[WebUI] add configuration options to lock-down WebUI/disable Poweroff and Restart system.

[GvY85]

Expected behavior

Default pihole user should not be able to shutdown or restart system from the WebUI. The fact that anyone with the Pi-hole WebUI password can power-off or restart the entire system is, imo, not desirable. This more or less bypasses any security measures such as 2FA to get into the system (f.e. via SSH). Especially since I can imagine a lot of users using a relatively easy password so that spouses etc can whitelist domains or diable Pi-hole without to much hassle.

My suggestion would be to give the user configuration options (not accessible via the WebUI) that make it possible to remove the buttons at the Settings -> System page. Perhaps additional options could be added so the user can remove other pages from the WebUI? Another approach would be to add support for multiple users with their own rights but then the admin user still only needs a password to power-off a system while user might want to hide such powers behind a 2FA protected SSH login.

Actual behavior / bug

"Dangerous" options to power-off and reboot the system are hidden behind a single password.

[jfb-pihole]

That is essentially the purpose of a password. People without the passwork have no privileges, those with the password have privileges.

If you don't want people to have access to the web admin, don't give them the password.

[PromoFaux]

To be honest, it does beg the question "Do we actually need buttons to reboot/shutdown the system on the web interface?"

[jfb-pihole]

They do come in handy. I've had an occasion or two where I used those buttons when ssh was not available. Reboot through the web admin GUI restored the ssh functionality.

[dschaper]

Pi-hole is a DNS server, not a system manager. No temperature monitor, no reboot/restart, no coffee/latte/cappuccino maker...

[jfb-pihole]

I can live without the temperature and reboot, but the lack of cappuchino may be a deal breaker...

[rdwebdesign]

Unfortunately, I can't use javascript and CSS to make a cappuchino or expresso machine.

[GvY85]

So many people, so many wishes :).

Perhaps then the simplest option would be to just add a setting that hides the 2 or 3 red buttons in Settings -> System?

Maybe a future request would be to have a login option/separate account for spouses etc that can be tuned to, for example, only allow temporary disabling of the blocker or whitelisting/blacklisting etc.

But for now I would be happy with the option to add buttons from the System tab.

[github-actions[bot]]

This issue is stale because it has been open 30 days with no activity. Please comment or update this issue or it will be closed in 5 days.

[GvY85]

I saw some commits/pull requests a while back but what is the status of this?

[yubiuser]

We decided to implement this on Pi-hole v6 https://github.com/pi-hole/AdminLTE/pull/2529

[dschaper]

I'd like to have it sooner than that but I consider it a breaking change and not one that would be pushed out with a minor version release. I'm open to other considerations, I know we've broken more substantial things with minor releases.

[github-actions[bot]]

This issue is stale because it has been open 30 days with no activity. Please comment or update this issue or it will be closed in 5 days.