Commit 8e725d2c authored by jwarnier's avatar jwarnier

fix some strings quoting and remove some execs

parent be76b0bc
...@@ -38,11 +38,11 @@ class installer extends installer_base { ...@@ -38,11 +38,11 @@ class installer extends installer_base {
//* Configure master.cf and add a line for deliver //* Configure master.cf and add a line for deliver
if(is_file($config_dir.'/master.cf')){ if(is_file($config_dir.'/master.cf')){
copy($config_dir.'/master.cf', $config_dir.'/master.cf~2'); copy($config_dir.'/master.cf', $config_dir.'/master.cf~2');
} }
if(is_file($config_dir.'/master.cf~')){ if(is_file($config_dir.'/master.cf~')){
exec('chmod 400 '.$config_dir.'/master.cf~2'); chmod($config_dir.'/master.cf~2', 0400);
} }
$content = rf($conf["postfix"]["config_dir"].'/master.cf'); $content = rf($conf["postfix"]["config_dir"].'/master.cf');
// Only add the content if we had not addded it before // Only add the content if we had not addded it before
if(!stristr($content,"dovecot/deliver")) { if(!stristr($content,"dovecot/deliver")) {
...@@ -73,29 +73,30 @@ class installer extends installer_base { ...@@ -73,29 +73,30 @@ class installer extends installer_base {
//* copy dovecot.conf //* copy dovecot.conf
$configfile = 'dovecot.conf'; $configfile = 'dovecot.conf';
if(is_file("$config_dir/$configfile")){ if(is_file($config_dir.'/'.$configfile)){
copy("$config_dir/$configfile", "$config_dir/$configfile~"); copy($config_dir.'/'.$configfile, $config_dir.'/'.$configfile.'~');
} }
copy('tpl/debian6_dovecot.conf.master',"$config_dir/$configfile"); copy('tpl/debian6_dovecot.conf.master',$config_dir.'/'.$configfile);
//* dovecot-sql.conf //* dovecot-sql.conf
$configfile = 'dovecot-sql.conf'; $configfile = 'dovecot-sql.conf';
if(is_file("$config_dir/$configfile")){ if(is_file($config_dir.'/'.$configfile)){
copy("$config_dir/$configfile", "$config_dir/$configfile~"); copy($config_dir.'/'.$configfile, $config_dir.'/'.$configfile.'~');
} }
exec("chmod 400 $config_dir/$configfile~"); chmod($config_dir.'/'.$configfile.'~', 0400);
$content = rf("tpl/debian6_dovecot-sql.conf.master"); $content = rf('tpl/debian6_dovecot-sql.conf.master');
$content = str_replace('{mysql_server_ispconfig_user}',$conf['mysql']['ispconfig_user'],$content); $content = str_replace('{mysql_server_ispconfig_user}',$conf['mysql']['ispconfig_user'],$content);
$content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content); $content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content);
$content = str_replace('{mysql_server_database}',$conf['mysql']['database'],$content); $content = str_replace('{mysql_server_database}',$conf['mysql']['database'],$content);
$content = str_replace('{mysql_server_host}',$conf['mysql']['host'],$content); $content = str_replace('{mysql_server_host}',$conf['mysql']['host'],$content);
wf("$config_dir/$configfile", $content); wf($config_dir.'/'.$configfile, $content);
exec("chmod 600 $config_dir/$configfile"); chmod($config_dir.'/'.$configfile, 0600);
exec("chown root:root $config_dir/$configfile"); chown($config_dir.'/'.$configfile, 'root');
chgrp($config_dir.'/'.$configfile, 'root');
} }
} }
?> ?>
\ No newline at end of file
...@@ -58,8 +58,9 @@ function prepareDBDump() { ...@@ -58,8 +58,9 @@ function prepareDBDump() {
// create a backup copy of the ispconfig database in the root folder // create a backup copy of the ispconfig database in the root folder
$backup_db_name = '/root/ispconfig_db_backup_'.@date('Y-m-d_h-i').'.sql'; $backup_db_name = '/root/ispconfig_db_backup_'.@date('Y-m-d_h-i').'.sql';
copy('existing_db.sql',$backup_db_name); copy('existing_db.sql',$backup_db_name);
exec("chmod 700 $backup_db_name"); chmod($backup_db_name, 0700);
exec("chown root:root $backup_db_name"); chown($backup_db_name, 'root');
chgrp($backup_db_name, 'root');
if ($conf['powerdns']['installed']) { if ($conf['powerdns']['installed']) {
//** export the current PowerDNS database data //** export the current PowerDNS database data
...@@ -72,8 +73,9 @@ function prepareDBDump() { ...@@ -72,8 +73,9 @@ function prepareDBDump() {
// create a backup copy of the PowerDNS database in the root folder // create a backup copy of the PowerDNS database in the root folder
$backup_db_name = '/root/ispconfig_powerdns_db_backup_'.@date('Y-m-d_h-i').'.sql'; $backup_db_name = '/root/ispconfig_powerdns_db_backup_'.@date('Y-m-d_h-i').'.sql';
copy('existing_powerdns_db.sql',$backup_db_name); copy('existing_powerdns_db.sql',$backup_db_name);
exec("chmod 700 $backup_db_name"); chmod($backup_db_name, 0700);
exec("chown root:root $backup_db_name"); chown($backup_db_name, 'root');
chgrp($backup_db_name, 'root');
} }
} }
......
...@@ -132,7 +132,7 @@ foreach($records as $rec) { ...@@ -132,7 +132,7 @@ foreach($records as $rec) {
$webalizer_conf = escapeshellcmd($rec["document_root"].'/log/webalizer.conf'); $webalizer_conf = escapeshellcmd($rec["document_root"].'/log/webalizer.conf');
if(!@is_file($webalizer_conf)) { if(!@is_file($webalizer_conf)) {
exec("cp $webalizer_conf_main $webalizer_conf"); copy($webalizer_conf_main,$webalizer_conf);
} }
if(@is_file($webalizer_conf)) { if(@is_file($webalizer_conf)) {
...@@ -376,12 +376,12 @@ if ($app->dbmaster == $app->db) { ...@@ -376,12 +376,12 @@ if ($app->dbmaster == $app->db) {
####################################################################################################### #######################################################################################################
$server_config = $app->getconf->get_server_config($conf["server_id"], 'server'); $server_config = $app->getconf->get_server_config($conf["server_id"], 'server');
$backup_dir = trim($server_config['backup_dir']); $backup_dir = $server_config['backup_dir'];
if($backup_dir != '') { if($backup_dir != '') {
if(!is_dir($backup_dir)) { if(!is_dir($backup_dir)) {
exec("mkdir -p ".escapeshellarg($backup_dir)); mkdir(escapeshellarg($backup_dir), 0750, true);
} }
$sql = "SELECT * FROM web_domain WHERE type = 'vhost'"; $sql = "SELECT * FROM web_domain WHERE type = 'vhost'";
...@@ -397,24 +397,25 @@ if($backup_dir != '') { ...@@ -397,24 +397,25 @@ if($backup_dir != '') {
$web_group = $rec['system_group']; $web_group = $rec['system_group'];
$web_id = $rec['domain_id']; $web_id = $rec['domain_id'];
$web_backup_dir = $backup_dir.'/web'.$web_id; $web_backup_dir = $backup_dir.'/web'.$web_id;
if(!is_dir($web_backup_dir)) mkdir($web_backup_dir); if(!is_dir($web_backup_dir)) mkdir($web_backup_dir, 0750);
exec('chown root:root '.$web_backup_dir); chmod($web_backup_dir, 0755);
exec('chmod 755 '.$web_backup_dir); chown($web_backup_dir, 'root');
exec("cd ".escapeshellarg($web_path)." && sudo -u ".escapeshellarg($web_user)." find . -group ".escapeshellarg($web_group)." -print | zip -y ".escapeshellarg($web_backup_dir."/web.zip")." -@"); chgrp($web_backup_dir, 'root');
exec('cd '.escapeshellarg($web_path).' && sudo -u '.escapeshellarg($web_user).' find . -group '.escapeshellarg($web_group).' -print | zip -y '.escapeshellarg($web_backup_dir.'/web.zip').' -@');
// Rename or remove old backups // Rename or remove old backups
$backup_copies = intval($rec['backup_copies']); $backup_copies = intval($rec['backup_copies']);
