| Age | Commit message (Collapse) | Author |
|---|
|
Right now every command that's executed via op-mode/conf-mode is logged with a
session entry/exit and command execution into syslog.
sudo[1082396]: vyos : TTY=pts/1 ; PWD=/home/vyos ; USER=root ; COMMAND=/usr/bin/mv /tmp/config.boot.1082388 /opt/vyatta/etc/config/archive/config.boot
sudo[1082396]: pam_unix(sudo:session): session opened for user root(uid=0) by vyos(uid=1002)
sudo[1082396]: pam_unix(sudo:session): session closed for user root
sudo[1082399]: vyos : TTY=pts/1 ; PWD=/home/vyos ; USER=root ; COMMAND=/usr/sbin/logrotate -f -s /opt/vyatta/etc/config/archive/lr.state /opt/vyatta/etc/config/archive/lr.conf
sudo[1082399]: pam_unix(sudo:session): session opened for user root(uid=0) by vyos(uid=1002)
sudo[1082399]: pam_unix(sudo:session): session closed for user root
This heavily bloats remote logging services - remove the log entries
|
|
vyos@vyos:~$ show ver
...
Architecture: x86_64
Boot via: installed image
System type: KVM guest
Secure Boot: enabled
...
|
|
|
|
|
|
Unprivileged RADIUS users cannot do simple diagnostics like ping
or traceroute. Allow them such tools.
Ability to execute op-mode commands for them.
It is not new 'operator mode' feature but it allows RADIUS users
execute op-mode commands
|
|
|
