summaryrefslogtreecommitdiff
path: root/lib/Vyatta/Login
diff options
context:
space:
mode:
authorStephen Hemminger <stephen.hemminger@vyatta.com>2010-02-02 14:57:03 -0800
committerStephen Hemminger <stephen.hemminger@vyatta.com>2010-02-02 15:01:22 -0800
commit868fb51d85439d2cb045cf810f23943c60c42c41 (patch)
treee80ada760d114d3b20c3333281c0a3be698c2239 /lib/Vyatta/Login
parent433feb9b22c62c236be6d7738591a6bb3a5ae9ae (diff)
downloadvyatta-cfg-system-868fb51d85439d2cb045cf810f23943c60c42c41.tar.gz
vyatta-cfg-system-868fb51d85439d2cb045cf810f23943c60c42c41.zip
Run login update as root
Need ability to open file of new user (to load authorized key). So move sudo to template.
Diffstat (limited to 'lib/Vyatta/Login')
-rwxr-xr-xlib/Vyatta/Login/User.pm21
1 files changed, 9 insertions, 12 deletions
diff --git a/lib/Vyatta/Login/User.pm b/lib/Vyatta/Login/User.pm
index e0142b3f..b9e2ec98 100755
--- a/lib/Vyatta/Login/User.pm
+++ b/lib/Vyatta/Login/User.pm
@@ -81,11 +81,9 @@ sub _authorized_keys {
chmod( 0750, $sshdir );
}
- open( my $auth, '>', "$sshdir/authorized_keys" );
- unless ($auth) {
- warn "open $sshdir/authorized_keys failed: $!";
- return;
- }
+ my $keyfile = "$sshdir/authorized_keys";
+ open( my $auth, '>', $keyfile)
+ or die "open $keyfile failed: $!";
print {$auth} "# Automatically generated by Vyatta configuration\n";
print {$auth} "# Do not edit, all changes will be lost\n";
@@ -96,7 +94,7 @@ sub _authorized_keys {
}
close $auth;
- chmod( 0640, "$sshdir/authorized_keys" );
+ chmod( 0640, $keyfile );
}
sub _delete_user {
@@ -104,15 +102,15 @@ sub _delete_user {
if ( $user eq 'root' ) {
warn "Disabling root account, instead of deleting\n";
- system('sudo usermod -p ! root') == 0
+ system('usermod -p ! root') == 0
or die "usermod of root failed: $?\n";
} elsif ( getlogin() eq $user ) {
die "Attempting to delete current user: $user\n";
} else {
# This logs out user (so we can delete it)
- system("sudo pkill -u $user");
+ system("pkill -u $user");
- system("sudo userdel $user") == 0
+ system("userdel $user") == 0
or die "userdel of $user failed: $?\n";
}
}
@@ -155,7 +153,6 @@ sub _update_user {
$cmd = 'useradd -s /bin/vbash -m -N';
} else {
# update existing account
- # NB: can't skip because can't read original password
$cmd = "usermod";
}
@@ -163,7 +160,7 @@ sub _update_user {
$cmd .= " -c \"$fname\"" if ( defined $fname );
$cmd .= " -d \"$home\"" if ( defined $home );
$cmd .= ' -G ' . join( ',', @groups );
- system("sudo $cmd $user");
+ system("$cmd $user");
unless ( $? == 0 ) {
my $reason = $reasons{ ( $? >> 8 ) };
@@ -217,7 +214,7 @@ sub update {
warn "removing $user not listed in current configuration\n";
# Remove user account but leave home directory to be safe
- system("sudo userdel $user") == 0
+ system("userdel $user") == 0
or die "Attempt to delete user $user failed: $!";
}
}