maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

add otp security check to critical settings

Browse Source 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann
2023-07-10 13:40:48 +02:00
parent 03b5a921ff
commit f396bd5184
20 changed files with 235 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
actions/admin/settings/120.system.php
View File

@@ -107,7 +107,8 @@ return [
'varname' => 'enabled',
'type' => 'checkbox',
'default' => false,
'save_method' => 'storeSettingField'
'save_method' => 'storeSettingField',
'required_otp' => true
],
'api_customer_default' => [
'label' => lng('serversettings.api_customer_default'),

9
actions/admin/settings/125.cronjob.php
View File

@@ -46,7 +46,8 @@ return [
'type' => 'text',
'string_regexp' => '/^[a-z0-9\/\._\- ]+$/i',
'default' => '/usr/bin/nice -n 5 /usr/bin/php -q',
'save_method' => 'storeSettingField'
'save_method' => 'storeSettingField',
'required_otp' => true
],
'system_crondreload' => [
'label' => lng('serversettings.system_crondreload'),
@@ -55,7 +56,8 @@ return [
'type' => 'text',
'string_regexp' => '/^[a-z0-9\/\._\- ]+$/i',
'default' => '/etc/init.d/cron reload',
'save_method' => 'storeSettingField'
'save_method' => 'storeSettingField',
'required_otp' => true
],
'system_cron_allowautoupdate' => [
'label' => lng('serversettings.system_cron_allowautoupdate'),
@@ -63,7 +65,8 @@ return [
'varname' => 'cron_allowautoupdate',
'type' => 'checkbox',
'default' => false,
'save_method' => 'storeSettingField'
'save_method' => 'storeSettingField',
'required_otp' => true
]
]
]

6
actions/admin/settings/130.webserver.php
View File

@@ -308,7 +308,8 @@ return [
'type' => 'text',
'string_regexp' => '/^[a-z0-9\/\._\- ]+$/i',
'default' => '/etc/init.d/apache2 reload',
'save_method' => 'storeSettingField'
'save_method' => 'storeSettingField',
'required_otp' => true
],
'system_phpreload_command' => [
'label' => lng('serversettings.phpreload_command'),
@@ -320,7 +321,8 @@ return [
'save_method' => 'storeSettingField',
'websrv_avail' => [
'nginx'
]
],
'required_otp' => true
],
'system_nginx_php_backend' => [
'label' => lng('serversettings.nginx_php_backend'),

3
actions/admin/settings/131.ssl.php
View File

@@ -157,7 +157,8 @@ return [
'string_type' => 'file',
'default' => '/root/.acme.sh/acme.sh',
'save_method' => 'storeSettingField',
'advanced_mode' => true
'advanced_mode' => true,
'required_otp' => true
],
'system_letsencryptacmeconf' => [
'label' => lng('serversettings.letsencryptacmeconf'),

12
actions/admin/settings/136.phpfpm.php
View File

@@ -126,7 +126,8 @@ return [
'type' => 'textarea',
'default' => '',
'save_method' => 'storeSettingField',
'advanced_mode' => true
'advanced_mode' => true,
'required_otp' => true
],
'phpfpm_ini_values' => [
'label' => lng('phpfpm.ini_values'),
@@ -135,7 +136,8 @@ return [
'type' => 'textarea',
'default' => '',
'save_method' => 'storeSettingField',
'advanced_mode' => true
'advanced_mode' => true,
'required_otp' => true
],
'phpfpm_ini_admin_flags' => [
'label' => lng('phpfpm.ini_admin_flags'),
@@ -144,7 +146,8 @@ return [
'type' => 'textarea',
'default' => '',
'save_method' => 'storeSettingField',
'advanced_mode' => true
'advanced_mode' => true,
'required_otp' => true
],
'phpfpm_ini_admin_values' => [
'label' => lng('phpfpm.ini_admin_values'),
@@ -153,7 +156,8 @@ return [
'type' => 'textarea',
'default' => '',
'save_method' => 'storeSettingField',
'advanced_mode' => true
'advanced_mode' => true,
'required_otp' => true
]
]
]

6
actions/admin/settings/160.nameserver.php
View File

@@ -80,7 +80,8 @@ return [
'type' => 'text',
'string_regexp' => '/^[a-z0-9\/\._\- ]+$/i',
'default' => '/etc/init.d/bind9 reload',
'save_method' => 'storeSettingField'
'save_method' => 'storeSettingField',
'required_otp' => true
],
'system_nameservers' => [
'label' => lng('serversettings.nameservers'),
@@ -111,7 +112,8 @@ return [
'string_delimiter' => ',',
'string_emptyallowed' => true,
'default' => '',
'save_method' => 'storeSettingField'
'save_method' => 'storeSettingField',
'required_otp' => true
],
'system_powerdns_mode' => [
'label' => lng('serversettings.powerdns_mode'),