if(is_file($web_backup_dir."/web.".$backup_copies.".zip")) unlink($web_backup_dir."/web.".$backup_copies.".zip"); if(is_file($web_backup_dir.'/web.'.$backup_copies.'.zip')) unlink($web_backup_dir.'/web.'.$backup_copies.'.zip');
for($n = $backup_copies - 1; $n >= 1; $n--) { for($n = $backup_copies - 1; $n >= 1; $n--) {
if(is_file($web_backup_dir."/web.".$n.".zip")) { if(is_file($web_backup_dir.'/web.'.$n.'.zip')) {
rename($web_backup_dir."/web.".$n.".zip",$web_backup_dir."/web.".($n+1).".zip"); rename($web_backup_dir.'/web.'.$n.'.zip',$web_backup_dir.'/web.'.($n+1).'.zip');
} }
} }
if(is_file($web_backup_dir."/web.zip")) rename($web_backup_dir."/web.zip",$web_backup_dir."/web.1.zip"); if(is_file($web_backup_dir.'/web.zip')) rename($web_backup_dir.'/web.zip',$web_backup_dir.'/web.1.zip');
// Create backupdir symlink // Create backupdir symlink
if(is_link($web_path.'/backup')) unlink($web_path.'/backup'); if(is_link($web_path.'/backup')) unlink($web_path.'/backup');
...@@ -430,7 +431,7 @@ if($backup_dir != '') { ...@@ -430,7 +431,7 @@ if($backup_dir != '') {
$web_user = $rec['system_user']; $web_user = $rec['system_user'];
$web_backup_dir = realpath($backup_dir.'/web'.$web_id); $web_backup_dir = realpath($backup_dir.'/web'.$web_id);
if(is_dir($web_backup_dir)) { if(is_dir($web_backup_dir)) {
exec("sudo -u ".escapeshellarg($web_user)." rm -f ".escapeshellarg($web_backup_dir.'/*')); exec('sudo -u '.escapeshellarg($web_user).' rm -f '.escapeshellarg($web_backup_dir.'/*'));
} }
} }
} }
...@@ -439,4 +440,4 @@ if($backup_dir != '') { ...@@ -439,4 +440,4 @@ if($backup_dir != '') {
die("finished.\n"); die("finished.\n");
?> ?>
\ No newline at end of file
...@@ -109,7 +109,8 @@ class bind_plugin { ...@@ -109,7 +109,8 @@ class bind_plugin {
$filename = escapeshellcmd($dns_config['bind_zonefiles_dir'].'/pri.'.substr($zone['origin'],0,-1)); $filename = escapeshellcmd($dns_config['bind_zonefiles_dir'].'/pri.'.substr($zone['origin'],0,-1));
$app->log("Writing BIND domain file: ".$filename,LOGLEVEL_DEBUG); $app->log("Writing BIND domain file: ".$filename,LOGLEVEL_DEBUG);
file_put_contents($filename,$tpl->grab()); file_put_contents($filename,$tpl->grab());
exec('chown '.escapeshellcmd($dns_config['bind_user']).':'.escapeshellcmd($dns_config['bind_group']).' '.$filename); chown($filename, escapeshellcmd($dns_config['bind_user']));
chgrp($filename, escapeshellcmd($dns_config['bind_group']));
unset($tpl); unset($tpl);
unset($records); unset($records);
unset($records_out); unset($records_out);
......
