Hi Christoph,

to add further logins to ubus simply add further "config login" sections
to /etc/config/rpcd.

In the same config login section you reference the ACL groups the user
should have access to, e.g.

config login
  option username guest
  option password '$1$$I2o9Z7NcvQAKp7wyCTlia0'
  list read group4
  list write group1
  list write group2
  list write group3

etc.

If the password option is specified like "$p$<user>" then the password
hash for <user> is validated against /etc/shadow.

If the password option is specified like "$1$<hash>" then the client
supplied login password is hashed through crypt() and compared against
the hash in the config. You can generate such a hash with "mkpasswd -5
password" or "uhttpd -m password".

Note that "write" implies "read" permission so there's no need to
reference groups twice.

The list write / list read options also allow globbing and negation so
you can e.g. specify:

  list write foo*
  list write !foobar

This would grant access to any ACL group with a name beginning in "foo"
but not to the group called "foobar".


HTH,
Jow

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel

Reply via email to