diff options
| author | Marat Nepomnyashy <marat@vyatta.com> | 2008-02-22 16:15:51 -0800 |
|---|---|---|
| committer | Marat Nepomnyashy <marat@vyatta.com> | 2008-02-22 16:15:51 -0800 |
| commit | a4f68f371730e3d55e72ece0532635aaf8553763 (patch) | |
| tree | 831fa62ea2be043561f59c1f3b8e66b38c4810bd | |
| parent | 36b18f78e0a142fb5d2bfed34af89f0001ec8005 (diff) | |
| download | vyatta-op-vpn-a4f68f371730e3d55e72ece0532635aaf8553763.tar.gz vyatta-op-vpn-a4f68f371730e3d55e72ece0532635aaf8553763.zip | |
Fixed-up operator commands 'clear vpn ipsec-process' and 'show vpn debug detail' so that they no longer require sudo password.
| -rw-r--r-- | Makefile.am | 2 | ||||
| -rwxr-xr-x | scripts/vyatta-show-vpn-debug.pl | 3 | ||||
| -rwxr-xr-x | scripts/vyatta-vpn-op.pl | 21 | ||||
| -rw-r--r-- | templates/clear/vpn/ipsec-process/node.def | 2 | ||||
| -rw-r--r-- | templates/show/vpn/debug/detail/node.def | 2 | ||||
| -rw-r--r-- | templates/show/vpn/debug/node.def | 2 |
6 files changed, 25 insertions, 7 deletions
diff --git a/Makefile.am b/Makefile.am index c39220b..7ed2dcd 100644 --- a/Makefile.am +++ b/Makefile.am @@ -17,7 +17,7 @@ xsl_DATA += src/xsl/show_vpn_ipsec_status.xsl bin_sudo_users_PROGRAMS = command_proc_show_vpn -bin_sudo_users_SCRIPTS = scripts/gen_local_rsa_key.pl scripts/vyatta-show-vpn.pl scripts/vyatta-show-vpn-debug.pl +bin_sudo_users_SCRIPTS = scripts/gen_local_rsa_key.pl scripts/vyatta-show-vpn.pl scripts/vyatta-vpn-op.pl command_proc_show_vpn_SOURCES = src/command_proc_base.hh command_proc_show_vpn_SOURCES += src/command_proc_show_vpn.cc diff --git a/scripts/vyatta-show-vpn-debug.pl b/scripts/vyatta-show-vpn-debug.pl deleted file mode 100755 index 3a419a7..0000000 --- a/scripts/vyatta-show-vpn-debug.pl +++ /dev/null @@ -1,3 +0,0 @@ -#!/usr/bin/perl - -system '/usr/sbin/ipsec auto --status' diff --git a/scripts/vyatta-vpn-op.pl b/scripts/vyatta-vpn-op.pl new file mode 100755 index 0000000..bd785e2 --- /dev/null +++ b/scripts/vyatta-vpn-op.pl @@ -0,0 +1,21 @@ +#!/usr/bin/perl -w + +use strict; +use lib "/opt/vyatta/share/perl5/"; + +use Getopt::Long; +my $op; +GetOptions("op=s" => \$op); + +if ($op eq 'show-vpn-debug') { + system '/usr/sbin/ipsec auto --status'; +} +if ($op eq 'show-vpn-debug-detail') { + system '/usr/sbin/ipsec barf'; +} + +if ($op eq 'clear-vpn-ipsec-process') { + system '/usr/sbin/ipsec setup restart'; +} + + diff --git a/templates/clear/vpn/ipsec-process/node.def b/templates/clear/vpn/ipsec-process/node.def index cd50590..fd8ae72 100644 --- a/templates/clear/vpn/ipsec-process/node.def +++ b/templates/clear/vpn/ipsec-process/node.def @@ -1,6 +1,6 @@ help: Restart VPN ipsec process run: if [ -f /etc/ipsec.conf ] && grep -q 'vyatta' /etc/ipsec.conf; then - sudo ipsec setup restart + sudo /opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl --op=clear-vpn-ipsec-process else echo VPN ipsec not configured fi diff --git a/templates/show/vpn/debug/detail/node.def b/templates/show/vpn/debug/detail/node.def index feca088..36acbea 100644 --- a/templates/show/vpn/debug/detail/node.def +++ b/templates/show/vpn/debug/detail/node.def @@ -1,2 +1,2 @@ help: Show detailed VPN debugging information -run: sudo ipsec barf +run: sudo /opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl --op=show-vpn-debug-detail diff --git a/templates/show/vpn/debug/node.def b/templates/show/vpn/debug/node.def index 9e257a4..4a7e336 100644 --- a/templates/show/vpn/debug/node.def +++ b/templates/show/vpn/debug/node.def @@ -1,2 +1,2 @@ help: Show VPN debugging information -run: sudo /opt/vyatta/bin/sudo-users/vyatta-show-vpn-debug.pl +run: sudo /opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl --op=show-vpn-debug |