Changeset 13372 in hybrid


Ignore:
Timestamp:
Aug 30, 2015, 12:58:01 AM (9 years ago)
Author:
rick
Message:

Sudoers entry needed to allow portal script (running as www) to invoke firewall rules (as root).

Location:
branches/releng-10/nanobsd
Files:
2 added
3 edited

Legend:

Unmodified
Added
Removed
  • branches/releng-10/nanobsd/cfg/nanobsd.wleiden

    r13174 r13372  
    252252)
    253253
     254# Customize sudoers files
     255cust_sudo_rules() {
     256        chroot ${NANO_WORLDDIR} chmod -R 0440 /usr/local/etc/sudoers.d
     257}
     258
    254259
    255260
     
    351356customize_cmd cust_nano_prune
    352357customize_cmd cust_set_root_password
     358customize_cmd cust_sudo_rules
    353359#customize_cmd cust_apply_nanobsd_patches
    354360late_customize_cmd late_cust_unset_common_var_and_tmp
  • branches/releng-10/nanobsd/files/usr/local/www/portal/login/index.cgi

    r13371 r13372  
    55# Rick van der Zwet <info@rickvanderzwet.nl>
    66#
    7 PATH=$PATH:/usr/sbin:/usr/bin:/sbin
     7PATH=$PATH:/usr/local/bin:/usr/sbin:/usr/bin:/sbin
    88DB=/tmp/authenticated.txt
    99
     
    1919
    2020# Add entry to authorized list
    21 pfctl -q -t wlportal -T add $REMOTE_ADDR
     21sudo pfctl -q -t wlportal -T add $REMOTE_ADDR
    2222
    2323# Redirect to proper page
  • branches/releng-10/nanobsd/files/usr/local/www/portal/logout/index.cgi

    r13056 r13372  
    55# Rick van der Zwet <info@rickvanderzwet.nl>
    66#
    7 PATH=$PATH:/usr/sbin:/usr/bin:/sbin
     7PATH=$PATH:/usr/local/bin:/usr/sbin:/usr/bin:/sbin
    88DB=/tmp/authenticated.txt
    99
     
    1111
    1212# Add entry to authorized list
    13 pfctl -q -t wlportal -T delete $REMOTE_ADDR
     13sudo pfctl -q -t wlportal -T delete $REMOTE_ADDR
    1414
    1515# Redirect to proper page
    16 echo 'HTTP 1.0 200 OK'
     16echo 'Content-Type: text/html'
    1717echo 'Refresh: 60; url=/portal/login'
    1818echo ''
Note: See TracChangeset for help on using the changeset viewer.