Commit 72773a67 authored by Marius Cramer's avatar Marius Cramer

Merge branch 'stable-3.0.5'

Conflicts:
	install/dist/lib/fedora.lib.php
	install/dist/lib/opensuse.lib.php
	install/lib/installer_base.lib.php
	install/sql/ispconfig3.sql
	install/tpl/config.inc.php.master
	interface/lib/classes/aps_crawler.inc.php
	interface/lib/classes/auth.inc.php
	interface/lib/classes/plugin_backuplist.inc.php
	interface/lib/config.inc.php
	interface/lib/plugins/mail_user_filter_plugin.inc.php
	interface/web/login/password_reset.php
	interface/web/sites/templates/web_backup_list.htm
	interface/web/sites/webdav_user_edit.php
	interface/web/themes/blue/ispconfig_version
	server/plugins-available/backup_plugin.inc.php
	server/plugins-available/shelluser_base_plugin.inc.php
parents c2470177 0d73295b
...@@ -171,9 +171,9 @@ $conf['powerdns']['init_script'] = 'pdns'; ...@@ -171,9 +171,9 @@ $conf['powerdns']['init_script'] = 'pdns';
$conf['bind']['installed'] = false; // will be detected automatically during installation $conf['bind']['installed'] = false; // will be detected automatically during installation
$conf['bind']['bind_user'] = 'named'; $conf['bind']['bind_user'] = 'named';
$conf['bind']['bind_group'] = 'named'; $conf['bind']['bind_group'] = 'named';
$conf['bind']['bind_zonefiles_dir'] = '/var/named/chroot/var/named/'; $conf['bind']['bind_zonefiles_dir'] = '/var/named';
$conf['bind']['named_conf_path'] = '/var/named/chroot/etc/named.conf'; $conf['bind']['named_conf_path'] = '/etc/named.conf';
$conf['bind']['named_conf_local_path'] = '/var/named/chroot/var/named/named.local'; $conf['bind']['named_conf_local_path'] = '/etc/named.conf.local';
$conf['bind']['init_script'] = 'named'; $conf['bind']['init_script'] = 'named';
//* Jailkit //* Jailkit
......
...@@ -679,7 +679,7 @@ class installer_dist extends installer_base { ...@@ -679,7 +679,7 @@ class installer_dist extends installer_base {
//* Chown the slave subdirectory to $conf['bind']['bind_user'] //* Chown the slave subdirectory to $conf['bind']['bind_user']
exec('chown '.$conf['bind']['bind_user'].':'.$conf['bind']['bind_group'].' '.$content); exec('chown '.$conf['bind']['bind_user'].':'.$conf['bind']['bind_group'].' '.$content);
exec('chmod 770 '.$content); exec('chmod 2770 '.$content);
} }
......
...@@ -1406,7 +1406,6 @@ class installer_dist extends installer_base { ...@@ -1406,7 +1406,6 @@ class installer_dist extends installer_base {
if(is_file($conf['amavis']['config_dir'].'/50-user~')) chmod($conf['amavis']['config_dir'].'/50-user~', 0400); if(is_file($conf['amavis']['config_dir'].'/50-user~')) chmod($conf['amavis']['config_dir'].'/50-user~', 0400);
if(is_file($conf['amavis']['config_dir'].'/amavisd.conf')) chmod($conf['amavis']['config_dir'].'/amavisd.conf', 0640); if(is_file($conf['amavis']['config_dir'].'/amavisd.conf')) chmod($conf['amavis']['config_dir'].'/amavisd.conf', 0640);
if(is_file($conf['amavis']['config_dir'].'/amavisd.conf~')) chmod($conf['amavis']['config_dir'].'/amavisd.conf~', 0400); if(is_file($conf['amavis']['config_dir'].'/amavisd.conf~')) chmod($conf['amavis']['config_dir'].'/amavisd.conf~', 0400);
} }
} }
......
