ovh/the-bastion
1
1
Fork 0
mirror of https://github.com/ovh/the-bastion.git synced 2025-02-28 01:24:31 +08:00
Code Issues Projects Releases Packages Wiki Activity
163 commits 8 branches 50 tags 9.7 MiB
Commit graph

163 commits

This branch
This branch
All branches
Author SHA1 Message Date
Stéphane Lesimple
f97b761b83
chore: speedup tests by ~20% 2020-12-14 08:57:43 +00:00
Stéphane Lesimple
896721aad6
Merge pull request #85 from ovh/guestfix 
fix: guests: get rid of ghost guest accesses in corner cases
 2020-12-10 12:23:25 +01:00
Stéphane Lesimple
39ddc4c462
fix: guests: get rid of ghost guest accesses in corner cases 
Adding a guest access to a member of a group is now denied, to avoid having
dangling guest accesses when their membership is revoked. In effect, they
could no longer access the group servers, even as guest, because they no longer
had access to the group key, but their previous guest accesses were still
visible in groupListGuestAccesses, causing possible confusion.

We now also revoke all guest accesses of an account to a group, if any,
when it's being set as a member of this group, so that when/if the account
membership is revoked, we don't end up with the same ghost guest accesses as above.
 2020-12-10 10:23:47 +00:00
Stéphane Lesimple
2421a1210c
Merge pull request #82 from ovh/bump 
bump to v3.01.02
 2020-12-08 18:21:03 +01:00
Stéphane Lesimple
a3b2b7d8e4
bump to v3.01.02 2020-12-08 15:41:56 +00:00
Stéphane Lesimple
3031b6ff0c
Merge pull request #84 from ovh/centos 
Fix for centos 8.3
 2020-12-08 16:39:04 +01:00
Stéphane Lesimple
c68b696702
chore: shellcheck & perltidy 2020-12-08 14:42:31 +00:00
Stéphane Lesimple
87128da9d6
chore: adjust readme & docs 2020-12-08 14:42:31 +00:00
Stéphane Lesimple
7707b1c351
fix: osh-groupCreate: fix for centos 8.3 2020-12-08 14:42:27 +00:00
Stéphane Lesimple
457a8fae82
chore: packages-check: remove unused packages 2020-12-08 14:27:38 +00:00
Stéphane Lesimple
dca45a44c5
chore: fix latest centos 8 release, add tests for last 3 minors 2020-12-08 14:27:13 +00:00
Stéphane Lesimple
b82f80defb
Merge pull request #83 from ovh/centos 
fix: packages-check: centos8: handle new repo names
 2020-12-08 12:02:06 +01:00
Stéphane Lesimple
c4d2cea3b0
fix: packages-check: centos8: handle new repo names 2020-12-08 10:54:57 +00:00
Stéphane Lesimple
9f745013b2
Merge pull request #81 from ovh/remote_user_name_fix 
fix: is_valid_remote_user: extend allowed size from 32 to 128
 2020-12-08 11:43:05 +01:00
Stéphane Lesimple
18d8195027
fix: is_valid_remote_user: extend allowed size from 32 to 128 2020-12-08 10:20:25 +00:00
Stéphane Lesimple
a1fc6f3c1c
Merge pull request #80 from axl89/mfa-doc-fix 
Fixed accountMFAPolicy wrong options values
 2020-12-07 20:09:47 +01:00
Axel Amigo Arnold
936988a9e1 Fixed accountMFAPolicy wrong options values 
See configuration.inc:192
 2020-12-07 14:51:46 +01:00
Stéphane Lesimple
eb80296657
Merge pull request #78 from ovh/bump 
release v3.01.01
 2020-12-04 17:40:34 +01:00
Stéphane Lesimple
534ce45812
release v3.01.01 2020-12-04 16:36:08 +00:00
Stéphane Lesimple
8276f3878d
Merge pull request #76 from ovh/fixsudoers 
fix: sudogen: handle '.' and OS-specific templates correctly
 2020-12-04 14:38:02 +01:00
Stéphane Lesimple
74d8a49f3d
Merge pull request #77 from ThibaultDewailly/plugins 
osh-encrypt-rsync: Remove logfile as mandatory parameter
 2020-12-04 11:17:31 +01:00
thibault.dewailly
1e32cfde7d osh-encrypt-rsync: Remove logfile as mandatory parameter 2020-12-04 10:03:18 +00:00
Stéphane Lesimple
7c26c2b721
fix: tests: adjust testcase max days after b604cd137f 2020-12-03 13:20:53 +00:00
Stéphane Lesimple
50c016be10
fix: sudogen: properly handle accounts & groups containing '.' 2020-12-03 13:20:53 +00:00
Stéphane Lesimple
526a5d0389
fix: sudogen: proper detection of OS-specific templates 2020-12-03 13:20:53 +00:00
Stéphane Lesimple
a4317c8c31
Merge pull request #75 from ovh/interactive 
fix: interactive mode: mark non-printable chars as such to avoid read…
 2020-12-02 09:09:47 +01:00
Stéphane Lesimple
9c1870e990
fix: interactive mode: mark non-printable chars as such to avoid readline quirks 2020-12-01 16:42:28 +00:00
Stéphane Lesimple
7008e385d2
Merge pull request #74 from ovh/fix-selfAddPersonalAccess-helptext 
fix: Fix 'selfAddPersonalAccess' helptext
 2020-12-01 16:04:14 +01:00
Thomas Soëte
9647ae9cdb
fix: Fix 'selfAddPersonalAccess' helptext 2020-12-01 15:53:57 +01:00
Stéphane Lesimple
7a811659f6
Merge pull request #73 from speed47/readme 
doc: add information about puppet-thebastion and yubico-piv-checker
 2020-12-01 11:22:57 +01:00
Stéphane Lesimple
5f3961424f
doc: add information about puppet-thebastion and yubico-piv-checker 2020-12-01 09:37:44 +00:00
Stéphane Lesimple
682b9d8297
Merge pull request #72 from ovh/fix-dup-MFAPasswordMaxDays 
Fix missing MFAPasswordWarnDays in bastion.conf.dist
 2020-11-30 10:43:56 +01:00
Thomas Soëte
b604cd137f
Fix MFAPasswordWarnDays in bastion.conf.dist 
Fix duplicate MFAPasswordMaxDays

