diff options
6 files changed, 42 insertions, 11 deletions
diff --git a/scripts/system/vyatta_update_login_user.pl b/scripts/system/vyatta_update_login_user.pl index a059c227..0b847ff7 100755 --- a/scripts/system/vyatta_update_login_user.pl +++ b/scripts/system/vyatta_update_login_user.pl @@ -137,8 +137,8 @@ if ($user eq "-d") { } my %level_map = ( - 'admin' => [ 'users', 'quaggavty', 'vyattacfg', 'sudo', ], - 'operator' => [ 'users', 'quaggavty', ], + 'admin' => [ 'users', 'quaggavty', 'vyattacfg', 'sudo', 'adm', ], + 'operator' => [ 'users', 'quaggavty', 'adm', ], ); exit 4 if (!defined($user) || !defined($full) || !defined($encrypted) || !defined($level)); diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/bridge-group/bridge/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/bridge-group/bridge/node.def index fffa0eeb..9c65ff16 100644 --- a/templates/interfaces/ethernet/node.tag/vif/node.tag/bridge-group/bridge/node.def +++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/bridge-group/bridge/node.def @@ -1,12 +1,11 @@ type: txt help: Add this interface to a bridge-group -syntax:expression: exec " \ - if [ -z \"`sudo brctl show | grep $VAR(@) `\" ]; then \ +syntax:expression: exec " \ + if [ -z \"`sudo brctl show | grep $VAR(@) `\" ]; then \ echo bridge interface $VAR(@) doesn\\'t exist on this system ; \ - exit 1 ; \ + exit 1 ; \ fi ; " -update:expression: "sudo brctl addif $VAR(@) $VAR(../../../../@).$VAR(../../@)" -delete:expression: "sudo brctl delif $VAR(@) $VAR(../../../../@).$VAR(../../@)" +delete:expression: "sudo brctl delif $VAR(@) $VAR(../../../@).$VAR(../../@)" allowed: local -a array ; array=( /sys/class/net/br* ) ; echo -n ${array[@]##*/} diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/bridge-group/cost/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/bridge-group/cost/node.def index f3ae520f..ef2d9940 100644 --- a/templates/interfaces/ethernet/node.tag/vif/node.tag/bridge-group/cost/node.def +++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/bridge-group/cost/node.def @@ -1,4 +1,4 @@ type: u32 help: Set the path cost for this port -commit:expression: $VAR(../bridge/) != ""; "Must configure bridge interface" -update:expression: "sudo brctl setpathcost $VAR(../../@) $VAR(@)" +comp_help: possible completions: + <0-2147483647> Set port cost diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/bridge-group/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/bridge-group/node.def index fd392431..af1c0e85 100644 --- a/templates/interfaces/ethernet/node.tag/vif/node.tag/bridge-group/node.def +++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/bridge-group/node.def @@ -1,2 +1,15 @@ help: Add this interface to a bridge group commit:expression: $VAR(./bridge/) != ""; "Must set the bridge interface" +create:expression: "sudo brctl addif $VAR(./bridge/@) $VAR(../../@).$VAR(../@)" +delete:expression: "touch /tmp/eth-$VAR(../@)-bridge.$PPID" +end:expression: "\ + if [ -f \"/tmp/eth-$VAR(../@)-bridge.$PPID\" ]; then \ + rm -f /tmp/eth-$VAR(../@)-bridge.$PPID; \ + else \ + if [ -n \"$VAR(./cost/@)\" ]; then \ + sudo brctl setpathcost $VAR(./bridge/@) $VAR(../../@).$VAR(../@) $VAR(./cost/@); \ + fi; \ + if [ -n \"$VAR(./priority/@)\" ]; then \ + sudo brctl setportprio $VAR(./bridge/@) $VAR(../../@).$VAR(../@) $VAR(./priority/@); \ + fi; \ + fi; " diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/bridge-group/priority/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/bridge-group/priority/node.def index 12200b72..8688c394 100644 --- a/templates/interfaces/ethernet/node.tag/vif/node.tag/bridge-group/priority/node.def +++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/bridge-group/priority/node.def @@ -1,4 +1,4 @@ type: u32 help: Set the path priority for this port -commit:expression: $VAR(../bridge/) != ""; "Must configure bridge interface" -update:expression: "sudo brctl setportprio $VAR(../../@) $VAR(@)" +comp_help: possible completions: + <0-255> Set port priority diff --git a/templates/service/ssh/root-allowed/node.def b/templates/service/ssh/root-allowed/node.def new file mode 100644 index 00000000..8c5a6fd9 --- /dev/null +++ b/templates/service/ssh/root-allowed/node.def @@ -0,0 +1,19 @@ +type: bool +help: Allow root login over ssh +default: false +help: Enable/disable root login +update: if [ \"$VAR(@)\" == \"true\" ]; then + sudo ed - /etc/ssh/sshd_config <<-"EOF" + /^PermitRootLogin/s/no/yes/ + wq + EOF + else + sudo ed - /etc/ssh/sshd_config <<-"EOF" + /^PermitRootLogin/s/yes/no/ + wq + EOF + fi +delete: sudo ed - /etc/ssh/sshd_config <<-"EOF" + /^PermitRootLogin/s/yes/no/ + wq + EOF |