ovh/the-bastion
1
1
Fork 0
mirror of https://github.com/ovh/the-bastion.git synced 2024-09-20 23:15:58 +08:00
Code Issues Packages Projects Releases Wiki Activity
557 commits 5 branches 44 tags 6.9 MiB
Commit graph

557 commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stéphane Lesimple fe41e62be9 chore: upgrade sandbox and tester dockerfiles to bookworm 2023-09-20 16:39:29 +02:00
Stéphane Lesimple 733fd054a6 fix: setup-gpg.sh: in some cases, an invalid configuration file could be generated 
The escape code didn't work correctly, remove it as it's not needed,
indeed we already ensure that the generated password doesn't contain
any " or \, hence surrounding the var by "" quotes is enough.
 2023-09-20 15:14:55 +02:00
Stéphane Lesimple 5c7389e85f fix: when no command-line is passed, a warn could be emitted in some cases 
This depends on the version of Perl libs, but in any case we shouldn't
pass an undef var to GetOptionsFromString, ensure this never happens
 2023-09-20 13:38:40 +02:00
Stéphane Lesimple d70e52a09b release v3.14.00 2023-09-19 17:32:43 +02:00
Stéphane Lesimple 13c885df42 enh: enable stealth_stdout mode for sftp 2023-09-19 17:32:27 +02:00
Stéphane Lesimple a6a25fd53b feat: add type8 and type9 password hashes 
This requires the-bastion-mkhash-helper v1.1.0+
 2023-09-19 17:12:48 +02:00
Stéphane Lesimple 5dc50b3e57
feat: add stealth_stderr/stdout ttyrec support, enable it for scp (#413) 2023-09-19 15:27:00 +02:00
Stéphane Lesimple ee149cb185
release v3.13.01 (#410) 2023-08-23 11:41:43 +02:00
Stéphane Lesimple 8532a85ba1
doc: add JSON API and MFA documentations (#407) 
* doc: add JSON API documentation
* doc: add MFA section
* doc: clarifications on MFA and JSON API
* Update doc/sphinx/using/api.rst

Co-authored-by: toutoen <74724122+toutoen@users.noreply.github.com>

* Update doc/sphinx/using/api.rst

Co-authored-by: toutoen <74724122+toutoen@users.noreply.github.com>

---------

Co-authored-by: toutoen <74724122+toutoen@users.noreply.github.com>
 2023-08-22 15:57:58 +02:00
Stéphane Lesimple 87d3f721e5 fix: clush: restore default handlers for SIGHUP/PIPE 2023-08-22 15:53:27 +02:00
Philipp Walter e616f24d89 enh: setup-gpg.sh: create additional backup signing config with --generate 2023-08-22 14:32:30 +02:00
Stéphane Lesimple 9bdfca1c76 release v3.13.00 2023-07-28 14:18:15 +02:00
Stéphane Lesimple 4d8b5f520d fix: selfMFASetupPassword: restore default sighandlers to avoid being zombified 2023-07-28 14:17:50 +02:00
Stéphane Lesimple a50224a99d chore: tests: ensure test modules don't pollute the caller's env 2023-07-28 11:09:36 +02:00
Stéphane Lesimple a65c53b76e enh: use ttyrec instead of sqlite to record plugin output 2023-07-28 11:09:10 +02:00
Antoine Guerrée 7821c9ff75 chore(helper): remove -v ssh option 
`--verbose` is the way to go
 2023-07-20 14:52:52 +02:00
Antoine Guerrée 1b6131a753 chore(helper/doc): fix typos 2023-07-20 14:52:52 +02:00
Stéphane Lesimple 58c29c97ab chg: officially support Debian 12, drop Debian 9 2023-06-27 14:13:22 +02:00
Stéphane Lesimple bd82ee49b7 release v3.12.00 2023-06-27 14:13:22 +02:00
Stéphane Lesimple f77b8a25d3 fix: accountList: crash in some cases 2023-06-13 10:14:22 +02:00
Stéphane Lesimple 340ebd0bec chore: fix GitHub actions under freebsd 2023-06-01 11:52:39 +02:00
Stéphane Lesimple 5f4832d203 chg: remove Debian 9 tests and dockerfile 2023-06-01 11:52:39 +02:00
Stéphane Lesimple 5cfb049a82 chore: doc: adding plugin configuration autogeneration 2023-06-01 11:52:39 +02:00
Stéphane Lesimple cf405badfb feat: add 2 configurable knobs to (self|account)AddPersonalAccess 
widest_v4_prefix (maximum allowed prefix to add in a single ACL),
and self_remote_user_only (only allow ACLs where the remote user
is the same than the bastion account name)
 2023-06-01 11:52:39 +02:00
Stéphane Lesimple 482eddb10c feat: plugins: add loadConfig parameter & config validator support 2023-06-01 11:52:39 +02:00
Stéphane Lesimple 262e545bbb feat: add dryrun in access_modify() and widest prefix precondition check 2023-06-01 11:52:39 +02:00
Stéphane Lesimple f4650bd0dc chore: shell/functions: remove now unused global var 2023-05-31 17:37:52 +02:00
Stéphane Lesimple 0515753f91 fix: add missing autocompletions, readonly flags and help category for some plugins 2023-05-31 17:37:52 +02:00
Stéphane Lesimple 902508f7d1 fix: update undocumented rename-group.sh script 2023-05-31 17:34:34 +02:00
Stéphane Lesimple d5dd119f83 release v3.11.02 2023-04-18 14:48:47 +02:00
Léo Rolland 71e79b1c36 doc: update ovh.com/blog links 
Actual links are broken, this update now uses blog.ovhcloud.com

