Stéphane Lesimple
58354cc305
chore: factorize user@host:port display in machine_display()
2024-12-24 14:46:36 +01:00
Stéphane Lesimple
9e357333db
chg: groupInfo: remove deprecated JSON fields
...
Remove 'partial_members' and 'full_members' from JSON output,
which were replaced by 'members' and 'guests' since pre-v3.00.00
2024-12-24 14:46:36 +01:00
Stéphane Lesimple
26932258be
enh: accountInfo: add osh-only information for accounts
2024-12-24 14:46:36 +01:00
Stéphane Lesimple
92d8b421c2
fix: groupInfo: don't attempt to (and fail) display the guest list when account doesn't have access to it
2024-12-24 14:46:36 +01:00
Stéphane Lesimple
a20a3b8a5d
fix: accountInfo: don't attempt (and fail) to display info non-auditors don't have access to
2024-12-24 14:46:36 +01:00
Stéphane Lesimple
1d9ae483da
chg: set ECDSA as default egress key algo for new installs
2024-12-24 14:46:36 +01:00
Stéphane Lesimple
545547de6d
chore: tests: no longer run consistency check by default
...
This is slow and almost never catched a bug, so consistency check is
still supported but will not run by default, as it is quite slow,
checking the system between each and every test. The option
--skip-consistency-check is now ignored, and a new option to enable
it has been added: --consistency-check
2024-12-24 14:46:36 +01:00
Stéphane Lesimple
4de9f88fe4
chore: faster tests by removing grant/revoke command dance
...
When restricted commands need to be used during tests,
we now use "account0" which has all these commands granted,
instead of granting/revoking commands every time with no added
value with respect to the tests.
This was previously required for OSes that have a limit to the
number of groups an account can be a member of, but these OSes
have now long been unsupported.
2024-12-24 14:46:36 +01:00
Stéphane Lesimple
e0d5617435
chore: update README ( #514 )
...
Co-authored-by: Adrien Barreau <adrien.barreau@live.fr>
2024-12-24 14:46:08 +01:00
Stéphane Lesimple
598ba3f33c
fix: deny netblocks for nc, mtr, ping, alive plugins
2024-12-23 15:06:52 +01:00
Stéphane Lesimple
1859d6ab41
release v3.18.00
2024-12-10 14:21:40 +01:00
Stéphane Lesimple
4062b3e046
chore: add release notes to doc/
2024-12-10 14:21:30 +01:00
Stéphane Lesimple
ad54cc6aad
chore: speedup tests in 330-selfkeys.sh
2024-12-10 14:21:20 +01:00
Stéphane Lesimple
92bc512050
feat: add assetForgetHostKey
2024-12-10 14:21:20 +01:00
Stéphane Lesimple
62613bf894
fix: scp: downloads would sometimes stall ( #486 )
2024-12-10 12:18:47 +01:00
Stéphane Lesimple
55f276e8cf
release v3.17.01
2024-10-23 13:46:09 +02:00
Stéphane Lesimple
117f222338
chore: change pod cuts to make recent versions of perltidy happy
2024-10-23 11:22:34 +02:00
TomRicci
05236c1410
fix: documentation selfDelPersonalAccess.rst
2024-10-23 11:16:51 +02:00
TomRicci
96e28fd237
fix: documentation selfAddPersonalAccess.rst
2024-10-23 11:16:51 +02:00
TomRicci
b0202c43eb
fix: documentation accountDelPersonalAccess.rst
2024-10-23 11:16:51 +02:00
TomRicci
b40a9e5b72
fix: documentation accountAddPersonalAccess.rst
2024-10-23 11:16:51 +02:00
TomRicci
e9fac9b163
fix: documentation groupDelGuestAccess.rst
2024-10-23 11:16:51 +02:00
TomRicci
f5d9f403dc
fix: documentation groupAddGuestAccess.rst
