diff options
author | Stephen Hemminger <stephen.hemminger@vyatta.com> | 2010-01-26 17:50:33 -0800 |
---|---|---|
committer | Stephen Hemminger <stephen.hemminger@vyatta.com> | 2010-01-26 17:50:33 -0800 |
commit | b5bb8c35539d1b108e988d39153abc813c326b0f (patch) | |
tree | 75ad17b85eb82a2715ae3006916ee66477747c25 /templates/system | |
parent | 2bc8990bc093cce92bcaddd82ee80b1c18223e5d (diff) | |
download | vyatta-cfg-system-b5bb8c35539d1b108e988d39153abc813c326b0f.tar.gz vyatta-cfg-system-b5bb8c35539d1b108e988d39153abc813c326b0f.zip |
Add additional check that new user doesn't exist in NSS
If user exists in NSS (LDAP, TACACS+) but not on local machine,
then it can not be changed with CLI. useradd will fail (user exists),
and usermod will fail (can't find user in passwd file).
Bug 5249
Diffstat (limited to 'templates/system')
-rw-r--r-- | templates/system/login/user/node.def | 6 |
1 files changed, 1 insertions, 5 deletions
diff --git a/templates/system/login/user/node.def b/templates/system/login/user/node.def index 89e10a9c..751767d6 100644 --- a/templates/system/login/user/node.def +++ b/templates/system/login/user/node.def @@ -5,11 +5,7 @@ help: Set user account information syntax:expression: pattern $VAR(@) "^[a-zA-Z_][a-zA-Z0-9_-]*\\$?$" ; "invalid user name $VAR(@)" -# System accounts should not be listed in vyatta configuration -syntax:expression: exec "\ - uid=$(getent passwd $VAR(@) | awk -F: '{print $3}'); \ - [ -z \"$uid\" ] || [ $uid -eq 0 -o $uid -ge 1000 ]" \ - ; "user name \"$VAR(@)\" is reserved for internal usage" +syntax:expression: exec "/opt/vyatta/sbin/vyatta_check_username.pl $VAR(@)" commit:expression: $VAR(authentication/encrypted-password) != "" || ($VAR(authentication/plaintext-password) != "" |