From 74b3b31fe887ee752cef655aa42b20008a2b8af7 Mon Sep 17 00:00:00 2001
From: Herman van Rink <rink@initfour.nl>
Date: Mon, 28 Jan 2019 13:54:07 +0100
Subject: [PATCH 1/2] Config option for jailkit authorized keys, #4901

---
 install/tpl/server.ini.master                             | 1 +
 server/plugins-available/shelluser_jailkit_plugin.inc.php | 3 ++-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/install/tpl/server.ini.master b/install/tpl/server.ini.master
index 079d634488..406881010e 100644
--- a/install/tpl/server.ini.master
+++ b/install/tpl/server.ini.master
@@ -140,6 +140,7 @@ jailkit_chroot_home=/home/[username]
 jailkit_chroot_app_sections=basicshell editors extendedshell netutils ssh sftp scp groups jk_lsh
 jailkit_chroot_app_programs=/usr/bin/groups /usr/bin/id /usr/bin/dircolors /usr/bin/lesspipe /usr/bin/basename /usr/bin/dirname /usr/bin/nano /usr/bin/pico /usr/bin/mysql /usr/bin/mysqldump /usr/bin/git /usr/bin/git-receive-pack /usr/bin/git-upload-pack /usr/bin/unzip /usr/bin/zip /bin/tar /bin/rm /usr/bin/patch /usr/bin/which /usr/lib/x86_64-linux-gnu/libmemcached.so.11 /usr/lib/x86_64-linux-gnu/libmemcachedutil.so.2 /usr/lib/x86_64-linux-gnu/libMagickWand-6.Q16.so.2 /opt/php-5.6.8/bin/php /opt/php-5.6.8/include /opt/php-5.6.8/lib
 jailkit_chroot_cron_programs=/usr/bin/php /usr/bin/perl /usr/share/perl /usr/share/php
+jailkit_chroot_authorized_keys_template=/root/.ssh/authorized_keys
 
 [vlogger]
 config_dir=/etc
diff --git a/server/plugins-available/shelluser_jailkit_plugin.inc.php b/server/plugins-available/shelluser_jailkit_plugin.inc.php
index 147d39d571..db1d2b676b 100755
--- a/server/plugins-available/shelluser_jailkit_plugin.inc.php
+++ b/server/plugins-available/shelluser_jailkit_plugin.inc.php
@@ -489,7 +489,8 @@ class shelluser_jailkit_plugin {
 		if (!file_exists($sshkeys)){
 			// add root's key
 			$app->file->mkdirs($sshdir, '0755');
-			if(is_file('/root/.ssh/authorized_keys')) $app->system->file_put_contents($sshkeys, $app->system->file_get_contents('/root/.ssh/authorized_keys'));
+			$authorized_keys_template = $this->jailkit_config['jailkit_chroot_authorized_keys_template'];
+			if(is_file('/root/.ssh/authorized_keys')) $app->system->file_put_contents($sshkeys, $app->system->file_get_contents($authorized_keys_template));
 
 			// Remove duplicate keys
 			$existing_keys = @file($sshkeys, FILE_IGNORE_NEW_LINES);
-- 
GitLab


From 8394c29676f629c59df9f8364776f3f70345b0fd Mon Sep 17 00:00:00 2001
From: Herman van Rink <rink@initfour.nl>
Date: Thu, 7 Mar 2019 15:12:54 +0100
Subject: [PATCH 2/2] Correct condition to use the new variable, #4901

---
 server/plugins-available/shelluser_jailkit_plugin.inc.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server/plugins-available/shelluser_jailkit_plugin.inc.php b/server/plugins-available/shelluser_jailkit_plugin.inc.php
index db1d2b676b..c7112c497a 100755
--- a/server/plugins-available/shelluser_jailkit_plugin.inc.php
+++ b/server/plugins-available/shelluser_jailkit_plugin.inc.php
@@ -490,7 +490,7 @@ class shelluser_jailkit_plugin {
 			// add root's key
 			$app->file->mkdirs($sshdir, '0755');
 			$authorized_keys_template = $this->jailkit_config['jailkit_chroot_authorized_keys_template'];
-			if(is_file('/root/.ssh/authorized_keys')) $app->system->file_put_contents($sshkeys, $app->system->file_get_contents($authorized_keys_template));
+			if(is_file($authorized_keys_template)) $app->system->file_put_contents($sshkeys, $app->system->file_get_contents($authorized_keys_template));
 
 			// Remove duplicate keys
 			$existing_keys = @file($sshkeys, FILE_IGNORE_NEW_LINES);
-- 
GitLab