vyatta-cfg-system.git - Vyatta system-level configuration templates/scripts (mirror of https://github.com/vyos/vyatta-cfg-system.git)

Age	Commit message (Collapse)	Author
2010-07-06	Allow incorrect user to be deleted	Stephen Hemminger
	Avoid password checks on delete. Bug 5418
2010-07-06	Change user name validation	Stephen Hemminger
	Do username validation in perl script. This allows for checking for what is allowed, versus what is recommended. For compatiablity we allow things like upper case user names which but this is not recommended so these names produce a warning.
2010-02-17	Add support for options in keyfile	Stephen Hemminger
	The sshd file format has optional options; copy them to a placeholder node and generate to authorized_keys Better error message when wrong number of arguments.
2010-02-17	Handle DSA keys	Stephen Hemminger
	Bug 5350 Need some changes to support DSA keys (Protocol V2). Also add support for options in key file.
2010-02-02	Run login update as root	Stephen Hemminger
	Need ability to open file of new user (to load authorized key). So move sudo to template.
2010-01-26	Add additional check that new user doesn't exist in NSS	Stephen Hemminger
	If user exists in NSS (LDAP, TACACS+) but not on local machine, then it can not be changed with CLI. useradd will fail (user exists), and usermod will fail (can't find user in passwd file). Bug 5249
2010-01-26	Don't allow vyatta configured accounts to overlap internal accounts	Stephen Hemminger
	Bug 5269 This prevents user from doing something harmful like making a user named quagga or cron and putting vbash on that account.
2010-01-19	Restrict radius-server timeout value	Stephen Hemminger
	Values > 30 are likely to cause login timeout, so don't allow them.
2009-12-04	Add back public-key templates	Stephen Hemminger
	Move them under user/node.tag/authorization
2009-12-04	Rearrange the public-key configuration schema	Stephen Hemminger
	New syntax: system login user vyatta authentication public-key user@remote type ssh-rsa
2009-12-03	Require key-type to be set.	Stephen Hemminger

2009-12-03	SSH enhancements	Stephen Hemminger
	Add public key support Convert allow-root and password-authentication from boolean nodes to regular nodes.
2009-11-30	added required keyword to help text.	Michael Larson

2009-10-15	partial fix for bug 4903.	slioch

2009-09-11	User group fixes	Stephen Hemminger
	Some changes to group interface: * don't allow vyattaop the new group used for operators * check for allowed syntax * add missing continuation on syntax check
2009-09-04	Enforce syntax checking on password	Stephen Hemminger
	Enforce syntax checks on encrypted password field to prevent user errors. But can't check salt field because it is optional and default config.boot doesn't use one! Bug: 4077
2009-09-04	Revert "Validate encrypted password field"	Stephen Hemminger
	This reverts commit a0fe319ce069e15646077a635bc970b961124540.
2009-09-03	Validate encrypted password field	Stephen Hemminger
	Enforce syntax checks on encrypted password field to prevent user errors. Bug: 4077
2009-06-01	Change how system login update works	Stephen Hemminger
	Use a wrapper script in vyatta_update_login.pl and per login method objects for the update.
2009-05-05	Split up system login scripts	Stephen Hemminger
	1. User and Radius separate scripts 2. Tacacs (incomplete) moved to separate package
2009-04-26	Add configurable login banners.	Stig Thormodsrud

2009-04-24	New tacacs+ configuration templates	Stephen Hemminger
	Template change only. TACACS+ support is still not complete but this shows the syntax for configuration.
2009-03-26	Revert "Split login authentication configuration into three scripts"	Stephen Hemminger
	This reverts commit fd605ab5d4ce4aa4015089042afd90f6e5c6ba59.
2009-03-23	Split login authentication configuration into three scripts	Stephen Hemminger
	Getting cumbersome with one big script.
2009-02-08	fix spelling mistake	Mohit Mehta

2008-11-12	add basic tacacs+ support	Robert Bays

2008-06-05	Remove shell template (not ready yet).	Stephen Hemminger
	The template will go back in when vyatta_login_user.pl needs it.
2008-06-05	Turn off TCP SACK	Stephen Hemminger
	This is a workaround for bug 3313. The problem is that MD5 uses up what little space there for TCP options in header.
2008-05-29	Rework how user accounts are managed	Stephen Hemminger
	Rewrite the scripts that manage user accounts to: 1) use Posix standard useradd, userdel scripts rather than modifying passwd/group files directly. 2) add home-directory field to account management 3) support adding accounts to additional groups Note: this code should now also work with NIS since it has no direct access to /etc/passwd.
2008-04-10	Fix Bug 3069 Help strings should be standardized	Mohit Mehta
	-help strings standardized in vyatta-cfg-system
2008-03-10	fix for bug 2083: add radius authentication support.	An-Cheng Huang

2008-02-21	fix for bug 2764: rename user level	An-Cheng Huang

2008-02-11	allow empty full-name	An-Cheng Huang

2008-02-11	prevent ':' in full name (separator in passwd)	An-Cheng Huang

2008-02-04	revise the password check	An-Cheng Huang

2008-02-04	add commit check for user password	An-Cheng Huang

2008-01-31	convert templates to new syntax	An-Cheng Huang

2008-01-30	clean up temp file in delete fail case	An-Cheng Huang

2007-12-04	* change "user group" to "user level".	An-Cheng Huang
	* "admin" => "users", "quaggavty", "vyattacfg", "sudo". * "users" => "users", "quaggavty" * use "sudo" group for sudo permissions. * don't add "root" to /etc/group.
2007-11-01	add support for user groups: currently a user can be in either "admin" or	An-Cheng Huang
	"users" group.
2007-10-24	add 'sudo' for 'system' and 'service/ssh' configuration commands.	An-Cheng Huang

2007-10-19	replace "rl_passwd" with the standard "mkpasswd".	An-Cheng Huang

2007-10-19	move "system" configuration templates/scripts from vyatta-cfg.	An-Cheng Huang