luci-base: ship rpcd uci access ACL

Ship an ACL definition for granting full read/write access to uci
configuration files via ubus rpc. This is a precondition for enabling
uci session isolation later on.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>

diff --git a/modules/luci-base/root/usr/share/rpcd/acl.d/luci-base.json b/modules/luci-base/root/usr/share/rpcd/acl.d/luci-base.json
new file mode 100644 (file)
index 0000000..ed7ad8a
--- /dev/null
+++ b/modules/luci-base/root/usr/share/rpcd/acl.d/luci-base.json
@@ -0,0 +1,11 @@
+{
+       "uci-access": {
+               "description": "Grant uci write access to all configurations",
+               "read": {
+                       "uci": [ "*" ]
+               },
+               "write": {
+                       "uci": [ "*" ]
+               }
+       }
+}