...@@ -181,6 +181,12 @@ function get_distname() { ...@@ -181,6 +181,12 @@ function get_distname() {
$distid = 'debian60'; $distid = 'debian60';
$distbaseid = 'debian'; $distbaseid = 'debian';
swriteln("Operating System: Debian 7.0 (Wheezy/Sid) or compatible\n"); swriteln("Operating System: Debian 7.0 (Wheezy/Sid) or compatible\n");
} elseif(strstr(trim(file_get_contents('/etc/debian_version')), '8') || substr(trim(file_get_contents('/etc/debian_version')),0,1) == '8') {
$distname = 'Debian';
$distver = 'Jessie';
$distid = 'debian60';
$distbaseid = 'debian';
swriteln("Operating System: Debian 8.0 (Jessie) or compatible\n");
} else { } else {
$distname = 'Debian'; $distname = 'Debian';
$distver = 'Unknown'; $distver = 'Unknown';
......
...@@ -1321,11 +1321,12 @@ class installer_base { ...@@ -1321,11 +1321,12 @@ class installer_base {
//* Create the slave subdirectory //* Create the slave subdirectory
$content .= 'slave'; $content .= 'slave';
if(!@is_dir($content)) mkdir($content, 0770, true); if(!@is_dir($content)) mkdir($content, 2770, true);
//* Chown the slave subdirectory to $conf['bind']['bind_user'] //* Chown the slave subdirectory to $conf['bind']['bind_user']
chown($content, $conf['bind']['bind_user']); chown($content, $conf['bind']['bind_user']);
chgrp($content, $conf['bind']['bind_group']); chgrp($content, $conf['bind']['bind_group']);
chmod($content, 2770);
} }
...@@ -2386,8 +2387,6 @@ Email Address []: ...@@ -2386,8 +2387,6 @@ Email Address []:
if(is_file($conf['amavis']['config_dir'].'/50-user~')) chmod($conf['amavis']['config_dir'].'/50-user~', 0400); if(is_file($conf['amavis']['config_dir'].'/50-user~')) chmod($conf['amavis']['config_dir'].'/50-user~', 0400);
if(is_file($conf['amavis']['config_dir'].'/amavisd.conf')) chmod($conf['amavis']['config_dir'].'/amavisd.conf', 0640); if(is_file($conf['amavis']['config_dir'].'/amavisd.conf')) chmod($conf['amavis']['config_dir'].'/amavisd.conf', 0640);
if(is_file($conf['amavis']['config_dir'].'/amavisd.conf~')) chmod($conf['amavis']['config_dir'].'/amavisd.conf~', 0400); if(is_file($conf['amavis']['config_dir'].'/amavisd.conf~')) chmod($conf['amavis']['config_dir'].'/amavisd.conf~', 0400);
} }
public function configure_dbserver() { public function configure_dbserver() {
......
...@@ -460,6 +460,7 @@ class ApsCrawler extends ApsBase ...@@ -460,6 +460,7 @@ class ApsCrawler extends ApsBase
} }
} }
//var_dump($apps); //var_dump($apps);
//echo print_r($apps_to_dl).'<br>-------------------<br>';
// For memory reasons, unset the current vendor and his apps // For memory reasons, unset the current vendor and his apps
unset($apps); unset($apps);
......
...@@ -100,7 +100,7 @@ class plugin_backuplist extends plugin_base { ...@@ -100,7 +100,7 @@ class plugin_backuplist extends plugin_base {
} }
//* Get the data //* Get the data
$server_ids = array_unique($server_ids); $server_ids = array();
$web = $app->db->queryOneRecord("SELECT server_id FROM web_domain WHERE domain_id = ?", $this->form->id); $web = $app->db->queryOneRecord("SELECT server_id FROM web_domain WHERE domain_id = ?", $this->form->id);
$databases = $app->db->queryAllRecords("SELECT server_id FROM web_database WHERE parent_domain_id = ?", $this->form->id); $databases = $app->db->queryAllRecords("SELECT server_id FROM web_database WHERE parent_domain_id = ?", $this->form->id);
if($app->functions->intval($web['server_id']) > 0) $server_ids[] = $app->functions->intval($web['server_id']); if($app->functions->intval($web['server_id']) > 0) $server_ids[] = $app->functions->intval($web['server_id']);
......
