Skip to content

Commit

Permalink
Add the vtysh command with newly added "-n" option for multi asic to …
Browse files Browse the repository at this point in the history 
…the read_only_cmds (sonic-net#5845)

In multi asic platforms the "show ip bgp summary" commands is not available for user with read only privileges, so to fix this the vtysh command with the new "-n" option, added for multi asic platforms, needs to be added to the READ_ONLY_COMMANDS list in the sudoers files. Added the command vtysh -n [0-9] -c show * to list of READ_ONLY_COMMANDS in the sudoers files in this commit.

Signed-off-by: Arvindsrinivasan Lakshmi Narasimhan <[email protected]>
  • Loading branch information
@arlakshm @santhosh-kt
arlakshm authored and santhosh-kt committed Feb 25, 2021
1 parent 7e6d7e9 commit 3d89afa
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions files/image_config/sudoers/sudoers
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@ Cmnd_Alias READ_ONLY_CMDS = /bin/cat /var/log/syslog*, \
/usr/bin/sensors, \
/usr/bin/tail -F /var/log/syslog, \
/usr/bin/vtysh -c show *, \
/usr/bin/vtysh -n [0-9] -c show *, \
/usr/local/bin/decode-syseeprom, \
/usr/local/bin/generate_dump, \
/usr/local/bin/lldpshow, \
Expand Down

0 comments on commit 3d89afa

Please sign in to comment.