diff options
author | Stephen Hemminger <shemminger@vyatta.com> | 2011-11-29 10:44:02 -0800 |
---|---|---|
committer | Stephen Hemminger <shemminger@vyatta.com> | 2011-11-29 10:44:02 -0800 |
commit | 0cabfe433b27c1ce48ececa92e6556ceabd10c3e (patch) | |
tree | 24af1fcd752e420b276caa4e6b64cc67702758c1 | |
parent | 3cda57eb4059089eaf3d8902d8d336ad747092ea (diff) | |
download | vyatta-cfg-system-0cabfe433b27c1ce48ececa92e6556ceabd10c3e.tar.gz vyatta-cfg-system-0cabfe433b27c1ce48ececa92e6556ceabd10c3e.zip |
change mode of /etc/sudoers.d/vyatta
Needs to be read only
-rw-r--r-- | debian/vyatta-cfg-system.postinst.in | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/debian/vyatta-cfg-system.postinst.in b/debian/vyatta-cfg-system.postinst.in index ee71c2f5..6ce0a870 100644 --- a/debian/vyatta-cfg-system.postinst.in +++ b/debian/vyatta-cfg-system.postinst.in @@ -62,18 +62,19 @@ if [ "$sysconfdir" != "/etc" ]; then sed -i '/^UseDNS/d' /etc/ssh/sshd_config echo 'UseDNS yes' >>/etc/ssh/sshd_config - # cleanup any old entries from previous versions + # cleanup any old entries in /etc/sudoers from previous versions sed -i /etc/sudoers \ -e '/### BEGIN VYATTA/,/### END VYATTA/d' \ -e '/Cmnd_Alias IPTABLE/,/PPPOE_CMDS/d' \ -e '/sudo-users/d' \ -e '/env_keep+=VYATTA/d' || true - # Turn off Debian default for %sudo (replaced by value in /etc/sudoers.d/vyatta) + # Turn off Debian default for %sudo sed -i -e '/^%sudo/d' /etc/sudoers || true - # Add Vyatta entries + # Add Vyatta entries for sudoers cp $sysconfdir/sudoers /etc/sudoers.d/vyatta + chmod 0440 /etc/sudoers.d/vyatta # set up blacklists for f in blacklist.DSA-1024 blacklist.RSA-2048; do |