Commit 18e1e0b8 authored by Franco Fichtner's avatar Franco Fichtner

product info file and associated use cases #1446 #1540

(cherry picked from commit d7834708)
(cherry picked from commit fbac6fb1)
(cherry picked from commit 8c31aa3c)
(cherry picked from commit bbb0d208)
(cherry picked from commit 88ddc985)
(cherry picked from commit fb93a51c)
(cherry picked from commit 8f4acc30)
parent 2e7d88ee
...@@ -11,9 +11,9 @@ ...@@ -11,9 +11,9 @@
/usr/local/etc/inc/auth.inc /usr/local/etc/inc/auth.inc
/usr/local/etc/inc/authgui.inc /usr/local/etc/inc/authgui.inc
/usr/local/etc/inc/certs.inc /usr/local/etc/inc/certs.inc
/usr/local/etc/inc/config.console.inc
/usr/local/etc/inc/config.inc /usr/local/etc/inc/config.inc
/usr/local/etc/inc/config.lib.inc /usr/local/etc/inc/config.lib.inc
/usr/local/etc/inc/console.inc
/usr/local/etc/inc/crypt.inc /usr/local/etc/inc/crypt.inc
/usr/local/etc/inc/filter.inc /usr/local/etc/inc/filter.inc
/usr/local/etc/inc/filter.lib.inc /usr/local/etc/inc/filter.lib.inc
...@@ -310,6 +310,7 @@ ...@@ -310,6 +310,7 @@
/usr/local/opnsense/contrib/simplepie/library/SimplePie/gzdecode.php /usr/local/opnsense/contrib/simplepie/library/SimplePie/gzdecode.php
/usr/local/opnsense/contrib/simplepie/phpunit.xml.dist /usr/local/opnsense/contrib/simplepie/phpunit.xml.dist
/usr/local/opnsense/contrib/tzdata/iso3166.tab /usr/local/opnsense/contrib/tzdata/iso3166.tab
/usr/local/opnsense/firmware-product
/usr/local/opnsense/mvc/app/cache/README /usr/local/opnsense/mvc/app/cache/README
/usr/local/opnsense/mvc/app/config/config.php /usr/local/opnsense/mvc/app/config/config.php
/usr/local/opnsense/mvc/app/config/loader.php /usr/local/opnsense/mvc/app/config/loader.php
......
...@@ -29,23 +29,12 @@ ...@@ -29,23 +29,12 @@
POSSIBILITY OF SUCH DAMAGE. POSSIBILITY OF SUCH DAMAGE.
*/ */
openlog('opnsense', LOG_ODELAY, LOG_USER);
register_shutdown_function('closelog');
global $g; /* XXX make this a getter function for traceability */ global $g; /* XXX make this a getter function for traceability */
$g = array( $g = json_decode(file_get_contents('/usr/local/opnsense/firmware-product'), true);
'factory_shipped_username' => 'root',
'factory_shipped_password' => 'opnsense', openlog($g['product_id'], LOG_ODELAY, LOG_USER);
'dhcpd_chroot_path' => '/var/dhcpd', register_shutdown_function('closelog');
'unbound_chroot_path' => '/var/unbound',
'product_name' => 'OPNsense',
'product_website' => 'https://opnsense.org/',
'product_email' => 'project@opnsense.org',
'product_copyright_owner' => 'Deciso B.V.',
'product_copyright_years' => '2014-2017',
'product_copyright_url' => 'https://www.deciso.com/',
);
require_once("xmlparse.inc"); require_once("xmlparse.inc");
require_once("crypt.inc"); require_once("crypt.inc");
......
