diff options
author | Christian Poessinger <christian@poessinger.com> | 2022-10-14 20:20:54 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-10-14 20:20:54 +0200 |
commit | 78f6b2fee6f133205c7e7cc381634a145f5a3b4c (patch) | |
tree | 04477e79e457a07c315940ce7e85cbfeac3d756b | |
parent | 80d258f1ad6de7981777dbd6254c00435d981a8f (diff) | |
parent | 372ccffe5bd1a9f44e18ae796b6f10b9ba5e95c8 (diff) | |
download | vyos-1x-78f6b2fee6f133205c7e7cc381634a145f5a3b4c.tar.gz vyos-1x-78f6b2fee6f133205c7e7cc381634a145f5a3b4c.zip |
Merge pull request #1598 from sever-sever/T4533
T4533: Allow basic permissions to unprivileged RADIUS users
-rw-r--r-- | src/etc/sudoers.d/vyos | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/src/etc/sudoers.d/vyos b/src/etc/sudoers.d/vyos index f760b417f..e0fd8cb0b 100644 --- a/src/etc/sudoers.d/vyos +++ b/src/etc/sudoers.d/vyos @@ -40,10 +40,13 @@ Cmnd_Alias PCAPTURE = /usr/bin/tcpdump Cmnd_Alias HWINFO = /usr/bin/lspci Cmnd_Alias FORCE_CLUSTER = /usr/share/heartbeat/hb_takeover, \ /usr/share/heartbeat/hb_standby +Cmnd_Alias DIAGNOSTICS = /bin/ip vrf exec * /bin/ping *, \ + /bin/ip vrf exec * /bin/traceroute *, \ + /usr/libexec/vyos/op_mode/* %operator ALL=NOPASSWD: DATE, IPTABLES, ETHTOOL, IPFLUSH, HWINFO, \ PPPOE_CMDS, PCAPTURE, /usr/sbin/wanpipemon, \ DMIDECODE, DISK, CONNTRACK, IP6TABLES, \ - FORCE_CLUSTER + FORCE_CLUSTER, DIAGNOSTICS # Allow any user to run files in sudo-users %users ALL=NOPASSWD: /opt/vyatta/bin/sudo-users/ |