Manage packages user access



  • Hi,

    I am making some tests on the 2.0 versions and I have find that if I give this rights to users (WebCfg - Package: Settings page  Allow access to the 'Package: Settings' page, WebCfg - Package: Edit page  Allow access to the 'Package: Edit' page) they also have access to default installed packages (OLSR, OpenNTP, RIP, uPNP and perhaps others).

    Is there a way to remove access to this default packages? Is there a way to also limit the access to specific packages?



  • right now, i don't think so, because pfsense's rights management comes with a default set of privileges and doesn't know, which packages will be installed.
    For the default installed packages, i don't see how.

    as 2.0 is beta, like pfsense's team mentioned, not all of the packages are migrated to 2.0.

    Here you can monitor the status of packages in 2.0.
    http://spreadsheets.google.com/pub?key=tFSe4gIfr3P0Nr1uYLxCHdw&single=true&gid=0&output=html

    But as you surely see, the progress is fast and the beta is pretty stable..

    After finalization of 2.0 and the integration of remaining packages, i believe, this could be a "feature" to expect..

    EDIT: http://forum.pfsense.org/index.php/topic,25161.0.html (specific access to user manangement)



  • Hi,

    OK, I understand, you already done a great job.

    I am not a good programmer and don't understand everything on how pfSense is working (on developpement side) but I really need such feature so I will try to take some time to try to implement it (perhaps only for the packages that I need (incorporating it into pfSense base on my firewall) if I don't find a global solution, …).

    For my case I only need to add a user management page under the captive portal (only for users of captiveportal group), so I will begin with this and try to do the pkg selector after this because I will be more interested to use Radius than local user manager, ...

    For this I need some informations :

    • Where is located the list of "system privilegies" on the filesystem?

    • Is the informations below used for managing this on php files of pfSense :

    1.
      ##|+PRIV
      ##|*IDENT=page-package-settings
      ##|*NAME=Package: Settings page
      ##|*DESCR=Allow access to the 'Package: Settings' page.
      ##|MATCH=pkg.php
      ##|-PRIV

    2.
      if (isAllowedPage("system_usermanager")) {}

    • How to add a menu item on pfsense (not using package)?

    • How to add a tab on a page ?
        I have seen that it seems to be hardcoded using this "$tab_array = array();", so it says that I must modify every pages of captive portal. Is this right?


Locked