diff --git a/install/sql/incremental/upd_0008.sql b/install/sql/incremental/upd_0008.sql index e81daedb7979e44ce2c1fc8fe679df4b6da0819a..14d83ea46642e7927fc42a5c36c07e29bda508c3 100644 --- a/install/sql/incremental/upd_0008.sql +++ b/install/sql/incremental/upd_0008.sql @@ -1,4 +1,4 @@ -- database patch for rsa-key based shell access. -ALTER TABLE `sys_user` ADD `id_rsa` VARCHAR( 2000 ) NOT NULL ; -ALTER TABLE `sys_user` ADD `ssh_rsa` VARCHAR( 600 ) NOT NULL ; +ALTER TABLE `client` ADD `id_rsa` VARCHAR( 2000 ) NOT NULL ; +ALTER TABLE `client` ADD `ssh_rsa` VARCHAR( 600 ) NOT NULL ; ALTER TABLE `shell_user` ADD `ssh_rsa` VARCHAR( 600 ) NOT NULL ; diff --git a/install/sql/ispconfig3.sql b/install/sql/ispconfig3.sql index 3221aa3f561cad8501b819e2eb791d648b7a3b13..1eb1d57932695f22d91be451c75c97264245102b 100644 --- a/install/sql/ispconfig3.sql +++ b/install/sql/ispconfig3.sql @@ -112,6 +112,8 @@ CREATE TABLE `client` ( `template_master` int(11) unsigned NOT NULL default '0', `template_additional` varchar(255) NOT NULL default '', `created_at` bigint(20) DEFAULT NULL, + `id_rsa` VARCHAR( 2000 ) NOT NULL default '', + `ssh_rsa` VARCHAR( 600 ) NOT NULL default '', PRIMARY KEY (`client_id`) ) ENGINE=MyISAM AUTO_INCREMENT=1; @@ -1071,8 +1073,7 @@ CREATE TABLE `sys_user` ( `groups` varchar(255) NOT NULL default '', `default_group` int(11) unsigned NOT NULL default '0', `client_id` int(11) unsigned NOT NULL default '0', - `id_rsa` VARCHAR( 2000 ) NOT NULL default '', - `ssh_rsa` VARCHAR( 600 ) NOT NULL default '', + PRIMARY KEY (`userid`) ) ENGINE=MyISAM AUTO_INCREMENT=1; diff --git a/interface/web/client/client_edit.php b/interface/web/client/client_edit.php index a42be337c11c10873d40089b6b5c63c89bc10f17..4514b5cc096ece3b9663b4a2b6803cca4f34473d 100644 --- a/interface/web/client/client_edit.php +++ b/interface/web/client/client_edit.php @@ -152,15 +152,12 @@ class page_action extends tform_actions { //Generate ssh-rsa-keys exec('ssh-keygen -t rsa -C '.$username.'-rsa-key-'.time().' -f /tmp/id_rsa -N ""'); - - $privatekey = file_get_contents('/tmp/id_rsa'); - $publickey = file_get_contents('/tmp/id_rsa.pub'); - + $app->db->query("UPDATE client SET created_at = ".time().", id_rsa = '".file_get_contents('/tmp/id_rsa')."', ssh_rsa = '".file_get_contents('/tmp/id_rsa.pub')."' WHERE client_id = ".$this->id; exec('rm -f /tmp/id_rsa /tmp/id_rsa.pub'); - + // Create the controlpaneluser for the client - $sql = "INSERT INTO sys_user (username,passwort,modules,startmodule,app_theme,typ,active,language,groups,default_group,client_id,id_rsa,ssh_rsa) - VALUES ('$username',md5('$password'),'$modules','$startmodule','$usertheme','$type','$active','$language',$groups,$groupid,".$this->id.",'$privatekey','$publickey')"; + $sql = "INSERT INTO sys_user (username,passwort,modules,startmodule,app_theme,typ,active,language,groups,default_group,client_id) + VALUES ('$username',md5('$password'),'$modules','$startmodule','$usertheme','$type','$active','$language',$groups,$groupid,".$this->id.")"; $app->db->query($sql); //* If the user who inserted the client is a reseller (not admin), we will have to add this new client group @@ -170,7 +167,7 @@ class page_action extends tform_actions { $app->db->query("UPDATE client SET parent_client_id = ".intval($_SESSION['s']['user']['client_id'])." WHERE client_id = ".$this->id); } - $app->db->query("UPDATE client SET created_at = ".time()." WHERE client_id = ".