plinth 0.24.0 / usr / share / plinth / actions / security

This file is indexed.

/usr/share/plinth/actions/security is in plinth 0.24.0.

This file is owned by root:root, with mode 0o755.

The actual contents of the file can be viewed below. 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
#!/usr/bin/python3
#
# This file is part of FreedomBox.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.
#
"""
Helper for security configuration
"""

import argparse

ACCESS_CONF_FILE = '/etc/security/access.conf'
ACCESS_CONF_SNIPPET = '-:ALL EXCEPT root fbx (admin) (sudo):ALL'


def parse_arguments():
    """Return parsed command line arguments as dictionary"""
    parser = argparse.ArgumentParser()
    subparsers = parser.add_subparsers(dest='subcommand', help='Sub command')

    subparsers.add_parser(
        'enable-restricted-access',
        help='Restrict console login to users in admin or sudo group')
    subparsers.add_parser(
        'disable-restricted-access',
        help='Don\'t restrict console login to users in admin or sudo group')

    subparsers.required = True
    return parser.parse_args()


def subcommand_enable_restricted_access(_):
    """Restrict console login to users in admin or sudo group."""
    with open(ACCESS_CONF_FILE, 'r') as conffile:
        lines = conffile.readlines()

    for line in lines:
        if ACCESS_CONF_SNIPPET == line.strip():
            return

    with open(ACCESS_CONF_FILE, 'a') as conffile:
        conffile.write(ACCESS_CONF_SNIPPET + '\n')


def subcommand_disable_restricted_access(_):
    """Don't restrict console login to users in admin or sudo group."""
    with open(ACCESS_CONF_FILE, 'r') as conffile:
        lines = conffile.readlines()

    with open(ACCESS_CONF_FILE, 'w') as conffile:
        for line in lines:
            if ACCESS_CONF_SNIPPET != line.strip():
                conffile.write(line)


def main():
    """Parse arguments and perform all duties"""
    arguments = parse_arguments()

    subcommand = arguments.subcommand.replace('-', '_')
    subcommand_method = globals()['subcommand_' + subcommand]
    subcommand_method(arguments)


if __name__ == '__main__':
    main()

APT Browse - Built by Thomas Orozco.