...@@ -142,17 +142,17 @@ function unbound_optimization() ...@@ -142,17 +142,17 @@ function unbound_optimization()
function unbound_generate_config() function unbound_generate_config()
{ {
global $config, $g; global $config;
// Setup optimization // Setup optimization
$optimization = unbound_optimization(); $optimization = unbound_optimization();
// Setup DNSSEC support // Setup DNSSEC support
if (isset($config['unbound']['dnssec'])) { if (isset($config['unbound']['dnssec'])) {
$module_config = "validator iterator"; $module_config = 'validator iterator';
$anchor_file = "auto-trust-anchor-file: {$g['unbound_chroot_path']}/root.key"; $anchor_file = 'auto-trust-anchor-file: /var/unbound/root.key';
} else { } else {
$module_config = "iterator"; $module_config = 'iterator';
} }
// Setup DNS Rebinding // Setup DNS Rebinding
...@@ -273,10 +273,10 @@ EOF; ...@@ -273,10 +273,10 @@ EOF;
if (isset($config['unbound']['regdhcp'])) { if (isset($config['unbound']['regdhcp'])) {
// include dynamic leases // include dynamic leases
@touch("{$g['unbound_chroot_path']}/dhcpleases.conf"); @touch('/var/unbound/dhcpleases.conf');
$include_dhcpleases = "include: {$g['unbound_chroot_path']}/dhcpleases.conf"; $include_dhcpleases = 'include: /var/unbound/dhcpleases.conf';
} else { } else {
$include_dhcpleases = ""; $include_dhcpleases = '';
} }
// Set up forwarding if it configured // Set up forwarding if it configured
...@@ -322,10 +322,10 @@ EOD; ...@@ -322,10 +322,10 @@ EOD;
# Server configuration # Server configuration
## ##
server: server:
chroot: {$g['unbound_chroot_path']} chroot: /var/unbound
username: "unbound" username: unbound
directory: "{$g['unbound_chroot_path']}" directory: /var/unbound
pidfile: "/var/run/unbound.pid" pidfile: /var/run/unbound.pid
use-syslog: yes use-syslog: yes
port: {$port} port: {$port}
verbosity: {$verbosity} verbosity: {$verbosity}
...@@ -372,16 +372,16 @@ prefetch-key: {$prefetch_key} ...@@ -372,16 +372,16 @@ prefetch-key: {$prefetch_key}
{$private_domains} {$private_domains}
# Access lists # Access lists
include: {$g['unbound_chroot_path']}/access_lists.conf include: /var/unbound/access_lists.conf
# Static host entries # Static host entries
include: {$g['unbound_chroot_path']}/host_entries.conf include: /var/unbound/host_entries.conf
# DHCP leases (if configured) # DHCP leases (if configured)
{$include_dhcpleases} {$include_dhcpleases}
# Domain overrides # Domain overrides
include: {$g['unbound_chroot_path']}/domainoverrides.conf include: /var/unbound/domainoverrides.conf
{$custom_options} {$custom_options}
...@@ -390,32 +390,31 @@ include: {$g['unbound_chroot_path']}/domainoverrides.conf ...@@ -390,32 +390,31 @@ include: {$g['unbound_chroot_path']}/domainoverrides.conf
### ###
# Remote Control Config # Remote Control Config
### ###
include: {$g['unbound_chroot_path']}/remotecontrol.conf include: /var/unbound/remotecontrol.conf
EOD; EOD;
file_put_contents("{$g['unbound_chroot_path']}/unbound.conf", $unboundconf); file_put_contents('/var/unbound/unbound.conf', $unboundconf);
return 0; return 0;
} }
function unbound_remote_control_setup() { function unbound_remote_control_setup()
global $g; {
if (!file_exists('/var/unbound/remotecontrol.conf') || !file_exists('/var/unbound/unbound_control.key')) {
if (!file_exists("{$g['unbound_chroot_path']}/remotecontrol.conf") || !file_exists("{$g['unbound_chroot_path']}/unbound_control.key")) {
$remotcfg = <<<EOF $remotcfg = <<<EOF
remote-control: remote-control:
control-enable: yes control-enable: yes
control-interface: 127.0.0.1 control-interface: 127.0.0.1
control-port: 953 control-port: 953
server-key-file: "{$g['unbound_chroot_path']}/unbound_server.key" server-key-file: /var/unbound/unbound_server.key
server-cert-file: "{$g['unbound_chroot_path']}/unbound_server.pem" server-cert-file: /var/unbound/unbound_server.pem
control-key-file: "{$g['unbound_chroot_path']}/unbound_control.key" control-key-file: /var/unbound/unbound_control.key
control-cert-file: "{$g['unbound_chroot_path']}/unbound_control.pem" control-cert-file: /var/unbound/unbound_control.pem
EOF; EOF;
