| Age | Commit message (Collapse) | Author |
|---|
|
replaced with Debian branding during full-upgrade to Jenner
(cherry picked from commit cbdcd18b2e5328d24a9dfe04dfa015f8375b50ac)
|
|
This fix changes the way that the /etc/ntp.conf file is generated. Now
it is generated at boot time using a fixed section that contains
only parameters that users don't change, plus a section that is generated
from any "system ntp-servers" parameters that are configured. The fixed
section does not contain any "server" definitions, so all server definitions
come from the Vyatta config.
The Vyatta configuration template for this parameter and code
at other places in the system will now start the NTP server ONLY if
there is at least one NTP server configured. So the user can "turn off"
the NTP server by just deleting all NTP servers from the configuration.
The default "config.boot" file does contiain one built-in "system ntp-servers"
parameter, so a newly installed system will start the NTP server.
(cherry picked from commit 08d0d9ed2d8824a446bfe6a1ba660db854f1a8f5)
|
|
Bug 4591
Consolidate check for telnet login
Don't remove /etc/securetty edit it
(cherry picked from commit c6c477f2ffb0f2fd4cf12882f22c2c44ab57cc46)
|
|
Reopens bug 3985 but closes problems with loopback startup.
(cherry picked from commit a139c41faf9ccc7210218fcdf637a234967a6136)
Conflicts:
debian/vyatta-cfg-system.postinst.in
|
|
|
|
1. Don't start NTP server at boot (network not configed yet)
2. Start NTP as needed based on vyatta config
|
|
ISO is still not coming out with correct Vyatta values.
|
|
The edit of udev/rules.d had incorrect sed command.
Setting up ntp.conf wasn't working right.
|
|
By default, vyatta doesn't have package ifupdown, so no need
for net.agent
Bug 3885
|
|
Go back to running ntp during boot because ntp.conf always exists
|
|
|
|
Show tech-support would fail when running lsof as operator.
|
|
|
|
Bug 4147, 4142
Don't allow arbitrary conntrack commands
Do allow operator to show disk format.
|
|
|
|
|
|
|
|
interface"
|
|
|
|
Reading hwclock takes 1.5 seconds, and gets done twice.
Only once is needed.
|
|
translation monitor commands
|
|
commands
|
|
|
|
DDNS for an interface using the CLI
|
|
Bugfix 3832
Need to allow ethtool statistics for operator
|
|
- copy over default islavista syslog.conf during upgrade from hollywood
|
|
This change isn't needed.
This reverts commit 25438666015dc5ea9695f5172b0f4925c3ae2d9a.
|
|
Use hosts.deny to block access to portmapper
Bugfix 3767
|
|
When a new member is added to a RAID group that holds the root filesystem,
we need to re-install grub so that the new disk will be bootable. But this
can only be done after the RAID set has completed rebuilding. Added mechanism
that uses the event notification infrastructure of "mdadm" to trigger
the re-installation of grub after the rebuild completes.
|
|
|
|
|
|
Remove privledge to reboot system via sudo for operator
|
|
|
|
|
|
for operator level user
- add lsof to sudoers file for use by an operator level user
|
|
In the postinstall step, change the PAM configuration for login so that
the user is prompted for password even if the username entered
is invalid. This prevents people from easily determining whether a
username exists or not.
|
|
- get libio-socket-ssl-perl package for Dynamic DNS ssl updates
- disable init for ddclient
|
|
islavista
|
|
|
|
|
|
installed after bash-completion
|
|
|
|
|
|
|
|
Make sure to cleanup any leftover vyatta entries
|
|
0) make backup of file
1) remove old glendale entries
2) put all vyatta entries in one block
3) remove vyatta entries on package removal
|
|
Missing -e on echo causes unparsable sudoers
|
|
mismatch
|
|
For sucessful sudo, just log it at info level.
Capture any security failures/changes into /var/log/auth.log
but skip normal CLI commands
Turn off the builtin sync after each write to /var/log/messages
by putting - before file name; the sync causes a disk write
each time and therefore can be a performance hit during boot.
|
|
Add entry to sudoers to allow wanpipemon command
|
