From 880dee7985e9f147d4a95e28e7833a12b5c07de7 Mon Sep 17 00:00:00 2001
From: Arvindsrinivasan Lakshmi Narasimhan <arlakshm@microsoft.com>
Date: Fri, 19 Feb 2021 19:54:38 +0000
Subject: [PATCH 1/2] add ipintutil in sudoer file

Signed-off-by: Arvindsrinivasan Lakshmi Narasimhan <arlakshm@microsoft.com>
---
 files/image_config/sudoers/sudoers | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/files/image_config/sudoers/sudoers b/files/image_config/sudoers/sudoers
index 8ec8799c7cca..8cde58386a38 100644
--- a/files/image_config/sudoers/sudoers
+++ b/files/image_config/sudoers/sudoers
@@ -38,7 +38,8 @@ Cmnd_Alias      READ_ONLY_CMDS = /bin/cat /var/log/syslog*, \
                                  /usr/local/bin/psuutil *, \
                                  /usr/local/bin/sonic-installer list, \
                                  /usr/local/bin/sfputil show *, \
-                                 /bin/ip netns identify [0-9]*
+                                 /bin/ip netns identify [0-9]*, \
+                                 /usr/local/bin/ipintutil
                                  
 
 Cmnd_Alias      PASSWD_CMDS = /usr/local/bin/config tacacs passkey *, \

From fa65c62ec380a35c58a3b2f9e968c27c34c12d76 Mon Sep 17 00:00:00 2001
From: Arvindsrinivasan Lakshmi Narasimhan <arlakshm@microsoft.com>
Date: Mon, 22 Feb 2021 22:52:02 +0000
Subject: [PATCH 2/2] arrange read_only_cmds in alphabettical order

Signed-off-by: Arvindsrinivasan Lakshmi Narasimhan <arlakshm@microsoft.com>
---
 files/image_config/sudoers/sudoers | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/files/image_config/sudoers/sudoers b/files/image_config/sudoers/sudoers
index 8cde58386a38..fbe4cf1f7f91 100644
--- a/files/image_config/sudoers/sudoers
+++ b/files/image_config/sudoers/sudoers
@@ -20,6 +20,7 @@ Defaults        lecture_file = /etc/sudoers.lecture
 # Cmnd alias specification
 # Note: bcmcmd is dangerous for users in read only netgroups because it may operate ASIC
 Cmnd_Alias      READ_ONLY_CMDS = /bin/cat /var/log/syslog*, \
+                                 /bin/ip netns identify [0-9]*, \
                                  /sbin/brctl show, \
                                  /usr/bin/docker exec snmp cat /etc/snmp/snmpd.conf, \
                                  /usr/bin/docker exec bgp cat /etc/quagga/bgpd.conf, \
@@ -33,14 +34,13 @@ Cmnd_Alias      READ_ONLY_CMDS = /bin/cat /var/log/syslog*, \
                                  /usr/bin/vtysh -n [0-9] -c show *, \
                                  /usr/local/bin/decode-syseeprom, \
                                  /usr/local/bin/generate_dump, \
+                                 /usr/local/bin/ipintutil, \
                                  /usr/local/bin/lldpshow, \
                                  /usr/local/bin/pcieutil *, \
                                  /usr/local/bin/psuutil *, \
                                  /usr/local/bin/sonic-installer list, \
-                                 /usr/local/bin/sfputil show *, \
-                                 /bin/ip netns identify [0-9]*, \
-                                 /usr/local/bin/ipintutil
-                                 
+                                 /usr/local/bin/sfputil show *
+
 
 Cmnd_Alias      PASSWD_CMDS = /usr/local/bin/config tacacs passkey *, \
                               /usr/sbin/chpasswd *