sonic-buildimage/dockers/docker-fpm-frr/base_image_files/rvtysh

#!/bin/bash

# The command rvtysh can be run as root priviledge by any user without password, only allow to execute readonly commands.

# The options in the show command cannot contains any charactors to run multiple sub-commands potentially, such as "\n", "\r", "|", "&", "$" and ";".
if printf -- "$*" | grep -qPz '[\n\r|&$;]'; then
    echo "Not allow to run the command, please use the comand 'sudo vtysh' instead." 1>&2
    exit 1
fi

# The sub commands must start with "show"
LAST_PARAM=
for param in "$@"
do
    if [ "$LAST_PARAM" == "-c" ] && [[ "$param" != show*  ]]; then
        echo "Not allow to run the command '$param', please use the comand 'sudo vtysh' instead." 1>&2
        exit 1
    fi
    LAST_PARAM=$param
done

vtysh "$@"
Support readonly vtysh for sudoers (#7383) Why I did it Support readonly version of the command vtysh How I did it Check if the command starting with "show", and verify only contains single command in script. 2021-04-25 03:32:02 -05:00			`#!/bin/bash`

			`# The command rvtysh can be run as root priviledge by any user without password, only allow to execute readonly commands.`

			`# The options in the show command cannot contains any charactors to run multiple sub-commands potentially, such as "\n", "\r", "\|", "&", "$" and ";".`
			`if printf -- "$*" \| grep -qPz '[\n\r\|&$;]'; then`
			`echo "Not allow to run the command, please use the comand 'sudo vtysh' instead." 1>&2`
			`exit 1`
			`fi`

			`# The sub commands must start with "show"`
Fix the type issue in rvtysh (#7648) Why I did it Change the type issue in the command rvtysh change PARA/para to PARAM/param 2021-05-20 08:35:23 -05:00			`LAST_PARAM=`
			`for param in "$@"`
Support readonly vtysh for sudoers (#7383) Why I did it Support readonly version of the command vtysh How I did it Check if the command starting with "show", and verify only contains single command in script. 2021-04-25 03:32:02 -05:00			`do`
Fix the type issue in rvtysh (#7648) Why I did it Change the type issue in the command rvtysh change PARA/para to PARAM/param 2021-05-20 08:35:23 -05:00			`if [ "$LAST_PARAM" == "-c" ] && [[ "$param" != show* ]]; then`
			`echo "Not allow to run the command '$param', please use the comand 'sudo vtysh' instead." 1>&2`
Support readonly vtysh for sudoers (#7383) Why I did it Support readonly version of the command vtysh How I did it Check if the command starting with "show", and verify only contains single command in script. 2021-04-25 03:32:02 -05:00			`exit 1`
			`fi`
Fix the type issue in rvtysh (#7648) Why I did it Change the type issue in the command rvtysh change PARA/para to PARAM/param 2021-05-20 08:35:23 -05:00			`LAST_PARAM=$param`
Support readonly vtysh for sudoers (#7383) Why I did it Support readonly version of the command vtysh How I did it Check if the command starting with "show", and verify only contains single command in script. 2021-04-25 03:32:02 -05:00			`done`

			`vtysh "$@"`