{
+ "unauthenticated": {
+ "description": "Allow system feature probing",
+ "read": {
+ "ubus": {
+ "luci": [ "getFeatures" ]
+ }
+ }
+ },
+
"uci-access": {
"description": "Grant uci write access to all configurations",
"read": {
"luci-access": {
"description": "Grant access to basic LuCI procedures",
"read": {
+ "file": {
+ "/": [ "list" ],
+ "/*": [ "list" ],
+ "/etc/crontabs/root": [ "read" ],
+ "/etc/dropbear/authorized_keys": [ "read" ],
+ "/etc/filesystems": [ "read" ],
+ "/etc/rc.local": [ "read" ],
+ "/proc/filesystems": [ "read" ],
+ "/proc/sys/kernel/hostname": [ "read" ]
+ },
"ubus": {
- "iwinfo": [ "info" ],
- "luci": [ "boardjson", "duid_hints", "host_hints", "ifaddrs", "initList", "leases", "leds", "netdevs", "offload_support", "usb" ],
+ "file": [ "list", "read", "stat" ],
+ "iwinfo": [ "assoclist", "freqlist", "txpowerlist", "countrylist" ],
+ "luci": [ "getBoardJSON", "getDUIDHints", "getHostHints", "getIfaddrs", "getInitList", "getLocaltime", "getTimezones", "getDHCPLeases", "getLEDs", "getNetworkDevices", "getUSBDevices", "getWirelessDevices", "getSwconfigFeatures", "getSwconfigPortState", "getBlockDevices", "getMountPoints" ],
"network.device": [ "status" ],
"network.interface": [ "dump" ],
- "network.wireless": [ "status" ],
+ "network": [ "get_proto_handlers" ],
"uci": [ "changes", "get" ]
},
"uci": [ "*" ]
},
"write": {
+ "cgi-io": [ "upload", "/etc/luci-uploads/*" ],
+ "file": {
+ "/etc/crontabs/root": [ "write" ],
+ "/etc/dropbear/authorized_keys": [ "write" ],
+ "/etc/luci-uploads/*": [ "write" ],
+ "/etc/rc.local": [ "write" ],
+ "/sbin/block": [ "exec" ]
+ },
"ubus": {
- "luci": [ "initCall", "localtime", "timezone" ],
- "uci": [ "add", "apply", "confirm", "delete", "order", "set" ]
+ "file": [ "write", "remove", "exec" ],
+ "iwinfo": [ "scan" ],
+ "luci": [ "setInitAction", "setLocaltime", "setPassword", "setBlockDetect", "setUmount" ],
+ "uci": [ "add", "apply", "confirm", "delete", "order", "set", "rename" ]
},
"uci": [ "*" ]
}
+ },
+ "luci-app-firewall": {
+ "description": "Grant access to firewall procedures",
+ "read": {
+ "ubus": {
+ "luci": [ "getConntrackHelpers" ]
+ },
+ "uci": [ "firewall" ]
+ },
+ "write": {
+ "uci": [ "firewall" ]
+ }
}
}
projects / oweals / luci.git / blobdiff