diff options
| author | Simon Rettberg | 2020-11-16 14:03:21 +0100 |
|---|---|---|
| committer | Simon Rettberg | 2020-11-16 14:03:21 +0100 |
| commit | 11c488215620d12c1f79fc9b05deb9928d2cab39 (patch) | |
| tree | d6d546f5c1729325482976587a232e1e7a0378fc /modules-available/sysconfig/addmodule_sshconfig.inc.php | |
| parent | [statistics] Honor filters for clients with special mode (diff) | |
| download | slx-admin-11c488215620d12c1f79fc9b05deb9928d2cab39.tar.gz slx-admin-11c488215620d12c1f79fc9b05deb9928d2cab39.tar.xz slx-admin-11c488215620d12c1f79fc9b05deb9928d2cab39.zip | |
[sysconfig] SSH: Split pubkey and rest of config, add more options
Now we can have exactly one SSH-Config per sysconfig, which avoids
confusion due to config mismatch regarding "allow pw" and "port".
The install include takes care of splitting the key into a new module
for existing modules, but doesn't remove duplicate SshConfig modules
from sysconfigs, as this might lead to additional confusion. Next time
the user edits a sysconfig, they are forced to pick exactly one
SshConfig module.
The "allow password login" option was extended to allow password login
for non-root users only in addition to simply being "yes" or "no".
There's an additional option that can entirely limit the group of users
allowed to log in via SSH.
Diffstat (limited to 'modules-available/sysconfig/addmodule_sshconfig.inc.php')
| -rw-r--r-- | modules-available/sysconfig/addmodule_sshconfig.inc.php | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/modules-available/sysconfig/addmodule_sshconfig.inc.php b/modules-available/sysconfig/addmodule_sshconfig.inc.php index 495ba2a9..4a75d77e 100644 --- a/modules-available/sysconfig/addmodule_sshconfig.inc.php +++ b/modules-available/sysconfig/addmodule_sshconfig.inc.php @@ -13,10 +13,14 @@ class SshConfig_Start extends AddModule_Base $data = $this->edit->getData(false) + array( 'title' => $this->edit->title(), 'edit' => $this->edit->id(), - 'apl' => $this->edit->getData('allowPasswordLogin') === 'yes' + 'PWD_' . strtoupper($this->edit->getData('allowPasswordLogin')) . '_selected' => 'selected', + 'USR_' . strtoupper($this->edit->getData('allowedUsersLogin')) . '_selected' => 'selected', ); } else { - $data = array(); + $data = array( + 'PWD_NO_selected' => 'selected', + 'USR_ROOT_ONLY_selected' => 'selected', + ); } Render::addDialog(Dictionary::translateFile('config-module', 'sshconfig_title'), false, 'sshconfig-start', $data + array( 'step' => 'SshConfig_Finish', @@ -44,7 +48,8 @@ class SshConfig_Finish extends AddModule_Base Message::addError('main.error-read', 'sshconfig.inc.php'); Util::redirect('?do=SysConfig&action=addmodule&step=SshConfig_Start'); } - $module->setData('allowPasswordLogin', Request::post('allowPasswordLogin') === 'yes'); + $module->setData('allowPasswordLogin', Request::post('allowPasswordLogin')); + $module->setData('allowedUsersLogin', Request::post('allowedUsersLogin')); $port = Request::post('listenPort', ''); if ($port === '') { $port = 22; @@ -53,10 +58,7 @@ class SshConfig_Finish extends AddModule_Base Message::addError('main.value-invalid', 'port', Request::post('listenPort')); Util::redirect('?do=SysConfig&action=addmodule&step=SshConfig_Start'); } - if (!$module->setData('publicKey', Request::post('publicKey'))) { - Message::addError('main.value-invalid', 'pubkey', Request::post('publicKey')); - Util::redirect('?do=SysConfig&action=addmodule&step=SshConfig_Start'); - } + $module->setData('publicKey', false); if ($this->edit !== false) $ret = $module->update($title); else |