diff --git a/Shorewall/shorewall b/Shorewall/shorewall index 006de07a6..9755ec4bd 100755 --- a/Shorewall/shorewall +++ b/Shorewall/shorewall @@ -120,7 +120,7 @@ # get_config() { - if [ -z "$EXPORT" -a "$(whoami)" = root ]; then + if [ -z "$EXPORT" -a "$(id -u)" = 0 ]; then # # This block is avoided for compile for export and when the user isn't root # @@ -882,7 +882,7 @@ try_command() { # reload_command() # $* = original arguments less the command. { - local verbose=$(make_verbose) file= capabilities= finished=0 saveit= result directory system getcaps= + local verbose=$(make_verbose) file= capabilities= finished=0 saveit= result directory system getcaps= root=root [ -n "$LITEDIR" ] || fatal_error "ERROR: LITEDIR not defined in ${SHAREDIR}/configpath" @@ -906,6 +906,12 @@ reload_command() # $* = original arguments less the command. getcaps=Yes option=${option#c} ;; + r) + [ $# -gt 1 ] || fatal_error "Missing Root User name" + root=$2 + option= + shift + ;; *) usage 1 ;; @@ -941,8 +947,8 @@ reload_command() # $* = original arguments less the command. if [ -n "$getcaps" ]; then progress_message "Getting Capabilities on system $system..." - if ! ssh root@${system} "/sbin/shorewall-lite show -f capabilities > ${LITEDIR}/capabilities" || \ - ! scp root@$system:${LITEDIR}/capabilities $directory; then + if ! ssh ${root}@${system} "/sbin/shorewall-lite show -f capabilities > ${LITEDIR}/capabilities" || \ + ! scp ${root}@$system:${LITEDIR}/capabilities $directory; then fatal_error "ERROR: Capturing capabilities on system $system failed" fi fi @@ -951,19 +957,19 @@ reload_command() # $* = original arguments less the command. if shorewall $debugging $verbose compile -e $directory $directory/firewall && \ progress_message "Copying $file and ${file}.conf to ${system}:${LITEDIR}..." && \ - scp $directory/firewall $directory/firewall.conf root@${system}:${LITEDIR} + scp $directory/firewall $directory/firewall.conf ${root}@${system}:${LITEDIR} then echo "Copy complete" if [ $COMMAND = reload ]; then - ssh root@${system} "/sbin/shorewall-lite $debugging $verbose restart" && \ + ssh ${root}@${system} "/sbin/shorewall-lite $debugging $verbose restart" && \ progress_message3 "System $system reloaded" || saveit= else - ssh root@${system} "/sbin/shorewall-lite $debugging $verbose restart" && \ + ssh ${root}@${system} "/sbin/shorewall-lite $debugging $verbose restart" && \ progress_message3 "System $system reloaded" || saveit= fi if [ -n "$saveit" ]; then - ssh root@${system} "/sbin/shorewall-lite $debugging $verbose save" && \ + ssh ${root}@${system} "/sbin/shorewall-lite $debugging $verbose save" && \ progress_message3 "Configuration on system $system saved" fi fi @@ -1055,13 +1061,13 @@ usage() # $1 = exit status echo " ipcalc {
/ |
}" echo " ipdecimal {
| }" echo " iprange
-
" - echo " load [ -s ] [ -c ] [ ] " + echo " load [ -s ] [ -c ] [ -r ] [ ] " echo " logdrop
..." echo " logreject
..." echo " logwatch []" echo " refresh" echo " reject
..." - echo " reload [ -s ] [ -c ] [ ] " + echo " reload [ -s ] [ -c ] [ -r ] [ ] " echo " reset" echo " restart [ -n ] [ ]" echo " restore [ -n ] [ ]"