file_put_contents("{$g['unbound_chroot_path']}/remotecontrol.conf", $remotcfg); file_put_contents('/var/unbound/remotecontrol.conf', $remotcfg);
unbound_execute('unbound-control-setup'); unbound_execute('unbound-control-setup');
} }
...@@ -448,7 +447,7 @@ function unbound_configure_do($verbose = false) ...@@ -448,7 +447,7 @@ function unbound_configure_do($verbose = false)
function unbound_execute($cmd) function unbound_execute($cmd)
{ {
global $g, $config; global $config;
switch ($cmd) { switch ($cmd) {
case 'start': case 'start':
...@@ -460,7 +459,7 @@ function unbound_execute($cmd) ...@@ -460,7 +459,7 @@ function unbound_execute($cmd)
if (isset($config['unbound']['regdhcp'])) { if (isset($config['unbound']['regdhcp'])) {
mwexecf('/usr/local/opnsense/scripts/dns/unbound_dhcpd.py /domain %s', $domain); mwexecf('/usr/local/opnsense/scripts/dns/unbound_dhcpd.py /domain %s', $domain);
} }
mwexecf('/usr/local/sbin/unbound -c %s', "{$g['unbound_chroot_path']}/unbound.conf"); mwexecf('/usr/local/sbin/unbound -c %s', '/var/unbound/unbound.conf');
break; break;
case 'stop': case 'stop':
killbypid('/var/run/unbound_dhcpd.pid', 'TERM', true); killbypid('/var/run/unbound_dhcpd.pid', 'TERM', true);
...@@ -472,14 +471,14 @@ function unbound_execute($cmd) ...@@ -472,14 +471,14 @@ function unbound_execute($cmd)
case 'unbound-anchor': case 'unbound-anchor':
mwexecf( mwexecf(
'chroot -u unbound -g unbound / %s -a %s', 'chroot -u unbound -g unbound / %s -a %s',
array('/usr/local/sbin/unbound-anchor', "{$g['unbound_chroot_path']}/root.key"), array('/usr/local/sbin/unbound-anchor', '/var/unbound/root.key'),
true true
); );
break; break;
case 'unbound-control-setup': case 'unbound-control-setup':
mwexecf( mwexecf(
'chroot -u unbound -g unbound / %s -d %s', 'chroot -u unbound -g unbound / %s -d %s',
array('/usr/local/sbin/unbound-control-setup', $g['unbound_chroot_path']) array('/usr/local/sbin/unbound-control-setup', '/var/unbound')
); );
break; break;
default: default:
...@@ -487,8 +486,9 @@ function unbound_execute($cmd) ...@@ -487,8 +486,9 @@ function unbound_execute($cmd)
} }
} }
function unbound_add_domain_overrides($pvt=false) { function unbound_add_domain_overrides($pvt = false)
global $config, $g; {
global $config;
$domains = $config['unbound']['domainoverrides']; $domains = $config['unbound']['domainoverrides'];
...@@ -521,13 +521,13 @@ function unbound_add_domain_overrides($pvt=false) { ...@@ -521,13 +521,13 @@ function unbound_add_domain_overrides($pvt=false) {
if ($pvt == true) { if ($pvt == true) {
return $domain_entries; return $domain_entries;
} else { } else {
file_put_contents("{$g['unbound_chroot_path']}/domainoverrides.conf", $domain_entries); file_put_contents('/var/unbound/domainoverrides.conf', $domain_entries);
} }
} }
function unbound_add_host_entries() function unbound_add_host_entries()
{ {
global $config, $g; global $config;
$unbound_entries = "local-zone: \"{$config['system']['domain']}\" transparent\n"; $unbound_entries = "local-zone: \"{$config['system']['domain']}\" transparent\n";
...@@ -659,7 +659,7 @@ function unbound_add_host_entries() ...@@ -659,7 +659,7 @@ function unbound_add_host_entries()
} }
} }
file_put_contents("{$g['unbound_chroot_path']}/host_entries.conf", $unbound_entries); file_put_contents('/var/unbound/host_entries.conf', $unbound_entries);
} }
// Generation of Unbound statistics // Generation of Unbound statistics
...@@ -692,9 +692,9 @@ EOF; ...@@ -692,9 +692,9 @@ EOF;
return $stats; return $stats;
} }
// Unbound Access lists function unbound_acls_config()
function unbound_acls_config() { {
global $g, $config; global $config;
$aclcfg = "access-control: 127.0.0.1/32 allow\n"; $aclcfg = "access-control: 127.0.0.1/32 allow\n";
$aclcfg .= "access-control: ::1 allow\n"; $aclcfg .= "access-control: ::1 allow\n";
...@@ -739,7 +739,7 @@ function unbound_acls_config() { ...@@ -739,7 +739,7 @@ function unbound_acls_config() {
} }
// Write out Access list // Write out Access list
file_put_contents("{$g['unbound_chroot_path']}/access_lists.conf", $aclcfg); file_put_contents('/var/unbound/access_lists.conf', $aclcfg);
} }
function unbound_hosts_generate() function unbound_hosts_generate()
......
