Difuse/luci
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
luci/modules/luci-mod-status/root/usr/share/rpcd/acl.d/luci-mod-status.json
Erik Karlsson 72f1573458 luci-mod-status: fix ACL for channel analysis 
Without this fix channel analysis will not work unless write access is
also granted to luci-mod-network-config

Signed-off-by: Erik Karlsson <erik.karlsson@genexis.eu>
2023-11-27 11:16:29 +01:00

97 lines
2 KiB
JSON
Raw Permalink Blame History

{
"luci-mod-status-realtime": {
"description": "Grant access to realtime statistics",
"read": {
"ubus": {
"luci": [ "getConntrackList", "getRealtimeStats" ],
"network.rrdns": [ "lookup" ]
}
}
},
"luci-mod-status-processes": {
"description": "Grant access to process status",
"read": {
"ubus": {
"luci": [ "getProcessList" ]
}
},
"write": {
"file": {
"/bin/kill": [ "exec" ]
},
"ubus": {
"file": [ "exec" ]
}
}
},
"luci-mod-status-logs": {
"description": "Grant access to system logs",
"read": {
"cgi-io": [ "exec" ],
"file": {
"/bin/dmesg -r": [ "exec" ],
"/sbin/logread": [ "stat" ],
"/sbin/logread -e ^": [ "exec" ],
"/usr/sbin/logread": [ "stat" ],
"/usr/sbin/logread -e ^": [ "exec" ]
},
"ubus": {
"file": [ "stat" ]
}
}
},
"luci-mod-status-routes": {
"description": "Grant access to routing status",
"read": {
"file": {
"/sbin/ip -[46] neigh show": [ "exec" ],
"/sbin/ip -[46] route show table all": [ "exec" ],
"/sbin/ip -[46] rule show": [ "exec" ]
},
"ubus": {
"file": [ "exec" ]
}
}
},
"luci-mod-status-channel_analysis": {
"description": "Grant access to wireless channel status",
"read": {
"ubus": {
"iwinfo": [ "info", "freqlist", "scan" ]
}
}
},
"luci-mod-status-firewall": {
"description": "Grant access to firewall status",
"read": {
"cgi-io": [ "exec" ],
"file": {
"/usr/sbin/nft --terse --json list ruleset": [ "exec" ],
"/usr/sbin/iptables --line-numbers -w -nvxL -t *": [ "exec" ],
"/usr/sbin/ip6tables --line-numbers -w -nvxL -t *": [ "exec" ],
"/usr/sbin/ip6tables": [ "list" ],
"/usr/sbin/iptables-save": [ "exec" ],
"/usr/sbin/ip6tables-save": [ "exec" ]
},
"ubus": {
"file": [ "stat" ]
}
},
"write": {
"cgi-io": [ "exec" ],
"file": {
"/etc/init.d/firewall restart": [ "exec" ],
"/usr/sbin/iptables -Z": [ "exec" ],
"/usr/sbin/ip6tables -Z": [ "exec" ]
},
"ubus": {
"file": [ "exec" ]
}
}
}
}
Reference in a new issue View git blame Copy permalink