summaryrefslogtreecommitdiff
path: root/scripts/system
diff options
context:
space:
mode:
authorStephen Hemminger <stephen.hemminger@vyatta.com>2009-06-16 15:31:49 -0700
committerAn-Cheng Huang <ancheng@vyatta.com>2009-07-17 14:56:04 -0700
commit5ec82316b089d0be4f544937fbd3ed5d3333c829 (patch)
tree9e29e450cbb1cdb392e358f88373c6e227f6f15d /scripts/system
parent3f05a5d8e5fed097dc3ddd3139ae72b4208cdccc (diff)
downloadvyatta-cfg-system-5ec82316b089d0be4f544937fbd3ed5d3333c829.tar.gz
vyatta-cfg-system-5ec82316b089d0be4f544937fbd3ed5d3333c829.zip
Make telnet management smarter
Bug 4591 Consolidate check for telnet login Don't remove /etc/securetty edit it (cherry picked from commit c6c477f2ffb0f2fd4cf12882f22c2c44ab57cc46)
Diffstat (limited to 'scripts/system')
-rwxr-xr-xscripts/system/vyatta_update_telnet82
1 files changed, 82 insertions, 0 deletions
diff --git a/scripts/system/vyatta_update_telnet b/scripts/system/vyatta_update_telnet
new file mode 100755
index 00000000..0725a85f
--- /dev/null
+++ b/scripts/system/vyatta_update_telnet
@@ -0,0 +1,82 @@
+#! /bin/bash
+# Script to control telnet daemon parameters
+# and block changes when logged in over telnet
+
+# Block changes to telnet daemon when logged in over telnet
+pid=$(who -um | awk -F " " '{print $7}')
+if ps --pid $(ps --pid $pid -o ppid=) -o cmd= | grep -q telnetd
+then
+ echo "Please configure telnet settings via ssh or console."
+ exit 1
+fi
+
+usage() {
+ echo "Usage: $0 enable <port>"
+ echo " $0 disable"
+ echo " $0 allow-root {true|false}"
+ exit 1;
+}
+
+allow-root() {
+ case "$1" in
+ true) ;;
+ false) ;;
+ *) echo "Expect true or false"
+ usage ;;
+ esac
+
+ sudo sed -i -e '/^# Pseudo-terminal (telnet)/,$d' /etc/securetty
+
+ if [ $1 = "false" ]; then
+ return
+ fi
+
+ sudo sh -c "cat >>/etc/securetty" <<EOF
+# Pseudo-terminal (telnet)
+pts/0
+pts/1
+pts/2
+pts/3
+pts/4
+pts/5
+pts/6
+pts/7
+pts/8
+pts/9
+pts/10
+pts/11
+pts/12
+pts/13
+pts/14
+pts/15
+pts/16
+pts/17
+pts/18
+pts/19
+EOF
+
+}
+
+case "$1" in
+ allow-root)
+ allow-root $2
+ ;;
+
+ enable)
+ if [ -z "$2" ]
+ then echo "Missing port number";
+ usage
+ fi
+ exec sudo /opt/vyatta/sbin/telnetd.init restart "$2"
+ ;;
+
+ disable)
+ exec sudo /opt/vyatta/sbin/telnetd.init stop
+ ;;
+
+ *)
+ echo "Unknown argument $1";
+ usage
+ ;;
+esac
+