3
actions/admin/settings/180.dkim.php
View File

@@ -137,7 +137,8 @@ return [
'type' => 'text',
'string_regexp' => '/^[a-z0-9\/\._\- ]+$/i',
'default' => '/etc/init.d/dkim-filter restart',
'save_method' => 'storeSettingField'
'save_method' => 'storeSettingField',
'required_otp' => true
]
]
]

24
actions/admin/settings/210.security.php
View File

@@ -37,7 +37,8 @@ return [
'varname' => 'unix_names',
'type' => 'checkbox',
'default' => true,
'save_method' => 'storeSettingField'
'save_method' => 'storeSettingField',
'required_otp' => true
],
'system_mailpwcleartext' => [
'label' => lng('serversettings.mailpwcleartext'),
@@ -46,7 +47,8 @@ return [
'type' => 'checkbox',
'default' => false,
'save_method' => 'storeSettingField',
'advanced_mode' => true
'advanced_mode' => true,
'required_otp' => true
],
'system_passwordcryptfunc' => [
'label' => lng('serversettings.passwordcryptfunc'),
@@ -59,7 +61,8 @@ return [
'getAvailablePasswordHashes'
],
'save_method' => 'storeSettingField',
'advanced_mode' => true
'advanced_mode' => true,
'required_otp' => true
],
'system_allow_error_report_admin' => [
'label' => lng('serversettings.allow_error_report_admin'),
@@ -67,7 +70,8 @@ return [
'varname' => 'allow_error_report_admin',
'type' => 'checkbox',
'default' => false,
'save_method' => 'storeSettingField'
'save_method' => 'storeSettingField',
'required_otp' => true
],
'system_allow_error_report_customer' => [
'label' => lng('serversettings.allow_error_report_customer'),
@@ -75,7 +79,8 @@ return [
'varname' => 'allow_error_report_customer',
'type' => 'checkbox',
'default' => false,
'save_method' => 'storeSettingField'
'save_method' => 'storeSettingField',
'required_otp' => true
],
'system_allow_customer_shell' => [
'label' => lng('serversettings.allow_allow_customer_shell'),
@@ -84,7 +89,8 @@ return [
'type' => 'checkbox',
'default' => false,
'save_method' => 'storeSettingField',
'advanced_mode' => true
'advanced_mode' => true,
'required_otp' => true
],
'system_available_shells' => [
'label' => lng('serversettings.available_shells'),
@@ -94,7 +100,8 @@ return [
'string_emptyallowed' => true,
'default' => '',
'save_method' => 'storeSettingField',
'advanced_mode' => true
'advanced_mode' => true,
'required_otp' => true
],
'system_froxlorusergroup' => [
'label' => lng('serversettings.froxlorusergroup'),
@@ -108,7 +115,8 @@ return [
'checkLocalGroup'
],
'visible' => Settings::Get('system.nssextrausers'),
'advanced_mode' => true
'advanced_mode' => true,
'required_otp' => true
],
]
]

12
actions/admin/settings/220.quota.php
View File

@@ -44,24 +44,30 @@ return [
'settinggroup' => 'system',
'varname' => 'diskquota_repquota_path',
'type' => 'text',
'string_type' => 'file',
'default' => '/usr/sbin/repquota',
'save_method' => 'storeSettingField'
'save_method' => 'storeSettingField',
'required_otp' => true
],
'system_diskquota_quotatool_path' => [
'label' => lng('serversettings.diskquota_quotatool_path.description'),
'settinggroup' => 'system',
'varname' => 'diskquota_quotatool_path',
'type' => 'text',
'string_type' => 'file',
'default' => '/usr/bin/quotatool',
'save_method' => 'storeSettingField'
'save_method' => 'storeSettingField',
'required_otp' => true
],
'system_diskquota_customer_partition' => [
'label' => lng('serversettings.diskquota_customer_partition.description'),
'settinggroup' => 'system',
'varname' => 'diskquota_customer_partition',
'type' => 'text',
'string_type' => 'file',
'default' => '/dev/root',
'save_method' => 'storeSettingField'
'save_method' => 'storeSettingField',
'required_otp' => true
]
]
]