vyatta-cfg-quagga.git - Vyatta configuration templates and scripts for Quagga/FRR (mirror of https://github.com/vyos/vyatta-cfg-quagga.git)

Age	Commit message (Collapse)	Author
2010-05-24	Don't enable PAM Radius by default	Stephen Hemminger
	The pam-config mechanism will insert Radius pam module if it is in /usr/share/pam-configs. Therefore hold off installing file until Radius really needed.
2010-04-26	Ignore comments in level file	Stephen Hemminger
	Standard practice to ignore lines starting with #
2010-03-17	fixes commit warning when run invoked via the api--getlogin() may return an ↵	Michael Larson
	undefined value as the process is a child process invoked indirectly via the gui (not a normal shell logged in user generated event).
2010-03-15	Better version of forcing user logout	Stephen Hemminger
	Use warning and hup signal to force user to log out.
2010-03-15	Use userdel -f to force removal of user	Stephen Hemminger
	This is the documented way to remove user that is still logged in. It also removes home directory, which is necessary as well.
2010-03-12	Force user process to die	Stephen Hemminger
	Bug 5067 Use more persuasive kill to make processes exit, which allows user to be deleted.
2010-02-19	Handle empty set of public keys	Stephen Hemminger
	Bug 5362 If no keys configured; still make an empty .ssh/authorized_keys file. This handles case of keys being deleted from configuration and gives notice to user that file will be overwritten.
2010-02-17	Add support for options in keyfile	Stephen Hemminger
	The sshd file format has optional options; copy them to a placeholder node and generate to authorized_keys Better error message when wrong number of arguments.
2010-02-02	Change owner of created authorized key file	Stephen Hemminger
	Otherwise sshd ignores it!
2010-02-02	Run login update as root	Stephen Hemminger
	Need ability to open file of new user (to load authorized key). So move sudo to template.
2010-02-02	Don't remove users home directory	Stephen Hemminger
	If administrator makes a goof and user account gets deleted. Then keep the old data to avoid problems.
2010-01-27	Make message clearer	Stephen Hemminger
	But I doub that anyone will ever read it...
2010-01-27	Allow local user (non vbash) accounts	Stephen Hemminger
	Don't purge non-vyatta users.
2010-01-27	Don't delete non-user accounts	Stephen Hemminger
	Only mess with user accounts in the dynamic range (1000-29999); don't delete 'nobody' for example. Also, leave home directory for possible examination.
2010-01-26	Get rid of protected-users file	Stephen Hemminger
	Instead of white-listing special system users, just go with the Debian policy that all users with uid < 1000 are system accounts
2010-01-26	Refactor user update	Stephen Hemminger
	Split delete and update into separate functions Always update password file because the script runs as non-root user so it is unable to read shadow file to get original password value.
2010-01-26	Change function names in User.pm	Stephen Hemminger
	Perl convention of object modules is to prefix with _
2010-01-26	Reindent user account module	Stephen Hemminger
	Run through perltidy
2009-12-18	User deletion update	Stephen Hemminger
	1. Allow deleting user still logged in (Bug 5067) 2. Don't allow deleting self, because that would mean killing current process.
2009-12-09	Redefine meaning of protected-user	Stephen Hemminger
	A entry in protected-user means that the Vyatta config system should just leave it alone. This is intended for root, and other special accounts. Original code didn't work during admin anyway because of missing sudo.
2009-12-08	Allow root account to not exist	Stephen Hemminger
	If root account is deleted, disable it rather than removing it from passwd file and confusing everything.
2009-12-07	Fix configure of user	Stephen Hemminger
	Previous change broke setup of root account because 'uid = 0' looks like false so useradd called when usermod was intended.
2009-12-04	Fix code that generates authorized keys	Stephen Hemminger
	This now works. loadkey vyatta scp://user@host/~/.ssh/id_rsa.pub
2009-12-04	Rearrange the public-key configuration schema	Stephen Hemminger
	New syntax: system login user vyatta authentication public-key user@remote type ssh-rsa
2009-12-03	Set modes of created authorization key (and directory)	Stephen Hemminger
	sshd is picky about modes (and it should be), so make sure and chmod the file.
2009-12-03	Update .ssh/authorized_keys as part of the login update	Stephen Hemminger

2009-12-02	Simply Radius server update	Stephen Hemminger
	Rather than complex sed editing, just regenerate whole file.
2009-11-06	Fix library include	Robert Bays

2009-11-05	Move user configuration information to files	Stephen Hemminger
	1. Complete migration of protected-users from hardcoded in User.pm to /opt/vyatta/etc/protected-user 2. Put mapping from level to group in file.
2009-11-02	Don't want/need --package option to pam-auth-update	Stephen Hemminger

2009-10-30	radius: add missing space	Stephen Hemminger

2009-10-30	radius-server: shutup debconf dialog	Stephen Hemminger
	Found better way to get rid of debconf warning by forcing non interactive.
2009-10-30	Shut up debconf when installing pam radius	Stephen Hemminger
	Just get rid of silly debconf warnings when doing pam-auth-update
2009-10-27	Use pam-auth-update to configure radius	Stephen Hemminger
	This keeps radius from fighting with tacacs+
2009-10-05	add override mechanism for protected users	An-Cheng Huang

2009-09-23	Cleanup all vbash users	Stephen Hemminger
	This is an alternative version of the rollback for unsaved vyatta user changes. Instead of identifying users by group, assume all users whose login shell is vbash must exist in configuration.
2009-09-11	Delete vyatta users not in configuration	Stephen Hemminger
	This implements rollback for users that were added during a previous configuration (and committed), but were never saved into configuration. Bug: 4528
2009-09-11	If configuration is wrong just skip user don't die	Stephen Hemminger
	If configuration for one user is wrong (missing passwd, level, etc) go on and complete for rest of users.
2009-09-11	Add operators to vyattaop group	Stephen Hemminger
	Part of bug fix for password sync (Bz 4528)
2009-07-27	fix undefined array ref	An-Cheng Huang
	(this shows up when loading a start-up config that has root password defined right after install)
2009-07-17	Avoid rewriting radius config unless needed	Stephen Hemminger
	Don't edit radius config unless something has changed. (cherry picked from commit 8d3f5b37ec3c728d56fadc596562025821169329)
2009-07-17	Change API for login modules	Stephen Hemminger
	The login modules aren't really objects (if Perl really had objects), so just use dynamic invoke of update routine. (cherry picked from commit 37ba59896d4c9ac5c914d1901d86ed7e7d844871)
2009-07-17	Make Radius server work	Stephen Hemminger
	Translate radius-server to Vyatta::Login::RadiusServer (cherry picked from commit bf86040fef55fdb644b3670a9e1ec093e67df828)
2009-07-17	Fix User Login configurator	Stephen Hemminger
	Missing config setup. (cherry picked from commit b148ddcccd9d4a30464423b524fc03700507cb19)
2009-06-01	Change how system login update works	Stephen Hemminger
	Use a wrapper script in vyatta_update_login.pl and per login method objects for the update.
2009-03-25	move keepalived.pm to vyatta-cfg	Stephen Hemminger

2009-03-06	Remove prefix mask on vip if present since it can't be using in arping.	Stig Thormodsrud

2009-03-06	Specify source address with arping since we no longer require an IP	Stig Thormodsrud
	address on the actual interface.
2009-03-06	Move changes file to /var/run/vrrpd and make sure the directory exists.	Stig Thormodsrud

2009-03-05	More checking for open() of log	Stephen Hemminger
	If log open fails, at least print the reason why.