2024-10-23 11:16:51 +02:00
TomRicci
a64db67fe2
fix: lint ACL.pm
2024-10-23 11:16:51 +02:00
TomRicci
949d68485e
fix: message scpdownload scpupload in scp.override.rst
2024-10-23 11:16:51 +02:00
TomRicci
d188c1fc5c
fix: message scpdownload scpupload in scp.rst
2024-10-23 11:16:51 +02:00
TomRicci
f599793c76
fix: protocol scpdownload scpupload in 395-mfa-scp-sftp-rsync.sh
2024-10-23 11:16:51 +02:00
TomRicci
e418b5126c
fix: message scpdownload scpupload in scp
2024-10-23 11:16:51 +02:00
TomRicci
457df64290
fix: message scpdownload scpupload in groupDelGuestAccess
2024-10-23 11:16:51 +02:00
TomRicci
a0e6486753
fix: message scpdownload scpupload in groupAddGuestAccess
2024-10-23 11:16:51 +02:00
TomRicci
ecceeb8bb5
fix: message scpdownload scpupload in accountAddPersonalAccess
2024-10-23 11:16:51 +02:00
TomRicci
92f7dcc920
fix: message scpdownload scpupload in selfDelPersonalAccess
2024-10-23 11:16:51 +02:00
TomRicci
f67f064e67
fix: message scpdownload scpupload in selfAddPersonalAccess
2024-10-23 11:16:51 +02:00
TomRicci
6842792bce
fix: message scpdownload scpupload in accountDelPersonalAccess
2024-10-23 11:16:51 +02:00
TomRicci
e095008175
fix: message scpdownload scpupload in sftp_scp_rsync.rst
2024-10-23 11:16:51 +02:00
TomRicci
6432771123
fix: message scpdownload scpupload in upgrading.rst
2024-10-23 11:16:51 +02:00
TomRicci
dc27e041a0
fix: message protocol in ACL.pm
2024-10-23 11:16:51 +02:00
Stéphane Lesimple
529a1325d5
enh: interactive: handle CTRL+C nicely ( fix #497 )
2024-10-21 16:18:49 +02:00
Stéphane Lesimple
8cafbc854c
fix: allow ssh-as in connect.pl
2024-10-16 13:45:10 +02:00
Stéphane Lesimple
36352d6dcc
fix: osh.pl: remove a warning on interactive mode timeout
2024-10-16 12:24:45 +02:00
Stéphane Lesimple
eb866bd16b
release v3.17.00
2024-10-14 17:01:02 +02:00
Stéphane Lesimple
c93498c762
fix: opensuse: add procps package (for pkill)
2024-10-14 17:01:02 +02:00
Stéphane Lesimple
790f4c3e92
fix: osh.pl: propagate signals to plugins before exiting
2024-10-14 15:53:32 +02:00
Stéphane Lesimple
4196a5b1c7
release v3.16.99-rc3
2024-09-25 11:54:09 +02:00
Stéphane Lesimple
3ee9a5d896
fix: regression introduced by 932e72e
for stealth stdout in ssh
...
Before 932e72e
, plugin-scoped stealthStdout was ignored, which was
fixed by 932e72e
which in turn made ssh ignore the pattern-based egress ssh
stealthStdout option.
This fix ensures stealthStdout is honored for both plugins and egress ssh.
2024-09-25 11:53:51 +02:00
Stéphane Lesimple
a0ec3ff9ee
release v3.16.99-rc2
2024-09-17 14:45:36 +02:00
Stéphane Lesimple
accd50eea7
feat: add rsync support to --protocol
2024-09-17 14:44:28 +02:00
Stéphane Lesimple
858bb5157e
enh: plugins: add validate_tuple() so a plugin can validate user@host:port independently
2024-09-17 14:44:28 +02:00
Stéphane Lesimple
19ef1b2668
enh: plugins: add --protocol to handle scp, sftp, rsync
...
Replace --sftp --scpup --scpdown by --protocol PROTOCOL.
Also take the opportunity to replace --user-any by --user * and --port-any by --port *.
All the legacy options are still supported but are now undocumented.
2024-09-17 14:44:28 +02:00
Stéphane Lesimple
454c16b4ce
refacto: move special protocols checks into a lib
2024-09-17 14:44:28 +02:00