summaryrefslogtreecommitdiff
path: root/etc/shell
diff options
context:
space:
mode:
authorAn-Cheng Huang <ancheng@vyatta.com>2007-12-07 18:19:48 -0800
committerAn-Cheng Huang <ancheng@vyatta.com>2007-12-07 18:19:48 -0800
commit04a54264cfc1041eb9ae238ccafab7f0e4be4a75 (patch)
treef3227b986435f2d88ade3255f406c658beb9a878 /etc/shell
parentfd32d4dfaafe45c9a7fd4099423de36dd6600ef1 (diff)
downloadvyatta-cfg-04a54264cfc1041eb9ae238ccafab7f0e4be4a75.tar.gz
vyatta-cfg-04a54264cfc1041eb9ae238ccafab7f0e4be4a75.zip
add policy mechanism for user management: per-level policies control
default restricted mode and allowed op/cfg/pipe commands.
Diffstat (limited to 'etc/shell')
-rw-r--r--etc/shell/level/admin/restricted-mode1
-rw-r--r--etc/shell/level/users/allowed-cfg0
-rw-r--r--etc/shell/level/users/allowed-op3
-rw-r--r--etc/shell/level/users/allowed-pipe10
-rw-r--r--etc/shell/level/users/restricted-mode1
5 files changed, 15 insertions, 0 deletions
diff --git a/etc/shell/level/admin/restricted-mode b/etc/shell/level/admin/restricted-mode
new file mode 100644
index 0000000..53752db
--- /dev/null
+++ b/etc/shell/level/admin/restricted-mode
@@ -0,0 +1 @@
+output
diff --git a/etc/shell/level/users/allowed-cfg b/etc/shell/level/users/allowed-cfg
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/etc/shell/level/users/allowed-cfg
diff --git a/etc/shell/level/users/allowed-op b/etc/shell/level/users/allowed-op
new file mode 100644
index 0000000..a2ad52d
--- /dev/null
+++ b/etc/shell/level/users/allowed-op
@@ -0,0 +1,3 @@
+show
+terminal
+exit
diff --git a/etc/shell/level/users/allowed-pipe b/etc/shell/level/users/allowed-pipe
new file mode 100644
index 0000000..3204ef3
--- /dev/null
+++ b/etc/shell/level/users/allowed-pipe
@@ -0,0 +1,10 @@
+more
+1
+no-more
+1
+count
+1
+match
+2
+no-match
+2
diff --git a/etc/shell/level/users/restricted-mode b/etc/shell/level/users/restricted-mode
new file mode 100644
index 0000000..2877147
--- /dev/null
+++ b/etc/shell/level/users/restricted-mode
@@ -0,0 +1 @@
+full