luci-app-statistics: add missing ACL rules

Signed-off-by: Jo-Philipp Wich <jo@mein.io>

diff --git a/applications/luci-app-statistics/root/usr/share/rpcd/acl.d/luci-app-statistics.json b/applications/luci-app-statistics/root/usr/share/rpcd/acl.d/luci-app-statistics.json
new file mode 100644 (file)
index 0000000..2529fca
--- /dev/null
+++ b/applications/luci-app-statistics/root/usr/share/rpcd/acl.d/luci-app-statistics.json
@@ -0,0 +1,23 @@
+{
+       "luci-app-statistics": {
+               "description": "Grant access to statistics resources",
+               "read": {
+                       "cgi-io": [ "read", "exec" ],
+                       "file": {
+                               "/etc/filesystems": [ "read" ],
+                               "/etc/group": [ "read" ],
+                               "/etc/passwd": [ "read" ],
+                               "/proc/filesystems": [ "read" ],
+                               "/proc/interrupts": [ "read" ],
+                               "/proc/mounts": [ "read" ],
+                               "/proc/partitions": [ "read" ],
+                               "/proc/sys/kernel/hostname": [ "read" ],
+                               "/usr/bin/rrdtool graph - -a PNG *": [ "exec" ],
+                               "/usr/sbin/iptables-save": [ "exec" ],
+                               "/usr/sbin/ip6tables-save": [ "exec" ],
+                               "/usr/sbin/sensors -j": [ "exec" ],
+                               "/usr/share/luci/statistics/plugins/*.json": [ "read" ]
+                       }
+               }
+       }
+}