Add support for wildcard in methods to permiss access to all methods defined by the object. This can be usefull for process that run as non-root user and needs to access ubus method.
Signed-off-by: Ansuel Smith <[email protected]> --- ...-add-support-for-wildcard-in-methods.patch | 37 +++++++++++++++++++ ubusd_acl.c | 8 +++- 2 files changed, 43 insertions(+), 2 deletions(-) create mode 100644 0001-ubusd_acl-add-support-for-wildcard-in-methods.patch diff --git a/0001-ubusd_acl-add-support-for-wildcard-in-methods.patch b/0001-ubusd_acl-add-support-for-wildcard-in-methods.patch new file mode 100644 index 0000000..48dff5d --- /dev/null +++ b/0001-ubusd_acl-add-support-for-wildcard-in-methods.patch @@ -0,0 +1,37 @@ +From a1a5e03e652ac22851c58c68639d7d79ce5fc9ce Mon Sep 17 00:00:00 2001 +From: Ansuel Smith <[email protected]> +Date: Fri, 23 Oct 2020 02:50:12 +0200 +Subject: [PATCH ubus] ubusd_acl: add support for wildcard in methods + +Add support for wildcard in methods to permiss access to all methods +defined by the object. This can be usefull for process that run as +non-root user and needs to access ubus method. + +Signed-off-by: Ansuel Smith <[email protected]> +--- + ubusd_acl.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/ubusd_acl.c b/ubusd_acl.c +index e426a4a..734b3d0 100644 +--- a/ubusd_acl.c ++++ b/ubusd_acl.c +@@ -147,11 +147,14 @@ ubusd_acl_check(struct ubus_client *cl, const char *obj, + case UBUS_ACL_ACCESS: + if (acl->methods) { + struct blob_attr *cur; ++ char *cur_method; + size_t rem; + + blobmsg_for_each_attr(cur, acl->methods, rem) + if (blobmsg_type(cur) == BLOBMSG_TYPE_STRING) +- if (!strcmp(method, blobmsg_get_string(cur))) ++ cur_method = blobmsg_get_string(cur); ++ ++ if (!strcmp(method, cur_method) || !strcmp("*", cur_method)) + return 0; + } + break; +-- +2.27.0 + diff --git a/ubusd_acl.c b/ubusd_acl.c index e426a4a..e050e2c 100644 --- a/ubusd_acl.c +++ b/ubusd_acl.c @@ -147,12 +147,16 @@ ubusd_acl_check(struct ubus_client *cl, const char *obj, case UBUS_ACL_ACCESS: if (acl->methods) { struct blob_attr *cur; + char *cur_method; size_t rem; blobmsg_for_each_attr(cur, acl->methods, rem) - if (blobmsg_type(cur) == BLOBMSG_TYPE_STRING) - if (!strcmp(method, blobmsg_get_string(cur))) + if (blobmsg_type(cur) == BLOBMSG_TYPE_STRING) { + cur_method = blobmsg_get_string(cur); + + if (!strcmp(method, cur_method) || !strcmp("*", cur_method)) return 0; + } } break; } -- 2.27.0 _______________________________________________ openwrt-devel mailing list [email protected] https://lists.openwrt.org/mailman/listinfo/openwrt-devel