...@@ -322,33 +322,27 @@ function services_radvd_configure($blacklist = array()) ...@@ -322,33 +322,27 @@ function services_radvd_configure($blacklist = array())
function services_dhcpd_leasesfile() function services_dhcpd_leasesfile()
{ {
global $g; return '/var/dhcpd/var/db/dhcpd.leases';
return "{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases";
} }
function services_dhcpdv6_leasesfile() function services_dhcpdv6_leasesfile()
{ {
global $g; return '/var/dhcpd/var/db/dhcpd6.leases';
return "{$g['dhcpd_chroot_path']}/var/db/dhcpd6.leases";
} }
function services_dhcpd_configure($family = 'all', $blacklist = array(), $verbose = false) function services_dhcpd_configure($family = 'all', $blacklist = array(), $verbose = false)
{ {
global $g;
$dirs = array('/dev', '/etc', '/lib', '/run', '/usr', '/usr/local/sbin', '/var/db', '/var/run'); $dirs = array('/dev', '/etc', '/lib', '/run', '/usr', '/usr/local/sbin', '/var/db', '/var/run');
foreach ($dirs as $dir) { foreach ($dirs as $dir) {
mwexecf('/bin/mkdir -p %s', "{$g['dhcpd_chroot_path']}{$dir}"); mwexecf('/bin/mkdir -p %s', "/var/dhcpd{$dir}");
} }
if (mwexecf('/sbin/mount -uw %s', "{$g['dhcpd_chroot_path']}/dev", true)) { if (mwexecf('/sbin/mount -uw %s', '/var/dhcpd/dev', true)) {
mwexecf('/sbin/mount -t devfs devfs %s', "{$g['dhcpd_chroot_path']}/dev"); mwexecf('/sbin/mount -t devfs devfs %s', '/var/dhcpd/dev');
} }
mwexecf('/usr/sbin/chown -R dhcpd:dhcpd %s', $g['dhcpd_chroot_path']); mwexecf('/usr/sbin/chown -R dhcpd:dhcpd %s', '/var/dhcpd');
if ($family == 'all' || $family == 'inet') { if ($family == 'all' || $family == 'inet') {
services_dhcpdv4_configure($verbose); services_dhcpdv4_configure($verbose);
...@@ -379,12 +373,12 @@ function is_dhcpv4_server_enabled() ...@@ -379,12 +373,12 @@ function is_dhcpv4_server_enabled()
function services_dhcpdv4_configure($verbose = false) function services_dhcpdv4_configure($verbose = false)
{ {
global $config, $g; global $config;
$need_ddns_updates = false; $need_ddns_updates = false;
$ddns_zones = array(); $ddns_zones = array();
killbypid("{$g['dhcpd_chroot_path']}/var/run/dhcpd.pid", 'TERM', true); killbypid('/var/dhcpd/var/run/dhcpd.pid', 'TERM', true);
if (!is_dhcpv4_server_enabled()) { if (!is_dhcpv4_server_enabled()) {
return; return;
...@@ -914,13 +908,13 @@ EOD; ...@@ -914,13 +908,13 @@ EOD;
$dhcpdconf .= services_dhcpd_zones($ddns_zones); $dhcpdconf .= services_dhcpd_zones($ddns_zones);
} }
@file_put_contents("{$g['dhcpd_chroot_path']}/etc/dhcpd.conf", $dhcpdconf); @file_put_contents('/var/dhcpd/etc/dhcpd.conf', $dhcpdconf);
@touch("{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases"); @touch('/var/dhcpd/var/db/dhcpd.leases');
@unlink("{$g['dhcpd_chroot_path']}/var/run/dhcpd.pid"); @unlink('/var/dhcpd/var/run/dhcpd.pid');
/* fire up dhcpd in a chroot */ /* fire up dhcpd in a chroot */