...@@ -230,20 +230,20 @@ class cron_jailkit_plugin { ...@@ -230,20 +230,20 @@ class cron_jailkit_plugin {
$tpl->setVar('home_dir',$this->_get_home_dir("")); $tpl->setVar('home_dir',$this->_get_home_dir(""));
$bashrc = escapeshellcmd($this->parent_domain['document_root']).'/etc/bash.bashrc'; $bashrc = escapeshellcmd($this->parent_domain['document_root']).'/etc/bash.bashrc';
if(@is_file($bashrc)) exec('rm '.$bashrc); if(@is_file($bashrc)) unlink($bashrc);
file_put_contents($bashrc,$tpl->grab()); file_put_contents($bashrc,$tpl->grab());
unset($tpl); unset($tpl);
$this->app->log("Added bashrc scrpt : ".$bashrc,LOGLEVEL_DEBUG); $this->app->log('Added bashrc script: '.$bashrc,LOGLEVEL_DEBUG);
$tpl = new tpl(); $tpl = new tpl();
$tpl->newTemplate("motd.master"); $tpl->newTemplate('motd.master');
$tpl->setVar('domain',$this->parent_domain['domain']); $tpl->setVar('domain',$this->parent_domain['domain']);
$motd = escapeshellcmd($this->parent_domain['document_root']).'/var/run/motd'; $motd = escapeshellcmd($this->parent_domain['document_root']).'/var/run/motd';
if(@is_file($motd)) exec('rm '.$motd); if(@is_file($motd)) unlink($motd);
file_put_contents($motd,$tpl->grab()); file_put_contents($motd,$tpl->grab());
...@@ -290,7 +290,7 @@ class cron_jailkit_plugin { ...@@ -290,7 +290,7 @@ class cron_jailkit_plugin {
$this->app->log("Added jailkit user to chroot with command: ".$command,LOGLEVEL_DEBUG); $this->app->log("Added jailkit user to chroot with command: ".$command,LOGLEVEL_DEBUG);
exec("mkdir -p ".escapeshellcmd($this->parent_domain['document_root'].$jailkit_chroot_userhome)); mkdir(escapeshellcmd($this->parent_domain['document_root'].$jailkit_chroot_userhome), 0755, true);
} }
function _get_home_dir($username) function _get_home_dir($username)
...@@ -308,8 +308,8 @@ class cron_jailkit_plugin { ...@@ -308,8 +308,8 @@ class cron_jailkit_plugin {
//* If the security level is set to high //* If the security level is set to high
if($web_config['security_level'] == 20) { if($web_config['security_level'] == 20) {
$this->_exec("chmod 755 ".escapeshellcmd($this->parent_domain['document_root'])); $this->_exec('chmod 755 '.escapeshellcmd($this->parent_domain['document_root']));
$this->_exec("chown root:root ".escapeshellcmd($this->parent_domain['document_root'])); $this->_exec('chown root:root '.escapeshellcmd($this->parent_domain['document_root']));
} }
} }
...@@ -317,7 +317,7 @@ class cron_jailkit_plugin { ...@@ -317,7 +317,7 @@ class cron_jailkit_plugin {
//* Wrapper for exec function for easier debugging //* Wrapper for exec function for easier debugging
private function _exec($command) { private function _exec($command) {
global $app; global $app;
$app->log("exec: ".$command,LOGLEVEL_DEBUG); $app->log('exec: '.$command,LOGLEVEL_DEBUG);
exec($command); exec($command);
} }
......
...@@ -97,7 +97,7 @@ class cron_plugin { ...@@ -97,7 +97,7 @@ class cron_plugin {
$app->log("Parent domain not found",LOGLEVEL_WARN); $app->log("Parent domain not found",LOGLEVEL_WARN);
return 0; return 0;
} elseif($parent_domain["system_user"] == 'root' or $parent_domain["system_group"] == 'root') { } elseif($parent_domain["system_user"] == 'root' or $parent_domain["system_group"] == 'root') {
$app->log("Websites (and Crons) can not be owned by the root user or group.",LOGLEVEL_WARN); $app->log("Websites (and Crons) cannot be owned by the root user or group.",LOGLEVEL_WARN);
return 0; return 0;
} }
...@@ -134,7 +134,7 @@ class cron_plugin { ...@@ -134,7 +134,7 @@ class cron_plugin {
} }
// make temp directory writable for the apache and website users // make temp directory writable for the apache and website users
exec("chmod 777 ".escapeshellcmd($parent_domain["document_root"]."/tmp")); chmod(escapeshellcmd($parent_domain["document_root"].'/tmp'), 0777);
/** TODO READ CRON MASTER **/ /** TODO READ CRON MASTER **/
......
...@@ -129,8 +129,8 @@ class getmail_plugin { ...@@ -129,8 +129,8 @@ class getmail_plugin {
// Write the config file. // Write the config file.
