From 40b0879d8fc50864d5a5aec242ac1143ba05fa1a Mon Sep 17 00:00:00 2001 From: ms Date: Thu, 26 Apr 2007 12:27:41 +0000 Subject: [PATCH] Signierten GPG-Schluessel importiert. smartctrl geschrieben. Passwort kann nichtmehr im Webinterface geaendert werden. git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@504 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8 --- config/cfgroot/cacert.asc | 30 +++++++ config/cfgroot/ipfire.gpg | 50 +++++++----- config/menu/10-system.menu | 12 +-- config/rootfiles/common/apache2 | 2 +- config/rootfiles/common/misc-progs | 1 + doc/language_issues.de | 2 + doc/language_issues.en | 2 + html/cgi-bin/changepw.cgi | 123 ----------------------------- lfs/gnupg | 1 + src/misc-progs/Makefile | 6 +- src/misc-progs/smartctrl.c | 28 +++++++ 11 files changed, 102 insertions(+), 155 deletions(-) create mode 100644 config/cfgroot/cacert.asc delete mode 100644 html/cgi-bin/changepw.cgi create mode 100644 src/misc-progs/smartctrl.c diff --git a/config/cfgroot/cacert.asc b/config/cfgroot/cacert.asc new file mode 100644 index 0000000000..120f516eb2 --- /dev/null +++ b/config/cfgroot/cacert.asc @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.2.2 (GNU/Linux) + +mQGiBD8OdRwRBACEr0/NPA88qp8f6KyIMMveLQ1FOuLi0aDQDPybG7u1nrBoi3VI +tSRyfYcdExVxWQjTGd9qbShzXBw2DsxjA6YjiGzWKpVcqtj9uUDpSlylBaoadUzu +Sf3r3IkOHR2QJeC+9v2il30xy5XLMxDRbQYaSmf4uwTlIOUWNn118KpdawCgoNny +p4DR9EvRgCmY5z6IKHA2WscD/AhAKDVHCIAoZHzSB/puNOuVUSKRbIWNAqUAYosz +GRzYWb8O/3Ja4fNb3IMQ1gIsEcnUJFHnzID3pTjqWyiCId/NSX3fLuQxZHZE9n8P +PqlZIvqMrOfCT0RJQa0zTFcrgepnmnHLj7qmtXQZm+YkTvlihOZNtVA4JNzrxDrQ +egkqA/4hr0LezNJfkUhWnbW604p7AmmKK7Hi/ZixAfnxN0adgnV7oC3Q4VM8aB2i +gReSuifluHiaJmf/WsA3KH4bdyLRbagz6dOPkXY8bQKy9yRxQz9oYwudlluYoZXe +gSQI2Jle9U2ENefa9ouvVlsB0he1qzF6VzHXAXpLsANt5smDh7Q0Q0EgQ2VydCBT +aWduaW5nIEF1dGhvcml0eSAoUm9vdCBDQSkgPGdwZ0BjYWNlcnQub3JnPohfBBMR +AgAfBQI/DnUcBQk4ZAkABAsHAwIDFQIDAxYCAQIeAQIXgAAKCRDSuw0BZdD9WEFX +AJ9C6WBcYfTYw1uvZ+N85TPGG5PMKQCcCM1tyULC5J6pfwevywS6cEwfagW5Ag0E +Pw51MBAIANUbl1u0j+mnVJk1fKbJ+Ul6SAYpNtordfgrgrmlnOhMCFcROrCzsaaI +1ehohxMbTnIj0RP0g/KotahAurqB98qzHIxXZMEJSzBE2OCNvlIXqUyT1jwhAUN6 +e71s084Lml84gD4cIr7+2YtwIu+6zrE+YdjfMT1NibM3vmiXaknrk4aADb02ZS5U +iDeRstUO5PG7qVg4umR0HZJ1Ck2U7Kdjaekzzlm0q/vYMZKTYX37NkZRUU0QFLsM +tACEaZnwKf9hMAWJwG1OFyJeLVH8xvzCkI4I+fpAvAQj6LVAh41SHl7EivH6SiTp +/+61idoz/CGqeLBxuex6Z+Y53U54FmcAAwUH/2chzBs1YWFX5LuLGEW3R3UW/wDb +RnYpsSR+pnMBVh18WS0nF08R/SXtb12RsqN5H+GtELOZng6IWL5hhgNaYvF1F4sW +Ezm2nyVmTsu7/DtHLmXtzz1oNLQ9pzJkoqP2pGtPYQKvmiuoNbt+l1prwjt5zn1D +slLn8w0+9/PP1YdKpuZ/189yQP6iYsLHxBxg/50MbSzoFwiT22aJCdF+OJ7zRwDy +GhjnfV7HVwdEDV5rvb7aRolRmZZF2UADSPu52BWT4PI0nVnewAgivyELqVU3Zc3P +aWqmH5BAh22MjbsbXrWZXK/WOfZCNlPVdfHxwFGxnlwsHgmyrkPAs3szJGiITAQY +EQIADAUCPw51MAUJOGQJAAAKCRDSuw0BZdD9WMw8AJwIVUzB2WQJGAbf/aXzCABn +QWdKwACdEWUSf69RZiJgp4oMfXMx0fDEh2I= +=OaPO +-----END PGP PUBLIC KEY BLOCK----- diff --git a/config/cfgroot/ipfire.gpg b/config/cfgroot/ipfire.gpg index 441ce118f9..a108217712 100644 --- a/config/cfgroot/ipfire.gpg +++ b/config/cfgroot/ipfire.gpg @@ -1,24 +1,32 @@ -----BEGIN PGP PUBLIC KEY BLOCK----- -Version: GnuPG v1.4.0 (GNU/Linux) +Version: GnuPG v1.4.6 (GNU/Linux) -mQGiBES+T2wRBADhI9iInuQptFBBbj3bzCVOEjkafX0XdlGQhqsG9l8mhA73jwSV -NnpKtgvNOe+OXNFsxjpJAbS0nGdrv3tAP4/kf97CenYD9LmaIhjCMYs2Zhq3NQ/f -XSwSj7BDmE4LkGNn1Wbb69+JQQJM6f6kcm2zvXQSFFe/I8x9c1HQEjlMtwCgtByW -jfMeRbWvmGPyiK48lYun0p0D/jkuOoln5/WLm64XKHm6OU5AYDGuo1t4mEkNeeUr -ruI25RB/Xjtmisb9SqKp4bH7vPa1MP2O44w8leIqViTEqaegARSNdVKd2kqK8k1m -p6RcsroSvMNSrMKWBzAbSaktVqTnN95gT1ZxVWgcP7Frtmo2ZWUOVMf1NbJnDQCJ -ZiWsBADXtojLnvuQiXWiy+jzIQ1PEYntssuMD5BvQTWSDHuoWUrW/OBhn4EJhVlZ -CGwdejUdqxIlAeJ3DY0kddNXVyUwL/cfHYRPq7uXqjfMzhs4CkwCXSWs53MkCkXy -yFsvUPsGblZ0a/FLuZ0Lz9dF0EEZwjLNYmuxIXmuKXd70KflmLQXSVBGaXJlIDxp -bmZvQGlwZmlyZS5ldT6IXgQTEQIAHgUCRL5PbAIbAwYLCQgHAwIDFQIDAxYCAQIe -AQIXgAAKCRACLQgrEq0XoB+pAJ0aOAaMU++GkBDFMfcN6jhIxDHUlACcDGobOvMx -H8gcTGwuoBU3b66KSb+5AQ0ERL5PbxAEAKCUuzOXui6U9RkPimhNreyCQEQev0SY -9D+l/XRU6odgSHGSuitfa73+vvk6mp31JNP39kdpVVCdGGMAydpV2THyNqjucuoQ -uANO+wCiafgy6F9RAAnXUnTUjj0CYRk7GQF85uh7Sp2NHMUaStRpgiJJi4XbCjqw -ia7QsZXnUkMTAAMFBACQgQdcx4diN0p/YarP7yN1GsD9BEYXeLded+2j0uHebe2/ -FMyO832LZWh6TJtZqih3Jb5Vq4ii/SaWL20QV4pBHr28QchHTUojLd3AXfz+yLkT -PM9qOpW43oj9r7KjMgII0RBDKhVUXNPrgZoMVaJUbKxj5lzBGfeWxHubmck+fIhJ -BBgRAgAJBQJEvk9vAhsMAAoJEAItCCsSrReg0L8AmwUiYE1Zq2jgjAP6Wvuj7Yjc -1PntAKCBzpyN5bIkHPYZPMfNmv4/XKcwYg== -=sOax +mQGiBEYssZ8RBACcbHcYW+gPbjPFxv4ImlK1FgXV3s65Nnu7V9kghB7AZXterMVM +rZ87sNEw6J3JT32k0e9iBukA1QrshPg3c/mL+2/lMvvxsUW19rj/8ZBCCnP1Svgq +9q0OSJfadbm9b6Ndj06D/3EM+VpY5aI7XgNenh7ZcDbY9m8YDPdu0OF9uwCgltJS ++Pzjr16bJ/VnI549LfIG2KkEAJZWQmLQSXbl4VVEOSyaaJN8ugGBnZtnaL6IBE9K +0FHoZU3GaEOP6L3IUHUzyWsrpC/G44hGPC3xIbr5VG3sJ6hUc3J2rjx1clFdyN6A +bte9EWk1HkRFdaMfDn86vhIjn7znHU4cbvQLIpgB12+y2P/ydqLwyuyf6rV1JEWk +pSXpA/91LnlvICvqompSmrpLKpb+DSe59tr/r5GI36VNnqWt32InmF0N2ceLwG1F +K62M4Tf5/OZOg5m3uoTTHWf355+7NJjyPzT+DYbsuK56TNd/cFPeVdisdteeuINj +3DIC/8H9Y7mvYMAoSNtdA74JrdzGiqH2zSTB/oa/nwDXFekrq7Q2TWljaGFlbCBU +cmVtZXIgKFBha2ZpcmUgU2lnbmluZyBLZXkpIDxwYWtzQGlwZmlyZS5vcmc+iFoE +ExECABoFAkYssZ8CGwMCCwIDFQIDAxYCAQIeAQIXgAAKCRBL3jZMZNlmF0pBAJ95 +S5xzasjMQLpvOWA9E4JG3YJasQCfbNpdZXbZHr7Io7hLR9iJ+OhybfuIawQQEQIA +KwUCRi3ByAWDAeKFAB4aaHR0cDovL3d3dy5jYWNlcnQub3JnL2Nwcy5waHAACgkQ +0rsNAWXQ/VjJhQCfUQh+9wPAlyQVb9gYZ5zgHfqDY1MAn2T/VXH2+acwC4O3oV1W +Ni36NNRpuQINBEYsuJoQCAC6wq4ZMtWRGF/GeTd9l7boo40ulBth8Wr+IBK38XYv +5s+WLiTuuTCM8Thq4eY3MOfO+VXhjQen1S2e8WiZq+c55pDDAKXvBFmVNKcgkK7C +1AW85kY86aspoAK3/vi2pghlXAysTKSoW+WfoCbASDheEJopOkIMehdroraI2zTM +y8AEk+TnbRPzoFNBEYwr3J1GlkegtU3mIPpALDfpL4+HoCgS+7SfAvIlG//C+4W/ +oI/VOYHDdM5zR1av/pVZGpUK4Ao/JBxXMaqsbiP43KytbNuMRsZ+sFDs/ZtmHf1z +6AQ8mnxU0klT4ppU8Nl3hSVcvRacm6wBTvvGEqjkApkPAAMFCACKWJVpzcVAdOMP +aB08qJ+GPSSgxspaSoFPjVN307Pr1Di/ZriC/UVNrq/eUHEIvC1zIx+t3O109qVH +RMWbfCj+4/OBHJ4Ik3Nc5/8v6zaGwixJrkjohF8QLwodqazrjc+W3VsQ5jwfPpLe +DFpd3xHhj5zhXQKN0tCCk435Q/58aMQCK75St3/ymP6NGaE2s7dsXU/BwndgfxJu +Yz8LEK6phJ2t0jBiJJgcjWkoBkq8MhI6wKW6uDU4B/KKGHHLuZHg1ZKum8ASMcti +S980DlSJyfLJnUIio5F/u/csug8bHKq5pA1x+wmsUBhuH66aosNJuz35Bl4nW365 +PoahYtQBiEkEGBECAAkFAkYsuJoCGwwACgkQS942TGTZZhePvwCghewEOgtP7jz8 +d/lFWgeBt75eaM8An1+5yuYvSH+0ITVYC02VN0lbYjVy +=Oda/ -----END PGP PUBLIC KEY BLOCK----- diff --git a/config/menu/10-system.menu b/config/menu/10-system.menu index 47d70f650d..81eed3ade5 100644 --- a/config/menu/10-system.menu +++ b/config/menu/10-system.menu @@ -10,25 +10,19 @@ 'title' => "$Lang::tr{'alt dialup'}", 'enabled' => 1, }; - $subsystem->{'30.passwords'} = { - 'caption' => $Lang::tr{'sspasswords'}, - 'uri' => '/cgi-bin/changepw.cgi', - 'title' => "$Lang::tr{'sspasswords'}", - 'enabled' => 1, - }; - $subsystem->{'40.ssh'} = { + $subsystem->{'30.ssh'} = { 'caption' => $Lang::tr{'ssh access'}, 'uri' => '/cgi-bin/remote.cgi', 'title' => "$Lang::tr{'ssh access'}", 'enabled' => 1, }; - $subsystem->{'50.gui'} = { + $subsystem->{'40.gui'} = { 'caption' => $Lang::tr{'gui settings'}, 'uri' => '/cgi-bin/gui.cgi', 'title' => "$Lang::tr{'gui settings'}", 'enabled' => 1, }; - $subsystem->{'60.shutdown'} = { + $subsystem->{'50.shutdown'} = { 'caption' => $Lang::tr{'shutdown'}, 'uri' => '/cgi-bin/shutdown.cgi', 'title' => "$Lang::tr{'shutdown'} / $Lang::tr{'reboot'}", diff --git a/config/rootfiles/common/apache2 b/config/rootfiles/common/apache2 index 9ca53eb7ca..4f1b50798a 100644 --- a/config/rootfiles/common/apache2 +++ b/config/rootfiles/common/apache2 @@ -1261,7 +1261,7 @@ srv/web/ipfire/cgi-bin/aliases.cgi #srv/web/ipfire/cgi-bin/asterisk.cgi/calls #srv/web/ipfire/cgi-bin/asterisk.cgi/conf #srv/web/ipfire/cgi-bin/asterisk.cgi/status -srv/web/ipfire/cgi-bin/changepw.cgi +#srv/web/ipfire/cgi-bin/changepw.cgi srv/web/ipfire/cgi-bin/chpasswd.cgi srv/web/ipfire/cgi-bin/connections.cgi