summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-xlib/Vyatta/Login/User.pm21
-rw-r--r--templates/system/login/node.def2
2 files changed, 10 insertions, 13 deletions
diff --git a/lib/Vyatta/Login/User.pm b/lib/Vyatta/Login/User.pm
index e0142b3f..b9e2ec98 100755
--- a/lib/Vyatta/Login/User.pm
+++ b/lib/Vyatta/Login/User.pm
@@ -81,11 +81,9 @@ sub _authorized_keys {
chmod( 0750, $sshdir );
}
- open( my $auth, '>', "$sshdir/authorized_keys" );
- unless ($auth) {
- warn "open $sshdir/authorized_keys failed: $!";
- return;
- }
+ my $keyfile = "$sshdir/authorized_keys";
+ open( my $auth, '>', $keyfile)
+ or die "open $keyfile failed: $!";
print {$auth} "# Automatically generated by Vyatta configuration\n";
print {$auth} "# Do not edit, all changes will be lost\n";
@@ -96,7 +94,7 @@ sub _authorized_keys {
}
close $auth;
- chmod( 0640, "$sshdir/authorized_keys" );
+ chmod( 0640, $keyfile );
}
sub _delete_user {
@@ -104,15 +102,15 @@ sub _delete_user {
if ( $user eq 'root' ) {
warn "Disabling root account, instead of deleting\n";
- system('sudo usermod -p ! root') == 0
+ system('usermod -p ! root') == 0
or die "usermod of root failed: $?\n";
} elsif ( getlogin() eq $user ) {
die "Attempting to delete current user: $user\n";
} else {
# This logs out user (so we can delete it)
- system("sudo pkill -u $user");
+ system("pkill -u $user");
- system("sudo userdel $user") == 0
+ system("userdel $user") == 0
or die "userdel of $user failed: $?\n";
}
}
@@ -155,7 +153,6 @@ sub _update_user {
$cmd = 'useradd -s /bin/vbash -m -N';
} else {
# update existing account
- # NB: can't skip because can't read original password
$cmd = "usermod";
}
@@ -163,7 +160,7 @@ sub _update_user {
$cmd .= " -c \"$fname\"" if ( defined $fname );
$cmd .= " -d \"$home\"" if ( defined $home );
$cmd .= ' -G ' . join( ',', @groups );
- system("sudo $cmd $user");
+ system("$cmd $user");
unless ( $? == 0 ) {
my $reason = $reasons{ ( $? >> 8 ) };
@@ -217,7 +214,7 @@ sub update {
warn "removing $user not listed in current configuration\n";
# Remove user account but leave home directory to be safe
- system("sudo userdel $user") == 0
+ system("userdel $user") == 0
or die "Attempt to delete user $user failed: $!";
}
}
diff --git a/templates/system/login/node.def b/templates/system/login/node.def
index 47878e1e..c1330b0b 100644
--- a/templates/system/login/node.def
+++ b/templates/system/login/node.def
@@ -1,4 +1,4 @@
priority: 400
help: Set user access
delete: echo 'All login methods can not be deleted' 1>&2; exit 1
-end: /opt/vyatta/sbin/vyatta_update_login.pl
+end: sudo /opt/vyatta/sbin/vyatta_update_login.pl