...@@ -135,41 +135,69 @@ class mail_user_filter_plugin { ...@@ -135,41 +135,69 @@ class mail_user_filter_plugin {
$content .= '### BEGIN FILTER_ID:'.$page_form->id."\n"; $content .= '### BEGIN FILTER_ID:'.$page_form->id."\n";
//$content .= 'require ["fileinto", "regex", "vacation"];'."\n"; //$content .= 'require ["fileinto", "regex", "vacation"];'."\n";
$content .= 'if header :regex ["'.strtolower($page_form->dataRecord["source"]).'"] ["'; if($page_form->dataRecord["op"] == 'domain') {
$content .= 'if address :domain :is "'.strtolower($page_form->dataRecord["source"]).'" "'.$page_form->dataRecord["searchterm"].'" {'."\n";
$searchterm = preg_quote($page_form->dataRecord["searchterm"]); } elseif ($page_form->dataRecord["op"] == 'localpart') {
$searchterm = str_replace( $content .= 'if address :localpart :is "'.strtolower($page_form->dataRecord["source"]).'" "'.$page_form->dataRecord["searchterm"].'" {'."\n";
array( } elseif ($page_form->dataRecord["source"] == 'Size') {
'"', if(substr(trim($page_form->dataRecord["searchterm"]),-1) == 'k' || substr(trim($page_form->dataRecord["searchterm"]),-1) == 'K') {
'\\[', $unit = 'k';
'\\]' } else {
), $unit = 'm';
array( }
'\\"', $content .= 'if size :over '.intval($page_form->dataRecord["searchterm"]).$unit.' {'."\n";
'\\\\[', } else {
'\\\\]'
), $searchterm); if($page_form->dataRecord["source"] == 'Header') {
$parts = explode(':',trim($page_form->dataRecord["searchterm"]));
if($page_form->dataRecord["op"] == 'contains') { $page_form->dataRecord["source"] = trim($parts[0]);
$content .= ".*".$searchterm; unset($parts[0]);
} elseif ($page_form->dataRecord["op"] == 'is') { $page_form->dataRecord["searchterm"] = trim(implode(':',$parts));
$content .= "^".$searchterm."$"; unset($parts);
} elseif ($page_form->dataRecord["op"] == 'begins') { }
$content .= "^".$searchterm.".*";
} elseif ($page_form->dataRecord["op"] == 'ends') { $content .= 'if header :regex ["'.strtolower($page_form->dataRecord["source"]).'"] ["';
$content .= ".*".$searchterm."$";
$searchterm = preg_quote($page_form->dataRecord["searchterm"]);
$searchterm = str_replace(
array(
'"',
'\\[',
'\\]'
),
array(
'\\"',
'\\\\[',
'\\\\]'
), $searchterm);
if($page_form->dataRecord["op"] == 'contains') {
$content .= ".*".$searchterm;
} elseif ($page_form->dataRecord["op"] == 'is') {
$content .= "^".$searchterm."$";
} elseif ($page_form->dataRecord["op"] == 'begins') {
$content .= " ".$searchterm."";
} elseif ($page_form->dataRecord["op"] == 'ends') {
$content .= ".*".$searchterm."$";
}
$content .= '"] {'."\n";
} }
$content .= '"] {'."\n";
if($page_form->dataRecord["action"] == 'move') { if($page_form->dataRecord["action"] == 'move') {
$content .= ' fileinto "'.$page_form->dataRecord["target"].'";' . "\n"; $content .= ' fileinto "'.$page_form->dataRecord["target"].'";' . "\n stop;\n";
} elseif ($page_form->dataRecord["action"] == 'keep') {
$content .= " keep;\n";
} elseif ($page_form->dataRecord["action"] == 'stop') {
$content .= " stop;\n";
} elseif ($page_form->dataRecord["action"] == 'reject') {
$content .= ' reject "'.$page_form->dataRecord["target"].'"; stop;\n\n';
} else { } else {
$content .= " discard;\n"; $content .= " discard;\n stop;\n";
} }
$content .= " stop;\n}\n"; $content .= "}\n";
$content .= '### END FILTER_ID:'.$page_form->id."\n"; $content .= '### END FILTER_ID:'.$page_form->id."\n";
......
