initial commit of file from CVS for e-smith-base on Thu 26 Oct 11:24:52 BST 2023
This commit is contained in:
@@ -0,0 +1,80 @@
|
||||
{
|
||||
=head1 NAME
|
||||
|
||||
set-access-defaults -- Set services to appropriate defaults for SystemMode
|
||||
|
||||
=head1 DESCRIPTION
|
||||
|
||||
The SystemMode can be changed through the console. When it is changed,
|
||||
console-save is called, which causes services to be reconfigured in
|
||||
accordance with the new SystemMode.
|
||||
|
||||
In servergateway mode, the following services are enabled on the
|
||||
external interface: HTTP, HTTPS, SMTP, AUTH/IDENT
|
||||
|
||||
In servergateway-private mode, all external services are disabled
|
||||
|
||||
This script is a no-op if the SystemMode has not been changed.
|
||||
|
||||
=cut
|
||||
|
||||
my $conf = $DB;
|
||||
|
||||
my $current_mode = $conf->get_value('SystemMode') or return;
|
||||
|
||||
my $sysconfig = $conf->get("sysconfig") or return;
|
||||
|
||||
my $previous_mode = $sysconfig->prop('PreviousSystemMode')
|
||||
|| "unknown";
|
||||
|
||||
if ($previous_mode eq "unknown")
|
||||
{
|
||||
$sysconfig->set_prop('PreviousSystemMode', $current_mode);
|
||||
return;
|
||||
}
|
||||
|
||||
return unless ( $previous_mode eq 'servergateway-private' or
|
||||
$current_mode eq 'servergateway-private' );
|
||||
|
||||
#------------------------------------------------------------
|
||||
# OK, we have a new SystemMode, go for it
|
||||
#------------------------------------------------------------
|
||||
my %service2access =
|
||||
(
|
||||
oidentd => "public",
|
||||
'httpd-e-smith' => "public",
|
||||
'qpsmtpd' => "public",
|
||||
'sqpsmtpd' => "public",
|
||||
ftp => "private",
|
||||
imap => "private",
|
||||
imaps => "private",
|
||||
modSSL => "public",
|
||||
pop3s => "private",
|
||||
popd => "private",
|
||||
sshd => "private",
|
||||
telnet => "private",
|
||||
|
||||
);
|
||||
|
||||
if ( $current_mode eq 'servergateway-private' )
|
||||
{
|
||||
foreach my $key (keys %service2access)
|
||||
{
|
||||
$service2access{$key} = 'private';
|
||||
}
|
||||
}
|
||||
|
||||
#------------------------------------------------------------
|
||||
# Enforce the default access rights
|
||||
#------------------------------------------------------------
|
||||
foreach my $service ( keys %service2access )
|
||||
{
|
||||
my $entry = $conf->get($service);
|
||||
|
||||
next unless ($entry);
|
||||
|
||||
$entry->set_prop("access", $service2access{$service});
|
||||
}
|
||||
|
||||
$sysconfig->set_prop('PreviousSystemMode', $current_mode);
|
||||
}
|
||||
Reference in New Issue
Block a user