ovh/the-bastion
1
1
Fork 0
mirror of https://github.com/ovh/the-bastion.git synced 2025-02-27 00:54:26 +08:00
Code Issues Projects Releases Packages Wiki Activity
625 commits 8 branches 50 tags 9.7 MiB
Commit graph

625 commits

This branch
This branch
All branches
Author SHA1 Message Date
Stéphane Lesimple
5ba7e52054 refacto: osh.pl: move hardcoded plugin special cases to config 2023-11-08 13:21:20 +01:00
Stéphane Lesimple
998080260c refacto: osh.pl: use hash instead of multiple vars 2023-11-08 13:21:20 +01:00
Stéphane Lesimple
ac5eb9b636 enh: tests: more mfa tests 2023-11-08 13:21:20 +01:00
Stéphane Lesimple
027521b875 chore: fix FreeBSD GitHub Action 2023-11-07 12:16:49 +01:00
Stéphane Lesimple
d3ece7b9f4 enh: add tests for multiple gpg keys setup 2023-10-27 17:26:23 +02:00
Pierre-Elliott Bécue
35d4841638 Allow setup-gpg.sh --import to receive, trust, and add to configure multiple public keys at once 2023-10-27 17:26:23 +02:00
Stéphane Lesimple
6d5255d841 enh: orphaned homedirs: adjust behavior on master instances 2023-10-15 12:53:26 +02:00
Stéphane Lesimple
4fb5e17166 chore: connect.pl: more readable indentation 2023-10-09 17:22:55 +02:00
Stéphane Lesimple
ce9cf3213c enh: connect.pl: report empty ttyrec as ttyrec_empty instead of ttyrec_error 2023-10-09 17:22:55 +02:00
Stéphane Lesimple
cbd0ac6d5c doc: add documentation on how to write integration tests 2023-10-04 18:25:11 +02:00
Stéphane Lesimple
7934b6283b Update bin/admin/check_uid_gid_collisions.pl 
Co-authored-by: Adrien Barreau <adrien.barreau@live.fr>
 2023-10-04 17:55:07 +02:00
Stéphane Lesimple
a468220df7 fix: check_collisions: don't report orphan uids on slave, just use their name 2023-10-04 17:55:07 +02:00
Stéphane Lesimple
0353557939 enh: check_collisions: allow usage of /dev/null 2023-10-04 17:55:07 +02:00
Stéphane Lesimple
0eb61f26f2 meta: dev: add devenv docker, pre-commit info, and doc 2023-10-03 14:23:30 +02:00
Stéphane Lesimple
213bd28616 fix: scp: adapt wrapper and tests to new scp versions 2023-09-20 16:39:29 +02:00
Stéphane Lesimple
8459d03945 chore: bump OpenSUSE Leap from 15.4 to 15.5 2023-09-20 16:39:29 +02:00
Stéphane Lesimple
dfff1c9baa chore: ghactions: bump short test to deb12 2023-09-20 16:39:29 +02:00
Stéphane Lesimple
3ce7eedb88 chore: bump github actions checkout from v2 to v4 2023-09-20 16:39:29 +02:00
Stéphane Lesimple
fe41e62be9 chore: upgrade sandbox and tester dockerfiles to bookworm 2023-09-20 16:39:29 +02:00
Stéphane Lesimple
733fd054a6 fix: setup-gpg.sh: in some cases, an invalid configuration file could be generated 
The escape code didn't work correctly, remove it as it's not needed,
indeed we already ensure that the generated password doesn't contain
any " or \, hence surrounding the var by "" quotes is enough.
 2023-09-20 15:14:55 +02:00
Stéphane Lesimple
5c7389e85f fix: when no command-line is passed, a warn could be emitted in some cases 
This depends on the version of Perl libs, but in any case we shouldn't
pass an undef var to GetOptionsFromString, ensure this never happens
 2023-09-20 13:38:40 +02:00
Stéphane Lesimple
d70e52a09b release v3.14.00 2023-09-19 17:32:43 +02:00
Stéphane Lesimple
13c885df42 enh: enable stealth_stdout mode for sftp 2023-09-19 17:32:27 +02:00
Stéphane Lesimple
a6a25fd53b feat: add type8 and type9 password hashes 
This requires the-bastion-mkhash-helper v1.1.0+
 2023-09-19 17:12:48 +02:00
Stéphane Lesimple
5dc50b3e57
feat: add stealth_stderr/stdout ttyrec support, enable it for scp (#413) 2023-09-19 15:27:00 +02:00
Stéphane Lesimple
ee149cb185
release v3.13.01 (#410) 2023-08-23 11:41:43 +02:00
Stéphane Lesimple
8532a85ba1
doc: add JSON API and MFA documentations (#407) 
* doc: add JSON API documentation
* doc: add MFA section
* doc: clarifications on MFA and JSON API
* Update doc/sphinx/using/api.rst

