From 8eafcef0294fbaa36a8c7e653b621e26edf4603a Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Sat, 14 Feb 2009 16:36:37 +0000
Subject: [PATCH] - Fixed moving of site when the client is changed. - FS#501 -
 disable shell account untill jailkit is finished

---
 interface/lib/classes/tform_actions.inc.php               | 6 ++++--
 interface/lib/classes/validate_client.inc.php             | 2 +-
 server/plugins-available/apache2_plugin.inc.php           | 8 ++++++--
 server/plugins-available/shelluser_base_plugin.inc.php    | 7 +++++++
 server/plugins-available/shelluser_jailkit_plugin.inc.php | 4 ++++
 5 files changed, 22 insertions(+), 5 deletions(-)

diff --git a/interface/lib/classes/tform_actions.inc.php b/interface/lib/classes/tform_actions.inc.php
index e045fadc9..1abc31602 100644
--- a/interface/lib/classes/tform_actions.inc.php
+++ b/interface/lib/classes/tform_actions.inc.php
@@ -80,9 +80,11 @@ class tform_actions {
 
                 // Calling the action functions
                 if($this->id > 0) {
-                        $this->onUpdate();
+					$app->tform->action == 'EDIT';
+					$this->onUpdate();
                 } else {
-                        $this->onInsert();
+					$app->tform->action == 'NEW';
+					$this->onInsert();
                 }
         }
 
diff --git a/interface/lib/classes/validate_client.inc.php b/interface/lib/classes/validate_client.inc.php
index 9c81aa3ea..f7212983e 100644
--- a/interface/lib/classes/validate_client.inc.php
+++ b/interface/lib/classes/validate_client.inc.php
@@ -36,7 +36,7 @@ class validate_client {
 	function username_unique($field_name, $field_value, $validator) {
 		global $app;
 		
-		if($app->tform->action == 'NEW') {
+		if($app->tform->primary_id == 0) {
         	$num_rec = $app->db->queryOneRecord("SELECT count(*) as number FROM sys_user WHERE username = '".$app->db->quote($field_value)."'");
             	if($num_rec["number"] > 0) {
                 	$errmsg = $validator['errmsg'];
diff --git a/server/plugins-available/apache2_plugin.inc.php b/server/plugins-available/apache2_plugin.inc.php
index f88cff20d..99e044a9f 100644
--- a/server/plugins-available/apache2_plugin.inc.php
+++ b/server/plugins-available/apache2_plugin.inc.php
@@ -233,14 +233,15 @@ class apache2_plugin {
 			return 0;
 		}
 		
+		//* If the client of the site has been changed, we have a change of the document root
 		if($this->action == 'update' && $data["new"]["document_root"] != $data["old"]["document_root"]) {
 			
-			// Get the old client ID
+			//* Get the old client ID
 			$old_client = $app->dbmaster->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = ".intval($data["old"]["sys_groupid"]));
 			$old_client_id = intval($old_client["client_id"]);
 			unset($old_client);
 			
-			// Remove the old symlinks
+			//* Remove the old symlinks
 			$tmp_symlinks_array = explode(':',$web_config["website_symlinks"]);
 			if(is_array($tmp_symlinks_array)) {
 				foreach($tmp_symlinks_array as $tmp_symlink) {
@@ -256,6 +257,7 @@ class apache2_plugin {
 				}
 			}
 			
+			//* Move the site data
 			$tmp_docroot = explode('/',$data["new"]["document_root"]);
 			unset($tmp_docroot[count($tmp_docroot)-1]);
 			$new_dir = implode('/',$tmp_docroot);
@@ -269,8 +271,10 @@ class apache2_plugin {
 			exec('mv '.$data["old"]["document_root"].' '.$new_dir);
 			$app->log("Moving site to new document root: ".'mv '.$data["old"]["document_root"].' '.$new_dir,LOGLEVEL_DEBUG);
 			
+			//* Change the home directory and group of the website user
 			$command = 'usermod';
 			$command .= ' --home '.escapeshellcmd($data["new"]["document_root"]);
+			$command .= ' --gid '.escapeshellcmd($data['new']['system_group']);
 			$command .= ' '.escapeshellcmd($data["new"]["system_user"]);
 			exec($command);
 			
diff --git a/server/plugins-available/shelluser_base_plugin.inc.php b/server/plugins-available/shelluser_base_plugin.inc.php
index 59cfad99d..85a6156c1 100755
--- a/server/plugins-available/shelluser_base_plugin.inc.php
+++ b/server/plugins-available/shelluser_base_plugin.inc.php
@@ -87,6 +87,13 @@ class shelluser_base_plugin {
 			
 				exec($command);
 				$app->log("Added shelluser: ".$data['new']['username'],LOGLEVEL_DEBUG);
+				
+				//* Disable shell user temporarily if we use jailkit
+				if($data['new']['chroot'] == 'jailkit') {
+					$command = 'usermod --lock '.escapeshellcmd($data['new']['username']);
+					exec($command);
+					$app->log("Disabling shelluser temporarily: ".$data['new']['username'],LOGLEVEL_DEBUG);
+				}
 			
 			} else {
 				$app->log("UID = $uid for shelluser:".$data['new']['username']." not allowed.",LOGLEVEL_ERROR);
diff --git a/server/plugins-available/shelluser_jailkit_plugin.inc.php b/server/plugins-available/shelluser_jailkit_plugin.inc.php
index be18a9a5b..efbe78784 100755
--- a/server/plugins-available/shelluser_jailkit_plugin.inc.php
+++ b/server/plugins-available/shelluser_jailkit_plugin.inc.php
@@ -86,6 +86,10 @@ class shelluser_jailkit_plugin {
 				$this->jailkit_config = $app->getconf->get_server_config($conf["server_id"], 'jailkit');
 			
 				$this->_setup_jailkit_chroot();
+				
+				$command .= 'usermod --unlock '.escapeshellcmd($data['new']['username']);
+				exec($command);
+				
 				$this->_add_jailkit_user();
 			}
 		
-- 
GitLab