From dba335355eec8648f9ececd364123575733e5815 Mon Sep 17 00:00:00 2001 From: Trevor Ferre Date: Fri, 12 Sep 2014 19:43:14 -0500 Subject: [PATCH 1/6] Security Update Ajax Failure --- right.cgi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/right.cgi b/right.cgi index 82a07d0..165a057 100755 --- a/right.cgi +++ b/right.cgi @@ -385,7 +385,7 @@ if ($level == 0) { # Master admin "width=100%", 1, "updates", $open{'updates'}); - print ui_form_start("security-updates/update.cgi"); + print ui_form_start("/security-updates/update.cgi"); print text( @poss > 1 ? 'right_upcount' : 'right_upcount1', scalar(@poss), From b05ab1a291c2b2404f65159995836fc4e8afe104 Mon Sep 17 00:00:00 2001 From: Trevor Ferre Date: Sat, 13 Sep 2014 08:09:53 -0500 Subject: [PATCH 2/6] Fix Reboot Controls --- init/index.cgi | 393 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 393 insertions(+) create mode 100644 init/index.cgi diff --git a/init/index.cgi b/init/index.cgi new file mode 100644 index 0000000..d495a3f --- /dev/null +++ b/init/index.cgi @@ -0,0 +1,393 @@ +#!/usr/bin/perl +# index.cgi +# Display a list of run-levels and the actions that are run at boot and +# shutdown time for each level + +require './init-lib.pl'; +require './hostconfig-lib.pl'; +&ui_print_header(&text('index_mode', $text{'mode_'.$init_mode}), + $text{'index_title'}, "", undef, 1, 1); + +if ($init_mode eq "osx" && $access{'bootup'}) { + # This hostconfig if block written by Michael A Peters + # for OSX/Darwin. + # build hostconfig table + + @hconf_set = &hostconfig_settings(); + %description_list = &hostconfig_gather(description); + + print &ui_columns_start([ &text('index_action'), + &text('index_setting'), + &text('index_desc') ], 100, 0); + $i = 0; + while (<@hconf_set>) { + $action_description = $description_list{"$hconf_set[$i][0]"}; + print &hostconfig_table($hconf_set[$i][0], $hconf_set[$i][1], $action_description); + $i++; + } + print &ui_columns_end(); + if ($access{'bootup'} == 1) { + print &ui_links_row([ + &ui_link("edit_hostconfig.cgi?1", $text{'index_add_mac'}), + &ui_link("edit_hostconfig.cgi?2", &text('index_editconfig',"$config{'hostconfig'}") ) + ]); + } + } +elsif ($init_mode eq "init" && $access{'bootup'}) { + # build list of normal and broken actions + @iacts = &list_actions(); + foreach $a (@iacts) { + @ac = split(/\s+/, $a); + $nodemap{$ac[1]} = $ac[0]; + push(@acts, $ac[0]); + push(@actsl, "0+".&urlize($ac[0])); + push(@actsf, $ac[0] =~ /^\// ? $ac[0] + : "$config{'init_dir'}/$ac[0]"); + } + @runlevels = &list_runlevels(); + foreach $r (@runlevels) { + foreach $w ("S", "K") { + foreach $a (&runlevel_actions($r, $w)) { + @ac = split(/\s+/, $a); + if (!$nodemap{$ac[2]}) { + push(@acts, $ac[1]); + push(@actsl, + "1+$r+$ac[0]+$ac[1]+$ac[2]+$w"); + push(@actsf, "$config{'init_base'}/rc$r.d/$w$ac[0]$ac[1]"); + } + } + } + } + + # For each action, look at /etc/rc*.d/* files to see if it is + # started at boot + @boot = &get_inittab_runlevel(); + for($i=0; $i<@acts; $i++) { + foreach $s (&action_levels('S', $acts[$i])) { + local ($l, $p) = split(/\s+/, $s); + local ($lvl) = (&indexof($l, @boot) >= 0); + local %daemon; + if ($lvl && $config{'daemons_dir'} && + &read_env_file("$config{'daemons_dir'}/$acts[$i]", + \%daemon)) { + $lvl = lc($daemon{'ONBOOT'}) eq 'yes' ? 1 : 0; + } + push(@{$actsb[$i]}, [ $l, $p, $lvl ]); + } + @{$actsb[$i]} = sort { $b->[2] <=> $a->[2] } @{$actsb[$i]}; + } + + # Sort the actions if necessary + @order = ( 0 .. $#acts ); + if ($config{'sort_mode'}) { + @order = sort { local $aa = $actsb[$a]->[0]; + local $bb = $actsb[$b]->[0]; + $bb->[2] <=> $aa->[2] || + $bb->[1] <=> $aa->[1] } + @order; + } + @acts = map { $acts[$_] } @order; + @actsl = map { $actsl[$_] } @order; + @actsf = map { $actsf[$_] } @order; + @actsb = map { $actsb[$_] } @order; + + @links = ( ); + if ($access{'bootup'} == 1) { + push(@links, &ui_link("edit_action.cgi?2", $text{'index_add'}) ); + } + if (!$config{'desc'}) { + # Display actions by name only + print &ui_links_row(\@links); + @grid = ( ); + for($i=0; $i<@acts; $i++) { + if ($acts[$i]) { + push(@grid, &ui_link("edit_action.cgi?".