From 0afd6323d936e7bef1fbd1c10cf35c51f3aeec0f Mon Sep 17 00:00:00 2001 From: An-Cheng Huang Date: Thu, 21 Feb 2008 19:18:37 -0800 Subject: fix for bug 2872: allow operator level to enter all operational commands (except configure). --- etc/shell/level/users/allowed-op | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) (limited to 'etc') diff --git a/etc/shell/level/users/allowed-op b/etc/shell/level/users/allowed-op index c2c2482..de43f4c 100644 --- a/etc/shell/level/users/allowed-op +++ b/etc/shell/level/users/allowed-op @@ -1,6 +1,15 @@ -show -terminal +clear +debug exit -telnet +init-floppy +install-system +no ping +reboot +set +show +telnet +terminal traceroute +undebug +vpn -- cgit v1.2.3 From 6970ba0abdb7ac9af343de33bba758fa2a066b13 Mon Sep 17 00:00:00 2001 From: An-Cheng Huang Date: Fri, 22 Feb 2008 15:26:22 -0800 Subject: use vyattacfg for config files --- debian/vyatta-cfg.postinst.in | 2 +- etc/bash_completion.d/20vyatta-cfg | 4 ++-- etc/init.d/vyatta-ofr | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) (limited to 'etc') diff --git a/debian/vyatta-cfg.postinst.in b/debian/vyatta-cfg.postinst.in index 3fce13b..556b1a9 100644 --- a/debian/vyatta-cfg.postinst.in +++ b/debian/vyatta-cfg.postinst.in @@ -4,7 +4,7 @@ prefix=@prefix@ sysconfdir=@sysconfdir@ mkdir -m 0775 -p $sysconfdir/config $prefix/config -chgrp quaggavty $sysconfdir/config $prefix/config +chgrp vyattacfg $sysconfdir/config $prefix/config update-rc.d vyatta-ofr defaults 90 >/dev/null # do we want to start vyatta-ofr here in postinst? diff --git a/etc/bash_completion.d/20vyatta-cfg b/etc/bash_completion.d/20vyatta-cfg index 7d0b633..5966e18 100644 --- a/etc/bash_completion.d/20vyatta-cfg +++ b/etc/bash_completion.d/20vyatta-cfg @@ -61,7 +61,7 @@ show () save () { - eval "sudo sg quaggavty \ + eval "sudo sg vyattacfg \ \"umask 0002 ; ${vyatta_sbindir}/vyatta-save-config.pl $@\"" } @@ -968,7 +968,7 @@ vyatta_config_complete () eval $restore_shopts } -DEF_GROUP=quaggavty +DEF_GROUP=vyattacfg make_vyatta_config_dir () { sudo mkdir -m 0775 -p $1 diff --git a/etc/init.d/vyatta-ofr b/etc/init.d/vyatta-ofr index 32eb554..89914c4 100755 --- a/etc/init.d/vyatta-ofr +++ b/etc/init.d/vyatta-ofr @@ -55,7 +55,7 @@ else subinit+=( rtrmgr ) GROUP=xorp else - GROUP=quaggavty + GROUP=vyattacfg fi fi -- cgit v1.2.3 From c1f98db047844f6f0f558ddca554b9b21f71ff49 Mon Sep 17 00:00:00 2001 From: An-Cheng Huang Date: Fri, 22 Feb 2008 15:36:24 -0800 Subject: disallow install-system for operator level --- etc/shell/level/users/allowed-op | 1 - 1 file changed, 1 deletion(-) (limited to 'etc') diff --git a/etc/shell/level/users/allowed-op b/etc/shell/level/users/allowed-op index de43f4c..498d120 100644 --- a/etc/shell/level/users/allowed-op +++ b/etc/shell/level/users/allowed-op @@ -2,7 +2,6 @@ clear debug exit init-floppy -install-system no ping reboot -- cgit v1.2.3