summaryrefslogtreecommitdiff
path: root/debian/vyatta-cfg-system.postinst.in
AgeCommit message (Collapse)Author
2010-05-25Add pam_cap capability configurationStephen Hemminger
2010-05-25Set file capability attributesStephen Hemminger
This sets file capability attributes during package installation (and build) to allow better security models.
2010-05-24Don't enable PAM Radius by defaultStephen Hemminger
The pam-config mechanism will insert Radius pam module if it is in /usr/share/pam-configs. Therefore hold off installing file until Radius really needed.
2010-05-20don't start conntrackd itselfMohit Mehta
2010-04-27Revert "Set capabilities on standard utilities"Stephen Hemminger
This reverts commit 59cae244d055a7b5ba9de460d3ebbb5700d6ab17. Don't want to do this this way.
2010-04-26Set capabilities on standard utilitiesStephen Hemminger
This sets extended capablities on some common utilities
2010-03-20Fix Bug 5386 L2TP will work only the first time Vyatta is bootedMohit Mehta
* move fix to vyatta-ravpn to make sure init script stays modified even if xl2tpd gets installed after vyatta-cfg-sytem during full-upgrade (cherry picked from commit bdc317666828bad9dac2edef20d3919d943a5e9e)
2010-03-05Fixup xl2tpd init during installStephen Hemminger
Bug 5386 Since vyatta-cfg-system is the place where Vyatta does lots of busted package fixups; fix xl2tpd init script there.
2010-02-09Remove vyatta-ofr on upgradeStephen Hemminger
The upgrade process doesn't always remove old vyatta-ofr init script
2010-02-02Fix password-authentication setup in sshdStephen Hemminger
Bug 5301 Need to setup sshd_config during install to allow configure later
2010-01-26Get rid of protected-users fileStephen Hemminger
Instead of white-listing special system users, just go with the Debian policy that all users with uid < 1000 are system accounts
2010-01-25Fix typo in PermitRoot setup.Stephen Hemminger
2010-01-25Remove duplicate crontab and stop munging /etc/crontab.Stig Thormodsrud
2010-01-24Fix allow-root for telnet/sshStephen Hemminger
Bug 5252 The boot script needs to restore default settings, and the templates are then used to enable root access.
2010-01-19Change how IPV4/IPV6 configuration values are doneStephen Hemminger
1. Move vyatta-sysctl.conf from rl-system.init to procps This makes configuration happen early (before networking) 2. Do IPV6 configuration for address_flush in rl-system.init (after IPV6 is loaded) 3. Cleanup shell code for ipv6_params: * no sudo needed in startup scripts * use cleaner iteration
2009-12-21Fix command-with-path-in-maintainer-script postinst:158 ↵Stephen Hemminger
/usr/sbin/dpkg-reconfigure
2009-12-18Block passwd command for non-root userStephen Hemminger
The vyatta administrator needs to use Vyatta tools to change account password. Bug 4927
2009-12-09The protected-users file does not need to be made during installStephen Hemminger
The file is protected-user (not protected-users) and it is already installed.
2009-12-08Force root account to have disabled passwordStephen Hemminger
This makes sure there is no working password for user root in ISO.
2009-12-07don't block passwd with pamStephen Hemminger
Breaks setup of account during install. Useradd calls passwd.
2009-12-04Block user from changing name or passwordStephen Hemminger
Bug 4927 This blocks user from changing fields in password file. Note: adding removing users is not allowed unless user is root, but then all bets are off anyway.
2009-12-01Get rid of warning on package updateStephen Hemminger
Warning: cp '/opt/vyatta/etc/level' and '/opt/vyatta/etc/level' are the same file
2009-11-19Add user tss for udevStephen Hemminger
See http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=412989 The udev scripts expect user tss, but it isn't there. For Vyatta, just create it; debian developers can't agree on proper fix!
2009-11-17Don't start hostapd at bootStephen Hemminger
Vyatta sets up hostap for wireless later in config process if needed. So remove default startup.
