From 96a1145c3e453af7ac5cfdf6d035667b5b58bc9c Mon Sep 17 00:00:00 2001 From: Ad Schellevis Date: Sun, 22 Dec 2024 14:37:42 +0100 Subject: [PATCH] System: Access: Users - add "system list shells" and hook to shell field, closes https://github.com/opnsense/core/issues/8155 --- plist | 1 + .../mvc/app/models/OPNsense/Auth/User.xml | 8 ++--- src/opnsense/scripts/system/list_shells.py | 35 +++++++++++++++++++ .../conf/actions.d/actions_system.conf | 8 +++++ 4 files changed, 46 insertions(+), 6 deletions(-) create mode 100755 src/opnsense/scripts/system/list_shells.py diff --git a/plist b/plist index 7b0984baf..11b33c695 100644 --- a/plist +++ b/plist @@ -1264,6 +1264,7 @@ /usr/local/opnsense/scripts/system/flush_config_history /usr/local/opnsense/scripts/system/get_locales.php /usr/local/opnsense/scripts/system/ha_xmlrpc_exec.php +/usr/local/opnsense/scripts/system/list_shells.py /usr/local/opnsense/scripts/system/nameservers.php /usr/local/opnsense/scripts/system/remote_backup.php /usr/local/opnsense/scripts/system/rfc5246_cipher_suites.csv diff --git a/src/opnsense/mvc/app/models/OPNsense/Auth/User.xml b/src/opnsense/mvc/app/models/OPNsense/Auth/User.xml index 9c14cfc91..077d7ab8e 100644 --- a/src/opnsense/mvc/app/models/OPNsense/Auth/User.xml +++ b/src/opnsense/mvc/app/models/OPNsense/Auth/User.xml @@ -24,13 +24,9 @@ - + + system list shells Default (none for all but root) - - /bin/csh - /bin/sh - /bin/tcsh - diff --git a/src/opnsense/scripts/system/list_shells.py b/src/opnsense/scripts/system/list_shells.py new file mode 100755 index 000000000..4b1ccbe36 --- /dev/null +++ b/src/opnsense/scripts/system/list_shells.py @@ -0,0 +1,35 @@ +#!/usr/local/bin/python3 + +""" + Copyright (c) 2024 Ad Schellevis + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +""" + +import json + +result = {} +for line in [line.rstrip() for line in open('/etc/shells')]: + if line.startswith('/') and line.find('opnsense-') == -1: + result[line] = line +print(json.dumps(result)) diff --git a/src/opnsense/service/conf/actions.d/actions_system.conf b/src/opnsense/service/conf/actions.d/actions_system.conf index b5ca401c8..efd714701 100644 --- a/src/opnsense/service/conf/actions.d/actions_system.conf +++ b/src/opnsense/service/conf/actions.d/actions_system.conf @@ -143,6 +143,14 @@ type:script_output message:list locales cache_ttl:300 +[list.shells] +command:/usr/local/opnsense/scripts/system/list_shells.py +parameters: +type:script_output +message:list shells +cache_ttl:300 + + [status] command:/usr/local/opnsense/scripts/system/status.php parameters: