diff options
| -rw-r--r-- | Makefile.am | 1 | ||||
| -rw-r--r-- | debian/changelog | 6 | ||||
| -rwxr-xr-x | scripts/system/vyatta_update_telnet | 84 | ||||
| -rw-r--r-- | templates/service/telnet/allow-root/node.def | 3 | ||||
| -rw-r--r-- | templates/service/telnet/listen-address/node.def | 7 | ||||
| -rw-r--r-- | templates/service/telnet/node.def | 8 | ||||
| -rw-r--r-- | templates/service/telnet/port/node.def | 9 |
7 files changed, 6 insertions, 112 deletions
diff --git a/Makefile.am b/Makefile.am index 169df296..9dfc957c 100644 --- a/Makefile.am +++ b/Makefile.am @@ -56,7 +56,6 @@ sbin_SCRIPTS += scripts/system/vyatta_update_sysctl.pl sbin_SCRIPTS += scripts/system/vyatta_update_syslog.pl sbin_SCRIPTS += scripts/system/vyatta_update_console.pl sbin_SCRIPTS += scripts/system/vyatta_update_ntp.pl -sbin_SCRIPTS += scripts/system/vyatta_update_telnet sbin_SCRIPTS += scripts/system/irq-affinity.pl sbin_SCRIPTS += scripts/snmp/vyatta-snmp.pl sbin_SCRIPTS += scripts/snmp/vyatta-snmp-v3.pl diff --git a/debian/changelog b/debian/changelog index 2d7dc77f..8d4ebc05 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +vyatta-cfg-system (0.20.44+vyos2+current4) unstable; urgency=medium + + * T414: Remove telnetd service + + -- Christian Poessinger <christian@poessinger.com> Sat, 09 Dec 2017 15:29:45 +0100 + vyatta-cfg-system (0.20.44+vyos2+current3) unstable; urgency=medium [ Kim Hagen ] diff --git a/scripts/system/vyatta_update_telnet b/scripts/system/vyatta_update_telnet deleted file mode 100755 index f50eef79..00000000 --- a/scripts/system/vyatta_update_telnet +++ /dev/null @@ -1,84 +0,0 @@ -#! /bin/bash -# Script to control telnet daemon parameters -# and block changes when logged in over telnet - -# Block changes to telnet daemon when logged in over telnet -pid=$(who -um | awk -F " " '{print $7}') -if [ -n "$pid" ]; then - if ps --pid $(ps --pid $pid -o ppid=) -o cmd= | grep -q telnetd - then - echo "Please configure telnet settings via ssh or console." - exit 1 - fi -fi - -usage() { - echo "Usage: $0 enable <port>" - echo " $0 disable" - echo " $0 allow-root {true|false}" - exit 1; -} - -allow-root() { - case "$1" in - true) ;; - false) ;; - *) echo "Expect true or false" - usage ;; - esac - - sudo sed -i -e '/^# Pseudo-terminal (telnet)/,$d' /etc/securetty - - if [ $1 = "false" ]; then - return - fi - - sudo sh -c "cat >>/etc/securetty" <<EOF -# Pseudo-terminal (telnet) -pts/0 -pts/1 -pts/2 -pts/3 -pts/4 -pts/5 -pts/6 -pts/7 -pts/8 -pts/9 -pts/10 -pts/11 -pts/12 -pts/13 -pts/14 -pts/15 -pts/16 -pts/17 -pts/18 -pts/19 -EOF - -} - -case "$1" in - allow-root) - allow-root $2 - ;; - - enable) - if [ -z "$2" ] - then echo "Missing port number"; - usage - fi - exec sudo /opt/vyatta/sbin/telnetd.init restart $2 $3 - ;; - - disable) - exec sudo /opt/vyatta/sbin/telnetd.init stop - ;; - - *) - echo "Unknown argument $1"; - usage - ;; -esac - diff --git a/templates/service/telnet/allow-root/node.def b/templates/service/telnet/allow-root/node.def deleted file mode 100644 index 39c78062..00000000 --- a/templates/service/telnet/allow-root/node.def +++ /dev/null @@ -1,3 +0,0 @@ -help: Enable root login over telnet -create: /opt/vyatta/sbin/vyatta_update_telnet allow-root true -delete:/opt/vyatta/sbin/vyatta_update_telnet allow-root false diff --git a/templates/service/telnet/listen-address/node.def b/templates/service/telnet/listen-address/node.def deleted file mode 100644 index cd016628..00000000 --- a/templates/service/telnet/listen-address/node.def +++ /dev/null @@ -1,7 +0,0 @@ -type: ipv4,ipv6 -help: Local addresses telnet should listen on -val_help: ipv4: IP address to listen for incoming connections -val_help: ipv6: IPv6 address to listen for incoming connections - -commit:expression: exec "/opt/vyatta/sbin/local_ip $VAR(@)"; \ - "IP address $VAR(@) doesn\'t exist on this system" diff --git a/templates/service/telnet/node.def b/templates/service/telnet/node.def deleted file mode 100644 index e173d243..00000000 --- a/templates/service/telnet/node.def +++ /dev/null @@ -1,8 +0,0 @@ -priority: 500 # After syslog and logins -help: Enable/disable Network Virtual Terminal Protocol (TELNET) protocol -update: touch /tmp/vyatta-telnet.$PPID -delete: /opt/vyatta/sbin/vyatta_update_telnet disable -end: if [ -f /tmp/vyatta-telnet.$PPID ]; then - rm -f /tmp/vyatta-telnet.$PPID - /opt/vyatta/sbin/vyatta_update_telnet enable $VAR(port/@) $VAR(listen-address/@) - fi diff --git a/templates/service/telnet/port/node.def b/templates/service/telnet/port/node.def deleted file mode 100644 index c4db688a..00000000 --- a/templates/service/telnet/port/node.def +++ /dev/null @@ -1,9 +0,0 @@ -type: u32 -default: 23 -help: Port for TELNET service - -val_help: u32:1-65535; Numeric IP port -syntax:expression: $VAR(@) > 0 && $VAR(@) <= 65535 ; \ - "Port number must be in range 1 to 65535" -commit:expression: exec "sudo /opt/vyatta/sbin/is_port_available.pl $VAR(@)"; \ - "Port $VAR(@) is already in use!" |