- Improved cron and ssh user plugins. - Added "touch" function to system.in...

tbrehm

2012-10-19 cc99cdff8ff86b3fbe8eb4261bfaddb86fbec3ec

- Improved cron and ssh user plugins.
- Added "touch" function to system.inc.php

 server/lib/classes/system.inc.php

@@ -709,6 +709,19 @@
        return copy($file1,$file2);
    }
    
    function touch($file, $allow_symlink = false){
      global $app;
      if($allow_symlink == false && @file_exists($file) && $this->checkpath($file) == false) {
        $this->unlink($file);
      }
      if(@touch($file)) {
            return true;
      } else {
            $app->log("touch failed: $file",LOGLEVEL_DEBUG);
            return false;
      }
    }
	
    function checkpath($path) {
        $path = trim($path);
        //* We allow only absolute paths

 server/plugins-available/cron_jailkit_plugin.inc.php

@@ -215,6 +215,8 @@
    
    function _setup_jailkit_chroot()
    {
        global $app;	
			
            //check if the chroot environment is created yet if not create it with a list of program sections from the config
            if (!is_dir($this->parent_domain['document_root'].'/etc/jailkit'))
            {
@@ -239,7 +241,7 @@
                $bashrc = escapeshellcmd($this->parent_domain['document_root']).'/etc/bash.bashrc';
                if(@is_file($bashrc) || @is_link($bashrc)) unlink($bashrc);
                
                file_put_contents($bashrc,$tpl->grab());
                $app->system->file_put_contents($bashrc,$tpl->grab());
                unset($tpl);
                
                $this->app->log('Added bashrc script: '.$bashrc,LOGLEVEL_DEBUG);
@@ -252,7 +254,7 @@
                $motd = escapeshellcmd($this->parent_domain['document_root']).'/var/run/motd';
                if(@is_file($motd) || @is_link($motd)) unlink($motd);
                
                file_put_contents($motd,$tpl->grab());
                $app->system->file_put_contents($motd,$tpl->grab());
                
            }
            $this->_add_jailkit_programs();
@@ -297,9 +299,9 @@
                
            $this->app->log("Added jailkit user to chroot with command: ".$command,LOGLEVEL_DEBUG);
                
            mkdir(escapeshellcmd($this->parent_domain['document_root'].$jailkit_chroot_userhome), 0755, true);
            chown(escapeshellcmd($this->parent_domain['document_root'].$jailkit_chroot_userhome), escapeshellcmd($this->parent_domain['system_user']));
            chgrp(escapeshellcmd($this->parent_domain['document_root'].$jailkit_chroot_userhome), escapeshellcmd($this->parent_domain['system_group']));
            $app->system->mkdir(escapeshellcmd($this->parent_domain['document_root'].$jailkit_chroot_userhome), 0755, true);
            $app->system->chown(escapeshellcmd($this->parent_domain['document_root'].$jailkit_chroot_userhome), escapeshellcmd($this->parent_domain['system_user']));
            $app->system->chgrp(escapeshellcmd($this->parent_domain['document_root'].$jailkit_chroot_userhome), escapeshellcmd($this->parent_domain['system_group']));
            
    }
    

 server/plugins-available/cron_plugin.inc.php

@@ -142,7 +142,7 @@
        }
        
        // make temp directory writable for the apache and website users
        chmod(escapeshellcmd($parent_domain["document_root"].'/tmp'), 0777);
        $app->system->chmod(escapeshellcmd($parent_domain["document_root"].'/tmp'), 0777);
        
        /** TODO READ CRON MASTER **/
        
@@ -234,19 +234,19 @@
        }
        
        if($cmd_count > 0) {
            file_put_contents($cron_file, $cron_content);
            $app->system->file_put_contents($cron_file, $cron_content);
            $app->log("Wrote Cron file $cron_file with content:\n$cron_content",LOGLEVEL_DEBUG);
        } else {
            @unlink($cron_file);
            $app->system->unlink($cron_file);
            $app->log("Deleted Cron file $cron_file",LOGLEVEL_DEBUG);
        }
        
        $cron_file = escapeshellcmd($cron_config["crontab_dir"].'/ispc_chrooted_'.$this->parent_domain["system_user"]);
        if($chr_cmd_count > 0) {
            file_put_contents($cron_file, $chr_cron_content);
            $app->system->file_put_contents($cron_file, $chr_cron_content);
            $app->log("Wrote Cron file $cron_file with content:\n$chr_cron_content",LOGLEVEL_DEBUG);
        } else {
            @unlink($cron_file);
            $app->system->unlink($cron_file);
            $app->log("Deleted Cron file $cron_file",LOGLEVEL_DEBUG);
        }
        

 server/plugins-available/shelluser_base_plugin.inc.php

@@ -107,10 +107,10 @@
                $this->_setup_ssh_rsa();
                
                //* Create .bash_history file
                touch(escapeshellcmd($data['new']['dir']).'/.bash_history');
                chmod(escapeshellcmd($data['new']['dir']).'/.bash_history', 0755);
                chown(escapeshellcmd($data['new']['dir']).'/.bash_history', escapeshellcmd($data['new']['username']));
                chgrp(escapeshellcmd($data['new']['dir']).'/.bash_history', escapeshellcmd($data['new']['pgroup']));
                $app->system->touch(escapeshellcmd($data['new']['dir']).'/.bash_history');
                $app->system->chmod(escapeshellcmd($data['new']['dir']).'/.bash_history', 0755);
                $app->system->chown(escapeshellcmd($data['new']['dir']).'/.bash_history', $data['new']['username']);
                $app->system->chgrp(escapeshellcmd($data['new']['dir']).'/.bash_history', $data['new']['pgroup']);
                
                //* Disable shell user temporarily if we use jailkit
                if($data['new']['chroot'] == 'jailkit') {
@@ -174,10 +174,10 @@
                    
                    //* Create .bash_history file
                    if(!is_file($data['new']['dir']).'/.bash_history') {
                        touch(escapeshellcmd($data['new']['dir']).'/.bash_history');
                        chmod(escapeshellcmd($data['new']['dir']).'/.bash_history', 0755);
                        chown(escapeshellcmd($data['new']['dir']).'/.bash_history',escapeshellcmd($data['new']['username']));
                        chgrp(escapeshellcmd($data['new']['dir']).'/.bash_history',escapeshellcmd($data['new']['pgroup']));
                        $app->system->touch(escapeshellcmd($data['new']['dir']).'/.bash_history');
                        $app->system->chmod(escapeshellcmd($data['new']['dir']).'/.bash_history', 0755);
                        $app->system->chown(escapeshellcmd($data['new']['dir']).'/.bash_history',escapeshellcmd($data['new']['username']));
                        $app->system->chgrp(escapeshellcmd($data['new']['dir']).'/.bash_history',escapeshellcmd($data['new']['pgroup']));
                    }
                    
                } else {
@@ -248,19 +248,20 @@
            exec('ssh-keygen -t rsa -C '.$username.'-rsa-key-'.time().' -f /tmp/id_rsa -N ""');
            
            // use the public key that has been generated
            $userkey = file_get_contents('/tmp/id_rsa.pub');
            $userkey = $app->system->file_get_contents('/tmp/id_rsa.pub');
            
            // save keypair in client table
            $this->app->db->query("UPDATE client SET created_at = ".time().", id_rsa = '".file_get_contents('/tmp/id_rsa')."', ssh_rsa = '".$userkey."' WHERE client_id = ".$id);
            $this->app->db->query("UPDATE client SET created_at = ".time().", id_rsa = '".$app->db->quote($app->system->file_get_contents('/tmp/id_rsa'))."', ssh_rsa = '".$app->db->quote($userkey)."' WHERE client_id = ".$id);
            
            exec('rm -f /tmp/id_rsa /tmp/id_rsa.pub');
            $app->system->unlink('/tmp/id_rsa');
            $app->system->unlink('/tmp/id_rsa.pub');
            $this->app->log("ssh-rsa keypair generated for ".$username,LOGLEVEL_DEBUG);
        };

        if (!file_exists($sshkeys)){
            // add root's key
            $app->file->mkdirs($sshdir, '0700');
            if(is_file('/root/.ssh/authorized_keys')) file_put_contents($sshkeys, file_get_contents('/root/.ssh/authorized_keys'));
            if(is_file('/root/.ssh/authorized_keys')) $app->system->file_put_contents($sshkeys, $app->system->file_get_contents('/root/.ssh/authorized_keys'));
        
            // Remove duplicate keys
            $existing_keys = @file($sshkeys);
@@ -275,7 +276,7 @@
            $final_keys = implode("\n", array_flip(array_flip($new_final_keys_arr)));
            
            // add the user's key
            file_put_contents($sshkeys, $final_keys);
            $app->system->file_put_contents($sshkeys, $final_keys);
            $app->file->remove_blank_lines($sshkeys);
            $this->app->log("ssh-rsa authorisation keyfile created in ".$sshkeys,LOGLEVEL_DEBUG);
        }
@@ -309,7 +310,7 @@
        $final_keys = implode("\n", array_flip(array_flip($new_final_keys_arr)));
            
        // add the custom key 
        file_put_contents($sshkeys, $final_keys);
        $app->system->file_put_contents($sshkeys, $final_keys);
        $app->file->remove_blank_lines($sshkeys);
        $this->app->log("ssh-rsa key updated in ".$sshkeys,LOGLEVEL_DEBUG);
        

 server/plugins-available/shelluser_jailkit_plugin.inc.php

@@ -204,6 +204,8 @@
    
    function _setup_jailkit_chroot()
    {
            global $app;
			
            //check if the chroot environment is created yet if not create it with a list of program sections from the config
            if (!is_dir($this->data['new']['dir'].'/etc/jailkit'))
            {
@@ -245,7 +247,7 @@
                $motd = escapeshellcmd($this->data['new']['dir']).'/var/run/motd';
                if(@is_file($motd) || @is_link($motd)) unlink($motd);
                
                file_put_contents($motd,$tpl->grab());
                $app->system->file_put_contents($motd,$tpl->grab());
                
            }
    }
@@ -318,14 +320,14 @@
            $this->app->log("Added jailkit user to chroot with command: ".$command,LOGLEVEL_DEBUG);
                        
            if(!is_dir($this->data['new']['dir'].$jailkit_chroot_userhome)) mkdir(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_userhome), 0755, true);
            chown(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_userhome), $this->data['new']['username']);
            chgrp(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_userhome), $this->data['new']['pgroup']);
            $app->system->chown(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_userhome), $this->data['new']['username']);
            $app->system->chgrp(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_userhome), $this->data['new']['pgroup']);
                
            $this->app->log("Added created jailkit user home in : ".$this->data['new']['dir'].$jailkit_chroot_userhome,LOGLEVEL_DEBUG);
            
            if(!is_dir($this->data['new']['dir'].$jailkit_chroot_puserhome)) mkdir(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_puserhome), 0755, true);
            chown(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_puserhome), $this->data['new']['puser']);
            chgrp(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_puserhome), $this->data['new']['pgroup']);
            $app->system->chown(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_puserhome), $this->data['new']['puser']);
            $app->system->chgrp(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_puserhome), $this->data['new']['pgroup']);
                
            $this->app->log("Added jailkit parent user home in : ".$this->data['new']['dir'].$jailkit_chroot_puserhome,LOGLEVEL_DEBUG);
            
@@ -390,19 +392,20 @@
            exec('ssh-keygen -t rsa -C '.$username.'-rsa-key-'.time().' -f /tmp/id_rsa -N ""');
            
            // use the public key that has been generated
            $userkey = file_get_contents('/tmp/id_rsa.pub');
            $userkey = $app->system->file_get_contents('/tmp/id_rsa.pub');
            
            // save keypair in client table
            $this->app->db->query("UPDATE client SET created_at = ".time().", id_rsa = '".file_get_contents('/tmp/id_rsa')."', ssh_rsa = '".$userkey."' WHERE client_id = ".$id);
            $this->app->db->query("UPDATE client SET created_at = ".time().", id_rsa = '".$app->db->quote($app->system->file_get_contents('/tmp/id_rsa'))."', ssh_rsa = '".$app->db->quote($userkey)."' WHERE client_id = ".$id);

            exec('rm -f /tmp/id_rsa /tmp/id_rsa.pub');
            $app->system->unlink('/tmp/id_rsa');
            $app->system->unlink('/tmp/id_rsa.pub');
            $this->app->log("ssh-rsa keypair generated for ".$username,LOGLEVEL_DEBUG);
        };
        
        if (!file_exists($sshkeys)){
            // add root's key
            $app->file->mkdirs($sshdir, '0755');
            if(is_file('/root/.ssh/authorized_keys')) file_put_contents($sshkeys, file_get_contents('/root/.ssh/authorized_keys'));
            if(is_file('/root/.ssh/authorized_keys')) $app->system->file_put_contents($sshkeys, $app->system->file_get_contents('/root/.ssh/authorized_keys'));
        
            // Remove duplicate keys
            $existing_keys = @file($sshkeys);
@@ -450,7 +453,7 @@
        $final_keys = implode("\n", array_flip(array_flip($new_final_keys_arr)));
            
        // add the custom key 
        file_put_contents($sshkeys, $final_keys);
        $app->system->file_put_contents($sshkeys, $final_keys);
        $app->file->remove_blank_lines($sshkeys);
        $this->app->log("ssh-rsa key updated in ".$sshkeys,LOGLEVEL_DEBUG);