upstream/opnsense-core
1
0
Fork 0
mirror of https://github.com/opnsense/core.git synced 2026-02-03 20:39:42 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

system: better wwwonly bootstrap

Browse source 
This also has an issue with the post-update rc.syshook if
the wwwonly is not found.  But: after a boot it is ensured
and should not be missing thereafter.

The package post-install would ensure it previously, but
we don't want to also chain the php bootstrap through this
just to get the call stack in the right order.

May need further adjusting but also no need to rush this
into a stable release at the moment.
This commit is contained in:
Franco Fichtner 2025-07-29 12:24:58 +02:00
parent d157c63cc3
commit ae63623233
6 changed files with 25 additions and 42 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

26
+POST_INSTALL
View file

@ -1,29 +1,3 @@
PW=/usr/sbin/pw
USER=%%CORE_USER%%
GROUP=%%CORE_GROUP%%
UID=%%CORE_UID%%
GID=%%CORE_GID%%
PW_ARG=add
if ${PW} groupshow ${GROUP} >/dev/null 2>&1; then
PW_ARG=mod
fi
echo "Creating group '${GROUP}' with gid '${GID}'"
${PW} group${PW_ARG} ${GROUP} -g ${GID}
PW_ARG=add
if ${PW} usershow ${USER} >/dev/null 2>&1; then
PW_ARG=mod
fi
echo "Creating user '${USER}' with uid '${UID}'"
${PW} user${PW_ARG} ${USER} -u ${UID} -g ${GID} -c "World Wide Web Only" -d /nonexistent -s /usr/sbin/nologin
if [ -n "${CORE_USER_GROUP_ONLY}" ]; then
exit 0
fi
echo "Updating /etc/shells" echo "Updating /etc/shells"
cp /etc/shells /etc/shells.bak cp /etc/shells /etc/shells.bak
(grep -v /usr/local/sbin/opnsense-shell /etc/shells.bak; \ (grep -v /usr/local/sbin/opnsense-shell /etc/shells.bak; \

4
+PRE_DEINSTALL
View file

@ -1,7 +1,3 @@
if [ -n "${CORE_USER_GROUP_ONLY}" ]; then
exit 0
fi
/usr/local/etc/rc.d/configd stop /usr/local/etc/rc.d/configd stop
echo "Resetting root shell" echo "Resetting root shell"

2
Makefile
View file

@ -253,8 +253,6 @@ manifest:
@echo "comment: \"${CORE_COMMENT}\"" @echo "comment: \"${CORE_COMMENT}\""
@echo "desc: \"${CORE_HASH}\"" @echo "desc: \"${CORE_HASH}\""
@echo "maintainer: \"${CORE_MAINTAINER}\"" @echo "maintainer: \"${CORE_MAINTAINER}\""
@echo "users: [ \"${CORE_USER}\" ]"
@echo "groups: [ \"${CORE_GROUP}\" ]"
@echo "www: \"${CORE_WWW}\"" @echo "www: \"${CORE_WWW}\""
@echo "message: \"${CORE_MESSAGE}\"" @echo "message: \"${CORE_MESSAGE}\""
@echo "categories: [ \"sysutils\", \"www\" ]" @echo "categories: [ \"sysutils\", \"www\" ]"

29
src/etc/rc.subr.d/php
View file

@ -25,11 +25,30 @@
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE. # SUCH DAMAGE.
# XXX Eventually we could try to ensure the user from here as it would OWNERSHIP=$(opnsense-version -R 'CORE_GROUP=CORE_GID:CORE_USER=CORE_UID')
# avoid our bootstrap worries regarding using a predefined non-root user OWNERGRP=${OWNERSHIP%:*}
# that does not even exist on the system which can prevent the GUI from OWNERUSR=${OWNERSHIP##*:}
# starting or changing ownership staying root.
OWNER="$(opnsense-version -R CORE_USER):wheel" PW=/usr/sbin/pw
GROUP=${OWNERGRP%=*}
GID=${OWNERGRP##*=}
USER=${OWNERUSR%=*}
UID=${OWNERUSR##*=}
OWNER="${USER}:wheel"
PW_ARG=add
if ${PW} groupshow ${GROUP} >/dev/null 2>&1; then
PW_ARG=mod
fi
${PW} group${PW_ARG} ${GROUP} -g ${GID}
PW_ARG=add
if ${PW} usershow ${USER} >/dev/null 2>&1; then
PW_ARG=mod
fi
${PW} user${PW_ARG} ${USER} -u ${UID} -g ${GID} -c "World Wide Web Only" -d /nonexistent -s /usr/sbin/nologin
# set up required output directories for various PHP components # set up required output directories for various PHP components
for PHPDIR in cache sessions tmp; do for PHPDIR in cache sessions tmp; do

