summaryrefslogtreecommitdiff
path: root/functions/interpreter/vyatta-unpriv
blob: 0b0731770cbad6ab612239eba24989cab0e38a8f (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80

#!/bin/bash
source /opt/vyatta/share/vyatta-op/functions/interpreter/vyatta-common

declare -a op_allowed
declare -a toplevel

op_allowed=( $(cat /opt/vyatta/etc/shell/level/users/allowed-op.in) )
toplevel=( $(ls /opt/vyatta/share/vyatta-op/templates/) )

vyatta_unpriv_ambiguous ()
{
  local -a filtered_cmds=()
  get_prefix_filtered_list $1 op_allowed filtered_cmds
  _vyatta_op_node_path=${vyatta_op_templates}
  comps=$(_vyatta_op_help $1 ${filtered_cmds[@]})
  echo -e "$comps\n" | sed -e 's/^P/  P/'
}

vyatta_unpriv_init ()
{
  # empty and default line compeletion
  complete -E -F _vyatta_op_expand
  complete -D -F _vyatta_op_default_expand

  for cmd in "${op_allowed[@]}"; do
    if is_elem_of ${cmd} toplevel; then
      for pos in $(seq 1 ${#cmd}); do
         case ${cmd:0:$pos} in
            for|do|done|if|fi|case|while|tr )
              continue ;;
            *) ;;
          esac 
          local -a filtered_cmds=()
          get_prefix_filtered_list ${cmd:0:$pos} op_allowed filtered_cmds
          local found
          is_elem_of "${cmd:0:$pos}" op_allowed
          found=$?
          if [[ "${#filtered_cmds[@]}" == "1" || "${cmd:0:$pos}" == "$cmd"  || "$found" == "0" ]]; then
            local fcmd
            if [[ "${#filtered_cmds[@]}" == "1" ]]; then
              fcmd=${filtered_cmds[0]}
            elif is_elem_of "${cmd:0:$pos}" op_allowed; then
              fcmd=${cmd:0:$pos}
            else
              fcmd=$cmd
            fi
            eval alias ${cmd:0:$pos}=\'_vyatta_op_run $fcmd\'
          else
            eval alias ${cmd:0:$pos}=\'vyatta_unpriv_ambiguous ${cmd:0:$pos}\'
          fi
          complete -F _vyatta_op_expand ${cmd:0:$pos}
      done
    fi
  done
  if [[ "$VYATTA_USER_LEVEL_DIR" == "/opt/vyatta/etc/shell/level/users" ]]; then
    PS1='\u@\h> '
  fi
}

vyatta_unpriv_gen_allowed () {
  local -a allowed_cmds=()
  rm -rf /opt/vyatta/etc/shell/level/users/allowed-op
  for cmd in "${op_allowed[@]}"; do
    if is_elem_of ${cmd} toplevel; then
      for pos in $(seq 1 ${#cmd}); do
         case ${cmd:0:$pos} in
            for|do|done|if|fi|case|while|tr )
              continue ;;
            *) ;;
          esac 
      if ! is_elem_of ${cmd:0:$pos} allowed_cmds; then
        allowed_cmds+=( ${cmd:0:$pos} )
        echo ${cmd:0:$pos} >>  /opt/vyatta/etc/shell/level/users/allowed-op
      fi
      done
    else
      echo ${cmd} >>  /opt/vyatta/etc/shell/level/users/allowed-op
    fi
  done
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-10 03:44:24 +0000