srv/web/ipfire/cgi-bin/connscheduler.cgi diff --git a/config/rootfiles/common/misc-progs b/config/rootfiles/common/misc-progs index 43f5817159..b9570def07 100644 --- a/config/rootfiles/common/misc-progs +++ b/config/rootfiles/common/misc-progs @@ -24,5 +24,6 @@ usr/local/bin/setdmzholes usr/local/bin/setfilters usr/local/bin/setportfw usr/local/bin/setxtaccess +usr/local/bin/smartctrl usr/local/bin/timecheckctrl usr/local/bin/upnpctrl diff --git a/doc/language_issues.de b/doc/language_issues.de index a0326387b6..c0c806382a 100644 --- a/doc/language_issues.de +++ b/doc/language_issues.de @@ -195,6 +195,7 @@ WARNING: translation string unused: modulation WARNING: translation string unused: mount WARNING: translation string unused: nat-traversal WARNING: translation string unused: network configuration +WARNING: translation string unused: network status information WARNING: translation string unused: new optionsfw later WARNING: translation string unused: new optionsfw must boot WARNING: translation string unused: no cfg upload @@ -252,6 +253,7 @@ WARNING: translation string unused: squid fix cache WARNING: translation string unused: ssh access tip WARNING: translation string unused: ssnetwork status WARNING: translation string unused: sssystem status +WARNING: translation string unused: sstraffic graphs WARNING: translation string unused: successfully refreshed updates list WARNING: translation string unused: swap usage per WARNING: translation string unused: system cpu diff --git a/doc/language_issues.en b/doc/language_issues.en index 4ef1375e6f..f213190cf6 100644 --- a/doc/language_issues.en +++ b/doc/language_issues.en @@ -209,6 +209,7 @@ WARNING: translation string unused: monthly firewallhits WARNING: translation string unused: mount WARNING: translation string unused: nat-traversal WARNING: translation string unused: network configuration +WARNING: translation string unused: network status information WARNING: translation string unused: new optionsfw later WARNING: translation string unused: new optionsfw must boot WARNING: translation string unused: no cfg upload @@ -259,6 +260,7 @@ WARNING: translation string unused: squid extension methods WARNING: translation string unused: squid extension methods invalid WARNING: translation string unused: ssnetwork status WARNING: translation string unused: sssystem status +WARNING: translation string unused: sstraffic graphs WARNING: translation string unused: successfully refreshed updates list WARNING: translation string unused: swap usage per WARNING: translation string unused: system cpu diff --git a/html/cgi-bin/changepw.cgi b/html/cgi-bin/changepw.cgi deleted file mode 100644 index e5595e1587..0000000000 --- a/html/cgi-bin/changepw.cgi +++ /dev/null @@ -1,123 +0,0 @@ -#!