[OpenWrt-Devel] rpcd: file: add path based read/write/exec ACL checks

Andre Valentin avalentin at marcant.net
Sat Sep 21 14:16:44 EDT 2019


Hi!

Im using file extension to get extra status from my device. But after the change above, the calls over uhttpd are rejected with permission denied.

Currently I have this ACL:
# cat /usr/share/rpcd/acl.d/superuser.json
{
        "superuser": {
                "description": "Super user access role",
                "read": {
                        "ubus": {
                                "*": [ "*" ]
                        },
                        "uci": [ "*" ],
                        "file": [ "*" ]
                },
                "write": {
                        "ubus": {
                                "*": [ "*" ]
                        },
                        "uci": [ "*" ],
                        "file": [ "*" ]
                },
                "exec": {
                        "file": [ "*" ]
                }
        }
}

What do I have to do to enable access again, without calling ubus session grant like in the commit?
Thank you!

Kind regards,

André

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4058 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.infradead.org/pipermail/openwrt-devel/attachments/20190921/9e1bac7c/attachment.p7s>
-------------- next part --------------
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel


More information about the openwrt-devel mailing list