ovh/the-bastion
1
1
Fork 0
mirror of https://github.com/ovh/the-bastion.git synced 2024-09-20 15:05:58 +08:00
Code Issues Packages Projects Releases Wiki Activity
551 commits 5 branches 44 tags 6.9 MiB
Commit graph

178 commits

Author SHA1 Message Date
Stéphane Lesimple 5dc50b3e57
feat: add stealth_stderr/stdout ttyrec support, enable it for scp (#413) 2023-09-19 15:27:00 +02:00
Stéphane Lesimple ee149cb185
release v3.13.01 (#410) 2023-08-23 11:41:43 +02:00
Stéphane Lesimple 9bdfca1c76 release v3.13.00 2023-07-28 14:18:15 +02:00
Stéphane Lesimple a65c53b76e enh: use ttyrec instead of sqlite to record plugin output 2023-07-28 11:09:10 +02:00
Stéphane Lesimple bd82ee49b7 release v3.12.00 2023-06-27 14:13:22 +02:00
Stéphane Lesimple 5cfb049a82 chore: doc: adding plugin configuration autogeneration 2023-06-01 11:52:39 +02:00
Stéphane Lesimple 482eddb10c feat: plugins: add loadConfig parameter & config validator support 2023-06-01 11:52:39 +02:00
Stéphane Lesimple 262e545bbb feat: add dryrun in access_modify() and widest prefix precondition check 2023-06-01 11:52:39 +02:00
Stéphane Lesimple f4650bd0dc chore: shell/functions: remove now unused global var 2023-05-31 17:37:52 +02:00
Stéphane Lesimple d5dd119f83 release v3.11.02 2023-04-18 14:48:47 +02:00
Stéphane Lesimple 84687256a8 fix: --force-key wasn't working for groups 
Fixes #259
 2023-04-07 10:44:14 +02:00
Stéphane Lesimple 52d44ba993 chore: remove Debian openssh-blacklist logic 
All Debian versions supporting this are EOL by now.
 2023-04-07 10:44:05 +02:00
Stéphane Lesimple c6904d0fa0 release v3.11.01 2023-03-27 17:04:56 +02:00
Stéphane Lesimple cadf51145d release v3.11.00 2023-03-23 14:37:57 +01:00
Stéphane Lesimple a1812e34bb fix: race condition when two parallel account creations used --uid-auto 
Fixes #363
 2023-03-22 11:00:16 +01:00
Stéphane Lesimple f4abfc1ba8 feat: add sftp support 2023-03-16 13:45:42 +01:00
Stéphane Lesimple 86d907acb6 release v3.10.00 2023-02-17 15:19:25 +01:00
Cédric Roussel 4d56c32853 fix: invalid suffixed account creation 2023-01-31 12:03:13 +01:00
Stéphane Lesimple 036f921c40 feat: add accountFreeze/accountUnfreeze 2022-12-30 17:53:08 +01:00
Stéphane Lesimple 649c1fffbf release v3.09.02 2022-11-15 18:26:32 +01:00
Stéphane Lesimple 521836b17b fix: rare race condition introduced by b7f4909 
Under some specific conditions, the execute() call could get deadlocked with the program it started,
both waiting for each other to read or write data. This is easier to reproduce with the `scp` plugin,
where the transfer would just stall. Introduce an additional intermediate buffer to avoid this race condition.
 2022-11-15 17:34:47 +01:00
Stéphane Lesimple 4f0a80c9d4 release v3.09.01 2022-10-10 12:21:11 +02:00
Stéphane Lesimple b7f4909310 enh: make execute() way WAY faster 2022-09-21 11:57:55 +02:00
Stéphane Lesimple 3df86c58b3 release v3.09.00 2022-09-13 13:21:18 +02:00
Stéphane Lesimple 8c82c3441b fix: accountInfo wasn't showing TTL account expiration #329 2022-09-09 17:14:25 +02:00
Stéphane Lesimple 81aeb2ee3c release v3.09.00-rc3 2022-07-12 12:34:58 +02:00
Stéphane Lesimple 72cefa6417 fix: performance issues introduced by effab4a 
Commit that introduced the performance degradation is effab4a
(fix: workaround for undocumented caching in getpw/getgr funcs)

