nik/FreedomBox
1
0
Fork 0
mirror of https://github.com/freedombox/FreedomBox.git synced 2026-01-28 08:03:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
FreedomBox/plinth/modules/security/__init__.py
Sunil Mohan Adapa 2afae80dd8
security: Recommend/notify about restricted logins 
- Do stricter matches when editing configuration file.  Earlier
  mechanism would match comments etc.

- Move action methods to module core from views.

- During first boot, notify users that console login is restricted and
  that they can changed that from security settings.

- Recommend enabling conosle login restrictions.  Add message about why
  console restrictions are important.

- Show title in security module.
2016-07-09 22:42:20 +05:30

66 lines
1.7 KiB
Python
Raw Blame History

#
# This file is part of Plinth.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
"""
Plinth module for security configuration
"""
from django.utils.translation import ugettext_lazy as _
from plinth import cfg
from plinth import actions
version = 1
is_essential = True
depends = ['system']
title = _('Security')
ACCESS_CONF_FILE = '/etc/security/access.conf'
ACCESS_CONF_SNIPPET = '-:ALL EXCEPT root fbx (admin) (sudo):ALL'
def init():
"""Initialize the module"""
menu = cfg.main_menu.get('system:index')
menu.add_urlname(title, 'glyphicon-lock', 'security:index')
def get_restricted_access_enabled():
"""Return whether restricted access is enabled"""
with open(ACCESS_CONF_FILE, 'r') as conffile:
lines = conffile.readlines()
for line in lines:
if ACCESS_CONF_SNIPPET in line:
return True
return False
def set_restricted_access(enabled):
"""Enable or disable restricted access"""
action = 'disable-restricted-access'
if enabled:
action = 'enable-restricted-access'
actions.superuser_run('security', [action])
Reference in New Issue View Git Blame Copy Permalink