/usr/bin/perl -# -# SmoothWall CGIs -# -# This code is distributed under the terms of the GPL -# -# (c) The SmoothWall Team -# -# $Id: changepw.cgi,v 1.4.2.6 2005/03/07 21:28:03 eoberlander Exp $ -# - -use strict; - -# enable only the following on debugging purpose -#use warnings; -#use CGI::Carp 'fatalsToBrowser'; - -require '/var/ipfire/general-functions.pl'; -require "${General::swroot}/lang.pl"; -require "${General::swroot}/header.pl"; - -my %cgiparams=(); -my $errormessage=''; - -&Header::showhttpheaders(); - -$cgiparams{'ACTION_ADMIN'} = ''; -$cgiparams{'ACTION_DIAL'} = ''; - -&Header::getcgihash(\%cgiparams); - -if ($cgiparams{'ACTION_ADMIN'} eq $Lang::tr{'save'}) -{ - my $password1 = $cgiparams{'ADMIN_PASSWORD1'}; - my $password2 = $cgiparams{'ADMIN_PASSWORD2'}; - if ($password1 eq $password2) - { - if ($password1 =~ m/\s|\"/) { - $errormessage = $Lang::tr{'password contains illegal characters'}; - } - elsif (length($password1) >= 6) - { - system('/usr/sbin/htpasswd', '-m', '-b', "${General::swroot}/auth/users", 'admin', "${password1}"); - &General::log($Lang::tr{'admin user password has been changed'}); - } - else { - $errormessage = $Lang::tr{'passwords must be at least 6 characters in length'}; } - } - else { - $errormessage = $Lang::tr{'passwords do not match'}; } -} - -if ($cgiparams{'ACTION_DIAL'} eq $Lang::tr{'save'}) -{ - my $password1 = $cgiparams{'DIAL_PASSWORD1'}; - my $password2 = $cgiparams{'DIAL_PASSWORD2'}; - if ($password1 eq $password2) - { - if($password1 =~ m/\s|\"/) { - $errormessage = $Lang::tr{'password contains illegal characters'}; - } - elsif (length($password1) >= 6) - { - system('/usr/sbin/htpasswd', '-m', '-b', "${General::swroot}/auth/users", 'dial', "${password1}"); - &General::log($Lang::tr{'dial user password has been changed'}); - } - else { - $errormessage = $Lang::tr{'passwords must be at least 6 characters in length'}; } - } - else { - $errormessage = $Lang::tr{'passwords do not match'}; } -} - -&Header::openpage($Lang::tr{'change passwords'}, 1, ''); - -&Header::openbigbox('100%', 'left', '', $errormessage); - -if ($errormessage) { - &Header::openbox('100%', 'left', $Lang::tr{'error messages'}); - print "$errormessage\n"; - print " \n"; - &Header::closebox(); -} - -print "