$actsl[$i], $acts[$i]) ); + } + } + print &ui_grid_table(\@grid, 4, 100, + [ "width=25%", "width=25%", "width=25%", "width=25%" ], + undef, $text{'index_title'}); + print &ui_links_row(\@links); + } + else { + # Display actions and descriptions + print &ui_form_start("mass_start_stop.cgi", "post"); + print &ui_links_row(\@links); + print &ui_columns_start([ + "", + $text{'index_action'}, + $config{'desc'} == 2 ? $text{'index_levels'} + : $text{'index_boot'}, + $config{'order'} ? ( $text{'index_order'} ) : ( ), + $config{'status_check'} == 2 ? ( $text{'index_status'} ) : ( ), + $text{'index_desc'} ], + 100, 0, [ "", "nowrap", "nowrap", "nowrap", "nowrap" ]); + + for($i=0; $i<@acts; $i++) { + local ($boot, %daemon, @levels, $order); + foreach $s (@{$actsb[$i]}) { + if ($s->[2]) { + $boot = 1; + push(@levels, + "$s->[0]"); + } + else { + push(@levels, $s->[0]); + } + } + $order = $actsb[$i]->[0]->[1]; + local @cols; + push(@cols, &ui_link("edit_action.cgi?".$actsl[$i], $acts[$i]) ); + local %has; + $d = &html_escape(&init_description($actsf[$i], + $config{'status_check'} == 2 ? \%has : undef)); + if ($config{'desc'} == 2) { + push(@cols, join(" ", @levels)); + } + else { + push(@cols,$boot ? $text{'yes'} : + "$text{'no'}"); + } + if ($config{'order'}) { + push(@cols, $order); + } + if ($config{'status_check'} == 2) { + if ($actsl[$i] =~ /^0/ && $has{'status'}) { + local $r = &action_running($actsf[$i]); + if ($r == 0) { + push(@cols, + "". + "$text{'no'}"); + } + elsif ($r == 1) { + push(@cols, $text{'yes'}); + } + else { + push(@cols, undef); + } + } + else { + push(@cols, undef); + } + } + push(@cols, $d); + if ($actsl[$i] =~ /^0/) { + print &ui_checked_columns_row( + \@cols, undef, "idx", $order[$i]); + } + else { + print &ui_columns_row([ undef, @cols ]); + } + } + print &ui_columns_end(); + print &ui_links_row(\@links); + @buts = ( [ "start", $text{'index_start'} ], + [ "stop", $text{'index_stop'} ], + [ "restart", $text{'index_restart'} ] ); + if ($access{'bootup'} == 1) { + # Show buttons to enable/disable at boot + push(@buts, undef, + [ "addboot", $text{'index_addboot'} ], + [ "delboot", $text{'index_delboot'} ], + undef, + [ "addboot_start", $text{'index_addboot_start'} ], + [ "delboot_stop", $text{'index_delboot_stop'} ], + ); + } + print &ui_form_end(\@buts); + } + } +elsif ($init_mode eq "local" && $access{'bootup'} == 1) { + # Display local bootup script + if ($config{'hostconfig'}) { + # This means a darwin system where + # daemons are not started in the rc script + print &text('index_script_mac', + "$config{'local_script'}"),"
\n"; + } + else { + print &text('index_script', + "$config{'local_script'}"),"
\n"; + } + print &ui_form_start("save_local.cgi", "post"); + print &ui_textarea("local", + &read_file_contents($config{'local_script'}), 15, 80)."
\n"; + + # Show shutdown script too, if any + if ($config{'local_down'}) { + print &text('index_downscript', + "$config{'local_down'}"),"
\n"; + print &ui_textarea("down", + &read_file_contents($config{'local_down'}), 15, 80). + "
\n"; + } + + print &ui_form_end([ [ undef, $text{'save'} ] ]); + } +elsif ($init_mode eq "win32" && $access{'bootup'}) { + # Show Windows services + print &ui_form_start("save_services.cgi", "post"); + print &select_all_link("d"),"\n"; + print &select_invert_link("d"),"
\n"; + print &ui_columns_start([ "", $text{'index_sname'}, + $text{'index_sdesc'}, + $text{'index_sboot'}, + $text{'index_sstate'} ]); + foreach $svc (&list_win32_services()) { + print &ui_columns_row([ + &ui_checkbox("d", $svc->{'name'}, undef), + $svc->{'name'}, + $svc->{'desc'}, + $text{'index_sboot'.$svc->{'boot'}} || + $svc->{'boot_desc'}, + $text{'index_sstate'.$svc->{'state'}} || + $svc->{'state_desc'}, + ]); + } + print &ui_columns_end(); + print &select_all_link("d"),"\n"; + print &select_invert_link("d"),"
\n"; + print &ui_form_end([ [ "start", $text{'index_start'} ], + [ "stop", $text{'index_stop'} ], + undef, + [ "addboot", $text{'index_addboot'} ], + [ "delboot", $text{'index_delboot'} ], + undef, + [ "addboot_start", $text{'index_addboot_start'} ], + [ "delboot_stop", $text{'index_delboot_stop'} ], + ]); + print &ui_hr(); + } +elsif ($init_mode eq "rc" && $access{'bootup'}) { + # Show FreeBSD scripts + print &ui_form_start("mass_rcs.cgi", "post"); + @links = ( &select_all_link("d"), + &select_invert_link("d"), + &ui_link("edit_rc.cgi?new=1", $text{'index_radd'}) ); + print &ui_links_row(\@links); + print &ui_columns_start([ "", $text{'index_rname'}, + $text{'index_rdesc'}, + $text{'index_rboot'} ]); + foreach $rc (&list_rc_scripts()) { + print &ui_columns_row([ + &ui_checkbox("d", $rc->{'name'}, undef), + &ui_link("edit_rc.cgi?name=".