diff options
author | An-Cheng Huang <ancheng@vyatta.com> | 2008-03-10 17:57:18 -0700 |
---|---|---|
committer | An-Cheng Huang <ancheng@vyatta.com> | 2008-03-10 17:57:18 -0700 |
commit | 8c19cf60345065b1d573e7befea9be6042d296a2 (patch) | |
tree | 4d00842161546c662c934736834402d441d099cd /templates | |
parent | e7b2082e077f2ac4625f8a7e2a45749b3ce56140 (diff) | |
download | vyatta-cfg-system-8c19cf60345065b1d573e7befea9be6042d296a2.tar.gz vyatta-cfg-system-8c19cf60345065b1d573e7befea9be6042d296a2.zip |
fix for bug 2083: add radius authentication support.
Diffstat (limited to 'templates')
-rw-r--r-- | templates/system/login/node.def | 2 | ||||
-rw-r--r-- | templates/system/login/radius-server/node.def | 10 | ||||
-rw-r--r-- | templates/system/login/user/node.def | 26 |
3 files changed, 7 insertions, 31 deletions
diff --git a/templates/system/login/node.def b/templates/system/login/node.def index ca2da1b3..d98c03c6 100644 --- a/templates/system/login/node.def +++ b/templates/system/login/node.def @@ -1,3 +1,3 @@ help: Configure user access delete:expression: "echo User root cannot be deleted 1>&2 && exit 1" - +end: /opt/vyatta/sbin/vyatta_update_login.pl diff --git a/templates/system/login/radius-server/node.def b/templates/system/login/radius-server/node.def index 6d87890c..85ca4cc5 100644 --- a/templates/system/login/radius-server/node.def +++ b/templates/system/login/radius-server/node.def @@ -1,10 +1,6 @@ tag: type: ipv4 help: Radius server authentication configuration -# need mandatory secret. also need port & timeout (default values?) -update:expression: "sudo sh -c \"touch /etc/raddb/server && \ -sed -i '/$VAR(@)/d' /etc/raddb/server && \ -echo \\\"$VAR(@):$VAR(port/@)\t$VAR(secret/@)\t$VAR(timeout/@)\\\" \ ->> /etc/raddb/server\" " -delete:expression: "sudo sh -c \"touch /etc/raddb/server && \ -sed -i '/$VAR(@)/d' /etc/raddb/server\" " +commit:expression: $VAR(port) != "" && $VAR(secret) != "" + && $VAR(timeout) != "" + ; "Port, secret, and timeout must be specified for Radius" diff --git a/templates/system/login/user/node.def b/templates/system/login/user/node.def index 0c1a393d..205a4b7a 100644 --- a/templates/system/login/user/node.def +++ b/templates/system/login/user/node.def @@ -4,26 +4,6 @@ help: User account information commit:expression: $VAR(authentication/encrypted-password) != "" || ($VAR(authentication/plaintext-password) != "" && $VAR(authentication/plaintext-password/@) != "") - ; "user password must be specified" -syntax:expression: pattern $VAR(@) "^[a-zA-Z_][a-zA-Z0-9_-]*\\$?$" ; "invalid user name $VAR(@)" -# line continuation and $() expansion are done by cli, not sh. -# need mandatory encrypted password. -end:expression: "if [ -d /tmp/vyatta-delete-system-login-user-$VAR(@).$PPID ]; \ -then rm -rf /tmp/vyatta-delete-system-login-user-$VAR(@).$PPID && exit 0; \ -fi && \ -sudo /opt/vyatta/sbin/vyatta_update_login_user.pl \ - '$VAR(@)' '$VAR(full-name/@)' '$VAR(authentication/encrypted-password/@)' \ - '$VAR(level/@)'" -delete:expression: "if [ x$VAR(@) == x ]; then exit 1; fi && \ -if [ x$VAR(@) == xroot ]; then \ - echo Cannot delete user \"root\" 1>&2 && exit 2; \ -fi && \ -if mkdir /tmp/vyatta-delete-system-login-user-$VAR(@).$PPID >& /dev/null; \ -then \ - if ! sudo /opt/vyatta/sbin/vyatta_update_login_user.pl -d '$VAR(@)'; then \ - rm -rf /tmp/vyatta-delete-system-login-user-$VAR(@).$PPID; \ - exit 1; \ - fi; \ -else \ - exit 1; \ -fi" + ; "user password must be specified" +syntax:expression: pattern $VAR(@) "^[a-zA-Z_][a-zA-Z0-9_-]*\\$?$" + ; "invalid user name $VAR(@)" |