luci-app-*: migrate LogreadBox consumers to use new permission ACLs

		"ubus": {
			"log": [ "read" ]
		}

Signed-off-by: Paul Donald <[email protected]>

Author: systemcrash

applications/luci-app-acme/root/usr/share/rpcd/acl.d/luci-app-acme.json

@@ -1,20 +1,21 @@
 {
-        "luci-app-acme": {
-                "description": "Grant UCI access for luci-app-acme",
-                "read": {
-                        "cgi-io": [ "exec" ],
-                        "file": {
-                                "/usr/lib/acme/client/dnsapi": [ "list" ],
-                                "/proc/sys/kernel/hostname": [ "read" ],
-                                "/etc/ssl/acme": [ "list" ],
-                                "/usr/libexec/acmesh-dnsinfo.sh": [ "exec" ],
-                                "/sbin/logread -e acme": [ "exec" ],
-                                "/usr/sbin/logread -e acme": [ "exec" ]
-                        },
-                        "uci": [ "acme", "ddns" ]
-                },
-                "write": {
-                        "uci": [ "acme" ]
-                }
-        }
+	"luci-app-acme": {
+		"description": "Grant UCI access for luci-app-acme",
+		"read": {
+			"cgi-io": [ "exec" ],
+			"file": {
+				"/usr/lib/acme/client/dnsapi": [ "list" ],
+				"/proc/sys/kernel/hostname": [ "read" ],
+				"/etc/ssl/acme": [ "list" ],
+				"/usr/libexec/acmesh-dnsinfo.sh": [ "exec" ],
+			},
+			"uci": [ "acme", "ddns" ],
+			"ubus": {
+				"log": [ "read" ]
+			}
+		},
+		"write": {
+			"uci": [ "acme" ]
+		}
+	}
 }

applications/luci-app-adblock/root/usr/share/rpcd/acl.d/luci-app-adblock.json

@@ -33,12 +33,6 @@
 				"/var/run/adb_runtime.json": [
 					"read"
 				],
-				"/sbin/logread -e adblock-": [
-					"exec"
-				],
-				"/usr/sbin/logread -e adblock-": [
-					"exec"
-				],
 				"/etc/init.d/adblock reload": [
 					"exec"
 				],
@@ -61,6 +55,9 @@
 					"exec"
 				]
 			},
+			"ubus": {
+				"log": [ "read" ]
+			},
 			"uci": [
 				"adblock"
 			]

applications/luci-app-banip/root/usr/share/rpcd/acl.d/luci-app-banip.json

@@ -30,18 +30,6 @@
 				"/var/run/banip.lock": [
 					"read"
 				],
-				"/sbin/logread -e banIP-": [
-					"exec"
-				],
-				"/usr/sbin/logread -e banIP-": [
-					"exec"
-				],
-				"/sbin/logread -e  banIP/": [
-					"exec"
-				],
-				"/usr/sbin/logread -e  banIP/": [
-					"exec"
-				],
 				"/usr/sbin/nft -tj list sets": [
 					"exec"
 				],
@@ -70,6 +58,9 @@
 					"exec"
 				]
 			},
+			"ubus": {
+				"log": [ "read" ]
+			},
 			"uci": [
 				"banip"
 			]

applications/luci-app-clamav/root/usr/share/rpcd/acl.d/luci-app-clamav.json

@@ -3,15 +3,16 @@
 		"description": "Grant UCI access for luci-app-clamav",
 		"read": {
 			"file": [ "/tmp/*" ],
+			"ubus": {
+				"log": [ "read" ]
+			},
 			"uci": [ "clamav", "clamav-milter", "freshclam" ]
 		},
 		"write": {
 			"file": {
 				"/etc/init.d/clamav *": [ "exec" ],
 				"/etc/init.d/clamav-milter *": [ "exec" ],
-				"/etc/init.d/freshclam *": [ "exec" ],
-				"/sbin/logread -e clamav": [ "exec" ],
-				"/usr/sbin/logread -e clamav": [ "exec" ]
+				"/etc/init.d/freshclam *": [ "exec" ]
 			},
 			"uci": [ "clamav", "clamav-milter", "freshclam" ]
 		}

applications/luci-app-nextdns/root/usr/share/rpcd/acl.d/luci-app-nextdns.json

@@ -2,8 +2,8 @@
 	"luci-app-nextdns": {
 		"description": "Grant logread access to LuCI app nextdns",
 		"read": {
-			"file": {
-				"/sbin/logread": [ "exec" ]
+			"ubus": {
+				"log": [ "read" ]
 			},
 			"uci": [ "nextdns" ]
 		},

applications/luci-app-travelmate/root/usr/share/rpcd/acl.d/luci-app-travelmate.json

@@ -15,14 +15,15 @@
 				"/var/run/travelmate.scan": [ "read" ],
 				"/var/state/travelmate.refresh": [ "read" ],
 				"/tmp/trm_runtime.json": [ "read" ],
-				"/sbin/logread -e trm-": [ "exec" ],
-				"/usr/sbin/logread -e trm-": [ "exec" ],
 				"/sbin/ifup *": [ "exec" ],
 				"/etc/init.d/travelmate start" : [ "exec" ],
 				"/etc/init.d/travelmate stop" : [ "exec" ],
 				"/etc/init.d/travelmate setup [0-9a-z_]* [0-9a-z_]* [0-9]*" : [ "exec" ],
 				"/etc/init.d/travelmate scan radio[0-1]" : [ "exec" ]
 			},
+			"ubus": {
+				"log": [ "read" ]
+			},
 			"uci": [ "travelmate", "wireless" ]
 		}
 	}