summaryrefslogtreecommitdiffhomepage
path: root/modules/luci-base/root
diff options
context:
space:
mode:
Diffstat (limited to 'modules/luci-base/root')
-rw-r--r--modules/luci-base/root/usr/share/luci/menu.d/luci-base.json142
-rw-r--r--modules/luci-base/root/usr/share/rpcd/acl.d/luci-base.json23
2 files changed, 162 insertions, 3 deletions
diff --git a/modules/luci-base/root/usr/share/luci/menu.d/luci-base.json b/modules/luci-base/root/usr/share/luci/menu.d/luci-base.json
new file mode 100644
index 0000000000..cdfffb5123
--- /dev/null
+++ b/modules/luci-base/root/usr/share/luci/menu.d/luci-base.json
@@ -0,0 +1,142 @@
+{
+ "admin": {
+ "title": "Administration",
+ "order": 10,
+ "action": {
+ "type": "firstchild",
+ "recurse": true
+ },
+ "auth": {
+ "methods": [ "cookie:sysauth" ],
+ "login": true
+ }
+ },
+
+ "admin/status": {
+ "title": "Status",
+ "order": 10,
+ "action": {
+ "type": "firstchild",
+ "preferred": "overview",
+ "recurse": true
+ }
+ },
+
+ "admin/system": {
+ "title": "System",
+ "order": 20,
+ "action": {
+ "type": "firstchild",
+ "preferred": "system",
+ "recurse": true
+ }
+ },
+
+ "admin/vpn": {
+ "title": "VPN",
+ "order": 30,
+ "action": {
+ "type": "firstchild",
+ "recurse": true
+ }
+ },
+
+ "admin/services": {
+ "title": "Services",
+ "order": 40,
+ "action": {
+ "type": "firstchild",
+ "recurse": true
+ }
+ },
+
+ "admin/network": {
+ "title": "Network",
+ "order": 50,
+ "action": {
+ "type": "firstchild",
+ "recurse": true
+ }
+ },
+
+ "admin/translations/*": {
+ "action": {
+ "type": "call",
+ "module": "luci.controller.admin.index",
+ "function": "action_translations"
+ },
+ "auth": {
+ "methods": [ "cookie:sysauth" ]
+ }
+ },
+
+ "admin/ubus/*": {
+ "action": {
+ "type": "call",
+ "module": "luci.controller.admin.index",
+ "function": "action_ubus"
+ },
+ "auth": {}
+ },
+
+ "admin/logout": {
+ "title": "Logout",
+ "order": 999,
+ "action": {
+ "type": "call",
+ "module": "luci.controller.admin.index",
+ "function": "action_logout"
+ }
+ },
+
+ "admin/uci": {
+ "action": {
+ "type": "firstchild"
+ }
+ },
+
+ "admin/uci/revert": {
+ "action": {
+ "type": "call",
+ "module": "luci.controller.admin.uci",
+ "function": "action_revert",
+ "post": true
+ }
+ },
+
+ "admin/uci/apply_rollback": {
+ "cors": true,
+ "action": {
+ "type": "call",
+ "module": "luci.controller.admin.uci",
+ "function": "action_apply_rollback",
+ "post": true
+ },
+ "auth": {
+ "methods": [ "cookie:sysauth" ]
+ }
+ },
+
+ "admin/uci/apply_unchecked": {
+ "cors": true,
+ "action": {
+ "type": "call",
+ "module": "luci.controller.admin.uci",
+ "function": "action_apply_unchecked",
+ "post": true
+ },
+ "auth": {
+ "methods": [ "cookie:sysauth" ]
+ }
+ },
+
+ "admin/uci/confirm": {
+ "cors": true,
+ "action": {
+ "type": "call",
+ "module": "luci.controller.admin.uci",
+ "function": "action_confirm"
+ },
+ "auth": {}
+ }
+}
diff --git a/modules/luci-base/root/usr/share/rpcd/acl.d/luci-base.json b/modules/luci-base/root/usr/share/rpcd/acl.d/luci-base.json
index 50ddc299fa..ba0c213c9e 100644
--- a/modules/luci-base/root/usr/share/rpcd/acl.d/luci-base.json
+++ b/modules/luci-base/root/usr/share/rpcd/acl.d/luci-base.json
@@ -20,7 +20,7 @@
"luci-access": {
"description": "Grant access to basic LuCI procedures",
"read": {
- "cgi-io": [ "backup", "download" ],
+ "cgi-io": [ "backup", "download", "exec" ],
"file": {
"/": [ "list" ],
"/*": [ "list" ],
@@ -38,7 +38,21 @@
"/proc/sys/kernel/hostname": [ "read" ],
"/proc/sys/net/netfilter/nf_conntrack_*": [ "read" ],
"/proc/mounts": [ "read" ],
- "/usr/lib/lua/luci/version.lua": [ "read" ]
+ "/usr/lib/lua/luci/version.lua": [ "read" ],
+ "/bin/dmesg -r": [ "exec" ],
+ "/bin/ping *": [ "exec" ],
+ "/bin/ping6 *": [ "exec" ],
+ "/bin/traceroute *": [ "exec" ],
+ "/bin/traceroute6 *": [ "exec" ],
+ "/sbin/logread -e ^": [ "exec" ],
+ "/usr/bin/ping *": [ "exec" ],
+ "/usr/bin/ping6 *": [ "exec" ],
+ "/usr/bin/traceroute *": [ "exec" ],
+ "/usr/bin/traceroute6 *": [ "exec" ],
+ "/usr/bin/nslookup *": [ "exec" ],
+ "/usr/libexec/luci-peeraddr": [ "exec" ],
+ "/usr/sbin/iptables --line-numbers -w -nvxL -t *": [ "exec" ],
+ "/usr/sbin/ip6tables --line-numbers -w -nvxL -t *": [ "exec" ]
},
"ubus": {
"file": [ "list", "read", "stat" ],
@@ -58,6 +72,7 @@
"file": {
"/etc/crontabs/root": [ "write" ],
"/etc/dropbear/authorized_keys": [ "write" ],
+ "/etc/init.d/firewall restart": [ "exec" ],
"/etc/luci-uploads/*": [ "write" ],
"/etc/rc.local": [ "write" ],
"/etc/sysupgrade.conf": [ "write" ],
@@ -73,7 +88,9 @@
"/bin/umount": [ "exec" ],
"/tmp/backup.tar.gz": [ "write" ],
"/tmp/firmware.bin": [ "write" ],
- "/tmp/upload.ipk": [ "write" ]
+ "/tmp/upload.ipk": [ "write" ],
+ "/usr/sbin/iptables -Z": [ "exec" ],
+ "/usr/sbin/ip6tables -Z": [ "exec" ]
},
"ubus": {
"file": [ "write", "remove", "exec" ],
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-04 17:58:19 +0000