if (count($dhcpdifs) > 0) { if (count($dhcpdifs) > 0) {
mwexec("/usr/local/sbin/dhcpd -user dhcpd -group dhcpd -chroot {$g['dhcpd_chroot_path']} -cf /etc/dhcpd.conf -pf /var/run/dhcpd.pid " . join(" ", $dhcpdifs)); mwexec('/usr/local/sbin/dhcpd -user dhcpd -group dhcpd -chroot /var/dhcpd -cf /etc/dhcpd.conf -pf /var/run/dhcpd.pid ' . join(' ', $dhcpdifs));
} }
if ($verbose) { if ($verbose) {
...@@ -1011,9 +1005,9 @@ function is_dhcpv6_server_enabled() ...@@ -1011,9 +1005,9 @@ function is_dhcpv6_server_enabled()
function services_dhcpdv6_configure($blacklist = array(), $verbose = false) function services_dhcpdv6_configure($blacklist = array(), $verbose = false)
{ {
global $config, $g; global $config;
killbypid("{$g['dhcpd_chroot_path']}/var/run/dhcpdv6.pid", 'TERM', true); killbypid('/var/dhcpd/var/run/dhcpdv6.pid', 'TERM', true);
killbypid('/var/run/dhcpleases6.pid', 'TERM', true); killbypid('/var/run/dhcpleases6.pid', 'TERM', true);
if (!is_dhcpv6_server_enabled()) { if (!is_dhcpv6_server_enabled()) {
...@@ -1302,15 +1296,14 @@ EOD; ...@@ -1302,15 +1296,14 @@ EOD;
$dhcpdv6conf .= "\nddns-update-style none;\n"; $dhcpdv6conf .= "\nddns-update-style none;\n";
} }
@file_put_contents("{$g['dhcpd_chroot_path']}/etc/dhcpdv6.conf", $dhcpdv6conf); @file_put_contents('/var/dhcpd/etc/dhcpdv6.conf', $dhcpdv6conf);
@touch("{$g['dhcpd_chroot_path']}/var/db/dhcpd6.leases"); @touch('/var/dhcpd/var/db/dhcpd6.leases');
@unlink("{$g['dhcpd_chroot_path']}/var/run/dhcpdv6.pid"); @unlink('/var/dhcpd/var/run/dhcpdv6.pid');
/* fire up dhcpd in a chroot */ /* fire up dhcpd in a chroot */
if (count($dhcpdv6ifs) > 0) { if (count($dhcpdv6ifs) > 0) {
mwexec("/usr/local/sbin/dhcpd -6 -user dhcpd -group dhcpd -chroot {$g['dhcpd_chroot_path']} -cf /etc/dhcpdv6.conf -pf /var/run/dhcpdv6.pid " . mwexec('/usr/local/sbin/dhcpd -6 -user dhcpd -group dhcpd -chroot /var/dhcpd -cf /etc/dhcpdv6.conf -pf /var/run/dhcpdv6.pid ' . join(' ', $dhcpdv6ifs));
join(" ", $dhcpdv6ifs)); mwexec('/usr/local/sbin/dhcpleases6 -c "/usr/local/bin/php -f /usr/local/sbin/prefixes.php|/bin/sh" -l /var/dhcpd/var/db/dhcpd6.leases');
mwexec("/usr/local/sbin/dhcpleases6 -c \"/usr/local/bin/php -f /usr/local/sbin/prefixes.php|/bin/sh\" -l {$g['dhcpd_chroot_path']}/var/db/dhcpd6.leases");
} }
if ($verbose) { if ($verbose) {
...@@ -1607,7 +1600,7 @@ function is_apinger_enabled() ...@@ -1607,7 +1600,7 @@ function is_apinger_enabled()
function services_get() function services_get()
{ {
global $config, $g; global $config;
$services = array(); $services = array();
...@@ -1647,7 +1640,7 @@ function services_get() ...@@ -1647,7 +1640,7 @@ function services_get()
$pconfig['description'] = gettext("DHCP Server"); $pconfig['description'] = gettext("DHCP Server");
$pconfig['php']['restart'] = array('services_dhcpdv4_configure'); $pconfig['php']['restart'] = array('services_dhcpdv4_configure');
