From 67f562d6772e032e72a6fe11a2cf2a90fd62b73b Mon Sep 17 00:00:00 2001
From: Marius Burkard <m.burkard@pixcept.de>
Date: Mon, 04 Jul 2016 09:40:54 -0400
Subject: [PATCH] Merge branch 'letsencrypt-alias' into 'stable-3.1'
---
server/plugins-available/shelluser_jailkit_plugin.inc.php | 41 ++++++++++++++++++++++++++++-------------
1 files changed, 28 insertions(+), 13 deletions(-)
diff --git a/server/plugins-available/shelluser_jailkit_plugin.inc.php b/server/plugins-available/shelluser_jailkit_plugin.inc.php
index aabbcde..16dbcc7 100755
--- a/server/plugins-available/shelluser_jailkit_plugin.inc.php
+++ b/server/plugins-available/shelluser_jailkit_plugin.inc.php
@@ -245,13 +245,17 @@
//exec('rm -rf '.$data['old']['dir'].$jailkit_chroot_userhome);
$app->system->web_folder_protection($web['document_root'], false);
+
+ $userid = intval($app->system->getuid($data['old']['username']));
+ $command = 'killall -u '.escapeshellcmd($data['old']['username']).' ; ';
+ $command .= 'userdel -f '.escapeshellcmd($data['old']['username']).' &> /dev/null';
+ exec($command);
+
+ // Remove the jailed user from passwd and shadow file inside the jail
+ $app->system->removeLine($data['old']['dir'].'/etc/passwd', $data['old']['username']);
+ $app->system->removeLine($data['old']['dir'].'/etc/shadow', $data['old']['username']);
if(@is_dir($data['old']['dir'].$jailkit_chroot_userhome)) {
- $userid = intval($app->system->getuid($data['old']['username']));
- $command = 'killall -u '.escapeshellcmd($data['old']['username']).' ; userdel -f';
- $command .= ' '.escapeshellcmd($data['old']['username']).' &> /dev/null';
- exec($command);
-
$this->_delete_homedir($data['old']['dir'].$jailkit_chroot_userhome,$userid,$data['old']['parent_domain_id']);
$app->log("Jailkit Plugin -> delete chroot home:".$data['old']['dir'].$jailkit_chroot_userhome, LOGLEVEL_DEBUG);
@@ -301,7 +305,7 @@
file_put_contents($bashrc, $tpl->grab());
unset($tpl);
- $this->app->log("Added bashrc script : ".$bashrc, LOGLEVEL_DEBUG);
+ $this->app->log("Added bashrc script: ".$bashrc, LOGLEVEL_DEBUG);
$tpl = new tpl();
$tpl->newTemplate("motd.master");
@@ -318,13 +322,21 @@
function _add_jailkit_programs()
{
- //copy over further programs and its libraries
- $command = '/usr/local/ispconfig/server/scripts/create_jailkit_programs.sh';
- $command .= ' '.escapeshellcmd($this->data['new']['dir']);
- $command .= ' \''.$this->jailkit_config['jailkit_chroot_app_programs'].'\'';
- exec($command.' 2>/dev/null');
+ $jailkit_chroot_app_programs = preg_split("/[\s,]+/", $this->jailkit_config['jailkit_chroot_app_programs']);
+ if(is_array($jailkit_chroot_app_programs) && !empty($jailkit_chroot_app_programs)){
+ foreach($jailkit_chroot_app_programs as $jailkit_chroot_app_program){
+ $jailkit_chroot_app_program = trim($jailkit_chroot_app_program);
+ if(is_file($jailkit_chroot_app_program) || is_dir($jailkit_chroot_app_program)){
+ //copy over further programs and its libraries
+ $command = '/usr/local/ispconfig/server/scripts/create_jailkit_programs.sh';
+ $command .= ' '.escapeshellcmd($this->data['new']['dir']);
+ $command .= ' '.$jailkit_chroot_app_program;
+ exec($command.' 2>/dev/null');
- $this->app->log("Added programs to jailkit chroot with command: ".$command, LOGLEVEL_DEBUG);
+ $this->app->log("Added programs to jailkit chroot with command: ".$command, LOGLEVEL_DEBUG);
+ }
+ }
+ }
}
function _get_home_dir($username)
@@ -378,7 +390,10 @@
}
}*/
- $app->system->usermod($this->data['new']['username'], 0, 0, $this->data['new']['dir'].'/.'.$jailkit_chroot_userhome, '/usr/sbin/jk_chrootsh');
+ $shell = '/usr/sbin/jk_chrootsh';
+ if($this->data['new']['active'] != 'y') $shell = '/bin/false';
+
+ $app->system->usermod($this->data['new']['username'], 0, 0, $this->data['new']['dir'].'/.'.$jailkit_chroot_userhome, $shell);
$app->system->usermod($this->data['new']['puser'], 0, 0, $this->data['new']['dir'].'/.'.$jailkit_chroot_userhome, '/usr/sbin/jk_chrootsh');
$this->app->log("Added jailkit user to chroot with command: ".$command, LOGLEVEL_DEBUG);
--
Gitblit v1.9.1