...@@ -137,6 +137,15 @@ class page_action extends tform_actions { ...@@ -137,6 +137,15 @@ class page_action extends tform_actions {
/* restrict the names */ /* restrict the names */
$this->dataRecord['username'] = $webdavuser_prefix . $this->dataRecord['username']; $this->dataRecord['username'] = $webdavuser_prefix . $this->dataRecord['username'];
/*
* Get the data of the domain, owning the webdav user
*/
$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$app->functions->intval($this->dataRecord["parent_domain_id"]));
/* The server is the server of the domain */
$this->dataRecord["server_id"] = $web["server_id"];
/* The Webdav user shall be owned by the same group then the website */
$this->dataRecord["sys_groupid"] = $web['sys_groupid'];
} }
parent::onBeforeInsert(); parent::onBeforeInsert();
...@@ -159,7 +168,6 @@ class page_action extends tform_actions { ...@@ -159,7 +168,6 @@ class page_action extends tform_actions {
$sql = "UPDATE webdav_user SET server_id = ?, sys_groupid = ?, password = ? WHERE webdav_user_id = ?"; $sql = "UPDATE webdav_user SET server_id = ?, sys_groupid = ?, password = ? WHERE webdav_user_id = ?";
$app->db->query($sql, $server_id, $sys_groupid, $this->dataRecord["password"], $this->id); $app->db->query($sql, $server_id, $sys_groupid, $this->dataRecord["password"], $this->id);
} }
function onBeforeUpdate() { function onBeforeUpdate() {
......
...@@ -152,6 +152,11 @@ class monitor_tools { ...@@ -152,6 +152,11 @@ class monitor_tools {
$distver = 'Wheezy/Sid'; $distver = 'Wheezy/Sid';
$distid = 'debian60'; $distid = 'debian60';
$distbaseid = 'debian'; $distbaseid = 'debian';
} elseif(strstr(trim(file_get_contents('/etc/debian_version')), '8') || substr(trim(file_get_contents('/etc/debian_version')),0,1) == '8') {
$distname = 'Debian';
$distver = 'Jessie';
$distid = 'debian60';
$distbaseid = 'debian';
} else { } else {
$distname = 'Debian'; $distname = 'Debian';
$distver = 'Unknown'; $distver = 'Unknown';
......
...@@ -117,7 +117,7 @@ class bind_plugin { ...@@ -117,7 +117,7 @@ class bind_plugin {
//TODO : change this when distribution information has been integrated into server record //TODO : change this when distribution information has been integrated into server record
if (file_exists('/etc/gentoo-release')) { if (file_exists('/etc/gentoo-release')) {
$filename = escapeshellcmd($dns_config['bind_zonefiles_dir'].'/pri.'.str_replace("/", "_", substr($zone['origin'], 0, -1))); $filename = escapeshellcmd($dns_config['bind_zonefiles_dir'].'/pri/'.str_replace("/", "_", substr($zone['origin'], 0, -1)));
} }
else { else {
$filename = escapeshellcmd($dns_config['bind_zonefiles_dir'].'/pri.'.str_replace("/", "_", substr($zone['origin'], 0, -1))); $filename = escapeshellcmd($dns_config['bind_zonefiles_dir'].'/pri.'.str_replace("/", "_", substr($zone['origin'], 0, -1)));
...@@ -151,7 +151,7 @@ class bind_plugin { ...@@ -151,7 +151,7 @@ class bind_plugin {
if($data['old']['origin'] != $data['new']['origin']) { if($data['old']['origin'] != $data['new']['origin']) {
//TODO : change this when distribution information has been integrated into server record //TODO : change this when distribution information has been integrated into server record
if (file_exists('/etc/gentoo-release')) { if (file_exists('/etc/gentoo-release')) {
$filename = $dns_config['bind_zonefiles_dir'].'/pri.'.str_replace("/", "_", substr($data['old']['origin'], 0, -1)); $filename = $dns_config['bind_zonefiles_dir'].'/pri/'.str_replace("/", "_", substr($data['old']['origin'], 0, -1));
} }
else { else {
$filename = $dns_config['bind_zonefiles_dir'].'/pri.'.str_replace("/", "_", substr($data['old']['origin'], 0, -1)); $filename = $dns_config['bind_zonefiles_dir'].'/pri.'.str_replace("/", "_", substr($data['old']['origin'], 0, -1));
......