4
src/etc/rc.subr.d/recover.in → src/etc/rc.subr.d/recover
View file

@ -63,7 +63,6 @@ www:*:80:
u2f:*:116: u2f:*:116:
ntpd:*:123: ntpd:*:123:
_ypldap:*:160: _ypldap:*:160:
%%CORE_GROUP%%:*:%%CORE_GID%%:
hast:*:845: hast:*:845:
tests:*:977: tests:*:977:
nogroup:*:65533: nogroup:*:65533:
@ -97,7 +96,6 @@ auditdistd:*:78:77::0:0:Auditdistd unprivileged user:/var/empty:/usr/sbin/nologi
www:*:80:80::0:0:World Wide Web Owner:/nonexistent:/usr/sbin/nologin www:*:80:80::0:0:World Wide Web Owner:/nonexistent:/usr/sbin/nologin
ntpd:*:123:123::0:0:NTP Daemon:/var/db/ntp:/usr/sbin/nologin ntpd:*:123:123::0:0:NTP Daemon:/var/db/ntp:/usr/sbin/nologin
_ypldap:*:160:160::0:0:YP LDAP unprivileged user:/var/empty:/usr/sbin/nologin _ypldap:*:160:160::0:0:YP LDAP unprivileged user:/var/empty:/usr/sbin/nologin
%%CORE_USER%%:*:%%CORE_UID%%:%%CORE_GID%%::0:0:World Wide Web Only:/nonexistent:/usr/sbin/nologin
hast:*:845:845::0:0:HAST unprivileged user:/var/empty:/usr/sbin/nologin hast:*:845:845::0:0:HAST unprivileged user:/var/empty:/usr/sbin/nologin
tests:*:977:977::0:0:Unprivileged user for tests:/nonexistent:/usr/sbin/nologin tests:*:977:977::0:0:Unprivileged user for tests:/nonexistent:/usr/sbin/nologin
nobody:*:65534:65534::0:0:Unprivileged user:/nonexistent:/usr/sbin/nologin nobody:*:65534:65534::0:0:Unprivileged user:/nonexistent:/usr/sbin/nologin
@ -234,8 +232,6 @@ function recover_ports()
$tempfile = fopen($tempname, 'w'); $tempfile = fopen($tempname, 'w');
$luacount = 0; $luacount = 0;
putenv('CORE_USER_GROUP_ONLY=yes');
foreach ($pkgs as $pkg) { foreach ($pkgs as $pkg) {
$raw = exec('/usr/local/sbin/pkg-static info --raw --raw-format json-compact ' . $pkg); $raw = exec('/usr/local/sbin/pkg-static info --raw --raw-format json-compact ' . $pkg);
$info = json_decode($raw, true); $info = json_decode($raw, true);

2
src/sbin/opnsense-version
View file

@ -143,7 +143,7 @@ if [ -n "${DO_RAW}" ]; then
exit 0 exit 0
fi fi
OUTPUT=$(echo "${FILE}" | sed -e 's=\([A-Z][A-Z_]*\)=$\1=g') OUTPUT=$(echo "${FILE}" | sed -e 's=\(CORE_[A-Z_]*\)=${\1}=g' -e 's=\(PLUGIN_[A-Z_]*\)=${\1}=g')
TARGET=nop TARGET=nop
fi fi