$pconfig['php']['start'] = array('services_dhcpdv4_configure'); $pconfig['php']['start'] = array('services_dhcpdv4_configure');
$pconfig['pidfile'] = "{$g['dhcpd_chroot_path']}/var/run/dhcpd.pid"; $pconfig['pidfile'] = '/var/dhcpd/var/run/dhcpd.pid';
$services[] = $pconfig; $services[] = $pconfig;
} }
...@@ -1657,7 +1650,7 @@ function services_get() ...@@ -1657,7 +1650,7 @@ function services_get()
$pconfig['description'] = gettext("DHCPv6 Server"); $pconfig['description'] = gettext("DHCPv6 Server");
$pconfig['php']['restart'] = array('services_dhcpdv6_configure'); $pconfig['php']['restart'] = array('services_dhcpdv6_configure');
$pconfig['php']['start'] = array('services_dhcpdv6_configure'); $pconfig['php']['start'] = array('services_dhcpdv6_configure');
$pconfig['pidfile'] = "{$g['dhcpd_chroot_path']}/var/run/dhcpdv6.pid"; $pconfig['pidfile'] = '/var/dhcpd/var/run/dhcpdv6.pid';
$services[] = $pconfig; $services[] = $pconfig;
} }
......
...@@ -725,7 +725,7 @@ function system_syslogd_extra_local($logsocket) ...@@ -725,7 +725,7 @@ function system_syslogd_extra_local($logsocket)
function system_syslogd_start($verbose = false) function system_syslogd_start($verbose = false)
{ {
global $config, $g; global $config;
if ($verbose) { if ($verbose) {
echo 'Starting syslog...'; echo 'Starting syslog...';
...@@ -755,7 +755,7 @@ function system_syslogd_start($verbose = false) ...@@ -755,7 +755,7 @@ function system_syslogd_start($verbose = false)
* get rid of this behaviour by wrapping this local array using * get rid of this behaviour by wrapping this local array using
* the key as a "name" entry in the array... * the key as a "name" entry in the array...
*/ */
$syslogconfs['dhcpd'] = array('facility' => array('dhcpd', 'dhcrelay', 'dhclient', 'dhcp6c'), 'local' => "{$g['dhcpd_chroot_path']}/var/run/log", 'remote' => 'dhcp'); $syslogconfs['dhcpd'] = array('facility' => array('dhcpd', 'dhcrelay', 'dhclient', 'dhcp6c'), 'local' => '/var/dhcpd/var/run/log', 'remote' => 'dhcp');
$syslogconfs['filter'] = array('facility' => array('filterlog'), 'remote' => 'filter'); $syslogconfs['filter'] = array('facility' => array('filterlog'), 'remote' => 'filter');
$syslogconfs['gateways'] = array('facility' => array('apinger'), 'remote' => 'apinger'); $syslogconfs['gateways'] = array('facility' => array('apinger'), 'remote' => 'apinger');
$syslogconfs['portalauth'] = array('facility' => array('captiveportal'), 'remote' => 'portalauth'); $syslogconfs['portalauth'] = array('facility' => array('captiveportal'), 'remote' => 'portalauth');
......
...@@ -38,7 +38,7 @@ flush(); ...@@ -38,7 +38,7 @@ flush();
$inc_files = array( $inc_files = array(
'config.inc', 'config.inc',
'config.console.inc', 'console.inc',
'auth.inc', 'auth.inc',
'util.inc', 'util.inc',
'interfaces.inc', 'interfaces.inc',
......
