diff --git a/system-status/system_info.pl b/system-status/system_info.pl index 572305e2f..a704e9699 100644 --- a/system-status/system_info.pl +++ b/system-status/system_info.pl @@ -328,6 +328,9 @@ if ($info->{'poss'} && &show_section('poss')) { push(@table, { 'desc' => $text{'right_updates'}, 'value' => $msg, 'wide' => 1 }); + # Check for repos + &foreign_require("webmin"); + &webmin::has_repos(1); } return @rv; diff --git a/usermin/usermin-lib.pl b/usermin/usermin-lib.pl index 3763c3dff..bd1a63792 100755 --- a/usermin/usermin-lib.pl +++ b/usermin/usermin-lib.pl @@ -13,13 +13,19 @@ BEGIN { push(@INC, ".."); }; use WebminCore; &init_config(); %access = &get_module_acl(); -$access{'upgrade'} = 0 - if (&is_readonly_mode() || - $access{'disallow'} =~ /upgrade/); # too hard to fake +$access{'upgrade'} = 0 if (&is_readonly_mode()); # too hard to fake &foreign_require("webmin"); &foreign_require("acl"); %text = ( %webmin::text, %text ); +if (!defined($gconfig{'noselfwebminup'})) { + $access{'upgrade'} = 0 + if (&webmin::has_repos()); + } +else { + $access{'upgrade'} = !$gconfig{'noselfwebminup'}; + } + $usermin_miniserv_config = "$config{'usermin_dir'}/miniserv.conf"; $usermin_config = "$config{'usermin_dir'}/config"; diff --git a/web-lib-funcs.pl b/web-lib-funcs.pl index 3b1f8d675..54e78906a 100755 --- a/web-lib-funcs.pl +++ b/web-lib-funcs.pl @@ -4520,9 +4520,8 @@ $m ||= ""; my $mdir = &module_root_directory($m); my %rv; if (!$nodef) { - # Read default ACLs first, to be overridden by per-user settings + # Read default ACL first, to be overridden by per-user settings &read_file_cached("$mdir/defaultacl", \%rv); - &read_file_cached("$config_directory/$m/defaultacl", \%rv); # If this isn't a master admin user, apply the negative permissions # so that he doesn't un-expectedly gain access to new features diff --git a/webmin/change_startpage.cgi b/webmin/change_startpage.cgi index 1ace61e8f..030b4d9e5 100755 --- a/webmin/change_startpage.cgi +++ b/webmin/change_startpage.cgi @@ -18,8 +18,6 @@ $gconfig{'gotoone'} = $in{'gotoone'}; $gconfig{'deftab'} = $in{'deftab'}; $gconfig{'nohostname'} = $in{'nohostname'}; $gconfig{'gotomodule'} = $in{'gotomodule'}; -$gconfig{'nowebminup'} = !$in{'webminup'}; -$gconfig{'nomoduleup'} = !$in{'moduleup'}; &write_file("$config_directory/config", \%gconfig); &unlock_file("$config_directory/config"); &webmin_log("startpage", undef, undef, \%in); diff --git a/webmin/edit_startpage.cgi b/webmin/edit_startpage.cgi index c964bec44..f17647bcc 100755 --- a/webmin/edit_startpage.cgi +++ b/webmin/edit_startpage.cgi @@ -38,12 +38,6 @@ print &ui_table_row($text{'startpage_gotomodule'}, sort { $a->{'desc'} cmp $b->{'desc'} } grep { !$_->{'hidden'} && !$_->{'webmin_hidden'} } @modules ])); -print &ui_table_row($text{'startpage_webminup'}, - &ui_yesno_radio("webminup", !$gconfig{'nowebminup'})); - -print &ui_table_row($text{'startpage_moduleup'}, - &ui_yesno_radio("moduleup", !$gconfig{'nomoduleup'})); - print &ui_table_end(); print &ui_form_end([ [ "", $text{'save'} ] ]); diff --git a/webmin/index.cgi b/webmin/index.cgi index f9f3414d8..cd849c5d6 100755 --- a/webmin/index.cgi +++ b/webmin/index.cgi @@ -61,6 +61,13 @@ push(@wlinks, "edit_ssl.cgi", "edit_ca.cgi"); push(@wtitles, $text{'ssl_title'}, $text{'ca_title'}); push(@wicons, "images/ssl.gif", "images/ca.gif"); +# Enfoce to disable Webmin updates +if ($gconfig{'noselfwebminup'}) { + $access{'disallow'} ||= ''; + $access{'disallow'} = join(' ', + split(/\s+/, $access{'disallow'}), 'upgrade'); + } + # Hide dis-allowed pages my %allow = map { $_, 1 } split(/\s+/, $access{'allow'}); my %disallow = map { $_, 1 } split(/\s+/, $access{'disallow'}); diff --git a/webmin/webmin-lib.pl b/webmin/webmin-lib.pl index a0b9a38ec..c56127594 100755 --- a/webmin/webmin-lib.pl +++ b/webmin/webmin-lib.pl @@ -108,6 +108,39 @@ our $realos_cache_file = "$module_var_directory/realos-cache"; our $password_change_mod = "passwd"; our $password_change_path = "/".$password_change_mod."/change_passwd.cgi"; +if (!defined($gconfig{'noselfwebminup'})) { + &has_repos(); + } + +=head2 has_repos + +Checks if package manager repositories are +available for Webmin and Usermin updates. + +=cut +sub has_repos +{ +my ($force) = @_; +my $has_repos = 0; +if (-d '/etc/apt' || -d '/etc/yum.repos.d') { + my $out = &backquote_command( + "grep -irE 'webmin\.com|webmin\.dev|virtualmin\.com|virtualmin\.dev' ". + "/etc/apt/sources.list /etc/apt/sources.list.d/ ". + "/etc/yum.repos.d/ 2>/dev/null"); + if ($out) { + $has_repos = 1; + } + } +if ($force || !defined($gconfig{'noselfwebminup'}) || + $gconfig{'noselfwebminup'} ne $has_repos) { + $gconfig{'noselfwebminup'} = $has_repos; + &lock_file("$config_directory/config"); + &write_file("$config_directory/config", \%gconfig); + &unlock_file("$config_directory/config"); + } +return $has_repos; +} + =head2 setup_ca Internal function to create all the configuration files needed for the Webmin @@ -1267,8 +1300,9 @@ if (&foreign_check("acl")) { my %access = &get_module_acl(); my %disallow = map { $_, 1 } split(/\s+/, $access{'disallow'} || ""); my %allow = map { $_, 1 } split(/\s+/, $access{'allow'} || ""); -if (&foreign_available($module_name) && !$gconfig{'nowebminup'} && - !$noupdates && ($allow{'upgrade'} || !$disallow{'upgrade'})) { +if (&foreign_available($module_name) && !$gconfig{'nowebminup'} && + !$gconfig{'noselfwebminup'} && !$noupdates && + ($allow{'upgrade'} || !$disallow{'upgrade'})) { if (!$config{'last_version_check'} || $now - $config{'last_version_check'} > 24*60*60) { # Cached last version has expired .. re-fetch