...@@ -103,14 +103,27 @@ class shelluser_base_plugin { ...@@ -103,14 +103,27 @@ class shelluser_base_plugin {
if($uid > $this->min_uid) { if($uid > $this->min_uid) {
//* Remove webfolder protection //* Remove webfolder protection
$app->system->web_folder_protection($web['document_root'], false); $app->system->web_folder_protection($web['document_root'], false);
if(!is_dir($data['new']['dir'])){ //* Home directory of the new shell user
$app->file->mkdirs(escapeshellcmd($data['new']['dir']), '0700'); if($data['new']['chroot'] == 'jailkit') {
$app->system->chown(escapeshellcmd($data['new']['dir']),escapeshellcmd($data['new']['username'])); $homedir = $data['new']['dir'];
$app->system->chgrp(escapeshellcmd($data['new']['dir']),escapeshellcmd($data['new']['pgroup'])); } else {
$homedir = $data['new']['dir'].'/home/'.$data['new']['username'];
}
if(!is_dir($data['new']['dir'].'/home')){
$app->file->mkdirs(escapeshellcmd($data['new']['dir'].'/home'), '0750');
$app->system->chown(escapeshellcmd($data['new']['dir'].'/home'),escapeshellcmd($data['new']['puser']));
$app->system->chgrp(escapeshellcmd($data['new']['dir'].'/home'),escapeshellcmd($data['new']['pgroup']));
}
if(!is_dir($homedir)){
$app->file->mkdirs(escapeshellcmd($homedir), '0750');
$app->system->chown(escapeshellcmd($homedir),escapeshellcmd($data['new']['puser']));
$app->system->chgrp(escapeshellcmd($homedir),escapeshellcmd($data['new']['pgroup']));
} }
$command = 'useradd'; $command = 'useradd';
$command .= ' -d '.escapeshellcmd($data['new']['dir']); $command .= ' -d '.escapeshellcmd($homedir);
$command .= ' -g '.escapeshellcmd($data['new']['pgroup']); $command .= ' -g '.escapeshellcmd($data['new']['pgroup']);
$command .= ' -o '; // non unique $command .= ' -o '; // non unique
if($data['new']['password'] != '') $command .= ' -p '.escapeshellcmd($data['new']['password']); if($data['new']['password'] != '') $command .= ' -p '.escapeshellcmd($data['new']['password']);
...@@ -129,10 +142,10 @@ class shelluser_base_plugin { ...@@ -129,10 +142,10 @@ class shelluser_base_plugin {
$this->_setup_ssh_rsa(); $this->_setup_ssh_rsa();
//* Create .bash_history file //* Create .bash_history file
$app->system->touch(escapeshellcmd($data['new']['dir']).'/.bash_history'); $app->system->touch(escapeshellcmd($homedir).'/.bash_history');
$app->system->chmod(escapeshellcmd($data['new']['dir']).'/.bash_history', 0755); $app->system->chmod(escapeshellcmd($homedir).'/.bash_history', 0755);
$app->system->chown(escapeshellcmd($data['new']['dir']).'/.bash_history', $data['new']['username']); $app->system->chown(escapeshellcmd($homedir).'/.bash_history', $data['new']['username']);
$app->system->chgrp(escapeshellcmd($data['new']['dir']).'/.bash_history', $data['new']['pgroup']); $app->system->chgrp(escapeshellcmd($homedir).'/.bash_history', $data['new']['pgroup']);
//* Disable shell user temporarily if we use jailkit //* Disable shell user temporarily if we use jailkit
if($data['new']['chroot'] == 'jailkit') { if($data['new']['chroot'] == 'jailkit') {
...@@ -185,6 +198,16 @@ class shelluser_base_plugin { ...@@ -185,6 +198,16 @@ class shelluser_base_plugin {
// Get the UID of the parent user // Get the UID of the parent user
$uid = intval($app->system->getuid($data['new']['puser'])); $uid = intval($app->system->getuid($data['new']['puser']));
if($uid > $this->min_uid) { if($uid > $this->min_uid) {
//* Home directory of the shell user
if($data['new']['chroot'] == 'jailkit') {
$homedir = $data['new']['dir'];
$homedir_old = $data['old']['dir'];
} else {
$homedir = $data['new']['dir'].'/home/'.$data['new']['username'];
$homedir_old = $data['old']['dir'].'/home/'.$data['old']['username'];
}
// Check if the user that we want to update exists, if not, we insert it // Check if the user that we want to update exists, if not, we insert it
if($app->system->is_user($data['old']['username'])) { if($app->system->is_user($data['old']['username'])) {
/* /*