\n"; - -&Header::openbox('100%', 'left', $Lang::tr{'administrator user password'}); -print < - - $Lang::tr{'username'} 'admin' - $Lang::tr{'password'}  - - $Lang::tr{'again'} - - - - -END -; -&Header::closebox(); - -&Header::openbox('100%', 'left', $Lang::tr{'dial user password'}); -print < - - $Lang::tr{'username'} 'dial' - $Lang::tr{'password'}  - - $Lang::tr{'again'}  - - - - -END -; -&Header::closebox(); - -print "\n"; - -&Header::closebigbox(); - -&Header::closepage(); diff --git a/lfs/gnupg b/lfs/gnupg index dd4aa58a0b..70df62f2c9 100644 --- a/lfs/gnupg +++ b/lfs/gnupg @@ -78,5 +78,6 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install gpg --import $(DIR_SRC)/config/cfgroot/ipfire.gpg + gpg --import $(DIR_SRC)/config/cfgroot/cacert.asc @rm -rf $(DIR_APP) @$(POSTBUILD) diff --git a/src/misc-progs/Makefile b/src/misc-progs/Makefile index 7576bdaa98..af9a2f4f9f 100644 --- a/src/misc-progs/Makefile +++ b/src/misc-progs/Makefile @@ -10,7 +10,8 @@ SUID_PROGS = setdmzholes setportfw setfilters setxtaccess \ restartapplejuice setdate rebuildhosts \ restartsyslogd logwatch openvpnctrl timecheckctrl \ restartwireless getipstat qosctrl launch-ether-wake \ - redctrl extrahdctrl sambactrl upnpctrl tripwirectrl + redctrl extrahdctrl sambactrl upnpctrl tripwirectrl \ + smartctrl install : all install -m 755 $(PROGS) /usr/local/bin @@ -56,6 +57,9 @@ sambactrl: sambactrl.c setuid.o ../install+setup/libsmooth/varval.o tripwirectrl: tripwirectrl.c setuid.o ../install+setup/libsmooth/varval.o $(COMPILE) -I../install+setup/libsmooth/ tripwirectrl.c setuid.o ../install+setup/libsmooth/varval.o -o $@ + +smartctrl: smartctrl.c setuid.o ../install+setup/libsmooth/varval.o + $(COMPILE) -I../install+setup/libsmooth/ smartctrl.c setuid.o ../install+setup/libsmooth/varval.o -o $@ launch-ether-wake: launch-ether-wake.c setuid.o ../install+setup/libsmooth/varval.o $(COMPILE) -I../install+setup/libsmooth/ launch-ether-wake.c setuid.o ../install+setup/libsmooth/varval.o -o $@ diff --git a/src/misc-progs/smartctrl.c b/src/misc-progs/smartctrl.c new file mode 100644 index 0000000000..b3a40629bc --- /dev/null +++ b/src/misc-progs/smartctrl.c @@ -0,0 +1,28 @@ +/* This file is part of the IPFire Firewall. + * + * This program is distributed under the terms of the GNU General Public + * Licence. See the file COPYING for details. + * + */ + +#include +#include +#include +#include +#include +#include +#include "setuid.h" + +int main(int argc, char *argv[]) { + + if (!(initsetuid())) + exit(1); + + if (argc < 2) { + fprintf(stderr, "\nNo argument given.\n\nsmartctrl \n\n"); + exit(1); + } + safe_system("smartctl -iHA /dev/%s", argv[1]); + + return 0; +} -- 2.39.2