From f5dab0206a3baca73895a587583ddfa402f8f569 Mon Sep 17 00:00:00 2001 From: "tpearson@raptorengineering.com" Date: Thu, 18 Aug 2016 04:46:14 -0500 Subject: [PATCH 1/1] Disable shell access when lockdown is active This patch disables direct command line access when the /etc/pb-lockdown file is present. Signed-off-by: Timothy Pearson Signed-off-by: Samuel Mendoza-Jonas --- ui/ncurses/nc-cui.c | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/ui/ncurses/nc-cui.c b/ui/ncurses/nc-cui.c index 09b63b0..c2f1c83 100644 --- a/ui/ncurses/nc-cui.c +++ b/ui/ncurses/nc-cui.c @@ -25,6 +25,7 @@ #include #include #include +#include #include "log/log.h" #include "pb-protocol/pb-protocol.h" @@ -47,6 +48,14 @@ extern const struct help_text main_menu_help_text; static struct pmenu *main_menu_init(struct cui *cui); +static bool lockdown_active(void) +{ + bool lockdown = false; + if (access(LOCKDOWN_FILE, F_OK) != -1) + lockdown = true; + return lockdown; +} + static void cui_start(void) { initscr(); /* Initialize ncurses. */ @@ -94,6 +103,13 @@ static void cui_atexit(void) clear(); refresh(); endwin(); + + bool lockdown = lockdown_active(); + + while (lockdown) { + sync(); + reboot(RB_AUTOBOOT); + } } /** @@ -826,6 +842,7 @@ static struct pmenu *main_menu_init(struct cui *cui) struct pmenu_item *i; struct pmenu *m; int result; + bool lockdown = lockdown_active(); m = pmenu_init(cui, 7, cui_on_exit); if (!m) { @@ -869,7 +886,10 @@ static struct pmenu *main_menu_init(struct cui *cui) i->on_execute = menu_add_url_execute; pmenu_item_insert(m, i, 5); - i = pmenu_item_create(m, _("Exit to shell")); + if (lockdown) + i = pmenu_item_create(m, _("Reboot")); + else + i = pmenu_item_create(m, _("Exit to shell")); i->on_execute = pmenu_exit_cb; pmenu_item_insert(m, i, 6); -- 2.39.2