...@@ -32,50 +32,61 @@ require_once('auth.inc'); ...@@ -32,50 +32,61 @@ require_once('auth.inc');
$fp = fopen('php://stdin', 'r'); $fp = fopen('php://stdin', 'r');
printf( echo "The root user login behaviour will be restored to its defaults.\n\nDo you want to proceed? [y/N]: ";
'The %s password will be reset to the factory default of `%s\'.',
$g['factory_shipped_username'],
$g['factory_shipped_password']
);
printf("\n\n");
printf('Do you want to proceed [y|n]? ');
if (strcasecmp(chop(fgets($fp)), 'y') == 0) { if (strcasecmp(chop(fgets($fp)), 'y') != 0) {
if (isset($config['system']['webgui']['authmode']) && return;
$config['system']['webgui']['authmode'] != 'Local Database') { }
printf("\n\n");
printf('The User manager authentication server is set to "%s".', $config['system']['webgui']['authmode']); if (isset($config['system']['webgui']['authmode']) && $config['system']['webgui']['authmode'] != 'Local Database') {
printf("\n"); echo sprintf("\nThe authentication server is set to \"%s\".\n", $config['system']['webgui']['authmode']);
printf('Do you want to set it back to Local Database [y|n]? '); echo 'Do you want to set it back to Local Database? [y/N]: ';
if (strcasecmp(chop(fgets($fp)), 'y') == 0) { if (strcasecmp(chop(fgets($fp)), 'y') == 0) {
$config['system']['webgui']['authmode'] = 'Local Database'; $config['system']['webgui']['authmode'] = 'Local Database';
} }
} }
$admin_user =& getUserEntryByUID(0);
if (!$admin_user) { $admin_user = &getUserEntryByUID(0);
echo "Failed to locate the admin user account! Attempting to restore access.\n"; if (!$admin_user) {
$admin_user = array(); $admin_user = array();
$admin_user['uid'] = 0; $admin_user['uid'] = 0;
if (!isset($config['system']['user'])) { if (!isset($config['system']['user'])) {
$config['system']['user'] = array(); $config['system']['user'] = array();
} }
$config['system']['user'][] = $admin_user; $config['system']['user'][] = $admin_user;
} echo "\nRestored missing root user.\n";
}
$admin_user['name'] = $g['factory_shipped_username'];
$admin_user['scope'] = 'system';
if (isset($admin_user['disabled'])) { $admin_user['name'] = 'root';
$admin_user['scope'] = 'system';
if (isset($admin_user['disabled'])) {
unset($admin_user['disabled']); unset($admin_user['disabled']);
} }
local_user_set_password($admin_user, $g['factory_shipped_password']); echo "\nType a new password: ";
local_user_set($admin_user);
write_config('Password reset from console menu'); shell_exec('/bin/stty -echo');
$password = chop(fgets($fp));
shell_exec('/bin/stty echo');
echo "\n";
if (empty($password)) {
echo "\nPassword cannot be empty.\n";
return;
}
printf("\n\n"); echo "Confirm new password: ";
printf('The password has been reset.'); shell_exec('/bin/stty -echo');
printf("\n"); $confirm = chop(fgets($fp));
printf('Please change the password as soon as you log in!'); shell_exec('/bin/stty echo');
printf("\n\n"); echo "\n";
if ($password !== $confirm) {
echo "\nPasswords do not match.\n";
return;
} }
local_user_set_password($admin_user, $password);
local_user_set($admin_user);
write_config('Root user reset from console menu');
echo "\nThe root user has been reset successfully.\n";
...@@ -28,7 +28,7 @@ ...@@ -28,7 +28,7 @@
*/ */
require_once("config.inc"); require_once("config.inc");
require_once("config.console.inc"); require_once("console.inc");
require_once("filter.inc"); require_once("filter.inc");
require_once("util.inc"); require_once("util.inc");
require_once("rrd.inc"); require_once("rrd.inc");
...@@ -43,8 +43,8 @@ if (set_networking_interfaces_ports()) { ...@@ -43,8 +43,8 @@ if (set_networking_interfaces_ports()) {
$config = parse_config(true); $config = parse_config(true);
/* need to stop local dhcp servers to avoid wrong leases */ /* need to stop local dhcp servers to avoid wrong leases */
killbypid("{$g['dhcpd_chroot_path']}/var/run/dhcpd.pid", 'TERM', true); killbypid('/var/dhcpd/var/run/dhcpd.pid', 'TERM', true);
killbypid("{$g['dhcpd_chroot_path']}/var/run/dhcpdv6.pid", 'TERM', true); killbypid('/var/dhcpd/var/run/dhcpdv6.pid', 'TERM', true);
interfaces_configure(true); interfaces_configure(true);
rrd_configure(true); rrd_configure(true);
......
