From 4f5967a4a542f74f18a33d1ed31e8780c3380552 Mon Sep 17 00:00:00 2001
From: Till Brehm <tbrehm@ispconfig.org>
Date: Mon, 8 Jan 2018 16:47:14 +0100
Subject: [PATCH] Fixed #4721 Wrong permissions when renaming shell user

---
 .../shelluser_base_plugin.inc.php             | 20 ++++++++++++++++---
 .../shelluser_jailkit_plugin.inc.php          | 15 ++++++++++++--
 2 files changed, 30 insertions(+), 5 deletions(-)

diff --git a/server/plugins-available/shelluser_base_plugin.inc.php b/server/plugins-available/shelluser_base_plugin.inc.php
index 74c6fa364f..9c4568901d 100755
--- a/server/plugins-available/shelluser_base_plugin.inc.php
+++ b/server/plugins-available/shelluser_base_plugin.inc.php
@@ -226,6 +226,9 @@ class shelluser_base_plugin {
 					$homedir_old = $data['old']['dir'].'/home/'.$data['old']['username'];
 				}
 				
+				$app->log("Homedir New: ".$homedir, LOGLEVEL_DEBUG);
+				$app->log("Homedir Old: ".$homedir_old, LOGLEVEL_DEBUG);
+				
 				// Check if the user that we want to update exists, if not, we insert it
 				if($app->system->is_user($data['old']['username'])) {
 					//* Remove webfolder protection
@@ -246,16 +249,27 @@ class shelluser_base_plugin {
 					$app->log("Executed command: $command ",LOGLEVEL_DEBUG);
 					*/
 					//$groupinfo = $app->system->posix_getgrnam($data['new']['pgroup']);
-					if($homedir != $homedir_old && !is_dir($homedir)){
+					if($homedir != $homedir_old){
 						$app->system->web_folder_protection($web['document_root'], false);
-						if(!is_dir($data['new']['dir'].'/home')){
+						// Rename dir, in case the new directory exists already.
+						if(is_dir($homedir)) {
+							$app->log("New Homedir exists, renaming it to ".$homedir.'_bak', LOGLEVEL_DEBUG);
+							$app->system->rename(escapeshellcmd($homedir),escapeshellcmd($homedir.'_bak'));
+						}
+						/*if(!is_dir($data['new']['dir'].'/home')){
 							$app->file->mkdirs(escapeshellcmd($data['new']['dir'].'/home'), '0750');
 							$app->system->chown(escapeshellcmd($data['new']['dir'].'/home'),escapeshellcmd($data['new']['puser']));
 							$app->system->chgrp(escapeshellcmd($data['new']['dir'].'/home'),escapeshellcmd($data['new']['pgroup']));
 						}
 						$app->file->mkdirs(escapeshellcmd($homedir), '0755');
 						$app->system->chown(escapeshellcmd($homedir),'root');
-						$app->system->chgrp(escapeshellcmd($homedir),'root');
+						$app->system->chgrp(escapeshellcmd($homedir),'root');*/
+						
+						// Move old directory to new path
+						$app->system->rename(escapeshellcmd($homedir_old),escapeshellcmd($homedir));
+						$app->file->mkdirs(escapeshellcmd($homedir), '0750');
+						$app->system->chown(escapeshellcmd($homedir),escapeshellcmd($data['new']['puser']));
+						$app->system->chgrp(escapeshellcmd($homedir),escapeshellcmd($data['new']['pgroup']));
 						$app->system->web_folder_protection($web['document_root'], true);
 					} else {
 						if(!is_dir($homedir)){
diff --git a/server/plugins-available/shelluser_jailkit_plugin.inc.php b/server/plugins-available/shelluser_jailkit_plugin.inc.php
index 69a041c037..295112d423 100755
--- a/server/plugins-available/shelluser_jailkit_plugin.inc.php
+++ b/server/plugins-available/shelluser_jailkit_plugin.inc.php
@@ -350,6 +350,11 @@ class shelluser_jailkit_plugin {
 
 		//add the user to the chroot
 		$jailkit_chroot_userhome = $this->_get_home_dir($this->data['new']['username']);
+		if(isset($this->data['old']['username'])) {
+			$jailkit_chroot_userhome_old = $this->_get_home_dir($this->data['old']['username']);
+		} else {
+			$jailkit_chroot_userhome_old = '';
+		}
 		$jailkit_chroot_puserhome = $this->_get_home_dir($this->data['new']['puser']);
 
 		if(!is_dir($this->data['new']['dir'].'/etc')) mkdir($this->data['new']['dir'].'/etc', 0755);
@@ -398,13 +403,19 @@ class shelluser_jailkit_plugin {
 
 		$this->app->log("Added jailkit user to chroot with command: ".$command, LOGLEVEL_DEBUG);
 
-		if(!is_dir($this->data['new']['dir'].$jailkit_chroot_userhome)) mkdir(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_userhome), 0755, true);
+		if(!is_dir($this->data['new']['dir'].$jailkit_chroot_userhome)) {
+			if(is_dir($this->data['old']['dir'].$jailkit_chroot_userhome_old)) {
+				$app->system->rename(escapeshellcmd($this->data['old']['dir'].$jailkit_chroot_userhome_old),escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_userhome));
+			} else {
+				mkdir(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_userhome), 0750, true);
+			}
+		}
 		$app->system->chown(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_userhome), $this->data['new']['username']);
 		$app->system->chgrp(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_userhome), $this->data['new']['pgroup']);
 
 		$this->app->log("Added created jailkit user home in : ".$this->data['new']['dir'].$jailkit_chroot_userhome, LOGLEVEL_DEBUG);
 
-		if(!is_dir($this->data['new']['dir'].$jailkit_chroot_puserhome)) mkdir(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_puserhome), 0755, true);
+		if(!is_dir($this->data['new']['dir'].$jailkit_chroot_puserhome)) mkdir(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_puserhome), 0750, true);
 		$app->system->chown(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_puserhome), $this->data['new']['puser']);
 		$app->system->chgrp(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_puserhome), $this->data['new']['pgroup']);
 
-- 
GitLab