From f166b991a71d95a24294c25f61036c174dee8e12 Mon Sep 17 00:00:00 2001
From: liuh-80 <58683130+liuh-80@users.noreply.github.com>
Date: Mon, 17 Jan 2022 16:26:22 +0800
Subject: [PATCH] [image]: Prevent radius passkey and snmp community string
 into syslog.  (#9727)

[image]: Prevent radius passkey and snmp community string into syslog.  (#9727)

#### Why I did it
    Prevent radius passkey and snmp community string into syslog.

#### How I did it
    Add radius and snmp config command to PASSWD_CMDS

#### How to verify it
    Run and pass all UTs.

#### Which release branch to backport (provide reason below if selected)

<!--
- Note we only backport fixes to a release branch, *not* features!
- Please also provide a reason for the backporting below.
- e.g.
- [x] 202006
-->

- [ ] 201811
- [ ] 201911
- [ ] 202006
- [ ] 202012
- [ ] 202106

#### Description for the changelog
    Add radius and snmp config command to PASSWD_CMDS to prevent radius passkey and snmp community string into syslog.

#### A picture of a cute animal (not mandatory but encouraged)
---
 files/image_config/sudoers/sudoers | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/files/image_config/sudoers/sudoers b/files/image_config/sudoers/sudoers
index 42dd6d5ec7..f09445e1ed 100644
--- a/files/image_config/sudoers/sudoers
+++ b/files/image_config/sudoers/sudoers
@@ -46,6 +46,10 @@ Cmnd_Alias      READ_ONLY_CMDS = /bin/cat /var/log/syslog*, \
 
 
 Cmnd_Alias      PASSWD_CMDS = /usr/local/bin/config tacacs passkey *, \
+                              /usr/local/bin/config radius passkey *, \
+                              /usr/local/bin/config snmp community add *, \
+                              /usr/local/bin/config snmp community del *, \
+                              /usr/local/bin/config snmp community replace * *, \
                               /usr/sbin/chpasswd *
 
 # User privilege specification