ui.scripts / scripts

lockdown.sh

Clone Tools

Stats

Commits this week: 0
Total Committers: 4
Last Commit: 05 Sep
Commits this week: 0

Lines of code count not available

Commit Activity

Commits By Day In Week
52 week commits volume
Commits By Day In Week
Commits by day
Commits By Day In Week
Commits by hour
Commits By Hour In Day
Commit calendar
 

Most active committers (90 days)

loading
loading
  • last updated a few seconds ago
All Commits Reviews
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Monday 27 Jan
9:20 pm

Behrouz NematiPour

LEAH-1884: settings scripts Improvement

- got a potentially solid idea on how to design the models and controllers

- not implemented scripts moved to archive.

Options
    • -296
    • +0
    ./lockdown.sh
  2. … 78 more files in changeset.
Monday 16 Dec 2024
5:27 pm

Behrouz NematiPour

LEAHI-1884: Update Administrative scripts

- Replaced bash with sh in scripts since we do not have bash on the Leahi device.

- Improved the usb_mount.sh and usb_umount.sh

- Development version of the Wifi_scan_for_networks.sh to just send a example of the output to the UI for development and parsing.[ The actual command is kept commented out. ]

Options
    • -1
    • +1
    ./lockdown.sh
  2. … 10 more files in changeset.
Wednesday 06 Mar 2024
6:51 pm

Behrouz NematiPour

staging merge cherry pick

DENBUG-120: UI: Cloud user has Read permissions to WiFi configuration

- Give the denali user permission to remove the permission of the wpa_supplicant.conf for others.

- removing the read permission of the wpa_supplicant conf from others.

DENBUG-117: UI: SRSUI tested by Witekio not 100% passed

- SRSUI 1211: partial tested : RPC and rpcbind appears to be running.

DEN-16676: UI: Production / CS-12: Device registration environment option in manufacturing setup

- Added options for easier and more flexible setup

- Added -W to define the DRT type to automatically setup the CloudSync config file, instead of each build pre-setup for each DRT and registration environment

- Added -U to let user define the update only setup and bypass the DRT server information.

- Improved the output and user interaction.

DEN-16676: UI: Production / CS-12: Device registration environment option in manufacturing setup

- Made the update-only mode the default which seems that is being used more often.

- Removed the -U for update and added -E for manufacturing setup.

DEN-16676: UI: Production / CS-12: Device registration environment option in manufacturing setup

- Updated the help (-h) instruction.

- Fixed typo in code.

DEN-16676: UI: Production / CS-12: Device registration environment option in manufacturing setup

- fixed a code typo which was asking the user for the manufacturing although the normal update was decided.

DEN-16676: UI: Production / CS-12: Device registration environment option in manufacturing setup

- fixed the typo when asking for the environment

DENBUG-120: UI: Cloud user has Read permissions to WiFi configuration

- removed the sudo group users from all access unless specified to have NO access unless specified.

- removed unknown admin and serviceuser groups

- removed the cloud user from sudoers

Note:

- We need to asses the serviceability of the device by removing the sudoers previledges.

- A solution command would be to add a specific user for service and add a section in the samve place with root access to enable the service user.

DENBUG-120: UI: Cloud user has Read permissions to WiFi configuration

- Removed the sudo group access revoke and kept the cloud sudo removal.

Options
    • -9
    • +7
    ./lockdown.sh
  2. … 2 more files in changeset.
2:28 pm

Behrouz NematiPour

DENBUG-120: UI: Cloud user has Read permissions to WiFi configuration

- Removed the sudo group access revoke and kept the cloud sudo removal.

Options
    • -2
    • +3
    ./lockdown.sh
1:41 pm

Behrouz NematiPour

DENBUG-120: UI: Cloud user has Read permissions to WiFi configuration

- removed the sudo group users from all access unless specified to have NO access unless specified.

- removed unknown admin and serviceuser groups

- removed the cloud user from sudoers

Note:

- We need to asses the serviceability of the device by removing the sudoers previledges.

- A solution command would be to add a specific user for service and add a section in the samve place with root access to enable the service user.

Options
    • -10
    • +7
    ./lockdown.sh
Friday 09 Feb 2024
3:10 pm

Behrouz NematiPour

staging merge cherry pick

DENBUG-120: UI: Cloud user has Read permissions to WiFi configuration

- Give the denali user permission to remove the permission of the wpa_supplicant.conf for others.

- removing the read permission of the wpa_supplicant conf from others.

DENBUG-117: UI: SRSUI tested by Witekio not 100% passed

- SRSUI 1211: partial tested : RPC and rpcbind appears to be running.

Options
    • -0
    • +1
    ./lockdown.sh
  2. … 2 more files in changeset.
Tuesday 06 Feb 2024
7:26 pm

Behrouz NematiPour

DENBUG-120: UI: Cloud user has Read permissions to WiFi configuration

- Give the denali user permission to remove the permission of the wpa_supplicant.conf for others.

- removing the read permission of the wpa_supplicant conf from others.

