Added domain wide terminal shell option.

2025-10-29 15:25:01 -04:00 · 2021-01-20 12:43:14 -08:00 · 2021-01-20 12:43:14 -08:00 · 921e610d19
commit 921e610d19
parent d3fd8e7311
5 changed files with 37 additions and 3 deletions
--- a/amtmanager.js
+++ b/amtmanager.js
@ -869,6 +869,8 @@ module.exports.CreateAmtManager = function (parent) {
                    if (domain.amtmanager.tlsrootcert2 != null) {
                        xxCaPrivateKey = domain.amtmanager.tlsrootcert2.key;
                        issuerattributes = domain.amtmanager.tlsrootcert2.attributes;
+                        // TODO: We should change the start and end dates of our issued certificate to at least match the root.
+                        // TODO: We could do one better and auto-renew TLS certificates as needed.
                    }

                    // Set the extended key usages
--- a/meshcentral-config-schema.json
+++ b/meshcentral-config-schema.json
@ -302,6 +302,17 @@
              "MaxSingleUserSessions": { "type": "integer" }
            }
          },
+          "terminal": {
+            "type": "object",
+            "description": "Values that affect the terminal feature",
+            "properties": {
+              "linuxshell": {
+                "type": "string",
+                "enum": [ "any", "root", "user", "login" ],
+                "default": "any"
+              }
+            }
+          },
          "amtManager": {
            "type": "object",
            "additionalProperties": false,
--- a/meshuser.js
+++ b/meshuser.js
@ -467,6 +467,9 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
                if (parent.parent.config.settings.managealldevicegroups.indexOf(user._id) >= 0) { serverinfo.manageAllDeviceGroups = true; }
                if (obj.crossDomain === true) { serverinfo.crossDomain = []; for (var i in parent.parent.config.domains) { serverinfo.crossDomain.push(i); } }
            }
+            if (typeof domain.terminal == 'object') { // Settings used for remote terminal feature
+                if ((typeof domain.terminal.linuxshell == 'string') && (domain.terminal.linuxshell != 'any')) { serverinfo.linuxshell = domain.terminal.linuxshell; }
+            }

            // Send server information
            try { ws.send(JSON.stringify({ action: 'serverinfo', serverinfo: serverinfo })); } catch (ex) { }
--- a/translate/translate.json
+++ b/translate/translate.json
@ -22819,6 +22819,12 @@
        "default.handlebars->31->1820"
      ]
    },
+    {
+      "en": "Lock the remote computer",
+      "xloc": [
+        "default.handlebars->container->column_l->p11->deskarea0->deskarea4->1"
+      ]
+    },
    {
      "cs": "Zamknuto",
      "de": "Gesperrt",
--- a/views/default.handlebars
+++ b/views/default.handlebars
@ -4856,6 +4856,10 @@
                case 'termConnectButton': {
                    // Terminal connect button context menu
                    if ((currentNode == null) || (currentNode.agent == null)) return true;
+
+                    // If the server has a specific terminal shell mode, don't show connection options
+                    if (serverinfo.linuxshell && (currentNode.agent.id > 4)) return;
+
                    contextelement = elem;
                    var contextmenudiv = document.getElementById('termShellContextMenu'); // Windows options (Power Shell)
                    if (currentNode.agent.id > 4) { contextmenudiv = document.getElementById('termShellContextMenuLinux'); } // Non-Windows options
@ -8060,6 +8064,13 @@
                        }
                    }

+                    // If the server requires a shell type
+                    if ((serverinfo.linuxshell) != null && (currentNode.agent.id > 4)) {
+                        if (serverinfo.linuxshell == 'root') { termoptions.protocol = 1; delete termoptions.requireLogin; }
+                        if (serverinfo.linuxshell == 'user') { termoptions.protocol = 8; delete termoptions.requireLogin; }
+                        if (serverinfo.linuxshell == 'login') { termoptions.protocol = 1; termoptions.requireLogin = true; }
+                    }
+
                    if (args.xterm !== 0) {
                        // Setup a mesh agent xterm terminal
                        QV('termarea3xdiv', true);
@ -8081,11 +8092,12 @@
                        });

                        // Setup a terminal tunnel to the agent
-                        terminal = CreateAgentRedirect(meshserver, CreateRemoteTunnel(tunnelUpdate, options), serverPublicNamePort, authCookie, authRelayCookie, domainUrl);
+                        terminal = CreateAgentRedirect(meshserver, CreateRemoteTunnel(tunnelUpdate, termoptions), serverPublicNamePort, authCookie, authRelayCookie, domainUrl);
                        terminal.debugmode = debugmode;
                        terminal.m.debugmode = debugmode;
+                        terminal.options = termoptions;
                        terminal.options = { cols: xterm.cols, rows: xterm.rows };
-                        if (options && options.requireLogin) { terminal.options.requireLogin = true; }
+                        if (termoptions.requireLogin) { terminal.options.requireLogin = true; }
                        terminal.Start(terminalNode._id);
                        terminal.onStateChanged = onTerminalStateChange;
                        terminal.contype = 1;