Import configuration files from vyatta-cfg-system

author: Christian Poessinger <christian@poessinger.com> 2021-06-26 22:53:25 +0200
committer: Christian Poessinger <christian@poessinger.com> 2021-06-26 22:53:25 +0200
commit: 0f6ec4722215c1d6692a6513c1cd60973f2d289d (patch)
tree: 97adf21ac138fb583c09952332602db9db29f111 /src/etc/security
parent: 87c7a1243e0b643f1d15acd13ed79b98633acb3a (diff)
download: vyos-1x-0f6ec4722215c1d6692a6513c1cd60973f2d289d.tar.gz
vyos-1x-0f6ec4722215c1d6692a6513c1cd60973f2d289d.zip
1 files changed, 10 insertions, 0 deletions
diff --git a/src/etc/security/capability.conf b/src/etc/security/capability.conf
new file mode 100644
index 000000000..0a7235f16
--- /dev/null
+++ b/src/etc/security/capability.conf
@@ -0,0 +1,10 @@
+# this is a capability file (used in conjunction with the pam_cap.so module)
+
+# Special capability for Vyatta admin
+all %vyattacfg
+
+# Vyatta Operator
+cap_net_admin,cap_sys_boot,cap_audit_write	%vyattaop
+
+## 'everyone else' gets no inheritable capabilities
+none  *
author	Christian Poessinger <christian@poessinger.com>	2021-06-26 22:53:25 +0200
committer	Christian Poessinger <christian@poessinger.com>	2021-06-26 22:53:25 +0200
commit	0f6ec4722215c1d6692a6513c1cd60973f2d289d (patch)
tree	97adf21ac138fb583c09952332602db9db29f111 /src/etc/security
parent	87c7a1243e0b643f1d15acd13ed79b98633acb3a (diff)
download	vyos-1x-0f6ec4722215c1d6692a6513c1cd60973f2d289d.tar.gz vyos-1x-0f6ec4722215c1d6692a6513c1cd60973f2d289d.zip