summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/authentication/type/node.def6
-rw-r--r--templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/authentication/type/node.def6
-rw-r--r--templates/service/ssh/allow-root/node.def3
-rw-r--r--templates/service/telnet/allow-root/node.def56
-rw-r--r--templates/service/telnet/node.def45
5 files changed, 70 insertions, 46 deletions
diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/authentication/type/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/authentication/type/node.def
index b531afee..7155495d 100644
--- a/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/authentication/type/node.def
+++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/authentication/type/node.def
@@ -1,7 +1,7 @@
type: txt
help: Set authentication type
syntax:expression: $VAR(@) in "plaintext-password", "ah"; \
- "authentication must be simple or ah"
+ "authentication must be plaintext-password or ah"
comp_help: possible completions:
- plaintext-password Set plain text password mode
- ah Set IP Authentication Header mode
+ plaintext-password Set plain text password mode
+ ah Set IP Authentication Header mode
diff --git a/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/authentication/type/node.def b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/authentication/type/node.def
index 1547d62c..687c6af6 100644
--- a/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/authentication/type/node.def
+++ b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/authentication/type/node.def
@@ -1,7 +1,7 @@
type: txt
help: Set authentication type
syntax:expression: $VAR(@) in "plaintext-password", "ah"; \
- "authentication must be simple or ah"
+ "authentication must be plaintext-password or ah"
comp_help: possible completions:
- plaintext-password Set plain text password mode
- ah Set IP Authentication Header mode
+ plaintext-password Set plain text password mode
+ ah Set IP Authentication Header mode
diff --git a/templates/service/ssh/allow-root/node.def b/templates/service/ssh/allow-root/node.def
index f476087d..9aa98826 100644
--- a/templates/service/ssh/allow-root/node.def
+++ b/templates/service/ssh/allow-root/node.def
@@ -1,6 +1,7 @@
-type: bool
+type: txt
default: false
help: Enable/disable root login over ssh
+syntax:expression: $VAR(@) in "true", "false" ; "must be true or false"
update: if [ \"$VAR(@)\" == \"true\" ]; then
sudo ed - /etc/ssh/sshd_config <<-"EOF"
/^PermitRootLogin/s/no/yes/
diff --git a/templates/service/telnet/allow-root/node.def b/templates/service/telnet/allow-root/node.def
index d1a25f4e..347a9476 100644
--- a/templates/service/telnet/allow-root/node.def
+++ b/templates/service/telnet/allow-root/node.def
@@ -1,24 +1,36 @@
-type: bool
+type: txt
default: false
help: Enable/disable root login
-update:expression: " \
- if ! env | grep -q SSH_TTY=; then \
- if [[ \"`tty`\" == /dev/pts/* ]]; then \
- echo \"Please configure telnet settings via ssh or console.\"; \
- exit 1; \
- fi; \
- fi; \
- if [ \"$VAR(@)\" == \"true\" ]; then \
- sudo mv -f /etc/securetty /etc/securetty.allow-root >&/dev/null; \
- else
- sudo mv -f /etc/securetty.allow-root /etc/securetty >&/dev/null; \
- fi ; /bin/true"
-delete:expression: " \
- if ! env | grep -q SSH_TTY=; then \
- if [[ \"`tty`\" == /dev/pts/* ]]; then \
- echo \"Please configure telnet settings via ssh or console.\"; \
- exit 1; \
- fi; \
- fi; \
- sudo mv -f /etc/securetty.allow-root /etc/securetty >&/dev/null ; \
- /bin/true"
+
+syntax:expression: $VAR(@) in "true", "false" ; "must be true or false"
+
+update: pids=`who -u | awk -F " " '{print $7}'`
+ for i in $pids
+ do
+ ppid=`ps -p $i -o ppid=`
+ if ps -p $ppid -o cmd= | grep -q telnetd
+ then
+ echo "Please configure telnet settings via ssh or console."
+ exit 1
+ fi
+ done
+ if [ "$VAR(@)" == "true" ]
+ then
+ sudo mv -f /etc/securetty /etc/securetty.allow-root >&/dev/null
+ else
+ sudo mv -f /etc/securetty.allow-root /etc/securetty >&/dev/null
+ fi
+ /bin/true
+
+delete: pids=`who -u | awk -F " " '{print $7}'`
+ for i in $pids
+ do
+ ppid=`ps -p $i -o ppid=`
+ if ps -p $ppid -o cmd= | grep -q telnetd
+ then
+ echo "Please configure telnet settings via ssh or console."
+ exit 1
+ fi
+ done
+ sudo mv -f /etc/securetty.allow-root /etc/securetty >&/dev/null
+ /bin/true
diff --git a/templates/service/telnet/node.def b/templates/service/telnet/node.def
index 5976addd..399f25ac 100644
--- a/templates/service/telnet/node.def
+++ b/templates/service/telnet/node.def
@@ -1,18 +1,29 @@
help: Enable/disable Network Virtual Terminal Protocol (TELNET) protocol
-delete:expression: " \
- if ! env | grep -q SSH_TTY=; then \
- if [[ \"`tty`\" == /dev/pts/* ]]; then \
- echo \"Please configure telnet settings via ssh or console.\"; \
- exit 1; \
- fi; \
- fi; \
- sudo /opt/vyatta/sbin/telnetd.init stop"
-end:expression: " \
- if ! env | grep -q SSH_TTY=; then \
- if [[ \"`tty`\" == /dev/pts/* ]]; then \
- echo \"Please configure telnet settings via ssh or console.\"; \
- exit 1; \
- fi; \
- fi; \
- if [ -z \"$VAR(port/@)\" ]; then exit 0; fi; \
- sudo /opt/vyatta/sbin/telnetd.init restart $VAR(port/@)"
+
+delete: pids=`who -u | awk -F " " '{print $7}'`
+ for i in $pids
+ do
+ ppid=`ps -p $i -o ppid=`
+ if ps -p $ppid -o cmd= | grep -q telnetd
+ then
+ echo "Please configure telnet settings via ssh or console."
+ exit 1
+ fi
+ done
+ sudo /opt/vyatta/sbin/telnetd.init stop
+
+end: pids=`who -u | awk -F " " '{print $7}'`
+ for i in $pids
+ do
+ ppid=`ps -p $i -o ppid=`
+ if ps -p $ppid -o cmd= | grep -q telnetd
+ then
+ echo "Please configure telnet settings via ssh or console."
+ exit 1
+ fi
+ done
+ if [ -z "$VAR(port/@)" ]
+ then
+ exit 0
+ fi
+ sudo /opt/vyatta/sbin/telnetd.init restart $VAR(port/@)