{
"product_copyright_owner": "Deciso B.V.",
"product_copyright_url": "https://www.deciso.com/",
"product_copyright_years": "2014-2017",
"product_email": "project@opnsense.org",
"product_id": "opnsense",
"product_name": "OPNsense",
"product_website": "https://opnsense.org/"
}
...@@ -206,6 +206,11 @@ class ControllerBase extends ControllerRoot ...@@ -206,6 +206,11 @@ class ControllerBase extends ControllerRoot
$this->view->ui_theme = $cnf->object()->theme; $this->view->ui_theme = $cnf->object()->theme;
} }
$product_vars = json_decode(file_get_contents('/usr/local/opnsense/firmware-product'), true);
foreach ($product_vars as $product_key => $product_var) {
$this->view->$product_key = $product_var;
}
// info about the current user and box // info about the current user and box
$this->view->session_username = !empty($_SESSION['Username']) ? $_SESSION['Username'] : '(unknown)'; $this->view->session_username = !empty($_SESSION['Username']) ? $_SESSION['Username'] : '(unknown)';
$this->view->system_hostname = $cnf->object()->system->hostname; $this->view->system_hostname = $cnf->object()->system->hostname;
......
...@@ -250,7 +250,9 @@ ...@@ -250,7 +250,9 @@
<!-- page footer --> <!-- page footer -->
<footer class="page-foot col-sm-push-3 col-lg-push-2"> <footer class="page-foot col-sm-push-3 col-lg-push-2">
<div class="container-fluid"> <div class="container-fluid">
<a target="_blank" href="https://opnsense.org/" class="redlnk">OPNsense</a> (c) 2014-2017 <a href="https://www.deciso.com" class="tblnk">Deciso B.V.</a> <a target="_blank" href="{{ product_website }}" class="redlnk">{{ product_name }}</a>
(c) {{ product_copyright_years }}
<a href="{{ product_copyright_url }}" class="tblnk">{{ product_copyright_owner }}</a>
</div> </div>
</footer> </footer>
......
...@@ -49,13 +49,12 @@ include("head.inc"); ...@@ -49,13 +49,12 @@ include("head.inc");
<form method="post"> <form method="post">
<p><strong> <?=gettext('If you click "Yes", the system will:')?></strong></p> <p><strong> <?=gettext('If you click "Yes", the system will:')?></strong></p>
<ul> <ul>
<li><?=gettext("Reset to factory defaults");?></li> <li><?= gettext('Reset to factory defaults') ?></li>
<li><?=gettext("LAN IP address will be reset to 192.168.1.1");?></li> <li><?= gettext('LAN IP address will be reset to 192.168.1.1') ?></li>
<li><?=gettext("System will be configured as a DHCP server on the default LAN interface");?></li> <li><?= gettext('System will be configured as a DHCP server on the default LAN interface') ?></li>
<li><?=gettext("Reboot after changes are installed");?></li> <li><?= gettext('Reboot after changes are installed') ?></li>
<li><?=gettext("WAN interface will be set to obtain an address automatically from a DHCP server");?></li> <li><?= gettext('WAN interface will be set to obtain an address automatically from a DHCP server') ?></li>
<li><?= sprintf(gettext('Admin username will be reset to: %s'), $g['factory_shipped_username']) ?></li> <li><?= gettext('Admin user name and password will be reset') ?></li>
<li><?= sprintf(gettext('Admin password will be reset to: %s'), $g['factory_shipped_password']) ?></li>
</ul> </ul>
<p><strong><?=gettext("Are you sure you want to proceed?");?></strong></p> <p><strong><?=gettext("Are you sure you want to proceed?");?></strong></p>
<div class="btn-group"> <div class="btn-group">
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment