From cbb590de1de9c3efc03130547236b8e37a3ba1dc Mon Sep 17 00:00:00 2001 From: An-Cheng Huang Date: Mon, 5 May 2008 16:09:10 -0700 Subject: fix for bug 3225: only insert sudoers if not present. --- debian/vyatta-cfg-system.postinst.in | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'debian/vyatta-cfg-system.postinst.in') diff --git a/debian/vyatta-cfg-system.postinst.in b/debian/vyatta-cfg-system.postinst.in index 30cbfd5a..17d1264d 100644 --- a/debian/vyatta-cfg-system.postinst.in +++ b/debian/vyatta-cfg-system.postinst.in @@ -30,7 +30,9 @@ if [ "$sysconfdir" != "/etc" ]; then fi # Allow operator to do a limited number of commands without password - cat <<"EOF" >>/etc/sudoers + if ! grep -q '^%operator ALL=NOPASSWD:' /etc/sudoers; then + cat <<"EOF" >>/etc/sudoers +### BEGIN VYATTA OPERATOR COMMANDS Cmnd_Alias IPTABLES = /sbin/iptables --list -n,\ /sbin/iptables -L -vn,\ /sbin/iptables -L * -vn,\ @@ -46,7 +48,9 @@ Cmnd_Alias DATE = /bin/date, /usr/sbin/ntpdate Cmnd_Alias PPPOE_CMDS = /sbin/pppd, /sbin/poff %operator ALL=NOPASSWD: /sbin/reboot, DATE, IPTABLES, ETHTOOLP, IPFLUSH, \ PPPOE_CMDS +### END VYATTA OPERATOR COMMANDS EOF + fi # for "users" level (FIXME) if ! grep -q "^%users ALL=NOPASSWD: ${bindir}/sudo-users/" /etc/sudoers; then -- cgit v1.2.3