| Age | Commit message (Collapse) | Author |
|---|
|
|
|
This fix changes the way that the /etc/ntp.conf file is generated. Now
it is generated at boot time using a fixed section that contains
only parameters that users don't change, plus a section that is generated
from any "system ntp-servers" parameters that are configured. The fixed
section does not contain any "server" definitions, so all server definitions
come from the Vyatta config.
The Vyatta configuration template for this parameter and code
at other places in the system will now start the NTP server ONLY if
there is at least one NTP server configured. So the user can "turn off"
the NTP server by just deleting all NTP servers from the configuration.
The default "config.boot" file does contiain one built-in "system ntp-servers"
parameter, so a newly installed system will start the NTP server.
|
|
Bug 4591
Consolidate check for telnet login
Don't remove /etc/securetty edit it
|
|
Bug 4494
|
|
The login class manager must be called if login type is deleted.
Also skip updating if no changes to that login type.
|
|
The login modules aren't really objects (if Perl really had objects), so
just use dynamic invoke of update routine.
|
|
Translate radius-server to Vyatta::Login::RadiusServer
|
|
Use a wrapper script in vyatta_update_login.pl and per login method
objects for the update.
|
|
|
|
Bug 4448
|
|
|
|
Since quagga uses local7, make it a real facility.
Allow local7 for compatiablity.
Bug 4263
|
|
1. User and Radius separate scripts
2. Tacacs (incomplete) moved to separate package
|
|
The new code was requiring full pathname, but old version was
using /var/log/user/<filename> so make new code work like old code.
|
|
Default fallback code was broken
Change to blocked out region for Vyatta config.
|
|
Do most of the work in the rewritten vyatta_update_syslog code.
Handle multiple facilities for same target without causing duplicate
log messages.
Never restart syslog daemon, just reload it and only if the configuration
has changed.
|
|
This reverts commit fd605ab5d4ce4aa4015089042afd90f6e5c6ba59.
|
|
Getting cumbersome with one big script.
|
|
|
|
Use 3 arg open.
|
|
Use of global loop variable, and open syntax.
|
|
|
|
On boot, there is no reason to add or modify a user account if already
exists in the system with same groups and settings.
|
|
|
|
Add admin level users to "disk" group so that they can execute RAID commands.
|
|
previous ones in /etc/syslog.conf
- multiple nodes configured under 'system syslog global' are appended to syslog.conf
- default '*.notice -/var/log/messages' is removed from syslog.conf if any
node is configured under 'system syslog global' and is put back when nothing
configured under 'system syslog global'
- syslog process only restarted once after making all changes in config
- added commit checks at 'system syslog <>' level nodes to specify facility
|
|
Add "admin" and "operator" level users to the "dip" group so that they
can execute CLI commands that bring up and take down PPP connections.
|
|
info in comments
- tighten check for updating resolv.conf for domain-names received from dhcp-server
|
|
|
|
|
|
'name-server' and 'domain-name-server' options
in /etc/resolv.conf received by a dhcp client for an interface
=> Modified name-server/node.def so as to have the name-server set by our CLI on the top of
/etc/resolv.conf to take priority over name-servers received from dhcp client
|
|
Manpage for useradd is incorrect, the option is -N not -n.
|
|
Change to use -n option to useradd:
A group having the same name as the user being added to the system
will be created by default (when -g is not specified). This option
will turn off this behavior. When this option is used, users by
default will be placed in whatever group is specified in the GROUP
variable of /etc/default/useradd. If no default group is defined,
group 100 (users) will be used.
|
|
Root (which uses bash) must be allowed, and probably want to
allow others as well. Better to add full shell support later
|
|
Rewrite the scripts that manage user accounts to:
1) use Posix standard useradd, userdel scripts rather than modifying
passwd/group files directly.
2) add home-directory field to account management
3) support adding accounts to additional groups
Note: this code should now also work with NIS since it has no direct
access to /etc/passwd.
|
|
Run script through perltidy to cleanup indentation
|
|
Put GPL license on this script
|
|
|
|
Replace references to VPL 1.0 with GPLv2
|
|
This is part of other permission fixes, it puts operators
into a group that can then be used for access control.
|
|
Add operator to group adm to allow reading log files without sudo.
This group is used allow reading files in /var/log so the operational
mode show log commands don't need sudo.
|
|
|
|
|
|
mutually exclusive. Generate an error message and refuse commit if both are specified. Bug 2256 fix.
|
|
$(@)' changes to update the 'search' params. Bug 2113 fix.
|
|
* "admin" => "users", "quaggavty", "vyattacfg", "sudo".
* "users" => "users", "quaggavty"
* use "sudo" group for sudo permissions.
* don't add "root" to /etc/group.
|
|
|
|
|
|
|
|
"users" group.
|
