diff options
| author | Marat Nepomnyashy <marat@vyatta.com> | 2008-02-21 19:03:48 -0800 |
|---|---|---|
| committer | Marat Nepomnyashy <marat@vyatta.com> | 2008-02-21 19:03:48 -0800 |
| commit | 36b18f78e0a142fb5d2bfed34af89f0001ec8005 (patch) | |
| tree | 9e1e5489ef89fc6c60e2c6ba6e23ec92dc41941c | |
| parent | 84fe6d4b1e8fe5c8b9530f13bfcf2167ada322d1 (diff) | |
| download | vyatta-op-vpn-36b18f78e0a142fb5d2bfed34af89f0001ec8005.tar.gz vyatta-op-vpn-36b18f78e0a142fb5d2bfed34af89f0001ec8005.zip | |
Moved execution of 'show vpn' commands to '/opt/vyatta/bin/sudo-users' so that operator users can execute them. Bug 2865 fix.
| -rw-r--r-- | Makefile.am | 4 | ||||
| -rwxr-xr-x | scripts/vyatta-show-vpn-debug.pl | 3 | ||||
| -rwxr-xr-x | scripts/vyatta-show-vpn.pl (renamed from scripts/show_vpn.pl) | 2 | ||||
| -rw-r--r-- | templates/show/vpn/debug/node.def | 2 | ||||
| -rw-r--r-- | templates/show/vpn/ike/rsa-keys/node.def | 2 | ||||
| -rw-r--r-- | templates/show/vpn/ike/sa/nat-traversal/node.def | 2 | ||||
| -rw-r--r-- | templates/show/vpn/ike/sa/node.def | 2 | ||||
| -rw-r--r-- | templates/show/vpn/ike/sa/peer/node.tag/node.def | 2 | ||||
| -rw-r--r-- | templates/show/vpn/ike/secrets/node.def | 2 | ||||
| -rw-r--r-- | templates/show/vpn/ike/status/node.def | 2 | ||||
| -rw-r--r-- | templates/show/vpn/ipsec/sa/detail/connection/node.tag/node.def | 2 | ||||
| -rw-r--r-- | templates/show/vpn/ipsec/sa/detail/node.def | 2 | ||||
| -rw-r--r-- | templates/show/vpn/ipsec/sa/detail/peer/node.tag/node.def | 2 | ||||
| -rw-r--r-- | templates/show/vpn/ipsec/sa/nat-traversal/node.def | 2 | ||||
| -rw-r--r-- | templates/show/vpn/ipsec/sa/node.def | 2 | ||||
| -rw-r--r-- | templates/show/vpn/ipsec/sa/peer/node.tag/node.def | 2 | ||||
| -rw-r--r-- | templates/show/vpn/ipsec/sa/statistics/node.def | 2 | ||||
| -rw-r--r-- | templates/show/vpn/ipsec/status/node.def | 2 |
18 files changed, 21 insertions, 18 deletions
diff --git a/Makefile.am b/Makefile.am index 659c659..c39220b 100644 --- a/Makefile.am +++ b/Makefile.am @@ -15,9 +15,9 @@ xsl_DATA += src/xsl/show_vpn_ipsec_sa_statistics.xsl xsl_DATA += src/xsl/show_vpn_ipsec_sa.xsl xsl_DATA += src/xsl/show_vpn_ipsec_status.xsl -sbin_PROGRAMS = command_proc_show_vpn +bin_sudo_users_PROGRAMS = command_proc_show_vpn -sbin_SCRIPTS = scripts/gen_local_rsa_key.pl scripts/show_vpn.pl +bin_sudo_users_SCRIPTS = scripts/gen_local_rsa_key.pl scripts/vyatta-show-vpn.pl scripts/vyatta-show-vpn-debug.pl command_proc_show_vpn_SOURCES = src/command_proc_base.hh command_proc_show_vpn_SOURCES += src/command_proc_show_vpn.cc diff --git a/scripts/vyatta-show-vpn-debug.pl b/scripts/vyatta-show-vpn-debug.pl new file mode 100755 index 0000000..3a419a7 --- /dev/null +++ b/scripts/vyatta-show-vpn-debug.pl @@ -0,0 +1,3 @@ +#!/usr/bin/perl + +system '/usr/sbin/ipsec auto --status' diff --git a/scripts/show_vpn.pl b/scripts/vyatta-show-vpn.pl index 2869525..bad76b5 100755 --- a/scripts/show_vpn.pl +++ b/scripts/vyatta-show-vpn.pl @@ -1,6 +1,6 @@ #!/usr/bin/perl -w # -# Module: show_vpn.pl +# Module: vyatta_show_vpn.pl # # **** License **** # Version: VPL 1.0 diff --git a/templates/show/vpn/debug/node.def b/templates/show/vpn/debug/node.def index acda656..9e257a4 100644 --- a/templates/show/vpn/debug/node.def +++ b/templates/show/vpn/debug/node.def @@ -1,2 +1,2 @@ help: Show VPN debugging information -run: sudo ipsec auto --status +run: sudo /opt/vyatta/bin/sudo-users/vyatta-show-vpn-debug.pl diff --git a/templates/show/vpn/ike/rsa-keys/node.def b/templates/show/vpn/ike/rsa-keys/node.def index