From 431aad88a4f51ff07148f9768c4e85f9bec32a34 Mon Sep 17 00:00:00 2001
From: An-Cheng Huang <ancheng@vyatta.com>
Date: Tue, 4 Dec 2007 18:47:40 -0800
Subject: add sudo entry for "users" level

---
 debian/vyatta-cfg-system.postinst.in | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'debian')

diff --git a/debian/vyatta-cfg-system.postinst.in b/debian/vyatta-cfg-system.postinst.in
index a29f3371..e4334699 100644
--- a/debian/vyatta-cfg-system.postinst.in
+++ b/debian/vyatta-cfg-system.postinst.in
@@ -39,10 +39,19 @@ if [ "$sysconfdir" != "/etc" ]; then
 
   # sudoers
   [ -f /etc/sudoers ] && cp -pf /etc/sudoers /etc/sudoers.vyatta-save
+  
+  # for "admin" level (FIXME)
   sed -i 's/^# %sudo ALL=NOPASSWD: ALL/%sudo ALL=NOPASSWD: ALL/' /etc/sudoers
   if ! grep -q '^%sudo ALL=NOPASSWD: ALL' /etc/sudoers; then
     echo -e "\n%sudo ALL=NOPASSWD: ALL" >> /etc/sudoers
   fi
+  
+  # for "users" level
+  if ! grep -q "^%users ALL=NOPASSWD: ${bindir}/sudo-users/" /etc/sudoers; then
+    echo -e "\n%users ALL=NOPASSWD: ${bindir}/sudo-users/" >> /etc/sudoers
+  fi
+
+  # keep env vars
   echo "Defaults env_keep+=VYATTA_*" >> /etc/sudoers
 
   # ssh v1. remove the empty key file
-- 
cgit v1.2.3