Show Posts
1
24.1 Legacy Series / Add custom privilege to user group
« on: April 08, 2024, 11:02:31 am »
Hey folks,
I'm currently replacing my Pi-hole with the Unbound plugin in OPNsense. That works well so far.
My girlfriend had access to our Pi-hole before, so, to immitate the former state I wanted to create a OPNsense user for her with only access to Unbound's "blocklists" page (/ui/unbound/dnsbl/index). But this currently is not possible, since there's no default ruleset, that provides this functionality. Almost all pages have their own rule, except "blocklists".
There're now two possibilities, at least from my point of view:
I attempted to try the second variant, with the help of https://forum.opnsense.org/index.php?topic=3431.0, but it doesn't matter if I add my own ACL.xml in its own folder or edit Unbound's ACL.xml: After that the OPNsense Web UI is failing to load and I need to undo my changes.
What am I potentially missing?
I'm currently replacing my Pi-hole with the Unbound plugin in OPNsense. That works well so far.
My girlfriend had access to our Pi-hole before, so, to immitate the former state I wanted to create a OPNsense user for her with only access to Unbound's "blocklists" page (/ui/unbound/dnsbl/index). But this currently is not possible, since there's no default ruleset, that provides this functionality. Almost all pages have their own rule, except "blocklists".
There're now two possibilities, at least from my point of view:
- A blocklist permission is added to OPNsense and deployed in an upcoming patch.
- I add this permission by my own.
I attempted to try the second variant, with the help of https://forum.opnsense.org/index.php?topic=3431.0, but it doesn't matter if I add my own ACL.xml in its own folder or edit Unbound's ACL.xml: After that the OPNsense Web UI is failing to load and I need to undo my changes.
What am I potentially missing?