c174c96..6d3baa5 100644 --- a/templates/show/vpn/ike/rsa-keys/node.def +++ b/templates/show/vpn/ike/rsa-keys/node.def @@ -1,2 +1,2 @@ help: Show VPN RSA keys -run: sudo /opt/vyatta/sbin/show_vpn.pl rsa-keys +run: sudo /opt/vyatta/bin/sudo-users/vyatta-show-vpn.pl rsa-keys diff --git a/templates/show/vpn/ike/sa/nat-traversal/node.def b/templates/show/vpn/ike/sa/nat-traversal/node.def index 69771e5..6d3a785 100644 --- a/templates/show/vpn/ike/sa/nat-traversal/node.def +++ b/templates/show/vpn/ike/sa/nat-traversal/node.def @@ -1,2 +1,2 @@ help: Show all currently active IKE Security Associations (SA) that are using NAT Traversal. -run: sudo /opt/vyatta/sbin/command_proc_show_vpn show_vpn_ike_sa.xsl --pname nat --pval enabled +run: sudo /opt/vyatta/bin/sudo-users/command_proc_show_vpn show_vpn_ike_sa.xsl --pname nat --pval enabled diff --git a/templates/show/vpn/ike/sa/node.def b/templates/show/vpn/ike/sa/node.def index c225651..97e373c 100644 --- a/templates/show/vpn/ike/sa/node.def +++ b/templates/show/vpn/ike/sa/node.def @@ -1,2 +1,2 @@ help: Show all currently active IKE Security Associations (SA). -run: sudo /opt/vyatta/sbin/command_proc_show_vpn show_vpn_ike_sa.xsl +run: sudo /opt/vyatta/bin/sudo-users/command_proc_show_vpn show_vpn_ike_sa.xsl diff --git a/templates/show/vpn/ike/sa/peer/node.tag/node.def b/templates/show/vpn/ike/sa/peer/node.tag/node.def index 071aa33..e5a597e 100644 --- a/templates/show/vpn/ike/sa/peer/node.tag/node.def +++ b/templates/show/vpn/ike/sa/peer/node.tag/node.def @@ -1,2 +1,2 @@ help: Show all currently active IKE Security Associations (SA) for a specific peer. -run: sudo /opt/vyatta/sbin/command_proc_show_vpn show_vpn_ike_sa.xsl --pname peer --pval "$6" +run: sudo /opt/vyatta/bin/sudo-users/command_proc_show_vpn show_vpn_ike_sa.xsl --pname peer --pval "$6" diff --git a/templates/show/vpn/ike/secrets/node.def b/templates/show/vpn/ike/secrets/node.def index 69a8001..0c993e2 100644 --- a/templates/show/vpn/ike/secrets/node.def +++ b/templates/show/vpn/ike/secrets/node.def @@ -1,2 +1,2 @@ help: Show all the pre-shared key secrets. -run: sudo /opt/vyatta/sbin/show_vpn.pl secrets +run: sudo /opt/vyatta/bin/sudo-users/vyatta-show-vpn.pl secrets diff --git a/templates/show/vpn/ike/status/node.def b/templates/show/vpn/ike/status/node.def index e557107..3b91a79 100644 --- a/templates/show/vpn/ike/status/node.def +++ b/templates/show/vpn/ike/status/node.def @@ -1,2 +1,2 @@ help: Show summary information about the IKE process. -run: sudo /opt/vyatta/sbin/command_proc_show_vpn show_vpn_ike_status.xsl +run: sudo /opt/vyatta/bin/sudo-users/command_proc_show_vpn show_vpn_ike_status.xsl diff --git a/templates/show/vpn/ipsec/sa/detail/connection/node.tag/node.def b/templates/show/vpn/ipsec/sa/detail/connection/node.tag/node.def index 0094f92..5a35ab5 100644 --- a/templates/show/vpn/ipsec/sa/detail/connection/node.tag/node.def +++ b/templates/show/vpn/ipsec/sa/detail/connection/node.tag/node.def @@ -1,3 +1,3 @@ help: Show details of all active IPsec Security Associations (SA) for a specific connection. -run: sudo /opt/vyatta/sbin/command_proc_show_vpn show_vpn_ipsec_sa.xsl --pname detail --pval y --pname conn --pval "$7" +run: sudo /opt/vyatta/bin/sudo-users/command_proc_show_vpn show_vpn_ipsec_sa.xsl --pname detail --pval y --pname conn --pval "$7" allowed: ipsec auto --status | grep '000 "peer-' | perl -p -e 's/^000 "([^"]*)":\s.