diff options
author | Jo-Philipp Wich <jo@mein.io> | 2020-01-20 19:16:59 +0100 |
---|---|---|
committer | Jo-Philipp Wich <jo@mein.io> | 2020-01-20 19:40:46 +0100 |
commit | cc01770fa1cf09b729dd931df77b149d1b20d2ef (patch) | |
tree | 7a0adcf380d8de68492bf522931e076e67ace655 | |
parent | 878d6622828676dbb8bf0cb26ffc242079aae306 (diff) |
luci-app-openvpn: allow and restrict file uploads to /etc/openvpn/
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
3 files changed, 15 insertions, 0 deletions
diff --git a/applications/luci-app-firewall/root/usr/share/rpcd/acl.d/luci-app-openvpn.json b/applications/luci-app-firewall/root/usr/share/rpcd/acl.d/luci-app-openvpn.json new file mode 100644 index 000000000..bc9d8e184 --- /dev/null +++ b/applications/luci-app-firewall/root/usr/share/rpcd/acl.d/luci-app-openvpn.json @@ -0,0 +1,11 @@ +{ + "luci-app-openvpn": { + "description": "Grant file upload access to /etc/openvpn", + "write": { + "cgi-io": [ "upload" ], + "file": { + "/etc/openvpn/*": [ "write" ] + } + } + } +} diff --git a/applications/luci-app-openvpn/luasrc/model/cbi/openvpn-advanced.lua b/applications/luci-app-openvpn/luasrc/model/cbi/openvpn-advanced.lua index cce850fe0..d15aaeb4f 100644 --- a/applications/luci-app-openvpn/luasrc/model/cbi/openvpn-advanced.lua +++ b/applications/luci-app-openvpn/luasrc/model/cbi/openvpn-advanced.lua @@ -838,6 +838,8 @@ for _, option in ipairs(params) do o.value = option[3] elseif option[1] == FileUpload then + o.initial_directory = "/etc/openvpn" + function o.cfgvalue(self, section) local cfg_val = AbstractValue.cfgvalue(self, section) diff --git a/applications/luci-app-openvpn/luasrc/model/cbi/openvpn-basic.lua b/applications/luci-app-openvpn/luasrc/model/cbi/openvpn-basic.lua index 3c793c5ce..980238cb6 100644 --- a/applications/luci-app-openvpn/luasrc/model/cbi/openvpn-basic.lua +++ b/applications/luci-app-openvpn/luasrc/model/cbi/openvpn-basic.lua @@ -128,6 +128,8 @@ for _, option in ipairs(basicParams) do o.value = option[3] elseif option[1] == FileUpload then + o.initial_directory = "/etc/openvpn" + function o.cfgvalue(self, section) local cfg_val = AbstractValue.cfgvalue(self, section) |