When jailkit user is removed /etc/passwd inside chroot is not updated

Subject says it all. Inside chroot /etc/passwd still holds users which were removed from system. Not a big issue though.

Hi!

I am using this [1] version of ISPConfig. I wonder if it is the latest stable version, since I'm having this problem apparently reported two years ago and keep accounts in the operating system that one could believe that have been deleted using the interface could become in a security problem.

Kindly confirm. Thanks in advance.

Kind regards, Daniel

[1] http://www.ispconfig.org/downloads/ISPConfig-3-stable.tar.gz

This issue is not about jailed users that stay in the /etc/passwd file of the system, this issue is about a missing cleanup in the /var/www/clients/clientX/webX/etc/passwd file which is not used for user authentication and has therefor no security implications, its just a matter of missing cleanup.

mentioned in commit 437887f7

Milestone changed to %3.1

Added Fixed label

Status changed to closed

Thanks, Till! It works perfectly.

Upcoming downloads to the ISPConfig-3-stable.tar.gz file [1] will include this change?

Kind regards, Daniel

[1] http://www.ispconfig.org/downloads/ISPConfig-3-stable.tar.gz

Yes, the next stable release is ISPConfig 3.1.