*/\1/' | sort -u diff --git a/templates/show/vpn/ipsec/sa/detail/node.def b/templates/show/vpn/ipsec/sa/detail/node.def index 7092244..8013cfc 100644 --- a/templates/show/vpn/ipsec/sa/detail/node.def +++ b/templates/show/vpn/ipsec/sa/detail/node.def @@ -1,2 +1,2 @@ help: Show details of all active IPsec Security Associations (SA). -run: sudo /opt/vyatta/sbin/command_proc_show_vpn show_vpn_ipsec_sa.xsl --pname detail --pval y +run: sudo /opt/vyatta/bin/sudo-users/command_proc_show_vpn show_vpn_ipsec_sa.xsl --pname detail --pval y diff --git a/templates/show/vpn/ipsec/sa/detail/peer/node.tag/node.def b/templates/show/vpn/ipsec/sa/detail/peer/node.tag/node.def index 5548e26..c4edd7d 100644 --- a/templates/show/vpn/ipsec/sa/detail/peer/node.tag/node.def +++ b/templates/show/vpn/ipsec/sa/detail/peer/node.tag/node.def @@ -1,2 +1,2 @@ help: Show details of all active IPsec Security Associations (SA) for a specific peer. -run: sudo /opt/vyatta/sbin/command_proc_show_vpn show_vpn_ipsec_sa.xsl --pname detail --pval y --pname peer --pval "$7" +run: sudo /opt/vyatta/bin/sudo-users/command_proc_show_vpn show_vpn_ipsec_sa.xsl --pname detail --pval y --pname peer --pval "$7" diff --git a/templates/show/vpn/ipsec/sa/nat-traversal/node.def b/templates/show/vpn/ipsec/sa/nat-traversal/node.def index 0976e07..a51bbb0 100644 --- a/templates/show/vpn/ipsec/sa/nat-traversal/node.def +++ b/templates/show/vpn/ipsec/sa/nat-traversal/node.def @@ -1,2 +1,2 @@ help: Show all active IPsec Security Associations (SA) that are using NAT Traversal. -run: sudo /opt/vyatta/sbin/command_proc_show_vpn show_vpn_ipsec_sa.xsl --pname nat --pval enabled +run: sudo /opt/vyatta/bin/sudo-users/command_proc_show_vpn show_vpn_ipsec_sa.xsl --pname nat --pval enabled diff --git a/templates/show/vpn/ipsec/sa/node.def b/templates/show/vpn/ipsec/sa/node.def index e708c72..8a4b22f 100644 --- a/templates/show/vpn/ipsec/sa/node.def +++ b/templates/show/vpn/ipsec/sa/node.def @@ -1,2 +1,2 @@ help: Show all active IPsec Security Associations (SA). -run: sudo /opt/vyatta/sbin/command_proc_show_vpn show_vpn_ipsec_sa.xsl +run: sudo /opt/vyatta/bin/sudo-users/command_proc_show_vpn show_vpn_ipsec_sa.xsl diff --git a/templates/show/vpn/ipsec/sa/peer/node.tag/node.def b/templates/show/vpn/ipsec/sa/peer/node.tag/node.def index c797336..c8b3329 100644 --- a/templates/show/vpn/ipsec/sa/peer/node.tag/node.def +++ b/templates/show/vpn/ipsec/sa/peer/node.tag/node.def @@ -1,2 +1,2 @@ help: Show all active IPsec Security Associations (SA) for a specific peer. -run: sudo /opt/vyatta/sbin/command_proc_show_vpn show_vpn_ipsec_sa.xsl --pname peer --pval "$6" +run: sudo /opt/vyatta/bin/sudo-users/command_proc_show_vpn show_vpn_ipsec_sa.xsl --pname peer --pval "$6" diff --git a/templates/show/vpn/ipsec/sa/statistics/node.def b/templates/show/vpn/ipsec/sa/statistics/node.def index 4f38584..795c467 100644 --- a/templates/show/vpn/ipsec/sa/statistics/node.def +++ b/templates/show/vpn/ipsec/sa/statistics/node.def @@ -1,2 +1,2 @@ help: Show statistics on all active tunnels that have IPsec Security Associations (SA). -run: sudo /opt/vyatta/sbin/command_proc_show_vpn show_vpn_ipsec_sa_statistics.xsl +run: sudo /opt/vyatta/bin/sudo-users/command_proc_show_vpn show_vpn_ipsec_sa_statistics.xsl diff --git a/templates/show/vpn/ipsec/status/node.def b/templates/show/vpn/ipsec/status/node.def index 542280a..20c1060 100644 --- a/templates/show/vpn/ipsec/status/node.def +++ b/templates/show/vpn/ipsec/status/node.def @@ -1,2 +1,2 @@ help: Show the status of the IPsec process. -run: sudo /opt/vyatta/sbin/command_proc_show_vpn show_vpn_ipsec_status.xsl +run: sudo /opt/vyatta/bin/sudo-users/command_proc_show_vpn show_vpn_ipsec_status.xsl |