Rewrote caching at the getpwent/getpwnam/getgrent/getgrnam level,
which restores performance pre-effab4a and even enhances it in somes cases,
for example on a 2000-accounts and 2000-groups bastion, we are:

- 11% faster on --osh help
- 35% faster on --osh selfListAccesses (reduces syscalls by 87%)
 2022-07-12 10:07:16 +02:00
Stéphane Lesimple 8e148a6e53 release v3.09.00-rc2 2022-07-05 18:12:08 +02:00
Stéphane Lesimple c89dd82d26 enh: print_public_key: better formatter 2022-07-05 18:04:19 +02:00
Stéphane Lesimple 6ccb43e938 enh: move some code from get_hashes_list() to a new get_password_file() 2022-07-05 18:04:19 +02:00
Stéphane Lesimple 7ff286b00f v3.09.00-rc1 2022-07-04 11:06:54 +02:00
Stéphane Lesimple 3956dc587b fix: ttyrec cmdline: don't add --warn-before-* when no --idle-*-timeout is specified 2022-07-01 15:33:44 +02:00
Stéphane Lesimple 46a01a546a feat: groupModify: add --idle-lock-timeout and --idle-kill-timeout for group-specific timeouts 2022-07-01 15:33:44 +02:00
Stéphane Lesimple 6fb528ccf1 chore: rename some vars for clarity 2022-07-01 15:33:44 +02:00
Stéphane Lesimple e040afb074 chore: new perltidy rules 2022-07-01 10:21:19 +02:00
Stéphane Lesimple 7a043165bc fix: don't emit a membership log when nothing changed 2022-07-01 10:09:57 +02:00
Stéphane Lesimple 884b4bbaf0 fix: install: ensure that the healthcheck user can always connect from 127.0.0.1 
Regardless of the bastion config about the ingressKeysFrom configuration
 2022-06-29 11:33:41 +02:00
Stéphane Lesimple 2e9e955e93 chore: interactive.inc: prepend internal funcs by _ 2022-03-14 12:42:26 +01:00
Stéphane Lesimple effab4a5c2 fix: workaround for undocumented caching in getpw/getgr funcs 2022-03-14 12:42:26 +01:00
Stéphane Lesimple 7fa2523bfc fix: get_group_list() returned invalid members list (was not used anywhere) 2022-02-09 14:31:33 +01:00
Stéphane Lesimple a178aa7906 enh: cron scripts: factorize common code and standardize logging 2022-02-09 14:31:33 +01:00
Stéphane Lesimple 2c2064a484 feat: osh-encrypt-rsync: handle sqlite and user logs along with ttyrec files 2022-02-09 14:31:33 +01:00
Stéphane Lesimple 0ffdd108bd v3.08.01 2022-01-19 11:24:12 +01:00
Stéphane Lesimple 744bd5fa0c enh: introduce exit_fail and exit_success for shell scripts 2022-01-19 11:23:44 +01:00
Stéphane Lesimple d7a898a5fa Release v3.08.00 2022-01-04 15:50:02 +01:00
Stéphane Lesimple ae997dd93c chore: shellcheck: rewrite shell-check.sh and make files compliant with v0.8.0 2021-12-29 11:40:34 +01:00
Stéphane Lesimple 54a4dc6c65 chore: use state vars where we can 2021-12-29 11:21:04 +01:00
Stéphane Lesimple b3af2933f9 enh: install.inc: random delay under CI 2021-12-29 11:20:55 +01:00
Stéphane Lesimple be6a71afab fix: install.inc: verbose under CI 2021-12-29 11:20:55 +01:00
Stéphane Lesimple 2f623dfb3a fix: install.inc: fail nicely on invalid JSON under set -e 2021-12-29 11:20:55 +01:00