rss
You can now change your password with Licorn® CLI
Just run mod user -C and you're done.
root can change any user's password.
Any user (member of admins group) can try to change any other user's password, but must know the current one...
A standard user can't change his/her password yet (this needs a full rewrite of the security model), but this will come in the near future.
Daemon status available
In my last patch I added the availability to query daemon status, in two ways:
- the get status command, which can be called with argument --full. This command is complemented by get users --dump, get groups --dump and so on, which help debugging daemon internal data structures without stopping it. This method for getting the daemon status is independent from its state (forked into background or not).
- when the daemon is attached to the terminal (launched with -D), you can now type uni-letters commands to query it:
- 'f' or 'l' will toggle between normal and full status.
- [Enter] will just display a newline (usefull for manually marking spaces between different operations.
- Ctrl-L will clear the screen, like in a normal terminal.
- Ctrl-T will display the current status of the daemon (full status depends on wether you activated it before or not, beiing disabled by default and remembered across the daemon session when you set it, until terminate or restart).
- Ctrl-Y (or space) will do the same, but will clear the same first. Typing repeatedly on space will emulate a top-like behaviour, permitting to monitor the daemon status, even if it is very active.
- Ctrl-R will reload the daemon (by sending it an USR1 signal). Very useful when you modified daemon or core code, just hit R in your daemon terminal and you're done with the new code reloaded.
- Ctrl-C will break and terminate, as expected.
- Ctrl-U will terminate the daemon with a traditionnal signal 15 (similating a normal kill or killall).
- (Caution) Ctrl-K will send a real KILL signal, when the daemon is stuck.
In some rare cases (when the interactor thread is crashed, which never happens ;-) ), you will not be able to use these commands and will need to operate "à l'ancienne" (Ctrl-Z, bg, sudo killall -r licornd and al.).
Pyro changes in stable branch
Pyro work has been commited to the stable branch. News:
- you don't need to use sudo anymore with licorn commands. If you're a member of group admins, everything should be transparent for you.
- every CLI tool and the WMI needs the daemon to work.
- CLI tools will launch the daemon if needed and wait for it to be ready before continuing.
Functionnaly-wise, nothing should have changed (this is guaranteed by the testsuite).
Security-wise, core objects are not yet protected with locks, but this is the next work to do in turn. For everyday use, this should not hurt (i've tryed to crash it, but didn't succeed).
New set of commands for privileges
If you know about privileges, you know you can manipulate them only via the configuration object, like this:
get config privs sudo add group licorn-wmi --system sudo mod config --add-privileges licorn-wmi sudo add group remote-ssh --system sudo mod config --add-privileges remotessh sudo mod config --del-privileges licorn-wmi,remotessh get config privileges
Now you can handle them kind of "directly", like this:
get privs sudo add group licorn-wmi --system sudo add priv licorn-wmi sudo add group remote-ssh --system sudo add priv remotessh sudo del privs licorn-wmi,remotessh get privileges
Which is quite simpler, and - I think - more logical or consistent with the rest of the command set. The code lies in changeset 310.