Options
    • -0
    • +1
    ./lockdown.sh
  2. … 1 more file in changeset.
Sunday 14 Jan 2024
2:50 pm

Dara Navaei

DEN-16558 updated the lockdown.sh script to only remove the contents of the cloudsync

Options
    • -1
    • +1
    ./lockdown.sh
2:50 pm

Dara Navaei

DEN-16558 updated the lockdown.sh script to only remove the contents of the cloudsync

Options
    • -1
    • +1
    ./lockdown.sh
Monday 11 Sep 2023
1:49 pm

Behrouz NematiPour

Merge branch 'DEN-16335-UI-VD-S105_CSFolderPermissions' into staging

Options
    • -1
    • +5
    ./lockdown.sh
Tuesday 05 Sep 2023
11:07 am

Vy <vduong@sunriselabs.com>

DEN-16219: Fixed - Denali user will have ONLY list ability (LS) to the folder and files in /var/configurations/CloudSync/*

Replace the existing chmod command in the lockdown script with

- find directories and give only read access

- find all files and remove read, write, and execute permissions

Options
    • -1
    • +5
    ./lockdown.sh
Monday 28 Aug 2023
6:27 am

Behrouz NematiPour

DEN-16284: UI: Cybersecurity: Disable the SSH access by default

Options
    • -2
    • +6
    ./lockdown.sh
  2. … 3 more files in changeset.
Tuesday 08 Aug 2023
1:50 pm

Behrouz NematiPour

Merge branch 'DEN-15918-UI-VD-S102_POST_ConfigFilesCheck' into staging

Options
    • -0
    • +12
    ./lockdown.sh
  2. … 1 more file in changeset.
Monday 07 Aug 2023
11:12 pm

Behrouz NematiPour

DEN-15487: Updated - UI: POST: UI needs to report an error if the configuration files, or parameter(s) are missing.

DEN-16104: UI: Reorder the sequence of the messages in POST from UI to HD

DEN-16019: Unable to Export to USB / Valid USB drives are not recognized

DEN-15977: UI: UI is not responding to POST result request from HD

Options
    • -1
    • +13
    ./lockdown.sh
  2. … 3 more files in changeset.
Sunday 06 Aug 2023
6:15 pm

Behrouz NematiPour

DEN-16150: UI RTC Fails to set in Service mode

- add sudo for the date script.

- add +x to script files

Options
    • -0
    • +0
    ./lockdown.sh
  2. … 10 more files in changeset.
Thursday 03 Aug 2023
5:34 pm

Behrouz NematiPour

DEN-16096: Treatment Logs Do Not Upload to CloudSync Server

- Copied the config.json from the /var/configurations/ to the ~cloud/ CloudSync freshly copied.

Options
    • -0
    • +3
    ./lockdown.sh
Friday 28 Jul 2023
1:06 am

Behrouz NematiPour

DEN-15812: UI: Add an option on the Configurations setup screen to prevent the Device Registration cleanup

- Managed the Settings/System.conf owner

Options
    • -17
    • +20
    ./lockdown.sh
  2. … 6 more files in changeset.
Wednesday 26 Jul 2023
1:27 am

Behrouz NematiPour

DEN-15812: UI: Add an option on the Configurations setup screen to prevent the Device Registration cleanup

- removed the Bluetooth config

- made scripts all executable.

Options
    • -0
    • +0
    ./lockdown.sh
  2. … 9 more files in changeset.
Thursday 13 Jul 2023
3:53 pm

Behrouz NematiPour

DEN-15403: UI: Cybersecurity: POST security check

- Ran the device setup multiple times and fixed some issues and put some additional security fix and features.

- Cleaned up the code a little bit more.

- The main task is to do it at POST.

Options
    • -219
    • +143
    ./lockdown.sh
  2. … 5 more files in changeset.
Monday 03 Jul 2023
4:32 pm

Craig Nadler <cnadler@sunriselab.com>

Made changes to allow this script to be rerun.

Options
    • -7
    • +42
    ./lockdown.sh
Friday 30 Jun 2023
5:56 pm

Craig Nadler <cnadler@sunriselab.com>

Set the iptables rules / firewall.

Options
    • -0
    • +37
    ./lockdown.sh
Thursday 29 Jun 2023
11:24 pm

Craig Nadler <cnadler@sunriselab.com>

Removed sudo for eval and added sudo's for the commands that it called. Fixed /etc/suders file.

Options
    • -0
    • +47
    ./lockdown.sh
  2. … 1 more file in changeset.
9:56 pm

Craig Nadler <cnadler@sunriselab.com>

Checked in changes for moving the apps tp their own user's directory.

Options
    • -18
    • +137
    ./lockdown.sh
  2. … 24 more files in changeset.
1:40 pm

Behrouz NematiPour

copy the staging, application/scripts

- This is copied from the develop branch of application repository.

- At this moment the develop branch includes the staging and Cybersecurity branch merged into it on top of the staging.

Options
    • -0
    • +109
    ./lockdown.sh
  2. … 36 more files in changeset.
1:36 pm

Behrouz NematiPour

copy the Cybersecurity, application/scripts

- Created a branch on the staging for Cybersecurity the same name as the one currently on the application repository [DEN-15279-UI-BN-S97-Cybersecurity]

- Checking out to it

- Copied the application/scripts from the same Cybersecurity branch on the application repository [DEN-15279-UI-BN-S97-Cybersecurity].

- And doing the merge

Options
    • -0
    • +109
    ./lockdown.sh
  2. … 9 more files in changeset.