file_put_contents($config_file_path,$tpl); file_put_contents($config_file_path,$tpl);
$app->log("Writing Getmail config file: $config_file_path",LOGLEVEL_DEBUG); $app->log("Writing Getmail config file: $config_file_path",LOGLEVEL_DEBUG);
exec("chmod 400 $config_file_path"); chmod($config_file_path, 0400);
exec("chown getmail $config_file_path"); chown($config_file_path, 'getmail');
unset($tpl); unset($tpl);
unset($config_file_path); unset($config_file_path);
...@@ -160,4 +160,4 @@ class getmail_plugin { ...@@ -160,4 +160,4 @@ class getmail_plugin {
} // end class } // end class
?> ?>
\ No newline at end of file
...@@ -82,8 +82,8 @@ class maildrop_plugin { ...@@ -82,8 +82,8 @@ class maildrop_plugin {
if(!is_dir($this->mailfilter_config_dir)) { if(!is_dir($this->mailfilter_config_dir)) {
$app->log("Mailfilter config directory '".$this->mailfilter_config_dir."' does not exist. Creating it now.",LOGLEVEL_WARN); $app->log("Mailfilter config directory '".$this->mailfilter_config_dir."' does not exist. Creating it now.",LOGLEVEL_WARN);
mkdir($this->mailfilter_config_dir); mkdir($this->mailfilter_config_dir);
exec("chown vmail ".$this->mailfilter_config_dir); chown($this->mailfilter_config_dir, 'vmail');
exec("chmod 770 ".$this->mailfilter_config_dir); chmod($this->mailfilter_config_dir, 0770);
} }
if(isset($data["new"]["email"])) { if(isset($data["new"]["email"])) {
...@@ -95,13 +95,13 @@ class maildrop_plugin { ...@@ -95,13 +95,13 @@ class maildrop_plugin {
// make sure that the config directories exist // make sure that the config directories exist
if(!is_dir($this->mailfilter_config_dir.'/'.$email_parts[1])) { if(!is_dir($this->mailfilter_config_dir.'/'.$email_parts[1])) {
mkdir($this->mailfilter_config_dir.'/'.$email_parts[1]); mkdir($this->mailfilter_config_dir.'/'.$email_parts[1]);
exec("chown vmail ".$this->mailfilter_config_dir.'/'.$email_parts[1]); chown($this->mailfilter_config_dir.'/'.$email_parts[1], 'vmail');
exec("chmod 770 ".$this->mailfilter_config_dir.'/'.$email_parts[1]); chmod($this->mailfilter_config_dir.'/'.$email_parts[1], 0770);
} }
if(!is_dir($this->mailfilter_config_dir.'/'.$email_parts[1].'/'.$email_parts[0])) { if(!is_dir($this->mailfilter_config_dir.'/'.$email_parts[1].'/'.$email_parts[0])) {
mkdir($this->mailfilter_config_dir.'/'.$email_parts[1].'/'.$email_parts[0]); mkdir($this->mailfilter_config_dir.'/'.$email_parts[1].'/'.$email_parts[0]);
exec("chown vmail ".$this->mailfilter_config_dir.'/'.$email_parts[1].'/'.$email_parts[0]); chown($this->mailfilter_config_dir.'/'.$email_parts[1].'/'.$email_parts[0], 'vmail');
exec("chmod 770 ".$this->mailfilter_config_dir.'/'.$email_parts[1].'/'.$email_parts[0]); chmod($this->mailfilter_config_dir.'/'.$email_parts[1].'/'.$email_parts[0], 0770);
} }
// Check if something has been changed regarding the autoresponders // Check if something has been changed regarding the autoresponders
...@@ -151,16 +151,16 @@ class maildrop_plugin { ...@@ -151,16 +151,16 @@ class maildrop_plugin {
$config_file_path = $this->mailfilter_config_dir.'/'.$email_parts[1].'/'.$email_parts[0].'/.autoresponder'; $config_file_path = $this->mailfilter_config_dir.'/'.$email_parts[1].'/'.$email_parts[0].'/.autoresponder';
file_put_contents($config_file_path,$tpl); file_put_contents($config_file_path,$tpl);
$app->log("Writing Autoresponder mailfilter file: $config_file_path",LOGLEVEL_DEBUG); $app->log("Writing Autoresponder mailfilter file: $config_file_path",LOGLEVEL_DEBUG);
exec("chmod 770 $config_file_path"); chmod($config_file_path, 0770);
exec("chown vmail $config_file_path"); chown($config_file_path, 'vmail');
unset($tpl); unset($tpl);
unset($config_file_path); unset($config_file_path);
// Write the autoresponder message file // Write the autoresponder message file
$config_file_path = $this->mailfilter_config_dir.'/'.$email_parts[1].'/'.$email_parts[0].'/.vacation.msg'; $config_file_path = $this->mailfilter_config_dir.'/'.$email_parts[1].'/'.$email_parts[0].'/.vacation.msg';
file_put_contents($config_file_path,$data["new"]["autoresponder_text"]); file_put_contents($config_file_path,$data["new"]["autoresponder_text"]);
exec("chmod 770 $config_file_path"); chmod($config_file_path, 0770);
exec("chown vmail $config_file_path"); chown($config_file_path, 'vmail');
$app->log("Writing Autoresponder message file: $config_file_path",LOGLEVEL_DEBUG); $app->log("Writing Autoresponder message file: $config_file_path",LOGLEVEL_DEBUG);
} }
} }
...@@ -198,8 +198,8 @@ class maildrop_plugin { ...@@ -198,8 +198,8 @@ class maildrop_plugin {
file_put_contents($config_file_path,$mailfilter_content); file_put_contents($config_file_path,$mailfilter_content);
$app->log("Writing new custom Mailfiter".$config_file_path,LOGLEVEL_DEBUG); $app->log("Writing new custom Mailfiter".$config_file_path,LOGLEVEL_DEBUG);
exec("chmod 770 $config_file_path"); chmod($config_file_path, 0770);
exec("chown vmail $config_file_path"); chown($config_file_path, 'vmail');
unset($config_file_path); unset($config_file_path);
} else { } else {
// Delete the mailfilter recipe // Delete the mailfilter recipe
...@@ -244,4 +244,4 @@ class maildrop_plugin { ...@@ -244,4 +244,4 @@ class maildrop_plugin {
} // end class } // end class
?> ?>
\ No newline at end of file
...@@ -106,16 +106,16 @@ class pma_symlink_plugin { ...@@ -106,16 +106,16 @@ class pma_symlink_plugin {
elseif($data["new"]["php"] == "fast-cgi" && $data["new"]["suexec"] == "y") $symlink = false; elseif($data["new"]["php"] == "fast-cgi" && $data["new"]["suexec"] == "y") $symlink = false;
if(!is_dir($data["new"]["document_root"]."/web")) exec("mkdir -p ".$data["new"]["document_root"]."/web"); if(!is_dir($data["new"]["document_root"]."/web")) mkdir($data["new"]["document_root"].'/web', 0755, true);
if($symlink == false) { if($symlink == false) {
if(is_link($data["new"]["document_root"]."/web/phpmyadmin")) exec("rm -f ".$data["new"]["document_root"]."/web/phpmyadmin"); if(is_link($data["new"]["document_root"].'/web/phpmyadmin')) unlink($data["new"]["document_root"].'/web/phpmyadmin');
} else { } else {
if(!is_link($data["new"]["document_root"]."/web/phpmyadmin")) exec("ln -s /var/www/phpmyadmin ".$data["new"]["document_root"]."/web/phpmyadmin"); if(!is_link($data["new"]["document_root"].'/web/phpmyadmin')) symlink('/var/www/phpmyadmin',$data["new"]["document_root"].'/web/phpmyadmin');
else exec("ln -sf /var/www/phpmyadmin ".$data["new"]["document_root"]."/web/phpmyadmin"); else symlink('/var/www/phpmyadmin',$data["new"]["document_root"].'/web/phpmyadmin');
} }
} }
} // end class } // end class
?> ?>
\ No newline at end of file
...@@ -90,9 +90,10 @@ class shelluser_base_plugin { ...@@ -90,9 +90,10 @@ class shelluser_base_plugin {
$app->log("Added shelluser: ".$data['new']['username'],LOGLEVEL_DEBUG); $app->log("Added shelluser: ".$data['new']['username'],LOGLEVEL_DEBUG);
//* Create .bash_history file //* Create .bash_history file
exec('touch '.escapeshellcmd($data['new']['dir']).'/.bash_history'); touch(escapeshellcmd($data['new']['dir']).'/.bash_history');
exec('chmod 755 '.escapeshellcmd($data['new']['dir']).'/.bash_history'); chmod(escapeshellcmd($data['new']['dir']).'/.bash_history', 0755);
