gitlabFork/ISPConfig3.git - Solinfo Gitblit

			@@ -116,9 +116,9 @@
			$this->app = $app;
			$this->jailkit_config = $app->getconf->get_server_config($conf["server_id"], 'jailkit');

			$app->system->web_folder_protection($parent_domain['document_root'],false);

			$this->_update_website_security_level();

			$app->system->web_folder_protection($parent_domain['document_root'],false);

			$this->_setup_jailkit_chroot();

			@@ -185,9 +185,10 @@
			$this->data = $data;
			$this->app = $app;
			$this->jailkit_config = $app->getconf->get_server_config($conf["server_id"], 'jailkit');

			$this->_update_website_security_level();

			$app->system->web_folder_protection($parent_domain['document_root'],false);
			$this->_update_website_security_level();

			$this->_setup_jailkit_chroot();
			$this->_add_jailkit_user();
			@@ -214,6 +215,8 @@

			function _setup_jailkit_chroot()
			{
			global $app;

			//check if the chroot environment is created yet if not create it with a list of program sections from the config
			if (!is_dir($this->parent_domain['document_root'].'/etc/jailkit'))
			{
			@@ -238,7 +241,7 @@
			$bashrc = escapeshellcmd($this->parent_domain['document_root']).'/etc/bash.bashrc';
			if(@is_file($bashrc) \|\| @is_link($bashrc)) unlink($bashrc);

			file_put_contents($bashrc,$tpl->grab());
			$app->system->file_put_contents($bashrc,$tpl->grab());
			unset($tpl);

			$this->app->log('Added bashrc script: '.$bashrc,LOGLEVEL_DEBUG);
			@@ -251,7 +254,7 @@
			$motd = escapeshellcmd($this->parent_domain['document_root']).'/var/run/motd';
			if(@is_file($motd) \|\| @is_link($motd)) unlink($motd);

			file_put_contents($motd,$tpl->grab());
			$app->system->file_put_contents($motd,$tpl->grab());

			}
			$this->_add_jailkit_programs();
			@@ -296,9 +299,9 @@

			$this->app->log("Added jailkit user to chroot with command: ".$command,LOGLEVEL_DEBUG);

			mkdir(escapeshellcmd($this->parent_domain['document_root'].$jailkit_chroot_userhome), 0755, true);
			chown(escapeshellcmd($this->parent_domain['document_root'].$jailkit_chroot_userhome), escapeshellcmd($this->parent_domain['system_user']));
			chgrp(escapeshellcmd($this->parent_domain['document_root'].$jailkit_chroot_userhome), escapeshellcmd($this->parent_domain['system_group']));
			$app->system->mkdir(escapeshellcmd($this->parent_domain['document_root'].$jailkit_chroot_userhome), 0755, true);
			$app->system->chown(escapeshellcmd($this->parent_domain['document_root'].$jailkit_chroot_userhome), escapeshellcmd($this->parent_domain['system_user']));
			$app->system->chgrp(escapeshellcmd($this->parent_domain['document_root'].$jailkit_chroot_userhome), escapeshellcmd($this->parent_domain['system_group']));

			}

			@@ -314,13 +317,18 @@
			// load the server configuration options
			$app->uses("getconf");
			$web_config = $app->getconf->get_server_config($conf["server_id"], 'web');

			//* If the security level is set to high
			if($web_config['security_level'] == 20) {
			$this->_exec('chmod 755 '.escapeshellcmd($this->parent_domain['document_root']));
			$this->_exec('chown root:root '.escapeshellcmd($this->parent_domain['document_root']));
			}

			// Get the parent website of this shell user
			$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$this->data['new']['parent_domain_id']);

			//* If the security level is set to high
			if($web_config['security_level'] == 20 && is_array($web)) {
			$app->system->web_folder_protection($web["document_root"],false);
			$app->system->chmod($web["document_root"],0755);
			$app->system->chown($web["document_root"],'root');
			$app->system->chgrp($web["document_root"],'root');
			$app->system->web_folder_protection($web["document_root"],true);
			}
			}

			//* Wrapper for exec function for easier debugging