From a0fed931cbf202c6d94672d3401e9286b6643843 Mon Sep 17 00:00:00 2001
From: Marius Burkard <m.burkard@pixcept.de>
Date: Wed, 31 Jul 2019 15:53:06 +0200
Subject: [PATCH] - fixed problem with gid/uid problem on user creation
 (apache2 and nginx plugin)

---
 server/plugins-available/apache2_plugin.inc.php | 10 +++++-----
 server/plugins-available/nginx_plugin.inc.php   | 10 +++++-----
 2 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/server/plugins-available/apache2_plugin.inc.php b/server/plugins-available/apache2_plugin.inc.php
index 2183e96eb4..ad8de1ab4c 100644
--- a/server/plugins-available/apache2_plugin.inc.php
+++ b/server/plugins-available/apache2_plugin.inc.php
@@ -606,7 +606,7 @@ class apache2_plugin {
 
 		$groupname = $data['new']['system_group'];
 		if($data['new']['system_group'] != '' && !$app->system->is_group($data['new']['system_group'])) {
-			$app->system->exec_safe('groupadd ? ?', $fixed_gid_param, $groupname);
+			$app->system->exec_safe('groupadd ' . $fixed_gid_param . ' ?', $groupname);
 			if($apache_chrooted) $app->system->exec_safe('chroot ? groupadd ?', $web_config['website_basedir'], $groupname);
 			$app->log('Adding the group: '.$groupname, LOGLEVEL_DEBUG);
 		}
@@ -614,11 +614,11 @@ class apache2_plugin {
 		$username = $data['new']['system_user'];
 		if($data['new']['system_user'] != '' && !$app->system->is_user($data['new']['system_user'])) {
 			if($web_config['add_web_users_to_sshusers_group'] == 'y') {
-				$app->system->exec_safe('useradd -d ? -g ? ? -G sshusers ? -s /bin/false', $data['new']['document_root'], $groupname, $fixed_uid_param, $username);
-				if($apache_chrooted) $app->system->exec_safe('chroot ? useradd -d ? -g ? ? -G sshusers ? -s /bin/false', $web_config['website_basedir'], $data['new']['document_root'], $groupname, $fixed_uid_param, $username);
+				$app->system->exec_safe('useradd -d ? -g ? ' . $fixed_uid_param . ' -G sshusers ? -s /bin/false', $data['new']['document_root'], $groupname, $username);
+				if($apache_chrooted) $app->system->exec_safe('chroot ? useradd -d ? -g ? ' . $fixed_uid_param . ' -G sshusers ? -s /bin/false', $web_config['website_basedir'], $data['new']['document_root'], $groupname, $username);
 			} else {
-				$app->system->exec_safe('useradd -d ? -g ? ? ? -s /bin/false', $data['new']['document_root'], $groupname, $fixed_uid_param, $username);
-				if($apache_chrooted) $app->system->exec_safe('chroot ? useradd -d ? -g ? ? ? -s /bin/false', $web_config['website_basedir'], $data['new']['document_root'], $groupname, $fixed_uid_param, $username);
+				$app->system->exec_safe('useradd -d ? -g ? ' . $fixed_uid_param . ' ? -s /bin/false', $data['new']['document_root'], $groupname, $username);
+				if($apache_chrooted) $app->system->exec_safe('chroot ? useradd -d ? -g ? ' . $fixed_uid_param . ' ? -s /bin/false', $web_config['website_basedir'], $data['new']['document_root'], $groupname, $username);
 			}
 			$app->log('Adding the user: '.$username, LOGLEVEL_DEBUG);
 		}
diff --git a/server/plugins-available/nginx_plugin.inc.php b/server/plugins-available/nginx_plugin.inc.php
index 9913299aa5..86d5aba14f 100644
--- a/server/plugins-available/nginx_plugin.inc.php
+++ b/server/plugins-available/nginx_plugin.inc.php
@@ -451,7 +451,7 @@ class nginx_plugin {
 
 		$groupname = $data['new']['system_group'];
 		if($data['new']['system_group'] != '' && !$app->system->is_group($data['new']['system_group'])) {
-			$app->system->exec_safe('groupadd ? ?', $fixed_gid_param, $groupname);
+			$app->system->exec_safe('groupadd ' . $fixed_gid_param . ' ?', $groupname);
 			if($nginx_chrooted) $app->system->exec_safe('chroot ? groupadd ?', $web_config['website_basedir'], $groupname);
 			$app->log('Adding the group: '.$groupname, LOGLEVEL_DEBUG);
 		}
@@ -459,11 +459,11 @@ class nginx_plugin {
 		$username = $data['new']['system_user'];
 		if($data['new']['system_user'] != '' && !$app->system->is_user($data['new']['system_user'])) {
 			if($web_config['add_web_users_to_sshusers_group'] == 'y') {
-				$app->system->exec_safe('useradd -d ? -g ? ? -G sshusers ? -s /bin/false', $data['new']['document_root'], $groupname, $fixed_uid_param, $username);
-				if($nginx_chrooted) $app->system->exec_safe('chroot ? useradd -d ? -g ? ? -G sshusers ? -s /bin/false', $web_config['website_basedir'], $data['new']['document_root'], $groupname, $fixed_uid_param, $username);
+				$app->system->exec_safe('useradd -d ? -g ? ' . $fixed_uid_param . ' -G sshusers ? -s /bin/false', $data['new']['document_root'], $groupname, $username);
+				if($nginx_chrooted) $app->system->exec_safe('chroot ? useradd -d ? -g ? ' . $fixed_uid_param . ' -G sshusers ? -s /bin/false', $web_config['website_basedir'], $data['new']['document_root'], $groupname, $username);
 			} else {
-				$app->system->exec_safe('useradd -d ? -g ? ? ? -s /bin/false', $data['new']['document_root'], $groupname, $fixed_uid_param, $username);
-				if($nginx_chrooted) $app->system->exec_safe('chroot ? useradd -d ? -g ? ? ? -s /bin/false', $web_config['website_basedir'], $data['new']['document_root'], $groupname, $fixed_uid_param, $username);
+				$app->system->exec_safe('useradd -d ? -g ? ' . $fixed_uid_param . ' ? -s /bin/false', $data['new']['document_root'], $groupname, $username);
+				if($nginx_chrooted) $app->system->exec_safe('chroot ? useradd -d ? -g ? ' . $fixed_uid_param . ' ? -s /bin/false', $web_config['website_basedir'], $data['new']['document_root'], $groupname, $username);
 			}
 			$app->log('Adding the user: '.$username, LOGLEVEL_DEBUG);
 		}
-- 
GitLab