diff options
| author | Stephen Hemminger <stephen.hemminger@vyatta.com> | 2010-02-02 14:57:03 -0800 |
|---|---|---|
| committer | Stephen Hemminger <stephen.hemminger@vyatta.com> | 2010-02-02 15:01:22 -0800 |
| commit | 868fb51d85439d2cb045cf810f23943c60c42c41 (patch) | |
| tree | e80ada760d114d3b20c3333281c0a3be698c2239 /lib | |
| parent | 433feb9b22c62c236be6d7738591a6bb3a5ae9ae (diff) | |
| download | vyatta-cfg-system-868fb51d85439d2cb045cf810f23943c60c42c41.tar.gz vyatta-cfg-system-868fb51d85439d2cb045cf810f23943c60c42c41.zip | |
Run login update as root
Need ability to open file of new user (to load authorized key).
So move sudo to template.
Diffstat (limited to 'lib')
| -rwxr-xr-x | lib/Vyatta/Login/User.pm | 21 |
1 files changed, 9 insertions, 12 deletions
diff --git a/lib/Vyatta/Login/User.pm b/lib/Vyatta/Login/User.pm index e0142b3f..b9e2ec98 100755 --- a/lib/Vyatta/Login/User.pm +++ b/lib/Vyatta/Login/User.pm @@ -81,11 +81,9 @@ sub _authorized_keys { chmod( 0750, $sshdir ); } - open( my $auth, '>', "$sshdir/authorized_keys" ); - unless ($auth) { - warn "open $sshdir/authorized_keys failed: $!"; - return; - } + my $keyfile = "$sshdir/authorized_keys"; + open( my $auth, '>', $keyfile) + or die "open $keyfile failed: $!"; print {$auth} "# Automatically generated by Vyatta configuration\n"; print {$auth} "# Do not edit, all changes will be lost\n"; @@ -96,7 +94,7 @@ sub _authorized_keys { } close $auth; - chmod( 0640, "$sshdir/authorized_keys" ); + chmod( 0640, $keyfile ); } sub _delete_user { @@ -104,15 +102,15 @@ sub _delete_user { if ( $user eq 'root' ) { warn "Disabling root account, instead of deleting\n"; - system('sudo usermod -p ! root') == 0 + system('usermod -p ! root') == 0 or die "usermod of root failed: $?\n"; } elsif ( getlogin() eq $user ) { die "Attempting to delete current user: $user\n"; } else { # This logs out user (so we can delete it) - system("sudo pkill -u $user"); + system("pkill -u $user"); - system("sudo userdel $user") == 0 + system("userdel $user") == 0 or die "userdel of $user failed: $?\n"; } } @@ -155,7 +153,6 @@ sub _update_user { $cmd = 'useradd -s /bin/vbash -m -N'; } else { # update existing account - # NB: can't skip because can't read original password $cmd = "usermod"; } @@ -163,7 +160,7 @@ sub _update_user { $cmd .= " -c \"$fname\"" if ( defined $fname ); $cmd .= " -d \"$home\"" if ( defined $home ); $cmd .= ' -G ' . join( ',', @groups ); - system("sudo $cmd $user"); + system("$cmd $user"); unless ( $? == 0 ) { my $reason = $reasons{ ( $? >> 8 ) }; @@ -217,7 +214,7 @@ sub update { warn "removing $user not listed in current configuration\n"; # Remove user account but leave home directory to be safe - system("sudo userdel $user") == 0 + system("userdel $user") == 0 or die "Attempt to delete user $user failed: $!"; } } |