Commit 041681ba authored by Franco Fichtner's avatar Franco Fichtner

system: extend sudo usage for no password mode

parent 17117f5b
{% if system.sudo_allow_wheel|default('0') == '1' %} {% if system.sudo_allow_wheel|default('0') == '1' %}
%wheel ALL=(ALL) ALL %wheel ALL=(ALL) ALL
{% elif system.sudo_allow_wheel|default('0') == '2' %}
%wheel ALL=(ALL) NOPASSWD: ALL
{% endif %} {% endif %}
...@@ -42,7 +42,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') { ...@@ -42,7 +42,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
$pconfig['disablehttpredirect'] = isset($config['system']['webgui']['disablehttpredirect']); $pconfig['disablehttpredirect'] = isset($config['system']['webgui']['disablehttpredirect']);
$pconfig['disableconsolemenu'] = isset($config['system']['disableconsolemenu']); $pconfig['disableconsolemenu'] = isset($config['system']['disableconsolemenu']);
$pconfig['disableintegratedauth'] = !empty($config['system']['disableintegratedauth']); $pconfig['disableintegratedauth'] = !empty($config['system']['disableintegratedauth']);
$pconfig['sudo_allow_wheel'] = isset($config['system']['sudo_allow_wheel']); $pconfig['sudo_allow_wheel'] = $config['system']['sudo_allow_wheel'];
$pconfig['noantilockout'] = isset($config['system']['webgui']['noantilockout']); $pconfig['noantilockout'] = isset($config['system']['webgui']['noantilockout']);
$pconfig['nodnsrebindcheck'] = isset($config['system']['webgui']['nodnsrebindcheck']); $pconfig['nodnsrebindcheck'] = isset($config['system']['webgui']['nodnsrebindcheck']);
$pconfig['nohttpreferercheck'] = isset($config['system']['webgui']['nohttpreferercheck']); $pconfig['nohttpreferercheck'] = isset($config['system']['webgui']['nohttpreferercheck']);
...@@ -121,8 +121,8 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') { ...@@ -121,8 +121,8 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
unset($config['system']['disableintegratedauth']); unset($config['system']['disableintegratedauth']);
} }
if ($pconfig['sudo_allow_wheel'] == "yes") { if (!empty($pconfig['sudo_allow_wheel'])) {
$config['system']['sudo_allow_wheel'] = true; $config['system']['sudo_allow_wheel'] = $pconfig['sudo_allow_wheel'];
} elseif (isset($config['system']['sudo_allow_wheel'])) { } elseif (isset($config['system']['sudo_allow_wheel'])) {
unset($config['system']['sudo_allow_wheel']); unset($config['system']['sudo_allow_wheel']);
} }
...@@ -558,13 +558,6 @@ include("head.inc"); ...@@ -558,13 +558,6 @@ include("head.inc");
<strong><?=gettext("Password protect the console menu"); ?></strong> <strong><?=gettext("Password protect the console menu"); ?></strong>
</td> </td>
</tr> </tr>
<tr>
<td><i class="fa fa-info-circle text-muted"></i> <?= gettext("Sudo usage") ?></td>
<td width="78%">
<input name="sudo_allow_wheel" type="checkbox" value="yes" <?= empty($pconfig['sudo_allow_wheel']) ? '' : 'checked="checked"' ?> />
<strong><?= gettext('Allow administrators to use the Sudo utility') ?></strong>
</td>
</tr>
<tr> <tr>
<td><a id="help_for_disableintegratedauth" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?= gettext("Integrated authentication") ?></td> <td><a id="help_for_disableintegratedauth" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?= gettext("Integrated authentication") ?></td>
<td width="78%"> <td width="78%">
...@@ -575,6 +568,16 @@ include("head.inc"); ...@@ -575,6 +568,16 @@ include("head.inc");
</div> </div>
</td> </td>
</tr> </tr>
<tr>
<td><i class="fa fa-info-circle text-muted"></i> <?= gettext("Sudo usage") ?></td>
<td width="78%">
<select name="sudo_allow_wheel" id="sudo_allow_wheel" class="formselect selectpicker">
<option value="" <?= empty($pconfig['sudo_allow_wheel']) ? 'selected="selected"' : '' ?>><?= gettext('Disallow') ?></option>
<option value="1" <?= $pconfig['sudo_allow_wheel'] == 1 ? 'selected="selected"' : '' ?>><?= gettext('Ask password') ?></option>
<option value="2" <?= $pconfig['sudo_allow_wheel'] == 2 ? 'selected="selected"' : '' ?>><?= gettext('No password') ?></option>
</select>
</td>
</tr>
<tr> <tr>
<td width="22%" valign="top">&nbsp;</td> <td width="22%" valign="top">&nbsp;</td>
<td width="78%"><input name="Submit" type="submit" class="btn btn-primary" value="<?= gettext("Save") ?>" /></td> <td width="78%"><input name="Submit" type="submit" class="btn btn-primary" value="<?= gettext("Save") ?>" /></td>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment