1. 24 May, 2021 1 commit
  2. 11 Mar, 2021 1 commit
    • Daniel Golle's avatar
      sys: packagelist: drop ABI version from package name · ccb75178
      Daniel Golle authored
      Having the ABI version appended to the package name is not very helpful
      when checking for updated versions of a package online or requesting
      a new image for the device from an updater service. In both cases,
      the ABI version could have been bumped meanwhile and that name is then
      simply not found.
      Resolve this by removing the appended ABI version in the output of the
      rpc-sys packagelist call.
      Signed-off-by: default avatarDaniel Golle <daniel@makrotopia.org>
  3. 17 Jan, 2021 1 commit
  4. 06 Jan, 2021 1 commit
  5. 05 Jan, 2021 4 commits
  6. 18 Sep, 2020 1 commit
  7. 10 Sep, 2020 1 commit
    • Rafał Miłecki's avatar
      rc: new ubus object for handling /etc/init.d/ scripts · 646daa0b
      Rafał Miłecki authored
      This commit adds "rc" ubus object with methods "list" and "exec" for
      listing and calling init.d script appropriately. It's useful for all
      kind of UIs (e.g. LuCI) and custom apps.
      root@OpenWrt:~# ubus call rc list
      	"blockd": {
      		"start": 80,
      		"enabled": true,
      		"running": true
      	"dnsmasq": {
      		"start": 19,
      		"enabled": true,
      		"running": true
      root@OpenWrt:~# ubus call rc init '{ "name": "blockd", "action": "disable" }'
      root@OpenWrt:~# ubus call rc init '{ "name": "dnsmasq", "action": "stop" }'
      root@OpenWrt:~# ubus call rc list
      	"blockd": {
      		"start": 80,
      		"enabled": false,
      		"running": true
      	"dnsmasq": {
      		"start": 19,
      		"enabled": true,
      		"running": false
      Signed-off-by: default avatarRafał Miłecki <rafal@milecki.pl>
      Acked-by: default avatarJo-Philipp Wich <jo@mein.io>
  8. 26 May, 2020 1 commit
  9. 17 Mar, 2020 1 commit
    • Fabian Bläse's avatar
      session: deny access if password login is disabled · 3df62bce
      Fabian Bläse authored
      The special characters '!' and '*' in /etc/shadow are
      used to disable password login for a specific account.
      The character 'x' has no special meaning, but should not
      be interpreted as an empty password.
      However, rpcd did treat these special characters like no
      password was set, which allows access even though the account
      is disabled.
      By removing the additional checks for these characters, the
      encrypted password string is passed to crypt, which returns NULL
      if the salt has an invalid format and therefore access is denied.
      Fixes: FS#2634
      Signed-off-by: default avatarFabian Bläse <fabian@blaese.de>
  10. 05 Jan, 2020 1 commit
  11. 11 Dec, 2019 1 commit
    • Jo-Philipp Wich's avatar
      file: extend exec acl checks to commands with arguments · aaa08366
      Jo-Philipp Wich authored
      When the initial exec permission check on the executable path fails,
      concatenate the command line with spaces and use the resulting string
      as lookup path for a second exec permission check.
      This allows for exec acls similar to this example:
          "file": {
              "/usr/bin/program --flag --option=1 arg *": [ "exec" ]
      The example above would allow executing `/usr/bin/program` with the
      arguments `--flag`, `--option=1` and `arg` in exactly this order,
      followed by any number of optional arguments as denoted by the
      Signed-off-by: default avatarJo-Philipp Wich <jo@mein.io>
  12. 10 Nov, 2019 1 commit
  13. 29 Oct, 2019 9 commits
  14. 17 Oct, 2019 1 commit
    • Jo-Philipp Wich's avatar
      plugin: fix leaking invoked method name for exec plugins · 37aa9196
      Jo-Philipp Wich authored
      The invoked method name was separately duplicated from the call_context
      structure. The structure itself is eventually freed by rpc_exec_reply()
      but the method string it points to is lost after that.
      Use calloc_a() instead to allocate the string copy buffer together with
      the context structure, to ensure that all involved memory is freed.
      Signed-off-by: default avatarJo-Philipp Wich <jo@mein.io>
  15. 21 Sep, 2019 1 commit
  16. 09 Sep, 2019 1 commit
  17. 08 Sep, 2019 1 commit
    • Jo-Philipp Wich's avatar
      file: refactor message parsing and permission checking · 69eeb1b4
      Jo-Philipp Wich authored
      Refactor rpc_check_path() and wrap it with a macro to allow passing
      different policies and permission names.
      This allows using the function for non-read operations and simplifies
      the message parsing code there.
      Also change the stat and list methods to require "list" instead of
      "read" permissions which is useful to allow browing the filesystem
      without allowing read access to all files.
      Signed-off-by: default avatarJo-Philipp Wich <jo@mein.io>
  18. 04 Sep, 2019 2 commits
  19. 03 Sep, 2019 3 commits
  20. 01 Sep, 2019 2 commits
    • Jo-Philipp Wich's avatar
      file: add path based read/write/exec ACL checks · 821045f6
      Jo-Philipp Wich authored
      Introduce ACL checks to verify that the requested path may be read, written
      or executed. This allows to restrict ubus file commands to specific paths.
      To setup the required ACLs, the following ubus command may be used
      on the command line:
      ubus call session grant '{
        "ubus_rpc_session": "d41d8cd98f00b204e9800998ecf8427e",
        "scope": "file",
        "objects": [
          [ "/etc", "read" ],
          [ "/etc/*", "write" ],
          [ "/sbin/sysupgrade", "exec" ]
      The "read", "list", "stat" and "md5" procedures require "read" permissions,
      the "write" procedure requires "write" permission and the "exec" procedure
      requires "exec" permissions.
      Signed-off-by: default avatarJo-Philipp Wich <jo@mein.io>
    • Jo-Philipp Wich's avatar
  21. 05 Jun, 2019 1 commit
  22. 22 May, 2019 1 commit
    • Jo-Philipp Wich's avatar
      session: handle NULL return values of crypt() · 569284a1
      Jo-Philipp Wich authored
      The crypt() function may return NULL with errno ENOSYS when an attempt
      was made to crypt the plaintext password using a salt requesting an
      unsupported cipher.
      Avoid triggering segmentation faults in the subsequent strcmp() operation
      by checking for a non-NULL hash value.
      Fixes: FS#2291
      Signed-off-by: default avatarJo-Philipp Wich <jo@mein.io>
  23. 05 Mar, 2019 3 commits