diff options
| -rw-r--r-- | debian/control | 2 | ||||
| -rw-r--r-- | debian/vyatta-cfg-system.postinst.in | 4 | ||||
| -rwxr-xr-x | scripts/system/vyatta_update_login_user.pl | 44 |
3 files changed, 48 insertions, 2 deletions
diff --git a/debian/control b/debian/control index c3bd1482..bc1f5ab0 100644 --- a/debian/control +++ b/debian/control @@ -12,7 +12,7 @@ Depends: bash (>= 3.1), perl (>= 5.8.8), procps (>= 1:3.2.7-3), coreutils (>= 5.97-5.3), - vyatta-cfg, sysv-rc, ifrename, ntp, sysklogd, busybox, ssh, whois + vyatta-cfg, sysv-rc, ifrename, ntp, sysklogd, busybox, ssh, whois, sudo Suggests: util-linux (>= 2.13-5), net-tools, ethtool, diff --git a/debian/vyatta-cfg-system.postinst.in b/debian/vyatta-cfg-system.postinst.in index a84d41bd..7c561358 100644 --- a/debian/vyatta-cfg-system.postinst.in +++ b/debian/vyatta-cfg-system.postinst.in @@ -32,6 +32,10 @@ if [ "$sysconfdir" != "/etc" ]; then done cp $sysconfdir/logrotate_messages /etc/logrotate.d/messages cp $sysconfdir/default_ssh /etc/default/ssh + + # sudoers + cp -p /etc/sudoers /etc/sudoers.vyatta-save + echo -e "\n%quaggavty ALL=NOPASSWD: ALL" >> /etc/sudoers fi # update crontab for logrotate diff --git a/scripts/system/vyatta_update_login_user.pl b/scripts/system/vyatta_update_login_user.pl index 86c0074c..f51b8001 100755 --- a/scripts/system/vyatta_update_login_user.pl +++ b/scripts/system/vyatta_update_login_user.pl @@ -61,6 +61,46 @@ sub get_shadow_line { return undef; } +my $DEF_GROUP = 'quaggavty'; + +# arg: login name +# removes the specified user from group/gshadow +sub remove_user_from_group { + my $user = shift; + my $sed_cmd = 'sed -i \'/^' . $DEF_GROUP . ':/{' + . 's/:' . $user . ',/:/;' + . 's/,' . $user . ',/,/;' + . 's/,' . $user . '$//;}\''; + system("$sed_cmd /etc/group"); + exit 1 if ($? >> 8); + system("$sed_cmd /etc/gshadow"); + exit 1 if ($? >> 8); +} + +# arg: login name +# adds the specified user to group/gshadow +sub add_user_to_group { + my $user = shift; + + my $gcmd = 'grep -q -e \'^' . $DEF_GROUP . ':.*[:,]' . $user . '\(,\|$\)\''; + my $ret = system("$gcmd /etc/group"); + my $in_group = (($ret >> 8) == 0) ? 1 : 0; + $ret = system("$gcmd /etc/gshadow"); + my $in_gshadow = (($ret >> 8) == 0) ? 1 : 0; + + my $sed_cmd = 'sed -i \'/^' . $DEF_GROUP . ':/{' + . 's/:$/:' . $user . '/;' + . 's/\([^:]\)$/\1,' . $user . '/;}\''; + if (!$in_group) { + system("$sed_cmd /etc/group"); + exit 1 if ($? >> 8); + } + if (!$in_gshadow) { + system("$sed_cmd /etc/gshadow"); + exit 1 if ($? >> 8); + } +} + my $user = shift; my $full = shift; my $encrypted = shift; @@ -92,12 +132,12 @@ if ($user eq "-d") { exit 6 if ($ret >> 8); $ret = system("rm -rf /home/$user"); exit 7 if ($ret >> 8); + remove_user_from_group($user); exit 0; } exit 4 if (!defined($user) || !defined($full) || !defined($encrypted)); -my $DEF_GROUP = "quagga"; my $DEF_SHELL = "/bin/bash"; open(GRP, "/etc/group") or exit 5; @@ -152,6 +192,8 @@ open(SHADOW, ">>/etc/shadow") or exit 12; print SHADOW "$shadow_line\n"; close SHADOW; +add_user_to_group($user); + if (($new_user) && !(-e "/home/$user")) { if (-d "/etc/skel") { $ret = system("cp -a /etc/skel /home/$user"); |