View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0001191 | bareos-core | webui | public | 2020-02-12 15:40 | 2021-12-21 13:57 |
| Reporter | khvalera | Assigned To | frank | ||
| Priority | high | Severity | crash | Reproducibility | always |
| Status | resolved | Resolution | fixed | ||
| Platform | Linux | OS | Arch Linux | OS Version | x64 |
| Product Version | 19.2.6 | ||||
| Summary | 0001191: The web interface runs under any login and password | ||||
| Description | To enter the web interface starts under any arbitrary username and password. How to fix it? | ||||
| Steps To Reproduce | /etc/bareos/bareos-dir.d/console/web-admin.conf Console { Name = web-admin Password = "123" Profile = "webui-admin" } /etc/bareos/bareos-dir.d/profile/webui-admin.conf Profile { Name = "webui-admin" CommandACL = !.bvfs_clear_cache, !.exit, !.sql, !configure, !create, !delete, !purge, !prune, !sqlquery, !umount, !unmount, *all* Job ACL = *all* Schedule ACL = *all* Catalog ACL = *all* Pool ACL = *all* Storage ACL = *all* Client ACL = *all* FileSet ACL = *all* Where ACL = *all* } /etc/bareos-webui/directors.ini [bareos_dir] enabled = "yes" diraddress = "localhost" dirport>= 9101 ;UsePamAuthentication = yes pam_console_name = "web-admin" pam_console_password = "123" | ||||
| Tags | webui | ||||
|
bareos: master 4378c528 2021-09-27 18:26 Ported: N/A Details Diff |
webui: fix possible issues due to PAM misconfiguration Check if UsePAMAuthentication is enabled on configured console in DIR, if not do not proceed with authentication. Fixes 0001191: The web interface runs under any login and password |
Affected Issues 0001191 |
|
| mod - webui/config/autoload/global.php.in | Diff File | ||
| mod - webui/install/directors.ini.in | Diff File | ||
| mod - webui/vendor/Bareos/library/Bareos/BSock/BareosBSock.php | Diff File | ||
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2020-02-12 15:40 | khvalera | New Issue | |
| 2020-02-12 15:40 | khvalera | Tag Attached: webui | |
| 2020-04-10 00:10 | khvalera | Note Added: 0003936 | |
| 2021-04-29 10:46 | frank | Assigned To | => frank |
| 2021-04-29 10:46 | frank | Status | new => assigned |
| 2021-09-23 16:56 | joergs | Status | assigned => confirmed |
| 2021-09-29 18:22 | frank | Changeset attached | => bareos master 4378c528 |
| 2021-09-29 18:22 | frank | Note Added: 0004289 | |
| 2021-09-29 18:22 | frank | Status | confirmed => resolved |
| 2021-09-29 18:22 | frank | Resolution | open => fixed |
| 2021-12-21 13:57 | arogge | Relationship added | related to 0001289 |
