summaryrefslogtreecommitdiffhomepage
path: root/applications/luci-app-firewall
diff options
context:
space:
mode:
Diffstat (limited to 'applications/luci-app-firewall')
-rw-r--r--applications/luci-app-firewall/root/usr/share/rpcd/acl.d/luci-app-firewall.json24
-rw-r--r--applications/luci-app-firewall/root/usr/share/rpcd/acl.d/luci-app-openvpn.json11
2 files changed, 24 insertions, 11 deletions
diff --git a/applications/luci-app-firewall/root/usr/share/rpcd/acl.d/luci-app-firewall.json b/applications/luci-app-firewall/root/usr/share/rpcd/acl.d/luci-app-firewall.json
new file mode 100644
index 000000000..0ee29ad21
--- /dev/null
+++ b/applications/luci-app-firewall/root/usr/share/rpcd/acl.d/luci-app-firewall.json
@@ -0,0 +1,24 @@
+{
+ "luci-app-firewall": {
+ "description": "Grant access to firewall configuration",
+ "read": {
+ "file": {
+ "/etc/firewall.user": [ "read" ]
+ },
+ "ubus": {
+ "file": [ "read" ],
+ "luci": [ "getConntrackHelpers" ]
+ },
+ "uci": [ "firewall" ],
+ },
+ "write": {
+ "file": {
+ "/etc/firewall.user": [ "write" ]
+ },
+ "ubus": {
+ "file": [ "write" ]
+ },
+ "uci": [ "firewall" ]
+ }
+ }
+}
diff --git a/applications/luci-app-firewall/root/usr/share/rpcd/acl.d/luci-app-openvpn.json b/applications/luci-app-firewall/root/usr/share/rpcd/acl.d/luci-app-openvpn.json
deleted file mode 100644
index bc9d8e184..000000000
--- a/applications/luci-app-firewall/root/usr/share/rpcd/acl.d/luci-app-openvpn.json
+++ /dev/null
@@ -1,11 +0,0 @@
-{
- "luci-app-openvpn": {
- "description": "Grant file upload access to /etc/openvpn",
- "write": {
- "cgi-io": [ "upload" ],
- "file": {
- "/etc/openvpn/*": [ "write" ]
- }
- }
- }
-}