From db8ec5fec7d231a5dec537d0bc82ddb3f7c3dbc0 Mon Sep 17 00:00:00 2001 From: Stig Thormodsrud Date: Fri, 14 Nov 2008 12:27:47 -0800 Subject: Fix 3918: Operator level users require sudo permission for ipv6 clear commands --- debian/vyatta-cfg-system.postinst.in | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/debian/vyatta-cfg-system.postinst.in b/debian/vyatta-cfg-system.postinst.in index dff04293..5bd37e29 100644 --- a/debian/vyatta-cfg-system.postinst.in +++ b/debian/vyatta-cfg-system.postinst.in @@ -54,7 +54,11 @@ Cmnd_Alias IPTABLES = /sbin/iptables --list -n,\ Cmnd_Alias IPFLUSH = /sbin/ip route flush cache, \ /sbin/ip route flush cache *,\ /sbin/ip neigh flush to *, \ - /sbin/ip neigh flush dev * + /sbin/ip neigh flush dev * \ + /sbin/ip -f inet6 route flush cache, \ + /sbin/ip -f inet6 route flush cache *,\ + /sbin/ip -f inet6 neigh flush to *, \ + /sbin/ip -f inet6 neigh flush dev * Cmnd_Alias ETHTOOL = /usr/sbin/ethtool -p *, \ /usr/sbin/ethtool -S *, \ /usr/sbin/ethtool -a *, \ -- cgit v1.2.3 From 730ece6544cd2c350cac3740ef2a7db10cd37987 Mon Sep 17 00:00:00 2001 From: Stig Thormodsrud Date: Fri, 14 Nov 2008 12:48:29 -0800 Subject: Fix 3920: Operator level users require sudo permission for nat translation monitor commands --- debian/vyatta-cfg-system.postinst.in | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/debian/vyatta-cfg-system.postinst.in b/debian/vyatta-cfg-system.postinst.in index 5bd37e29..8cc0682a 100644 --- a/debian/vyatta-cfg-system.postinst.in +++ b/debian/vyatta-cfg-system.postinst.in @@ -68,7 +68,8 @@ Cmnd_Alias DATE = /bin/date, /usr/sbin/ntpdate Cmnd_Alias PPPOE_CMDS = /sbin/pppd, /sbin/poff, /usr/sbin/pppstats Cmnd_Alias PCAPTURE = /usr/bin/tshark, /usr/bin/tcpdump %operator ALL=NOPASSWD: DATE, IPTABLES, ETHTOOL, IPFLUSH, \ - PPPOE_CMDS, PCAPTURE, /usr/sbin/wanpipemon, /usr/bin/lsof + PPPOE_CMDS, PCAPTURE, /usr/sbin/wanpipemon, \ + /usr/bin/lsof, /usr/sbin/conntrack EOF cat <>/etc/sudoers %users ALL=NOPASSWD: ${bindir}/sudo-users/ -- cgit v1.2.3 From 580105ddf8fcbd388cbe1f221ecdfbf3952a216f Mon Sep 17 00:00:00 2001 From: Bob Gilligan Date: Fri, 14 Nov 2008 17:48:45 -0800 Subject: Bugfix 3928: Need to install vyatta-raid-event script. --- Makefile.am | 1 + 1 file changed, 1 insertion(+) diff --git a/Makefile.am b/Makefile.am index a018961f..531c5d99 100644 --- a/Makefile.am +++ b/Makefile.am @@ -34,6 +34,7 @@ sbin_SCRIPTS += scripts/dns-forwarding/vyatta-dns-forwarding.pl sbin_SCRIPTS += scripts/dynamic-dns/vyatta-dynamic-dns.pl sbin_SCRIPTS += scripts/vyatta-system-nameservers sbin_SCRIPTS += scripts/vyatta-bonding.pl +sbin_SCRIPTS += scripts/vyatta-raid-event noinst_DATA = test_bootfile -- cgit v1.2.3 From 7ac74ee7b28318375f684bad0e29d808d6e53ccb Mon Sep 17 00:00:00 2001 From: Stig Thormodsrud Date: Sun, 16 Nov 2008 11:31:58 -0800 Subject: Fix 3929: Operator level user now need sudo password to run "clear arp interface" --- debian/vyatta-cfg-system.postinst.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/debian/vyatta-cfg-system.postinst.in b/debian/vyatta-cfg-system.postinst.in index 8cc0682a..3304fdd8 100644 --- a/debian/vyatta-cfg-system.postinst.in +++ b/debian/vyatta-cfg-system.postinst.in @@ -54,7 +54,7 @@ Cmnd_Alias IPTABLES = /sbin/iptables --list -n,\ Cmnd_Alias IPFLUSH = /sbin/ip route flush cache, \ /sbin/ip route flush cache *,\ /sbin/ip neigh flush to *, \ - /sbin/ip neigh flush dev * \ + /sbin/ip neigh flush dev *, \ /sbin/ip -f inet6 route flush cache, \ /sbin/ip -f inet6 route flush cache *,\ /sbin/ip -f inet6 neigh flush to *, \ -- cgit v1.2.3 From dc24799bd733e6d32170a611b88968ba685504b7 Mon Sep 17 00:00:00 2001 From: Bob Gilligan Date: Mon, 17 Nov 2008 11:52:59 -0800 Subject: Bugfix 3932 Correct root partition size calculation in two-disk RAID-1 case when drives are not both the same size. --- scripts/install-system | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/scripts/install-system b/scripts/install-system index b48394e7..b941d9b6 100755 --- a/scripts/install-system +++ b/scripts/install-system @@ -373,14 +373,14 @@ check_for_new_raid () { part_start_offset=2 part_diag_size=60 - if [ $drivesize1 -gt $drivesize2 ]; then - size=$drivesize1 + if [ $drivesize1 -lt $drivesize2 ]; then + root_size=$drivesize1 else - size=$drivesize2 + root_size=$drivesize2 fi let min_size_with_diag=${MIN_ROOT}+${part_diag_size} - if [ $size -ge $min_size_with_diag ]; then + if [ $root_size -ge $min_size_with_diag ]; then echo "Would you like me to create a $part_diag_size MB partition for diagnostics?" echo -n "(Yes/No) [No]: " diag_response=$(get_response "No" "Yes No Y N") @@ -398,12 +398,12 @@ check_for_new_raid () { fi fi - let size-=$part_start_offset + let root_size-=$part_start_offset for drive in $drives do echo "Creating data partition: /dev/${drive}${data_dev}" - create_partitions "$drive" $size $part_start_offset "no" + create_partitions "$drive" $root_size $part_start_offset "no" sfdisk --change-id /dev/$drive $data_dev 0xfd done @@ -670,7 +670,7 @@ create_partitions() { # Make sure there is enough space on drive size=$(get_drive_size "$ldrive") if [ "$root_part_size" -gt "$size" ]; then - echo "Error: $ldrive is only $size"MB" large." + echo "Error: $ldrive is only $size"MB" large. Desired root is $root_part_size" exit 1 fi -- cgit v1.2.3