$this->id); + /* If there is a client-template, process it */ applyClientTemplates($this->id); diff --git a/interface/web/tools/form/user_settings.tform.php b/interface/web/tools/form/user_settings.tform.php index df3f5a8675471e2085c0168055d4a49e71ca5f47..f261b1150c25607e430dc032cd91c96ab3cb08af 100644 --- a/interface/web/tools/form/user_settings.tform.php +++ b/interface/web/tools/form/user_settings.tform.php @@ -139,7 +139,7 @@ $form['tabs']['users'] = array ( 'formtype' => 'TEXT', 'default' => '', 'datasource' => array ( 'type' => 'SQL', - 'querystring' => 'SELECT id_rsa FROM sys_user WHERE {AUTHSQL}', + 'querystring' => 'SELECT id_rsa FROM client WHERE {AUTHSQL}', 'valuefield'=> 'id_rsa' ), 'value' => '' @@ -149,7 +149,7 @@ $form['tabs']['users'] = array ( 'formtype' => 'TEXT', 'default' => '', 'datasource' => array ( 'type' => 'SQL', - 'querystring' => 'SELECT ssh_rsa FROM sys_user WHERE {AUTHSQL}', + 'querystring' => 'SELECT ssh_rsa FROM client WHERE {AUTHSQL}', 'valuefield'=> 'ssh_rsa' ), 'value' => '' diff --git a/server/plugins-available/shelluser_base_plugin.inc.php b/server/plugins-available/shelluser_base_plugin.inc.php index 22c5f5f4e577c6ddb67e1a019e1fd4102ab0455c..3222d2c8828acc934eda651c889c8e5d61cf6568 100755 --- a/server/plugins-available/shelluser_base_plugin.inc.php +++ b/server/plugins-available/shelluser_base_plugin.inc.php @@ -195,13 +195,17 @@ class shelluser_base_plugin { } function _setup_ssh_rsa() { - + //global $app, $conf; + //$app->uses('system'); + // Okay, here we have a question, .. how to determine the client id + //$var = "Var:".intval($this->app->system->getuid($this->data['new']['puser'])); + //exec("echo $var >> /tmp/debug"); + /* // ssh-rsa authentication variables $sshrsa = escapeshellcmd($this->data['new']['ssh_rsa']); $usrdir = escapeshellcmd($this->data['new']['dir']); $sshdir = escapeshellcmd($this->data['new']['dir']).'/.ssh'; $sshkeys= escapeshellcmd($this->data['new']['dir']).'/.ssh/authorized_keys'; - global $app; // determine the client id $id = $this->data['new']['sys_groupid']; @@ -213,19 +217,12 @@ class shelluser_base_plugin { // If this user has no key yet, generate a pair if ($userkey == '') - { + { //Generate ssh-rsa-keys exec('ssh-keygen -t rsa -C '.$username.'-rsa-key-'.time().' -f /tmp/id_rsa -N ""'); - - $privatekey = file_get_contents('/tmp/id_rsa'); - $publickey = file_get_contents('/tmp/id_rsa.pub'); - + $app->db->query("UPDATE client SET created_at = ".time().", id_rsa = '".file_get_contents('/tmp/id_rsa')."', ssh_rsa = '".file_get_contents('/tmp/id_rsa.pub')."' WHERE client_id = ".$this->id; exec('rm -f /tmp/id_rsa /tmp/id_rsa.pub'); - // Set the missing keypair - $app->db->query("UPDATE sys_user SET id_rsa='$privatekey' ,ssh_rsa='$publickey' WHERE client_id = ".$id); - $userkey = $publickey; - $this->app->log("ssh-rsa keypair generated for ".$username,LOGLEVEL_DEBUG); }; @@ -248,7 +245,7 @@ class shelluser_base_plugin { // set proper file permissions exec("chown -R ".escapeshellcmd($this->data['new']['puser']).":".escapeshellcmd($this->data['new']['pgroup'])." ".$usrdir); exec("chmod 600 '$sshkeys'"); - + */ $this->app->log("ssh-rsa key added to ".$sshkeys,LOGLEVEL_DEBUG); } diff --git a/server/plugins-available/shelluser_jailkit_plugin.inc.php b/server/plugins-available/shelluser_jailkit_plugin.inc.php index ca7b5abaf143d6aa5f5f4af9cbcf1e139196dbe7..ffe94fa31ffe94ff79c009abf3cd0a2663083b2f 100755 --- a/server/plugins-available/shelluser_jailkit_plugin.inc.php +++ b/server/plugins-available/shelluser_jailkit_plugin.inc.php @@ -272,7 +272,7 @@ class shelluser_jailkit_plugin { chgrp(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_puserhome), $this->data['new']['pgroup']); $this->app->log("Added created jailkit parent user home in : ".$this->data['new']['dir'].$jailkit_chroot_puserhome,LOGLEVEL_DEBUG); - + /* // ssh-rsa authentication variables $sshrsa = escapeshellcmd($this->data['new']['ssh_rsa']); $usrdir = escapeshellcmd($this->data['new']['dir']).'/'.$jailkit_chroot_userhome; @@ -327,7 +327,7 @@ class shelluser_jailkit_plugin { exec("chmod 600 '$sshkeys'"); $this->app->log("ssh-rsa key added to ".$sshkeys,LOGLEVEL_DEBUG); - + */ } //* Update the website root directory permissions depending on the security level