...@@ -202,12 +225,32 @@ class shelluser_base_plugin { ...@@ -202,12 +225,32 @@ class shelluser_base_plugin {
$app->log("Executed command: $command ",LOGLEVEL_DEBUG); $app->log("Executed command: $command ",LOGLEVEL_DEBUG);
*/ */
//$groupinfo = $app->system->posix_getgrnam($data['new']['pgroup']); //$groupinfo = $app->system->posix_getgrnam($data['new']['pgroup']);
if($data['new']['dir'] != $data['old']['dir'] && !is_dir($data['new']['dir'])){ if($homedir != $homedir_old && !is_dir($homedir)){
$app->file->mkdirs(escapeshellcmd($data['new']['dir']), '0700'); $app->system->web_folder_protection($web['document_root'], false);
$app->system->chown(escapeshellcmd($data['new']['dir']),escapeshellcmd($data['new']['username'])); if(!is_dir($data['new']['dir'].'/home')){
$app->system->chgrp(escapeshellcmd($data['new']['dir']),escapeshellcmd($data['new']['pgroup'])); $app->file->mkdirs(escapeshellcmd($data['new']['dir'].'/home'), '0750');
$app->system->chown(escapeshellcmd($data['new']['dir'].'/home'),escapeshellcmd($data['new']['puser']));
$app->system->chgrp(escapeshellcmd($data['new']['dir'].'/home'),escapeshellcmd($data['new']['pgroup']));
}
$app->file->mkdirs(escapeshellcmd($homedir), '0750');
$app->system->chown(escapeshellcmd($homedir),escapeshellcmd($data['new']['username']));
$app->system->chgrp(escapeshellcmd($homedir),escapeshellcmd($data['new']['pgroup']));
$app->system->web_folder_protection($web['document_root'], true);
} else {
if(!is_dir($homedir)){
$app->system->web_folder_protection($web['document_root'], false);
if(!is_dir($data['new']['dir'].'/home')){
$app->file->mkdirs(escapeshellcmd($data['new']['dir'].'/home'), '0750');
$app->system->chown(escapeshellcmd($data['new']['dir'].'/home'),escapeshellcmd($data['new']['puser']));
$app->system->chgrp(escapeshellcmd($data['new']['dir'].'/home'),escapeshellcmd($data['new']['pgroup']));
}
$app->file->mkdirs(escapeshellcmd($homedir), '0750');
$app->system->chown(escapeshellcmd($homedir),escapeshellcmd($data['new']['puser']));
$app->system->chgrp(escapeshellcmd($homedir),escapeshellcmd($data['new']['pgroup']));
$app->system->web_folder_protection($web['document_root'], true);
}
} }
$app->system->usermod($data['old']['username'], 0, $app->system->getgid($data['new']['pgroup']), $data['new']['dir'], $data['new']['shell'], $data['new']['password'], $data['new']['username']); $app->system->usermod($data['old']['username'], 0, $app->system->getgid($data['new']['pgroup']), $homedir, $data['new']['shell'], $data['new']['password'], $data['new']['username']);
$app->log("Updated shelluser: ".$data['old']['username'], LOGLEVEL_DEBUG); $app->log("Updated shelluser: ".$data['old']['username'], LOGLEVEL_DEBUG);
// call the ssh-rsa update function // call the ssh-rsa update function
...@@ -218,10 +261,10 @@ class shelluser_base_plugin { ...@@ -218,10 +261,10 @@ class shelluser_base_plugin {
//* Create .bash_history file //* Create .bash_history file
if(!is_file($data['new']['dir']).'/.bash_history') { if(!is_file($data['new']['dir']).'/.bash_history') {
$app->system->touch(escapeshellcmd($data['new']['dir']).'/.bash_history'); $app->system->touch(escapeshellcmd($homedir).'/.bash_history');
$app->system->chmod(escapeshellcmd($data['new']['dir']).'/.bash_history', 0755); $app->system->chmod(escapeshellcmd($homedir).'/.bash_history', 0755);
$app->system->chown(escapeshellcmd($data['new']['dir']).'/.bash_history', escapeshellcmd($data['new']['username'])); $app->system->chown(escapeshellcmd($homedir).'/.bash_history', escapeshellcmd($data['new']['username']));
$app->system->chgrp(escapeshellcmd($data['new']['dir']).'/.bash_history', escapeshellcmd($data['new']['pgroup'])); $app->system->chgrp(escapeshellcmd($homedir).'/.bash_history', escapeshellcmd($data['new']['pgroup']));
} }
} else { } else {
...@@ -239,7 +282,7 @@ class shelluser_base_plugin { ...@@ -239,7 +282,7 @@ class shelluser_base_plugin {
function delete($event_name, $data) { function delete($event_name, $data) {