&urlize($rc->{'name'}), $rc->{'name'}), + $rc->{'desc'}, + $rc->{'enabled'} == 1 ? $text{'yes'} : + $rc->{'enabled'} == 2 ? "$text{'index_unknown'}": + "$text{'no'}", + ]); + } + print &ui_columns_end(); + print &ui_links_row(\@links); + print &ui_form_end([ [ "start", $text{'index_start'} ], + [ "stop", $text{'index_stop'} ], + undef, + [ "addboot", $text{'index_addboot'} ], + [ "delboot", $text{'index_delboot'} ], + undef, + [ "addboot_start", $text{'index_addboot_start'} ], + [ "delboot_stop", $text{'index_delboot_stop'} ], + ]); + } +elsif ($init_mode eq "upstart" && $access{'bootup'}) { + # Show upstart actions + print &ui_form_start("mass_upstarts.cgi", "post"); + @links = ( &select_all_link("d"), + &select_invert_link("d"), + &ui_link("edit_upstart.cgi?new=1", $text{'index_uadd'}) ); + print &ui_links_row(\@links); + print &ui_columns_start([ "", $text{'index_uname'}, + $text{'index_udesc'}, + $text{'index_uboot'}, + $text{'index_ustatus'}, ]); + foreach $u (&list_upstart_services()) { + if ($u->{'legacy'}) { + $l = "edit_action.cgi?0+".&urlize($u->{'name'}); + } + else { + $l = "edit_upstart.cgi?name=".&urlize($u->{'name'}); + } + print &ui_columns_row([ + &ui_checkbox("d", $u->{'name'}, undef, 0), + &ui_link($l, $u->{'name'}), + $u->{'desc'}, + $u->{'boot'} eq 'start' ? $text{'yes'} : + $u->{'boot'} eq 'stop' ? + "$text{'no'}" : + "$text{'index_unknown'}", + $u->{'status'} eq 'running' ? $text{'yes'} : + $u->{'status'} eq 'waiting' ? + "$text{'no'}" : + "$text{'index_unknown'}", + ]); + } + print &ui_columns_end(); + print &ui_links_row(\@links); + print &ui_form_end([ [ "start", $text{'index_start'} ], + [ "stop", $text{'index_stop'} ], + [ "restart", $text{'index_restart'} ], + undef, + [ "addboot", $text{'index_addboot'} ], + [ "delboot", $text{'index_delboot'} ], + undef, + [ "addboot_start", $text{'index_addboot_start'} ], + [ "delboot_stop", $text{'index_delboot_stop'} ], + ]); + + } +elsif ($init_mode eq "systemd" && $access{'bootup'}) { + # Show systemd actions + print &ui_form_start("mass_systemd.cgi", "post"); + @links = ( &select_all_link("d"), + &select_invert_link("d"), + &ui_link("edit_systemd.cgi?new=1", $text{'index_sadd'}) ); + print &ui_links_row(\@links); + print &ui_columns_start([ "", $text{'index_uname'}, + $text{'index_udesc'}, + $text{'index_uboot'}, + $text{'index_ustatus'}, ]); + foreach $u (&list_systemd_services()) { + if ($u->{'legacy'}) { + $l = "edit_action.cgi?0+".&urlize($u->{'name'}); + } + else { + $l = "edit_systemd.cgi?name=".&urlize($u->{'name'}); + } + print &ui_columns_row([ + &ui_checkbox("d", $u->{'name'}, undef), + &ui_link($l, $u->{'name'}), + $u->{'desc'}, + $u->{'boot'} == 1 ? $text{'yes'} : + $u->{'boot'} == 2 ? $text{'index_always'} : + "$text{'no'}", + $u->{'status'} ? $text{'yes'} : + "$text{'no'}", + ]); + } + print &ui_columns_end(); + print &ui_links_row(\@links); + print &ui_form_end([ [ "start", $text{'index_start'} ], + [ "stop", $text{'index_stop'} ], + [ "restart", $text{'index_restart'} ], + undef, + [ "addboot", $text{'index_addboot'} ], + [ "delboot", $text{'index_delboot'} ], + undef, + [ "addboot_start", $text{'index_addboot_start'} ], + [ "delboot_stop", $text{'index_delboot_stop'} ], + ]); + + } + +# reboot/shutdown buttons +print &ui_hr(); +if ($access{'reboot'}) { + print &ui_buttons_row("reboot.cgi", $text{'index_reboot'}, + $text{'index_rebootmsg'}); + } +if ($access{'shutdown'}) { + print &ui_buttons_row("shutdown.cgi", $text{'index_shutdown'}, + $text{'index_shutdownmsg'}); + } +&ui_print_footer("/", $text{'index'}) \ No newline at end of file From 990d010b18492997c3ffe1051152aedd08682735 Mon Sep 17 00:00:00 2001 From: Trevor Ferre Date: Sat, 13 Sep 2014 08:31:57 -0500 Subject: [PATCH 3/6] Fix Missing Move Up&Down Images --- images/after.gif | Bin 0 -> 103 bytes images/before.gif | Bin 0 -> 108 bytes 2 files changed, 0 insertions(+), 0 deletions(-) create mode 100644 images/after.gif create mode 100644 images/before.gif diff --git a/images/after.gif b/images/after.gif new file mode 100644 index 0000000000000000000000000000000000000000..23ff2fefb55f5e46e75e3e64bc02aa8a5a980b55 GIT binary patch literal 103 zcmZ?wbhEHb6krfwSjfO|CR zz|5cnQ~*>jz`($yHm83j+Xk+t8ue2@-yHSKKUb5aI^|I6w1Z7S?yvbaSOCR zz|5cnQ~*>jz`($yJ*R&qv+QgK4kjhfw+BNv-^`rzJ=Lo@$?=!OW$tEAo_3C0y^U*6 Mr}#CAFfdpH03Em@y#N3J literal 0 HcmV?d00001 From e4d81421f4091ed5b01fb050d0d592e054a048c0 Mon Sep 17 00:00:00 2001 From: Trevor Ferre Date: Sat, 13 Sep 2014 08:57:14 -0500 Subject: [PATCH 4/6] Security Fix Remove Session Timeout Inactivity Time --- session_login.cgi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/session_login.cgi b/session_login.cgi index 3dea94f..4d3bbb0 100755 --- a/session_login.cgi +++ b/session_login.cgi @@ -55,7 +55,7 @@ elsif ($in{'logout'}) { print "

$text{'session_logout'}

\n"; } elsif ($in{'timed_out'}) { - print "

",&text('session_timed_out', int($in{'timed_out'}/60)),"

\n"; + print "

Session timed out.

\n"; } print "$text{'session_prefix'}\n"; print "

\n"; From eac1c51e030db3d59d4f1a2a7d8e693b8d510fa8 Mon Sep 17 00:00:00 2001 From: Trevor Ferre Date: Sat, 13 Sep 2014 14:58:56 -0500 Subject: [PATCH 5/6] IE Compatibility & CDN MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Lets run Bootstrap & jQuery Libraries off a CDN… thoughts? --- index.html | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/index.html b/index.html index b0d17b6..16540d3 100644 --- a/index.html +++ b/index.html @@ -6,14 +6,16 @@ - - + + + - - + + @@ -116,9 +118,9 @@ - + + - From cc7b4e25fd35f8eafad97fc65f1b615ab5666ff2 Mon Sep 17 00:00:00 2001 From: Trevor Ferre Date: Mon, 15 Sep 2014 20:01:21 -0500 Subject: [PATCH 6/6] Space Clean Up --- index.html | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/index.html b/index.html index 16540d3..31e504f 100644 --- a/index.html +++ b/index.html @@ -23,10 +23,8 @@ -
- -
@@ -112,11 +109,9 @@
- - @@ -124,5 +119,4 @@ - - + \ No newline at end of file