the-bastion

mirror of https://github.com/ovh/the-bastion.git synced 2025-02-27 00:54:26 +08:00

Author	SHA1	Message	Date
Stéphane Lesimple	3d1e210dd8	fix: interactive: remove unnecessary loops for autocomplete	2024-03-20 11:53:49 +01:00
Stéphane Lesimple	fa842c94d8	fix: connect.pl: don't look for error messages when sysret==0	2024-03-20 11:53:39 +01:00
Stéphane Lesimple	7423f6ad63	feat: add dnsSupportLevel option for systems with broken DNS (fixes #397 )	2024-03-20 11:53:00 +01:00
Stéphane Lesimple	d8f9423e8f	fix: scp/sftp: correctly bypass JIT MFA if asked to, when old helpers are used	2024-02-21 15:15:06 +01:00
Stéphane Lesimple	c2a6fafbac	chore: devenv: enhance perltidy/shellcheck pre-commit logic	2024-02-21 14:14:19 +01:00
Stéphane Lesimple	3c6dd69538	chg: jailify: update params name to match minijail0	2024-02-21 14:13:56 +01:00
Stéphane Lesimple	91beea0012	release v3.14.16	2024-02-20 17:41:53 +01:00
Stéphane Lesimple	8625b74307	fix: tests for FreeBSD	2024-02-20 17:41:53 +01:00
Stéphane Lesimple	e2a45596d0	fix: generation of MFA secret under FreeBSD	2024-02-20 17:41:53 +01:00
Stéphane Lesimple	867410a16d	enh: plugins: better signal handling to avoid dangling children processes	2024-02-20 12:14:01 +01:00
Stéphane Lesimple	f022bd9ac8	feat: add ttyrecStealthStdoutPattern config Commands that generate a lot of stdout output and are M2M workflows, such as rsync, can now be excluded from ttyrec to avoid filling up drives	2024-02-20 12:13:53 +01:00
Stéphane Lesimple	fd6850c7ef	fix: osh-sync-watcher: default to a valid rshcmd (fixes #433 )	2024-02-20 12:13:43 +01:00
Stéphane Lesimple	ad9e14d568	chore: silence tr on secret generation	2024-02-20 12:13:33 +01:00
Stéphane Lesimple	a458e4b63c	fix: fixrights.sh: add +x run-tool.sh	2024-01-17 11:18:19 +01:00
Stéphane Lesimple	6dd43c66c0	enh: batch: openhandle() is overkill and doesn't work on EOF	2024-01-17 11:01:50 +01:00
Stéphane Lesimple	692ebca3c2	fix: accountInfo: return always_active=1 for globally-always-active accounts	2024-01-17 11:01:21 +01:00
Stéphane Lesimple	0502d13d0e	enh: osh-lingering-sessions-reaper.sh: handle dangling plugins	2024-01-10 14:46:25 +01:00
Stéphane Lesimple	797ef68273	enh: osh-orphaned-homedir.sh: also cleanup /run/faillock	2024-01-09 14:19:29 +01:00
Stéphane Lesimple	345a1f951f	fix: don't exit with fping host is unreachable As ping can return unknown exit codes for unknown cases, just never bail out to avoid taking bad decisions, as we retry each second maximum, there's no DoS risk	2023-12-05 10:02:52 +01:00
Stéphane Lesimple	25ee7dcda5	doc: more details about upgrade to 3.14.15	2023-11-09 10:42:23 +01:00
Stéphane Lesimple	137c7b5454	release v3.14.15	2023-11-08 14:55:44 +01:00
Stéphane Lesimple	3d402a1bc6	feat: add admin-configurable lock/kill timeout per plugin	2023-11-08 14:55:35 +01:00
Stéphane Lesimple	7a288bd812	chore: perlcritic adjustement on RequireArgUnpacking	2023-11-08 13:21:20 +01:00
Stéphane Lesimple	9d509b7f2d	doc: CVE-2023-45140	2023-11-08 13:21:20 +01:00
Stéphane Lesimple	59b04ab761	tests: add tests for MFA with scp/sftp	2023-11-08 13:21:20 +01:00
