extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-11 20:26:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

Permit 'root' user to be other than 'root'

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5098 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2006-12-11 18:42:53 +00:00
parent 84dd22a4eb
commit 08ee06ee83
1 changed files with 16 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
Shorewall/shorewall
View File

@ -120,7 +120,7 @@
# #
get_config() { get_config() {
if [ -z "$EXPORT" -a "$(whoami)" = root ]; then if [ -z "$EXPORT" -a "$(id -u)" = 0 ]; then
# #
# This block is avoided for compile for export and when the user isn't root # This block is avoided for compile for export and when the user isn't root
# #
@ -882,7 +882,7 @@ try_command() {
# #
reload_command() # $* = original arguments less the command. reload_command() # $* = original arguments less the command.
{ {
local verbose=$(make_verbose) file= capabilities= finished=0 saveit= result directory system getcaps= local verbose=$(make_verbose) file= capabilities= finished=0 saveit= result directory system getcaps= root=root
[ -n "$LITEDIR" ] || fatal_error "ERROR: LITEDIR not defined in ${SHAREDIR}/configpath" [ -n "$LITEDIR" ] || fatal_error "ERROR: LITEDIR not defined in ${SHAREDIR}/configpath"
@ -906,6 +906,12 @@ reload_command() # $* = original arguments less the command.
getcaps=Yes getcaps=Yes
option=${option#c} option=${option#c}
;; ;;
r)
[ $# -gt 1 ] || fatal_error "Missing Root User name"
root=$2
option=
shift
;;
*) *)
usage 1 usage 1
;; ;;
@ -941,8 +947,8 @@ reload_command() # $* = original arguments less the command.
if [ -n "$getcaps" ]; then if [ -n "$getcaps" ]; then
progress_message "Getting Capabilities on system $system..." progress_message "Getting Capabilities on system $system..."
if ! ssh root@${system} "/sbin/shorewall-lite show -f capabilities > ${LITEDIR}/capabilities" || \ if ! ssh ${root}@${system} "/sbin/shorewall-lite show -f capabilities > ${LITEDIR}/capabilities" || \
! scp root@$system:${LITEDIR}/capabilities $directory; then ! scp ${root}@$system:${LITEDIR}/capabilities $directory; then
fatal_error "ERROR: Capturing capabilities on system $system failed" fatal_error "ERROR: Capturing capabilities on system $system failed"
fi fi
fi fi
@ -951,19 +957,19 @@ reload_command() # $* = original arguments less the command.
if shorewall $debugging $verbose compile -e $directory $directory/firewall && \ if shorewall $debugging $verbose compile -e $directory $directory/firewall && \
progress_message "Copying $file and ${file}.conf to ${system}:${LITEDIR}..." && \ progress_message "Copying $file and ${file}.conf to ${system}:${LITEDIR}..." && \
scp $directory/firewall $directory/firewall.conf root@${system}:${LITEDIR} scp $directory/firewall $directory/firewall.conf ${root}@${system}:${LITEDIR}
then then
echo "Copy complete" echo "Copy complete"
if [ $COMMAND = reload ]; then if [ $COMMAND = reload ]; then
ssh root@${system} "/sbin/shorewall-lite $debugging $verbose restart" && \ ssh ${root}@${system} "/sbin/shorewall-lite $debugging $verbose restart" && \
progress_message3 "System $system reloaded" || saveit= progress_message3 "System $system reloaded" || saveit=
else else
ssh root@${system} "/sbin/shorewall-lite $debugging $verbose restart" && \ ssh ${root}@${system} "/sbin/shorewall-lite $debugging $verbose restart" && \
progress_message3 "System $system reloaded" || saveit= progress_message3 "System $system reloaded" || saveit=
fi fi
if [ -n "$saveit" ]; then if [ -n "$saveit" ]; then
ssh root@${system} "/sbin/shorewall-lite $debugging $verbose save" && \ ssh ${root}@${system} "/sbin/shorewall-lite $debugging $verbose save" && \
progress_message3 "Configuration on system $system saved" progress_message3 "Configuration on system $system saved"
fi fi
fi fi
@ -1055,13 +1061,13 @@ usage() # $1 = exit status
echo " ipcalc { <address>/<vlsm> | <address> <netmask> }" echo " ipcalc { <address>/<vlsm> | <address> <netmask> }"
echo " ipdecimal { <address> | <integer> }" echo " ipdecimal { <address> | <integer> }"
echo " iprange <address>-<address>" echo " iprange <address>-<address>"
echo " load [ -s ] [ -c ] [ <directory> ] <system>" echo " load [ -s ] [ -c ] [ -r <root user> ] [ <directory> ] <system>"
echo " logdrop <address> ..." echo " logdrop <address> ..."
echo " logreject <address> ..." echo " logreject <address> ..."
echo " logwatch [<refresh interval>]" echo " logwatch [<refresh interval>]"
echo " refresh" echo " refresh"
echo " reject <address> ..." echo " reject <address> ..."
echo " reload [ -s ] [ -c ] [ <directory> ] <system>" echo " reload [ -s ] [ -c ] [ -r <root user> ] [ <directory> ] <system>"
echo " reset" echo " reset"
echo " restart [ -n ] [ <directory> ]" echo " restart [ -n ] [ <directory> ]"
echo " restore [ -n ] [ <file name> ]" echo " restore [ -n ] [ <file name> ]"