From 9cb73b42bf97b3978c34290825a715b6400536bc Mon Sep 17 00:00:00 2001 From: An-Cheng Huang Date: Tue, 11 Mar 2008 23:38:11 -0700 Subject: add LESSSECURE --- etc/default/vyatta-cfg | 1 + 1 file changed, 1 insertion(+) (limited to 'etc') diff --git a/etc/default/vyatta-cfg b/etc/default/vyatta-cfg index ef02233..d801239 100644 --- a/etc/default/vyatta-cfg +++ b/etc/default/vyatta-cfg @@ -43,6 +43,7 @@ if [ $is_admin == 1 ]; then else # no need to check is_users since there are only 2 levels for now declare -x -r VYATTA_USER_LEVEL_DIR=${vyatta_sysconfdir}/shell/level/users + declare -x -r LESSSECURE=1 fi } 2>/dev/null || : -- cgit v1.2.3 From ee9178c72e1fff0eff2932297f039eb0345f26b1 Mon Sep 17 00:00:00 2001 From: An-Cheng Huang Date: Wed, 12 Mar 2008 14:43:24 -0700 Subject: partial fix for bug 2987: use "less" instead of "more", and disable "terminal" command for operator level. --- etc/default/vyatta-cfg | 1 + etc/shell/level/users/allowed-op | 1 - etc/shell/level/users/allowed-pipe | 2 +- 3 files changed, 2 insertions(+), 2 deletions(-) (limited to 'etc') diff --git a/etc/default/vyatta-cfg b/etc/default/vyatta-cfg index d801239..7d189d8 100644 --- a/etc/default/vyatta-cfg +++ b/etc/default/vyatta-cfg @@ -44,6 +44,7 @@ else # no need to check is_users since there are only 2 levels for now declare -x -r VYATTA_USER_LEVEL_DIR=${vyatta_sysconfdir}/shell/level/users declare -x -r LESSSECURE=1 + alias more=less fi } 2>/dev/null || : diff --git a/etc/shell/level/users/allowed-op b/etc/shell/level/users/allowed-op index 498d120..4c8d16f 100644 --- a/etc/shell/level/users/allowed-op +++ b/etc/shell/level/users/allowed-op @@ -8,7 +8,6 @@ reboot set show telnet -terminal traceroute undebug vpn diff --git a/etc/shell/level/users/allowed-pipe b/etc/shell/level/users/allowed-pipe index 3204ef3..2d92acc 100644 --- a/etc/shell/level/users/allowed-pipe +++ b/etc/shell/level/users/allowed-pipe @@ -1,4 +1,4 @@ -more +less 1 no-more 1 -- cgit v1.2.3 From 58dac8aa8edab4f904c9a621ad20c016f2b7bda5 Mon Sep 17 00:00:00 2001 From: An-Cheng Huang Date: Wed, 12 Mar 2008 15:03:11 -0700 Subject: handle "<*>" allowed values --- etc/bash_completion.d/20vyatta-cfg | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'etc') diff --git a/etc/bash_completion.d/20vyatta-cfg b/etc/bash_completion.d/20vyatta-cfg index 463b383..4ad86ce 100755 --- a/etc/bash_completion.d/20vyatta-cfg +++ b/etc/bash_completion.d/20vyatta-cfg @@ -440,8 +440,14 @@ vyatta_parse_tmpl () vyatta_cfg_comp_help=$(vyatta_parse_tmpl_comp_fields $1 "comp_help") if (( ${#vyatta_cfg_allowed[@]} == 0 )); then - local ares=$(eval "$acmd") - eval "vyatta_cfg_allowed=( $ares )" + local -a ares=( $(eval "$acmd") ) + for (( i=0 ; i<${#ares[@]} ; i++ )); do + if [[ "${ares[i]}" != \<*\> ]]; then + vyatta_cfg_allowed+=( "${ares[i]}" ) + else + vyatta_cfg_allowed+=( "" ) + fi + done fi if [ -z "$vyatta_cfg_help" ]; then vyatta_cfg_help='' -- cgit v1.2.3