From 1229e8c6f130c62c42900f424a772d4e9c5e8ef5 Mon Sep 17 00:00:00 2001
From: An-Cheng Huang <ancheng@sydney.vyatta.com>
Date: Wed, 24 Oct 2007 10:01:04 -0700
Subject: add 'sudo' for 'system' and 'service/ssh' configuration commands.

---
 templates/system/login/node.def               |  2 +-
 templates/system/login/radius-server/node.def |  8 ++------
 templates/system/login/user/node.def          | 14 +++++++++-----
 3 files changed, 12 insertions(+), 12 deletions(-)

(limited to 'templates/system/login')

diff --git a/templates/system/login/node.def b/templates/system/login/node.def
index 12465148..bde75b4c 100644
--- a/templates/system/login/node.def
+++ b/templates/system/login/node.def
@@ -1,3 +1,3 @@
 help: "Configure user access"
-delete: "sh -c \"echo User root cannot be deleted 1>&2 && exit 1\" "
+delete: "echo User root cannot be deleted 1>&2 && exit 1"
 
diff --git a/templates/system/login/radius-server/node.def b/templates/system/login/radius-server/node.def
index d12be764..0f4ffbfe 100644
--- a/templates/system/login/radius-server/node.def
+++ b/templates/system/login/radius-server/node.def
@@ -2,13 +2,9 @@ tag:
 type: ipv4
 help: "Radius server authentication configuration"
 # need mandatory secret. also need port & timeout (default values?)
-create: "sh -c \"touch /etc/raddb/server && \
+update: "sudo sh -c \"touch /etc/raddb/server && \
 sed -i '/$(@)/d' /etc/raddb/server && \
 echo \\\"$(@):$(port/@)\t$(secret/@)\t$(timeout/@)\\\" \
 >> /etc/raddb/server\" "
-update: "sh -c \"touch /etc/raddb/server && \
-sed -i '/$(@)/d' /etc/raddb/server && \
-echo \\\"$(@):$(port/@)\t$(secret/@)\t$(timeout/@)\\\" \
->> /etc/raddb/server\" "
-delete: "sh -c \"touch /etc/raddb/server && \
+delete: "sudo sh -c \"touch /etc/raddb/server && \
 sed -i '/$(@)/d' /etc/raddb/server\" "
diff --git a/templates/system/login/user/node.def b/templates/system/login/user/node.def
index 0d09c4d0..2070cc95 100644
--- a/templates/system/login/user/node.def
+++ b/templates/system/login/user/node.def
@@ -7,11 +7,15 @@ syntax: pattern $(@) "^[a-zA-Z_][a-zA-Z0-9_-]*\\$?$" ; "invalid user name $(@)"
 end: "if [ -d /tmp/vyatta-delete-system-login-user-$(@).\\\$PPID ]; \
 then rm -rf /tmp/vyatta-delete-system-login-user-$(@).\\\$PPID && exit 0; \
 fi && \
-/opt/vyatta/sbin/vyatta_update_login_user.pl \
-'$(@)' '$(full-name/@)' '$(authentication/encrypted-password/@)'"
+sudo /opt/vyatta/sbin/vyatta_update_login_user.pl \
+  '$(@)' '$(full-name/@)' '$(authentication/encrypted-password/@)'"
 delete: "if [ x$(@) == x ]; then exit 1; fi && \
-if [ x$(@) == xroot ]; then echo Cannot delete user \"root\" 1>&2 && exit 2; \
+if [ x$(@) == xroot ]; then \
+  echo Cannot delete user \"root\" 1>&2 && exit 2; \
 fi && \
 if mkdir /tmp/vyatta-delete-system-login-user-$(@).\\\$PPID >& /dev/null; \
-then /opt/vyatta/sbin/vyatta_update_login_user.pl -d '$(@)'; \
-else exit 1; fi"
+then \
+  sudo /opt/vyatta/sbin/vyatta_update_login_user.pl -d '$(@)'; \
+else \
+  exit 1; \
+fi"
-- 
cgit v1.2.3