian/vyatta-cfg-system.postinst.in
+++ b/debian/vyatta-cfg-system.postinst.in
@@ -30,7 +30,9 @@ if [ "$sysconfdir" != "/etc" ]; then
fi
# Allow operator to do a limited number of commands without password
- cat <<"EOF" >>/etc/sudoers
+ if ! grep -q '^%operator ALL=NOPASSWD:' /etc/sudoers; then
+ cat <<"EOF" >>/etc/sudoers
+### BEGIN VYATTA OPERATOR COMMANDS
Cmnd_Alias IPTABLES = /sbin/iptables --list -n,\
/sbin/iptables -L -vn,\
/sbin/iptables -L * -vn,\
@@ -46,7 +48,9 @@ Cmnd_Alias DATE = /bin/date, /usr/sbin/ntpdate
Cmnd_Alias PPPOE_CMDS = /sbin/pppd, /sbin/poff
%operator ALL=NOPASSWD: /sbin/reboot, DATE, IPTABLES, ETHTOOLP, IPFLUSH, \
PPPOE_CMDS
+### END VYATTA OPERATOR COMMANDS
EOF
+ fi
# for "users" level (FIXME)
if ! grep -q "^%users ALL=NOPASSWD: ${bindir}/sudo-users/" /etc/sudoers; then