Co-authored-by: toutoen <74724122+toutoen@users.noreply.github.com>

* Update doc/sphinx/using/api.rst

Co-authored-by: toutoen <74724122+toutoen@users.noreply.github.com>

---------

Co-authored-by: toutoen <74724122+toutoen@users.noreply.github.com>
 2023-08-22 15:57:58 +02:00
Stéphane Lesimple
87d3f721e5 fix: clush: restore default handlers for SIGHUP/PIPE 2023-08-22 15:53:27 +02:00
Philipp Walter
e616f24d89 enh: setup-gpg.sh: create additional backup signing config with --generate 2023-08-22 14:32:30 +02:00
Stéphane Lesimple
9bdfca1c76 release v3.13.00 2023-07-28 14:18:15 +02:00
Stéphane Lesimple
4d8b5f520d fix: selfMFASetupPassword: restore default sighandlers to avoid being zombified 2023-07-28 14:17:50 +02:00
Stéphane Lesimple
a50224a99d chore: tests: ensure test modules don't pollute the caller's env 2023-07-28 11:09:36 +02:00
Stéphane Lesimple
a65c53b76e enh: use ttyrec instead of sqlite to record plugin output 2023-07-28 11:09:10 +02:00
Antoine Guerrée
7821c9ff75 chore(helper): remove -v ssh option 
`--verbose` is the way to go
 2023-07-20 14:52:52 +02:00
Antoine Guerrée
1b6131a753 chore(helper/doc): fix typos 2023-07-20 14:52:52 +02:00
Stéphane Lesimple
58c29c97ab chg: officially support Debian 12, drop Debian 9 2023-06-27 14:13:22 +02:00
Stéphane Lesimple
bd82ee49b7 release v3.12.00 2023-06-27 14:13:22 +02:00
Stéphane Lesimple
f77b8a25d3 fix: accountList: crash in some cases 2023-06-13 10:14:22 +02:00
Stéphane Lesimple
340ebd0bec chore: fix GitHub actions under freebsd 2023-06-01 11:52:39 +02:00
Stéphane Lesimple
5f4832d203 chg: remove Debian 9 tests and dockerfile 2023-06-01 11:52:39 +02:00
Stéphane Lesimple
5cfb049a82 chore: doc: adding plugin configuration autogeneration 2023-06-01 11:52:39 +02:00
Stéphane Lesimple
cf405badfb feat: add 2 configurable knobs to (self|account)AddPersonalAccess 
widest_v4_prefix (maximum allowed prefix to add in a single ACL),
and self_remote_user_only (only allow ACLs where the remote user
is the same than the bastion account name)
 2023-06-01 11:52:39 +02:00
Stéphane Lesimple
482eddb10c feat: plugins: add loadConfig parameter & config validator support 2023-06-01 11:52:39 +02:00
Stéphane Lesimple
262e545bbb feat: add dryrun in access_modify() and widest prefix precondition check 2023-06-01 11:52:39 +02:00
Stéphane Lesimple
f4650bd0dc chore: shell/functions: remove now unused global var 2023-05-31 17:37:52 +02:00
Stéphane Lesimple
0515753f91 fix: add missing autocompletions, readonly flags and help category for some plugins 2023-05-31 17:37:52 +02:00
Stéphane Lesimple
902508f7d1 fix: update undocumented rename-group.sh script 2023-05-31 17:34:34 +02:00
Stéphane Lesimple
d5dd119f83 release v3.11.02 2023-04-18 14:48:47 +02:00
Léo Rolland
71e79b1c36 doc: update ovh.com/blog links 
Actual links are broken, this update now uses blog.ovhcloud.com

Signed-off-by: Léo Rolland <leo.rolland@ovhcloud.com>
 2023-04-17 17:55:02 +02:00
Stéphane Lesimple
c6a6f806d2 feat: add uid/gid collisions checking script & amend doc 2023-04-17 17:53:14 +02:00