Signed-off-by: Léo Rolland <leo.rolland@ovhcloud.com>
 2023-04-17 17:55:02 +02:00
Stéphane Lesimple c6a6f806d2 feat: add uid/gid collisions checking script & amend doc 2023-04-17 17:53:14 +02:00
Stéphane Lesimple f7f1514dd0 fix: groupInfo: show group name in human-readable output 2023-04-17 14:18:51 +02:00
Stéphane Lesimple 1be7b2c3eb chore: update dockerhub workflow 2023-04-12 11:34:49 +02:00
Stéphane Lesimple 84687256a8 fix: --force-key wasn't working for groups 
Fixes #259
 2023-04-07 10:44:14 +02:00
Stéphane Lesimple a0d361b8da fix: tests: race condition after sshd reload 2023-04-07 10:44:05 +02:00
Stéphane Lesimple 708efd90ca chore: add RockyLinux 9 support 2023-04-07 10:44:05 +02:00
Stéphane Lesimple 455fd8b8c3 chore: remove deprecated UseRoaming option from ssh_config 2023-04-07 10:44:05 +02:00
Stéphane Lesimple 4cdd52d85f chore: add Debian 12 to tests 
Note that Debian 12 is not released yet, so it's not yet supported.
 2023-04-07 10:44:05 +02:00
Stéphane Lesimple 52d44ba993 chore: remove Debian openssh-blacklist logic 
All Debian versions supporting this are EOL by now.
 2023-04-07 10:44:05 +02:00
Stéphane Lesimple 6f13149093 chore: bump OpenSUSE Leap tests from 15.3 to 15.4 2023-04-07 10:44:05 +02:00
Stéphane Lesimple 49dc104dd7 chore: push sandbox and tester images from Deb10 to Deb11 
Also remove old config files from previsously dropped OS versions
 2023-04-07 10:44:05 +02:00
Stéphane Lesimple c6904d0fa0 release v3.11.01 2023-03-27 17:04:56 +02:00
Stéphane Lesimple eb9a25a9ac fix: groupInfo: empty gk and guest accesses list 
Introduced in 7a825aeec4
 2023-03-27 17:04:32 +02:00
Stéphane Lesimple e788a22a9b doc: add specific upgrade instructions 2023-03-23 15:03:35 +01:00
Stéphane Lesimple cadf51145d release v3.11.00 2023-03-23 14:37:57 +01:00
Stéphane Lesimple 7a825aeec4 feat: add --all to groupInfo and accountInfo 2023-03-23 14:37:45 +01:00
Stéphane Lesimple a1812e34bb fix: race condition when two parallel account creations used --uid-auto 
Fixes #363
 2023-03-22 11:00:16 +01:00
Stéphane Lesimple a551294bcd chore: fix typo 
Co-authored-by: Adrien Barreau <adrien.barreau@live.fr>
 2023-03-21 12:28:18 +01:00
Stéphane Lesimple 400e14cf1d doc: add PuTTY tutorial 
Closes #356
 2023-03-21 12:28:18 +01:00