2009-11-05Move user configuration information to filesStephen Hemminger
1. Complete migration of protected-users from hardcoded in User.pm to /opt/vyatta/etc/protected-user 2. Put mapping from level to group in file.
2009-11-02rename pam-radius to pam_radius.cfgStephen Hemminger
Use a reasonable suffix for file type
2009-10-29Dont start radvd on bootStephen Hemminger
Bug 4975
2009-10-27Use pam-auth-update to configure radiusStephen Hemminger
This keeps radius from fighting with tacacs+
2009-10-05add override mechanism for protected usersAn-Cheng Huang
2009-07-30Fix 4748: Pre-login message files (/etc/issue,/etc/issue.net) areStig Thormodsrud
replaced with Debian branding during full-upgrade to Jenner (cherry picked from commit cbdcd18b2e5328d24a9dfe04dfa015f8375b50ac)
2009-07-17Bugfix 4592: Generate NTP config file from Vyatta configuration parameters.Bob Gilligan
This fix changes the way that the /etc/ntp.conf file is generated. Now it is generated at boot time using a fixed section that contains only parameters that users don't change, plus a section that is generated from any "system ntp-servers" parameters that are configured. The fixed section does not contain any "server" definitions, so all server definitions come from the Vyatta config. The Vyatta configuration template for this parameter and code at other places in the system will now start the NTP server ONLY if there is at least one NTP server configured. So the user can "turn off" the NTP server by just deleting all NTP servers from the configuration. The default "config.boot" file does contiain one built-in "system ntp-servers" parameter, so a newly installed system will start the NTP server. (cherry picked from commit 08d0d9ed2d8824a446bfe6a1ba660db854f1a8f5)
2009-07-17Make telnet management smarterStephen Hemminger
Bug 4591 Consolidate check for telnet login Don't remove /etc/securetty edit it (cherry picked from commit c6c477f2ffb0f2fd4cf12882f22c2c44ab57cc46)
2009-07-17Revert earlier change -- keep debian net.agentAn-Cheng Huang
Reopens bug 3985 but closes problems with loopback startup. (cherry picked from commit a139c41faf9ccc7210218fcdf637a234967a6136) Conflicts: debian/vyatta-cfg-system.postinst.in
2009-06-17Merged from Jenner.Bob Gilligan
2009-05-27NTP management version 3Stephen Hemminger
1. Don't start NTP server at boot (network not configed yet) 2. Start NTP as needed based on vyatta config
2009-05-24Fix post install script to adjust ntp.conf and net.agentStephen Hemminger
ISO is still not coming out with correct Vyatta values.
2009-05-23Fix install rulesStephen Hemminger
The edit of udev/rules.d had incorrect sed command. Setting up ntp.conf wasn't working right.
2009-05-22Don't run net.agentStephen Hemminger
By default, vyatta doesn't have package ifupdown, so no need for net.agent Bug 3885
2009-05-22Run ntp during bootStephen Hemminger
Go back to running ntp during boot because ntp.conf always exists
2009-04-26Add configurable login banners.Stig Thormodsrud
2009-03-07Fix path to lsofStephen Hemminger
Show tech-support would fail when running lsof as operator.
2009-03-06Remove unused directory.Stig Thormodsrud
2009-03-03Change sudo ability of some operator related commandsStephen Hemminger
Bug 4147, 4142 Don't allow arbitrary conntrack commands Do allow operator to show disk format.
2009-03-03Fix path on hwclock cleanoutStephen Hemminger
2009-02-06permit operator-level user to issue show and clear commands for firewallMohit Mehta
2008-11-17Merge branch 'islavista' into jennerRick Balocca
2008-11-16Fix 3929: Operator level user now need sudo password to run "clear arpStig Thormodsrud
interface"
2008-11-14typo in last commitStephen Hemminger
2008-11-14Remove extra call to set hwclock on startupStephen Hemminger
Reading hwclock takes 1.5 seconds, and gets done twice. Only once is needed.
2008-11-14Fix 3920: Operator level users require sudo permission for natStig Thormodsrud
translation monitor commands
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-11 16:41:43 +0000