Stéphane Lesimple	47e058c272	refacto: use osh_print to obey force_stderr	2023-11-08 13:21:20 +01:00
Stéphane Lesimple	1bcec68d2a	enh: scp and sftp with mfa support	2023-11-08 13:21:20 +01:00
Stéphane Lesimple	b48463076f	feat: osh.pl: jit mfa for plugins	2023-11-08 13:21:20 +01:00
Stéphane Lesimple	926a177aa0	refacto: osh.pl: move code to do_jit_mfa()	2023-11-08 13:21:20 +01:00
Stéphane Lesimple	c849e7d6ef	refacto: osh.pl: move code to get_details_from_access_array()	2023-11-08 13:21:20 +01:00
Stéphane Lesimple	5ba7e52054	refacto: osh.pl: move hardcoded plugin special cases to config	2023-11-08 13:21:20 +01:00
Stéphane Lesimple	998080260c	refacto: osh.pl: use hash instead of multiple vars	2023-11-08 13:21:20 +01:00
Stéphane Lesimple	ac5eb9b636	enh: tests: more mfa tests	2023-11-08 13:21:20 +01:00
Stéphane Lesimple	027521b875	chore: fix FreeBSD GitHub Action	2023-11-07 12:16:49 +01:00
Stéphane Lesimple	d3ece7b9f4	enh: add tests for multiple gpg keys setup	2023-10-27 17:26:23 +02:00
Pierre-Elliott Bécue	35d4841638	Allow setup-gpg.sh --import to receive, trust, and add to configure multiple public keys at once	2023-10-27 17:26:23 +02:00
Stéphane Lesimple	6d5255d841	enh: orphaned homedirs: adjust behavior on master instances	2023-10-15 12:53:26 +02:00
Stéphane Lesimple	4fb5e17166	chore: connect.pl: more readable indentation	2023-10-09 17:22:55 +02:00
Stéphane Lesimple	ce9cf3213c	enh: connect.pl: report empty ttyrec as ttyrec_empty instead of ttyrec_error	2023-10-09 17:22:55 +02:00
Stéphane Lesimple	cbd0ac6d5c	doc: add documentation on how to write integration tests	2023-10-04 18:25:11 +02:00
Stéphane Lesimple	7934b6283b	Update bin/admin/check_uid_gid_collisions.pl Co-authored-by: Adrien Barreau <adrien.barreau@live.fr>	2023-10-04 17:55:07 +02:00
Stéphane Lesimple	a468220df7	fix: check_collisions: don't report orphan uids on slave, just use their name	2023-10-04 17:55:07 +02:00
Stéphane Lesimple	0353557939	enh: check_collisions: allow usage of /dev/null	2023-10-04 17:55:07 +02:00
Stéphane Lesimple	0eb61f26f2	meta: dev: add devenv docker, pre-commit info, and doc	2023-10-03 14:23:30 +02:00
Stéphane Lesimple	213bd28616	fix: scp: adapt wrapper and tests to new scp versions	2023-09-20 16:39:29 +02:00
Stéphane Lesimple	8459d03945	chore: bump OpenSUSE Leap from 15.4 to 15.5	2023-09-20 16:39:29 +02:00
Stéphane Lesimple	dfff1c9baa	chore: ghactions: bump short test to deb12	2023-09-20 16:39:29 +02:00
Stéphane Lesimple	3ce7eedb88	chore: bump github actions checkout from v2 to v4	2023-09-20 16:39:29 +02:00
Stéphane Lesimple	fe41e62be9	chore: upgrade sandbox and tester dockerfiles to bookworm	2023-09-20 16:39:29 +02:00
Stéphane Lesimple	733fd054a6	fix: setup-gpg.sh: in some cases, an invalid configuration file could be generated The escape code didn't work correctly, remove it as it's not needed, indeed we already ensure that the generated password doesn't contain any " or \, hence surrounding the var by "" quotes is enough.	2023-09-20 15:14:55 +02:00

1 2 3 4 5 ...

655 commits