diff options
| -rw-r--r-- | Makefile.am | 1 | ||||
| -rwxr-xr-x | scripts/vyatta-sudo | 21 | ||||
| -rw-r--r-- | templates/show/system/login/users/locked/node.def | 2 | ||||
| -rw-r--r-- | templates/show/system/login/users/node.def | 2 | ||||
| -rw-r--r-- | templates/show/system/login/users/other/node.def | 2 |
5 files changed, 25 insertions, 3 deletions
diff --git a/Makefile.am b/Makefile.am index a9deebe..3629785 100644 --- a/Makefile.am +++ b/Makefile.am @@ -23,6 +23,7 @@ bin_SCRIPTS += scripts/yesno bin_SCRIPTS += scripts/vyatta-gettime.pl bin_SCRIPTS += scripts/show-users.pl bin_SCRIPTS += scripts/vyatta-boot-image.pl +bin_SCRIPTS += scripts/vyatta-sudo bin_sudo_users_SCRIPTS = scripts/vyatta-identify-interface.pl bin_sudo_users_SCRIPTS += scripts/vyatta-delete-log-file.sh diff --git a/scripts/vyatta-sudo b/scripts/vyatta-sudo new file mode 100755 index 0000000..bb95ae5 --- /dev/null +++ b/scripts/vyatta-sudo @@ -0,0 +1,21 @@ +#! /usr/bin/perl +# + +# Look if user is in sudo group +use strict; +use warnings; + +sub isadmin { + my $gid = getgrnam("sudo"); + return unless $gid; + + # is $gid in list of current groups + return grep { $_ eq $gid } split / /, $(; +} + +die "Missing command arguement\n" unless @ARGV; + +exec ('sudo', @ARGV ) if (isadmin()); + +print "This account is not authorized to run this command\n"; +exit 1; diff --git a/templates/show/system/login/users/locked/node.def b/templates/show/system/login/users/locked/node.def index ebd84a0..354c204 100644 --- a/templates/show/system/login/users/locked/node.def +++ b/templates/show/system/login/users/locked/node.def @@ -1,2 +1,2 @@ help: Show information about locked accounts -run: sudo /opt/vyatta/bin/show-users.pl locked +run: ${vyatta_bindir}/vyatta-sudo /opt/vyatta/bin/show-users.pl locked diff --git a/templates/show/system/login/users/node.def b/templates/show/system/login/users/node.def index 7f3101a..5943122 100644 --- a/templates/show/system/login/users/node.def +++ b/templates/show/system/login/users/node.def @@ -1,2 +1,2 @@ help: Show user account information -run: sudo /opt/vyatta/bin/show-users.pl +run: ${vyatta_bindir}/vyatta-sudo /opt/vyatta/bin/show-users.pl diff --git a/templates/show/system/login/users/other/node.def b/templates/show/system/login/users/other/node.def index 4c99637..77c4683 100644 --- a/templates/show/system/login/users/other/node.def +++ b/templates/show/system/login/users/other/node.def @@ -1,2 +1,2 @@ help: Show information about non-Vyatta accounts -run: sudo /opt/vyatta/bin/show-users.pl other +run: ${vyatta_bindir}/vyatta-sudo /opt/vyatta/bin/show-users.pl other |