From f2ded16c1b28b471a5864aa7cfb96f68c44118f8 Mon Sep 17 00:00:00 2001
From: ftimme <ft@falkotimme.com>
Date: Wed, 05 Sep 2012 11:13:10 -0400
Subject: [PATCH] - Fixed FS#2318 - Starting nginx nginx: [emerg] duplicate listen options for [ipv6]:80

---
 server/plugins-available/shelluser_jailkit_plugin.inc.php |   36 +++++++++++++++++++++++++++++++-----
 1 files changed, 31 insertions(+), 5 deletions(-)

diff --git a/server/plugins-available/shelluser_jailkit_plugin.inc.php b/server/plugins-available/shelluser_jailkit_plugin.inc.php
index 671ae62..322b1ba 100755
--- a/server/plugins-available/shelluser_jailkit_plugin.inc.php
+++ b/server/plugins-available/shelluser_jailkit_plugin.inc.php
@@ -71,6 +71,7 @@
 		global $app, $conf;
 		
 		$app->uses('system');
+		$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$data['new']['parent_domain_id']);
 		
 		if($app->system->is_user($data['new']['username'])) {
 		
@@ -79,6 +80,8 @@
 		 	*/
 			if ($data['new']['chroot'] == "jailkit")
 			{
+				$app->system->web_folder_protection($web['document_root'],false);
+				
 				// load the server configuration options
 				$app->uses("getconf");
 				$this->data = $data;
@@ -94,10 +97,16 @@
 				//* call the ssh-rsa update function
 				$this->_setup_ssh_rsa();
 				
-				$command .= 'usermod -s /usr/sbin/jk_chrootsh -U '.escapeshellcmd($data['new']['username']);
+				//$command .= 'usermod -s /usr/sbin/jk_chrootsh -U '.escapeshellcmd($data['new']['username']);
+				//exec($command);
+				$app->system->usermod($data['new']['username'], 0, 0, '', '/usr/sbin/jk_chrootsh', '', '');
+				
+				//* Unlock user
+				$command = 'usermod -U '.escapeshellcmd($data['new']['username']);
 				exec($command);
 				
 				$this->_update_website_security_level();
+				$app->system->web_folder_protection($web['document_root'],true);
 			}
 		
 			$app->log("Jailkit Plugin -> insert username:".$data['new']['username'],LOGLEVEL_DEBUG);
@@ -113,6 +122,7 @@
 		global $app, $conf;
 		
 		$app->uses('system');
+		$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$data['new']['parent_domain_id']);
 		
 		if($app->system->is_user($data['new']['username'])) {
 		
@@ -121,6 +131,8 @@
 		 	*/
 			if ($data['new']['chroot'] == "jailkit")
 			{
+				$app->system->web_folder_protection($web['document_root'],false);
+				
 				// load the server configuration options
 				$app->uses("getconf");
 				$this->data = $data;
@@ -136,6 +148,8 @@
 				$this->_setup_ssh_rsa();
 				
 				$this->_update_website_security_level();
+				
+				$app->system->web_folder_protection($web['document_root'],true);
 			}
 		
 			$app->log("Jailkit Plugin -> update username:".$data['new']['username'],LOGLEVEL_DEBUG);
@@ -155,6 +169,8 @@
 		
 		$app->uses('system');
 		
+		$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$data['old']['parent_domain_id']);
+		
 		if ($data['old']['chroot'] == "jailkit")
 		{
 			$app->uses("getconf");
@@ -165,12 +181,16 @@
 			//commented out proved to be dangerous on config errors
 			//exec('rm -rf '.$data['old']['dir'].$jailkit_chroot_userhome);
 			
+			$app->system->web_folder_protection($web['document_root'],false);
+			
 			if(@is_dir($data['old']['dir'].$jailkit_chroot_userhome)) {
 				$command = 'userdel -f';
 				$command .= ' '.escapeshellcmd($data['old']['username']);
 				exec($command);
 				$app->log("Jailkit Plugin -> delete chroot home:".$data['old']['dir'].$jailkit_chroot_userhome,LOGLEVEL_DEBUG);
 			}
+			
+			$app->system->web_folder_protection($web['document_root'],true);
 			
 		}
 		
@@ -270,6 +290,7 @@
 			//* Change the homedir of the shell user and parent user
 			//* We have to do this manually as the usermod command fails 
 			//* when the user is logged in or a command is running under that user
+			/*
 			$passwd_file_array = file('/etc/passwd');
 			$passwd_out = '';
 			if(is_array($passwd_file_array)) {
@@ -286,8 +307,10 @@
 						$app->system->replaceLine('/etc/passwd',$line,$new_line,1,0);
 					}
 				}
-			}
+			}*/
 			
+			$app->system->usermod($this->data['new']['username'], 0, 0, $this->data['new']['dir'].'/.'.$jailkit_chroot_userhome, '/usr/sbin/jk_chrootsh');
+			$app->system->usermod($this->data['new']['puser'], 0, 0, $this->data['new']['dir'].'/.'.$jailkit_chroot_userhome, '/usr/sbin/jk_chrootsh');
 				
 			$this->app->log("Added jailkit user to chroot with command: ".$command,LOGLEVEL_DEBUG);
 						
@@ -318,9 +341,12 @@
 		$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$this->data['new']['parent_domain_id']);
 		
 		//* If the security level is set to high
-		if($web_config['security_level'] == 20) {
-			$this->_exec('chmod 755 '.escapeshellcmd($web["document_root"]));
-			$this->_exec('chown root:root '.escapeshellcmd($web["document_root"]));
+		if($web_config['security_level'] == 20 && is_array($web)) {
+			$app->system->web_folder_protection($web["document_root"],false);
+			$app->system->chmod($web["document_root"],0755);
+			$app->system->chown($web["document_root"],'root');
+			$app->system->chgrp($web["document_root"],'root');
+			$app->system->web_folder_protection($web["document_root"],true);
 		}
 		
 	}

--
Gitblit v1.9.1