The host will no longer store logs in the database. Instead,
logging is done by syslog if running linux. If running
Windows, logs are now stored in a local file in the app
config directory.
Fixed a bug with -add_admin that would fail to create more
than one admin accounts in sequence due to the blank email
addresses being blank. It will now create fake email
addresses unique to each admin account.
Added -res_pw to reset user acccount passwords from the CLI
if needed.
Logging was also expanded to capture and log all failures
reported by all modules stderr output.
Updated build.py and install.py for QT6 support and moved
the linux .service file from /etc to /lib to conform to
systemd standards.
Removed the ls_dbg command because in database logging is
no longer done.
- I decided to remove the entire concept of a root user.
Instead, the host initializes as a blank slate and it
will be up to the host admin to create a rank 1 user via
the new command line option "-add_admin" to do initial
setup with.
- There is no longer such a concept as a protected user.
Meaning even the last rank 1 user in the host database
is allowed to delete or modify the rank of their own
account. To prevent permanent "admin lock out" in this
scenario the "-elevate" command line option was created.
- Host settings are no longer stored in the database.
Instead, host settings are now stored in a conf.json file
in /etc/mrci/conf.json if running on a linux based OS or
in %Programdata%\mrci\conf.json if running on Windows.
- Email templates are no longer stored in the database.
Instead, the templates can be any file formatted in UTF-8
text stored in the host file system. The files they point
to can be modified in the conf.json file.
- The conf file also replaced all use env variables so
MRCI_DB_PATH, MRCI_WORK_DIR, MRCI_PRIV_KEY and
MRCI_PUB_KEY are no longer in use. SSL/TLS cert paths can
be modified in the conf file.
- Removed email template cmds set_email_template and
preview_email.
- Also removed cmds close_host, host_config and
restart_host. The actions these commands could do is best
left to the host system command line.
- The database class will now explicitly check for write
permissions to the database and throw an appropriate
error message if the check fails. "DROP TABLE" SQL
abilities were added to make this happen.
- Removed async cmds exit(3), maxses(5) and restart(11).
- SSL certs are no longer stored in the host database. This was
done not only for security reasons but there is simply no need
to do such thing anymore.
- The host will longer support multiple SSL certs and will instead
have just a single cert for all TCP connections. This required a
change to the client header format that simply replaced the the
common name with padding. The host will also no longer send the
HOST_CERT type id during session initialization. HOST_CERT was
also removed as a type id.
- The cert and privite key are now pointed to files in the local
file system by the environment variables: MRCI_PRIV_KEY and
MRCI_PUB_KEY.
- The host will still create a default self-signed cert if a valid
cert and private key is not defined in the above environmental
vars. Since the host only support single certs now, the default
cert needed to be expanded to include subject alternative names.
The host will try to detect it's WAN ip address using ipify.org
and then assign SANs for all detected local LAN interfaces.
- Since the cert is now handled by environmental vars and nothing
related to it stored in the database, all the core commands
related to cert management were removed.
security updates:
various commands that change or create account passwords now disallow
the user name, display name or email from being contained in it. this
will force users to not use public information inside the password,
hardening password security a little.
the root user name is now changeable and required to be changed on
initial login. this harden security a little by giving host admins the
option to not have a well known user name attached to a high privileged
account.
users can no longer re-use the old password and/or user name when
required to change. however, this does not actually implement full
password history because the user can then later change the password
back to the old password after the required change.
the host can longer block by ip addresses and the auto block threshold
setting has been removed. something like this is best left up to
firewalls, routers, switches or any other networking infrastructure. in
the future i can consider adding event triggering that run certain
admin defined external or internal commands when the host detects
certain event thresholds.
minor changes/bug fixes:
all commands that change or create user names now no longer accept
user names that looks like an mail address. this works out better for
clients when differentiating logging in via user name or email address.
the recover_acct command now also have cancel on blank text options
making it more consistent with all other commands that take text input.
resetting the root user's account password via command line now also
unlocks it if locked.
the -help and -about command line options no longer display the
default password. a new -default_pw option was added for this purpose.
the -status -addr or -stop command line options require super user
privileges to run properly depending on how the host is installed.
an error message like "permission denied" was addded on failure to
make this requirement clear to the end user.
fs_copy and fs_move now does implicit skip on error instead of stop on
error.
the IDLE frame type id now carry an integer return code that can be
interpreted by clients to determine the result of the command that was
sent to the host.
house keeping:
all documentation was updated to reflect the changes made in this commit.
the module tester example is no longer relevant to this project so it
was deleted.
fixed some errors found in the documentation and fully updated the internal
commands docs as well.
also updated the internal module to now respond to KILL_CMD so it can now be
signaled to terminate gracefully.