Improve sudo cat command for RO user. (#14428)
Improve sudo cat command for RO user. #### Why I did it RO user can use sudo command show none syslog files. #### How I did it Improve sudo cat command for RO user. #### How to verify it Pass all UT. Manually check fixed code work correctly. #### Description for the changelog Improve sudo cat command for RO user.
This commit is contained in:
parent
7230b59559
commit
4c059d8eb5
@ -19,7 +19,7 @@ Defaults lecture_file = /etc/sudoers.lecture
|
||||
|
||||
# Cmnd alias specification
|
||||
# Note: bcmcmd is dangerous for users in read only netgroups because it may operate ASIC
|
||||
Cmnd_Alias READ_ONLY_CMDS = /bin/cat /var/log/syslog*, \
|
||||
Cmnd_Alias READ_ONLY_CMDS = /bin/cat /var/log/syslog, /bin/cat /var/log/syslog.1 /var/log/syslog, /bin/cat /var/log/syslog.1, \
|
||||
/bin/ip netns identify [0-9]*, \
|
||||
/sbin/brctl show, \
|
||||
/usr/bin/docker exec snmp cat /etc/snmp/snmpd.conf, \
|
||||
|
Loading…
Reference in New Issue
Block a user