matthew/sonic-buildimage
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[baseimage] add ipintutil in sudoer file (#6845)

Browse Source 
show ip interfaces is enhanced recently to support multi ASIC platforms in this PR- https://github.com/Azure/sonic-utilities/pull/1396 .
The ipintutil script as to run as sudo user, to get the ip interface from each namespace.
Add this script to the sudoer file so that show ip interface command is available for user with read-only permissions

Signed-off-by: Arvindsrinivasan Lakshmi Narasimhan <arlakshm@microsoft.com>
This commit is contained in:
arlakshm 2021-02-22 23:34:28 -08:00 committed by Guohan Lu
parent 65ac29627d
commit cc6e521b40
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
files/image_config/sudoers/sudoers
View File

@ -20,6 +20,7 @@ Defaults lecture_file = /etc/sudoers.lecture
# Cmnd alias specification # Cmnd alias specification
# Note: bcmcmd is dangerous for users in read only netgroups because it may operate ASIC # Note: bcmcmd is dangerous for users in read only netgroups because it may operate ASIC
Cmnd_Alias READ_ONLY_CMDS = /bin/cat /var/log/syslog*, \ Cmnd_Alias READ_ONLY_CMDS = /bin/cat /var/log/syslog*, \
/bin/ip netns identify [0-9]*, \
/sbin/brctl show, \ /sbin/brctl show, \
/usr/bin/docker exec snmp cat /etc/snmp/snmpd.conf, \ /usr/bin/docker exec snmp cat /etc/snmp/snmpd.conf, \
/usr/bin/docker exec bgp cat /etc/quagga/bgpd.conf, \ /usr/bin/docker exec bgp cat /etc/quagga/bgpd.conf, \
@ -33,12 +34,12 @@ Cmnd_Alias READ_ONLY_CMDS = /bin/cat /var/log/syslog*, \
/usr/bin/vtysh -n [0-9] -c show *, \ /usr/bin/vtysh -n [0-9] -c show *, \
/usr/local/bin/decode-syseeprom, \ /usr/local/bin/decode-syseeprom, \
/usr/local/bin/generate_dump, \ /usr/local/bin/generate_dump, \
/usr/local/bin/ipintutil, \
/usr/local/bin/lldpshow, \ /usr/local/bin/lldpshow, \
/usr/local/bin/pcieutil *, \ /usr/local/bin/pcieutil *, \
/usr/local/bin/psuutil *, \ /usr/local/bin/psuutil *, \
/usr/local/bin/sonic-installer list, \ /usr/local/bin/sonic-installer list, \
/usr/local/bin/sfputil show *, \ /usr/local/bin/sfputil show *
/bin/ip netns identify [0-9]*
Cmnd_Alias PASSWD_CMDS = /usr/local/bin/config tacacs passkey *, \ Cmnd_Alias PASSWD_CMDS = /usr/local/bin/config tacacs passkey *, \