\n"; -if ($gconfig{'os_type'} ne 'solaris') { - print &text('rbac_esolaris', $gconfig{'real_os_type'}),"
\n"; - } -elsif (!&supports_rbac()) { - if (&foreign_available("cpan")) { - print &text('rbac_eperl', "Authen::SolarisRBAC", - "../cpan/download.cgi?source=0&local=$module_root_directory/Authen-SolarisRBAC-0.1.tar.gz&mode=2&return=/$module_name/&returndesc=".&urlize($text{'index_return'})),"
\n"; - } - else { - print &text('rbac_ecpan', "Authen::SolarisRBAC"), - "
\n"; - } - } -else { - print "$text{'rbac_ok'}
\n"; - } - -&ui_print_footer("", $text{'index_return'}); - diff --git a/acl/edit_user.cgi b/acl/edit_user.cgi index a59f89ea1..7f840f8a5 100755 --- a/acl/edit_user.cgi +++ b/acl/edit_user.cgi @@ -280,7 +280,7 @@ if ($showui) { # Start of security options section my $showsecurity = $access{'logouttime'} || $access{'ips'} || $access{'minsize'} || - &supports_rbac() && $access{'mode'} == 0 || $access{'times'}; + $access{'times'}; if ($showsecurity) { print &ui_hidden_table_start($text{'edit_security'}, "width=100%", 2, "security", 0, [ "width=30%" ]); @@ -321,14 +321,6 @@ if ($access{'ips'}) { 4, 30)); } -if (&supports_rbac() && $access{'mode'} == 0) { - # Deny access to modules not managed by RBAC? - print &ui_table_row($text{'edit_rbacdeny'}, - &ui_radio("rbacdeny", $user{'rbacdeny'} ? 1 : 0, - [ [ 0, $text{'edit_rbacdeny0'} ], - [ 1, $text{'edit_rbacdeny1'} ] ])); - } - if ($access{'times'}) { # Show allowed days of the week my %days = map { $_, 1 } split(/,/, $user{'days'} || ''); diff --git a/acl/images/rbac.gif b/acl/images/rbac.gif deleted file mode 100644 index 30f81eda9..000000000 Binary files a/acl/images/rbac.gif and /dev/null differ diff --git a/acl/index.cgi b/acl/index.cgi index a517cf090..917e33025 100755 --- a/acl/index.cgi +++ b/acl/index.cgi @@ -206,11 +206,6 @@ if (uc($ENV{'HTTPS'}) eq "ON" && $miniserv{'ca'}) { push(@icons, "images/twofactor.gif"); push(@links, "twofactor_form.cgi"); push(@titles, $text{'index_twofactor'}); -if ($access{'rbacenable'} && $gconfig{'os_type'} eq 'solaris') { - push(@icons, "images/rbac.gif"); - push(@links, "edit_rbac.cgi"); - push(@titles, $text{'index_rbac'}); - } if ($access{'pass'}) { push(@icons, "images/pass.gif"); push(@links, "edit_pass.cgi"); diff --git a/acl/lang/en b/acl/lang/en index e4a017fdf..738406dba 100644 --- a/acl/lang/en +++ b/acl/lang/en @@ -23,7 +23,6 @@ index_modgroups=Modules from group $1 index_sync=Configure Unix User Synchronization index_unix=Configure Unix User Authentication index_sessions=View Login Sessions -index_rbac=Setup RBAC index_delete=Delete Selected index_joingroup=Add To Group: index_eulist=Failed to list users : $1 @@ -95,9 +94,6 @@ edit_switch=Switch to User edit_forgot=Send Password Reset Link edit_return=Webmin user edit_return2=Webmin group -edit_rbacdeny=RBAC access mode -edit_rbacdeny0=RBAC only controls selected module ACLs -edit_rbacdeny1=RBAC controls all modules and ACLs edit_global=Permissions for all modules edit_templock=Temporarily locked edit_temppass=Force change at next login @@ -185,8 +181,6 @@ acl_title3=For group $1 in $2 acl_options=$1 access control options acl_config=Can edit module configuration? acl_reset=Reset To Full Access -acl_rbac=Get access control settings from RBAC? -acl_rbacyes=Yes (overrides settings below) acl_uall=All users acl_uthis=This user @@ -382,13 +376,6 @@ hide_clone=(Clone $1) switch_euser=You are not allowed to switch to this user switch_eold=Existing session not found! -rbac_title=Setup RBAC -rbac_desc=Webmin's RBAC integration provides a way for user module and ACL permissions to be determined from an RBAC (Role Based Access Control) database, rather than Webmin's own configuration files. Once RBAC support is enabled, any user for whom the RBAC controls all modules and ACLs option is selected will have his capabilities determined by RBAC rather than Webmin's own access control settings. -rbac_esolaris=RBAC is only supported on Solaris at the moment, and so cannot be used on this $1 system. -rbac_eperl=The Perl module $1 needed for RBAC integration is not installed. Click here to have it installed now. -rbac_ecpan=You do not have access to Webmin's Perl Modules page in order to install the necessary $1 module for RBAC integration. -rbac_ok=RBAC integration is available on this system, and can be enabled on a per-user basis on the Edit Webmin User page. - udeletes_err=Failed to delete users udeletes_jerr=Failed to add users to group udeletes_enone=None selected diff --git a/acl/save_acl.cgi b/acl/save_acl.cgi index 3dff5f637..0aef1496a 100755 --- a/acl/save_acl.cgi +++ b/acl/save_acl.cgi @@ -54,13 +54,8 @@ else { if (defined($in{'noconfig'})) { $maccess{'noconfig'} = $in{'noconfig'}; } - if ($in{'rbac'}) { - # RBAC overrides everything - $maccess{'rbac'} = 1; - } - elsif (-r "../$in{'_acl_mod'}/acl_security.pl") { + if (-r "../$in{'_acl_mod'}/acl_security.pl") { # Use user inputs - $maccess{'rbac'} = 0 if (defined($in{'rbac'})); &foreign_require($in{'_acl_mod'}, "acl_security.pl"); &foreign_call($in{'_acl_mod'}, "acl_security_save", \%maccess, \%in); diff --git a/acl/save_user.cgi b/acl/save_user.cgi index ec9799463..62de632c7 100755 --- a/acl/save_user.cgi +++ b/acl/save_user.cgi @@ -105,11 +105,6 @@ foreach my $u (@ulist) { # Find the current group my $oldgroup = $in{'old'} ? &get_users_group($in{'old'}) : undef; -if (&supports_rbac()) { - # Save RBAC mode - $user{'rbacdeny'} = $in{'rbacdeny'}; - } - my $newgroup; if (defined($in{'group'})) { # Check if group is allowed