91 lines
2.6 KiB
JSON
91 lines
2.6 KiB
JSON
{
|
|
"unauthenticated": {
|
|
"description": "Allow system feature probing",
|
|
"read": {
|
|
"ubus": {
|
|
"luci": [ "getFeatures" ]
|
|
}
|
|
}
|
|
},
|
|
|
|
"uci-access": {
|
|
"description": "Grant uci write access to all configurations",
|
|
"read": {
|
|
"uci": [ "*" ]
|
|
},
|
|
"write": {
|
|
"uci": [ "*" ]
|
|
}
|
|
},
|
|
"luci-access": {
|
|
"description": "Grant access to basic LuCI procedures",
|
|
"read": {
|
|
"cgi-io": [ "backup", "download" ],
|
|
"file": {
|
|
"/": [ "list" ],
|
|
"/*": [ "list" ],
|
|
"/dev/mtdblock*": [ "read" ],
|
|
"/etc/crontabs/root": [ "read" ],
|
|
"/etc/dropbear/authorized_keys": [ "read" ],
|
|
"/etc/filesystems": [ "read" ],
|
|
"/etc/rc.local": [ "read" ],
|
|
"/etc/sysupgrade.conf": [ "read" ],
|
|
"/etc/passwd": [ "read" ],
|
|
"/etc/group": [ "read" ],
|
|
"/proc/filesystems": [ "read" ],
|
|
"/proc/mtd": [ "read" ],
|
|
"/proc/partitions": [ "read" ],
|
|
"/proc/sys/kernel/hostname": [ "read" ],
|
|
"/proc/mounts": [ "read" ]
|
|
},
|
|
"ubus": {
|
|
"file": [ "list", "read", "stat" ],
|
|
"iwinfo": [ "assoclist", "freqlist", "txpowerlist", "countrylist" ],
|
|
"luci": [ "getDUIDHints", "getIfaddrs", "getInitList", "getLocaltime", "getTimezones", "getLEDs", "getNetworkDevices", "getUSBDevices", "getSwconfigFeatures", "getSwconfigPortState", "getBlockDevices", "getMountPoints" ],
|
|
"luci-rpc": [ "getBoardJSON", "getDHCPLeases", "getHostHints", "getWirelessDevices" ],
|
|
"network.device": [ "status" ],
|
|
"network.interface": [ "dump" ],
|
|
"network": [ "get_proto_handlers" ],
|
|
"system": [ "validate_firmware_image" ],
|
|
"uci": [ "changes", "get" ]
|
|
},
|
|
"uci": [ "*" ]
|
|
},
|
|
"write": {
|
|
"cgi-io": [ "upload" ],
|
|
"file": {
|
|
"/etc/crontabs/root": [ "write" ],
|
|
"/etc/dropbear/authorized_keys": [ "write" ],
|
|
"/etc/luci-uploads/*": [ "write" ],
|
|
"/etc/rc.local": [ "write" ],
|
|
"/etc/sysupgrade.conf": [ "write" ],
|
|
"/sbin/block": [ "exec" ],
|
|
"/sbin/firstboot": [ "exec" ],
|
|
"/sbin/reboot": [ "exec" ],
|
|
"/sbin/sysupgrade": [ "exec" ],
|
|
"/bin/tar": [ "exec" ],
|
|
"/tmp/backup.tar.gz": [ "write" ],
|
|
"/tmp/firmware.bin": [ "write" ]
|
|
},
|
|
"ubus": {
|
|
"file": [ "write", "remove", "exec" ],
|
|
"iwinfo": [ "scan" ],
|
|
"luci": [ "setInitAction", "setLocaltime", "setPassword", "setBlockDetect", "setUmount", "setReboot" ],
|
|
"uci": [ "add", "apply", "confirm", "delete", "order", "set", "rename" ]
|
|
},
|
|
"uci": [ "*" ]
|
|
}
|
|
},
|
|
"luci-app-firewall": {
|
|
"description": "Grant access to firewall procedures",
|
|
"read": {
|
|
"ubus": {
|
|
"luci": [ "getConntrackHelpers" ]
|
|
},
|
|
"uci": [ "firewall" ]
|
|
},
|
|
"write": {
|
|
"uci": [ "firewall" ]
|
|
}
|
|
}
|
|
}
|