summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2022-10-14 20:20:54 +0200
committerGitHub <noreply@github.com>2022-10-14 20:20:54 +0200
commit78f6b2fee6f133205c7e7cc381634a145f5a3b4c (patch)
tree04477e79e457a07c315940ce7e85cbfeac3d756b
parent80d258f1ad6de7981777dbd6254c00435d981a8f (diff)
parent372ccffe5bd1a9f44e18ae796b6f10b9ba5e95c8 (diff)
downloadvyos-1x-78f6b2fee6f133205c7e7cc381634a145f5a3b4c.tar.gz
vyos-1x-78f6b2fee6f133205c7e7cc381634a145f5a3b4c.zip
Merge pull request #1598 from sever-sever/T4533
T4533: Allow basic permissions to unprivileged RADIUS users
-rw-r--r--src/etc/sudoers.d/vyos5
1 files changed, 4 insertions, 1 deletions
diff --git a/src/etc/sudoers.d/vyos b/src/etc/sudoers.d/vyos
index f760b417f..e0fd8cb0b 100644
--- a/src/etc/sudoers.d/vyos
+++ b/src/etc/sudoers.d/vyos
@@ -40,10 +40,13 @@ Cmnd_Alias PCAPTURE = /usr/bin/tcpdump
Cmnd_Alias HWINFO = /usr/bin/lspci
Cmnd_Alias FORCE_CLUSTER = /usr/share/heartbeat/hb_takeover, \
/usr/share/heartbeat/hb_standby
+Cmnd_Alias DIAGNOSTICS = /bin/ip vrf exec * /bin/ping *, \
+ /bin/ip vrf exec * /bin/traceroute *, \
+ /usr/libexec/vyos/op_mode/*
%operator ALL=NOPASSWD: DATE, IPTABLES, ETHTOOL, IPFLUSH, HWINFO, \
PPPOE_CMDS, PCAPTURE, /usr/sbin/wanpipemon, \
DMIDECODE, DISK, CONNTRACK, IP6TABLES, \
- FORCE_CLUSTER
+ FORCE_CLUSTER, DIAGNOSTICS
# Allow any user to run files in sudo-users
%users ALL=NOPASSWD: /opt/vyatta/bin/sudo-users/