global $app, $conf; global $app, $conf;
$app->uses('system,getconf'); $app->uses('system,getconf,services');
$security_config = $app->getconf->get_security_config('permissions'); $security_config = $app->getconf->get_security_config('permissions');
if($security_config['allow_shell_user'] != 'yes') { if($security_config['allow_shell_user'] != 'yes') {
...@@ -251,16 +294,22 @@ class shelluser_base_plugin { ...@@ -251,16 +294,22 @@ class shelluser_base_plugin {
// Get the UID of the user // Get the UID of the user
$userid = intval($app->system->getuid($data['old']['username'])); $userid = intval($app->system->getuid($data['old']['username']));
if($userid > $this->min_uid) { if($userid > $this->min_uid) {
$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval($data['old']['parent_domain_id']));
// check if we have to delete the dir // check if we have to delete the dir
$check = $app->db->queryOneRecord('SELECT shell_user_id FROM `shell_user` WHERE `dir` = ?', $data['old']['dir']); $check = $app->db->queryOneRecord('SELECT shell_user_id FROM `shell_user` WHERE `dir` = ?', $data['old']['dir']);
if(!$check && is_dir($data['old']['dir'])) { if(!$check && is_dir($data['old']['dir'])) {
$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ?", $data['old']['parent_domain_id']); $web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ?", $data['old']['parent_domain_id']);
$app->system->web_folder_protection($web['document_root'], false); $app->system->web_folder_protection($web['document_root'], false);
// delete dir // delete dir
$homedir = $data['old']['dir']; if($data['new']['chroot'] == 'jailkit') {
$homedir = $data['old']['dir'];
} else {
$homedir = $data['old']['dir'].'/home/'.$data['old']['username'];
}
if(substr($homedir, -1) !== '/') $homedir .= '/'; if(substr($homedir, -1) !== '/') $homedir .= '/';
$files = array('.bash_logout', '.bash_history', '.bashrc', '.profile'); $files = array('.bash_logout', '.bash_history', '.bashrc', '.profile');
$dirs = array('.ssh', '.cache'); $dirs = array('.ssh', '.cache');
...@@ -292,10 +341,33 @@ class shelluser_base_plugin { ...@@ -292,10 +341,33 @@ class shelluser_base_plugin {
// We delete only non jailkit users, jailkit users will be deleted by the jailkit plugin. // We delete only non jailkit users, jailkit users will be deleted by the jailkit plugin.
if ($data['old']['chroot'] != "jailkit") { if ($data['old']['chroot'] != "jailkit") {
// if this web uses PHP-FPM, that PPH-FPM service must be stopped before we can delete this user
if($web['php'] == 'php-fpm'){
if(trim($web['fastcgi_php_version']) != ''){
$default_php_fpm = false;
list($custom_php_fpm_name, $custom_php_fpm_init_script, $custom_php_fpm_ini_dir, $custom_php_fpm_pool_dir) = explode(':', trim($web['fastcgi_php_version']));
} else {
$default_php_fpm = true;
}
$web_config = $app->getconf->get_server_config($conf["server_id"], 'web');
if(!$default_php_fpm){
$app->services->restartService('php-fpm', 'stop:'.$custom_php_fpm_init_script);
} else {
$app->services->restartService('php-fpm', 'stop:'.$conf['init_scripts'].'/'.$web_config['php_fpm_init_script']);
}
}
$command = 'killall -u '.escapeshellcmd($data['old']['username']).' ; userdel -f'; $command = 'killall -u '.escapeshellcmd($data['old']['username']).' ; userdel -f';
$command .= ' '.escapeshellcmd($data['old']['username']).' &> /dev/null'; $command .= ' '.escapeshellcmd($data['old']['username']).' &> /dev/null';
exec($command); exec($command);
$app->log("Deleted shelluser: ".$data['old']['username'], LOGLEVEL_DEBUG); $app->log("Deleted shelluser: ".$data['old']['username'], LOGLEVEL_DEBUG);
// start PHP-FPM again
if($web['php'] == 'php-fpm'){
if(!$default_php_fpm){
$app->services->restartService('php-fpm', 'start:'.$custom_php_fpm_init_script);
} else {
$app->services->restartService('php-fpm', 'start:'.$conf['init_scripts'].'/'.$web_config['php_fpm_init_script']);
}
}
} }
} else { } else {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment