Due to permission restrictions on the configuration file (due to stored
password), it is not possible to read it as plinth user. Read it using
sudo instead.
- To check whether a service is running does not require root
privileges. This can directly be done from a module without any
action.
- Since actions are allowed to be run using sudo, introducing
unnecessary sub-commands increases attack surface.
- Simple functions calls are unnecessarily being converted to command
line invocations and involve parsing response.
- There is a lot of repeated code because of this that can be
eliminated.
- To generalize this, we need to make all non-root system operations
directly from module instead of delegating to action commands.
- Introduce Apache configuration for plinth.
- Remove Transmission service file for firewalld.
- Enable transmission on install.
- Enable/disable Apache configuration on Transmission on enable/disable.
- Remove IP address whilelisting as 127.0.0.1 is the default setting and
is sufficient for Apache to reverse proxy.
- Update UI URL.