Fixes #71
 2020-11-28 22:34:10 +01:00
Stéphane Lesimple
4784220b8c
Merge pull request #70 from ovh/akfile 
enh: remove hardcoded .ssh/authorized_keys2 everywhere
 2020-11-27 13:19:52 +01:00
Stéphane Lesimple
4cb09a9570
nh: remove hardcoded .ssh/authorized_keys2 everywhere 2020-11-26 18:08:03 +00:00
Stéphane Lesimple
19d523c8c4
Merge pull request #67 from ovh/doc 
enh: doc: simplify general upgrade procedure
 2020-11-25 18:23:50 +01:00
Stéphane Lesimple
b6b886b669
Merge branch 'master' into doc 2020-11-23 19:15:03 +01:00
Stéphane Lesimple
81194268e2
Merge pull request #63 from Alkorin/allowGroupWithDot 
fix: Allow dot in group name as it is allowed in account
 2020-11-23 19:14:53 +01:00
Stéphane Lesimple
ecbb24282a
Merge branch 'master' into allowGroupWithDot 2020-11-23 16:10:28 +01:00
Thomas SOËTE
a4dc86cfde fix: Allow dot in group name as it is allowed in account 
Fixes #61
 2020-11-23 13:59:23 +00:00
Stéphane Lesimple
5e78c08d67
Merge pull request #69 from ovh/autocompletion 
enh: accountCreate: handle --uid-auto in autocompletion rules
 2020-11-23 14:41:48 +01:00
Stéphane Lesimple
71cd9a46df
Merge branch 'master' into autocompletion 2020-11-23 14:26:46 +01:00
Thomas Soëte
caeb249507
Merge pull request #68 from Alkorin/realmFrom 
enh: doc: add 'from' parameter as it is mandatory
 2020-11-23 12:36:31 +01:00
Stéphane Lesimple
2b74042fd9
doc: fix typo 
Co-authored-by: Thomas Soëte <thomas.soete@ovhcloud.com>
 2020-11-23 12:32:52 +01:00
Stéphane Lesimple
9fb6b8d444
enh: accountCreate: handle --uid-auto in autocompletion rules 2020-11-23 11:29:52 +00:00
Thomas SOËTE
ef531308d5 enh: doc: add from parameter as it is mandatory 2020-11-23 11:28:15 +00:00
Stéphane Lesimple
9714b59403
enh: doc: simplify general upgrade procedure 2020-11-23 11:05:01 +00:00
Stéphane Lesimple
6a81e55bf2
Merge pull request #65 from ovh/adminSudo 
enh: adminSudo: better autocompletion rules
 2020-11-23 10:08:27 +01:00
Stéphane Lesimple
f07e00b1e9
Merge branch 'master' into adminSudo 2020-11-23 10:05:11 +01:00
Stéphane Lesimple
e2a64a9d8f
enh: adminSudo: better autocompletion rules 2020-11-23 08:35:28 +00:00