From 77ce44ebeff00f92078c17715a2392d3f0c2eeed Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Wed, 17 Oct 2012 09:09:02 -0400
Subject: [PATCH] Fixed: FS#2467 - Jailkit ssh user conflict with security level
---
server/plugins-available/shelluser_jailkit_plugin.inc.php | 7 +++++--
server/plugins-available/cron_jailkit_plugin.inc.php | 24 +++++++++++++++---------
2 files changed, 20 insertions(+), 11 deletions(-)
diff --git a/server/plugins-available/cron_jailkit_plugin.inc.php b/server/plugins-available/cron_jailkit_plugin.inc.php
index f0c96b3..e2167e1 100644
--- a/server/plugins-available/cron_jailkit_plugin.inc.php
+++ b/server/plugins-available/cron_jailkit_plugin.inc.php
@@ -116,9 +116,9 @@
$this->app = $app;
$this->jailkit_config = $app->getconf->get_server_config($conf["server_id"], 'jailkit');
- $app->system->web_folder_protection($parent_domain['document_root'],false);
-
$this->_update_website_security_level();
+
+ $app->system->web_folder_protection($parent_domain['document_root'],false);
$this->_setup_jailkit_chroot();
@@ -185,9 +185,10 @@
$this->data = $data;
$this->app = $app;
$this->jailkit_config = $app->getconf->get_server_config($conf["server_id"], 'jailkit');
+
+ $this->_update_website_security_level();
$app->system->web_folder_protection($parent_domain['document_root'],false);
- $this->_update_website_security_level();
$this->_setup_jailkit_chroot();
$this->_add_jailkit_user();
@@ -314,13 +315,18 @@
// load the server configuration options
$app->uses("getconf");
$web_config = $app->getconf->get_server_config($conf["server_id"], 'web');
-
- //* If the security level is set to high
- if($web_config['security_level'] == 20) {
- $this->_exec('chmod 755 '.escapeshellcmd($this->parent_domain['document_root']));
- $this->_exec('chown root:root '.escapeshellcmd($this->parent_domain['document_root']));
- }
+ // Get the parent website of this shell user
+ $web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$this->data['new']['parent_domain_id']);
+
+ //* If the security level is set to high
+ if($web_config['security_level'] == 20 && is_array($web)) {
+ $app->system->web_folder_protection($web["document_root"],false);
+ $app->system->chmod($web["document_root"],0755);
+ $app->system->chown($web["document_root"],'root');
+ $app->system->chgrp($web["document_root"],'root');
+ $app->system->web_folder_protection($web["document_root"],true);
+ }
}
//* Wrapper for exec function for easier debugging
diff --git a/server/plugins-available/shelluser_jailkit_plugin.inc.php b/server/plugins-available/shelluser_jailkit_plugin.inc.php
index d0487d1..6a83b6f 100755
--- a/server/plugins-available/shelluser_jailkit_plugin.inc.php
+++ b/server/plugins-available/shelluser_jailkit_plugin.inc.php
@@ -80,7 +80,7 @@
*/
if ($data['new']['chroot'] == "jailkit")
{
- $app->system->web_folder_protection($web['document_root'],false);
+
// load the server configuration options
$app->uses("getconf");
@@ -89,6 +89,8 @@
$this->jailkit_config = $app->getconf->get_server_config($conf["server_id"], 'jailkit');
$this->_update_website_security_level();
+
+ $app->system->web_folder_protection($web['document_root'],false);
$this->_setup_jailkit_chroot();
@@ -131,7 +133,6 @@
*/
if ($data['new']['chroot'] == "jailkit")
{
- $app->system->web_folder_protection($web['document_root'],false);
// load the server configuration options
$app->uses("getconf");
@@ -140,6 +141,8 @@
$this->jailkit_config = $app->getconf->get_server_config($conf["server_id"], 'jailkit');
$this->_update_website_security_level();
+
+ $app->system->web_folder_protection($web['document_root'],false);
$this->_setup_jailkit_chroot();
$this->_add_jailkit_user();
--
Gitblit v1.9.1