matthew/sonic-buildimage
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[baseimage] add ipintutil in sudoer file (#6845)

Browse Source 
show ip interfaces is enhanced recently to support multi ASIC platforms in this PR- https://github.com/Azure/sonic-utilities/pull/1396 .
The ipintutil script as to run as sudo user, to get the ip interface from each namespace.
Add this script to the sudoer file so that show ip interface command is available for user with read-only permissions

Signed-off-by: Arvindsrinivasan Lakshmi Narasimhan <arlakshm@microsoft.com>
This commit is contained in:
arlakshm 2021-02-22 23:34:28 -08:00 committed by GitHub
parent a2b7cdfda3
commit f77157f09d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
files/image_config/sudoers/sudoers
View File

@ -20,6 +20,7 @@ Defaults lecture_file = /etc/sudoers.lecture
# Cmnd alias specification
# Note: bcmcmd is dangerous for users in read only netgroups because it may operate ASIC
Cmnd_Alias READ_ONLY_CMDS = /bin/cat /var/log/syslog*, \
/bin/ip netns identify [0-9]*, \
/sbin/brctl show, \
/usr/bin/docker exec snmp cat /etc/snmp/snmpd.conf, \
/usr/bin/docker exec bgp cat /etc/quagga/bgpd.conf, \
@ -33,13 +34,13 @@ Cmnd_Alias READ_ONLY_CMDS = /bin/cat /var/log/syslog*, \
/usr/bin/vtysh -n [0-9] -c show *, \
/usr/local/bin/decode-syseeprom, \
/usr/local/bin/generate_dump, \
/usr/local/bin/ipintutil, \
/usr/local/bin/lldpshow, \
/usr/local/bin/pcieutil *, \
/usr/local/bin/psuutil *, \
/usr/local/bin/sonic-installer list, \
/usr/local/bin/sfputil show *, \
/bin/ip netns identify [0-9]*
/usr/local/bin/sfputil show *
Cmnd_Alias PASSWD_CMDS = /usr/local/bin/config tacacs passkey *, \
/usr/sbin/chpasswd *