diff options
| author | Alex Harpin <development@landsofshadow.co.uk> | 2015-11-30 21:59:00 +0000 |
|---|---|---|
| committer | Alex Harpin <development@landsofshadow.co.uk> | 2015-11-30 21:59:00 +0000 |
| commit | 3b188bb4a2d0c014c03749ee36347a56b15b02c2 (patch) | |
| tree | 456607519385e1429e7fccdda951b81b4b304adc /templates | |
| parent | eafd05d4f6e2fa7a2abe3b811355410d48c17226 (diff) | |
| download | vyatta-cfg-system-3b188bb4a2d0c014c03749ee36347a56b15b02c2.tar.gz vyatta-cfg-system-3b188bb4a2d0c014c03749ee36347a56b15b02c2.zip | |
vyatta-cfg-system: prevent deletion of all authentication for user
Prevent the deletion of both the encrypted-password and public-keys
nodes for a user, ensuring that at least one of the methods is
available. Also prevent the deletion of the public keys for a user
if the encrypted password is set to "!".
Correct fix this time, without introducing the inability to remove
configured users from the system.
Bug #574 http://bugzilla.vyos.net/show_bug.cgi?id=574
Diffstat (limited to 'templates')
| -rw-r--r-- | templates/system/login/user/node.def | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/templates/system/login/user/node.def b/templates/system/login/user/node.def index 451cc078..41a7e048 100644 --- a/templates/system/login/user/node.def +++ b/templates/system/login/user/node.def @@ -11,3 +11,11 @@ commit:expression: $VAR(@) == "" || commit:expression: $VAR(@) == "" || $VAR(authentication/encrypted-password) != "" || $VAR(authentication/encrypted-password/@) = "!" + +end: if [ ${COMMIT_ACTION} != 'DELETE' ] && + [ -z "$VAR(authentication/public-keys)" ] && + [[ -z "$VAR(authentication/encrypted-password)" || + "$VAR(authentication/encrypted-password/@)" = "!" ]]; then + echo "either user encrypted password or public keys must be set"; + exit 1; + fi |