summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorslioch <slioch@eng-140.vyatta.com>2009-10-19 15:42:46 -0700
committerslioch <slioch@eng-140.vyatta.com>2009-10-19 15:42:46 -0700
commitf7f90ef2c60c493c58378a13ce77b74443ec8796 (patch)
tree066cba923645d772ed7aa962d83bbd0c01c3af49
parent0437ad64813fb30beb05dcd76b50a1d95c1e3f00 (diff)
downloadvyatta-cfg-f7f90ef2c60c493c58378a13ce77b74443ec8796.tar.gz
vyatta-cfg-f7f90ef2c60c493c58378a13ce77b74443ec8796.zip
add sudo back to save command, and add check to save script that validates vyatta config token at end of file. this will prevent the
accidental overwrite of non vyatta config files. check on prevent existing files that don't contain ' === vyatta-config-version:' from being saved to.
-rwxr-xr-xetc/bash_completion.d/20vyatta-cfg2
-rwxr-xr-xscripts/vyatta-save-config.pl9
2 files changed, 10 insertions, 1 deletions
diff --git a/etc/bash_completion.d/20vyatta-cfg b/etc/bash_completion.d/20vyatta-cfg
index 6f1f54d..5f7896d 100755
--- a/etc/bash_completion.d/20vyatta-cfg
+++ b/etc/bash_completion.d/20vyatta-cfg
@@ -70,7 +70,7 @@ show ()
save ()
{
- eval "umask 0002 ; ${vyatta_sbindir}/vyatta-save-config.pl $@"
+ eval "sudo sg vyattacfg \"umask 0002 ; ${vyatta_sbindir}/vyatta-save-config.pl $@\""
}
discard ()
diff --git a/scripts/vyatta-save-config.pl b/scripts/vyatta-save-config.pl
index 79cda88..e8220c0 100755
--- a/scripts/vyatta-save-config.pl
+++ b/scripts/vyatta-save-config.pl
@@ -68,6 +68,15 @@ print "Saving configuration to '$save_file'...\n";
my $save;
if ($mode eq 'local') {
+ # first check if this file exists, and if so ensure this is a config file.
+ if (-e $save_file) {
+ my $result = `grep ' === vyatta-config-version:' $save_file`;
+ if (!defined $result || length($result) == 0) {
+ print "File exists and is not a Vyatta configuration file, aborting save!\n";
+ exit 1;
+ }
+ }
+
# this overwrites the file if it exists. we could create a backup first.
open $save, '>', $save_file
or die "Can not open file '$save_file': $!\n";