exec('chown '.escapeshellcmd($data['new']['username']).':'.escapeshellcmd($data['new']['pgroup']).' '.escapeshellcmd($data['new']['dir']).'/.bash_history'); chown(escapeshellcmd($data['new']['dir']).'/.bash_history', escapeshellcmd($data['new']['username']));
chgrp(escapeshellcmd($data['new']['dir']).'/.bash_history', escapeshellcmd($data['new']['pgroup']));
//* Disable shell user temporarily if we use jailkit //* Disable shell user temporarily if we use jailkit
if($data['new']['chroot'] == 'jailkit') { if($data['new']['chroot'] == 'jailkit') {
...@@ -105,7 +106,7 @@ class shelluser_base_plugin { ...@@ -105,7 +106,7 @@ class shelluser_base_plugin {
$app->log("UID = $uid for shelluser:".$data['new']['username']." not allowed.",LOGLEVEL_ERROR); $app->log("UID = $uid for shelluser:".$data['new']['username']." not allowed.",LOGLEVEL_ERROR);
} }
} else { } else {
$app->log("Skippung insert of user:".$data['new']['username'].", parent user ".$data['new']['puser']." does not exist.",LOGLEVEL_WARN); $app->log("Skipping insertion of user:".$data['new']['username'].", parent user ".$data['new']['puser']." does not exist.",LOGLEVEL_WARN);
} }
} }
...@@ -137,9 +138,10 @@ class shelluser_base_plugin { ...@@ -137,9 +138,10 @@ class shelluser_base_plugin {
//* Create .bash_history file //* Create .bash_history file
if(!is_file($data['new']['dir']).'/.bash_history') { if(!is_file($data['new']['dir']).'/.bash_history') {
exec('touch '.escapeshellcmd($data['new']['dir']).'/.bash_history'); touch(escapeshellcmd($data['new']['dir']).'/.bash_history');
exec('chmod 755 '.escapeshellcmd($data['new']['dir']).'/.bash_history'); chmod(escapeshellcmd($data['new']['dir']).'/.bash_history', 0755);
exec('chown '.escapeshellcmd($data['new']['username']).':'.escapeshellcmd($data['new']['pgroup']).' '.escapeshellcmd($data['new']['dir']).'/.bash_history'); chown(escapeshellcmd($data['new']['dir']).'/.bash_history',escapeshellcmd($data['new']['username']));
chgrp(escapeshellcmd($data['new']['dir']).'/.bash_history',escapeshellcmd($data['new']['pgroup']));
} }
} else { } else {
...@@ -150,7 +152,7 @@ class shelluser_base_plugin { ...@@ -150,7 +152,7 @@ class shelluser_base_plugin {
$app->log("UID = $uid for shelluser:".$data['new']['username']." not allowed.",LOGLEVEL_ERROR); $app->log("UID = $uid for shelluser:".$data['new']['username']." not allowed.",LOGLEVEL_ERROR);
} }
} else { } else {
$app->log("Skippung update for user:".$data['new']['username'].", parent user ".$data['new']['puser']." does not exist.",LOGLEVEL_WARN); $app->log("Skipping update for user:".$data['new']['username'].", parent user ".$data['new']['puser']." does not exist.",LOGLEVEL_WARN);
} }
} }
...@@ -186,4 +188,4 @@ class shelluser_base_plugin { ...@@ -186,4 +188,4 @@ class shelluser_base_plugin {
} // end class } // end class
?> ?>
\ No newline at end of file
...@@ -201,7 +201,7 @@ class shelluser_jailkit_plugin { ...@@ -201,7 +201,7 @@ class shelluser_jailkit_plugin {
$tpl->setVar('home_dir',$this->_get_home_dir("")); $tpl->setVar('home_dir',$this->_get_home_dir(""));
$bashrc = escapeshellcmd($this->data['new']['dir']).'/etc/bash.bashrc'; $bashrc = escapeshellcmd($this->data['new']['dir']).'/etc/bash.bashrc';
if(@is_file($bashrc)) exec('rm '.$bashrc); if(@is_file($bashrc)) unlink($bashrc);
file_put_contents($bashrc,$tpl->grab()); file_put_contents($bashrc,$tpl->grab());
unset($tpl); unset($tpl);
...@@ -214,7 +214,7 @@ class shelluser_jailkit_plugin { ...@@ -214,7 +214,7 @@ class shelluser_jailkit_plugin {
$tpl->setVar('domain',$web['domain']); $tpl->setVar('domain',$web['domain']);
$motd = escapeshellcmd($this->data['new']['dir']).'/var/run/motd'; $motd = escapeshellcmd($this->data['new']['dir']).'/var/run/motd';
if(@is_file($motd)) exec('rm '.$motd);