diff options
author | Christian Breunig <christian@breunig.cc> | 2023-10-04 20:57:12 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-10-04 20:57:12 +0200 |
commit | 26b8e8af88dcab4988389afd8bdc4a8ec33f5ffe (patch) | |
tree | 8e8b9ee4c6eefcef866ab00c1a434a428df147ec | |
parent | 53bc1627c09d7b6559aaafabfac69a7427e8e38c (diff) | |
parent | 12069d5653034b46a47430353c3867b3678c196f (diff) | |
download | vyos-1x-26b8e8af88dcab4988389afd8bdc4a8ec33f5ffe.tar.gz vyos-1x-26b8e8af88dcab4988389afd8bdc4a8ec33f5ffe.zip |
Merge pull request #2336 from c-po/t5521-home-dir
login: T5521: do not call system-login.py in vyos-router init
-rwxr-xr-x | src/init/vyos-router | 22 |
1 files changed, 21 insertions, 1 deletions
diff --git a/src/init/vyos-router b/src/init/vyos-router index dd63921e0..35095afe4 100755 --- a/src/init/vyos-router +++ b/src/init/vyos-router @@ -234,6 +234,27 @@ cleanup_post_commit_hooks () { # system defaults. security_reset () { + + # restore NSS cofniguration back to sane system defaults + # will be overwritten later when configuration is loaded + cat <<EOF >/etc/nsswitch.conf +passwd: files +group: files +shadow: files +gshadow: files + +# Per T2678, commenting out myhostname +hosts: files dns #myhostname +networks: files + +protocols: db files +services: db files +ethers: db files +rpc: db files + +netgroup: nis +EOF + # restore PAM back to virgin state (no radius/tacacs services) pam-auth-update --disable radius-mandatory radius-optional rm -f /etc/pam_radius_auth.conf @@ -349,7 +370,6 @@ start () # As VyOS does not execute commands that are not present in the CLI we call # the script by hand to have a single source for the login banner and MOTD ${vyos_conf_scripts_dir}/system_console.py || log_failure_msg "could not reset serial console" - ${vyos_conf_scripts_dir}/system-login.py || log_failure_msg "could not reset system login" ${vyos_conf_scripts_dir}/system-login-banner.py || log_failure_msg "could not reset motd and issue files" ${vyos_conf_scripts_dir}/system-option.py || log_failure_msg "could not reset system option files" ${vyos_conf_scripts_dir}/system-ip.py || log_failure_msg "could not reset system IPv4 options" |